mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1000 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
116 Commits
378 Branches
Tree: 477b9877a0
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '477b9877a0'
${ noResults }
nextcloud/inc/lib_ocs.php

lib_ocs.php 13KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425 
  1. <?php

  2. 

  3. /**

  4. * ownCloud

  5. *

  6. * @author Frank Karlitschek

  7. * @copyright 2010 Frank Karlitschek karlitschek@kde.org

  8. *

  9. * This library is free software; you can redistribute it and/or

  10. * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE

  11. * License as published by the Free Software Foundation; either

  12. * version 3 of the License, or any later version.

  13. *

  14. * This library is distributed in the hope that it will be useful,

  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of

  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  17. * GNU AFFERO GENERAL PUBLIC LICENSE for more details.

  18. *

  19. * You should have received a copy of the GNU Lesser General Public

  20. * License along with this library.  If not, see <http://www.gnu.org/licenses/>.

  21. *

  22. */

  23. 

  24. 

  25. 

  26. /**

  27.  * Class to handle open collaboration services API requests

  28.  *

  29.  */

  30. class OC_OCS {

  31. 

  32.   /**

  33.    * reads input date from get/post/cookies and converts the date to a special data-type

  34.    *

  35.    * @param variable $key

  36.    * @param variable-type $type

  37.    * @param priority $getpriority

  38.    * @param default  $default

  39.    * @return data

  40.    */

  41.   public static function readdata($key,$type='raw',$getpriority=false,$default='') {

  42.     if($getpriority) {

  43.       if(isset($_GET[$key])) {

  44.         $data=$_GET[$key];

  45.       } elseif(isset($_POST[$key])) {

  46.         $data=$_POST[$key];

  47.       } else {

  48.         if($default=='') {

  49.           if(($type=='int') or ($type=='float')) $data=0; else $data='';

  50.         } else {

  51.           $data=$default;

  52.         }

  53.       }

  54.     } else {

  55.       if(isset($_POST[$key])) {

  56.         $data=$_POST[$key];

  57.       } elseif(isset($_GET[$key])) {

  58.         $data=$_GET[$key];

  59.       } elseif(isset($_COOKIE[$key])) {

  60.         $data=$_COOKIE[$key];

  61.       } else {

  62.         if($default=='') {

  63.           if(($type=='int') or ($type=='float')) $data=0; else $data='';

  64.         } else {

  65.           $data=$default;

  66.         }

  67.       }

  68.     }

  69. 

  70.     if($type=='raw') return($data);

  71.     elseif($type=='text') return(addslashes(strip_tags($data)));

  72.     elseif($type=='int')  { $data = (int) $data; return($data); }

  73.     elseif($type=='float')  { $data = (float) $data; return($data); }

  74.     elseif($type=='array')  { $data = $data; return($data); }

  75.   }

  76. 

  77. 

  78.   /**

  79.     main function to handle the REST request

  80.   **/

  81.   public static function handle() {

  82. 

  83.     // overwrite the 404 error page returncode

  84.     header("HTTP/1.0 200 OK");

  85. 

  86. 

  87.     if($_SERVER['REQUEST_METHOD'] == 'GET') {

  88.        $method='get';

  89.     }elseif($_SERVER['REQUEST_METHOD'] == 'PUT') {

  90.        $method='put';

  91.        parse_str(file_get_contents("php://input"),$put_vars);

  92.     }elseif($_SERVER['REQUEST_METHOD'] == 'POST') {

  93.        $method='post';

  94.     }else{

  95.       echo('internal server error: method not supported');

  96.       exit();

  97.     }

  98. 

  99.     // preprocess url

  100.     $url=$_SERVER['REQUEST_URI'];

  101.     if(substr($url,(strlen($url)-1))<>'/') $url.='/';

  102.     $ex=explode('/',$url);

  103.     $paracount=count($ex);

  104. 

  105.     // eventhandler

  106. 

  107.     // CONFIG

  108.     // apiconfig - GET - CONFIG

  109.     if(($method=='get') and (strtolower($ex[$paracount-3])=='v1.php') and (strtolower($ex[$paracount-2])=='config')){

  110.       $format=OC_OCS::readdata('format','text');

  111.       OC_OCS::apiconfig($format);

  112. 

  113.     // PERSON

  114.     // personcheck - POST - PERSON/CHECK

  115.     }elseif(($method=='post') and (strtolower($ex[$paracount-4])=='v1.php') and (strtolower($ex[$paracount-3])=='person') and  (strtolower($ex[$paracount-2])=='check')){

  116.       $format=OC_OCS::readdata('format','text');

  117.       $login=OC_OCS::readdata('login','text');

  118.       $passwd=OC_OCS::readdata('password','text');

  119.       OC_OCS::personcheck($format,$login,$passwd);

  120. 

  121.     // ACTIVITY

  122.     // activityget - GET ACTIVITY   page,pagesize als urlparameter

  123.     }elseif(($method=='get') and (strtolower($ex[$paracount-3])=='v1.php')and (strtolower($ex[$paracount-2])=='activity')){

  124.       $format=OC_OCS::readdata('format','text');

  125.       $page=OC_OCS::readdata('page','int');

  126.       $pagesize=OC_OCS::readdata('pagesize','int');

  127.       if($pagesize<1 or $pagesize>100) $pagesize=10;

  128.       OC_OCS::activityget($format,$page,$pagesize);

  129. 

  130.     // activityput - POST ACTIVITY

  131.     }elseif(($method=='post') and (strtolower($ex[$paracount-3])=='v1.php')and (strtolower($ex[$paracount-2])=='activity')){

  132.       $format=OC_OCS::readdata('format','text');

  133.       $message=OC_OCS::readdata('message','text');

  134.       OC_OCS::activityput($format,$message);

  135. 

  136. 

  137.     }else{

  138.       $format=OC_OCS::readdata('format','text');

  139.       $txt='please check the syntax. api specifications are here: http://www.freedesktop.org/wiki/Specifications/open-collaboration-services'."\n";

  140.       $txt.=OC_OCS::getdebugoutput();

  141.       echo(OC_OCS::generatexml($format,'failed',999,$txt));

  142.     }

  143.     exit();

  144.   }

  145. 

  146.   /**

  147.    * generated some debug information to make it easier to find faild API calls

  148.    * @return debug data string

  149.    */

  150.   private static function getdebugoutput() {

  151.     $txt='';

  152.     $txt.="debug output:\n";

  153.     if(isset($_SERVER['REQUEST_METHOD'])) $txt.='http request method: '.$_SERVER['REQUEST_METHOD']."\n";

  154.     if(isset($_SERVER['REQUEST_URI'])) $txt.='http request uri: '.$_SERVER['REQUEST_URI']."\n";

  155.     if(isset($_GET)) foreach($_GET as $key=>$value) $txt.='get parameter: '.$key.'->'.$value."\n";

  156.     if(isset($_POST)) foreach($_POST as $key=>$value) $txt.='post parameter: '.$key.'->'.$value."\n";

  157.     return($txt);

  158.   }

  159. 

  160.   /**

  161.    * checks if the user is authenticated

  162.    * checks the IP whitlist, apikeys and login/password combination

  163.    * if $forceuser is true and the authentication failed it returns an 401 http response.

  164.    * if $forceuser is false and authentification fails it returns an empty username string

  165.    * @param bool $forceuser

  166.    * @return username string

  167.    */

  168.   private static function checkpassword($forceuser=true) {

  169.     //valid user account ?

  170.     if(isset($_SERVER['PHP_AUTH_USER'])) $authuser=$_SERVER['PHP_AUTH_USER']; else $authuser='';

  171.     if(isset($_SERVER['PHP_AUTH_PW']))   $authpw=$_SERVER['PHP_AUTH_PW']; else $authpw='';

  172. 

  173.     if(empty($authuser)) {

  174.       if($forceuser){

  175.         header('WWW-Authenticate: Basic realm="your valid user account or api key"');

  176.         header('HTTP/1.0 401 Unauthorized');

  177.         exit;

  178.       }else{

  179.         $identifieduser='';

  180.       }

  181.     }else{

  182.       if(!OC_USER::login($authuser,$authpw)){

  183.         if($forceuser){

  184.           header('WWW-Authenticate: Basic realm="your valid user account or api key"');

  185.           header('HTTP/1.0 401 Unauthorized');

  186.           exit;

  187.         }else{

  188.           $identifieduser='';

  189.         }

  190.       }else{

  191.         $identifieduser=$authuser;

  192.       }

  193.     }

  194. 

  195.     return($identifieduser);

  196.   }

  197. 

  198. 

  199.   /**

  200.    * generates the xml or json response for the API call from an multidimenional data array.

  201.    * @param string $format

  202.    * @param string $status

  203.    * @param string $statuscode

  204.    * @param string $message

  205.    * @param array $data

  206.    * @param string $tag

  207.    * @param string $tagattribute

  208.    * @param int $dimension

  209.    * @param int $itemscount

  210.    * @param int $itemsperpage

  211.    * @return string xml/json

  212.    */

  213.   private static function generatexml($format,$status,$statuscode,$message,$data=array(),$tag='',$tagattribute='',$dimension=-1,$itemscount='',$itemsperpage='') {

  214.     if($format=='json') {

  215. 

  216.       $json=array();

  217.       $json['status']=$status;

  218.       $json['statuscode']=$statuscode;

  219.       $json['message']=$message;

  220.       $json['totalitems']=$itemscount;

  221.       $json['itemsperpage']=$itemsperpage;

  222.       $json['data']=$data;

  223.       return(json_encode($json));

  224. 

  225. 

  226.     }else{

  227.       $txt='';

  228.       $writer = xmlwriter_open_memory();

  229.       xmlwriter_set_indent( $writer, 2 );

  230.       xmlwriter_start_document($writer );

  231.       xmlwriter_start_element($writer,'ocs');

  232.       xmlwriter_start_element($writer,'meta');

  233.       xmlwriter_write_element($writer,'status',$status);

  234.       xmlwriter_write_element($writer,'statuscode',$statuscode);

  235.       xmlwriter_write_element($writer,'message',$message);

  236.       if($itemscount<>'') xmlwriter_write_element($writer,'totalitems',$itemscount);

  237.       if(!empty($itemsperpage)) xmlwriter_write_element($writer,'itemsperpage',$itemsperpage);

  238.       xmlwriter_end_element($writer);

  239.       if($dimension=='0') {

  240.         // 0 dimensions

  241.         xmlwriter_write_element($writer,'data',$data);

  242. 

  243.       }elseif($dimension=='1') {

  244.         xmlwriter_start_element($writer,'data');

  245.         foreach($data as $key=>$entry) {

  246.           xmlwriter_write_element($writer,$key,$entry);

  247.         }

  248.         xmlwriter_end_element($writer);

  249. 

  250.       }elseif($dimension=='2') {

  251.         xmlwriter_start_element($writer,'data');

  252.         foreach($data as $entry) {

  253.           xmlwriter_start_element($writer,$tag);

  254.           if(!empty($tagattribute)) {

  255.             xmlwriter_write_attribute($writer,'details',$tagattribute);

  256.           }

  257.           foreach($entry as $key=>$value) {

  258.             if(is_array($value)){

  259.               foreach($value as $k=>$v) {

  260.                 xmlwriter_write_element($writer,$k,$v);

  261.               }

  262.             } else {

  263.               xmlwriter_write_element($writer,$key,$value);

  264.             }

  265.           }

  266.           xmlwriter_end_element($writer);

  267.         }

  268.         xmlwriter_end_element($writer);

  269. 

  270.       }elseif($dimension=='3') {

  271.         xmlwriter_start_element($writer,'data');

  272.         foreach($data as $entrykey=>$entry) {

  273.           xmlwriter_start_element($writer,$tag);

  274.           if(!empty($tagattribute)) {

  275.             xmlwriter_write_attribute($writer,'details',$tagattribute);

  276.           }

  277.           foreach($entry as $key=>$value) {

  278.             if(is_array($value)){

  279.               xmlwriter_start_element($writer,$entrykey);

  280.               foreach($value as $k=>$v) {

  281.                 xmlwriter_write_element($writer,$k,$v);

  282.               }

  283.               xmlwriter_end_element($writer);

  284.             } else {

  285.               xmlwriter_write_element($writer,$key,$value);

  286.             }

  287.           }

  288.           xmlwriter_end_element($writer);

  289.         }

  290.         xmlwriter_end_element($writer);

  291.       }elseif($dimension=='dynamic') {

  292.         xmlwriter_start_element($writer,'data');

  293.         OC_OCS::toxml($writer,$data,'comment');

  294.         xmlwriter_end_element($writer);

  295.       }

  296. 

  297.       xmlwriter_end_element($writer);

  298. 

  299.       xmlwriter_end_document( $writer );

  300.       $txt.=xmlwriter_output_memory( $writer );

  301.       unset($writer);

  302.       return($txt);

  303.     }

  304.   }

  305. 

  306.   public static function toxml($writer,$data,$node) {

  307.     foreach($data as $key => $value) {

  308.       if (is_numeric($key)) {

  309.         $key = $node;

  310.       }

  311.       if (is_array($value)){

  312.         xmlwriter_start_element($writer,$key);

  313.         OC_OCS::toxml($writer,$value,$node);

  314.         xmlwriter_end_element($writer);

  315.       }else{

  316.         xmlwriter_write_element($writer,$key,$value);

  317.       }

  318. 

  319.     }

  320.   }

  321. 

  322. 

  323. 

  324. 

  325.   /**

  326.    * return the config data of this server

  327.    * @param string $format

  328.    * @return string xml/json

  329.    */

  330.   private static function apiconfig($format) {

  331.     $user=OC_OCS::checkpassword(false);

  332.     $url=substr($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'],0,-11).'';

  333. 

  334.     $xml['version']='1.5';

  335.     $xml['website']='ownCloud';

  336.     $xml['host']=$_SERVER['HTTP_HOST'];

  337.     $xml['contact']='';

  338.     $xml['ssl']='false';

  339.     echo(OC_OCS::generatexml($format,'ok',100,'',$xml,'config','',1));

  340.   }

  341. 

  342. 

  343.   /**

  344.    * check if the provided login/apikey/password is valid

  345.    * @param string $format

  346.    * @param string $login

  347.    * @param string $passwd

  348.    * @return string xml/json

  349.    */

  350.   private static function personcheck($format,$login,$passwd) {

  351.     if($login<>''){

  352.       if(OC_USER::login($login,$passwd)){

  353.         $xml['person']['personid']=$login;

  354.         echo(OC_OCS::generatexml($format,'ok',100,'',$xml,'person','check',2));

  355.       }else{

  356.         echo(OC_OCS::generatexml($format,'failed',102,'login not valid'));

  357.       }

  358.     }else{

  359.       echo(OC_OCS::generatexml($format,'failed',101,'please specify all mandatory fields'));

  360.     }

  361.   }

  362. 

  363. 

  364. 

  365.   // ACTIVITY API #############################################

  366. 

  367.   /**

  368.    * get my activities

  369.    * @param string $format

  370.    * @param string $page

  371.    * @param string $pagesize

  372.    * @return string xml/json

  373.    */

  374.   private static function activityget($format,$page,$pagesize) {

  375. 

  376.     $user=OC_OCS::checkpassword();

  377. 

  378.     $result = OC_DB::query('select count(*) as co from log');

  379.     $entry=$result->fetchRow();

  380.     $totalcount=$entry['co'];

  381.     OC_DB::free_result($result);

  382. 

  383.     $result = OC_DB::select('select id,timestamp,user,type,message from log order by timestamp desc limit '.($page*$pagesize).','.$pagesize);

  384.     $itemscount=count($result);

  385. 

  386.     $url='http://'.substr($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'],0,-11).'';

  387.     $xml=array();

  388.     foreach($result as $i=>$log) {

  389.       $xml[$i]['id']=$log['id'];

  390.       $xml[$i]['personid']=$log['user'];

  391.       $xml[$i]['firstname']=$log['user'];

  392.       $xml[$i]['lastname']='';

  393.       $xml[$i]['profilepage']=$url;

  394. 

  395.       $pic=$url.'/img/owncloud-icon.png';

  396.       $xml[$i]['avatarpic']=$pic;

  397. 

  398.       $xml[$i]['timestamp']=date('c',$log['timestamp']);

  399.       $xml[$i]['type']=1;

  400.       $xml[$i]['message']=OC_LOG::$TYPE[$log['type']].' '.strip_tags($log['message']);

  401.       $xml[$i]['link']=$url;

  402.     }

  403. 

  404.     $txt=OC_OCS::generatexml($format,'ok',100,'',$xml,'activity','full',2,$totalcount,$pagesize);

  405.     echo($txt);

  406.   }

  407. 

  408.   /**

  409.    * submit a activity

  410.    * @param string $format

  411.    * @param string $message

  412.    * @return string xml/json

  413.    */

  414.   private static function activityput($format,$message) {

  415.     // not implemented in ownCloud

  416.     $user=OC_OCS::checkpassword();

  417.     echo(OC_OCS::generatexml($format,'ok',100,''));

  418.   }

  419. 

  420. 

  421. 

  422. }

  423. 

  424. 

  425. ?>