dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Localisation updates for core and extension messages from translatewiki.net
[lhc/web/wiklou.git] / img_auth.php
diff --git a/img_auth.php b/img_auth.php
index 7f922c5..3999bf3 100644 (file)
--- a/img_auth.php
+++ b/img_auth.php
@@ -43,7 +43,7 @@ wfImageAuthMain();
 wfLogProfilingData();
 
 function wfImageAuthMain() {
-       global $wgImgAuthPublicTest, $wgRequest, $wgUploadDirectory;
+       global $wgImgAuthPublicTest, $wgRequest;
 
        // See if this is a public Wiki (no protections).
        if ( $wgImgAuthPublicTest
@@ -56,6 +56,10 @@ function wfImageAuthMain() {
 
        // Get the requested file path (source file or thumbnail)
        $matches = WebRequest::getPathInfo();
+       if ( !isset( $matches['title'] ) ) {
+               wfForbidden( 'img-auth-accessdenied', 'img-auth-nopathinfo' );
+               return;
+       }
        $path = $matches['title'];
        if ( $path && $path[0] !== '/' ) {
                // Make sure $path has a leading /
@@ -104,7 +108,7 @@ function wfImageAuthMain() {
                wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
                return;
        }
-       
+
        // Check user authorization for this title
        // Checks Whitelist too
        if ( !$title->userCan( 'read' ) ) {
Wiklou, le Wiki du Wiklou