dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fixed a E_DEPRECATED
[lhc/web/wiklou.git] / includes / StreamFile.php
1 <?php
2 /** */
3
4 /** */
5 function wfStreamFile( $fname, $headers = array() ) {
6 $stat = @stat( $fname );
7 if ( !$stat ) {
8 header( 'HTTP/1.0 404 Not Found' );
9 header( 'Cache-Control: no-cache' );
10 header( 'Content-Type: text/html; charset=utf-8' );
11 $encFile = htmlspecialchars( $fname );
12 $encScript = htmlspecialchars( $_SERVER['SCRIPT_NAME'] );
13 echo "<html><body>
14 <h1>File not found</h1>
15 <p>Although this PHP script ($encScript) exists, the file requested for output
16 ($encFile) does not.</p>
17 </body></html>
18 ";
19 return;
20 }
21
22 header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s', $stat['mtime'] ) . ' GMT' );
23
24 // Cancel output buffering and gzipping if set
25 wfResetOutputBuffers();
26
27 $type = wfGetType( $fname );
28 if ( $type and $type!="unknown/unknown") {
29 header("Content-type: $type");
30 } else {
31 header('Content-type: application/x-wiki');
32 }
33
34 // Don't stream it out as text/html if there was a PHP error
35 if ( headers_sent() ) {
36 echo "Headers already sent, terminating.\n";
37 return;
38 }
39
40 global $wgContLanguageCode;
41 header( "Content-Disposition: inline;filename*=utf-8'$wgContLanguageCode'" . urlencode( basename( $fname ) ) );
42
43 foreach ( $headers as $header ) {
44 header( $header );
45 }
46
47 if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
48 $modsince = preg_replace( '/;.*$/', '', $_SERVER['HTTP_IF_MODIFIED_SINCE'] );
49 $sinceTime = strtotime( $modsince );
50 if ( $stat['mtime'] <= $sinceTime ) {
51 ini_set('zlib.output_compression', 0);
52 header( "HTTP/1.0 304 Not Modified" );
53 return;
54 }
55 }
56
57 header( 'Content-Length: ' . $stat['size'] );
58
59 readfile( $fname );
60 }
61
62 /** */
63 function wfGetType( $filename, $safe = true ) {
64 global $wgTrivialMimeDetection;
65
66 $ext = strrchr($filename, '.');
67 $ext = $ext === false ? '' : strtolower( substr( $ext, 1 ) );
68
69 # trivial detection by file extension,
70 # used for thumbnails (thumb.php)
71 if ($wgTrivialMimeDetection) {
72 switch ($ext) {
73 case 'gif': return 'image/gif';
74 case 'png': return 'image/png';
75 case 'jpg': return 'image/jpeg';
76 case 'jpeg': return 'image/jpeg';
77 }
78
79 return 'unknown/unknown';
80 }
81
82 $magic = MimeMagic::singleton();
83 // Use the extension only, rather than magic numbers, to avoid opening
84 // up vulnerabilities due to uploads of files with allowed extensions
85 // but disallowed types.
86 $type = $magic->guessTypesForExtension( $ext );
87
88 /**
89 * Double-check some security settings that were done on upload but might
90 * have changed since.
91 */
92 if ( $safe ) {
93 global $wgFileBlacklist, $wgCheckFileExtensions, $wgStrictFileExtensions,
94 $wgFileExtensions, $wgVerifyMimeType, $wgMimeTypeBlacklist, $wgRequest;
95 list( $partName, $extList ) = UploadBase::splitExtensions( $filename );
96 if ( UploadBase::checkFileExtensionList( $extList, $wgFileBlacklist ) ) {
97 return 'unknown/unknown';
98 }
99 if ( $wgCheckFileExtensions && $wgStrictFileExtensions
100 && !UploadBase::checkFileExtensionList( $extList, $wgFileExtensions ) )
101 {
102 return 'unknown/unknown';
103 }
104 if ( $wgVerifyMimeType && in_array( strtolower( $type ), $wgMimeTypeBlacklist ) ) {
105 return 'unknown/unknown';
106 }
107 }
108 return $type;
109 }
Wiklou, le Wiki du Wiklou