From: Daniel Friesen Date: Thu, 24 Nov 2011 09:55:33 +0000 (+0000) Subject: Update img_auth.php and WebRequest code to handle non index.php scripts like img_auth... X-Git-Tag: 1.31.0-rc.0~26306 X-Git-Url: https://git.heureux-cyclage.org/?a=commitdiff_plain;h=ae1d5aefbf455d11af25b2b0a9425846de38acf4;p=lhc%2Fweb%2Fwiklou.git Update img_auth.php and WebRequest code to handle non index.php scripts like img_auth.php better. Also update img_auth.php so it's abuse of $wg variables is done in a way that doesn't let "/*" action paths clobber it's handling. This should theoretically fix bug 32486. --- diff --git a/img_auth.php b/img_auth.php index 64910e349c..6dec63f4b4 100644 --- a/img_auth.php +++ b/img_auth.php @@ -36,7 +36,8 @@ wfProfileIn( 'img_auth.php' ); # Set action base paths so that WebRequest::getPathInfo() # recognizes the "X" as the 'title' in ../image_auth/X urls. -$wgActionPaths[] = $_SERVER['SCRIPT_NAME']; +$wgArticlePath = false; # Don't let a "/*" article path clober our action path +$wgActionPaths = array( "$wgUploadPath/" ); wfImageAuthMain(); wfLogProfilingData(); @@ -55,7 +56,11 @@ function wfImageAuthMain() { // Get the requested file path (source file or thumbnail) $matches = WebRequest::getPathInfo(); - $path = $matches['title']; // path with leading '/' + $path = $matches['title']; + if ( $path && $path[0] !== '/' ) { + // Make sure $path has a leading / + $path = "/" . $path; + } // Check for bug 28235: QUERY_STRING overriding the correct extension $whitelist = array(); diff --git a/includes/WebRequest.php b/includes/WebRequest.php index d0430b926a..9f6d277f8d 100644 --- a/includes/WebRequest.php +++ b/includes/WebRequest.php @@ -96,6 +96,16 @@ class WebRequest { // Raw PATH_INFO style $matches = self::extractTitle( $path, "$wgScript/$1" ); + if( !$matches + && isset( $_SERVER['SCRIPT_NAME'] ) + && preg_match( '/\.php5?/', $_SERVER['SCRIPT_NAME'] ) ) + { + # Check for SCRIPT_NAME, we handle index.php explicitly + # But we do have some other .php files such as img_auth.php + # Don't let root article paths clober the parsing for them + $matches = self::extractTitle( $path, $_SERVER['SCRIPT_NAME'] . "/$1" ); + } + global $wgArticlePath; if( !$matches && $wgArticlePath ) { $matches = self::extractTitle( $path, $wgArticlePath );