Make explicit plural forms work for Russian

[lhc/web/wiklou.git] / img_auth.php

diff --git a/img_auth.php b/img_auth.php
index ccaa8af..2d2db9a 100644 (file)
--- a/img_auth.php
+++ b/img_auth.php
@@ -40,11 +40,7 @@
  */
 
 define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
-if ( isset( $_SERVER['MW_COMPILED'] ) ) {
-       require ( 'core/includes/WebStart.php' );
-} else {
-       require ( __DIR__ . '/includes/WebStart.php' );
-}
+require __DIR__ . '/includes/WebStart.php';
 wfProfileIn( 'img_auth.php' );
 
 # Set action base paths so that WebRequest::getPathInfo()
@@ -56,7 +52,7 @@ wfImageAuthMain();
 wfLogProfilingData();
 
 function wfImageAuthMain() {
-       global $wgImgAuthPublicTest, $wgRequest;
+       global $wgImgAuthPublicTest, $wgImgAuthUrlPathMap, $wgRequest;
 
        // See if this is a public Wiki (no protections).
        if ( $wgImgAuthPublicTest
@@ -81,14 +77,32 @@ function wfImageAuthMain() {
 
        // Check for bug 28235: QUERY_STRING overriding the correct extension
        $whitelist = array();
-       $dotPos = strrpos( $path, '.' );
-       if ( $dotPos !== false ) {
-               $whitelist[] = substr( $path, $dotPos + 1 );
+       $extension = FileBackend::extensionFromPath( $path );
+       if ( $extension != '' ) {
+               $whitelist[] = $extension;
        }
        if ( !$wgRequest->checkUrlExtension( $whitelist ) ) {
                return;
        }
 
+       // Various extensions may have their own backends that need access.
+       // Check if there is a special backend and storage base path for this file.
+       foreach ( $wgImgAuthUrlPathMap as $prefix => $storageDir ) {
+               $prefix = rtrim( $prefix, '/' ) . '/'; // implicit trailing slash
+               if ( strpos( $path, $prefix ) === 0 ) {
+                       $be = FileBackendGroup::singleton()->backendFromPath( $storageDir );
+                       $filename = $storageDir . substr( $path, strlen( $prefix ) ); // strip prefix
+                       if ( $be->fileExists( array( 'src' => $filename ) ) ) {
+                               wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
+                               $be->streamFile( array( 'src' => $filename ),
+                                       array( 'Cache-Control: private', 'Vary: Cookie' ) );
+                       } else {
+                               wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $filename );
+                       }
+                       return;
+               }
+       }
+
        // Get the local file repository
        $repo = RepoGroup::singleton()->getRepo( 'local' );
 
@@ -117,6 +131,8 @@ function wfImageAuthMain() {
        }
 
        // Run hook for extension authorization plugins
+       /** @var $result array */
+       $result = null;
        if ( !wfRunHooks( 'ImgAuthBeforeStream', array( &$title, &$path, &$name, &$result ) ) ) {
                wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
                return;
@@ -147,6 +163,7 @@ function wfForbidden( $msg1, $msg2 ) {
        $args = func_get_args();
        array_shift( $args );
        array_shift( $args );
+       $args = ( isset( $args[0] ) && is_array( $args[0] ) ) ? $args[0] : $args;
 
        $msgHdr = wfMessage( $msg1 )->escaped();
        $detailMsgKey = $wgImgAuthDetails ? $msg2 : 'badaccess-group0';