diff options
| author | Bjoern Schiessle <schiessle@owncloud.com> | 2012-06-05 15:29:59 +0200 |
|---|---|---|
| committer | Bjoern Schiessle <schiessle@owncloud.com> | 2012-06-05 15:29:59 +0200 |
| commit | edecc5bca3af674d3af8cd8506b5571146dc0357 (patch) | |
| tree | 58cd465141e67a9385836d78793e8b0d3715cfd5 /lib | |
| parent | 061abb88b568c4cdc35266fb8c32d1bfabcb8c8f (diff) | |
| parent | ae915577487e4d12adba3e30e9fe8f34221191d8 (diff) | |
| download | nextcloud-server-edecc5bca3af674d3af8cd8506b5571146dc0357.tar.gz nextcloud-server-edecc5bca3af674d3af8cd8506b5571146dc0357.zip | |
Merge branch 'master' of gitorious.org:owncloud/owncloud
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/base.php | 12 | ||||
| -rw-r--r-- | lib/group/backend.php | 12 | ||||
| -rw-r--r-- | lib/group/database.php | 22 | ||||
| -rw-r--r-- | lib/helper.php | 2 |
4 files changed, 25 insertions, 23 deletions
diff --git a/lib/base.php b/lib/base.php index bdfd05e8f1d..641005c57c6 100644 --- a/lib/base.php +++ b/lib/base.php @@ -367,16 +367,18 @@ class OC{ // CSRF protection if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer=''; - $protocol=OC_Helper::serverProtocol().'://'; + $refererhost=parse_url($referer); + if(isset($refererhost['host'])) $refererhost=$refererhost['host']; else $refererhost=''; + $server=OC_Helper::serverHost(); + $serverhost=explode(':',$server); + $serverhost=$serverhost['0']; if(!self::$CLI){ - $server=$protocol.OC_Helper::serverHost(); - if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) { - $url = $protocol.OC_Helper::serverProtocol().OC::$WEBROOT.'/index.php'; + if(($_SERVER['REQUEST_METHOD']=='POST') and ($refererhost<>$serverhost)) { + $url = OC_Helper::serverProtocol().'://'.$server.OC::$WEBROOT.'/index.php'; header("Location: $url"); exit(); } } - self::initSession(); self::initTemplateEngine(); self::checkUpgrade(); diff --git a/lib/group/backend.php b/lib/group/backend.php index 1b0b663f2ed..24778afd1e5 100644 --- a/lib/group/backend.php +++ b/lib/group/backend.php @@ -44,7 +44,7 @@ abstract class OC_Group_Backend { OC_GROUP_BACKEND_ADD_TO_GROUP => 'addToGroup', OC_GROUP_BACKEND_REMOVE_FROM_GOUP => 'removeFromGroup', ); - + /** * @brief Get all supported actions * @returns bitwise-or'ed actions @@ -62,7 +62,7 @@ abstract class OC_Group_Backend { return $actions; } - + /** * @brief Check if backend implements actions * @param $actions bitwise-or'ed actions @@ -83,7 +83,7 @@ abstract class OC_Group_Backend { * * Checks whether the user is member of a group or not. */ - public static function inGroup($uid, $gid){ + public function inGroup($uid, $gid){ return in_array($gid, $this->getUserGroups($uid)); } @@ -95,7 +95,7 @@ abstract class OC_Group_Backend { * This function fetches all groups a user belongs to. It does not check * if the user exists at all. */ - public static function getUserGroups($uid){ + public function getUserGroups($uid){ return array(); } @@ -105,7 +105,7 @@ abstract class OC_Group_Backend { * * Returns a list with all groups */ - public static function getGroups(){ + public function getGroups(){ return array(); } @@ -122,7 +122,7 @@ abstract class OC_Group_Backend { * @brief get a list of all users in a group * @returns array with user ids */ - public static function usersInGroup($gid){ + public function usersInGroup($gid){ return array(); } diff --git a/lib/group/database.php b/lib/group/database.php index af55de1f427..fb173665eb8 100644 --- a/lib/group/database.php +++ b/lib/group/database.php @@ -41,7 +41,7 @@ * Class for group management in a SQL Database (e.g. MySQL, SQLite) */ class OC_Group_Database extends OC_Group_Backend { - static private $userGroupCache=array(); + private $userGroupCache=array(); /** * @brief Try to create a new group @@ -51,7 +51,7 @@ class OC_Group_Database extends OC_Group_Backend { * Trys to create a new group. If the group name already exists, false will * be returned. */ - public static function createGroup( $gid ){ + public function createGroup( $gid ){ // Check for existence $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups` WHERE gid = ?" ); $result = $query->execute( array( $gid )); @@ -76,7 +76,7 @@ class OC_Group_Database extends OC_Group_Backend { * * Deletes a group and removes it from the group_user-table */ - public static function deleteGroup( $gid ){ + public function deleteGroup( $gid ){ // Delete the group $query = OC_DB::prepare( "DELETE FROM `*PREFIX*groups` WHERE gid = ?" ); $result = $query->execute( array( $gid )); @@ -96,7 +96,7 @@ class OC_Group_Database extends OC_Group_Backend { * * Checks whether the user is member of a group or not. */ - public static function inGroup( $uid, $gid ){ + public function inGroup( $uid, $gid ){ // check $query = OC_DB::prepare( "SELECT uid FROM `*PREFIX*group_user` WHERE gid = ? AND uid = ?" ); $result = $query->execute( array( $gid, $uid )); @@ -112,9 +112,9 @@ class OC_Group_Database extends OC_Group_Backend { * * Adds a user to a group. */ - public static function addToGroup( $uid, $gid ){ + public function addToGroup( $uid, $gid ){ // No duplicate entries! - if( !self::inGroup( $uid, $gid )){ + if( !$this->inGroup( $uid, $gid )){ $query = OC_DB::prepare( "INSERT INTO `*PREFIX*group_user` ( `uid`, `gid` ) VALUES( ?, ? )" ); $result = $query->execute( array( $uid, $gid )); return true; @@ -131,7 +131,7 @@ class OC_Group_Database extends OC_Group_Backend { * * removes the user from a group. */ - public static function removeFromGroup( $uid, $gid ){ + public function removeFromGroup( $uid, $gid ){ $query = OC_DB::prepare( "DELETE FROM *PREFIX*group_user WHERE uid = ? AND gid = ?" ); $result = $query->execute( array( $uid, $gid )); @@ -146,7 +146,7 @@ class OC_Group_Database extends OC_Group_Backend { * This function fetches all groups a user belongs to. It does not check * if the user exists at all. */ - public static function getUserGroups( $uid ){ + public function getUserGroups( $uid ){ // No magic! $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*group_user` WHERE uid = ?" ); $result = $query->execute( array( $uid )); @@ -165,7 +165,7 @@ class OC_Group_Database extends OC_Group_Backend { * * Returns a list with all groups */ - public static function getGroups(){ + public function getGroups(){ $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups`" ); $result = $query->execute(); @@ -176,12 +176,12 @@ class OC_Group_Database extends OC_Group_Backend { return $groups; } - + /** * @brief get a list of all users in a group * @returns array with user ids */ - public static function usersInGroup($gid){ + public function usersInGroup($gid){ $query=OC_DB::prepare('SELECT uid FROM *PREFIX*group_user WHERE gid=?'); $users=array(); $result=$query->execute(array($gid)); diff --git a/lib/helper.php b/lib/helper.php index aedac204058..decc1d61336 100644 --- a/lib/helper.php +++ b/lib/helper.php @@ -120,7 +120,7 @@ class OC_Helper { */ public static function linkToAbsolute( $app, $file ) { $urlLinkTo = self::linkTo( $app, $file ); - $urlLinkTo = OC_Helper::serverProtocol(). '://' . self::serverHost() . $urlLinkTo; + $urlLinkTo = self::serverProtocol(). '://' . self::serverHost() . $urlLinkTo; return $urlLinkTo; } |