dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Set the user_touched field directly when adding a new user to the database so that...
[lhc/web/wiklou.git]
/
img_auth.php
diff --git
a/img_auth.php
b/img_auth.php
index
7f922c5
..
3999bf3
100644
(file)
--- a/
img_auth.php
+++ b/
img_auth.php
@@
-43,7
+43,7
@@
wfImageAuthMain();
wfLogProfilingData();
function wfImageAuthMain() {
wfLogProfilingData();
function wfImageAuthMain() {
- global $wgImgAuthPublicTest, $wgRequest
, $wgUploadDirectory
;
+ global $wgImgAuthPublicTest, $wgRequest;
// See if this is a public Wiki (no protections).
if ( $wgImgAuthPublicTest
// See if this is a public Wiki (no protections).
if ( $wgImgAuthPublicTest
@@
-56,6
+56,10
@@
function wfImageAuthMain() {
// Get the requested file path (source file or thumbnail)
$matches = WebRequest::getPathInfo();
// Get the requested file path (source file or thumbnail)
$matches = WebRequest::getPathInfo();
+ if ( !isset( $matches['title'] ) ) {
+ wfForbidden( 'img-auth-accessdenied', 'img-auth-nopathinfo' );
+ return;
+ }
$path = $matches['title'];
if ( $path && $path[0] !== '/' ) {
// Make sure $path has a leading /
$path = $matches['title'];
if ( $path && $path[0] !== '/' ) {
// Make sure $path has a leading /
@@
-104,7
+108,7
@@
function wfImageAuthMain() {
wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
return;
}
wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
return;
}
-
+
// Check user authorization for this title
// Checks Whitelist too
if ( !$title->userCan( 'read' ) ) {
// Check user authorization for this title
// Checks Whitelist too
if ( !$title->userCan( 'read' ) ) {