Drop Oracle and Mssql

[lhc/web/wiklou.git] / thumb.php

diff --git a/thumb.php b/thumb.php
index 43dd5d4..4e5c213 100644 (file)
--- a/thumb.php
+++ b/thumb.php
@@ -155,7 +155,11 @@ function wfStreamThumb( array $params ) {
        // Check permissions if there are read restrictions
        $varyHeader = [];
        if ( !in_array( 'read', User::getGroupPermissions( [ '*' ] ), true ) ) {
-               if ( !$img->getTitle() || !$img->getTitle()->userCan( 'read' ) ) {
+               $user = RequestContext::getMain()->getUser();
+               $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+               $imgTitle = $img->getTitle();
+
+               if ( !$imgTitle || !$permissionManager->userCan( 'read', $user, $imgTitle ) ) {
                        wfThumbError( 403, 'Access denied. You do not have permission to access ' .
                                'the source file.' );
                        return;
@@ -409,6 +413,8 @@ function wfProxyThumbnailRequest( $img, $thumbName ) {
        // Send request to proxied service
        $status = $req->execute();
 
+       MediaWiki\HeaderCallback::warnIfHeadersSent();
+
        // Simply serve the response from the proxied service as-is
        header( 'HTTP/1.1 ' . $req->getStatus() );
 
@@ -634,6 +640,8 @@ function wfThumbErrorText( $status, $msgText ) {
 function wfThumbError( $status, $msgHtml, $msgText = null, $context = [] ) {
        global $wgShowHostnames;
 
+       MediaWiki\HeaderCallback::warnIfHeadersSent();
+
        header( 'Cache-Control: no-cache' );
        header( 'Content-Type: text/html; charset=utf-8' );
        if ( $status == 400 || $status == 404 || $status == 429 ) {