diff options
Diffstat (limited to 'lib')
57 files changed, 771 insertions, 264 deletions
diff --git a/lib/MDB2/Driver/sqlite3.php b/lib/MDB2/Driver/sqlite3.php index e42d36176c4..39d3fb6727d 100644 --- a/lib/MDB2/Driver/sqlite3.php +++ b/lib/MDB2/Driver/sqlite3.php @@ -276,7 +276,7 @@ class MDB2_Driver_sqlite3 extends MDB2_Driver_Common * @access public * @since 2.1.1 */ - static function setTransactionIsolation($isolation,$options=array()) + function setTransactionIsolation($isolation,$options=array()) { $this->debug('Setting transaction isolation level', __FUNCTION__, array('is_manip' => true)); switch ($isolation) { @@ -478,7 +478,7 @@ class MDB2_Driver_sqlite3 extends MDB2_Driver_Common * @return result or error object * @access protected */ - function &_doQuery($query, $is_manip = false, $connection = null, $database_name = null) + function _doQuery($query, $is_manip = false, $connection = null, $database_name = null) { $this->last_query = $query; $result = $this->debug($query, 'query', array('is_manip' => $is_manip, 'when' => 'pre')); @@ -816,7 +816,7 @@ class MDB2_Driver_sqlite3 extends MDB2_Driver_Common * @access public * @see bindParam, execute */ - function &prepare($query, $types = null, $result_types = null, $lobs = array()) + function prepare($query, $types = null, $result_types = null, $lobs = array()) { if ($this->options['emulate_prepared'] || $this->supported['prepared_statements'] !== true @@ -928,7 +928,7 @@ class MDB2_Result_sqlite3 extends MDB2_Result_Common * @return int data array on success, a MDB2 error on failure * @access public */ - function &fetchRow($fetchmode = MDB2_FETCHMODE_DEFAULT, $rownum = null) + function fetchRow($fetchmode = MDB2_FETCHMODE_DEFAULT, $rownum = null) { if (!is_null($rownum)) { $seek = $this->seek($rownum); @@ -1193,7 +1193,7 @@ class MDB2_Statement_sqlite3 extends MDB2_Statement_Common * a MDB2 error on failure * @access private */ - function &_execute($result_class = true, $result_wrap_class = false){ + function _execute($result_class = true, $result_wrap_class = false){ if (is_null($this->statement)) { $result =& parent::_execute($result_class, $result_wrap_class); return $result; @@ -1305,7 +1305,7 @@ class MDB2_Statement_sqlite3 extends MDB2_Statement_Common * a MDB2 error on failure * @access public */ - function &execute($values = null, $result_class = true, $result_wrap_class = false) + function execute($values = null, $result_class = true, $result_wrap_class = false) { if (is_null($this->positions)) { return $this->db->raiseError(MDB2_ERROR, null, null, diff --git a/lib/app.php b/lib/app.php index 8bd095d8c6c..667633e2647 100644..100755 --- a/lib/app.php +++ b/lib/app.php @@ -4,7 +4,7 @@ * * @author Frank Karlitschek * @author Jakob Sack - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -28,7 +28,6 @@ */ class OC_App{ static private $init = false; - static private $apps = array(); static private $activeapp = ''; static private $navigation = array(); static private $settingsForms = array(); @@ -36,6 +35,7 @@ class OC_App{ static private $personalForms = array(); static private $appInfo = array(); static private $appTypes = array(); + static private $loadedApps = array(); /** * @brief loads all apps @@ -49,29 +49,17 @@ class OC_App{ * if $types is set, only apps of those types will be loaded */ public static function loadApps($types=null){ - // Did we already load everything? - if( self::$init ){ - return true; - } - - // Our very own core apps are hardcoded - foreach( array( 'settings') as $app ){ - if(is_null($types)){ - require( $app.'/appinfo/app.php' ); - } - } - - // The rest comes here + // Load the enabled apps here $apps = self::getEnabledApps(); + // prevent app.php from printing output + ob_start(); foreach( $apps as $app ){ - if((is_null($types) or self::isType($app,$types))){ - if(is_file(OC::$APPSROOT.'/apps/'.$app.'/appinfo/app.php')){ - require( $app.'/appinfo/app.php' ); - } + if((is_null($types) or self::isType($app,$types)) && !in_array($app, self::$loadedApps)){ + self::loadApp($app); + self::$loadedApps[] = $app; } } - - self::$init = true; + ob_end_clean(); if (!defined('DEBUG') || !DEBUG){ if (is_null($types)) { @@ -86,7 +74,17 @@ class OC_App{ } /** - * check if an app is of a sepcific type + * load a single app + * @param string app + */ + public static function loadApp($app){ + if(is_file(OC::$APPSROOT.'/apps/'.$app.'/appinfo/app.php')){ + require_once( $app.'/appinfo/app.php' ); + } + } + + /** + * check if an app is of a specific type * @param string $app * @param string/array $types */ @@ -114,19 +112,26 @@ class OC_App{ self::$appTypes=OC_Appconfig::getValues(false,'types'); } - //get it from info.xml if we haven't cached it - if(!isset(self::$appTypes[$app])){ - $appData=self::getAppInfo($app); - if(isset($appData['types'])){ - self::$appTypes[$app]=$appData['types']; - }else{ - self::$appTypes[$app]=array(); - } + if(isset(self::$appTypes[$app])){ + return explode(',',self::$appTypes[$app]); + }else{ + return array(); + } + } + + /** + * read app types from info.xml and cache them in the database + */ + public static function setAppTypes($app){ + $appData=self::getAppInfo($app); - OC_Appconfig::setValue($app,'types',implode(',',self::$appTypes[$app])); + if(isset($appData['types'])){ + $appTypes=implode(',',$appData['types']); + }else{ + $appTypes=''; } - return explode(',',self::$appTypes[$app]); + OC_Appconfig::setValue($app,'types',$appTypes); } /** @@ -152,7 +157,7 @@ class OC_App{ * This function checks whether or not an app is enabled. */ public static function isEnabled( $app ){ - if( 'yes' == OC_Appconfig::getValue( $app, 'enabled' )){ + if( 'files'==$app or 'yes' == OC_Appconfig::getValue( $app, 'enabled' )){ return true; } @@ -179,8 +184,16 @@ class OC_App{ } } if($app!==false){ - OC_Appconfig::setValue( $app, 'enabled', 'yes' ); - return true; + // check if the app is compatible with this version of ownCloud + $info=OC_App::getAppInfo($app); + $version=OC_Util::getVersion(); + if(!isset($info['require']) or ($version[0]>$info['require'])){ + OC_Log::write('core','App "'.$info['name'].'" can\'t be installed because it is not compatible with this version of ownCloud',OC_Log::ERROR); + return false; + }else{ + OC_Appconfig::setValue( $app, 'enabled', 'yes' ); + return true; + } }else{ return false; } @@ -199,36 +212,6 @@ class OC_App{ } /** - * @brief makes owncloud aware of this app - * @param $data array with all information - * @returns true/false - * - * This function registers the application. $data is an associative array. - * The following keys are required: - * - id: id of the application, has to be unique ('addressbook') - * - name: Human readable name ('Addressbook') - * - version: array with Version (major, minor, bugfix) ( array(1, 0, 2)) - * - * The following keys are optional: - * - order: integer, that influences the position of your application in - * a list of applications. Lower values come first. - * - */ - public static function register( $data ){ - OC_App::$apps[] = $data; - } - - /** - * @brief returns information of all apps - * @return array with all information - * - * This function returns all data it got via register(). - */ - public static function get(){ - return OC_App::$apps; - } - - /** * @brief adds an entry to the navigation * @param $data array containing the data * @returns true/false @@ -375,8 +358,18 @@ class OC_App{ } $xml = new SimpleXMLElement($content); $data['info']=array(); + $data['remote']=array(); + $data['public']=array(); foreach($xml->children() as $child){ - if($child->getName()=='types'){ + if($child->getName()=='remote'){ + foreach($child->children() as $remote){ + $data['remote'][$remote->getName()]=(string)$remote; + } + }elseif($child->getName()=='public'){ + foreach($child->children() as $public){ + $data['public'][$public->getName()]=(string)$public; + } + }elseif($child->getName()=='types'){ $data['types']=array(); foreach($child->children() as $type){ $data['types'][]=$type->getName(); @@ -482,17 +475,41 @@ class OC_App{ * check if any apps need updating and update those */ public static function updateApps(){ - // The rest comes here $versions = self::getAppVersions(); + //ensure files app is installed for upgrades + if(!isset($versions['files'])){ + $versions['files']='0'; + } foreach( $versions as $app=>$installedVersion ){ $currentVersion=OC_App::getAppVersion($app); if ($currentVersion) { if (version_compare($currentVersion, $installedVersion, '>')) { + OC_Log::write($app,'starting app upgrade from '.$installedVersion.' to '.$currentVersion,OC_Log::DEBUG); OC_App::updateApp($app); - OC_Appconfig::setValue($app,'installed_version',OC_App::getAppVersion($app)); + OC_Appconfig::setValue($app,'installed_version',OC_App::getAppVersion($app)); } } } + + // check if the current enabled apps are compatible with the current ownCloud version. disable them if not. + // this is important if you upgrade ownCloud and have non ported 3rd party apps installed + $apps =OC_App::getEnabledApps(); + $version=OC_Util::getVersion(); + foreach($apps as $app) { + + // check if the app is compatible with this version of ownCloud + $info=OC_App::getAppInfo($app); + if(!isset($info['require']) or ($version[0]>$info['require'])){ + OC_Log::write('core','App "'.$info['name'].'" can\'t be used because it is not compatible with this version of ownCloud',OC_Log::ERROR); + OC_App::disable( $app ); + } + + + + } + + + } /** @@ -516,9 +533,23 @@ class OC_App{ if(file_exists(OC::$APPSROOT.'/apps/'.$appid.'/appinfo/database.xml')){ OC_DB::updateDbFromStructure(OC::$APPSROOT.'/apps/'.$appid.'/appinfo/database.xml'); } + if(!self::isEnabled($appid)){ + return; + } if(file_exists(OC::$APPSROOT.'/apps/'.$appid.'/appinfo/update.php')){ include OC::$APPSROOT.'/apps/'.$appid.'/appinfo/update.php'; } + + //set remote/public handelers + $appData=self::getAppInfo($appid); + foreach($appData['remote'] as $name=>$path){ + OCP\CONFIG::setAppValue('core', 'remote_'.$name, '/apps/'.$appid.'/'.$path); + } + foreach($appData['public'] as $name=>$path){ + OCP\CONFIG::setAppValue('core', 'public_'.$name, '/apps/'.$appid.'/'.$path); + } + + self::setAppTypes($appid); } /** diff --git a/lib/appconfig.php b/lib/appconfig.php index 5aaaadd9c4a..c6216974dd9 100644 --- a/lib/appconfig.php +++ b/lib/appconfig.php @@ -4,7 +4,7 @@ * * @author Frank Karlitschek * @author Jakob Sack - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/archive/tar.php b/lib/archive/tar.php index 07f0ba5bd8a..4ff78779834 100755..100644 --- a/lib/archive/tar.php +++ b/lib/archive/tar.php @@ -12,6 +12,8 @@ class OC_Archive_TAR extends OC_Archive{ const PLAIN=0; const GZIP=1; const BZIP=2; + + private $fileList; /** * @var Archive_Tar tar @@ -64,6 +66,7 @@ class OC_Archive_TAR extends OC_Archive{ mkdir($tmpBase.$path); $result=$this->tar->addModify(array($tmpBase.$path),'',$tmpBase); rmdir($tmpBase.$path); + $this->fileList=false; return $result; } /** @@ -84,6 +87,7 @@ class OC_Archive_TAR extends OC_Archive{ }else{ $result=$this->tar->addString($path,$source); } + $this->fileList=false; return $result; } @@ -103,12 +107,14 @@ class OC_Archive_TAR extends OC_Archive{ $types=array(null,'gz','bz'); $this->tar=new Archive_Tar($this->path,$types[self::getTarType($this->path)]); $this->tar->createModify(array($tmp),'',$tmp.'/'); + $this->fileList=false; + return true; } private function getHeader($file){ $headers=$this->tar->listContent(); foreach($headers as $header){ - if($file==$header['filename'] or $file.'/'==$header['filename']){ + if($file==$header['filename'] or $file.'/'==$header['filename'] or '/'.$file.'/'==$header['filename'] or '/'.$file==$header['filename']){ return $header; } } @@ -144,9 +150,16 @@ class OC_Archive_TAR extends OC_Archive{ $folderContent=array(); $pathLength=strlen($path); foreach($files as $file){ + if(substr($file,0,1)=='/'){ + $file=substr($file,1); + } if(substr($file,0,$pathLength)==$path and $file!=$path){ - if(strrpos(substr($file,0,-1),'/')<=$pathLength){ - $folderContent[]=substr($file,$pathLength); + $result=substr($file,$pathLength); + if($pos=strpos($result,'/')){ + $result=substr($result,0,$pos+1); + } + if(array_search($result,$folderContent)===false){ + $folderContent[]=$result; } } } @@ -157,11 +170,15 @@ class OC_Archive_TAR extends OC_Archive{ * @return array */ function getFiles(){ + if($this->fileList){ + return $this->fileList; + } $headers=$this->tar->listContent(); $files=array(); foreach($headers as $header){ $files[]=$header['filename']; } + $this->fileList=$files; return $files; } /** @@ -183,7 +200,11 @@ class OC_Archive_TAR extends OC_Archive{ if(!$this->fileExists($path)){ return false; } - $success=$this->tar->extractList(array($path),$tmp); + if($this->fileExists('/'.$path)){ + $success=$this->tar->extractList(array('/'.$path),$tmp); + }else{ + $success=$this->tar->extractList(array($path),$tmp); + } if($success){ rename($tmp.$path,$dest); } @@ -205,7 +226,26 @@ class OC_Archive_TAR extends OC_Archive{ * @return bool */ function fileExists($path){ - return $this->getHeader($path)!==null; + $files=$this->getFiles(); + if((array_search($path,$files)!==false) or (array_search($path.'/',$files)!==false)){ + return true; + }else{ + $folderPath=$path; + if(substr($folderPath,-1,1)!='/'){ + $folderPath.='/'; + } + $pathLength=strlen($folderPath); + foreach($files as $file){ + if(strlen($file)>$pathLength and substr($file,0,$pathLength)==$folderPath){ + return true; + } + } + } + if(substr($path,0,1)!='/'){//not all programs agree on the use of a leading / + return $this->fileExists('/'.$path); + }else{ + return false; + } } /** @@ -217,6 +257,7 @@ class OC_Archive_TAR extends OC_Archive{ if(!$this->fileExists($path)){ return false; } + $this->fileList=false; //no proper way to delete, extract entire archive, delete file and remake archive $tmp=OCP\Files::tmpFolder(); $this->tar->extract($tmp); diff --git a/lib/archive/zip.php b/lib/archive/zip.php index 22ab48937eb..22ab48937eb 100755..100644 --- a/lib/archive/zip.php +++ b/lib/archive/zip.php diff --git a/lib/base.php b/lib/base.php index 1b3554a42a9..bdfd05e8f1d 100644 --- a/lib/base.php +++ b/lib/base.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -71,6 +71,10 @@ class OC{ */ public static $REQUESTEDFILE = ''; /** + * check if owncloud runs in cli mode + */ + public static $CLI = false; + /** * SPL autoload */ public static function autoload($className){ @@ -202,8 +206,8 @@ class OC{ // redirect to https site if configured if( OC_Config::getValue( "forcessl", false )){ ini_set("session.cookie_secure", "on"); - if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') { - $url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; + if(OC_Helper::serverProtocol()<>'https') { + $url = "https://". OC_Helper::serverHost() . $_SERVER['REQUEST_URI']; header("Location: $url"); exit(); } @@ -215,6 +219,7 @@ class OC{ $installedVersion=OC_Config::getValue('version','0.0.0'); $currentVersion=implode('.',OC_Util::getVersion()); if (version_compare($currentVersion, $installedVersion, '>')) { + OC_Log::write('core','starting upgrade from '.$installedVersion.' to '.$currentVersion,OC_Log::DEBUG); $result=OC_DB::updateDbFromStructure(OC::$SERVERROOT.'/db_structure.xml'); if(!$result){ echo 'Error while upgrading the database'; @@ -248,7 +253,7 @@ class OC{ } // Add the stuff we need always - OC_Util::addScript( "jquery-1.6.4.min" ); + OC_Util::addScript( "jquery-1.7.2.min" ); OC_Util::addScript( "jquery-ui-1.8.16.custom.min" ); OC_Util::addScript( "jquery-showpassword" ); OC_Util::addScript( "jquery.infieldlabel.min" ); @@ -305,10 +310,16 @@ class OC{ if (defined('DEBUG') && DEBUG){ ini_set('display_errors', 1); } + self::$CLI=(php_sapi_name() == 'cli'); - date_default_timezone_set('Europe/Berlin'); + date_default_timezone_set('UTC'); ini_set('arg_separator.output','&'); + // try to switch magic quotes off. + if(function_exists('set_magic_quotes_runtime')) { + @set_magic_quotes_runtime(false); + } + //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways @@ -354,15 +365,17 @@ class OC{ self::checkInstalled(); self::checkSSL(); - // CSRF protection - if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer=''; - if(isset($_SERVER['HTTPS']) and $_SERVER['HTTPS']<>'') $protocol='https://'; else $protocol='http://'; - $server=$protocol.$_SERVER['SERVER_NAME']; - if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) { - $url = $protocol.$_SERVER['SERVER_NAME'].OC::$WEBROOT.'/index.php'; - header("Location: $url"); - exit(); - } + // CSRF protection + if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer=''; + $protocol=OC_Helper::serverProtocol().'://'; + if(!self::$CLI){ + $server=$protocol.OC_Helper::serverHost(); + if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) { + $url = $protocol.OC_Helper::serverProtocol().OC::$WEBROOT.'/index.php'; + header("Location: $url"); + exit(); + } + } self::initSession(); self::initTemplateEngine(); @@ -415,7 +428,7 @@ class OC{ register_shutdown_function(array('OC_Helper','cleanTmp')); //parse the given parameters - self::$REQUESTEDAPP = (isset($_GET['app'])?strip_tags($_GET['app']):'files'); + self::$REQUESTEDAPP = (isset($_GET['app'])?str_replace(array('\0', '/', '\\', '..'), '', strip_tags($_GET['app'])):OC_Config::getValue('defaultapp', 'files')); if(substr_count(self::$REQUESTEDAPP, '?') != 0){ $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); $param = substr(self::$REQUESTEDAPP, strpos(self::$REQUESTEDAPP, '?') + 1); diff --git a/lib/cache.php b/lib/cache.php new file mode 100644 index 00000000000..a4fb2448432 --- /dev/null +++ b/lib/cache.php @@ -0,0 +1,40 @@ +<?php +/** + * Copyright (c) 2012 Bart Visscher <bartv@thisnet.nl> + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +class OC_Cache { + static protected $cache; + + static protected function init() { + self::$cache = new OC_Cache_File(); + } + + static public function get($key) { + if (!self::$cache) { + self::init(); + } + return self::$cache->get($key); + } + + static public function set($key, $value, $ttl=0) { + if (empty($key)) { + return false; + } + if (!self::$cache) { + self::init(); + } + return self::$cache->set($key, $value, $ttl); + } + + static public function remove($key) { + if (!self::$cache) { + self::init(); + } + return self::$cache->remove($key); + } + +} diff --git a/lib/cache/file.php b/lib/cache/file.php new file mode 100644 index 00000000000..02aad5187ee --- /dev/null +++ b/lib/cache/file.php @@ -0,0 +1,50 @@ +<?php +/** + * Copyright (c) 2012 Bart Visscher <bartv@thisnet.nl> + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + + +class OC_Cache_File { + protected function getStorage() { + if(OC_User::isLoggedIn()){ + $subdir = 'cache'; + $view = new OC_FilesystemView('/'.OC_User::getUser()); + if(!$view->file_exists($subdir)) { + $view->mkdir($subdir); + } + return new OC_FilesystemView('/'.OC_User::getUser().'/'.$subdir); + }else{ + OC_Log::write('core','Can\'t get cache storage, user not logged in', OC_Log::ERROR); + return false; + } + } + + public function get($key) { + $storage = $this->getStorage(); + if ($storage->is_file($key)) { + $mtime = $storage->filemtime($key); + if ($mtime < time()) { + $storage->unlink($key); + return false; + } + return $storage->file_get_contents($key); + } + return false; + } + + public function set($key, $value, $ttl) { + $storage = $this->getStorage(); + if ($storage->file_put_contents($key, $value)) { + return $storage->touch($key, time() + $ttl); + } + return false; + } + + public function remove($key) { + $storage = $this->getStorage(); + return $storage->unlink($key); + } +} diff --git a/lib/config.php b/lib/config.php index ad1cd18fa15..e3a9c11f247 100644 --- a/lib/config.php +++ b/lib/config.php @@ -4,7 +4,7 @@ * * @author Frank Karlitschek * @author Jakob Sack - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/connector/sabre/directory.php b/lib/connector/sabre/directory.php index 935d3b0abe4..e74d832cb00 100644 --- a/lib/connector/sabre/directory.php +++ b/lib/connector/sabre/directory.php @@ -118,8 +118,10 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa */ public function delete() { - foreach($this->getChildren() as $child) $child->delete(); - OC_Filesystem::rmdir($this->path); + if ($this->path != "/Shared") { + foreach($this->getChildren() as $child) $child->delete(); + OC_Filesystem::rmdir($this->path); + } } diff --git a/lib/db.php b/lib/db.php index 2f74cc6dd95..bcc8657b4a4 100644 --- a/lib/db.php +++ b/lib/db.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -96,6 +96,11 @@ class OC_DB { $user = OC_Config::getValue( "dbuser", "" ); $pass = OC_Config::getValue( "dbpassword", "" ); $type = OC_Config::getValue( "dbtype", "sqlite" ); + if(strpos($host,':')){ + list($host,$port)=explode(':',$host,2); + }else{ + $port=false; + } $opts = array(); $datadir=OC_Config::getValue( "datadirectory", OC::$SERVERROOT.'/data' ); @@ -110,11 +115,19 @@ class OC_DB { $dsn='sqlite:'.$datadir.'/'.$name.'.db'; break; case 'mysql': - $dsn='mysql:dbname='.$name.';host='.$host; + if($port){ + $dsn='mysql:dbname='.$name.';host='.$host.';port='.$port; + }else{ + $dsn='mysql:dbname='.$name.';host='.$host; + } $opts[PDO::MYSQL_ATTR_INIT_COMMAND] = "SET NAMES 'UTF8'"; break; case 'pgsql': - $dsn='pgsql:dbname='.$name.';host='.$host; + if($port){ + $dsn='pgsql:dbname='.$name.';host='.$host.';port='.$port; + }else{ + $dsn='pgsql:dbname='.$name.';host='.$host; + } break; } try{ @@ -395,7 +408,8 @@ class OC_DB { if (PEAR::isError($op)) { $error = $op->getMessage(); - OC_Log::write('core','Failed to update database structure ('.$error.')',OC_Log::FATAL); + $detail = $op->getDebugInfo(); + OC_Log::write('core','Failed to update database structure ('.$error.', '.$detail.')',OC_Log::FATAL); return false; } return true; @@ -444,7 +458,7 @@ class OC_DB { // differences in escaping of table names ('`' for mysql) and getting the current timestamp if( $type == 'sqlite' || $type == 'sqlite3' ){ - $query = str_replace( '`', '\'', $query ); + $query = str_replace( '`', '"', $query ); $query = str_replace( 'NOW()', 'datetime(\'now\')', $query ); $query = str_replace( 'now()', 'datetime(\'now\')', $query ); }elseif( $type == 'mysql' ){ diff --git a/lib/filecache.php b/lib/filecache.php index 9fa3fbea97d..3fb8e4113cb 100644 --- a/lib/filecache.php +++ b/lib/filecache.php @@ -169,6 +169,15 @@ class OC_FileCache{ $newParent=self::getParentId($newPath); $query=OC_DB::prepare('UPDATE *PREFIX*fscache SET parent=? ,name=?, path=?, path_hash=? WHERE path_hash=?'); $query->execute(array($newParent,basename($newPath),$newPath,md5($newPath),md5($oldPath))); + + $query=OC_DB::prepare('SELECT path FROM *PREFIX*fscache WHERE path LIKE ?'); + $oldLength=strlen($oldPath); + $updateQuery=OC_DB::prepare('UPDATE *PREFIX*fscache SET path=?, path_hash=? WHERE path_hash=?'); + while($row= $query->execute(array($oldPath.'/%'))->fetchRow()){ + $old=$row['path']; + $new=$newPath.substr($old,$oldLength); + $updateQuery->execute(array($new,md5($new),md5($old))); + } } /** @@ -419,7 +428,7 @@ class OC_FileCache{ } return $result; }else{ - OC_Log::write('files','getChached(): file not found in cache ('.$path.')',OC_Log::DEBUG); + OC_Log::write('files','getCached(): file not found in cache ('.$path.')',OC_Log::DEBUG); if(isset(self::$savedData[$path])){ return self::$savedData[$path]; }else{ @@ -564,9 +573,13 @@ class OC_FileCache{ } if(!$view->is_readable($path)) return; //cant read, nothing we can do clearstatcache(); - $stat=$view->stat($path); $mimetype=$view->getMimeType($path); - $writable=$view->is_writable($path); + $stat=$view->stat($path); + if($mimetype=='httpd/unix-directory'){ + $writable=$view->is_writable($path.'/'); + }else{ + $writable=$view->is_writable($path); + } $stat['mimetype']=$mimetype; $stat['writable']=$writable; if($path=='/'){ @@ -633,13 +646,16 @@ class OC_FileCache{ } $mtime=$view->filemtime($path); $isDir=$view->is_dir($path); - $path=$root.$path; + $fullPath=$root.$path; $query=OC_DB::prepare('SELECT mtime FROM *PREFIX*fscache WHERE path_hash=?'); - $result=$query->execute(array(md5($path))); + $result=$query->execute(array(md5($fullPath))); if($row=$result->fetchRow()){ $cachedMTime=$row['mtime']; return ($mtime>$cachedMTime); }else{//file not in cache, so it has to be updated + if($path=='/' or $path==''){//dont auto update the root folder, it will be scanned + return false; + } return true; } } diff --git a/lib/fileproxy.php b/lib/fileproxy.php index 46fc2f49c50..70db9cca23c 100644 --- a/lib/fileproxy.php +++ b/lib/fileproxy.php @@ -115,4 +115,8 @@ class OC_FileProxy{ } return $result; } + + public static function clearProxies(){ + self::$proxies=array(); + } }
\ No newline at end of file diff --git a/lib/files.php b/lib/files.php index d837bf7aa2c..885f6977fbd 100644 --- a/lib/files.php +++ b/lib/files.php @@ -4,7 +4,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -52,8 +52,9 @@ class OC_Files { * * @param dir $dir * @param file $file ; seperated list of files to download + * @param boolean $only_header ; boolean to only send header of the request */ - public static function get($dir,$files){ + public static function get($dir,$files, $only_header = false){ if(strpos($files,';')){ $files=explode(';',$files); } @@ -102,6 +103,7 @@ class OC_Files { header('Content-Transfer-Encoding: binary'); OC_Response::disableCaching(); if($zip){ + ini_set('zlib.output_compression', 'off'); header('Content-Type: application/zip'); header('Content-Length: ' . filesize($filename)); }else{ @@ -117,6 +119,11 @@ class OC_Files { header("HTTP/1.0 403 Forbidden"); die('403 Forbidden'); } + if($only_header){ + if(!$zip) + header("Content-Length: ".OC_Filesystem::filesize($filename)); + return ; + } if($zip){ $handle=fopen($filename,'r'); if ($handle) { @@ -163,7 +170,7 @@ class OC_Files { * @param file $target */ public static function move($sourceDir,$source,$targetDir,$target){ - if(OC_User::isLoggedIn()){ + if(OC_User::isLoggedIn() && ($sourceDir != '' || $source != 'Shared')){ $targetFile=self::normalizePath($targetDir.'/'.$target); $sourceFile=self::normalizePath($sourceDir.'/'.$source); return OC_Filesystem::rename($sourceFile,$targetFile); @@ -217,7 +224,7 @@ class OC_Files { * @param file $name */ public static function delete($dir,$file){ - if(OC_User::isLoggedIn()){ + if(OC_User::isLoggedIn() && ($dir!= '' || $file != 'Shared')) { $file=$dir.'/'.$file; return OC_Filesystem::unlink($file); } diff --git a/lib/filestorage.php b/lib/filestorage.php index fd6497b9478..1d7e004af3b 100644 --- a/lib/filestorage.php +++ b/lib/filestorage.php @@ -4,7 +4,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -21,7 +21,7 @@ */ /** - * Privde a common interface to all different storage options + * Provde a common interface to all different storage options */ abstract class OC_Filestorage{ public function __construct($parameters){} diff --git a/lib/filestorage/local.php b/lib/filestorage/local.php index bd757f52ce7..ea9a9070263 100644 --- a/lib/filestorage/local.php +++ b/lib/filestorage/local.php @@ -3,7 +3,7 @@ * for local filestore, we only have to map the paths */ class OC_Filestorage_Local extends OC_Filestorage{ - private $datadir; + protected $datadir; private static $mimetypes=null; public function __construct($arguments){ $this->datadir=$arguments['datadir']; diff --git a/lib/filestorage/temporary.php b/lib/filestorage/temporary.php new file mode 100644 index 00000000000..8f2373c8e95 --- /dev/null +++ b/lib/filestorage/temporary.php @@ -0,0 +1,17 @@ +<?php +/** + * local storage backnd in temporary folder for testing purpores + */ +class OC_Filestorage_Temporary extends OC_Filestorage_Local{ + public function __construct($arguments){ + $this->datadir=OC_Helper::tmpFolder(); + } + + public function cleanUp(){ + OC_Helper::rmdirr($this->datadir); + } + + public function __destruct(){ + $this->cleanUp(); + } +} diff --git a/lib/filesystem.php b/lib/filesystem.php index 4239971d9ee..84d45f5f24b 100644 --- a/lib/filesystem.php +++ b/lib/filesystem.php @@ -4,7 +4,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/filesystemview.php b/lib/filesystemview.php index b62bb82c699..c8df59cf827 100644 --- a/lib/filesystemview.php +++ b/lib/filesystemview.php @@ -1,25 +1,42 @@ <?php /** -* ownCloud -* -* @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org -* -* This library is free software; you can redistribute it and/or -* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE -* License as published by the Free Software Foundation; either -* version 3 of the License, or any later version. -* -* This library is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU AFFERO GENERAL PUBLIC LICENSE for more details. -* -* You should have received a copy of the GNU Affero General Public -* License along with this library. If not, see <http://www.gnu.org/licenses/>. -* -*/ + * ownCloud + * + * @author Frank Karlitschek + * @copyright 2012 Frank Karlitschek frank@owncloud.org + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see <http://www.gnu.org/licenses/>. + */ + + +/** + * Class to provide access to ownCloud filesystem via a "view", and methods for + * working with files within that view (e.g. read, write, delete, etc.). Each + * view is restricted to a set of directories via a virtual root. The default view + * uses the currently logged in user's data directory as root (parts of + * OC_Filesystem are merely a wrapper for OC_FilesystemView). + * + * Apps that need to access files outside of the user data folders (to modify files + * belonging to a user other than the one currently logged in, for example) should + * use this class directly rather than using OC_Filesystem, or making use of PHP's + * built-in file manipulation functions. This will ensure all hooks and proxies + * are triggered correctly. + * + * Filesystem functions are not called directly; they are passed to the correct + * OC_Filestorage object + */ class OC_FilesystemView { private $fakeRoot=''; @@ -103,7 +120,9 @@ class OC_FilesystemView { } /** - * following functions are equivilent to their php buildin equivilents for arguments/return values. + * the following functions operate with arguments and return values identical + * to those of their PHP built-in equivalents. Mostly they are merely wrappers + * for OC_Filestorage via basicOperation(). */ public function mkdir($path){ return $this->basicOperation('mkdir',$path,array('create','write')); @@ -336,16 +355,20 @@ class OC_FilesystemView { } /** - * abstraction for running most basic operations + * @brief abstraction layer for basic filesystem functions: wrapper for OC_Filestorage * @param string $operation * @param string #path * @param array (optional) hooks * @param mixed (optional) $extraParam * @return mixed + * + * This method takes requests for basic filesystem functions (e.g. reading & writing + * files), processes hooks and proxies, sanitises paths, and finally passes them on to + * OC_Filestorage for delegation to a storage backend for execution */ private function basicOperation($operation,$path,$hooks=array(),$extraParam=null){ if(OC_FileProxy::runPreProxies($operation,$path, $extraParam) and OC_Filesystem::isValidPath($path)){ - $interalPath=$this->getInternalPath($path); + $internalPath=$this->getInternalPath($path); $run=true; if(OC_Filesystem::$loaded and $this->fakeRoot==OC_Filesystem::getRoot()){ foreach($hooks as $hook){ @@ -358,9 +381,9 @@ class OC_FilesystemView { } if($run and $storage=$this->getStorage($path)){ if(!is_null($extraParam)){ - $result=$storage->$operation($interalPath,$extraParam); + $result=$storage->$operation($internalPath,$extraParam); }else{ - $result=$storage->$operation($interalPath); + $result=$storage->$operation($internalPath); } $result=OC_FileProxy::runPostProxies($operation,$path,$result); if(OC_Filesystem::$loaded and $this->fakeRoot==OC_Filesystem::getRoot()){ diff --git a/lib/group.php b/lib/group.php index bc98e877ade..ceee5fa4edb 100644 --- a/lib/group.php +++ b/lib/group.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -174,7 +174,11 @@ class OC_Group { if(!$backend->implementsActions(OC_GROUP_BACKEND_ADD_TO_GROUP)) continue; - $succes|=$backend->addToGroup($uid, $gid); + if($backend->groupExists($gid)){ + $succes|=$backend->addToGroup($uid, $gid); + } + } + if($succes){ OC_Hook::emit( "OC_User", "post_addToGroup", array( "uid" => $uid, "gid" => $gid )); } return $succes; @@ -223,6 +227,7 @@ class OC_Group { foreach(self::$_usedBackends as $backend){ $groups=array_merge($backend->getUserGroups($uid),$groups); } + asort($groups); return $groups; } @@ -237,6 +242,7 @@ class OC_Group { foreach(self::$_usedBackends as $backend){ $groups=array_merge($backend->getGroups(),$groups); } + asort($groups); return $groups; } diff --git a/lib/group/backend.php b/lib/group/backend.php index 7984a6a8355..1b0b663f2ed 100644 --- a/lib/group/backend.php +++ b/lib/group/backend.php @@ -4,7 +4,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/group/database.php b/lib/group/database.php index d401acf43b3..af55de1f427 100644 --- a/lib/group/database.php +++ b/lib/group/database.php @@ -4,7 +4,7 @@ * ownCloud * * @author Frank Karlitschek - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/group/dummy.php b/lib/group/dummy.php index 5220237ecbf..0825b10708a 100644 --- a/lib/group/dummy.php +++ b/lib/group/dummy.php @@ -4,7 +4,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/group/example.php b/lib/group/example.php index 11a14b5e785..c18562db7a4 100644 --- a/lib/group/example.php +++ b/lib/group/example.php @@ -4,7 +4,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/helper.php b/lib/helper.php index 41ff119ff5f..aedac204058 100644 --- a/lib/helper.php +++ b/lib/helper.php @@ -4,7 +4,7 @@ * * @author Frank Karlitschek * @author Jakob Sack - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -89,6 +89,27 @@ class OC_Helper { return $host; } + + /** + * @brief Returns the server protocol + * @returns the server protocol + * + * Returns the server protocol. It respects reverse proxy servers and load balancers + */ + public static function serverProtocol() { + if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) { + $proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']); + }else{ + if(isset($_SERVER['HTTPS']) and !empty($_SERVER['HTTPS']) and ($_SERVER['HTTPS']!='off')) { + $proto = 'https'; + }else{ + $proto = 'http'; + } + } + return($proto); + } + + /** * @brief Creates an absolute url * @param $app app @@ -99,9 +120,7 @@ class OC_Helper { */ public static function linkToAbsolute( $app, $file ) { $urlLinkTo = self::linkTo( $app, $file ); - // Checking if the request was made through HTTPS. The last in line is for IIS - $protocol = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS']!='off'); - $urlLinkTo = ($protocol?'https':'http') . '://' . self::serverHost() . $urlLinkTo; + $urlLinkTo = OC_Helper::serverProtocol(). '://' . self::serverHost() . $urlLinkTo; return $urlLinkTo; } @@ -514,7 +533,7 @@ class OC_Helper { * remove all files created by self::tmpFile */ public static function cleanTmp(){ - $leftoversFile='/tmp/oc-not-deleted'; + $leftoversFile=get_temp_dir().'/oc-not-deleted'; if(file_exists($leftoversFile)){ $leftovers=file($leftoversFile); foreach($leftovers as $file) { diff --git a/lib/hook.php b/lib/hook.php index 83a16106bf0..b53755310e0 100644 --- a/lib/hook.php +++ b/lib/hook.php @@ -65,5 +65,22 @@ class OC_Hook{ // return true return true; } + + /** + * clear hooks + * @param string signalclass + * @param string signalname + */ + static public function clear($signalclass='', $signalname=''){ + if($signalclass){ + if($signalname){ + self::$registered[$signalclass][$signalname]=array(); + }else{ + self::$registered[$signalclass]=array(); + } + }else{ + self::$registered=array(); + } + } } diff --git a/lib/installer.php b/lib/installer.php index b75c009c8f0..5c030d2917d 100644 --- a/lib/installer.php +++ b/lib/installer.php @@ -3,7 +3,7 @@ * ownCloud * * @author Robin Appelman - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -130,10 +130,19 @@ class OC_Installer{ // check the code for not allowed calls if(!OC_Installer::checkCode($info['id'],$extractDir)){ + OC_Log::write('core','App can\'t be installed because of not allowed code in the App',OC_Log::ERROR); OC_Helper::rmdirr($extractDir); return false; } - + + // check if the app is compatible with this version of ownCloud + $version=OC_Util::getVersion(); + if(!isset($info['require']) or ($version[0]>$info['require'])){ + OC_Log::write('core','App can\'t be installed because it is not compatible with this version of ownCloud',OC_Log::ERROR); + OC_Helper::rmdirr($extractDir); + return false; + } + //check if an app with the same id is already installed if(self::isInstalled( $info['id'] )){ OC_Log::write('core','App already installed',OC_Log::WARN); @@ -185,6 +194,17 @@ class OC_Installer{ //set the installed version OC_Appconfig::setValue($info['id'],'installed_version',OC_App::getAppVersion($info['id'])); OC_Appconfig::setValue($info['id'],'enabled','no'); + + //set remote/public handelers + foreach($info['remote'] as $name=>$path){ + OCP\CONFIG::setAppValue('core', 'remote_'.$name, '/apps/'.$info['id'].'/'.$path); + } + foreach($info['public'] as $name=>$path){ + OCP\CONFIG::setAppValue('core', 'public_'.$name, '/apps/'.$info['id'].'/'.$path); + } + + OC_App::setAppTypes($info['id']); + return $info['id']; } @@ -302,6 +322,17 @@ class OC_Installer{ } $info=OC_App::getAppInfo($app); OC_Appconfig::setValue($app,'installed_version',OC_App::getAppVersion($app)); + + //set remote/public handelers + foreach($info['remote'] as $name=>$path){ + OCP\CONFIG::setAppValue('core', 'remote_'.$name, '/apps/'.$app.'/'.$path); + } + foreach($info['public'] as $name=>$path){ + OCP\CONFIG::setAppValue('core', 'public_'.$name, '/apps/'.$app.'/'.$path); + } + + OC_App::setAppTypes($info['id']); + return $info; } @@ -314,7 +345,7 @@ class OC_Installer{ public static function checkCode($appname,$folder){ $blacklist=array( - 'fopen(', + 'exec(', 'eval(' // more evil pattern will go here later // will will also check if an app is using private api once the public api is in place diff --git a/lib/json.php b/lib/json.php index 0d208ce12a2..f3bbe9ac899 100644 --- a/lib/json.php +++ b/lib/json.php @@ -73,9 +73,11 @@ class OC_JSON{ * Encode and print $data in json format */ public static function encodedPrint($data,$setContentType=true){ - if($setContentType){ - self::setContentTypeHeader(); + if(!isset($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '') { + if($setContentType){ + self::setContentTypeHeader(); + } + echo json_encode($data); } - echo json_encode($data); } } diff --git a/lib/l10n.php b/lib/l10n.php index c0ecdbd1b70..682e15f0e9b 100644 --- a/lib/l10n.php +++ b/lib/l10n.php @@ -3,7 +3,7 @@ * ownCloud * * @author Jakob Sack - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/log/owncloud.php b/lib/log/owncloud.php index 0b7a231d304..5913d8b5b83 100644 --- a/lib/log/owncloud.php +++ b/lib/log/owncloud.php @@ -62,23 +62,26 @@ class OC_Log_Owncloud { public static function getEntries($limit=50, $offset=0){ self::init(); $minLevel=OC_Config::getValue( "loglevel", OC_Log::WARN ); - $entries=array(); - if(!file_exists(self::$logFile)) { - return array(); - } - $contents=file(self::$logFile); - if(!$contents) {//error while reading log - return array(); - } - $end=max(count($contents)-$offset-1, 0); - $start=max($end-$limit,0); - $i=$end; - while($i>$start){ - $entry=json_decode($contents[$i]); - if($entry->level>=$minLevel){ - $entries[]=$entry; + $entries = array(); + $handle = fopen(self::$logFile, 'r'); + if ($handle) { + // Just a guess to set the file pointer to the right spot + $maxLineLength = 150; + fseek($handle, -($limit * $maxLineLength + $offset * $maxLineLength), SEEK_END); + // Skip first line, because it is most likely a partial line + fgets($handle); + while (!feof($handle)) { + $line = fgets($handle); + if (!empty($line)) { + $entry = json_decode($line); + if ($entry->level >= $minLevel) { + $entries[] = $entry; + } + } } - $i--; + fclose($handle); + // Extract the needed entries and reverse the order + $entries = array_reverse(array_slice($entries, -($limit + $offset), $limit)); } return $entries; } diff --git a/lib/mail.php b/lib/mail.php index 0045f8de6da..b46f73bd94b 100644 --- a/lib/mail.php +++ b/lib/mail.php @@ -31,7 +31,7 @@ class OC_Mail { $SMTPMODE = OC_Config::getValue( 'mail_smtpmode', 'sendmail' ); $SMTPHOST = OC_Config::getValue( 'mail_smtphost', '127.0.0.1' ); - $SMTPAUTH = OC_Config::getValue( 'mail_smtpauth', 'false' ); + $SMTPAUTH = OC_Config::getValue( 'mail_smtpauth', false ); $SMTPUSERNAME = OC_Config::getValue( 'mail_smtpname', '' ); $SMTPPASSWORD = OC_Config::getValue( 'mail_smtppassword', '' ); diff --git a/lib/migrate.php b/lib/migrate.php index 99926171b77..f9cab915d04 100644 --- a/lib/migrate.php +++ b/lib/migrate.php @@ -146,7 +146,7 @@ class OC_Migrate{ case 'instance': self::$content = new OC_Migration_Content( self::$zip ); // Creates a zip that is compatable with the import function - $dbfile = tempnam( "/tmp", "owncloud_export_data_" ); + $dbfile = tempnam( get_temp_dir(), "owncloud_export_data_" ); OC_DB::getDbStructure( $dbfile, 'MDB2_SCHEMA_DUMP_ALL'); // Now add in *dbname* and *dbprefix* @@ -406,36 +406,38 @@ class OC_Migrate{ // Foreach provider foreach( self::$providers as $provider ){ - $success = true; - // Does this app use the database? - if( file_exists( OC::$SERVERROOT.'/apps/'.$provider->getID().'/appinfo/database.xml' ) ){ - // Create some app tables - $tables = self::createAppTables( $provider->getID() ); - if( is_array( $tables ) ){ - // Save the table names - foreach($tables as $table){ - $return['apps'][$provider->getID()]['tables'][] = $table; + // Check if the app is enabled + if( OC_App::isEnabled( $provider->getID() ) ){ + $success = true; + // Does this app use the database? + if( file_exists( OC::$SERVERROOT.'/apps/'.$provider->getID().'/appinfo/database.xml' ) ){ + // Create some app tables + $tables = self::createAppTables( $provider->getID() ); + if( is_array( $tables ) ){ + // Save the table names + foreach($tables as $table){ + $return['apps'][$provider->getID()]['tables'][] = $table; + } + } else { + // It failed to create the tables + $success = false; } + } + + // Run the export function? + if( $success ){ + // Set the provider properties + $provider->setData( self::$uid, self::$content ); + $return['apps'][$provider->getID()]['success'] = $provider->export(); } else { - // It failed to create the tables - $success = false; + $return['apps'][$provider->getID()]['success'] = false; + $return['apps'][$provider->getID()]['message'] = 'failed to create the app tables'; } + + // Now add some app info the the return array + $appinfo = OC_App::getAppInfo( $provider->getID() ); + $return['apps'][$provider->getID()]['version'] = OC_App::getAppVersion($provider->getID()); } - - // Run the export function? - if( $success ){ - // Set the provider properties - $provider->setData( self::$uid, self::$content ); - $return['apps'][$provider->getID()]['success'] = $provider->export(); - } else { - $return['apps'][$provider->getID()]['success'] = false; - $return['apps'][$provider->getID()]['message'] = 'failed to create the app tables'; - } - - // Now add some app info the the return array - $appinfo = OC_App::getAppInfo( $provider->getID() ); - $return['apps'][$provider->getID()]['version'] = OC_App::getAppVersion($provider->getID()); - } return $return; diff --git a/lib/minimizer.php b/lib/minimizer.php index 2d2708c59e9..9f9ef086c4a 100644 --- a/lib/minimizer.php +++ b/lib/minimizer.php @@ -33,6 +33,7 @@ abstract class OC_Minimizer OC_Response::setLastModifiedHeader($last_modified); $out = $this->minimizeFiles($files); + OC_Response::setETagHeader(md5($out)); header('Content-Length: '.strlen($out)); echo $out; } diff --git a/lib/ocs.php b/lib/ocs.php index 536ee754e84..1be41202d78 100644 --- a/lib/ocs.php +++ b/lib/ocs.php @@ -4,7 +4,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -357,11 +357,11 @@ class OC_OCS { */ private static function apiConfig($format) { $user=OC_OCS::checkpassword(false); - $url=substr($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'],0,-11).''; + $url=substr(OCP\Util::getServerHost().$_SERVER['SCRIPT_NAME'],0,-11).''; $xml['version']='1.5'; $xml['website']='ownCloud'; - $xml['host']=$_SERVER['HTTP_HOST']; + $xml['host']=OCP\Util::getServerHost(); $xml['contact']=''; $xml['ssl']='false'; echo(OC_OCS::generatexml($format,'ok',100,'',$xml,'config','',1)); diff --git a/lib/ocsclient.php b/lib/ocsclient.php index aef51f38fb7..33308553be0 100644 --- a/lib/ocsclient.php +++ b/lib/ocsclient.php @@ -4,7 +4,7 @@ * * @author Frank Karlitschek * @author Jakob Sack - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/preferences.php b/lib/preferences.php index 75201f455ba..89fc73aa232 100644 --- a/lib/preferences.php +++ b/lib/preferences.php @@ -4,7 +4,7 @@ * * @author Frank Karlitschek * @author Jakob Sack - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/public/app.php b/lib/public/app.php index 618ea03ad0f..9e2108818bf 100644 --- a/lib/public/app.php +++ b/lib/public/app.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -30,10 +30,14 @@ // This means that they should be used by apps instead of the internal ownCloud classes namespace OCP; +/** + * This class provides functions to manage apps in ownCloud + */ class App { /** - * @brief makes owncloud aware of this app + * @brief Makes owncloud aware of this app + * @brief This call is deprecated and not necessary to use. * @param $data array with all information * @returns true/false * @@ -49,7 +53,6 @@ class App { * */ public static function register( $data ){ - return \OC_App::register( $data ); } @@ -153,15 +156,6 @@ class App { } - /** - * @param string appid - * @param $app app - * @return OC_FilesystemView - */ - public static function getStorage( $app ){ - return \OC_App::getStorage( $app ); - } - } diff --git a/lib/public/config.php b/lib/public/config.php index 43d97d993b7..9f5abe672cb 100644 --- a/lib/public/config.php +++ b/lib/public/config.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -26,10 +26,17 @@ * */ -// use OCP namespace for all classes that are considered public. -// This means that they should be used by apps instead of the internal ownCloud classes +/** + * @brief use OCP namespace for all classes that are considered public. + * + * Classes that use this namespace are for use by apps, and not for use by internal + * OC classes + */ namespace OCP; +/** + * This class provides functions to read and write configuration data. configuration can be on a system, application or user level + */ class Config { diff --git a/lib/public/db.php b/lib/public/db.php index 7ba98e2851e..f7564c0bb6a 100644 --- a/lib/public/db.php +++ b/lib/public/db.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -30,6 +30,9 @@ // This means that they should be used by apps instead of the internal ownCloud classes namespace OCP; +/** + * This class provides access to the internal database system. Use this class exlusively if you want to access databases + */ class DB { diff --git a/lib/public/files.php b/lib/public/files.php index e11ab81e16f..fc3004434ba 100644 --- a/lib/public/files.php +++ b/lib/public/files.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -30,6 +30,9 @@ // This means that they should be used by apps instead of the internal ownCloud classes namespace OCP; +/** + * This class provides access to the internal filesystem abstraction layer. Use this class exlusively if you want to access files + */ class Files { @@ -99,6 +102,15 @@ class Files { return(\OC_Helper::buildNotExistingFileName( $path, $filename )); } + /** + * @param string appid + * @param $app app + * @return OC_FilesystemView + */ + public static function getStorage( $app ){ + return \OC_App::getStorage( $app ); + } + diff --git a/lib/public/json.php b/lib/public/json.php index 7fc6a0b01d4..a8554671d10 100644 --- a/lib/public/json.php +++ b/lib/public/json.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -30,6 +30,9 @@ // This means that they should be used by apps instead of the internal ownCloud classes namespace OCP; +/** + * This class provides convinient functions to generate and send JSON data. Usefull for Ajax calls + */ class JSON { diff --git a/lib/public/response.php b/lib/public/response.php index 5049b0c54cf..cc2137c5cae 100644 --- a/lib/public/response.php +++ b/lib/public/response.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -30,6 +30,9 @@ // This means that they should be used by apps instead of the internal ownCloud classes namespace OCP; +/** + * This class provides convinient functions to send the correct http response headers + */ class Response { diff --git a/lib/public/template.php b/lib/public/template.php index 3d1ab2c7c2e..b89088bdd06 100644 --- a/lib/public/template.php +++ b/lib/public/template.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -99,7 +99,7 @@ function html_select_options($options, $selected, $params=array()) { /** - * This class provides the templates for owncloud. + * This class provides the template system for owncloud. You can use it to load specific templates, add data and generate the html code */ class Template extends \OC_Template { diff --git a/lib/public/user.php b/lib/public/user.php index 53ff8d25fc5..a0c069f7379 100644 --- a/lib/public/user.php +++ b/lib/public/user.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -30,6 +30,9 @@ // This means that they should be used by apps instead of the internal ownCloud classes namespace OCP; +/** + * This class provides access to the user management. You can get information about the currently logged in user and the permissions for example + */ class User { diff --git a/lib/public/util.php b/lib/public/util.php index 749531feafd..9b499574da1 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -30,6 +30,9 @@ // This means that they should be used by apps instead of the internal ownCloud classes namespace OCP; +/** + * This class provides different helper functions to make the life of a developer easier + */ class Util { @@ -166,6 +169,16 @@ class Util { } /** + * @brief Returns the server protocol + * @returns the server protocol + * + * Returns the server protocol. It respects reverse proxy servers and load balancers + */ + public static function getServerProtocol() { + return(\OC_Helper::serverProtocol()); + } + + /** * @brief Creates path to an image * @param $app app * @param $image image name diff --git a/lib/search.php b/lib/search.php index 12055418687..f8a4b8e96eb 100644 --- a/lib/search.php +++ b/lib/search.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/setup.php b/lib/setup.php index 59e4bf0dee2..a096fdbb4cf 100644 --- a/lib/setup.php +++ b/lib/setup.php @@ -94,6 +94,7 @@ class OC_Setup { 'error' => 'MySQL username and/or password not valid', 'hint' => 'You need to enter either an existing account or the administrator.' ); + return($error); } else { $oldUser=OC_Config::getValue('dbuser', false); @@ -307,7 +308,7 @@ class OC_Setup { */ private static function createHtaccess() { $content = "ErrorDocument 403 ".OC::$WEBROOT."/core/templates/403.php\n";//custom 403 error page - $content = "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php\n";//custom 404 error page + $content.= "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php\n";//custom 404 error page $content.= "<IfModule mod_php5.c>\n"; $content.= "php_value upload_max_filesize 512M\n";//upload limit $content.= "php_value post_max_size 512M\n"; @@ -318,9 +319,12 @@ class OC_Setup { $content.= "</IfModule>\n"; $content.= "<IfModule mod_rewrite.c>\n"; $content.= "RewriteEngine on\n"; - $content.= "RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]\n"; - $content.= "RewriteRule ^.well-known/carddav /apps/contacts/carddav.php [R]\n"; - $content.= "RewriteRule ^.well-known/caldav /apps/calendar/caldav.php [R]\n"; + $content.= "RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]\n"; + $content.= "RewriteRule ^.well-known/host-meta /public.php?service=host-meta [QSA,L]\n"; + $content.= "RewriteRule ^.well-known/carddav /remote.php/carddav/ [R]\n"; + $content.= "RewriteRule ^.well-known/caldav /remote.php/caldav/ [R]\n"; + $content.= "RewriteRule ^apps/([^/]*)/(.*\.(css|php))$ index.php?app=$1&getfile=$2 [QSA,L]\n"; + $content.= "RewriteRule ^remote/(.*) remote.php [QSA,L]\n"; $content.= "</IfModule>\n"; $content.= "Options -Indexes\n"; @file_put_contents(OC::$SERVERROOT.'/.htaccess', $content); //supress errors in case we don't have permissions for it diff --git a/lib/template.php b/lib/template.php index b5805f0096c..14833a1e5b5 100644 --- a/lib/template.php +++ b/lib/template.php @@ -4,7 +4,7 @@ * * @author Frank Karlitschek * @author Jakob Sack - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -156,7 +156,10 @@ class OC_Template{ $this->application = $app; $this->vars = array(); $this->l10n = OC_L10N::get($app); - + header('X-Frame-Options: Sameorigin'); + header('X-XSS-Protection: 1; mode=block'); + header('X-Content-Type-Options: nosniff'); + $this->findTemplate($name); } diff --git a/lib/updater.php b/lib/updater.php index deb0f05945e..bc5ee00b6a3 100644 --- a/lib/updater.php +++ b/lib/updater.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE diff --git a/lib/user.php b/lib/user.php index ad5198d0374..f1903093d6d 100644 --- a/lib/user.php +++ b/lib/user.php @@ -3,7 +3,7 @@ * ownCloud * * @author Frank Karlitschek - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -21,7 +21,9 @@ */ /** - * This class provides all methods for user management. + * This class provides wrapper methods for user management. Multiple backends are + * supported. User management operations are delegated to the configured backend for + * execution. * * Hooks provided: * pre_createUser(&run, uid, password) @@ -123,6 +125,11 @@ class OC_User { if(trim($uid) == ''){ throw new Exception('A valid username must be provided'); } + // No empty password + if(trim($password) == ''){ + throw new Exception('A valid password must be provided'); + } + // Check if user already exists if( self::userExists($uid) ){ throw new Exception('The username is already being used'); @@ -233,12 +240,13 @@ class OC_User { * Checks if the user is logged in */ public static function isLoggedIn(){ - if( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ){ - return true; - } - else{ - return false; + if( isset($_SESSION['user_id']) AND $_SESSION['user_id']) { + OC_App::loadApps(array('authentication')); + if (self::userExists($_SESSION['user_id']) ){ + return true; + } } + return false; } /** @@ -297,9 +305,10 @@ class OC_User { * @brief Check if the password is correct * @param $uid The username * @param $password The password - * @returns true/false + * @returns string * * Check if the password is correct without logging in the user + * returns the user id or false */ public static function checkPassword( $uid, $password ){ foreach(self::$_usedBackends as $backend){ @@ -326,6 +335,7 @@ class OC_User { $users=array_merge($users,$backendUsers); } } + asort($users); return $users; } diff --git a/lib/user/backend.php b/lib/user/backend.php index 8c954338fb1..be068a63ce0 100644 --- a/lib/user/backend.php +++ b/lib/user/backend.php @@ -5,7 +5,7 @@ * * @author Frank Karlitschek * @author Dominik Schmidt - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * @copyright 2011 Dominik Schmidt dev@dominik-schmidt.de * * This library is free software; you can redistribute it and/or @@ -37,8 +37,10 @@ define('OC_USER_BACKEND_CHECK_PASSWORD', 0x000100); /** - * abstract base class for user management - * subclass this for your own backends and see OC_User_Example for descriptions + * Abstract base class for user management. Provides methods for querying backend + * capabilities. + * + * Subclass this for your own backends, and see OC_User_Example for descriptions */ abstract class OC_User_Backend { diff --git a/lib/user/database.php b/lib/user/database.php index 4738a8948cb..769ba6a7920 100644 --- a/lib/user/database.php +++ b/lib/user/database.php @@ -4,7 +4,7 @@ * ownCloud * * @author Frank Karlitschek - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -117,9 +117,10 @@ class OC_User_Database extends OC_User_Backend { * @brief Check if the password is correct * @param $uid The username * @param $password The password - * @returns true/false + * @returns string * * Check if the password is correct without logging in the user + * returns the user id or false */ public function checkPassword( $uid, $password ){ $query = OC_DB::prepare( "SELECT uid, password FROM *PREFIX*users WHERE uid = ?" ); diff --git a/lib/user/dummy.php b/lib/user/dummy.php index cfc96c5c52d..a946d4e6214 100644 --- a/lib/user/dummy.php +++ b/lib/user/dummy.php @@ -4,7 +4,7 @@ * ownCloud * * @author Frank Karlitschek -* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -81,9 +81,10 @@ class OC_User_Dummy extends OC_User_Backend { * @brief Check if the password is correct * @param $uid The username * @param $password The password - * @returns true/false + * @returns string * * Check if the password is correct without logging in the user + * returns the user id or false */ public function checkPassword($uid, $password){ if(isset($this->users[$uid])){ diff --git a/lib/user/example.php b/lib/user/example.php index 270b72e389b..7f3fd1b8578 100644 --- a/lib/user/example.php +++ b/lib/user/example.php @@ -4,7 +4,7 @@ * ownCloud * * @author Frank Karlitschek - * @copyright 2010 Frank Karlitschek karlitschek@kde.org + * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -55,9 +55,10 @@ abstract class OC_User_Example extends OC_User_Backend { * @brief Check if the password is correct * @param $uid The username * @param $password The password - * @returns true/false + * @returns string * * Check if the password is correct without logging in the user + * returns the user id or false */ public function checkPassword($uid, $password){ return OC_USER_BACKEND_NOT_IMPLEMENTED; diff --git a/lib/user/http.php b/lib/user/http.php new file mode 100644 index 00000000000..009aa30c6f5 --- /dev/null +++ b/lib/user/http.php @@ -0,0 +1,93 @@ +<?php + +/** +* ownCloud +* +* @author Frank Karlitschek +* @copyright 2012 Robin Appelman icewind@owncloud.com +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Affero General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +/** + * user backend using http auth requests + */ +class OC_User_HTTP extends OC_User_Backend { + /** + * split http://user@host/path into a user and url part + * @param string path + * @return array + */ + private function parseUrl($url){ + $parts=parse_url($url); + $url=$parts['scheme'].'://'.$parts['host']; + if(isset($parts['port'])){ + $url.=':'.$parts['port']; + } + $url.=$parts['path']; + if(isset($parts['query'])){ + $url.='?'.$parts['query']; + } + return array($parts['user'],$url); + + } + + /** + * check if an url is a valid login + * @param string url + * @return boolean + */ + private function matchUrl($url){ + return ! is_null(parse_url($url,PHP_URL_USER)); + } + + /** + * @brief Check if the password is correct + * @param $uid The username + * @param $password The password + * @returns string + * + * Check if the password is correct without logging in the user + * returns the user id or false + */ + public function checkPassword($uid, $password){ + if(!$this->matchUrl($uid)){ + return false; + } + list($user,$url)=$this->parseUrl($uid); + + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $url); + curl_setopt($ch, CURLOPT_USERPWD, $user.':'.$password); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + + curl_exec($ch); + + $status = curl_getinfo($ch, CURLINFO_HTTP_CODE); + + curl_close($ch); + + return $status==200; + } + + /** + * @brief check if a user exists + * @param string $uid the username + * @return boolean + */ + public function userExists($uid){ + return $this->matchUrl($uid); + } +}
\ No newline at end of file diff --git a/lib/util.php b/lib/util.php index 95b5f8df3db..9a1fb7ac370 100644 --- a/lib/util.php +++ b/lib/util.php @@ -30,6 +30,14 @@ class OC_Util { exit; } + // Check if apps folder is writable. + if(!is_writable(OC::$SERVERROOT."/apps/")) { + $tmpl = new OC_Template( '', 'error', 'guest' ); + $tmpl->assign('errors',array(1=>array('error'=>"Can't write into apps directory 'apps'",'hint'=>"You can usually fix this by giving the webserver user write access to the config directory in owncloud"))); + $tmpl->printPage(); + exit; + } + // Create root dir. if(!is_dir($CONFIG_DATADIRECTORY_ROOT)){ $success=@mkdir($CONFIG_DATADIRECTORY_ROOT); @@ -75,7 +83,7 @@ class OC_Util { * @return array */ public static function getVersion(){ - return array(3,90,0); + return array(4,80,0); } /** @@ -83,7 +91,7 @@ class OC_Util { * @return string */ public static function getVersionString(){ - return '4 beta'; + return '5 pre alpha'; } /** @@ -257,6 +265,9 @@ class OC_Util { if(floatval(phpversion())<5.3){ $errors[]=array('error'=>'PHP 5.3 is required.<br/>','hint'=>'Please ask your server administrator to update PHP to version 5.3 or higher. PHP 5.2 is no longer supported by ownCloud and the PHP community.'); } + if(!defined('PDO::ATTR_DRIVER_NAME')){ + $errors[]=array('error'=>'PHP PDO module is not installed.<br/>','hint'=>'Please ask your server administrator to install the module.'); + } return $errors; } @@ -312,8 +323,8 @@ class OC_Util { * Redirect to the user default page */ public static function redirectToDefaultPage(){ - if(isset($_REQUEST['redirect_url'])) { - header( 'Location: '.htmlentities($_REQUEST['redirect_url'])); + if(isset($_REQUEST['redirect_url']) && substr($_REQUEST['redirect_url'], 0, strlen(OC::$WEBROOT)) == OC::$WEBROOT) { + header( 'Location: '.$_REQUEST['redirect_url']); } else { header( 'Location: '.OC::$WEBROOT.'/'.OC_Appconfig::getValue('core', 'defaultpage', '?app=files')); } diff --git a/lib/vcategories.php b/lib/vcategories.php index b3b6a493c8d..ddcec1b6a4e 100644 --- a/lib/vcategories.php +++ b/lib/vcategories.php @@ -136,7 +136,7 @@ class OC_VCategories { if(!is_null($vobject)) { $this->loadFromVObject($vobject, $sync); } else { - OC_Log::write('core','OC_VCategories::rescan, unable to parse. ID: '.$value[0].', '.substr($value[1], 0, 50).'(...)', OC_Log::DEBUG); + OC_Log::write('core','OC_VCategories::rescan, unable to parse. ID: '.', '.substr($object, 0, 100).'(...)', OC_Log::DEBUG); } } $this->save(); @@ -146,10 +146,14 @@ class OC_VCategories { * @brief Save the list with categories */ private function save() { - usort($this->categories, 'strnatcasecmp'); // usort to also renumber the keys - $escaped_categories = serialize($this->categories); - OC_Log::write('core','OC_VCategories::save: '.print_r($this->categories, true), OC_Log::DEBUG); - OC_Preferences::setValue($this->user, $this->app, self::PREF_CATEGORIES_LABEL, $escaped_categories); + if(is_array($this->categories)) { + usort($this->categories, 'strnatcasecmp'); // usort to also renumber the keys + $escaped_categories = serialize($this->categories); + OC_Preferences::setValue($this->user, $this->app, self::PREF_CATEGORIES_LABEL, $escaped_categories); + OC_Log::write('core','OC_VCategories::save: '.print_r($this->categories, true), OC_Log::DEBUG); + } else { + OC_Log::write('core','OC_VCategories::save: $this->categories is not an array! '.print_r($this->categories, true), OC_Log::ERROR); + } } /** |