diff options
author | Lukas Reschke <lukas@statuscode.ch> | 2014-05-10 14:00:22 +0200 |
---|---|---|
committer | Thomas Müller <thomas.mueller@tmit.eu> | 2014-06-05 11:45:45 +0200 |
commit | ac7fb1b23e40e3075535ed5d4188219580b2386a (patch) | |
tree | a34585e85420dba68fb07456151b54e86ea4d785 | |
parent | d0eb8f8668189d5fe82c9d783f30564d643ba604 (diff) | |
download | nextcloud-server-ac7fb1b23e40e3075535ed5d4188219580b2386a.tar.gz nextcloud-server-ac7fb1b23e40e3075535ed5d4188219580b2386a.zip |
Remove legacy routing code
The getfile routing code was absolutely legacy and not needed anymore. Additionally \OC::$REQUESTEDAPP was never set to the actually accessed application.
This commit removes the legacy routing code and ensures that $REQUESTEDAPP is always set so that other applications (e.g. the firewall or a two-factor authentication) can intercept the currently accessed app.
Testplan:
[x] Installation works
[x] Login with DB works
[x] Logout works
[x] Login with alternate backend works (tested with user_webdavauth)
[x] Other apps are accessible
[x] Redirect on login works (e.g. index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fapps%3Finstalled)
[x] Personal settings are accessible
[x] Admin settings are accessible
[x] Sharing files works
[x] DAV works
[x] OC::$REQUESTEDAPP contains the requested application and can be intercepted by other applications
-rw-r--r-- | .htaccess | 1 | ||||
-rw-r--r-- | lib/base.php | 75 | ||||
-rw-r--r-- | lib/private/route/router.php | 3 | ||||
-rwxr-xr-x | lib/private/util.php | 5 | ||||
-rw-r--r-- | public.php | 4 | ||||
-rw-r--r-- | remote.php | 6 |
6 files changed, 32 insertions, 62 deletions
diff --git a/.htaccess b/.htaccess index 714e8af213b..ee4d5af1d85 100644 --- a/.htaccess +++ b/.htaccess @@ -24,7 +24,6 @@ RewriteRule ^\.well-known/carddav /remote.php/carddav/ [R] RewriteRule ^\.well-known/caldav /remote.php/caldav/ [R] RewriteRule ^apps/calendar/caldav\.php remote.php/caldav/ [QSA,L] RewriteRule ^apps/contacts/carddav\.php remote.php/carddav/ [QSA,L] -RewriteRule ^apps/([^/]*)/(.*\.(php))$ index.php?app=$1&getfile=$2 [QSA,L] RewriteRule ^remote/(.*) remote.php [QSA,L] </IfModule> <IfModule mod_mime.c> diff --git a/lib/base.php b/lib/base.php index 7c58619a556..d3f98ab0c1c 100644 --- a/lib/base.php +++ b/lib/base.php @@ -60,14 +60,11 @@ class OC { public static $configDir; - /* + /** * requested app */ public static $REQUESTEDAPP = ''; - /* - * requested file of app - */ - public static $REQUESTEDFILE = ''; + /** * check if owncloud runs in cli mode */ @@ -574,12 +571,6 @@ class OC { OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); - // Load minimum set of apps - which is filesystem, authentication and logging - if (!self::checkUpgrade(false)) { - OC_App::loadApps(array('authentication')); - OC_App::loadApps(array('filesystem', 'logging')); - } - //setup extra user backends OC_User::setupBackends(); @@ -592,35 +583,6 @@ class OC { //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); - //parse the given parameters - self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? OC_App::cleanAppId(strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files')); - if (substr_count(self::$REQUESTEDAPP, '?') != 0) { - $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); - $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1); - parse_str($param, $get); - $_GET = array_merge($_GET, $get); - self::$REQUESTEDAPP = $app; - $_GET['app'] = $app; - } - self::$REQUESTEDFILE = (isset($_GET['getfile']) ? $_GET['getfile'] : null); - if (substr_count(self::$REQUESTEDFILE, '?') != 0) { - $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); - $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); - parse_str($param, $get); - $_GET = array_merge($_GET, $get); - self::$REQUESTEDFILE = $file; - $_GET['getfile'] = $file; - } - if (!is_null(self::$REQUESTEDFILE)) { - $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE; - $parent = OC_App::getAppPath(OC::$REQUESTEDAPP); - if (!OC_Helper::isSubDirectory($subdir, $parent)) { - self::$REQUESTEDFILE = null; - header('HTTP/1.0 404 Not Found'); - exit; - } - } - if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) { if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { OC_Util::addScript('backgroundjobs'); @@ -729,6 +691,7 @@ class OC { OC::tryBasicAuthLogin(); } + if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) { try { if (!OC_Config::getValue('maintenance', false) && !self::needUpgrade()) { @@ -745,9 +708,16 @@ class OC { } } - $app = OC::$REQUESTEDAPP; - $file = OC::$REQUESTEDFILE; - $param = array('app' => $app, 'file' => $file); + // Load minimum set of apps + if (!self::checkUpgrade(false)) { + // For logged-in users: Load everything + if(OC_User::isLoggedIn()) { + OC_App::loadApps(); + } else { + // For guests: Load only authentication, filesystem and logging + OC_App::loadApps(array('authentication', 'filesystem', 'logging')); + } + } // Handle redirect URL for logged in users if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) { @@ -778,7 +748,7 @@ class OC { return; } - // Someone is logged in : + // Someone is logged in if (OC_User::isLoggedIn()) { OC_App::loadApps(); OC_User::setupBackends(); @@ -800,20 +770,13 @@ class OC { // redirect to webroot and add slash if webroot is empty header("Location: " . OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : '')); } else { - if (is_null($file)) { - $param['file'] = 'index.php'; - } - $file_ext = substr($param['file'], -3); - if ($file_ext != 'php' - || !self::loadAppScriptFile($param) - ) { - header('HTTP/1.0 404 Not Found'); - } + // Redirect to default application + OC_Util::redirectToDefaultPage(); } - return; + } else { + // Not handled and not logged in + self::handleLogin(); } - // Not handled and not logged in - self::handleLogin(); } /** diff --git a/lib/private/route/router.php b/lib/private/route/router.php index a72ac2bb3f1..e7c8ad9ebdd 100644 --- a/lib/private/route/router.php +++ b/lib/private/route/router.php @@ -188,8 +188,11 @@ class Router implements IRouter { if (substr($url, 0, 6) === '/apps/') { // empty string / 'apps' / $app / rest of the route list(, , $app,) = explode('/', $url, 4); + \OC::$REQUESTEDAPP = $app; $this->loadRoutes($app); } else if (substr($url, 0, 6) === '/core/' or substr($url, 0, 10) === '/settings/') { + \OC::$REQUESTEDAPP = $url; + \OC_App::loadApps(); $this->loadRoutes('core'); } else { $this->loadRoutes(); diff --git a/lib/private/util.php b/lib/private/util.php index 0daef78ce7f..dfdddd0e3ab 100755 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -767,15 +767,12 @@ class OC_Util { $urlGenerator = \OC::$server->getURLGenerator(); if(isset($_REQUEST['redirect_url'])) { $location = urldecode($_REQUEST['redirect_url']); - } - else if (isset(OC::$REQUESTEDAPP) && !empty(OC::$REQUESTEDAPP)) { - $location = $urlGenerator->getAbsoluteURL('/index.php/apps/'.OC::$REQUESTEDAPP.'/index.php'); } else { $defaultPage = OC_Appconfig::getValue('core', 'defaultpage'); if ($defaultPage) { $location = $urlGenerator->getAbsoluteURL($defaultPage); } else { - $location = $urlGenerator->getAbsoluteURL('/index.php/files/index.php'); + $location = $urlGenerator->getAbsoluteURL('/index.php/apps/files'); } } OC_Log::write('core', 'redirectToDefaultPage: '.$location, OC_Log::DEBUG); diff --git a/public.php b/public.php index dfdd4c52af9..3b48e129d9a 100644 --- a/public.php +++ b/public.php @@ -24,6 +24,10 @@ try { $parts = explode('/', $file, 2); $app = $parts[0]; + // Load all required applications + \OC::$REQUESTEDAPP = $app; + OC_App::loadApps(array('authentication', 'filesystem', 'logging')); + OC_Util::checkAppEnabled($app); OC_App::loadApp($app); OC_User::setIncognitoMode(true); diff --git a/remote.php b/remote.php index 15dfa8256ff..6a069ed4605 100644 --- a/remote.php +++ b/remote.php @@ -1,7 +1,6 @@ <?php try { - require_once 'lib/base.php'; $path_info = OC_Request::getPathInfo(); if ($path_info === false || $path_info === '') { @@ -24,6 +23,11 @@ try { $parts=explode('/', $file, 2); $app=$parts[0]; + + // Load all required applications + \OC::$REQUESTEDAPP = $app; + OC_App::loadApps(array('authentication', 'filesystem', 'logging')); + switch ($app) { case 'core': $file = OC::$SERVERROOT .'/'. $file; |