$info["props"][] = $this->mkprop("getcontentlength", OC_FILESYSTEM::filesize($fspath));
}
// get additional properties from database
- $query = "SELECT ns, name, value FROM properties WHERE path = '$path'";
- $query = "SELECT ns, name, value FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$path'";
- $res = OC_DB::select($query);
- while ($row = $res[0]) {
++ $query = "SELECT ns, name, value FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$path'";
+ $res = OC_DB::select($query);
+ foreach($res as $row){
$info["props"][] = $this->mkprop($row["ns"], $row["name"], $row["value"]);
}
return $info;
*/
function DELETE($options)
{
+ global $CONFIG_DBTABLEPREFIX;
$path =$options["path"];
-
if (!OC_FILESYSTEM::file_exists($path)) {
return "404 Not found";
}
-
+ $lock=self::checkLock($path);
+ if(is_array($lock)){
+ $owner=$options['owner'];
+ $lockOwner=$lock['owner'];
+ if($owner==$lockOwner){
+ return "423 Locked";
+ }
+ }
if (OC_FILESYSTEM::is_dir($path)) {
- $query = "DELETE FROM properties WHERE path LIKE '".$this->_slashify($options["path"])."%'";
+ $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path LIKE '".$this->_slashify($options["path"])."%'";
OC_DB::query($query);
OC_FILESYSTEM::delTree($path);
} else {
$options["props"][$key]['status'] = "403 Forbidden";
} else {
if (isset($prop["val"])) {
- $query = "REPLACE INTO properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'";
+ $query = "REPLACE INTO {$CONFIG_DBTABLEPREFIX}properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'";
- error_log($query);
} else {
- $query = "DELETE FROM properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'";
+ $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'";
}
OC_DB::query($query);
}
*/
function LOCK(&$options)
{
+ global $CONFIG_DBTABLEPREFIX;
+
// get absolute fs path to requested resource
$fspath = $options["path"];
-
// TODO recursive locks on directories not supported yet
// makes litmus test "32. lock_collection" fail
- if (is_dir($fspath) && !empty($options["depth"])) {
- return "409 Conflict";
+ if (OC_FILESYSTEM::is_dir($fspath) && !empty($options["depth"])) {
+ switch($options["depth"]){
+ case 'infinity':
+ $recursion=1;
+ break;
+ case '0':
+ $recursion=0;
+ break;
+ }
+ }else{
+ $recursion=0;
}
$options["timeout"] = time()+300; // 5min. hardcoded
if (isset($options["update"])) { // Lock Update
$where = "WHERE path = '$options[path]' AND token = '$options[update]'";
- $query = "SELECT owner, exclusivelock FROM locks $where";
+ $query = "SELECT owner, exclusivelock FROM {$CONFIG_DBTABLEPREFIX}locks $where";
- $res = OC_DB::query($query);
- $row = OC_DB::fetch_assoc($res);
- OC_DB::free_result($res);
+ $res = OC_DB::select($query);
- if (is_array($row)) {
+ if (is_array($res) and isset($res[0])) {
+ $row=$res[0];
- $query = "UPDATE `locks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where";
+ $query = "UPDATE `{$CONFIG_DBTABLEPREFIX}locks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where";
OC_DB::query($query);
$options['owner'] = $row['owner'];
//create/fill database
$CONFIG_DBTYPE=$dbtype;
$CONFIG_DBNAME=$_POST['dbname'];
- if($dbtype=='mysql'){
+ $CONFIG_DBTABLEPREFIX=$_POST['dbtableprefix'];
+ if($dbtype!='sqlite'){
$CONFIG_DBHOST=$_POST['dbhost'];
$CONFIG_DBUSER=$_POST['dbuser'];
$CONFIG_DBPASSWORD=$_POST['dbpassword'];
$config.='$CONFIG_DATEFORMAT=\''.$_POST['dateformat']."';\n";
$config.='$CONFIG_DBTYPE=\''.$dbtype."';\n";
$config.='$CONFIG_DBNAME=\''.$_POST['dbname']."';\n";
- if($dbtype=='mysql'){
+ $config.='$CONFIG_DBTABLEPREFIX=\''.$_POST['dbtableprefix']."';\n";
+ if($dbtype!='sqlite'){
$config.='$CONFIG_DBHOST=\''.$_POST['dbhost']."';\n";
$config.='$CONFIG_DBUSER=\''.$_POST['dbuser']."';\n";
$config.='$CONFIG_DBPASSWORD=\''.$_POST['dbpassword']."';\n";
}
}
}
-
- /**
- * Fills the database with the initial tables
- * Note: while the AUTO_INCREMENT function is not supported by SQLite
- * the same effect can be achieved by accessing the SQLite pseudo-column
- * "rowid"
- */
- private static function filldatabase(){
+
+ /**
+ * Fills the database with the initial tables
+ * Note: while the AUTO_INCREMENT function is not supported by SQLite
+ * the same effect can be achieved by accessing the SQLite pseudo-column
+ * "rowid"
+ */
+ private static function filldatabase(){
+ global $SERVERROOT;
+ OC_DB::createDBFromStructure($SERVERROOT.'/db_structure.xml');
+ }
+
+ /**
+ * Create the database and user
+ * @param string adminUser
+ * @param string adminPwd
+ *
+ */
+ private static function createdatabase($adminUser,$adminPwd){
+ global $CONFIG_DBHOST;
+ global $CONFIG_DBNAME;
+ global $CONFIG_DBUSER;
+ global $CONFIG_DBPWD;
global $CONFIG_DBTYPE;
-
- if($CONFIG_DBTYPE=='sqlite'){
- $query="CREATE TABLE '{$CONFIG_DBTABLEPREFIX}locks' (
- 'token' VARCHAR(255) NOT NULL DEFAULT '',
- 'path' varchar(200) NOT NULL DEFAULT '',
- 'created' int(11) NOT NULL DEFAULT '0',
- 'modified' int(11) NOT NULL DEFAULT '0',
- 'expires' int(11) NOT NULL DEFAULT '0',
- 'owner' varchar(200) DEFAULT NULL,
- 'recursive' int(11) DEFAULT '0',
- 'writelock' int(11) DEFAULT '0',
- 'exclusivelock' int(11) NOT NULL DEFAULT '0',
- PRIMARY KEY ('token'),
- UNIQUE ('token')
- );
-
-CREATE TABLE '{$CONFIG_DBTABLEPREFIX}log' (
- `id` INTEGER ASC DEFAULT '' NOT NULL,
- 'timestamp' int(11) NOT NULL,
- 'user' varchar(250) NOT NULL,
- 'type' int(11) NOT NULL,
- 'message' varchar(250) NOT NULL,
- PRIMARY KEY ('id')
-);
-
-
-CREATE TABLE '{$CONFIG_DBTABLEPREFIX}properties' (
- 'path' varchar(255) NOT NULL DEFAULT '',
- 'name' varchar(120) NOT NULL DEFAULT '',
- 'ns' varchar(120) NOT NULL DEFAULT 'DAV:',
- 'value' text,
- PRIMARY KEY ('path','name','ns')
-);
-
-CREATE TABLE '{$CONFIG_DBTABLEPREFIX}users' (
- 'user_id' INTEGER ASC DEFAULT '',
- 'user_name' varchar(64) NOT NULL DEFAULT '',
- 'user_name_clean' varchar(64) NOT NULL DEFAULT '',
- 'user_password' varchar(40) NOT NULL DEFAULT '',
- PRIMARY KEY ('user_id'),
- UNIQUE ('user_name' ,'user_name_clean')
-);
-
-CREATE TABLE '{$CONFIG_DBTABLEPREFIX}groups' (
-'group_id' INTEGER ASC DEFAULT '',
-'group_name' VARCHAR( 64 ) NOT NULL DEFAULT '',
-PRIMARY KEY ('group_id'),
-UNIQUE ('group_name')
-);
-
-CREATE TABLE '{$CONFIG_DBTABLEPREFIX}user_group' (
-'user_group_id' INTEGER ASC DEFAULT '',
-'user_id' VARCHAR( 64 ) NOT NULL DEFAULT '',
-'group_id' VARCHAR( 64 ) NOT NULL DEFAULT '',
-PRIMARY KEY ('user_group_id')
-)
-";
- }elseif($CONFIG_DBTYPE=='mysql'){
- $query="CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}locks` (
- `token` varchar(255) NOT NULL DEFAULT '',
- `path` varchar(200) NOT NULL DEFAULT '',
- `created` int(11) NOT NULL DEFAULT '0',
- `modified` int(11) NOT NULL DEFAULT '0',
- `expires` int(11) NOT NULL DEFAULT '0',
- `owner` varchar(200) DEFAULT NULL,
- `recursive` int(11) DEFAULT '0',
- `writelock` int(11) DEFAULT '0',
- `exclusivelock` int(11) NOT NULL DEFAULT '0',
- PRIMARY KEY (`token`),
- UNIQUE KEY `token` (`token`),
- KEY `path` (`path`),
- KEY `path_2` (`path`),
- KEY `path_3` (`path`,`token`),
- KEY `expires` (`expires`)
-);
-
-CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}log` (
- `id` int(11) NOT NULL AUTO_INCREMENT,
- `timestamp` int(11) NOT NULL,
- `user` varchar(250) NOT NULL,
- `type` int(11) NOT NULL,
- `message` varchar(250) NOT NULL,
- PRIMARY KEY (`id`)
-);
-
-
-CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}properties` (
- `path` varchar(255) NOT NULL DEFAULT '',
- `name` varchar(120) NOT NULL DEFAULT '',
- `ns` varchar(120) NOT NULL DEFAULT 'DAV:',
- `value` text,
- PRIMARY KEY (`path`,`name`,`ns`),
- KEY `path` (`path`)
-);
-
-CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}users` (
-`user_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
-`user_name` VARCHAR( 64 ) NOT NULL ,
-`user_name_clean` VARCHAR( 64 ) NOT NULL ,
-`user_password` VARCHAR( 340) NOT NULL ,
-UNIQUE (
-`user_name` ,
-`user_name_clean`
-)
-);
-
-CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}groups` (
-`group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
-`group_name` VARCHAR( 64 ) NOT NULL ,
-UNIQUE (
-`group_name`
-)
-);
-
-CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}user_group` (
-`user_group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
-`user_id` VARCHAR( 64 ) NOT NULL ,
-`group_id` VARCHAR( 64 ) NOT NULL
-)
-";
+ //we cant user OC_BD functions here because we need to connect as the administrative user.
+ if($CONFIG_DBTYPE=='mysql'){
+ $connection = @new mysqli($CONFIG_DBHOST, $adminUser, $adminPwd);
+ if (mysqli_connect_errno()) {
+ @ob_end_clean();
+ echo('<html><head></head><body bgcolor="#F0F0F0"><br /><br /><center><b>can not connect to database as administrative user.</center></body></html>');
+ exit();
+ }
+ $query="SELECT user FROM mysql.user WHERE user='{$_POST['dbuser']}';";
+ $result = @$connection->query($query);
+ if (!$result) {
+ $entry='DB Error: "'.$connection->error.'"<br />';
+ $entry.='Offending command was: '.$query.'<br />';
+ echo($entry);
+ }
+ if($result->num_rows==0){
+ $query="CREATE USER '{$_POST['dbuser']}' IDENTIFIED BY '{$_POST['dbpassword']}';";
+ }else{
+ $query='';
+ }
+ $query.="CREATE DATABASE IF NOT EXISTS `{$_POST['dbname']}`;";
+ $query.="GRANT ALL PRIVILEGES ON `{$_POST['dbname']}` . * TO '{$_POST['dbuser']}';";
+ $result = @$connection->multi_query($query);
+ if (!$result) {
+ $entry='DB Error: "'.$connection->error.'"<br />';
+ $entry.='Offending command was: '.$query.'<br />';
+ echo($entry);
+ }
+ $connection->close();
+ }elseif($CONFIG_DBTYPE=='pgsql'){
+ $connection = pg_connect("user='$adminUser' host='$CONFIG_DBHOST' password='$adminPwd'");
+ $query="CREATE USER {$_POST['dbuser']} WITH PASSWORD '{$_POST['dbpassword']}' CREATEDB;";
+ $result = pg_exec($connection, $query);
+ $query="select count(*) from pg_catalog.pg_database where datname = '{$_POST['dbname']}';";
+ $result = pg_exec($connection, $query);
+ if(pg_result($result,0,0)==0){
+ $query="CREATE DATABASE {$_POST['dbname']};";
+ $result = pg_exec($connection, $query);
+ $query="ALTER DATABASE {$_POST['dbname']} OWNER TO {$_POST['dbuser']};";
+ $result = pg_exec($connection, $query);
+ }
+ }
+ global $CONFIG_DBTABLEPREFIX;
}
- OC_DB::multiquery($query);
- }
-
- /**
- * Create the database and user
- * @param string adminUser
- * @param string adminPwd
- *
- */
- private static function createdatabase($adminUser,$adminPwd){
- global $CONFIG_DBHOST;
- global $CONFIG_DBNAME;
- global $CONFIG_DBUSER;
- global $CONFIG_DBPWD;
- //we cant user OC_BD functions here because we need to connect as the administrative user.
- $connection = @new mysqli($CONFIG_DBHOST, $adminUser, $adminPwd);
- if (mysqli_connect_errno()) {
- @ob_end_clean();
- echo('<html><head></head><body bgcolor="#F0F0F0"><br /><br /><center><b>can not connect to database as administrative user.</center></body></html>');
- exit();
- }
- $query="CREATE USER '{$_POST['dbuser']}' IDENTIFIED BY '{$_POST['dbpassword']}';
-
-CREATE DATABASE IF NOT EXISTS `{$_POST['dbname']}` ;
-
-GRANT ALL PRIVILEGES ON `{$_POST['dbname']}` . * TO '{$_POST['dbuser']}';";
- $result = @$connection->multi_query($query);
- if (!$result) {
- $entry='DB Error: "'.$connection->error.'"<br />';
- $entry.='Offending command was: '.$query.'<br />';
- echo($entry);
- }
- $connection->close();
- }
}
?>
* @param type $type
* @param message $message
*/
- public static function event($user, $type, $message){
+ public static function event($user,$type,$message){
- $result = OC_DB::query('INSERT INTO `log` (`timestamp`,`user`,`type`,`message`) VALUES ('.time().',\''.addslashes($user).'\','.addslashes($type).',\''.addslashes($message).'\');');
+ global $CONFIG_DBTABLEPREFIX;
-
- $query = 'insert into ' . $CONFIG_DBTABLEPREFIX . 'log (timestamp,user,type,message) values
- ("' . time() . '","' . addslashes($user) . '","' . addslashes($type) . '","' . addslashes($message) . '")';
- $result = OC_DB::query($query);
++ $result = OC_DB::query('INSERT INTO `' . $CONFIG_DBTABLEPREFIX . 'log` (`timestamp`,`user`,`type`,`message`) VALUES ('.time().',\''.addslashes($user).'\','.addslashes($type).',\''.addslashes($message).'\');');
OC_DB::free_result($result);
}
*
*/
public static function show(){
- global $CONFIG_DATEFORMAT;
+ global $CONFIG_DATEFORMAT;
+ global $CONFIG_DBTABLEPREFIX;
echo('<div class="center"><table cellpadding="6" cellspacing="0" border="0" class="log">');
-
+
if(OC_USER::ingroup($_SESSION['username_clean'],'admin')){
- $result = OC_DB::select('select `timestamp`,`user`,`type`,`message` from log order by timestamp desc limit 20');
- $query = "select timestamp,user,type,message from {$CONFIG_DBTABLEPREFIX}log order by timestamp desc limit 20";
++ $result = OC_DB::select('select `timestamp`,`user`,`type`,`message` from '.$CONFIG_DBTABLEPREFIX.'log order by timestamp desc limit 20');
}else{
- $user = $_SESSION['username_clean'];
- $query = "select timestamp,user,type,message from {$CONFIG_DBTABLEPREFIX}log where user='$user' order by timestamp desc limit 20";
+ $user=$_SESSION['username_clean'];
- $result = OC_DB::select('select `timestamp`,`user`,`type`,`message` from log where user=\''.$user.'\' order by timestamp desc limit 20');
++ $result = OC_DB::select('select `timestamp`,`user`,`type`,`message` from '.$CONFIG_DBTABLEPREFIX.'log where user=\''.$user.'\' order by timestamp desc limit 20');
}
+ $result = OC_DB::select($query);
foreach($result as $entry){
echo('<tr class="browserline">');
echo('<td class="sizetext">'.date($CONFIG_DATEFORMAT,$entry['timestamp']).'</td>');
*
*/
public static function createuser($username,$password){
-
- if(OC_USER::getuserid($username)!=0){
+ global $CONFIG_DBTABLEPREFIX;
+ if(OC_USER::getuserid($username,true)!=0){
return false;
}else{
- $password=sha1($password);
$usernameclean=strtolower($username);
+ $password=sha1($password);
$username=OC_DB::escape($username);
$usernameclean=OC_DB::escape($usernameclean);
- $query="INSERT INTO `users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameclean', '$password')";
- $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`) VALUES (NULL , '$username', '$usernameclean', '$password')";
++ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameclean', '$password')";
$result=OC_DB::query($query);
return ($result)?true:false;
}
*
*/
public static function creategroup($groupname){
-
- if(OC_USER::getgroupid($groupname)==0){
+ global $CONFIG_DBTABLEPREFIX;
+ if(OC_USER::getgroupid($groupname,true)==0){
$groupname=OC_DB::escape($groupname);
- $query="INSERT INTO `groups` (`group_name`) VALUES ('$groupname')";
- $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_id` ,`group_name`) VALUES (NULL , '$groupname')";
++ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupname')";
$result=OC_DB::query($query);
return ($result)?true:false;
}else{
* get the id of a user
*
*/
- public static function getuserid($username){
+ public static function getuserid($username,$nocache=false){
+ global $CONFIG_DBTABLEPREFIX;
-
$usernameclean=strtolower($username);
- $username=OC_DB::escape($username);
+ if(!$nocache and isset($_SESSION['user_id_cache'][$usernameclean])){//try to use cached value to save an sql query
+ return $_SESSION['user_id_cache'][$usernameclean];
+ }
$usernameclean=OC_DB::escape($usernameclean);
- $query="SELECT user_id FROM users WHERE user_name_clean = '$usernameclean'";
+ $query="SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean'";
$result=OC_DB::select($query);
if(!is_array($result)){
return 0;
* get the id of a group
*
*/
- public static function getgroupid($groupname){
+ public static function getgroupid($groupname,$nocache=false){
+ global $CONFIG_DBTABLEPREFIX;
-
+ if(!$nocache and isset($_SESSION['group_id_cache'][$groupname])){//try to use cached value to save an sql query
+ return $_SESSION['group_id_cache'][$groupname];
+ }
$groupname=OC_DB::escape($groupname);
- $query="SELECT group_id FROM groups WHERE group_name = '$groupname'";
+ $query="SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupname'";
$result=OC_DB::select($query);
if(!is_array($result)){
return 0;
* get the name of a group
*
*/
- public static function getgroupname($groupid){
+ public static function getgroupname($groupid,$nocache=false){
+ global $CONFIG_DBTABLEPREFIX;
-
+ if($nocache and $name=array_search($groupid,$_SESSION['group_id_cache'])){//try to use cached value to save an sql query
+ return $name;
+ }
$groupid=(integer)$groupid;
- $query="SELECT group_name FROM groups WHERE group_id = '$groupid' LIMIT 1";
+ $query="SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupid' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['group_name'])){
return $result[0]['group_name'];
$userid=OC_USER::getuserid($username);
$groupid=OC_USER::getgroupid($groupname);
if($groupid>0 and $userid>0){
- $query="SELECT * FROM user_group WHERE group_id = '$groupid' AND user_id = '$userid';";
- $query="SELECT user_group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = $groupid AND user_id = $userid LIMIT 1";
++ $query="SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupid' AND user_id = '$userid';";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_group_id'])){
return true;
$userid=OC_USER::getuserid($username);
$groupid=OC_USER::getgroupid($groupname);
if($groupid!=0 and $userid!=0){
- $query="INSERT INTO `user_group` (`user_id` ,`group_id`) VALUES ('$userid', '$groupid');";
- $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_group_id` ,`user_id` ,`group_id`) VALUES (NULL , '$userid', '$groupid');";
++ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userid', '$groupid');";
$result=OC_DB::query($query);
if($result){
return true;