MediaWiki  master
img_auth.php
Go to the documentation of this file.
1 <?php
41 define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
42 require __DIR__ . '/includes/WebStart.php';
43 
44 # Set action base paths so that WebRequest::getPathInfo()
45 # recognizes the "X" as the 'title' in ../img_auth.php/X urls.
46 $wgArticlePath = false; # Don't let a "/*" article path clober our action path
47 $wgActionPaths = [ "$wgUploadPath/" ];
48 
49 wfImageAuthMain();
50 
51 $mediawiki = new MediaWiki();
52 $mediawiki->doPostOutputShutdown( 'fast' );
53 
54 function wfImageAuthMain() {
55  global $wgImgAuthUrlPathMap;
56 
57  $request = RequestContext::getMain()->getRequest();
58  $publicWiki = in_array( 'read', User::getGroupPermissions( [ '*' ] ), true );
59 
60  // Get the requested file path (source file or thumbnail)
61  $matches = WebRequest::getPathInfo();
62  if ( !isset( $matches['title'] ) ) {
63  wfForbidden( 'img-auth-accessdenied', 'img-auth-nopathinfo' );
64  return;
65  }
66  $path = $matches['title'];
67  if ( $path && $path[0] !== '/' ) {
68  // Make sure $path has a leading /
69  $path = "/" . $path;
70  }
71 
72  // Check for T30235: QUERY_STRING overriding the correct extension
73  $whitelist = [];
74  $extension = FileBackend::extensionFromPath( $path, 'rawcase' );
75  if ( $extension != '' ) {
76  $whitelist[] = $extension;
77  }
78  if ( !$request->checkUrlExtension( $whitelist ) ) {
79  return;
80  }
81 
82  // Various extensions may have their own backends that need access.
83  // Check if there is a special backend and storage base path for this file.
84  foreach ( $wgImgAuthUrlPathMap as $prefix => $storageDir ) {
85  $prefix = rtrim( $prefix, '/' ) . '/'; // implicit trailing slash
86  if ( strpos( $path, $prefix ) === 0 ) {
87  $be = FileBackendGroup::singleton()->backendFromPath( $storageDir );
88  $filename = $storageDir . substr( $path, strlen( $prefix ) ); // strip prefix
89  // Check basic user authorization
90  if ( !RequestContext::getMain()->getUser()->isAllowed( 'read' ) ) {
91  wfForbidden( 'img-auth-accessdenied', 'img-auth-noread', $path );
92  return;
93  }
94  if ( $be->fileExists( [ 'src' => $filename ] ) ) {
95  wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
96  $be->streamFile( [ 'src' => $filename ],
97  [ 'Cache-Control: private', 'Vary: Cookie' ] );
98  } else {
99  wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $path );
100  }
101  return;
102  }
103  }
104 
105  // Get the local file repository
106  $repo = RepoGroup::singleton()->getRepo( 'local' );
107  $zone = strstr( ltrim( $path, '/' ), '/', true );
108 
109  // Get the full file storage path and extract the source file name.
110  // (e.g. 120px-Foo.png => Foo.png or page2-120px-Foo.png => Foo.png).
111  // This only applies to thumbnails/transcoded, and each of them should
112  // be under a folder that has the source file name.
113  if ( $zone === 'thumb' || $zone === 'transcoded' ) {
114  $name = wfBaseName( dirname( $path ) );
115  $filename = $repo->getZonePath( $zone ) . substr( $path, strlen( "/" . $zone ) );
116  // Check to see if the file exists
117  if ( !$repo->fileExists( $filename ) ) {
118  wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $filename );
119  return;
120  }
121  } else {
122  $name = wfBaseName( $path ); // file is a source file
123  $filename = $repo->getZonePath( 'public' ) . $path;
124  // Check to see if the file exists and is not deleted
125  $bits = explode( '!', $name, 2 );
126  if ( substr( $path, 0, 9 ) === '/archive/' && count( $bits ) == 2 ) {
127  $file = $repo->newFromArchiveName( $bits[1], $name );
128  } else {
129  $file = $repo->newFile( $name );
130  }
131  if ( !$file->exists() || $file->isDeleted( File::DELETED_FILE ) ) {
132  wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $filename );
133  return;
134  }
135  }
136 
137  $headers = []; // extra HTTP headers to send
138 
139  if ( !$publicWiki ) {
140  // For private wikis, run extra auth checks and set cache control headers
141  $headers[] = 'Cache-Control: private';
142  $headers[] = 'Vary: Cookie';
143 
144  $title = Title::makeTitleSafe( NS_FILE, $name );
145  if ( !$title instanceof Title ) { // files have valid titles
146  wfForbidden( 'img-auth-accessdenied', 'img-auth-badtitle', $name );
147  return;
148  }
149 
150  // Run hook for extension authorization plugins
152  $result = null;
153  if ( !Hooks::run( 'ImgAuthBeforeStream', [ &$title, &$path, &$name, &$result ] ) ) {
154  wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
155  return;
156  }
157 
158  // Check user authorization for this title
159  // Checks Whitelist too
160  if ( !$title->userCan( 'read' ) ) {
161  wfForbidden( 'img-auth-accessdenied', 'img-auth-noread', $name );
162  return;
163  }
164  }
165 
166  $options = []; // HTTP header options
167  if ( isset( $_SERVER['HTTP_RANGE'] ) ) {
168  $options['range'] = $_SERVER['HTTP_RANGE'];
169  }
170  if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
171  $options['if-modified-since'] = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
172  }
173 
174  if ( $request->getCheck( 'download' ) ) {
175  $headers[] = 'Content-Disposition: attachment';
176  }
177 
178  // Stream the requested file
179  wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
180  $repo->streamFileWithStatus( $filename, $headers, $options );
181 }
182 
192 function wfForbidden( $msg1, $msg2, ...$args ) {
193  global $wgImgAuthDetails;
194 
195  $args = ( isset( $args[0] ) && is_array( $args[0] ) ) ? $args[0] : $args;
196 
197  $msgHdr = wfMessage( $msg1 )->escaped();
198  $detailMsgKey = $wgImgAuthDetails ? $msg2 : 'badaccess-group0';
199  $detailMsg = wfMessage( $detailMsgKey, $args )->escaped();
200 
201  wfDebugLog( 'img_auth',
202  "wfForbidden Hdr: " . wfMessage( $msg1 )->inLanguage( 'en' )->text() . " Msg: " .
203  wfMessage( $msg2, $args )->inLanguage( 'en' )->text()
204  );
205 
206  HttpStatus::header( 403 );
207  header( 'Cache-Control: no-cache' );
208  header( 'Content-Type: text/html; charset=utf-8' );
209  echo <<<ENDS
210 <!DOCTYPE html>
211 <html>
212 <head>
213 <meta charset="UTF-8" />
214 <title>$msgHdr</title>
215 </head>
216 <body>
217 <h1>$msgHdr</h1>
218 <p>$detailMsg</p>
219 </body>
220 </html>
221 ENDS;
222 }
Makefile.download
def download(url, dest)
Definition: Makefile.py:47
$wgArticlePath
$wgArticlePath
Definition: img_auth.php:46
title
title
Definition: parserTests.txt:245
text
This list may contain false positives That usually means there is additional text with links below the first Each row contains links to the first and second as well as the first line of the second redirect text
Definition: All_system_messages.txt:1267
cache
you have access to all of the normal MediaWiki so you can get a DB use the cache
Definition: maintenance.txt:52
php
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35