1f62ea8a1Sandi<?php 2f62ea8a1Sandi/** 3f62ea8a1Sandi * DokuWiki media passthrough file 4f62ea8a1Sandi * 5f62ea8a1Sandi * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6f62ea8a1Sandi * @author Andreas Gohr <andi@splitbrain.org> 7f62ea8a1Sandi */ 8f62ea8a1Sandi 9d0a27cb0SAndreas Gohr if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); 103138b5c7SAndreas Gohr define('DOKU_DISABLE_GZIP_OUTPUT', 1); 11f62ea8a1Sandi require_once(DOKU_INC.'inc/init.php'); 126106ad89SChris Smith 1324b3cb1aSAndreas Gohr //close session 148746e727Sandi session_write_close(); 158746e727Sandi 16f62ea8a1Sandi $mimetypes = getMimeTypes(); 17f62ea8a1Sandi 18f62ea8a1Sandi //get input 1902b0b681SAndreas Gohr $MEDIA = stripctl(getID('media',false)); // no cleaning except control chars - maybe external 20bfd0f597STom N Harris $CACHE = calc_cache($INPUT->str('cache')); 21bfd0f597STom N Harris $WIDTH = $INPUT->int('w'); 22bfd0f597STom N Harris $HEIGHT = $INPUT->int('h'); 23bfd0f597STom N Harris $REV = &$INPUT->ref('rev'); 24fc4aefb9SKate Arzamastseva //sanitize revision 25fc4aefb9SKate Arzamastseva $REV = preg_replace('/[^0-9]/','',$REV); 26fc4aefb9SKate Arzamastseva 2727bf7924STom N Harris list($EXT,$MIME,$DL) = mimetype($MEDIA,false); 28f62ea8a1Sandi if($EXT === false){ 29f62ea8a1Sandi $EXT = 'unknown'; 30f62ea8a1Sandi $MIME = 'application/octet-stream'; 31ecebf3a8SAndreas Gohr $DL = true; 32f62ea8a1Sandi } 33f62ea8a1Sandi 3403293305SAndreas Gohr // check for permissions, preconditions and cache external files 35fc4aefb9SKate Arzamastseva list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE, $REV); 3603293305SAndreas Gohr 3703293305SAndreas Gohr // prepare data for plugin events 38cd98d9c3SGerry Weißbach $data = array('media' => $MEDIA, 39cd98d9c3SGerry Weißbach 'file' => $FILE, 40cd98d9c3SGerry Weißbach 'orig' => $FILE, 41cd98d9c3SGerry Weißbach 'mime' => $MIME, 42cd98d9c3SGerry Weißbach 'download' => $DL, 43cd98d9c3SGerry Weißbach 'cache' => $CACHE, 44cd98d9c3SGerry Weißbach 'ext' => $EXT, 45cd98d9c3SGerry Weißbach 'width' => $WIDTH, 46cd98d9c3SGerry Weißbach 'height' => $HEIGHT, 47cd98d9c3SGerry Weißbach 'status' => $STATUS, 48cd98d9c3SGerry Weißbach 'statusmessage' => $STATUSMESSAGE, 49cd98d9c3SGerry Weißbach ); 50f62ea8a1Sandi 5103293305SAndreas Gohr // handle the file status 5203293305SAndreas Gohr $evt = new Doku_Event('FETCH_MEDIA_STATUS', $data); 53cd98d9c3SGerry Weißbach if ( $evt->advise_before() ) { 5403293305SAndreas Gohr // redirects 5503293305SAndreas Gohr if($data['status'] > 300 && $data['status'] <= 304){ 5603293305SAndreas Gohr send_redirect($data['statusmessage']); 5703293305SAndreas Gohr } 5803293305SAndreas Gohr // send any non 200 status 5903293305SAndreas Gohr if($data['status'] != 200){ 60cd98d9c3SGerry Weißbach header('HTTP/1.0 ' . $data['status'] . ' ' . $data['statusmessage']); 6103293305SAndreas Gohr } 6203293305SAndreas Gohr // die on errors 6303293305SAndreas Gohr if($data['status'] > 203){ 64cd98d9c3SGerry Weißbach print $data['statusmessage']; 65f62ea8a1Sandi exit; 66f62ea8a1Sandi } 67f62ea8a1Sandi } 6803293305SAndreas Gohr $evt->advise_after(); 6903293305SAndreas Gohr unset($evt); 70f62ea8a1Sandi 7120bc86cfSAndreas Gohr //handle image resizing/cropping 72f62ea8a1Sandi if((substr($MIME,0,5) == 'image') && $WIDTH){ 73d52a56e1SAndreas Gohr if($HEIGHT){ 74cd98d9c3SGerry Weißbach $data['file'] = $FILE = media_crop_image($data['file'],$EXT,$WIDTH,$HEIGHT); 7520bc86cfSAndreas Gohr }else{ 76cd98d9c3SGerry Weißbach $data['file'] = $FILE = media_resize_image($data['file'],$EXT,$WIDTH,$HEIGHT); 77f62ea8a1Sandi } 7820bc86cfSAndreas Gohr } 79f62ea8a1Sandi 80e935fb4aSAndreas Gohr // finally send the file to the client 81b80bedd6SAndreas Gohr $evt = new Doku_Event('MEDIA_SENDFILE', $data); 82b80bedd6SAndreas Gohr if ($evt->advise_before()) { 83ecebf3a8SAndreas Gohr sendFile($data['file'],$data['mime'],$data['download'],$data['cache']); 84b80bedd6SAndreas Gohr } 85cd98d9c3SGerry Weißbach // Do something after the download finished. 86cd98d9c3SGerry Weißbach $evt->advise_after(); 87f62ea8a1Sandi 88e935fb4aSAndreas Gohr/* ------------------------------------------------------------------------ */ 89f62ea8a1Sandi 90e935fb4aSAndreas Gohr/** 91e935fb4aSAndreas Gohr * Set headers and send the file to the client 92e935fb4aSAndreas Gohr * 93e935fb4aSAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org> 9483730152SBen Coburn * @author Ben Coburn <btcoburn@silicodon.net> 95e935fb4aSAndreas Gohr */ 96ecebf3a8SAndreas Gohrfunction sendFile($file,$mime,$dl,$cache){ 9783730152SBen Coburn global $conf; 9809a5b61fSgweissbach $fmtime = @filemtime($file); 99e935fb4aSAndreas Gohr // send headers 100e935fb4aSAndreas Gohr header("Content-Type: $mime"); 10183730152SBen Coburn // smart http caching headers 10283730152SBen Coburn if ($cache==-1) { 10383730152SBen Coburn // cache 10483730152SBen Coburn // cachetime or one hour 10583730152SBen Coburn header('Expires: '.gmdate("D, d M Y H:i:s", time()+max($conf['cachetime'], 3600)).' GMT'); 10683730152SBen Coburn header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($conf['cachetime'], 3600)); 107e935fb4aSAndreas Gohr header('Pragma: public'); 10883730152SBen Coburn } else if ($cache>0) { 10983730152SBen Coburn // recache 11083730152SBen Coburn // remaining cachetime + 10 seconds so the newly recached media is used 11183730152SBen Coburn header('Expires: '.gmdate("D, d M Y H:i:s", $fmtime+$conf['cachetime']+10).' GMT'); 11283730152SBen Coburn header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($fmtime-time()+$conf['cachetime']+10, 0)); 11383730152SBen Coburn header('Pragma: public'); 11483730152SBen Coburn } else if ($cache==0) { 11583730152SBen Coburn // nocache 11683730152SBen Coburn header('Cache-Control: must-revalidate, no-transform, post-check=0, pre-check=0'); 11783730152SBen Coburn header('Pragma: public'); 11883730152SBen Coburn } 119ff4f5ee7SBen Coburn //send important headers first, script stops here if '304 Not Modified' response 12083730152SBen Coburn http_conditionalRequest($fmtime); 1219a87c72aSAndreas Gohr 122f62ea8a1Sandi 123ecebf3a8SAndreas Gohr //download or display? 124ecebf3a8SAndreas Gohr if($dl){ 1253009a773SAndreas Gohr header('Content-Disposition: attachment; filename="'.utf8_basename($file).'";'); 126ecebf3a8SAndreas Gohr }else{ 1273009a773SAndreas Gohr header('Content-Disposition: inline; filename="'.utf8_basename($file).'";'); 128f62ea8a1Sandi } 129f62ea8a1Sandi 1309a87c72aSAndreas Gohr //use x-sendfile header to pass the delivery to compatible webservers 1316106ad89SChris Smith if (http_sendfile($file)) exit; 1329a87c72aSAndreas Gohr 133e935fb4aSAndreas Gohr // send file contents 134e935fb4aSAndreas Gohr $fp = @fopen($file,"rb"); 135f62ea8a1Sandi if($fp){ 136758447cfSAndreas Gohr http_rangeRequest($fp,filesize($file),$mime); 137f62ea8a1Sandi }else{ 138f62ea8a1Sandi header("HTTP/1.0 500 Internal Server Error"); 139e935fb4aSAndreas Gohr print "Could not read $file - bad permissions?"; 140e935fb4aSAndreas Gohr } 141f62ea8a1Sandi} 142f62ea8a1Sandi 14303293305SAndreas Gohr/** 14403293305SAndreas Gohr * Check for media for preconditions and return correct status code 145cd98d9c3SGerry Weißbach * 146cd98d9c3SGerry Weißbach * READ: MEDIA, MIME, EXT, CACHE 147cd98d9c3SGerry Weißbach * WRITE: MEDIA, FILE, array( STATUS, STATUSMESSAGE ) 148cd98d9c3SGerry Weißbach * 149cd98d9c3SGerry Weißbach * @author Gerry Weissbach <gerry.w@gammaproduction.de> 150cd98d9c3SGerry Weißbach * @param $media reference to the media id 151cd98d9c3SGerry Weißbach * @param $file reference to the file variable 152cd98d9c3SGerry Weißbach * @returns array(STATUS, STATUSMESSAGE) 153cd98d9c3SGerry Weißbach */ 154fc4aefb9SKate Arzamastsevafunction checkFileStatus(&$media, &$file, $rev='') { 1555373d847SHakan Sandell global $MIME, $EXT, $CACHE, $INPUT; 156cd98d9c3SGerry Weißbach 157cd98d9c3SGerry Weißbach //media to local file 158cd98d9c3SGerry Weißbach if(preg_match('#^(https?)://#i',$media)){ 159cd98d9c3SGerry Weißbach //check hash 160*58789954SAndreas Gohr if(substr(md5(auth_cookiesalt().$media),0,6) !== $INPUT->str('hash')){ 161cd98d9c3SGerry Weißbach return array( 412, 'Precondition Failed'); 162cd98d9c3SGerry Weißbach } 163cd98d9c3SGerry Weißbach //handle external images 164cd98d9c3SGerry Weißbach if(strncmp($MIME,'image/',6) == 0) $file = media_get_from_URL($media,$EXT,$CACHE); 165cd98d9c3SGerry Weißbach if(!$file){ 166cd98d9c3SGerry Weißbach //download failed - redirect to original URL 16703293305SAndreas Gohr return array( 302, $media ); 168cd98d9c3SGerry Weißbach } 169cd98d9c3SGerry Weißbach }else{ 170cd98d9c3SGerry Weißbach $media = cleanID($media); 171cd98d9c3SGerry Weißbach if(empty($media)){ 172cd98d9c3SGerry Weißbach return array( 400, 'Bad request' ); 173cd98d9c3SGerry Weißbach } 174cd98d9c3SGerry Weißbach 175cd98d9c3SGerry Weißbach //check permissions (namespace only) 176cd98d9c3SGerry Weißbach if(auth_quickaclcheck(getNS($media).':X') < AUTH_READ){ 177c6f610efSAndreas Gohr return array( 403, 'Forbidden' ); 178cd98d9c3SGerry Weißbach } 179fc4aefb9SKate Arzamastseva $file = mediaFN($media, $rev); 180cd98d9c3SGerry Weißbach } 181cd98d9c3SGerry Weißbach 182cd98d9c3SGerry Weißbach //check file existance 183cd98d9c3SGerry Weißbach if(!@file_exists($file)){ 184cd98d9c3SGerry Weißbach return array( 404, 'Not Found' ); 185cd98d9c3SGerry Weißbach } 186cd98d9c3SGerry Weißbach 18703293305SAndreas Gohr return array(200, null); 188cd98d9c3SGerry Weißbach} 189cd98d9c3SGerry Weißbach 190e935fb4aSAndreas Gohr/** 191f62ea8a1Sandi * Returns the wanted cachetime in seconds 192f62ea8a1Sandi * 193f62ea8a1Sandi * Resolves named constants 194f62ea8a1Sandi * 195f62ea8a1Sandi * @author Andreas Gohr <andi@splitbrain.org> 196f62ea8a1Sandi */ 197f62ea8a1Sandifunction calc_cache($cache){ 198f62ea8a1Sandi global $conf; 199f62ea8a1Sandi 200f62ea8a1Sandi if(strtolower($cache) == 'nocache') return 0; //never cache 201f62ea8a1Sandi if(strtolower($cache) == 'recache') return $conf['cachetime']; //use standard cache 202f62ea8a1Sandi return -1; //cache endless 203f62ea8a1Sandi} 204f62ea8a1Sandi 205e3776c06SMichael Hamann//Setup VIM: ex: et ts=2 : 206