diff options
Diffstat (limited to 'core')
| -rw-r--r-- | core/ajax/publicpreview.php | 86 | ||||
| -rw-r--r-- | core/ajax/trashbinpreview.php | 43 | ||||
| -rw-r--r-- | core/routes.php | 4 |
3 files changed, 0 insertions, 133 deletions
diff --git a/core/ajax/publicpreview.php b/core/ajax/publicpreview.php deleted file mode 100644 index 83194d5349c..00000000000 --- a/core/ajax/publicpreview.php +++ /dev/null @@ -1,86 +0,0 @@ -<?php -/** - * Copyright (c) 2013 Georg Ehrke georg@ownCloud.com - * This file is licensed under the Affero General Public License version 3 or - * later. - * See the COPYING-README file. - */ -if(!\OC_App::isEnabled('files_sharing')){ - exit; -} - -$file = array_key_exists('file', $_GET) ? (string) urldecode($_GET['file']) : ''; -$maxX = array_key_exists('x', $_GET) ? (int) $_GET['x'] : '36'; -$maxY = array_key_exists('y', $_GET) ? (int) $_GET['y'] : '36'; -$scalingUp = array_key_exists('scalingup', $_GET) ? (bool) $_GET['scalingup'] : true; -$token = array_key_exists('t', $_GET) ? (string) $_GET['t'] : ''; - -if($token === ''){ - \OC_Response::setStatus(400); //400 Bad Request - \OC_Log::write('core-preview', 'No token parameter was passed', \OC_Log::DEBUG); - exit; -} - -$linkedItem = \OCP\Share::getShareByToken($token); -if($linkedItem === false || ($linkedItem['item_type'] !== 'file' && $linkedItem['item_type'] !== 'folder')) { - \OC_Response::setStatus(404); - \OC_Log::write('core-preview', 'Passed token parameter is not valid', \OC_Log::DEBUG); - exit; -} - -if(!isset($linkedItem['uid_owner']) || !isset($linkedItem['file_source'])) { - \OC_Response::setStatus(500); - \OC_Log::write('core-preview', 'Passed token seems to be valid, but it does not contain all necessary information . ("' . $token . '")', \OC_Log::WARN); - exit; -} - -$userId = $linkedItem['uid_owner']; -\OC_Util::setupFS($userId); - -$pathId = $linkedItem['file_source']; -$path = \OC\Files\Filesystem::getPath($pathId); -$pathInfo = \OC\Files\Filesystem::getFileInfo($path); -$sharedFile = null; - -if($linkedItem['item_type'] === 'folder') { - $isvalid = \OC\Files\Filesystem::isValidPath($file); - if(!$isvalid) { - \OC_Response::setStatus(400); //400 Bad Request - \OC_Log::write('core-preview', 'Passed filename is not valid, might be malicious (file:"' . $file . '";ip:"' . $_SERVER['REMOTE_ADDR'] . '")', \OC_Log::WARN); - exit; - } - $sharedFile = \OC\Files\Filesystem::normalizePath($file); -} - -if($linkedItem['item_type'] === 'file') { - $parent = $pathInfo['parent']; - $path = \OC\Files\Filesystem::getPath($parent); - $sharedFile = $pathInfo['name']; -} - -$path = \OC\Files\Filesystem::normalizePath($path, false); -if(substr($path, 0, 1) === '/') { - $path = substr($path, 1); -} - -if($maxX === 0 || $maxY === 0) { - \OC_Response::setStatus(400); //400 Bad Request - \OC_Log::write('core-preview', 'x and/or y set to 0', \OC_Log::DEBUG); - exit; -} - -$root = 'files/' . $path; - -try{ - $preview = new \OC\Preview($userId, $root); - $preview->setFile($sharedFile); - $preview->setMaxX($maxX); - $preview->setMaxY($maxY); - $preview->setScalingUp($scalingUp); - - $preview->show(); -} catch (\Exception $e) { - \OC_Response::setStatus(500); - \OC_Log::write('core', $e->getmessage(), \OC_Log::ERROR); - exit; -}
\ No newline at end of file diff --git a/core/ajax/trashbinpreview.php b/core/ajax/trashbinpreview.php deleted file mode 100644 index a916dcf229f..00000000000 --- a/core/ajax/trashbinpreview.php +++ /dev/null @@ -1,43 +0,0 @@ -<?php -/** - * Copyright (c) 2013 Georg Ehrke georg@ownCloud.com - * This file is licensed under the Affero General Public License version 3 or - * later. - * See the COPYING-README file. - */ -\OC_Util::checkLoggedIn(); - -if(!\OC_App::isEnabled('files_trashbin')){ - exit; -} - -$file = array_key_exists('file', $_GET) ? (string) urldecode($_GET['file']) : ''; -$maxX = array_key_exists('x', $_GET) ? (int) $_GET['x'] : '44'; -$maxY = array_key_exists('y', $_GET) ? (int) $_GET['y'] : '44'; -$scalingUp = array_key_exists('scalingup', $_GET) ? (bool) $_GET['scalingup'] : true; - -if($file === '') { - \OC_Response::setStatus(400); //400 Bad Request - \OC_Log::write('core-preview', 'No file parameter was passed', \OC_Log::DEBUG); - exit; -} - -if($maxX === 0 || $maxY === 0) { - \OC_Response::setStatus(400); //400 Bad Request - \OC_Log::write('core-preview', 'x and/or y set to 0', \OC_Log::DEBUG); - exit; -} - -try{ - $preview = new \OC\Preview(\OC_User::getUser(), 'files_trashbin/files'); - $preview->setFile($file); - $preview->setMaxX($maxX); - $preview->setMaxY($maxY); - $preview->setScalingUp($scalingUp); - - $preview->showPreview(); -}catch(\Exception $e) { - \OC_Response::setStatus(500); - \OC_Log::write('core', $e->getmessage(), \OC_Log::ERROR); - exit; -}
\ No newline at end of file diff --git a/core/routes.php b/core/routes.php index ce35be1d583..f0f8ce571e2 100644 --- a/core/routes.php +++ b/core/routes.php @@ -44,10 +44,6 @@ $this->create('core_ajax_routes', '/core/routes.json') ->action('OC_Router', 'JSRoutes'); $this->create('core_ajax_preview', '/core/preview.png') ->actionInclude('core/ajax/preview.php'); -$this->create('core_ajax_trashbin_preview', '/core/trashbinpreview.png') - ->actionInclude('core/ajax/trashbinpreview.php'); -$this->create('core_ajax_public_preview', '/core/publicpreview.png') - ->actionInclude('core/ajax/publicpreview.php'); OC::$CLASSPATH['OC_Core_LostPassword_Controller'] = 'core/lostpassword/controller.php'; $this->create('core_lostpassword_index', '/lostpassword/') ->get() |