MediaWiki  master
img_auth.php
Go to the documentation of this file.
1 <?php
41 define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
42 require __DIR__ . '/includes/WebStart.php';
43 
44 # Set action base paths so that WebRequest::getPathInfo()
45 # recognizes the "X" as the 'title' in ../img_auth.php/X urls.
46 $wgArticlePath = false; # Don't let a "/*" article path clober our action path
47 $wgActionPaths = [ "$wgUploadPath/" ];
48 
49 wfImageAuthMain();
50 
51 $mediawiki = new MediaWiki();
52 $mediawiki->doPostOutputShutdown( 'fast' );
53 
54 function wfImageAuthMain() {
55  global $wgImgAuthUrlPathMap;
56 
57  $request = RequestContext::getMain()->getRequest();
58  $publicWiki = in_array( 'read', User::getGroupPermissions( [ '*' ] ), true );
59 
60  // Get the requested file path (source file or thumbnail)
61  $matches = WebRequest::getPathInfo();
62  if ( !isset( $matches['title'] ) ) {
63  wfForbidden( 'img-auth-accessdenied', 'img-auth-nopathinfo' );
64  return;
65  }
66  $path = $matches['title'];
67  if ( $path && $path[0] !== '/' ) {
68  // Make sure $path has a leading /
69  $path = "/" . $path;
70  }
71 
72  // Check for T30235: QUERY_STRING overriding the correct extension
73  $whitelist = [];
74  $extension = FileBackend::extensionFromPath( $path, 'rawcase' );
75  if ( $extension != '' ) {
76  $whitelist[] = $extension;
77  }
78  if ( !$request->checkUrlExtension( $whitelist ) ) {
79  return;
80  }
81 
82  $user = RequestContext::getMain()->getUser();
83 
84  // Various extensions may have their own backends that need access.
85  // Check if there is a special backend and storage base path for this file.
86  foreach ( $wgImgAuthUrlPathMap as $prefix => $storageDir ) {
87  $prefix = rtrim( $prefix, '/' ) . '/'; // implicit trailing slash
88  if ( strpos( $path, $prefix ) === 0 ) {
89  $be = FileBackendGroup::singleton()->backendFromPath( $storageDir );
90  $filename = $storageDir . substr( $path, strlen( $prefix ) ); // strip prefix
91  // Check basic user authorization
92  if ( !$user->isAllowed( 'read' ) ) {
93  wfForbidden( 'img-auth-accessdenied', 'img-auth-noread', $path );
94  return;
95  }
96  if ( $be->fileExists( [ 'src' => $filename ] ) ) {
97  wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
98  $be->streamFile( [ 'src' => $filename ],
99  [ 'Cache-Control: private', 'Vary: Cookie' ] );
100  } else {
101  wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $path );
102  }
103  return;
104  }
105  }
106 
107  // Get the local file repository
108  $repo = RepoGroup::singleton()->getRepo( 'local' );
109  $zone = strstr( ltrim( $path, '/' ), '/', true );
110 
111  // Get the full file storage path and extract the source file name.
112  // (e.g. 120px-Foo.png => Foo.png or page2-120px-Foo.png => Foo.png).
113  // This only applies to thumbnails/transcoded, and each of them should
114  // be under a folder that has the source file name.
115  if ( $zone === 'thumb' || $zone === 'transcoded' ) {
116  $name = wfBaseName( dirname( $path ) );
117  $filename = $repo->getZonePath( $zone ) . substr( $path, strlen( "/" . $zone ) );
118  // Check to see if the file exists
119  if ( !$repo->fileExists( $filename ) ) {
120  wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $filename );
121  return;
122  }
123  } else {
124  $name = wfBaseName( $path ); // file is a source file
125  $filename = $repo->getZonePath( 'public' ) . $path;
126  // Check to see if the file exists and is not deleted
127  $bits = explode( '!', $name, 2 );
128  if ( substr( $path, 0, 9 ) === '/archive/' && count( $bits ) == 2 ) {
129  $file = $repo->newFromArchiveName( $bits[1], $name );
130  } else {
131  $file = $repo->newFile( $name );
132  }
133  if ( !$file->exists() || $file->isDeleted( File::DELETED_FILE ) ) {
134  wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $filename );
135  return;
136  }
137  }
138 
139  $headers = []; // extra HTTP headers to send
140 
141  if ( !$publicWiki ) {
142  // For private wikis, run extra auth checks and set cache control headers
143  $headers[] = 'Cache-Control: private';
144  $headers[] = 'Vary: Cookie';
145 
146  $title = Title::makeTitleSafe( NS_FILE, $name );
147  if ( !$title instanceof Title ) { // files have valid titles
148  wfForbidden( 'img-auth-accessdenied', 'img-auth-badtitle', $name );
149  return;
150  }
151 
152  // Run hook for extension authorization plugins
154  $result = null;
155  if ( !Hooks::run( 'ImgAuthBeforeStream', [ &$title, &$path, &$name, &$result ] ) ) {
156  wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
157  return;
158  }
159 
160  // Check user authorization for this title
161  // Checks Whitelist too
162  $permissionManager = \MediaWiki\MediaWikiServices::getInstance()->getPermissionManager();
163 
164  if ( !$permissionManager->userCan( 'read', $user, $title ) ) {
165  wfForbidden( 'img-auth-accessdenied', 'img-auth-noread', $name );
166  return;
167  }
168  }
169 
170  $options = []; // HTTP header options
171  if ( isset( $_SERVER['HTTP_RANGE'] ) ) {
172  $options['range'] = $_SERVER['HTTP_RANGE'];
173  }
174  if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
175  $options['if-modified-since'] = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
176  }
177 
178  if ( $request->getCheck( 'download' ) ) {
179  $headers[] = 'Content-Disposition: attachment';
180  }
181 
182  // Stream the requested file
183  wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
184  $repo->streamFileWithStatus( $filename, $headers, $options );
185 }
186 
196 function wfForbidden( $msg1, $msg2, ...$args ) {
197  global $wgImgAuthDetails;
198 
199  $args = ( isset( $args[0] ) && is_array( $args[0] ) ) ? $args[0] : $args;
200 
201  $msgHdr = wfMessage( $msg1 )->escaped();
202  $detailMsgKey = $wgImgAuthDetails ? $msg2 : 'badaccess-group0';
203  $detailMsg = wfMessage( $detailMsgKey, $args )->escaped();
204 
205  wfDebugLog( 'img_auth',
206  "wfForbidden Hdr: " . wfMessage( $msg1 )->inLanguage( 'en' )->text() . " Msg: " .
207  wfMessage( $msg2, $args )->inLanguage( 'en' )->text()
208  );
209 
210  HttpStatus::header( 403 );
211  header( 'Cache-Control: no-cache' );
212  header( 'Content-Type: text/html; charset=utf-8' );
213  echo <<<ENDS
214 <!DOCTYPE html>
215 <html>
216 <head>
217 <meta charset="UTF-8" />
218 <title>$msgHdr</title>
219 </head>
220 <body>
221 <h1>$msgHdr</h1>
222 <p>$detailMsg</p>
223 </body>
224 </html>
225 ENDS;
226 }
def download(url, dest)
Definition: Makefile.py:47
$wgArticlePath
Definition: img_auth.php:46
title
This list may contain false positives That usually means there is additional text with links below the first Each row contains links to the first and second as well as the first line of the second redirect text
you have access to all of the normal MediaWiki so you can get a DB use the cache
Definition: maintenance.txt:52
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35