r17718 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r17717‎ \| r17718 \| r17719 >
Date:	12:26, 16 November 2006
Author:	brion
Status:	old
Tags:
Comment:	add some debugging output to img_auth.php
Modified paths:	/trunk/phase3/img_auth.php (modified) (history)

Diff [purge]

Index: trunk/phase3/img_auth.php
—	—	@@ -12,31 +12,38 @@
13	13	require_once( './includes/StreamFile.php' );
14	14
15	15	if( !isset( $_SERVER['PATH_INFO'] ) ) {
	16	+ wfDebugLog( 'img_auth', "missing PATH_INFO" );
16	17	wfForbidden();
17	18	}
18	19
19	20	# Get filenames/directories
	21	+wfDebugLog( 'img_auth', "PATH_INFO is: " . $_SERVER['PATH_INFO'] );
20	22	$filename = realpath( $wgUploadDirectory . $_SERVER['PATH_INFO'] );
21	23	$realUploadDirectory = realpath( $wgUploadDirectory );
22	24	$imageName = $wgContLang->getNsText( NS_IMAGE ) . ":" . wfBaseName( $_SERVER['PATH_INFO'] );
23	25
24	26	# Check if the filename is in the correct directory
25	27	if ( substr( $filename, 0, strlen( $realUploadDirectory ) ) != $realUploadDirectory ) {
	28	+ wfDebugLog( 'img_auth', "requested path not in upload dir: $filename" );
26	29	wfForbidden();
27	30	}
28	31
29	32	if ( is_array( $wgWhitelistRead ) && !in_array( $imageName, $wgWhitelistRead ) && !$wgUser->getID() ) {
	33	+ wfDebugLog( 'img_auth', "not logged in and requested file not in whitelist: $imageName" );
30	34	wfForbidden();
31	35	}
32	36
33	37	if( !file_exists( $filename ) ) {
	38	+ wfDebugLog( 'img_auth', "requested file does not exist: $filename" );
34	39	wfForbidden();
35	40	}
36	41	if( is_dir( $filename ) ) {
	42	+ wfDebugLog( 'img_auth', "requested file is a directory: $filename" );
37	43	wfForbidden();
38	44	}
39	45
40	46	# Write file
	47	+wfDebugLog( 'img_auth', "streaming file: $filename" );
41	48	wfStreamFile( $filename );
42	49	wfLogProfilingData();
43	50