From 8008372fc6489769579eb7af7dc890fc45f036ad Mon Sep 17 00:00:00 2001
From: Bryan Tong Minh <btongminh@users.mediawiki.org>
Date: Sun, 12 Dec 2010 15:50:25 +0000
Subject: [PATCH] Follow-up r65652: Do not double-slash the path if it came
 from PATH_INFO

---
 img_auth.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/img_auth.php b/img_auth.php
index b99773b776..c2541f69b2 100644
--- a/img_auth.php
+++ b/img_auth.php
@@ -43,11 +43,12 @@ if( !isset( $_SERVER['PATH_INFO'] ) ) {
 	if( !$path ) {
         wfForbidden( 'img-auth-accessdenied', 'img-auth-nopathinfo' );
 	}
+	$path = "/$path";
 } else {
 	$path = $_SERVER['PATH_INFO'];
 }
 
-$filename = realpath( $wgUploadDirectory . '/' . $path );
+$filename = realpath( $wgUploadDirectory . $path );
 $realUpload = realpath( $wgUploadDirectory );
 
 // Basic directory traversal check
-- 
2.20.1