| Index: branches/uploadwizard/phase3/includes/upload/SessionStash.php |
| — | — | @@ -31,7 +31,7 @@ |
| 32 | 32 | * Designed to be compatible with the session stashing code in UploadBase (should replace eventually) |
| 33 | 33 | * @param {FileRepo} optional -- repo in which to store files. Will choose LocalRepo if not supplied. |
| 34 | 34 | */ |
| 35 | | - public function __construct( $repo=null ) { |
| | 35 | + public function __construct( $repo = null ) { |
| 36 | 36 | |
| 37 | 37 | if ( is_null( $repo ) ) { |
| 38 | 38 | $repo = RepoGroup::singleton()->getLocalRepo(); |
| — | — | @@ -81,7 +81,7 @@ |
| 82 | 82 | |
| 83 | 83 | // guards against PHP class changing while session data doesn't |
| 84 | 84 | if ($stashData['version'] !== UploadBase::SESSION_VERSION ) { |
| 85 | | - return self::$error['outdated session version']; |
| | 85 | + throw new MWException( 'outdated session version' ); |
| 86 | 86 | } |
| 87 | 87 | |
| 88 | 88 | // The path is flattened in with the other random props so we have to dig it out. |
| — | — | @@ -108,7 +108,7 @@ |
| 109 | 109 | * @param {Array} data - other data you want added to the session. Do not use 'mTempPath', 'mFileProps', 'mFileSize', or version as keys here |
| 110 | 110 | * @return {SessionStashFile} file |
| 111 | 111 | */ |
| 112 | | - public function stashFile( $key, $path, $data=array() ) { |
| | 112 | + public function stashFile( $key, $path, $data = array() ) { |
| 113 | 113 | if ( !$key ) { |
| 114 | 114 | $key = mt_rand( 0, 0x7fffffff ); |
| 115 | 115 | } |
| — | — | @@ -196,36 +196,6 @@ |
| 197 | 197 | } |
| 198 | 198 | |
| 199 | 199 | /** |
| 200 | | - * Test if a path looks like it's in the right place |
| 201 | | - * |
| 202 | | - * @param {String} $path |
| 203 | | - * @return {Boolean} |
| 204 | | - */ |
| 205 | | - public function isPathValid( $path ) { |
| 206 | | - |
| 207 | | - if ( strval( $filename ) == '' ) { |
| 208 | | - return false; |
| 209 | | - } |
| 210 | | - |
| 211 | | - /** |
| 212 | | - * Lifted this bit from extensions/WebStore::validateFilename. |
| 213 | | - * Use the same traversal protection as Title::secureAndSplit() |
| 214 | | - */ |
| 215 | | - if ( strpos( $filename, '.' ) !== false && |
| 216 | | - ( $filename === '.' || $filename === '..' || |
| 217 | | - strpos( $filename, './' ) === 0 || |
| 218 | | - strpos( $filename, '../' ) === 0 || |
| 219 | | - strpos( $filename, '/./' ) !== false || |
| 220 | | - strpos( $filename, '/../' ) !== false ) ) { |
| 221 | | - return false; |
| 222 | | - } |
| 223 | | - |
| 224 | | - |
| 225 | | - return true; |
| 226 | | - |
| 227 | | - } |
| 228 | | - |
| 229 | | - /** |
| 230 | 200 | * A method needed by the file transforming and scaling routines in File.php |
| 231 | 201 | * We do not necessarily care about doing the description at this point |
| 232 | 202 | * @return {String} the empty string |
| — | — | @@ -275,7 +245,7 @@ |
| 276 | 246 | * @param {String|false} name of thumbnail (e.g. "120px-123456.jpg" ), or false to just get the path |
| 277 | 247 | * @return {String} path thumbnail should take on filesystem, or containing directory if thumbname is false |
| 278 | 248 | */ |
| 279 | | - public function getThumbPath( $thumbName=false ) { |
| | 249 | + public function getThumbPath( $thumbName = false ) { |
| 280 | 250 | $path = dirname( $this->path ); |
| 281 | 251 | if ( $thumbName !== false ) { |
| 282 | 252 | $path .= "/$thumbName"; |
| — | — | @@ -311,7 +281,7 @@ |
| 312 | 282 | * @param {String} basename of thumbnail file -- however, we don't want to use the file exactly |
| 313 | 283 | * @return {String} URL to access thumbnail, or URL with partial path |
| 314 | 284 | */ |
| 315 | | - public function getThumbUrl( $thumbName=false ) { |
| | 285 | + public function getThumbUrl( $thumbName = false ) { |
| 316 | 286 | $path = $this->sessionStash->getBaseUrl(); |
| 317 | 287 | $extension = $this->getExtension(); |
| 318 | 288 | if ( $thumbName !== false ) { |
| — | — | @@ -367,7 +337,7 @@ |
| 368 | 338 | * @param {Bitmask} flags suitable for File::transform() |
| 369 | 339 | * @return {ThumbnailImage} with additional File thumbnailFile property |
| 370 | 340 | */ |
| 371 | | - public function transform( $params, $flags=0 ) { |
| | 341 | + public function transform( $params, $flags = 0 ) { |
| 372 | 342 | |
| 373 | 343 | // force it to get a thumbnail right away |
| 374 | 344 | $flags |= self::RENDER_NOW; |
| Index: branches/uploadwizard/phase3/includes/specials/SpecialSessionStash.php |
| — | — | @@ -33,13 +33,9 @@ |
| 34 | 34 | |
| 35 | 35 | // $request is the request (usually wgRequest) |
| 36 | 36 | // $subpage is everything in the URL after Special:SessionStash |
| 37 | | - public function __construct( $request=null, $subpage=null ) { |
| 38 | | - global $wgRequest; |
| 39 | | - |
| | 37 | + public function __construct( $request = null, $subpage = null ) { |
| 40 | 38 | parent::__construct( 'SessionStash', 'upload' ); |
| 41 | | - |
| 42 | 39 | $this->stash = new SessionStash(); |
| 43 | | - |
| 44 | 40 | } |
| 45 | 41 | |
| 46 | 42 | /** |
| — | — | @@ -55,7 +51,6 @@ |
| 56 | 52 | // prevent callers from doing standard HTML output -- we'll take it from here |
| 57 | 53 | $wgOut->disable(); |
| 58 | 54 | |
| 59 | | - // global $wgScriptPath, $wgLang, $wgUser, $wgOut; |
| 60 | 55 | wfDebug( __METHOD__ . " in subpage for $subPage \n" ); |
| 61 | 56 | |
| 62 | 57 | try { |
| — | — | @@ -67,16 +62,14 @@ |
| 68 | 63 | return true; |
| 69 | 64 | |
| 70 | 65 | } catch( SessionStashFileNotFoundException $e ) { |
| 71 | | - wfHttpError( 404, self::$HttpErrors[404], $e->getCode(), $e->getMessage() ); |
| 72 | | - |
| | 66 | + $code = 404; |
| 73 | 67 | } catch( SessionStashBadPathException $e ) { |
| 74 | | - wfHttpError( 403, self::$HttpErrors[403], $e->getCode(), $e->getMessage() ); |
| 75 | | - |
| | 68 | + $code = 403; |
| 76 | 69 | } catch( Exception $e ) { |
| 77 | | - wfHttpError( $code, self::$HttpErrors[$code], $e->getCode(), $e->getMessage() ); |
| 78 | | - |
| | 70 | + $code = 500; |
| 79 | 71 | } |
| 80 | 72 | |
| | 73 | + wfHttpError( $code, self::$HttpErrors[$code], $e->getCode(), $e->getMessage() ); |
| 81 | 74 | return false; |
| 82 | 75 | } |
| 83 | 76 | |
| — | — | @@ -106,11 +99,11 @@ |
| 107 | 100 | * @param {File} file |
| 108 | 101 | */ |
| 109 | 102 | private function outputFile( $file ) { |
| 110 | | - header( 'Content-Type: ' . $file->getMimeType() ); |
| 111 | | - header( 'Content-Transfer-Encoding: binary' ); |
| 112 | | - header( 'Expires: Sun, 17-Jan-2038 19:14:07 GMT' ); |
| 113 | | - header( 'Pragma: public' ); |
| 114 | | - header( 'Content-Length: ' . $file->getSize() ); |
| | 103 | + header( 'Content-Type: ' . $file->getMimeType(), true ); |
| | 104 | + header( 'Content-Transfer-Encoding: binary', true ); |
| | 105 | + header( 'Expires: Sun, 17-Jan-2038 19:14:07 GMT', true ); |
| | 106 | + header( 'Pragma: public', true ); |
| | 107 | + header( 'Content-Length: ' . $file->getSize(), true ); |
| 115 | 108 | readfile( $file->getPath() ); |
| 116 | 109 | } |
| 117 | 110 | } |