diff options
Diffstat (limited to 'inc')
| -rwxr-xr-x | inc/HTTP/WebDAV/Server/Filesystem.php | 108 | ||||
| -rwxr-xr-x | inc/lib_base.php | 32 | ||||
| -rwxr-xr-x | inc/lib_files.php | 29 | ||||
| -rwxr-xr-x[-rw-r--r--] | inc/lib_filestorage.php | 23 | ||||
| -rwxr-xr-x | inc/lib_filesystem.php | 30 | ||||
| -rwxr-xr-x | inc/templates/adminform.php | 10 | ||||
| -rwxr-xr-x | inc/templates/configform.php | 4 | ||||
| -rwxr-xr-x | inc/templates/header.php | 1 |
8 files changed, 160 insertions, 77 deletions
diff --git a/inc/HTTP/WebDAV/Server/Filesystem.php b/inc/HTTP/WebDAV/Server/Filesystem.php index 000831f6fef..b96fb414c27 100755 --- a/inc/HTTP/WebDAV/Server/Filesystem.php +++ b/inc/HTTP/WebDAV/Server/Filesystem.php @@ -183,9 +183,9 @@ $info["props"][] = $this->mkprop("getcontentlength", OC_FILESYSTEM::filesize($fspath)); } // get additional properties from database - $query = "SELECT ns, name, value FROM properties WHERE path = '$path'"; - $res = OC_DB::select($query); - while ($row = $res[0]) { + $query = "SELECT ns, name, value FROM properties WHERE path = '$path'"; + $res = OC_DB::select($query); + foreach($res as $row){ $info["props"][] = $this->mkprop($row["ns"], $row["name"], $row["value"]); } return $info; @@ -241,7 +241,6 @@ { // get absolute fs path to requested resource) $fspath = $options["path"]; - error_log("get $fspath"); // is this a collection? if (OC_FILESYSTEM::is_dir($fspath)) { return $this->GetDir($fspath, $options); @@ -324,7 +323,6 @@ function PUT(&$options) { $fspath = $options["path"]; - $dir = dirname($fspath); if (!OC_FILESYSTEM::file_exists($dir) || !OC_FILESYSTEM::is_dir($dir)) { return "409 Conflict"; // TODO right status code for both? @@ -358,7 +356,6 @@ $path = $options["path"]; $parent = dirname($path); $name = basename($path); - if (!OC_FILESYSTEM::file_exists($parent)) { return "409 Conflict"; } @@ -393,11 +390,17 @@ function DELETE($options) { $path =$options["path"]; - if (!OC_FILESYSTEM::file_exists($path)) { return "404 Not found"; } - + $lock=self::checkLock($path); + if(is_array($lock)){ + $owner=$options['owner']; + $lockOwner=$lock['owner']; + if($owner==$lockOwner){ + return "423 Locked"; + } + } if (OC_FILESYSTEM::is_dir($path)) { $query = "DELETE FROM properties WHERE path LIKE '".$this->_slashify($options["path"])."%'"; OC_DB::query($query); @@ -493,8 +496,6 @@ $stat = $this->DELETE(array("path" => $options["dest"])); if (($stat{0} != "2") && (substr($stat, 0, 3) != "404")) { return $stat; - }else{ - $new=true; } } else { return "412 precondition failed"; @@ -503,7 +504,7 @@ if ($del) { if (!OC_FILESYSTEM::rename($source, $dest)) { - return "500 Internal server error 1"; + return "500 Internal server error"; } $destpath = $this->_unslashify($options["dest"]); if (is_dir($source)) { @@ -519,8 +520,7 @@ OC_DB::query($query); } else { if (OC_FILESYSTEM::is_dir($source)) { - $files = OC_FILESYSTEM::find($source); - $files = array_reverse($files); + $files = OC_FILESYSTEM::getTree($source); } else { $files = array($source); } @@ -553,10 +553,7 @@ } } } - - $query = "INSERT INTO properties SELECT * FROM properties WHERE path = '".$options['path']."'"; } - return ($new && !$existing_col) ? "201 Created" : "204 No Content"; } @@ -581,7 +578,6 @@ } else { if (isset($prop["val"])) { $query = "REPLACE INTO properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'"; - error_log($query); } else { $query = "DELETE FROM properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'"; } @@ -603,11 +599,19 @@ { // get absolute fs path to requested resource $fspath = $options["path"]; - // TODO recursive locks on directories not supported yet // makes litmus test "32. lock_collection" fail - if (is_dir($fspath) && !empty($options["depth"])) { - return "409 Conflict"; + if (OC_FILESYSTEM::is_dir($fspath) && !empty($options["depth"])) { + switch($options["depth"]){ + case 'infinity': + $recursion=1; + break; + case '0': + $recursion=0; + break; + } + }else{ + $recursion=0; } $options["timeout"] = time()+300; // 5min. hardcoded @@ -616,11 +620,10 @@ $where = "WHERE path = '$options[path]' AND token = '$options[update]'"; $query = "SELECT owner, exclusivelock FROM locks $where"; - $res = OC_DB::query($query); - $row = OC_DB::fetch_assoc($res); - OC_DB::free_result($res); + $res = OC_DB::select($query); - if (is_array($row)) { + if (is_array($res) and isset($res[0])) { + $row=$res[0]; $query = "UPDATE `locks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where"; OC_DB::query($query); @@ -629,8 +632,23 @@ $options['type'] = $row["exclusivelock"] ? "write" : "read"; return true; - } else { - return false; + } else {//check for indirect refresh + $query = "SELECT * + FROM locks + WHERE recursive = 1 + "; + $res = OC_DB::select($query); + foreach($res as $row){ + if(strpos($options['path'],$row['path'])==0){//are we a child of a folder with an recursive lock + $where = "WHERE path = '$row[path]' AND token = '$options[update]'"; + $query = "UPDATE `locks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where"; + OC_DB::query($query); + $options['owner'] = $row['owner']; + $options['scope'] = $row["exclusivelock"] ? "exclusive" : "shared"; + $options['type'] = $row["exclusivelock"] ? "write" : "read"; + return true; + } + } } } @@ -641,11 +659,14 @@ , `modified` = ".time()." , `owner` = '$options[owner]' , `expires` = '$options[timeout]' - , `exclusivelock` = " .($options['scope'] === "exclusive" ? "1" : "0") - ; + , `exclusivelock` = " .($options['scope'] === "exclusive" ? "1" : "0")." + , `recursive` = $recursion"; OC_DB::query($query); - - return OC_DB::affected_rows() ? "200 OK" : "409 Conflict"; + $rows=OC_DB::affected_rows(); + if(!OC_FILESYSTEM::file_exists($fspath) and $rows>0) { + return "201 Created"; + } + return OC_DB::affected_rows($rows) ? "200 OK" : "409 Conflict"; } /** @@ -678,9 +699,8 @@ WHERE path = '$path' "; $res = OC_DB::select($query); - if ($res) { + if (is_array($res) and isset($res[0])) { $row=$res[0]; - OC_DB::free_result($res); if ($row) { $result = array( "type" => "write", @@ -690,8 +710,30 @@ "token" => $row['token'], "created" => $row['created'], "modified" => $row['modified'], - "expires" => $row['expires'] + "expires" => $row['expires'], + "recursive" => $row['recursive'] + ); + } + }else{ + //check for recursive locks; + $query = "SELECT * + FROM locks + WHERE recursive = 1 + "; + $res = OC_DB::select($query); + foreach($res as $row){ + if(strpos($path,$row['path'])==0){//are we a child of a folder with an recursive lock + $result = array( "type" => "write", + "scope" => $row["exclusivelock"] ? "exclusive" : "shared", + "depth" => 0, + "owner" => $row['owner'], + "token" => $row['token'], + "created" => $row['created'], + "modified" => $row['modified'], + "expires" => $row['expires'], + "recursive" => $row['recursive'] ); + } } } diff --git a/inc/lib_base.php b/inc/lib_base.php index 775504a656b..d946f565c8a 100755 --- a/inc/lib_base.php +++ b/inc/lib_base.php @@ -33,33 +33,15 @@ session_start(); // calculate the documentroot $SERVERROOT=substr(__FILE__,0,-17); -$DOCUMENTROOT=$_SERVER['DOCUMENT_ROOT']; +$DOCUMENTROOT=realpath($_SERVER['DOCUMENT_ROOT']); $SERVERROOT=str_replace("\\",'/',$SERVERROOT); -if(strpos($SERVERROOT,$DOCUMENTROOT)===0){ - //if the serverroot is a subdir of the documentroot we can use this - $count=strlen($DOCUMENTROOT); - $WEBROOT=substr($SERVERROOT,$count); -}else{ - //try some common patterns - $WEBROOT=''; - if(strpos($_SERVER['REQUEST_URI'],'/~')!==false){ - //owncloud is probable installed in a users home folder, extract the username from the uri and use it as base for the webroot - $part=substr($_SERVER['REQUEST_URI'],strpos($_SERVER['REQUEST_URI'],'/~')+1); - $part=substr($part,0,strpos($part,'/')); - $WEBROOT.='/'.$part; - } - if(strpos($SERVERROOT,'public_html')!==false){ - //a common used folder name for websevers to store their sites - if($WEBROOT{strlen($WEBROOT)-1}!=='/'){ - $WEBROOT.='/'; - } - $WEBROOT.=substr($SERVERROOT,strpos($SERVERROOT,'public_html')+strlen('public_html')); - } -} -if($WEBROOT{0}!=='/' and $WEBROOT!=''){ +$SUBURI=substr(realpath($_SERVER["SCRIPT_FILENAME"]),strlen($SERVERROOT)); +$WEBROOT=substr($_SERVER["SCRIPT_NAME"],0,strlen($_SERVER["SCRIPT_NAME"])-strlen($SUBURI)); + + +if($WEBROOT!='' and $WEBROOT[0]!=='/'){ $WEBROOT='/'.$WEBROOT; } -// $WEBROOT='http://localhost'.$WEBROOT; // set the right include path // set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config'); @@ -666,4 +648,4 @@ function chmodr($path, $filemode) { return FALSE; } -?>
\ No newline at end of file +?> diff --git a/inc/lib_files.php b/inc/lib_files.php index 763873733b2..1702ef20de6 100755 --- a/inc/lib_files.php +++ b/inc/lib_files.php @@ -130,19 +130,28 @@ class OC_FILES { $zip=false; $filename=$dir.'/'.$files; } - header('Content-Disposition: attachment; filename='.basename($filename)); - header('Content-Transfer-Encoding: binary'); - header('Expires: 0'); - header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); - header('Pragma: public'); - header('Content-Length: ' . filesize($filename)); - if(!$zip){ - $filename=OC_FILESYSTEM::toTmpFile($filename); + if($zip or OC_FILESYSTEM::is_readable($filename)){ + header('Content-Disposition: attachment; filename='.basename($filename)); + header('Content-Transfer-Encoding: binary'); + header('Expires: 0'); + header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); + header('Pragma: public'); + header('Content-Length: ' . filesize($filename)); + }elseif($zip or !OC_FILESYSTEM::file_exists($filename)){ + header("HTTP/1.0 404 Not Found"); + die('404 Not Found'); + }else{ + header("HTTP/1.0 403 Forbidden"); + die('403 Forbidden'); } ob_end_clean(); OC_LOG::event($_SESSION['username'],3,"$dir/$files"); - readfile($filename); - unlink($filename); + if($zip){ + readfile($filename); + unlink($filename); + }else{ + OC_FILESYSTEM::readfile($filename); + } foreach(self::$tmpFiles as $tmpFile){ if(file_exists($tmpFile) and is_file($tmpFile)){ unlink($tmpFile); diff --git a/inc/lib_filestorage.php b/inc/lib_filestorage.php index 8448eddd74a..85382a44447 100644..100755 --- a/inc/lib_filestorage.php +++ b/inc/lib_filestorage.php @@ -72,6 +72,7 @@ class OC_FILESTORAGE{ public function getMimeType($path){} public function delTree($path){} public function find($path){} + public function getTree($path){} } /** @@ -364,5 +365,27 @@ class OC_FILESTORAGE_LOCAL extends OC_FILESTORAGE{ } return $return; } + + public function getTree($dir) { + if(substr($dir,-1,1)=='/'){ + $dir=substr($dir,0,-1); + } + $tree=array(); + $tree[]=$dir; + $dirRelative=$dir; + $dir=$this->datadir.$dir; + if (!file_exists($dir)) return true; + foreach (scandir($dir) as $item) { + if ($item == '.' || $item == '..') continue; + if(is_file($dir.'/'.$item)){ + $tree[]=$dirRelative.'/'.$item; + }elseif(is_dir($dir.'/'.$item)){ + if ($subTree=$this->getTree($dirRelative. "/" . $item)){ + $tree=array_merge($tree,$subTree); + } + } + } + return $tree; + } } ?>
\ No newline at end of file diff --git a/inc/lib_filesystem.php b/inc/lib_filesystem.php index 1e50ab34ae9..6eb317f442e 100755 --- a/inc/lib_filesystem.php +++ b/inc/lib_filesystem.php @@ -34,7 +34,13 @@ class OC_FILESYSTEM{ * @param string path * @return bool */ - static private function canRead(){ + static private function canRead($path){ + if(substr($path,0,1)!=='/'){ + $path='/'.$path; + } + if(strstr($path,'/../')){ + return false; + } return true;//dummy untill premissions are correctly implemented, also the correcty value because for now users are locked in their seperate data dir and can read/write everything in there } /** @@ -42,7 +48,13 @@ class OC_FILESYSTEM{ * @param string path * @return bool */ - static private function canWrite(){ + static private function canWrite($path){ + if(substr($path,0,1)!=='/'){ + $path='/'.$path; + } + if(strstr($path,'/../')){ + return false; + } return true;//dummy untill premissions are correctly implemented, also the correcty value because for now users are locked in their seperate data dir and can read/write everything in there } @@ -266,5 +278,19 @@ class OC_FILESYSTEM{ } return $return; } + static public function getTree($path){ + if(self::canRead($path) and $storage=self::getStorage($path)){ + $mp=self::getMountPoint($path); + $return=$storage->getTree(substr($path,strlen($mp))); + echo "mp: $mp"; + foreach($return as &$file){ + if(substr($file,0,1)=='/'){ + $file=substr($file,1); + } + $file=$mp.$file; + } + return $return; + } + } } ?> diff --git a/inc/templates/adminform.php b/inc/templates/adminform.php index c94334466af..661cb514516 100755 --- a/inc/templates/adminform.php +++ b/inc/templates/adminform.php @@ -49,7 +49,7 @@ function dbtypechange(){ } } </script> -<form method="post" enctype="multipart/form-data"> +<form method="post" enctype="multipart/form-data" action="#"> <table cellpadding="5" cellspacing="5" border="0" class="loginform"> <?php if(!empty($CONFIG_ERROR) and !$FIRSTRUN){ @@ -67,7 +67,7 @@ if($FIRSTRUN){?> <?php } ?> -<tr><td>force ssl:</td><td><input type="checkbox" name="forcessl" size="30" class="formstyle" value='1' <?php if($CONFIG_HTTPFORCESSL) echo 'checked'?>></input></td></tr> +<tr><td>force ssl:</td><td><input type="checkbox" name="forcessl" size="30" class="formstyle" value='1' <?php if($CONFIG_HTTPFORCESSL) echo 'checked="checked"'?>></input></td></tr> <tr><td>enable automatic backup:</td><td><input type="checkbox" name="enablebackup" id="enablebackup" onchange='showBackupPath()' size="30" class="formstyle" value='1' <?php if($CONFIG_ENABLEBACKUP) echo 'checked'?>></input></td></tr> <tr id='backupdir'><td>backup directory:</td><td><input type="text" name="backupdirectory" size="30" class="formstyle" value="<?php echo($CONFIG_BACKUPDIRECTORY);?>"></input></td></tr> <tr><td>date format:</td><td><input type="text" name="dateformat" size="30" class="formstyle" value='<?php echo($CONFIG_DATEFORMAT);?>'></input></td></tr> @@ -119,17 +119,17 @@ if($CONFIG_DBTYPE=='sqlite'){ <tr id='dbuser'><td>database user:</td><td><input type="text" name="dbuser" size="30" class="formstyle" value='<?php echo($CONFIG_DBUSER);?>'></input></td></tr> <tr id='dbpass'><td>database password:</td><td><input type="password" name="dbpassword" size="30" class="formstyle" value=''></input></td><td>(leave empty to keep current password)</td></tr> <tr id='dbpass_retype'><td>retype database password:</td><td><input type="password" name="dbpassword2" size="30" class="formstyle" value=''></input></td></tr> -<tr id='dbcreaterow'><td>create database and user:</td><td><input id='dbcreate' type="checkbox" name="createdatabase" size="30" class="formstyle" value='1' <?php if($FIRSTRUN) echo 'checked'; ?> onchange='showDBAdmin()'></input></td></tr> +<tr id='dbcreaterow'><td>create database and user:</td><td><input id='dbcreate' type="checkbox" name="createdatabase" size="30" class="formstyle" value='1' <?php if($FIRSTRUN) echo 'checked="checked"'; ?> onchange='showDBAdmin()'></input></td></tr> <tr id='dbAdminUser'><td>database administrative user:</td><td><input type="text" name="dbadminuser" size="30" class="formstyle" value='root'></input></td></tr> <tr id='dbAdminPwd'><td>database administrative password:</td><td><input type="password" name="dbadminpwd" size="30" class="formstyle" value=''></input></td></tr> -<tr id='dbfill'><td>automaticly fill initial database:</td><td><input type="checkbox" name="filldb" size="30" class="formstyle" value='1' <?php if($FIRSTRUN) echo 'checked'; ?>></input></td></tr> +<tr id='dbfill'><td>automaticly fill initial database:</td><td><input type="checkbox" name="filldb" size="30" class="formstyle" value='1' <?php if($FIRSTRUN) echo 'checked="checked"'; ?>></input></td></tr> <?php }?> <tr><td></td><td><input type="submit" name="set_config" alt="save" value="save" class="formstyle" /></td></tr> </table></form><br/> <?php if(!$FIRSTRUN and false){//disabled for now?> <br/> -<form method="post" enctype="multipart/form-data"> +<form method="post" enctype="multipart/form-data" action="#"> <table cellpadding="5" cellspacing="5" border="0" class="loginform"> <tr><td colspan='2'>Create new user:</td></tr> <tr><td>user name</td><td><input type='text' name='new_username' class="formstyle"></input></td></tr> diff --git a/inc/templates/configform.php b/inc/templates/configform.php index 709e8f14296..64499b9ed95 100755 --- a/inc/templates/configform.php +++ b/inc/templates/configform.php @@ -18,8 +18,8 @@ changepassset=function(){ } } </script> -<form method="post" enctype="multipart/form-data"> -<input type='hidden' name='config' value='1'> +<form method="post" enctype="multipart/form-data" action="#"> +<div><input type='hidden' name='config' value='1' /></div> <table cellpadding="5" cellspacing="5" border="0" class="loginform"> <?php if(!empty($CONFIG_ERROR) and !$FIRSTRUN){ diff --git a/inc/templates/header.php b/inc/templates/header.php index 1cce6c5433a..e016cd9f021 100755 --- a/inc/templates/header.php +++ b/inc/templates/header.php @@ -2,6 +2,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> + <meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <title>ownCloud</title> <base href="<?php echo($WEBROOT); ?>/"/> <link rel="stylesheet" type="text/css" href="<?php |