update sabredav to 1.5.3

6 files changed, 209 insertions, 39 deletions

diff --git a/3rdparty/Sabre/DAV/Browser/Plugin.php b/3rdparty/Sabre/DAV/Browser/Plugin.php
index 8e0ca24cff2..cd5617babb1 100644
--- a/3rdparty/Sabre/DAV/Browser/Plugin.php
+++ b/3rdparty/Sabre/DAV/Browser/Plugin.php
@@ -68,9 +68,16 @@ class Sabre_DAV_Browser_Plugin extends Sabre_DAV_ServerPlugin {
     public function httpGetInterceptor($method, $uri) {
 
         if ($method!='GET') return true;
-        
-        $node = $this->server->tree->getNodeForPath($uri);
-        if ($node instanceof Sabre_DAV_IFile) return true;
+
+        try { 
+            $node = $this->server->tree->getNodeForPath($uri);
+        } catch (Sabre_DAV_Exception_FileNotFound $e) {
+            // We're simply stopping when the file isn't found to not interfere 
+            // with other plugins.
+            return;
+        }
+        if ($node instanceof Sabre_DAV_IFile) 
+            return;
 
         $this->server->httpResponse->sendStatus(200);
         $this->server->httpResponse->setHeader('Content-Type','text/html; charset=utf-8');
@@ -165,6 +172,8 @@ class Sabre_DAV_Browser_Plugin extends Sabre_DAV_ServerPlugin {
         '{DAV:}getlastmodified',
     ),1);
 
+    $parent = $this->server->tree->getNodeForPath($path);
+
 
     if ($path) {
 
@@ -189,6 +198,7 @@ class Sabre_DAV_Browser_Plugin extends Sabre_DAV_ServerPlugin {
 
         $type = null;
 
+
         if (isset($file[200]['{DAV:}resourcetype'])) {
             $type = $file[200]['{DAV:}resourcetype']->getValue();
 
@@ -246,7 +256,7 @@ class Sabre_DAV_Browser_Plugin extends Sabre_DAV_ServerPlugin {
 
   $html.= "<tr><td colspan=\"4\"><hr /></td></tr>";
 
-  if ($this->enablePost) {
+  if ($this->enablePost && $parent instanceof Sabre_DAV_ICollection) {
       $html.= '<tr><td><form method="post" action="">
             <h3>Create new folder</h3>
             <input type="hidden" name="sabreAction" value="mkcol" />
diff --git a/3rdparty/Sabre/DAV/Server.php b/3rdparty/Sabre/DAV/Server.php
index c6c63143d13..b99866dad5e 100644
--- a/3rdparty/Sabre/DAV/Server.php
+++ b/3rdparty/Sabre/DAV/Server.php
@@ -738,6 +738,34 @@ class Sabre_DAV_Server {
 
         $body = $this->httpRequest->getBody();
 
+        // Intercepting Content-Range
+        if ($this->httpRequest->getHeader('Content-Range')) {
+            /**
+            Content-Range is dangerous for PUT requests:  PUT per definition
+            stores a full resource.  draft-ietf-httpbis-p2-semantics-15 says
+            in section 7.6:
+              An origin server SHOULD reject any PUT request that contains a
+              Content-Range header field, since it might be misinterpreted as
+              partial content (or might be partial content that is being mistakenly
+              PUT as a full representation).  Partial content updates are possible
+              by targeting a separately identified resource with state that
+              overlaps a portion of the larger resource, or by using a different
+              method that has been specifically defined for partial updates (for
+              example, the PATCH method defined in [RFC5789]).
+            This clarifies RFC2616 section 9.6:
+              The recipient of the entity MUST NOT ignore any Content-*
+              (e.g. Content-Range) headers that it does not understand or implement
+              and MUST return a 501 (Not Implemented) response in such cases.
+            OTOH is a PUT request with a Content-Range currently the only way to
+            continue an aborted upload request and is supported by curl, mod_dav,
+            Tomcat and others.  Since some clients do use this feature which results
+            in unexpected behaviour (cf PEAR::HTTP_WebDAV_Client 1.0.1), we reject
+            all PUT requests with a Content-Range for now.
+            */
+
+            throw new Sabre_DAV_Exception_NotImplemented('PUT with Content-Range is not allowed.');
+        }
+
         // Intercepting the Finder problem
         if (($expected = $this->httpRequest->getHeader('X-Expected-Entity-Length')) && $expected > 0) {
            
@@ -798,7 +826,10 @@ class Sabre_DAV_Server {
         } else {
 
             // If we got here, the resource didn't exist yet.
-            $this->createFile($this->getRequestUri(),$body);
+            if (!$this->createFile($this->getRequestUri(),$body)) {
+                // For one reason or another the file was not created.
+                return;
+            }
             $this->httpResponse->setHeader('Content-Length','0');
             $this->httpResponse->sendStatus(201);
 
@@ -1377,23 +1408,27 @@ class Sabre_DAV_Server {
      * Currently this is done by HTTP PUT and HTTP LOCK (in the Locks_Plugin).
      * It was important to get this done through a centralized function, 
      * allowing plugins to intercept this using the beforeCreateFile event.
+     *
+     * This method will return true if the file was actually created
      * 
      * @param string $uri 
      * @param resource $data 
-     * @return void
+     * @return bool 
      */
     public function createFile($uri,$data) {
 
         list($dir,$name) = Sabre_DAV_URLUtil::splitPath($uri);
 
-        if (!$this->broadcastEvent('beforeBind',array($uri))) return;
-        if (!$this->broadcastEvent('beforeCreateFile',array($uri,$data))) return;
+        if (!$this->broadcastEvent('beforeBind',array($uri))) return false;
+        if (!$this->broadcastEvent('beforeCreateFile',array($uri,$data))) return false;
 
         $parent = $this->tree->getNodeForPath($dir);
         $parent->createFile($name,$data);
         $this->tree->markDirty($dir);
 
         $this->broadcastEvent('afterBind',array($uri));
+
+        return true;
     }
 
     /**
diff --git a/3rdparty/Sabre/DAV/SimpleFile.php b/3rdparty/Sabre/DAV/SimpleFile.php
new file mode 100644
index 00000000000..304dff1c5ec
--- /dev/null
+++ b/3rdparty/Sabre/DAV/SimpleFile.php
@@ -0,0 +1,120 @@
+<?php
+
+/**
+ * SimpleFile
+ *
+ * The 'SimpleFile' class is used to easily add read-only immutable files to 
+ * the directory structure. One usecase would be to add a 'readme.txt' to a 
+ * root of a webserver with some standard content.
+ *
+ * @package Sabre
+ * @subpackage DAV
+ * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/) 
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+class Sabre_DAV_SimpleFile extends Sabre_DAV_File {
+
+    /**
+     * File contents 
+     *
+     * @var string 
+     */
+    protected $contents = array();
+
+    /**
+     * Name of this resource 
+     * 
+     * @var string 
+     */
+    protected $name;
+
+    /**
+     * A mimetype, such as 'text/plain' or 'text/html'
+     * 
+     * @var string 
+     */
+    protected $mimeType;
+
+    /**
+     * Creates this node
+     *
+     * The name of the node must be passed, as well as the contents of the 
+     * file.
+     * 
+     * @param string $name 
+     * @param string $contents 
+     */
+    public function __construct($name, $contents, $mimeType = null) {
+
+        $this->name = $name;
+        $this->contents = $contents;
+        $this->mimeType = $mimeType;
+
+    }
+
+    /**
+     * Returns the node name for this file.
+     *
+     * This name is used to construct the url.
+     * 
+     * @return string 
+     */
+    public function getName() {
+
+        return $this->name;
+
+    }
+
+    /**
+     * Returns the data 
+     *
+     * This method may either return a string or a readable stream resource
+     *
+     * @return mixed
+     */
+    public function get() {
+
+        return $this->contents; 
+
+    }
+
+    /**
+     * Returns the size of the file, in bytes. 
+     * 
+     * @return int 
+     */
+    public function getSize() {
+
+        return strlen($this->contents);
+
+    }
+
+    /**
+     * Returns the ETag for a file
+     *
+     * An ETag is a unique identifier representing the current version of the file. If the file changes, the ETag MUST change.
+     * The ETag is an arbritrary string, but MUST be surrounded by double-quotes.
+     *
+     * Return null if the ETag can not effectively be determined
+     */
+    public function getETag() {
+
+        return '"' . md5($this->contents) . '"'; 
+
+    }
+
+    /**
+     * Returns the mime-type for a file
+     *
+     * If null is returned, we'll assume application/octet-stream
+     */ 
+    public function getContentType() {
+
+        return $this->mimeType; 
+
+    }
+
+}
+
+?>
diff --git a/3rdparty/Sabre/DAV/StringUtil.php b/3rdparty/Sabre/DAV/StringUtil.php
index b0b708f8e0f..440cf6866ca 100644
--- a/3rdparty/Sabre/DAV/StringUtil.php
+++ b/3rdparty/Sabre/DAV/StringUtil.php
@@ -64,6 +64,27 @@ class Sabre_DAV_StringUtil {
 
         }
         
+    }
+
+    /**
+     * This method takes an input string, checks if it's not valid UTF-8 and 
+     * attempts to convert it to UTF-8 if it's not.
+     *
+     * Note that currently this can only convert ISO-8559-1 to UTF-8 (latin-1), 
+     * anything else will likely fail.
+     *
+     * @param string $input 
+     * @return string 
+     */
+    static public function ensureUTF8($input) {
+
+        $encoding = mb_detect_encoding($input , array('UTF-8','ISO-8859-1'), true);
+
+        if ($encoding === 'ISO-8859-1') {
+            return utf8_encode($input);
+        } else {
+            return $input;
+        } 
 
     }
 
diff --git a/3rdparty/Sabre/DAV/URLUtil.php b/3rdparty/Sabre/DAV/URLUtil.php
index 1502e4dd2ce..8f38749264b 100644
--- a/3rdparty/Sabre/DAV/URLUtil.php
+++ b/3rdparty/Sabre/DAV/URLUtil.php
@@ -30,9 +30,14 @@ class Sabre_DAV_URLUtil {
      */
     static function encodePath($path) {
 
-        $path = explode('/',$path);
-        return implode('/',array_map(array('Sabre_DAV_URLUtil','encodePathSegment'), $path));
-
+    	$valid_chars = '/ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-.~()';
+        $newStr = '';
+        for( $i=0; isset($path[$i]); ++$i ) {
+            if( strpos($valid_chars,($c=$path[$i]))===false ) $newStr .= '%'.sprintf('%02x',ord($c));
+            else $newStr .= $c;
+        }
+        return $newStr;
+    	
     }
 
     /**
@@ -45,35 +50,13 @@ class Sabre_DAV_URLUtil {
      */
     static function encodePathSegment($pathSegment) {
 
+    	$valid_chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-.~()';
         $newStr = '';
-        for($i=0;$i<strlen($pathSegment);$i++) {
-            $c = ord($pathSegment[$i]);
-
-            if(
-                
-                /* Unreserved chacaters */
-
-                ($c>=0x41 /* A */ && $c<=0x5a /* Z */) ||
-                ($c>=0x61 /* a */ && $c<=0x7a /* z */) ||
-                ($c>=0x30 /* 0 */ && $c<=0x39 /* 9 */) ||
-                $c===0x5f /* _ */ ||
-                $c===0x2d /* - */ ||
-                $c===0x2e /* . */ ||
-                $c===0x7E /* ~ */ ||
-
-                /* Reserved, but no reserved purpose */
-                $c===0x28 /* ( */ ||
-                $c===0x29 /* ) */
-
-            ) { 
-                $newStr.=$pathSegment[$i];
-            } else {
-                $newStr.='%' . str_pad(dechex($c), 2, '0', STR_PAD_LEFT);
-            }
-                
+        for( $i=0; isset($pathSegment[$i]); ++$i ) {
+            if( strpos($valid_chars,($c=$pathSegment[$i]))===false ) $newStr .= '%'.sprintf('%02x',ord($c));
+            else $newStr .= $c;
         }
         return $newStr;
-
     }
 
     /**
@@ -103,6 +86,7 @@ class Sabre_DAV_URLUtil {
 
             case 'ISO-8859-1' : 
                 $path = utf8_encode($path);
+
         }
 
         return $path;
diff --git a/3rdparty/Sabre/DAV/Version.php b/3rdparty/Sabre/DAV/Version.php
index c93d793ab67..e7f7f83e6ff 100644
--- a/3rdparty/Sabre/DAV/Version.php
+++ b/3rdparty/Sabre/DAV/Version.php
@@ -14,11 +14,11 @@ class Sabre_DAV_Version {
     /**
      * Full version number
      */
-    const VERSION = '1.5.0';
+    const VERSION = '1.5.3';
 
     /**
      * Stability : alpha, beta, stable
      */
-    const STABILITY = 'alpha';
+    const STABILITY = 'stable';
 
 }