/**
* PHP script to stream out an image thumbnail.
+ *
+ * @file
+ * @ingroup Media
*/
define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
require_once( './includes/WebStart.php' );
-wfProfileIn( 'thumb.php' );
-wfProfileIn( 'thumb.php-start' );
$wgTrivialMimeDetection = true; //don't use fancy mime detection, just check the file extension for jpg/gif/png.
require_once( "$IP/includes/StreamFile.php" );
-// Get input parameters
-if ( get_magic_quotes_gpc() ) {
- $params = array_map( 'stripslashes', $_REQUEST );
-} else {
- $params = $_REQUEST;
-}
+wfThumbMain();
+wfLogProfilingData();
-$fileName = isset( $params['f'] ) ? $params['f'] : '';
-unset( $params['f'] );
+//--------------------------------------------------------------------------
-// Backwards compatibility parameters
-if ( isset( $params['w'] ) ) {
- $params['width'] = $params['w'];
- unset( $params['w'] );
-}
-if ( isset( $params['p'] ) ) {
- $params['page'] = $params['p'];
-}
-unset( $params['r'] );
+function wfThumbMain() {
+ wfProfileIn( __METHOD__ );
-// Some basic input validation
-$fileName = strtr( $fileName, '\\/', '__' );
+ $headers = array();
-// Stream the file if it exists already
-try {
- $img = wfLocalFile( $fileName );
- if ( $img && false != ( $thumbName = $img->thumbName( $params ) ) ) {
- $thumbPath = $img->getThumbPath( $thumbName );
+ // Get input parameters
+ if ( get_magic_quotes_gpc() ) {
+ $params = array_map( 'stripslashes', $_REQUEST );
+ } else {
+ $params = $_REQUEST;
+ }
+
+ $fileName = isset( $params['f'] ) ? $params['f'] : '';
+ unset( $params['f'] );
+
+ // Backwards compatibility parameters
+ if ( isset( $params['w'] ) ) {
+ $params['width'] = $params['w'];
+ unset( $params['w'] );
+ }
+ if ( isset( $params['p'] ) ) {
+ $params['page'] = $params['p'];
+ }
+ unset( $params['r'] );
+
+ // Is this a thumb of an archived file?
+ $isOld = (isset( $params['archived'] ) && $params['archived']);
+ unset( $params['archived'] );
+
+ // Some basic input validation
+ $fileName = strtr( $fileName, '\\/', '__' );
+
+ // Actually fetch the image. Method depends on whether it is archived or not.
+ if( $isOld ) {
+ // Format is <timestamp>!<name>
+ $bits = explode( '!', $fileName, 2 );
+ if( !isset($bits[1]) ) {
+ wfThumbError( 404, wfMsg( 'badtitletext' ) );
+ return;
+ }
+ $title = Title::makeTitleSafe( NS_FILE, $bits[1] );
+ if( is_null($title) ) {
+ wfThumbError( 404, wfMsg( 'badtitletext' ) );
+ return;
+ }
+ $img = RepoGroup::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName );
+ } else {
+ $img = wfLocalFile( $fileName );
+ }
- if ( is_file( $thumbPath ) ) {
- wfStreamFile( $thumbPath );
- wfLogProfilingData();
- exit;
+ // Check permissions if there are read restrictions
+ if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) {
+ if ( !$img->getTitle()->userCanRead() ) {
+ wfThumbError( 403, 'Access denied. You do not have permission to access ' .
+ 'the source file.' );
+ return;
}
+ $headers[] = 'Cache-Control: private';
+ $headers[] = 'Vary: Cookie';
}
-} catch ( MWException $e ) {
- thumbInternalError( $e->getHTML() );
- wfLogProfilingData();
- exit;
-}
-wfProfileOut( 'thumb.php-start' );
-wfProfileIn( 'thumb.php-render' );
+ if ( !$img ) {
+ wfThumbError( 404, wfMsg( 'badtitletext' ) );
+ return;
+ }
+ if ( !$img->exists() ) {
+ wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' );
+ return;
+ }
+ $sourcePath = $img->getPath();
+ if ( $sourcePath === false ) {
+ wfThumbError( 500, 'The source file is not locally accessible.' );
+ return;
+ }
+
+ // Check IMS against the source file
+ // This means that clients can keep a cached copy even after it has been deleted on the server
+ if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
+ // Fix IE brokenness
+ $imsString = preg_replace( '/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"] );
+ // Calculate time
+ wfSuppressWarnings();
+ $imsUnix = strtotime( $imsString );
+ $stat = stat( $sourcePath );
+ wfRestoreWarnings();
+ if ( $stat['mtime'] <= $imsUnix ) {
+ header( 'HTTP/1.1 304 Not Modified' );
+ return;
+ }
+ }
+
+ // Stream the file if it exists already
+ try {
+ if ( false != ( $thumbName = $img->thumbName( $params ) ) ) {
+ $thumbPath = $img->getThumbPath( $thumbName );
+
+ if ( is_file( $thumbPath ) ) {
+ wfStreamFile( $thumbPath, $headers );
+ return;
+ }
+ }
+ } catch ( MWException $e ) {
+ wfThumbError( 500, $e->getHTML() );
+ return;
+ }
-try {
- if ( $img ) {
+ try {
$thumb = $img->transform( $params, File::RENDER_NOW );
- } else {
+ } catch( Exception $ex ) {
+ // Tried to select a page on a non-paged file?
$thumb = false;
}
-} catch( Exception $ex ) {
- // Tried to select a page on a non-paged file?
- $thumb = false;
-}
-if ( $thumb && $thumb->getPath() && file_exists( $thumb->getPath() ) ) {
- wfStreamFile( $thumb->getPath() );
-} else {
- if ( !$img ) {
- $msg = wfMsg( 'badtitletext' );
- } elseif ( !$thumb ) {
- $msg = wfMsgHtml( 'thumbnail_error', 'File::transform() returned false' );
+ $errorMsg = false;
+ if ( !$thumb ) {
+ $errorMsg = wfMsgHtml( 'thumbnail_error', 'File::transform() returned false' );
} elseif ( $thumb->isError() ) {
- $msg = $thumb->getHtmlMsg();
+ $errorMsg = $thumb->getHtmlMsg();
} elseif ( !$thumb->getPath() ) {
- $msg = wfMsgHtml( 'thumbnail_error', 'No path supplied in thumbnail object' );
+ $errorMsg = wfMsgHtml( 'thumbnail_error', 'No path supplied in thumbnail object' );
+ } elseif ( $thumb->getPath() == $img->getPath() ) {
+ $errorMsg = wfMsgHtml( 'thumbnail_error', 'Image was not scaled, ' .
+ 'is the requested width bigger than the source?' );
} else {
- $msg = wfMsgHtml( 'thumbnail_error', 'Output file missing' );
+ wfStreamFile( $thumb->getPath(), $headers );
+ }
+ if ( $errorMsg !== false ) {
+ wfThumbError( 500, $errorMsg );
}
- thumbInternalError( $msg );
-}
-
-wfProfileOut( 'thumb.php-render' );
-wfProfileOut( 'thumb.php' );
-wfLogProfilingData();
-//--------------------------------------------------------------------------
+ wfProfileOut( __METHOD__ );
+}
-function thumbInternalError( $msg ) {
+function wfThumbError( $status, $msg ) {
+ global $wgShowHostnames;
header( 'Cache-Control: no-cache' );
header( 'Content-Type: text/html; charset=utf-8' );
- header( 'HTTP/1.1 500 Internal server error' );
+ if ( $status == 404 ) {
+ header( 'HTTP/1.1 404 Not found' );
+ } elseif ( $status == 403 ) {
+ header( 'HTTP/1.1 403 Forbidden' );
+ header( 'Vary: Cookie' );
+ } else {
+ header( 'HTTP/1.1 500 Internal server error' );
+ }
+ if( $wgShowHostnames ) {
+ $url = htmlspecialchars( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '' );
+ $hostname = htmlspecialchars( wfHostname() );
+ $debug = "<!-- $url -->\n<!-- $hostname -->\n";
+ } else {
+ $debug = "";
+ }
echo <<<EOT
<html><head><title>Error generating thumbnail</title></head>
<body>
<p>
$msg
</p>
+$debug
</body>
</html>
EOT;
}
-?>
dépôts / lhc / web / wiklou.git / blobdiff