From f493b02c6110cdc922f473129bed55057d8bd79e Mon Sep 17 00:00:00 2001
From: Daniel Kinzler <daniel@users.mediawiki.org>
Date: Thu, 29 Apr 2010 10:32:18 +0000
Subject: [PATCH] allow img_auth.php to use path= in place of PATH_INFO, so it
 can be used in CGI mode. Use with RewriteRule ^/w/images/(.*)$
 /w/img_auth.php?path=bell-style

---
 img_auth.php | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/img_auth.php b/img_auth.php
index bc4464d4cc..e8ad6b9599 100644
--- a/img_auth.php
+++ b/img_auth.php
@@ -38,11 +38,14 @@ if ( $wgImgAuthPublicTest
 }
 
 // Extract path and image information
-if( !isset( $_SERVER['PATH_INFO'] ) )
-	wfForbidden('img-auth-accessdenied','img-auth-nopathinfo');
+if( !isset( $_SERVER['PATH_INFO'] ) ) {
+        if( isset( $_GET['path'] ) ) $path = $_GET['path'];
+        else wfForbidden('img-auth-accessdenied','img-auth-nopathinfo');
+} else {
+        $path = $_SERVER['PATH_INFO'];
+}
 
-$path = $_SERVER['PATH_INFO'];
-$filename = realpath( $wgUploadDirectory . $_SERVER['PATH_INFO'] );
+$filename = realpath( $wgUploadDirectory . '/' . $path );
 $realUpload = realpath( $wgUploadDirectory );
 
 // Basic directory traversal check
-- 
2.20.1