Beispiel #1
0
 /**
  * @param OutputInterface $output
  */
 public function loadCommands(OutputInterface $output)
 {
     // $application is required to be defined in the register_command scripts
     $application = $this->application;
     require_once \OC::$SERVERROOT . '/core/register_command.php';
     if ($this->config->getSystemValue('installed', false)) {
         if (!\OCP\Util::needUpgrade()) {
             OC_App::loadApps();
             foreach (OC_App::getAllApps() as $app) {
                 $file = OC_App::getAppPath($app) . '/appinfo/register_command.php';
                 if (file_exists($file)) {
                     require $file;
                 }
             }
         } else {
             $output->writeln("ownCloud or one of the apps require upgrade - only a limited number of commands are available");
         }
     } else {
         $output->writeln("ownCloud is not installed - only a limited number of commands are available");
     }
     $input = new ArgvInput();
     if ($input->getFirstArgument() !== 'check') {
         $errors = \OC_Util::checkServer(\OC::$server->getConfig());
         if (!empty($errors)) {
             foreach ($errors as $error) {
                 $output->writeln($error['error']);
                 $output->writeln($error['hint']);
                 $output->writeln('');
             }
             throw new \Exception("Environment not properly prepared.");
         }
     }
 }
Beispiel #2
0
 /**
  * @param InputInterface $input
  * @param OutputInterface $output
  * @throws \Exception
  */
 public function loadCommands(InputInterface $input, OutputInterface $output)
 {
     // $application is required to be defined in the register_command scripts
     $application = $this->application;
     $inputDefinition = $application->getDefinition();
     $inputDefinition->addOption(new InputOption('no-warnings', null, InputOption::VALUE_NONE, 'Skip global warnings, show command output only', null));
     try {
         $input->bind($inputDefinition);
     } catch (\RuntimeException $e) {
         //expected if there are extra options
     }
     if ($input->getOption('no-warnings')) {
         $output->setVerbosity(OutputInterface::VERBOSITY_QUIET);
     }
     require_once __DIR__ . '/../../../core/register_command.php';
     if ($this->config->getSystemValue('installed', false)) {
         if (\OCP\Util::needUpgrade()) {
             $output->writeln("ownCloud or one of the apps require upgrade - only a limited number of commands are available");
             $output->writeln("You may use your browser or the occ upgrade command to do the upgrade");
         } elseif ($this->config->getSystemValue('maintenance', false)) {
             $output->writeln("ownCloud is in maintenance mode - no app have been loaded");
         } else {
             OC_App::loadApps();
             foreach (\OC::$server->getAppManager()->getInstalledApps() as $app) {
                 $appPath = \OC_App::getAppPath($app);
                 if ($appPath === false) {
                     continue;
                 }
                 \OC::$loader->addValidRoot($appPath);
                 $file = $appPath . '/appinfo/register_command.php';
                 if (file_exists($file)) {
                     require $file;
                 }
             }
         }
     } else {
         $output->writeln("ownCloud is not installed - only a limited number of commands are available");
     }
     $input = new ArgvInput();
     if ($input->getFirstArgument() !== 'check') {
         $errors = \OC_Util::checkServer(\OC::$server->getConfig());
         if (!empty($errors)) {
             foreach ($errors as $error) {
                 $output->writeln((string) $error['error']);
                 $output->writeln((string) $error['hint']);
                 $output->writeln('');
             }
             throw new \Exception("Environment not properly prepared.");
         }
     }
 }
Beispiel #3
0
 /**
  * @param OutputInterface $output
  * @throws \Exception
  */
 public function loadCommands(OutputInterface $output)
 {
     // $application is required to be defined in the register_command scripts
     $application = $this->application;
     require_once __DIR__ . '/../../../core/register_command.php';
     if ($this->config->getSystemValue('installed', false)) {
         if (\OCP\Util::needUpgrade()) {
             $output->writeln("ownCloud or one of the apps require upgrade - only a limited number of commands are available");
             $output->writeln("You may use your browser or the occ upgrade command to do the upgrade");
         } elseif ($this->config->getSystemValue('maintenance', false)) {
             $output->writeln("ownCloud is in maintenance mode - no app have been loaded");
         } else {
             OC_App::loadApps();
             foreach (\OC::$server->getAppManager()->getInstalledApps() as $app) {
                 $appPath = \OC_App::getAppPath($app);
                 if ($appPath === false) {
                     continue;
                 }
                 \OC::$loader->addValidRoot($appPath);
                 $file = $appPath . '/appinfo/register_command.php';
                 if (file_exists($file)) {
                     require $file;
                 }
             }
         }
     } else {
         $output->writeln("ownCloud is not installed - only a limited number of commands are available");
     }
     $input = new ArgvInput();
     if ($input->getFirstArgument() !== 'check') {
         $errors = \OC_Util::checkServer(\OC::$server->getConfig());
         if (!empty($errors)) {
             foreach ($errors as $error) {
                 $output->writeln((string) $error['error']);
                 $output->writeln((string) $error['hint']);
                 $output->writeln('');
             }
             throw new \Exception("Environment not properly prepared.");
         }
     }
 }
Beispiel #4
0
 /**
  * Find the route matching $url
  *
  * @param string $url The url to find
  * @throws \Exception
  * @return void
  */
 public function match($url)
 {
     if (substr($url, 0, 6) === '/apps/') {
         // empty string / 'apps' / $app / rest of the route
         list(, , $app, ) = explode('/', $url, 4);
         $app = \OC_App::cleanAppId($app);
         \OC::$REQUESTEDAPP = $app;
         $this->loadRoutes($app);
     } else {
         if (substr($url, 0, 6) === '/core/' or substr($url, 0, 10) === '/settings/') {
             \OC::$REQUESTEDAPP = $url;
             if (!\OC::$server->getConfig()->getSystemValue('maintenance', false) && !Util::needUpgrade()) {
                 \OC_App::loadApps();
             }
             $this->loadRoutes('core');
         } else {
             $this->loadRoutes();
         }
     }
     $matcher = new UrlMatcher($this->root, $this->context);
     try {
         $parameters = $matcher->match($url);
     } catch (ResourceNotFoundException $e) {
         if (substr($url, -1) !== '/') {
             // We allow links to apps/files? for backwards compatibility reasons
             // However, since Symfony does not allow empty route names, the route
             // we need to match is '/', so we need to append the '/' here.
             try {
                 $parameters = $matcher->match($url . '/');
             } catch (ResourceNotFoundException $newException) {
                 // If we still didn't match a route, we throw the original exception
                 throw $e;
             }
         } else {
             throw $e;
         }
     }
     \OC::$server->getEventLogger()->start('run_route', 'Run route');
     if (isset($parameters['action'])) {
         $action = $parameters['action'];
         if (!is_callable($action)) {
             throw new \Exception('not a callable action');
         }
         unset($parameters['action']);
         call_user_func($action, $parameters);
     } elseif (isset($parameters['file'])) {
         include $parameters['file'];
     } else {
         throw new \Exception('no action available');
     }
     \OC::$server->getEventLogger()->end('run_route');
 }
Beispiel #5
0
    // Delete lockfile
    if (!TemporaryCronClass::$keeplock && file_exists(TemporaryCronClass::$lockfile)) {
        unlink(TemporaryCronClass::$lockfile);
    }
    // Say goodbye if the app did not shutdown properly
    if (!TemporaryCronClass::$sent) {
        if (OC::$CLI) {
            echo 'Unexpected error!' . PHP_EOL;
        } else {
            OC_JSON::error(array('data' => array('message' => 'Unexpected error!')));
        }
    }
}
try {
    require_once 'lib/base.php';
    if (\OCP\Util::needUpgrade()) {
        \OCP\Util::writeLog('cron', 'Update required, skipping cron', \OCP\Util::DEBUG);
        exit;
    }
    // load all apps to get all api routes properly setup
    OC_App::loadApps();
    \OC::$server->getSession()->close();
    // initialize a dummy memory session
    \OC::$server->setSession(new \OC\Session\Memory(''));
    $logger = \OC_Log::$object;
    // Don't do anything if ownCloud has not been installed
    if (!OC_Config::getValue('installed', false)) {
        exit(0);
    }
    // Handle unexpected errors
    register_shutdown_function('handleUnexpectedShutdown');
Beispiel #6
0
 /**
  * @return bool
  */
 public static function isAssetPipelineEnabled()
 {
     try {
         if (\OCP\Util::needUpgrade()) {
             // Don't use the compiled asset when we need to do an update
             return false;
         }
     } catch (\Exception $e) {
         // Catch any exception, because this code is also called when displaying
         // an exception error page.
         return false;
     }
     // asset management enabled?
     $config = \OC::$server->getConfig();
     $useAssetPipeline = $config->getSystemValue('asset-pipeline.enabled', false);
     if (!$useAssetPipeline) {
         return false;
     }
     // assets folder exists?
     $assetDir = $config->getSystemValue('assetdirectory', \OC::$SERVERROOT) . '/assets';
     if (!is_dir($assetDir)) {
         if (!mkdir($assetDir)) {
             \OCP\Util::writeLog('assets', "Folder <{$assetDir}> does not exist and/or could not be generated.", \OCP\Util::ERROR);
             return false;
         }
     }
     // assets folder can be accessed?
     if (!touch($assetDir . "/.oc")) {
         \OCP\Util::writeLog('assets', "Folder <{$assetDir}> could not be accessed.", \OCP\Util::ERROR);
         return false;
     }
     return $useAssetPipeline;
 }
Beispiel #7
0
 /**
  * Handle the request
  */
 public static function handleRequest()
 {
     \OC::$server->getEventLogger()->start('handle_request', 'Handle request');
     $systemConfig = \OC::$server->getSystemConfig();
     // load all the classpaths from the enabled apps so they are available
     // in the routing files of each app
     OC::loadAppClassPaths();
     // Check if ownCloud is installed or in maintenance (update) mode
     if (!$systemConfig->getValue('installed', false)) {
         \OC::$server->getSession()->clear();
         $setupHelper = new OC\Setup(\OC::$server->getConfig(), \OC::$server->getIniWrapper(), \OC::$server->getL10N('lib'), new \OC_Defaults(), \OC::$server->getLogger(), \OC::$server->getSecureRandom());
         $controller = new OC\Core\Setup\Controller($setupHelper);
         $controller->run($_POST);
         exit;
     }
     $request = \OC::$server->getRequest()->getPathInfo();
     if (substr($request, -3) !== '.js') {
         // we need these files during the upgrade
         self::checkMaintenanceMode();
         self::checkUpgrade();
     }
     // Always load authentication apps
     OC_App::loadApps(['authentication']);
     // Load minimum set of apps
     if (!self::checkUpgrade(false) && !$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
         // For logged-in users: Load everything
         if (OC_User::isLoggedIn()) {
             OC_App::loadApps();
         } else {
             // For guests: Load only filesystem and logging
             OC_App::loadApps(array('filesystem', 'logging'));
             \OC_User::tryBasicAuthLogin();
         }
     }
     if (!self::$CLI and (!isset($_GET["logout"]) or $_GET["logout"] !== 'true')) {
         try {
             if (!$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
                 OC_App::loadApps(array('filesystem', 'logging'));
                 OC_App::loadApps();
             }
             self::checkSingleUserMode();
             OC_Util::setupFS();
             OC::$server->getRouter()->match(\OC::$server->getRequest()->getRawPathInfo());
             return;
         } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
             //header('HTTP/1.0 404 Not Found');
         } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
             OC_Response::setStatus(405);
             return;
         }
     }
     // Handle redirect URL for logged in users
     if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
         $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
         // Deny the redirect if the URL contains a @
         // This prevents unvalidated redirects like ?redirect_url=:user@domain.com
         if (strpos($location, '@') === false) {
             header('Location: ' . $location);
             return;
         }
     }
     // Handle WebDAV
     if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
         // not allowed any more to prevent people
         // mounting this root directly.
         // Users need to mount remote.php/webdav instead.
         header('HTTP/1.1 405 Method Not Allowed');
         header('Status: 405 Method Not Allowed');
         return;
     }
     // Redirect to index if the logout link is accessed without valid session
     // this is needed to prevent "Token expired" messages while login if a session is expired
     // @see https://github.com/owncloud/core/pull/8443#issuecomment-42425583
     if (isset($_GET['logout']) && !OC_User::isLoggedIn()) {
         header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
         return;
     }
     // Someone is logged in
     if (OC_User::isLoggedIn()) {
         OC_App::loadApps();
         OC_User::setupBackends();
         OC_Util::setupFS();
         if (isset($_GET["logout"]) and $_GET["logout"]) {
             OC_JSON::callCheck();
             if (isset($_COOKIE['oc_token'])) {
                 \OC::$server->getConfig()->deleteUserValue(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
             }
             OC_User::logout();
             // redirect to webroot and add slash if webroot is empty
             header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
         } else {
             // Redirect to default application
             OC_Util::redirectToDefaultPage();
         }
     } else {
         // Not handled and not logged in
         self::handleLogin();
     }
 }
Beispiel #8
0
 /**
  * Checks if the version requires an update and shows
  * @param bool $showTemplate Whether an update screen should get shown
  * @return bool|void
  */
 public static function checkUpgrade($showTemplate = true)
 {
     if (\OCP\Util::needUpgrade()) {
         $systemConfig = \OC::$server->getSystemConfig();
         if ($showTemplate && !$systemConfig->getValue('maintenance', false)) {
             self::printUpgradePage();
             exit;
         } else {
             return true;
         }
     }
     return false;
 }
Beispiel #9
0
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library.  If not, see <http://www.gnu.org/licenses/>.
*
*/
require_once '../lib/base.php';
if (\OCP\Util::needUpgrade() || \OCP\Config::getSystemValue('maintenance', false) || \OCP\Config::getSystemValue('singleuser', false)) {
    // since the behavior of apps or remotes are unpredictable during
    // an upgrade, return a 503 directly
    OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
    $response = new OC_OCS_Result(null, OC_Response::STATUS_SERVICE_UNAVAILABLE, 'Service unavailable');
    OC_API::respond($response, OC_API::requestedFormat());
    exit;
}
use Symfony\Component\Routing\Exception\ResourceNotFoundException;
use Symfony\Component\Routing\Exception\MethodNotAllowedException;
try {
    // load all apps to get all api routes properly setup
    OC_App::loadApps();
    // api calls always will return English
    \OC_L10N::forceLanguage('en');
    OC::$server->getRouter()->match('/ocs' . OC_Request::getRawPathInfo());
Beispiel #10
0
 public static function initTemplateEngine()
 {
     if (self::$initTemplateEngineFirstRun) {
         //apps that started before the template initialization can load their own scripts/styles
         //so to make sure this scripts/styles here are loaded first we use OC_Util::addScript() with $prepend=true
         //meaning the last script/style in this list will be loaded first
         if (\OC::$server->getSystemConfig()->getValue('installed', false) && !\OCP\Util::needUpgrade()) {
             if (\OC::$server->getConfig()->getAppValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') {
                 OC_Util::addScript('backgroundjobs', null, true);
             }
         }
         OC_Util::addStyle("tooltip", null, true);
         OC_Util::addStyle('jquery-ui-fixes', null, true);
         OC_Util::addVendorStyle('jquery-ui/themes/base/jquery-ui', null, true);
         OC_Util::addStyle("multiselect", null, true);
         OC_Util::addStyle("fixes", null, true);
         OC_Util::addStyle("apps", null, true);
         OC_Util::addStyle("fonts", null, true);
         OC_Util::addStyle("icons", null, true);
         OC_Util::addStyle("mobile", null, true);
         OC_Util::addStyle("header", null, true);
         OC_Util::addStyle("styles", null, true);
         // avatars
         if (\OC::$server->getSystemConfig()->getValue('enable_avatars', true) === true) {
             \OC_Util::addScript('avatar', null, true);
             \OC_Util::addScript('jquery.avatar', null, true);
             \OC_Util::addScript('placeholder', null, true);
         }
         OC_Util::addScript('oc-backbone', null, true);
         OC_Util::addVendorScript('core', 'backbone/backbone', true);
         OC_Util::addVendorScript('snapjs/dist/latest/snap', null, true);
         OC_Util::addScript('mimetypelist', null, true);
         OC_Util::addScript('mimetype', null, true);
         OC_Util::addScript("apps", null, true);
         OC_Util::addScript("oc-requesttoken", null, true);
         OC_Util::addScript('search', 'search', true);
         OC_Util::addScript("config", null, true);
         OC_Util::addScript("eventsource", null, true);
         OC_Util::addScript("octemplate", null, true);
         OC_Util::addTranslations("core", null, true);
         OC_Util::addScript("l10n", null, true);
         OC_Util::addScript("js", null, true);
         OC_Util::addScript("oc-dialogs", null, true);
         OC_Util::addScript("jquery.ocdialog", null, true);
         OC_Util::addStyle("jquery.ocdialog");
         OC_Util::addScript("compatibility", null, true);
         OC_Util::addScript("placeholders", null, true);
         // Add the stuff we need always
         // following logic will import all vendor libraries that are
         // specified in core/js/core.json
         $fileContent = file_get_contents(OC::$SERVERROOT . '/core/js/core.json');
         if ($fileContent !== false) {
             $coreDependencies = json_decode($fileContent, true);
             foreach (array_reverse($coreDependencies['vendor']) as $vendorLibrary) {
                 // remove trailing ".js" as addVendorScript will append it
                 OC_Util::addVendorScript(substr($vendorLibrary, 0, strlen($vendorLibrary) - 3), null, true);
             }
         } else {
             throw new \Exception('Cannot read core/js/core.json');
         }
         self::$initTemplateEngineFirstRun = false;
     }
 }
Beispiel #11
0
 /**
  * Test needUpgrade() when the core version is increased
  */
 public function testNeedUpgradeCore()
 {
     $config = \OC::$server->getConfig();
     $oldConfigVersion = $config->getSystemValue('version', '0.0.0');
     $oldSessionVersion = \OC::$server->getSession()->get('OC_Version');
     $this->assertFalse(\OCP\Util::needUpgrade());
     $config->setSystemValue('version', '7.0.0.0');
     \OC::$server->getSession()->set('OC_Version', array(7, 0, 0, 1));
     self::invokePrivate(new \OCP\Util(), 'needUpgradeCache', array(null));
     $this->assertTrue(\OCP\Util::needUpgrade());
     $config->setSystemValue('version', $oldConfigVersion);
     \OC::$server->getSession()->set('OC_Version', $oldSessionVersion);
     self::invokePrivate(new \OCP\Util(), 'needUpgradeCache', array(null));
     $this->assertFalse(\OCP\Util::needUpgrade());
 }
 /**
  * @deprecated 6.0.0
  * creates a regular task
  * @param string $klass class name
  * @param string $method method name
  * @return boolean|null
  * @since 4.5.0
  */
 public static function addRegularTask($klass, $method)
 {
     if (!\OCP\Util::needUpgrade()) {
         self::registerJob('OC\\BackgroundJob\\Legacy\\RegularJob', array($klass, $method));
         return true;
     }
 }
Beispiel #13
0
 *
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */
require_once '../lib/base.php';
if (\OCP\Util::needUpgrade() || \OC::$server->getSystemConfig()->getValue('maintenance', false) || \OC::$server->getSystemConfig()->getValue('singleuser', false)) {
    // since the behavior of apps or remotes are unpredictable during
    // an upgrade, return a 503 directly
    OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
    $response = new OC_OCS_Result(null, OC_Response::STATUS_SERVICE_UNAVAILABLE, 'Service unavailable');
    OC_API::respond($response, OC_API::requestedFormat());
    exit;
}
use Symfony\Component\Routing\Exception\ResourceNotFoundException;
use Symfony\Component\Routing\Exception\MethodNotAllowedException;
try {
    // load all apps to get all api routes properly setup
    OC_App::loadApps();
    // force language as given in the http request
    \OC_L10N::setLanguageFromRequest();
    OC::$server->getRouter()->match('/ocs' . \OC::$server->getRequest()->getRawPathInfo());
Beispiel #14
0
 /**
  * Handle the request
  */
 public static function handleRequest()
 {
     $l = \OC_L10N::get('lib');
     // load all the classpaths from the enabled apps so they are available
     // in the routing files of each app
     OC::loadAppClassPaths();
     // Check if ownCloud is installed or in maintenance (update) mode
     if (!OC_Config::getValue('installed', false)) {
         $controller = new OC\Core\Setup\Controller();
         $controller->run($_POST);
         exit;
     }
     $host = OC_Request::insecureServerHost();
     // if the host passed in headers isn't trusted
     if (!OC::$CLI && OC_Request::getOverwriteHost() === null && !OC_Request::isTrustedDomain($host)) {
         header('HTTP/1.1 400 Bad Request');
         header('Status: 400 Bad Request');
         OC_Template::printErrorPage($l->t('You are accessing the server from an untrusted domain.'), $l->t('Please contact your administrator. If you are an administrator of this instance, configure the "trusted_domain" setting in config/config.php. An example configuration is provided in config/config.sample.php.'));
         return;
     }
     $request = OC_Request::getPathInfo();
     if (substr($request, -3) !== '.js') {
         // we need these files during the upgrade
         self::checkMaintenanceMode();
         self::checkUpgrade();
     }
     if (!OC_User::isLoggedIn()) {
         // Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
         OC::tryBasicAuthLogin();
     }
     if (!self::$CLI and (!isset($_GET["logout"]) or $_GET["logout"] !== 'true')) {
         try {
             if (!OC_Config::getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
                 OC_App::loadApps(array('authentication'));
                 OC_App::loadApps(array('filesystem', 'logging'));
                 OC_App::loadApps();
             }
             self::checkSingleUserMode();
             OC::$server->getRouter()->match(OC_Request::getRawPathInfo());
             return;
         } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
             //header('HTTP/1.0 404 Not Found');
         } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
             OC_Response::setStatus(405);
             return;
         }
     }
     // Load minimum set of apps
     if (!self::checkUpgrade(false)) {
         // For logged-in users: Load everything
         if (OC_User::isLoggedIn()) {
             OC_App::loadApps();
         } else {
             // For guests: Load only authentication, filesystem and logging
             OC_App::loadApps(array('authentication'));
             OC_App::loadApps(array('filesystem', 'logging'));
         }
     }
     // Handle redirect URL for logged in users
     if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
         $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
         // Deny the redirect if the URL contains a @
         // This prevents unvalidated redirects like ?redirect_url=:user@domain.com
         if (strpos($location, '@') === false) {
             header('Location: ' . $location);
             return;
         }
     }
     // Handle WebDAV
     if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
         // not allowed any more to prevent people
         // mounting this root directly.
         // Users need to mount remote.php/webdav instead.
         header('HTTP/1.1 405 Method Not Allowed');
         header('Status: 405 Method Not Allowed');
         return;
     }
     // Redirect to index if the logout link is accessed without valid session
     // this is needed to prevent "Token expired" messages while login if a session is expired
     // @see https://github.com/owncloud/core/pull/8443#issuecomment-42425583
     if (isset($_GET['logout']) && !OC_User::isLoggedIn()) {
         header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
         return;
     }
     // Someone is logged in
     if (OC_User::isLoggedIn()) {
         OC_App::loadApps();
         OC_User::setupBackends();
         if (isset($_GET["logout"]) and $_GET["logout"]) {
             OC_JSON::callCheck();
             if (isset($_COOKIE['oc_token'])) {
                 OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
             }
             if (isset($_SERVER['PHP_AUTH_USER'])) {
                 if (isset($_COOKIE['oc_ignore_php_auth_user'])) {
                     // Ignore HTTP Authentication for 5 more mintues.
                     setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], time() + 300, OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
                 } elseif ($_SERVER['PHP_AUTH_USER'] === self::$session->get('loginname')) {
                     // Ignore HTTP Authentication to allow a different user to log in.
                     setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], 0, OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
                 }
             }
             OC_User::logout();
             // redirect to webroot and add slash if webroot is empty
             header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
         } else {
             // Redirect to default application
             OC_Util::redirectToDefaultPage();
         }
     } else {
         // Not handled and not logged in
         self::handleLogin();
     }
 }
Beispiel #15
0
 /**
  * Test needUpgrade() when the core version is increased
  */
 public function testNeedUpgradeCore()
 {
     $oldConfigVersion = OC_Config::getValue('version', '0.0.0');
     $oldSessionVersion = \OC::$server->getSession()->get('OC_Version');
     $this->assertFalse(\OCP\Util::needUpgrade());
     OC_Config::setValue('version', '7.0.0.0');
     \OC::$server->getSession()->set('OC_Version', array(7, 0, 0, 1));
     $this->assertTrue(\OCP\Util::needUpgrade());
     OC_Config::setValue('version', $oldConfigVersion);
     $oldSessionVersion = \OC::$server->getSession()->set('OC_Version', $oldSessionVersion);
     $this->assertFalse(\OCP\Util::needUpgrade());
 }
Beispiel #16
0
 /**
  * Find the route matching $url
  *
  * @param string $url The url to find
  * @throws \Exception
  * @return void
  */
 public function match($url)
 {
     if (substr($url, 0, 6) === '/apps/') {
         // empty string / 'apps' / $app / rest of the route
         list(, , $app, ) = explode('/', $url, 4);
         $app = \OC_App::cleanAppId($app);
         \OC::$REQUESTEDAPP = $app;
         $this->loadRoutes($app);
     } else {
         if (substr($url, 0, 6) === '/core/' or substr($url, 0, 10) === '/settings/') {
             \OC::$REQUESTEDAPP = $url;
             if (!\OC_Config::getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
                 \OC_App::loadApps();
             }
             $this->loadRoutes('core');
         } else {
             $this->loadRoutes();
         }
     }
     $matcher = new UrlMatcher($this->root, $this->context);
     $parameters = $matcher->match($url);
     if (isset($parameters['action'])) {
         $action = $parameters['action'];
         if (!is_callable($action)) {
             var_dump($action);
             throw new \Exception('not a callable action');
         }
         unset($parameters['action']);
         call_user_func($action, $parameters);
     } elseif (isset($parameters['file'])) {
         include $parameters['file'];
     } else {
         throw new \Exception('no action available');
     }
 }