1<?php 2/** 3 * Utilities for handling HTTP related tasks 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9define('HTTP_MULTIPART_BOUNDARY', 'D0KuW1K1B0uNDARY'); 10define('HTTP_HEADER_LF', "\r\n"); 11define('HTTP_CHUNK_SIZE', 16 * 1024); 12 13/** 14 * Checks and sets HTTP headers for conditional HTTP requests 15 * 16 * @param int $timestamp lastmodified time of the cache file 17 * @returns void or exits with previously header() commands executed 18 * @link http://simonwillison.net/2003/Apr/23/conditionalGet/ 19 * 20 * @author Simon Willison <swillison@gmail.com> 21 */ 22function http_conditionalRequest($timestamp) 23{ 24 global $INPUT; 25 26 // A PHP implementation of conditional get, see 27 // http://fishbowl.pastiche.org/2002/10/21/http_conditional_get_for_rss_hackers/ 28 $last_modified = substr(gmdate('r', $timestamp), 0, -5) . 'GMT'; 29 $etag = '"' . md5($last_modified) . '"'; 30 // Send the headers 31 header("Last-Modified: $last_modified"); 32 header("ETag: $etag"); 33 // See if the client has provided the required headers 34 $if_modified_since = $INPUT->server->filter('stripslashes')->str('HTTP_IF_MODIFIED_SINCE', false); 35 $if_none_match = $INPUT->server->filter('stripslashes')->str('HTTP_IF_NONE_MATCH', false); 36 37 if (!$if_modified_since && !$if_none_match) { 38 return; 39 } 40 41 // At least one of the headers is there - check them 42 if ($if_none_match && $if_none_match != $etag) { 43 return; // etag is there but doesn't match 44 } 45 46 if ($if_modified_since && $if_modified_since != $last_modified) { 47 return; // if-modified-since is there but doesn't match 48 } 49 50 // Nothing has changed since their last request - serve a 304 and exit 51 header('HTTP/1.0 304 Not Modified'); 52 53 // don't produce output, even if compression is on 54 @ob_end_clean(); 55 exit; 56} 57 58/** 59 * Let the webserver send the given file via x-sendfile method 60 * 61 * @param string $file absolute path of file to send 62 * @returns void or exits with previous header() commands executed 63 * @author Chris Smith <chris@jalakai.co.uk> 64 * 65 */ 66function http_sendfile($file) 67{ 68 global $conf; 69 70 //use x-sendfile header to pass the delivery to compatible web servers 71 if ($conf['xsendfile'] == 1) { 72 header("X-LIGHTTPD-send-file: $file"); 73 ob_end_clean(); 74 exit; 75 } elseif ($conf['xsendfile'] == 2) { 76 header("X-Sendfile: $file"); 77 ob_end_clean(); 78 exit; 79 } elseif ($conf['xsendfile'] == 3) { 80 // FS#2388 nginx just needs the relative path. 81 $file = DOKU_REL . substr($file, strlen(fullpath(DOKU_INC)) + 1); 82 header("X-Accel-Redirect: $file"); 83 ob_end_clean(); 84 exit; 85 } 86} 87 88/** 89 * Send file contents supporting rangeRequests 90 * 91 * This function exits the running script 92 * 93 * @param resource $fh - file handle for an already open file 94 * @param int $size - size of the whole file 95 * @param int $mime - MIME type of the file 96 * 97 * @author Andreas Gohr <andi@splitbrain.org> 98 */ 99function http_rangeRequest($fh, $size, $mime) 100{ 101 global $INPUT; 102 103 $ranges = []; 104 $isrange = false; 105 106 header('Accept-Ranges: bytes'); 107 108 if (!$INPUT->server->has('HTTP_RANGE')) { 109 // no range requested - send the whole file 110 $ranges[] = [0, $size, $size]; 111 } else { 112 $t = explode('=', $INPUT->server->str('HTTP_RANGE')); 113 if (!$t[0] == 'bytes') { 114 // we only understand byte ranges - send the whole file 115 $ranges[] = [0, $size, $size]; 116 } else { 117 $isrange = true; 118 // handle multiple ranges 119 $r = explode(',', $t[1]); 120 foreach ($r as $x) { 121 $p = explode('-', $x); 122 $start = (int)$p[0]; 123 $end = (int)$p[1]; 124 if (!$end) $end = $size - 1; 125 if ($start > $end || $start > $size || $end > $size) { 126 header('HTTP/1.1 416 Requested Range Not Satisfiable'); 127 echo 'Bad Range Request!'; 128 exit; 129 } 130 $len = $end - $start + 1; 131 $ranges[] = [$start, $end, $len]; 132 } 133 } 134 } 135 $parts = count($ranges); 136 137 // now send the type and length headers 138 if (!$isrange) { 139 header("Content-Type: $mime", true); 140 } else { 141 header('HTTP/1.1 206 Partial Content'); 142 if ($parts == 1) { 143 header("Content-Type: $mime", true); 144 } else { 145 header('Content-Type: multipart/byteranges; boundary=' . HTTP_MULTIPART_BOUNDARY, true); 146 } 147 } 148 149 // send all ranges 150 for ($i = 0; $i < $parts; $i++) { 151 [$start, $end, $len] = $ranges[$i]; 152 153 // multipart or normal headers 154 if ($parts > 1) { 155 echo HTTP_HEADER_LF . '--' . HTTP_MULTIPART_BOUNDARY . HTTP_HEADER_LF; 156 echo "Content-Type: $mime" . HTTP_HEADER_LF; 157 echo "Content-Range: bytes $start-$end/$size" . HTTP_HEADER_LF; 158 echo HTTP_HEADER_LF; 159 } else { 160 header("Content-Length: $len"); 161 if ($isrange) { 162 header("Content-Range: bytes $start-$end/$size"); 163 } 164 } 165 166 // send file content 167 fseek($fh, $start); //seek to start of range 168 $chunk = ($len > HTTP_CHUNK_SIZE) ? HTTP_CHUNK_SIZE : $len; 169 while (!feof($fh) && $chunk > 0) { 170 @set_time_limit(30); // large files can take a lot of time 171 echo fread($fh, $chunk); 172 flush(); 173 $len -= $chunk; 174 $chunk = ($len > HTTP_CHUNK_SIZE) ? HTTP_CHUNK_SIZE : $len; 175 } 176 } 177 if ($parts > 1) { 178 echo HTTP_HEADER_LF . '--' . HTTP_MULTIPART_BOUNDARY . '--' . HTTP_HEADER_LF; 179 } 180 181 // everything should be done here, exit (or return if testing) 182 if (defined('SIMPLE_TEST')) return; 183 exit; 184} 185 186/** 187 * Check for a gzipped version and create if necessary 188 * 189 * return true if there exists a gzip version of the uncompressed file 190 * (samepath/samefilename.sameext.gz) created after the uncompressed file 191 * 192 * @param string $uncompressed_file 193 * @return bool 194 * @author Chris Smith <chris.eureka@jalakai.co.uk> 195 * 196 */ 197function http_gzip_valid($uncompressed_file) 198{ 199 if (!DOKU_HAS_GZIP) return false; 200 201 $gzip = $uncompressed_file . '.gz'; 202 if (filemtime($gzip) < filemtime($uncompressed_file)) { // filemtime returns false (0) if file doesn't exist 203 return copy($uncompressed_file, 'compress.zlib://' . $gzip); 204 } 205 206 return true; 207} 208 209/** 210 * Set HTTP headers and echo cachefile, if useable 211 * 212 * This function handles output of cacheable resource files. It ses the needed 213 * HTTP headers. If a useable cache is present, it is passed to the web server 214 * and the script is terminated. 215 * 216 * @param string $cache cache file name 217 * @param bool $cache_ok if cache can be used 218 */ 219function http_cached($cache, $cache_ok) 220{ 221 global $conf; 222 223 // check cache age & handle conditional request 224 // since the resource files are timestamped, we can use a long max age: 1 year 225 header('Cache-Control: public, max-age=31536000'); 226 header('Pragma: public'); 227 if ($cache_ok) { 228 http_conditionalRequest(filemtime($cache)); 229 if ($conf['allowdebug']) header("X-CacheUsed: $cache"); 230 231 // finally send output 232 if ($conf['gzip_output'] && http_gzip_valid($cache)) { 233 header('Vary: Accept-Encoding'); 234 header('Content-Encoding: gzip'); 235 readfile($cache . ".gz"); 236 } else { 237 http_sendfile($cache); 238 readfile($cache); 239 } 240 exit; 241 } 242 243 http_conditionalRequest(time()); 244} 245 246/** 247 * Cache content and print it 248 * 249 * @param string $file file name 250 * @param string $content 251 */ 252function http_cached_finish($file, $content) 253{ 254 global $conf; 255 256 // save cache file 257 io_saveFile($file, $content); 258 if (DOKU_HAS_GZIP) io_saveFile("$file.gz", $content); 259 260 // finally send output 261 if ($conf['gzip_output'] && DOKU_HAS_GZIP) { 262 header('Vary: Accept-Encoding'); 263 header('Content-Encoding: gzip'); 264 echo gzencode($content, 9, FORCE_GZIP); 265 } else { 266 echo $content; 267 } 268} 269 270/** 271 * Fetches raw, unparsed POST data 272 * 273 * @return string 274 */ 275function http_get_raw_post_data() 276{ 277 static $postData = null; 278 if ($postData === null) { 279 $postData = file_get_contents('php://input'); 280 } 281 return $postData; 282} 283 284/** 285 * Set the HTTP response status and takes care of the used PHP SAPI 286 * 287 * Inspired by CodeIgniter's set_status_header function 288 * 289 * @param int $code 290 * @param string $text 291 */ 292function http_status($code = 200, $text = '') 293{ 294 global $INPUT; 295 296 static $stati = [ 297 200 => 'OK', 298 201 => 'Created', 299 202 => 'Accepted', 300 203 => 'Non-Authoritative Information', 301 204 => 'No Content', 302 205 => 'Reset Content', 303 206 => 'Partial Content', 304 300 => 'Multiple Choices', 305 301 => 'Moved Permanently', 306 302 => 'Found', 307 304 => 'Not Modified', 308 305 => 'Use Proxy', 309 307 => 'Temporary Redirect', 310 400 => 'Bad Request', 311 401 => 'Unauthorized', 312 403 => 'Forbidden', 313 404 => 'Not Found', 314 405 => 'Method Not Allowed', 315 406 => 'Not Acceptable', 316 407 => 'Proxy Authentication Required', 317 408 => 'Request Timeout', 318 409 => 'Conflict', 319 410 => 'Gone', 320 411 => 'Length Required', 321 412 => 'Precondition Failed', 322 413 => 'Request Entity Too Large', 323 414 => 'Request-URI Too Long', 324 415 => 'Unsupported Media Type', 325 416 => 'Requested Range Not Satisfiable', 326 417 => 'Expectation Failed', 327 500 => 'Internal Server Error', 328 501 => 'Not Implemented', 329 502 => 'Bad Gateway', 330 503 => 'Service Unavailable', 331 504 => 'Gateway Timeout', 332 505 => 'HTTP Version Not Supported' 333 ]; 334 335 if ($text == '' && isset($stati[$code])) { 336 $text = $stati[$code]; 337 } 338 339 $server_protocol = $INPUT->server->str('SERVER_PROTOCOL', false); 340 341 if (substr(PHP_SAPI, 0, 3) == 'cgi' || defined('SIMPLE_TEST')) { 342 header("Status: {$code} {$text}", true); 343 } elseif ($server_protocol == 'HTTP/1.1' || $server_protocol == 'HTTP/1.0') { 344 header($server_protocol . " {$code} {$text}", true, $code); 345 } else { 346 header("HTTP/1.1 {$code} {$text}", true, $code); 347 } 348} 349