/**
* PHP script to stream out an image thumbnail.
- * If the file exists, we make do with abridged MediaWiki initialisation.
+ *
+ * @file
+ * @ingroup Media
*/
-define( 'MW_NO_SETUP', 1 );
define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
-require_once( './includes/WebStart.php' );
-wfProfileIn( 'thumb.php' );
-wfProfileIn( 'thumb.php-start' );
-require_once( "$IP/includes/GlobalFunctions.php" );
-require_once( "$IP/includes/ImageFunctions.php" );
-
-$wgTrivialMimeDetection = true; //don't use fancy mime detection, just check the file extension for jpg/gif/png.
+if ( isset( $_SERVER['MW_COMPILED'] ) ) {
+ require( 'phase3/includes/WebStart.php' );
+} else {
+ require( dirname( __FILE__ ) . '/includes/WebStart.php' );
+}
-require_once( "$IP/includes/StreamFile.php" );
-require_once( "$IP/includes/AutoLoader.php" );
+// Don't use fancy mime detection, just check the file extension for jpg/gif/png
+$wgTrivialMimeDetection = true;
-// Get input parameters
-if ( get_magic_quotes_gpc() ) {
- $params = array_map( 'stripslashes', $_REQUEST );
+if ( defined( 'THUMB_HANDLER' ) ) {
+ // Called from thumb_handler.php via 404; extract params from the URI...
+ wfThumbHandle404();
} else {
- $params = $_REQUEST;
+ // Called directly, use $_REQUEST params
+ wfThumbHandleRequest();
}
+wfLogProfilingData();
+
+//--------------------------------------------------------------------------
-$fileName = isset( $params['f'] ) ? $params['f'] : '';
-unset( $params['f'] );
+/**
+ * Handle a thumbnail request via query parameters
+ *
+ * @return void
+ */
+function wfThumbHandleRequest() {
+ $params = get_magic_quotes_gpc()
+ ? array_map( 'stripslashes', $_REQUEST )
+ : $_REQUEST;
-// Backwards compatibility parameters
-if ( isset( $params['w'] ) ) {
- $params['width'] = $params['w'];
- unset( $params['w'] );
+ wfStreamThumb( $params ); // stream the thumbnail
}
-if ( isset( $params['p'] ) ) {
- $params['page'] = $params['p'];
+
+/**
+ * Handle a thumbnail request via thumbnail file URL
+ *
+ * @return void
+ */
+function wfThumbHandle404() {
+ # lighttpd puts the original request in REQUEST_URI, while sjs sets
+ # that to the 404 handler, and puts the original request in REDIRECT_URL.
+ if ( isset( $_SERVER['REDIRECT_URL'] ) ) {
+ # The URL is un-encoded, so put it back how it was
+ $uri = str_replace( "%2F", "/", urlencode( $_SERVER['REDIRECT_URL'] ) );
+ # Just get the URI path (REDIRECT_URL is either a full URL or a path)
+ if ( $uri[0] !== '/' ) {
+ $bits = wfParseUrl( $uri );
+ if ( $bits && isset( $bits['path'] ) ) {
+ $uri = $bits['path'];
+ }
+ }
+ } else {
+ $uri = $_SERVER['REQUEST_URI'];
+ }
+
+ $params = wfExtractThumbParams( $uri ); // basic wiki URL param extracting
+ if ( $params == null ) {
+ wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' );
+ return;
+ }
+
+ wfStreamThumb( $params ); // stream the thumbnail
}
-unset( $params['r'] );
-// Some basic input validation
-$fileName = strtr( $fileName, '\\/', '__' );
+/**
+ * Stream a thumbnail specified by parameters
+ *
+ * @param $params Array
+ * @return void
+ */
+function wfStreamThumb( array $params ) {
+ wfProfileIn( __METHOD__ );
+
+ $headers = array(); // HTTP headers to send
-// Work out paths, carefully avoiding constructing an Image object because that won't work yet
-$handler = thumbGetHandler( $fileName );
-if ( $handler ) {
- $imagePath = wfImageDir( $fileName ) . '/' . $fileName;
- $thumbName = $handler->makeParamString( $params ) . "-$fileName";
- $thumbPath = wfImageThumbDir( $fileName ) . '/' . $thumbName;
+ $fileName = isset( $params['f'] ) ? $params['f'] : '';
+ unset( $params['f'] );
- if ( is_file( $thumbPath ) && filemtime( $thumbPath ) >= filemtime( $imagePath ) ) {
- wfStreamFile( $thumbPath );
- // Can't log profiling data with no Setup.php
- exit;
+ // Backwards compatibility parameters
+ if ( isset( $params['w'] ) ) {
+ $params['width'] = $params['w'];
+ unset( $params['w'] );
}
-}
+ if ( isset( $params['p'] ) ) {
+ $params['page'] = $params['p'];
+ }
+ unset( $params['r'] ); // ignore 'r' because we unconditionally pass File::RENDER
+
+ // Is this a thumb of an archived file?
+ $isOld = ( isset( $params['archived'] ) && $params['archived'] );
+ unset( $params['archived'] );
-// OK, no valid thumbnail, time to get out the heavy machinery
-wfProfileOut( 'thumb.php-start' );
-require_once( './includes/Setup.php' );
-wfProfileIn( 'thumb.php-render' );
+ // Some basic input validation
+ $fileName = strtr( $fileName, '\\/', '__' );
-$img = Image::newFromName( $fileName );
-try {
- if ( $img ) {
- $thumb = $img->transform( $params, Image::RENDER_NOW );
+ // Actually fetch the image. Method depends on whether it is archived or not.
+ if ( $isOld ) {
+ // Format is <timestamp>!<name>
+ $bits = explode( '!', $fileName, 2 );
+ if ( count( $bits ) != 2 ) {
+ wfThumbError( 404, wfMsg( 'badtitletext' ) );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+ $title = Title::makeTitleSafe( NS_FILE, $bits[1] );
+ if ( !$title ) {
+ wfThumbError( 404, wfMsg( 'badtitletext' ) );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+ $img = RepoGroup::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName );
} else {
+ $img = wfLocalFile( $fileName );
+ }
+
+ // Check permissions if there are read restrictions
+ if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) {
+ if ( !$img->getTitle()->userCan( 'read' ) ) {
+ wfThumbError( 403, 'Access denied. You do not have permission to access ' .
+ 'the source file.' );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+ $headers[] = 'Cache-Control: private';
+ $headers[] = 'Vary: Cookie';
+ }
+
+ // Check the source file storage path
+ if ( !$img ) {
+ wfThumbError( 404, wfMsg( 'badtitletext' ) );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+ if ( !$img->exists() ) {
+ wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+ $sourcePath = $img->getPath();
+ if ( $sourcePath === false ) {
+ wfThumbError( 500, 'The source file is not locally accessible.' );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+
+ // Check IMS against the source file
+ // This means that clients can keep a cached copy even after it has been deleted on the server
+ if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
+ // Fix IE brokenness
+ $imsString = preg_replace( '/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"] );
+ // Calculate time
+ wfSuppressWarnings();
+ $imsUnix = strtotime( $imsString );
+ wfRestoreWarnings();
+ $sourceTsUnix = wfTimestamp( TS_UNIX, $img->getTimestamp() );
+ if ( $sourceTsUnix <= $imsUnix ) {
+ header( 'HTTP/1.1 304 Not Modified' );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+ }
+
+ // Stream the file if it exists already...
+ try {
+ $thumbName = $img->thumbName( $params );
+ if ( strlen( $thumbName ) ) { // valid params?
+ $thumbPath = $img->getThumbPath( $thumbName );
+ if ( $img->getRepo()->fileExists( $thumbPath ) ) {
+ $img->getRepo()->streamFile( $thumbPath, $headers );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+ }
+ } catch ( MWException $e ) {
+ wfThumbError( 500, $e->getHTML() );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+
+ // Thumbnail isn't already there, so create the new thumbnail...
+ try {
+ $thumb = $img->transform( $params, File::RENDER_NOW );
+ } catch ( Exception $ex ) {
+ // Tried to select a page on a non-paged file?
$thumb = false;
}
-} catch( Exception $ex ) {
- // Tried to select a page on a non-paged file?
- $thumb = false;
+
+ // Check for thumbnail generation errors...
+ $errorMsg = false;
+ if ( !$thumb ) {
+ $errorMsg = wfMsgHtml( 'thumbnail_error', 'File::transform() returned false' );
+ } elseif ( $thumb->isError() ) {
+ $errorMsg = $thumb->getHtmlMsg();
+ } elseif ( !$thumb->hasFile() ) {
+ $errorMsg = wfMsgHtml( 'thumbnail_error', 'No path supplied in thumbnail object' );
+ } elseif ( $thumb->fileIsSource() ) {
+ $errorMsg = wfMsgHtml( 'thumbnail_error',
+ 'Image was not scaled, is the requested width bigger than the source?' );
+ }
+
+ if ( $errorMsg !== false ) {
+ wfThumbError( 500, $errorMsg );
+ } else {
+ // Stream the file if there were no errors
+ $thumb->streamFile( $headers );
+ }
+
+ wfProfileOut( __METHOD__ );
+}
+
+/**
+ * Extract the required params for thumb.php from the thumbnail request URI.
+ * At least 'width' and 'f' should be set if the result is an array.
+ *
+ * @param $uri String Thumbnail request URI path
+ * @return Array|null associative params array or null
+ */
+function wfExtractThumbParams( $uri ) {
+ $repo = RepoGroup::singleton()->getLocalRepo();
+
+ $zoneURI = $repo->getZoneUrl( 'thumb' );
+ if ( substr( $zoneURI, 0, 1 ) !== '/' ) {
+ $bits = wfParseUrl( $zoneURI );
+ if ( $bits && isset( $bits['path'] ) ) {
+ $zoneURI = $bits['path'];
+ } else {
+ return null;
+ }
+ }
+ $zoneUrlRegex = preg_quote( $zoneURI );
+
+ $hashDirRegex = $subdirRegex = '';
+ for ( $i = 0; $i < $repo->getHashLevels(); $i++ ) {
+ $subdirRegex .= '[0-9a-f]';
+ $hashDirRegex .= "$subdirRegex/";
+ }
+
+ $thumbUrlRegex = "!^$zoneUrlRegex(/archive|/temp|)/$hashDirRegex([^/]*)/([^/]*)$!";
+
+ // Check if this is a valid looking thumbnail request...
+ if ( preg_match( $thumbUrlRegex, $uri, $matches ) ) {
+ list( /* all */, $archOrTemp, $filename, $thumbname ) = $matches;
+ $filename = urldecode( $filename );
+ $thumbname = urldecode( $thumbname );
+
+ $params = array( 'f' => $filename );
+ if ( $archOrTemp == '/archive' ) {
+ $params['archived'] = 1;
+ } elseif ( $archOrTemp == '/temp' ) {
+ $params['temp'] = 1;
+ }
+
+ // Check if the parameters can be extracted from the thumbnail name...
+ // @TODO: remove 'page' stuff and make ProofreadPage handle it via hook.
+ if ( preg_match( '!^(page(\d*)-)*(\d*)px-[^/]*$!', $thumbname, $matches ) ) {
+ list( /* all */, $pagefull, $pagenum, $size ) = $matches;
+ $params['width'] = $size;
+ if ( $pagenum ) {
+ $params['page'] = $pagenum;
+ }
+ return $params; // valid thumbnail URL
+ // Hooks return false if they manage to *resolve* the parameters
+ } elseif ( !wfRunHooks( 'ExtractThumbParameters', array( $thumbname, &$params ) ) ) {
+ return $params; // valid thumbnail URL (via extension or config)
+ }
+ }
+
+ return null; // not a valid thumbnail URL
}
-if ( $thumb && $thumb->getPath() && file_exists( $thumb->getPath() ) ) {
- wfStreamFile( $thumb->getPath() );
-} elseif ( $img ) {
+/**
+ * Output a thumbnail generation error message
+ *
+ * @param $status integer
+ * @param $msg string
+ * @return void
+ */
+function wfThumbError( $status, $msg ) {
+ global $wgShowHostnames;
+
header( 'Cache-Control: no-cache' );
header( 'Content-Type: text/html; charset=utf-8' );
- header( 'HTTP/1.1 500 Internal server error' );
- if ( !$thumb ) {
- $msg = wfMsgHtml( 'thumbnail_error', 'Image::transform() returned false' );
- } elseif ( $thumb->isError() ) {
- $msg = $thumb->getHtmlMsg();
- } elseif ( !$thumb->getPath() ) {
- $msg = wfMsgHtml( 'thumbnail_error', 'No path supplied in thumbnail object' );
+ if ( $status == 404 ) {
+ header( 'HTTP/1.1 404 Not found' );
+ } elseif ( $status == 403 ) {
+ header( 'HTTP/1.1 403 Forbidden' );
+ header( 'Vary: Cookie' );
} else {
- $msg = wfMsgHtml( 'thumbnail_error', 'Output file missing' );
+ header( 'HTTP/1.1 500 Internal server error' );
+ }
+ if ( $wgShowHostnames ) {
+ $url = htmlspecialchars( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '' );
+ $hostname = htmlspecialchars( wfHostname() );
+ $debug = "<!-- $url -->\n<!-- $hostname -->\n";
+ } else {
+ $debug = "";
}
echo <<<EOT
<html><head><title>Error generating thumbnail</title></head>
<p>
$msg
</p>
+$debug
</body>
</html>
EOT;
-} else {
- $badtitle = wfMsg( 'badtitle' );
- $badtitletext = wfMsg( 'badtitletext' );
- header( 'Cache-Control: no-cache' );
- header( 'Content-Type: text/html; charset=utf-8' );
- header( 'HTTP/1.1 500 Internal server error' );
- echo "<html><head>
- <title>$badtitle</title>
- <body>
-<h1>$badtitle</h1>
-<p>$badtitletext</p>
-</body></html>
-";
}
-
-wfProfileOut( 'thumb.php-render' );
-wfProfileOut( 'thumb.php' );
-wfLogProfilingData();
-
-//--------------------------------------------------------------------------
-
-function thumbGetHandler( $fileName ) {
- // Determine type
- $magic = MimeMagic::singleton();
- $extPos = strrpos( $fileName, '.' );
- if ( $extPos === false ) {
- return false;
- }
- $mime = $magic->guessTypesForExtension( substr( $fileName, $extPos + 1 ) );
- return MediaHandler::getHandler( $mime );
-}
-
-?>