master/php/StreamFile_8php_source.html

 <?php


 use MediaWiki\MainConfigNames;

 use MediaWiki\MediaWikiServices;


 class StreamFile {

     // Do not send any HTTP headers unless requested by caller (e.g. body only)

     public const STREAM_HEADLESS = HTTPFileStreamer::STREAM_HEADLESS;

     // Do not try to tear down any PHP output buffers

     public const STREAM_ALLOW_OB = HTTPFileStreamer::STREAM_ALLOW_OB;


     public static function stream(

         $fname, $headers = [], $sendErrors = true, $optHeaders = [], $flags = 0

     ) {

         if ( FileBackend::isStoragePath( $fname ) ) {

             throw new InvalidArgumentException( __FUNCTION__ . " given storage path '$fname'." );

         }


         $streamer = new HTTPFileStreamer(

             $fname,

             [

                 'obResetFunc' => 'wfResetOutputBuffers',

                 'streamMimeFunc' => [ __CLASS__, 'contentTypeFromPath' ]

             ]

         );


         return $streamer->stream( $headers, $sendErrors, $optHeaders, $flags );

     }


     public static function contentTypeFromPath( $filename, $safe = true ) {

         $trivialMimeDetection = MediaWikiServices::getInstance()->getMainConfig()

             ->get( MainConfigNames::TrivialMimeDetection );


         $ext = strrchr( $filename, '.' );

         $ext = $ext ? strtolower( substr( $ext, 1 ) ) : '';


         # trivial detection by file extension,

         # used for thumbnails (thumb.php)

         if ( $trivialMimeDetection ) {

             switch ( $ext ) {

                 case 'gif':

                     return 'image/gif';

                 case 'png':

                     return 'image/png';

                 case 'jpg':

                 case 'jpeg':

                     return 'image/jpeg';

             }


             return 'unknown/unknown';

         }


         $magic = MediaWikiServices::getInstance()->getMimeAnalyzer();

         // Use the extension only, rather than magic numbers, to avoid opening

         // up vulnerabilities due to uploads of files with allowed extensions

         // but disallowed types.

         $type = $magic->getMimeTypeFromExtensionOrNull( $ext );


         if ( $safe ) {

             $mainConfig = MediaWikiServices::getInstance()->getMainConfig();

             $prohibitedFileExtensions = $mainConfig->get( MainConfigNames::ProhibitedFileExtensions );

             $checkFileExtensions = $mainConfig->get( MainConfigNames::CheckFileExtensions );

             $strictFileExtensions = $mainConfig->get( MainConfigNames::StrictFileExtensions );

             $fileExtensions = $mainConfig->get( MainConfigNames::FileExtensions );

             $verifyMimeType = $mainConfig->get( MainConfigNames::VerifyMimeType );

             $mimeTypeExclusions = $mainConfig->get( MainConfigNames::MimeTypeExclusions );

             [ , $extList ] = UploadBase::splitExtensions( $filename );

             if ( UploadBase::checkFileExtensionList( $extList, $prohibitedFileExtensions ) ) {

                 return 'unknown/unknown';

             }

             if ( $checkFileExtensions && $strictFileExtensions

                 && !UploadBase::checkFileExtensionList( $extList, $fileExtensions )

             ) {

                 return 'unknown/unknown';

             }

             if ( $verifyMimeType && $type !== null && in_array( strtolower( $type ), $mimeTypeExclusions ) ) {

                 return 'unknown/unknown';

             }

         }

         return $type;

     }

 }

FileBackend\isStoragePath
static isStoragePath( $path)
Check if a given path is a "mwstore://" path.
Definition: FileBackend.php:1511

HTTPFileStreamer
Functions related to the output of file content.
Definition: HTTPFileStreamer.php:31

HTTPFileStreamer\STREAM_HEADLESS
const STREAM_HEADLESS
Definition: HTTPFileStreamer.php:40

HTTPFileStreamer\STREAM_ALLOW_OB
const STREAM_ALLOW_OB
Definition: HTTPFileStreamer.php:42

MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition: MainConfigNames.php:22

MediaWiki\MediaWikiServices
Service locator for MediaWiki core services.
Definition: MediaWikiServices.php:230

StreamFile
Functions related to the output of file content.
Definition: StreamFile.php:30

StreamFile\contentTypeFromPath
static contentTypeFromPath( $filename, $safe=true)
Determine the file type of a file based on the path.
Definition: StreamFile.php:76

StreamFile\STREAM_HEADLESS
const STREAM_HEADLESS
Definition: StreamFile.php:33

StreamFile\STREAM_ALLOW_OB
const STREAM_ALLOW_OB
Definition: StreamFile.php:36

StreamFile\stream
static stream( $fname, $headers=[], $sendErrors=true, $optHeaders=[], $flags=0)
Stream a file to the browser, adding all the headings and fun stuff.
Definition: StreamFile.php:51

UploadBase\splitExtensions
static splitExtensions( $filename)
Split a file into a base name and all dot-delimited 'extensions' on the end.
Definition: UploadBase.php:1207

UploadBase\checkFileExtensionList
static checkFileExtensionList( $ext, $list)
Perform case-insensitive match against a list of file extensions.
Definition: UploadBase.php:1234

$ext
if(!is_readable( $file)) $ext
Definition: router.php:48

$type
$type
Definition: testCompression.php:53