<?php
-
/**
* Image authorisation script
*
*
* Your server needs to support PATH_INFO; CGI-based configurations usually don't.
*
- * @file
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
*
- **/
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ */
define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
if ( isset( $_SERVER['MW_COMPILED'] ) ) {
- require ( 'phase3/includes/WebStart.php' );
+ require ( 'core/includes/WebStart.php' );
} else {
require ( dirname( __FILE__ ) . '/includes/WebStart.php' );
}
wfLogProfilingData();
function wfImageAuthMain() {
- global $wgImgAuthPublicTest, $wgRequest, $wgUploadDirectory;
+ global $wgImgAuthPublicTest, $wgRequest;
// See if this is a public Wiki (no protections).
if ( $wgImgAuthPublicTest
// Get the requested file path (source file or thumbnail)
$matches = WebRequest::getPathInfo();
+ if ( !isset( $matches['title'] ) ) {
+ wfForbidden( 'img-auth-accessdenied', 'img-auth-nopathinfo' );
+ return;
+ }
$path = $matches['title'];
if ( $path && $path[0] !== '/' ) {
// Make sure $path has a leading /
}
// Check to see if the file exists
- if ( !$repo->fileExists( $filename, FileRepo::FILES_ONLY ) ) {
+ if ( !$repo->fileExists( $filename ) ) {
wfForbidden( 'img-auth-accessdenied','img-auth-nofile', $filename );
return;
}
wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
return;
}
-
+
// Check user authorization for this title
// Checks Whitelist too
if ( !$title->userCan( 'read' ) ) {