require_once dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php'; DAV::bootstrap(); set_exception_handler(array('BeeHub', 'exception_handler')); // We need SimpleSamlPHP require_once BeeHub::$CONFIG['environment']['simplesamlphp'] . 'lib' . DIRECTORY_SEPARATOR . '_autoload.php'; if (isset($_SERVER['HTTP_ORIGIN']) && !empty($_SERVER['HTTP_ORIGIN']) && parse_url($_SERVER['HTTP_ORIGIN'], PHP_URL_HOST) != $_SERVER['SERVER_NAME']) { die('Cross Origin Resourc Sharing prohibited!'); } DAV::$PROTECTED_PROPERTIES[DAV::PROP_GROUP_MEMBER_SET] = true; DAV::$ACL_PROPERTIES[BeeHub::PROP_SPONSOR] = 'sponsor'; DAV::addSupported_Properties(BeeHub::PROP_SPONSOR, 'sponsor'); BeeHub::handle_method_spoofing(); DAV::$REGISTRY = BeeHub_Registry::inst(); DAV::$LOCKPROVIDER = BeeHub_Lock_Provider::inst(); DAV::$ACLPROVIDER = BeeHub_ACL_Provider::inst(); DAV::$UNAUTHORIZED = array(BeeHub::getAuth(), 'unauthorized'); // In case of POST requests, we can already check the POST authentication code if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (!BeeHub::getAuth()->checkPostAuthCode()) { throw new DAV_Status(DAV::HTTP_FORBIDDEN, 'POST authentication code (POST_auth_code) was incorrect. The correct code can be obtained with a GET request to /system/?POST_auth_code'); } } // Prepare test environments if needed if (APPLICATION_ENV === BeeHub::ENVIRONMENT_TEST && isset($_GET['test'])) { if (substr($_SERVER['REQUEST_URI'], 0, 19) !== '/foo/client_tests/?') { header('Location: /foo/client_tests/?' . $_SERVER['QUERY_STRING']); die; } define('RUN_CLIENT_TESTS', true); } else { define('RUN_CLIENT_TESTS', false);