From 6b5bd8134131c4573f81cfe43fc9bbbe8fb35c05 Mon Sep 17 00:00:00 2001 From: Robin Date: Thu, 22 Apr 2010 19:03:54 +0200 Subject: (very) early multiuser support --- inc/lib_base.php | 86 +++++++++++++++++++++++++++----------------------------- 1 file changed, 41 insertions(+), 45 deletions(-) (limited to 'inc/lib_base.php') diff --git a/inc/lib_base.php b/inc/lib_base.php index e4309261709..4f58f946c92 100755 --- a/inc/lib_base.php +++ b/inc/lib_base.php @@ -43,8 +43,7 @@ if($WEBROOT{0}!=='/'){ set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config'); // define default config values -$CONFIG_ADMINLOGIN=''; -$CONFIG_ADMINPASSWORD=''; +$CONFIG_INSTALLED=false; $CONFIG_DATADIRECTORY=$SERVERROOT.'/data'; $CONFIG_HTTPFORCESSL=false; $CONFIG_DATEFORMAT='j M Y G:i'; @@ -67,9 +66,18 @@ if(isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL){ require_once('lib_files.php'); require_once('lib_log.php'); require_once('lib_config.php'); +require_once('lib_user.php'); + +if(OC_USER::isLoggedIn()){ + //jail the user in a seperate data folder + $CONFIG_DATADIRECTORY=$SERVERROOT.'/data/'.$_SESSION['username_clean']; + if(!is_dir($CONFIG_DATADIRECTORY)){ + mkdir($CONFIG_DATADIRECTORY); + } +} // load plugins -$CONFIG_LOADPLUGINS='music'; +$CONFIG_LOADPLUGINS=''; $plugins=explode(' ',$CONFIG_LOADPLUGINS); if(isset($plugins[0]['url'])) foreach($plugins as $plugin) require_once('plugins/'.$plugin.'/lib_'.$plugin.'.php'); @@ -81,46 +89,6 @@ OC_UTIL::checkserver(); OC_USER::logoutlisener(); $loginresult=OC_USER::loginlisener(); - -/** - * Class for usermanagement - * - */ -class OC_USER { - - /** - * check if the login button is pressed and logg the user in - * - */ - public static function loginlisener(){ - global $CONFIG_ADMINLOGIN; - global $CONFIG_ADMINPASSWORD; - if(isset($_POST['loginbutton']) and isset($_POST['password']) and isset($_POST['login'])){ - if($_POST['login']==$CONFIG_ADMINLOGIN and $_POST['password']==$CONFIG_ADMINPASSWORD){ - $_SESSION['username']=$_POST['login']; - OC_LOG::event($_SESSION['username'],1,''); - return(''); - }else{ - return('error'); - } - } - return(''); - } - - /** - * check if the logout button is pressed and logout the user - * - */ - public static function logoutlisener(){ - if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){ - OC_LOG::event($_SESSION['username'],2,''); - unset($_SESSION['username']); - } - } - -} - - /** * Class for utility functions * @@ -204,8 +172,10 @@ class OC_UTIL { if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo(''.$NAVI['name'].''); else echo(''.$NAVI['name'].''); } - if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('Log'); else echo('Log'); - if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('Settings'); else echo('Settings'); + if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('Log'); else echo('Log'); + if(OC_USER::ingroup($_SESSION['username'],'admin')){ + if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('Settings'); else echo('Settings'); + } echo('Logout'); echo(''); } @@ -284,6 +254,32 @@ class OC_DB { return $result; } + /** + * executes a query on the database and returns the result in an array + * + * @param string $cmd + * @return result-set + */ + static function select($cmd) { + global $CONFIG_DBTYPE; + $result=OC_DB::query($cmd); + if($result){ + $data=array(); + if($CONFIG_DBTYPE=='sqlite'){ + while($row=$result->fetch(SQLITE_ASSOC)){ + $data[]=$row; + } + }elseif($CONFIG_DBTYPE=='mysql'){ + while($row=$result->fetch_array(MYSQLI_ASSOC)){ + $data[]=$row; + } + } + return $data; + }else{ + return false; + } + } + /** * executes multiply queries on the database * -- cgit v1.2.3 From b5dae01a8a0e9c1e4f3d60da74eae74dd8a9e007 Mon Sep 17 00:00:00 2001 From: Robin Date: Fri, 23 Apr 2010 00:05:04 +0200 Subject: change the config system to support multi user --- admin/index.php | 41 ++++++ admin/index.php~ | 1 + inc/lib_base.php | 3 +- inc/lib_config.php | 332 ++++++++++++++++++++++++++----------------- inc/lib_user.php | 67 +++++++++ inc/templates/adminform.php | 106 ++++++++++++++ inc/templates/configform.php | 103 ++++---------- inc/templates/header.php | 12 +- 8 files changed, 458 insertions(+), 207 deletions(-) create mode 100644 admin/index.php create mode 100644 admin/index.php~ create mode 100644 inc/templates/adminform.php (limited to 'inc/lib_base.php') diff --git a/admin/index.php b/admin/index.php new file mode 100644 index 00000000000..2331c22f062 --- /dev/null +++ b/admin/index.php @@ -0,0 +1,41 @@ +. +* +*/ + +$CONFIG_ERROR=''; + +require_once('../inc/lib_base.php'); + + +OC_UTIL::showheader(); + +$FIRSTRUN=false; + +echo('
'); +OC_CONFIG::showadminform(); +echo('
'); + + +OC_UTIL::showfooter(); + +?> + diff --git a/admin/index.php~ b/admin/index.php~ new file mode 100644 index 00000000000..8d1c8b69c3f --- /dev/null +++ b/admin/index.php~ @@ -0,0 +1 @@ + diff --git a/inc/lib_base.php b/inc/lib_base.php index 4f58f946c92..5a70db535db 100755 --- a/inc/lib_base.php +++ b/inc/lib_base.php @@ -173,8 +173,9 @@ class OC_UTIL { } if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('Log'); else echo('Log'); + if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('Settings'); else echo('Settings'); if(OC_USER::ingroup($_SESSION['username'],'admin')){ - if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('Settings'); else echo('Settings'); + if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo('Admin Panel'); else echo('Admin Panel'); } echo('Logout'); echo(''); diff --git a/inc/lib_config.php b/inc/lib_config.php index 5fa6b5f7c64..98099cad72a 100755 --- a/inc/lib_config.php +++ b/inc/lib_config.php @@ -13,154 +13,230 @@ class OC_CONFIG{ global $CONFIG_DBNAME; require('templates/configform.php'); } - - public static function createuserlisener(){ - if(isset($_POST['new_username']) and isset($_POST['new_password'])){ - if(OC_USER::createuser($_POST['new_username'],$_POST['new_password'])){ - return 'user successfully created'; - }else{ - return 'error while trying to create user'; - } - }else{ - return false; - } - } - + /** - * lisen for configuration changes and write it to the file + * show the configform * */ - public static function writeconfiglisener(){ - global $DOCUMENTROOT; - global $SERVERROOT; - global $WEBROOT; - global $CONFIG_DBHOST; - global $CONFIG_DBNAME; - global $CONFIG_DBUSER; - global $CONFIG_DBPASSWORD; - global $CONFIG_DBTYPE; + public static function showadminform(){ global $CONFIG_ADMINLOGIN; global $CONFIG_ADMINPASSWORD; - if(isset($_POST['set_config'])){ + global $CONFIG_DATADIRECTORY; + global $CONFIG_HTTPFORCESSL; + global $CONFIG_DATEFORMAT; + global $CONFIG_DBNAME; + global $CONFIG_INSTALLED; + if(OC_USER::ingroup($_SESSION['username'],'admin') or $CONFIG_INSTALLED==false){ + require('templates/adminform.php'); + } + } - //checkdata - $error=''; - $FIRSTRUN=empty($CONFIG_ADMINLOGIN); - if(!$FIRSTRUN){ - if($_POST['currentpassword']!=$CONFIG_ADMINPASSWORD){ - $error.='wrong password
'; + public static function createuserlisener(){ + if(OC_USER::ingroup($_SESSION['username'],'admin')){ + if(isset($_POST['new_username']) and isset($_POST['new_password'])){ + if(OC_USER::createuser($_POST['new_username'],$_POST['new_password'])){ + return 'user successfully created'; + }else{ + return 'error while trying to create user'; + } + }else{ + return false; } + }else{ + return false; } - - if(!isset($_POST['adminlogin']) or empty($_POST['adminlogin'])) $error.='admin login not set
'; - if((!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])) and $FIRSTRUN) $error.='admin password not set
'; - if((!isset($_POST['adminpassword2']) or empty($_POST['adminpassword2'])) and $FIRSTRUN) $error.='retype admin password not set
'; - if(!isset($_POST['datadirectory']) or empty($_POST['datadirectory'])) $error.='data directory not set
'; - if(!isset($_POST['dateformat']) or empty($_POST['dateformat'])) $error.='dateformat not set
'; - if(!isset($_POST['dbname']) or empty($_POST['dbname'])) $error.='databasename not set
'; - if($_POST['adminpassword']<>$_POST['adminpassword2'] ) $error.='admin passwords are not the same
'; - $dbtype=$_POST['dbtype']; - if($dbtype=='mysql'){ - if(!isset($_POST['dbhost']) or empty($_POST['dbhost'])) $error.='database host not set
'; - if(!isset($_POST['dbuser']) or empty($_POST['dbuser'])) $error.='database user not set
'; - if($_POST['dbpassword']<>$_POST['dbpassword2'] ) $error.='database passwords are not the same
'; - - } - if(!$FIRSTRUN){ - if(!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])){ - $_POST['adminpassword']=$CONFIG_ADMINPASSWORD; - } - if(!isset($_POST['dbpassword']) or empty($_POST['dbpassword'])){ - $_POST['dbpassword']=$CONFIG_DBPASSWORD; + } + + public static function creategrouplisener(){ + if(OC_USER::isLoggedIn()){ + if(isset($_POST['creategroup']) and $_POST['creategroup']==1){ + if(OC_USER::creategroup($_POST['groupname'])){ + if(OC_USER::addtogroup($_SESSION['username'],$_POST['groupname'])){ + return 'group successfully created'; + }else{ + return 'error while trying to add user to the new created group'; + } + }else{ + return 'error while trying to create group'; + } + }else{ + return false; } + }else{ + return false; } - if(!is_dir($_POST['datadirectory'])){ - try{ - mkdir($_POST['datadirectory']); - }catch(Exception $e){ - $error.='error while trying to create data directory
'; + } + + + /** + * lisen for configuration changes + * + */ + public static function configlisener(){ + if(OC_USER::isLoggedIn()){ + if(isset($_POST['config']) and $_POST['config']==1){ + $error=''; + if(!OC_USER::checkpassword($_SESSION['username'],$_POST['currentpassword'])){ + $error.='wrong password
'; + }else{ + if(isset($_POST['changepass']) and $_POST['changepass']==1){ + if(!isset($_POST['password']) or empty($_POST['password'])) $error.='password not set
'; + if(!isset($_POST['password2']) or empty($_POST['password2'])) $error.='retype password not set
'; + if($_POST['password']<>$_POST['password2'] ) $error.='passwords are not the same
'; + if(empty($error)){ + if(!OC_USER::setpassword($_SESSION['username'],$_POST['password'])){ + $error.='error while trying to set password
'; + } + } + } + } + return $error; + }else{ + return false; } + }else{ + return false; } - if(empty($error)) { - //create/fill database - $CONFIG_DBTYPE=$dbtype; - $CONFIG_DBNAME=$_POST['dbname']; - if($dbtype=='mysql'){ - $CONFIG_DBHOST=$_POST['dbhost']; - $CONFIG_DBUSER=$_POST['dbuser']; - $CONFIG_DBPASSWORD=$_POST['dbpassword']; - } - try{ - if(isset($_POST['createdatabase']) and $CONFIG_DBTYPE=='mysql'){ - self::createdatabase($_POST['dbadminuser'],$_POST['dbadminpwd']); + } + + + /** + * lisen for admin configuration changes and write it to the file + *4bd0be1185e76 + */ + public static function writeadminlisener(){ + global $CONFIG_INSTALLED; + if(OC_USER::ingroup($_SESSION['username'],'admin') or $CONFIG_INSTALLED==false){ + global $DOCUMENTROOT; + global $SERVERROOT; + global $WEBROOT; + global $CONFIG_DBHOST; + global $CONFIG_DBNAME; + global $CONFIG_DBUSER; + global $CONFIG_DBPASSWORD; + global $CONFIG_DBTYPE; + global $CONFIG_ADMINLOGIN; + global $CONFIG_ADMINPASSWORD; + if(isset($_POST['set_config'])){ + + //checkdata + $error=''; + $FIRSTRUN=empty($CONFIG_ADMINLOGIN); + if(!$FIRSTRUN){ + if($_POST['currentpassword']!=$CONFIG_ADMINPASSWORD){ + $error.='wrong password
'; + } } - }catch(Exception $e){ - $error.='error while trying to create the database
'; - } - if($CONFIG_DBTYPE=='sqlite'){ - $f=@fopen($SERVERROOT.'/'.$CONFIG_DBNAME,'a+'); - if(!$f){ - $error.='path of sqlite database not writable by server
'; + + if(!isset($_POST['adminlogin']) or empty($_POST['adminlogin'])) $error.='admin login not set
'; + if((!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])) and $FIRSTRUN) $error.='admin password not set
'; + if((!isset($_POST['adminpassword2']) or empty($_POST['adminpassword2'])) and $FIRSTRUN) $error.='retype admin password not set
'; + if(!isset($_POST['datadirectory']) or empty($_POST['datadirectory'])) $error.='data directory not set
'; + if(!isset($_POST['dateformat']) or empty($_POST['dateformat'])) $error.='dateformat not set
'; + if(!isset($_POST['dbname']) or empty($_POST['dbname'])) $error.='databasename not set
'; + if($_POST['adminpassword']<>$_POST['adminpassword2'] ) $error.='admin passwords are not the same
'; + $dbtype=$_POST['dbtype']; + if($dbtype=='mysql'){ + if(!isset($_POST['dbhost']) or empty($_POST['dbhost'])) $error.='database host not set
'; + if(!isset($_POST['dbuser']) or empty($_POST['dbuser'])) $error.='database user not set
'; + if($_POST['dbpassword']<>$_POST['dbpassword2'] ) $error.='database passwords are not the same
'; + } - } - try{ - if(isset($_POST['filldb'])){ - self::filldatabase(); + if(!$FIRSTRUN){ + if(!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])){ + $_POST['adminpassword']=$CONFIG_ADMINPASSWORD; + } + if(!isset($_POST['dbpassword']) or empty($_POST['dbpassword'])){ + $_POST['dbpassword']=$CONFIG_DBPASSWORD; + } } - }catch(Exception $e){ - $error.='error while trying to fill the database
'; - } - - if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){ - $error.='error while trying to create the admin user
'; - } - - if(OC_USER::getgroupid('admin')==0){ - if(!OC_USER::creategroup('admin')){ - $error.='error while trying to create the admin group
'; + if(!is_dir($_POST['datadirectory'])){ + try{ + mkdir($_POST['datadirectory']); + }catch(Exception $e){ + $error.='error while trying to create data directory
'; + } } - } - - if(!OC_USER::addtogroup($_POST['adminlogin'],'admin')){ - $error.='error while trying to add the admin user to the admin group
'; - } - - //storedata - $config=' '; + if(empty($error)) { + //create/fill database + $CONFIG_DBTYPE=$dbtype; + $CONFIG_DBNAME=$_POST['dbname']; + if($dbtype=='mysql'){ + $CONFIG_DBHOST=$_POST['dbhost']; + $CONFIG_DBUSER=$_POST['dbuser']; + $CONFIG_DBPASSWORD=$_POST['dbpassword']; + } + try{ + if(isset($_POST['createdatabase']) and $CONFIG_DBTYPE=='mysql'){ + self::createdatabase($_POST['dbadminuser'],$_POST['dbadminpwd']); + } + }catch(Exception $e){ + $error.='error while trying to create the database
'; + } + if($CONFIG_DBTYPE=='sqlite'){ + $f=@fopen($SERVERROOT.'/'.$CONFIG_DBNAME,'a+'); + if(!$f){ + $error.='path of sqlite database not writable by server
'; + } + } + try{ + if(isset($_POST['filldb'])){ + self::filldatabase(); + } + }catch(Exception $e){ + $error.='error while trying to fill the database
'; + } + + if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){ + $error.='error while trying to create the admin user
'; + } + + if(OC_USER::getgroupid('admin')==0){ + if(!OC_USER::creategroup('admin')){ + $error.='error while trying to create the admin group
'; + } + } + + if(!OC_USER::addtogroup($_POST['adminlogin'],'admin')){ + $error.='error while trying to add the admin user to the admin group
'; + } + + //storedata + $config=' '; + + $filename=$SERVERROOT.'/config/config.php'; + if(empty($error)){ + header("Location: ".$WEBROOT."/"); + try{ + file_put_contents($filename,$config); + }catch(Exception $e){ + $error.='error while trying to save the configuration file
'; + return $error; + } + }else{ + return $error; + } - $filename=$SERVERROOT.'/config/config.php'; - if(empty($error)){ - header("Location: ".$WEBROOT."/"); - try{ - file_put_contents($filename,$config); - }catch(Exception $e){ - $error.='error while trying to save the configuration file
'; - return $error; } - }else{ - return $error; - } + return($error); + } } - return($error); - - } - - } + } /** * Fills the database with the initial tables diff --git a/inc/lib_user.php b/inc/lib_user.php index e7855b5b7b3..30dbdcd2fec 100644 --- a/inc/lib_user.php +++ b/inc/lib_user.php @@ -152,6 +152,21 @@ class OC_USER { } } + /** + * get the name of a group + * + */ + public static function getgroupname($groupid){ + $groupid=(integer)$groupid; + $query="SELECT group_name FROM `groups` WHERE `group_id` = '$groupid' LIMIT 1"; + $result=OC_DB::select($query); + if(isset($result[0]) && isset($result[0]['group_name'])){ + return $result[0]['group_name']; + }else{ + return 0; + } + } + /** * check if a user belongs to a group * @@ -195,6 +210,58 @@ class OC_USER { public static function generatepassword(){ return uniqid(); } + + /** + * get all groups the user belongs to + * + */ + public static function getusergroups($username){ + $userid=OC_USER::getuserid($username); + $query="SELECT group_id FROM `user_group` WHERE `user_id` = '$userid'"; + $result=OC_DB::select($query); + $groups=array(); + if(is_array($result)){ + foreach($result as $group){ + $groupid=$group['group_id']; + $groups[]=OC_USER::getgroupname($groupid); + } + } + return $groups; + } + + /** + * set the password of a user + * + */ + public static function setpassword($username,$password){ + $password=sha1($password); + $userid=OC_USER::getuserid($username); + $query="UPDATE `users` SET `user_password` = '$password' WHERE `user_id` =$userid LIMIT 1 ;"; + $result=OC_DB::query($query); + if($result){ + return true; + }else{ + return false; + } + } + + /** + * check the password of a user + * + */ + public static function checkpassword($username,$password){ + $password=sha1($password); + $usernameclean=strtolower($username); + $username=mysql_escape_string($username); + $usernameclean=mysql_escape_string($usernameclean); + $query="SELECT user_id FROM `users` WHERE `user_name_clean` = '$usernameclean' AND `user_password` = '$password' LIMIT 1"; + $result=OC_DB::select($query); + if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){ + return true; + }else{ + return false; + } + } } ?> \ No newline at end of file diff --git a/inc/templates/adminform.php b/inc/templates/adminform.php new file mode 100644 index 00000000000..38d2b14a57e --- /dev/null +++ b/inc/templates/adminform.php @@ -0,0 +1,106 @@ + + +
+ +"; + } + if(!$FIRSTRUN){?> + + + + + + + + + + + + + + + + + + + + +
$CONFIG_ERROR
current password
admin login:
admin password:(leave empty to keep current password)
retype admin password:
data directory:
force ssl:
date format:
database type: + +
database host:
database name:
database user:
database password:(leave empty to keep current password)
retype database password:
create database and user: onchange='showDBAdmin()'>
database administrative user:
database administrative password:
automaticly fill initial database:>

+ +
+
+ + + + + +
Create new user:
user name
password
+
+ + \ No newline at end of file diff --git a/inc/templates/configform.php b/inc/templates/configform.php index ba946fc67b0..037249a84a2 100755 --- a/inc/templates/configform.php +++ b/inc/templates/configform.php @@ -7,92 +7,45 @@ if(!isset($CONFIG_DBUSER)) $CONFIG_DBUSER='owncloud'; $newuserpassword=OC_USER::generatepassword(); ?>
+ "; } - if(!$FIRSTRUN){?> - - - - - - - - - + + + +
$CONFIG_ERROR
current password
admin login:
admin password:(leave empty to keep current password)
retype admin password:
data directory:
force ssl:
date format:
database type: -
enter password
change password:
+
+Groups: +
+ + + + + - - - - - - - - - - - - -
Current groups
database host:
database name:
database user:
database password:(leave empty to keep current password)
retype database password:
create database and user: onchange='showDBAdmin()'>
database administrative user:
database administrative password:
automaticly fill initial database:>

-
-
- - - - - + +
Create new user:
user name
password
Create new group
- \ No newline at end of file diff --git a/inc/templates/header.php b/inc/templates/header.php index 46c64bfd645..51e729cb8e1 100755 --- a/inc/templates/header.php +++ b/inc/templates/header.php @@ -32,9 +32,15 @@ echo('

'); echo('

'.$error.'

'); echo('

First Run Wizard

'); - OC_CONFIG::showconfigform(); + OC_CONFIG::showadminform(); echo(''); OC_UTIL::showfooter(); exit(); -- cgit v1.2.3 From d9e0d5decad7c52d2e78606d7be7570e675b0dbb Mon Sep 17 00:00:00 2001 From: Robin Date: Sat, 24 Apr 2010 12:40:20 +0200 Subject: remove dependency on set_include_path because not all hosts support it --- inc/lib_base.php | 117 ++++++++++++++++++++++++++++++++++++++++---- inc/lib_config.php | 4 +- inc/lib_user.php | 18 +++++-- inc/templates/adminform.php | 2 +- webdav/owncloud.php | 2 +- 5 files changed, 125 insertions(+), 18 deletions(-) (limited to 'inc/lib_base.php') diff --git a/inc/lib_base.php b/inc/lib_base.php index 5a70db535db..5992004f537 100755 --- a/inc/lib_base.php +++ b/inc/lib_base.php @@ -40,7 +40,7 @@ if($WEBROOT{0}!=='/'){ } // set the right include path -set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config'); +// set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config'); // define default config values $CONFIG_INSTALLED=false; @@ -51,7 +51,7 @@ $CONFIG_DBNAME='owncloud'; $CONFIG_DBTYPE='sqlite'; // include the generated configfile -@include_once('config.php'); +@oc_include_once('config.php'); // redirect to https site if configured if(isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL){ @@ -63,10 +63,10 @@ if(isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL){ } // load core libs -require_once('lib_files.php'); -require_once('lib_log.php'); -require_once('lib_config.php'); -require_once('lib_user.php'); +oc_require_once('lib_files.php'); +oc_require_once('lib_log.php'); +oc_require_once('lib_config.php'); +oc_require_once('lib_user.php'); if(OC_USER::isLoggedIn()){ //jail the user in a seperate data folder @@ -131,7 +131,7 @@ class OC_UTIL { public static function showheader(){ global $CONFIG_ADMINLOGIN; global $WEBROOT; - require('templates/header.php');; + oc_require('templates/header.php');; } /** @@ -141,7 +141,7 @@ class OC_UTIL { public static function showfooter(){ global $CONFIG_FOOTEROWNERNAME; global $CONFIG_FOOTEROWNEREMAIL; - require('templates/footer.php');; + oc_require('templates/footer.php');; } /** @@ -188,7 +188,7 @@ class OC_UTIL { */ public static function showloginform(){ global $loginresult; - require('templates/loginform.php'); + oc_require('templates/loginform.php'); } @@ -452,4 +452,101 @@ class OC_DB { } -?> +//custom require/include functions because not all hosts allow us to set the include path +function oc_require($file){ + global $SERVERROOT; + global $DOCUMENTROOT; + global $WEBROOT; + global $CONFIG_DBNAME; + global $CONFIG_DBHOST; + global $CONFIG_DBUSER; + global $CONFIG_DBPASSWORD; + global $CONFIG_DBTYPE; + global $CONFIG_DATADIRECTORY; + global $CONFIG_HTTPFORCESSL; + global $CONFIG_DATEFORMAT; + global $CONFIG_INSTALLED; + if(is_file($file)){ + require($file); + }elseif(is_file($SERVERROOT.'/'.$file)){ + require($SERVERROOT.'/'.$file); + }elseif(is_file($SERVERROOT.'/inc/'.$file)){ + require($SERVERROOT.'/inc/'.$file); + }elseif(is_file($SERVERROOT.'/config/'.$file)){ + require($SERVERROOT.'/config/'.$file); + } +} + +function oc_require_once($file){ + global $SERVERROOT; + global $DOCUMENTROOT; + global $WEBROOT; + global $CONFIG_DBNAME; + global $CONFIG_DBHOST; + global $CONFIG_DBUSER; + global $CONFIG_DBPASSWORD; + global $CONFIG_DBTYPE; + global $CONFIG_DATADIRECTORY; + global $CONFIG_HTTPFORCESSL; + global $CONFIG_DATEFORMAT; + global $CONFIG_INSTALLED; + if(is_file($file)){ + require_once($file); + }elseif(is_file($SERVERROOT.'/'.$file)){ + require_once($SERVERROOT.'/'.$file); + }elseif(is_file($SERVERROOT.'/inc/'.$file)){ + require_once($SERVERROOT.'/inc/'.$file); + }elseif(is_file($SERVERROOT.'/config/'.$file)){ + require_once($SERVERROOT.'/config/'.$file); + } +} + +function oc_include($file){ + global $SERVERROOT; + global $DOCUMENTROOT; + global $WEBROOT; + global $CONFIG_DBNAME; + global $CONFIG_DBHOST; + global $CONFIG_DBUSER; + global $CONFIG_DBPASSWORD; + global $CONFIG_DBTYPE; + global $CONFIG_DATADIRECTORY; + global $CONFIG_HTTPFORCESSL; + global $CONFIG_DATEFORMAT; + global $CONFIG_INSTALLED; + if(is_file($file)){ + include($file); + }elseif(is_file($SERVERROOT.'/'.$file)){ + include($SERVERROOT.'/'.$file); + }elseif(is_file($SERVERROOT.'/inc/'.$file)){ + include($SERVERROOT.'/inc/'.$file); + }elseif(is_file($SERVERROOT.'/config/'.$file)){ + include($SERVERROOT.'/config/'.$file); + } +} + +function oc_include_once($file){ + global $SERVERROOT; + global $DOCUMENTROOT; + global $WEBROOT; + global $CONFIG_DBNAME; + global $CONFIG_DBHOST; + global $CONFIG_DBUSER; + global $CONFIG_DBPASSWORD; + global $CONFIG_DBTYPE; + global $CONFIG_DATADIRECTORY; + global $CONFIG_HTTPFORCESSL; + global $CONFIG_DATEFORMAT; + global $CONFIG_INSTALLED; + if(is_file($file)){ + include_once($file); + }elseif(is_file($SERVERROOT.'/'.$file)){ + include_once($SERVERROOT.'/'.$file); + }elseif(is_file($SERVERROOT.'/inc/'.$file)){ + include_once($SERVERROOT.'/inc/'.$file); + }elseif(is_file($SERVERROOT.'/config/'.$file)){ + include_once($SERVERROOT.'/config/'.$file); + } +} + +?> \ No newline at end of file diff --git a/inc/lib_config.php b/inc/lib_config.php index 70de1b96d7e..130731b79f9 100755 --- a/inc/lib_config.php +++ b/inc/lib_config.php @@ -11,7 +11,7 @@ class OC_CONFIG{ global $CONFIG_HTTPFORCESSL; global $CONFIG_DATEFORMAT; global $CONFIG_DBNAME; - require('templates/configform.php'); + oc_require('templates/configform.php'); } /** @@ -35,7 +35,7 @@ class OC_CONFIG{ } } if($allow){ - require('templates/adminform.php'); + oc_require('templates/adminform.php'); } } diff --git a/inc/lib_user.php b/inc/lib_user.php index 30dbdcd2fec..37e5f0bc217 100644 --- a/inc/lib_user.php +++ b/inc/lib_user.php @@ -21,6 +21,12 @@ * */ +if(!$CONFIG_INSTALLED){ + $_SESSION['user_id']=false; + $_SESSION['username']=''; + $_SESSION['username_clean']=''; +} + /** * Class for usermanagement * @@ -174,10 +180,14 @@ class OC_USER { public static function ingroup($username,$groupname){ $userid=OC_USER::getuserid($username); $groupid=OC_USER::getgroupid($groupname); - $query="SELECT user_group_id FROM `user_group` WHERE `group_id` = '$groupid ' AND `user_id` = '$userid 'LIMIT 1"; - $result=OC_DB::select($query); - if(isset($result[0]) && isset($result[0]['user_group_id'])){ - return true; + if($groupid>0 and $userid>0){ + $query="SELECT user_group_id FROM `user_group` WHERE `group_id` = '$groupid ' AND `user_id` = '$userid 'LIMIT 1"; + $result=OC_DB::select($query); + if(isset($result[0]) && isset($result[0]['user_group_id'])){ + return true; + }else{ + return false; + } }else{ return false; } diff --git a/inc/templates/adminform.php b/inc/templates/adminform.php index 38d2b14a57e..c5e0bca61d3 100644 --- a/inc/templates/adminform.php +++ b/inc/templates/adminform.php @@ -49,7 +49,7 @@ function dbtypechange(){ -admin login: +admin login: admin password:(leave empty to keep current password) retype admin password: Date: Sun, 25 Apr 2010 18:18:04 +0200 Subject: bugfix when filling the database in first run dialog --- inc/lib_base.php | 1 + inc/lib_config.php | 18 +++++++++++++++--- 2 files changed, 16 insertions(+), 3 deletions(-) (limited to 'inc/lib_base.php') diff --git a/inc/lib_base.php b/inc/lib_base.php index 5992004f537..851fc254b8e 100755 --- a/inc/lib_base.php +++ b/inc/lib_base.php @@ -67,6 +67,7 @@ oc_require_once('lib_files.php'); oc_require_once('lib_log.php'); oc_require_once('lib_config.php'); oc_require_once('lib_user.php'); +oc_require_once('lib_ocs.php'); if(OC_USER::isLoggedIn()){ //jail the user in a seperate data folder diff --git a/inc/lib_config.php b/inc/lib_config.php index 130731b79f9..389aeff646e 100755 --- a/inc/lib_config.php +++ b/inc/lib_config.php @@ -202,9 +202,9 @@ class OC_CONFIG{ self::filldatabase(); } }catch(Exception $e){ + echo 'testin'; $error.='error while trying to fill the database
'; } - if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){ $error.='error while trying to create the admin user
'; } @@ -303,7 +303,7 @@ CREATE TABLE 'users' ( ); "; }elseif($CONFIG_DBTYPE=='mysql'){ - $query="SET SQL_MODE=\"NO_AUTO_VALUE_ON_ZERO\"; + $query="SET SQL_MODE='NO_AUTO_VALUE_ON_ZERO'; CREATE TABLE IF NOT EXISTS `locks` ( `token` varchar(255) NOT NULL DEFAULT '', @@ -351,10 +351,22 @@ UNIQUE ( ) ) ENGINE = MYISAM ; +CREATE TABLE IF NOT EXISTS `groups` ( +`group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , +`group_name` VARCHAR( 64 ) NOT NULL , +UNIQUE ( +`group_name` +) +) ENGINE = MYISAM ; + +CREATE TABLE IF NOT EXISTS `user_group` ( +`user_group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , +`user_id` VARCHAR( 64 ) NOT NULL , +`group_id` VARCHAR( 64 ) NOT NULL +) ENGINE = MYISAM ; "; } OC_DB::multiquery($query); - die(); } /** -- cgit v1.2.3