From adec979fd5453cf213b776d7dceaaaac4eb05713 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sun, 12 Aug 2012 15:07:03 +0200 Subject: more subscription refactoring BROKEN now the actual sending of bulk messages (digest, list) is reimplemented and partially tested. Still not complete --- lib/exe/indexer.php | 86 +++++------------------------------------------------ 1 file changed, 7 insertions(+), 79 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/indexer.php b/lib/exe/indexer.php index e149770c0..270341fe6 100644 --- a/lib/exe/indexer.php +++ b/lib/exe/indexer.php @@ -166,92 +166,20 @@ function runSitemapper(){ * @author Adrian Lang */ function sendDigest() { - echo 'sendDigest(): started'.NL; - global $ID; global $conf; + global $ID; + + echo 'sendDigest(): started'.NL; if (!$conf['subscribers']) { echo 'sendDigest(): disabled'.NL; return false; } - $subscriptions = subscription_find($ID, array('style' => '(digest|list)', - 'escaped' => true)); - global $auth; - global $lang; - global $conf; - global $USERINFO; - - // remember current user info - $olduinfo = $USERINFO; - $olduser = $_SERVER['REMOTE_USER']; - - foreach($subscriptions as $id => $users) { - if (!subscription_lock($id)) { - continue; - } - foreach($users as $data) { - list($user, $style, $lastupdate) = $data; - $lastupdate = (int) $lastupdate; - if ($lastupdate + $conf['subscribe_time'] > time()) { - // Less than the configured time period passed since last - // update. - continue; - } - - // Work as the user to make sure ACLs apply correctly - $USERINFO = $auth->getUserData($user); - $_SERVER['REMOTE_USER'] = $user; - if ($USERINFO === false) { - continue; - } - - if (substr($id, -1, 1) === ':') { - // The subscription target is a namespace - $changes = getRecentsSince($lastupdate, null, getNS($id)); - } else { - if(auth_quickaclcheck($id) < AUTH_READ) continue; - - $meta = p_get_metadata($id); - $changes = array($meta['last_change']); - } - - // Filter out pages only changed in small and own edits - $change_ids = array(); - foreach($changes as $rev) { - $n = 0; - while (!is_null($rev) && $rev['date'] >= $lastupdate && - ($_SERVER['REMOTE_USER'] === $rev['user'] || - $rev['type'] === DOKU_CHANGE_TYPE_MINOR_EDIT)) { - $rev = getRevisions($rev['id'], $n++, 1); - $rev = (count($rev) > 0) ? $rev[0] : null; - } - - if (!is_null($rev) && $rev['date'] >= $lastupdate) { - // Some change was not a minor one and not by myself - $change_ids[] = $rev['id']; - } - } - - if ($style === 'digest') { - foreach($change_ids as $change_id) { - subscription_send_digest($USERINFO['mail'], $change_id, - $lastupdate); - } - } elseif ($style === 'list') { - subscription_send_list($USERINFO['mail'], $change_ids, $id); - } - // TODO: Handle duplicate subscriptions. - - // Update notification time. - subscription_set($user, $id, $style, time(), true); - } - subscription_unlock($id); - } + $sub = new Subscription(); + $sent = $sub->send_bulk($ID); - // restore current user info - $USERINFO = $olduinfo; - $_SERVER['REMOTE_USER'] = $olduser; + echo "sendDigest(): sent $sent mails".NL; echo 'sendDigest(): finished'.NL; - return true; + return (bool) $sent; } /** -- cgit v1.2.3 From 84c1127cc070777c8cbcf488f5422bc4b71470a8 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sun, 12 Aug 2012 17:30:01 +0200 Subject: correctly check if subscriptions are enabled --- lib/exe/indexer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/indexer.php b/lib/exe/indexer.php index 270341fe6..bbfd51b39 100644 --- a/lib/exe/indexer.php +++ b/lib/exe/indexer.php @@ -170,7 +170,7 @@ function sendDigest() { global $ID; echo 'sendDigest(): started'.NL; - if (!$conf['subscribers']) { + if(!actionOK('subscribe')) { echo 'sendDigest(): disabled'.NL; return false; } -- cgit v1.2.3 From 58789954a7642c133920f37a51fd3dbb5d76cbde Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Tue, 23 Oct 2012 18:08:57 +0200 Subject: correctly check hash parameter in media dispatcher FS#2648 --- lib/exe/fetch.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index e8f189256..52e7ebe1e 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -157,7 +157,7 @@ function checkFileStatus(&$media, &$file, $rev='') { //media to local file if(preg_match('#^(https?)://#i',$media)){ //check hash - if(substr(md5(auth_cookiesalt().$media),0,6) != $INPUT->str('hash')){ + if(substr(md5(auth_cookiesalt().$media),0,6) !== $INPUT->str('hash')){ return array( 412, 'Precondition Failed'); } //handle external images -- cgit v1.2.3 From 46a853c3756aa4abe582ccb0de6f4e1f4b2035c4 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Tue, 27 Nov 2012 17:39:04 +0100 Subject: correct return in sendDigest() the function always returned true, even if no action was taken. This resulted in no further indexer tasks being run. --- lib/exe/indexer.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/indexer.php b/lib/exe/indexer.php index 1ccede923..c336514cd 100644 --- a/lib/exe/indexer.php +++ b/lib/exe/indexer.php @@ -181,6 +181,8 @@ function sendDigest() { global $conf; global $USERINFO; + $sent = false; + // remember current user info $olduinfo = $USERINFO; $olduser = $_SERVER['REMOTE_USER']; @@ -236,9 +238,11 @@ function sendDigest() { foreach($change_ids as $change_id) { subscription_send_digest($USERINFO['mail'], $change_id, $lastupdate); + $sent = true; } } elseif ($style === 'list') { subscription_send_list($USERINFO['mail'], $change_ids, $id); + $sent = true; } // TODO: Handle duplicate subscriptions. @@ -252,7 +256,7 @@ function sendDigest() { $USERINFO = $olduinfo; $_SERVER['REMOTE_USER'] = $olduser; echo 'sendDigest(): finished'.NL; - return true; + return $sent; } /** -- cgit v1.2.3 From 4f4c6fd5079db8beb50ea9b9aa08351a49a57d21 Mon Sep 17 00:00:00 2001 From: Michael Hamann Date: Mon, 3 Dec 2012 00:07:36 +0100 Subject: lib/exe/indexer.php: Fix sending of the GIF when it is deferred FS#2646 Before this change the GIF wasn't sent at all when the PHP settings indicate that sending of the GIF needs to be deferred and it was sent when the debug output was on. --- lib/exe/indexer.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/indexer.php b/lib/exe/indexer.php index c336514cd..28ee5331f 100644 --- a/lib/exe/indexer.php +++ b/lib/exe/indexer.php @@ -37,9 +37,12 @@ if ($evt->advise_before()) { runTrimRecentChanges(true) or $evt->advise_after(); } -if($defer) sendGIF(); -if(!$output) ob_end_clean(); +if(!$output) { + ob_end_clean(); + if($defer) sendGIF(); +} + exit; // -------------------------------------------------------------------- -- cgit v1.2.3 From 9fd5ca2ec2955ee29404be1a39ddd9affcd0c78f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20Gro=CC=88nke?= Date: Sat, 19 Jan 2013 16:30:42 +0100 Subject: jQuery latest * jQuery 1.9.0 * jQuery-UI v1.9.2 * jQuery.fn.live > jQuery.fn.on * jQuery.fn.browser replacement (jquery.mb.browser.js) --- lib/exe/js.php | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/exe') diff --git a/lib/exe/js.php b/lib/exe/js.php index 42979eeed..7c1c27138 100644 --- a/lib/exe/js.php +++ b/lib/exe/js.php @@ -43,6 +43,7 @@ function js_out(){ DOKU_INC."lib/scripts/jquery/jquery$min.js", DOKU_INC.'lib/scripts/jquery/jquery.cookie.js', DOKU_INC."lib/scripts/jquery/jquery-ui$min.js", + DOKU_INC."lib/scripts/jquery/jquery.mb.browser.js", DOKU_INC."lib/scripts/fileuploader.js", DOKU_INC."lib/scripts/fileuploaderextended.js", DOKU_INC.'lib/scripts/helpers.js', -- cgit v1.2.3 From c499bfe13cc054e1a85ba63045d722c713ca8da4 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 26 Jan 2013 12:26:15 +0100 Subject: added jquery-migrate as a copatibility layer this will be removed soon again. plugins using jQuery should make sure they are compatible to jQuery 1.9 --- lib/exe/js.php | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/exe') diff --git a/lib/exe/js.php b/lib/exe/js.php index 7c1c27138..969a811cf 100644 --- a/lib/exe/js.php +++ b/lib/exe/js.php @@ -44,6 +44,7 @@ function js_out(){ DOKU_INC.'lib/scripts/jquery/jquery.cookie.js', DOKU_INC."lib/scripts/jquery/jquery-ui$min.js", DOKU_INC."lib/scripts/jquery/jquery.mb.browser.js", + DOKU_INC."lib/scripts/jquery/jquery-migrate.js", DOKU_INC."lib/scripts/fileuploader.js", DOKU_INC."lib/scripts/fileuploaderextended.js", DOKU_INC.'lib/scripts/helpers.js', -- cgit v1.2.3 From a6c670e5041ca2038caf0175ab47fced4a3258cb Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 26 Jan 2013 12:35:15 +0100 Subject: added minified version of jquery-migrate --- lib/exe/js.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/js.php b/lib/exe/js.php index 969a811cf..bec6d3d12 100644 --- a/lib/exe/js.php +++ b/lib/exe/js.php @@ -44,7 +44,7 @@ function js_out(){ DOKU_INC.'lib/scripts/jquery/jquery.cookie.js', DOKU_INC."lib/scripts/jquery/jquery-ui$min.js", DOKU_INC."lib/scripts/jquery/jquery.mb.browser.js", - DOKU_INC."lib/scripts/jquery/jquery-migrate.js", + DOKU_INC."lib/scripts/jquery/jquery-migrate$min.js", DOKU_INC."lib/scripts/fileuploader.js", DOKU_INC."lib/scripts/fileuploaderextended.js", DOKU_INC.'lib/scripts/helpers.js', -- cgit v1.2.3 From d91a4ef556635b5298c47df2856851f0694b2885 Mon Sep 17 00:00:00 2001 From: Klap-in Date: Tue, 29 Jan 2013 01:44:45 +0100 Subject: Add a break to ajax_qsearch() When the search input is still only a few characters, the number of matching pages is big. Browsers have heavy work to progress this whole return, better cut off so only the part that is directly displayed will be sent. --- lib/exe/ajax.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'lib/exe') diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index 9989269cf..fdc28d4f1 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -57,6 +57,7 @@ function ajax_qsearch(){ print ''.$lang['quickhits'].''; print '
    '; + $counter = 0; foreach($data as $id => $title){ if (useHeading('navigation')) { $name = $title; @@ -69,6 +70,12 @@ function ajax_qsearch(){ } } echo '
  • ' . html_wikilink(':'.$id,$name) . '
    • '; + + $counter ++; + if($counter > 50) { + echo '
  • ...
    • '; + break; + } } print '
'; } -- cgit v1.2.3 From 48606867454b93c7d11708b8193fbc2a4368aaf9 Mon Sep 17 00:00:00 2001 From: Klap-in Date: Sun, 3 Feb 2013 19:53:11 +0100 Subject: use var and remove suggestions when needed Use variable for maximum number of suggestions for quicksearch. And hide suggestions when search field is emptied, or when no suggestion are found. --- lib/exe/ajax.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index fdc28d4f1..9769503a7 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -45,6 +45,8 @@ function ajax_qsearch(){ global $lang; global $INPUT; + $maxnumbersuggestions = 50; + $query = $INPUT->post->str('q'); if(empty($query)) $query = $INPUT->get->str('q'); if(empty($query)) return; @@ -72,7 +74,7 @@ function ajax_qsearch(){ echo '
  • ' . html_wikilink(':'.$id,$name) . '
    • '; $counter ++; - if($counter > 50) { + if($counter > $maxnumbersuggestions) { echo '
  • ...
    • '; break; } -- cgit v1.2.3 From f144452ffbdd0ff09501838b3520147b6e409601 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sun, 3 Feb 2013 21:50:46 +0100 Subject: removed obsolete browser plugin (migrate does it) --- lib/exe/js.php | 1 - 1 file changed, 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/js.php b/lib/exe/js.php index bec6d3d12..41d3e735c 100644 --- a/lib/exe/js.php +++ b/lib/exe/js.php @@ -43,7 +43,6 @@ function js_out(){ DOKU_INC."lib/scripts/jquery/jquery$min.js", DOKU_INC.'lib/scripts/jquery/jquery.cookie.js', DOKU_INC."lib/scripts/jquery/jquery-ui$min.js", - DOKU_INC."lib/scripts/jquery/jquery.mb.browser.js", DOKU_INC."lib/scripts/jquery/jquery-migrate$min.js", DOKU_INC."lib/scripts/fileuploader.js", DOKU_INC."lib/scripts/fileuploaderextended.js", -- cgit v1.2.3 From 3b399a1bd4eba22429d676bddd759ed762c9e80e Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 16 Feb 2013 11:07:36 +0100 Subject: reformatted lib/exe/fetch.php --- lib/exe/fetch.php | 295 +++++++++++++++++++++++++++--------------------------- 1 file changed, 147 insertions(+), 148 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index 52e7ebe1e..f86809320 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -6,84 +6,84 @@ * @author Andreas Gohr */ - if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); - define('DOKU_DISABLE_GZIP_OUTPUT', 1); - require_once(DOKU_INC.'inc/init.php'); - - //close session - session_write_close(); - - $mimetypes = getMimeTypes(); - - //get input - $MEDIA = stripctl(getID('media',false)); // no cleaning except control chars - maybe external - $CACHE = calc_cache($INPUT->str('cache')); - $WIDTH = $INPUT->int('w'); - $HEIGHT = $INPUT->int('h'); - $REV = &$INPUT->ref('rev'); - //sanitize revision - $REV = preg_replace('/[^0-9]/','',$REV); - - list($EXT,$MIME,$DL) = mimetype($MEDIA,false); - if($EXT === false){ +if(!defined('DOKU_INC')) define('DOKU_INC', dirname(__FILE__).'/../../'); +define('DOKU_DISABLE_GZIP_OUTPUT', 1); +require_once(DOKU_INC.'inc/init.php'); +//close session +session_write_close(); + +$mimetypes = getMimeTypes(); + +//get input +$MEDIA = stripctl(getID('media', false)); // no cleaning except control chars - maybe external +$CACHE = calc_cache($INPUT->str('cache')); +$WIDTH = $INPUT->int('w'); +$HEIGHT = $INPUT->int('h'); +$REV = & $INPUT->ref('rev'); +//sanitize revision +$REV = preg_replace('/[^0-9]/', '', $REV); + +list($EXT, $MIME, $DL) = mimetype($MEDIA, false); +if($EXT === false) { $EXT = 'unknown'; $MIME = 'application/octet-stream'; $DL = true; - } - - // check for permissions, preconditions and cache external files - list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE, $REV); - - // prepare data for plugin events - $data = array('media' => $MEDIA, - 'file' => $FILE, - 'orig' => $FILE, - 'mime' => $MIME, - 'download' => $DL, - 'cache' => $CACHE, - 'ext' => $EXT, - 'width' => $WIDTH, - 'height' => $HEIGHT, - 'status' => $STATUS, - 'statusmessage' => $STATUSMESSAGE, - ); - - // handle the file status - $evt = new Doku_Event('FETCH_MEDIA_STATUS', $data); - if ( $evt->advise_before() ) { +} + +// check for permissions, preconditions and cache external files +list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE, $REV); + +// prepare data for plugin events +$data = array( + 'media' => $MEDIA, + 'file' => $FILE, + 'orig' => $FILE, + 'mime' => $MIME, + 'download' => $DL, + 'cache' => $CACHE, + 'ext' => $EXT, + 'width' => $WIDTH, + 'height' => $HEIGHT, + 'status' => $STATUS, + 'statusmessage' => $STATUSMESSAGE, +); + +// handle the file status +$evt = new Doku_Event('FETCH_MEDIA_STATUS', $data); +if($evt->advise_before()) { // redirects - if($data['status'] > 300 && $data['status'] <= 304){ - send_redirect($data['statusmessage']); + if($data['status'] > 300 && $data['status'] <= 304) { + send_redirect($data['statusmessage']); } // send any non 200 status - if($data['status'] != 200){ - header('HTTP/1.0 ' . $data['status'] . ' ' . $data['statusmessage']); + if($data['status'] != 200) { + header('HTTP/1.0 '.$data['status'].' '.$data['statusmessage']); } // die on errors - if($data['status'] > 203){ - print $data['statusmessage']; - exit; + if($data['status'] > 203) { + print $data['statusmessage']; + exit; } - } - $evt->advise_after(); - unset($evt); - - //handle image resizing/cropping - if((substr($MIME,0,5) == 'image') && $WIDTH){ - if($HEIGHT){ - $data['file'] = $FILE = media_crop_image($data['file'],$EXT,$WIDTH,$HEIGHT); - }else{ - $data['file'] = $FILE = media_resize_image($data['file'],$EXT,$WIDTH,$HEIGHT); +} +$evt->advise_after(); +unset($evt); + +//handle image resizing/cropping +if((substr($MIME, 0, 5) == 'image') && $WIDTH) { + if($HEIGHT) { + $data['file'] = $FILE = media_crop_image($data['file'], $EXT, $WIDTH, $HEIGHT); + } else { + $data['file'] = $FILE = media_resize_image($data['file'], $EXT, $WIDTH, $HEIGHT); } - } +} - // finally send the file to the client - $evt = new Doku_Event('MEDIA_SENDFILE', $data); - if ($evt->advise_before()) { - sendFile($data['file'],$data['mime'],$data['download'],$data['cache']); - } - // Do something after the download finished. - $evt->advise_after(); +// finally send the file to the client +$evt = new Doku_Event('MEDIA_SENDFILE', $data); +if($evt->advise_before()) { + sendFile($data['file'], $data['mime'], $data['download'], $data['cache']); +} +// Do something after the download finished. +$evt->advise_after(); /* ------------------------------------------------------------------------ */ @@ -93,51 +93,50 @@ * @author Andreas Gohr * @author Ben Coburn */ -function sendFile($file,$mime,$dl,$cache){ - global $conf; - $fmtime = @filemtime($file); - // send headers - header("Content-Type: $mime"); - // smart http caching headers - if ($cache==-1) { - // cache - // cachetime or one hour - header('Expires: '.gmdate("D, d M Y H:i:s", time()+max($conf['cachetime'], 3600)).' GMT'); - header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($conf['cachetime'], 3600)); - header('Pragma: public'); - } else if ($cache>0) { - // recache - // remaining cachetime + 10 seconds so the newly recached media is used - header('Expires: '.gmdate("D, d M Y H:i:s", $fmtime+$conf['cachetime']+10).' GMT'); - header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($fmtime-time()+$conf['cachetime']+10, 0)); - header('Pragma: public'); - } else if ($cache==0) { - // nocache - header('Cache-Control: must-revalidate, no-transform, post-check=0, pre-check=0'); - header('Pragma: public'); - } - //send important headers first, script stops here if '304 Not Modified' response - http_conditionalRequest($fmtime); - - - //download or display? - if($dl){ - header('Content-Disposition: attachment; filename="'.utf8_basename($file).'";'); - }else{ - header('Content-Disposition: inline; filename="'.utf8_basename($file).'";'); - } - - //use x-sendfile header to pass the delivery to compatible webservers - if (http_sendfile($file)) exit; - - // send file contents - $fp = @fopen($file,"rb"); - if($fp){ - http_rangeRequest($fp,filesize($file),$mime); - }else{ - header("HTTP/1.0 500 Internal Server Error"); - print "Could not read $file - bad permissions?"; - } +function sendFile($file, $mime, $dl, $cache) { + global $conf; + $fmtime = @filemtime($file); + // send headers + header("Content-Type: $mime"); + // smart http caching headers + if($cache == -1) { + // cache + // cachetime or one hour + header('Expires: '.gmdate("D, d M Y H:i:s", time() + max($conf['cachetime'], 3600)).' GMT'); + header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($conf['cachetime'], 3600)); + header('Pragma: public'); + } else if($cache > 0) { + // recache + // remaining cachetime + 10 seconds so the newly recached media is used + header('Expires: '.gmdate("D, d M Y H:i:s", $fmtime + $conf['cachetime'] + 10).' GMT'); + header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($fmtime - time() + $conf['cachetime'] + 10, 0)); + header('Pragma: public'); + } else if($cache == 0) { + // nocache + header('Cache-Control: must-revalidate, no-transform, post-check=0, pre-check=0'); + header('Pragma: public'); + } + //send important headers first, script stops here if '304 Not Modified' response + http_conditionalRequest($fmtime); + + //download or display? + if($dl) { + header('Content-Disposition: attachment; filename="'.utf8_basename($file).'";'); + } else { + header('Content-Disposition: inline; filename="'.utf8_basename($file).'";'); + } + + //use x-sendfile header to pass the delivery to compatible webservers + if(http_sendfile($file)) exit; + + // send file contents + $fp = @fopen($file, "rb"); + if($fp) { + http_rangeRequest($fp, filesize($file), $mime); + } else { + header("HTTP/1.0 500 Internal Server Error"); + print "Could not read $file - bad permissions?"; + } } /** @@ -148,43 +147,43 @@ function sendFile($file,$mime,$dl,$cache){ * * @author Gerry Weissbach * @param $media reference to the media id - * @param $file reference to the file variable + * @param $file reference to the file variable * @returns array(STATUS, STATUSMESSAGE) */ -function checkFileStatus(&$media, &$file, $rev='') { - global $MIME, $EXT, $CACHE, $INPUT; - - //media to local file - if(preg_match('#^(https?)://#i',$media)){ - //check hash - if(substr(md5(auth_cookiesalt().$media),0,6) !== $INPUT->str('hash')){ - return array( 412, 'Precondition Failed'); - } - //handle external images - if(strncmp($MIME,'image/',6) == 0) $file = media_get_from_URL($media,$EXT,$CACHE); - if(!$file){ - //download failed - redirect to original URL - return array( 302, $media ); - } - }else{ - $media = cleanID($media); - if(empty($media)){ - return array( 400, 'Bad request' ); +function checkFileStatus(&$media, &$file, $rev = '') { + global $MIME, $EXT, $CACHE, $INPUT; + + //media to local file + if(preg_match('#^(https?)://#i', $media)) { + //check hash + if(substr(md5(auth_cookiesalt().$media), 0, 6) !== $INPUT->str('hash')) { + return array(412, 'Precondition Failed'); + } + //handle external images + if(strncmp($MIME, 'image/', 6) == 0) $file = media_get_from_URL($media, $EXT, $CACHE); + if(!$file) { + //download failed - redirect to original URL + return array(302, $media); + } + } else { + $media = cleanID($media); + if(empty($media)) { + return array(400, 'Bad request'); + } + + //check permissions (namespace only) + if(auth_quickaclcheck(getNS($media).':X') < AUTH_READ) { + return array(403, 'Forbidden'); + } + $file = mediaFN($media, $rev); } - //check permissions (namespace only) - if(auth_quickaclcheck(getNS($media).':X') < AUTH_READ){ - return array( 403, 'Forbidden' ); + //check file existance + if(!@file_exists($file)) { + return array(404, 'Not Found'); } - $file = mediaFN($media, $rev); - } - - //check file existance - if(!@file_exists($file)){ - return array( 404, 'Not Found' ); - } - return array(200, null); + return array(200, null); } /** @@ -194,12 +193,12 @@ function checkFileStatus(&$media, &$file, $rev='') { * * @author Andreas Gohr */ -function calc_cache($cache){ - global $conf; +function calc_cache($cache) { + global $conf; - if(strtolower($cache) == 'nocache') return 0; //never cache - if(strtolower($cache) == 'recache') return $conf['cachetime']; //use standard cache - return -1; //cache endless + if(strtolower($cache) == 'nocache') return 0; //never cache + if(strtolower($cache) == 'recache') return $conf['cachetime']; //use standard cache + return -1; //cache endless } //Setup VIM: ex: et ts=2 : -- cgit v1.2.3 From 36625b969932ea8641dc1fd0461d4302c600a2a1 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 16 Feb 2013 11:10:40 +0100 Subject: run main code only for non-tests in lib/exe/fetch.php --- lib/exe/fetch.php | 141 ++++++++++++++++++++++++++++-------------------------- 1 file changed, 72 insertions(+), 69 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index f86809320..73e74af40 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -9,81 +9,84 @@ if(!defined('DOKU_INC')) define('DOKU_INC', dirname(__FILE__).'/../../'); define('DOKU_DISABLE_GZIP_OUTPUT', 1); require_once(DOKU_INC.'inc/init.php'); -//close session -session_write_close(); - -$mimetypes = getMimeTypes(); - -//get input -$MEDIA = stripctl(getID('media', false)); // no cleaning except control chars - maybe external -$CACHE = calc_cache($INPUT->str('cache')); -$WIDTH = $INPUT->int('w'); -$HEIGHT = $INPUT->int('h'); -$REV = & $INPUT->ref('rev'); -//sanitize revision -$REV = preg_replace('/[^0-9]/', '', $REV); - -list($EXT, $MIME, $DL) = mimetype($MEDIA, false); -if($EXT === false) { - $EXT = 'unknown'; - $MIME = 'application/octet-stream'; - $DL = true; -} - -// check for permissions, preconditions and cache external files -list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE, $REV); - -// prepare data for plugin events -$data = array( - 'media' => $MEDIA, - 'file' => $FILE, - 'orig' => $FILE, - 'mime' => $MIME, - 'download' => $DL, - 'cache' => $CACHE, - 'ext' => $EXT, - 'width' => $WIDTH, - 'height' => $HEIGHT, - 'status' => $STATUS, - 'statusmessage' => $STATUSMESSAGE, -); - -// handle the file status -$evt = new Doku_Event('FETCH_MEDIA_STATUS', $data); -if($evt->advise_before()) { - // redirects - if($data['status'] > 300 && $data['status'] <= 304) { - send_redirect($data['statusmessage']); +session_write_close(); //close session + +// BEGIN main (if not testing) +if(!defined('SIMPLE_TEST')) { + $mimetypes = getMimeTypes(); + + //get input + $MEDIA = stripctl(getID('media', false)); // no cleaning except control chars - maybe external + $CACHE = calc_cache($INPUT->str('cache')); + $WIDTH = $INPUT->int('w'); + $HEIGHT = $INPUT->int('h'); + $REV = & $INPUT->ref('rev'); + //sanitize revision + $REV = preg_replace('/[^0-9]/', '', $REV); + + list($EXT, $MIME, $DL) = mimetype($MEDIA, false); + if($EXT === false) { + $EXT = 'unknown'; + $MIME = 'application/octet-stream'; + $DL = true; } - // send any non 200 status - if($data['status'] != 200) { - header('HTTP/1.0 '.$data['status'].' '.$data['statusmessage']); + + // check for permissions, preconditions and cache external files + list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE, $REV); + + // prepare data for plugin events + $data = array( + 'media' => $MEDIA, + 'file' => $FILE, + 'orig' => $FILE, + 'mime' => $MIME, + 'download' => $DL, + 'cache' => $CACHE, + 'ext' => $EXT, + 'width' => $WIDTH, + 'height' => $HEIGHT, + 'status' => $STATUS, + 'statusmessage' => $STATUSMESSAGE, + ); + + // handle the file status + $evt = new Doku_Event('FETCH_MEDIA_STATUS', $data); + if($evt->advise_before()) { + // redirects + if($data['status'] > 300 && $data['status'] <= 304) { + send_redirect($data['statusmessage']); + } + // send any non 200 status + if($data['status'] != 200) { + header('HTTP/1.0 '.$data['status'].' '.$data['statusmessage']); + } + // die on errors + if($data['status'] > 203) { + print $data['statusmessage']; + exit; + } } - // die on errors - if($data['status'] > 203) { - print $data['statusmessage']; - exit; + $evt->advise_after(); + unset($evt); + + //handle image resizing/cropping + if((substr($MIME, 0, 5) == 'image') && $WIDTH) { + if($HEIGHT) { + $data['file'] = $FILE = media_crop_image($data['file'], $EXT, $WIDTH, $HEIGHT); + } else { + $data['file'] = $FILE = media_resize_image($data['file'], $EXT, $WIDTH, $HEIGHT); + } } -} -$evt->advise_after(); -unset($evt); -//handle image resizing/cropping -if((substr($MIME, 0, 5) == 'image') && $WIDTH) { - if($HEIGHT) { - $data['file'] = $FILE = media_crop_image($data['file'], $EXT, $WIDTH, $HEIGHT); - } else { - $data['file'] = $FILE = media_resize_image($data['file'], $EXT, $WIDTH, $HEIGHT); + // finally send the file to the client + $evt = new Doku_Event('MEDIA_SENDFILE', $data); + if($evt->advise_before()) { + sendFile($data['file'], $data['mime'], $data['download'], $data['cache']); } -} + // Do something after the download finished. + $evt->advise_after(); -// finally send the file to the client -$evt = new Doku_Event('MEDIA_SENDFILE', $data); -if($evt->advise_before()) { - sendFile($data['file'], $data['mime'], $data['download'], $data['cache']); -} -// Do something after the download finished. -$evt->advise_after(); +}// END DO main /* ------------------------------------------------------------------------ */ -- cgit v1.2.3 From 9d2e1be699d573eebda922cf67f030d3d2aa462d Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 16 Feb 2013 18:29:20 +0100 Subject: introduced http_status() for sending HTTP status code FS#1698 It seems, some servers require a special Status: header for sending the HTTP status code from PHP (F)CGI to the server. This patch introduces a new function (adopted from CodeIgniter) for simplifying the status handling. --- lib/exe/detail.php | 2 +- lib/exe/fetch.php | 4 ++-- lib/exe/mediamanager.php | 4 ++-- lib/exe/xmlrpc.php | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/detail.php b/lib/exe/detail.php index e597db3a2..db635c016 100644 --- a/lib/exe/detail.php +++ b/lib/exe/detail.php @@ -31,7 +31,7 @@ if($AUTH >= AUTH_READ){ $SRC = mediaFN($IMG); if(!@file_exists($SRC)){ //doesn't exist! - header("HTTP/1.0 404 File not Found"); + http_status(404); $ERROR = 'File not found'; } }else{ diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index 73e74af40..9bac4d272 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -58,7 +58,7 @@ if(!defined('SIMPLE_TEST')) { } // send any non 200 status if($data['status'] != 200) { - header('HTTP/1.0 '.$data['status'].' '.$data['statusmessage']); + http_status($data['status'], $data['statusmessage']); } // die on errors if($data['status'] > 203) { @@ -137,7 +137,7 @@ function sendFile($file, $mime, $dl, $cache) { if($fp) { http_rangeRequest($fp, filesize($file), $mime); } else { - header("HTTP/1.0 500 Internal Server Error"); + http_status(500); print "Could not read $file - bad permissions?"; } } diff --git a/lib/exe/mediamanager.php b/lib/exe/mediamanager.php index 04dd178cc..e0a90a291 100644 --- a/lib/exe/mediamanager.php +++ b/lib/exe/mediamanager.php @@ -36,7 +36,7 @@ // do not display the manager if user does not have read access if($AUTH < AUTH_READ && !$fullscreen) { - header('HTTP/1.0 403 Forbidden'); + http_status(403); die($lang['accessdenied']); } @@ -48,7 +48,7 @@ $_FILES['upload'] =& $_FILES['Filedata']; $JUMPTO = media_upload($NS,$AUTH); if($JUMPTO == false){ - header("HTTP/1.0 400 Bad Request"); + http_status(400); echo 'Upload failed'; } echo 'ok'; diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 5e6c197d0..c09daa17c 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -29,10 +29,10 @@ class dokuwiki_xmlrpc_server extends IXR_Server { return $result; } catch (RemoteAccessDeniedException $e) { if (!isset($_SERVER['REMOTE_USER'])) { - header('HTTP/1.1 401 Unauthorized'); + http_status(401); return new IXR_Error(-32603, "server error. not authorized to call method $methodname"); } else { - header('HTTP/1.1 403 Forbidden'); + http_status(403); return new IXR_Error(-32604, "server error. forbidden to call the method $methodname"); } } catch (RemoteException $e) { -- cgit v1.2.3 From 994211890f92c1678536b003354146fbb44b8f2f Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 16 Feb 2013 18:38:11 +0100 Subject: disabled JavaScript compatibility layer this disables the JavaScript compatibility layer which let pre-jQuery migration plugins run with their old code. This will break plugins using outdated JavaScript. These plugins have to be updated according to https://www.dokuwiki.org/devel:jqueryfaq As a courtesy to users, the compatibility.js is not deleted, yet. Undoing this single patch can be used as a temporary workaround. --- lib/exe/js.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/js.php b/lib/exe/js.php index 41d3e735c..4ff48133e 100644 --- a/lib/exe/js.php +++ b/lib/exe/js.php @@ -62,7 +62,7 @@ function js_out(){ DOKU_INC.'lib/scripts/locktimer.js', DOKU_INC.'lib/scripts/linkwiz.js', DOKU_INC.'lib/scripts/media.js', - DOKU_INC.'lib/scripts/compatibility.js', +# deprecated DOKU_INC.'lib/scripts/compatibility.js', # disabled for FS#1958 DOKU_INC.'lib/scripts/hotkeys.js', DOKU_INC.'lib/scripts/behaviour.js', DOKU_INC.'lib/scripts/page.js', -- cgit v1.2.3 From dd90013a5a9ce204250f4d94072e089f617e09db Mon Sep 17 00:00:00 2001 From: Michael Hamann Date: Sat, 16 Feb 2013 18:06:47 +0100 Subject: Media manager: don't create empty namespaces FS#2642 Previously the media manager created an empty namespace whenever you opened a non-existing namespace with upload permissions. Now the current namespace is only displayed in the tree but not actually created. --- lib/exe/mediamanager.php | 3 --- 1 file changed, 3 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/mediamanager.php b/lib/exe/mediamanager.php index e0a90a291..53d438321 100644 --- a/lib/exe/mediamanager.php +++ b/lib/exe/mediamanager.php @@ -40,9 +40,6 @@ die($lang['accessdenied']); } - // create the given namespace (just for beautification) - if($AUTH >= AUTH_UPLOAD) { io_createNamespace("$NS:xxx", 'media'); } - // handle flash upload if(isset($_FILES['Filedata'])){ $_FILES['upload'] =& $_FILES['Filedata']; -- cgit v1.2.3 From add8678f233ad74892a96444e3013e0465616200 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Fri, 1 Mar 2013 12:54:01 +0100 Subject: alternative fix for FS#2734 --- lib/exe/fetch.php | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index 9bac4d272..a9147a6c0 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -47,6 +47,7 @@ if(!defined('SIMPLE_TEST')) { 'height' => $HEIGHT, 'status' => $STATUS, 'statusmessage' => $STATUSMESSAGE, + 'ispublic' => media_ispublic($MEDIA), ); // handle the file status @@ -81,10 +82,13 @@ if(!defined('SIMPLE_TEST')) { // finally send the file to the client $evt = new Doku_Event('MEDIA_SENDFILE', $data); if($evt->advise_before()) { - sendFile($data['file'], $data['mime'], $data['download'], $data['cache']); + $cache = $data['cache']; + if($cache != 0 && !$data['ispublic']) $cache = 0; // no cache headers for private files FS#2734 + + sendFile($data['file'], $data['mime'], $data['download'], $cache); } // Do something after the download finished. - $evt->advise_after(); + $evt->advise_after(); // will not be emitted on 304 or x-sendfile }// END DO main @@ -93,8 +97,18 @@ if(!defined('SIMPLE_TEST')) { /** * Set headers and send the file to the client * + * Unless $cache is set to 0, the data may end up in intermediate proxy servers. Therefor, + * if you're sending (ACL protected) private files, $cache should be 0. + * + * This function will abort the current script when a 304 is sent or file sending is handled + * through x-sendfile + * * @author Andreas Gohr * @author Ben Coburn + * @param string $file local file to send + * @param string $mime mime type of the file + * @param bool $dl set to true to force a browser download + * @param int $cache remaining cache time in seconds (-1 for $conf['cache'], 0 for off) */ function sendFile($file, $mime, $dl, $cache) { global $conf; @@ -115,9 +129,10 @@ function sendFile($file, $mime, $dl, $cache) { header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($fmtime - time() + $conf['cachetime'] + 10, 0)); header('Pragma: public'); } else if($cache == 0) { - // nocache - header('Cache-Control: must-revalidate, no-transform, post-check=0, pre-check=0'); - header('Pragma: public'); + // nocache, avoid resending files from intermediate caches without revalidation FS#2734 + header('Expires: Thu, 01 Jan 1970 00:00:00 GMT'); + header('Cache-Control: private, no-transform, max-age=0'); + header('Pragma: no-cache'); } //send important headers first, script stops here if '304 Not Modified' response http_conditionalRequest($fmtime); -- cgit v1.2.3 From 4a516840077e2d3bb26c9ffca8316b3c9968d018 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sun, 3 Mar 2013 12:47:40 +0100 Subject: handle public vs. private ressource in sendFile() --- lib/exe/fetch.php | 66 ++++++++++++++++++++++++++++++++----------------------- 1 file changed, 39 insertions(+), 27 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index a9147a6c0..e8853dca7 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -82,10 +82,7 @@ if(!defined('SIMPLE_TEST')) { // finally send the file to the client $evt = new Doku_Event('MEDIA_SENDFILE', $data); if($evt->advise_before()) { - $cache = $data['cache']; - if($cache != 0 && !$data['ispublic']) $cache = 0; // no cache headers for private files FS#2734 - - sendFile($data['file'], $data['mime'], $data['download'], $cache); + sendFile($data['file'], $data['mime'], $data['download'], $cache, $data['ispublic']); } // Do something after the download finished. $evt->advise_after(); // will not be emitted on 304 or x-sendfile @@ -97,44 +94,59 @@ if(!defined('SIMPLE_TEST')) { /** * Set headers and send the file to the client * - * Unless $cache is set to 0, the data may end up in intermediate proxy servers. Therefor, - * if you're sending (ACL protected) private files, $cache should be 0. + * The $cache parameter influences how long files may be kept in caches, the $public parameter + * influences if this caching may happen in public proxis or in the browser cache only FS#2734 * * This function will abort the current script when a 304 is sent or file sending is handled * through x-sendfile * * @author Andreas Gohr * @author Ben Coburn - * @param string $file local file to send - * @param string $mime mime type of the file - * @param bool $dl set to true to force a browser download - * @param int $cache remaining cache time in seconds (-1 for $conf['cache'], 0 for off) + * @param string $file local file to send + * @param string $mime mime type of the file + * @param bool $dl set to true to force a browser download + * @param int $cache remaining cache time in seconds (-1 for $conf['cache'], 0 for no-cache) + * @param bool $public is this a public ressource or a private one? */ -function sendFile($file, $mime, $dl, $cache) { +function sendFile($file, $mime, $dl, $cache, $public = false) { global $conf; - $fmtime = @filemtime($file); - // send headers + // send mime headers header("Content-Type: $mime"); - // smart http caching headers + + // calculate cache times if($cache == -1) { - // cache - // cachetime or one hour - header('Expires: '.gmdate("D, d M Y H:i:s", time() + max($conf['cachetime'], 3600)).' GMT'); - header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($conf['cachetime'], 3600)); - header('Pragma: public'); + $maxage = max($conf['cachetime'], 3600); // cachetime or one hour + $expires = time() + $maxage; } else if($cache > 0) { - // recache - // remaining cachetime + 10 seconds so the newly recached media is used - header('Expires: '.gmdate("D, d M Y H:i:s", $fmtime + $conf['cachetime'] + 10).' GMT'); - header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($fmtime - time() + $conf['cachetime'] + 10, 0)); - header('Pragma: public'); - } else if($cache == 0) { - // nocache, avoid resending files from intermediate caches without revalidation FS#2734 + $maxage = $cache; // given time + $expires = time() + $maxage; + } else { // $cache == 0 + $maxage = 0; + $expires = 0; // 1970-01-01 + } + + // smart http caching headers + if($maxage) { + if($public) { + // cache publically + header('Expires: '.gmdate("D, d M Y H:i:s", $expires).' GMT'); + header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.$maxage); + header('Pragma: public'); + } else { + // cache in browser + header('Expires: '.gmdate("D, d M Y H:i:s", $expires).' GMT'); + header('Cache-Control: private, no-transform, max-age='.$maxage); + header('Pragma: private'); + } + } else { + // no cache at all header('Expires: Thu, 01 Jan 1970 00:00:00 GMT'); header('Cache-Control: private, no-transform, max-age=0'); - header('Pragma: no-cache'); + header('Pragma: no-store'); } + //send important headers first, script stops here if '304 Not Modified' response + $fmtime = @filemtime($file); http_conditionalRequest($fmtime); //download or display? -- cgit v1.2.3 From 1c7d84bee69b8965844a960fa91551634986b35f Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sun, 3 Mar 2013 12:51:16 +0100 Subject: fixed passed cache parameter --- lib/exe/fetch.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index e8853dca7..28401ab39 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -82,7 +82,7 @@ if(!defined('SIMPLE_TEST')) { // finally send the file to the client $evt = new Doku_Event('MEDIA_SENDFILE', $data); if($evt->advise_before()) { - sendFile($data['file'], $data['mime'], $data['download'], $cache, $data['ispublic']); + sendFile($data['file'], $data['mime'], $data['download'], $data['cache'], $data['ispublic']); } // Do something after the download finished. $evt->advise_after(); // will not be emitted on 304 or x-sendfile -- cgit v1.2.3 From 3b6f95e62fc7049712b96aacd245be507f83d5ee Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sun, 3 Mar 2013 20:03:57 +0100 Subject: adjusted cache=0 headers again --- lib/exe/fetch.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index 28401ab39..8b77fa0b2 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -141,8 +141,8 @@ function sendFile($file, $mime, $dl, $cache, $public = false) { } else { // no cache at all header('Expires: Thu, 01 Jan 1970 00:00:00 GMT'); - header('Cache-Control: private, no-transform, max-age=0'); - header('Pragma: no-store'); + header('Cache-Control: no-cache, no-transform, max-age=0'); + header('Pragma: no-cache'); } //send important headers first, script stops here if '304 Not Modified' response -- cgit v1.2.3 From a6c362b61d32c897d430e72356b4efe5a399c0ac Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sun, 3 Mar 2013 20:08:57 +0100 Subject: max-age not allowed with no-cache --- lib/exe/fetch.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index 8b77fa0b2..b9270d277 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -141,7 +141,7 @@ function sendFile($file, $mime, $dl, $cache, $public = false) { } else { // no cache at all header('Expires: Thu, 01 Jan 1970 00:00:00 GMT'); - header('Cache-Control: no-cache, no-transform, max-age=0'); + header('Cache-Control: no-cache, no-transform'); header('Pragma: no-cache'); } -- cgit v1.2.3 From 1b8b28faf419d50137b455d4d9a39cfd0fff3f4c Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sun, 3 Mar 2013 21:01:21 +0100 Subject: there's no pragma: private --- lib/exe/fetch.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index b9270d277..a558a3db8 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -136,7 +136,7 @@ function sendFile($file, $mime, $dl, $cache, $public = false) { // cache in browser header('Expires: '.gmdate("D, d M Y H:i:s", $expires).' GMT'); header('Cache-Control: private, no-transform, max-age='.$maxage); - header('Pragma: private'); + header('Pragma: no-cache'); } } else { // no cache at all -- cgit v1.2.3