public static function sendEmail($args)
{
if (OC_User::userExists($_POST['user'])) {
$token = hash('sha256', OC_Util::generate_random_bytes(30) . OC_Config::getValue('passwordsalt', ''));
OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash('sha256', $token));
// Hash the token again to prevent timing attacks
$email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
if (!empty($email)) {
$link = OC_Helper::linkToRoute('core_lostpassword_reset', array('user' => $_POST['user'], 'token' => $token));
$link = OC_Helper::makeURLAbsolute($link);
$tmpl = new OC_Template('core/lostpassword', 'email');
$tmpl->assign('link', $link, false);
$msg = $tmpl->fetchPage();
$l = OC_L10N::get('core');
$from = 'lostpassword-noreply@' . OCP\Util::getServerHost();
OC_Mail::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud');
echo 'Mailsent';
self::displayLostPasswordPage(false, true);
} else {
self::displayLostPasswordPage(true, false);
}
} else {
self::displayLostPasswordPage(true, false);
}
}
public static function apiConfig($parameters)
{
$xml['version'] = '1.7';
$xml['website'] = 'ownCloud';
$xml['host'] = OCP\Util::getServerHost();
$xml['contact'] = '';
$xml['ssl'] = 'false';
return new OC_OCS_Result($xml);
}
/**
* @brief Check if the password is correct
* @param $uid The username
* @param $password The password
* @returns true/false
*
* Check if the password is correct without logging in the user
*/
public function checkPassword($uid, $password)
{
// Get identity from user and redirect browser to OpenID Server
$openid = new SimpleOpenID();
$openid->SetIdentity($uid);
$openid->SetTrustRoot('http://' . OCP\Util::getServerHost());
if ($openid->GetOpenIDServer()) {
$openid->SetApprovedURL('http://' . OCP\Util::getServerHost() . OC::$WEBROOT);
// Send Response from OpenID server to this script
$openid->Redirect();
// This will redirect user to OpenID Server
exit;
} else {
return false;
}
exit;
}
public static function av_scan($path)
{
$path = $path[\OC\Files\Filesystem::signal_param_path];
if ($path != '') {
$files_view = \OCP\Files::getStorage("files");
if ($files_view->file_exists($path)) {
$root = OC_User::getHome(OC_User::getUser()) . '/files';
$file = $root . $path;
$result = self::clamav_scan($file);
switch ($result) {
case CLAMAV_SCANRESULT_UNCHECKED:
//TODO: Show warning to the user: The file can not be checked
break;
case CLAMAV_SCANRESULT_INFECTED:
//remove file
$files_view->unlink($path);
OCP\JSON::error(array("data" => array("message" => "Virus detected! Can't upload the file.")));
$email = OC_Preferences::getValue(OC_User::getUser(), 'settings', 'email', '');
\OCP\Util::writeLog('files_antivirus', 'Email: ' . $email, \OCP\Util::DEBUG);
if (!empty($email)) {
$tmpl = new OC_Template('files_antivirus', 'notification');
$tmpl->assign('file', $path);
$tmpl->assign('host', OCP\Util::getServerHost());
$tmpl->assign('user', OC_User::getUser());
$msg = $tmpl->fetchPage();
$from = OCP\Util::getDefaultEmailAddress('security-noreply');
OCP\Util::sendMail($email, OC_User::getUser(), 'Malware detected', $msg, $from, 'ownCloud', 1);
}
exit;
break;
case CLAMAV_SCANRESULT_CLEAN:
//do nothing
break;
}
}
}
}
* This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE * License as published by the Free Software Foundation; either * version 3 of the License, or any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Affero General Public * License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ require_once '../lib/base.php'; $url = 'http://' . substr(OCP\Util::getServerHost() . $_SERVER['REQUEST_URI'], 0, -17) . 'ocs/v1.php/'; echo ' <providers> <provider> <id>ownCloud</id> <location>' . $url . '</location> <name>ownCloud</name> <icon></icon> <termsofuse></termsofuse> <register></register> <services> <config ocsversion="1.7" /> <activity ocsversion="1.7" /> <cloud ocsversion="1.7" /> </services> </provider>
public static function saveUserSettings($appName, $ocUser, $rcUser, $rcPassword)
{
$l = new OC_L10N('roundcube');
if (isset($appName) && $appName == "roundcube") {
$result = self::cryptEmailIdentity($ocUser, $rcUser, $rcPassword, true);
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->saveUserSettings(): Starting saving new users data for ' . $ocUser . ' as roundcube user ' . $rcUser, OCP\Util::DEBUG);
if ($result) {
// update login credentials
$rcMaildir = OCP\Config::getAppValue('roundcube', 'maildir', '');
$rcHost = OCP\Config::getAppValue('roundcube', 'rcHost', '');
$rcPort = OCP\Config::getAppValue('roundcube', 'rcPort', '');
if ($rcHost == '') {
$rc_host = OCP\Util::getServerHost();
}
// login again
if (self::login($rcHost, $rcPort, $rcMaildir, $rcUser, $rcPassword)) {
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->saveUserSettings(): Saved user settings successfull.', OCP\Util::DEBUG);
OCP\JSON::success(array('data' => array('message' => $l->t('Email-user credentials successfully stored. Please login again to OwnCloud for applying the new settings.'))));
return true;
} else {
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->saveUserSettings(): Login errors', OCP\Util::DEBUG);
OC_JSON::error(array("data" => array("message" => $l->t("Unable to login into roundcube. There are login errors."))));
return false;
}
} else {
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->saveUserSettings(): Unable to save email credentials.', OCP\Util::DEBUG);
OC_JSON::error(array("data" => array("message" => $l->t("Unable to store email credentials in the data-base."))));
return false;
}
} else {
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->saveUserSettings(): Not for roundcube app.', OCP\Util::DEBUG);
OC_JSON::error(array("data" => array("message" => $l->t("Not submitted for us."))));
return false;
}
}
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
require_once '../lib/base.php';
header('Content-type: application/xml');
$url = OCP\Util::getServerProtocol() . '://' . substr(OCP\Util::getServerHost() . OCP\Util::getRequestUri(), 0, -17) . 'ocs/v1.php/';
$writer = new XMLWriter();
$writer->openURI('php://output');
$writer->startDocument('1.0', 'UTF-8');
$writer->setIndent(4);
$writer->startElement('providers');
$writer->startElement('provider');
$writer->writeElement('id', 'ownCloud');
$writer->writeElement('location', $url);
$writer->writeElement('name', 'ownCloud');
$writer->writeElement('icon', '');
$writer->writeElement('termsofuse', '');
$writer->writeElement('register', '');
$writer->startElement('services');
$writer->startElement('config');
$writer->writeAttribute('ocsversion', '1.7');
/**
* return the config data of this server
* @param string $format
* @return string xml/json
*/
public static function apiConfig($parameters)
{
$format = $parameters['format'];
$user = OC_OCS::checkpassword(false);
$url = substr(OCP\Util::getServerHost() . $_SERVER['SCRIPT_NAME'], 0, -11) . '';
$xml['version'] = '1.7';
$xml['website'] = 'ownCloud';
$xml['host'] = OCP\Util::getServerHost();
$xml['contact'] = '';
$xml['ssl'] = 'false';
echo OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'config', '', 1);
}
<form id="openidform">
<fieldset class="personalblock">
<legend><strong><?php
p($l->t('OpenID'));
?>
</strong></legend>
<?php
p(OCP\Util::getServerProtocol() . '://' . OCP\Util::getServerHost() . OC::$WEBROOT . '/?');
p(OCP\USER::getUser());
?>
<br /><em><?php
p($l->t('you can authenticate to other sites with this address'));
?>
</em><br />
<label for="identity"><?php
p($l->t('Authorized OpenID provider'));
?>
</label>
<input type="text" name="identity" id="identity" value="<?php
p($_['identity']);
?>
" placeholder="<?php
p($l->t('Your address at Wordpress, Identi.ca, …'));
?>
" /><span class="msg"></span>
</fieldset>
</form>
* Copyright (c) 2012 Frank Karlitschek frank@owncloud.org
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
$RUNTIME_NOAPPS = TRUE;
//no apps
require_once '../../lib/base.php';
// Someone lost their password:
if (isset($_POST['user'])) {
if (OC_User::userExists($_POST['user'])) {
$token = hash("sha256", $_POST['user'] . OC_Util::generate_random_bytes(10));
OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token);
$email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
if (!empty($email)) {
$link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php', array('user' => $_POST['user'], 'token' => $token));
$tmpl = new OC_Template('core/lostpassword', 'email');
$tmpl->assign('link', $link, false);
$msg = $tmpl->fetchPage();
$l = OC_L10N::get('core');
$from = 'lostpassword-noreply@' . OCP\Util::getServerHost();
OC_MAIL::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud');
echo 'sent';
}
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true));
} else {
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false));
}
} else {
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false));
}
<?php
OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
OCP\JSON::checkAppEnabled('files_sharing');
$user = OCP\USER::getUser();
// TODO translations
$type = strpos($_POST['file'], '.') === false ? 'folder' : 'file';
$subject = $user . ' shared a ' . $type . ' with you';
$link = $_POST['link'];
$text = $user . ' shared the ' . $type . ' ' . $_POST['file'] . ' with you. It is available for download here: ' . $link;
$fromaddress = OCP\Config::getUserValue($user, 'settings', 'email', 'sharing-noreply@' . OCP\Util::getServerHost());
try {
OCP\Util::sendMail($_POST['toaddress'], $_POST['toaddress'], $subject, $text, $fromaddress, $user);
OCP\JSON::success();
} catch (Exception $exception) {
OCP\JSON::error(array('data' => array('message' => $exception->getMessage())));
}
/**
* Determine the HTTP request protocol
* @name $proto
* @global string $GLOBALS['proto']
*/
$GLOBALS['proto'] = isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on' ? 'https' : 'http';
// Set the authorization state - DO NOT OVERRIDE
$profile['authorized'] = false;
global $IDENTITY;
global $USERNAME;
// Set a default IDP URL
if (!array_key_exists('idp_url', $profile)) {
$profile['idp_url'] = $IDENTITY;
}
//Determine the requested URL - DO NOT OVERRIDE
$profile['req_url'] = sprintf("%s://%s%s", $proto, OCP\Util::getServerHost(), $_SERVER["REQUEST_URI"]);
// Set the default allowance for testing
if (!array_key_exists('allow_test', $profile)) {
$profile['allow_test'] = false;
}
// Set the default allowance for gmp
if (!array_key_exists('allow_gmp', $profile)) {
$profile['allow_gmp'] = false;
}
// Set the default force bigmath - BAD IDEA to override this
if (!array_key_exists('force_bigmath', $profile)) {
$profile['force_bigmath'] = false;
}
// Determine if GMP is usable
$profile['use_gmp'] = extension_loaded('gmp') && $profile['allow_gmp'] ? true : false;
// Determine if I can perform big math functions
} else {
$ocUser = OCP\User::getUser();
$mail_userdata_entries = OC_RoundCube_App::checkLoginData(OCP\User::getUser());
// TODO create dropdown list
$mail_userdata = $mail_userdata_entries[0];
//
// Nope. Already logged in at the start. Then starting to support
// multiple accounts, a re-login with other credentials than the
// default ID could be provided.
//
$disable_control_nav = OCP\Config::getAppValue('roundcube', 'removeControlNav', false);
$enable_autologin = OCP\Config::getAppValue('roundcube', 'autoLogin', false);
$maildir = OCP\Config::getAppValue('roundcube', 'maildir', '');
$rc_host = OCP\Config::getAppValue('roundcube', 'rcHost', '');
if ($rc_host == '') {
$rc_host = OCP\Util::getServerHost();
}
$rc_port = OCP\Config::getAppValue('roundcube', 'rcPort', null);
OCP\Util::writeLog('roundcube', 'tpl.mail.php: Opening iframe for RC-host ' . $rc_host . ' with port ' . $rc_port, OCP\Util::DEBUG);
OCP\Util::writeLog('roundcube', 'tpl.mail.php: Preparing pre-check before rendering mail view ', OCP\Util::INFO);
if ($mail_userdata['id'] != '') {
if ($mail_userdata['oc_user'] == OCP\User::getUser()) {
if (!$enable_autologin && empty($mail_userdata)) {
OCP\Util::writeLog('roundcube', 'tpl.mail.php: No valid user login data found.', OCP\Util::ERROR);
$html_output = $html_output . $this->inc("part.error.no-settings");
} else {
OCP\Util::writeLog('roundcube', 'tpl.mail.php: Found valid user login data.', OCP\Util::DEBUG);
if ($maildir != '') {
$mailAppReturn = OC_RoundCube_App::showMailFrame($rc_host, $rc_port, $maildir);
if ($mailAppReturn->isErrorOccurred()) {
OCP\Util::writeLog('roundcube', 'Not rendering roundcube iframe view due to errors', OCP\Util::ERROR);
public static function getServerHost()
{
$rc_host = OCP\Config::getAppValue('roundcube', 'rcHost', '');
if ($rc_host == '') {
$rc_host = OCP\Util::getServerHost();
}
OCP\Util::writeLog('roundcube', 'OC_RoundCube_AuthHelper.class.php->getServerHost():' . ' rcHost: ' . $rc_host, OCP\Util::DEBUG);
return $rc_host;
}
