diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/base.php | 1 | ||||
| -rw-r--r-- | lib/private/appframework/middleware/middlewaredispatcher.php | 1 | ||||
| -rw-r--r-- | lib/private/connector/sabre/file.php | 10 | ||||
| -rw-r--r-- | lib/private/connector/sabre/node.php | 9 | ||||
| -rw-r--r-- | lib/private/connector/sabre/objecttree.php | 5 | ||||
| -rw-r--r-- | lib/private/files/filesystem.php | 10 | ||||
| -rw-r--r-- | lib/private/files/storage/wrapper/quota.php | 8 | ||||
| -rw-r--r-- | lib/private/helper.php | 31 | ||||
| -rw-r--r-- | lib/private/image.php | 2 | ||||
| -rw-r--r-- | lib/private/l10n.php | 4 | ||||
| -rw-r--r-- | lib/private/mimetypes.list.php | 140 | ||||
| -rw-r--r-- | lib/private/share/mailnotifications.php | 160 | ||||
| -rw-r--r-- | lib/private/urlgenerator.php | 3 | ||||
| -rw-r--r-- | lib/private/user.php | 2 | ||||
| -rwxr-xr-x | lib/private/util.php | 23 | ||||
| -rw-r--r-- | lib/public/constants.php | 3 | ||||
| -rw-r--r-- | lib/public/util.php | 9 |
17 files changed, 340 insertions, 81 deletions
diff --git a/lib/base.php b/lib/base.php index a5f064bdb4b..84177c7ba6c 100644 --- a/lib/base.php +++ b/lib/base.php @@ -332,6 +332,7 @@ class OC { } OC_Util::addStyle("styles"); + OC_Util::addStyle("mobile"); OC_Util::addStyle("icons"); OC_Util::addStyle("apps"); OC_Util::addStyle("fixes"); diff --git a/lib/private/appframework/middleware/middlewaredispatcher.php b/lib/private/appframework/middleware/middlewaredispatcher.php index 2a715598fc4..598743e523f 100644 --- a/lib/private/appframework/middleware/middlewaredispatcher.php +++ b/lib/private/appframework/middleware/middlewaredispatcher.php @@ -26,6 +26,7 @@ namespace OC\AppFramework\Middleware; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\Response; +use OCP\AppFramework\MiddleWare; /** * This class is used to store and run all the middleware in correct order diff --git a/lib/private/connector/sabre/file.php b/lib/private/connector/sabre/file.php index 5ef6365f657..ef6caaf22a7 100644 --- a/lib/private/connector/sabre/file.php +++ b/lib/private/connector/sabre/file.php @@ -58,6 +58,11 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements Sabre_D throw new \Sabre_DAV_Exception_ServiceUnavailable(); } + $fileName = basename($this->path); + if (!\OCP\Util::isValidFileName($fileName)) { + throw new \Sabre_DAV_Exception_BadRequest(); + } + // chunked handling if (isset($_SERVER['HTTP_OC_CHUNKED'])) { return $this->createFileChunked($data); @@ -142,15 +147,16 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements Sabre_D * @throws Sabre_DAV_Exception_Forbidden */ public function delete() { + $fs = $this->getFS(); if ($this->path === 'Shared') { throw new \Sabre_DAV_Exception_Forbidden(); } - if (!\OC\Files\Filesystem::isDeletable($this->path)) { + if (!$fs->isDeletable($this->path)) { throw new \Sabre_DAV_Exception_Forbidden(); } - \OC\Files\Filesystem::unlink($this->path); + $fs->unlink($this->path); // remove properties $this->removeProperties(); diff --git a/lib/private/connector/sabre/node.php b/lib/private/connector/sabre/node.php index 05d2d2291ec..5807c5c7f71 100644 --- a/lib/private/connector/sabre/node.php +++ b/lib/private/connector/sabre/node.php @@ -85,19 +85,24 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr * @return void */ public function setName($name) { + $fs = $this->getFS(); // rename is only allowed if the update privilege is granted - if (!\OC\Files\Filesystem::isUpdatable($this->path)) { + if (!$fs->isUpdatable($this->path)) { throw new \Sabre_DAV_Exception_Forbidden(); } list($parentPath, ) = Sabre_DAV_URLUtil::splitPath($this->path); list(, $newName) = Sabre_DAV_URLUtil::splitPath($name); + if (!\OCP\Util::isValidFileName($newName)) { + throw new \Sabre_DAV_Exception_BadRequest(); + } + $newPath = $parentPath . '/' . $newName; $oldPath = $this->path; - \OC\Files\Filesystem::rename($this->path, $newPath); + $fs->rename($this->path, $newPath); $this->path = $newPath; diff --git a/lib/private/connector/sabre/objecttree.php b/lib/private/connector/sabre/objecttree.php index d1e179af2ec..d2fa425b22c 100644 --- a/lib/private/connector/sabre/objecttree.php +++ b/lib/private/connector/sabre/objecttree.php @@ -105,6 +105,11 @@ class ObjectTree extends \Sabre_DAV_ObjectTree { } } + $fileName = basename($destinationPath); + if (!\OCP\Util::isValidFileName($fileName)) { + throw new \Sabre_DAV_Exception_BadRequest(); + } + $renameOkay = $fs->rename($sourcePath, $destinationPath); if (!$renameOkay) { throw new \Sabre_DAV_Exception_Forbidden(''); diff --git a/lib/private/files/filesystem.php b/lib/private/files/filesystem.php index b6102f5c245..952f9f9febf 100644 --- a/lib/private/files/filesystem.php +++ b/lib/private/files/filesystem.php @@ -320,16 +320,16 @@ class Filesystem { else { self::mount('\OC\Files\Storage\Local', array('datadir' => $root), $user); } - $datadir = \OC_Config::getValue("datadirectory", \OC::$SERVERROOT . "/data"); + $mount_file = \OC_Config::getValue("mount_file", \OC::$SERVERROOT . "/data/mount.json"); //move config file to it's new position if (is_file(\OC::$SERVERROOT . '/config/mount.json')) { - rename(\OC::$SERVERROOT . '/config/mount.json', $datadir . '/mount.json'); + rename(\OC::$SERVERROOT . '/config/mount.json', $mount_file); } // Load system mount points - if (is_file(\OC::$SERVERROOT . '/config/mount.php') or is_file($datadir . '/mount.json')) { - if (is_file($datadir . '/mount.json')) { - $mountConfig = json_decode(file_get_contents($datadir . '/mount.json'), true); + if (is_file(\OC::$SERVERROOT . '/config/mount.php') or is_file($mount_file)) { + if (is_file($mount_file)) { + $mountConfig = json_decode(file_get_contents($mount_file), true); } elseif (is_file(\OC::$SERVERROOT . '/config/mount.php')) { $mountConfig = $parser->parsePHP(file_get_contents(\OC::$SERVERROOT . '/config/mount.php')); } diff --git a/lib/private/files/storage/wrapper/quota.php b/lib/private/files/storage/wrapper/quota.php index 1bcdca7f47a..26c952e694a 100644 --- a/lib/private/files/storage/wrapper/quota.php +++ b/lib/private/files/storage/wrapper/quota.php @@ -16,11 +16,17 @@ class Quota extends Wrapper { protected $quota; /** + * @var string $sizeRoot + */ + protected $sizeRoot; + + /** * @param array $parameters */ public function __construct($parameters) { $this->storage = $parameters['storage']; $this->quota = $parameters['quota']; + $this->sizeRoot = isset($parameters['root']) ? $parameters['root'] : ''; } /** @@ -46,7 +52,7 @@ class Quota extends Wrapper { if ($this->quota < 0) { return $this->storage->free_space($path); } else { - $used = $this->getSize(''); + $used = $this->getSize($this->sizeRoot); if ($used < 0) { return \OC\Files\SPACE_NOT_COMPUTED; } else { diff --git a/lib/private/helper.php b/lib/private/helper.php index e5d1fa9b513..1aab2f296e1 100644 --- a/lib/private/helper.php +++ b/lib/private/helper.php @@ -152,7 +152,32 @@ class OC_Helper { public static function mimetypeIcon($mimetype) { $alias = array( 'application/octet-stream' => 'file', // use file icon as fallback - 'application/xml' => 'code/xml', + + 'application/illustrator' => 'image', + 'application/coreldraw' => 'image', + 'application/x-gimp' => 'image', + 'application/x-photoshop' => 'image', + + 'application/x-font-ttf' => 'font', + 'application/font-woff' => 'font', + 'application/vnd.ms-fontobject' => 'font', + + 'application/json' => 'text/code', + 'application/x-perl' => 'text/code', + 'application/x-php' => 'text/code', + 'text/x-shellscript' => 'text/code', + 'application/xml' => 'text/html', + 'text/css' => 'text/code', + 'application/x-tex' => 'text', + + 'application/x-compressed' => 'package/x-generic', + 'application/x-7z-compressed' => 'package/x-generic', + 'application/x-deb' => 'package/x-generic', + 'application/x-gzip' => 'package/x-generic', + 'application/x-rar-compressed' => 'package/x-generic', + 'application/x-tar' => 'package/x-generic', + 'application/zip' => 'package/x-generic', + 'application/msword' => 'x-office/document', 'application/vnd.openxmlformats-officedocument.wordprocessingml.document' => 'x-office/document', 'application/vnd.openxmlformats-officedocument.wordprocessingml.template' => 'x-office/document', @@ -162,6 +187,7 @@ class OC_Helper { 'application/vnd.oasis.opendocument.text-template' => 'x-office/document', 'application/vnd.oasis.opendocument.text-web' => 'x-office/document', 'application/vnd.oasis.opendocument.text-master' => 'x-office/document', + 'application/mspowerpoint' => 'x-office/presentation', 'application/vnd.ms-powerpoint' => 'x-office/presentation', 'application/vnd.openxmlformats-officedocument.presentationml.presentation' => 'x-office/presentation', @@ -173,6 +199,7 @@ class OC_Helper { 'application/vnd.ms-powerpoint.slideshow.macroEnabled.12' => 'x-office/presentation', 'application/vnd.oasis.opendocument.presentation' => 'x-office/presentation', 'application/vnd.oasis.opendocument.presentation-template' => 'x-office/presentation', + 'application/msexcel' => 'x-office/spreadsheet', 'application/vnd.ms-excel' => 'x-office/spreadsheet', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' => 'x-office/spreadsheet', @@ -183,6 +210,8 @@ class OC_Helper { 'application/vnd.ms-excel.sheet.binary.macroEnabled.12' => 'x-office/spreadsheet', 'application/vnd.oasis.opendocument.spreadsheet' => 'x-office/spreadsheet', 'application/vnd.oasis.opendocument.spreadsheet-template' => 'x-office/spreadsheet', + 'text/csv' => 'x-office/spreadsheet', + 'application/msaccess' => 'database', ); diff --git a/lib/private/image.php b/lib/private/image.php index 42685ddab5c..17caaa012f5 100644 --- a/lib/private/image.php +++ b/lib/private/image.php @@ -231,7 +231,7 @@ class OC_Image { } /** - * @returns Returns the image resource in any. + * @returns resource Returns the image resource in any. */ public function resource() { return $this->resource; diff --git a/lib/private/l10n.php b/lib/private/l10n.php index 1ade18ea427..ad979a92870 100644 --- a/lib/private/l10n.php +++ b/lib/private/l10n.php @@ -118,7 +118,7 @@ class OC_L10N implements \OCP\IL10N { return; } $app = OC_App::cleanAppId($this->app); - $lang = $this->lang; + $lang = str_replace(array('\0', '/', '\\', '..'), '', $this->lang); $this->app = true; // Find the right language if(is_null($lang) || $lang == '') { @@ -163,7 +163,7 @@ class OC_L10N implements \OCP\IL10N { } } - if(file_exists(OC::$SERVERROOT.'/core/l10n/l10n-'.$lang.'.php')) { + if(file_exists(OC::$SERVERROOT.'/core/l10n/l10n-'.$lang.'.php') && OC_Helper::issubdirectory(OC::$SERVERROOT.'/core/l10n/l10n-'.$lang.'.php', OC::$SERVERROOT.'/core/l10n/')) { // Include the file, save the data from $CONFIG include OC::$SERVERROOT.'/core/l10n/l10n-'.$lang.'.php'; if(isset($LOCALIZATIONS) && is_array($LOCALIZATIONS)) { diff --git a/lib/private/mimetypes.list.php b/lib/private/mimetypes.list.php index 174877d623b..9bd07b89023 100644 --- a/lib/private/mimetypes.list.php +++ b/lib/private/mimetypes.list.php @@ -24,11 +24,13 @@ * Array mapping file extensions to mimetypes (in alphabetical order). */ return array( - 'accdb'=>'application/msaccess', + '7z' => 'application/x-7z-compressed', + 'accdb' => 'application/msaccess', 'ai' => 'application/illustrator', - 'avi'=>'video/x-msvideo', + 'avi' => 'video/x-msvideo', 'bash' => 'text/x-shellscript', - 'blend'=>'application/x-blender', + 'blend' => 'application/x-blender', + 'bin' => 'application/x-bin', 'cb7' => 'application/x-cbr', 'cba' => 'application/x-cbr', 'cbr' => 'application/x-cbr', @@ -38,81 +40,91 @@ return array( 'cc' => 'text/x-c', 'cdr' => 'application/coreldraw', 'cpp' => 'text/x-c++src', - 'css'=>'text/css', + 'css' => 'text/css', + 'csv' => 'text/csv', 'cvbdl' => 'application/x-cbr', 'c' => 'text/x-c', 'c++' => 'text/x-c++src', - 'doc'=>'application/msword', - 'docx'=>'application/vnd.openxmlformats-officedocument.wordprocessingml.document', - 'dot'=>'application/msword', - 'dotx'=>'application/vnd.openxmlformats-officedocument.wordprocessingml.template', - 'dv'=>'video/dv', + 'deb' => 'application/x-deb', + 'doc' => 'application/msword', + 'docx' => 'application/vnd.openxmlformats-officedocument.wordprocessingml.document', + 'dot' => 'application/msword', + 'dotx' => 'application/vnd.openxmlformats-officedocument.wordprocessingml.template', + 'dv' => 'video/dv', + 'eot' => 'application/vnd.ms-fontobject', 'epub' => 'application/epub+zip', - 'exe'=>'application/x-ms-dos-executable', - 'flac'=>'audio/flac', - 'gif'=>'image/gif', - 'gz'=>'application/x-gzip', - 'gzip'=>'application/x-gzip', - 'html'=>'text/html', - 'htm'=>'text/html', - 'ical'=>'text/calendar', - 'ics'=>'text/calendar', + 'exe' => 'application/x-ms-dos-executable', + 'flac' => 'audio/flac', + 'gif' => 'image/gif', + 'gz' => 'application/x-gzip', + 'gzip' => 'application/x-gzip', + 'html' => 'text/html', + 'htm' => 'text/html', + 'ical' => 'text/calendar', + 'ics' => 'text/calendar', 'impress' => 'text/impress', - 'jpeg'=>'image/jpeg', - 'jpg'=>'image/jpeg', - 'js'=>'application/javascript', - 'keynote'=>'application/x-iwork-keynote-sffkey', - 'kra'=>'application/x-krita', - 'm2t'=>'video/mp2t', - 'm4v'=>'video/mp4', + 'jpeg' => 'image/jpeg', + 'jpg' => 'image/jpeg', + 'js' => 'application/javascript', + 'json' => 'application/json', + 'keynote' => 'application/x-iwork-keynote-sffkey', + 'kra' => 'application/x-krita', + 'm2t' => 'video/mp2t', + 'm4v' => 'video/mp4', 'markdown' => 'text/markdown', 'mdown' => 'text/markdown', 'md' => 'text/markdown', - 'mdb'=>'application/msaccess', + 'mdb' => 'application/msaccess', 'mdwn' => 'text/markdown', 'mobi' => 'application/x-mobipocket-ebook', - 'mov'=>'video/quicktime', - 'mp3'=>'audio/mpeg', - 'mp4'=>'video/mp4', - 'mpeg'=>'video/mpeg', - 'mpg'=>'video/mpeg', - 'msi'=>'application/x-msi', - 'numbers'=>'application/x-iwork-numbers-sffnumbers', - 'odg'=>'application/vnd.oasis.opendocument.graphics', - 'odp'=>'application/vnd.oasis.opendocument.presentation', - 'ods'=>'application/vnd.oasis.opendocument.spreadsheet', - 'odt'=>'application/vnd.oasis.opendocument.text', - 'oga'=>'audio/ogg', - 'ogg'=>'audio/ogg', - 'ogv'=>'video/ogg', - 'pages'=>'application/x-iwork-pages-sffpages', - 'pdf'=>'application/pdf', - 'php'=>'application/x-php', - 'pl'=>'application/x-pearl', - 'png'=>'image/png', - 'ppt'=>'application/mspowerpoint', - 'pptx'=>'application/vnd.openxmlformats-officedocument.presentationml.presentation', - 'psd'=>'application/x-photoshop', - 'py'=>'text/x-script.python', + 'mov' => 'video/quicktime', + 'mp3' => 'audio/mpeg', + 'mp4' => 'video/mp4', + 'mpeg' => 'video/mpeg', + 'mpg' => 'video/mpeg', + 'msi' => 'application/x-msi', + 'numbers' => 'application/x-iwork-numbers-sffnumbers', + 'odg' => 'application/vnd.oasis.opendocument.graphics', + 'odp' => 'application/vnd.oasis.opendocument.presentation', + 'ods' => 'application/vnd.oasis.opendocument.spreadsheet', + 'odt' => 'application/vnd.oasis.opendocument.text', + 'oga' => 'audio/ogg', + 'ogg' => 'audio/ogg', + 'ogv' => 'video/ogg', + 'otf' => 'font/opentype', + 'pages' => 'application/x-iwork-pages-sffpages', + 'pdf' => 'application/pdf', + 'php' => 'application/x-php', + 'pl' => 'application/x-perl', + 'png' => 'image/png', + 'ppt' => 'application/mspowerpoint', + 'pptx' => 'application/vnd.openxmlformats-officedocument.presentationml.presentation', + 'psd' => 'application/x-photoshop', + 'py' => 'text/x-python', + 'rar' => 'application/x-rar-compressed', 'reveal' => 'text/reveal', 'sgf' => 'application/sgf', 'sh-lib' => 'text/x-shellscript', 'sh' => 'text/x-shellscript', - 'svg'=>'image/svg+xml', - 'tar'=>'application/x-tar', - 'tar.gz'=>'application/x-compressed', - 'tgz'=>'application/x-compressed', - 'tiff'=>'image/tiff', - 'tif'=>'image/tiff', - 'txt'=>'text/plain', + 'svg' => 'image/svg+xml', + 'swf' => 'application/x-shockwave-flash', + 'tar' => 'application/x-tar', + 'tar.gz' => 'application/x-compressed', + 'tex' => 'application/x-tex', + 'tgz' => 'application/x-compressed', + 'tiff' => 'image/tiff', + 'tif' => 'image/tiff', + 'ttf' => 'application/x-font-ttf', + 'txt' => 'text/plain', 'vcard' => 'text/vcard', 'vcf' => 'text/vcard', - 'wav'=>'audio/wav', - 'webm'=>'video/webm', - 'wmv'=>'video/x-ms-asf', - 'xcf'=>'application/x-gimp', - 'xls'=>'application/msexcel', - 'xlsx'=>'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', - 'xml'=>'application/xml', - 'zip'=>'application/zip', + 'wav' => 'audio/wav', + 'webm' => 'video/webm', + 'woff' => 'application/font-woff', + 'wmv' => 'video/x-ms-asf', + 'xcf' => 'application/x-gimp', + 'xls' => 'application/msexcel', + 'xlsx' => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', + 'xml' => 'application/xml', + 'zip' => 'application/zip', ); diff --git a/lib/private/share/mailnotifications.php b/lib/private/share/mailnotifications.php new file mode 100644 index 00000000000..360376294cc --- /dev/null +++ b/lib/private/share/mailnotifications.php @@ -0,0 +1,160 @@ +<?php +/** +* ownCloud +* +* @author Bjoern Schiessle +* @copyright 2014 Bjoern Schiessle <schiessle@owncloud.com> +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +*/ + +namespace OC\Share; + +class MailNotifications { + + private $senderId; // sender userId + private $from; // sender email address + private $senderDisplayName; + private $l; + + /** + * + * @param string $recipient user id + * @param string $sender user id (if nothing is set we use the currently logged-in user) + */ + public function __construct($sender = null) { + $this->l = \OC_L10N::get('core'); + + $this->senderId = $sender; + + $this->from = \OCP\Util::getDefaultEmailAddress('sharing-noreply'); + if ($this->senderId) { + $this->from = \OCP\Config::getUserValue($this->senderId, 'settings', 'email', $this->from); + $this->senderDisplayName = \OCP\User::getDisplayName($this->senderId); + } else { + $this->senderDisplayName = \OCP\User::getDisplayName(); + } + } + + /** + * @brief inform users if a file was shared with them + * + * @param array $recipientList list of recipients + * @param type $itemSource shared item source + * @param type $itemType shared item type + * @return array list of user to whom the mail send operation failed + */ + public function sendInternalShareMail($recipientList, $itemSource, $itemType) { + + $noMail = array(); + + foreach ($recipientList as $recipient) { + $recipientDisplayName = \OCP\User::getDisplayName($recipient); + $to = \OC_Preferences::getValue($recipient, 'settings', 'email', ''); + + if ($to === '') { + $noMail[] = $recipientDisplayName; + continue; + } + + $items = \OCP\Share::getItemSharedWithUser($itemType, $itemSource, $recipient); + $filename = trim($items[0]['file_target'], '/'); + $subject = (string) $this->l->t('%s shared »%s« with you', array($this->senderDisplayName, $filename)); + $expiration = null; + if (isset($items[0]['expiration'])) { + try { + $date = new DateTime($items[0]['expiration']); + $expiration = $date->getTimestamp(); + } catch (\Exception $e) { + \OCP\Util::writeLog('sharing', "Couldn't read date: " . $e->getMessage(), \OCP\Util::ERROR); + } + } + + if ($itemType === 'folder') { + $foldername = "/Shared/" . $filename; + } else { + // if it is a file we can just link to the Shared folder, + // that's the place where the user will find the file + $foldername = "/Shared"; + } + + $link = \OCP\Util::linkToAbsolute('files', 'index.php', array("dir" => $foldername)); + + list($htmlMail, $alttextMail) = $this->createMailBody($filename, $link, $expiration); + + // send it out now + try { + \OCP\Util::sendMail($to, $recipientDisplayName, $subject, $htmlMail, $this->from, $this->senderDisplayName, 1, $alttextMail); + } catch (\Exception $e) { + \OCP\Util::writeLog('sharing', "Can't send mail to inform the user abaut an internal share: " . $e->getMessage() , \OCP\Util::ERROR); + $noMail[] = $recipientDisplayName; + } + } + + return $noMail; + + } + + /** + * @brief inform recipient about public link share + * + * @param string recipient recipient email address + * @param string $filename the shared file + * @param string $link the public link + * @param int $expiration expiration date (timestamp) + * @return mixed $result true or error message + */ + public function sendLinkShareMail($recipient, $filename, $link, $expiration) { + $subject = (string)$this->l->t('%s shared »%s« with you', array($this->senderDisplayName, $filename)); + list($htmlMail, $alttextMail) = $this->createMailBody($filename, $link, $expiration); + try { + \OCP\Util::sendMail($recipient, $recipient, $subject, $htmlMail, $this->from, $this->senderDisplayName, 1, $alttextMail); + } catch (\Exception $e) { + \OCP\Util::writeLog('sharing', "Can't send mail with public link: " . $e->getMessage(), \OCP\Util::ERROR); + return $e->getMessage(); + } + + return true; + } + + /** + * @brief create mail body for plain text and html mail + * + * @param string $filename the shared file + * @param string $link link to the shared file + * @param int $expiration expiration date (timestamp) + * @return array with the html mail body and the plain text mail body + */ + private function createMailBody($filename, $link, $expiration) { + + $formatedDate = $expiration ? $this->l->l('date', $expiration) : null; + + $html = new \OC_Template("core", "mail", ""); + $html->assign ('link', $link); + $html->assign ('user_displayname', $this->senderDisplayName); + $html->assign ('filename', $filename); + $html->assign('expiration', $formatedDate); + $htmlMail = $html->fetchPage(); + + $alttext = new \OC_Template("core", "altmail", ""); + $alttext->assign ('link', $link); + $alttext->assign ('user_displayname', $this->senderDisplayName); + $alttext->assign ('filename', $filename); + $alttext->assign('expiration', $formatedDate); + $alttextMail = $alttext->fetchPage(); + + return array($htmlMail, $alttextMail); + } + +} diff --git a/lib/private/urlgenerator.php b/lib/private/urlgenerator.php index 4e3c1109000..60da34f2d6e 100644 --- a/lib/private/urlgenerator.php +++ b/lib/private/urlgenerator.php @@ -147,6 +147,7 @@ class URLGenerator implements IURLGenerator { * @return string the absolute version of the url */ public function getAbsoluteURL($url) { - return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $url; + $separator = $url[0] === '/' ? '' : '/'; + return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $separator . $url; } } diff --git a/lib/private/user.php b/lib/private/user.php index 86a01f96258..a89b7286c10 100644 --- a/lib/private/user.php +++ b/lib/private/user.php @@ -227,6 +227,7 @@ class OC_User { * Log in a user and regenerate a new session - if the password is ok */ public static function login($uid, $password) { + session_regenerate_id(true); return self::getUserSession()->login($uid, $password); } @@ -246,7 +247,6 @@ class OC_User { OC_Hook::emit( "OC_User", "pre_login", array( "run" => &$run, "uid" => $uid )); if($uid) { - session_regenerate_id(true); self::setUserId($uid); self::setDisplayName($uid); self::getUserSession()->setLoginName($uid); diff --git a/lib/private/util.php b/lib/private/util.php index 829eedce044..d3b682daa5c 100755 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -65,7 +65,7 @@ class OC_Util { $user = $storage->getUser()->getUID(); $quota = OC_Util::getUserQuota($user); if ($quota !== \OC\Files\SPACE_UNLIMITED) { - return new \OC\Files\Storage\Wrapper\Quota(array('storage' => $storage, 'quota' => $quota)); + return new \OC\Files\Storage\Wrapper\Quota(array('storage' => $storage, 'quota' => $quota, 'root' => 'files')); } } @@ -1155,4 +1155,25 @@ class OC_Util { } return $version; } + + /** + * Returns whether the given file name is valid + * @param $file string file name to check + * @return bool true if the file name is valid, false otherwise + */ + public static function isValidFileName($file) { + $trimmed = trim($file); + if ($trimmed === '') { + return false; + } + if ($trimmed === '.' || $trimmed === '..') { + return false; + } + foreach (str_split($trimmed) as $char) { + if (strpos(\OCP\FILENAME_INVALID_CHARS, $char) !== false) { + return false; + } + } + return true; + } } diff --git a/lib/public/constants.php b/lib/public/constants.php index 1495c620dc9..350646a0ac0 100644 --- a/lib/public/constants.php +++ b/lib/public/constants.php @@ -35,3 +35,6 @@ const PERMISSION_UPDATE = 2; const PERMISSION_DELETE = 8; const PERMISSION_SHARE = 16; const PERMISSION_ALL = 31; + +const FILENAME_INVALID_CHARS = "\\/<>:\"|?*\n"; + diff --git a/lib/public/util.php b/lib/public/util.php index 570283e2a8a..585c5d22634 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -486,4 +486,13 @@ class Util { public static function uploadLimit() { return \OC_Helper::uploadLimit(); } + + /** + * Returns whether the given file name is valid + * @param $file string file name to check + * @return bool true if the file name is valid, false otherwise + */ + public static function isValidFileName($file) { + return \OC_Util::isValidFileName($file); + } } |