1f62ea8a1Sandi<?php 2f62ea8a1Sandi/** 3f62ea8a1Sandi * DokuWiki media passthrough file 4f62ea8a1Sandi * 5f62ea8a1Sandi * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6f62ea8a1Sandi * @author Andreas Gohr <andi@splitbrain.org> 7f62ea8a1Sandi */ 8f62ea8a1Sandi 9d0a27cb0SAndreas Gohr if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); 103138b5c7SAndreas Gohr define('DOKU_DISABLE_GZIP_OUTPUT', 1); 11f62ea8a1Sandi require_once(DOKU_INC.'inc/init.php'); 12f62ea8a1Sandi require_once(DOKU_INC.'inc/common.php'); 1313c08e2fSMichael Klier require_once(DOKU_INC.'inc/media.php'); 14f62ea8a1Sandi require_once(DOKU_INC.'inc/pageutils.php'); 15758447cfSAndreas Gohr require_once(DOKU_INC.'inc/httputils.php'); 16f62ea8a1Sandi require_once(DOKU_INC.'inc/confutils.php'); 17f62ea8a1Sandi require_once(DOKU_INC.'inc/auth.php'); 186106ad89SChris Smith 198746e727Sandi //close sesseion 208746e727Sandi session_write_close(); 218746e727Sandi 22f62ea8a1Sandi $mimetypes = getMimeTypes(); 23f62ea8a1Sandi 24f62ea8a1Sandi //get input 2502b0b681SAndreas Gohr $MEDIA = stripctl(getID('media',false)); // no cleaning except control chars - maybe external 26f62ea8a1Sandi $CACHE = calc_cache($_REQUEST['cache']); 278fcc3410SAndreas Gohr $WIDTH = (int) $_REQUEST['w']; 288fcc3410SAndreas Gohr $HEIGHT = (int) $_REQUEST['h']; 2927bf7924STom N Harris list($EXT,$MIME,$DL) = mimetype($MEDIA,false); 30f62ea8a1Sandi if($EXT === false){ 31f62ea8a1Sandi $EXT = 'unknown'; 32f62ea8a1Sandi $MIME = 'application/octet-stream'; 33ecebf3a8SAndreas Gohr $DL = true; 34f62ea8a1Sandi } 35f62ea8a1Sandi 36f62ea8a1Sandi //media to local file 37d1ed0b61SAndreas Gohr if(preg_match('#^(https?)://#i',$MEDIA)){ 38*69d17d94SAndreas Gohr //check hash 39*69d17d94SAndreas Gohr if(substr(md5(auth_cookiesalt().$MEDIA),0,6) != $_REQUEST['hash']){ 40*69d17d94SAndreas Gohr header("HTTP/1.0 412 Precondition Failed"); 41*69d17d94SAndreas Gohr print 'Precondition Failed'; 42*69d17d94SAndreas Gohr exit; 43*69d17d94SAndreas Gohr } 44d1ed0b61SAndreas Gohr //handle external images 4513c08e2fSMichael Klier if(strncmp($MIME,'image/',6) == 0) $FILE = media_get_from_URL($MEDIA,$EXT,$CACHE); 46f62ea8a1Sandi if(!$FILE){ 47f62ea8a1Sandi //download failed - redirect to original URL 48f62ea8a1Sandi header('Location: '.$MEDIA); 49f62ea8a1Sandi exit; 50f62ea8a1Sandi } 51f62ea8a1Sandi }else{ 52f62ea8a1Sandi $MEDIA = cleanID($MEDIA); 53f62ea8a1Sandi if(empty($MEDIA)){ 54f62ea8a1Sandi header("HTTP/1.0 400 Bad Request"); 55f62ea8a1Sandi print 'Bad request'; 56f62ea8a1Sandi exit; 57f62ea8a1Sandi } 58f62ea8a1Sandi 59f62ea8a1Sandi //check permissions (namespace only) 60f62ea8a1Sandi if(auth_quickaclcheck(getNS($MEDIA).':X') < AUTH_READ){ 61f62ea8a1Sandi header("HTTP/1.0 401 Unauthorized"); 62f62ea8a1Sandi //fixme add some image for imagefiles 63f62ea8a1Sandi print 'Unauthorized'; 64f62ea8a1Sandi exit; 65f62ea8a1Sandi } 66f62ea8a1Sandi $FILE = mediaFN($MEDIA); 67f62ea8a1Sandi } 68f62ea8a1Sandi 69f62ea8a1Sandi //check file existance 70f62ea8a1Sandi if(!@file_exists($FILE)){ 71f62ea8a1Sandi header("HTTP/1.0 404 Not Found"); 72f62ea8a1Sandi //FIXME add some default broken image 73f62ea8a1Sandi print 'Not Found'; 74f62ea8a1Sandi exit; 75f62ea8a1Sandi } 76f62ea8a1Sandi 77b80bedd6SAndreas Gohr $ORIG = $FILE; 78b80bedd6SAndreas Gohr 7920bc86cfSAndreas Gohr //handle image resizing/cropping 80f62ea8a1Sandi if((substr($MIME,0,5) == 'image') && $WIDTH){ 81d52a56e1SAndreas Gohr if($HEIGHT){ 8213c08e2fSMichael Klier $FILE = media_crop_image($FILE,$EXT,$WIDTH,$HEIGHT); 8320bc86cfSAndreas Gohr }else{ 8413c08e2fSMichael Klier $FILE = media_resize_image($FILE,$EXT,$WIDTH,$HEIGHT); 85f62ea8a1Sandi } 8620bc86cfSAndreas Gohr } 87f62ea8a1Sandi 88e935fb4aSAndreas Gohr // finally send the file to the client 89b80bedd6SAndreas Gohr $data = array('file' => $FILE, 90b80bedd6SAndreas Gohr 'mime' => $MIME, 91ecebf3a8SAndreas Gohr 'download' => $DL, 92b80bedd6SAndreas Gohr 'cache' => $CACHE, 93b80bedd6SAndreas Gohr 'orig' => $ORIG, 94b80bedd6SAndreas Gohr 'ext' => $EXT, 95b80bedd6SAndreas Gohr 'width' => $WIDTH, 96b80bedd6SAndreas Gohr 'height' => $HEIGHT); 97b80bedd6SAndreas Gohr 98b80bedd6SAndreas Gohr $evt = new Doku_Event('MEDIA_SENDFILE', $data); 99b80bedd6SAndreas Gohr if ($evt->advise_before()) { 100ecebf3a8SAndreas Gohr sendFile($data['file'],$data['mime'],$data['download'],$data['cache']); 101b80bedd6SAndreas Gohr } 102f62ea8a1Sandi 103e935fb4aSAndreas Gohr/* ------------------------------------------------------------------------ */ 104f62ea8a1Sandi 105e935fb4aSAndreas Gohr/** 106e935fb4aSAndreas Gohr * Set headers and send the file to the client 107e935fb4aSAndreas Gohr * 108e935fb4aSAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org> 10983730152SBen Coburn * @author Ben Coburn <btcoburn@silicodon.net> 110e935fb4aSAndreas Gohr */ 111ecebf3a8SAndreas Gohrfunction sendFile($file,$mime,$dl,$cache){ 11283730152SBen Coburn global $conf; 11309a5b61fSgweissbach $fmtime = @filemtime($file); 114e935fb4aSAndreas Gohr // send headers 115e935fb4aSAndreas Gohr header("Content-Type: $mime"); 11683730152SBen Coburn // smart http caching headers 11783730152SBen Coburn if ($cache==-1) { 11883730152SBen Coburn // cache 11983730152SBen Coburn // cachetime or one hour 12083730152SBen Coburn header('Expires: '.gmdate("D, d M Y H:i:s", time()+max($conf['cachetime'], 3600)).' GMT'); 12183730152SBen Coburn header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($conf['cachetime'], 3600)); 122e935fb4aSAndreas Gohr header('Pragma: public'); 12383730152SBen Coburn } else if ($cache>0) { 12483730152SBen Coburn // recache 12583730152SBen Coburn // remaining cachetime + 10 seconds so the newly recached media is used 12683730152SBen Coburn header('Expires: '.gmdate("D, d M Y H:i:s", $fmtime+$conf['cachetime']+10).' GMT'); 12783730152SBen Coburn header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($fmtime-time()+$conf['cachetime']+10, 0)); 12883730152SBen Coburn header('Pragma: public'); 12983730152SBen Coburn } else if ($cache==0) { 13083730152SBen Coburn // nocache 13183730152SBen Coburn header('Cache-Control: must-revalidate, no-transform, post-check=0, pre-check=0'); 13283730152SBen Coburn header('Pragma: public'); 13383730152SBen Coburn } 134ff4f5ee7SBen Coburn //send important headers first, script stops here if '304 Not Modified' response 13583730152SBen Coburn http_conditionalRequest($fmtime); 1369a87c72aSAndreas Gohr 137f62ea8a1Sandi 138ecebf3a8SAndreas Gohr //download or display? 139ecebf3a8SAndreas Gohr if($dl){ 140e935fb4aSAndreas Gohr header('Content-Disposition: attachment; filename="'.basename($file).'";'); 141ecebf3a8SAndreas Gohr }else{ 142ecebf3a8SAndreas Gohr header('Content-Disposition: inline; filename="'.basename($file).'";'); 143f62ea8a1Sandi } 144f62ea8a1Sandi 1459a87c72aSAndreas Gohr //use x-sendfile header to pass the delivery to compatible webservers 1466106ad89SChris Smith if (http_sendfile($file)) exit; 1479a87c72aSAndreas Gohr 148e935fb4aSAndreas Gohr // send file contents 149e935fb4aSAndreas Gohr $fp = @fopen($file,"rb"); 150f62ea8a1Sandi if($fp){ 151758447cfSAndreas Gohr http_rangeRequest($fp,filesize($file),$mime); 152f62ea8a1Sandi }else{ 153f62ea8a1Sandi header("HTTP/1.0 500 Internal Server Error"); 154e935fb4aSAndreas Gohr print "Could not read $file - bad permissions?"; 155e935fb4aSAndreas Gohr } 156f62ea8a1Sandi} 157f62ea8a1Sandi 158e935fb4aSAndreas Gohr/** 159f62ea8a1Sandi * Returns the wanted cachetime in seconds 160f62ea8a1Sandi * 161f62ea8a1Sandi * Resolves named constants 162f62ea8a1Sandi * 163f62ea8a1Sandi * @author Andreas Gohr <andi@splitbrain.org> 164f62ea8a1Sandi */ 165f62ea8a1Sandifunction calc_cache($cache){ 166f62ea8a1Sandi global $conf; 167f62ea8a1Sandi 168f62ea8a1Sandi if(strtolower($cache) == 'nocache') return 0; //never cache 169f62ea8a1Sandi if(strtolower($cache) == 'recache') return $conf['cachetime']; //use standard cache 170f62ea8a1Sandi return -1; //cache endless 171f62ea8a1Sandi} 172f62ea8a1Sandi 173f62ea8a1Sandi//Setup VIM: ex: et ts=2 enc=utf-8 : 174f62ea8a1Sandi?> 175