search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add 'expandurl' to prop=extlinks/list=exturlusage
[mediawiki.git] / thumb.php
blob068ec01700d4f1cf4528dca2efe2b293c9d10ec5
1 <?php
2 /**
3 * PHP script to stream out an image thumbnail.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup Media
22 */
23
24 define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
25 if ( isset( $_SERVER['MW_COMPILED'] ) ) {
26 require( 'core/includes/WebStart.php' );
27 } else {
28 require( __DIR__ . '/includes/WebStart.php' );
29 }
30
31 // Don't use fancy mime detection, just check the file extension for jpg/gif/png
32 $wgTrivialMimeDetection = true;
33
34 if ( defined( 'THUMB_HANDLER' ) ) {
35 // Called from thumb_handler.php via 404; extract params from the URI...
36 wfThumbHandle404();
37 } else {
38 // Called directly, use $_REQUEST params
39 wfThumbHandleRequest();
40 }
41 wfLogProfilingData();
42
43 //--------------------------------------------------------------------------
44
45 /**
46 * Handle a thumbnail request via query parameters
47 *
48 * @return void
49 */
50 function wfThumbHandleRequest() {
51 $params = get_magic_quotes_gpc()
52 ? array_map( 'stripslashes', $_REQUEST )
53 : $_REQUEST;
54
55 wfStreamThumb( $params ); // stream the thumbnail
56 }
57
58 /**
59 * Handle a thumbnail request via thumbnail file URL
60 *
61 * @return void
62 */
63 function wfThumbHandle404() {
64 # lighttpd puts the original request in REQUEST_URI, while sjs sets
65 # that to the 404 handler, and puts the original request in REDIRECT_URL.
66 if ( isset( $_SERVER['REDIRECT_URL'] ) ) {
67 # The URL is un-encoded, so put it back how it was
68 $uriPath = str_replace( "%2F", "/", urlencode( $_SERVER['REDIRECT_URL'] ) );
69 } else {
70 $uriPath = $_SERVER['REQUEST_URI'];
71 }
72 # Just get the URI path (REDIRECT_URL/REQUEST_URI is either a full URL or a path)
73 if ( substr( $uriPath, 0, 1 ) !== '/' ) {
74 $bits = wfParseUrl( $uriPath );
75 if ( $bits && isset( $bits['path'] ) ) {
76 $uriPath = $bits['path'];
77 } else {
78 wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' );
79 return;
80 }
81 }
82
83 $params = wfExtractThumbParams( $uriPath ); // basic wiki URL param extracting
84 if ( $params == null ) {
85 wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' );
86 return;
87 }
88
89 wfStreamThumb( $params ); // stream the thumbnail
90 }
91
92 /**
93 * Stream a thumbnail specified by parameters
94 *
95 * @param $params Array
96 * @return void
97 */
98 function wfStreamThumb( array $params ) {
99 global $wgVaryOnXFP;
100 wfProfileIn( __METHOD__ );
101
102 $headers = array(); // HTTP headers to send
103
104 $fileName = isset( $params['f'] ) ? $params['f'] : '';
105 unset( $params['f'] );
106
107 // Backwards compatibility parameters
108 if ( isset( $params['w'] ) ) {
109 $params['width'] = $params['w'];
110 unset( $params['w'] );
111 }
112 if ( isset( $params['p'] ) ) {
113 $params['page'] = $params['p'];
114 }
115 unset( $params['r'] ); // ignore 'r' because we unconditionally pass File::RENDER
116
117 // Is this a thumb of an archived file?
118 $isOld = ( isset( $params['archived'] ) && $params['archived'] );
119 unset( $params['archived'] ); // handlers don't care
120
121 // Is this a thumb of a temp file?
122 $isTemp = ( isset( $params['temp'] ) && $params['temp'] );
123 unset( $params['temp'] ); // handlers don't care
124
125 // Some basic input validation
126 $fileName = strtr( $fileName, '\\/', '__' );
127
128 // Actually fetch the image. Method depends on whether it is archived or not.
129 if ( $isTemp ) {
130 $repo = RepoGroup::singleton()->getLocalRepo()->getTempRepo();
131 $img = new UnregisteredLocalFile( null, $repo,
132 # Temp files are hashed based on the name without the timestamp.
133 # The thumbnails will be hashed based on the entire name however.
134 # @TODO: fix this convention to actually be reasonable.
135 $repo->getZonePath( 'public' ) . '/' . $repo->getTempHashPath( $fileName ) . $fileName
136 );
137 } elseif ( $isOld ) {
138 // Format is <timestamp>!<name>
139 $bits = explode( '!', $fileName, 2 );
140 if ( count( $bits ) != 2 ) {
141 wfThumbError( 404, wfMessage( 'badtitletext' )->text() );
142 wfProfileOut( __METHOD__ );
143 return;
144 }
145 $title = Title::makeTitleSafe( NS_FILE, $bits[1] );
146 if ( !$title ) {
147 wfThumbError( 404, wfMessage( 'badtitletext' )->text() );
148 wfProfileOut( __METHOD__ );
149 return;
150 }
151 $img = RepoGroup::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName );
152 } else {
153 $img = wfLocalFile( $fileName );
154 }
155
156 // Check permissions if there are read restrictions
157 $varyHeader = array();
158 if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) {
159 if ( !$img->getTitle() || !$img->getTitle()->userCan( 'read' ) ) {
160 wfThumbError( 403, 'Access denied. You do not have permission to access ' .
161 'the source file.' );
162 wfProfileOut( __METHOD__ );
163 return;
164 }
165 $headers[] = 'Cache-Control: private';
166 $varyHeader[] = 'Cookie';
167 }
168
169 // Check the source file storage path
170 if ( !$img ) {
171 wfThumbError( 404, wfMessage( 'badtitletext' )->text() );
172 wfProfileOut( __METHOD__ );
173 return;
174 }
175 if ( !$img->exists() ) {
176 wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' );
177 wfProfileOut( __METHOD__ );
178 return;
179 }
180 $sourcePath = $img->getPath();
181 if ( $sourcePath === false ) {
182 wfThumbError( 500, 'The source file is not locally accessible.' );
183 wfProfileOut( __METHOD__ );
184 return;
185 }
186
187 // Check IMS against the source file
188 // This means that clients can keep a cached copy even after it has been deleted on the server
189 if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
190 // Fix IE brokenness
191 $imsString = preg_replace( '/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"] );
192 // Calculate time
193 wfSuppressWarnings();
194 $imsUnix = strtotime( $imsString );
195 wfRestoreWarnings();
196 $sourceTsUnix = wfTimestamp( TS_UNIX, $img->getTimestamp() );
197 if ( $sourceTsUnix <= $imsUnix ) {
198 header( 'HTTP/1.1 304 Not Modified' );
199 wfProfileOut( __METHOD__ );
200 return;
201 }
202 }
203
204 $thumbName = $img->thumbName( $params );
205 if ( !strlen( $thumbName ) ) { // invalid params?
206 wfThumbError( 400, 'The specified thumbnail parameters are not valid.' );
207 wfProfileOut( __METHOD__ );
208 return;
209 }
210
211 $disposition = $img->getThumbDisposition( $thumbName );
212 $headers[] = "Content-Disposition: $disposition";
213
214 // Stream the file if it exists already...
215 try {
216 $thumbName2 = $img->thumbName( $params, File::THUMB_FULL_NAME ); // b/c; "long" style
217 // For 404 handled thumbnails, we only use the the base name of the URI
218 // for the thumb params and the parent directory for the source file name.
219 // Check that the zone relative path matches up so squid caches won't pick
220 // up thumbs that would not be purged on source file deletion (bug 34231).
221 if ( isset( $params['rel404'] ) ) { // thumbnail was handled via 404
222 if ( urldecode( $params['rel404'] ) === $img->getThumbRel( $thumbName ) ) {
223 // Request for the canonical thumbnail name
224 } elseif ( urldecode( $params['rel404'] ) === $img->getThumbRel( $thumbName2 ) ) {
225 // Request for the "long" thumbnail name; redirect to canonical name
226 $response = RequestContext::getMain()->getRequest()->response();
227 $response->header( "HTTP/1.1 301 " . HttpStatus::getMessage( 301 ) );
228 $response->header( 'Location: ' . wfExpandUrl( $img->getThumbUrl( $thumbName ), PROTO_CURRENT ) );
229 $response->header( 'Expires: ' .
230 gmdate( 'D, d M Y H:i:s', time() + 7*86400 ) . ' GMT' );
231 if ( $wgVaryOnXFP ) {
232 $varyHeader[] = 'X-Forwarded-Proto';
233 }
234 if ( count( $varyHeader ) ) {
235 $response->header( 'Vary: ' . implode( ', ', $varyHeader ) );
236 }
237 wfProfileOut( __METHOD__ );
238 return;
239 } else {
240 wfThumbError( 404, 'The given path of the specified thumbnail is incorrect.' );
241 wfProfileOut( __METHOD__ );
242 return;
243 }
244 }
245 $thumbPath = $img->getThumbPath( $thumbName );
246 if ( $img->getRepo()->fileExists( $thumbPath ) ) {
247 if ( count( $varyHeader ) ) {
248 $headers[] = 'Vary: ' . implode( ', ', $varyHeader );
249 }
250 $img->getRepo()->streamFile( $thumbPath, $headers );
251 wfProfileOut( __METHOD__ );
252 return;
253 }
254 } catch ( MWException $e ) {
255 wfThumbError( 500, $e->getHTML() );
256 wfProfileOut( __METHOD__ );
257 return;
258 }
259
260 if ( count( $varyHeader ) ) {
261 $headers[] = 'Vary: ' . implode( ', ', $varyHeader );
262 }
263
264 // Thumbnail isn't already there, so create the new thumbnail...
265 try {
266 $thumb = $img->transform( $params, File::RENDER_NOW );
267 } catch ( Exception $ex ) {
268 // Tried to select a page on a non-paged file?
269 $thumb = false;
270 }
271
272 // Check for thumbnail generation errors...
273 $errorMsg = false;
274 $msg = wfMessage( 'thumbnail_error' );
275 if ( !$thumb ) {
276 $errorMsg = $msg->rawParams( 'File::transform() returned false' )->escaped();
277 } elseif ( $thumb->isError() ) {
278 $errorMsg = $thumb->getHtmlMsg();
279 } elseif ( !$thumb->hasFile() ) {
280 $errorMsg = $msg->rawParams( 'No path supplied in thumbnail object' )->escaped();
281 } elseif ( $thumb->fileIsSource() ) {
282 $errorMsg = $msg->
283 rawParams( 'Image was not scaled, is the requested width bigger than the source?' )->escaped();
284 }
285
286 if ( $errorMsg !== false ) {
287 wfThumbError( 500, $errorMsg );
288 } else {
289 // Stream the file if there were no errors
290 $thumb->streamFile( $headers );
291 }
292
293 wfProfileOut( __METHOD__ );
294 }
295
296 /**
297 * Extract the required params for thumb.php from the thumbnail request URI.
298 * At least 'width' and 'f' should be set if the result is an array.
299 *
300 * @param $uriPath String Thumbnail request URI path
301 * @return Array|null associative params array or null
302 */
303 function wfExtractThumbParams( $uriPath ) {
304 $repo = RepoGroup::singleton()->getLocalRepo();
305
306 // Zone URL might be relative ("/images") or protocol-relative ("//lang.site/image")
307 $zoneUriPath = $repo->getZoneHandlerUrl( 'thumb' )
308 ? $repo->getZoneHandlerUrl( 'thumb' ) // custom URL
309 : $repo->getZoneUrl( 'thumb' ); // default to main URL
310 $bits = wfParseUrl( wfExpandUrl( $zoneUriPath, PROTO_INTERNAL ) );
311 if ( $bits && isset( $bits['path'] ) ) {
312 $zoneUriPath = $bits['path'];
313 } else {
314 return null; // not a valid thumbnail URL
315 }
316
317 $hashDirReg = $subdirReg = '';
318 for ( $i = 0; $i < $repo->getHashLevels(); $i++ ) {
319 $subdirReg .= '[0-9a-f]';
320 $hashDirReg .= "$subdirReg/";
321 }
322 $zoneReg = preg_quote( $zoneUriPath ); // regex for thumb zone URI
323
324 // Check if this is a thumbnail of an original in the local file repo
325 if ( preg_match( "!^$zoneReg/((archive/)?$hashDirReg([^/]*)/([^/]*))$!", $uriPath, $m ) ) {
326 list( /*all*/, $rel, $archOrTemp, $filename, $thumbname ) = $m;
327 // Check if this is a thumbnail of an temp file in the local file repo
328 } elseif ( preg_match( "!^$zoneReg/(temp/)($hashDirReg([^/]*)/([^/]*))$!", $uriPath, $m ) ) {
329 list( /*all*/, $archOrTemp, $rel, $filename, $thumbname ) = $m;
330 } else {
331 return null; // not a valid looking thumbnail request
332 }
333
334 $filename = urldecode( $filename );
335 $thumbname = urldecode( $thumbname );
336
337 $params = array( 'f' => $filename, 'rel404' => $rel );
338 if ( $archOrTemp === 'archive/' ) {
339 $params['archived'] = 1;
340 } elseif ( $archOrTemp === 'temp/' ) {
341 $params['temp'] = 1;
342 }
343
344 // Check if the parameters can be extracted from the thumbnail name...
345 if ( preg_match( '!^(page(\d*)-)*(\d*)px-[^/]*$!', $thumbname, $matches ) ) {
346 list( /* all */, $pagefull, $pagenum, $size ) = $matches;
347 $params['width'] = $size;
348 if ( $pagenum ) {
349 $params['page'] = $pagenum;
350 }
351 return $params; // valid thumbnail URL
352 // Hooks return false if they manage to *resolve* the parameters
353 } elseif ( !wfRunHooks( 'ExtractThumbParameters', array( $thumbname, &$params ) ) ) {
354 return $params; // valid thumbnail URL (via extension or config)
355 }
356
357 return null; // not a valid thumbnail URL
358 }
359
360 /**
361 * Output a thumbnail generation error message
362 *
363 * @param $status integer
364 * @param $msg string
365 * @return void
366 */
367 function wfThumbError( $status, $msg ) {
368 global $wgShowHostnames;
369
370 header( 'Cache-Control: no-cache' );
371 header( 'Content-Type: text/html; charset=utf-8' );
372 if ( $status == 404 ) {
373 header( 'HTTP/1.1 404 Not found' );
374 } elseif ( $status == 403 ) {
375 header( 'HTTP/1.1 403 Forbidden' );
376 header( 'Vary: Cookie' );
377 } else {
378 header( 'HTTP/1.1 500 Internal server error' );
379 }
380 if ( $wgShowHostnames ) {
381 $url = htmlspecialchars( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '' );
382 $hostname = htmlspecialchars( wfHostname() );
383 $debug = "<!-- $url -->\n<!-- $hostname -->\n";
384 } else {
385 $debug = "";
386 }
387 echo <<<EOT
388 <html><head><title>Error generating thumbnail</title></head>
389 <body>
390 <h1>Error generating thumbnail</h1>
391 <p>
392 $msg
393 </p>
394 $debug
395 </body>
396 </html>
397
398 EOT;
399 }
MediaWiki Core