r55803 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r55802‎ \| r55803 \| r55804 >
Date:	03:53, 4 September 2009
Author:	jdpond
Status:	deferred
Tags:
Comment:	Version 1.0 will run without patches on 1.16. Also includes simplified (and MUCH more efficient) img_auth.php for versions 1.13-1.15
Modified paths:	/trunk/extensions/NSFileRepo/NSFileRepo.php (modified) (history) /trunk/extensions/NSFileRepo/REL1_13_0/phase3/img_auth.php (modified) (history) /trunk/extensions/NSFileRepo/REL1_14_0/phase3/img_auth.i18n.php (deleted) (history) /trunk/extensions/NSFileRepo/REL1_14_0/phase3/img_auth.php (modified) (history) /trunk/extensions/NSFileRepo/REL1_15_0/phase3/img_auth.i18n.php (deleted) (history) /trunk/extensions/NSFileRepo/REL1_15_0/phase3/img_auth.php (modified) (history) /trunk/extensions/NSFileRepo/img_auth.i18n.php (added) (history)

Diff [purge]

Index: trunk/extensions/NSFileRepo/img_auth.i18n.php
—	—	@@ -0,0 +1,44 @@
	2	+<?php
	3	+/**
	4	+ * Internationalisation file for img_auth script
	5	+ * This information is only needed if running in version prior to 1.16, otherwise messages are already included in core messages
	6	+ *
	7	+ * @addtogroup Extensions
	8	+*/
	9	+
	10	+$messages = array();
	11	+
	12	+/** English
	13	+ * @author Jack D. Pond
	14	+ */
	15	+$messages['en'] = array(
	16	+#img_auth script messages
	17	+'img-auth-desc' => 'Image authorisation script',
	18	+'img-auth-accessdenied' => "Access Denied",
	19	+'img-auth-nopathinfo' => "Missing PATH_INFO. Your server is not set up to pass this information - may be CGI-based and can't support img_auth. See `Image Authorization` on MediaWiki.",
	20	+'img-auth-notindir' => "Requested path not in upload directory.",
	21	+'img-auth-badtitle' => "Unable to construct a valid Title from `$1`.",
	22	+'img-auth-nologinnWL' => "Not logged in and `$1` not in whitelist.",
	23	+'img-auth-nofile' => "`$1` does not exist.",
	24	+'img-auth-isdir' => "`$1` is a directory.",
	25	+'img-auth-streaming' => "Streaming `$1`.",
	26	+'img-auth-public' => "The function of img_auth.php is to output files from a private wiki. This wiki is configured as a public wiki. For optimal security, img_auth.php is disabled for this case.",
	27	+'img-auth-noread' => "User does not have access to read `$1`.",
	28	+);
	29	+
	30	+/** Message documentation (Message documentation)
	31	+ * @author Jack D. Pond
	32	+ */
	33	+$messages['qqq'] = array(
	34	+'img-auth-desc' => '[[Image Authorization]] script, see http://www.mediawiki.org/wiki/Manual:Image_Authorization',
	35	+'img-auth-accessdenied' => "[[Image Authorization]] Access Denied",
	36	+'img-auth-nopathinfo' => "[[Image Authorization]] Missing PATH_INFO - see english description",
	37	+'img-auth-notindir' => "[[Image Authorization]] when the specified path is not in upload directory.",
	38	+'img-auth-badtitle' => "[[Image Authorization]] bad title, parameter `$1` is the invalid title",
	39	+'img-auth-nologinnWL' => "[[Image Authorization]] logged in and file not whitelisted. Parameter `$1` is the file not in whitelist.",
	40	+'img-auth-nofile' => "[[Image Authorization]] non existent file, parameter `$1` is the file that does not exist.",
	41	+'img-auth-isdir' => "[[Image Authorization]] trying to access a directory instead of a file, parameter`$1` is the directory.",
	42	+'img-auth-streaming' => "[[Image Authorization]] is now streaming file specified by parameter `$1`.",
	43	+'img-auth-public' => "[[Image Authorization]] an error message when the admin has configured the wiki to be a public wiki, but is using img_auth script - normally this is a configuration error, except when special restriction extensions are used",
	44	+'img-auth-noread' => "[[Image Authorization]] User does not have access to read file, parameter `$1` is the file",
	45	+);
\ No newline at end of file
Property changes on: trunk/extensions/NSFileRepo/img_auth.i18n.php
___________________________________________________________________
Name: svn:eol-style
1	46	+ native
Index: trunk/extensions/NSFileRepo/REL1_13_0/phase3/img_auth.php
—	—	@@ -8,40 +8,37 @@
9	9	* - Set $wgUploadDirectory to a non-public directory (not web accessible)
10	10	* - Set $wgUploadPath to point to this file
11	11	*
	12	+ * Optional Parameters
	13	+ *
	14	+ * - Set $wgImgAuthDetails = true if you want the reason the access was denied messages to be displayed
	15	+ * instead of just the 403 error (doesn't work on IE anyway), otherwise will only appear in error logs
	16	+ * - Set $wgImgAuthPublicTest false if you don't want to just check and see if all are public
	17	+ * must be set to false if using specific restrictions such as LockDown or NSFileRepo
	18	+ *
	19	+ * For security reasons, you usually don't want your user to know why access was denied, just that it was.
	20	+ * If you want to change this, you can set $wgImgAuthDetails to 'true' in localsettings.php and it will give the user the reason
	21	+ * why access was denied.
	22	+ *
12	23	* Your server needs to support PATH_INFO; CGI-based configurations usually don't.
13	24	*
14	25	* @file
15		~~- */~~
	26	+ *
	27	+ **/
16	28
17		-
18		-/**
19		~~- For security reasons, you usually don't want your user to know access was denied, just that it was.~~
20		~~- If you want to change this, you can set $wgImgAuthDetails to 'true' in localsettings.php and it will give the user the reason~~
21		~~- why access was denied.~~
22		~~-**/~~
23		-
24		~~-global $wgImgAuthDetails;~~
25		~~-$wgImgAuthDetails = false;~~
26		-
27	29	define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
28	30	require_once( dirname( __FILE__ ) . '/includes/WebStart.php' );
29	31	wfProfileIn( 'img_auth.php' );
30	32	require_once( dirname( __FILE__ ) . '/includes/StreamFile.php' );
31	33
32		~~-global $wgMessageCache, $messages;~~
33		~~-require_once( dirname( __FILE__ ) . '/img_auth.i18n.php' );~~
34		~~-foreach( $messages as $lang => $LangMsg )~~
35		~~- $wgMessageCache->addMessages( $LangMsg, $lang );~~
36		-
37	34	$perms = User::getGroupPermissions( array( '*' ) );
38	35
39	36	// See if this is a public Wiki (no protections)
40		~~-if ( in_array( 'read', $perms, true ) )~~
41		~~- wfPublicError(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-public'));~~
	37	+if ( $wgImgAuthPublicTest && in_array( 'read', $perms, true ) )
	38	+ wfForbidden('img-auth-accessdenied','img-auth-public');
42	39
43	40	// Extract path and image information
44	41	if( !isset( $_SERVER['PATH_INFO'] ) )
45		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-nopathinfo'));~~
	42	+ wfForbidden('img-auth-accessdenied','img-auth-nopathinfo');
46	43
47	44	$path = $_SERVER['PATH_INFO'];
48	45	$filename = realpath( $wgUploadDirectory . $_SERVER['PATH_INFO'] );
—	—	@@ -49,7 +46,7 @@
50	47
51	48	// Basic directory traversal check
52	49	if( substr( $filename, 0, strlen( $realUpload ) ) != $realUpload )
53		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-notindir'));~~
	50	+ wfForbidden('img-auth-accessdenied','img-auth-notindir');
54	51
55	52	// Extract the file name and chop off the size specifier
56	53	// (e.g. 120px-Foo.png => Foo.png)
—	—	@@ -59,54 +56,56 @@
60	57
61	58	// Check to see if the file exists
62	59	if( !file_exists( $filename ) )
63		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-nofile',$filename));~~
	60	+ wfForbidden('img-auth-accessdenied','img-auth-nofile',htmlspecialchars($filename));
64	61
65	62	// Check to see if tried to access a directory
66	63	if( is_dir( $filename ) )
67		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-isdir',$filename));~~
	64	+ wfForbidden('img-auth-accessdenied','img-auth-isdir',htmlspecialchars($filename));
68	65
69	66
70	67	$title = Title::makeTitleSafe( NS_FILE, $name );
71	68
72	69	// See if could create the title object
73	70	if( !$title instanceof Title )
74		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-badtitle',$name));~~
	71	+ wfForbidden('img-auth-accessdenied','img-auth-badtitle',htmlspecialchars($name));
75	72
76	73	// Run hook
77	74	if (!wfRunHooks( 'ImgAuthBeforeStream', array( &$title, &$path, &$name, &$result ) ) )
78		~~- wfForbidden($result[0],$result[1]);~~
	75	+ call_user_func_array('wfForbidden',merge_array(array($result[0],$result[1]),array_slice($result,2)));
79	76
80		~~-// Check the whitelist if needed, deprecated since usercan added~~
81		~~-// $pTitle = $title->getPrefixedText();~~
82		~~-// if( !$wgUser->getId() && ( !is_array( $wgWhitelistRead ) \|\| !in_array( $pTitle, $wgWhitelistRead ) ) )~~
83		~~-// wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-nologinnWL',$pTitle));~~
84		-
85		-
86	77	// Check user authorization for this title
	78	+// UserCanRead Checks Whitelist too
87	79	if( !$title->userCanRead() )
88		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-noread',$name));~~
	80	+ wfForbidden('img-auth-accessdenied','img-auth-noread',htmlspecialchars($name));
89	81
90	82
91	83	// Stream the requested file
92		~~-wfDebugLog( 'img_auth', "Streaming `{$filename}`" );~~
	84	+wfDebugLog( 'img_auth', "Streaming `".htmlspecialchars($filename)."`." );
93	85	wfStreamFile( $filename, array( 'Cache-Control: private', 'Vary: Cookie' ) );
94	86	wfLogProfilingData();
95	87
96	88	/**
97		~~- * Issue a standard HTTP 403 Forbidden header ($msg1) and an~~
98		~~- * error message ($msg2), then end the script~~
	89	+ * Issue a standard HTTP 403 Forbidden header ($msg1-a message index, not a message) and an
	90	+ * error message ($msg2, also a message index), (both required) then end the script
	91	+ * subsequent arguments to $msg2 will be passed as parameters only for replacing in $msg2
99	92	*/
100	93	function wfForbidden($msg1,$msg2) {
101		~~- global $wgImgAuthDetails;~~
102		~~- $detailMsg = $wgImgAuthDetails ? $msg2 : wfMsgHTML('badaccess-group0');~~
103		~~- wfDebugLog( 'img_auth', "wfForbidden Msg: ".$msg2 );~~
	94	+ global $wgImgAuthDetails,$wgExtensionMessagesFiles;
	95	+ require_once($wgExtensionMessagesFiles['img_auth']);
	96	+ $args = func_get_args();
	97	+ array_shift( $args );
	98	+ array_shift( $args );
	99	+ $MsgHdr = wfMsgHTML($msg1);
	100	+ $detailMsg = call_user_func_array('wfMsgHTML',array_merge(array($wgImgAuthDetails ? $msg2 : 'badaccess-group0'),$args));
	101	+ wfDebugLog('img_auth', "wfForbidden Hdr:".wfMsgExt( $msg1, array('language' => 'en'))." Msg: ".
	102	+ call_user_func_array('wfMsgExt',array_merge( array($msg2, array('language' => 'en')),$args)));
104	103	header( 'HTTP/1.0 403 Forbidden' );
105		~~- header( 'Vary: Cookie' );~~
	104	+ header( 'Cache-Control: no-cache' );
106	105	header( 'Content-Type: text/html; charset=utf-8' );
107	106	echo <<<ENDS
108	107	<html>
109	108	<body>
110		~~-<h1>$msg1</h1>~~
	109	+<h1>$MsgHdr</h1>
111	110	<p>$detailMsg</p>
112	111	</body>
113	112	</html>
—	—	@@ -114,23 +113,3 @@
115	114	wfLogProfilingData();
116	115	exit();
117	116	}
118		-
119		-/**
120		~~- * Show a 403 error for use when the wiki is public~~
121		~~- */~~
122		~~-function wfPublicError($msg1,$msg2) {~~
123		~~- header( 'HTTP/1.0 403 Forbidden' );~~
124		~~- header( 'Content-Type: text/html; charset=utf-8' );~~
125		~~- wfDebugLog( 'img_auth', "wfPublicError Msg: ".$msg2 );~~
126		~~- echo <<<ENDS~~
127		~~-<html>~~
128		~~-<body>~~
129		~~-<h1>$msg1</h1>~~
130		~~-<p>$msg2</p>~~
131		~~-</body>~~
132		~~-</html>~~
133		~~-ENDS;~~
134		~~- wfLogProfilingData();~~
135		~~- exit;~~
136		-}
137		-
Index: trunk/extensions/NSFileRepo/REL1_14_0/phase3/img_auth.i18n.php
—	—	@@ -1,32 +0,0 @@
2		~~-<?php~~
3		-/**
4		~~- * Internationalisation file for img_auth script (see see http://www.mediawiki.org/wiki/Manual:Image_Authorization).~~
5		~~-*/~~
6		-
7		~~-$messages = array();~~
8		-
9		~~-/** English~~
10		~~- * @author Jack D. Pond~~
11		~~- */~~
12		~~-$messages['en'] = array(~~
13		~~- 'image_auth-desc' => 'Image authorisation script',~~
14		~~- 'image_auth-nopathinfo' => "Missing PATH_INFO. Your server is not set up to pass this information -~~
15		~~-may be CGI-based and can't support img_auth. See `Image Authorization` on MediaWiki.",~~
16		~~- 'image_auth-notindir' => "Requested path not in upload directory.",~~
17		~~- 'image_auth-badtitle' => "Unable to construct a valid Title from `$1`.",~~
18		~~- 'image_auth-nologinnWL' => "Not logged in and `$1` not in whitelist.",~~
19		~~- 'image_auth-nofile' => "`$1` does not exist.",~~
20		~~- 'image_auth-isdir' => "`$1` is a directory.",~~
21		~~- 'image_auth-streaming' => "Streaming `$1`.",~~
22		~~- 'image_auth-public' => "The function of img_auth.php is to output files from a private wiki. This wiki~~
23		~~-is configured as a public wiki. For optimal security, img_auth.php is disabled for this case.",~~
24		~~- 'image_auth-noread' => "User does not have access to read `$1`."~~
25		~~-);~~
26		-
27		~~-/** Message documentation (Message documentation)~~
28		~~- * @author Jack D. Pond~~
29		~~- */~~
30		~~-$messages['qqq'] = array(~~
31		~~- 'image_auth-desc' => 'Image authorisation script'~~
32		~~-);~~
33		-
Index: trunk/extensions/NSFileRepo/REL1_14_0/phase3/img_auth.php
—	—	@@ -8,40 +8,37 @@
9	9	* - Set $wgUploadDirectory to a non-public directory (not web accessible)
10	10	* - Set $wgUploadPath to point to this file
11	11	*
	12	+ * Optional Parameters
	13	+ *
	14	+ * - Set $wgImgAuthDetails = true if you want the reason the access was denied messages to be displayed
	15	+ * instead of just the 403 error (doesn't work on IE anyway), otherwise will only appear in error logs
	16	+ * - Set $wgImgAuthPublicTest false if you don't want to just check and see if all are public
	17	+ * must be set to false if using specific restrictions such as LockDown or NSFileRepo
	18	+ *
	19	+ * For security reasons, you usually don't want your user to know why access was denied, just that it was.
	20	+ * If you want to change this, you can set $wgImgAuthDetails to 'true' in localsettings.php and it will give the user the reason
	21	+ * why access was denied.
	22	+ *
12	23	* Your server needs to support PATH_INFO; CGI-based configurations usually don't.
13	24	*
14	25	* @file
15		~~- */~~
	26	+ *
	27	+ **/
16	28
17		-
18		-/**
19		~~- For security reasons, you usually don't want your user to know access was denied, just that it was.~~
20		~~- If you want to change this, you can set $wgImgAuthDetails to 'true' in localsettings.php and it will give the user the reason~~
21		~~- why access was denied.~~
22		~~-**/~~
23		-
24		~~-global $wgImgAuthDetails;~~
25		~~-$wgImgAuthDetails = false;~~
26		-
27	29	define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
28	30	require_once( dirname( __FILE__ ) . '/includes/WebStart.php' );
29	31	wfProfileIn( 'img_auth.php' );
30	32	require_once( dirname( __FILE__ ) . '/includes/StreamFile.php' );
31	33
32		~~-global $wgMessageCache, $messages;~~
33		~~-require_once( dirname( __FILE__ ) . '/img_auth.i18n.php' );~~
34		~~-foreach( $messages as $lang => $LangMsg )~~
35		~~- $wgMessageCache->addMessages( $LangMsg, $lang );~~
36		-
37	34	$perms = User::getGroupPermissions( array( '*' ) );
38	35
39	36	// See if this is a public Wiki (no protections)
40		~~-if ( in_array( 'read', $perms, true ) )~~
41		~~- wfPublicError(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-public'));~~
	37	+if ( $wgImgAuthPublicTest && in_array( 'read', $perms, true ) )
	38	+ wfForbidden('img-auth-accessdenied','img-auth-public');
42	39
43	40	// Extract path and image information
44	41	if( !isset( $_SERVER['PATH_INFO'] ) )
45		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-nopathinfo'));~~
	42	+ wfForbidden('img-auth-accessdenied','img-auth-nopathinfo');
46	43
47	44	$path = $_SERVER['PATH_INFO'];
48	45	$filename = realpath( $wgUploadDirectory . $_SERVER['PATH_INFO'] );
—	—	@@ -49,7 +46,7 @@
50	47
51	48	// Basic directory traversal check
52	49	if( substr( $filename, 0, strlen( $realUpload ) ) != $realUpload )
53		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-notindir'));~~
	50	+ wfForbidden('img-auth-accessdenied','img-auth-notindir');
54	51
55	52	// Extract the file name and chop off the size specifier
56	53	// (e.g. 120px-Foo.png => Foo.png)
—	—	@@ -59,54 +56,56 @@
60	57
61	58	// Check to see if the file exists
62	59	if( !file_exists( $filename ) )
63		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-nofile',$filename));~~
	60	+ wfForbidden('img-auth-accessdenied','img-auth-nofile',htmlspecialchars($filename));
64	61
65	62	// Check to see if tried to access a directory
66	63	if( is_dir( $filename ) )
67		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-isdir',$filename));~~
	64	+ wfForbidden('img-auth-accessdenied','img-auth-isdir',htmlspecialchars($filename));
68	65
69	66
70	67	$title = Title::makeTitleSafe( NS_FILE, $name );
71	68
72	69	// See if could create the title object
73	70	if( !$title instanceof Title )
74		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-badtitle',$name));~~
	71	+ wfForbidden('img-auth-accessdenied','img-auth-badtitle',htmlspecialchars($name));
75	72
76	73	// Run hook
77	74	if (!wfRunHooks( 'ImgAuthBeforeStream', array( &$title, &$path, &$name, &$result ) ) )
78		~~- wfForbidden($result[0],$result[1]);~~
	75	+ call_user_func_array('wfForbidden',merge_array(array($result[0],$result[1]),array_slice($result,2)));
79	76
80		~~-// Check the whitelist if needed, deprecated since usercan added~~
81		~~-// $pTitle = $title->getPrefixedText();~~
82		~~-// if( !$wgUser->getId() && ( !is_array( $wgWhitelistRead ) \|\| !in_array( $pTitle, $wgWhitelistRead ) ) )~~
83		~~-// wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-nologinnWL',$pTitle));~~
84		-
85		-
86	77	// Check user authorization for this title
	78	+// UserCanRead Checks Whitelist too
87	79	if( !$title->userCanRead() )
88		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-noread',$name));~~
	80	+ wfForbidden('img-auth-accessdenied','img-auth-noread',htmlspecialchars($name));
89	81
90	82
91	83	// Stream the requested file
92		~~-wfDebugLog( 'img_auth', "Streaming `{$filename}`" );~~
	84	+wfDebugLog( 'img_auth', "Streaming `".htmlspecialchars($filename)."`." );
93	85	wfStreamFile( $filename, array( 'Cache-Control: private', 'Vary: Cookie' ) );
94	86	wfLogProfilingData();
95	87
96	88	/**
97		~~- * Issue a standard HTTP 403 Forbidden header ($msg1) and an~~
98		~~- * error message ($msg2), then end the script~~
	89	+ * Issue a standard HTTP 403 Forbidden header ($msg1-a message index, not a message) and an
	90	+ * error message ($msg2, also a message index), (both required) then end the script
	91	+ * subsequent arguments to $msg2 will be passed as parameters only for replacing in $msg2
99	92	*/
100	93	function wfForbidden($msg1,$msg2) {
101		~~- global $wgImgAuthDetails;~~
102		~~- $detailMsg = $wgImgAuthDetails ? $msg2 : wfMsgHTML('badaccess-group0');~~
103		~~- wfDebugLog( 'img_auth', "wfForbidden Msg: ".$msg2 );~~
	94	+ global $wgImgAuthDetails,$wgExtensionMessagesFiles;
	95	+ require_once($wgExtensionMessagesFiles['img_auth']);
	96	+ $args = func_get_args();
	97	+ array_shift( $args );
	98	+ array_shift( $args );
	99	+ $MsgHdr = wfMsgHTML($msg1);
	100	+ $detailMsg = call_user_func_array('wfMsgHTML',array_merge(array($wgImgAuthDetails ? $msg2 : 'badaccess-group0'),$args));
	101	+ wfDebugLog('img_auth', "wfForbidden Hdr:".wfMsgExt( $msg1, array('language' => 'en'))." Msg: ".
	102	+ call_user_func_array('wfMsgExt',array_merge( array($msg2, array('language' => 'en')),$args)));
104	103	header( 'HTTP/1.0 403 Forbidden' );
105		~~- header( 'Vary: Cookie' );~~
	104	+ header( 'Cache-Control: no-cache' );
106	105	header( 'Content-Type: text/html; charset=utf-8' );
107	106	echo <<<ENDS
108	107	<html>
109	108	<body>
110		~~-<h1>$msg1</h1>~~
	109	+<h1>$MsgHdr</h1>
111	110	<p>$detailMsg</p>
112	111	</body>
113	112	</html>
—	—	@@ -114,23 +113,3 @@
115	114	wfLogProfilingData();
116	115	exit();
117	116	}
118		-
119		-/**
120		~~- * Show a 403 error for use when the wiki is public~~
121		~~- */~~
122		~~-function wfPublicError($msg1,$msg2) {~~
123		~~- header( 'HTTP/1.0 403 Forbidden' );~~
124		~~- header( 'Content-Type: text/html; charset=utf-8' );~~
125		~~- wfDebugLog( 'img_auth', "wfPublicError Msg: ".$msg2 );~~
126		~~- echo <<<ENDS~~
127		~~-<html>~~
128		~~-<body>~~
129		~~-<h1>$msg1</h1>~~
130		~~-<p>$msg2</p>~~
131		~~-</body>~~
132		~~-</html>~~
133		~~-ENDS;~~
134		~~- wfLogProfilingData();~~
135		~~- exit;~~
136		-}
137		-
Index: trunk/extensions/NSFileRepo/REL1_15_0/phase3/img_auth.i18n.php
—	—	@@ -1,32 +0,0 @@
2		~~-<?php~~
3		-/**
4		~~- * Internationalisation file for img_auth script (see see http://www.mediawiki.org/wiki/Manual:Image_Authorization).~~
5		~~-*/~~
6		-
7		~~-$messages = array();~~
8		-
9		~~-/** English~~
10		~~- * @author Jack D. Pond~~
11		~~- */~~
12		~~-$messages['en'] = array(~~
13		~~- 'image_auth-desc' => 'Image authorisation script',~~
14		~~- 'image_auth-nopathinfo' => "Missing PATH_INFO. Your server is not set up to pass this information -~~
15		~~-may be CGI-based and can't support img_auth. See `Image Authorization` on MediaWiki.",~~
16		~~- 'image_auth-notindir' => "Requested path not in upload directory.",~~
17		~~- 'image_auth-badtitle' => "Unable to construct a valid Title from `$1`.",~~
18		~~- 'image_auth-nologinnWL' => "Not logged in and `$1` not in whitelist.",~~
19		~~- 'image_auth-nofile' => "`$1` does not exist.",~~
20		~~- 'image_auth-isdir' => "`$1` is a directory.",~~
21		~~- 'image_auth-streaming' => "Streaming `$1`.",~~
22		~~- 'image_auth-public' => "The function of img_auth.php is to output files from a private wiki. This wiki~~
23		~~-is configured as a public wiki. For optimal security, img_auth.php is disabled for this case.",~~
24		~~- 'image_auth-noread' => "User does not have access to read `$1`."~~
25		~~-);~~
26		-
27		~~-/** Message documentation (Message documentation)~~
28		~~- * @author Jack D. Pond~~
29		~~- */~~
30		~~-$messages['qqq'] = array(~~
31		~~- 'image_auth-desc' => 'Image authorisation script'~~
32		~~-);~~
33		-
Index: trunk/extensions/NSFileRepo/REL1_15_0/phase3/img_auth.php
—	—	@@ -8,40 +8,37 @@
9	9	* - Set $wgUploadDirectory to a non-public directory (not web accessible)
10	10	* - Set $wgUploadPath to point to this file
11	11	*
	12	+ * Optional Parameters
	13	+ *
	14	+ * - Set $wgImgAuthDetails = true if you want the reason the access was denied messages to be displayed
	15	+ * instead of just the 403 error (doesn't work on IE anyway), otherwise will only appear in error logs
	16	+ * - Set $wgImgAuthPublicTest false if you don't want to just check and see if all are public
	17	+ * must be set to false if using specific restrictions such as LockDown or NSFileRepo
	18	+ *
	19	+ * For security reasons, you usually don't want your user to know why access was denied, just that it was.
	20	+ * If you want to change this, you can set $wgImgAuthDetails to 'true' in localsettings.php and it will give the user the reason
	21	+ * why access was denied.
	22	+ *
12	23	* Your server needs to support PATH_INFO; CGI-based configurations usually don't.
13	24	*
14	25	* @file
15		~~- */~~
	26	+ *
	27	+ **/
16	28
17		-
18		-/**
19		~~- For security reasons, you usually don't want your user to know access was denied, just that it was.~~
20		~~- If you want to change this, you can set $wgImgAuthDetails to 'true' in localsettings.php and it will give the user the reason~~
21		~~- why access was denied.~~
22		~~-**/~~
23		-
24		~~-global $wgImgAuthDetails;~~
25		~~-$wgImgAuthDetails = false;~~
26		-
27	29	define( 'MW_NO_OUTPUT_COMPRESSION', 1 );
28	30	require_once( dirname( __FILE__ ) . '/includes/WebStart.php' );
29	31	wfProfileIn( 'img_auth.php' );
30	32	require_once( dirname( __FILE__ ) . '/includes/StreamFile.php' );
31	33
32		~~-global $wgMessageCache, $messages;~~
33		~~-require_once( dirname( __FILE__ ) . '/img_auth.i18n.php' );~~
34		~~-foreach( $messages as $lang => $LangMsg )~~
35		~~- $wgMessageCache->addMessages( $LangMsg, $lang );~~
36		-
37	34	$perms = User::getGroupPermissions( array( '*' ) );
38	35
39	36	// See if this is a public Wiki (no protections)
40		~~-if ( in_array( 'read', $perms, true ) )~~
41		~~- wfPublicError(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-public'));~~
	37	+if ( $wgImgAuthPublicTest && in_array( 'read', $perms, true ) )
	38	+ wfForbidden('img-auth-accessdenied','img-auth-public');
42	39
43	40	// Extract path and image information
44	41	if( !isset( $_SERVER['PATH_INFO'] ) )
45		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-nopathinfo'));~~
	42	+ wfForbidden('img-auth-accessdenied','img-auth-nopathinfo');
46	43
47	44	$path = $_SERVER['PATH_INFO'];
48	45	$filename = realpath( $wgUploadDirectory . $_SERVER['PATH_INFO'] );
—	—	@@ -49,7 +46,7 @@
50	47
51	48	// Basic directory traversal check
52	49	if( substr( $filename, 0, strlen( $realUpload ) ) != $realUpload )
53		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-notindir'));~~
	50	+ wfForbidden('img-auth-accessdenied','img-auth-notindir');
54	51
55	52	// Extract the file name and chop off the size specifier
56	53	// (e.g. 120px-Foo.png => Foo.png)
—	—	@@ -59,54 +56,56 @@
60	57
61	58	// Check to see if the file exists
62	59	if( !file_exists( $filename ) )
63		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-nofile',$filename));~~
	60	+ wfForbidden('img-auth-accessdenied','img-auth-nofile',htmlspecialchars($filename));
64	61
65	62	// Check to see if tried to access a directory
66	63	if( is_dir( $filename ) )
67		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-isdir',$filename));~~
	64	+ wfForbidden('img-auth-accessdenied','img-auth-isdir',htmlspecialchars($filename));
68	65
69	66
70	67	$title = Title::makeTitleSafe( NS_FILE, $name );
71	68
72	69	// See if could create the title object
73	70	if( !$title instanceof Title )
74		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-badtitle',$name));~~
	71	+ wfForbidden('img-auth-accessdenied','img-auth-badtitle',htmlspecialchars($name));
75	72
76	73	// Run hook
77	74	if (!wfRunHooks( 'ImgAuthBeforeStream', array( &$title, &$path, &$name, &$result ) ) )
78		~~- wfForbidden($result[0],$result[1]);~~
	75	+ call_user_func_array('wfForbidden',merge_array(array($result[0],$result[1]),array_slice($result,2)));
79	76
80		~~-// Check the whitelist if needed, deprecated since usercan added~~
81		~~-// $pTitle = $title->getPrefixedText();~~
82		~~-// if( !$wgUser->getId() && ( !is_array( $wgWhitelistRead ) \|\| !in_array( $pTitle, $wgWhitelistRead ) ) )~~
83		~~-// wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-nologinnWL',$pTitle));~~
84		-
85		-
86	77	// Check user authorization for this title
	78	+// UserCanRead Checks Whitelist too
87	79	if( !$title->userCanRead() )
88		~~- wfForbidden(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-noread',$name));~~
	80	+ wfForbidden('img-auth-accessdenied','img-auth-noread',htmlspecialchars($name));
89	81
90	82
91	83	// Stream the requested file
92		~~-wfDebugLog( 'img_auth', "Streaming `{$filename}`" );~~
	84	+wfDebugLog( 'img_auth', "Streaming `".htmlspecialchars($filename)."`." );
93	85	wfStreamFile( $filename, array( 'Cache-Control: private', 'Vary: Cookie' ) );
94	86	wfLogProfilingData();
95	87
96	88	/**
97		~~- * Issue a standard HTTP 403 Forbidden header ($msg1) and an~~
98		~~- * error message ($msg2), then end the script~~
	89	+ * Issue a standard HTTP 403 Forbidden header ($msg1-a message index, not a message) and an
	90	+ * error message ($msg2, also a message index), (both required) then end the script
	91	+ * subsequent arguments to $msg2 will be passed as parameters only for replacing in $msg2
99	92	*/
100	93	function wfForbidden($msg1,$msg2) {
101		~~- global $wgImgAuthDetails;~~
102		~~- $detailMsg = $wgImgAuthDetails ? $msg2 : wfMsgHTML('badaccess-group0');~~
103		~~- wfDebugLog( 'img_auth', "wfForbidden Msg: ".$msg2 );~~
	94	+ global $wgImgAuthDetails,$wgExtensionMessagesFiles;
	95	+ require_once($wgExtensionMessagesFiles['img_auth']);
	96	+ $args = func_get_args();
	97	+ array_shift( $args );
	98	+ array_shift( $args );
	99	+ $MsgHdr = wfMsgHTML($msg1);
	100	+ $detailMsg = call_user_func_array('wfMsgHTML',array_merge(array($wgImgAuthDetails ? $msg2 : 'badaccess-group0'),$args));
	101	+ wfDebugLog('img_auth', "wfForbidden Hdr:".wfMsgExt( $msg1, array('language' => 'en'))." Msg: ".
	102	+ call_user_func_array('wfMsgExt',array_merge( array($msg2, array('language' => 'en')),$args)));
104	103	header( 'HTTP/1.0 403 Forbidden' );
105		~~- header( 'Vary: Cookie' );~~
	104	+ header( 'Cache-Control: no-cache' );
106	105	header( 'Content-Type: text/html; charset=utf-8' );
107	106	echo <<<ENDS
108	107	<html>
109	108	<body>
110		~~-<h1>$msg1</h1>~~
	109	+<h1>$MsgHdr</h1>
111	110	<p>$detailMsg</p>
112	111	</body>
113	112	</html>
—	—	@@ -114,23 +113,3 @@
115	114	wfLogProfilingData();
116	115	exit();
117	116	}
118		-
119		-/**
120		~~- * Show a 403 error for use when the wiki is public~~
121		~~- */~~
122		~~-function wfPublicError($msg1,$msg2) {~~
123		~~- header( 'HTTP/1.0 403 Forbidden' );~~
124		~~- header( 'Content-Type: text/html; charset=utf-8' );~~
125		~~- wfDebugLog( 'img_auth', "wfPublicError Msg: ".$msg2 );~~
126		~~- echo <<<ENDS~~
127		~~-<html>~~
128		~~-<body>~~
129		~~-<h1>$msg1</h1>~~
130		~~-<p>$msg2</p>~~
131		~~-</body>~~
132		~~-</html>~~
133		~~-ENDS;~~
134		~~- wfLogProfilingData();~~
135		~~- exit;~~
136		-}
137		-
Index: trunk/extensions/NSFileRepo/NSFileRepo.php
—	—	@@ -16,8 +16,13 @@
17	17
18	18	if (!defined('MEDIAWIKI')) die('Not an entry point.');
19	19
	20	+$wgImgAuthPublicTest = false; // Must be set to false if you want to use more restrictive than general ['*']['read']
	21	+$wgIllegalFileChars = isset($wgIllegalFileChars) ? $wgIllegalFileChars : ""; // For MW Versions <1.16
	22	+$wgIllegalFileChars = str_replace(":","",$wgIllegalFileChars); // Remove the default illegal char ':' - need it to determine NS
	23	+
20	24	# Internationalisation file
21		~~-$wgExtensionMessagesFiles['NSFileRepo'] = dirname(__FILE__) . '/NSFileRepo.i18n.php';~~
	25	+$wgExtensionMessagesFiles['NSFileRepo'] = dirname(__FILE__) .'/NSFileRepo.i18n.php';
	26	+$wgExtensionMessagesFiles['img_auth'] = dirname(__FILE__) .'/img_auth.i18n.php';
22	27
23	28
24	29	$wgExtensionFunctions[] = 'NSFileRepoSetup';
—	—	@@ -25,16 +30,15 @@
26	31	'path' => __FILE__,
27	32	'name' => 'NSFileRepo',
28	33	'author' => 'Jack D. Pond',
29		~~- 'version' => '0.0.1',~~
	34	+ 'version' => '1.1',
30	35	'url' => 'http://www.mediawiki.org/wiki/Extension:NSFileRepo',
31		~~- 'description' => 'Provide namespace based features to uploaded files',~~
	36	+ 'description' => 'Provide namespace-based access restriction features to uploaded files/images',
32	37	'descriptionmsg' => 'nsfilerepo-desc'
33	38	);
34	39
35	40
36	41	/**
37	42	* Set up hooks for NSFileRepo
38		- *
39	43	*/
40	44
41	45	$wgHooks['UploadForm:BeforeProcessing'][] = 'NSFileRepoNSCheck';
—	—	@@ -171,7 +175,9 @@
172	176	* Initial setup, add .i18n. messages from $IP/extensions/DiscussionThreading/DiscussionThreading.i18n.php
173	177	*/
174	178	function NSFileRepoSetup() {
175		~~- global $wgLocalFileRepo;~~
	179	+ global $wgLocalFileRepo,$wgVersion;
	180	+ $xversion = explode(".",$wgVersion);
	181	+ if ($xversion[0] <= "1" && $xversion[1] < "16") wfLoadExtensionMessages( 'img_auth' ); // loads img_auth messages for versions <1.16
176	182	wfLoadExtensionMessages( 'NSFileRepo' );
177	183	$wgLocalFileRepo['class'] = "NSLocalRepo";
178	184	RepoGroup::destroySingleton();
—	—	@@ -213,7 +219,7 @@
214	220	if (strlen($subdirs[1]) == 3 && is_numeric($subdirs[1]) && $subdirs[1] >= 100) {
215	221	$title = Title::makeTitleSafe( NS_FILE, $wgContLang->getNsText($subdirs[1]).":".$name );
216	222	if( !$title instanceof Title ) {
217		~~- $result = array(wfMsgHTML('image_auth-accessdenied'),wfMsgHTML('image_auth-badtitle',$name));~~
	223	+ $result = array('img-auth-accessdenied','img-auth-badtitle',$name);
218	224	return false;
219	225	}
220	226	}

Status & tagging log

00:36, 30 January 2010 😂 (talk | contribs) changed the status of r55803 [removed: new added: deferred]