diff options
author | Thomas Müller <thomas.mueller@tmit.eu> | 2013-06-14 11:31:23 -0700 |
---|---|---|
committer | Thomas Müller <thomas.mueller@tmit.eu> | 2013-06-14 11:31:23 -0700 |
commit | 126a0cac8db2160b511965c9640f769238f8ef3a (patch) | |
tree | a668b6b0c73558bfabd8e410671e772d1509de3e /apps | |
parent | 0ac7c5712a18b01057ebaf5819cfe12700a86a3e (diff) | |
parent | acba7d7b13be102031717f9fa06ced918c916301 (diff) | |
download | nextcloud-server-126a0cac8db2160b511965c9640f769238f8ef3a.tar.gz nextcloud-server-126a0cac8db2160b511965c9640f769238f8ef3a.zip |
Merge pull request #3473 from opensaucesystems/master
Small update to user_webdavauth
Diffstat (limited to 'apps')
-rwxr-xr-x | apps/user_webdavauth/templates/settings.php | 2 | ||||
-rwxr-xr-x | apps/user_webdavauth/user_webdavauth.php | 10 |
2 files changed, 9 insertions, 3 deletions
diff --git a/apps/user_webdavauth/templates/settings.php b/apps/user_webdavauth/templates/settings.php index ec6524ee4f7..e199c32675c 100755 --- a/apps/user_webdavauth/templates/settings.php +++ b/apps/user_webdavauth/templates/settings.php @@ -1,7 +1,7 @@ <form id="webdavauth" action="#" method="post"> <fieldset class="personalblock"> <legend><strong><?php p($l->t('WebDAV Authentication'));?></strong></legend> - <p><label for="webdav_url"><?php p($l->t('URL: http://'));?><input type="text" id="webdav_url" name="webdav_url" value="<?php p($_['webdav_url']); ?>"></label> + <p><label for="webdav_url"><?php p($l->t('URL: '));?><input type="url" placeholder="https://example.com/webdav" id="webdav_url" name="webdav_url" value="<?php p($_['webdav_url']); ?>"></label> <input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" id="requesttoken"> <input type="submit" value="Save" /> <br /><?php p($l->t('ownCloud will send the user credentials to this URL. This plugin checks the response and will interpret the HTTP statuscodes 401 and 403 as invalid credentials, and all other responses as valid credentials.')); ?> diff --git a/apps/user_webdavauth/user_webdavauth.php b/apps/user_webdavauth/user_webdavauth.php index 6417e45434d..146034a5d43 100755 --- a/apps/user_webdavauth/user_webdavauth.php +++ b/apps/user_webdavauth/user_webdavauth.php @@ -41,10 +41,16 @@ class OC_USER_WEBDAVAUTH extends OC_User_Backend { } public function checkPassword( $uid, $password ) { - $url= 'http://'.urlencode($uid).':'.urlencode($password).'@'.$this->webdavauth_url; + $arr = explode('://', $this->webdavauth_url, 2); + if( ! isset($arr) OR count($arr) !== 2) { + OC_Log::write('OC_USER_WEBDAVAUTH', 'Invalid Url: "'.$this->webdavauth_url.'" ', 3); + return false; + } + list($webdavauth_protocol, $webdavauth_url_path) = $arr; + $url= $webdavauth_protocol.'://'.urlencode($uid).':'.urlencode($password).'@'.$webdavauth_url_path; $headers = get_headers($url); if($headers==false) { - OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to connect to WebDAV Url: "'.$this->webdavauth_url.'" ', 3); + OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to connect to WebDAV Url: "'.$webdavauth_protocol.'://'.$webdavauth_url_path.'" ', 3); return false; } |