public static function setupFS($user = "", $root = "files") { // configure the initial filesystem based on the configuration if (self::$fsSetup) { //setting up the filesystem twice can only lead to trouble return false; } $CONFIG_DATADIRECTORY_ROOT = OC_Config::getValue("datadirectory", OC::$SERVERROOT . "/data"); $CONFIG_BACKUPDIRECTORY = OC_Config::getValue("backupdirectory", OC::$SERVERROOT . "/backup"); // Check if config folder is writable. if (!is_writable(OC::$SERVERROOT . "/config/")) { $tmpl = new OC_Template('', 'error', 'guest'); $tmpl->assign('errors', array(1 => array('error' => "Can't write into config directory 'config'", 'hint' => "You can usually fix this by giving the webserver user write access to the config directory in owncloud"))); $tmpl->printPage(); exit; } // Check if apps folder is writable. if (!is_writable(OC::$SERVERROOT . "/apps/")) { $tmpl = new OC_Template('', 'error', 'guest'); $tmpl->assign('errors', array(1 => array('error' => "Can't write into apps directory 'apps'", 'hint' => "You can usually fix this by giving the webserver user write access to the config directory in owncloud"))); $tmpl->printPage(); exit; } // Create root dir. if (!is_dir($CONFIG_DATADIRECTORY_ROOT)) { $success = @mkdir($CONFIG_DATADIRECTORY_ROOT); if (!$success) { $tmpl = new OC_Template('', 'error', 'guest'); $tmpl->assign('errors', array(1 => array('error' => "Can't create data directory (" . $CONFIG_DATADIRECTORY_ROOT . ")", 'hint' => "You can usually fix this by giving the webserver write access to the ownCloud directory '" . OC::$SERVERROOT . "' (in a terminal, use the command 'chown -R www-data:www-data /path/to/your/owncloud/install/data' "))); $tmpl->printPage(); exit; } } // If we are not forced to load a specific user we load the one that is logged in if ($user == "" && OC_User::isLoggedIn()) { $user = OC_User::getUser(); } //first set up the local "root" storage if (!self::$rootMounted) { OC_Filesystem::mount('OC_Filestorage_Local', array('datadir' => $CONFIG_DATADIRECTORY_ROOT), '/'); self::$rootMounted = true; } if ($user != "") { //if we aren't logged in, there is no use to set up the filesystem OC::$CONFIG_DATADIRECTORY = $CONFIG_DATADIRECTORY_ROOT . "/{$user}/{$root}"; if (!is_dir(OC::$CONFIG_DATADIRECTORY)) { mkdir(OC::$CONFIG_DATADIRECTORY, 0755, true); } //jail the user into his "home" directory OC_Filesystem::init('/' . $user . '/' . $root); $quotaProxy = new OC_FileProxy_Quota(); OC_FileProxy::register($quotaProxy); self::$fsSetup = true; } }
public static function setupFS($user = "", $root = "files") { // configure the initial filesystem based on the configuration if (self::$fsSetup) { //setting up the filesystem twice can only lead to trouble return false; } $CONFIG_DATADIRECTORY_ROOT = OC_Config::getValue("datadirectory", OC::$SERVERROOT . "/data"); $CONFIG_BACKUPDIRECTORY = OC_Config::getValue("backupdirectory", OC::$SERVERROOT . "/backup"); // Create root dir if (!is_dir($CONFIG_DATADIRECTORY_ROOT)) { $success = @mkdir($CONFIG_DATADIRECTORY_ROOT); if (!$success) { $tmpl = new OC_Template('', 'error', 'guest'); $tmpl->assign('errors', array(1 => array('error' => "Can't create data directory (" . $CONFIG_DATADIRECTORY_ROOT . ")", 'hint' => "You can usually fix this by setting the owner of '" . OC::$SERVERROOT . "' to the user that the web server uses (" . OC_Util::checkWebserverUser() . ")"))); $tmpl->printPage(); exit; } } // If we are not forced to load a specific user we load the one that is logged in if ($user == "" && OC_User::isLoggedIn()) { $user = OC_User::getUser(); } if ($user != "") { //if we aren't logged in, there is no use to set up the filesystem //first set up the local "root" storage and the backupstorage if needed $rootStorage = OC_Filesystem::createStorage('local', array('datadir' => $CONFIG_DATADIRECTORY_ROOT)); // if( OC_Config::getValue( "enablebackup", false )){ // // This creates the Directorys recursively // if(!is_dir( "$CONFIG_BACKUPDIRECTORY/$user/$root" )){ // mkdir( "$CONFIG_BACKUPDIRECTORY/$user/$root", 0755, true ); // } // $backupStorage=OC_Filesystem::createStorage('local',array('datadir'=>$CONFIG_BACKUPDIRECTORY)); // $backup=new OC_FILEOBSERVER_BACKUP(array('storage'=>$backupStorage)); // $rootStorage->addObserver($backup); // } OC_Filesystem::mount($rootStorage, '/'); // TODO add this storage provider in a proper way $sharedStorage = OC_Filesystem::createStorage('shared', array('datadir' => '/' . OC_User::getUser() . '/files/Shared')); OC_Filesystem::mount($sharedStorage, '/' . OC_User::getUser() . '/files/Shared/'); OC::$CONFIG_DATADIRECTORY = $CONFIG_DATADIRECTORY_ROOT . "/{$user}/{$root}"; if (!is_dir(OC::$CONFIG_DATADIRECTORY)) { mkdir(OC::$CONFIG_DATADIRECTORY, 0755, true); } // TODO: find a cool way for doing this // //set up the other storages according to the system settings // foreach($CONFIG_FILESYSTEM as $storageConfig){ // if(OC_Filesystem::hasStorageType($storageConfig['type'])){ // $arguments=$storageConfig; // unset($arguments['type']); // unset($arguments['mountpoint']); // $storage=OC_Filesystem::createStorage($storageConfig['type'],$arguments); // if($storage){ // OC_Filesystem::mount($storage,$storageConfig['mountpoint']); // } // } // } //jail the user into his "home" directory OC_Filesystem::chroot("/{$user}/{$root}"); $quotaProxy = new OC_FileProxy_Quota(); OC_FileProxy::register($quotaProxy); self::$fsSetup = true; } }
public static function init() { // register autoloader spl_autoload_register(array('OC', 'autoload')); setlocale(LC_ALL, 'en_US.UTF-8'); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); // try to switch magic quotes off. if (function_exists('set_magic_quotes_runtime')) { @set_magic_quotes_runtime(false); } //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); //try to set the session lifetime to 60min @ini_set('gc_maxlifetime', '3600'); //set http auth headers for apache+php-cgi work around if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } //set http auth headers for apache+php-cgi work around if variable gets renamed by apache if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } self::initPaths(); // register the stream wrappers require_once 'streamwrappers.php'; stream_wrapper_register("fakedir", "OC_FakeDirStream"); stream_wrapper_register('static', 'OC_StaticStreamWrapper'); stream_wrapper_register('close', 'OC_CloseStreamWrapper'); self::checkInstalled(); self::checkSSL(); // CSRF protection if (isset($_SERVER['HTTP_REFERER'])) { $referer = $_SERVER['HTTP_REFERER']; } else { $referer = ''; } $refererhost = parse_url($referer); if (isset($refererhost['host'])) { $refererhost = $refererhost['host']; } else { $refererhost = ''; } $server = OC_Helper::serverHost(); $serverhost = explode(':', $server); $serverhost = $serverhost['0']; if ($_SERVER['REQUEST_METHOD'] == 'POST' and $refererhost != $serverhost) { $url = OC_Helper::serverProtocol() . '://' . $server . OC::$WEBROOT . '/index.php'; header("Location: {$url}"); exit; } self::initSession(); self::initTemplateEngine(); self::checkUpgrade(); $errors = OC_Util::checkServer(); if (count($errors) > 0) { OC_Template::printGuestPage('', 'error', array('errors' => $errors)); exit; } // TODO: we should get rid of this one, too // WARNING: to make everything even more confusing, // DATADIRECTORY is a var that changes and DATADIRECTORY_ROOT // stays the same, but is set by "datadirectory". // Any questions? OC::$CONFIG_DATADIRECTORY = OC_Config::getValue("datadirectory", OC::$SERVERROOT . "/data"); // User and Groups if (!OC_Config::getValue("installed", false)) { $_SESSION['user_id'] = ''; } OC_User::useBackend(OC_Config::getValue("userbackend", "database")); OC_Group::useBackend(new OC_Group_Database()); // Set up file system unless forbidden global $RUNTIME_NOSETUPFS; if (!$RUNTIME_NOSETUPFS) { OC_Util::setupFS(); } // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; if (!$RUNTIME_NOAPPS) { if ($RUNTIME_APPTYPES) { OC_App::loadApps($RUNTIME_APPTYPES); } else { OC_App::loadApps(); } } // Check for blacklisted files OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted'); //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); //parse the given parameters self::$REQUESTEDAPP = isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? str_replace(array('\\0', '/', '\\', '..'), '', strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'); if (substr_count(self::$REQUESTEDAPP, '?') != 0) { $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); $param = substr(self::$REQUESTEDAPP, strpos(self::$REQUESTEDAPP, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDAPP = $app; $_GET['app'] = $app; } self::$REQUESTEDFILE = isset($_GET['getfile']) ? $_GET['getfile'] : null; if (substr_count(self::$REQUESTEDFILE, '?') != 0) { $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDFILE = $file; $_GET['getfile'] = $file; } if (!is_null(self::$REQUESTEDFILE)) { $subdir = OC::$APPSROOT . '/apps/' . self::$REQUESTEDAPP . '/' . self::$REQUESTEDFILE; $parent = OC::$APPSROOT . '/apps/' . self::$REQUESTEDAPP; if (!OC_Helper::issubdirectory($subdir, $parent)) { self::$REQUESTEDFILE = null; header('HTTP/1.0 404 Not Found'); exit; } } }
public static function init() { // register autoloader spl_autoload_register(array('OC', 'autoload')); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); date_default_timezone_set('Europe/Berlin'); ini_set('arg_separator.output', '&'); // calculate the documentroot OC::$DOCUMENTROOT = realpath($_SERVER['DOCUMENT_ROOT']); OC::$SERVERROOT = str_replace("\\", '/', substr(__FILE__, 0, -13)); OC::$SUBURI = substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)); $scriptName = $_SERVER["SCRIPT_NAME"]; if (substr($scriptName, -1) == '/') { $scriptName .= 'index.php'; } OC::$WEBROOT = substr($scriptName, 0, strlen($scriptName) - strlen(OC::$SUBURI)); if (OC::$WEBROOT != '' and OC::$WEBROOT[0] !== '/') { OC::$WEBROOT = '/' . OC::$WEBROOT; } // set the right include path set_include_path(OC::$SERVERROOT . '/lib' . PATH_SEPARATOR . OC::$SERVERROOT . '/config' . PATH_SEPARATOR . OC::$SERVERROOT . '/3rdparty' . PATH_SEPARATOR . get_include_path() . PATH_SEPARATOR . OC::$SERVERROOT); // redirect to https site if configured if (OC_Config::getValue("forcessl", false)) { ini_set("session.cookie_secure", "on"); if (!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') { $url = "https://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; header("Location: {$url}"); exit; } } ini_set('session.cookie_httponly', '1;'); session_start(); // Add the stuff we need always OC_Util::addScript("jquery-1.6.4.min"); OC_Util::addScript("jquery-ui-1.8.14.custom.min"); OC_Util::addScript("jquery-showpassword"); OC_Util::addScript("jquery.infieldlabel.min"); OC_Util::addScript("jquery-tipsy"); OC_Util::addScript("js"); //OC_Util::addScript( "multiselect" ); OC_Util::addScript('search', 'result'); OC_Util::addStyle("styles"); OC_Util::addStyle("multiselect"); OC_Util::addStyle("jquery-ui-1.8.14.custom"); OC_Util::addStyle("jquery-tipsy"); $errors = OC_Util::checkServer(); if (count($errors) > 0) { OC_Template::printGuestPage('', 'error', array('errors' => $errors)); exit; } // TODO: we should get rid of this one, too // WARNING: to make everything even more confusing, // DATADIRECTORY is a var that changes and DATADIRECTORY_ROOT // stays the same, but is set by "datadirectory". // Any questions? OC::$CONFIG_DATADIRECTORY = OC_Config::getValue("datadirectory", OC::$SERVERROOT . "/data"); // User and Groups if (!OC_Config::getValue("installed", false)) { $_SESSION['user_id'] = ''; } OC_User::useBackend(OC_Config::getValue("userbackend", "database")); OC_Group::setBackend(OC_Config::getValue("groupbackend", "database")); // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; if (!$RUNTIME_NOAPPS) { OC_App::loadApps(); } // Was in required file ... put it here OC_Filesystem::registerStorageType('local', 'OC_Filestorage_Local', array('datadir' => 'string')); // Set up file system unless forbidden global $RUNTIME_NOSETUPFS; if (!$RUNTIME_NOSETUPFS) { OC_Util::setupFS(); } // Last part: connect some hooks OC_HOOK::connect('OC_User', 'post_createUser', 'OC_Connector_Sabre_Principal', 'addPrincipal'); OC_HOOK::connect('OC_User', 'post_deleteUser', 'OC_Connector_Sabre_Principal', 'deletePrincipal'); }