Foo.png) $name = wfBaseName( $path ); if( preg_match( '!\d+px-(.*)!i', $name, $m ) ) $name = $m[1]; wfDebugLog( 'img_auth', "\$name is {$name}" ); $title = Title::makeTitleSafe( NS_IMAGE, $name ); if( !$title instanceof Title ) { wfDebugLog( 'img_auth', "Unable to construct a valid Title from `{$name}`" ); wfForbidden(); } $title = $title->getPrefixedText(); // Check the whitelist if needed if( !$wgUser->getId() && ( !is_array( $wgWhitelistRead ) || !in_array( $title, $wgWhitelistRead ) ) ) { wfDebugLog( 'img_auth', "Not logged in and `{$title}` not in whitelist." ); wfForbidden(); } if( !file_exists( $filename ) ) { wfDebugLog( 'img_auth', "`{$filename}` does not exist" ); wfForbidden(); } if( is_dir( $filename ) ) { wfDebugLog( 'img_auth', "`{$filename}` is a directory" ); wfForbidden(); } // Stream the requested file wfDebugLog( 'img_auth', "Streaming `{$filename}`" ); wfStreamFile( $filename ); wfLogProfilingData(); /** * Issue a standard HTTP 403 Forbidden header and a basic * error message, then end the script */ function wfForbidden() { header( 'HTTP/1.0 403 Forbidden' ); header( 'Content-Type: text/html; charset=utf-8' ); echo <<

Access Denied

You need to log in to access files on this server.

END; wfLogProfilingData(); exit(); }