+ $title = Title::makeTitleSafe( NS_FILE, $bits[1] );
+ if ( is_null( $title ) ) {
+ wfThumbError( 404, wfMsg( 'badtitletext' ) );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+ $img = RepoGroup::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName );
+ } else {
+ $img = wfLocalFile( $fileName );
+ }
+
+ // Check permissions if there are read restrictions
+ if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) {
+ if ( !$img->getTitle()->userCanRead() ) {
+ wfThumbError( 403, 'Access denied. You do not have permission to access ' .
+ 'the source file.' );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+ $headers[] = 'Cache-Control: private';
+ $headers[] = 'Vary: Cookie';
+ }
+
+ if ( !$img ) {
+ wfThumbError( 404, wfMsg( 'badtitletext' ) );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+ if ( !$img->exists() ) {
+ wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' );
+ wfProfileOut( __METHOD__ );
+ return;
+ }
+ $sourcePath = $img->getPath();
+ if ( $sourcePath === false ) {
+ wfThumbError( 500, 'The source file is not locally accessible.' );
+ wfProfileOut( __METHOD__ );
+ return;