search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Set window.wgMonthNamesShort before we start the tests, to be able to pass added...
[mediawiki.git] / thumb.php
blob1fe564d8fa8f2f46d5915db5e7a5e491186b5936
1 <?php
2
3 /**
4 * PHP script to stream out an image thumbnail.
5 *
6 * @file
7 * @ingroup Media
8 */
9 define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
10 if ( isset( $_SERVER['MW_COMPILED'] ) ) {
11 require ( 'phase3/includes/WebStart.php' );
12 } else {
13 require ( dirname( __FILE__ ) . '/includes/WebStart.php' );
14 }
15
16 $wgTrivialMimeDetection = true; //don't use fancy mime detection, just check the file extension for jpg/gif/png.
17
18 require_once( "$IP/includes/StreamFile.php" );
19
20 wfThumbMain();
21 wfLogProfilingData();
22
23 //--------------------------------------------------------------------------
24
25 function wfThumbMain() {
26 wfProfileIn( __METHOD__ );
27
28 $headers = array();
29
30 // Get input parameters
31 if ( get_magic_quotes_gpc() ) {
32 $params = array_map( 'stripslashes', $_REQUEST );
33 } else {
34 $params = $_REQUEST;
35 }
36
37 $fileName = isset( $params['f'] ) ? $params['f'] : '';
38 unset( $params['f'] );
39
40 // Backwards compatibility parameters
41 if ( isset( $params['w'] ) ) {
42 $params['width'] = $params['w'];
43 unset( $params['w'] );
44 }
45 if ( isset( $params['p'] ) ) {
46 $params['page'] = $params['p'];
47 }
48 unset( $params['r'] ); // ignore 'r' because we unconditionally pass File::RENDER
49
50 // Is this a thumb of an archived file?
51 $isOld = (isset( $params['archived'] ) && $params['archived']);
52 unset( $params['archived'] );
53
54 // Some basic input validation
55 $fileName = strtr( $fileName, '\\/', '__' );
56
57 // Actually fetch the image. Method depends on whether it is archived or not.
58 if( $isOld ) {
59 // Format is <timestamp>!<name>
60 $bits = explode( '!', $fileName, 2 );
61 if( !isset($bits[1]) ) {
62 wfThumbError( 404, wfMsg( 'badtitletext' ) );
63 wfProfileOut( __METHOD__ );
64 return;
65 }
66 $title = Title::makeTitleSafe( NS_FILE, $bits[1] );
67 if( is_null($title) ) {
68 wfThumbError( 404, wfMsg( 'badtitletext' ) );
69 wfProfileOut( __METHOD__ );
70 return;
71 }
72 $img = RepoGroup::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName );
73 } else {
74 $img = wfLocalFile( $fileName );
75 }
76
77 // Check permissions if there are read restrictions
78 if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) {
79 if ( !$img->getTitle()->userCanRead() ) {
80 wfThumbError( 403, 'Access denied. You do not have permission to access ' .
81 'the source file.' );
82 wfProfileOut( __METHOD__ );
83 return;
84 }
85 $headers[] = 'Cache-Control: private';
86 $headers[] = 'Vary: Cookie';
87 }
88
89 if ( !$img ) {
90 wfThumbError( 404, wfMsg( 'badtitletext' ) );
91 wfProfileOut( __METHOD__ );
92 return;
93 }
94 if ( !$img->exists() ) {
95 wfThumbError( 404, 'The source file for the specified thumbnail does not exist.' );
96 wfProfileOut( __METHOD__ );
97 return;
98 }
99 $sourcePath = $img->getPath();
100 if ( $sourcePath === false ) {
101 wfThumbError( 500, 'The source file is not locally accessible.' );
102 wfProfileOut( __METHOD__ );
103 return;
104 }
105
106 // Check IMS against the source file
107 // This means that clients can keep a cached copy even after it has been deleted on the server
108 if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
109 // Fix IE brokenness
110 $imsString = preg_replace( '/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"] );
111 // Calculate time
112 wfSuppressWarnings();
113 $imsUnix = strtotime( $imsString );
114 $stat = stat( $sourcePath );
115 wfRestoreWarnings();
116 if ( $stat['mtime'] <= $imsUnix ) {
117 header( 'HTTP/1.1 304 Not Modified' );
118 wfProfileOut( __METHOD__ );
119 return;
120 }
121 }
122
123 // Stream the file if it exists already
124 try {
125 if ( false != ( $thumbName = $img->thumbName( $params ) ) ) {
126 $thumbPath = $img->getThumbPath( $thumbName );
127
128 if ( is_file( $thumbPath ) ) {
129 wfStreamFile( $thumbPath, $headers );
130 wfProfileOut( __METHOD__ );
131 return;
132 }
133 }
134 } catch ( MWException $e ) {
135 wfThumbError( 500, $e->getHTML() );
136 wfProfileOut( __METHOD__ );
137 return;
138 }
139
140 try {
141 $thumb = $img->transform( $params, File::RENDER_NOW );
142 } catch( Exception $ex ) {
143 // Tried to select a page on a non-paged file?
144 $thumb = false;
145 }
146
147 $errorMsg = false;
148 if ( !$thumb ) {
149 $errorMsg = wfMsgHtml( 'thumbnail_error', 'File::transform() returned false' );
150 } elseif ( $thumb->isError() ) {
151 $errorMsg = $thumb->getHtmlMsg();
152 } elseif ( !$thumb->getPath() ) {
153 $errorMsg = wfMsgHtml( 'thumbnail_error', 'No path supplied in thumbnail object' );
154 } elseif ( $thumb->getPath() == $img->getPath() ) {
155 $errorMsg = wfMsgHtml( 'thumbnail_error', 'Image was not scaled, ' .
156 'is the requested width bigger than the source?' );
157 } else {
158 wfStreamFile( $thumb->getPath(), $headers );
159 }
160 if ( $errorMsg !== false ) {
161 wfThumbError( 500, $errorMsg );
162 }
163
164 wfProfileOut( __METHOD__ );
165 }
166
167 function wfThumbError( $status, $msg ) {
168 global $wgShowHostnames;
169 header( 'Cache-Control: no-cache' );
170 header( 'Content-Type: text/html; charset=utf-8' );
171 if ( $status == 404 ) {
172 header( 'HTTP/1.1 404 Not found' );
173 } elseif ( $status == 403 ) {
174 header( 'HTTP/1.1 403 Forbidden' );
175 header( 'Vary: Cookie' );
176 } else {
177 header( 'HTTP/1.1 500 Internal server error' );
178 }
179 if( $wgShowHostnames ) {
180 $url = htmlspecialchars( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '' );
181 $hostname = htmlspecialchars( wfHostname() );
182 $debug = "<!-- $url -->\n<!-- $hostname -->\n";
183 } else {
184 $debug = "";
185 }
186 echo <<<EOT
187 <html><head><title>Error generating thumbnail</title></head>
188 <body>
189 <h1>Error generating thumbnail</h1>
190 <p>
191 $msg
192 </p>
193 $debug
194 </body>
195 </html>
196
197 EOT;
198 }
199
MediaWiki Core