diff options
| author | Bjoern Schiessle <schiessle@owncloud.com> | 2015-06-18 09:21:06 +0200 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@owncloud.com> | 2015-06-22 15:25:23 +0200 |
| commit | d38a378b8cc8d13e6459ccb4cfbc8a8bbe1f8428 (patch) | |
| tree | 703cc3a64712860e919913d33ea883405927de48 /lib/private/share | |
| parent | a88b370dc84c4dfdcab7a128900829fbe8204ca7 (diff) | |
| download | nextcloud-server-d38a378b8cc8d13e6459ccb4cfbc8a8bbe1f8428.tar.gz nextcloud-server-d38a378b8cc8d13e6459ccb4cfbc8a8bbe1f8428.zip | |
make sure that we split username and server address at the first '@' from the right to allow usernames containing '@'
Diffstat (limited to 'lib/private/share')
| -rw-r--r-- | lib/private/share/exceptions/invalidfederatedcloudidexception.php | 30 | ||||
| -rw-r--r-- | lib/private/share/helper.php | 22 | ||||
| -rw-r--r-- | lib/private/share/share.php | 2 |
3 files changed, 53 insertions, 1 deletions
diff --git a/lib/private/share/exceptions/invalidfederatedcloudidexception.php b/lib/private/share/exceptions/invalidfederatedcloudidexception.php new file mode 100644 index 00000000000..1f3e63c8800 --- /dev/null +++ b/lib/private/share/exceptions/invalidfederatedcloudidexception.php @@ -0,0 +1,30 @@ +<?php +/** + * @author Björn Schießle <schiessle@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + + +namespace OC\Share\Exceptions; + + +use OC\HintException; + +class InvalidFederatedCloudIdException extends HintException { + +} diff --git a/lib/private/share/helper.php b/lib/private/share/helper.php index 65167dd7549..d88c4bcbfc2 100644 --- a/lib/private/share/helper.php +++ b/lib/private/share/helper.php @@ -27,6 +27,8 @@ namespace OC\Share; +use OC\Share\Exceptions\InvalidFederatedCloudIdException; + class Helper extends \OC\Share\Constants { /** @@ -244,4 +246,24 @@ class Helper extends \OC\Share\Constants { return rtrim($shareWith, '/'); } + + /** + * split user and remote from federated cloud id + * + * @param string $id + * @return array + * @throws InvalidFederatedCloudIdException + */ + public static function splitUserRemote($id) { + $pos = strrpos($id, '@'); + if ($pos !== false) { + $user = substr($id, 0, $pos); + $remote = substr($id, $pos + 1); + if (!empty($user) && !empty($remote)) { + return array($user, $remote); + } + } + + throw new InvalidFederatedCloudIdException('invalid Federated Cloud ID'); + } } diff --git a/lib/private/share/share.php b/lib/private/share/share.php index 027c518f9f1..3c4b6863afd 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -2427,7 +2427,7 @@ class Share extends Constants { */ private static function sendRemoteShare($token, $shareWith, $name, $remote_id, $owner) { - list($user, $remote) = explode('@', $shareWith, 2); + list($user, $remote) = Helper::splitUserRemote($shareWith); if ($user && $remote) { $url = rtrim($remote, '/') . self::BASE_PATH_TO_SHARE_API . '?format=' . self::RESPONSE_FORMAT; |