REL1_41/php/SpecialUploadStash_8php_source.html

<?php

namespace MediaWiki\Specials;


use Exception;

use File;

use HTMLForm;

use HttpError;

use LocalRepo;

use MediaWiki\Html\Html;

use MediaWiki\Http\HttpRequestFactory;

use MediaWiki\MainConfigNames;

use MediaWiki\SpecialPage\UnlistedSpecialPage;

use MediaWiki\Status\Status;

use MediaWiki\Utils\UrlUtils;

use MWException;

use MWExceptionHandler;

use RepoGroup;

use SpecialUploadStashTooLargeException;

use UnregisteredLocalFile;

use UploadStash;

use UploadStashBadPathException;

use UploadStashFileNotFoundException;

use Wikimedia\RequestTimeout\TimeoutException;


class SpecialUploadStash extends UnlistedSpecialPage {

    private $stash;


    private LocalRepo $localRepo;

    private HttpRequestFactory $httpRequestFactory;

    private UrlUtils $urlUtils;


    private const MAX_SERVE_BYTES = 1048576; // 1 MiB


    public function __construct(

        RepoGroup $repoGroup,

        HttpRequestFactory $httpRequestFactory,

        UrlUtils $urlUtils

    ) {

        parent::__construct( 'UploadStash', 'upload' );

        $this->localRepo = $repoGroup->getLocalRepo();

        $this->httpRequestFactory = $httpRequestFactory;

        $this->urlUtils = $urlUtils;

    }


    public function doesWrites() {

        return true;

    }


    public function execute( $subPage ) {

        $this->useTransactionalTimeLimit();


        // This is not set in constructor, because the context with the user is not safe to be set

        $this->stash = $this->localRepo->getUploadStash( $this->getUser() );

        $this->checkPermissions();


        if ( $subPage === null || $subPage === '' ) {

            $this->showUploads();

        } else {

            $this->showUpload( $subPage );

        }

    }


    public function showUpload( $key ) {

        // prevent callers from doing standard HTML output -- we'll take it from here

        $this->getOutput()->disable();


        try {

            $params = $this->parseKey( $key );

            if ( $params['type'] === 'thumb' ) {

                $this->outputThumbFromStash( $params['file'], $params['params'] );

            } else {

                $this->outputLocalFile( $params['file'] );

            }

            return;

        } catch ( UploadStashFileNotFoundException $e ) {

            $code = 404;

            $message = $e->getMessage();

        } catch ( Exception $e ) {

            $code = 500;

            $message = $e->getMessage();

        }


        throw new HttpError( $code, $message );

    }


    private function parseKey( $key ) {

        $type = strtok( $key, '/' );


        if ( $type !== 'file' && $type !== 'thumb' ) {

            throw new UploadStashBadPathException(

                $this->msg( 'uploadstash-bad-path-unknown-type', $type )

            );

        }

        $fileName = strtok( '/' );

        $thumbPart = strtok( '/' );

        $file = $this->stash->getFile( $fileName );

        if ( $type === 'thumb' ) {

            $srcNamePos = strrpos( $thumbPart, $fileName );

            if ( $srcNamePos === false || $srcNamePos < 1 ) {

                throw new UploadStashBadPathException(

                    $this->msg( 'uploadstash-bad-path-unrecognized-thumb-name' )

                );

            }

            $paramString = substr( $thumbPart, 0, $srcNamePos - 1 );


            $handler = $file->getHandler();

            if ( $handler ) {

                $params = $handler->parseParamString( $paramString );


                return [ 'file' => $file, 'type' => $type, 'params' => $params ];

            } else {

                throw new UploadStashBadPathException(

                    $this->msg( 'uploadstash-bad-path-no-handler', $file->getMimeType(), $file->getPath() )

                );

            }

        }


        return [ 'file' => $file, 'type' => $type ];

    }


    private function outputThumbFromStash( $file, $params ) {

        // this config option, if it exists, points to a "scaler", as you might find in

        // the Wikimedia Foundation cluster. See outputRemoteScaledThumb(). This

        // is part of our horrible NFS-based system, we create a file on a mount

        // point here, but fetch the scaled file from somewhere else that

        // happens to share it over NFS.

        if ( $file->getRepo()->getThumbProxyUrl()

            || $this->getConfig()->get( MainConfigNames::UploadStashScalerBaseUrl )

        ) {

            $this->outputRemoteScaledThumb( $file, $params );

        } else {

            $this->outputLocallyScaledThumb( $file, $params );

        }

    }


    private function outputLocallyScaledThumb( $file, $params ) {

        // n.b. this is stupid, we insist on re-transforming the file every time we are invoked. We rely

        // on HTTP caching to ensure this doesn't happen.


        $thumbnailImage = $file->transform( $params, File::RENDER_NOW );

        if ( !$thumbnailImage ) {

            throw new UploadStashFileNotFoundException(

                $this->msg( 'uploadstash-file-not-found-no-thumb' )

            );

        }


        // we should have just generated it locally

        if ( !$thumbnailImage->getStoragePath() ) {

            throw new UploadStashFileNotFoundException(

                $this->msg( 'uploadstash-file-not-found-no-local-path' )

            );

        }


        // now we should construct a File, so we can get MIME and other such info in a standard way

        // n.b. MIME type may be different from original (ogx original -> jpeg thumb)

        $thumbFile = new UnregisteredLocalFile( false,

            $this->stash->repo, $thumbnailImage->getStoragePath(), false );


        $this->outputLocalFile( $thumbFile );

    }


    private function outputRemoteScaledThumb( $file, $params ) {

        // We need to use generateThumbName() instead of thumbName(), because

        // the suffix needs to match the file name for the remote thumbnailer

        // to work

        $scalerThumbName = $file->generateThumbName( $file->getName(), $params );


        // If a thumb proxy is set up for the repo, we favor that, as that will

        // keep the request internal

        $thumbProxyUrl = $file->getRepo()->getThumbProxyUrl();

        if ( strlen( $thumbProxyUrl ) ) {

            $scalerThumbUrl = $thumbProxyUrl . 'temp/' . $file->getUrlRel() .

                '/' . rawurlencode( $scalerThumbName );

            $secret = $file->getRepo()->getThumbProxySecret();

        } else {

            // This option probably looks something like

            // '//upload.wikimedia.org/wikipedia/test/thumb/temp'. Do not use

            // trailing slash.

            $scalerBaseUrl = $this->getConfig()->get( MainConfigNames::UploadStashScalerBaseUrl );


            if ( preg_match( '/^\/\//', $scalerBaseUrl ) ) {

                // this is apparently a protocol-relative URL, which makes no sense in this context,

                // since this is used for communication that's internal to the application.

                // default to http.

                $scalerBaseUrl = $this->urlUtils->expand( $scalerBaseUrl, PROTO_CANONICAL );

            }


            $scalerThumbUrl = $scalerBaseUrl . '/' . $file->getUrlRel() .

                '/' . rawurlencode( $scalerThumbName );

            $secret = false;

        }


        // make an http request based on wgUploadStashScalerBaseUrl to lazy-create

        // a thumbnail

        $httpOptions = [

            'method' => 'GET',

            'timeout' => 5 // T90599 attempt to time out cleanly

        ];

        $req = $this->httpRequestFactory->create( $scalerThumbUrl, $httpOptions, __METHOD__ );


        // Pass a secret key shared with the proxied service if any

        if ( strlen( $secret ) ) {

            $req->setHeader( 'X-Swift-Secret', $secret );

        }


        $status = $req->execute();

        if ( !$status->isOK() ) {

            $errors = $status->getErrorsArray();

            throw new UploadStashFileNotFoundException(

                $this->msg(

                    'uploadstash-file-not-found-no-remote-thumb',

                    print_r( $errors, 1 ),

                    $scalerThumbUrl

                )

            );

        }

        $contentType = $req->getResponseHeader( "content-type" );

        if ( !$contentType ) {

            throw new UploadStashFileNotFoundException(

                $this->msg( 'uploadstash-file-not-found-missing-content-type' )

            );

        }


        $this->outputContents( $req->getContent(), $contentType );

    }


    private function outputLocalFile( File $file ) {

        if ( $file->getSize() > self::MAX_SERVE_BYTES ) {

            throw new SpecialUploadStashTooLargeException(

                $this->msg( 'uploadstash-file-too-large', self::MAX_SERVE_BYTES )

            );

        }


        $file->getRepo()->streamFileWithStatus( $file->getPath(),

            [ 'Content-Transfer-Encoding: binary',

                'Expires: Sun, 17-Jan-2038 19:14:07 GMT' ]

        );

    }


    private function outputContents( $content, $contentType ) {

        $size = strlen( $content );

        if ( $size > self::MAX_SERVE_BYTES ) {

            throw new SpecialUploadStashTooLargeException(

                $this->msg( 'uploadstash-file-too-large', self::MAX_SERVE_BYTES )

            );

        }

        // Cancel output buffering and gzipping if set

        wfResetOutputBuffers();

        self::outputFileHeaders( $contentType, $size );

        print $content;

    }


    private static function outputFileHeaders( $contentType, $size ) {

        header( "Content-Type: $contentType", true );

        header( 'Content-Transfer-Encoding: binary', true );

        header( 'Expires: Sun, 17-Jan-2038 19:14:07 GMT', true );

        // T55032 - It shouldn't be a problem here, but let's be safe and not cache

        header( 'Cache-Control: private' );

        header( "Content-Length: $size", true );

    }


    private function showUploads() {

        // sets the title, etc.

        $this->setHeaders();

        $this->outputHeader();


        // create the form, which will also be used to execute a callback to process incoming form data

        // this design is extremely dubious, but supposedly HTMLForm is our standard now?


        $form = HTMLForm::factory( 'ooui', [

            'Clear' => [

                'type' => 'hidden',

                'default' => true,

                'name' => 'clear',

            ]

        ], $this->getContext(), 'clearStashedUploads' );

        $form->setTitle( $this->getPageTitle() ); // Remove subpage

        $form->setSubmitDestructive();

        $form->setSubmitCallback( function ( $formData, $form ) {

            if ( isset( $formData['Clear'] ) ) {

                wfDebug( 'stash has: ' . print_r( $this->stash->listFiles(), true ) );


                if ( !$this->stash->clear() ) {

                    return Status::newFatal( 'uploadstash-errclear' );

                }

            }


            return Status::newGood();

        } );

        $form->setSubmitTextMsg( 'uploadstash-clear' );


        $form->prepareForm();

        $formResult = $form->tryAuthorizedSubmit();


        // show the files + form, if there are any, or just say there are none

        $linkRenderer = $this->getLinkRenderer();

        $refreshHtml = $linkRenderer->makeKnownLink(

            $this->getPageTitle(),

            $this->msg( 'uploadstash-refresh' )->text()

        );

        $files = $this->stash->listFiles();

        if ( $files && count( $files ) ) {

            sort( $files );

            $fileListItemsHtml = '';

            foreach ( $files as $file ) {

                $itemHtml = $linkRenderer->makeKnownLink(

                    $this->getPageTitle( "file/$file" ),

                    $file

                );

                try {

                    $fileObj = $this->stash->getFile( $file );

                    $thumb = $fileObj->generateThumbName( $file, [ 'width' => 220 ] );

                    $itemHtml .=

                        $this->msg( 'word-separator' )->escaped() .

                        $this->msg( 'parentheses' )->rawParams(

                            $linkRenderer->makeKnownLink(

                                $this->getPageTitle( "thumb/$file/$thumb" ),

                                $this->msg( 'uploadstash-thumbnail' )->text()

                            )

                        )->escaped();

                } catch ( TimeoutException $e ) {

                    throw $e;

                } catch ( Exception $e ) {

                    MWExceptionHandler::logException( $e );

                }

                $fileListItemsHtml .= Html::rawElement( 'li', [], $itemHtml );

            }

            $this->getOutput()->addHTML( Html::rawElement( 'ul', [], $fileListItemsHtml ) );

            $form->displayForm( $formResult );

            $this->getOutput()->addHTML( Html::rawElement( 'p', [], $refreshHtml ) );

        } else {

            $this->getOutput()->addHTML( Html::rawElement( 'p', [],

                Html::element( 'span', [], $this->msg( 'uploadstash-nofiles' )->text() )

                . ' '

                . $refreshHtml

            ) );

        }

    }

}


class_alias( SpecialUploadStash::class, 'SpecialUploadStash' );

PROTO_CANONICAL
const PROTO_CANONICAL
Definition Defines.php:197

wfDebug
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
Definition GlobalFunctions.php:664

wfResetOutputBuffers
wfResetOutputBuffers( $resetGzipEncoding=true)
Clear away any user-level output buffers, discarding contents.
Definition GlobalFunctions.php:1320

File
Implements some public methods and some protected utility functions which are required by multiple ch...
Definition File.php:70

HTMLForm
Object handling generic submission, CSRF protection, layout and other logic for UI forms in a reusabl...
Definition HTMLForm.php:158

HTMLForm\factory
static factory( $displayFormat, $descriptor, IContextSource $context, $messagePrefix='')
Construct a HTMLForm object for given display type.
Definition HTMLForm.php:360

HttpError
Show an error that looks like an HTTP server error.
Definition HttpError.php:32

LocalRepo
Local repository that stores files in the local filesystem and registers them in the wiki's own datab...
Definition LocalRepo.php:45

MWExceptionHandler
Handler class for MWExceptions.
Definition MWExceptionHandler.php:35

MWExceptionHandler\logException
static logException(Throwable $e, $catcher=self::CAUGHT_BY_OTHER, $extraData=[])
Log a throwable to the exception log (if enabled).
Definition MWExceptionHandler.php:744

MWException
MediaWiki exception.
Definition MWException.php:33

MediaWiki\Html\Html
This class is a collection of static functions that serve two purposes:
Definition Html.php:57

MediaWiki\Http\HttpRequestFactory
Factory creating MWHttpRequest objects.
Definition HttpRequestFactory.php:37

MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition MainConfigNames.php:22

MediaWiki\MainConfigNames\UploadStashScalerBaseUrl
const UploadStashScalerBaseUrl
Name constant for the UploadStashScalerBaseUrl setting, for use with Config::get()
Definition MainConfigNames.php:230

MediaWiki\SpecialPage\SpecialPage\setHeaders
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes!
Definition SpecialPage.php:693

MediaWiki\SpecialPage\SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition SpecialPage.php:901

MediaWiki\SpecialPage\SpecialPage\useTransactionalTimeLimit
useTransactionalTimeLimit()
Call wfTransactionalTimeLimit() if this request was POSTed.
Definition SpecialPage.php:1106

MediaWiki\SpecialPage\SpecialPage\getLinkRenderer
getLinkRenderer()
Definition SpecialPage.php:1116

MediaWiki\SpecialPage\SpecialPage\getPageTitle
getPageTitle( $subpage=false)
Get a self-referential title object.
Definition SpecialPage.php:845

MediaWiki\SpecialPage\SpecialPage\checkPermissions
checkPermissions()
Checks if userCanExecute, and if not throws a PermissionsError.
Definition SpecialPage.php:404

MediaWiki\SpecialPage\SpecialPage\getConfig
getConfig()
Shortcut to get main config object.
Definition SpecialPage.php:966

MediaWiki\SpecialPage\SpecialPage\getContext
getContext()
Gets the context this SpecialPage is executed in.
Definition SpecialPage.php:865

MediaWiki\SpecialPage\SpecialPage\msg
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Definition SpecialPage.php:1000

MediaWiki\SpecialPage\SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition SpecialPage.php:891

MediaWiki\SpecialPage\SpecialPage\outputHeader
outputHeader( $summaryMessageKey='')
Outputs a summary message on top of special pages Per default the message key is the canonical name o...
Definition SpecialPage.php:790

MediaWiki\SpecialPage\UnlistedSpecialPage
Shortcut to construct a special page which is unlisted by default.
Definition UnlistedSpecialPage.php:33

MediaWiki\Specials\SpecialUploadStash
Web access for files temporarily stored by UploadStash.
Definition SpecialUploadStash.php:59

MediaWiki\Specials\SpecialUploadStash\doesWrites
doesWrites()
Indicates whether this special page may perform database writes.
Definition SpecialUploadStash.php:95

MediaWiki\Specials\SpecialUploadStash\execute
execute( $subPage)
Execute page – can output a file directly or show a listing of them.
Definition SpecialUploadStash.php:105

MediaWiki\Specials\SpecialUploadStash\showUpload
showUpload( $key)
If file available in stash, cats it out to the client as a simple HTTP response.
Definition SpecialUploadStash.php:126

MediaWiki\Specials\SpecialUploadStash\__construct
__construct(RepoGroup $repoGroup, HttpRequestFactory $httpRequestFactory, UrlUtils $urlUtils)
Definition SpecialUploadStash.php:84

MediaWiki\Status\Status
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition Status.php:58

MediaWiki\Utils\UrlUtils
A service to expand, parse, and otherwise manipulate URLs.
Definition UrlUtils.php:17

RepoGroup
Prioritized list of file repositories.
Definition RepoGroup.php:30

RepoGroup\getLocalRepo
getLocalRepo()
Get the local repository, i.e.
Definition RepoGroup.php:343

SpecialUploadStashTooLargeException
Definition SpecialUploadStashTooLargeException.php:28

UnregisteredLocalFile
File without associated database record.
Definition UnregisteredLocalFile.php:38

UploadStashBadPathException
Definition UploadStashBadPathException.php:27

UploadStashFileNotFoundException
Definition UploadStashFileNotFoundException.php:27

UploadStash
UploadStash is intended to accomplish a few things:
Definition UploadStash.php:57

MediaWiki\Specials
This program is free software; you can redistribute it and/or modify it under the terms of the GNU Ge...

$content
$content
Definition router.php:76

$file
if(PHP_SAPI !='cli-server') if(!isset( $_SERVER['SCRIPT_FILENAME'])) $file
Item class for a filearchive table row.
Definition router.php:42