public function __construct()
{
$baseUrl = OC_Helper::linkTo('', 'index.php');
$method = $_SERVER['REQUEST_METHOD'];
$host = OC_Request::serverHost();
$schema = OC_Request::serverProtocol();
$this->context = new RequestContext($baseUrl, $method, $host, $schema);
// TODO cache
$this->root = $this->getCollection('root');
}
/**
* @brief Returns the server protocol
* @returns string the server protocol
*
* Returns the server protocol. It respects reverse proxy servers and load balancers
*/
public static function getServerProtocol()
{
return \OC_Request::serverProtocol();
}
/**
* @param $options
* @return array
*/
public static function install($options)
{
$l = self::getTrans();
$error = array();
$dbType = $options['dbtype'];
if (empty($options['adminlogin'])) {
$error[] = $l->t('Set an admin username.');
}
if (empty($options['adminpass'])) {
$error[] = $l->t('Set an admin password.');
}
if (empty($options['directory'])) {
$options['directory'] = OC::$SERVERROOT . "/data";
}
if (!isset(self::$dbSetupClasses[$dbType])) {
$dbType = 'sqlite';
}
$username = htmlspecialchars_decode($options['adminlogin']);
$password = htmlspecialchars_decode($options['adminpass']);
$dataDir = htmlspecialchars_decode($options['directory']);
$class = self::$dbSetupClasses[$dbType];
/** @var \OC\Setup\AbstractDatabase $dbSetup */
$dbSetup = new $class(self::getTrans(), 'db_structure.xml');
$error = array_merge($error, $dbSetup->validate($options));
// validate the data directory
if (!is_dir($dataDir) and !mkdir($dataDir) or !is_writable($dataDir)) {
$error[] = $l->t("Can't create or write into the data directory %s", array($dataDir));
}
if (count($error) != 0) {
return $error;
}
//no errors, good
if (isset($options['trusted_domains']) && is_array($options['trusted_domains'])) {
$trustedDomains = $options['trusted_domains'];
} else {
$trustedDomains = array(OC_Request::serverHost());
}
if (OC_Util::runningOnWindows()) {
$dataDir = rtrim(realpath($dataDir), '\\');
}
//use sqlite3 when available, otherwise sqlite2 will be used.
if ($dbType == 'sqlite' and class_exists('SQLite3')) {
$dbType = 'sqlite3';
}
//generate a random salt that is used to salt the local user passwords
$salt = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(30);
\OC::$server->getConfig()->setSystemValue('passwordsalt', $salt);
// generate a secret
$secret = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(48);
\OC::$server->getConfig()->setSystemValue('secret', $secret);
//write the config file
\OC::$server->getConfig()->setSystemValue('trusted_domains', $trustedDomains);
\OC::$server->getConfig()->setSystemValue('datadirectory', $dataDir);
\OC::$server->getConfig()->setSystemValue('overwrite.cli.url', \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . OC::$WEBROOT);
\OC::$server->getConfig()->setSystemValue('dbtype', $dbType);
\OC::$server->getConfig()->setSystemValue('version', implode('.', OC_Util::getVersion()));
try {
$dbSetup->initialize($options);
$dbSetup->setupDatabase($username);
} catch (DatabaseSetupException $e) {
$error[] = array('error' => $e->getMessage(), 'hint' => $e->getHint());
return $error;
} catch (Exception $e) {
$error[] = array('error' => 'Error while trying to create admin user: '******'hint' => '');
return $error;
}
//create the user and group
try {
OC_User::createUser($username, $password);
} catch (Exception $exception) {
$error[] = $exception->getMessage();
}
if (count($error) == 0) {
$appConfig = \OC::$server->getAppConfig();
$appConfig->setValue('core', 'installedat', microtime(true));
$appConfig->setValue('core', 'lastupdatedat', microtime(true));
OC_Group::createGroup('admin');
OC_Group::addToGroup($username, 'admin');
OC_User::login($username, $password);
//guess what this does
OC_Installer::installShippedApps();
// create empty file in data dir, so we can later find
// out that this is indeed an ownCloud data directory
file_put_contents(OC_Config::getValue('datadirectory', OC::$SERVERROOT . '/data') . '/.ocdata', '');
// Update htaccess files for apache hosts
if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) {
self::updateHtaccess();
self::protectDataDirectory();
}
//and we are done
OC_Config::setValue('installed', true);
}
return $error;
}
public function testServerProtocol()
{
unset($_SERVER['HTTP_X_FORWARDED_PROTO']);
unset($_SERVER['HTTP_HTTPS']);
unset($_SERVER['REMOTE_ADDR']);
OC_Config::deleteKey('overwriteprotocol');
OC_Config::deleteKey('overwritecondaddr');
OC_Config::setValue('overwriteprotocol', 'https');
OC_Config::setValue('overwritecondaddr', '');
$proto = OC_Request::serverProtocol();
$this->assertEquals('https', $proto);
OC_Config::setValue('overwriteprotocol', 'https');
OC_Config::setValue('overwritecondaddr', '^somehost\\..*$');
$_SERVER['REMOTE_ADDR'] = 'somehost.test:8080';
$proto = OC_Request::serverProtocol();
$this->assertEquals('https', $proto);
// Following checks without overwriting the protocol
OC_Config::setValue('overwriteprotocol', '');
unset($_SERVER['HTTP_X_FORWARDED_PROTO']);
unset($_SERVER['HTTP_HTTPS']);
$proto = OC_Request::serverProtocol();
$this->assertEquals('http', $proto);
unset($_SERVER['HTTP_X_FORWARDED_PROTO']);
$_SERVER['HTTP_HTTPS'] = 'on';
$proto = OC_Request::serverProtocol();
$this->assertEquals('https', $proto);
$_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https';
$proto = OC_Request::serverProtocol();
$this->assertEquals('https', $proto);
$_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https,http,http';
$proto = OC_Request::serverProtocol();
$this->assertEquals('https', $proto);
// clean up
unset($_SERVER['HTTP_X_FORWARDED_PROTO']);
unset($_SERVER['HTTP_PROTO']);
unset($_SERVER['REMOTE_ADDR']);
OC_Config::deleteKey('overwriteprotocol');
OC_Config::deleteKey('overwritecondaddr');
}
public static function checkSSL()
{
// redirect to https site if configured
if (OC_Config::getValue("forcessl", false)) {
header('Strict-Transport-Security: max-age=31536000');
ini_set("session.cookie_secure", "on");
if (OC_Request::serverProtocol() != 'https' and !OC::$CLI) {
$url = "https://" . OC_Request::serverHost() . OC_Request::requestUri();
header("Location: {$url}");
exit;
}
} else {
// Invalidate HSTS headers
if (OC_Request::serverProtocol() === 'https') {
header('Strict-Transport-Security: max-age=0');
}
}
}
public static function checkSSL() {
// redirect to https site if configured
if (\OC::$server->getSystemConfig()->getValue('forcessl', false)) {
// Default HSTS policy
$header = 'Strict-Transport-Security: max-age=31536000';
// If SSL for subdomains is enabled add "; includeSubDomains" to the header
if(\OC::$server->getSystemConfig()->getValue('forceSSLforSubdomains', false)) {
$header .= '; includeSubDomains';
}
header($header);
ini_set('session.cookie_secure', 'on');
if (OC_Request::serverProtocol() <> 'https' and !OC::$CLI) {
$url = 'https://' . OC_Request::serverHost() . OC_Request::requestUri();
header("Location: $url");
exit();
}
} else {
// Invalidate HSTS headers
if (OC_Request::serverProtocol() === 'https') {
header('Strict-Transport-Security: max-age=0');
}
}
}
/**
* @brief Makes an $url absolute
* @param string $url the url
* @return string the absolute url
*
* Returns a absolute url to the given app and file.
*/
public static function makeURLAbsolute( $url )
{
return OC_Request::serverProtocol(). '://' . OC_Request::serverHost() . $url;
}
public static function checkSSL()
{
// redirect to https site if configured
if (OC_Config::getValue("forcessl", false)) {
ini_set("session.cookie_secure", "on");
if (OC_Request::serverProtocol() != 'https' and !OC::$CLI) {
$url = "https://" . OC_Request::serverHost() . $_SERVER['REQUEST_URI'];
header("Location: {$url}");
exit;
}
}
}
$template->assign('allowPublicUpload', $appConfig->getValue('core', 'shareapi_allow_public_upload', 'yes'));
$template->assign('allowResharing', $appConfig->getValue('core', 'shareapi_allow_resharing', 'yes'));
$template->assign('allowPublicMailNotification', $appConfig->getValue('core', 'shareapi_allow_public_notification', 'no'));
$template->assign('allowMailNotification', $appConfig->getValue('core', 'shareapi_allow_mail_notification', 'no'));
$template->assign('onlyShareWithGroupMembers', \OC\Share\Share::shareWithGroupMembersOnly());
$databaseOverload = (strpos(\OCP\Config::getSystemValue('dbtype'), 'sqlite') !== false);
$template->assign('databaseOverload', $databaseOverload);
// warn if Windows is used
$template->assign('WindowsWarning', OC_Util::runningOnWindows());
// add hardcoded forms from the template
$forms = OC_App::getForms('admin');
$l = OC_L10N::get('settings');
$formsAndMore = array();
if (OC_Request::serverProtocol() !== 'https' || !OC_Util::isAnnotationsWorking() ||
$suggestedOverwriteCliUrl || !OC_Util::isSetLocaleWorking() || !OC_Util::isPhpCharSetUtf8() ||
!OC_Util::fileInfoLoaded() || $databaseOverload
) {
$formsAndMore[] = array('anchor' => 'security-warning', 'section-name' => $l->t('Security & Setup Warnings'));
}
$formsMap = array_map(function ($form) {
if (preg_match('%(<h2[^>]*>.*?</h2>)%i', $form, $regs)) {
$sectionName = str_replace('<h2>', '', $regs[0]);
$sectionName = str_replace('</h2>', '', $sectionName);
$anchor = strtolower($sectionName);
$anchor = str_replace(' ', '-', $anchor);
return array(
'anchor' => 'goto-' . $anchor,
$tmpl->assign('old_php', OC_Util::isPHPoutdated());
$tmpl->assign('backgroundjobs_mode', OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax'));
$tmpl->assign('cron_log', OC_Config::getValue('cron_log', true));
$tmpl->assign('lastcron', OC_Appconfig::getValue('core', 'lastcron', false));
$tmpl->assign('shareAPIEnabled', OC_Appconfig::getValue('core', 'shareapi_enabled', 'yes'));
$tmpl->assign('shareDefaultExpireDateSet', OC_Appconfig::getValue('core', 'shareapi_default_expire_date', 'no'));
$tmpl->assign('shareExpireAfterNDays', OC_Appconfig::getValue('core', 'shareapi_expire_after_n_days', '7'));
$tmpl->assign('shareEnforceExpireDate', OC_Appconfig::getValue('core', 'shareapi_enforce_expire_date', 'no'));
$excludeGroups = OC_Appconfig::getValue('core', 'shareapi_exclude_groups', 'no') === 'yes' ? true : false;
$tmpl->assign('shareExcludeGroups', $excludeGroups);
$excludedGroupsList = OC_Appconfig::getValue('core', 'shareapi_exclude_groups_list', '');
$excludedGroupsList = explode(',', $excludedGroupsList);
// FIXME: this should be JSON!
$tmpl->assign('shareExcludedGroupsList', implode('|', $excludedGroupsList));
// Check if connected using HTTPS
$tmpl->assign('isConnectedViaHTTPS', OC_Request::serverProtocol() === 'https');
$tmpl->assign('enforceHTTPSEnabled', OC_Config::getValue("forcessl", false));
// If the current webroot is non-empty but the webroot from the config is,
// and system cron is used, the URL generator fails to build valid URLs.
$shouldSuggestOverwriteWebroot = $config->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'cron' && \OC::$WEBROOT && \OC::$WEBROOT !== '/' && !$config->getSystemValue('overwritewebroot', '');
$tmpl->assign('suggestedOverwriteWebroot', $shouldSuggestOverwriteWebroot ? \OC::$WEBROOT : '');
$tmpl->assign('allowLinks', OC_Appconfig::getValue('core', 'shareapi_allow_links', 'yes'));
$tmpl->assign('enforceLinkPassword', \OCP\Util::isPublicLinkPasswordRequired());
$tmpl->assign('allowPublicUpload', OC_Appconfig::getValue('core', 'shareapi_allow_public_upload', 'yes'));
$tmpl->assign('allowResharing', OC_Appconfig::getValue('core', 'shareapi_allow_resharing', 'yes'));
$tmpl->assign('allowMailNotification', OC_Appconfig::getValue('core', 'shareapi_allow_mail_notification', 'no'));
$tmpl->assign('onlyShareWithGroupMembers', \OC\Share\Share::shareWithGroupMembersOnly());
$tmpl->assign('forms', array());
foreach ($forms as $form) {
$tmpl->append('forms', $form);
}
$tmpl->assign('shareExcludeGroups', $excludeGroups);
$allGroups = OC_Group::getGroups();
$excludedGroupsList = OC_Appconfig::getValue('core', 'shareapi_exclude_groups_list', '');
$excludedGroups = $excludedGroupsList !== '' ? explode(',', $excludedGroupsList) : array();
$groups = array();
foreach ($allGroups as $group) {
if (in_array($group, $excludedGroups)) {
$groups[$group] = array('gid' => $group, 'excluded' => true);
} else {
$groups[$group] = array('gid' => $group, 'excluded' => false);
}
}
ksort($groups);
$tmpl->assign('groups', $groups);
// Check if connected using HTTPS
if (OC_Request::serverProtocol() === 'https') {
$connectedHTTPS = true;
} else {
$connectedHTTPS = false;
}
$tmpl->assign('isConnectedViaHTTPS', $connectedHTTPS);
$tmpl->assign('enforceHTTPSEnabled', OC_Config::getValue("forcessl", false));
$tmpl->assign('allowLinks', OC_Appconfig::getValue('core', 'shareapi_allow_links', 'yes'));
$tmpl->assign('enforceLinkPassword', \OCP\Util::isPublicLinkPasswordRequired());
$tmpl->assign('allowPublicUpload', OC_Appconfig::getValue('core', 'shareapi_allow_public_upload', 'yes'));
$tmpl->assign('allowResharing', OC_Appconfig::getValue('core', 'shareapi_allow_resharing', 'yes'));
$tmpl->assign('allowMailNotification', OC_Appconfig::getValue('core', 'shareapi_allow_mail_notification', 'no'));
$tmpl->assign('onlyShareWithGroupMembers', \OC\Share\Share::shareWithGroupMembersOnly());
$tmpl->assign('forms', array());
foreach ($forms as $form) {
$tmpl->append('forms', $form);
/**
* Makes an URL absolute
* @param string $url the url in the owncloud host
* @return string the absolute version of the url
*/
public function getAbsoluteURL($url)
{
$separator = $url[0] === '/' ? '' : '/';
// The ownCloud web root can already be prepended.
$webRoot = substr($url, 0, strlen(\OC::$WEBROOT)) === \OC::$WEBROOT ? '' : \OC::$WEBROOT;
return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $webRoot . $separator . $url;
}
/**
* Makes an URL absolute
* @param string $url the url in the owncloud host
* @return string the absolute version of the url
*/
public function getAbsoluteURL($url)
{
$separator = $url[0] === '/' ? '' : '/';
return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $separator . $url;
}
$suggestedOverwriteCliUrl = $shouldSuggestOverwriteCliUrl ? \OC::$WEBROOT : '';
$template->assign('suggestedOverwriteCliUrl', $suggestedOverwriteCliUrl);
$template->assign('allowLinks', $appConfig->getValue('core', 'shareapi_allow_links', 'yes'));
$template->assign('enforceLinkPassword', \OCP\Util::isPublicLinkPasswordRequired());
$template->assign('allowPublicUpload', $appConfig->getValue('core', 'shareapi_allow_public_upload', 'yes'));
$template->assign('allowResharing', $appConfig->getValue('core', 'shareapi_allow_resharing', 'yes'));
$template->assign('allowPublicMailNotification', $appConfig->getValue('core', 'shareapi_allow_public_notification', 'no'));
$template->assign('allowMailNotification', $appConfig->getValue('core', 'shareapi_allow_mail_notification', 'no'));
$template->assign('onlyShareWithGroupMembers', \OC\Share\Share::shareWithGroupMembersOnly());
$databaseOverload = strpos(\OCP\Config::getSystemValue('dbtype'), 'sqlite') !== false;
$template->assign('databaseOverload', $databaseOverload);
// add hardcoded forms from the template
$forms = OC_App::getForms('admin');
$l = OC_L10N::get('settings');
$formsAndMore = array();
if (OC_Request::serverProtocol() !== 'https' || !OC_Util::isAnnotationsWorking() || $suggestedOverwriteWebRoot || !OC_Util::isSetLocaleWorking() || !OC_Util::isPhpCharSetUtf8() || !OC_Util::fileInfoLoaded() || $databaseOverload) {
$formsAndMore[] = array('anchor' => 'security-warning', 'section-name' => $l->t('Security & Setup Warnings'));
}
$formsMap = array_map(function ($form) {
if (preg_match('%(<h2[^>]*>.*?</h2>)%i', $form, $regs)) {
$sectionName = str_replace('<h2>', '', $regs[0]);
$sectionName = str_replace('</h2>', '', $sectionName);
$anchor = strtolower($sectionName);
$anchor = str_replace(' ', '-', $anchor);
return array('anchor' => 'goto-' . $anchor, 'section-name' => $sectionName, 'form' => $form);
}
return array('form' => $form);
}, $forms);
$formsAndMore = array_merge($formsAndMore, $formsMap);
// add bottom hardcoded forms from the template
$formsAndMore[] = array('anchor' => 'backgroundjobs', 'section-name' => $l->t('Cron'));
/**
* Makes an URL absolute
* @param string $url the url in the ownCloud host
* @return string the absolute version of the url
*/
public function getAbsoluteURL($url)
{
$separator = $url[0] === '/' ? '' : '/';
if (\OC::$CLI && !defined('PHPUNIT_RUN')) {
return rtrim($this->config->getSystemValue('overwrite.cli.url'), '/') . '/' . ltrim($url, '/');
}
// The ownCloud web root can already be prepended.
$webRoot = substr($url, 0, strlen(\OC::$WEBROOT)) === \OC::$WEBROOT ? '' : \OC::$WEBROOT;
return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $webRoot . $separator . $url;
}
/**
* Makes an URL absolute
* @param string $url the url in the owncloud host
* @return string the absolute version of the url
*/
public function getAbsoluteURL($url)
{
return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $url;
}
