diff options
author | Thomas Müller <thomas.mueller@tmit.eu> | 2014-03-28 12:07:44 +0100 |
---|---|---|
committer | Thomas Müller <thomas.mueller@tmit.eu> | 2014-03-28 12:09:29 +0100 |
commit | 2d592ddc8f26e72211d1c01cec8979cd371b8215 (patch) | |
tree | 2a2d50dc0872422eb97542c1bb48819cc520e65d | |
parent | 040f430f0c2c3f1de1d2e24b183c1634c3067adb (diff) | |
download | nextcloud-server-2d592ddc8f26e72211d1c01cec8979cd371b8215.tar.gz nextcloud-server-2d592ddc8f26e72211d1c01cec8979cd371b8215.zip |
Fix CURLOPT_FOLLOWLOCATION bug with open_basedir or safe_mode restriction enabled.
Squashed commit of the following:
commit eaf4f43f687db59137a0b00bc0e12ed4eb0d0943
Merge: 1e9c5be 1e7d7bd
Author: Thomas Müller <thomas.mueller@tmit.eu>
Date: Fri Mar 28 11:49:04 2014 +0100
Merge branch 'master' of https://github.com/kev300/core into kev300-master
commit 1e7d7bdd8b5c7f301501cb822cdf2ef0ad3f2872
Author: kev300 <admin@gadeco.de>
Date: Tue Dec 17 14:11:42 2013 +0100
Update util.php
commit 3f0723f054a27a506be7f26932ccb54fff6f2be9
Author: kev300 <admin@gadeco.de>
Date: Tue Dec 17 14:09:15 2013 +0100
Update util.php
commit 512176abdcfbe5b2b060b91033abc9608912d1f8
Author: kev300 <admin@gadeco.de>
Date: Tue Dec 17 14:02:04 2013 +0100
Update util.php
commit 6cbefd080188d287024e0b047b88dd4525d6c2c1
Author: kev300 <admin@gadeco.de>
Date: Mon Dec 16 16:44:46 2013 +0100
Update util.php
Fix CURLOPT_FOLLOWLOCATION bug with open_basedir or safe_mode restriction enabled.
-rwxr-xr-x | lib/private/util.php | 49 |
1 files changed, 45 insertions, 4 deletions
diff --git a/lib/private/util.php b/lib/private/util.php index cd152234cc9..c48a5505d41 100755 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -1072,13 +1072,13 @@ class OC_Util { public static function getUrlContent($url) { if (function_exists('curl_init')) { $curl = curl_init(); + $max_redirects = 10; curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($curl, CURLOPT_URL, $url); - curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); - curl_setopt($curl, CURLOPT_MAXREDIRS, 10); + curl_setopt($curl, CURLOPT_USERAGENT, "ownCloud Server Crawler"); if(OC_Config::getValue('proxy', '') != '') { @@ -1087,9 +1087,50 @@ class OC_Util { if(OC_Config::getValue('proxyuserpwd', '') != '') { curl_setopt($curl, CURLOPT_PROXYUSERPWD, OC_Config::getValue('proxyuserpwd')); } - $data = curl_exec($curl); + + if (ini_get('open_basedir') === '' && ini_get('safe_mode' === 'Off')) { + curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); + curl_setopt($curl, CURLOPT_MAXREDIRS, $max_redirects); + $data = curl_exec($curl); + } else { + curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false); + $mr = $max_redirects; + if ($mr > 0) { + $newurl = curl_getinfo($curl, CURLINFO_EFFECTIVE_URL); + + $rcurl = curl_copy_handle($curl); + curl_setopt($rcurl, CURLOPT_HEADER, true); + curl_setopt($rcurl, CURLOPT_NOBODY, true); + curl_setopt($rcurl, CURLOPT_FORBID_REUSE, false); + curl_setopt($rcurl, CURLOPT_RETURNTRANSFER, true); + do { + curl_setopt($rcurl, CURLOPT_URL, $newurl); + $header = curl_exec($rcurl); + if (curl_errno($rcurl)) { + $code = 0; + } else { + $code = curl_getinfo($rcurl, CURLINFO_HTTP_CODE); + if ($code == 301 || $code == 302) { + preg_match('/Location:(.*?)\n/', $header, $matches); + $newurl = trim(array_pop($matches)); + } else { + $code = 0; + } + } + } while ($code && --$mr); + curl_close($rcurl); + if ($mr > 0) { + curl_setopt($curl, CURLOPT_URL, $newurl); + } + } + + if($mr == 0 && $max_redirects > 0) { + $data = false; + } else { + $data = curl_exec($curl); + } + } curl_close($curl); - } else { $contextArray = null; |