OSDN Git Service

(root) / pukiwiki / pukiwiki.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
BugTrack/2367 CSS reformat
[pukiwiki/pukiwiki.git] / plugin / ref.inc.php
diff --git a/plugin/ref.inc.php b/plugin/ref.inc.php
index 392cceb..b4ce5bf 100644 (file)
--- a/plugin/ref.inc.php
+++ b/plugin/ref.inc.php
@@ -1,8 +1,8 @@
 <?php
 // PukiWiki - Yet another WikiWikiWeb clone
-// $Id: ref.inc.php,v 1.51 2011/01/25 15:01:01 henoheno Exp $
-// Copyright (C)
-//   2002-2006 PukiWiki Developers Team
+// ref.inc.php
+// Copyright
+//   2002-2017 PukiWiki Development Team
 //   2001-2002 Originally written by yu-ji
 // License: GPL v2 or (at your option) any later version
 //
@@ -40,7 +40,7 @@ define('PLUGIN_REF_DIRECT_ACCESS', FALSE); // FALSE or TRUE
 /////////////////////////////////////////////////
 
 // Image suffixes allowed
-define('PLUGIN_REF_IMAGE', '/\.(gif|png|jpe?g)$/i');
+define('PLUGIN_REF_IMAGE', '/\.(gif|png|jpe?g|swf)$/i');
 
 // Usage (a part of)
 define('PLUGIN_REF_USAGE', "([pagename/]attached-file-name[,parameters, ... ][,title])");
@@ -107,9 +107,10 @@ EOD;
 
 function plugin_ref_body($args)
 {
-       global $script, $vars;
+       global $vars;
        global $WikiName, $BracketName; // compat
 
+       $script = get_base_uri();
        // 戻り値
        $params = array(
                'left'   => FALSE, // 左寄せ
@@ -397,6 +398,10 @@ function plugin_ref_action()
        if(! file_exists($ref))
                return array('msg'=>'Attach file not found', 'body'=>$usage);
 
+       $is_image = preg_match(PLUGIN_REF_IMAGE, $filename);
+       if (!$is_image) {
+               return array('msg'=>'Seems not an image', 'body'=>$usage);
+       }
        $got = @getimagesize($ref);
        if (! isset($got[2])) $got[2] = FALSE;
        switch ($got[2]) {
@@ -426,6 +431,11 @@ function plugin_ref_action()
                .'"; filename*=utf-8\'\'' . rawurlencode($utf8filename));
        header('Content-Length: ' . $size);
        header('Content-Type: '   . $type);
+       // Disable output bufferring
+       while (ob_get_level()) {
+               ob_end_flush();
+       }
+       flush();
        @readfile($ref);
        exit;
 }
About OSDN
Find Software
Develop Software
Help