summaryrefslogtreecommitdiffstats
path: root/apps/user_webdavauth
diff options
context:
space:
mode:
authorThomas Müller <thomas.mueller@tmit.eu>2013-06-14 11:31:23 -0700
committerThomas Müller <thomas.mueller@tmit.eu>2013-06-14 11:31:23 -0700
commit126a0cac8db2160b511965c9640f769238f8ef3a (patch)
treea668b6b0c73558bfabd8e410671e772d1509de3e /apps/user_webdavauth
parent0ac7c5712a18b01057ebaf5819cfe12700a86a3e (diff)
parentacba7d7b13be102031717f9fa06ced918c916301 (diff)
downloadnextcloud-server-126a0cac8db2160b511965c9640f769238f8ef3a.tar.gz
nextcloud-server-126a0cac8db2160b511965c9640f769238f8ef3a.zip
Merge pull request #3473 from opensaucesystems/master
Small update to user_webdavauth
Diffstat (limited to 'apps/user_webdavauth')
-rwxr-xr-xapps/user_webdavauth/templates/settings.php2
-rwxr-xr-xapps/user_webdavauth/user_webdavauth.php10
2 files changed, 9 insertions, 3 deletions
diff --git a/apps/user_webdavauth/templates/settings.php b/apps/user_webdavauth/templates/settings.php
index ec6524ee4f7..e199c32675c 100755
--- a/apps/user_webdavauth/templates/settings.php
+++ b/apps/user_webdavauth/templates/settings.php
@@ -1,7 +1,7 @@
<form id="webdavauth" action="#" method="post">
<fieldset class="personalblock">
<legend><strong><?php p($l->t('WebDAV Authentication'));?></strong></legend>
- <p><label for="webdav_url"><?php p($l->t('URL: http://'));?><input type="text" id="webdav_url" name="webdav_url" value="<?php p($_['webdav_url']); ?>"></label>
+ <p><label for="webdav_url"><?php p($l->t('URL: '));?><input type="url" placeholder="https://example.com/webdav" id="webdav_url" name="webdav_url" value="<?php p($_['webdav_url']); ?>"></label>
<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" id="requesttoken">
<input type="submit" value="Save" />
<br /><?php p($l->t('ownCloud will send the user credentials to this URL. This plugin checks the response and will interpret the HTTP statuscodes 401 and 403 as invalid credentials, and all other responses as valid credentials.')); ?>
diff --git a/apps/user_webdavauth/user_webdavauth.php b/apps/user_webdavauth/user_webdavauth.php
index 6417e45434d..146034a5d43 100755
--- a/apps/user_webdavauth/user_webdavauth.php
+++ b/apps/user_webdavauth/user_webdavauth.php
@@ -41,10 +41,16 @@ class OC_USER_WEBDAVAUTH extends OC_User_Backend {
}
public function checkPassword( $uid, $password ) {
- $url= 'http://'.urlencode($uid).':'.urlencode($password).'@'.$this->webdavauth_url;
+ $arr = explode('://', $this->webdavauth_url, 2);
+ if( ! isset($arr) OR count($arr) !== 2) {
+ OC_Log::write('OC_USER_WEBDAVAUTH', 'Invalid Url: "'.$this->webdavauth_url.'" ', 3);
+ return false;
+ }
+ list($webdavauth_protocol, $webdavauth_url_path) = $arr;
+ $url= $webdavauth_protocol.'://'.urlencode($uid).':'.urlencode($password).'@'.$webdavauth_url_path;
$headers = get_headers($url);
if($headers==false) {
- OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to connect to WebDAV Url: "'.$this->webdavauth_url.'" ', 3);
+ OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to connect to WebDAV Url: "'.$webdavauth_protocol.'://'.$webdavauth_url_path.'" ', 3);
return false;
}