xref: /dokuwiki/lib/exe/fetch.php (revision 6dab2a4ded1a919ac8528bf6ed9e357ee7b03791) 
1<?php
2/**
3 * DokuWiki media passthrough file
4 *
5 * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
6 * @author     Andreas Gohr <andi@splitbrain.org>
7 */
8
9  if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../');
10  define('DOKU_DISABLE_GZIP_OUTPUT', 1);
11  require_once(DOKU_INC.'inc/init.php');
12  require_once(DOKU_INC.'inc/common.php');
13  require_once(DOKU_INC.'inc/media.php');
14  require_once(DOKU_INC.'inc/pageutils.php');
15  require_once(DOKU_INC.'inc/httputils.php');
16  require_once(DOKU_INC.'inc/confutils.php');
17  require_once(DOKU_INC.'inc/auth.php');
18
19  //close sesseion
20  session_write_close();
21
22  $mimetypes = getMimeTypes();
23
24  //get input
25  $MEDIA  = stripctl(getID('media',false)); // no cleaning except control chars - maybe external
26  $CACHE  = calc_cache($_REQUEST['cache']);
27  $WIDTH  = (int) $_REQUEST['w'];
28  $HEIGHT = (int) $_REQUEST['h'];
29  list($EXT,$MIME,$DL) = mimetype($MEDIA,false);
30  if($EXT === false){
31    $EXT  = 'unknown';
32    $MIME = 'application/octet-stream';
33    $DL   = true;
34  }
35
36  //media to local file
37  if(preg_match('#^(https?)://#i',$MEDIA)){
38    //check hash
39    if(substr(md5(auth_cookiesalt().$MEDIA),0,6) != $_REQUEST['hash']){
40      header("HTTP/1.0 412 Precondition Failed");
41      print 'Precondition Failed';
42      exit;
43    }
44    //handle external images
45    if(strncmp($MIME,'image/',6) == 0) $FILE = media_get_from_URL($MEDIA,$EXT,$CACHE);
46    if(!$FILE){
47      //download failed - redirect to original URL
48      header('Location: '.$MEDIA);
49      exit;
50    }
51  }else{
52    $MEDIA = cleanID($MEDIA);
53    if(empty($MEDIA)){
54      header("HTTP/1.0 400 Bad Request");
55      print 'Bad request';
56      exit;
57    }
58
59    //check permissions (namespace only)
60    if(auth_quickaclcheck(getNS($MEDIA).':X') < AUTH_READ){
61      header("HTTP/1.0 401 Unauthorized");
62      //fixme add some image for imagefiles
63      print 'Unauthorized';
64      exit;
65    }
66    $FILE  = mediaFN($MEDIA);
67  }
68
69  //check file existance
70  if(!@file_exists($FILE)){
71    header("HTTP/1.0 404 Not Found");
72    //FIXME add some default broken image
73    print 'Not Found';
74    exit;
75  }
76
77  $ORIG = $FILE;
78
79  //handle image resizing/cropping
80  if((substr($MIME,0,5) == 'image') && $WIDTH){
81    if($HEIGHT){
82        $FILE = media_crop_image($FILE,$EXT,$WIDTH,$HEIGHT);
83    }else{
84        $FILE = media_resize_image($FILE,$EXT,$WIDTH,$HEIGHT);
85    }
86  }
87
88  // finally send the file to the client
89  $data = array('file'     => $FILE,
90                'mime'     => $MIME,
91                'download' => $DL,
92                'cache'    => $CACHE,
93                'orig'     => $ORIG,
94                'ext'      => $EXT,
95                'width'    => $WIDTH,
96                'height'   => $HEIGHT);
97
98  $evt = new Doku_Event('MEDIA_SENDFILE', $data);
99  if ($evt->advise_before()) {
100    sendFile($data['file'],$data['mime'],$data['download'],$data['cache']);
101  }
102
103/* ------------------------------------------------------------------------ */
104
105/**
106 * Set headers and send the file to the client
107 *
108 * @author Andreas Gohr <andi@splitbrain.org>
109 * @author Ben Coburn <btcoburn@silicodon.net>
110 */
111function sendFile($file,$mime,$dl,$cache){
112  global $conf;
113  $fmtime = @filemtime($file);
114  // send headers
115  header("Content-Type: $mime");
116  // smart http caching headers
117  if ($cache==-1) {
118    // cache
119    // cachetime or one hour
120    header('Expires: '.gmdate("D, d M Y H:i:s", time()+max($conf['cachetime'], 3600)).' GMT');
121    header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($conf['cachetime'], 3600));
122    header('Pragma: public');
123  } else if ($cache>0) {
124    // recache
125    // remaining cachetime + 10 seconds so the newly recached media is used
126    header('Expires: '.gmdate("D, d M Y H:i:s", $fmtime+$conf['cachetime']+10).' GMT');
127    header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($fmtime-time()+$conf['cachetime']+10, 0));
128    header('Pragma: public');
129  } else if ($cache==0) {
130    // nocache
131    header('Cache-Control: must-revalidate, no-transform, post-check=0, pre-check=0');
132    header('Pragma: public');
133  }
134  //send important headers first, script stops here if '304 Not Modified' response
135  http_conditionalRequest($fmtime);
136
137
138  //download or display?
139  if($dl){
140    header('Content-Disposition: attachment; filename="'.basename($file).'";');
141  }else{
142    header('Content-Disposition: inline; filename="'.basename($file).'";');
143  }
144
145  //use x-sendfile header to pass the delivery to compatible webservers
146  if (http_sendfile($file)) exit;
147
148  // send file contents
149  $fp = @fopen($file,"rb");
150  if($fp){
151    http_rangeRequest($fp,filesize($file),$mime);
152  }else{
153    header("HTTP/1.0 500 Internal Server Error");
154    print "Could not read $file - bad permissions?";
155  }
156}
157
158/**
159 * Returns the wanted cachetime in seconds
160 *
161 * Resolves named constants
162 *
163 * @author  Andreas Gohr <andi@splitbrain.org>
164 */
165function calc_cache($cache){
166  global $conf;
167
168  if(strtolower($cache) == 'nocache') return 0; //never cache
169  if(strtolower($cache) == 'recache') return $conf['cachetime']; //use standard cache
170  return -1; //cache endless
171}
172
173//Setup VIM: ex: et ts=2 enc=utf-8 :
174