diff options
author | Pierre Schmitz <pierre@archlinux.de> | 2013-01-18 16:46:04 +0100 |
---|---|---|
committer | Pierre Schmitz <pierre@archlinux.de> | 2013-01-18 16:46:04 +0100 |
commit | 63601400e476c6cf43d985f3e7b9864681695ed4 (patch) | |
tree | f7846203a952e38aaf66989d0a4702779f549962 /thumb.php | |
parent | 8ff01378c9e0207f9169b81966a51def645b6a51 (diff) |
Update to MediaWiki 1.20.2
this update includes:
* adjusted Arch Linux skin
* updated FluxBBAuthPlugin
* patch for https://bugzilla.wikimedia.org/show_bug.cgi?id=44024
Diffstat (limited to 'thumb.php')
-rw-r--r-- | thumb.php | 215 |
1 files changed, 139 insertions, 76 deletions
@@ -1,16 +1,31 @@ <?php - /** * PHP script to stream out an image thumbnail. * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * http://www.gnu.org/copyleft/gpl.html + * * @file * @ingroup Media */ + define( 'MW_NO_OUTPUT_COMPRESSION', 1 ); if ( isset( $_SERVER['MW_COMPILED'] ) ) { - require( 'phase3/includes/WebStart.php' ); + require( 'core/includes/WebStart.php' ); } else { - require( dirname( __FILE__ ) . '/includes/WebStart.php' ); + require( __DIR__ . '/includes/WebStart.php' ); } // Don't use fancy mime detection, just check the file extension for jpg/gif/png @@ -50,19 +65,22 @@ function wfThumbHandle404() { # that to the 404 handler, and puts the original request in REDIRECT_URL. if ( isset( $_SERVER['REDIRECT_URL'] ) ) { # The URL is un-encoded, so put it back how it was - $uri = str_replace( "%2F", "/", urlencode( $_SERVER['REDIRECT_URL'] ) ); - # Just get the URI path (REDIRECT_URL is either a full URL or a path) - if ( $uri[0] !== '/' ) { - $bits = wfParseUrl( $uri ); - if ( $bits && isset( $bits['path'] ) ) { - $uri = $bits['path']; - } - } + $uriPath = str_replace( "%2F", "/", urlencode( $_SERVER['REDIRECT_URL'] ) ); } else { - $uri = $_SERVER['REQUEST_URI']; + $uriPath = $_SERVER['REQUEST_URI']; + } + # Just get the URI path (REDIRECT_URL/REQUEST_URI is either a full URL or a path) + if ( substr( $uriPath, 0, 1 ) !== '/' ) { + $bits = wfParseUrl( $uriPath ); + if ( $bits && isset( $bits['path'] ) ) { + $uriPath = $bits['path']; + } else { + wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' ); + return; + } } - $params = wfExtractThumbParams( $uri ); // basic wiki URL param extracting + $params = wfExtractThumbParams( $uriPath ); // basic wiki URL param extracting if ( $params == null ) { wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' ); return; @@ -78,6 +96,7 @@ function wfThumbHandle404() { * @return void */ function wfStreamThumb( array $params ) { + global $wgVaryOnXFP; wfProfileIn( __METHOD__ ); $headers = array(); // HTTP headers to send @@ -97,23 +116,35 @@ function wfStreamThumb( array $params ) { // Is this a thumb of an archived file? $isOld = ( isset( $params['archived'] ) && $params['archived'] ); - unset( $params['archived'] ); + unset( $params['archived'] ); // handlers don't care + + // Is this a thumb of a temp file? + $isTemp = ( isset( $params['temp'] ) && $params['temp'] ); + unset( $params['temp'] ); // handlers don't care // Some basic input validation $fileName = strtr( $fileName, '\\/', '__' ); // Actually fetch the image. Method depends on whether it is archived or not. - if ( $isOld ) { + if ( $isTemp ) { + $repo = RepoGroup::singleton()->getLocalRepo()->getTempRepo(); + $img = new UnregisteredLocalFile( null, $repo, + # Temp files are hashed based on the name without the timestamp. + # The thumbnails will be hashed based on the entire name however. + # @TODO: fix this convention to actually be reasonable. + $repo->getZonePath( 'public' ) . '/' . $repo->getTempHashPath( $fileName ) . $fileName + ); + } elseif ( $isOld ) { // Format is <timestamp>!<name> $bits = explode( '!', $fileName, 2 ); if ( count( $bits ) != 2 ) { - wfThumbError( 404, wfMsg( 'badtitletext' ) ); + wfThumbError( 404, wfMessage( 'badtitletext' )->text() ); wfProfileOut( __METHOD__ ); return; } $title = Title::makeTitleSafe( NS_FILE, $bits[1] ); if ( !$title ) { - wfThumbError( 404, wfMsg( 'badtitletext' ) ); + wfThumbError( 404, wfMessage( 'badtitletext' )->text() ); wfProfileOut( __METHOD__ ); return; } @@ -123,20 +154,21 @@ function wfStreamThumb( array $params ) { } // Check permissions if there are read restrictions + $varyHeader = array(); if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) { - if ( !$img->getTitle()->userCan( 'read' ) ) { + if ( !$img->getTitle() || !$img->getTitle()->userCan( 'read' ) ) { wfThumbError( 403, 'Access denied. You do not have permission to access ' . 'the source file.' ); wfProfileOut( __METHOD__ ); return; } $headers[] = 'Cache-Control: private'; - $headers[] = 'Vary: Cookie'; + $varyHeader[] = 'Cookie'; } // Check the source file storage path if ( !$img ) { - wfThumbError( 404, wfMsg( 'badtitletext' ) ); + wfThumbError( 404, wfMessage( 'badtitletext' )->text() ); wfProfileOut( __METHOD__ ); return; } @@ -169,33 +201,58 @@ function wfStreamThumb( array $params ) { } } + $thumbName = $img->thumbName( $params ); + if ( !strlen( $thumbName ) ) { // invalid params? + wfThumbError( 400, 'The specified thumbnail parameters are not valid.' ); + wfProfileOut( __METHOD__ ); + return; + } + + $disposition = $img->getThumbDisposition( $thumbName ); + $headers[] = "Content-Disposition: $disposition"; + // Stream the file if it exists already... try { - $thumbName = $img->thumbName( $params ); - if ( strlen( $thumbName ) ) { // valid params? - // For 404 handled thumbnails, we only use the the base name of the URI - // for the thumb params and the parent directory for the source file name. - // Check that the zone relative path matches up so squid caches won't pick - // up thumbs that would not be purged on source file deletion (bug 34231). - if ( isset( $params['rel404'] ) // thumbnail was handled via 404 - && urldecode( $params['rel404'] ) !== $img->getThumbRel( $thumbName ) ) - { - wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' ); + $thumbName2 = $img->thumbName( $params, File::THUMB_FULL_NAME ); // b/c; "long" style + // For 404 handled thumbnails, we only use the the base name of the URI + // for the thumb params and the parent directory for the source file name. + // Check that the zone relative path matches up so squid caches won't pick + // up thumbs that would not be purged on source file deletion (bug 34231). + if ( isset( $params['rel404'] ) ) { // thumbnail was handled via 404 + if ( urldecode( $params['rel404'] ) === $img->getThumbRel( $thumbName ) ) { + // Request for the canonical thumbnail name + } elseif ( urldecode( $params['rel404'] ) === $img->getThumbRel( $thumbName2 ) ) { + // Request for the "long" thumbnail name; redirect to canonical name + $response = RequestContext::getMain()->getRequest()->response(); + $response->header( "HTTP/1.1 301 " . HttpStatus::getMessage( 301 ) ); + $response->header( 'Location: ' . wfExpandUrl( $img->getThumbUrl( $thumbName ), PROTO_CURRENT ) ); + $response->header( 'Expires: ' . + gmdate( 'D, d M Y H:i:s', time() + 7*86400 ) . ' GMT' ); + if ( $wgVaryOnXFP ) { + $varyHeader[] = 'X-Forwarded-Proto'; + } + $response->header( 'Vary: ' . implode( ', ', $varyHeader ) ); wfProfileOut( __METHOD__ ); return; - } - $thumbPath = $img->getThumbPath( $thumbName ); - if ( $img->getRepo()->fileExists( $thumbPath ) ) { - $img->getRepo()->streamFile( $thumbPath, $headers ); + } else { + wfThumbError( 404, 'The given path of the specified thumbnail is incorrect.' ); wfProfileOut( __METHOD__ ); return; } } + $thumbPath = $img->getThumbPath( $thumbName ); + if ( $img->getRepo()->fileExists( $thumbPath ) ) { + $headers[] = 'Vary: ' . implode( ', ', $varyHeader ); + $img->getRepo()->streamFile( $thumbPath, $headers ); + wfProfileOut( __METHOD__ ); + return; + } } catch ( MWException $e ) { wfThumbError( 500, $e->getHTML() ); wfProfileOut( __METHOD__ ); return; } + $headers[] = 'Vary: ' . implode( ', ', $varyHeader ); // Thumbnail isn't already there, so create the new thumbnail... try { @@ -207,15 +264,16 @@ function wfStreamThumb( array $params ) { // Check for thumbnail generation errors... $errorMsg = false; + $msg = wfMessage( 'thumbnail_error' ); if ( !$thumb ) { - $errorMsg = wfMsgHtml( 'thumbnail_error', 'File::transform() returned false' ); + $errorMsg = $msg->rawParams( 'File::transform() returned false' )->escaped(); } elseif ( $thumb->isError() ) { $errorMsg = $thumb->getHtmlMsg(); } elseif ( !$thumb->hasFile() ) { - $errorMsg = wfMsgHtml( 'thumbnail_error', 'No path supplied in thumbnail object' ); + $errorMsg = $msg->rawParams( 'No path supplied in thumbnail object' )->escaped(); } elseif ( $thumb->fileIsSource() ) { - $errorMsg = wfMsgHtml( 'thumbnail_error', - 'Image was not scaled, is the requested width bigger than the source?' ); + $errorMsg = $msg-> + rawParams( 'Image was not scaled, is the requested width bigger than the source?' )->escaped(); } if ( $errorMsg !== false ) { @@ -232,56 +290,61 @@ function wfStreamThumb( array $params ) { * Extract the required params for thumb.php from the thumbnail request URI. * At least 'width' and 'f' should be set if the result is an array. * - * @param $uri String Thumbnail request URI path + * @param $uriPath String Thumbnail request URI path * @return Array|null associative params array or null */ -function wfExtractThumbParams( $uri ) { +function wfExtractThumbParams( $uriPath ) { $repo = RepoGroup::singleton()->getLocalRepo(); - $zoneURI = $repo->getZoneUrl( 'thumb' ); - if ( substr( $zoneURI, 0, 1 ) !== '/' ) { - $bits = wfParseUrl( $zoneURI ); - if ( $bits && isset( $bits['path'] ) ) { - $zoneURI = $bits['path']; - } else { - return null; - } + // Zone URL might be relative ("/images") or protocol-relative ("//lang.site/image") + $zoneUriPath = $repo->getZoneHandlerUrl( 'thumb' ) + ? $repo->getZoneHandlerUrl( 'thumb' ) // custom URL + : $repo->getZoneUrl( 'thumb' ); // default to main URL + $bits = wfParseUrl( wfExpandUrl( $zoneUriPath, PROTO_INTERNAL ) ); + if ( $bits && isset( $bits['path'] ) ) { + $zoneUriPath = $bits['path']; + } else { + return null; // not a valid thumbnail URL } - $zoneUrlRegex = preg_quote( $zoneURI ); - $hashDirRegex = $subdirRegex = ''; + $hashDirReg = $subdirReg = ''; for ( $i = 0; $i < $repo->getHashLevels(); $i++ ) { - $subdirRegex .= '[0-9a-f]'; - $hashDirRegex .= "$subdirRegex/"; + $subdirReg .= '[0-9a-f]'; + $hashDirReg .= "$subdirReg/"; + } + $zoneReg = preg_quote( $zoneUriPath ); // regex for thumb zone URI + + // Check if this is a thumbnail of an original in the local file repo + if ( preg_match( "!^$zoneReg/((archive/)?$hashDirReg([^/]*)/([^/]*))$!", $uriPath, $m ) ) { + list( /*all*/, $rel, $archOrTemp, $filename, $thumbname ) = $m; + // Check if this is a thumbnail of an temp file in the local file repo + } elseif ( preg_match( "!^$zoneReg/(temp/)($hashDirReg([^/]*)/([^/]*))$!", $uriPath, $m ) ) { + list( /*all*/, $archOrTemp, $rel, $filename, $thumbname ) = $m; + } else { + return null; // not a valid looking thumbnail request } - $thumbUrlRegex = "!^$zoneUrlRegex/((archive/|temp/)?$hashDirRegex([^/]*)/([^/]*))$!"; - - // Check if this is a valid looking thumbnail request... - if ( preg_match( $thumbUrlRegex, $uri, $matches ) ) { - list( /* all */, $rel, $archOrTemp, $filename, $thumbname ) = $matches; - $filename = urldecode( $filename ); - $thumbname = urldecode( $thumbname ); + $filename = urldecode( $filename ); + $thumbname = urldecode( $thumbname ); - $params = array( 'f' => $filename, 'rel404' => $rel ); - if ( $archOrTemp == 'archive/' ) { - $params['archived'] = 1; - } elseif ( $archOrTemp == 'temp/' ) { - $params['temp'] = 1; - } + $params = array( 'f' => $filename, 'rel404' => $rel ); + if ( $archOrTemp === 'archive/' ) { + $params['archived'] = 1; + } elseif ( $archOrTemp === 'temp/' ) { + $params['temp'] = 1; + } - // Check if the parameters can be extracted from the thumbnail name... - if ( preg_match( '!^(page(\d*)-)*(\d*)px-[^/]*$!', $thumbname, $matches ) ) { - list( /* all */, $pagefull, $pagenum, $size ) = $matches; - $params['width'] = $size; - if ( $pagenum ) { - $params['page'] = $pagenum; - } - return $params; // valid thumbnail URL - // Hooks return false if they manage to *resolve* the parameters - } elseif ( !wfRunHooks( 'ExtractThumbParameters', array( $thumbname, &$params ) ) ) { - return $params; // valid thumbnail URL (via extension or config) + // Check if the parameters can be extracted from the thumbnail name... + if ( preg_match( '!^(page(\d*)-)*(\d*)px-[^/]*$!', $thumbname, $matches ) ) { + list( /* all */, $pagefull, $pagenum, $size ) = $matches; + $params['width'] = $size; + if ( $pagenum ) { + $params['page'] = $pagenum; } + return $params; // valid thumbnail URL + // Hooks return false if they manage to *resolve* the parameters + } elseif ( !wfRunHooks( 'ExtractThumbParameters', array( $thumbname, &$params ) ) ) { + return $params; // valid thumbnail URL (via extension or config) } return null; // not a valid thumbnail URL |