MediaWiki  REL1_22
thumb.php
Go to the documentation of this file.
00001 <?php
00024 define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
00025 require __DIR__ . '/includes/WebStart.php';
00026 
00027 // Don't use fancy mime detection, just check the file extension for jpg/gif/png
00028 $wgTrivialMimeDetection = true;
00029 
00030 if ( defined( 'THUMB_HANDLER' ) ) {
00031     // Called from thumb_handler.php via 404; extract params from the URI...
00032     wfThumbHandle404();
00033 } else {
00034     // Called directly, use $_GET params
00035     wfThumbHandleRequest();
00036 }
00037 
00038 wfLogProfilingData();
00039 
00040 //--------------------------------------------------------------------------
00041 
00047 function wfThumbHandleRequest() {
00048     $params = get_magic_quotes_gpc()
00049         ? array_map( 'stripslashes', $_GET )
00050         : $_GET;
00051 
00052     wfStreamThumb( $params ); // stream the thumbnail
00053 }
00054 
00060 function wfThumbHandle404() {
00061     global $wgArticlePath;
00062 
00063     # Set action base paths so that WebRequest::getPathInfo()
00064     # recognizes the "X" as the 'title' in ../thumb_handler.php/X urls.
00065     # Note: If Custom per-extension repo paths are set, this may break.
00066     $repo = RepoGroup::singleton()->getLocalRepo();
00067     $oldArticlePath = $wgArticlePath;
00068     $wgArticlePath = $repo->getZoneUrl( 'thumb' ) . '/$1';
00069 
00070     $matches = WebRequest::getPathInfo();
00071 
00072     $wgArticlePath = $oldArticlePath;
00073 
00074     if ( !isset( $matches['title'] ) ) {
00075         wfThumbError( 404, 'Could not determine the name of the requested thumbnail.' );
00076         return;
00077     }
00078 
00079     $params = wfExtractThumbRequestInfo( $matches['title'] ); // basic wiki URL param extracting
00080     if ( $params == null ) {
00081         wfThumbError( 400, 'The specified thumbnail parameters are not recognized.' );
00082         return;
00083     }
00084 
00085     wfStreamThumb( $params ); // stream the thumbnail
00086 }
00087 
00101 function wfStreamThumb( array $params ) {
00102     global $wgVaryOnXFP;
00103 
00104     $section = new ProfileSection( __METHOD__ );
00105 
00106     $headers = array(); // HTTP headers to send
00107 
00108     $fileName = isset( $params['f'] ) ? $params['f'] : '';
00109 
00110     // Is this a thumb of an archived file?
00111     $isOld = ( isset( $params['archived'] ) && $params['archived'] );
00112     unset( $params['archived'] ); // handlers don't care
00113 
00114     // Is this a thumb of a temp file?
00115     $isTemp = ( isset( $params['temp'] ) && $params['temp'] );
00116     unset( $params['temp'] ); // handlers don't care
00117 
00118     // Some basic input validation
00119     $fileName = strtr( $fileName, '\\/', '__' );
00120 
00121     // Actually fetch the image. Method depends on whether it is archived or not.
00122     if ( $isTemp ) {
00123         $repo = RepoGroup::singleton()->getLocalRepo()->getTempRepo();
00124         $img = new UnregisteredLocalFile( null, $repo,
00125             # Temp files are hashed based on the name without the timestamp.
00126             # The thumbnails will be hashed based on the entire name however.
00127             # @todo fix this convention to actually be reasonable.
00128             $repo->getZonePath( 'public' ) . '/' . $repo->getTempHashPath( $fileName ) . $fileName
00129         );
00130     } elseif ( $isOld ) {
00131         // Format is <timestamp>!<name>
00132         $bits = explode( '!', $fileName, 2 );
00133         if ( count( $bits ) != 2 ) {
00134             wfThumbError( 404, wfMessage( 'badtitletext' )->text() );
00135             return;
00136         }
00137         $title = Title::makeTitleSafe( NS_FILE, $bits[1] );
00138         if ( !$title ) {
00139             wfThumbError( 404, wfMessage( 'badtitletext' )->text() );
00140             return;
00141         }
00142         $img = RepoGroup::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName );
00143     } else {
00144         $img = wfLocalFile( $fileName );
00145     }
00146 
00147     // Check the source file title
00148     if ( !$img ) {
00149         wfThumbError( 404, wfMessage( 'badtitletext' )->text() );
00150         return;
00151     }
00152 
00153     // Check permissions if there are read restrictions
00154     $varyHeader = array();
00155     if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) {
00156         if ( !$img->getTitle() || !$img->getTitle()->userCan( 'read' ) ) {
00157             wfThumbError( 403, 'Access denied. You do not have permission to access ' .
00158                 'the source file.' );
00159             return;
00160         }
00161         $headers[] = 'Cache-Control: private';
00162         $varyHeader[] = 'Cookie';
00163     }
00164 
00165     // Do rendering parameters extraction from thumbnail name.
00166     if ( isset( $params['thumbName'] ) ) {
00167         $params = wfExtractThumbParams( $img, $params );
00168     }
00169     if ( $params == null ) {
00170         wfThumbError( 400, 'The specified thumbnail parameters are not recognized.' );
00171         return;
00172     }
00173 
00174 
00175     // Check the source file storage path
00176     if ( !$img->exists() ) {
00177         $redirectedLocation = false;
00178         if ( !$isTemp ) {
00179             // Check for file redirect
00180             // Since redirects are associated with pages, not versions of files,
00181             // we look for the most current version to see if its a redirect.
00182             $possRedirFile = RepoGroup::singleton()->getLocalRepo()->findFile( $img->getName() );
00183             if ( $possRedirFile && !is_null( $possRedirFile->getRedirected() ) ) {
00184                 $redirTarget = $possRedirFile->getName();
00185                 $targetFile = wfLocalFile( Title::makeTitleSafe( NS_FILE, $redirTarget ) );
00186                 if ( $targetFile->exists() ) {
00187                     $newThumbName = $targetFile->thumbName( $params );
00188                     if ( $isOld ) {
00189                         $newThumbUrl = $targetFile->getArchiveThumbUrl(
00190                             $bits[0] . '!' . $targetFile->getName(), $newThumbName );
00191                     } else {
00192                         $newThumbUrl = $targetFile->getThumbUrl( $newThumbName );
00193                     }
00194                     $redirectedLocation = wfExpandUrl( $newThumbUrl, PROTO_CURRENT );
00195                 }
00196             }
00197         }
00198 
00199         if ( $redirectedLocation ) {
00200             // File has been moved. Give redirect.
00201             $response = RequestContext::getMain()->getRequest()->response();
00202             $response->header( "HTTP/1.1 302 " . HttpStatus::getMessage( 302 ) );
00203             $response->header( 'Location: ' . $redirectedLocation );
00204             $response->header( 'Expires: ' .
00205                 gmdate( 'D, d M Y H:i:s', time() + 12 * 3600 ) . ' GMT' );
00206             if ( $wgVaryOnXFP ) {
00207                 $varyHeader[] = 'X-Forwarded-Proto';
00208             }
00209             if ( count( $varyHeader ) ) {
00210                 $response->header( 'Vary: ' . implode( ', ', $varyHeader ) );
00211             }
00212             return;
00213         }
00214 
00215         // If its not a redirect that has a target as a local file, give 404.
00216         wfThumbError( 404, "The source file '$fileName' does not exist." );
00217         return;
00218     } elseif ( $img->getPath() === false ) {
00219         wfThumbError( 500, "The source file '$fileName' is not locally accessible." );
00220         return;
00221     }
00222 
00223     // Check IMS against the source file
00224     // This means that clients can keep a cached copy even after it has been deleted on the server
00225     if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
00226         // Fix IE brokenness
00227         $imsString = preg_replace( '/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"] );
00228         // Calculate time
00229         wfSuppressWarnings();
00230         $imsUnix = strtotime( $imsString );
00231         wfRestoreWarnings();
00232         if ( wfTimestamp( TS_UNIX, $img->getTimestamp() ) <= $imsUnix ) {
00233             header( 'HTTP/1.1 304 Not Modified' );
00234             return;
00235         }
00236     }
00237 
00238     // Backwards compatibility parameters
00239     if ( isset( $params['w'] ) ) {
00240         $params['width'] = $params['w'];
00241         unset( $params['w'] );
00242     }
00243     if ( isset( $params['p'] ) ) {
00244         $params['page'] = $params['p'];
00245     }
00246     unset( $params['r'] ); // ignore 'r' because we unconditionally pass File::RENDER
00247     unset( $params['f'] ); // We're done with 'f' parameter.
00248 
00249 
00250     // Get the normalized thumbnail name from the parameters...
00251     try {
00252         $thumbName = $img->thumbName( $params );
00253         if ( !strlen( $thumbName ) ) { // invalid params?
00254             wfThumbError( 400, 'The specified thumbnail parameters are not valid.' );
00255             return;
00256         }
00257         $thumbName2 = $img->thumbName( $params, File::THUMB_FULL_NAME ); // b/c; "long" style
00258     } catch ( MWException $e ) {
00259         wfThumbError( 500, $e->getHTML() );
00260         return;
00261     }
00262 
00263     // For 404 handled thumbnails, we only use the the base name of the URI
00264     // for the thumb params and the parent directory for the source file name.
00265     // Check that the zone relative path matches up so squid caches won't pick
00266     // up thumbs that would not be purged on source file deletion (bug 34231).
00267     if ( isset( $params['rel404'] ) ) { // thumbnail was handled via 404
00268         if ( rawurldecode( $params['rel404'] ) === $img->getThumbRel( $thumbName ) ) {
00269             // Request for the canonical thumbnail name
00270         } elseif ( rawurldecode( $params['rel404'] ) === $img->getThumbRel( $thumbName2 ) ) {
00271             // Request for the "long" thumbnail name; redirect to canonical name
00272             $response = RequestContext::getMain()->getRequest()->response();
00273             $response->header( "HTTP/1.1 301 " . HttpStatus::getMessage( 301 ) );
00274             $response->header( 'Location: ' .
00275                 wfExpandUrl( $img->getThumbUrl( $thumbName ), PROTO_CURRENT ) );
00276             $response->header( 'Expires: ' .
00277                 gmdate( 'D, d M Y H:i:s', time() + 7 * 86400 ) . ' GMT' );
00278             if ( $wgVaryOnXFP ) {
00279                 $varyHeader[] = 'X-Forwarded-Proto';
00280             }
00281             if ( count( $varyHeader ) ) {
00282                 $response->header( 'Vary: ' . implode( ', ', $varyHeader ) );
00283             }
00284             return;
00285         } else {
00286             wfThumbError( 404, "The given path of the specified thumbnail is incorrect;
00287                 expected '" . $img->getThumbRel( $thumbName ) . "' but got '" .
00288                 rawurldecode( $params['rel404'] ) . "'." );
00289             return;
00290         }
00291     }
00292 
00293     // Suggest a good name for users downloading this thumbnail
00294     $headers[] = "Content-Disposition: {$img->getThumbDisposition( $thumbName )}";
00295 
00296     if ( count( $varyHeader ) ) {
00297         $headers[] = 'Vary: ' . implode( ', ', $varyHeader );
00298     }
00299 
00300     // Stream the file if it exists already...
00301     $thumbPath = $img->getThumbPath( $thumbName );
00302     if ( $img->getRepo()->fileExists( $thumbPath ) ) {
00303         $img->getRepo()->streamFile( $thumbPath, $headers );
00304         return;
00305     }
00306 
00307     $user = RequestContext::getMain()->getUser();
00308     if ( $user->pingLimiter( 'renderfile' ) ) {
00309         wfThumbError( 500, wfMessage( 'actionthrottledtext' ) );
00310         return;
00311     }
00312 
00313     // Thumbnail isn't already there, so create the new thumbnail...
00314     try {
00315         $thumb = $img->transform( $params, File::RENDER_NOW );
00316     } catch ( Exception $ex ) {
00317         // Tried to select a page on a non-paged file?
00318         $thumb = false;
00319     }
00320 
00321     // Check for thumbnail generation errors...
00322     $errorMsg = false;
00323     $msg = wfMessage( 'thumbnail_error' );
00324     if ( !$thumb ) {
00325         $errorMsg = $msg->rawParams( 'File::transform() returned false' )->escaped();
00326     } elseif ( $thumb->isError() ) {
00327         $errorMsg = $thumb->getHtmlMsg();
00328     } elseif ( !$thumb->hasFile() ) {
00329         $errorMsg = $msg->rawParams( 'No path supplied in thumbnail object' )->escaped();
00330     } elseif ( $thumb->fileIsSource() ) {
00331         $errorMsg = $msg->
00332             rawParams( 'Image was not scaled, is the requested width bigger than the source?' )->escaped();
00333     }
00334 
00335     if ( $errorMsg !== false ) {
00336         wfThumbError( 500, $errorMsg );
00337     } else {
00338         // Stream the file if there were no errors
00339         $thumb->streamFile( $headers );
00340     }
00341 }
00342 
00362 function wfExtractThumbRequestInfo( $thumbRel ) {
00363     $repo = RepoGroup::singleton()->getLocalRepo();
00364 
00365     $hashDirReg = $subdirReg = '';
00366     for ( $i = 0; $i < $repo->getHashLevels(); $i++ ) {
00367         $subdirReg .= '[0-9a-f]';
00368         $hashDirReg .= "$subdirReg/";
00369     }
00370 
00371     // Check if this is a thumbnail of an original in the local file repo
00372     if ( preg_match( "!^((archive/)?$hashDirReg([^/]*)/([^/]*))$!", $thumbRel, $m ) ) {
00373         list( /*all*/, $rel, $archOrTemp, $filename, $thumbname ) = $m;
00374     // Check if this is a thumbnail of an temp file in the local file repo
00375     } elseif ( preg_match( "!^(temp/)($hashDirReg([^/]*)/([^/]*))$!", $thumbRel, $m ) ) {
00376         list( /*all*/, $archOrTemp, $rel, $filename, $thumbname ) = $m;
00377     } else {
00378         return null; // not a valid looking thumbnail request
00379     }
00380 
00381     $params = array( 'f' => $filename, 'rel404' => $rel );
00382     if ( $archOrTemp === 'archive/' ) {
00383         $params['archived'] = 1;
00384     } elseif ( $archOrTemp === 'temp/' ) {
00385         $params['temp'] = 1;
00386     }
00387 
00388     $params['thumbName'] = $thumbname;
00389     return $params;
00390 }
00391 
00400 function wfExtractThumbParams( $file, $params ) {
00401     if ( !isset( $params['thumbName'] ) ) {
00402         throw new MWException( "No thumbnail name passed to wfExtractThumbParams" );
00403     }
00404 
00405     $thumbname = $params['thumbName'];
00406     unset( $params['thumbName'] );
00407 
00408     // Do the hook first for older extensions that rely on it.
00409     if ( !wfRunHooks( 'ExtractThumbParameters', array( $thumbname, &$params ) ) ) {
00410         // Check hooks if parameters can be extracted
00411         // Hooks return false if they manage to *resolve* the parameters
00412         // This hook should be considered deprecated
00413         wfDeprecated( 'ExtractThumbParameters', '1.22' );
00414         return $params; // valid thumbnail URL (via extension or config)
00415     }
00416 
00417     // FIXME: Files in the temp zone don't set a mime type, which means
00418     // they don't have a handler. Which means we can't parse the param
00419     // string. However, not a big issue as what good is a param string
00420     // if you have no handler to make use of the param string and
00421     // actually generate the thumbnail.
00422     $handler = $file->getHandler();
00423 
00424     // Based on UploadStash::parseKey
00425     $fileNamePos = strrpos( $thumbname, $params['f'] );
00426     if ( $fileNamePos === false ) {
00427         // Maybe using a short filename? (see FileRepo::nameForThumb)
00428         $fileNamePos = strrpos( $thumbname, 'thumbnail' );
00429     }
00430 
00431     if ( $handler && $fileNamePos !== false ) {
00432         $paramString = substr( $thumbname, 0, $fileNamePos - 1 );
00433         $extraParams = $handler->parseParamString( $paramString );
00434         if ( $extraParams !== false ) {
00435             return $params + $extraParams;
00436         }
00437     }
00438 
00439     // As a last ditch fallback, use the traditional common parameters
00440     if ( preg_match( '!^(page(\d*)-)*(\d*)px-[^/]*$!', $thumbname, $matches ) ) {
00441         list( /* all */, $pagefull, $pagenum, $size ) = $matches;
00442         $params['width'] = $size;
00443         if ( $pagenum ) {
00444             $params['page'] = $pagenum;
00445         }
00446         return $params; // valid thumbnail URL
00447     }
00448     return null;
00449 }
00450 
00458 function wfThumbError( $status, $msg ) {
00459     global $wgShowHostnames;
00460 
00461     header( 'Cache-Control: no-cache' );
00462     header( 'Content-Type: text/html; charset=utf-8' );
00463     if ( $status == 404 ) {
00464         header( 'HTTP/1.1 404 Not found' );
00465     } elseif ( $status == 403 ) {
00466         header( 'HTTP/1.1 403 Forbidden' );
00467         header( 'Vary: Cookie' );
00468     } else {
00469         header( 'HTTP/1.1 500 Internal server error' );
00470     }
00471     if ( $wgShowHostnames ) {
00472         header( 'X-MW-Thumbnail-Renderer: ' . wfHostname() );
00473         $url = htmlspecialchars( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '' );
00474         $hostname = htmlspecialchars( wfHostname() );
00475         $debug = "<!-- $url -->\n<!-- $hostname -->\n";
00476     } else {
00477         $debug = '';
00478     }
00479     echo <<<EOT
00480 <html><head><title>Error generating thumbnail</title></head>
00481 <body>
00482 <h1>Error generating thumbnail</h1>
00483 <p>
00484 $msg
00485 </p>
00486 $debug
00487 </body>
00488 </html>
00489 
00490 EOT;
00491 }