From: Aaron Schulz <aaron@users.mediawiki.org>
Date: Thu, 9 Feb 2012 19:45:12 +0000 (+0000)
Subject: (bug 34231) - 'Make thumb.php error or redirect for urls with bogus paths but valid... 
X-Git-Tag: 1.31.0-rc.0~24817
X-Git-Url: http://git.cyclocoop.org/%24href?a=commitdiff_plain;h=5e91795785f733db1fd30662eada2bf192db838f;p=lhc%2Fweb%2Fwiklou.git

(bug 34231) - 'Make thumb.php error or redirect for urls with bogus paths but valid file & thumb names.'
---

diff --git a/thumb.php b/thumb.php
index e5fcf3a8b5..1890df2a16 100644
--- a/thumb.php
+++ b/thumb.php
@@ -173,6 +173,17 @@ function wfStreamThumb( array $params ) {
 	try {
 		$thumbName = $img->thumbName( $params );
 		if ( strlen( $thumbName ) ) { // valid params?
+			// For 404 handled thumbnails, we only use the the base name of the URI
+			// for the thumb params and the parent directory for the source file name.
+			// Check that the zone relative path matches up so squid caches won't pick
+			// up thumbs that would not be purged on source file deletion (bug 34231).
+			if ( isset( $params['rel404'] ) // thumbnail was handled via 404
+				&& $params['rel404'] !== $img->getThumbRel( $thumbName ) ) 
+			{
+				wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' );
+				wfProfileOut( __METHOD__ );
+				return;
+			}
 			$thumbPath = $img->getThumbPath( $thumbName );
 			if ( $img->getRepo()->fileExists( $thumbPath ) ) {
 				$img->getRepo()->streamFile( $thumbPath, $headers );
@@ -244,18 +255,18 @@ function wfExtractThumbParams( $uri ) {
 		$hashDirRegex .= "$subdirRegex/";
 	}
 
-	$thumbUrlRegex = "!^$zoneUrlRegex(/archive|/temp|)/$hashDirRegex([^/]*)/([^/]*)$!";
+	$thumbUrlRegex = "!^$zoneUrlRegex/((archive/|temp/)?$hashDirRegex([^/]*)/([^/]*))$!";
 
 	// Check if this is a valid looking thumbnail request...
 	if ( preg_match( $thumbUrlRegex, $uri, $matches ) ) {
-		list( /* all */, $archOrTemp, $filename, $thumbname ) = $matches;
+		list( /* all */, $rel, $archOrTemp, $filename, $thumbname ) = $matches;
 		$filename = urldecode( $filename );
 		$thumbname = urldecode( $thumbname );
 
-		$params = array( 'f' => $filename );
-		if ( $archOrTemp == '/archive' ) {
+		$params = array( 'f' => $filename, 'rel404' => $rel );
+		if ( $archOrTemp == 'archive/' ) {
 			$params['archived'] = 1;
-		} elseif ( $archOrTemp == '/temp' ) {
+		} elseif ( $archOrTemp == 'temp/' ) {
 			$params['temp'] = 1;
 		}