1f62ea8a1Sandi<?php 2f62ea8a1Sandi/** 3f62ea8a1Sandi * DokuWiki media passthrough file 4f62ea8a1Sandi * 5f62ea8a1Sandi * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6f62ea8a1Sandi * @author Andreas Gohr <andi@splitbrain.org> 7f62ea8a1Sandi */ 8f62ea8a1Sandi 9d0a27cb0SAndreas Gohr if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); 103138b5c7SAndreas Gohr define('DOKU_DISABLE_GZIP_OUTPUT', 1); 11f62ea8a1Sandi require_once(DOKU_INC.'inc/init.php'); 126106ad89SChris Smith 13*24b3cb1aSAndreas Gohr //close session 148746e727Sandi session_write_close(); 158746e727Sandi 16f62ea8a1Sandi $mimetypes = getMimeTypes(); 17f62ea8a1Sandi 18f62ea8a1Sandi //get input 1902b0b681SAndreas Gohr $MEDIA = stripctl(getID('media',false)); // no cleaning except control chars - maybe external 20f62ea8a1Sandi $CACHE = calc_cache($_REQUEST['cache']); 218fcc3410SAndreas Gohr $WIDTH = (int) $_REQUEST['w']; 228fcc3410SAndreas Gohr $HEIGHT = (int) $_REQUEST['h']; 2327bf7924STom N Harris list($EXT,$MIME,$DL) = mimetype($MEDIA,false); 24f62ea8a1Sandi if($EXT === false){ 25f62ea8a1Sandi $EXT = 'unknown'; 26f62ea8a1Sandi $MIME = 'application/octet-stream'; 27ecebf3a8SAndreas Gohr $DL = true; 28f62ea8a1Sandi } 29f62ea8a1Sandi 30f62ea8a1Sandi //media to local file 31d1ed0b61SAndreas Gohr if(preg_match('#^(https?)://#i',$MEDIA)){ 3269d17d94SAndreas Gohr //check hash 3369d17d94SAndreas Gohr if(substr(md5(auth_cookiesalt().$MEDIA),0,6) != $_REQUEST['hash']){ 3469d17d94SAndreas Gohr header("HTTP/1.0 412 Precondition Failed"); 3569d17d94SAndreas Gohr print 'Precondition Failed'; 3669d17d94SAndreas Gohr exit; 3769d17d94SAndreas Gohr } 38d1ed0b61SAndreas Gohr //handle external images 3913c08e2fSMichael Klier if(strncmp($MIME,'image/',6) == 0) $FILE = media_get_from_URL($MEDIA,$EXT,$CACHE); 40f62ea8a1Sandi if(!$FILE){ 41f62ea8a1Sandi //download failed - redirect to original URL 42f62ea8a1Sandi header('Location: '.$MEDIA); 43f62ea8a1Sandi exit; 44f62ea8a1Sandi } 45f62ea8a1Sandi }else{ 46f62ea8a1Sandi $MEDIA = cleanID($MEDIA); 47f62ea8a1Sandi if(empty($MEDIA)){ 48f62ea8a1Sandi header("HTTP/1.0 400 Bad Request"); 49f62ea8a1Sandi print 'Bad request'; 50f62ea8a1Sandi exit; 51f62ea8a1Sandi } 52f62ea8a1Sandi 53f62ea8a1Sandi //check permissions (namespace only) 54f62ea8a1Sandi if(auth_quickaclcheck(getNS($MEDIA).':X') < AUTH_READ){ 55f62ea8a1Sandi header("HTTP/1.0 401 Unauthorized"); 56f62ea8a1Sandi //fixme add some image for imagefiles 57f62ea8a1Sandi print 'Unauthorized'; 58f62ea8a1Sandi exit; 59f62ea8a1Sandi } 60f62ea8a1Sandi $FILE = mediaFN($MEDIA); 61f62ea8a1Sandi } 62f62ea8a1Sandi 63f62ea8a1Sandi //check file existance 64f62ea8a1Sandi if(!@file_exists($FILE)){ 65f62ea8a1Sandi header("HTTP/1.0 404 Not Found"); 66f62ea8a1Sandi //FIXME add some default broken image 67f62ea8a1Sandi print 'Not Found'; 68f62ea8a1Sandi exit; 69f62ea8a1Sandi } 70f62ea8a1Sandi 71b80bedd6SAndreas Gohr $ORIG = $FILE; 72b80bedd6SAndreas Gohr 7320bc86cfSAndreas Gohr //handle image resizing/cropping 74f62ea8a1Sandi if((substr($MIME,0,5) == 'image') && $WIDTH){ 75d52a56e1SAndreas Gohr if($HEIGHT){ 7613c08e2fSMichael Klier $FILE = media_crop_image($FILE,$EXT,$WIDTH,$HEIGHT); 7720bc86cfSAndreas Gohr }else{ 7813c08e2fSMichael Klier $FILE = media_resize_image($FILE,$EXT,$WIDTH,$HEIGHT); 79f62ea8a1Sandi } 8020bc86cfSAndreas Gohr } 81f62ea8a1Sandi 82e935fb4aSAndreas Gohr // finally send the file to the client 83b80bedd6SAndreas Gohr $data = array('file' => $FILE, 84b80bedd6SAndreas Gohr 'mime' => $MIME, 85ecebf3a8SAndreas Gohr 'download' => $DL, 86b80bedd6SAndreas Gohr 'cache' => $CACHE, 87b80bedd6SAndreas Gohr 'orig' => $ORIG, 88b80bedd6SAndreas Gohr 'ext' => $EXT, 89b80bedd6SAndreas Gohr 'width' => $WIDTH, 90b80bedd6SAndreas Gohr 'height' => $HEIGHT); 91b80bedd6SAndreas Gohr 92b80bedd6SAndreas Gohr $evt = new Doku_Event('MEDIA_SENDFILE', $data); 93b80bedd6SAndreas Gohr if ($evt->advise_before()) { 94ecebf3a8SAndreas Gohr sendFile($data['file'],$data['mime'],$data['download'],$data['cache']); 95b80bedd6SAndreas Gohr } 96f62ea8a1Sandi 97e935fb4aSAndreas Gohr/* ------------------------------------------------------------------------ */ 98f62ea8a1Sandi 99e935fb4aSAndreas Gohr/** 100e935fb4aSAndreas Gohr * Set headers and send the file to the client 101e935fb4aSAndreas Gohr * 102e935fb4aSAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org> 10383730152SBen Coburn * @author Ben Coburn <btcoburn@silicodon.net> 104e935fb4aSAndreas Gohr */ 105ecebf3a8SAndreas Gohrfunction sendFile($file,$mime,$dl,$cache){ 10683730152SBen Coburn global $conf; 10709a5b61fSgweissbach $fmtime = @filemtime($file); 108e935fb4aSAndreas Gohr // send headers 109e935fb4aSAndreas Gohr header("Content-Type: $mime"); 11083730152SBen Coburn // smart http caching headers 11183730152SBen Coburn if ($cache==-1) { 11283730152SBen Coburn // cache 11383730152SBen Coburn // cachetime or one hour 11483730152SBen Coburn header('Expires: '.gmdate("D, d M Y H:i:s", time()+max($conf['cachetime'], 3600)).' GMT'); 11583730152SBen Coburn header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($conf['cachetime'], 3600)); 116e935fb4aSAndreas Gohr header('Pragma: public'); 11783730152SBen Coburn } else if ($cache>0) { 11883730152SBen Coburn // recache 11983730152SBen Coburn // remaining cachetime + 10 seconds so the newly recached media is used 12083730152SBen Coburn header('Expires: '.gmdate("D, d M Y H:i:s", $fmtime+$conf['cachetime']+10).' GMT'); 12183730152SBen Coburn header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($fmtime-time()+$conf['cachetime']+10, 0)); 12283730152SBen Coburn header('Pragma: public'); 12383730152SBen Coburn } else if ($cache==0) { 12483730152SBen Coburn // nocache 12583730152SBen Coburn header('Cache-Control: must-revalidate, no-transform, post-check=0, pre-check=0'); 12683730152SBen Coburn header('Pragma: public'); 12783730152SBen Coburn } 128ff4f5ee7SBen Coburn //send important headers first, script stops here if '304 Not Modified' response 12983730152SBen Coburn http_conditionalRequest($fmtime); 1309a87c72aSAndreas Gohr 131f62ea8a1Sandi 132ecebf3a8SAndreas Gohr //download or display? 133ecebf3a8SAndreas Gohr if($dl){ 134e935fb4aSAndreas Gohr header('Content-Disposition: attachment; filename="'.basename($file).'";'); 135ecebf3a8SAndreas Gohr }else{ 136ecebf3a8SAndreas Gohr header('Content-Disposition: inline; filename="'.basename($file).'";'); 137f62ea8a1Sandi } 138f62ea8a1Sandi 1399a87c72aSAndreas Gohr //use x-sendfile header to pass the delivery to compatible webservers 1406106ad89SChris Smith if (http_sendfile($file)) exit; 1419a87c72aSAndreas Gohr 142e935fb4aSAndreas Gohr // send file contents 143e935fb4aSAndreas Gohr $fp = @fopen($file,"rb"); 144f62ea8a1Sandi if($fp){ 145758447cfSAndreas Gohr http_rangeRequest($fp,filesize($file),$mime); 146f62ea8a1Sandi }else{ 147f62ea8a1Sandi header("HTTP/1.0 500 Internal Server Error"); 148e935fb4aSAndreas Gohr print "Could not read $file - bad permissions?"; 149e935fb4aSAndreas Gohr } 150f62ea8a1Sandi} 151f62ea8a1Sandi 152e935fb4aSAndreas Gohr/** 153f62ea8a1Sandi * Returns the wanted cachetime in seconds 154f62ea8a1Sandi * 155f62ea8a1Sandi * Resolves named constants 156f62ea8a1Sandi * 157f62ea8a1Sandi * @author Andreas Gohr <andi@splitbrain.org> 158f62ea8a1Sandi */ 159f62ea8a1Sandifunction calc_cache($cache){ 160f62ea8a1Sandi global $conf; 161f62ea8a1Sandi 162f62ea8a1Sandi if(strtolower($cache) == 'nocache') return 0; //never cache 163f62ea8a1Sandi if(strtolower($cache) == 'recache') return $conf['cachetime']; //use standard cache 164f62ea8a1Sandi return -1; //cache endless 165f62ea8a1Sandi} 166f62ea8a1Sandi 167f62ea8a1Sandi//Setup VIM: ex: et ts=2 enc=utf-8 : 168