function output($file, $mime, $size, $mtime) { $this->check_304($mtime); header('Content-Length: ' . $size); header('Content-Type: ' . $mime); header('Last-Modified: ' . gmdate("D, d M Y H:i:s", $mtime) . " GMT"); header('Etag: ' . $mtime); header('Cache-Control: private, max-age=' . XELFINDER_CACHE_TTL); header('Expires: ' . gmdate("D, d M Y H:i:s", XELFINDER_UNIX_TIME + XELFINDER_CACHE_TTL) . ' GMT'); header('Pragma:'); if (function_exists('XC_CLASS_EXISTS') && XC_CLASS_EXISTS('HypCommonFunc')) { HypCommonFunc::readfile($file); } else { readfile($file); } }
<?php /* * Created on 2008/05/13 by nao-pon http://hypweb.net/ * $Id: jobstack.php,v 1.10 2011/10/31 16:04:47 nao-pon Exp $ */ error_reporting(0); ignore_user_abort(TRUE); $file = $mytrustdirpath . '/skin/image/gif/blank.gif'; header('Content-Type: image/gif'); header('Content-Length: ' . filesize($file)); header('Expires: Thu, 01 Dec 1994 16:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0'); header('Pragma: no-cache'); HypCommonFunc::readfile($file); flush(); include_once $mytrustdirpath . '/include.php'; $xpwiki = new XpWiki($mydirname); $xpwiki->init('#RenderMode'); $max_execution_time = intval(ini_get('max_execution_time')); // It is all as for the one executed soon. (ttl = 0) $sql = 'SELECT `key`, `data` FROM ' . $xpwiki->db->prefix($xpwiki->root->mydirname . '_cache') . ' WHERE `plugin`=\'jobstack\' AND `mtime` <= ' . $xpwiki->cont['UTC'] . ' AND `ttl`=0 ORDER BY `mtime` ASC LIMIT 1'; if ($res = $xpwiki->db->query($sql)) { $row = $xpwiki->db->fetchRow($res); while ($row) { if ($max_execution_time) { @ini_set('max_execution_time', (string) $max_execution_time); } xpwiki_jobstack_switch($xpwiki, $row); $res = $xpwiki->db->query($sql);
function gc($get_tag = FALSE) { $dir = $this->cont['CACHE_DIR'] . 'plugin'; $gc = $this->cont['CACHE_DIR'] . 'plugin/aws.gc'; $interval = $this->config['cache_time'] * 60; if (!is_file($gc) || filemtime($gc) < $this->cont['UTC'] - $interval) { if ($get_tag) { return '<div style="float:left;"><img src="' . $this->root->script . '?plugin=aws&pcmd=gc" width="1" height="1" alt="" /></div>' . "\n"; } touch($gc); $attr = '.aws'; $attr_len = strlen($attr) * -1; $ttl = $this->config['cache_time'] * 60; $check = $this->cont['UTC'] - $ttl; if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if (substr($file, $attr_len) === $attr) { $target = $dir . '/' . $file; if (filemtime($target) < $check) { unlink($target); } } } closedir($dh); } } if ($get_tag) { return ''; } // clear output buffer $this->func->clear_output_buffer(); // imgタグ呼び出し用 header("Content-Type: image/gif"); HypCommonFunc::readfile($this->root->mytrustdirpath . '/skin/image/gif/spacer.gif'); }
function plugin_ref_action() { $usage = 'Usage: plugin=ref&page=page_name&src=attached_image_name'; if (!isset($this->root->vars['page']) || !isset($this->root->vars['src'])) { return array(array('header' => 'HTTP/1.0 404 Not Found', 'msg' => 'File Not Found.')); } $page = $this->root->vars['page']; $filename = $this->root->vars['src']; $ref = $this->cont['UPLOAD_DIR'] . $this->func->encode($page) . '_' . $this->func->encode(preg_replace('#^.*/#', '', $filename)); $mtime = filemtime($ref); $etag = '"' . $mtime . '"'; $expires = 'Expires: ' . gmdate("D, d M Y H:i:s", $this->cont['UTC'] + $this->cont['BROWSER_CACHE_MAX_AGE']) . ' GMT'; $cache_ctr = $this->root->userinfo['uid'] ? ' private, max-age=' . $this->cont['BROWSER_CACHE_MAX_AGE'] : ''; if ($etag == @$_SERVER["HTTP_IF_NONE_MATCH"]) { // clear output buffer $this->func->clear_output_buffer(); header('HTTP/1.1 304 Not Modified'); header('Cache-Control:' . $cache_ctr); header('Pragma:'); header($expires); exit; } if (!$this->func->check_readable($page, true, true)) { return array('header' => 'HTTP/1.0 403 Forbidden', 'msg' => '403 Forbidden.'); } if (!is_file($ref)) { return array('header' => 'HTTP/1.0 404 Not Found', 'msg' => 'File Not Found.'); } // ログファイル取得 $status = $this->get_fileinfo($ref); if ($status['copyright']) { return array('header' => 'HTTP/1.0 403 Forbidden', 'msg' => '403 Forbidden.'); } $imgtype = isset($status['imagesize'][2]) ? $status['imagesize'][2] : false; if ($status['noinline'] > 0) { $imgtype = false; } switch ($imgtype) { case 1: $type = 'image/gif'; break; case 2: $type = 'image/jpeg'; break; case 3: $type = 'image/png'; break; case 4: case 13: $type = 'application/x-shockwave-flash'; $noimg = FALSE; // Flash のインライン表示権限チェック if ($status['noinline'] > -1) { if ($this->cont['PLUGIN_REF_FLASH_INLINE'] === 0) { // すべて禁止 $noimg = TRUE; } else { if ($this->cont['PLUGIN_REF_FLASH_INLINE'] === 1) { // 管理人所有のみ許可 if (!$status['admins']) { $noimg = TRUE; } } else { if ($this->cont['PLUGIN_REF_FLASH_INLINE'] === 2) { // 登録ユーザー所有のみ許可 if (!$status['owner']) { $noimg = TRUE; } } } } } if ($noimg) { return array('header' => 'HTTP/1.0 403 Forbidden', 'msg' => '403 Forbidden.'); } break; default: $noimg = TRUE; if (($status['mime'] || $status['imagesize'] && !empty($status['imagesize']['mime'])) && ($status['noinline'] < 0 || $status['admins'] && $status['noinline'] < 1)) { if (!$status['mime']) { $status['mime'] = $status['imagesize']['mime']; } $noimg = empty($this->cont['PLUGIN_REF_MIME_INLINE'][strtolower($status['mime'])]); $type = $status['imagesize']['mime']; } if ($noimg) { return array('header' => 'HTTP/1.0 403 Forbidden', 'msg' => '403 Forbidden.'); } } // Check Referer if ($this->cont['OPEN_MEDIA_REFCHECK']) { if (!$this->func->refcheck($this->cont['OPEN_MEDIA_REFCHECK'] - 1)) { return array('header' => 'HTTP/1.0 404 Not Found', 'msg' => 'File Not Found.'); } } // Care for Japanese-character-included file name if ($this->cont['LANG'] === 'ja') { switch ($this->cont['UA_NAME']) { //case 'Safari': // $filename = ''; // break; case 'MSIE': $filename = mb_convert_encoding($filename, 'SJIS-WIN', $this->cont['SOURCE_ENCODING']); break; default: // Care for using _auto-encode-detecting_ function $filename = mb_convert_encoding($filename, 'UTF-8', $this->cont['SOURCE_ENCODING']); } } if (strpos(strtolower($this->root->ua), 'windows') !== FALSE) { $filename = str_replace(array(':', '*', '?', '"', '<', '>', '|'), '_', $filename); } $size = filesize($ref); // Output // clear output buffer $this->func->clear_output_buffer(); $this->func->pkwk_common_headers(); if (!$this->cont['PLUGIN_REF_SHORTURL']) { header('Content-Disposition: inline; filename="' . $filename . '"'); } header('Content-Length: ' . $size); header('Content-Type: ' . $type); header('Last-Modified: ' . gmdate("D, d M Y H:i:s", $mtime) . " GMT"); header('Etag: ' . $etag); header('Cache-Control:' . $cache_ctr); header('Pragma:'); header($expires); HypCommonFunc::readfile($ref); exit; }
function plugin_moblog_output() { if ($this->chk_fp) { flock($this->chk_fp, LOCK_UN); fclose($this->chk_fp); } $this->debug_write(); if ($this->output_mode === 'rss') { $rss = $this->func->get_plugin_instance('rss'); $rss->plugin_rss_action(); exit; } // clear output buffer $this->func->clear_output_buffer(); if (isset($this->root->get['debug']) && $this->admin) { echo 'Debug:<br />' . join('<br />', $this->debug); } else { // imgタグ呼び出し用 header("Content-Type: image/gif"); HypCommonFunc::readfile($this->root->mytrustdirpath . '/skin/image/gif/spacer.gif'); } exit; }
public function output($file, $mime, $size, $mtime, $name = '') { $this->check_304($mtime); $disp = isset($_GET['dl']) ? 'attachment' : 'inline'; if ($name === '') { $filename = ''; } else { $filenameEncoded = rawurlencode($name); if (strpos($filenameEncoded, '%') === false) { // ASCII only $filename = 'filename="' . $name . '"'; } else { $ua = $_SERVER['HTTP_USER_AGENT']; if (preg_match('/MSIE [4-8]/', $ua)) { // IE < 9 do not support RFC 6266 (RFC 2231/RFC 5987) $filename = 'filename="' . $filenameEncoded . '"'; } elseif (strpos($ua, 'Chrome') === false && strpos($ua, 'Safari') !== false && preg_match('#Version/[3-5]#', $ua)) { // Safari < 6 $filename = 'filename="' . str_replace('"', '', $file['name']) . '"'; } else { // RFC 6266 (RFC 2231/RFC 5987) $filename = 'filename*=UTF-8\'\'' . $filenameEncoded; } } } header('Content-Length: ' . $size); header('Content-Type: ' . $mime); header('Content-Disposition: ' . $disp . '; ' . $filename); header('Last-Modified: ' . gmdate("D, d M Y H:i:s", $mtime) . " GMT"); header('Etag: ' . $mtime); header('Cache-Control: private, max-age=' . XELFINDER_CACHE_TTL); header('Expires: ' . gmdate("D, d M Y H:i:s", XELFINDER_UNIX_TIME + XELFINDER_CACHE_TTL) . ' GMT'); header('Pragma:'); if (function_exists('XC_CLASS_EXISTS') && XC_CLASS_EXISTS('HypCommonFunc')) { HypCommonFunc::readfile($file); } else { readfile($file); } }
function download_tarfile($downfile) { $size = filesize($downfile); $filename = basename($downfile); // clear output buffer $this->func->clear_output_buffer(); ini_set('default_charset', ''); mb_http_output('pass'); header('Content-Disposition: attachment; filename="' . $filename . '"'); header('Content-Length: ' . $size); header('Content-Type: application/x-tar'); header('Pragma: no-cache'); HypCommonFunc::readfile($downfile); }
function open() { $this->getstatus(); // clear output buffer $this->func->clear_output_buffer(); $etag = $this->status['md5'] . ($this->status['copyright'] ? '1' : '0') . $this->status['noinline']; $expires = 'Expires: ' . gmdate("D, d M Y H:i:s", $this->cont['UTC'] + $this->cont['BROWSER_CACHE_MAX_AGE']) . ' GMT'; if ($etag == @$_SERVER["HTTP_IF_NONE_MATCH"]) { header('HTTP/1.1 304 Not Modified'); header('Cache-Control: private'); header('Pragma:'); header($expires); exit; } if (!$this->is_owner()) { if ($this->status['copyright']) { return $this->pluginAttach->attach_info('err_copyright'); } } // video, image でサイズが未取得の場合は取得しておく list($type) = explode('/', strtolower($this->type)); if (($type === 'video' || $type === 'image') && (!$this->status['imagesize'] || !$this->status['imagesize'][0])) { $this->status['imagesize'] = $this->getimagesize($this->filename); } $this->status['count'][$this->age]++; $this->putstatus(); $filename = $this->status['org_fname']; $format = 'name="%1$s"'; $encode = $this->cont['SOURCE_ENCODING']; // Care for Japanese-character-included file name if ($this->cont['LANG'] === 'ja') { switch ($this->cont['UA_NAME']) { case 'Opera': case 'Firefox': // RFC 2231 ( http://www.ietf.org/rfc/rfc2231.txt ) $format = 'name*=%2$s\'ja\'%1$s'; $filename = rawurlencode($filename); break; case 'MSIE': $filename = mb_convert_encoding($filename, 'SJIS-WIN', $this->cont['SOURCE_ENCODING']); break; default: if ($this->cont['SOURCE_ENCODING'] === 'UTF-8') { // RFC 2231 ( http://www.ietf.org/rfc/rfc2231.txt ) $format = 'name*=%2$s\'ja\'%1$s'; $filename = rawurlencode($filename); } else { $format = 'name="%1$s"; charset=UTF-8'; $encode = 'UTF-8'; $filename = mb_convert_encoding($filename, $encode, $this->cont['SOURCE_ENCODING']); } } } if (strpos(strtolower($this->root->ua), 'windows') !== FALSE) { $filename = str_replace(array(':', '*', '?', '"', '<', '>', '|'), '_', $filename); } $filename = sprintf($format, $filename, $encode); ini_set('default_charset', ''); mb_http_output('pass'); // 画像以外(管理者所有を除く)はダウンロード扱いにする(XSS対策) if ($this->is_allow_inline()) { // リファラチェック if ($this->cont['OPEN_MEDIA_REFCHECK'] && in_array(strtolower(substr($this->type, 0, 5)), array('image', 'audio', 'video'))) { if (!$this->func->refcheck($this->cont['OPEN_MEDIA_REFCHECK'] - 1)) { exit('Access Denied!'); } } header('Content-Disposition: inline; file' . $filename); } else { header('Content-Disposition: attachment; file' . $filename); } header('Content-Length: ' . $this->size); header('Content-Type: ' . $this->type . '; ' . $filename); header('Last-Modified: ' . gmdate("D, d M Y H:i:s", $this->time) . " GMT"); header('Etag: ' . $etag); header('Cache-Control: private'); header('Pragma:'); header($expires); HypCommonFunc::readfile($this->filename); exit; }