diff options
| author | petko <petko@524c5546-5005-0410-9a3e-e25e191bd360> | 2023-02-11 04:03:13 +0000 |
|---|---|---|
| committer | petko <petko@524c5546-5005-0410-9a3e-e25e191bd360> | 2023-02-11 04:03:13 +0000 |
| commit | 5ef15ed2b72ad7e9811922ca49eab4da5bd5c7a1 (patch) | |
| tree | 49f1c8bdf35ab6345ade5583ed097afb49e8c2f4 /pmwiki.php | |
| parent | d6ed210fda80b040b09f8e2e9bc10d55d55c61c5 (diff) | |
| download | pmwiki.svn-5ef15ed2b72ad7e9811922ca49eab4da5bd5c7a1.tar.bz2 | |
Add $IsFarmArchive, $FarmPubDirPrefix, pm_servefile(), $ServeFileExts.
git-svn-id: svn://pmwiki.org/pmwiki/trunk@4360 524c5546-5005-0410-9a3e-e25e191bd360
Diffstat (limited to 'pmwiki.php')
| -rw-r--r-- | pmwiki.php | 49 |
1 files changed, 46 insertions, 3 deletions
@@ -41,10 +41,15 @@ if (ini_get('register_globals')) } $UnsafeGlobals = array_keys($GLOBALS); $GCount=0; $FmtV=array(); $FmtV['$TokenName'] = 'pmtoken'; -SDV($FarmD,dirname(__FILE__)); -SDV($WorkDir,'wiki.d'); define('PmWiki',1); -if (preg_match('/\\w\\w:/', $FarmD)) exit(); +SDV($WorkDir,'wiki.d'); +SDV($FarmD,dirname(__FILE__)); +SDV($FarmPubDirPrefix, 'PmFarmPubDirUrl'); +if (strpos($FarmD, 'phar://')===0) { + $IsFarmArchive = 1; + SDV($FarmPubDirUrl, "$ScriptUrl/$FarmPubDirPrefix"); +} +elseif (preg_match('/\\w\\w:/', $FarmD)) exit(); @include_once("$FarmD/scripts/version.php"); $GroupPattern = '[[:upper:]][\\w]*(?:-\\w+)*'; $NamePattern = '[[:upper:]\\d][\\w]*(?:-\\w+)*'; @@ -373,6 +378,44 @@ $DenyHtaccessContent = <<<EOF EOF; +SDVA($ServeFileExts, array( + 'gif' => 'image/gif', 'png' => 'image/png', 'svg' => 'image/svg+xml', + 'README' => 'text/plain', 'txt' => 'text/plain', + 'js' => 'application/javascript', +)); +function pm_servefile($basedir, $path) { + global $ServeFileExts; + header("X-Sent-Via: pm_servefile"); + $ext = preg_replace('!^.*[./]!', '', $path); + if (!isset($ServeFileExts[$ext]) || preg_match('/[?#${}]|\\.\\./', $path)) { + http_response_code(403); + die('Forbidden'); + } + $filepath = "$basedir/$path"; + if(!file_exists($filepath)) { + http_response_code(404); + die('File not found'); + } + + header('Cache-Control: private'); + header('Expires: '); + $filelastmod = gmdate('D, d M Y H:i:s \G\M\T', filemtime($filepath)); + if (@$_SERVER['HTTP_IF_MODIFIED_SINCE'] == $filelastmod) + { http_response_code(304); exit(); } + header("Last-Modified: $filelastmod"); + header("Content-Type: {$ServeFileExts[$ext]}"); + $length = filesize($filepath); + header("Content-Length: $length"); + readfile($filepath); + exit; +} + +if (strpos($pagename, "$FarmPubDirPrefix/")===0) { + $path = substr($pagename, strlen("$FarmPubDirPrefix/")); + pm_servefile("$FarmD/pub", $path); + exit; +} + if (file_exists("$FarmD/local/farmconfig.php")) include_once("$FarmD/local/farmconfig.php"); if (IsEnabled($EnableLocalConfig,1)) { |