function getMedia() { global $url; header("Content-Disposition: attachment"); if (preg_match('~tn~', $url)) { //if the image is a thumbnail just try and open it header("Content-type: " . mimeType($url)); echo file_get_contents("./" . $url); } else { if (file_exists("./{$url}")) { header("Content-type: " . mimeType($url)); echo file_get_contents("./" . $url); } elseif (file_exists('./' . str_replace("~", "~tn~", $url))) { $u = str_replace("~", "~tn~", $url); header("Content-type: " . mimeType($u)); echo file_get_contents("./" . $u); } elseif (file_exists('./' . substr($url, strpos($url, '~')))) { $u = substr($url, strpos($url, '~')); header("Content-type: " . mimeType($u)); echo file_get_contents("./" . $u); } else { header('HTTP/1.1 404 NOT FOUND', 404); return; } } }
/** * Given a wiki that has been parsed to html except for wiki syntax related * to resource, this method add the html to include these resources * * @param int $group_id group identifier of group wiki page belongs to * @param int $page_id identifier for page want to parse resources for * @param string $locale_tag the locale of the parsed page. * @return string resulting html page */ function insertResourcesParsePage($group_id, $page_id, $locale_tag, $parsed_page) { $default_folders = $this->getGroupPageResourcesFolders($group_id, $page_id); if ($default_folders) { list($folder, $thumb_folder) = $default_folders; } if (!preg_match_all('/\\(\\(resource:(.+?)\\|(.+?)\\)\\)/ui', $parsed_page, $matches)) { return $parsed_page; } $num_matches = count($matches[0]); for ($i = 0; $i < $num_matches; $i++) { $match_string = $matches[0][$i]; $resource_namespace_name = $matches[1][$i]; $namespace_parts = explode(":", $resource_namespace_name); $resource_description = $matches[2][$i]; if (count($namespace_parts) > 1) { $current_namespace = array_shift($namespace_parts); $current_page_id = $this->getPageId($group_id, $current_namespace, $locale_tag); if ($current_page_id === false || $current_page_id === NULL) { continue; } $resource_name = implode(":", $namespace_parts); $current_folders = $this->getGroupPageResourcesFolders($group_id, $current_page_id); if ($current_folders) { list($current_folder, $current_thumb_folder) = $current_folders; } } else { if (!$default_folders) { continue; } else { $resource_name = $resource_namespace_name; $current_page_id = $page_id; $current_folder = $folder; $current_thumb_folder = $thumb_folder; } } $file_name = "{$current_folder}/{$resource_name}"; $mime_type = mimeType($file_name); $mime_type_parts = explode(";", $mime_type); $mime_type = $mime_type_parts[0]; $resource_url = $this->getGroupPageResourceUrl($group_id, $current_page_id, $resource_name); if (in_array($mime_type, array('image/png', 'image/gif', 'image/jpeg', 'image/bmp', 'image/svg+xml'))) { $replace_string = "<img src='{$resource_url}' " . " alt='{$resource_description}' />"; $parsed_page = preg_replace('/' . preg_quote($match_string) . '/u', $replace_string, $parsed_page); } else { if (in_array($mime_type, array('video/mp4', 'video/ogg', 'video/avi', 'video/quicktime', 'video/x-flv', 'video/x-ms-wmv', 'video/webm', 'application/ogg'))) { $replace_string = "<video style='width:100%' " . "controls='controls' >\n" . "<source src='{$resource_url}' type='{$mime_type}'/>\n"; $multi_source_types = array("mp4", "webm", "ogg"); $current_extension = substr($mime_type, strlen('video/')); $add_sources = array(); if (in_array($current_extension, $multi_source_types)) { $add_sources = array_diff($multi_source_types, array($current_extension)); } $pre_name = substr($resource_name, 0, -strlen($current_extension) - 1); foreach ($add_sources as $extension) { if (file_exists("{$current_folder}/{$pre_name}.{$extension}")) { $resource_url = $this->getGroupPageResourceUrl($group_id, $current_page_id, "{$pre_name}.{$extension}"); $replace_string .= "<source src='{$resource_url}' " . "type='video/{$extension}'/>\n"; } } $replace_string .= $resource_description . "\n" . "</video>"; $parsed_page = preg_replace('/' . preg_quote($match_string, '/') . '/u', $replace_string, $parsed_page); } else { if (in_array($mime_type, array('audio/basic', 'audio/L24', 'audio/mp4', 'audio/mpeg', 'audio/ogg', 'audio/opus', 'audio/vorbis', 'audio/vnd.rn-realaudio', 'audio/vnd.wave', 'audio/webm'))) { $replace_string = "<audio controls='controls' >\n" . "<source src='{$resource_url}' >\n" . $resource_description . "\n" . "</audio>"; $parsed_page = preg_replace('/' . preg_quote($match_string, '/') . '/u', $replace_string, $parsed_page); } else { $replace_string = "<a href='{$resource_url}' >" . "{$resource_description}</a>"; $parsed_page = preg_replace('/' . preg_quote($match_string, '/') . '/u', $replace_string, $parsed_page); } } } } return $parsed_page; }
/** * Gets the resource $_REQUEST['n'] from APP_DIR/$_REQUEST['f'] or * CRAWL_DIR/$_REQUEST['f'] after cleaning */ function get() { if (!isset($_REQUEST['n']) || !isset($_REQUEST['f'])) { return; } $name = $this->clean($_REQUEST['n'], "string"); if (in_array($_REQUEST['f'], array("css", "scripts", "resources"))) { /* notice in this case we don't check if request come from a legitimate source but we do try to restrict it to being a file (not a folder) in the above array */ $base_dir = $this->getBaseFolder(); if (!$base_dir) { header('HTTP/1.1 401 Unauthorized'); echo "<html><head><title>401 Unauthorized</title></head>" . "<body><p>401 Unauthorized</p></body></html>"; return; } $type = UrlParser::getDocumentType($name); $name = UrlParser::getDocumentFilename($name); $name = $type != "" ? "{$name}.{$type}" : $name; if (isset($_REQUEST['t'])) { $name .= ".jpg"; } } else { if (in_array($_REQUEST['f'], array("cache"))) { /* perform check since these request should come from a known machine */ if (!$this->checkRequest()) { return; } $folder = $_REQUEST['f']; $base_dir = CRAWL_DIR . "/{$folder}"; } else { return; } } if (isset($_REQUEST['o']) && isset($_REQUEST['l'])) { $offset = $this->clean($_REQUEST['o'], "int"); $limit = $this->clean($_REQUEST['l'], "int"); } $path = "{$base_dir}/{$name}"; if (file_exists($path)) { $mime_type = mimeType($path); $size = filesize($path); $start = 0; $end = $size - 1; header("Content-type: {$mime_type}"); header("Accept-Ranges: bytes"); if (isset($_SERVER['HTTP_RANGE'])) { $this->serveRangeRequest($path, $size, $start, $end); return; } header("Content-Length: " . $size); header("Content-Range: bytes {$start}-{$end}/{$size}"); if (isset($offset) && isset($limit)) { echo file_get_contents($path, false, NULL, $offset, $limit); } else { readfile($path); } } else { header("Location:./error.php"); } }