summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorLukas Reschke <lukas@statuscode.ch>2014-05-10 14:00:22 +0200
committerThomas Müller <thomas.mueller@tmit.eu>2014-06-05 11:45:45 +0200
commitac7fb1b23e40e3075535ed5d4188219580b2386a (patch)
treea34585e85420dba68fb07456151b54e86ea4d785 /lib
parentd0eb8f8668189d5fe82c9d783f30564d643ba604 (diff)
downloadnextcloud-server-ac7fb1b23e40e3075535ed5d4188219580b2386a.tar.gz
nextcloud-server-ac7fb1b23e40e3075535ed5d4188219580b2386a.zip
Remove legacy routing code
The getfile routing code was absolutely legacy and not needed anymore. Additionally \OC::$REQUESTEDAPP was never set to the actually accessed application. This commit removes the legacy routing code and ensures that $REQUESTEDAPP is always set so that other applications (e.g. the firewall or a two-factor authentication) can intercept the currently accessed app. Testplan: [x] Installation works [x] Login with DB works [x] Logout works [x] Login with alternate backend works (tested with user_webdavauth) [x] Other apps are accessible [x] Redirect on login works (e.g. index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fapps%3Finstalled) [x] Personal settings are accessible [x] Admin settings are accessible [x] Sharing files works [x] DAV works [x] OC::$REQUESTEDAPP contains the requested application and can be intercepted by other applications
Diffstat (limited to 'lib')
-rw-r--r--lib/base.php75
-rw-r--r--lib/private/route/router.php3
-rwxr-xr-xlib/private/util.php5
3 files changed, 23 insertions, 60 deletions
diff --git a/lib/base.php b/lib/base.php
index 7c58619a556..d3f98ab0c1c 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -60,14 +60,11 @@ class OC {
public static $configDir;
- /*
+ /**
* requested app
*/
public static $REQUESTEDAPP = '';
- /*
- * requested file of app
- */
- public static $REQUESTEDFILE = '';
+
/**
* check if owncloud runs in cli mode
*/
@@ -574,12 +571,6 @@ class OC {
OC_User::useBackend(new OC_User_Database());
OC_Group::useBackend(new OC_Group_Database());
- // Load minimum set of apps - which is filesystem, authentication and logging
- if (!self::checkUpgrade(false)) {
- OC_App::loadApps(array('authentication'));
- OC_App::loadApps(array('filesystem', 'logging'));
- }
-
//setup extra user backends
OC_User::setupBackends();
@@ -592,35 +583,6 @@ class OC {
//make sure temporary files are cleaned up
register_shutdown_function(array('OC_Helper', 'cleanTmp'));
- //parse the given parameters
- self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? OC_App::cleanAppId(strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'));
- if (substr_count(self::$REQUESTEDAPP, '?') != 0) {
- $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?'));
- $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1);
- parse_str($param, $get);
- $_GET = array_merge($_GET, $get);
- self::$REQUESTEDAPP = $app;
- $_GET['app'] = $app;
- }
- self::$REQUESTEDFILE = (isset($_GET['getfile']) ? $_GET['getfile'] : null);
- if (substr_count(self::$REQUESTEDFILE, '?') != 0) {
- $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?'));
- $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1);
- parse_str($param, $get);
- $_GET = array_merge($_GET, $get);
- self::$REQUESTEDFILE = $file;
- $_GET['getfile'] = $file;
- }
- if (!is_null(self::$REQUESTEDFILE)) {
- $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE;
- $parent = OC_App::getAppPath(OC::$REQUESTEDAPP);
- if (!OC_Helper::isSubDirectory($subdir, $parent)) {
- self::$REQUESTEDFILE = null;
- header('HTTP/1.0 404 Not Found');
- exit;
- }
- }
-
if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) {
if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') {
OC_Util::addScript('backgroundjobs');
@@ -729,6 +691,7 @@ class OC {
OC::tryBasicAuthLogin();
}
+
if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) {
try {
if (!OC_Config::getValue('maintenance', false) && !self::needUpgrade()) {
@@ -745,9 +708,16 @@ class OC {
}
}
- $app = OC::$REQUESTEDAPP;
- $file = OC::$REQUESTEDFILE;
- $param = array('app' => $app, 'file' => $file);
+ // Load minimum set of apps
+ if (!self::checkUpgrade(false)) {
+ // For logged-in users: Load everything
+ if(OC_User::isLoggedIn()) {
+ OC_App::loadApps();
+ } else {
+ // For guests: Load only authentication, filesystem and logging
+ OC_App::loadApps(array('authentication', 'filesystem', 'logging'));
+ }
+ }
// Handle redirect URL for logged in users
if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
@@ -778,7 +748,7 @@ class OC {
return;
}
- // Someone is logged in :
+ // Someone is logged in
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
OC_User::setupBackends();
@@ -800,20 +770,13 @@ class OC {
// redirect to webroot and add slash if webroot is empty
header("Location: " . OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : ''));
} else {
- if (is_null($file)) {
- $param['file'] = 'index.php';
- }
- $file_ext = substr($param['file'], -3);
- if ($file_ext != 'php'
- || !self::loadAppScriptFile($param)
- ) {
- header('HTTP/1.0 404 Not Found');
- }
+ // Redirect to default application
+ OC_Util::redirectToDefaultPage();
}
- return;
+ } else {
+ // Not handled and not logged in
+ self::handleLogin();
}
- // Not handled and not logged in
- self::handleLogin();
}
/**
diff --git a/lib/private/route/router.php b/lib/private/route/router.php
index a72ac2bb3f1..e7c8ad9ebdd 100644
--- a/lib/private/route/router.php
+++ b/lib/private/route/router.php
@@ -188,8 +188,11 @@ class Router implements IRouter {
if (substr($url, 0, 6) === '/apps/') {
// empty string / 'apps' / $app / rest of the route
list(, , $app,) = explode('/', $url, 4);
+ \OC::$REQUESTEDAPP = $app;
$this->loadRoutes($app);
} else if (substr($url, 0, 6) === '/core/' or substr($url, 0, 10) === '/settings/') {
+ \OC::$REQUESTEDAPP = $url;
+ \OC_App::loadApps();
$this->loadRoutes('core');
} else {
$this->loadRoutes();
diff --git a/lib/private/util.php b/lib/private/util.php
index 0daef78ce7f..dfdddd0e3ab 100755
--- a/lib/private/util.php
+++ b/lib/private/util.php
@@ -767,15 +767,12 @@ class OC_Util {
$urlGenerator = \OC::$server->getURLGenerator();
if(isset($_REQUEST['redirect_url'])) {
$location = urldecode($_REQUEST['redirect_url']);
- }
- else if (isset(OC::$REQUESTEDAPP) && !empty(OC::$REQUESTEDAPP)) {
- $location = $urlGenerator->getAbsoluteURL('/index.php/apps/'.OC::$REQUESTEDAPP.'/index.php');
} else {
$defaultPage = OC_Appconfig::getValue('core', 'defaultpage');
if ($defaultPage) {
$location = $urlGenerator->getAbsoluteURL($defaultPage);
} else {
- $location = $urlGenerator->getAbsoluteURL('/index.php/files/index.php');
+ $location = $urlGenerator->getAbsoluteURL('/index.php/apps/files');
}
}
OC_Log::write('core', 'redirectToDefaultPage: '.$location, OC_Log::DEBUG);