42 define(
'MW_NO_OUTPUT_COMPRESSION', 1 );
43 define(
'MW_ENTRY_POINT',
'img_auth' );
44 require __DIR__ .
'/includes/WebStart.php';
55 $permissionManager = $services->getPermissionManager();
58 $publicWiki = $services->getGroupPermissionsLookup()->groupHasPermission(
'*',
'read' );
61 $baseUrl = $services->getRepoGroup()->getLocalRepo()->getZoneUrl(
'public' );
62 if ( $baseUrl[0] ===
'/' ) {
65 $basePath = parse_url( $baseUrl, PHP_URL_PATH );
69 if (
$path ===
false ) {
75 if (
$path ===
false ) {
76 wfForbidden(
'img-auth-accessdenied',
'img-auth-notindir' );
90 $prefix = rtrim( $prefix,
'/' ) .
'/';
91 if ( strpos(
$path, $prefix ) === 0 ) {
92 $be = $services->getFileBackendGroup()->backendFromPath( $storageDir );
93 $filename = $storageDir . substr(
$path, strlen( $prefix ) );
95 $isAllowedUser = $permissionManager->userHasRight( $user,
'read' );
96 if ( !$isAllowedUser ) {
100 if ( $be->fileExists( [
'src' => $filename ] ) ) {
101 wfDebugLog(
'img_auth',
"Streaming `" . $filename .
"`." );
104 'headers' => [
'Cache-Control: private',
'Vary: Cookie' ]
114 $repo = $services->getRepoGroup()->getRepo(
'local' );
115 $zone = strstr( ltrim(
$path,
'/' ),
'/',
true );
121 if ( $zone ===
'thumb' || $zone ===
'transcoded' ) {
123 $filename = $repo->getZonePath( $zone ) . substr(
$path, strlen(
"/" . $zone ) );
125 if ( !$repo->fileExists( $filename ) ) {
126 wfForbidden(
'img-auth-accessdenied',
'img-auth-nofile', $filename );
131 $filename = $repo->getZonePath(
'public' ) .
$path;
133 $bits = explode(
'!', $name, 2 );
134 if ( substr(
$path, 0, 9 ) ===
'/archive/' && count( $bits ) == 2 ) {
135 $file = $repo->newFromArchiveName( $bits[1], $name );
137 $file = $repo->newFile( $name );
140 wfForbidden(
'img-auth-accessdenied',
'img-auth-nofile', $filename );
149 if ( !$publicWiki ) {
151 $headers[
'Cache-Control'] =
'private';
152 $headers[
'Vary'] =
'Cookie';
155 wfForbidden(
'img-auth-accessdenied',
'img-auth-badtitle', $name );
163 wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
170 if ( !$permissionManager->userCan(
'read', $user,
$title ) ) {
171 wfForbidden(
'img-auth-accessdenied',
'img-auth-noread', $name );
176 if ( isset( $_SERVER[
'HTTP_RANGE'] ) ) {
177 $headers[
'Range'] = $_SERVER[
'HTTP_RANGE'];
179 if ( isset( $_SERVER[
'HTTP_IF_MODIFIED_SINCE'] ) ) {
180 $headers[
'If-Modified-Since'] = $_SERVER[
'HTTP_IF_MODIFIED_SINCE'];
183 if ( $request->getCheck(
'download' ) ) {
184 $headers[
'Content-Disposition'] =
'attachment';
192 wfDebugLog(
'img_auth',
"Streaming `" . $filename .
"`." );
193 $repo->streamFileWithStatus( $filename, $headers, $options );
208 $args = ( isset( $args[0] ) && is_array( $args[0] ) ) ? $args[0] : $args;
212 $detailMsg =
wfMessage( $detailMsgKey, $args )->text();
215 "wfForbidden Hdr: " .
wfMessage( $msg1 )->inLanguage(
'en' )->text() .
" Msg: " .
216 wfMessage( $msg2, $args )->inLanguage(
'en' )->text()
220 header(
'Cache-Control: no-cache' );
221 header(
'Content-Type: text/html; charset=utf-8' );
225 'detailMsg' => $detailMsg,
wfBaseName( $path, $suffix='')
Return the final portion of a pathname.
wfDebugLog( $logGroup, $text, $dest='all', array $context=[])
Send a line to a supplementary debug log file, if configured, or main debug log if not.
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
static preprocessHeaders( $headers)
Takes HTTP headers in a name => value format and converts them to the weird format expected by stream...
static runner()
Get a HookRunner instance for calling hooks using the new interfaces.
static header( $code)
Output an HTTP status code header.
static getMain()
Get the RequestContext object associated with the main request.
Represents a title within MediaWiki.
static makeTitleSafe( $ns, $title, $fragment='', $interwiki='')
Create a new Title from a namespace index and a DB key.
static getRequestPathSuffix( $basePath)
If the request URL matches a given base path, extract the path part of the request URL after that bas...
$wgImgAuthPath
Config variable stub for the ImgAuthPath setting, for use by phpdoc and IDEs.
$wgImgAuthDetails
Config variable stub for the ImgAuthDetails setting, for use by phpdoc and IDEs.
$wgImgAuthUrlPathMap
Config variable stub for the ImgAuthUrlPathMap setting, for use by phpdoc and IDEs.
$wgScriptPath
Config variable stub for the ScriptPath setting, for use by phpdoc and IDEs.
wfForbidden( $msg1, $msg2,... $args)
Issue a standard HTTP 403 Forbidden header ($msg1-a message index, not a message) and an error messag...
if(PHP_SAPI !='cli-server') if(!isset( $_SERVER['SCRIPT_FILENAME'])) $file
Item class for a filearchive table row.