add more linebreaks, replace SQL LIMIT with param

11 years ago · 60489764f3
--- a/apps/files_sharing/public.php
+++ b/apps/files_sharing/public.php
@@ -7,7 +7,7 @@ OC_App::loadApps();
 // support will be removed in OC 5.0,a
 if (isset($_GET['token'])) {
 	unset($_GET['file']);
 	$qry = \OC_DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `target` = ? LIMIT 1');
 	$qry = \OC_DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `target` = ?', 1);
 	$filepath = $qry->execute(array($_GET['token']))->fetchOne();
 	if(isset($filepath)) {
 		$info = OC_FileCache_Cached::get($filepath, '');
@@ -16,7 +16,9 @@ if (isset($_GET['token'])) {
 		} else {
 			$_GET['file'] = $filepath;
 		}
 		\OCP\Util::writeLog('files_sharing', 'You have files that are shared by link originating from ownCloud 4.0. Redistribute the new links, because backwards compatibility will be removed in ownCloud 5.', \OCP\Util::WARN);
 		\OCP\Util::writeLog('files_sharing', 'You have files that are shared by link originating from ownCloud 4.0.'
 				.' Redistribute the new links, because backwards compatibility will be removed in ownCloud 5.',
 				\OCP\Util::WARN);
 	}
 }

@@ -27,7 +29,10 @@ function getID($path) {
 		$path_parts = explode('/', $path, 5);
 		$user = $path_parts[1];
 		$intPath = '/'.$path_parts[4];
 		$query = \OC_DB::prepare('SELECT `item_source` FROM `*PREFIX*share` WHERE `uid_owner` = ? AND `file_target` = ? ');
 		$query = \OC_DB::prepare('SELECT `item_source`'
 								.' FROM `*PREFIX*share`'
 								.' WHERE `uid_owner` = ?'
 								.' AND `file_target` = ? ');
 		$result = $query->execute(array($user, $intPath));
 		$row = $result->fetchRow();
 		$fileSource = $row['item_source'];
@@ -69,7 +74,8 @@ if (isset($_GET['t'])) {
 			
 			//if this is a reshare check the file owner also exists
 			if ($shareOwner != $fileOwner && ! OCP\User::userExists($fileOwner)) {
 					OCP\Util::writeLog('share', 'original file owner '.$fileOwner.' does not exist for share '.$linkItem['id'], \OCP\Util::ERROR);
 					OCP\Util::writeLog('share', 'original file owner '.$fileOwner
 											   .' does not exist for share '.$linkItem['id'], \OCP\Util::ERROR);
 					header('HTTP/1.0 404 Not Found');
 					$tmpl = new OCP\Template('', '404', 'guest');
 					$tmpl->printPage();
@@ -134,7 +140,8 @@ if ($linkItem) {
 				// Check Password
 				$forcePortable = (CRYPT_BLOWFISH != 1);
 				$hasher = new PasswordHash(8, $forcePortable);
 				if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''), $linkItem['share_with']))) {
 				if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''),
 											 $linkItem['share_with']))) {
 					$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
 					$tmpl->assign('URL', $url);
 					$tmpl->assign('error', true);
@@ -145,19 +152,25 @@ if ($linkItem) {
 					$_SESSION['public_link_authenticated'] = $linkItem['id'];
 				}
 			} else {
 				OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type'].' for share id '.$linkItem['id'], \OCP\Util::ERROR);
 				OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type']
 										   .' for share id '.$linkItem['id'], \OCP\Util::ERROR);
 				header('HTTP/1.0 404 Not Found');
 				$tmpl = new OCP\Template('', '404', 'guest');
 				$tmpl->printPage();
 				exit();
 			}
 		// Check if item id is set in session
 		} else if (!isset($_SESSION['public_link_authenticated']) || $_SESSION['public_link_authenticated'] !== $linkItem['id']) {
 			// Prompt for password
 			$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
 			$tmpl->assign('URL', $url);
 			$tmpl->printPage();
 			exit();
 		
 		} else {
 			// Check if item id is set in session
 			if (!isset($_SESSION['public_link_authenticated'])
 				|| $_SESSION['public_link_authenticated'] !== $linkItem['id']
 			) {
 				// Prompt for password
 				$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
 				$tmpl->assign('URL', $url);
 				$tmpl->printPage();
 				exit();
 			}
 		}
 	}
 	$basePath = substr($pathAndUser['path'], strlen('/'.$fileOwner.'/files'));
@@ -203,7 +216,9 @@ if ($linkItem) {
 			$getPath = '';
 		}
 		//
 		$urlLinkIdentifiers= (isset($token)?'&t='.$token:'').(isset($_GET['dir'])?'&dir='.$_GET['dir']:'').(isset($_GET['file'])?'&file='.$_GET['file']:'');
 		$urlLinkIdentifiers= (isset($token)?'&t='.$token:'')
 							.(isset($_GET['dir'])?'&dir='.$_GET['dir']:'')
 							.(isset($_GET['file'])?'&file='.$_GET['file']:'');
 		// Show file list
 		if (OC_Filesystem::is_dir($path)) {
 			OCP\Util::addStyle('files', 'files');
@@ -260,13 +275,16 @@ if ($linkItem) {
 			$folder->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true)));
 			$tmpl->assign('folder', $folder->fetchPage(), false);
 			$tmpl->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true)));
 			$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download&path='.urlencode($getPath));
 			$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files')
 										.$urlLinkIdentifiers.'&download&path='.urlencode($getPath));
 		} else {
 			// Show file preview if viewer is available
 			if ($type == 'file') {
 				$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download');
 				$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files')
 											.$urlLinkIdentifiers.'&download');
 			} else {
 				$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download&path='.urlencode($getPath));
 				$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files')
 											.$urlLinkIdentifiers.'&download&path='.urlencode($getPath));
 			}
 		}
 		$tmpl->printPage();
--- a/lib/public/share.php
+++ b/lib/public/share.php