diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/base.php | 14 | ||||
| -rw-r--r-- | lib/private/app.php | 4 | ||||
| -rw-r--r-- | lib/private/config.php | 2 | ||||
| -rw-r--r-- | lib/private/files.php | 2 | ||||
| -rw-r--r-- | lib/private/files/cache/watcher.php | 4 | ||||
| -rw-r--r-- | lib/private/files/storage/wrapper/quota.php | 2 | ||||
| -rw-r--r-- | lib/private/files/view.php | 7 | ||||
| -rw-r--r-- | lib/private/installer.php | 3 | ||||
| -rw-r--r-- | lib/private/json.php | 14 | ||||
| -rw-r--r-- | lib/private/legacy/config.php | 1 | ||||
| -rw-r--r-- | lib/private/template/cssresourcelocator.php | 2 | ||||
| -rwxr-xr-x | lib/private/util.php | 11 | ||||
| -rw-r--r-- | lib/public/json.php | 10 | ||||
| -rw-r--r-- | lib/public/share.php | 55 |
14 files changed, 113 insertions, 18 deletions
diff --git a/lib/base.php b/lib/base.php index f30575c7b12..0597183adcf 100644 --- a/lib/base.php +++ b/lib/base.php @@ -57,6 +57,9 @@ class OC { * web path in 'url' */ public static $APPSROOTS = array(); + + public static $configDir; + /* * requested app */ @@ -100,6 +103,13 @@ class OC { get_include_path() ); + if(defined('PHPUNIT_RUN') and PHPUNIT_RUN and is_dir(OC::$SERVERROOT . '/tests/config/')) { + self::$configDir = OC::$SERVERROOT . '/tests/config/'; + } else { + self::$configDir = OC::$SERVERROOT . '/config/'; + } + OC_Config::$object = new \OC\Config(self::$configDir); + OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT))); $scriptName = OC_Request::scriptName(); if (substr($scriptName, -1) == '/') { @@ -175,8 +185,8 @@ class OC { } public static function checkConfig() { - if (file_exists(OC::$SERVERROOT . "/config/config.php") - and !is_writable(OC::$SERVERROOT . "/config/config.php") + if (file_exists(self::$configDir . "/config.php") + and !is_writable(self::$configDir . "/config.php") ) { $defaults = new OC_Defaults(); if (self::$CLI) { diff --git a/lib/private/app.php b/lib/private/app.php index 34c00e97fb9..0c60557914a 100644 --- a/lib/private/app.php +++ b/lib/private/app.php @@ -555,6 +555,10 @@ class OC_App{ }elseif($child->getName()=='description') { $xml=(string)$child->asXML(); $data[$child->getName()]=substr($xml, 13, -14);//script <description> tags + }elseif($child->getName()=='documentation') { + foreach($child as $subchild) { + $data["documentation"][$subchild->getName()] = (string)$subchild; + } }else{ $data[$child->getName()]=(string)$child; } diff --git a/lib/private/config.php b/lib/private/config.php index caf7b1d7066..8a9d5ca6158 100644 --- a/lib/private/config.php +++ b/lib/private/config.php @@ -50,7 +50,7 @@ class Config { protected $debugMode; /** - * @param $configDir path to the config dir, needs to end with '/' + * @param string $configDir path to the config dir, needs to end with '/' */ public function __construct($configDir) { $this->configDir = $configDir; diff --git a/lib/private/files.php b/lib/private/files.php index e6c81d58bd2..8ce632013cf 100644 --- a/lib/private/files.php +++ b/lib/private/files.php @@ -83,7 +83,7 @@ class OC_Files { if ($basename) { $name = $basename . '.zip'; } else { - $name = 'owncloud.zip'; + $name = 'download.zip'; } set_time_limit($executionTime); diff --git a/lib/private/files/cache/watcher.php b/lib/private/files/cache/watcher.php index 58f624c8990..251ecbe7071 100644 --- a/lib/private/files/cache/watcher.php +++ b/lib/private/files/cache/watcher.php @@ -40,7 +40,7 @@ class Watcher { * check $path for updates * * @param string $path - * @return boolean true if path was updated, false otherwise + * @return boolean | array true if path was updated, otherwise the cached data is returned */ public function checkUpdate($path) { $cachedEntry = $this->cache->get($path); @@ -56,7 +56,7 @@ class Watcher { $this->cache->correctFolderSize($path); return true; } - return false; + return $cachedEntry; } /** diff --git a/lib/private/files/storage/wrapper/quota.php b/lib/private/files/storage/wrapper/quota.php index 43016e0892f..a430e3e4617 100644 --- a/lib/private/files/storage/wrapper/quota.php +++ b/lib/private/files/storage/wrapper/quota.php @@ -95,7 +95,7 @@ class Quota extends Wrapper { public function fopen($path, $mode) { $source = $this->storage->fopen($path, $mode); $free = $this->free_space(''); - if ($free >= 0 && $mode !== 'r') { + if ($source && $free >= 0 && $mode !== 'r' && $mode !== 'rb') { return \OC\Files\Stream\Quota::wrap($source, $free); } else { return $source; diff --git a/lib/private/files/view.php b/lib/private/files/view.php index 8893911ed5d..d97544b865e 100644 --- a/lib/private/files/view.php +++ b/lib/private/files/view.php @@ -801,6 +801,7 @@ class View { * @var string $internalPath */ list($storage, $internalPath) = Filesystem::resolvePath($path); + $data = null; if ($storage) { $cache = $storage->getCache($internalPath); $permissionsCache = $storage->getPermissionsCache($internalPath); @@ -811,10 +812,12 @@ class View { $scanner->scan($internalPath, Cache\Scanner::SCAN_SHALLOW); } else { $watcher = $storage->getWatcher($internalPath); - $watcher->checkUpdate($internalPath); + $data = $watcher->checkUpdate($internalPath); } - $data = $cache->get($internalPath); + if (!is_array($data)) { + $data = $cache->get($internalPath); + } if ($data and $data['fileid']) { if ($includeMountPoints and $data['mimetype'] === 'httpd/unix-directory') { diff --git a/lib/private/installer.php b/lib/private/installer.php index 8375b231e9b..835b6b4c01a 100644 --- a/lib/private/installer.php +++ b/lib/private/installer.php @@ -407,6 +407,9 @@ class OC_Installer{ include OC_App::getAppPath($app)."/appinfo/install.php"; } $info=OC_App::getAppInfo($app); + if (is_null($info)) { + return false; + } OC_Appconfig::setValue($app, 'installed_version', OC_App::getAppVersion($app)); //set remote/public handelers diff --git a/lib/private/json.php b/lib/private/json.php index 6a9e5a2df5e..5c5d7e3a3da 100644 --- a/lib/private/json.php +++ b/lib/private/json.php @@ -65,6 +65,20 @@ class OC_JSON{ } /** + * Check is a given user exists - send json error msg if not + * @param string $user + */ + public static function checkUserExists($user) { + if (!OCP\User::userExists($user)) { + $l = OC_L10N::get('lib'); + OCP\JSON::error(array('data' => array('message' => $l->t('Unknown user')))); + exit; + } + } + + + + /** * Check if the user is a subadmin, send json error msg if not */ public static function checkSubAdminUser() { diff --git a/lib/private/legacy/config.php b/lib/private/legacy/config.php index c457979113e..ab67c8d3020 100644 --- a/lib/private/legacy/config.php +++ b/lib/private/legacy/config.php @@ -38,7 +38,6 @@ * This class is responsible for reading and writing config.php, the very basic * configuration file of ownCloud. */ -OC_Config::$object = new \OC\Config(OC::$SERVERROOT.'/config/'); class OC_Config { /** diff --git a/lib/private/template/cssresourcelocator.php b/lib/private/template/cssresourcelocator.php index e26daa25827..8e7831ca549 100644 --- a/lib/private/template/cssresourcelocator.php +++ b/lib/private/template/cssresourcelocator.php @@ -22,7 +22,7 @@ class CSSResourceLocator extends ResourceLocator { $app = substr($style, 0, strpos($style, '/')); $style = substr($style, strpos($style, '/')+1); $app_path = \OC_App::getAppPath($app); - $app_url = \OC_App::getAppWebPath($app); + $app_url = $this->webroot . '/index.php/apps/' . $app; if ($this->appendIfExist($app_path, $style.$this->form_factor.'.css', $app_url) || $this->appendIfExist($app_path, $style.'.css', $app_url) ) { diff --git a/lib/private/util.php b/lib/private/util.php index a4b3761dbd3..8aa7a074d0d 100755 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -51,6 +51,10 @@ class OC_Util { self::$rootMounted = true; } + if ($user != '' && !OCP\User::userExists($user)) { + return false; + } + //if we aren't logged in, there is no use to set up the filesystem if( $user != "" ) { \OC\Files\Filesystem::addStorageWrapper(function($mountPoint, $storage){ @@ -312,7 +316,7 @@ class OC_Util { .'" target="_blank">giving the webserver write access to the root directory</a>.'; // Check if config folder is writable. - if(!is_writable(OC::$SERVERROOT."/config/") or !is_readable(OC::$SERVERROOT."/config/")) { + if(!is_writable(OC::$configDir) or !is_readable(OC::$configDir)) { $errors[] = array( 'error' => "Can't write into config directory", 'hint' => 'This can usually be fixed by ' @@ -892,6 +896,11 @@ class OC_Util { return false; } + // in case the connection is via proxy return true to avoid connecting to owncloud.org + if(OC_Config::getValue('proxy', '') != '') { + return true; + } + // try to connect to owncloud.org to see if http connections to the internet are possible. $connected = @fsockopen("www.owncloud.org", 80); if ($connected) { diff --git a/lib/public/json.php b/lib/public/json.php index 831e3ef1cf6..cd5d233ef90 100644 --- a/lib/public/json.php +++ b/lib/public/json.php @@ -167,7 +167,7 @@ class JSON { * @return string json formatted string if not admin user. */ public static function checkAdminUser() { - return(\OC_JSON::checkAdminUser()); + \OC_JSON::checkAdminUser(); } /** @@ -177,4 +177,12 @@ class JSON { public static function encode($data) { return(\OC_JSON::encode($data)); } + + /** + * Check is a given user exists - send json error msg if not + * @param string $user + */ + public static function checkUserExists($user) { + \OC_JSON::checkUserExists($user); + } } diff --git a/lib/public/share.php b/lib/public/share.php index f0fd8e1ab1b..f832d04a70f 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -347,20 +347,29 @@ class Share { } /** - * Get the item shared by a token - * @param string token - * @return Item + * Based on the given token the share information will be returned - password protected shares will be verified + * @param string $token + * @return array | bool false will be returned in case the token is unknown or unauthorized */ - public static function getShareByToken($token) { + public static function getShareByToken($token, $checkPasswordProtection = true) { $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*share` WHERE `token` = ?', 1); $result = $query->execute(array($token)); if (\OC_DB::isError($result)) { \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result) . ', token=' . $token, \OC_Log::ERROR); } $row = $result->fetchRow(); + if ($row === false) { + return false; + } if (is_array($row) and self::expireItem($row)) { return false; } + + // password protected shares need to be authenticated + if ($checkPasswordProtection && !\OCP\Share::checkPasswordProtectedShare($row)) { + return false; + } + return $row; } @@ -655,7 +664,15 @@ class Share { * @return Returns true on success or false on failure */ public static function unshareAll($itemType, $itemSource) { - if ($shares = self::getItemShared($itemType, $itemSource)) { + // Get all of the owners of shares of this item. + $query = \OC_DB::prepare( 'SELECT `uid_owner` from `*PREFIX*share` WHERE `item_type`=? AND `item_source`=?' ); + $result = $query->execute(array($itemType, $itemSource)); + $shares = array(); + // Add each owner's shares to the array of all shares for this item. + while ($row = $result->fetchRow()) { + $shares = array_merge($shares, self::getItems($itemType, $itemSource, null, null, $row['uid_owner'])); + } + if (!empty($shares)) { // Pass all the vars we have for now, they may be useful $hookParams = array( 'itemType' => $itemType, @@ -1880,6 +1897,34 @@ class Share { } } + /** + * In case a password protected link is not yet authenticated this function will return false + * + * @param array $linkItem + * @return bool + */ + public static function checkPasswordProtectedShare(array $linkItem) { + if (!isset($linkItem['share_with'])) { + return true; + } + if (!isset($linkItem['share_type'])) { + return true; + } + if (!isset($linkItem['id'])) { + return true; + } + + if ($linkItem['share_type'] != \OCP\Share::SHARE_TYPE_LINK) { + return true; + } + + if ( \OC::$session->exists('public_link_authenticated') + && \OC::$session->get('public_link_authenticated') === $linkItem['id'] ) { + return true; + } + + return false; + } } /** |