X-Git-Url: https://git.cyclocoop.org/%27.WWW_URL.%27admin/?a=blobdiff_plain;f=thumb.php;h=51f7ec60d6e5b102e5821a71bc83b14a4f04c633;hb=631847513cb6b370bdf3ecca42f271a8ac9ec5db;hp=4ca24ed77f45b9422fab06f8fd15dfcf526673f4;hpb=0f6da81bcb24bd8605c56fcae9f9ea8b8bef22e5;p=lhc%2Fweb%2Fwiklou.git diff --git a/thumb.php b/thumb.php index 4ca24ed77f..51f7ec60d6 100644 --- a/thumb.php +++ b/thumb.php @@ -2,89 +2,291 @@ /** * PHP script to stream out an image thumbnail. - * If the file exists, we make do with abridged MediaWiki initialisation. + * + * @file + * @ingroup Media */ -define( 'MW_NO_SETUP', 1 ); define( 'MW_NO_OUTPUT_COMPRESSION', 1 ); -require_once( './includes/WebStart.php' ); -wfProfileIn( 'thumb.php' ); -wfProfileIn( 'thumb.php-start' ); -require_once( "$IP/includes/GlobalFunctions.php" ); -require_once( "$IP/includes/ImageFunctions.php" ); - -$wgTrivialMimeDetection = true; //don't use fancy mime detection, just check the file extension for jpg/gif/png. +if ( isset( $_SERVER['MW_COMPILED'] ) ) { + require( 'phase3/includes/WebStart.php' ); +} else { + require( dirname( __FILE__ ) . '/includes/WebStart.php' ); +} -require_once( "$IP/includes/StreamFile.php" ); -require_once( "$IP/includes/AutoLoader.php" ); +// Don't use fancy mime detection, just check the file extension for jpg/gif/png +$wgTrivialMimeDetection = true; -// Get input parameters -if ( get_magic_quotes_gpc() ) { - $params = array_map( 'stripslashes', $_REQUEST ); +if ( defined( 'THUMB_HANDLER' ) ) { + // Called from thumb_handler.php via 404; extract params from the URI... + wfThumbHandle404(); } else { - $params = $_REQUEST; + // Called directly, use $_REQUEST params + wfThumbHandleRequest(); } +wfLogProfilingData(); -$fileName = isset( $params['f'] ) ? $params['f'] : ''; -unset( $params['f'] ); +//-------------------------------------------------------------------------- -// Backwards compatibility parameters -if ( isset( $params['w'] ) ) { - $params['width'] = $params['w']; - unset( $params['w'] ); +/** + * Handle a thumbnail request via query parameters + * + * @return void + */ +function wfThumbHandleRequest() { + $params = get_magic_quotes_gpc() + ? array_map( 'stripslashes', $_REQUEST ) + : $_REQUEST; + + wfStreamThumb( $params ); // stream the thumbnail } -if ( isset( $params['p'] ) ) { - $params['page'] = $params['p']; + +/** + * Handle a thumbnail request via thumbnail file URL + * + * @return void + */ +function wfThumbHandle404() { + # lighttpd puts the original request in REQUEST_URI, while + # sjs sets that to the 404 handler, and puts the original + # request in REDIRECT_URL. + if ( isset( $_SERVER['REDIRECT_URL'] ) ) { + # The URL is un-encoded, so put it back how it was. + $uri = str_replace( "%2F", "/", urlencode( $_SERVER['REDIRECT_URL'] ) ); + } else { + $uri = $_SERVER['REQUEST_URI']; + } + + $params = wfExtractThumbParams( $uri ); // basic wiki URL param extracting + if ( $params == null ) { + wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' ); + return; + } + + wfStreamThumb( $params ); // stream the thumbnail } -unset( $params['r'] ); -// Some basic input validation -$fileName = strtr( $fileName, '\\/', '__' ); +/** + * Stream a thumbnail specified by parameters + * + * @param $params Array + * @return void + */ +function wfStreamThumb( array $params ) { + wfProfileIn( __METHOD__ ); + + $headers = array(); // HTTP headers to send -// Work out paths, carefully avoiding constructing an Image object because that won't work yet -$handler = thumbGetHandler( $fileName ); -if ( $handler ) { - $imagePath = wfImageDir( $fileName ) . '/' . $fileName; - $thumbName = $handler->makeParamString( $params ) . "-$fileName"; - $thumbPath = wfImageThumbDir( $fileName ) . '/' . $thumbName; + $fileName = isset( $params['f'] ) ? $params['f'] : ''; + unset( $params['f'] ); - if ( is_file( $thumbPath ) && filemtime( $thumbPath ) >= filemtime( $imagePath ) ) { - wfStreamFile( $thumbPath ); - // Can't log profiling data with no Setup.php - exit; + // Backwards compatibility parameters + if ( isset( $params['w'] ) ) { + $params['width'] = $params['w']; + unset( $params['w'] ); } -} + if ( isset( $params['p'] ) ) { + $params['page'] = $params['p']; + } + unset( $params['r'] ); // ignore 'r' because we unconditionally pass File::RENDER -// OK, no valid thumbnail, time to get out the heavy machinery -wfProfileOut( 'thumb.php-start' ); -require_once( './includes/Setup.php' ); -wfProfileIn( 'thumb.php-render' ); + // Is this a thumb of an archived file? + $isOld = ( isset( $params['archived'] ) && $params['archived'] ); + unset( $params['archived'] ); -$img = Image::newFromName( $fileName ); -try { - if ( $img ) { - $thumb = $img->transform( $params, Image::RENDER_NOW ); + // Some basic input validation + $fileName = strtr( $fileName, '\\/', '__' ); + + // Actually fetch the image. Method depends on whether it is archived or not. + if ( $isOld ) { + // Format is ! + $bits = explode( '!', $fileName, 2 ); + if ( count( $bits ) != 2 ) { + wfThumbError( 404, wfMsg( 'badtitletext' ) ); + wfProfileOut( __METHOD__ ); + return; + } + $title = Title::makeTitleSafe( NS_FILE, $bits[1] ); + if ( !$title ) { + wfThumbError( 404, wfMsg( 'badtitletext' ) ); + wfProfileOut( __METHOD__ ); + return; + } + $img = RepoGroup::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName ); } else { + $img = wfLocalFile( $fileName ); + } + + // Check permissions if there are read restrictions + if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) { + if ( !$img->getTitle()->userCan( 'read' ) ) { + wfThumbError( 403, 'Access denied. You do not have permission to access ' . + 'the source file.' ); + wfProfileOut( __METHOD__ ); + return; + } + $headers[] = 'Cache-Control: private'; + $headers[] = 'Vary: Cookie'; + } + + // Check the source file storage path + if ( !$img ) { + wfThumbError( 404, wfMsg( 'badtitletext' ) ); + wfProfileOut( __METHOD__ ); + return; + } + if ( !$img->exists() ) { + wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' ); + wfProfileOut( __METHOD__ ); + return; + } + $sourcePath = $img->getPath(); + if ( $sourcePath === false ) { + wfThumbError( 500, 'The source file is not locally accessible.' ); + wfProfileOut( __METHOD__ ); + return; + } + + // Check IMS against the source file + // This means that clients can keep a cached copy even after it has been deleted on the server + if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) { + // Fix IE brokenness + $imsString = preg_replace( '/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"] ); + // Calculate time + wfSuppressWarnings(); + $imsUnix = strtotime( $imsString ); + wfRestoreWarnings(); + $sourceTsUnix = wfTimestamp( TS_UNIX, $img->getTimestamp() ); + if ( $sourceTsUnix <= $imsUnix ) { + header( 'HTTP/1.1 304 Not Modified' ); + wfProfileOut( __METHOD__ ); + return; + } + } + + // Stream the file if it exists already... + try { + $thumbName = $img->thumbName( $params ); + if ( strlen( $thumbName ) ) { // valid params? + $thumbPath = $img->getThumbPath( $thumbName ); + if ( $img->getRepo()->fileExists( $thumbPath ) ) { + $img->getRepo()->streamFile( $thumbPath, $headers ); + wfProfileOut( __METHOD__ ); + return; + } + } + } catch ( MWException $e ) { + wfThumbError( 500, $e->getHTML() ); + wfProfileOut( __METHOD__ ); + return; + } + + // Thumbnail isn't already there, so create the new thumbnail... + try { + $thumb = $img->transform( $params, File::RENDER_NOW ); + } catch ( Exception $ex ) { + // Tried to select a page on a non-paged file? $thumb = false; } -} catch( Exception $ex ) { - // Tried to select a page on a non-paged file? - $thumb = false; + + // Check for thumbnail generation errors... + $errorMsg = false; + if ( !$thumb ) { + $errorMsg = wfMsgHtml( 'thumbnail_error', 'File::transform() returned false' ); + } elseif ( $thumb->isError() ) { + $errorMsg = $thumb->getHtmlMsg(); + } elseif ( !$thumb->hasFile() ) { + $errorMsg = wfMsgHtml( 'thumbnail_error', 'No path supplied in thumbnail object' ); + } elseif ( $thumb->fileIsSource() ) { + $errorMsg = wfMsgHtml( 'thumbnail_error', + 'Image was not scaled, is the requested width bigger than the source?' ); + } + + if ( $errorMsg !== false ) { + wfThumbError( 500, $errorMsg ); + } else { + // Stream the file if there were no errors + $thumb->streamFile( $headers ); + } + + wfProfileOut( __METHOD__ ); +} + +/** + * Extract the required params for thumb.php from the thumbnail request URI. + * At least 'width' and 'f' should be set if the result is an array. + * + * @param $uri String Thumbnail request URI + * @return Array|null associative params array or null + */ +function wfExtractThumbParams( $uri ) { + $repo = RepoGroup::singleton()->getLocalRepo(); + + $hashDirRegex = $subdirRegex = ''; + for ( $i = 0; $i < $repo->getHashLevels(); $i++ ) { + $subdirRegex .= '[0-9a-f]'; + $hashDirRegex .= "$subdirRegex/"; + } + $zoneUrlRegex = preg_quote( $repo->getZoneUrl( 'thumb' ) ); + + $thumbUrlRegex = "!^$zoneUrlRegex(/archive|/temp|)/$hashDirRegex([^/]*)/([^/]*)$!"; + + // Check if this is a valid looking thumbnail request... + if ( preg_match( $thumbUrlRegex, $uri, $matches ) ) { + list( /* all */, $archOrTemp, $filename, $thumbname ) = $matches; + $filename = urldecode( $filename ); + $thumbname = urldecode( $thumbname ); + + $params = array( 'f' => $filename ); + if ( $archOrTemp == '/archive' ) { + $params['archived'] = 1; + } elseif ( $archOrTemp == '/temp' ) { + $params['temp'] = 1; + } + + // Check if the parameters can be extracted from the thumbnail name... + // @TODO: remove 'page' stuff and make ProofreadPage handle it via hook. + if ( preg_match( '!^(page(\d*)-)*(\d*)px-[^/]*$!', $thumbname, $matches ) ) { + list( /* all */, $pagefull, $pagenum, $size ) = $matches; + $params['width'] = $size; + if ( $pagenum ) { + $params['page'] = $pagenum; + } + return $params; // valid thumbnail URL + // Hooks return false if they manage to *resolve* the parameters + } elseif ( !wfRunHooks( 'ExtractThumbParameters', array( $thumbname, &$params ) ) ) { + return $params; // valid thumbnail URL (via extension or config) + } + } + + return null; // not a valid thumbnail URL } -if ( $thumb && $thumb->getPath() && file_exists( $thumb->getPath() ) ) { - wfStreamFile( $thumb->getPath() ); -} elseif ( $img ) { +/** + * Output a thumbnail generation error message + * + * @param $status integer + * @param $msg string + * @return void + */ +function wfThumbError( $status, $msg ) { + global $wgShowHostnames; + header( 'Cache-Control: no-cache' ); header( 'Content-Type: text/html; charset=utf-8' ); - header( 'HTTP/1.1 500 Internal server error' ); - if ( !$thumb ) { - $msg = wfMsgHtml( 'thumbnail_error', 'Image::transform() returned false' ); - } elseif ( $thumb->isError() ) { - $msg = $thumb->getHtmlMsg(); - } elseif ( !$thumb->getPath() ) { - $msg = wfMsgHtml( 'thumbnail_error', 'No path supplied in thumbnail object' ); + if ( $status == 404 ) { + header( 'HTTP/1.1 404 Not found' ); + } elseif ( $status == 403 ) { + header( 'HTTP/1.1 403 Forbidden' ); + header( 'Vary: Cookie' ); } else { - $msg = wfMsgHtml( 'thumbnail_error', 'Output file missing' ); + header( 'HTTP/1.1 500 Internal server error' ); + } + if ( $wgShowHostnames ) { + $url = htmlspecialchars( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '' ); + $hostname = htmlspecialchars( wfHostname() ); + $debug = "\n\n"; + } else { + $debug = ""; } echo <<Error generating thumbnail @@ -93,40 +295,9 @@ if ( $thumb && $thumb->getPath() && file_exists( $thumb->getPath() ) ) {

$msg

+$debug EOT; -} else { - $badtitle = wfMsg( 'badtitle' ); - $badtitletext = wfMsg( 'badtitletext' ); - header( 'Cache-Control: no-cache' ); - header( 'Content-Type: text/html; charset=utf-8' ); - header( 'HTTP/1.1 500 Internal server error' ); - echo " - $badtitle - -

$badtitle

-

$badtitletext

- -"; } - -wfProfileOut( 'thumb.php-render' ); -wfProfileOut( 'thumb.php' ); -wfLogProfilingData(); - -//-------------------------------------------------------------------------- - -function thumbGetHandler( $fileName ) { - // Determine type - $magic = MimeMagic::singleton(); - $extPos = strrpos( $fileName, '.' ); - if ( $extPos === false ) { - return false; - } - $mime = $magic->guessTypesForExtension( substr( $fileName, $extPos + 1 ) ); - return MediaHandler::getHandler( $mime ); -} - -?>