diff options
| author | Thomas Mueller <thomas.mueller@tmit.eu> | 2013-01-14 23:41:34 +0100 |
|---|---|---|
| committer | Thomas Mueller <thomas.mueller@tmit.eu> | 2013-01-14 23:41:34 +0100 |
| commit | 388bb6a5e1e8465b11f33f1820f023db271ba9d9 (patch) | |
| tree | 6fee16bd0151b051cfabd97db9d285e6b8b69c29 /lib | |
| parent | e475c26f1ae3adec2716b4ba59f92382db2bc24e (diff) | |
| parent | 71ae41716a56305ab9509571c0a84311b9f3eb63 (diff) | |
| download | nextcloud-server-388bb6a5e1e8465b11f33f1820f023db271ba9d9.tar.gz nextcloud-server-388bb6a5e1e8465b11f33f1820f023db271ba9d9.zip | |
Merge branch 'master' into fixing-unused-and-undefined-in-master
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/api.php | 5 | ||||
| -rw-r--r-- | lib/app.php | 4 | ||||
| -rw-r--r-- | lib/connector/sabre/ServiceUnavailable.php | 22 | ||||
| -rw-r--r-- | lib/connector/sabre/client.php | 173 | ||||
| -rw-r--r-- | lib/connector/sabre/maintenanceplugin.php | 56 | ||||
| -rw-r--r-- | lib/helper.php | 28 | ||||
| -rw-r--r-- | lib/json.php | 21 | ||||
| -rw-r--r-- | lib/l10n/bg_BG.php | 34 | ||||
| -rw-r--r-- | lib/l10n/bn_BD.php | 23 | ||||
| -rw-r--r-- | lib/l10n/id.php | 8 | ||||
| -rw-r--r-- | lib/migrate.php | 2 | ||||
| -rw-r--r-- | lib/ocs/cloud.php | 4 | ||||
| -rw-r--r-- | lib/public/share.php | 580 | ||||
| -rw-r--r-- | lib/router.php | 22 | ||||
| -rw-r--r-- | lib/subadmin.php | 7 | ||||
| -rw-r--r-- | lib/user.php | 13 | ||||
| -rwxr-xr-x | lib/util.php | 52 |
17 files changed, 661 insertions, 393 deletions
diff --git a/lib/api.php b/lib/api.php index cb67e0c2a89..c464cd04913 100644 --- a/lib/api.php +++ b/lib/api.php @@ -127,8 +127,7 @@ class OC_API { return false; } else { $subAdmin = OC_SubAdmin::isSubAdmin($user); - $admin = OC_Group::inGroup($user, 'admin'); - if($subAdmin || $admin) { + if($subAdmin) { return true; } else { return false; @@ -141,7 +140,7 @@ class OC_API { if(!$user) { return false; } else { - return OC_Group::inGroup($user, 'admin'); + return OC_User::isAdminUser($user); } break; default: diff --git a/lib/app.php b/lib/app.php index e60bce2a201..3b039733fe5 100644 --- a/lib/app.php +++ b/lib/app.php @@ -313,14 +313,14 @@ class OC_App{ $settings[]=array( "id" => "settings", "order" => 1000, "href" => OC_Helper::linkToRoute( "settings_settings" ), "name" => $l->t("Settings"), "icon" => OC_Helper::imagePath( "settings", "settings.svg" )); //SubAdmins are also allowed to access user management - if(OC_SubAdmin::isSubAdmin($_SESSION["user_id"]) || OC_Group::inGroup( $_SESSION["user_id"], "admin" )) { + if(OC_SubAdmin::isSubAdmin(OC_User::getUser())) { // admin users menu $settings[] = array( "id" => "core_users", "order" => 2, "href" => OC_Helper::linkToRoute( "settings_users" ), "name" => $l->t("Users"), "icon" => OC_Helper::imagePath( "settings", "users.svg" )); } // if the user is an admin - if(OC_Group::inGroup( $_SESSION["user_id"], "admin" )) { + if(OC_User::isAdminUser(OC_User::getUser())) { // admin apps menu $settings[] = array( "id" => "core_apps", "order" => 3, "href" => OC_Helper::linkToRoute( "settings_apps" ).'?installed', "name" => $l->t("Apps"), "icon" => OC_Helper::imagePath( "settings", "apps.svg" )); diff --git a/lib/connector/sabre/ServiceUnavailable.php b/lib/connector/sabre/ServiceUnavailable.php new file mode 100644 index 00000000000..c1cc815c989 --- /dev/null +++ b/lib/connector/sabre/ServiceUnavailable.php @@ -0,0 +1,22 @@ +<?php +/** + * ownCloud + * + * @author Thomas Müller + * @copyright 2013 Thomas Müller <thomas.mueller@tmit.eu> + * + * @license AGPL3 + */ + +class Sabre_DAV_Exception_ServiceUnavailable extends Sabre_DAV_Exception { + + /** + * Returns the HTTP statuscode for this exception + * + * @return int + */ + public function getHTTPCode() { + + return 503; + } +} diff --git a/lib/connector/sabre/client.php b/lib/connector/sabre/client.php deleted file mode 100644 index 8df5fb9a9ad..00000000000 --- a/lib/connector/sabre/client.php +++ /dev/null @@ -1,173 +0,0 @@ -<?php - -/** - * ownCloud - * - * @author Bjoern Schiessle - * @copyright 2012 Bjoern Schiessle <schiessle@owncloud.com> - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE - * License as published by the Free Software Foundation; either - * version 3 of the License, or any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU AFFERO GENERAL PUBLIC LICENSE for more details. - * - * You should have received a copy of the GNU Affero General Public - * License along with this library. If not, see <http://www.gnu.org/licenses/>. - * - */ - -class OC_Connector_Sabre_Client extends Sabre_DAV_Client { - - protected $trustedCertificates; - - /** - * Add trusted root certificates to the webdav client. - * - * The parameter certificates should be a absulute path to a file which contains - * all trusted certificates - * - * @param string $certificates - */ - public function addTrustedCertificates($certificates) { - $this->trustedCertificates = $certificates; - } - - /** - * Copied from SabreDAV with some modification to use user defined curlSettings - * Performs an actual HTTP request, and returns the result. - * - * If the specified url is relative, it will be expanded based on the base - * url. - * - * The returned array contains 3 keys: - * * body - the response body - * * httpCode - a HTTP code (200, 404, etc) - * * headers - a list of response http headers. The header names have - * been lowercased. - * - * @param string $method - * @param string $url - * @param string $body - * @param array $headers - * @return array - */ - public function request($method, $url = '', $body = null, $headers = array()) { - - $url = $this->getAbsoluteUrl($url); - - $curlSettings = array( - CURLOPT_RETURNTRANSFER => true, - // Return headers as part of the response - CURLOPT_HEADER => true, - CURLOPT_POSTFIELDS => $body, - // Automatically follow redirects - CURLOPT_FOLLOWLOCATION => true, - CURLOPT_MAXREDIRS => 5, - ); - - if($this->trustedCertificates) { - $curlSettings[CURLOPT_CAINFO] = $this->trustedCertificates; - } - - switch ($method) { - case 'HEAD' : - - // do not read body with HEAD requests (this is neccessary because cURL does not ignore the body with HEAD - // requests when the Content-Length header is given - which in turn is perfectly valid according to HTTP - // specs...) cURL does unfortunately return an error in this case ("transfer closed transfer closed with - // ... bytes remaining to read") this can be circumvented by explicitly telling cURL to ignore the - // response body - $curlSettings[CURLOPT_NOBODY] = true; - $curlSettings[CURLOPT_CUSTOMREQUEST] = 'HEAD'; - break; - - default: - $curlSettings[CURLOPT_CUSTOMREQUEST] = $method; - break; - - } - - // Adding HTTP headers - $nHeaders = array(); - foreach($headers as $key=>$value) { - - $nHeaders[] = $key . ': ' . $value; - - } - $curlSettings[CURLOPT_HTTPHEADER] = $nHeaders; - - if ($this->proxy) { - $curlSettings[CURLOPT_PROXY] = $this->proxy; - } - - if ($this->userName && $this->authType) { - $curlType = 0; - if ($this->authType & self::AUTH_BASIC) { - $curlType |= CURLAUTH_BASIC; - } - if ($this->authType & self::AUTH_DIGEST) { - $curlType |= CURLAUTH_DIGEST; - } - $curlSettings[CURLOPT_HTTPAUTH] = $curlType; - $curlSettings[CURLOPT_USERPWD] = $this->userName . ':' . $this->password; - } - - list( - $response, - $curlInfo, - $curlErrNo, - $curlError - ) = $this->curlRequest($url, $curlSettings); - - $headerBlob = substr($response, 0, $curlInfo['header_size']); - $response = substr($response, $curlInfo['header_size']); - - // In the case of 100 Continue, or redirects we'll have multiple lists - // of headers for each separate HTTP response. We can easily split this - // because they are separated by \r\n\r\n - $headerBlob = explode("\r\n\r\n", trim($headerBlob, "\r\n")); - - // We only care about the last set of headers - $headerBlob = $headerBlob[count($headerBlob)-1]; - - // Splitting headers - $headerBlob = explode("\r\n", $headerBlob); - - $headers = array(); - foreach($headerBlob as $header) { - $parts = explode(':', $header, 2); - if (count($parts)==2) { - $headers[strtolower(trim($parts[0]))] = trim($parts[1]); - } - } - - $response = array( - 'body' => $response, - 'statusCode' => $curlInfo['http_code'], - 'headers' => $headers - ); - - if ($curlErrNo) { - throw new Sabre_DAV_Exception('[CURL] Error while making request: ' . $curlError . ' (error code: ' . $curlErrNo . ')'); - } - - if ($response['statusCode']>=400) { - switch ($response['statusCode']) { - case 404: - throw new Sabre_DAV_Exception_NotFound('Resource ' . $url . ' not found.'); - break; - - default: - throw new Sabre_DAV_Exception('HTTP error response. (errorcode ' . $response['statusCode'] . ')'); - } - } - - return $response; - - } -}
\ No newline at end of file diff --git a/lib/connector/sabre/maintenanceplugin.php b/lib/connector/sabre/maintenanceplugin.php new file mode 100644 index 00000000000..329fa4443ad --- /dev/null +++ b/lib/connector/sabre/maintenanceplugin.php @@ -0,0 +1,56 @@ +<?php + +/** + * ownCloud + * + * @author Thomas Müller + * @copyright 2013 Thomas Müller <thomas.mueller@tmit.eu> + * + * @license AGPL3 + */ + +require 'ServiceUnavailable.php'; + +class OC_Connector_Sabre_MaintenancePlugin extends Sabre_DAV_ServerPlugin +{ + + /** + * Reference to main server object + * + * @var Sabre_DAV_Server + */ + private $server; + + /** + * This initializes the plugin. + * + * This function is called by Sabre_DAV_Server, after + * addPlugin is called. + * + * This method should set up the required event subscriptions. + * + * @param Sabre_DAV_Server $server + * @return void + */ + public function initialize(Sabre_DAV_Server $server) { + + $this->server = $server; + $this->server->subscribeEvent('beforeMethod', array($this, 'checkMaintenanceMode'), 10); + } + + /** + * This method is called before any HTTP method and returns http status code 503 + * in case the system is in maintenance mode. + * + * @throws Sabre_DAV_Exception_ServiceUnavailable + * @internal param string $method + * @return bool + */ + public function checkMaintenanceMode() { + if (OC_Config::getValue('maintenance', false)) { + throw new Sabre_DAV_Exception_ServiceUnavailable(); + } + + return true; + } +} diff --git a/lib/helper.php b/lib/helper.php index 1aba2a38100..e7c9ac8015d 100644 --- a/lib/helper.php +++ b/lib/helper.php @@ -625,37 +625,17 @@ class OC_Helper { return $newpath; } - /* - * checks if $sub is a subdirectory of $parent + /** + * @brief Checks if $sub is a subdirectory of $parent * * @param string $sub * @param string $parent * @return bool */ public static function issubdirectory($sub, $parent) { - if($sub == null || $sub == '' || $parent == null || $parent == '') { - return false; - } - $realpath_sub = realpath($sub); - $realpath_parent = realpath($parent); - if(($realpath_sub == false && substr_count($realpath_sub, './') != 0) || ($realpath_parent == false && substr_count($realpath_parent, './') != 0)) { //it checks for both ./ and ../ - return false; - } - if($realpath_sub && $realpath_sub != '' && $realpath_parent && $realpath_parent != '') { - if(substr($realpath_sub, 0, strlen($realpath_parent)) == $realpath_parent) { - return true; - } - }else{ - if(substr($sub, 0, strlen($parent)) == $parent) { - return true; - } + if (strpos(realpath($sub), realpath($parent)) === 0) { + return true; } - /*echo 'SUB: ' . $sub . "\n"; - echo 'PAR: ' . $parent . "\n"; - echo 'REALSUB: ' . $realpath_sub . "\n"; - echo 'REALPAR: ' . $realpath_parent . "\n"; - echo substr($realpath_sub, 0, strlen($realpath_parent)); - exit;*/ return false; } diff --git a/lib/json.php b/lib/json.php index 204430411c0..c87de3e200b 100644 --- a/lib/json.php +++ b/lib/json.php @@ -57,9 +57,7 @@ class OC_JSON{ * Check if the user is a admin, send json error msg if not */ public static function checkAdminUser() { - self::checkLoggedIn(); - self::verifyUser(); - if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) { + if( !OC_User::isAdminUser(OC_User::getUser())) { $l = OC_L10N::get('lib'); self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); exit(); @@ -70,27 +68,12 @@ class OC_JSON{ * Check if the user is a subadmin, send json error msg if not */ public static function checkSubAdminUser() { - self::checkLoggedIn(); - self::verifyUser(); - if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) { + if(!OC_SubAdmin::isSubAdmin(OC_User::getUser())) { $l = OC_L10N::get('lib'); self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); exit(); } } - - /** - * Check if the user verified the login with his password - */ - public static function verifyUser() { - if(OC_Config::getValue('enhancedauth', false) === true) { - if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { - $l = OC_L10N::get('lib'); - self::error(array( 'data' => array( 'message' => $l->t('Authentication error') ))); - exit(); - } - } - } /** * Send json error msg diff --git a/lib/l10n/bg_BG.php b/lib/l10n/bg_BG.php index 3eb0660d944..31f37458b81 100644 --- a/lib/l10n/bg_BG.php +++ b/lib/l10n/bg_BG.php @@ -1,4 +1,34 @@ <?php $TRANSLATIONS = array( -"Personal" => "Лично", -"Authentication error" => "Проблем с идентификацията" +"Help" => "Помощ", +"Personal" => "Лични", +"Settings" => "Настройки", +"Users" => "Потребители", +"Apps" => "Приложения", +"Admin" => "Админ", +"ZIP download is turned off." => "Изтеглянето като ZIP е изключено.", +"Files need to be downloaded one by one." => "Файловете трябва да се изтеглят един по един.", +"Back to Files" => "Назад към файловете", +"Selected files too large to generate zip file." => "Избраните файлове са прекалено големи за генерирането на ZIP архив.", +"Application is not enabled" => "Приложението не е включено.", +"Authentication error" => "Възникна проблем с идентификацията", +"Token expired. Please reload page." => "Ключът е изтекъл, моля презаредете страницата", +"Files" => "Файлове", +"Text" => "Текст", +"Images" => "Снимки", +"seconds ago" => "преди секунди", +"1 minute ago" => "преди 1 минута", +"%d minutes ago" => "преди %d минути", +"1 hour ago" => "преди 1 час", +"%d hours ago" => "преди %d часа", +"today" => "днес", +"yesterday" => "вчера", +"%d days ago" => "преди %d дни", +"last month" => "последният месец", +"%d months ago" => "преди %d месеца", +"last year" => "последната година", +"years ago" => "последните години", +"%s is available. Get <a href=\"%s\">more information</a>" => "%s е налична. Получете <a href=\"%s\">повече информация</a>", +"up to date" => "е актуална", +"updates check is disabled" => "проверката за обновления е изключена", +"Could not find category \"%s\"" => "Невъзможно откриване на категорията \"%s\"" ); diff --git a/lib/l10n/bn_BD.php b/lib/l10n/bn_BD.php index 275d3c0f05c..cb6ff4455a9 100644 --- a/lib/l10n/bn_BD.php +++ b/lib/l10n/bn_BD.php @@ -2,17 +2,28 @@ "Help" => "সহায়িকা", "Personal" => "ব্যক্তিগত", "Settings" => "নিয়ামকসমূহ", -"Users" => "ব্যবহারকারিবৃন্দ", -"Apps" => "অ্যাপস", +"Users" => "ব্যভহারকারী", +"Apps" => "অ্যাপ", "Admin" => "প্রশাসক", -"Authentication error" => "নিশ্চিতকরণে সমস্যা দেখা দিয়েছে", +"ZIP download is turned off." => "ZIP ডাউনলোড বন্ধ করা আছে।", +"Files need to be downloaded one by one." => "ফাইলগুলো একে একে ডাউনলোড করা আবশ্যক।", +"Back to Files" => "ফাইলে ফিরে চল", +"Selected files too large to generate zip file." => "নির্বাচিত ফাইলগুলো এতই বৃহৎ যে জিপ ফাইল তৈরী করা সম্ভব নয়।", +"Application is not enabled" => "অ্যাপ্লিকেসনটি সক্রিয় নয়", +"Authentication error" => "অনুমোদন ঘটিত সমস্যা", +"Token expired. Please reload page." => "টোকেন মেয়াদোত্তীর্ণ। দয়া করে পৃষ্ঠাটি পূনরায় লোড করুন।", "Files" => "ফাইল", "seconds ago" => "সেকেন্ড পূর্বে", -"1 minute ago" => "1 মিনিট পূর্বে", +"1 minute ago" => "১ মিনিট পূর্বে", +"%d minutes ago" => "%d মিনিট পূর্বে", "1 hour ago" => "1 ঘন্টা পূর্বে", "today" => "আজ", "yesterday" => "গতকাল", -"last month" => "গতমাস", +"%d days ago" => "%d দিন পূর্বে", +"last month" => "গত মাস", "last year" => "গত বছর", -"years ago" => "বছর পূর্বে" +"years ago" => "বছর পূর্বে", +"%s is available. Get <a href=\"%s\">more information</a>" => "%s এখন সুলভ। <a href=\"%s\">আরও জানুন</a>", +"up to date" => "সর্বশেষ", +"updates check is disabled" => "পরিবর্ধন পরীক্ষণ করা বন্ধ রাখা হয়েছে" ); diff --git a/lib/l10n/id.php b/lib/l10n/id.php index e31b4caf4f5..8f0e38123b6 100644 --- a/lib/l10n/id.php +++ b/lib/l10n/id.php @@ -12,17 +12,23 @@ "Application is not enabled" => "aplikasi tidak diaktifkan", "Authentication error" => "autentikasi bermasalah", "Token expired. Please reload page." => "token kadaluarsa.mohon perbaharui laman.", +"Files" => "Berkas", "Text" => "teks", +"Images" => "Gambar", "seconds ago" => "beberapa detik yang lalu", "1 minute ago" => "1 menit lalu", "%d minutes ago" => "%d menit lalu", +"1 hour ago" => "1 jam yang lalu", +"%d hours ago" => "%d jam yang lalu", "today" => "hari ini", "yesterday" => "kemarin", "%d days ago" => "%d hari lalu", "last month" => "bulan kemarin", +"%d months ago" => "%d bulan yang lalu", "last year" => "tahun kemarin", "years ago" => "beberapa tahun lalu", "%s is available. Get <a href=\"%s\">more information</a>" => "%s tersedia. dapatkan <a href=\"%s\"> info lebih lanjut</a>", "up to date" => "terbaru", -"updates check is disabled" => "pengecekan pembaharuan sedang non-aktifkan" +"updates check is disabled" => "pengecekan pembaharuan sedang non-aktifkan", +"Could not find category \"%s\"" => "Tidak dapat menemukan kategori \"%s\"" ); diff --git a/lib/migrate.php b/lib/migrate.php index 8fabbbca927..87bdd016fe4 100644 --- a/lib/migrate.php +++ b/lib/migrate.php @@ -219,7 +219,7 @@ class OC_Migrate{ // We need to be an admin if we are not importing our own data if(($type == 'user' && self::$uid != $currentuser) || $type != 'user' ) { - if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) { + if( !OC_User::isAdminUser($currentuser)) { // Naughty. OC_Log::write( 'migration', 'Import not permitted.', OC_Log::ERROR ); return json_encode( array( 'success' => false ) ); diff --git a/lib/ocs/cloud.php b/lib/ocs/cloud.php index da77756822e..faafe9a62dd 100644 --- a/lib/ocs/cloud.php +++ b/lib/ocs/cloud.php @@ -40,7 +40,7 @@ class OC_OCS_Cloud { public static function getUserQuota($parameters) { $user = OC_User::getUser(); - if(OC_Group::inGroup($user, 'admin') or ($user==$parameters['user'])) { + if(OC_User::isAdminUser($user) or ($user==$parameters['user'])) { if(OC_User::userExists($parameters['user'])) { // calculate the disc space @@ -82,7 +82,7 @@ class OC_OCS_Cloud { public static function getUserPrivatekey($parameters) { $user = OC_User::getUser(); - if(OC_Group::inGroup($user, 'admin') or ($user==$parameters['user'])) { + if(OC_User::isAdminUser($user) or ($user==$parameters['user'])) { if(OC_User::userExists($user)) { // calculate the disc space diff --git a/lib/public/share.php b/lib/public/share.php index 7d8bfe6a5ed..7ed1c42490d 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -37,7 +37,8 @@ class Share { const SHARE_TYPE_REMOTE = 6; /** CRUDS permissions (Create, Read, Update, Delete, Share) using a bitmask - * Construct permissions for share() and setPermissions with Or (|) e.g. Give user read and update permissions: PERMISSION_READ | PERMISSION_UPDATE + * Construct permissions for share() and setPermissions with Or (|) + * e.g. Give user read and update permissions: PERMISSION_READ | PERMISSION_UPDATE * Check if permission is granted with And (&) e.g. Check if delete is granted: if ($permissions & PERMISSION_DELETE) * Remove permissions with And (&) and Not (~) e.g. Remove the update permission: $permissions &= ~PERMISSION_UPDATE * Apps are required to handle permissions on their own, this class only stores and manages the permissions of shares @@ -66,14 +67,17 @@ class Share { public static function registerBackend($itemType, $class, $collectionOf = null, $supportedFileExtensions = null) { if (self::isEnabled()) { if (!isset(self::$backendTypes[$itemType])) { - self::$backendTypes[$itemType] = array('class' => $class, 'collectionOf' => $collectionOf, 'supportedFileExtensions' => $supportedFileExtensions); + self::$backendTypes[$itemType] = array('class' => $class, + 'collectionOf' => $collectionOf, + 'supportedFileExtensions' => $supportedFileExtensions); if(count(self::$backendTypes) === 1) { \OC_Util::addScript('core', 'share'); \OC_Util::addStyle('core', 'share'); } return true; } - \OC_Log::write('OCP\Share', 'Sharing backend '.$class.' not registered, '.self::$backendTypes[$itemType]['class'].' is already registered for '.$itemType, \OC_Log::WARN); + \OC_Log::write('OCP\Share', 'Sharing backend '.$class.' not registered, ' + .self::$backendTypes[$itemType]['class'].' is already registered for '.$itemType, \OC_Log::WARN); } return false; } @@ -99,8 +103,20 @@ class Share { * @param int Number of items to return (optional) Returns all by default * @return Return depends on format */ - public static function getItemsSharedWith($itemType, $format = self::FORMAT_NONE, $parameters = null, $limit = -1, $includeCollections = false) { - return self::getItems($itemType, null, self::$shareTypeUserAndGroups, \OC_User::getUser(), null, $format, $parameters, $limit, $includeCollections); + public static function getItemsSharedWith($itemType, + $format = self::FORMAT_NONE, + $parameters = null, + $limit = -1, + $includeCollections = false) { + return self::getItems($itemType, + null, + self::$shareTypeUserAndGroups, + \OC_User::getUser(), + null, + $format, + $parameters, + $limit, + $includeCollections); } /** @@ -110,8 +126,20 @@ class Share { * @param int Format (optional) Format type must be defined by the backend * @return Return depends on format */ - public static function getItemSharedWith($itemType, $itemTarget, $format = self::FORMAT_NONE, $parameters = null, $includeCollections = false) { - return self::getItems($itemType, $itemTarget, self::$shareTypeUserAndGroups, \OC_User::getUser(), null, $format, $parameters, 1, $includeCollections); + public static function getItemSharedWith($itemType, + $itemTarget, + $format = self::FORMAT_NONE, + $parameters = null, + $includeCollections = false) { + return self::getItems($itemType, + $itemTarget, + self::$shareTypeUserAndGroups, + \OC_User::getUser(), + null, + $format, + $parameters, + 1, + $includeCollections); } /** @@ -121,8 +149,20 @@ class Share { * @param int Format (optional) Format type must be defined by the backend * @return Return depends on format */ - public static function getItemSharedWithBySource($itemType, $itemSource, $format = self::FORMAT_NONE, $parameters = null, $includeCollections = false) { - return self::getItems($itemType, $itemSource, self::$shareTypeUserAndGroups, \OC_User::getUser(), null, $format, $parameters, 1, $includeCollections, true); + public static function getItemSharedWithBySource($itemType, + $itemSource, + $format = self::FORMAT_NONE, + $parameters = null, + $includeCollections = false) { + return self::getItems($itemType, + $itemSource, + self::$shareTypeUserAndGroups, + \OC_User::getUser(), + null, + $format, + $parameters, + 1, + $includeCollections, true); } /** @@ -133,7 +173,14 @@ class Share { * @return Item */ public static function getItemSharedWithByLink($itemType, $itemSource, $uidOwner) { - return self::getItems($itemType, $itemSource, self::SHARE_TYPE_LINK, null, $uidOwner, self::FORMAT_NONE, null, 1); + return self::getItems($itemType, + $itemSource, + self::SHARE_TYPE_LINK, + null, + $uidOwner, + self::FORMAT_NONE, + null, + 1); } /** @@ -142,7 +189,7 @@ class Share { * @return Item */ public static function getShareByToken($token) { - $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*share` WHERE `token` = ?',1); + $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*share` WHERE `token` = ?', 1); $result = $query->execute(array($token)); if (\OC_DB::isError($result)) { \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result) . ', token=' . $token, \OC_Log::ERROR); @@ -157,8 +204,20 @@ class Share { * @param int Number of items to return (optional) Returns all by default * @return Return depends on format */ - public static function getItemsShared($itemType, $format = self::FORMAT_NONE, $parameters = null, $limit = -1, $includeCollections = false) { - return self::getItems($itemType, null, null, null, \OC_User::getUser(), $format, $parameters, $limit, $includeCollections); + public static function getItemsShared($itemType, + $format = self::FORMAT_NONE, + $parameters = null, + $limit = -1, + $includeCollections = false) { + return self::getItems($itemType, + null, + null, + null, + \OC_User::getUser(), + $format, + $parameters, + $limit, + $includeCollections); } /** @@ -168,8 +227,20 @@ class Share { * @param int Format (optional) Format type must be defined by the backend * @return Return depends on format */ - public static function getItemShared($itemType, $itemSource, $format = self::FORMAT_NONE, $parameters = null, $includeCollections = false) { - return self::getItems($itemType, $itemSource, null, null, \OC_User::getUser(), $format, $parameters, -1, $includeCollections); + public static function getItemShared($itemType, + $itemSource, + $format = self::FORMAT_NONE, + $parameters = null, + $includeCollections = false) { + return self::getItems($itemType, + $itemSource, + null, + null, + \OC_User::getUser(), + $format, + $parameters, + -1, + $includeCollections); } /** @@ -199,14 +270,26 @@ class Share { if ($sharingPolicy == 'groups_only') { $inGroup = array_intersect(\OC_Group::getUserGroups($uidOwner), \OC_Group::getUserGroups($shareWith)); if (empty($inGroup)) { - $message = 'Sharing '.$itemSource.' failed, because the user '.$shareWith.' is not a member of any groups that '.$uidOwner.' is a member of'; + $message = 'Sharing '.$itemSource.' failed, because the user '.$shareWith.' is not a member' + .' of any groups that '.$uidOwner.' is a member of'; \OC_Log::write('OCP\Share', $message, \OC_Log::ERROR); throw new \Exception($message); } } // Check if the item source is already shared with the user, either from the same owner or a different user - if ($checkExists = self::getItems($itemType, $itemSource, self::$shareTypeUserAndGroups, $shareWith, null, self::FORMAT_NONE, null, 1, true, true)) { - // Only allow the same share to occur again if it is the same owner and is not a user share, this use case is for increasing permissions for a specific user + $checkExists = self::getItems($itemType, + $itemSource, + self::$shareTypeUserAndGroups, + $shareWith, + null, + self::FORMAT_NONE, + null, + 1, + true, + true); + if ($checkExists) { + // Only allow the same share to occur again if it is the same owner and is not a user share, + // this use case is for increasing permissions for a specific user if ($checkExists['uid_owner'] != $uidOwner || $checkExists['share_type'] == $shareType) { $message = 'Sharing '.$itemSource.' failed, because this item is already shared with '.$shareWith; \OC_Log::write('OCP\Share', $message, \OC_Log::ERROR); @@ -220,14 +303,26 @@ class Share { throw new \Exception($message); } if ($sharingPolicy == 'groups_only' && !\OC_Group::inGroup($uidOwner, $shareWith)) { - $message = 'Sharing '.$itemSource.' failed, because '.$uidOwner.' is not a member of the group '.$shareWith; + $message = 'Sharing '.$itemSource.' failed, because '.$uidOwner + .' is not a member of the group '.$shareWith; \OC_Log::write('OCP\Share', $message, \OC_Log::ERROR); throw new \Exception($message); } // Check if the item source is already shared with the group, either from the same owner or a different user // The check for each user in the group is done inside the put() function - if ($checkExists = self::getItems($itemType, $itemSource, self::SHARE_TYPE_GROUP, $shareWith, null, self::FORMAT_NONE, null, 1, true, true)) { - // Only allow the same share to occur again if it is the same owner and is not a group share, this use case is for increasing permissions for a specific user + $checkExists = self::getItems($itemType, + $itemSource, + self::SHARE_TYPE_GROUP, + $shareWith, + null, + self::FORMAT_NONE, + null, + 1, + true, + true); + if ($checkExists) { + // Only allow the same share to occur again if it is the same owner and is not a group share, + // this use case is for increasing permissions for a specific user if ($checkExists['uid_owner'] != $uidOwner || $checkExists['share_type'] == $shareType) { $message = 'Sharing '.$itemSource.' failed, because this item is already shared with '.$shareWith; \OC_Log::write('OCP\Share', $message, \OC_Log::ERROR); @@ -242,7 +337,15 @@ class Share { } else if ($shareType === self::SHARE_TYPE_LINK) { if (\OC_Appconfig::getValue('core', 'shareapi_allow_links', 'yes') == 'yes') { // when updating a link share - if ($checkExists = self::getItems($itemType, $itemSource, self::SHARE_TYPE_LINK, null, $uidOwner, self::FORMAT_NONE, null, 1)) { + $checkExists = self::getItems($itemType, + $itemSource, + self::SHARE_TYPE_LINK, + null, + $uidOwner, + self::FORMAT_NONE, + null, + 1); + if ($checkExists) { // remember old token $oldToken = $checkExists['token']; //delete the old share @@ -262,7 +365,14 @@ class Share { } else { $token = \OC_Util::generate_random_bytes(self::TOKEN_LENGTH); } - $result = self::put($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions, null, $token); + $result = self::put($itemType, + $itemSource, + $shareType, + $shareWith, + $uidOwner, + $permissions, + null, + $token); if ($result) { return $token; } else { @@ -305,19 +415,26 @@ class Share { if ($parentFolder && $files = \OC_Files::getDirectoryContent($itemSource)) { for ($i = 0; $i < count($files); $i++) { $name = substr($files[$i]['name'], strpos($files[$i]['name'], $itemSource) - strlen($itemSource)); - if ($files[$i]['mimetype'] == 'httpd/unix-directory' && $children = \OC_Files::getDirectoryContent($name, '/')) { + if ($files[$i]['mimetype'] == 'httpd/unix-directory' + && $children = \OC_Files::getDirectoryContent($name, '/') + ) { // Continue scanning into child folders array_push($files, $children); } else { // Check file extension for an equivalent item type to convert to $extension = strtolower(substr($itemSource, strrpos($itemSource, '.') + 1)); foreach (self::$backends as $type => $backend) { - if (isset($backend->dependsOn) && $backend->dependsOn == 'file' && isset($backend->supportedFileExtensions) && in_array($extension, $backend->supportedFileExtensions)) { + if (isset($backend->dependsOn) + && $backend->dependsOn == 'file' + && isset($backend->supportedFileExtensions) + && in_array($extension, $backend->supportedFileExtensions) + ) { $itemType = $type; break; } } - // Pass on to put() to check if this item should be converted, the item won't be inserted into the database unless it can be converted + // Pass on to put() to check if this item should be converted, + // the item won't be inserted into the database unless it can be converted self::put($itemType, $name, $shareType, $shareWith, $uidOwner, $permissions, $parentFolder); } } @@ -339,7 +456,15 @@ class Share { * @return Returns true on success or false on failure */ public static function unshare($itemType, $itemSource, $shareType, $shareWith) { - if ($item = self::getItems($itemType, $itemSource, $shareType, $shareWith, \OC_User::getUser(), self::FORMAT_NONE, null, 1)) { + $item = self::getItems($itemType, + $itemSource, + $shareType, + $shareWith, + \OC_User::getUser(), + self::FORMAT_NONE, + null, + 1); + if ($item) { self::delete($item['id']); return true; } @@ -353,7 +478,8 @@ class Share { * @return Returns true on success or false on failure */ public static function unshareAll($itemType, $itemSource) { - if ($shares = self::getItemShared($itemType, $itemSource)) { + $shares = self::getItemShared($itemType, $itemSource); + if ($shares) { foreach ($shares as $share) { self::delete($share['id']); } @@ -372,11 +498,27 @@ class Share { * */ public static function unshareFromSelf($itemType, $itemTarget) { - if ($item = self::getItemSharedWith($itemType, $itemTarget)) { + $item = self::getItemSharedWith($itemType, $itemTarget); + if ($item) { if ((int)$item['share_type'] === self::SHARE_TYPE_GROUP) { - // Insert an extra row for the group share and set permission to 0 to prevent it from showing up for the user - $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` (`item_type`, `item_source`, `item_target`, `parent`, `share_type`, `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`, `file_target`) VALUES (?,?,?,?,?,?,?,?,?,?,?)'); - $query->execute(array($item['item_type'], $item['item_source'], $item['item_target'], $item['id'], self::$shareTypeGroupUserUnique, \OC_User::getUser(), $item['uid_owner'], 0, $item['stime'], $item['file_source'], $item['file_target'])); + // Insert an extra row for the group share and set permission to 0 + // to prevent it from showing up for the user + $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` (' + .'`item_type`, `item_source`, `item_target`, `parent`, `share_type`, `share_with`, ' + .'`uid_owner`, `permissions`, `stime`, `file_source`, `file_target`' + .') VALUES (?,?,?,?,?,?,?,?,?,?,?)'); + $query->execute(array( + $item['item_type'], + $item['item_source'], + $item['item_target'], + $item['id'], + self::$shareTypeGroupUserUnique, + \OC_User::getUser(), + $item['uid_owner'], + 0, + $item['stime'], + $item['file_source'], + $item['file_target'])); \OC_DB::insertid('*PREFIX*share'); // Delete all reshares by this user of the group share self::delete($item['id'], true, \OC_User::getUser()); @@ -403,13 +545,24 @@ class Share { * @return Returns true on success or false on failure */ public static function setPermissions($itemType, $itemSource, $shareType, $shareWith, $permissions) { - if ($item = self::getItems($itemType, $itemSource, $shareType, $shareWith, \OC_User::getUser(), self::FORMAT_NONE, null, 1, false)) { - // Check if this item is a reshare and verify that the permissions granted don't exceed the parent shared item + $item = self::getItems($itemType, + $itemSource, + $shareType, + $shareWith, + \OC_User::getUser(), + self::FORMAT_NONE, + null, + 1, + false); + if ($item) { + // Check if this item is a reshare and + // verify that the permissions granted don't exceed the parent shared item if (isset($item['parent'])) { $query = \OC_DB::prepare('SELECT `permissions` FROM `*PREFIX*share` WHERE `id` = ?', 1); $result = $query->execute(array($item['parent']))->fetchRow(); if (~(int)$result['permissions'] & $permissions) { - $message = 'Setting permissions for '.$itemSource.' failed, because the permissions exceed permissions granted to '.\OC_User::getUser(); + $message = 'Setting permissions for '.$itemSource.' failed, ' + .'because the permissions exceed permissions granted to '.\OC_User::getUser(); \OC_Log::write('OCP\Share', $message, \OC_Log::ERROR); throw new \Exception($message); } @@ -426,9 +579,12 @@ class Share { $parents = array($item['id']); while (!empty($parents)) { $parents = "'".implode("','", $parents)."'"; - $query = \OC_DB::prepare('SELECT `id`, `permissions` FROM `*PREFIX*share` WHERE `parent` IN ('.$parents.')'); + $query = \OC_DB::prepare('SELECT `id`, `permissions`' + .' FROM `*PREFIX*share`' + .' WHERE `parent` IN ('.$parents.')'); $result = $query->execute(); - // Reset parents array, only go through loop again if items are found that need permissions removed + // Reset parents array, + // only go through loop again if items are found that need permissions removed $parents = array(); while ($item = $result->fetchRow()) { // Check if permissions need to be removed @@ -442,7 +598,9 @@ class Share { // Remove the permissions for all reshares of this item if (!empty($ids)) { $ids = "'".implode("','", $ids)."'"; - $query = \OC_DB::prepare('UPDATE `*PREFIX*share` SET `permissions` = `permissions` & ? WHERE `id` IN ('.$ids.')'); + $query = \OC_DB::prepare('UPDATE `*PREFIX*share`' + .' SET `permissions` = `permissions` & ?' + .' WHERE `id` IN ('.$ids.')'); $query->execute(array($permissions)); } } @@ -455,7 +613,16 @@ class Share { } public static function setExpirationDate($itemType, $itemSource, $date) { - if ($items = self::getItems($itemType, $itemSource, null, null, \OC_User::getUser(), self::FORMAT_NONE, null, -1, false)) { + $items = self::getItems($itemType, + $itemSource, + null, + null, + \OC_User::getUser(), + self::FORMAT_NONE, + null, + -1, + false); + if ($items) { if (!empty($items)) { if ($date == '') { $date = null; @@ -517,7 +684,8 @@ class Share { if (!self::getBackend($itemType) instanceof Share_Backend_Collection) { unset($collectionTypes[0]); } - // Return array if collections were found or the item type is a collection itself - collections can be inside collections + // Return array if collections were found or the item type is a collection itself + // - collections can be inside collections if (count($collectionTypes) > 0) { return $collectionTypes; } @@ -528,7 +696,8 @@ class Share { * @brief Get shared items from the database * @param string Item type * @param string Item source or target (optional) - * @param int SHARE_TYPE_USER, SHARE_TYPE_GROUP, SHARE_TYPE_LINK, $shareTypeUserAndGroups, or $shareTypeGroupUserUnique + * @param int SHARE_TYPE_USER, SHARE_TYPE_GROUP, SHARE_TYPE_LINK, + * $shareTypeUserAndGroups, or $shareTypeGroupUserUnique * @param string User or group the item is being shared with * @param string User that is the owner of shared items (optional) * @param int Format to convert items to with formatItems() @@ -540,7 +709,16 @@ class Share { * See public functions getItem(s)... for parameter usage * */ - private static function getItems($itemType, $item = null, $shareType = null, $shareWith = null, $uidOwner = null, $format = self::FORMAT_NONE, $parameters = null, $limit = -1, $includeCollections = false, $itemShareWithBySource = false) { + private static function getItems($itemType, + $item = null, + $shareType = null, + $shareWith = null, + $uidOwner = null, + $format = self::FORMAT_NONE, + $parameters = null, + $limit = -1, + $includeCollections = false, + $itemShareWithBySource = false) { if (!self::isEnabled()) { if ($limit == 1 || (isset($uidOwner) && isset($item))) { return false; @@ -549,7 +727,8 @@ class Share { } } $backend = self::getBackend($itemType); - // Get filesystem root to add it to the file target and remove from the file source, match file_source with the file cache + // Get filesystem root to add it to the file target and remove from the file source, + // match file_source with the file cache if ($itemType == 'file' || $itemType == 'folder') { $root = \OC_Filesystem::getRoot(); $where = 'INNER JOIN `*PREFIX*fscache` ON `file_source` = `*PREFIX*fscache`.`id`'; @@ -652,7 +831,8 @@ class Share { } if ($limit != -1 && !$includeCollections) { if ($shareType == self::$shareTypeUserAndGroups) { - // Make sure the unique user target is returned if it exists, unique targets should follow the group share in the database + // Make sure the unique user target is returned if it exists, + // unique targets should follow the group share in the database // If the limit is not 1, the filtering can be done later $where .= ' ORDER BY `*PREFIX*share`.`id` DESC'; } @@ -668,23 +848,34 @@ class Share { // TODO Optimize selects if ($format == self::FORMAT_STATUSES) { if ($itemType == 'file' || $itemType == 'folder') { - $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, `file_source`, `path`, `expiration`'; + $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, ' + .'`share_type`, `file_source`, `path`, `expiration`'; } else { $select = '`id`, `item_type`, `item_source`, `parent`, `share_type`, `expiration`'; } } else { if (isset($uidOwner)) { if ($itemType == 'file' || $itemType == 'folder') { - $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `file_source`, `path`, `permissions`, `stime`, `expiration`, `token`'; + $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `share_type`, ' + .'`share_with`, `file_source`, `path`, `permissions`, `stime`, `expiration`, `token`'; } else { - $select = '`id`, `item_type`, `item_source`, `parent`, `share_type`, `share_with`, `permissions`, `stime`, `file_source`, `expiration`, `token`'; + $select = '`id`, `item_type`, `item_source`, `parent`, `share_type`, `share_with`, ' + .'`permissions`, `stime`, `file_source`, `expiration`, `token`'; } } else { if ($fileDependent) { - if (($itemType == 'file' || $itemType == 'folder') && $format == \OC_Share_Backend_File::FORMAT_FILE_APP || $format == \OC_Share_Backend_File::FORMAT_FILE_APP_ROOT) { - $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `uid_owner`, `share_type`, `share_with`, `file_source`, `path`, `file_target`, `permissions`, `expiration`, `name`, `ctime`, `mtime`, `mimetype`, `size`, `encrypted`, `versioned`, `writable`'; + if (($itemType == 'file' || $itemType == 'folder') + && $format == \OC_Share_Backend_File::FORMAT_FILE_APP + || $format == \OC_Share_Backend_File::FORMAT_FILE_APP_ROOT + ) { + $select = '`*PREFIX*share`.`id`, `item_type`, `*PREFIX*share`.`parent`, `uid_owner`, ' + .'`share_type`, `share_with`, `file_source`, `path`, `file_target`, `permissions`, ' + .'`expiration`, `name`, `ctime`, `mtime`, `mimetype`, `size`, `encrypted`, ' + .'`versioned`, `writable`'; } else { - $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`, `*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`, `file_source`, `path`, `file_target`, `permissions`, `stime`, `expiration`, `token`'; + $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`, ' + .'`*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`, `file_source`, ' + .'`path`, `file_target`, `permissions`, `stime`, `expiration`, `token`'; } } else { $select = '*'; @@ -695,7 +886,9 @@ class Share { $query = \OC_DB::prepare('SELECT '.$select.' FROM `*PREFIX*share` '.$where, $queryLimit); $result = $query->execute($queryArgs); if (\OC_DB::isError($result)) { - \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result) . ', select=' . $select . ' where=' . $where, \OC_Log::ERROR); + \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result) + . ', select=' . $select + . ' where=' . $where, \OC_Log::ERROR); } $items = array(); $targets = array(); @@ -712,7 +905,8 @@ class Share { } else if (!isset($uidOwner)) { // Check if the same target already exists if (isset($targets[$row[$column]])) { - // Check if the same owner shared with the user twice through a group and user share - this is allowed + // Check if the same owner shared with the user twice through a group and user share + // - this is allowed $id = $targets[$row[$column]]; if ($items[$id]['uid_owner'] == $row['uid_owner']) { // Switch to group share type to ensure resharing conditions aren't bypassed @@ -720,8 +914,11 @@ class Share { $items[$id]['share_type'] = self::SHARE_TYPE_GROUP; $items[$id]['share_with'] = $row['share_with']; } - // Switch ids if sharing permission is granted on only one share to ensure correct parent is used if resharing - if (~(int)$items[$id]['permissions'] & PERMISSION_SHARE && (int)$row['permissions'] & PERMISSION_SHARE) { + // Switch ids if sharing permission is granted on only one share + // to ensure correct parent is used if resharing + if (~(int)$items[$id]['permissions'] & PERMISSION_SHARE + && (int)$row['permissions'] & PERMISSION_SHARE + ) { $items[$row['id']] = $items[$id]; unset($items[$id]); $id = $row['id']; @@ -764,7 +961,9 @@ class Share { } // Check if this is a collection of the requested item type if ($includeCollections && $collectionTypes && in_array($row['item_type'], $collectionTypes)) { - if (($collectionBackend = self::getBackend($row['item_type'])) && $collectionBackend instanceof Share_Backend_Collection) { + if (($collectionBackend = self::getBackend($row['item_type'])) + && $collectionBackend instanceof Share_Backend_Collection + ) { // Collections can be inside collections, check if the item is a collection if (isset($item) && $row['item_type'] == $itemType && $row[$column] == $item) { $collectionItems[] = $row; @@ -856,10 +1055,18 @@ class Share { * @param bool|array Parent folder target (optional) * @return bool Returns true on success or false on failure */ - private static function put($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions, $parentFolder = null, $token = null) { + private static function put($itemType, + $itemSource, + $shareType, + $shareWith, + $uidOwner, + $permissions, + $parentFolder = null, + $token = null) { $backend = self::getBackend($itemType); // Check if this is a reshare - if ($checkReshare = self::getItemSharedWithBySource($itemType, $itemSource, self::FORMAT_NONE, null, true)) { + $checkReshare = self::getItemSharedWithBySource($itemType, $itemSource, self::FORMAT_NONE, null, true); + if ($checkReshare) { // Check if attempting to share back to owner if ($checkReshare['uid_owner'] == $shareWith && $shareType == self::SHARE_TYPE_USER) { $message = 'Sharing '.$itemSource.' failed, because the user '.$shareWith.' is the original sharer'; @@ -869,7 +1076,8 @@ class Share { // Check if share permissions is granted if ((int)$checkReshare['permissions'] & PERMISSION_SHARE) { if (~(int)$checkReshare['permissions'] & $permissions) { - $message = 'Sharing '.$itemSource.' failed, because the permissions exceed permissions granted to '.$uidOwner; + $message = 'Sharing '.$itemSource.' failed, ' + .'because the permissions exceed permissions granted to '.$uidOwner; \OC_Log::write('OCP\Share', $message, \OC_Log::ERROR); throw new \Exception($message); } else { @@ -891,7 +1099,8 @@ class Share { $suggestedItemTarget = null; $suggestedFileTarget = null; if (!$backend->isValidSource($itemSource, $uidOwner)) { - $message = 'Sharing '.$itemSource.' failed, because the sharing backend for '.$itemType.' could not find its source'; + $message = 'Sharing '.$itemSource.' failed, ' + .'because the sharing backend for '.$itemType.' could not find its source'; \OC_Log::write('OCP\Share', $message, \OC_Log::ERROR); throw new \Exception($message); } @@ -913,14 +1122,27 @@ class Share { $fileSource = null; } } - $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` (`item_type`, `item_source`, `item_target`, `parent`, `share_type`, `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`, `file_target`, `token`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?)'); + $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` (`item_type`, `item_source`, `item_target`, `parent`,' + .' `share_type`, `share_with`, `uid_owner`, `permissions`,' + .' `stime`, `file_source`, `file_target`, `token`' + .') VALUES (?,?,?,?,?,?,?,?,?,?,?,?)'); // Share with a group if ($shareType == self::SHARE_TYPE_GROUP) { - $groupItemTarget = self::generateTarget($itemType, $itemSource, $shareType, $shareWith['group'], $uidOwner, $suggestedItemTarget); + $groupItemTarget = self::generateTarget($itemType, + $itemSource, + $shareType, + $shareWith['group'], + $uidOwner, + $suggestedItemTarget); if (isset($fileSource)) { if ($parentFolder) { if ($parentFolder === true) { - $groupFileTarget = self::generateTarget('file', $filePath, $shareType, $shareWith['group'], $uidOwner, $suggestedFileTarget); + $groupFileTarget = self::generateTarget('file', + $filePath, + $shareType, + $shareWith['group'], + $uidOwner, + $suggestedFileTarget); // Set group default file target for future use $parentFolders[0]['folder'] = $groupFileTarget; } else { @@ -929,21 +1151,50 @@ class Share { $parent = $parentFolder[0]['id']; } } else { - $groupFileTarget = self::generateTarget('file', $filePath, $shareType, $shareWith['group'], $uidOwner, $suggestedFileTarget); + $groupFileTarget = self::generateTarget('file', + $filePath, + $shareType, + $shareWith['group'], + $uidOwner, + $suggestedFileTarget); } } else { $groupFileTarget = null; } - $query->execute(array($itemType, $itemSource, $groupItemTarget, $parent, $shareType, $shareWith['group'], $uidOwner, $permissions, time(), $fileSource, $groupFileTarget, $token)); + $query->execute(array( + $itemType, + $itemSource, + $groupItemTarget, + $parent, + $shareType, + $shareWith['group'], + $uidOwner, + $permissions, + time(), + $fileSource, + $groupFileTarget, + $token)); // Save this id, any extra rows for this group share will need to reference it $parent = \OC_DB::insertid('*PREFIX*share'); // Loop through all users of this group in case we need to add an extra row foreach ($shareWith['users'] as $uid) { - $itemTarget = self::generateTarget($itemType, $itemSource, self::SHARE_TYPE_USER, $uid, $uidOwner, $suggestedItemTarget, $parent); + $itemTarget = self::generateTarget($itemType, + $itemSource, + self::SHARE_TYPE_USER, + $uid, + $uidOwner, + $suggestedItemTarget, + $parent); if (isset($fileSource)) { if ($parentFolder) { if ($parentFolder === true) { - $fileTarget = self::generateTarget('file', $filePath, self::SHARE_TYPE_USER, $uid, $uidOwner, $suggestedFileTarget, $parent); + $fileTarget = self::generateTarget('file', + $filePath, + self::SHARE_TYPE_USER, + $uid, + $uidOwner, + $suggestedFileTarget, + $parent); if ($fileTarget != $groupFileTarget) { $parentFolders[$uid]['folder'] = $fileTarget; } @@ -952,7 +1203,13 @@ class Share { $parent = $parentFolder[$uid]['id']; } } else { - $fileTarget = self::generateTarget('file', $filePath, self::SHARE_TYPE_USER, $uid, $uidOwner, $suggestedFileTarget, $parent); + $fileTarget = self::generateTarget('file', + $filePath, + self::SHARE_TYPE_USER, + $uid, + $uidOwner, + $suggestedFileTarget, + $parent); } } else { $fileTarget = null; @@ -973,7 +1230,19 @@ class Share { )); // Insert an extra row for the group share if the item or file target is unique for this user if ($itemTarget != $groupItemTarget || (isset($fileSource) && $fileTarget != $groupFileTarget)) { - $query->execute(array($itemType, $itemSource, $itemTarget, $parent, self::$shareTypeGroupUserUnique, $uid, $uidOwner, $permissions, time(), $fileSource, $fileTarget, $token)); + $query->execute(array( + $itemType, + $itemSource, + $itemTarget, + $parent, + self::$shareTypeGroupUserUnique, + $uid, + $uidOwner, + $permissions, + time(), + $fileSource, + $fileTarget, + $token)); $id = \OC_DB::insertid('*PREFIX*share'); } } @@ -982,23 +1251,50 @@ class Share { return $parentFolders; } } else { - $itemTarget = self::generateTarget($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $suggestedItemTarget); + $itemTarget = self::generateTarget($itemType, + $itemSource, + $shareType, + $shareWith, + $uidOwner, + $suggestedItemTarget); if (isset($fileSource)) { if ($parentFolder) { if ($parentFolder === true) { - $fileTarget = self::generateTarget('file', $filePath, $shareType, $shareWith, $uidOwner, $suggestedFileTarget); + $fileTarget = self::generateTarget('file', + $filePath, + $shareType, + $shareWith, + $uidOwner, + $suggestedFileTarget); $parentFolders['folder'] = $fileTarget; } else { $fileTarget = $parentFolder['folder'].$itemSource; $parent = $parentFolder['id']; } } else { - $fileTarget = self::generateTarget('file', $filePath, $shareType, $shareWith, $uidOwner, $suggestedFileTarget); + $fileTarget = self::generateTarget('file', + $filePath, + $shareType, + $shareWith, + $uidOwner, + $suggestedFileTarget); } } else { $fileTarget = null; } - $query->execute(array($itemType, $itemSource, $itemTarget, $parent, $shareType, $shareWith, $uidOwner, $permissions, time(), $fileSource, $fileTarget, $token)); + $query->execute(array( + $itemType, + $itemSource, + $itemTarget, + $parent, + $shareType, + $shareWith, + $uidOwner, + $permissions, + time(), + $fileSource, + $fileTarget, + $token)); $id = \OC_DB::insertid('*PREFIX*share'); \OC_Hook::emit('OCP\Share', 'post_shared', array( 'itemType' => $itemType, @@ -1033,7 +1329,13 @@ class Share { * @param int The id of the parent group share (optional) * @return string Item target */ - private static function generateTarget($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $suggestedTarget = null, $groupParent = null) { + private static function generateTarget($itemType, + $itemSource, + $shareType, + $shareWith, + $uidOwner, + $suggestedTarget = null, + $groupParent = null) { $backend = self::getBackend($itemType); if ($shareType == self::SHARE_TYPE_LINK) { if (isset($suggestedTarget)) { @@ -1099,18 +1401,43 @@ class Share { // Find similar targets to improve backend's chances to generate a unqiue target if ($userAndGroups) { if ($column == 'file_target') { - $checkTargets = \OC_DB::prepare('SELECT `'.$column.'` FROM `*PREFIX*share` WHERE `item_type` IN (\'file\', \'folder\') AND `share_type` IN (?,?,?) AND `share_with` IN (\''.implode('\',\'', $userAndGroups).'\')'); - $result = $checkTargets->execute(array(self::SHARE_TYPE_USER, self::SHARE_TYPE_GROUP, self::$shareTypeGroupUserUnique)); + $checkTargets = \OC_DB::prepare('SELECT `'.$column.'`' + .' FROM `*PREFIX*share`' + .' WHERE `item_type` IN (\'file\', \'folder\')' + .' AND `share_type` IN (?,?,?)' + .' AND `share_with`' + .' IN (\''.implode('\',\'', $userAndGroups).'\')'); + $result = $checkTargets->execute(array( + self::SHARE_TYPE_USER, + self::SHARE_TYPE_GROUP, + self::$shareTypeGroupUserUnique)); } else { - $checkTargets = \OC_DB::prepare('SELECT `'.$column.'` FROM `*PREFIX*share` WHERE `item_type` = ? AND `share_type` IN (?,?,?) AND `share_with` IN (\''.implode('\',\'', $userAndGroups).'\')'); - $result = $checkTargets->execute(array($itemType, self::SHARE_TYPE_USER, self::SHARE_TYPE_GROUP, self::$shareTypeGroupUserUnique)); + $checkTargets = \OC_DB::prepare('SELECT `'.$column.'`' + .' FROM `*PREFIX*share`' + .' WHERE `item_type` = ?' + .' AND `share_type` IN (?,?,?)' + .' AND `share_with`' + .' IN (\''.implode('\',\'', $userAndGroups).'\')'); + $result = $checkTargets->execute(array( + $itemType, + self::SHARE_TYPE_USER, + self::SHARE_TYPE_GROUP, + self::$shareTypeGroupUserUnique)); } } else { if ($column == 'file_target') { - $checkTargets = \OC_DB::prepare('SELECT `'.$column.'` FROM `*PREFIX*share` WHERE `item_type` IN (\'file\', \'folder\') AND `share_type` = ? AND `share_with` = ?'); + $checkTargets = \OC_DB::prepare('SELECT `'.$column.'`' + .' FROM `*PREFIX*share`' + .' WHERE `item_type` IN (\'file\', \'folder\')' + .' AND `share_type` = ?' + .' AND `share_with` = ?'); $result = $checkTargets->execute(array(self::SHARE_TYPE_GROUP, $shareWith)); } else { - $checkTargets = \OC_DB::prepare('SELECT `'.$column.'` FROM `*PREFIX*share` WHERE `item_type` = ? AND `share_type` = ? AND `share_with` = ?'); + $checkTargets = \OC_DB::prepare('SELECT `'.$column.'`' + .' FROM `*PREFIX*share`' + .' WHERE `item_type` = ?' + .' AND `share_type` = ?' + .' AND `share_with` = ?'); $result = $checkTargets->execute(array($itemType, self::SHARE_TYPE_GROUP, $shareWith)); } } @@ -1138,21 +1465,43 @@ class Share { $parents = array($parent); while (!empty($parents)) { $parents = "'".implode("','", $parents)."'"; - // Check the owner on the first search of reshares, useful for finding and deleting the reshares by a single user of a group share + // Check the owner on the first search of reshares, + // useful for finding and deleting the reshares by a single user of a group share if (count($ids) == 1 && isset($uidOwner)) { - $query = \OC_DB::prepare('SELECT `id`, `uid_owner`, `item_type`, `item_target`, `parent` FROM `*PREFIX*share` WHERE `parent` IN ('.$parents.') AND `uid_owner` = ?'); + $query = \OC_DB::prepare('SELECT `id`, `uid_owner`, `item_type`, `item_target`, `parent`' + .' FROM `*PREFIX*share`' + .' WHERE `parent` IN ('.$parents.')' + .' AND `uid_owner` = ?'); $result = $query->execute(array($uidOwner)); } else { - $query = \OC_DB::prepare('SELECT `id`, `item_type`, `item_target`, `parent`, `uid_owner` FROM `*PREFIX*share` WHERE `parent` IN ('.$parents.')'); + $query = \OC_DB::prepare('SELECT `id`, `item_type`, `item_target`, `parent`, `uid_owner`' + .' FROM `*PREFIX*share`' + .' WHERE `parent` IN ('.$parents.')'); $result = $query->execute(); } // Reset parents array, only go through loop again if items are found $parents = array(); while ($item = $result->fetchRow()) { - // Search for a duplicate parent share, this occurs when an item is shared to the same user through a group and user or the same item is shared by different users + // Search for a duplicate parent share, + // this occurs when an item is shared to the same user through a group and user + // or the same item is shared by different users $userAndGroups = array_merge(array($item['uid_owner']), \OC_Group::getUserGroups($item['uid_owner'])); - $query = \OC_DB::prepare('SELECT `id`, `permissions` FROM `*PREFIX*share` WHERE `item_type` = ? AND `item_target` = ? AND `share_type` IN (?,?,?) AND `share_with` IN (\''.implode('\',\'', $userAndGroups).'\') AND `uid_owner` != ? AND `id` != ?'); - $duplicateParent = $query->execute(array($item['item_type'], $item['item_target'], self::SHARE_TYPE_USER, self::SHARE_TYPE_GROUP, self::$shareTypeGroupUserUnique, $item['uid_owner'], $item['parent']))->fetchRow(); + $query = \OC_DB::prepare('SELECT `id`, `permissions`' + .' FROM `*PREFIX*share`' + .' WHERE `item_type` = ?' + .' AND `item_target` = ?' + .' AND `share_type` IN (?,?,?)' + .' AND `share_with` IN (\''.implode('\',\'', $userAndGroups).'\')' + .' AND `uid_owner` != ?' + .' AND `id` != ?'); + $duplicateParent = $query->execute(array( + $item['item_type'], + $item['item_target'], + self::SHARE_TYPE_USER, + self::SHARE_TYPE_GROUP, + self::$shareTypeGroupUserUnique, + $item['uid_owner'], + $item['parent']))->fetchRow(); if ($duplicateParent) { // Change the parent to the other item id if share permission is granted if ($duplicateParent['permissions'] & PERMISSION_SHARE) { @@ -1181,7 +1530,10 @@ class Share { public static function post_deleteUser($arguments) { // Delete any items shared with the deleted user - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*share` WHERE `share_with` = ? AND `share_type` = ? OR `share_type` = ?'); + $query = \OC_DB::prepare('DELETE FROM `*PREFIX*share`' + .' WHERE `share_with` = ?' + .' AND `share_type` = ?' + .' OR `share_type` = ?'); $result = $query->execute(array($arguments['uid'], self::SHARE_TYPE_USER, self::$shareTypeGroupUserUnique)); // Delete any items the deleted user shared $query = \OC_DB::prepare('SELECT `id` FROM `*PREFIX*share` WHERE `uid_owner` = ?'); @@ -1195,21 +1547,46 @@ class Share { // Find the group shares and check if the user needs a unique target $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*share` WHERE `share_type` = ? AND `share_with` = ?'); $result = $query->execute(array(self::SHARE_TYPE_GROUP, $arguments['gid'])); - $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` (`item_type`, `item_source`, `item_target`, `parent`, `share_type`, `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`, `file_target`) VALUES (?,?,?,?,?,?,?,?,?,?,?)'); + $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` (`item_type`, `item_source`, `item_target`, `parent`,' + .' `share_type`, `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`,' + .' `file_target`)' + .' VALUES (?,?,?,?,?,?,?,?,?,?,?)'); while ($item = $result->fetchRow()) { if ($item['item_type'] == 'file' || $item['item_type'] == 'file') { $itemTarget = null; } else { - $itemTarget = self::generateTarget($item['item_type'], $item['item_source'], self::SHARE_TYPE_USER, $arguments['uid'], $item['uid_owner'], $item['item_target'], $item['id']); + $itemTarget = self::generateTarget($item['item_type'], + $item['item_source'], + self::SHARE_TYPE_USER, + $arguments['uid'], + $item['uid_owner'], + $item['item_target'], + $item['id']); } if (isset($item['file_source'])) { - $fileTarget = self::generateTarget($item['item_type'], $item['item_source'], self::SHARE_TYPE_USER, $arguments['uid'], $item['uid_owner'], $item['file_target'], $item['id']); + $fileTarget = self::generateTarget($item['item_type'], + $item['item_source'], + self::SHARE_TYPE_USER, + $arguments['uid'], + $item['uid_owner'], + $item['file_target'], + $item['id']); } else { $fileTarget = null; } // Insert an extra row for the group share if the item or file target is unique for this user if ($itemTarget != $item['item_target'] || $fileTarget != $item['file_target']) { - $query->execute(array($item['item_type'], $item['item_source'], $itemTarget, $item['id'], self::$shareTypeGroupUserUnique, $arguments['uid'], $item['uid_owner'], $item['permissions'], $item['stime'], $item['file_source'], $fileTarget)); + $query->execute(array($item['item_type'], + $item['item_source'], + $itemTarget, + $item['id'], + self::$shareTypeGroupUserUnique, + $arguments['uid'], + $item['uid_owner'], + $item['permissions'], + $item['stime'], + $item['file_source'], + $fileTarget)); \OC_DB::insertid('*PREFIX*share'); } } @@ -1217,8 +1594,15 @@ class Share { public static function post_removeFromGroup($arguments) { // TODO Don't call if user deleted? - $query = \OC_DB::prepare('SELECT `id`, `share_type` FROM `*PREFIX*share` WHERE (`share_type` = ? AND `share_with` = ?) OR (`share_type` = ? AND `share_with` = ?)'); - $result = $query->execute(array(self::SHARE_TYPE_GROUP, $arguments['gid'], self::$shareTypeGroupUserUnique, $arguments['uid'])); + $query = \OC_DB::prepare('SELECT `id`, `share_type`' + .' FROM `*PREFIX*share`' + .' WHERE (`share_type` = ? AND `share_with` = ?)' + .' OR (`share_type` = ? AND `share_with` = ?)'); + $result = $query->execute(array( + self::SHARE_TYPE_GROUP, + $arguments['gid'], + self::$shareTypeGroupUserUnique, + $arguments['uid'])); while ($item = $result->fetchRow()) { if ($item['share_type'] == self::SHARE_TYPE_GROUP) { // Delete all reshares by this user of the group share @@ -1275,10 +1659,13 @@ interface Share_Backend { * @param int Format * @return ? * - * The items array is a 3-dimensional array with the item_source as the first key and the share id as the second key to an array with the share info. + * The items array is a 3-dimensional array with the item_source as the first key + * and the share id as the second key to an array with the share info. * The key/value pairs included in the share info depend on the function originally called: - * If called by getItem(s)Shared: id, item_type, item, item_source, share_type, share_with, permissions, stime, file_source - * If called by getItem(s)SharedWith: id, item_type, item, item_source, item_target, share_type, share_with, permissions, stime, file_source, file_target + * If called by getItem(s)Shared: id, item_type, item, item_source, + * share_type, share_with, permissions, stime, file_source + * If called by getItem(s)SharedWith: id, item_type, item, item_source, + * item_target, share_type, share_with, permissions, stime, file_source, file_target * This function allows the backend to control the output of shared items with custom formats. * It is only called through calls to the public getItem(s)Shared(With) functions. */ @@ -1311,7 +1698,8 @@ interface Share_Backend_Collection extends Share_Backend { /** * @brief Get the sources of the children of the item * @param string Item source - * @return array Returns an array of children each inside an array with the keys: source, target, and file_path if applicable + * @return array Returns an array of children each inside an array with the keys: + * source, target, and file_path if applicable */ public function getChildren($itemSource); diff --git a/lib/router.php b/lib/router.php index 27e14c38abf..746b68c2c0c 100644 --- a/lib/router.php +++ b/lib/router.php @@ -49,6 +49,7 @@ class OC_Router { $files = $this->getRoutingFiles(); $files[] = 'settings/routes.php'; $files[] = 'core/routes.php'; + $files[] = 'ocs/routes.php'; $this->cache_key = OC_Cache::generateCacheKeyFromFiles($files); } return $this->cache_key; @@ -58,23 +59,6 @@ class OC_Router { * loads the api routes */ public function loadRoutes() { - - // TODO cache - $this->root = $this->getCollection('root'); - foreach(OC_APP::getEnabledApps() as $app){ - $file = OC_App::getAppPath($app).'/appinfo/routes.php'; - if(file_exists($file)){ - $this->useCollection($app); - require_once($file); - $collection = $this->getCollection($app); - $this->root->addCollection($collection, '/apps/'.$app); - } - } - // include ocs routes - require_once(OC::$SERVERROOT.'/ocs/routes.php'); - $collection = $this->getCollection('ocs'); - $this->root->addCollection($collection, '/ocs'); - foreach($this->getRoutingFiles() as $app => $file) { $this->useCollection($app); require_once $file; @@ -85,6 +69,10 @@ class OC_Router { require_once 'settings/routes.php'; require_once 'core/routes.php'; + // include ocs routes + require_once 'ocs/routes.php'; + $collection = $this->getCollection('ocs'); + $this->root->addCollection($collection, '/ocs'); } protected function getCollection($name) { diff --git a/lib/subadmin.php b/lib/subadmin.php index 9e83e6da430..8cda7240ac9 100644 --- a/lib/subadmin.php +++ b/lib/subadmin.php @@ -122,6 +122,11 @@ class OC_SubAdmin{ * @return bool */ public static function isSubAdmin($uid) { + // Check if the user is already an admin + if(OC_Group::inGroup($uid, 'admin' )) { + return true; + } + $stmt = OC_DB::prepare('SELECT COUNT(*) AS `count` FROM `*PREFIX*group_admin` WHERE `uid` = ?'); $result = $stmt->execute(array($uid)); $result = $result->fetchRow(); @@ -141,7 +146,7 @@ class OC_SubAdmin{ if(!self::isSubAdmin($subadmin)) { return false; } - if(OC_Group::inGroup($user, 'admin')) { + if(OC_User::isAdminUser($user)) { return false; } $accessiblegroups = self::getSubAdminsGroups($subadmin); diff --git a/lib/user.php b/lib/user.php index 80f88ca7052..8d4eb7aec4d 100644 --- a/lib/user.php +++ b/lib/user.php @@ -300,6 +300,19 @@ class OC_User { } /** + * @brief Check if the user is an admin user + * @param $uid uid of the admin + * @returns bool + */ + public static function isAdminUser($uid) { + if(OC_Group::inGroup($uid, 'admin' )) { + return true; + } + return false; + } + + + /** * @brief get the user id of the user currently logged in. * @return string uid or false */ diff --git a/lib/util.php b/lib/util.php index 7b1de094ead..374baa43dbe 100755 --- a/lib/util.php +++ b/lib/util.php @@ -342,10 +342,7 @@ class OC_Util { * Check if the user is a admin, redirects to home if not */ public static function checkAdminUser() { - // Check if we are a user - self::checkLoggedIn(); - self::verifyUser(); - if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) { + if( !OC_User::isAdminUser(OC_User::getUser())) { header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' )); exit(); } @@ -356,12 +353,6 @@ class OC_Util { * @return array $groups where the current user is subadmin */ public static function checkSubAdminUser() { - // Check if we are a user - self::checkLoggedIn(); - self::verifyUser(); - if(OC_Group::inGroup(OC_User::getUser(), 'admin')) { - return true; - } if(!OC_SubAdmin::isSubAdmin(OC_User::getUser())) { header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' )); exit(); @@ -370,40 +361,6 @@ class OC_Util { } /** - * Check if the user verified the login with his password in the last 15 minutes - * If not, the user will be shown a password verification page - */ - public static function verifyUser() { - if(OC_Config::getValue('enhancedauth', false) === true) { - // Check password to set session - if(isset($_POST['password'])) { - if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) { - $_SESSION['verifiedLogin']=time() + OC_Config::getValue('enhancedauthtime', 15 * 60); - } - } - - // Check if the user verified his password - if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { - OC_Template::printGuestPage("", "verify", array('username' => OC_User::getUser())); - exit(); - } - } - } - - /** - * Check if the user verified the login with his password - * @return bool - */ - public static function isUserVerified() { - if(OC_Config::getValue('enhancedauth', false) === true) { - if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) { - return false; - } - } - return true; - } - - /** * Redirect to the user default page */ public static function redirectToDefaultPage() { @@ -510,8 +467,11 @@ class OC_Util { * @return array with sanitized strings or a single sanitized string, depends on the input parameter. */ public static function sanitizeHTML( &$value ) { - if (is_array($value) || is_object($value)) array_walk_recursive($value, 'OC_Util::sanitizeHTML'); - else $value = htmlentities($value, ENT_QUOTES, 'UTF-8'); //Specify encoding for PHP<5.4 + if (is_array($value) || is_object($value)) { + array_walk_recursive($value, 'OC_Util::sanitizeHTML'); + } else { + $value = htmlentities($value, ENT_QUOTES, 'UTF-8'); //Specify encoding for PHP<5.4 + } return $value; } |