r77266 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r77265‎ \| r77266 \| r77267 >
Date:	23:27, 24 November 2010
Author:	catrope
Status:	ok (Comments)
Tags:
Comment:	1.16wmf4: Commit live hack for temporary thumbnail support in thumb.php . This should be reengineered properly before being put in trunk
Modified paths:	/branches/wmf/1.16wmf4/thumb.php (modified) (history)

Diff [purge]

Index: branches/wmf/1.16wmf4/thumb.php
—	—	@@ -47,6 +47,9 @@
48	48	$isOld = (isset( $params['archived'] ) && $params['archived']);
49	49	unset( $params['archived'] );
50	50
	51	+ // Is this a thumb of a temp file?
	52	+ $isTemp = (isset( $params['temp'] ) && $params['temp']);
	53	+
51	54	// Some basic input validation
52	55	$fileName = strtr( $fileName, '\\/', '__' );
53	56
—	—	@@ -64,13 +67,23 @@
65	68	return;
66	69	}
67	70	$img = RepoGroup::singleton()->getLocalRepo()->newFromArchiveName( $title, $fileName );
	71	+ } else if ( $isTemp ) {
	72	+ // Dirty, horrible, evil hack. We need to create a repo with the right zone paths for this to work
	73	+ $localRepo = RepoGroup::singleton()->getLocalRepo();
	74	+ $repo = new FSRepo( array( 'directory' => $localRepo->getZonePath( 'temp' ), 'url' => $localRepo->getZoneUrl( 'temp' ), 'thumbPath'=> $localRepo->getZonePath( 'thumb' ) . '/temp', 'thumbUrl' => $localRepo->getZoneUrl( 'thumb' ) . '/temp' ) );
	75	+ // $fileName can be like timestamp!name , strip the timestamp! part
	76	+ $parts = explode( '!', $fileName, 2 );
	77	+ $strippedName = isset( $parts[1] ) ? $parts[1] : $fileName;
	78	+ $path = $localRepo->getZonePath( 'temp' ) . '/' . RepoGroup::singleton()->getLocalRepo()->getHashPath( $strippedName ) . $fileName;
	79	+ $img = new UnregisteredLocalFile( false, $repo, $path, false );
68	80	} else {
69	81	$img = wfLocalFile( $fileName );
70	82	}
71	83
72	84	// Check permissions if there are read restrictions
73	85	if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) {
74		~~- if ( !$img->getTitle()->userCanRead() ) {~~
	86	+ // If we have a title, check that for read access. If not (stashed file), be paranoid and disallow
	87	+ if ( !$img->getTitle() \|\| !$img->getTitle()->userCanRead() ) {
75	88	wfThumbError( 403, 'Access denied. You do not have permission to access ' .
76	89	'the source file.' );
77	90	return;

Follow-up revisions

Revision	Commit summary	Author	Date
r78134	Sync'ing r74494-r77266	awjrichards	19:22, 9 December 2010
r96827	Commit live patch, not sure who wrote it. It fixes a bug from r77266, reappli...	tstarling	08:04, 12 September 2011
r97512	1.18wmf1 Merge r60970, r69199, r77266, r96827 (Some of the revisions from r81...	reedy	16:01, 19 September 2011

Comments

#Comment by Aaron Schulz (talk | contribs) 20:17, 19 September 2011

I can't remember what uses this. UploadWizard or standard MW upload preview or such?

#Comment by Catrope (talk | contribs) 08:33, 20 September 2011

UploadStash uses this. The primary consumer of UploadStash is UploadWizard.

Status & tagging log

12:46, 8 December 2010 Reedy (talk | contribs) changed the status of r77266 [removed: new added: ok]