4 * PHP script to stream out an image thumbnail.
9 define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
10 if ( isset( $_SERVER['MW_COMPILED'] ) ) {
11 require ( 'phase3/includes/WebStart.php' );
13 require ( dirname( __FILE__
) . '/includes/WebStart.php' );
16 $wgTrivialMimeDetection = true; //don't use fancy mime detection, just check the file extension for jpg/gif/png.
18 require_once( "$IP/includes/StreamFile.php" );
23 //--------------------------------------------------------------------------
25 function wfThumbMain() {
26 wfProfileIn( __METHOD__
);
30 // Get input parameters
31 if ( get_magic_quotes_gpc() ) {
32 $params = array_map( 'stripslashes', $_REQUEST );
37 $fileName = isset( $params['f'] ) ?
$params['f'] : '';
38 unset( $params['f'] );
40 // Backwards compatibility parameters
41 if ( isset( $params['w'] ) ) {
42 $params['width'] = $params['w'];
43 unset( $params['w'] );
45 if ( isset( $params['p'] ) ) {
46 $params['page'] = $params['p'];
48 unset( $params['r'] ); // ignore 'r' because we unconditionally pass File::RENDER
50 // Is this a thumb of an archived file?
51 $isOld = (isset( $params['archived'] ) && $params['archived']);
52 unset( $params['archived'] );
54 // Some basic input validation
55 $fileName = strtr( $fileName, '\\/', '__' );
57 // Actually fetch the image. Method depends on whether it is archived or not.
59 // Format is <timestamp>!<name>
60 $bits = explode( '!', $fileName, 2 );
61 if( !isset($bits[1]) ) {
62 wfThumbError( 404, wfMsg( 'badtitletext' ) );
63 wfProfileOut( __METHOD__
);
66 $title = Title
::makeTitleSafe( NS_FILE
, $bits[1] );
67 if( is_null($title) ) {
68 wfThumbError( 404, wfMsg( 'badtitletext' ) );
69 wfProfileOut( __METHOD__
);
72 $img = RepoGroup
::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName );
74 $img = wfLocalFile( $fileName );
77 // Check permissions if there are read restrictions
78 if ( !in_array( 'read', User
::getGroupPermissions( array( '*' ) ), true ) ) {
79 if ( !$img->getTitle()->userCanRead() ) {
80 wfThumbError( 403, 'Access denied. You do not have permission to access ' .
82 wfProfileOut( __METHOD__
);
85 $headers[] = 'Cache-Control: private';
86 $headers[] = 'Vary: Cookie';
90 wfThumbError( 404, wfMsg( 'badtitletext' ) );
91 wfProfileOut( __METHOD__
);
94 if ( !$img->exists() ) {
95 wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' );
96 wfProfileOut( __METHOD__
);
99 $sourcePath = $img->getPath();
100 if ( $sourcePath === false ) {
101 wfThumbError( 500, 'The source file is not locally accessible.' );
102 wfProfileOut( __METHOD__
);
106 // Check IMS against the source file
107 // This means that clients can keep a cached copy even after it has been deleted on the server
108 if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
110 $imsString = preg_replace( '/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"] );
112 wfSuppressWarnings();
113 $imsUnix = strtotime( $imsString );
114 $stat = stat( $sourcePath );
116 if ( $stat['mtime'] <= $imsUnix ) {
117 header( 'HTTP/1.1 304 Not Modified' );
118 wfProfileOut( __METHOD__
);
123 // Stream the file if it exists already
125 if ( false != ( $thumbName = $img->thumbName( $params ) ) ) {
126 $thumbPath = $img->getThumbPath( $thumbName );
128 if ( is_file( $thumbPath ) ) {
129 wfStreamFile( $thumbPath, $headers );
130 wfProfileOut( __METHOD__
);
134 } catch ( MWException
$e ) {
135 wfThumbError( 500, $e->getHTML() );
136 wfProfileOut( __METHOD__
);
141 $thumb = $img->transform( $params, File
::RENDER_NOW
);
142 } catch( Exception
$ex ) {
143 // Tried to select a page on a non-paged file?
149 $errorMsg = wfMsgHtml( 'thumbnail_error', 'File::transform() returned false' );
150 } elseif ( $thumb->isError() ) {
151 $errorMsg = $thumb->getHtmlMsg();
152 } elseif ( !$thumb->getPath() ) {
153 $errorMsg = wfMsgHtml( 'thumbnail_error', 'No path supplied in thumbnail object' );
154 } elseif ( $thumb->getPath() == $img->getPath() ) {
155 $errorMsg = wfMsgHtml( 'thumbnail_error', 'Image was not scaled, ' .
156 'is the requested width bigger than the source?' );
158 wfStreamFile( $thumb->getPath(), $headers );
160 if ( $errorMsg !== false ) {
161 wfThumbError( 500, $errorMsg );
164 wfProfileOut( __METHOD__
);
167 function wfThumbError( $status, $msg ) {
168 global $wgShowHostnames;
169 header( 'Cache-Control: no-cache' );
170 header( 'Content-Type: text/html; charset=utf-8' );
171 if ( $status == 404 ) {
172 header( 'HTTP/1.1 404 Not found' );
173 } elseif ( $status == 403 ) {
174 header( 'HTTP/1.1 403 Forbidden' );
175 header( 'Vary: Cookie' );
177 header( 'HTTP/1.1 500 Internal server error' );
179 if( $wgShowHostnames ) {
180 $url = htmlspecialchars( isset( $_SERVER['REQUEST_URI'] ) ?
$_SERVER['REQUEST_URI'] : '' );
181 $hostname = htmlspecialchars( wfHostname() );
182 $debug = "<!-- $url -->\n<!-- $hostname -->\n";
187 <html><head><title>Error generating thumbnail</title></head>
189 <h1>Error generating thumbnail</h1>