diff options
Diffstat (limited to 'lib/public/share.php')
| -rw-r--r-- | lib/public/share.php | 35 |
1 files changed, 25 insertions, 10 deletions
diff --git a/lib/public/share.php b/lib/public/share.php index 9ab956d84b9..7a8a183574b 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -106,22 +106,22 @@ class Share { } return false; } - + /** * @brief Prepare a path to be passed to DB as file_target * @return string Prepared path */ public static function prepFileTarget( $path ) { - + // Paths in DB are stored with leading slashes, so add one if necessary if ( substr( $path, 0, 1 ) !== '/' ) { - + $path = '/' . $path; - + } - + return $path; - + } /** @@ -256,7 +256,7 @@ class Share { return self::getItems($itemType, $itemTarget, self::$shareTypeUserAndGroups, \OC_User::getUser(), null, $format, $parameters, 1, $includeCollections); } - + /** * @brief Get the item of item type shared with the current user by source * @param string Item type @@ -293,7 +293,18 @@ class Share { if (\OC_DB::isError($result)) { \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result) . ', token=' . $token, \OC_Log::ERROR); } - return $result->fetchRow(); + $row = $result->fetchRow(); + + if (!empty($row['expiration'])) { + $now = new \DateTime(); + $expirationDate = new \DateTime($row['expiration'], new \DateTimeZone('UTC')); + if ($now > $expirationDate) { + self::delete($row['id']); + return false; + } + } + + return $row; } /** @@ -450,6 +461,7 @@ class Share { $uidOwner, self::FORMAT_NONE, null, 1)) { // remember old token $oldToken = $checkExists['token']; + $oldPermissions = $checkExists['permissions']; //delete the old share self::delete($checkExists['id']); } @@ -460,8 +472,11 @@ class Share { $hasher = new \PasswordHash(8, $forcePortable); $shareWith = $hasher->HashPassword($shareWith.\OC_Config::getValue('passwordsalt', '')); } else { - // reuse the already set password - $shareWith = $checkExists['share_with']; + // reuse the already set password, but only if we change permissions + // otherwise the user disabled the password protection + if ($checkExists && (int)$permissions !== (int)$oldPermissions) { + $shareWith = $checkExists['share_with']; + } } // Generate token |