function output($file, $mime, $size, $mtime)
{
$this->check_304($mtime);
header('Content-Length: ' . $size);
header('Content-Type: ' . $mime);
header('Last-Modified: ' . gmdate("D, d M Y H:i:s", $mtime) . " GMT");
header('Etag: ' . $mtime);
header('Cache-Control: private, max-age=' . XELFINDER_CACHE_TTL);
header('Expires: ' . gmdate("D, d M Y H:i:s", XELFINDER_UNIX_TIME + XELFINDER_CACHE_TTL) . ' GMT');
header('Pragma:');
if (function_exists('XC_CLASS_EXISTS') && XC_CLASS_EXISTS('HypCommonFunc')) {
HypCommonFunc::readfile($file);
} else {
readfile($file);
}
}
<?php
/*
* Created on 2008/05/13 by nao-pon http://hypweb.net/
* $Id: jobstack.php,v 1.10 2011/10/31 16:04:47 nao-pon Exp $
*/
error_reporting(0);
ignore_user_abort(TRUE);
$file = $mytrustdirpath . '/skin/image/gif/blank.gif';
header('Content-Type: image/gif');
header('Content-Length: ' . filesize($file));
header('Expires: Thu, 01 Dec 1994 16:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0');
header('Pragma: no-cache');
HypCommonFunc::readfile($file);
flush();
include_once $mytrustdirpath . '/include.php';
$xpwiki = new XpWiki($mydirname);
$xpwiki->init('#RenderMode');
$max_execution_time = intval(ini_get('max_execution_time'));
// It is all as for the one executed soon. (ttl = 0)
$sql = 'SELECT `key`, `data` FROM ' . $xpwiki->db->prefix($xpwiki->root->mydirname . '_cache') . ' WHERE `plugin`=\'jobstack\' AND `mtime` <= ' . $xpwiki->cont['UTC'] . ' AND `ttl`=0 ORDER BY `mtime` ASC LIMIT 1';
if ($res = $xpwiki->db->query($sql)) {
$row = $xpwiki->db->fetchRow($res);
while ($row) {
if ($max_execution_time) {
@ini_set('max_execution_time', (string) $max_execution_time);
}
xpwiki_jobstack_switch($xpwiki, $row);
$res = $xpwiki->db->query($sql);
function gc($get_tag = FALSE)
{
$dir = $this->cont['CACHE_DIR'] . 'plugin';
$gc = $this->cont['CACHE_DIR'] . 'plugin/aws.gc';
$interval = $this->config['cache_time'] * 60;
if (!is_file($gc) || filemtime($gc) < $this->cont['UTC'] - $interval) {
if ($get_tag) {
return '<div style="float:left;"><img src="' . $this->root->script . '?plugin=aws&pcmd=gc" width="1" height="1" alt="" /></div>' . "\n";
}
touch($gc);
$attr = '.aws';
$attr_len = strlen($attr) * -1;
$ttl = $this->config['cache_time'] * 60;
$check = $this->cont['UTC'] - $ttl;
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if (substr($file, $attr_len) === $attr) {
$target = $dir . '/' . $file;
if (filemtime($target) < $check) {
unlink($target);
}
}
}
closedir($dh);
}
}
if ($get_tag) {
return '';
}
// clear output buffer
$this->func->clear_output_buffer();
// imgタグ呼び出し用
header("Content-Type: image/gif");
HypCommonFunc::readfile($this->root->mytrustdirpath . '/skin/image/gif/spacer.gif');
}
function plugin_ref_action()
{
$usage = 'Usage: plugin=ref&page=page_name&src=attached_image_name';
if (!isset($this->root->vars['page']) || !isset($this->root->vars['src'])) {
return array(array('header' => 'HTTP/1.0 404 Not Found', 'msg' => 'File Not Found.'));
}
$page = $this->root->vars['page'];
$filename = $this->root->vars['src'];
$ref = $this->cont['UPLOAD_DIR'] . $this->func->encode($page) . '_' . $this->func->encode(preg_replace('#^.*/#', '', $filename));
$mtime = filemtime($ref);
$etag = '"' . $mtime . '"';
$expires = 'Expires: ' . gmdate("D, d M Y H:i:s", $this->cont['UTC'] + $this->cont['BROWSER_CACHE_MAX_AGE']) . ' GMT';
$cache_ctr = $this->root->userinfo['uid'] ? ' private, max-age=' . $this->cont['BROWSER_CACHE_MAX_AGE'] : '';
if ($etag == @$_SERVER["HTTP_IF_NONE_MATCH"]) {
// clear output buffer
$this->func->clear_output_buffer();
header('HTTP/1.1 304 Not Modified');
header('Cache-Control:' . $cache_ctr);
header('Pragma:');
header($expires);
exit;
}
if (!$this->func->check_readable($page, true, true)) {
return array('header' => 'HTTP/1.0 403 Forbidden', 'msg' => '403 Forbidden.');
}
if (!is_file($ref)) {
return array('header' => 'HTTP/1.0 404 Not Found', 'msg' => 'File Not Found.');
}
// ログファイル取得
$status = $this->get_fileinfo($ref);
if ($status['copyright']) {
return array('header' => 'HTTP/1.0 403 Forbidden', 'msg' => '403 Forbidden.');
}
$imgtype = isset($status['imagesize'][2]) ? $status['imagesize'][2] : false;
if ($status['noinline'] > 0) {
$imgtype = false;
}
switch ($imgtype) {
case 1:
$type = 'image/gif';
break;
case 2:
$type = 'image/jpeg';
break;
case 3:
$type = 'image/png';
break;
case 4:
case 13:
$type = 'application/x-shockwave-flash';
$noimg = FALSE;
// Flash のインライン表示権限チェック
if ($status['noinline'] > -1) {
if ($this->cont['PLUGIN_REF_FLASH_INLINE'] === 0) {
// すべて禁止
$noimg = TRUE;
} else {
if ($this->cont['PLUGIN_REF_FLASH_INLINE'] === 1) {
// 管理人所有のみ許可
if (!$status['admins']) {
$noimg = TRUE;
}
} else {
if ($this->cont['PLUGIN_REF_FLASH_INLINE'] === 2) {
// 登録ユーザー所有のみ許可
if (!$status['owner']) {
$noimg = TRUE;
}
}
}
}
}
if ($noimg) {
return array('header' => 'HTTP/1.0 403 Forbidden', 'msg' => '403 Forbidden.');
}
break;
default:
$noimg = TRUE;
if (($status['mime'] || $status['imagesize'] && !empty($status['imagesize']['mime'])) && ($status['noinline'] < 0 || $status['admins'] && $status['noinline'] < 1)) {
if (!$status['mime']) {
$status['mime'] = $status['imagesize']['mime'];
}
$noimg = empty($this->cont['PLUGIN_REF_MIME_INLINE'][strtolower($status['mime'])]);
$type = $status['imagesize']['mime'];
}
if ($noimg) {
return array('header' => 'HTTP/1.0 403 Forbidden', 'msg' => '403 Forbidden.');
}
}
// Check Referer
if ($this->cont['OPEN_MEDIA_REFCHECK']) {
if (!$this->func->refcheck($this->cont['OPEN_MEDIA_REFCHECK'] - 1)) {
return array('header' => 'HTTP/1.0 404 Not Found', 'msg' => 'File Not Found.');
}
}
// Care for Japanese-character-included file name
if ($this->cont['LANG'] === 'ja') {
switch ($this->cont['UA_NAME']) {
//case 'Safari':
// $filename = '';
// break;
case 'MSIE':
$filename = mb_convert_encoding($filename, 'SJIS-WIN', $this->cont['SOURCE_ENCODING']);
break;
default:
// Care for using _auto-encode-detecting_ function
$filename = mb_convert_encoding($filename, 'UTF-8', $this->cont['SOURCE_ENCODING']);
}
}
if (strpos(strtolower($this->root->ua), 'windows') !== FALSE) {
$filename = str_replace(array(':', '*', '?', '"', '<', '>', '|'), '_', $filename);
}
$size = filesize($ref);
// Output
// clear output buffer
$this->func->clear_output_buffer();
$this->func->pkwk_common_headers();
if (!$this->cont['PLUGIN_REF_SHORTURL']) {
header('Content-Disposition: inline; filename="' . $filename . '"');
}
header('Content-Length: ' . $size);
header('Content-Type: ' . $type);
header('Last-Modified: ' . gmdate("D, d M Y H:i:s", $mtime) . " GMT");
header('Etag: ' . $etag);
header('Cache-Control:' . $cache_ctr);
header('Pragma:');
header($expires);
HypCommonFunc::readfile($ref);
exit;
}
function plugin_moblog_output()
{
if ($this->chk_fp) {
flock($this->chk_fp, LOCK_UN);
fclose($this->chk_fp);
}
$this->debug_write();
if ($this->output_mode === 'rss') {
$rss = $this->func->get_plugin_instance('rss');
$rss->plugin_rss_action();
exit;
}
// clear output buffer
$this->func->clear_output_buffer();
if (isset($this->root->get['debug']) && $this->admin) {
echo 'Debug:<br />' . join('<br />', $this->debug);
} else {
// imgタグ呼び出し用
header("Content-Type: image/gif");
HypCommonFunc::readfile($this->root->mytrustdirpath . '/skin/image/gif/spacer.gif');
}
exit;
}
public function output($file, $mime, $size, $mtime, $name = '')
{
$this->check_304($mtime);
$disp = isset($_GET['dl']) ? 'attachment' : 'inline';
if ($name === '') {
$filename = '';
} else {
$filenameEncoded = rawurlencode($name);
if (strpos($filenameEncoded, '%') === false) {
// ASCII only
$filename = 'filename="' . $name . '"';
} else {
$ua = $_SERVER['HTTP_USER_AGENT'];
if (preg_match('/MSIE [4-8]/', $ua)) {
// IE < 9 do not support RFC 6266 (RFC 2231/RFC 5987)
$filename = 'filename="' . $filenameEncoded . '"';
} elseif (strpos($ua, 'Chrome') === false && strpos($ua, 'Safari') !== false && preg_match('#Version/[3-5]#', $ua)) {
// Safari < 6
$filename = 'filename="' . str_replace('"', '', $file['name']) . '"';
} else {
// RFC 6266 (RFC 2231/RFC 5987)
$filename = 'filename*=UTF-8\'\'' . $filenameEncoded;
}
}
}
header('Content-Length: ' . $size);
header('Content-Type: ' . $mime);
header('Content-Disposition: ' . $disp . '; ' . $filename);
header('Last-Modified: ' . gmdate("D, d M Y H:i:s", $mtime) . " GMT");
header('Etag: ' . $mtime);
header('Cache-Control: private, max-age=' . XELFINDER_CACHE_TTL);
header('Expires: ' . gmdate("D, d M Y H:i:s", XELFINDER_UNIX_TIME + XELFINDER_CACHE_TTL) . ' GMT');
header('Pragma:');
if (function_exists('XC_CLASS_EXISTS') && XC_CLASS_EXISTS('HypCommonFunc')) {
HypCommonFunc::readfile($file);
} else {
readfile($file);
}
}
function download_tarfile($downfile)
{
$size = filesize($downfile);
$filename = basename($downfile);
// clear output buffer
$this->func->clear_output_buffer();
ini_set('default_charset', '');
mb_http_output('pass');
header('Content-Disposition: attachment; filename="' . $filename . '"');
header('Content-Length: ' . $size);
header('Content-Type: application/x-tar');
header('Pragma: no-cache');
HypCommonFunc::readfile($downfile);
}
function open()
{
$this->getstatus();
// clear output buffer
$this->func->clear_output_buffer();
$etag = $this->status['md5'] . ($this->status['copyright'] ? '1' : '0') . $this->status['noinline'];
$expires = 'Expires: ' . gmdate("D, d M Y H:i:s", $this->cont['UTC'] + $this->cont['BROWSER_CACHE_MAX_AGE']) . ' GMT';
if ($etag == @$_SERVER["HTTP_IF_NONE_MATCH"]) {
header('HTTP/1.1 304 Not Modified');
header('Cache-Control: private');
header('Pragma:');
header($expires);
exit;
}
if (!$this->is_owner()) {
if ($this->status['copyright']) {
return $this->pluginAttach->attach_info('err_copyright');
}
}
// video, image でサイズが未取得の場合は取得しておく
list($type) = explode('/', strtolower($this->type));
if (($type === 'video' || $type === 'image') && (!$this->status['imagesize'] || !$this->status['imagesize'][0])) {
$this->status['imagesize'] = $this->getimagesize($this->filename);
}
$this->status['count'][$this->age]++;
$this->putstatus();
$filename = $this->status['org_fname'];
$format = 'name="%1$s"';
$encode = $this->cont['SOURCE_ENCODING'];
// Care for Japanese-character-included file name
if ($this->cont['LANG'] === 'ja') {
switch ($this->cont['UA_NAME']) {
case 'Opera':
case 'Firefox':
// RFC 2231 ( http://www.ietf.org/rfc/rfc2231.txt )
$format = 'name*=%2$s\'ja\'%1$s';
$filename = rawurlencode($filename);
break;
case 'MSIE':
$filename = mb_convert_encoding($filename, 'SJIS-WIN', $this->cont['SOURCE_ENCODING']);
break;
default:
if ($this->cont['SOURCE_ENCODING'] === 'UTF-8') {
// RFC 2231 ( http://www.ietf.org/rfc/rfc2231.txt )
$format = 'name*=%2$s\'ja\'%1$s';
$filename = rawurlencode($filename);
} else {
$format = 'name="%1$s"; charset=UTF-8';
$encode = 'UTF-8';
$filename = mb_convert_encoding($filename, $encode, $this->cont['SOURCE_ENCODING']);
}
}
}
if (strpos(strtolower($this->root->ua), 'windows') !== FALSE) {
$filename = str_replace(array(':', '*', '?', '"', '<', '>', '|'), '_', $filename);
}
$filename = sprintf($format, $filename, $encode);
ini_set('default_charset', '');
mb_http_output('pass');
// 画像以外(管理者所有を除く)はダウンロード扱いにする(XSS対策)
if ($this->is_allow_inline()) {
// リファラチェック
if ($this->cont['OPEN_MEDIA_REFCHECK'] && in_array(strtolower(substr($this->type, 0, 5)), array('image', 'audio', 'video'))) {
if (!$this->func->refcheck($this->cont['OPEN_MEDIA_REFCHECK'] - 1)) {
exit('Access Denied!');
}
}
header('Content-Disposition: inline; file' . $filename);
} else {
header('Content-Disposition: attachment; file' . $filename);
}
header('Content-Length: ' . $this->size);
header('Content-Type: ' . $this->type . '; ' . $filename);
header('Last-Modified: ' . gmdate("D, d M Y H:i:s", $this->time) . " GMT");
header('Etag: ' . $etag);
header('Cache-Control: private');
header('Pragma:');
header($expires);
HypCommonFunc::readfile($this->filename);
exit;
}
