public static function sendEmail($args) { $isEncrypted = OC_App::isEnabled('files_encryption'); if (!$isEncrypted || isset($_POST['continue'])) { $continue = true; } else { $continue = false; } if (OC_User::userExists($_POST['user']) && $continue) { $token = hash('sha256', OC_Util::generate_random_bytes(30) . OC_Config::getValue('passwordsalt', '')); OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash('sha256', $token)); // Hash the token again to prevent timing attacks $email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', ''); if (!empty($email)) { $link = OC_Helper::linkToRoute('core_lostpassword_reset', array('user' => $_POST['user'], 'token' => $token)); $link = OC_Helper::makeURLAbsolute($link); $tmpl = new OC_Template('core/lostpassword', 'email'); $tmpl->assign('link', $link, false); $msg = $tmpl->fetchPage(); $l = OC_L10N::get('core'); $from = OCP\Util::getDefaultEmailAddress('lostpassword-noreply'); try { OC_Mail::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud'); } catch (Exception $e) { OC_Template::printErrorPage('A problem occurs during sending the e-mail please contact your administrator.'); } self::displayLostPasswordPage(false, true); } else { self::displayLostPasswordPage(true, false); } } else { self::displayLostPasswordPage(true, false); } }
public static function sendEmail($args) { if (OC_User::userExists($_POST['user'])) { $token = hash('sha256', OC_Util::generate_random_bytes(30) . OC_Config::getValue('passwordsalt', '')); OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash('sha256', $token)); // Hash the token again to prevent timing attacks $email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', ''); if (!empty($email)) { $link = OC_Helper::linkToRoute('core_lostpassword_reset', array('user' => $_POST['user'], 'token' => $token)); $link = OC_Helper::makeURLAbsolute($link); $tmpl = new OC_Template('core/lostpassword', 'email'); $tmpl->assign('link', $link, false); $msg = $tmpl->fetchPage(); $l = OC_L10N::get('core'); $from = 'lostpassword-noreply@' . OCP\Util::getServerHost(); OC_Mail::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud'); echo 'Mailsent'; self::displayLostPasswordPage(false, true); } else { self::displayLostPasswordPage(true, false); } } else { self::displayLostPasswordPage(true, false); } }
public function dopre() { $user = OC_User::getUser(); if (!$user) { return false; } if (!OC_User::isEnabled($user) && OC_User::userExists($user)) { header('HTTP/1.1 401 Unauthorized'); header('Status: 401 Unauthorized'); $template = new \OC_Template('user_permission', 'userdisable', 'guest'); $template->printPage(); die; } }
/** * @NoAdminRequired * @NoCSRFRequired * @PublicPage */ public function validateEmail() { $email = $this->request->getParam('email'); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { return new TemplateResponse('', 'error', array(array('error' => $this->l10n->t('Email address you entered is not valid'))), 'error'); return new TemplateResponse('', 'error', array('errors' => array(array('error' => $this->l10n->t('Email address you entered is not valid'), 'hint' => ''))), 'error'); } if ($this->pendingreg->find($email)) { return new TemplateResponse('', 'error', array('errors' => array(array('error' => $this->l10n->t('There is already a pending registration with this email'), 'hint' => ''))), 'error'); } if ($this->config->getUsersForUserValue('settings', 'email', $email)) { return new TemplateResponse('', 'error', array('errors' => array(array('error' => $this->l10n->t('There is an existing user with this email'), 'hint' => ''))), 'error'); } // FEATURE: allow only from specific email domain $token = $this->pendingreg->save($email); //TODO: check for error $link = $this->urlgenerator->linkToRoute('registration.register.verifyToken', array('token' => $token)); $link = $this->urlgenerator->getAbsoluteURL($link); $from = Util::getDefaultEmailAddress('register'); $res = new TemplateResponse('registration', 'email', array('link' => $link), 'blank'); $msg = $res->render(); try { $this->mail->sendMail($email, 'ownCloud User', $this->l10n->t('Verify your ownCloud registration request'), $msg, $from, 'ownCloud'); } catch (\Exception $e) { \OC_Template::printErrorPage('A problem occurs during sending the e-mail please contact your administrator.'); return; } return new TemplateResponse('registration', 'message', array('msg' => $this->l10n->t('Verification email successfully sent.')), 'guest'); }
/** * insert the @input values when they do not exist yet * @param string $table name * @param array $input key->value pairs * @return int count of inserted rows */ public function insertIfNotExist($table, $input) { $query = 'INSERT INTO `' . $table . '` (`' . implode('`,`', array_keys($input)) . '`) SELECT ' . str_repeat('?,', count($input) - 1) . '? ' . 'FROM `' . $table . '` WHERE '; $inserts = array_values($input); foreach ($input as $key => $value) { $query .= '`' . $key . '`'; if (is_null($value)) { $query .= ' IS NULL AND '; } else { $inserts[] = $value; $query .= ' = ? AND '; } } $query = substr($query, 0, strlen($query) - 5); $query .= ' HAVING COUNT(*) = 0'; try { return $this->conn->executeUpdate($query, $inserts); } catch (\Doctrine\DBAL\DBALException $e) { $entry = 'DB Error: "' . $e->getMessage() . '"<br />'; $entry .= 'Offending command was: ' . $query . '<br />'; \OC_Log::write('core', $entry, \OC_Log::FATAL); error_log('DB error: ' . $entry); \OC_Template::printErrorPage($entry); } }
public function display($post) { $defaults = array('adminlogin' => '', 'adminpass' => '', 'dbuser' => '', 'dbpass' => '', 'dbname' => '', 'dbtablespace' => '', 'dbhost' => 'localhost', 'dbtype' => ''); $parameters = array_merge($defaults, $post); \OC_Util::addVendorScript('strengthify/jquery.strengthify'); \OC_Util::addVendorStyle('strengthify/strengthify'); \OC_Util::addScript('setup'); \OC_Template::printGuestPage('', 'installation', $parameters); }
public function run() { if (!\OC_Template::isAssetPipelineEnabled()) { $this->emit('\\OC\\Repair', 'info', array('Asset pipeline disabled -> nothing to do')); return; } $assetDir = \OC::$SERVERROOT . '/assets'; \OC_Helper::rmdirr($assetDir, false); $this->emit('\\OC\\Repair', 'info', array('Asset cache cleared.')); }
public function run() { if (!\OC_Template::isAssetPipelineEnabled()) { $this->emit('\\OC\\Repair', 'info', array('Asset pipeline disabled -> nothing to do')); return; } $assetDir = \OC::$server->getConfig()->getSystemValue('assetdirectory', \OC::$SERVERROOT) . '/assets'; \OC_Helper::rmdirr($assetDir, false); $this->emit('\\OC\\Repair', 'info', array('Asset cache cleared.')); }
public function run(IOutput $output) { if (!\OC_Template::isAssetPipelineEnabled()) { $output->info('Asset pipeline disabled -> nothing to do'); return; } $assetDir = \OC::$server->getConfig()->getSystemValue('assetdirectory', \OC::$SERVERROOT) . '/assets'; \OC_Helper::rmdirr($assetDir, false); $output->info('Asset cache cleared.'); }
public static function av_scan($path) { $path = $path[\OC\Files\Filesystem::signal_param_path]; if ($path != '') { $files_view = \OCP\Files::getStorage("files"); if ($files_view->file_exists($path)) { $root = OC_User::getHome(OC_User::getUser()) . '/files'; $file = $root . $path; $result = self::clamav_scan($file); switch ($result) { case CLAMAV_SCANRESULT_UNCHECKED: //TODO: Show warning to the user: The file can not be checked break; case CLAMAV_SCANRESULT_INFECTED: //remove file $files_view->unlink($path); OCP\JSON::error(array("data" => array("message" => "Virus detected! Can't upload the file."))); $email = OC_Preferences::getValue(OC_User::getUser(), 'settings', 'email', ''); \OCP\Util::writeLog('files_antivirus', 'Email: ' . $email, \OCP\Util::DEBUG); if (!empty($email)) { $tmpl = new OC_Template('files_antivirus', 'notification'); $tmpl->assign('file', $path); $tmpl->assign('host', OCP\Util::getServerHost()); $tmpl->assign('user', OC_User::getUser()); $msg = $tmpl->fetchPage(); $from = OCP\Util::getDefaultEmailAddress('security-noreply'); OCP\Util::sendMail($email, OC_User::getUser(), 'Malware detected', $msg, $from, 'ownCloud', 1); } exit; break; case CLAMAV_SCANRESULT_CLEAN: //do nothing break; } } } }
public function insertIfNotExist($table, $input) { // NOTE: For SQLite we have to use this clumsy approach // otherwise all fieldnames used must have a unique key. $query = 'SELECT COUNT(*) FROM `' . $table . '` WHERE '; $inserts = array(); foreach ($input as $key => $value) { $query .= '`' . $key . '`'; if (is_null($value)) { $query .= ' IS NULL AND '; } else { $inserts[] = $value; $query .= ' = ? AND '; } } $query = substr($query, 0, strlen($query) - 5); try { $stmt = $this->conn->prepare($query); $result = $stmt->execute($inserts); } catch (\Doctrine\DBAL\DBALException $e) { $entry = 'DB Error: "' . $e->getMessage() . '"<br />'; $entry .= 'Offending command was: ' . $query . '<br />'; \OC_Log::write('core', $entry, \OC_Log::FATAL); error_log('DB error: ' . $entry); \OC_Template::printErrorPage($entry); } if ($stmt->fetchColumn() === '0') { $query = 'INSERT INTO `' . $table . '` (`' . implode('`,`', array_keys($input)) . '`) VALUES(' . str_repeat('?,', count($input) - 1) . '? ' . ')'; } else { return 0; //no rows updated } try { $statement = $this->conn->prepare($query); $result = $statement->execute(array_values($input)); } catch (\Doctrine\DBAL\DBALException $e) { $entry = 'DB Error: "' . $e->getMessage() . '"<br />'; $entry .= 'Offending command was: ' . $query . '<br />'; \OC_Log::write('core', $entry, \OC_Log::FATAL); error_log('DB error: ' . $entry); \OC_Template::printErrorPage($entry); } return $result; }
/** * @param Exception $e */ function handleException(Exception $e) { $request = \OC::$server->getRequest(); // in case the request content type is text/xml - we assume it's a WebDAV request $isXmlContentType = strpos($request->getHeader('Content-Type'), 'text/xml'); if ($isXmlContentType === 0) { // fire up a simple server to properly process the exception $server = new Server(); if (!$e instanceof RemoteException) { // we shall not log on RemoteException $server->addPlugin(new ExceptionLoggerPlugin('webdav', \OC::$server->getLogger())); } $server->on('beforeMethod', function () use($e) { if ($e instanceof RemoteException) { switch ($e->getCode()) { case OC_Response::STATUS_SERVICE_UNAVAILABLE: throw new ServiceUnavailable($e->getMessage()); case OC_Response::STATUS_NOT_FOUND: throw new \Sabre\DAV\Exception\NotFound($e->getMessage()); } } $class = get_class($e); $msg = $e->getMessage(); throw new ServiceUnavailable("{$class}: {$msg}"); }); $server->exec(); } else { $statusCode = OC_Response::STATUS_INTERNAL_SERVER_ERROR; if ($e instanceof \OC\ServiceUnavailableException) { $statusCode = OC_Response::STATUS_SERVICE_UNAVAILABLE; } if ($e instanceof RemoteException) { // we shall not log on RemoteException OC_Response::setStatus($e->getCode()); OC_Template::printErrorPage($e->getMessage()); } else { \OCP\Util::writeLog('remote', $e->getMessage(), \OCP\Util::FATAL); OC_Response::setStatus($statusCode); OC_Template::printExceptionErrorPage($e); } } }
<?php /** * ownCloud - Cloudpress * * @author Bastien Ho (EELV - Urbancube) * @copyleft 2012 bastienho@urbancube.fr * @projeturl http://ecolosites.eelv.fr * * Free Software under creative commons licence * http://creativecommons.org/licenses/by-nc/3.0/ * Attribution-NonCommercial 3.0 Unported (CC BY-NC 3.0) * * You are free: * to Share — to copy, distribute and transmit the work * to Remix — to adapt the work * * Under the following conditions: * Attribution — You must attribute the work in the manner specified by the author or licensor (but not in any way that * suggests that they endorse you or your use of the work). * Noncommercial — You may not use this work for commercial purposes. * */ $wp_instance = new OC_wordpress(); // fill template $tmpl = new OC_Template('user_wordpress', 'settings'); foreach ($wp_instance->params as $param => $value) { $tmpl->assign($param, $value); } return $tmpl->fetchPage();
* it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see <http://www.gnu.org/licenses/> * */ use OC\Lock\NoopLockingProvider; OC_Util::checkAdminUser(); OC_App::setActiveNavigationEntry("admin"); $template = new OC_Template('settings', 'admin', 'user'); $l = OC_L10N::get('settings'); $showLog = \OC::$server->getConfig()->getSystemValue('log_type', 'owncloud') === 'owncloud'; $numEntriesToLoad = 3; $entries = OC_Log_Owncloud::getEntries($numEntriesToLoad + 1); $entriesRemaining = count($entries) > $numEntriesToLoad; $entries = array_slice($entries, 0, $numEntriesToLoad); $logFilePath = OC_Log_Owncloud::getLogFilePath(); $doesLogFileExist = file_exists($logFilePath); $logFileSize = filesize($logFilePath); $config = \OC::$server->getConfig(); $appConfig = \OC::$server->getAppConfig(); $request = \OC::$server->getRequest(); // Should we display sendmail as an option? $template->assign('sendmail_is_available', (bool) \OC_Helper::findBinaryPath('sendmail')); $template->assign('loglevel', $config->getSystemValue("loglevel", 2));
/** * @param string $renderAs * @param string $appId application id */ public function __construct($renderAs, $appId = '') { // yes - should be injected .... $this->config = \OC::$server->getConfig(); // Decide which page we show if ($renderAs == 'user') { parent::__construct('core', 'layout.user'); if (in_array(OC_App::getCurrentApp(), ['settings', 'admin', 'help']) !== false) { $this->assign('bodyid', 'body-settings'); } else { $this->assign('bodyid', 'body-user'); } // Update notification if ($this->config->getSystemValue('updatechecker', true) === true && OC_User::isAdminUser(OC_User::getUser())) { $updater = new \OC\Updater(\OC::$server->getHTTPHelper(), \OC::$server->getConfig()); $data = $updater->check(); if (isset($data['version']) && $data['version'] != '' and $data['version'] !== array()) { $this->assign('updateAvailable', true); $this->assign('updateVersion', $data['versionstring']); $this->assign('updateLink', $data['web']); \OCP\Util::addScript('core', 'update-notification'); } else { $this->assign('updateAvailable', false); // No update available or not an admin user } } else { $this->assign('updateAvailable', false); // Update check is disabled } // Add navigation entry $this->assign('application', ''); $this->assign('appid', $appId); $navigation = OC_App::getNavigation(); $this->assign('navigation', $navigation); $settingsNavigation = OC_App::getSettingsNavigation(); $this->assign('settingsnavigation', $settingsNavigation); foreach ($navigation as $entry) { if ($entry['active']) { $this->assign('application', $entry['name']); break; } } foreach ($settingsNavigation as $entry) { if ($entry['active']) { $this->assign('application', $entry['name']); break; } } $userDisplayName = OC_User::getDisplayName(); $this->assign('user_displayname', $userDisplayName); $this->assign('user_uid', OC_User::getUser()); $this->assign('appsmanagement_active', strpos(\OC::$server->getRequest()->getRequestUri(), \OC::$server->getURLGenerator()->linkToRoute('settings.AppSettings.viewApps')) === 0); $this->assign('enableAvatars', $this->config->getSystemValue('enable_avatars', true)); $this->assign('userAvatarSet', \OC_Helper::userAvatarSet(OC_User::getUser())); } else { if ($renderAs == 'error') { parent::__construct('core', 'layout.guest', '', false); $this->assign('bodyid', 'body-login'); } else { if ($renderAs == 'guest') { parent::__construct('core', 'layout.guest'); $this->assign('bodyid', 'body-login'); } else { parent::__construct('core', 'layout.base'); } } } // Send the language to our layouts $this->assign('language', OC_L10N::findLanguage()); if (empty(self::$versionHash)) { $v = OC_App::getAppVersions(); $v['core'] = implode('.', \OC_Util::getVersion()); self::$versionHash = md5(implode(',', $v)); } $useAssetPipeline = self::isAssetPipelineEnabled(); if ($useAssetPipeline) { $this->append('jsfiles', OC_Helper::linkToRoute('js_config', array('v' => self::$versionHash))); $this->generateAssets(); } else { // Add the js files $jsFiles = self::findJavascriptFiles(OC_Util::$scripts); $this->assign('jsfiles', array(), false); if ($this->config->getSystemValue('installed', false) && $renderAs != 'error') { $this->append('jsfiles', OC_Helper::linkToRoute('js_config', array('v' => self::$versionHash))); } foreach ($jsFiles as $info) { $web = $info[1]; $file = $info[2]; $this->append('jsfiles', $web . '/' . $file . '?v=' . self::$versionHash); } // Add the css files $cssFiles = self::findStylesheetFiles(OC_Util::$styles); $this->assign('cssfiles', array()); foreach ($cssFiles as $info) { $web = $info[1]; $file = $info[2]; $this->append('cssfiles', $web . '/' . $file . '?v=' . self::$versionHash); } } }
// warn if Windows is used $template->assign('WindowsWarning', OC_Util::runningOnWindows()); // warn if outdated version of a memcache module is used $caches = ['apcu' => ['name' => $l->t('APCu'), 'version' => '4.0.6'], 'redis' => ['name' => $l->t('Redis'), 'version' => '2.2.5']]; $outdatedCaches = []; foreach ($caches as $php_module => $data) { $isOutdated = extension_loaded($php_module) && version_compare(phpversion($php_module), $data['version'], '<'); if ($isOutdated) { $outdatedCaches[$php_module] = $data; } } $template->assign('OutdatedCacheWarning', $outdatedCaches); // add hardcoded forms from the template $forms = OC_App::getForms('admin'); if ($config->getSystemValue('enable_certificate_management', false)) { $certificatesTemplate = new OC_Template('settings', 'certificates'); $certificatesTemplate->assign('type', 'admin'); $certificatesTemplate->assign('uploadRoute', 'settings.Certificate.addSystemRootCertificate'); $certificatesTemplate->assign('certs', $certificateManager->listCertificates()); $certificatesTemplate->assign('urlGenerator', $urlGenerator); $forms[] = $certificatesTemplate->fetchPage(); } $formsAndMore = array(); if ($request->getServerProtocol() !== 'https' || !OC_Util::isAnnotationsWorking() || $suggestedOverwriteCliUrl || !OC_Util::isSetLocaleWorking() || !OC_Util::fileInfoLoaded() || $databaseOverload) { $formsAndMore[] = array('anchor' => 'security-warning', 'section-name' => $l->t('Security & setup warnings')); } $formsAndMore[] = array('anchor' => 'shareAPI', 'section-name' => $l->t('Sharing')); $formsAndMore[] = ['anchor' => 'encryptionAPI', 'section-name' => $l->t('Server-side encryption')]; // Prioritize fileSharingSettings and files_external and move updater to the version $fileSharingSettings = $filesExternal = $updaterAppPanel = $ocDefaultEncryptionModulePanel = ''; foreach ($forms as $index => $form) {
list($service) = explode('/', $pathInfo); } $file = OCP\CONFIG::getAppValue('core', 'public_' . strip_tags($service)); if (is_null($file)) { header('HTTP/1.0 404 Not Found'); exit; } $parts = explode('/', $file, 2); $app = $parts[0]; // Load all required applications \OC::$REQUESTEDAPP = $app; OC_App::loadApps(array('authentication')); OC_App::loadApps(array('filesystem', 'logging')); if (!\OC::$server->getAppManager()->isInstalled($app)) { throw new Exception('App not installed: ' . $app); } OC_App::loadApp($app); OC_User::setIncognitoMode(true); $baseuri = OC::$WEBROOT . '/public.php/' . $service . '/'; require_once OC_App::getAppPath($app) . '/' . $parts[1]; } catch (\OC\ServiceUnavailableException $ex) { //show the user a detailed error page OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); \OCP\Util::writeLog('remote', $ex->getMessage(), \OCP\Util::FATAL); OC_Template::printExceptionErrorPage($ex); } catch (Exception $ex) { //show the user a detailed error page OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR); \OCP\Util::writeLog('remote', $ex->getMessage(), \OCP\Util::FATAL); OC_Template::printExceptionErrorPage($ex); }
/** * @param string $renderAs * @param string $appId application id */ public function __construct($renderAs, $appId = '') { // yes - should be injected .... $this->config = \OC::$server->getConfig(); // Decide which page we show if ($renderAs == 'user') { parent::__construct('core', 'layout.user'); if (in_array(\OC_App::getCurrentApp(), ['settings', 'admin', 'help']) !== false) { $this->assign('bodyid', 'body-settings'); } else { $this->assign('bodyid', 'body-user'); } // Code integrity notification $integrityChecker = \OC::$server->getIntegrityCodeChecker(); if (!$integrityChecker->hasPassedCheck()) { \OCP\Util::addScript('core', 'integritycheck-failed-notification'); } // Add navigation entry $this->assign('application', ''); $this->assign('appid', $appId); $navigation = \OC_App::getNavigation(); $this->assign('navigation', $navigation); $settingsNavigation = \OC_App::getSettingsNavigation(); $this->assign('settingsnavigation', $settingsNavigation); foreach ($navigation as $entry) { if ($entry['active']) { $this->assign('application', $entry['name']); break; } } foreach ($settingsNavigation as $entry) { if ($entry['active']) { $this->assign('application', $entry['name']); break; } } $userDisplayName = \OC_User::getDisplayName(); $appsMgmtActive = strpos(\OC::$server->getRequest()->getRequestUri(), \OC::$server->getURLGenerator()->linkToRoute('settings.AppSettings.viewApps')) === 0; if ($appsMgmtActive) { $l = \OC::$server->getL10N('lib'); $this->assign('application', $l->t('Apps')); } $this->assign('user_displayname', $userDisplayName); $this->assign('user_uid', \OC_User::getUser()); $this->assign('appsmanagement_active', $appsMgmtActive); $this->assign('enableAvatars', $this->config->getSystemValue('enable_avatars', true) === true); if (\OC_User::getUser() === false) { $this->assign('userAvatarSet', false); } else { $this->assign('userAvatarSet', \OC::$server->getAvatarManager()->getAvatar(\OC_User::getUser())->exists()); } } else { if ($renderAs == 'error') { parent::__construct('core', 'layout.guest', '', false); $this->assign('bodyid', 'body-login'); } else { if ($renderAs == 'guest') { parent::__construct('core', 'layout.guest'); $this->assign('bodyid', 'body-login'); } else { parent::__construct('core', 'layout.base'); } } } // Send the language to our layouts $this->assign('language', \OC_L10N::findLanguage()); if (\OC::$server->getSystemConfig()->getValue('installed', false)) { if (empty(self::$versionHash)) { $v = \OC_App::getAppVersions(); $v['core'] = implode('.', \OCP\Util::getVersion()); self::$versionHash = md5(implode(',', $v)); } } else { self::$versionHash = md5('not installed'); } $useAssetPipeline = self::isAssetPipelineEnabled(); if ($useAssetPipeline) { $this->append('jsfiles', \OC::$server->getURLGenerator()->linkToRoute('js_config', ['v' => self::$versionHash])); $this->generateAssets(); } else { // Add the js files $jsFiles = self::findJavascriptFiles(\OC_Util::$scripts); $this->assign('jsfiles', array()); if ($this->config->getSystemValue('installed', false) && $renderAs != 'error') { $this->append('jsfiles', \OC::$server->getURLGenerator()->linkToRoute('js_config', ['v' => self::$versionHash])); } foreach ($jsFiles as $info) { $web = $info[1]; $file = $info[2]; $this->append('jsfiles', $web . '/' . $file . '?v=' . self::$versionHash); } // Add the css files $cssFiles = self::findStylesheetFiles(\OC_Util::$styles); $this->assign('cssfiles', array()); foreach ($cssFiles as $info) { $web = $info[1]; $file = $info[2]; $this->append('cssfiles', $web . '/' . $file . '?v=' . self::$versionHash); } } }
/** * return the content of a file or return a zip file containing multiple files * * @param string $dir * @param string $files ; separated list of files to download * @param boolean $only_header ; boolean to only send header of the request */ public static function get($dir, $files, $only_header = false) { $view = \OC\Files\Filesystem::getView(); $xsendfile = false; if (\OC::$server->getLockingProvider() instanceof NoopLockingProvider) { if (isset($_SERVER['MOD_X_SENDFILE_ENABLED']) || isset($_SERVER['MOD_X_SENDFILE2_ENABLED']) || isset($_SERVER['MOD_X_ACCEL_REDIRECT_ENABLED'])) { $xsendfile = true; } } if (is_array($files) && count($files) === 1) { $files = $files[0]; } if (is_array($files)) { $get_type = self::ZIP_FILES; $basename = basename($dir); if ($basename) { $name = $basename . '.zip'; } else { $name = 'download.zip'; } $filename = $dir . '/' . $name; } else { $filename = $dir . '/' . $files; if (\OC\Files\Filesystem::is_dir($dir . '/' . $files)) { $get_type = self::ZIP_DIR; // downloading root ? if ($files === '') { $name = 'download.zip'; } else { $name = $files . '.zip'; } } else { $get_type = self::FILE; $name = $files; } } if ($get_type === self::FILE) { $zip = false; if ($xsendfile && \OC::$server->getEncryptionManager()->isEnabled()) { $xsendfile = false; } } else { $zip = new ZipStreamer(false); } OC_Util::obEnd(); try { if ($get_type === self::FILE) { $view->lockFile($filename, ILockingProvider::LOCK_SHARED); } if ($zip or \OC\Files\Filesystem::isReadable($filename)) { self::sendHeaders($filename, $name, $zip); } elseif (!\OC\Files\Filesystem::file_exists($filename)) { header("HTTP/1.0 404 Not Found"); $tmpl = new OC_Template('', '404', 'guest'); $tmpl->printPage(); exit; } else { header("HTTP/1.0 403 Forbidden"); die('403 Forbidden'); } if ($only_header) { return; } if ($zip) { $executionTime = intval(ini_get('max_execution_time')); set_time_limit(0); if ($get_type === self::ZIP_FILES) { foreach ($files as $file) { $file = $dir . '/' . $file; if (\OC\Files\Filesystem::is_file($file)) { $fh = \OC\Files\Filesystem::fopen($file, 'r'); $zip->addFileFromStream($fh, basename($file)); fclose($fh); } elseif (\OC\Files\Filesystem::is_dir($file)) { self::zipAddDir($file, $zip); } } } elseif ($get_type === self::ZIP_DIR) { $file = $dir . '/' . $files; self::zipAddDir($file, $zip); } $zip->finalize(); set_time_limit($executionTime); } else { if ($xsendfile) { /** @var $storage \OC\Files\Storage\Storage */ list($storage) = $view->resolvePath($filename); if ($storage->isLocal()) { self::addSendfileHeader($filename); } else { \OC\Files\Filesystem::readfile($filename); } } else { \OC\Files\Filesystem::readfile($filename); } } if ($get_type === self::FILE) { $view->unlockFile($filename, ILockingProvider::LOCK_SHARED); } } catch (\OCP\Lock\LockedException $ex) { $l = \OC::$server->getL10N('core'); $hint = method_exists($ex, 'getHint') ? $ex->getHint() : ''; \OC_Template::printErrorPage($l->t('File is currently busy, please try again later'), $hint); } catch (\Exception $ex) { $l = \OC::$server->getL10N('core'); $hint = method_exists($ex, 'getHint') ? $ex->getHint() : ''; \OC_Template::printErrorPage($l->t('Can\'t read file'), $hint); } }
<?php if (!isset($_)) { //allow the template to be loaded standalone require_once '../../../lib/base.php'; $tmpl = new OC_Template('media', 'player'); $tmpl->printPage(); exit; } ?> Music <div class='player-controls' id="playercontrols"> <div class="player" id="jp-player"></div> <ul class="jp-controls"> <li><a href="#" class="jp-play action"><img class="svg" alt="<?php echo $l->t('Play'); ?> " src="<?php echo image_path('core', 'actions/play.svg'); ?> " /></a></li> <li><a href="#" class="jp-pause action"><img class="svg" alt="<?php echo $l->t('Pause'); ?> " src="<?php echo image_path('core', 'actions/pause.svg'); ?> " /></a></li> <li><a href="#" class="jp-next action"><img class="svg" alt="<?php echo $l->t('Next'); ?>
/** * create mail body for plain text and html mail * * @param string $password one-time encryption password * @return array an array of the html mail body and the plain text mail body */ protected function createMailBody($password) { $html = new \OC_Template("encryption", "mail", ""); $html->assign('password', $password); $htmlMail = $html->fetchPage(); $plainText = new \OC_Template("encryption", "altmail", ""); $plainText->assign('password', $password); $plainTextMail = $plainText->fetchPage(); return [$htmlMail, $plainTextMail]; }
/** * @param array $errors */ public static function displayLoginPage($errors = array()) { $parameters = array(); foreach ($errors as $value) { $parameters[$value] = true; } if (!empty($_REQUEST['user'])) { $parameters["username"] = $_REQUEST['user']; $parameters['user_autofocus'] = false; } else { $parameters["username"] = ''; $parameters['user_autofocus'] = true; } if (isset($_REQUEST['redirect_url'])) { $redirectUrl = $_REQUEST['redirect_url']; $parameters['redirect_url'] = urlencode($redirectUrl); } $parameters['alt_login'] = OC_App::getAlternativeLogIns(); $parameters['rememberLoginAllowed'] = self::rememberLoginAllowed(); OC_Template::printGuestPage("", "login", $parameters); }
/** * return the content of a file or return a zip file containing multiple files * * @param string $dir * @param string $files ; separated list of files to download * @param boolean $only_header ; boolean to only send header of the request */ public static function get($dir, $files, $only_header = false) { $xsendfile = false; if (isset($_SERVER['MOD_X_SENDFILE_ENABLED']) || isset($_SERVER['MOD_X_SENDFILE2_ENABLED']) || isset($_SERVER['MOD_X_ACCEL_REDIRECT_ENABLED'])) { $xsendfile = true; } if (is_array($files) && count($files) === 1) { $files = $files[0]; } if (is_array($files)) { $get_type = GET_TYPE::ZIP_FILES; $basename = basename($dir); if ($basename) { $name = $basename . '.zip'; } else { $name = 'download.zip'; } $filename = $dir . '/' . $name; } else { $filename = $dir . '/' . $files; if (\OC\Files\Filesystem::is_dir($dir . '/' . $files)) { $get_type = GET_TYPE::ZIP_DIR; // downloading root ? if ($files === '') { $name = 'download.zip'; } else { $name = $files . '.zip'; } } else { $get_type = GET_TYPE::FILE; $name = $files; } } if ($get_type === GET_TYPE::FILE) { $zip = false; if ($xsendfile && OC_App::isEnabled('files_encryption')) { $xsendfile = false; } } else { $zip = new ZipStreamer(false); } OC_Util::obEnd(); if ($zip or \OC\Files\Filesystem::isReadable($filename)) { self::sendHeaders($filename, $name, $zip); } elseif (!\OC\Files\Filesystem::file_exists($filename)) { header("HTTP/1.0 404 Not Found"); $tmpl = new OC_Template('', '404', 'guest'); $tmpl->assign('file', $name); $tmpl->printPage(); } else { header("HTTP/1.0 403 Forbidden"); die('403 Forbidden'); } if ($only_header) { return; } if ($zip) { $executionTime = intval(ini_get('max_execution_time')); set_time_limit(0); if ($get_type === GET_TYPE::ZIP_FILES) { foreach ($files as $file) { $file = $dir . '/' . $file; if (\OC\Files\Filesystem::is_file($file)) { $fh = \OC\Files\Filesystem::fopen($file, 'r'); $zip->addFileFromStream($fh, basename($file)); fclose($fh); } elseif (\OC\Files\Filesystem::is_dir($file)) { self::zipAddDir($file, $zip); } } } elseif ($get_type === GET_TYPE::ZIP_DIR) { $file = $dir . '/' . $files; self::zipAddDir($file, $zip); } $zip->finalize(); set_time_limit($executionTime); } else { if ($xsendfile) { $view = \OC\Files\Filesystem::getView(); /** @var $storage \OC\Files\Storage\Storage */ list($storage) = $view->resolvePath($filename); if ($storage->isLocal()) { self::addSendfileHeader($filename); } else { \OC\Files\Filesystem::readfile($filename); } } else { \OC\Files\Filesystem::readfile($filename); } } }
if (defined("DEBUG") && DEBUG) { OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG); } $token = md5($_POST["user"] . time() . $_POST['password']); OC_Preferences::setValue($_POST['user'], 'login', 'token', $token); OC_User::setMagicInCookie($_POST["user"], $token); } else { OC_User::unsetMagicInCookie(); } OC_Util::redirectToDefaultPage(); } else { $error = true; } // The user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP } elseif (isset($_SERVER["PHP_AUTH_USER"]) && isset($_SERVER["PHP_AUTH_PW"])) { if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { //OC_Log::write('core',"Logged in with HTTP Authentication",OC_Log::DEBUG); OC_User::unsetMagicInCookie(); $_REQUEST['redirect_url'] = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : ''; OC_Util::redirectToDefaultPage(); } else { $error = true; } } if (!array_key_exists('sectoken', $_SESSION) || array_key_exists('sectoken', $_SESSION) && is_null(OC::$REQUESTEDFILE) || substr(OC::$REQUESTEDFILE, -3) == 'php') { $sectoken = rand(1000000, 9999999); $_SESSION['sectoken'] = $sectoken; $redirect_url = isset($_REQUEST['redirect_url']) ? OC_Util::sanitizeHTML($_REQUEST['redirect_url']) : $_SERVER['REQUEST_URI']; OC_Template::printGuestPage('', 'login', array('error' => $error, 'sectoken' => $sectoken, 'redirect' => $redirect_url)); } }
/** * checks if the selected files are within the size constraint. If not, outputs an error page. * * @param dir $dir * @param files $files */ static function validateZipDownload($dir, $files) { if (!OC_Config::getValue('allowZipDownload', true)) { $l = OC_L10N::get('files'); header("HTTP/1.0 409 Conflict"); $tmpl = new OC_Template('', 'error', 'user'); $errors = array(array('error' => $l->t('ZIP download is turned off.'), 'hint' => $l->t('Files need to be downloaded one by one.') . '<br/><a href="javascript:history.back()">' . $l->t('Back to Files') . '</a>')); $tmpl->assign('errors', $errors); $tmpl->printPage(); exit; } $zipLimit = OC_Config::getValue('maxZipInputSize', OC_Helper::computerFileSize('800 MB')); if ($zipLimit > 0) { $totalsize = 0; if (is_array($files)) { foreach ($files as $file) { $totalsize += OC_Filesystem::filesize($dir . '/' . $file); } } else { $totalsize += OC_Filesystem::filesize($dir . '/' . $files); } if ($totalsize > $zipLimit) { $l = OC_L10N::get('files'); header("HTTP/1.0 409 Conflict"); $tmpl = new OC_Template('', 'error', 'user'); $errors = array(array('error' => $l->t('Selected files too large to generate zip file.'), 'hint' => 'Download the files in smaller chunks, seperately or kindly ask your administrator.<br/><a href="javascript:history.back()">' . $l->t('Back to Files') . '</a>')); $tmpl->assign('errors', $errors); $tmpl->printPage(); exit; } } }
/** * @param View $view * @param string $name * @param string $dir * @param boolean $onlyHeader */ private static function getSingleFile($view, $dir, $name, $onlyHeader) { $filename = $dir . '/' . $name; OC_Util::obEnd(); $view->lockFile($filename, ILockingProvider::LOCK_SHARED); if (\OC\Files\Filesystem::isReadable($filename)) { self::sendHeaders($filename, $name); } elseif (!\OC\Files\Filesystem::file_exists($filename)) { header("HTTP/1.0 404 Not Found"); $tmpl = new OC_Template('', '404', 'guest'); $tmpl->printPage(); exit; } else { header("HTTP/1.0 403 Forbidden"); die('403 Forbidden'); } if ($onlyHeader) { return; } $view->readfile($filename); }
if (isset($group['id'])) { $gids[] = $group['id']; } } $subadmins = false; } // load preset quotas $quotaPreset = $config->getAppValue('files', 'quota_preset', '1 GB, 5 GB, 10 GB'); $quotaPreset = explode(',', $quotaPreset); foreach ($quotaPreset as &$preset) { $preset = trim($preset); } $quotaPreset = array_diff($quotaPreset, array('default', 'none')); $defaultQuota = $config->getAppValue('files', 'default_quota', 'none'); $defaultQuotaIsUserDefined = array_search($defaultQuota, $quotaPreset) === false && array_search($defaultQuota, array('none', 'default')) === false; $tmpl = new OC_Template("settings", "users/main", "user"); $tmpl->assign('groups', $groups); $tmpl->assign('sortGroups', $sortGroupsBy); $tmpl->assign('adminGroup', $adminGroup); $tmpl->assign('isAdmin', (int) $isAdmin); $tmpl->assign('subadmins', $subadmins); $tmpl->assign('numofgroups', count($groups) + count($adminGroup)); $tmpl->assign('quota_preset', $quotaPreset); $tmpl->assign('default_quota', $defaultQuota); $tmpl->assign('defaultQuotaIsUserDefined', $defaultQuotaIsUserDefined); $tmpl->assign('recoveryAdminEnabled', $recoveryAdminEnabled); $tmpl->assign('enableAvatars', \OC::$server->getConfig()->getSystemValue('enable_avatars', true)); $tmpl->assign('show_storage_location', $config->getAppValue('core', 'umgmt_show_storage_location', 'false')); $tmpl->assign('show_last_login', $config->getAppValue('core', 'umgmt_show_last_login', 'false')); $tmpl->assign('show_email', $config->getAppValue('core', 'umgmt_show_email', 'false')); $tmpl->assign('show_backend', $config->getAppValue('core', 'umgmt_show_backend', 'false'));
/** * Ends dialog when session is in full web */ function denyOnWeb($respons) { \OC_Template::printErrorPage($this->getNiceMessage($respons)); $this->doesExit(); }
public function __construct($renderas) { // Decide which page we show if ($renderas == 'user') { parent::__construct('core', 'layout.user'); if (in_array(OC_APP::getCurrentApp(), array('settings', 'admin', 'help')) !== false) { $this->assign('bodyid', 'body-settings', false); } else { $this->assign('bodyid', 'body-user', false); } // Add navigation entry $navigation = OC_App::getNavigation(); $this->assign('navigation', $navigation, false); $this->assign('settingsnavigation', OC_App::getSettingsNavigation(), false); foreach ($navigation as $entry) { if ($entry['active']) { $this->assign('application', $entry['name'], false); break; } } } else { if ($renderas == 'guest') { parent::__construct('core', 'layout.guest'); } else { parent::__construct('core', 'layout.base'); } } $apps_paths = array(); foreach (OC_App::getEnabledApps() as $app) { $apps_paths[$app] = OC_App::getAppWebPath($app); } $this->assign('apps_paths', str_replace('\\/', '/', json_encode($apps_paths)), false); // Ugly unescape slashes waiting for better solution if (OC_Config::getValue('installed', false) && !OC_AppConfig::getValue('core', 'remote_core.css', false)) { OC_AppConfig::setValue('core', 'remote_core.css', '/core/minimizer.php'); OC_AppConfig::setValue('core', 'remote_core.js', '/core/minimizer.php'); } // Add the js files $jsfiles = self::findJavascriptFiles(OC_Util::$scripts); $this->assign('jsfiles', array(), false); if (!empty(OC_Util::$core_scripts)) { $this->append('jsfiles', OC_Helper::linkToRemoteBase('core.js', false)); } foreach ($jsfiles as $info) { $root = $info[0]; $web = $info[1]; $file = $info[2]; $this->append('jsfiles', $web . '/' . $file); } // Add the css files $cssfiles = self::findStylesheetFiles(OC_Util::$styles); $this->assign('cssfiles', array()); if (!empty(OC_Util::$core_styles)) { $this->append('cssfiles', OC_Helper::linkToRemoteBase('core.css', false)); } foreach ($cssfiles as $info) { $root = $info[0]; $web = $info[1]; $file = $info[2]; $paths = explode('/', $file); $in_root = false; foreach (OC::$APPSROOTS as $app_root) { if ($root == $app_root['path']) { $in_root = true; break; } } if ($in_root) { $app = $paths[0]; unset($paths[0]); $path = implode('/', $paths); $this->append('cssfiles', OC_Helper::linkTo($app, $path)); } else { $this->append('cssfiles', $web . '/' . $file); } } }
/** * print error page using Exception details * @param Exception $exception */ public static function printExceptionErrorPage($exception) { try { $request = \OC::$server->getRequest(); $content = new \OC_Template('', 'exception', 'error', false); $content->assign('errorClass', get_class($exception)); $content->assign('errorMsg', $exception->getMessage()); $content->assign('errorCode', $exception->getCode()); $content->assign('file', $exception->getFile()); $content->assign('line', $exception->getLine()); $content->assign('trace', $exception->getTraceAsString()); $content->assign('debugMode', \OC::$server->getSystemConfig()->getValue('debug', false)); $content->assign('remoteAddr', $request->getRemoteAddress()); $content->assign('requestID', $request->getId()); $content->printPage(); } catch (\Exception $e) { $logger = \OC::$server->getLogger(); $logger->logException($exception, ['app' => 'core']); $logger->logException($e, ['app' => 'core']); header(self::getHttpProtocol() . ' 500 Internal Server Error'); header('Content-Type: text/plain; charset=utf-8'); print "Internal Server Error\n\n"; print "The server encountered an internal error and was unable to complete your request.\n"; print "Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.\n"; print "More details can be found in the server log.\n"; } die; }