summaryrefslogtreecommitdiffstats
path: root/apps/files_sharing/public.php
diff options
context:
space:
mode:
Diffstat (limited to 'apps/files_sharing/public.php')
-rw-r--r--apps/files_sharing/public.php52
1 files changed, 35 insertions, 17 deletions
diff --git a/apps/files_sharing/public.php b/apps/files_sharing/public.php
index fef0ed8a8c2..487b9e79961 100644
--- a/apps/files_sharing/public.php
+++ b/apps/files_sharing/public.php
@@ -7,7 +7,7 @@ OC_App::loadApps();
// support will be removed in OC 5.0,a
if (isset($_GET['token'])) {
unset($_GET['file']);
- $qry = \OC_DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `target` = ? LIMIT 1');
+ $qry = \OC_DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `target` = ?', 1);
$filepath = $qry->execute(array($_GET['token']))->fetchOne();
if(isset($filepath)) {
$info = OC_FileCache_Cached::get($filepath, '');
@@ -16,7 +16,9 @@ if (isset($_GET['token'])) {
} else {
$_GET['file'] = $filepath;
}
- \OCP\Util::writeLog('files_sharing', 'You have files that are shared by link originating from ownCloud 4.0. Redistribute the new links, because backwards compatibility will be removed in ownCloud 5.', \OCP\Util::WARN);
+ \OCP\Util::writeLog('files_sharing', 'You have files that are shared by link originating from ownCloud 4.0.'
+ .' Redistribute the new links, because backwards compatibility will be removed in ownCloud 5.',
+ \OCP\Util::WARN);
}
}
@@ -27,7 +29,10 @@ function getID($path) {
$path_parts = explode('/', $path, 5);
$user = $path_parts[1];
$intPath = '/'.$path_parts[4];
- $query = \OC_DB::prepare('SELECT `item_source` FROM `*PREFIX*share` WHERE `uid_owner` = ? AND `file_target` = ? ');
+ $query = \OC_DB::prepare('SELECT `item_source`'
+ .' FROM `*PREFIX*share`'
+ .' WHERE `uid_owner` = ?'
+ .' AND `file_target` = ? ');
$result = $query->execute(array($user, $intPath));
$row = $result->fetchRow();
$fileSource = $row['item_source'];
@@ -69,7 +74,8 @@ if (isset($_GET['t'])) {
//if this is a reshare check the file owner also exists
if ($shareOwner != $fileOwner && ! OCP\User::userExists($fileOwner)) {
- OCP\Util::writeLog('share', 'original file owner '.$fileOwner.' does not exist for share '.$linkItem['id'], \OCP\Util::ERROR);
+ OCP\Util::writeLog('share', 'original file owner '.$fileOwner
+ .' does not exist for share '.$linkItem['id'], \OCP\Util::ERROR);
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');
$tmpl->printPage();
@@ -134,7 +140,8 @@ if ($linkItem) {
// Check Password
$forcePortable = (CRYPT_BLOWFISH != 1);
$hasher = new PasswordHash(8, $forcePortable);
- if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''), $linkItem['share_with']))) {
+ if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''),
+ $linkItem['share_with']))) {
$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
$tmpl->assign('URL', $url);
$tmpl->assign('error', true);
@@ -145,19 +152,25 @@ if ($linkItem) {
$_SESSION['public_link_authenticated'] = $linkItem['id'];
}
} else {
- OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type'].' for share id '.$linkItem['id'], \OCP\Util::ERROR);
+ OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type']
+ .' for share id '.$linkItem['id'], \OCP\Util::ERROR);
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');
$tmpl->printPage();
exit();
}
- // Check if item id is set in session
- } else if (!isset($_SESSION['public_link_authenticated']) || $_SESSION['public_link_authenticated'] !== $linkItem['id']) {
- // Prompt for password
- $tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
- $tmpl->assign('URL', $url);
- $tmpl->printPage();
- exit();
+
+ } else {
+ // Check if item id is set in session
+ if (!isset($_SESSION['public_link_authenticated'])
+ || $_SESSION['public_link_authenticated'] !== $linkItem['id']
+ ) {
+ // Prompt for password
+ $tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
+ $tmpl->assign('URL', $url);
+ $tmpl->printPage();
+ exit();
+ }
}
}
$basePath = substr($pathAndUser['path'], strlen('/'.$fileOwner.'/files'));
@@ -203,7 +216,9 @@ if ($linkItem) {
$getPath = '';
}
//
- $urlLinkIdentifiers= (isset($token)?'&t='.$token:'').(isset($_GET['dir'])?'&dir='.$_GET['dir']:'').(isset($_GET['file'])?'&file='.$_GET['file']:'');
+ $urlLinkIdentifiers= (isset($token)?'&t='.$token:'')
+ .(isset($_GET['dir'])?'&dir='.$_GET['dir']:'')
+ .(isset($_GET['file'])?'&file='.$_GET['file']:'');
// Show file list
if (OC_Filesystem::is_dir($path)) {
OCP\Util::addStyle('files', 'files');
@@ -260,13 +275,16 @@ if ($linkItem) {
$folder->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true)));
$tmpl->assign('folder', $folder->fetchPage(), false);
$tmpl->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true)));
- $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download&path='.urlencode($getPath));
+ $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files')
+ .$urlLinkIdentifiers.'&download&path='.urlencode($getPath));
} else {
// Show file preview if viewer is available
if ($type == 'file') {
- $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download');
+ $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files')
+ .$urlLinkIdentifiers.'&download');
} else {
- $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').$urlLinkIdentifiers.'&download&path='.urlencode($getPath));
+ $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files')
+ .$urlLinkIdentifiers.'&download&path='.urlencode($getPath));
}
}
$tmpl->printPage();