MediaWiki
REL1_22
|
00001 <?php 00024 define( 'MW_NO_OUTPUT_COMPRESSION', 1 ); 00025 require __DIR__ . '/includes/WebStart.php'; 00026 00027 // Don't use fancy mime detection, just check the file extension for jpg/gif/png 00028 $wgTrivialMimeDetection = true; 00029 00030 if ( defined( 'THUMB_HANDLER' ) ) { 00031 // Called from thumb_handler.php via 404; extract params from the URI... 00032 wfThumbHandle404(); 00033 } else { 00034 // Called directly, use $_GET params 00035 wfThumbHandleRequest(); 00036 } 00037 00038 wfLogProfilingData(); 00039 00040 //-------------------------------------------------------------------------- 00041 00047 function wfThumbHandleRequest() { 00048 $params = get_magic_quotes_gpc() 00049 ? array_map( 'stripslashes', $_GET ) 00050 : $_GET; 00051 00052 wfStreamThumb( $params ); // stream the thumbnail 00053 } 00054 00060 function wfThumbHandle404() { 00061 global $wgArticlePath; 00062 00063 # Set action base paths so that WebRequest::getPathInfo() 00064 # recognizes the "X" as the 'title' in ../thumb_handler.php/X urls. 00065 # Note: If Custom per-extension repo paths are set, this may break. 00066 $repo = RepoGroup::singleton()->getLocalRepo(); 00067 $oldArticlePath = $wgArticlePath; 00068 $wgArticlePath = $repo->getZoneUrl( 'thumb' ) . '/$1'; 00069 00070 $matches = WebRequest::getPathInfo(); 00071 00072 $wgArticlePath = $oldArticlePath; 00073 00074 if ( !isset( $matches['title'] ) ) { 00075 wfThumbError( 404, 'Could not determine the name of the requested thumbnail.' ); 00076 return; 00077 } 00078 00079 $params = wfExtractThumbRequestInfo( $matches['title'] ); // basic wiki URL param extracting 00080 if ( $params == null ) { 00081 wfThumbError( 400, 'The specified thumbnail parameters are not recognized.' ); 00082 return; 00083 } 00084 00085 wfStreamThumb( $params ); // stream the thumbnail 00086 } 00087 00101 function wfStreamThumb( array $params ) { 00102 global $wgVaryOnXFP; 00103 00104 $section = new ProfileSection( __METHOD__ ); 00105 00106 $headers = array(); // HTTP headers to send 00107 00108 $fileName = isset( $params['f'] ) ? $params['f'] : ''; 00109 00110 // Is this a thumb of an archived file? 00111 $isOld = ( isset( $params['archived'] ) && $params['archived'] ); 00112 unset( $params['archived'] ); // handlers don't care 00113 00114 // Is this a thumb of a temp file? 00115 $isTemp = ( isset( $params['temp'] ) && $params['temp'] ); 00116 unset( $params['temp'] ); // handlers don't care 00117 00118 // Some basic input validation 00119 $fileName = strtr( $fileName, '\\/', '__' ); 00120 00121 // Actually fetch the image. Method depends on whether it is archived or not. 00122 if ( $isTemp ) { 00123 $repo = RepoGroup::singleton()->getLocalRepo()->getTempRepo(); 00124 $img = new UnregisteredLocalFile( null, $repo, 00125 # Temp files are hashed based on the name without the timestamp. 00126 # The thumbnails will be hashed based on the entire name however. 00127 # @todo fix this convention to actually be reasonable. 00128 $repo->getZonePath( 'public' ) . '/' . $repo->getTempHashPath( $fileName ) . $fileName 00129 ); 00130 } elseif ( $isOld ) { 00131 // Format is <timestamp>!<name> 00132 $bits = explode( '!', $fileName, 2 ); 00133 if ( count( $bits ) != 2 ) { 00134 wfThumbError( 404, wfMessage( 'badtitletext' )->text() ); 00135 return; 00136 } 00137 $title = Title::makeTitleSafe( NS_FILE, $bits[1] ); 00138 if ( !$title ) { 00139 wfThumbError( 404, wfMessage( 'badtitletext' )->text() ); 00140 return; 00141 } 00142 $img = RepoGroup::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName ); 00143 } else { 00144 $img = wfLocalFile( $fileName ); 00145 } 00146 00147 // Check the source file title 00148 if ( !$img ) { 00149 wfThumbError( 404, wfMessage( 'badtitletext' )->text() ); 00150 return; 00151 } 00152 00153 // Check permissions if there are read restrictions 00154 $varyHeader = array(); 00155 if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) { 00156 if ( !$img->getTitle() || !$img->getTitle()->userCan( 'read' ) ) { 00157 wfThumbError( 403, 'Access denied. You do not have permission to access ' . 00158 'the source file.' ); 00159 return; 00160 } 00161 $headers[] = 'Cache-Control: private'; 00162 $varyHeader[] = 'Cookie'; 00163 } 00164 00165 // Do rendering parameters extraction from thumbnail name. 00166 if ( isset( $params['thumbName'] ) ) { 00167 $params = wfExtractThumbParams( $img, $params ); 00168 } 00169 if ( $params == null ) { 00170 wfThumbError( 400, 'The specified thumbnail parameters are not recognized.' ); 00171 return; 00172 } 00173 00174 00175 // Check the source file storage path 00176 if ( !$img->exists() ) { 00177 $redirectedLocation = false; 00178 if ( !$isTemp ) { 00179 // Check for file redirect 00180 // Since redirects are associated with pages, not versions of files, 00181 // we look for the most current version to see if its a redirect. 00182 $possRedirFile = RepoGroup::singleton()->getLocalRepo()->findFile( $img->getName() ); 00183 if ( $possRedirFile && !is_null( $possRedirFile->getRedirected() ) ) { 00184 $redirTarget = $possRedirFile->getName(); 00185 $targetFile = wfLocalFile( Title::makeTitleSafe( NS_FILE, $redirTarget ) ); 00186 if ( $targetFile->exists() ) { 00187 $newThumbName = $targetFile->thumbName( $params ); 00188 if ( $isOld ) { 00189 $newThumbUrl = $targetFile->getArchiveThumbUrl( 00190 $bits[0] . '!' . $targetFile->getName(), $newThumbName ); 00191 } else { 00192 $newThumbUrl = $targetFile->getThumbUrl( $newThumbName ); 00193 } 00194 $redirectedLocation = wfExpandUrl( $newThumbUrl, PROTO_CURRENT ); 00195 } 00196 } 00197 } 00198 00199 if ( $redirectedLocation ) { 00200 // File has been moved. Give redirect. 00201 $response = RequestContext::getMain()->getRequest()->response(); 00202 $response->header( "HTTP/1.1 302 " . HttpStatus::getMessage( 302 ) ); 00203 $response->header( 'Location: ' . $redirectedLocation ); 00204 $response->header( 'Expires: ' . 00205 gmdate( 'D, d M Y H:i:s', time() + 12 * 3600 ) . ' GMT' ); 00206 if ( $wgVaryOnXFP ) { 00207 $varyHeader[] = 'X-Forwarded-Proto'; 00208 } 00209 if ( count( $varyHeader ) ) { 00210 $response->header( 'Vary: ' . implode( ', ', $varyHeader ) ); 00211 } 00212 return; 00213 } 00214 00215 // If its not a redirect that has a target as a local file, give 404. 00216 wfThumbError( 404, "The source file '$fileName' does not exist." ); 00217 return; 00218 } elseif ( $img->getPath() === false ) { 00219 wfThumbError( 500, "The source file '$fileName' is not locally accessible." ); 00220 return; 00221 } 00222 00223 // Check IMS against the source file 00224 // This means that clients can keep a cached copy even after it has been deleted on the server 00225 if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) { 00226 // Fix IE brokenness 00227 $imsString = preg_replace( '/;.*$/', '', $_SERVER["HTTP_IF_MODIFIED_SINCE"] ); 00228 // Calculate time 00229 wfSuppressWarnings(); 00230 $imsUnix = strtotime( $imsString ); 00231 wfRestoreWarnings(); 00232 if ( wfTimestamp( TS_UNIX, $img->getTimestamp() ) <= $imsUnix ) { 00233 header( 'HTTP/1.1 304 Not Modified' ); 00234 return; 00235 } 00236 } 00237 00238 // Backwards compatibility parameters 00239 if ( isset( $params['w'] ) ) { 00240 $params['width'] = $params['w']; 00241 unset( $params['w'] ); 00242 } 00243 if ( isset( $params['p'] ) ) { 00244 $params['page'] = $params['p']; 00245 } 00246 unset( $params['r'] ); // ignore 'r' because we unconditionally pass File::RENDER 00247 unset( $params['f'] ); // We're done with 'f' parameter. 00248 00249 00250 // Get the normalized thumbnail name from the parameters... 00251 try { 00252 $thumbName = $img->thumbName( $params ); 00253 if ( !strlen( $thumbName ) ) { // invalid params? 00254 wfThumbError( 400, 'The specified thumbnail parameters are not valid.' ); 00255 return; 00256 } 00257 $thumbName2 = $img->thumbName( $params, File::THUMB_FULL_NAME ); // b/c; "long" style 00258 } catch ( MWException $e ) { 00259 wfThumbError( 500, $e->getHTML() ); 00260 return; 00261 } 00262 00263 // For 404 handled thumbnails, we only use the the base name of the URI 00264 // for the thumb params and the parent directory for the source file name. 00265 // Check that the zone relative path matches up so squid caches won't pick 00266 // up thumbs that would not be purged on source file deletion (bug 34231). 00267 if ( isset( $params['rel404'] ) ) { // thumbnail was handled via 404 00268 if ( rawurldecode( $params['rel404'] ) === $img->getThumbRel( $thumbName ) ) { 00269 // Request for the canonical thumbnail name 00270 } elseif ( rawurldecode( $params['rel404'] ) === $img->getThumbRel( $thumbName2 ) ) { 00271 // Request for the "long" thumbnail name; redirect to canonical name 00272 $response = RequestContext::getMain()->getRequest()->response(); 00273 $response->header( "HTTP/1.1 301 " . HttpStatus::getMessage( 301 ) ); 00274 $response->header( 'Location: ' . 00275 wfExpandUrl( $img->getThumbUrl( $thumbName ), PROTO_CURRENT ) ); 00276 $response->header( 'Expires: ' . 00277 gmdate( 'D, d M Y H:i:s', time() + 7 * 86400 ) . ' GMT' ); 00278 if ( $wgVaryOnXFP ) { 00279 $varyHeader[] = 'X-Forwarded-Proto'; 00280 } 00281 if ( count( $varyHeader ) ) { 00282 $response->header( 'Vary: ' . implode( ', ', $varyHeader ) ); 00283 } 00284 return; 00285 } else { 00286 wfThumbError( 404, "The given path of the specified thumbnail is incorrect; 00287 expected '" . $img->getThumbRel( $thumbName ) . "' but got '" . 00288 rawurldecode( $params['rel404'] ) . "'." ); 00289 return; 00290 } 00291 } 00292 00293 // Suggest a good name for users downloading this thumbnail 00294 $headers[] = "Content-Disposition: {$img->getThumbDisposition( $thumbName )}"; 00295 00296 if ( count( $varyHeader ) ) { 00297 $headers[] = 'Vary: ' . implode( ', ', $varyHeader ); 00298 } 00299 00300 // Stream the file if it exists already... 00301 $thumbPath = $img->getThumbPath( $thumbName ); 00302 if ( $img->getRepo()->fileExists( $thumbPath ) ) { 00303 $img->getRepo()->streamFile( $thumbPath, $headers ); 00304 return; 00305 } 00306 00307 $user = RequestContext::getMain()->getUser(); 00308 if ( $user->pingLimiter( 'renderfile' ) ) { 00309 wfThumbError( 500, wfMessage( 'actionthrottledtext' ) ); 00310 return; 00311 } 00312 00313 // Thumbnail isn't already there, so create the new thumbnail... 00314 try { 00315 $thumb = $img->transform( $params, File::RENDER_NOW ); 00316 } catch ( Exception $ex ) { 00317 // Tried to select a page on a non-paged file? 00318 $thumb = false; 00319 } 00320 00321 // Check for thumbnail generation errors... 00322 $errorMsg = false; 00323 $msg = wfMessage( 'thumbnail_error' ); 00324 if ( !$thumb ) { 00325 $errorMsg = $msg->rawParams( 'File::transform() returned false' )->escaped(); 00326 } elseif ( $thumb->isError() ) { 00327 $errorMsg = $thumb->getHtmlMsg(); 00328 } elseif ( !$thumb->hasFile() ) { 00329 $errorMsg = $msg->rawParams( 'No path supplied in thumbnail object' )->escaped(); 00330 } elseif ( $thumb->fileIsSource() ) { 00331 $errorMsg = $msg-> 00332 rawParams( 'Image was not scaled, is the requested width bigger than the source?' )->escaped(); 00333 } 00334 00335 if ( $errorMsg !== false ) { 00336 wfThumbError( 500, $errorMsg ); 00337 } else { 00338 // Stream the file if there were no errors 00339 $thumb->streamFile( $headers ); 00340 } 00341 } 00342 00362 function wfExtractThumbRequestInfo( $thumbRel ) { 00363 $repo = RepoGroup::singleton()->getLocalRepo(); 00364 00365 $hashDirReg = $subdirReg = ''; 00366 for ( $i = 0; $i < $repo->getHashLevels(); $i++ ) { 00367 $subdirReg .= '[0-9a-f]'; 00368 $hashDirReg .= "$subdirReg/"; 00369 } 00370 00371 // Check if this is a thumbnail of an original in the local file repo 00372 if ( preg_match( "!^((archive/)?$hashDirReg([^/]*)/([^/]*))$!", $thumbRel, $m ) ) { 00373 list( /*all*/, $rel, $archOrTemp, $filename, $thumbname ) = $m; 00374 // Check if this is a thumbnail of an temp file in the local file repo 00375 } elseif ( preg_match( "!^(temp/)($hashDirReg([^/]*)/([^/]*))$!", $thumbRel, $m ) ) { 00376 list( /*all*/, $archOrTemp, $rel, $filename, $thumbname ) = $m; 00377 } else { 00378 return null; // not a valid looking thumbnail request 00379 } 00380 00381 $params = array( 'f' => $filename, 'rel404' => $rel ); 00382 if ( $archOrTemp === 'archive/' ) { 00383 $params['archived'] = 1; 00384 } elseif ( $archOrTemp === 'temp/' ) { 00385 $params['temp'] = 1; 00386 } 00387 00388 $params['thumbName'] = $thumbname; 00389 return $params; 00390 } 00391 00400 function wfExtractThumbParams( $file, $params ) { 00401 if ( !isset( $params['thumbName'] ) ) { 00402 throw new MWException( "No thumbnail name passed to wfExtractThumbParams" ); 00403 } 00404 00405 $thumbname = $params['thumbName']; 00406 unset( $params['thumbName'] ); 00407 00408 // Do the hook first for older extensions that rely on it. 00409 if ( !wfRunHooks( 'ExtractThumbParameters', array( $thumbname, &$params ) ) ) { 00410 // Check hooks if parameters can be extracted 00411 // Hooks return false if they manage to *resolve* the parameters 00412 // This hook should be considered deprecated 00413 wfDeprecated( 'ExtractThumbParameters', '1.22' ); 00414 return $params; // valid thumbnail URL (via extension or config) 00415 } 00416 00417 // FIXME: Files in the temp zone don't set a mime type, which means 00418 // they don't have a handler. Which means we can't parse the param 00419 // string. However, not a big issue as what good is a param string 00420 // if you have no handler to make use of the param string and 00421 // actually generate the thumbnail. 00422 $handler = $file->getHandler(); 00423 00424 // Based on UploadStash::parseKey 00425 $fileNamePos = strrpos( $thumbname, $params['f'] ); 00426 if ( $fileNamePos === false ) { 00427 // Maybe using a short filename? (see FileRepo::nameForThumb) 00428 $fileNamePos = strrpos( $thumbname, 'thumbnail' ); 00429 } 00430 00431 if ( $handler && $fileNamePos !== false ) { 00432 $paramString = substr( $thumbname, 0, $fileNamePos - 1 ); 00433 $extraParams = $handler->parseParamString( $paramString ); 00434 if ( $extraParams !== false ) { 00435 return $params + $extraParams; 00436 } 00437 } 00438 00439 // As a last ditch fallback, use the traditional common parameters 00440 if ( preg_match( '!^(page(\d*)-)*(\d*)px-[^/]*$!', $thumbname, $matches ) ) { 00441 list( /* all */, $pagefull, $pagenum, $size ) = $matches; 00442 $params['width'] = $size; 00443 if ( $pagenum ) { 00444 $params['page'] = $pagenum; 00445 } 00446 return $params; // valid thumbnail URL 00447 } 00448 return null; 00449 } 00450 00458 function wfThumbError( $status, $msg ) { 00459 global $wgShowHostnames; 00460 00461 header( 'Cache-Control: no-cache' ); 00462 header( 'Content-Type: text/html; charset=utf-8' ); 00463 if ( $status == 404 ) { 00464 header( 'HTTP/1.1 404 Not found' ); 00465 } elseif ( $status == 403 ) { 00466 header( 'HTTP/1.1 403 Forbidden' ); 00467 header( 'Vary: Cookie' ); 00468 } else { 00469 header( 'HTTP/1.1 500 Internal server error' ); 00470 } 00471 if ( $wgShowHostnames ) { 00472 header( 'X-MW-Thumbnail-Renderer: ' . wfHostname() ); 00473 $url = htmlspecialchars( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '' ); 00474 $hostname = htmlspecialchars( wfHostname() ); 00475 $debug = "<!-- $url -->\n<!-- $hostname -->\n"; 00476 } else { 00477 $debug = ''; 00478 } 00479 echo <<<EOT 00480 <html><head><title>Error generating thumbnail</title></head> 00481 <body> 00482 <h1>Error generating thumbnail</h1> 00483 <p> 00484 $msg 00485 </p> 00486 $debug 00487 </body> 00488 </html> 00489 00490 EOT; 00491 }