summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--index.php3
-rw-r--r--lib/helper.php12
-rw-r--r--lib/ocs.php53
-rw-r--r--lib/ocsclient.php54
-rw-r--r--plugins/publiclink/db_structure.xml47
-rw-r--r--plugins/publiclink/getfile.php10
-rw-r--r--plugins/publiclink/lib_public.php77
-rw-r--r--plugins/publiclink/makelink.php13
-rwxr-xr-xplugins/publiclink/plugin.xml17
9 files changed, 252 insertions, 34 deletions
diff --git a/index.php b/index.php
index c744f094e67..8f5c99fcd85 100644
--- a/index.php
+++ b/index.php
@@ -27,7 +27,8 @@ require_once( 'template.php' );
if( OC_USER::isLoggedIn()){
if( $_GET["logout"] ){
OC_USER::logout();
- OC_TEMPLATE::printGuestPage( "", "logout" );
+ header( "Location: $WEBROOT");
+ exit();
}
else{
header( "Location: ".OC_APPCONFIG::getValue( "core", "defaultpage", "files/index.php" ));
diff --git a/lib/helper.php b/lib/helper.php
index c51629f21cb..4fff7c28fea 100644
--- a/lib/helper.php
+++ b/lib/helper.php
@@ -36,12 +36,16 @@ class OC_HELPER {
public static function linkTo( $app, $file ){
global $WEBROOT;
global $SERVERROOT;
-
+
+ if(!empty($app)) {
+ $app .= '/';
+ }
+
// Check if the app is in the app folder
- if( file_exists( "$SERVERROOT/apps/$app/$file" )){
- return "$WEBROOT/apps/$app/$file";
+ if( file_exists( $SERVERROOT . '/apps/'. $app . $file )){
+ return $WEBROOT . '/apps/' . $app . $file;
}
- return "$WEBROOT/$app/$file";
+ return $WEBROOT . '/' . $app . $file;
}
/**
diff --git a/lib/ocs.php b/lib/ocs.php
index 2b1e706462a..4e9e6522e8b 100644
--- a/lib/ocs.php
+++ b/lib/ocs.php
@@ -400,16 +400,16 @@ class OC_OCS {
* @return string xml/json
*/
private static function activityGet($format,$page,$pagesize) {
- global $CONFIG_DBTABLEPREFIX;
-
$user=OC_OCS::checkpassword();
-
- $result = OC_DB::query("select count(*) as co from {$CONFIG_DBTABLEPREFIX}log");
+
+ $query = OC_DB::prepare('select count(*) as co from *PREFIX*log');
+ $result = $query->execute();
$entry=$result->fetchRow();
$totalcount=$entry['co'];
- OC_DB::free_result($result);
-
- $result = OC_DB::select("select id,timestamp,user,type,message from {$CONFIG_DBTABLEPREFIX}log order by timestamp desc limit " . ($page*$pagesize) . ",$pagesize");
+
+ $query=OC_DB::prepare('select id,timestamp,user,type,message from *PREFIX*log order by timestamp desc limit ?,?');
+ $result = $query->execute(array(($page*$pagesize),$pagesize))->fetchAll();
+
$itemscount=count($result);
$url='http://'.substr($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'],0,-11).'';
@@ -512,24 +512,24 @@ class OC_OCS {
* @return array
*/
public static function getData($user,$app="",$key="",$like=false) {
- global $CONFIG_DBTABLEPREFIX;
- $user=OC_DB::escape($user);
- $key=OC_DB::escape($key);
- $app=OC_DB::escape($app);
$key="$user::$key";//ugly hack for the sake of keeping database scheme compatibiliy, needs to be replaced with a seperate user field the next time we break db compatibiliy
$compareFunction=($like)?'LIKE':'=';
if($app){
if (!trim($key)) {
- $result = OC_DB::select("select app, `key`,value,`timestamp` from {$CONFIG_DBTABLEPREFIX}privatedata where app='$app' order by `timestamp` desc");
+ $query = OC_DB::prepare('select app, `key`,value,`timestamp` from *PREFIX*privatedata where app=? order by `timestamp` desc');
+ $result=$query->execute(array($app))->fetchAll();
} else {
- $result = OC_DB::select("select app, `key`,value,`timestamp` from {$CONFIG_DBTABLEPREFIX}privatedata where app='$app' and `key` $compareFunction '$key' order by `timestamp` desc");
+ $query = OC_DB::prepare("select app, `key`,value,`timestamp` from *PREFIX*privatedata where app=? and `key` $compareFunction ? order by `timestamp` desc");
+ $result=$query->execute(array($app,$key))->fetchAll();
}
}else{
if (!trim($key)) {
- $result = OC_DB::select("select app, `key`,value,`timestamp` from {$CONFIG_DBTABLEPREFIX}privatedata order by `timestamp` desc");
+ $query = OC_DB::prepare('select app, `key`,value,`timestamp` from *PREFIX*privatedata order by `timestamp` desc');
+ $result=$query->execute()->fetchAll();
} else {
- $result = OC_DB::select("select app, `key`,value,`timestamp` from {$CONFIG_DBTABLEPREFIX}privatedata where `key` $compareFunction '$key' order by `timestamp` desc");
+ $query = OC_DB::prepare("select app, `key`,value,`timestamp` from *PREFIX*privatedata where `key` $compareFunction ? order by `timestamp` desc");
+ $result=$query->execute(array($key))->fetchAll();
}
}
$result=self::trimKeys($result,$user);
@@ -545,20 +545,18 @@ class OC_OCS {
* @return bool
*/
public static function setData($user, $app, $key, $value) {
- global $CONFIG_DBTABLEPREFIX;
- $app=OC_DB::escape($app);
- $key=OC_DB::escape($key);
- $user=OC_DB::escape($user);
- $value=OC_DB::escape($value);
$key="$user::$key";//ugly hack for the sake of keeping database scheme compatibiliy
- //TODO: prepared statements, locking tables, fancy stuff, error checking/handling
- $result=OC_DB::select("select count(*) as co from {$CONFIG_DBTABLEPREFIX}privatedata where `key` = '$key' and app = '$app'");
+ //TODO: locking tables, fancy stuff, error checking/handling
+ $query=OC_DB::prepare("select count(*) as co from *PREFIX*privatedata where `key` = ? and app = ?");
+ $result=$query->execute(array($key,$app))->fetchAll();
$totalcount=$result[0]['co'];
if ($totalcount != 0) {
- $result = OC_DB::query("update {$CONFIG_DBTABLEPREFIX}privatedata set value='$value', `timestamp` = now() where `key` = '$key' and app = '$app'");
+ $query=OC_DB::prepare("update *PREFIX*privatedata set value=?, `timestamp` = now() where `key` = ? and app = ?");
+
} else {
- $result = OC_DB::query("insert into {$CONFIG_DBTABLEPREFIX}privatedata(app, `key`, value, `timestamp`) values('$app', '$key', '$value', now())");
+ $result = OC_DB::prepare("insert into *PREFIX*privatedata(value, `key`, app, `timestamp`) values(?, ?, ?, now())");
}
+ $result = $query->execute(array($value,$key,$app));
if (PEAR::isError($result)){
$entry='DB Error: "'.$result->getMessage().'"<br />';
error_log($entry);
@@ -576,13 +574,10 @@ class OC_OCS {
* @return string xml/json
*/
public static function deleteData($user, $app, $key) {
- global $CONFIG_DBTABLEPREFIX;
- $app=OC_DB::escape($app);
- $key=OC_DB::escape($key);
- $user=OC_DB::escape($user);
$key="$user::$key";//ugly hack for the sake of keeping database scheme compatibiliy
//TODO: prepared statements, locking tables, fancy stuff, error checking/handling
- $result = OC_DB::query("delete from {$CONFIG_DBTABLEPREFIX}privatedata where `key` = '$key' and app = '$app'");
+ $query=OC_DB::prepare("delete from *PREFIX*privatedata where `key` = ? and app = ?");
+ $result = $query->execute(array($key,$app));
if (PEAR::isError($result)){
$entry='DB Error: "'.$result->getMessage().'"<br />';
error_log($entry);
diff --git a/lib/ocsclient.php b/lib/ocsclient.php
new file mode 100644
index 00000000000..0546ef39897
--- /dev/null
+++ b/lib/ocsclient.php
@@ -0,0 +1,54 @@
+<?php
+/**
+ * ownCloud
+ *
+ * @author Frank Karlitschek
+ * @author Jakob Sack
+ * @copyright 2010 Frank Karlitschek karlitschek@kde.org
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+/**
+ * This class provides an easy way for apps to store config values in the
+ * database.
+ */
+
+class OC_OCSCLIENT{
+
+ /**
+ * @brief Get all the categories from the OCS server
+ * @returns array with category ids
+ *
+ * This function returns a list of all the application categories on the OCS server
+ */
+ public static function getCategories(){
+
+ return true;
+ }
+
+ /**
+ * @brief Get all the applications from the OCS server
+ * @returns array with application data
+ *
+ * This function returns a list of all the applications on the OCS server
+ */
+ public static function getApplications(){
+
+ return true;
+ }
+
+}
+?>
diff --git a/plugins/publiclink/db_structure.xml b/plugins/publiclink/db_structure.xml
new file mode 100644
index 00000000000..de63b03f445
--- /dev/null
+++ b/plugins/publiclink/db_structure.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<database>
+ <name>*dbname*</name>
+ <create>true</create>
+ <overwrite>false</overwrite>
+ <charset>latin1</charset>
+ <table>
+ <name>*dbprefix*publiclink</name>
+ <declaration>
+ <field>
+ <name>token</name>
+ <type>text</type>
+ <default></default>
+ <notnull>true</notnull>
+ <length>40</length>
+ </field>
+ <field>
+ <name>path</name>
+ <type>text</type>
+ <default></default>
+ <notnull>true</notnull>
+ <length>128</length>
+ </field>
+ <field>
+ <name>user</name>
+ <type>text</type>
+ <default>
+ </default>
+ <notnull>true</notnull>
+ <length>64</length>
+ </field>
+ <field>
+ <name>expire_time</name>
+ <type>timestamp</type>
+ <notnull>true</notnull>
+ </field>
+ <index>
+ <name>token</name>
+ <unique>true</unique>
+ <field>
+ <name>token</name>
+ <sorting>ascending</sorting>
+ </field>
+ </index>
+ </declaration>
+ </table>
+</database>
diff --git a/plugins/publiclink/getfile.php b/plugins/publiclink/getfile.php
new file mode 100644
index 00000000000..c579dc9246c
--- /dev/null
+++ b/plugins/publiclink/getfile.php
@@ -0,0 +1,10 @@
+<?php
+$RUNTIME_NOAPPS=true; //no need to load the apps
+
+require_once '../../lib/base.php';
+
+require_once 'lib_public.php';
+
+$token=$_GET['token'];
+OC_PublicLink::downloadFile($token);
+?> \ No newline at end of file
diff --git a/plugins/publiclink/lib_public.php b/plugins/publiclink/lib_public.php
new file mode 100644
index 00000000000..494f84fdb7a
--- /dev/null
+++ b/plugins/publiclink/lib_public.php
@@ -0,0 +1,77 @@
+<?php
+class OC_PublicLink{
+ /**
+ * create a new public link
+ * @param string path
+ * @param int (optional) expiretime time the link expires, as timestamp
+ */
+ public function __construct($path,$expiretime=0){
+ if($path && OC_FILESYSTEM::file_exists($path)){
+ $token=sha1("$path-$expiretime");
+ $user=$_SESSION['user_id'];
+ $query=OC_DB::prepare("INSERT INTO *PREFIX*publiclink VALUES(?,?,?,?)");
+ $result=$query->execute(array($token,$path,$user,$expiretime));
+ if( PEAR::isError($result)) {
+ $entry = 'DB Error: "'.$result->getMessage().'"<br />';
+ $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
+ error_log( $entry );
+ die( $entry );
+ }
+ $this->token=$token;
+ }
+ }
+
+ /**
+ * download a file shared by a public link
+ * @param string token
+ */
+ public static function downloadFile($token){
+ //remove expired links
+ $query=OC_DB::prepare("DELETE FROM *PREFIX*publiclink WHERE expire_time < NOW() AND expire_time!=0");
+ $query->execute();
+
+ //get the path and the user
+ $query=OC_DB::prepare("SELECT user,path FROM *PREFIX*publiclink WHERE token=?");
+ $result=$query->execute(array($token));
+ $data=$result->fetchAll();
+ if(count($data)>0){
+ $path=$data[0]['path'];
+ $user=$data[0]['user'];
+
+ //login
+ $_SESSION['user_id']=$user;
+
+ //prepare the filesystem
+ OC_UTIL::setupFS();
+
+ //get time mimetype and set the headers
+ $mimetype=OC_FILESYSTEM::getMimeType($path);
+ // header('Content-Disposition: attachment; filename="'.basename($path).'"');
+ header('Content-Transfer-Encoding: binary');
+ header('Expires: 0');
+ header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
+ header('Pragma: public');
+ header('Content-Type: ' . $mimetype);
+ header('Content-Length: ' . OC_FILESYSTEM::filesize($path));
+
+ //download the file
+ ob_clean();
+ OC_FILESYSTEM::readfile($path);
+ }else{
+ header("HTTP/1.0 404 Not Found");
+ echo '404 Not Found';
+ die();
+ }
+ }
+
+ /**
+ * get the token for the public link
+ * @return string
+ */
+ public function getToken(){
+ return $this->token;
+ }
+
+ private $token;
+}
+?> \ No newline at end of file
diff --git a/plugins/publiclink/makelink.php b/plugins/publiclink/makelink.php
new file mode 100644
index 00000000000..1de65e7ec6f
--- /dev/null
+++ b/plugins/publiclink/makelink.php
@@ -0,0 +1,13 @@
+<?php
+$RUNTIME_NOAPPS=true; //no need to load the apps
+
+require_once '../../lib/base.php';
+
+require_once 'lib_public.php';
+
+$path=$_GET['path'];
+$expire=(isset($_GET['expire']))?$_GET['expire']:0;
+
+$link=new OC_PublicLink($path,$expire);
+echo $link->getToken();
+?> \ No newline at end of file
diff --git a/plugins/publiclink/plugin.xml b/plugins/publiclink/plugin.xml
new file mode 100755
index 00000000000..75abed6cf08
--- /dev/null
+++ b/plugins/publiclink/plugin.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0"?>
+<plugin version="1.0">
+ <info>
+ <id>publiclink</id>
+ <name>Simple file sharing by creating a public link to a file</name>
+ <version>0.1</version>
+ <licence>AGPL</licence>
+ <author>Robin Appelman</author>
+ <require>1.1</require>
+ </info>
+ <runtime>
+ <include>lib_public.php</include>
+ </runtime>
+ <install>
+ <database>db_structure.xml</database>
+ </install>
+</plugin>