diff --git a/conf/mime.conf b/conf/mime.conf
index 68262aa7e7b5576824adfacdd2b140ea611cdf70..2e1ce6bb049027467de6b5fec2a1d64579fe937a 100644
--- a/conf/mime.conf
+++ b/conf/mime.conf
@@ -1,38 +1,41 @@
-#Add extensions and mimetypes of files you want to allow to upload here
+# Allowed uploadable file extensions and mimetypes are defined here.
+# To extend this file it is recommended to create a mime.local.conf
+# file. Mimetypes that should be downloadable and not be opened in the
+# should be prefixed with a !
jpg image/jpeg
jpeg image/jpeg
gif image/gif
png image/png
-tgz application/octet-stream
-tar application/x-gtar
-gz application/octet-stream
-bz2 application/octet-stream
-zip application/zip
-rar application/rar
+tgz !application/octet-stream
+tar !application/x-gtar
+gz !application/octet-stream
+bz2 !application/octet-stream
+zip !application/zip
+rar !application/rar
pdf application/pdf
-ps application/postscript
-doc application/msword
-xls application/msexcel
-ppt application/mspowerpoint
-rtf application/msword
+ps !application/postscript
+doc !application/msword
+xls !application/msexcel
+ppt !application/mspowerpoint
+rtf !application/msword
swf application/x-shockwave-flash
-rpm application/octet-stream
-deb application/octet-stream
+rpm !application/octet-stream
+deb !application/octet-stream
-sxw application/soffice
-sxc application/soffice
-sxi application/soffice
-sxd application/soffice
+sxw !application/soffice
+sxc !application/soffice
+sxi !application/soffice
+sxd !application/soffice
-odc application/vnd.oasis.opendocument.chart
-odf application/vnd.oasis.opendocument.formula
-odg application/vnd.oasis.opendocument.graphics
-odi application/vnd.oasis.opendocument.image
-odp application/vnd.oasis.opendocument.presentation
-ods application/vnd.oasis.opendocument.spreadsheet
-odt application/vnd.oasis.opendocument.text
+odc !application/vnd.oasis.opendocument.chart
+odf !application/vnd.oasis.opendocument.formula
+odg !application/vnd.oasis.opendocument.graphics
+odi !application/vnd.oasis.opendocument.image
+odp !application/vnd.oasis.opendocument.presentation
+ods !application/vnd.oasis.opendocument.spreadsheet
+odt !application/vnd.oasis.opendocument.text
# You should enable HTML and Text uploads only for restricted Wikis.
# Spammers are known to upload spam pages through unprotected Wikis.
diff --git a/inc/confutils.php b/inc/confutils.php
index a7799b9d4a37bcdffce365a3df9fc0ababd1896c..1ef0942f82cb128bff04f42d9e61daea9ef1cf27 100644
--- a/inc/confutils.php
+++ b/inc/confutils.php
@@ -14,7 +14,7 @@
* @author Andreas Gohr <andi@splitbrain.org>
*/
function mimetype($file){
- $ret = array(false,false); // return array
+ $ret = array(false,false,false); // return array
$mtypes = getMimeTypes(); // known mimetypes
$exts = join('|',array_keys($mtypes)); // known extensions (regexp)
if(preg_match('#\.('.$exts.')$#i',$file,$matches)){
@@ -22,7 +22,11 @@ function mimetype($file){
}
if($ext && $mtypes[$ext]){
- $ret = array($ext, $mtypes[$ext]);
+ if($mtypes[$ext][0] == '!'){
+ $ret = array($ext, substr($mtypes[$ext],1), true);
+ }else{
+ $ret = array($ext, $mtypes[$ext], false);
+ }
}
return $ret;
diff --git a/inc/media.php b/inc/media.php
index 3e54db51289b289bb0a1e6d53291a5114a35c7ff..29b2ec986c5d4c67f7c719015887bcb0c00c2d70 100644
--- a/inc/media.php
+++ b/inc/media.php
@@ -233,8 +233,8 @@ function media_upload($ns,$auth){
}
// check extensions
- list($fext,$fmime) = mimetype($file['name']);
- list($iext,$imime) = mimetype($id);
+ list($fext,$fmime,$dl) = mimetype($file['name']);
+ list($iext,$imime,$dl) = mimetype($id);
if($fext && !$iext){
// no extension specified in id - read original one
$id .= '.'.$fext;
@@ -492,7 +492,7 @@ function media_printfile($item,$auth,$jump){
}
// Prepare fileicons
- list($ext,$mime) = mimetype($item['file']);
+ list($ext,$mime,$dl) = mimetype($item['file']);
$class = preg_replace('/[^_\-a-z0-9]+/i','_',$ext);
$class = 'select mediafile mf_'.$class;
diff --git a/inc/parser/xhtml.php b/inc/parser/xhtml.php
index fda1ef36e113dd47bbc430f2bbef54d4448a68d9..58ff5e7b15f4e054b8a16b20f99f4a6978bb596d 100644
--- a/inc/parser/xhtml.php
+++ b/inc/parser/xhtml.php
@@ -675,7 +675,7 @@ class Doku_Renderer_xhtml extends Doku_Renderer {
$render = ($linking == 'linkonly') ? false : true;
$link = $this->_getMediaLinkConf($src, $title, $align, $width, $height, $cache, $render);
- list($ext,$mime) = mimetype($src);
+ list($ext,$mime,$dl) = mimetype($src);
if(substr($mime,0,5) == 'image' && $render){
$link['url'] = ml($src,array('id'=>$ID,'cache'=>$cache),($linking=='direct'));
}elseif($mime == 'application/x-shockwave-flash' && $render){
@@ -705,7 +705,7 @@ class Doku_Renderer_xhtml extends Doku_Renderer {
$link['url'] = ml($src,array('cache'=>$cache));
- list($ext,$mime) = mimetype($src);
+ list($ext,$mime,$dl) = mimetype($src);
if(substr($mime,0,5) == 'image' && $render){
// link only jpeg images
// if ($ext != 'jpg' && $ext != 'jpeg') $noLink = true;
@@ -909,7 +909,7 @@ class Doku_Renderer_xhtml extends Doku_Renderer {
$ret = '';
- list($ext,$mime) = mimetype($src);
+ list($ext,$mime,$dl) = mimetype($src);
if(substr($mime,0,5) == 'image'){
// first get the $title
if (!is_null($title)) {
diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php
index becb60b6448eb08c26c0f4fc4e644607f975d770..dd4da459c85883e87690c4ec9a5723f0d745cebf 100644
--- a/lib/exe/fetch.php
+++ b/lib/exe/fetch.php
@@ -25,10 +25,11 @@
$CACHE = calc_cache($_REQUEST['cache']);
$WIDTH = (int) $_REQUEST['w'];
$HEIGHT = (int) $_REQUEST['h'];
- list($EXT,$MIME) = mimetype($MEDIA);
+ list($EXT,$MIME,$DL) = mimetype($MEDIA);
if($EXT === false){
$EXT = 'unknown';
$MIME = 'application/octet-stream';
+ $DL = true;
}
//media to local file
@@ -78,17 +79,18 @@
}
// finally send the file to the client
- $data = array('file' => $FILE,
- 'mime' => $MIME,
- 'cache' => $CACHE,
- 'orig' => $ORIG,
- 'ext' => $EXT,
- 'width' => $WIDTH,
- 'height' => $HEIGHT);
+ $data = array('file' => $FILE,
+ 'mime' => $MIME,
+ 'download' => $DL,
+ 'cache' => $CACHE,
+ 'orig' => $ORIG,
+ 'ext' => $EXT,
+ 'width' => $WIDTH,
+ 'height' => $HEIGHT);
$evt = new Doku_Event('MEDIA_SENDFILE', $data);
if ($evt->advise_before()) {
- sendFile($data['file'],$data['mime'],$data['cache']);
+ sendFile($data['file'],$data['mime'],$data['download'],$data['cache']);
}
/* ------------------------------------------------------------------------ */
@@ -99,7 +101,7 @@
* @author Andreas Gohr <andi@splitbrain.org>
* @author Ben Coburn <btcoburn@silicodon.net>
*/
-function sendFile($file,$mime,$cache){
+function sendFile($file,$mime,$dl,$cache){
global $conf;
$fmtime = @filemtime($file);
// send headers
@@ -126,9 +128,11 @@ function sendFile($file,$mime,$cache){
http_conditionalRequest($fmtime);
- //application mime type is downloadable
- if(substr($mime,0,11) == 'application'){
+ //download or display?
+ if($dl){
header('Content-Disposition: attachment; filename="'.basename($file).'";');
+ }else{
+ header('Content-Disposition: inline; filename="'.basename($file).'";');
}
//use x-sendfile header to pass the delivery to compatible webservers
diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php
index c2805cb01f1b09acfa817787e3032319ec82bc16..97e473d7ec540cb6f612b79be4fb0c5dc1c3deab 100644
--- a/lib/exe/xmlrpc.php
+++ b/lib/exe/xmlrpc.php
@@ -452,7 +452,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
io_saveFile($ftmp, $buff);
// get filename
- list($iext, $imime) = mimetype($id);
+ list($iext, $imime,$dl) = mimetype($id);
$id = cleanID($id);
$fn = mediaFN($id);