From d1c62a372a429fe259cc9e6aa5ae41b3ca0bdbd3 Mon Sep 17 00:00:00 2001 From: Faidon Liambotis Date: Wed, 7 May 2014 20:01:16 +0300 Subject: [PATCH] img_auth: handle files in the transcoded zone img_auth.php does not currently handle filepaths for transcoded videos at all, and instead falls back attempting to open files out of the public zone, which obviously fails as these files do not exist there. Add a branch that handles transcoded containers in the same manner as thumbs and thus allowing access to those files from private wiki. Bug: 65007 Change-Id: I7182206ba09dd2466fc51aa1d51116dd13db980c --- img_auth.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/img_auth.php b/img_auth.php index a3485dfd7e..6f449c6877 100644 --- a/img_auth.php +++ b/img_auth.php @@ -106,14 +106,15 @@ function wfImageAuthMain() { // Get the local file repository $repo = RepoGroup::singleton()->getRepo( 'local' ); + $zone = strstr( ltrim( $path, '/' ), '/', true ); // Get the full file storage path and extract the source file name. // (e.g. 120px-Foo.png => Foo.png or page2-120px-Foo.png => Foo.png). - // This only applies to thumbnails, and all thumbnails should + // This only applies to thumbnails/transcoded, and each of them should // be under a folder that has the source file name. - if ( strpos( $path, '/thumb/' ) === 0 ) { - $name = wfBaseName( dirname( $path ) ); // file is a thumbnail - $filename = $repo->getZonePath( 'thumb' ) . substr( $path, 6 ); // strip "/thumb" + if ( $zone === 'thumb' || $zone === 'transcoded' ) { + $name = wfBaseName( dirname( $path ) ); + $filename = $repo->getZonePath( $zone ) . substr( $path, strlen( "/".$zone ) ); // Check to see if the file exists if ( !$repo->fileExists( $filename ) ) { wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $filename ); -- 2.20.1