diff options
| -rw-r--r-- | conf/mime.conf | 53 | ||||
| -rw-r--r-- | inc/confutils.php | 8 | ||||
| -rw-r--r-- | inc/media.php | 6 | ||||
| -rw-r--r-- | inc/parser/xhtml.php | 6 | ||||
| -rw-r--r-- | lib/exe/fetch.php | 28 | ||||
| -rw-r--r-- | lib/exe/xmlrpc.php | 2 |
6 files changed, 57 insertions, 46 deletions
diff --git a/conf/mime.conf b/conf/mime.conf index 68262aa7e..2e1ce6bb0 100644 --- a/conf/mime.conf +++ b/conf/mime.conf @@ -1,38 +1,41 @@ -#Add extensions and mimetypes of files you want to allow to upload here +# Allowed uploadable file extensions and mimetypes are defined here. +# To extend this file it is recommended to create a mime.local.conf +# file. Mimetypes that should be downloadable and not be opened in the +# should be prefixed with a ! jpg image/jpeg jpeg image/jpeg gif image/gif png image/png -tgz application/octet-stream -tar application/x-gtar -gz application/octet-stream -bz2 application/octet-stream -zip application/zip -rar application/rar +tgz !application/octet-stream +tar !application/x-gtar +gz !application/octet-stream +bz2 !application/octet-stream +zip !application/zip +rar !application/rar pdf application/pdf -ps application/postscript -doc application/msword -xls application/msexcel -ppt application/mspowerpoint -rtf application/msword +ps !application/postscript +doc !application/msword +xls !application/msexcel +ppt !application/mspowerpoint +rtf !application/msword swf application/x-shockwave-flash -rpm application/octet-stream -deb application/octet-stream +rpm !application/octet-stream +deb !application/octet-stream -sxw application/soffice -sxc application/soffice -sxi application/soffice -sxd application/soffice +sxw !application/soffice +sxc !application/soffice +sxi !application/soffice +sxd !application/soffice -odc application/vnd.oasis.opendocument.chart -odf application/vnd.oasis.opendocument.formula -odg application/vnd.oasis.opendocument.graphics -odi application/vnd.oasis.opendocument.image -odp application/vnd.oasis.opendocument.presentation -ods application/vnd.oasis.opendocument.spreadsheet -odt application/vnd.oasis.opendocument.text +odc !application/vnd.oasis.opendocument.chart +odf !application/vnd.oasis.opendocument.formula +odg !application/vnd.oasis.opendocument.graphics +odi !application/vnd.oasis.opendocument.image +odp !application/vnd.oasis.opendocument.presentation +ods !application/vnd.oasis.opendocument.spreadsheet +odt !application/vnd.oasis.opendocument.text # You should enable HTML and Text uploads only for restricted Wikis. # Spammers are known to upload spam pages through unprotected Wikis. diff --git a/inc/confutils.php b/inc/confutils.php index a7799b9d4..1ef0942f8 100644 --- a/inc/confutils.php +++ b/inc/confutils.php @@ -14,7 +14,7 @@ * @author Andreas Gohr <andi@splitbrain.org> */ function mimetype($file){ - $ret = array(false,false); // return array + $ret = array(false,false,false); // return array $mtypes = getMimeTypes(); // known mimetypes $exts = join('|',array_keys($mtypes)); // known extensions (regexp) if(preg_match('#\.('.$exts.')$#i',$file,$matches)){ @@ -22,7 +22,11 @@ function mimetype($file){ } if($ext && $mtypes[$ext]){ - $ret = array($ext, $mtypes[$ext]); + if($mtypes[$ext][0] == '!'){ + $ret = array($ext, substr($mtypes[$ext],1), true); + }else{ + $ret = array($ext, $mtypes[$ext], false); + } } return $ret; diff --git a/inc/media.php b/inc/media.php index 3e54db512..29b2ec986 100644 --- a/inc/media.php +++ b/inc/media.php @@ -233,8 +233,8 @@ function media_upload($ns,$auth){ } // check extensions - list($fext,$fmime) = mimetype($file['name']); - list($iext,$imime) = mimetype($id); + list($fext,$fmime,$dl) = mimetype($file['name']); + list($iext,$imime,$dl) = mimetype($id); if($fext && !$iext){ // no extension specified in id - read original one $id .= '.'.$fext; @@ -492,7 +492,7 @@ function media_printfile($item,$auth,$jump){ } // Prepare fileicons - list($ext,$mime) = mimetype($item['file']); + list($ext,$mime,$dl) = mimetype($item['file']); $class = preg_replace('/[^_\-a-z0-9]+/i','_',$ext); $class = 'select mediafile mf_'.$class; diff --git a/inc/parser/xhtml.php b/inc/parser/xhtml.php index fda1ef36e..58ff5e7b1 100644 --- a/inc/parser/xhtml.php +++ b/inc/parser/xhtml.php @@ -675,7 +675,7 @@ class Doku_Renderer_xhtml extends Doku_Renderer { $render = ($linking == 'linkonly') ? false : true; $link = $this->_getMediaLinkConf($src, $title, $align, $width, $height, $cache, $render); - list($ext,$mime) = mimetype($src); + list($ext,$mime,$dl) = mimetype($src); if(substr($mime,0,5) == 'image' && $render){ $link['url'] = ml($src,array('id'=>$ID,'cache'=>$cache),($linking=='direct')); }elseif($mime == 'application/x-shockwave-flash' && $render){ @@ -705,7 +705,7 @@ class Doku_Renderer_xhtml extends Doku_Renderer { $link['url'] = ml($src,array('cache'=>$cache)); - list($ext,$mime) = mimetype($src); + list($ext,$mime,$dl) = mimetype($src); if(substr($mime,0,5) == 'image' && $render){ // link only jpeg images // if ($ext != 'jpg' && $ext != 'jpeg') $noLink = true; @@ -909,7 +909,7 @@ class Doku_Renderer_xhtml extends Doku_Renderer { $ret = ''; - list($ext,$mime) = mimetype($src); + list($ext,$mime,$dl) = mimetype($src); if(substr($mime,0,5) == 'image'){ // first get the $title if (!is_null($title)) { diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index becb60b64..dd4da459c 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -25,10 +25,11 @@ $CACHE = calc_cache($_REQUEST['cache']); $WIDTH = (int) $_REQUEST['w']; $HEIGHT = (int) $_REQUEST['h']; - list($EXT,$MIME) = mimetype($MEDIA); + list($EXT,$MIME,$DL) = mimetype($MEDIA); if($EXT === false){ $EXT = 'unknown'; $MIME = 'application/octet-stream'; + $DL = true; } //media to local file @@ -78,17 +79,18 @@ } // finally send the file to the client - $data = array('file' => $FILE, - 'mime' => $MIME, - 'cache' => $CACHE, - 'orig' => $ORIG, - 'ext' => $EXT, - 'width' => $WIDTH, - 'height' => $HEIGHT); + $data = array('file' => $FILE, + 'mime' => $MIME, + 'download' => $DL, + 'cache' => $CACHE, + 'orig' => $ORIG, + 'ext' => $EXT, + 'width' => $WIDTH, + 'height' => $HEIGHT); $evt = new Doku_Event('MEDIA_SENDFILE', $data); if ($evt->advise_before()) { - sendFile($data['file'],$data['mime'],$data['cache']); + sendFile($data['file'],$data['mime'],$data['download'],$data['cache']); } /* ------------------------------------------------------------------------ */ @@ -99,7 +101,7 @@ * @author Andreas Gohr <andi@splitbrain.org> * @author Ben Coburn <btcoburn@silicodon.net> */ -function sendFile($file,$mime,$cache){ +function sendFile($file,$mime,$dl,$cache){ global $conf; $fmtime = @filemtime($file); // send headers @@ -126,9 +128,11 @@ function sendFile($file,$mime,$cache){ http_conditionalRequest($fmtime); - //application mime type is downloadable - if(substr($mime,0,11) == 'application'){ + //download or display? + if($dl){ header('Content-Disposition: attachment; filename="'.basename($file).'";'); + }else{ + header('Content-Disposition: inline; filename="'.basename($file).'";'); } //use x-sendfile header to pass the delivery to compatible webservers diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index c2805cb01..97e473d7e 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -452,7 +452,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { io_saveFile($ftmp, $buff); // get filename - list($iext, $imime) = mimetype($id); + list($iext, $imime,$dl) = mimetype($id); $id = cleanID($id); $fn = mediaFN($id); |