diff options
| author | Michiel@unhosted <michiel@unhosted.org> | 2011-09-02 14:56:40 +0200 |
|---|---|---|
| committer | Michiel@unhosted <michiel@unhosted.org> | 2011-09-02 14:56:40 +0200 |
| commit | 71205b8b07be83c0a1ced3ce5dfe92629c7a5cc3 (patch) | |
| tree | 4bd65cc4aeac04eedbf167216d4d9c7dc00a9853 | |
| parent | 8cdd9ab81bd595dbc534e38289b46e1a0fb874c5 (diff) | |
| download | nextcloud-server-71205b8b07be83c0a1ced3ce5dfe92629c7a5cc3.tar.gz nextcloud-server-71205b8b07be83c0a1ced3ce5dfe92629c7a5cc3.zip | |
adding core_unhosted app
| -rw-r--r-- | apps/core_unhosted/admin.php | 50 | ||||
| -rw-r--r-- | apps/core_unhosted/ajax/deletetoken.php | 12 | ||||
| -rw-r--r-- | apps/core_unhosted/ajax/link.php | 49 | ||||
| -rw-r--r-- | apps/core_unhosted/appinfo/database.xml | 59 | ||||
| -rw-r--r-- | apps/core_unhosted/appinfo/info.xml | 10 | ||||
| -rw-r--r-- | apps/core_unhosted/compat.php | 110 | ||||
| -rw-r--r-- | apps/core_unhosted/css/admin.css | 2 | ||||
| -rw-r--r-- | apps/core_unhosted/img/island.png | bin | 0 -> 3674 bytes | |||
| -rw-r--r-- | apps/core_unhosted/js/admin.js | 16 | ||||
| -rw-r--r-- | apps/core_unhosted/lib_unhosted.php | 86 | ||||
| -rw-r--r-- | apps/core_unhosted/oauth_ro_auth.php | 73 | ||||
| -rw-r--r-- | apps/core_unhosted/templates/admin.php | 19 | ||||
| -rw-r--r-- | apps/core_unhosted/templates/breadcrumb.php | 4 | ||||
| -rw-r--r-- | apps/core_unhosted/templates/files.php | 9 |
14 files changed, 499 insertions, 0 deletions
diff --git a/apps/core_unhosted/admin.php b/apps/core_unhosted/admin.php new file mode 100644 index 00000000000..8a4f9f9a2e0 --- /dev/null +++ b/apps/core_unhosted/admin.php @@ -0,0 +1,50 @@ +<?php + +/** +* ownCloud app for using your OwnCloud on the unhosted web +* +* @author Michiel de Jong +* Some parts are from the files_publiclink app, and thus: +* @copyright 2010 Robin Appelman icewind1991@gmail.com +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + + +// Init owncloud +require_once('../../lib/base.php'); +require_once( 'lib_unhosted.php' ); +require( 'template.php' ); + +// Check if we are a user +if( !OC_USER::isLoggedIn()){ +//var_export($_COOKIE); +//var_export($_SESSION); +//die('get a cookie!'); + header( "Location: ".OC_HELPER::linkTo( "index.php" )); + exit(); +} + +OC_APP::setActiveNavigationEntry( "unhosted_web_administration" ); + +OC_UTIL::addStyle( 'unhosted_web', 'admin' ); +OC_UTIL::addScript( 'unhosted_web', 'admin' ); + +// return template +$tmpl = new OC_TEMPLATE( "unhosted_web", "admin", "admin" ); +$tmpl->assign( 'tokens', OC_UnhostedWeb::getAllTokens()); +$tmpl->printPage(); + +?> diff --git a/apps/core_unhosted/ajax/deletetoken.php b/apps/core_unhosted/ajax/deletetoken.php new file mode 100644 index 00000000000..3e3668188bd --- /dev/null +++ b/apps/core_unhosted/ajax/deletetoken.php @@ -0,0 +1,12 @@ +<?php +$RUNTIME_NOAPPS=true; //no need to load the apps + +require_once '../../../lib/base.php'; + +require_once '../lib_unhosted.php'; + +$token=$_GET['token']; +if(OC_User::isLoggedIn()) { + OC_UnhostedWeb::deleteToken($token); +} +?> diff --git a/apps/core_unhosted/ajax/link.php b/apps/core_unhosted/ajax/link.php new file mode 100644 index 00000000000..9f479cbd510 --- /dev/null +++ b/apps/core_unhosted/ajax/link.php @@ -0,0 +1,49 @@ +<?php +// We send json data +header( "Content-Type: application/jsonrequest" ); +header("Access-Control-Allow-Origin: https://myfavouritesandwich.org"); +header('Access-Control-Max-Age: 3600'); +header('Access-Control-Allow-Methods: OPTIONS, POST'); + +try { + if($_POST['secret'] && $_POST['userAddress'] && $_POST['dataScope'] && $_POST['secret']=='XRlc2FuZHdpY2gub3JnIiwiZW1haWwiOiJhc2RmYXNkZkB1b') { + // Init owncloud + require_once('../../../lib/base.php'); + require_once('../lib_unhosted.php'); + + $ownCloudDetails = array( + 'url' => 'https://myfavouritesandwich.org:444/', + 'usr' => $_POST['userAddress'],//this is not necessarily the case, you could also use one owncloud user and many user addresses on it + 'pwd' => OC_User::generatePassword(), + ); + $storage = array( + 'dataScope' => $_POST['dataScope'], + 'storageType' => 'http://unhosted.org/spec/dav/0.1', + 'davUrl' => 'https://myfavouritesandwich.org:444/apps/unhosted_web/compat.php/'.$ownCloudDetails['usr'].'/unhosted/', + 'userAddress' => $_POST['userAddress'],//here, it refers to the user sent to DAV in the basic auth + ); + if(OC_User::userExists($ownCloudDetails['usr'])){ + $message = 'account reopened'; + $result = OC_User::setPassword($ownCloudDetails['usr'], $ownCloudDetails['pwd']); + } else { + $message = 'account created'; + $result = OC_User::createUser($ownCloudDetails['usr'], $ownCloudDetails['pwd']); + } + if($result) { + $storage['davToken'] = OC_UnhostedWeb::createDataScope( + 'https://myfavouritesandwich.org/', + $ownCloudDetails['usr'], $storage['dataScope']); + echo json_encode(array('ownCloudDetails' => $ownCloudDetails, 'storage' => $storage)); + exit(); + } else { + echo json_encode( array( "status" => "error", "data" => "couldn't ", "ownCloudDetails" => $ownCloudDetails)); + exit(); + } + } else { + echo json_encode( array( "status" => "error", "data" => "post not ok")); + } +} catch(Exception $e) { + echo json_encode( array( "status" => "error", "data" => $e)); +} +echo json_encode( array( "status" => "error", "data" => array( "message" => "Computer says 'no'" ))); +?> diff --git a/apps/core_unhosted/appinfo/database.xml b/apps/core_unhosted/appinfo/database.xml new file mode 100644 index 00000000000..db25657085b --- /dev/null +++ b/apps/core_unhosted/appinfo/database.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="ISO-8859-1" ?> +<database> + <name>*dbname*</name> + <create>true</create> + <overwrite>false</overwrite> + <charset>latin1</charset> + <table> + <name>*dbprefix*authtoken</name> + <declaration> + <field> + <name>token</name> + <type>text</type> + <default></default> + <notnull>true</notnull> + <length>40</length> + </field> + <field> + <name>appUrl</name> + <type>text</type> + <default></default> + <notnull>true</notnull> + <length>128</length> + </field> + <field> + <name>user</name> + <type>text</type> + <default></default> + <notnull>true</notnull> + <length>64</length> + </field> + <field> + <name>dataScope</name> + <type>text</type> + <default></default> + <notnull>true</notnull> + <length>64</length> + </field> + <field> + <name>userAddress</name> + <type>text</type> + <default></default> + <notnull>true</notnull> + <length>64</length> + </field> + <index> + <name>a_app_unhostedweb_user</name> + <unique>true</unique> + <field> + <name>user</name> + <sorting>ascending</sorting> + </field> + <field> + <name>token</name> + <sorting>ascending</sorting> + </field> + </index> + </declaration> + </table> +</database> diff --git a/apps/core_unhosted/appinfo/info.xml b/apps/core_unhosted/appinfo/info.xml new file mode 100644 index 00000000000..dccbd3b8245 --- /dev/null +++ b/apps/core_unhosted/appinfo/info.xml @@ -0,0 +1,10 @@ +<?xml version="1.0"?> +<info> + <id>core_unhosted</id> + <name>Unhosted Web</name> + <description>On websites that allow unhosted accounts, use your owncloud as the storage for your user data</description> + <version>0.1</version> + <licence>AGPL</licence> + <author>Michiel de Jong</author> + <require>2</require> +</info> diff --git a/apps/core_unhosted/compat.php b/apps/core_unhosted/compat.php new file mode 100644 index 00000000000..88dac5e7b55 --- /dev/null +++ b/apps/core_unhosted/compat.php @@ -0,0 +1,110 @@ +<?php + +/** +* ownCloud +* +* Original: +* @author Frank Karlitschek +* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* +* Adapted: +* @author Michiel de Jong, 2011 +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + + +// Do not load FS ... +$RUNTIME_NOSETUPFS = true; + +require_once('../../lib/base.php'); +require_once('Sabre/autoload.php'); +require_once('lib_unhosted.php'); +require_once('oauth_ro_auth.php'); + +ini_set('default_charset', 'UTF-8'); +#ini_set('error_reporting', ''); +@ob_clean(); + +//allow use as unhosted storage for other websites +if(isset($_SERVER['HTTP_ORIGIN'])) { + header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']); + header('Access-Control-Max-Age: 3600'); + header('Access-Control-Allow-Methods: OPTIONS, GET, PUT, DELETE, PROPFIND'); + header('Access-Control-Allow-Headers: Authorization'); +} else { + header('Access-Control-Allow-Origin: *'); +} + +$path = substr($_SERVER["REQUEST_URI"], strlen($_SERVER["SCRIPT_NAME"])); +$pathParts = explode('/', $path); +// for webdav: +// 0/ 1 / 2 / 3 / 4 / 5 / 6 / 7 +// /$ownCloudUser/unhosted/webdav/$userHost/$userName/$dataScope/$key +// for oauth: +// 0/ 1 / 2 / 3 / 4 +// /$ownCloudUser/unhosted/oauth/auth + +if(count($pathParts) >= 8 && $pathParts[0] == '' && $pathParts[2] == 'unhosted' && $pathParts[3] == 'webdav') { + list($dummy0, $ownCloudUser, $dummy2, $dummy3, $userHost, $userName, $dataScope) = $pathParts; + + OC_Util::setupFS($ownCloudUser); + + // Create ownCloud Dir + $publicDir = new OC_Connector_Sabre_Directory(''); + $server = new Sabre_DAV_Server($publicDir); + + // Path to our script + $server->setBaseUri("$WEBROOT/apps/core_unhosted/compat.php/$ownCloudUser"); + + // Auth backend + $authBackend = new OC_Connector_Sabre_Auth_ro_oauth(OC_UnhostedWeb::getValidTokens($ownCloudUser, $userName.'@'.$userHost, $dataScope)); + + $authPlugin = new Sabre_DAV_Auth_Plugin($authBackend,'ownCloud');//should use $validTokens here + $server->addPlugin($authPlugin); + + // Also make sure there is a 'data' directory, writable by the server. This directory is used to store information about locks + $lockBackend = new OC_Connector_Sabre_Locks(); + $lockPlugin = new Sabre_DAV_Locks_Plugin($lockBackend); + $server->addPlugin($lockPlugin); + + // And off we go! + $server->exec(); +} else if(count($pathParts) >= 4 && $pathParts[0] == '' && $pathParts[2] == 'unhosted' && $pathParts[3] == 'oauth2' && $pathParts[4] = 'auth') { + if(isset($_POST['allow'])) { + //TODO: input checking. these explodes may fail to produces the desired arrays: + $ownCloudUser = $pathParts[1]; + foreach($_GET as $k => $v) { + if($k=='user_address'){ + $userAddress=$v; + } else if($k=='redirect_uri'){ + $appUrl=$v; + } else if($k=='scope'){ + $dataScope=$v; + } + } + if(OC_User::getUser() == $ownCloudUser) { + //TODO: check if this can be faked by editing the cookie in firebug! + $token=OC_UnhostedWeb::createDataScope($appUrl, $userAddress, $dataScope); + header('Location: '.$_GET['redirect_uri'].'#access_token='.$token.'&token_type=unhosted'); + } else { + die('not logged in: '.var_export($pathParts, true)); + } + } else { + echo '<form method="POST"><input name="allow" type="submit" value="Allow this web app to store stuff on your owncloud."></form>'; + } +} else { + die('not webdav and not oauth. dont know what to do '.var_export($pathParts, true)); +} diff --git a/apps/core_unhosted/css/admin.css b/apps/core_unhosted/css/admin.css new file mode 100644 index 00000000000..f21b289f043 --- /dev/null +++ b/apps/core_unhosted/css/admin.css @@ -0,0 +1,2 @@ +td.path{min-width:200px} +td.expire{width:120px}
\ No newline at end of file diff --git a/apps/core_unhosted/img/island.png b/apps/core_unhosted/img/island.png Binary files differnew file mode 100644 index 00000000000..8536e508e34 --- /dev/null +++ b/apps/core_unhosted/img/island.png diff --git a/apps/core_unhosted/js/admin.js b/apps/core_unhosted/js/admin.js new file mode 100644 index 00000000000..bf578c0b547 --- /dev/null +++ b/apps/core_unhosted/js/admin.js @@ -0,0 +1,16 @@ +$(document).ready(function() { + $("button.revoke").live('click', function( event ) { + event.preventDefault(); + var token=$(this).attr('data-token'); + var data="token="+token; + $.ajax({ + type: 'GET', + url: 'ajax/deletetoken.php', + cache: false, + data: data, + success: function(){ + $('#'+token).remove(); + } + }); + }); +}); diff --git a/apps/core_unhosted/lib_unhosted.php b/apps/core_unhosted/lib_unhosted.php new file mode 100644 index 00000000000..304759c521c --- /dev/null +++ b/apps/core_unhosted/lib_unhosted.php @@ -0,0 +1,86 @@ +<?php + +class OC_UnhostedWeb { + public static function getValidTokens($ownCloudUser, $userAddress, $dataScope) { + $user=OC_DB::escape($ownCloudUser); + $userAddress=OC_DB::escape($userAddress); + $dataScope=OC_DB::escape($dataScope); + $query=OC_DB::prepare("SELECT token,appUrl FROM *PREFIX*authtoken WHERE user=? AND userAddress=? AND dataScope=? LIMIT 100"); + $result=$query->execute(array($user,$userAddress,$dataScope)); + if( PEAR::isError($result)) { + $entry = 'DB Error: "'.$result->getMessage().'"<br />'; + $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />'; + error_log( $entry ); + die( $entry ); + } + $ret = array(); + while($row=$result->fetchRow()){ + $ret[$row['token']]=$userAddress; + } + return $ret; + } + + public static function getAllTokens() { + $user=OC_User::getUser(); + $query=OC_DB::prepare("SELECT token,appUrl,userAddress,dataScope FROM *PREFIX*authtoken WHERE user=? LIMIT 100"); + $result=$query->execute(array($user)); + if( PEAR::isError($result)) { + $entry = 'DB Error: "'.$result->getMessage().'"<br />'; + $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />'; + error_log( $entry ); + die( $entry ); + } + $ret = array(); + while($row=$result->fetchRow()){ + $ret[$row['token']] = array( + 'appUrl' => $row['appurl'], + 'userAddress' => $row['useraddress'], + 'dataScope' => $row['datascope'], + ); + } + return $ret; + } + + public static function deleteToken($token) { + $user=OC_User::getUser(); + $token=OC_DB::escape($token); + $query=OC_DB::prepare("DELETE FROM *PREFIX*authtoken WHERE token=? AND user=?"); + $result=$query->execute(array($token,$user)); + if( PEAR::isError($result)) { + $entry = 'DB Error: "'.$result->getMessage().'"<br />'; + $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />'; + error_log( $entry ); + die( $entry ); + } + } + private static function addToken($token, $appUrl, $userAddress, $dataScope){ + $user=OC_User::getUser(); + $token=OC_DB::escape($token); + $appUrl=OC_DB::escape($appUrl); + $userAddress=OC_DB::escape($userAddress); + $dataScope=OC_DB::escape($dataScope); + $query=OC_DB::prepare("INSERT INTO *PREFIX*authtoken (`token`,`appUrl`,`user`,`userAddress`,`dataScope`) VALUES(?,?,?,?,?)"); + $result=$query->execute(array($token,$appUrl,$user,$userAddress,$dataScope)); + if( PEAR::isError($result)) { + $entry = 'DB Error: "'.$result->getMessage().'"<br />'; + $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />'; + error_log( $entry ); + die( $entry ); + } + } + public static function createDataScope($appUrl, $userAddress, $dataScope){ + $token=uniqid(); + self::addToken($token, $appUrl, $userAddress, $dataScope); + //TODO: input checking on $userAddress and $dataScope + list($userName, $userHost) = explode('@', $userAddress); + OC_Util::setupFS(OC_User::getUser()); + $scopePathParts = array('unhosted', 'webdav', $userHost, $userName, $dataScope); + for($i=0;$i<=count($scopePathParts);$i++){ + $thisPath = '/'.implode('/', array_slice($scopePathParts, 0, $i)); + if(!OC_Filesystem::file_exists($thisPath)) { + OC_Filesystem::mkdir($thisPath); + } + } + return $token; + } +} diff --git a/apps/core_unhosted/oauth_ro_auth.php b/apps/core_unhosted/oauth_ro_auth.php new file mode 100644 index 00000000000..b785d85fead --- /dev/null +++ b/apps/core_unhosted/oauth_ro_auth.php @@ -0,0 +1,73 @@ +<?php +/** + * HTTP Basic authentication backend class + * + * This class can be used by authentication objects wishing to use HTTP Basic + * Most of the digest logic is handled, implementors just need to worry about + * the validateUserPass method. + * + * @package Sabre + * @subpackage DAV + * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved. + * @author James David Low (http://jameslow.com/) + * @author Evert Pot (http://www.rooftopsolutions.nl/) + * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License + */ +class OC_Connector_Sabre_Auth_ro_oauth extends Sabre_DAV_Auth_Backend_AbstractBasic { + private $validTokens; + + public function __construct($validTokensArg) { + $this->validTokens = $validTokensArg; + } + + /** + * Validates a username and password + * + * This method should return true or false depending on if login + * succeeded. + * + * @return bool + */ + protected function validateUserPass($username, $password){ + //always give read-only: + if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) { + OC_Util::setUpFS(); + return true; + } else if(isset($this->validTokens[$password]) && $this->validTokens[$password] == $username) { + OC_Util::setUpFS(); + return true; + } else { +var_export($_SERVER); +var_export($this->validTokens); +die('not getting in with "'.$username.'"/"'.$password.'"!'); + return false; + } + } + + //overwriting this to make it not automatically fail if no auth header is found: + public function authenticate(Sabre_DAV_Server $server,$realm) { + $auth = new Sabre_HTTP_BasicAuth(); + $auth->setHTTPRequest($server->httpRequest); + $auth->setHTTPResponse($server->httpResponse); + $auth->setRealm($realm); + $userpass = $auth->getUserPass(); + if (!$userpass) { + if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) { + $userpass = array('', ''); + } else { + $auth->requireLogin(); + throw new Sabre_DAV_Exception_NotAuthenticated('No basic authentication headers were found'); + } + } + + // Authenticates the user + if (!$this->validateUserPass($userpass[0],$userpass[1])) { + $auth->requireLogin(); + throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match'); + } + $this->currentUser = $userpass[0]; + return true; + } + +} + diff --git a/apps/core_unhosted/templates/admin.php b/apps/core_unhosted/templates/admin.php new file mode 100644 index 00000000000..5ad76cc17c8 --- /dev/null +++ b/apps/core_unhosted/templates/admin.php @@ -0,0 +1,19 @@ +<table id='tokenlist'> + <thead> + <tr> + <td class='appUrl'><?php echo $l->t( 'App-Url' ); ?></td> + <td class='userAddress'><?php echo $l->t( 'User-Address' ); ?></td> + <td class='token'><?php echo $l->t( 'Token' ); ?></td> + </tr> + </thead> + <tbody> + <?php foreach($_['tokens'] as $token=>$details):?> + <tr class='token' id='<?php echo $token;?>'> + <td class='appUrl'><?php echo $details['appUrl'];?></td> + <td class='userAddress'><?php echo $details['userAddress'];?></td> + <td class='token'><?php echo $token;?></td> + <td><button class='revoke fancybutton' data-token='<?php echo $token;?>'><?php echo $l->t( 'Revoke' ); ?></button></td> + </tr> + <?php endforeach;?> + </tbody> +</table> diff --git a/apps/core_unhosted/templates/breadcrumb.php b/apps/core_unhosted/templates/breadcrumb.php new file mode 100644 index 00000000000..733531d9e10 --- /dev/null +++ b/apps/core_unhosted/templates/breadcrumb.php @@ -0,0 +1,4 @@ + <a href="<?php echo link_to("files_publiclink", "get.php?token=".$_['token']); ?>"><img src="<?php echo image_path("", "actions/go-home.png"); ?>" alt="Root" /></a> + <?php foreach($_["breadcrumb"] as $crumb): ?> + <a href="<?php echo link_to("files_publiclink", "get.php?token=".$_['token']."&path=".$crumb["dir"]); ?>"><?php echo htmlspecialchars($crumb["name"]); ?></a> + <?php endforeach; ?>
\ No newline at end of file diff --git a/apps/core_unhosted/templates/files.php b/apps/core_unhosted/templates/files.php new file mode 100644 index 00000000000..b4ae17656c3 --- /dev/null +++ b/apps/core_unhosted/templates/files.php @@ -0,0 +1,9 @@ + <?php foreach($_["files"] as $file): ?> + <tr> + <td class="selection"><input type="checkbox" /></td> + <td class="filename"><a style="background-image:url(<?php if($file["type"] == "dir") echo mimetype_icon("dir"); else echo mimetype_icon($file["mime"]); ?>)" href="<?php if($file["type"] == "dir") echo link_to("files_publiclink", "get.php?token=".$_['token']."&path=".$file["directory"]."/".$file["name"]); else echo link_to("files_publiclink", "get.php?token=".$_['token']."&path=".$file["directory"]."/".$file["name"]); ?>" title=""><?php echo htmlspecialchars($file["name"]); ?></a></td> + <td class="filesize"><?php echo human_file_size($file["size"]); ?></td> + <td class="date"><?php if($file["type"] != "dir") echo $file["date"]; ?></td> + <td class="fileaction"><a href="" title=""><img src="images/drop-arrow.png" alt="+" /></a></td> + </tr> + <?php endforeach; ?>
\ No newline at end of file |
