Error generating thumbnail

X-Git-Url: http://git.cyclocoop.org/?a=blobdiff_plain;f=thumb.php;h=61fd788c9b641a6b42ebbc280c198336e90bb783;hb=55e2bcad65a5c0d6e7d16d1c4fef58faa6695a10;hp=dbc07c2150bc31c17d9bae216d414349eeec5d0c;hpb=a910a32f760c38b99d5be658a36679e62a610724;p=lhc%2Fweb%2Fwiklou.git diff --git a/thumb.php b/thumb.php index dbc07c2150..61fd788c9b 100644 --- a/thumb.php +++ b/thumb.php @@ -3,101 +3,184 @@ /** * PHP script to stream out an image thumbnail. * - * @addtogroup Media + * @file + * @ingroup Media */ define( 'MW_NO_OUTPUT_COMPRESSION', 1 ); -require_once( './includes/WebStart.php' ); -wfProfileIn( 'thumb.php' ); -wfProfileIn( 'thumb.php-start' ); +if ( isset( $_SERVER['MW_COMPILED'] ) ) { + require ( 'phase3/includes/WebStart.php' ); +} else { + require ( dirname( __FILE__ ) . '/includes/WebStart.php' ); +} $wgTrivialMimeDetection = true; //don't use fancy mime detection, just check the file extension for jpg/gif/png. -require_once( "$IP/includes/StreamFile.php" ); +wfThumbMain(); +wfLogProfilingData(); -// Get input parameters -if ( get_magic_quotes_gpc() ) { - $params = array_map( 'stripslashes', $_REQUEST ); -} else { - $params = $_REQUEST; -} +//-------------------------------------------------------------------------- -$fileName = isset( $params['f'] ) ? $params['f'] : ''; -unset( $params['f'] ); +function wfThumbMain() { + wfProfileIn( __METHOD__ ); -// Backwards compatibility parameters -if ( isset( $params['w'] ) ) { - $params['width'] = $params['w']; - unset( $params['w'] ); -} -if ( isset( $params['p'] ) ) { - $params['page'] = $params['p']; -} -unset( $params['r'] ); + $headers = array(); -// Some basic input validation -$fileName = strtr( $fileName, '\\/', '__' ); + // Get input parameters + if ( get_magic_quotes_gpc() ) { + $params = array_map( 'stripslashes', $_REQUEST ); + } else { + $params = $_REQUEST; + } -// Stream the file if it exists already -try { - $img = wfLocalFile( $fileName ); - if ( $img && false != ( $thumbName = $img->thumbName( $params ) ) ) { - $thumbPath = $img->getThumbPath( $thumbName ); + $fileName = isset( $params['f'] ) ? $params['f'] : ''; + unset( $params['f'] ); - if ( is_file( $thumbPath ) ) { - wfStreamFile( $thumbPath ); - wfLogProfilingData(); - exit; + // Backwards compatibility parameters + if ( isset( $params['w'] ) ) { + $params['width'] = $params['w']; + unset( $params['w'] ); + } + if ( isset( $params['p'] ) ) { + $params['page'] = $params['p']; + } + unset( $params['r'] ); // ignore 'r' because we unconditionally pass File::RENDER + + // Is this a thumb of an archived file? + $isOld = (isset( $params['archived'] ) && $params['archived']); + unset( $params['archived'] ); + + // Some basic input validation + $fileName = strtr( $fileName, '\\/', '__' ); + + // Actually fetch the image. Method depends on whether it is archived or not. + if( $isOld ) { + // Format is ! + $bits = explode( '!', $fileName, 2 ); + if( !isset($bits[1]) ) { + wfThumbError( 404, wfMsg( 'badtitletext' ) ); + wfProfileOut( __METHOD__ ); + return; } + $title = Title::makeTitleSafe( NS_FILE, $bits[1] ); + if( is_null($title) ) { + wfThumbError( 404, wfMsg( 'badtitletext' ) ); + wfProfileOut( __METHOD__ ); + return; + } + $img = RepoGroup::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName ); + } else { + $img = wfLocalFile( $fileName ); } -} catch ( MWException $e ) { - thumbInternalError( $e->getHTML() ); - wfLogProfilingData(); - exit; -} -wfProfileOut( 'thumb.php-start' ); -wfProfileIn( 'thumb.php-render' ); + // Check permissions if there are read restrictions + if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) { + if ( !$img->getTitle()->userCanRead() ) { + wfThumbError( 403, 'Access denied. You do not have permission to access ' . + 'the source file.' ); + wfProfileOut( __METHOD__ ); + return; + } + $headers[] = 'Cache-Control: private'; + $headers[] = 'Vary: Cookie'; + } -try { - if ( $img ) { + if ( !$img ) { + wfThumbError( 404, wfMsg( 'badtitletext' ) ); + wfProfileOut( __METHOD__ ); + return; + } + if ( !$img->exists() ) { + wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' ); + wfProfileOut( __METHOD__ ); + return; + } + $sourcePath = $img->getPath(); + if ( $sourcePath === false ) { + wfThumbError( 500, 'The source file is not locally accessible.' ); + wfProfileOut( __METHOD__ ); + return; + } + + // Check IMS against the source file + // This means that clients can keep a cached copy even after it has been deleted on the server + if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) { + // Fix IE brokenness + $imsString = preg_replace( '/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"] ); + // Calculate time + wfSuppressWarnings(); + $imsUnix = strtotime( $imsString ); + $stat = stat( $sourcePath ); + wfRestoreWarnings(); + if ( $stat['mtime'] <= $imsUnix ) { + header( 'HTTP/1.1 304 Not Modified' ); + wfProfileOut( __METHOD__ ); + return; + } + } + + // Stream the file if it exists already + try { + if ( false != ( $thumbName = $img->thumbName( $params ) ) ) { + $thumbPath = $img->getThumbPath( $thumbName ); + + if ( is_file( $thumbPath ) ) { + StreamFile::stream( $thumbPath, $headers ); + wfProfileOut( __METHOD__ ); + return; + } + } + } catch ( MWException $e ) { + wfThumbError( 500, $e->getHTML() ); + wfProfileOut( __METHOD__ ); + return; + } + + try { $thumb = $img->transform( $params, File::RENDER_NOW ); - } else { + } catch( Exception $ex ) { + // Tried to select a page on a non-paged file? $thumb = false; } -} catch( Exception $ex ) { - // Tried to select a page on a non-paged file? - $thumb = false; -} - -$errorMsg = false; -if ( !$img ) { - $errorMsg = wfMsg( 'badtitletext' ); -} elseif ( !$thumb ) { - $errorMsg = wfMsgHtml( 'thumbnail_error', 'File::transform() returned false' ); -} elseif ( $thumb->isError() ) { - $errorMsg = $thumb->getHtmlMsg(); -} elseif ( !$thumb->getPath() ) { - $errorMsg = wfMsgHtml( 'thumbnail_error', 'No path supplied in thumbnail object' ); -} elseif ( $thumb->getPath() == $img->getPath() ) { - $errorMsg = wfMsgHtml( 'thumbnail_error', 'Image was not scaled, ' . - 'is the requested width bigger than the source?' ); -} else { - wfStreamFile( $thumb->getPath() ); -} -if ( $errorMsg !== false ) { - thumbInternalError( $errorMsg ); -} -wfProfileOut( 'thumb.php-render' ); -wfProfileOut( 'thumb.php' ); -wfLogProfilingData(); + $errorMsg = false; + if ( !$thumb ) { + $errorMsg = wfMsgHtml( 'thumbnail_error', 'File::transform() returned false' ); + } elseif ( $thumb->isError() ) { + $errorMsg = $thumb->getHtmlMsg(); + } elseif ( !$thumb->getPath() ) { + $errorMsg = wfMsgHtml( 'thumbnail_error', 'No path supplied in thumbnail object' ); + } elseif ( $thumb->getPath() == $img->getPath() ) { + $errorMsg = wfMsgHtml( 'thumbnail_error', 'Image was not scaled, ' . + 'is the requested width bigger than the source?' ); + } else { + StreamFile::stream( $thumb->getPath(), $headers ); + } + if ( $errorMsg !== false ) { + wfThumbError( 500, $errorMsg ); + } -//-------------------------------------------------------------------------- + wfProfileOut( __METHOD__ ); +} -function thumbInternalError( $msg ) { +function wfThumbError( $status, $msg ) { + global $wgShowHostnames; header( 'Cache-Control: no-cache' ); header( 'Content-Type: text/html; charset=utf-8' ); - header( 'HTTP/1.1 500 Internal server error' ); + if ( $status == 404 ) { + header( 'HTTP/1.1 404 Not found' ); + } elseif ( $status == 403 ) { + header( 'HTTP/1.1 403 Forbidden' ); + header( 'Vary: Cookie' ); + } else { + header( 'HTTP/1.1 500 Internal server error' ); + } + if( $wgShowHostnames ) { + $url = htmlspecialchars( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '' ); + $hostname = htmlspecialchars( wfHostname() ); + $debug = "\n\n"; + } else { + $debug = ""; + } echo <<Error generating thumbnail @@ -105,10 +188,10 @@ function thumbInternalError( $msg ) {

$msg

+$debug EOT; } -