source: documentation/trunk/packages/dokuwiki-2011-05-25a/lib/exe/fetch.php@ 30098

<?php
/**
 * DokuWiki media passthrough file
 *
 * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
 * @author     Andreas Gohr <[email protected]>
 */

  if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../');
  define('DOKU_DISABLE_GZIP_OUTPUT', 1);
  require_once(DOKU_INC.'inc/init.php');

  //close session
  session_write_close();

  $mimetypes = getMimeTypes();

  //get input
  $MEDIA  = stripctl(getID('media',false)); // no cleaning except control chars - maybe external
  $CACHE  = calc_cache($_REQUEST['cache']);
  $WIDTH  = (int) $_REQUEST['w'];
  $HEIGHT = (int) $_REQUEST['h'];
  list($EXT,$MIME,$DL) = mimetype($MEDIA,false);
  if($EXT === false){
    $EXT  = 'unknown';
    $MIME = 'application/octet-stream';
    $DL   = true;
  }

  // check for permissions, preconditions and cache external files
  list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE);

  // prepare data for plugin events
  $data = array('media'           => $MEDIA,
                'file'            => $FILE,
                'orig'            => $FILE,
                'mime'            => $MIME,
                'download'        => $DL,
                'cache'           => $CACHE,
                'ext'             => $EXT,
                'width'           => $WIDTH,
                'height'          => $HEIGHT,
                'status'          => $STATUS,
                'statusmessage'   => $STATUSMESSAGE,
  );

  // handle the file status
  $evt = new Doku_Event('FETCH_MEDIA_STATUS', $data);
  if ( $evt->advise_before() ) {
    // redirects
    if($data['status'] > 300 && $data['status'] <= 304){
      send_redirect($data['statusmessage']);
    }
    // send any non 200 status
    if($data['status'] != 200){
      header('HTTP/1.0 ' . $data['status'] . ' ' . $data['statusmessage']);
    }
    // die on errors
    if($data['status'] > 203){
      print $data['statusmessage'];
      exit;
    }
  }
  $evt->advise_after();
  unset($evt);

  //handle image resizing/cropping
  if((substr($MIME,0,5) == 'image') && $WIDTH){
    if($HEIGHT){
        $data['file'] = $FILE = media_crop_image($data['file'],$EXT,$WIDTH,$HEIGHT);
    }else{
        $data['file'] = $FILE  = media_resize_image($data['file'],$EXT,$WIDTH,$HEIGHT);
    }
  }

  // finally send the file to the client
  $evt = new Doku_Event('MEDIA_SENDFILE', $data);
  if ($evt->advise_before()) {
    sendFile($data['file'],$data['mime'],$data['download'],$data['cache']);
  }
  // Do something after the download finished.
  $evt->advise_after();

/* ------------------------------------------------------------------------ */

/**
 * Set headers and send the file to the client
 *
 * @author Andreas Gohr <[email protected]>
 * @author Ben Coburn <[email protected]>
 */
function sendFile($file,$mime,$dl,$cache){
  global $conf;
  $fmtime = @filemtime($file);
  // send headers
  header("Content-Type: $mime");
  // smart http caching headers
  if ($cache==-1) {
    // cache
    // cachetime or one hour
    header('Expires: '.gmdate("D, d M Y H:i:s", time()+max($conf['cachetime'], 3600)).' GMT');
    header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($conf['cachetime'], 3600));
    header('Pragma: public');
  } else if ($cache>0) {
    // recache
    // remaining cachetime + 10 seconds so the newly recached media is used
    header('Expires: '.gmdate("D, d M Y H:i:s", $fmtime+$conf['cachetime']+10).' GMT');
    header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($fmtime-time()+$conf['cachetime']+10, 0));
    header('Pragma: public');
  } else if ($cache==0) {
    // nocache
    header('Cache-Control: must-revalidate, no-transform, post-check=0, pre-check=0');
    header('Pragma: public');
  }
  //send important headers first, script stops here if '304 Not Modified' response
  http_conditionalRequest($fmtime);


  //download or display?
  if($dl){
    header('Content-Disposition: attachment; filename="'.basename($file).'";');
  }else{
    header('Content-Disposition: inline; filename="'.basename($file).'";');
  }

  //use x-sendfile header to pass the delivery to compatible webservers
  if (http_sendfile($file)) exit;

  // send file contents
  $fp = @fopen($file,"rb");
  if($fp){
    http_rangeRequest($fp,filesize($file),$mime);
  }else{
    header("HTTP/1.0 500 Internal Server Error");
    print "Could not read $file - bad permissions?";
  }
}

/**
 * Check for media for preconditions and return correct status code
 *
 * READ: MEDIA, MIME, EXT, CACHE
 * WRITE: MEDIA, FILE, array( STATUS, STATUSMESSAGE )
 *
 * @author Gerry Weissbach <[email protected]>
 * @param $media reference to the media id
 * @param $file reference to the file variable
 * @returns array(STATUS, STATUSMESSAGE)
 */
function checkFileStatus(&$media, &$file) {
  global $MIME, $EXT, $CACHE;

  //media to local file
  if(preg_match('#^(https?)://#i',$media)){
    //check hash
    if(substr(md5(auth_cookiesalt().$media),0,6) != $_REQUEST['hash']){
      return array( 412, 'Precondition Failed');
    }
    //handle external images
    if(strncmp($MIME,'image/',6) == 0) $file = media_get_from_URL($media,$EXT,$CACHE);
    if(!$file){
      //download failed - redirect to original URL
      return array( 302, $media );
    }
  }else{
    $media = cleanID($media);
    if(empty($media)){
      return array( 400, 'Bad request' );
    }

    //check permissions (namespace only)
    if(auth_quickaclcheck(getNS($media).':X') < AUTH_READ){
      return array( 403, 'Forbidden' );
    }
    $file  = mediaFN($media);
  }

  //check file existance
  if(!@file_exists($file)){
      return array( 404, 'Not Found' );
  }

  return array(200, null);
}

/**
 * Returns the wanted cachetime in seconds
 *
 * Resolves named constants
 *
 * @author  Andreas Gohr <[email protected]>
 */
function calc_cache($cache){
  global $conf;

  if(strtolower($cache) == 'nocache') return 0; //never cache
  if(strtolower($cache) == 'recache') return $conf['cachetime']; //use standard cache
  return -1; //cache endless
}

//Setup VIM: ex: et ts=2 :