wfLogProfilingData();
function wfImageAuthMain() {
- global $wgImgAuthPublicTest, $wgRequest, $wgUploadDirectory;
+ global $wgImgAuthPublicTest, $wgRequest;
// See if this is a public Wiki (no protections).
if ( $wgImgAuthPublicTest
// Get the requested file path (source file or thumbnail)
$matches = WebRequest::getPathInfo();
+ if ( !isset( $matches['title'] ) ) {
+ wfForbidden( 'img-auth-accessdenied', 'img-auth-nopathinfo' );
+ return;
+ }
$path = $matches['title'];
if ( $path && $path[0] !== '/' ) {
// Make sure $path has a leading /
wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
return;
}
-
+
// Check user authorization for this title
// Checks Whitelist too
if ( !$title->userCan( 'read' ) ) {