dépôts / lhc / web / wiklou.git / blob
? search:


89866097b24cd86187c71d4c9072f31a128e5cbc
[lhc/web/wiklou.git] / includes / specials / SpecialUploadStash.php
1 <?php
2 /**
3 * Implements Special:UploadStash
4 *
5 * Web access for files temporarily stored by UploadStash.
6 *
7 * For example -- files that were uploaded with the UploadWizard extension are stored temporarily
8 * before committing them to the db. But we want to see their thumbnails and get other information
9 * about them.
10 *
11 * Since this is based on the user's session, in effect this creates a private temporary file area.
12 * However, the URLs for the files cannot be shared.
13 *
14 * @file
15 * @ingroup SpecialPage
16 * @ingroup Upload
17 */
18
19 class SpecialUploadStash extends UnlistedSpecialPage {
20 // UploadStash
21 private $stash;
22
23 // Since we are directly writing the file to STDOUT,
24 // we should not be reading in really big files and serving them out.
25 //
26 // We also don't want people using this as a file drop, even if they
27 // share credentials.
28 //
29 // This service is really for thumbnails and other such previews while
30 // uploading.
31 const MAX_SERVE_BYTES = 262144; // 256K
32
33 public function __construct( ) {
34 parent::__construct( 'UploadStash', 'upload' );
35 try {
36 $this->stash = new UploadStash( );
37 } catch (UploadStashNotAvailableException $e) {
38 return null;
39 }
40 }
41
42 /**
43 * If file available in stash, cats it out to the client as a simple HTTP response.
44 * n.b. Most sanity checking done in UploadStashLocalFile, so this is straightforward.
45 *
46 * @param $subPage String: subpage, e.g. in http://example.com/wiki/Special:UploadStash/foo.jpg, the "foo.jpg" part
47 * @return Boolean: success
48 */
49 public function execute( $subPage ) {
50 global $wgOut, $wgUser;
51
52 if ( !$this->userCanExecute( $wgUser ) ) {
53 $this->displayRestrictionError();
54 return;
55 }
56
57 // prevent callers from doing standard HTML output -- we'll take it from here
58 $wgOut->disable();
59
60 if ( !isset( $subPage ) || $subPage === '' ) {
61 // the user probably visited the page just to see what would happen, so explain it a bit.
62 $code = '400';
63 $message = "Missing key\n\n"
64 . 'This page provides access to temporarily stashed files for the user that '
65 . 'uploaded those files. See the upload API documentation. To access a stashed file, '
66 . 'use the URL of this page, with a slash and the key of the stashed file appended.';
67 } else {
68 try {
69 $file = $this->getStashFile( $subPage );
70 $size = $file->getSize();
71 if ( $size === 0 ) {
72 $code = 500;
73 $message = 'File is zero length';
74 } else if ( $size > self::MAX_SERVE_BYTES ) {
75 $code = 500;
76 $message = 'Cannot serve a file larger than ' . self::MAX_SERVE_BYTES . ' bytes';
77 } else {
78 $this->outputFile( $file );
79 return true;
80 }
81 } catch( UploadStashFileNotFoundException $e ) {
82 $code = 404;
83 $message = $e->getMessage();
84 } catch( UploadStashBadPathException $e ) {
85 $code = 500;
86 $message = $e->getMessage();
87 } catch( Exception $e ) {
88 $code = 500;
89 $message = $e->getMessage();
90 }
91 }
92
93 wfHttpError( $code, OutputPage::getStatusMessage( $code ), $message );
94 return false;
95 }
96
97
98 /**
99 * Convert the incoming url portion (subpage of Special page) into a stashed file,
100 * if available.
101 *
102 * @param $subPage String
103 * @return File object
104 * @throws MWException, UploadStashFileNotFoundException, UploadStashBadPathException
105 */
106 private function getStashFile( $subPage ) {
107 // due to an implementation quirk (and trying to be compatible with older method)
108 // the stash key doesn't have an extension
109 $key = $subPage;
110 $n = strrpos( $subPage, '.' );
111 if ( $n !== false ) {
112 $key = $n ? substr( $subPage, 0, $n ) : $subPage;
113 }
114
115 try {
116 $file = $this->stash->getFile( $key );
117 } catch ( UploadStashFileNotFoundException $e ) {
118 // if we couldn't find it, and it looks like a thumbnail,
119 // and it looks like we have the original, go ahead and generate it
120 $matches = array();
121 if ( ! preg_match( '/^(\d+)px-(.*)$/', $key, $matches ) ) {
122 // that doesn't look like a thumbnail. re-raise exception
123 throw $e;
124 }
125
126 list( , $width, $origKey ) = $matches;
127
128 // do not trap exceptions, if key is in bad format, or file not found,
129 // let exceptions propagate to caller.
130 $origFile = $this->stash->getFile( $origKey );
131
132 // ok we're here so the original must exist. Generate the thumbnail.
133 // because the file is a UploadStashFile, this thumbnail will also be stashed,
134 // and a thumbnailFile will be created in the thumbnailImage composite object
135 $thumbnailImage = $origFile->transform( array( 'width' => $width ) );
136 if ( !$thumbnailImage ) {
137 throw new MWException( 'Could not obtain thumbnail' );
138 }
139 $file = $thumbnailImage->thumbnailFile;
140 }
141
142 return $file;
143 }
144
145 /**
146 * Output HTTP response for file
147 * Side effects, obviously, of echoing lots of stuff to stdout.
148 *
149 * @param $file File object
150 */
151 private function outputFile( $file ) {
152 header( 'Content-Type: ' . $file->getMimeType(), true );
153 header( 'Content-Transfer-Encoding: binary', true );
154 header( 'Expires: Sun, 17-Jan-2038 19:14:07 GMT', true );
155 header( 'Content-Length: ' . $file->getSize(), true );
156 readfile( $file->getPath() );
157 }
158 }
Wiklou, le Wiki du Wiklou