MediaWiki  master
img_auth.php
Go to the documentation of this file.
1 <?php
41 define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
42 require __DIR__ . '/includes/WebStart.php';
43 
44 # Set action base paths so that WebRequest::getPathInfo()
45 # recognizes the "X" as the 'title' in ../img_auth.php/X urls.
46 $wgArticlePath = false; # Don't let a "/*" article path clober our action path
47 $wgActionPaths = [ "$wgUploadPath/" ];
48 
49 wfImageAuthMain();
50 
51 $mediawiki = new MediaWiki();
52 $mediawiki->doPostOutputShutdown( 'fast' );
53 
54 function wfImageAuthMain() {
55  global $wgImgAuthUrlPathMap;
56  $permissionManager = \MediaWiki\MediaWikiServices::getInstance()->getPermissionManager();
57 
58  $request = RequestContext::getMain()->getRequest();
59  $publicWiki = in_array( 'read', $permissionManager->getGroupPermissions( [ '*' ] ), true );
60 
61  // Get the requested file path (source file or thumbnail)
62  $matches = WebRequest::getPathInfo();
63  if ( !isset( $matches['title'] ) ) {
64  wfForbidden( 'img-auth-accessdenied', 'img-auth-nopathinfo' );
65  return;
66  }
67  $path = $matches['title'];
68  if ( $path && $path[0] !== '/' ) {
69  // Make sure $path has a leading /
70  $path = "/" . $path;
71  }
72 
73  // Check for T30235: QUERY_STRING overriding the correct extension
74  $whitelist = [];
75  $extension = FileBackend::extensionFromPath( $path, 'rawcase' );
76  if ( $extension != '' ) {
77  $whitelist[] = $extension;
78  }
79  if ( !$request->checkUrlExtension( $whitelist ) ) {
80  return;
81  }
82 
83  $user = RequestContext::getMain()->getUser();
84 
85  // Various extensions may have their own backends that need access.
86  // Check if there is a special backend and storage base path for this file.
87  foreach ( $wgImgAuthUrlPathMap as $prefix => $storageDir ) {
88  $prefix = rtrim( $prefix, '/' ) . '/'; // implicit trailing slash
89  if ( strpos( $path, $prefix ) === 0 ) {
90  $be = FileBackendGroup::singleton()->backendFromPath( $storageDir );
91  $filename = $storageDir . substr( $path, strlen( $prefix ) ); // strip prefix
92  // Check basic user authorization
93  if ( !$user->isAllowed( 'read' ) ) {
94  wfForbidden( 'img-auth-accessdenied', 'img-auth-noread', $path );
95  return;
96  }
97  if ( $be->fileExists( [ 'src' => $filename ] ) ) {
98  wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
99  $be->streamFile( [ 'src' => $filename ],
100  [ 'Cache-Control: private', 'Vary: Cookie' ] );
101  } else {
102  wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $path );
103  }
104  return;
105  }
106  }
107 
108  // Get the local file repository
109  $repo = RepoGroup::singleton()->getRepo( 'local' );
110  $zone = strstr( ltrim( $path, '/' ), '/', true );
111 
112  // Get the full file storage path and extract the source file name.
113  // (e.g. 120px-Foo.png => Foo.png or page2-120px-Foo.png => Foo.png).
114  // This only applies to thumbnails/transcoded, and each of them should
115  // be under a folder that has the source file name.
116  if ( $zone === 'thumb' || $zone === 'transcoded' ) {
117  $name = wfBaseName( dirname( $path ) );
118  $filename = $repo->getZonePath( $zone ) . substr( $path, strlen( "/" . $zone ) );
119  // Check to see if the file exists
120  if ( !$repo->fileExists( $filename ) ) {
121  wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $filename );
122  return;
123  }
124  } else {
125  $name = wfBaseName( $path ); // file is a source file
126  $filename = $repo->getZonePath( 'public' ) . $path;
127  // Check to see if the file exists and is not deleted
128  $bits = explode( '!', $name, 2 );
129  if ( substr( $path, 0, 9 ) === '/archive/' && count( $bits ) == 2 ) {
130  $file = $repo->newFromArchiveName( $bits[1], $name );
131  } else {
132  $file = $repo->newFile( $name );
133  }
134  if ( !$file->exists() || $file->isDeleted( File::DELETED_FILE ) ) {
135  wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $filename );
136  return;
137  }
138  }
139 
140  $headers = []; // extra HTTP headers to send
141 
142  $title = Title::makeTitleSafe( NS_FILE, $name );
143 
144  if ( !$publicWiki ) {
145  // For private wikis, run extra auth checks and set cache control headers
146  $headers['Cache-Control'] = 'private';
147  $headers['Vary'] = 'Cookie';
148 
149  if ( !$title instanceof Title ) { // files have valid titles
150  wfForbidden( 'img-auth-accessdenied', 'img-auth-badtitle', $name );
151  return;
152  }
153 
154  // Run hook for extension authorization plugins
156  $result = null;
157  if ( !Hooks::run( 'ImgAuthBeforeStream', [ &$title, &$path, &$name, &$result ] ) ) {
158  wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
159  return;
160  }
161 
162  // Check user authorization for this title
163  // Checks Whitelist too
164 
165  if ( !$permissionManager->userCan( 'read', $user, $title ) ) {
166  wfForbidden( 'img-auth-accessdenied', 'img-auth-noread', $name );
167  return;
168  }
169  }
170 
171  if ( isset( $_SERVER['HTTP_RANGE'] ) ) {
172  $headers['Range'] = $_SERVER['HTTP_RANGE'];
173  }
174  if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
175  $headers['If-Modified-Since'] = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
176  }
177 
178  if ( $request->getCheck( 'download' ) ) {
179  $headers['Content-Disposition'] = 'attachment';
180  }
181 
182  // Allow modification of headers before streaming a file
183  Hooks::run( 'ImgAuthModifyHeaders', [ $title->getTitleValue(), &$headers ] );
184 
185  // Stream the requested file
186  list( $headers, $options ) = HTTPFileStreamer::preprocessHeaders( $headers );
187  wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
188  $repo->streamFileWithStatus( $filename, $headers, $options );
189 }
190 
200 function wfForbidden( $msg1, $msg2, ...$args ) {
201  global $wgImgAuthDetails;
202 
203  $args = ( isset( $args[0] ) && is_array( $args[0] ) ) ? $args[0] : $args;
204 
205  $msgHdr = wfMessage( $msg1 )->escaped();
206  $detailMsgKey = $wgImgAuthDetails ? $msg2 : 'badaccess-group0';
207  $detailMsg = wfMessage( $detailMsgKey, $args )->escaped();
208 
209  wfDebugLog( 'img_auth',
210  "wfForbidden Hdr: " . wfMessage( $msg1 )->inLanguage( 'en' )->text() . " Msg: " .
211  wfMessage( $msg2, $args )->inLanguage( 'en' )->text()
212  );
213 
214  HttpStatus::header( 403 );
215  header( 'Cache-Control: no-cache' );
216  header( 'Content-Type: text/html; charset=utf-8' );
217  echo <<<ENDS
218 <!DOCTYPE html>
219 <html>
220 <head>
221 <meta charset="UTF-8" />
222 <title>$msgHdr</title>
223 </head>
224 <body>
225 <h1>$msgHdr</h1>
226 <p>$detailMsg</p>
227 </body>
228 </html>
229 ENDS;
230 }
Makefile.download
def download(url, dest)
Definition: Makefile.py:47
$wgArticlePath
$wgArticlePath
Definition: img_auth.php:46
title
title
Definition: parserTests.txt:245
text
This list may contain false positives That usually means there is additional text with links below the first Each row contains links to the first and second as well as the first line of the second redirect text
Definition: All_system_messages.txt:1267
cache
you have access to all of the normal MediaWiki so you can get a DB use the cache
Definition: maintenance.txt:52
php
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35