X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;f=img_auth.php;h=2d2db9a5ed1035a448a2161cf07ac7ff112488f4;hb=a35f710791c7c86877be06af5e85636b3305d2e2;hp=c8759ec82aa54c4e1e0e80ef740b074e5a138ad7;hpb=59404fb12ee50a52925709a389f9c263f3e332a2;p=lhc%2Fweb%2Fwiklou.git

diff --git a/img_auth.php b/img_auth.php
index c8759ec82a..2d2db9a5ed 100644
--- a/img_auth.php
+++ b/img_auth.php
@@ -52,7 +52,7 @@ wfImageAuthMain();
 wfLogProfilingData();
 
 function wfImageAuthMain() {
-	global $wgImgAuthPublicTest, $wgRequest;
+	global $wgImgAuthPublicTest, $wgImgAuthUrlPathMap, $wgRequest;
 
 	// See if this is a public Wiki (no protections).
 	if ( $wgImgAuthPublicTest
@@ -77,14 +77,32 @@ function wfImageAuthMain() {
 
 	// Check for bug 28235: QUERY_STRING overriding the correct extension
 	$whitelist = array();
-	$dotPos = strrpos( $path, '.' );
-	if ( $dotPos !== false ) {
-		$whitelist[] = substr( $path, $dotPos + 1 );
+	$extension = FileBackend::extensionFromPath( $path );
+	if ( $extension != '' ) {
+		$whitelist[] = $extension;
 	}
 	if ( !$wgRequest->checkUrlExtension( $whitelist ) ) {
 		return;
 	}
 
+	// Various extensions may have their own backends that need access.
+	// Check if there is a special backend and storage base path for this file.
+	foreach ( $wgImgAuthUrlPathMap as $prefix => $storageDir ) {
+		$prefix = rtrim( $prefix, '/' ) . '/'; // implicit trailing slash
+		if ( strpos( $path, $prefix ) === 0 ) {
+			$be = FileBackendGroup::singleton()->backendFromPath( $storageDir );
+			$filename = $storageDir . substr( $path, strlen( $prefix ) ); // strip prefix
+			if ( $be->fileExists( array( 'src' => $filename ) ) ) {
+				wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
+				$be->streamFile( array( 'src' => $filename ),
+					array( 'Cache-Control: private', 'Vary: Cookie' ) );
+			} else {
+				wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $filename );
+			}
+			return;
+		}
+	}
+
 	// Get the local file repository
 	$repo = RepoGroup::singleton()->getRepo( 'local' );
 
@@ -145,6 +163,7 @@ function wfForbidden( $msg1, $msg2 ) {
 	$args = func_get_args();
 	array_shift( $args );
 	array_shift( $args );
+	$args = ( isset( $args[0] ) && is_array( $args[0] ) ) ? $args[0] : $args;
 
 	$msgHdr = wfMessage( $msg1 )->escaped();
 	$detailMsgKey = $wgImgAuthDetails ? $msg2 : 'badaccess-group0';