public static function setUpBeforeClass() { parent::setUpBeforeClass(); // remember files_encryption state self::$stateFilesEncryption = \OC_App::isEnabled('files_encryption'); //we don't want to tests with app files_encryption enabled \OC_App::disable('files_encryption'); // reset backend \OC_User::clearBackends(); \OC_User::useBackend('database'); // clear share hooks \OC_Hook::clear('OCP\\Share'); \OC::registerShareHooks(); \OCP\Util::connectHook('OC_Filesystem', 'setup', '\\OC\\Files\\Storage\\Shared', 'setup'); // create users $backend = new \OC_User_Dummy(); \OC_User::useBackend($backend); $backend->createUser(self::TEST_FILES_SHARING_API_USER1, self::TEST_FILES_SHARING_API_USER1); $backend->createUser(self::TEST_FILES_SHARING_API_USER2, self::TEST_FILES_SHARING_API_USER2); $backend->createUser(self::TEST_FILES_SHARING_API_USER3, self::TEST_FILES_SHARING_API_USER3); // create group $groupBackend = new \OC_Group_Dummy(); $groupBackend->createGroup(self::TEST_FILES_SHARING_API_GROUP1); $groupBackend->createGroup('group'); $groupBackend->addToGroup(self::TEST_FILES_SHARING_API_USER1, 'group'); $groupBackend->addToGroup(self::TEST_FILES_SHARING_API_USER2, 'group'); $groupBackend->addToGroup(self::TEST_FILES_SHARING_API_USER3, 'group'); $groupBackend->addToGroup(self::TEST_FILES_SHARING_API_USER2, self::TEST_FILES_SHARING_API_GROUP1); \OC_Group::useBackend($groupBackend); }
public function setUp() { OC_User::clearBackends(); OC_User::useBackend('dummy'); $this->user1 = uniqid('user1_'); $this->user2 = uniqid('user2_'); $this->user3 = uniqid('user3_'); $this->user4 = uniqid('user4_'); OC_User::createUser($this->user1, 'pass'); OC_User::createUser($this->user2, 'pass'); OC_User::createUser($this->user3, 'pass'); OC_User::createUser($this->user4, 'pass'); OC_User::setUserId($this->user1); OC_Group::clearBackends(); OC_Group::useBackend(new OC_Group_Dummy()); $this->group1 = uniqid('group_'); $this->group2 = uniqid('group_'); OC_Group::createGroup($this->group1); OC_Group::createGroup($this->group2); OC_Group::addToGroup($this->user1, $this->group1); OC_Group::addToGroup($this->user2, $this->group1); OC_Group::addToGroup($this->user3, $this->group1); OC_Group::addToGroup($this->user2, $this->group2); OC_Group::addToGroup($this->user4, $this->group2); OCP\Share::registerBackend('test', 'Test_Share_Backend'); OC_Hook::clear('OCP\\Share'); OC::registerShareHooks(); $this->resharing = OC_Appconfig::getValue('core', 'shareapi_allow_resharing', 'yes'); OC_Appconfig::setValue('core', 'shareapi_allow_resharing', 'yes'); // 20 Minutes in the past, 20 minutes in the future. $now = time(); $dateFormat = 'Y-m-d H:i:s'; $this->dateInPast = date($dateFormat, $now - 20 * 60); $this->dateInFuture = date($dateFormat, $now + 20 * 60); }
public function setUp() { OC_User::clearBackends(); OC_User::useBackend('dummy'); $this->user1 = uniqid('user1_'); $this->user2 = uniqid('user2_'); $this->user3 = uniqid('user3_'); $this->user4 = uniqid('user4_'); OC_User::createUser($this->user1, 'pass'); OC_User::createUser($this->user2, 'pass'); OC_User::createUser($this->user3, 'pass'); OC_User::createUser($this->user4, 'pass'); OC_User::setUserId($this->user1); OC_Group::clearBackends(); OC_Group::useBackend(new OC_Group_Dummy()); $this->group1 = uniqid('group_'); $this->group2 = uniqid('group_'); OC_Group::createGroup($this->group1); OC_Group::createGroup($this->group2); OC_Group::addToGroup($this->user1, $this->group1); OC_Group::addToGroup($this->user2, $this->group1); OC_Group::addToGroup($this->user3, $this->group1); OC_Group::addToGroup($this->user2, $this->group2); OC_Group::addToGroup($this->user4, $this->group2); OCP\Share::registerBackend('test', 'Test_Share_Backend'); OC_Hook::clear('OCP\\Share'); OC::registerShareHooks(); }
/** * update script for the removal of the logical "Shared" folder, we create physical "Shared" folder and * update the users file_target so that it doesn't make any difference for the user * @note parameters are just for testing, please ignore them */ function removeSharedFolder($mkdirs = true, $chunkSize = 99) { $query = OCP\DB::prepare('SELECT * FROM `*PREFIX*share`'); $result = $query->execute(); $view = new \OC\Files\View('/'); $users = array(); $shares = array(); //we need to set up user backends OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); OC_App::loadApps(array('authentication')); //we need to set up user backends, otherwise creating the shares will fail with "because user does not exist" while ($row = $result->fetchRow()) { //collect all user shares if ((int) $row['share_type'] === 0 && ($row['item_type'] === 'file' || $row['item_type'] === 'folder')) { $users[] = $row['share_with']; $shares[$row['id']] = $row['file_target']; } else { if ((int) $row['share_type'] === 1 && ($row['item_type'] === 'file' || $row['item_type'] === 'folder')) { //collect all group shares $users = array_merge($users, \OC_group::usersInGroup($row['share_with'])); $shares[$row['id']] = $row['file_target']; } else { if ((int) $row['share_type'] === 2) { $shares[$row['id']] = $row['file_target']; } } } } $unique_users = array_unique($users); if (!empty($unique_users) && !empty($shares)) { // create folder Shared for each user if ($mkdirs) { foreach ($unique_users as $user) { \OC\Files\Filesystem::initMountPoints($user); if (!$view->file_exists('/' . $user . '/files/Shared')) { $view->mkdir('/' . $user . '/files/Shared'); } } } $chunkedShareList = array_chunk($shares, $chunkSize, true); $connection = \OC_DB::getConnection(); foreach ($chunkedShareList as $subList) { $statement = "UPDATE `*PREFIX*share` SET `file_target` = CASE `id` "; //update share table $ids = implode(',', array_keys($subList)); foreach ($subList as $id => $target) { $statement .= "WHEN " . $connection->quote($id, \PDO::PARAM_INT) . " THEN " . $connection->quote('/Shared' . $target, \PDO::PARAM_STR); } $statement .= ' END WHERE `id` IN (' . $ids . ')'; $query = OCP\DB::prepare($statement); $query->execute(array()); } // set config to keep the Shared folder as the default location for new shares \OCA\Files_Sharing\Helper::setShareFolder('/Shared'); } }
function testSingleBackend() { OC_Group::useBackend(new OCA\user_ldap\GROUP_LDAP()); $group_ldap = new OCA\user_ldap\GROUP_LDAP(); $this->assertIsA(OC_Group::getGroups(), gettype(array())); $this->assertIsA($group_ldap->getGroups(), gettype(array())); $this->assertFalse(OC_Group::inGroup('john', 'dosers'), gettype(false)); $this->assertFalse($group_ldap->inGroup('john', 'dosers'), gettype(false)); //TODO: check also for expected true result. This backend won't be able to do any modifications, maybe use a dummy for this. $this->assertIsA(OC_Group::getUserGroups('john doe'), gettype(array())); $this->assertIsA($group_ldap->getUserGroups('john doe'), gettype(array())); $this->assertIsA(OC_Group::usersInGroup('campers'), gettype(array())); $this->assertIsA($group_ldap->usersInGroup('campers'), gettype(array())); }
protected function setUp() { parent::setUp(); \OC_User::clearBackends(); \OC_User::useBackend('dummy'); $this->user1 = $this->getUniqueID('user1_'); $this->user2 = $this->getUniqueID('user2_'); $this->user3 = $this->getUniqueID('user3_'); $this->user4 = $this->getUniqueID('user4_'); $this->user5 = $this->getUniqueID('user5_'); $this->user6 = $this->getUniqueID('user6_'); $this->groupAndUser = $this->getUniqueID('groupAndUser_'); \OC::$server->getUserManager()->createUser($this->user1, 'pass'); \OC::$server->getUserManager()->createUser($this->user2, 'pass'); \OC::$server->getUserManager()->createUser($this->user3, 'pass'); \OC::$server->getUserManager()->createUser($this->user4, 'pass'); \OC::$server->getUserManager()->createUser($this->user5, 'pass'); \OC::$server->getUserManager()->createUser($this->user6, 'pass'); // no group \OC::$server->getUserManager()->createUser($this->groupAndUser, 'pass'); \OC_User::setUserId($this->user1); \OC_Group::clearBackends(); \OC_Group::useBackend(new \Test\Util\Group\Dummy()); $this->group1 = $this->getUniqueID('group1_'); $this->group2 = $this->getUniqueID('group2_'); \OC_Group::createGroup($this->group1); \OC_Group::createGroup($this->group2); \OC_Group::createGroup($this->groupAndUser); \OC_Group::addToGroup($this->user1, $this->group1); \OC_Group::addToGroup($this->user2, $this->group1); \OC_Group::addToGroup($this->user3, $this->group1); \OC_Group::addToGroup($this->user2, $this->group2); \OC_Group::addToGroup($this->user4, $this->group2); \OC_Group::addToGroup($this->user2, $this->groupAndUser); \OC_Group::addToGroup($this->user3, $this->groupAndUser); \OCP\Share::registerBackend('test', 'Test\\Share\\Backend'); \OC_Hook::clear('OCP\\Share'); \OC::registerShareHooks(); $this->resharing = \OC::$server->getAppConfig()->getValue('core', 'shareapi_allow_resharing', 'yes'); \OC::$server->getAppConfig()->setValue('core', 'shareapi_allow_resharing', 'yes'); // 20 Minutes in the past, 20 minutes in the future. $now = time(); $dateFormat = 'Y-m-d H:i:s'; $this->dateInPast = date($dateFormat, $now - 20 * 60); $this->dateInFuture = date($dateFormat, $now + 20 * 60); }
public static function tearDownAfterClass() { // cleanup users \OC_User::deleteUser(self::TEST_FILES_SHARING_API_USER1); \OC_User::deleteUser(self::TEST_FILES_SHARING_API_USER2); \OC_User::deleteUser(self::TEST_FILES_SHARING_API_USER3); // delete group \OC_Group::deleteGroup(self::TEST_FILES_SHARING_API_GROUP1); \OC_Util::tearDownFS(); \OC_User::setUserId(''); Filesystem::tearDown(); // reset backend \OC_User::clearBackends(); \OC_User::useBackend('database'); \OC_Group::clearBackends(); \OC_Group::useBackend(new \OC_Group_Database()); parent::tearDownAfterClass(); }
public static function tearDownAfterClass() { // cleanup users $user = \OC::$server->getUserManager()->get(self::TEST_FILES_SHARING_API_USER1); if ($user !== null) { $user->delete(); } $user = \OC::$server->getUserManager()->get(self::TEST_FILES_SHARING_API_USER2); if ($user !== null) { $user->delete(); } \OC_Util::tearDownFS(); \OC_User::setUserId(''); Filesystem::tearDown(); // reset backend \OC_User::clearBackends(); \OC_User::useBackend('database'); \OC_Group::clearBackends(); \OC_Group::useBackend(new \OC_Group_Database()); parent::tearDownAfterClass(); }
public static function init() { // register autoloader $loaderStart = microtime(true); require_once __DIR__ . '/autoloader.php'; self::$loader = new \OC\Autoloader(); spl_autoload_register(array(self::$loader, 'load')); $loaderEnd = microtime(true); self::initPaths(); // setup 3rdparty autoloader $vendorAutoLoad = OC::$THIRDPARTYROOT . '/3rdparty/autoload.php'; if (file_exists($vendorAutoLoad)) { require_once $vendorAutoLoad; } else { OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); // we can't use the template error page here, because this needs the // DI container which isn't available yet print('Composer autoloader not found, unable to continue. Check the folder "3rdparty".'); exit(); } // setup the basic server self::$server = new \OC\Server(\OC::$WEBROOT); \OC::$server->getEventLogger()->log('autoloader', 'Autoloader', $loaderStart, $loaderEnd); \OC::$server->getEventLogger()->start('boot', 'Initialize'); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } self::$CLI = (php_sapi_name() == 'cli'); date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); self::handleAuthHeaders(); self::registerAutoloaderCache(); // initialize intl fallback is necessary \Patchwork\Utf8\Bootup::initIntl(); OC_Util::isSetLocaleWorking(); if (!defined('PHPUNIT_RUN')) { OC\Log\ErrorHandler::setLogger(OC_Log::$object); if (defined('DEBUG') and DEBUG) { OC\Log\ErrorHandler::register(true); set_exception_handler(array('OC_Template', 'printExceptionErrorPage')); } else { OC\Log\ErrorHandler::register(); } } // register the stream wrappers stream_wrapper_register('fakedir', 'OC\Files\Stream\Dir'); stream_wrapper_register('static', 'OC\Files\Stream\StaticStream'); stream_wrapper_register('close', 'OC\Files\Stream\Close'); stream_wrapper_register('quota', 'OC\Files\Stream\Quota'); stream_wrapper_register('oc', 'OC\Files\Stream\OC'); \OC::$server->getEventLogger()->start('init_session', 'Initialize session'); OC_App::loadApps(array('session')); if (!self::$CLI) { self::initSession(); } \OC::$server->getEventLogger()->end('init_session'); self::initTemplateEngine(); self::checkConfig(); self::checkInstalled(); self::checkSSL(); OC_Response::addSecurityHeaders(); $errors = OC_Util::checkServer(\OC::$server->getConfig()); if (count($errors) > 0) { if (self::$CLI) { foreach ($errors as $error) { echo $error['error'] . "\n"; echo $error['hint'] . "\n\n"; } } else { OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); OC_Template::printGuestPage('', 'error', array('errors' => $errors)); } exit; } //try to set the session lifetime $sessionLifeTime = self::getSessionLifeTime(); @ini_set('gc_maxlifetime', (string)$sessionLifeTime); $systemConfig = \OC::$server->getSystemConfig(); // User and Groups if (!$systemConfig->getValue("installed", false)) { self::$server->getSession()->set('user_id', ''); } OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); //setup extra user backends if (!self::checkUpgrade(false)) { OC_User::setupBackends(); } self::registerCacheHooks(); self::registerFilesystemHooks(); self::registerPreviewHooks(); self::registerShareHooks(); self::registerLogRotate(); self::registerLocalAddressBook(); //make sure temporary files are cleaned up $tmpManager = \OC::$server->getTempManager(); register_shutdown_function(array($tmpManager, 'clean')); if ($systemConfig->getValue('installed', false) && !self::checkUpgrade(false)) { if (\OC::$server->getConfig()->getAppValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { OC_Util::addScript('backgroundjobs'); } } // Check whether the sample configuration has been copied if($systemConfig->getValue('copied_sample_config', false)) { $l = \OC::$server->getL10N('lib'); header('HTTP/1.1 503 Service Temporarily Unavailable'); header('Status: 503 Service Temporarily Unavailable'); OC_Template::printErrorPage( $l->t('Sample configuration detected'), $l->t('It has been detected that the sample configuration has been copied. This can break your installation and is unsupported. Please read the documentation before performing changes on config.php') ); return; } $host = OC_Request::insecureServerHost(); // if the host passed in headers isn't trusted if (!OC::$CLI // overwritehost is always trusted && OC_Request::getOverwriteHost() === null && !OC_Request::isTrustedDomain($host) ) { header('HTTP/1.1 400 Bad Request'); header('Status: 400 Bad Request'); $tmpl = new OCP\Template('core', 'untrustedDomain', 'guest'); $tmpl->assign('domain', $_SERVER['SERVER_NAME']); $tmpl->printPage(); exit(); } \OC::$server->getEventLogger()->end('boot'); }
<?php /** * This file is part of OpenMediaVault. * * @license http://www.gnu.org/licenses/gpl.html GPL Version 3 * @author Volker Theile <*****@*****.**> * @copyright Copyright (c) 2009-2014 Volker Theile * * OpenMediaVault is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * any later version. * * OpenMediaVault is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with OpenMediaVault. If not, see <http://www.gnu.org/licenses/>. */ require_once OC_App::getAppPath("user_openmediavault") . "/user_openmediavault.php"; require_once OC_App::getAppPath("user_openmediavault") . "/group_openmediavault.php"; OC_User::useBackend("openmediavault"); OC_Group::useBackend("openmediavault");
public static function init() { // register autoloader require_once __DIR__ . '/autoloader.php'; self::$loader = new \OC\Autoloader(); self::$loader->registerPrefix('Doctrine\\Common', 'doctrine/common/lib'); self::$loader->registerPrefix('Doctrine\\DBAL', 'doctrine/dbal/lib'); self::$loader->registerPrefix('Symfony\\Component\\Routing', 'symfony/routing'); self::$loader->registerPrefix('Symfony\\Component\\Console', 'symfony/console'); self::$loader->registerPrefix('Patchwork', '3rdparty'); self::$loader->registerPrefix('Pimple', '3rdparty/Pimple'); spl_autoload_register(array(self::$loader, 'load')); // make a dummy session available as early as possible since error pages need it self::$session = new \OC\Session\Memory(''); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } self::$CLI = (php_sapi_name() == 'cli'); date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); // try to switch magic quotes off. if (get_magic_quotes_gpc() == 1) { ini_set('magic_quotes_runtime', 0); } //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); self::handleAuthHeaders(); self::initPaths(); self::registerAutoloaderCache(); OC_Util::isSetLocaleWorking(); // setup 3rdparty autoloader $vendorAutoLoad = OC::$THIRDPARTYROOT . '/3rdparty/autoload.php'; if (file_exists($vendorAutoLoad)) { require_once $vendorAutoLoad; } if (!defined('PHPUNIT_RUN')) { OC\Log\ErrorHandler::setLogger(OC_Log::$object); if (defined('DEBUG') and DEBUG) { OC\Log\ErrorHandler::register(true); set_exception_handler(array('OC_Template', 'printExceptionErrorPage')); } else { OC\Log\ErrorHandler::register(); } } // register the stream wrappers stream_wrapper_register('fakedir', 'OC\Files\Stream\Dir'); stream_wrapper_register('static', 'OC\Files\Stream\StaticStream'); stream_wrapper_register('close', 'OC\Files\Stream\Close'); stream_wrapper_register('quota', 'OC\Files\Stream\Quota'); stream_wrapper_register('oc', 'OC\Files\Stream\OC'); // setup the basic server self::$server = new \OC\Server(); self::initTemplateEngine(); OC_App::loadApps(array('session')); if (!self::$CLI) { self::initSession(); } else { self::$session = new \OC\Session\Memory(''); } self::checkConfig(); self::checkInstalled(); self::checkSSL(); OC_Response::addSecurityHeaders(); $errors = OC_Util::checkServer(\OC::$server->getConfig()); if (count($errors) > 0) { if (self::$CLI) { foreach ($errors as $error) { echo $error['error'] . "\n"; echo $error['hint'] . "\n\n"; } } else { OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); OC_Template::printGuestPage('', 'error', array('errors' => $errors)); } exit; } //try to set the session lifetime $sessionLifeTime = self::getSessionLifeTime(); @ini_set('gc_maxlifetime', (string)$sessionLifeTime); // User and Groups if (!OC_Config::getValue("installed", false)) { self::$session->set('user_id', ''); } OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); //setup extra user backends if (!self::checkUpgrade(false)) { OC_User::setupBackends(); } self::registerCacheHooks(); self::registerFilesystemHooks(); self::registerPreviewHooks(); self::registerShareHooks(); self::registerLogRotate(); self::registerLocalAddressBook(); //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) { if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { OC_Util::addScript('backgroundjobs'); } } $host = OC_Request::insecureServerHost(); // if the host passed in headers isn't trusted if (!OC::$CLI // overwritehost is always trusted && OC_Request::getOverwriteHost() === null && !OC_Request::isTrustedDomain($host) ) { header('HTTP/1.1 400 Bad Request'); header('Status: 400 Bad Request'); $tmpl = new OCP\Template('core', 'untrustedDomain', 'guest'); $tmpl->assign('domain', $_SERVER['SERVER_NAME']); $tmpl->printPage(); exit(); } }
public function testMultiBackend() { $userBackend = new \Test\Util\User\Dummy(); \OC_User::getManager()->registerBackend($userBackend); $backend1 = new OC_Group_Dummy(); $backend2 = new OC_Group_Dummy(); OC_Group::useBackend($backend1); OC_Group::useBackend($backend2); $group1 = $this->getUniqueID(); $group2 = $this->getUniqueID(); OC_Group::createGroup($group1); //groups should be added to the first registered backend $this->assertEquals(array($group1), $backend1->getGroups()); $this->assertEquals(array(), $backend2->getGroups()); $this->assertEquals(array($group1), OC_Group::getGroups()); $this->assertTrue(OC_Group::groupExists($group1)); $this->assertFalse(OC_Group::groupExists($group2)); $backend1->createGroup($group2); $this->assertEquals(array($group1, $group2), OC_Group::getGroups()); $this->assertTrue(OC_Group::groupExists($group1)); $this->assertTrue(OC_Group::groupExists($group2)); $user1 = $this->getUniqueID(); $user2 = $this->getUniqueID(); $userBackend->createUser($user1, ''); $userBackend->createUser($user2, ''); $this->assertFalse(OC_Group::inGroup($user1, $group1)); $this->assertFalse(OC_Group::inGroup($user2, $group1)); $this->assertTrue(OC_Group::addToGroup($user1, $group1)); $this->assertTrue(OC_Group::inGroup($user1, $group1)); $this->assertFalse(OC_Group::inGroup($user2, $group1)); $this->assertFalse($backend2->inGroup($user1, $group1)); OC_Group::addToGroup($user1, $group1); $this->assertEquals(array($user1), OC_Group::usersInGroup($group1)); $this->assertEquals(array($group1), OC_Group::getUserGroups($user1)); $this->assertEquals(array(), OC_Group::getUserGroups($user2)); OC_Group::deleteGroup($group1); $this->assertEquals(array(), OC_Group::getUserGroups($user1)); $this->assertEquals(array(), OC_Group::usersInGroup($group1)); $this->assertFalse(OC_Group::inGroup($user1, $group1)); }
public static function registerBackends($usedBackends) { //OC_Log::write('OC_USER_OTP', __FUNCTION__.'().', OC_Log::DEBUG); if (self::$_backends === null) { foreach ($usedBackends as $backend) { OC_Log::write('user_otp', 'instance ' . $backend . ' backend.', OC_Log::DEBUG); self::$_backends[$backend] = new $backend(); if (self::$_backends[$backend] instanceof OCA\user_ldap\USER_LDAP || self::$_backends[$backend] instanceof OCA\user_ldap\User_Proxy) { OC_Log::write('OC_USER_OTP az', __FUNCTION__ . '().', OC_Log::DEBUG); $configPrefixes = OCA\user_ldap\lib\Helper::getServerConfigurationPrefixes(true); if (count($configPrefixes) == 1) { $connector = new OCA\user_ldap\lib\Connection($configPrefixes[0]); $userBackend = new OCA\user_ldap\USER_LDAP(); $userBackend->setConnector($connector); $groupBackend = new OCA\user_ldap\GROUP_LDAP(); $groupBackend->setConnector($connector); } else { $userBackend = new OCA\user_ldap\User_Proxy($configPrefixes); $groupBackend = new OCA\user_ldap\Group_Proxy($configPrefixes); } self::$_backends[$backend] = $userBackend; if (count($configPrefixes) > 0) { // register user backend //~ OC_User::useBackend($userBackend); OC_Group::useBackend($groupBackend); } } } } }
* */ OCP\App::registerAdmin('user_ldap', 'settings'); $helper = new \OCA\user_ldap\lib\Helper(); $configPrefixes = $helper->getServerConfigurationPrefixes(true); $ldapWrapper = new OCA\user_ldap\lib\LDAP(); $ocConfig = \OC::$server->getConfig(); if (count($configPrefixes) === 1) { $dbc = \OC::$server->getDatabaseConnection(); $userManager = new OCA\user_ldap\lib\user\Manager($ocConfig, new OCA\user_ldap\lib\FilesystemHelper(), new OCA\user_ldap\lib\LogWrapper(), \OC::$server->getAvatarManager(), new \OCP\Image(), $dbc); $connector = new OCA\user_ldap\lib\Connection($ldapWrapper, $configPrefixes[0]); $ldapAccess = new OCA\user_ldap\lib\Access($connector, $ldapWrapper, $userManager); $ldapAccess->setUserMapper(new OCA\User_LDAP\Mapping\UserMapping($dbc)); $ldapAccess->setGroupMapper(new OCA\User_LDAP\Mapping\GroupMapping($dbc)); $userBackend = new OCA\user_ldap\USER_LDAP($ldapAccess, $ocConfig); $groupBackend = new OCA\user_ldap\GROUP_LDAP($ldapAccess); } else { if (count($configPrefixes) > 1) { $userBackend = new OCA\user_ldap\User_Proxy($configPrefixes, $ldapWrapper, $ocConfig); $groupBackend = new OCA\user_ldap\Group_Proxy($configPrefixes, $ldapWrapper); } } if (count($configPrefixes) > 0) { // register user backend OC_User::useBackend($userBackend); OC_Group::useBackend($groupBackend); } \OCP\Util::connectHook('\\OCA\\Files_Sharing\\API\\Server2Server', 'preLoginNameUsedAsUserName', '\\OCA\\user_ldap\\lib\\Helper', 'loginName2UserName'); if (OCP\App::isEnabled('user_webdavauth')) { OCP\Util::writeLog('user_ldap', 'user_ldap and user_webdavauth are incompatible. You may experience unexpected behaviour', OCP\Util::WARN); }
public static function init() { // calculate the root directories OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4)); // register autoloader $loaderStart = microtime(true); require_once __DIR__ . '/autoloader.php'; self::$loader = new \OC\Autoloader([OC::$SERVERROOT . '/lib', OC::$SERVERROOT . '/core', OC::$SERVERROOT . '/settings', OC::$SERVERROOT . '/ocs', OC::$SERVERROOT . '/ocs-provider', OC::$SERVERROOT . '/3rdparty']); spl_autoload_register(array(self::$loader, 'load')); $loaderEnd = microtime(true); self::$CLI = php_sapi_name() == 'cli'; try { self::initPaths(); // setup 3rdparty autoloader $vendorAutoLoad = OC::$THIRDPARTYROOT . '/3rdparty/autoload.php'; if (!file_exists($vendorAutoLoad)) { throw new \RuntimeException('Composer autoloader not found, unable to continue. Check the folder "3rdparty". Running "git submodule update --init" will initialize the git submodule that handles the subfolder "3rdparty".'); } require_once $vendorAutoLoad; } catch (\RuntimeException $e) { OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); // we can't use the template error page here, because this needs the // DI container which isn't available yet print $e->getMessage(); exit; } foreach (OC::$APPSROOTS as $appRoot) { self::$loader->addValidRoot($appRoot['path']); } // setup the basic server self::$server = new \OC\Server(\OC::$WEBROOT); \OC::$server->getEventLogger()->log('autoloader', 'Autoloader', $loaderStart, $loaderEnd); \OC::$server->getEventLogger()->start('boot', 'Initialize'); // Don't display errors and log them error_reporting(E_ALL | E_STRICT); @ini_set('display_errors', 0); @ini_set('log_errors', 1); date_default_timezone_set('UTC'); //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); self::setRequiredIniValues(); self::handleAuthHeaders(); self::registerAutoloaderCache(); // initialize intl fallback is necessary \Patchwork\Utf8\Bootup::initIntl(); OC_Util::isSetLocaleWorking(); if (!defined('PHPUNIT_RUN')) { $logger = \OC::$server->getLogger(); OC\Log\ErrorHandler::setLogger($logger); if (\OC::$server->getConfig()->getSystemValue('debug', false)) { OC\Log\ErrorHandler::register(true); set_exception_handler(array('OC_Template', 'printExceptionErrorPage')); } else { OC\Log\ErrorHandler::register(); } } // register the stream wrappers stream_wrapper_register('fakedir', 'OC\\Files\\Stream\\Dir'); stream_wrapper_register('static', 'OC\\Files\\Stream\\StaticStream'); stream_wrapper_register('close', 'OC\\Files\\Stream\\Close'); stream_wrapper_register('quota', 'OC\\Files\\Stream\\Quota'); stream_wrapper_register('oc', 'OC\\Files\\Stream\\OC'); \OC::$server->getEventLogger()->start('init_session', 'Initialize session'); OC_App::loadApps(array('session')); if (!self::$CLI) { self::initSession(); } \OC::$server->getEventLogger()->end('init_session'); self::initTemplateEngine(); self::checkConfig(); self::checkInstalled(); OC_Response::addSecurityHeaders(); if (self::$server->getRequest()->getServerProtocol() === 'https') { ini_set('session.cookie_secure', true); } if (!defined('OC_CONSOLE')) { $errors = OC_Util::checkServer(\OC::$server->getConfig()); if (count($errors) > 0) { if (self::$CLI) { // Convert l10n string into regular string for usage in database $staticErrors = []; foreach ($errors as $error) { echo $error['error'] . "\n"; echo $error['hint'] . "\n\n"; $staticErrors[] = ['error' => (string) $error['error'], 'hint' => (string) $error['hint']]; } try { \OC::$server->getConfig()->setAppValue('core', 'cronErrors', json_encode($staticErrors)); } catch (\Exception $e) { echo 'Writing to database failed'; } exit(1); } else { OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); OC_Template::printGuestPage('', 'error', array('errors' => $errors)); exit; } } elseif (self::$CLI && \OC::$server->getConfig()->getSystemValue('installed', false)) { \OC::$server->getConfig()->deleteAppValue('core', 'cronErrors'); } } //try to set the session lifetime $sessionLifeTime = self::getSessionLifeTime(); @ini_set('gc_maxlifetime', (string) $sessionLifeTime); $systemConfig = \OC::$server->getSystemConfig(); // User and Groups if (!$systemConfig->getValue("installed", false)) { self::$server->getSession()->set('user_id', ''); } OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); //setup extra user backends if (!self::checkUpgrade(false)) { OC_User::setupBackends(); } self::registerCacheHooks(); self::registerFilesystemHooks(); if (\OC::$server->getSystemConfig()->getValue('enable_previews', true)) { self::registerPreviewHooks(); } self::registerShareHooks(); self::registerLogRotate(); self::registerLocalAddressBook(); self::registerEncryptionWrapper(); self::registerEncryptionHooks(); //make sure temporary files are cleaned up $tmpManager = \OC::$server->getTempManager(); register_shutdown_function(array($tmpManager, 'clean')); $lockProvider = \OC::$server->getLockingProvider(); register_shutdown_function(array($lockProvider, 'releaseAll')); if ($systemConfig->getValue('installed', false) && !self::checkUpgrade(false)) { if (\OC::$server->getConfig()->getAppValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { OC_Util::addScript('backgroundjobs'); } } // Check whether the sample configuration has been copied if ($systemConfig->getValue('copied_sample_config', false)) { $l = \OC::$server->getL10N('lib'); header('HTTP/1.1 503 Service Temporarily Unavailable'); header('Status: 503 Service Temporarily Unavailable'); OC_Template::printErrorPage($l->t('Sample configuration detected'), $l->t('It has been detected that the sample configuration has been copied. This can break your installation and is unsupported. Please read the documentation before performing changes on config.php')); return; } $request = \OC::$server->getRequest(); $host = $request->getInsecureServerHost(); /** * if the host passed in headers isn't trusted * FIXME: Should not be in here at all :see_no_evil: */ if (!OC::$CLI && self::$server->getConfig()->getSystemValue('overwritehost') === '' && !\OC::$server->getTrustedDomainHelper()->isTrustedDomain($host) && self::$server->getConfig()->getSystemValue('installed', false)) { header('HTTP/1.1 400 Bad Request'); header('Status: 400 Bad Request'); $tmpl = new OCP\Template('core', 'untrustedDomain', 'guest'); $tmpl->assign('domain', $request->server['SERVER_NAME']); $tmpl->printPage(); exit; } \OC::$server->getEventLogger()->end('boot'); }
OCP\Util::addStyle('user_wordpress', 'wordpress'); OCP\Util::addScript('user_wordpress', 'wordpress'); OCP\App::register(array('order' => 29, 'id' => 'cloudpress', 'name' => 'Cloudpress')); OCP\App::registerAdmin('user_wordpress', 'settings'); OCP\App::registerPersonal('user_wordpress', 'persopress'); $wp_instance = new OC_wordpress(); if (isset($_POST['wordpress_settings_post'])) { foreach ($wp_instance->params as $param => $value) { if (isset($_POST[$param])) { OC_Appconfig::setValue('user_wordpress', $param, $_POST[$param]); $wp_instance->params[$param] = $_POST[$param]; } else { OC_Appconfig::setValue('user_wordpress', $param, ''); $wp_instance->params[$param] = ''; } } } if ($wp_instance->params['wordpress_add_button'] == 1) { OCP\App::addNavigationEntry(array('id' => 'wordpress_sites', 'order' => 70, 'href' => OCP\Util::linkTo('user_wordpress', 'wordpress.php'), 'icon' => OC::$CLASSPATH['OC_wordpress_images_menu_sites_icon'], 'name' => 'Sites')); } // register user backend OC_User::useBackend('wordpress'); OC_Group::useBackend(new OC_group_wordpress()); // add settings page to navigation /* $entry = array( 'id' => 'user_wordpress_settings', 'order'=> 1, 'href' => OC_Helper::linkTo( "wordpress", "settings.php" ), 'name' => 'wordpress' );*/
public static function init() { // register autoloader require_once __DIR__ . '/autoloader.php'; self::$loader = new \OC\Autoloader(); self::$loader->registerPrefix('Doctrine\\Common', 'doctrine/common/lib'); self::$loader->registerPrefix('Doctrine\\DBAL', 'doctrine/dbal/lib'); self::$loader->registerPrefix('Symfony\\Component\\Routing', 'symfony/routing'); self::$loader->registerPrefix('Symfony\\Component\\Console', 'symfony/console'); self::$loader->registerPrefix('Sabre\\VObject', '3rdparty'); self::$loader->registerPrefix('Sabre_', '3rdparty'); self::$loader->registerPrefix('Patchwork', '3rdparty'); spl_autoload_register(array(self::$loader, 'load')); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } self::$CLI = php_sapi_name() == 'cli'; date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); // try to switch magic quotes off. if (get_magic_quotes_gpc() == 1) { ini_set('magic_quotes_runtime', 0); } //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); //copy http auth headers for apache+php-fcgid work around if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; } //set http auth headers for apache+php-cgi work around if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } //set http auth headers for apache+php-cgi work around if variable gets renamed by apache if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } self::initPaths(); if (OC_Config::getValue('instanceid', false)) { // \OC\Memcache\Cache has a hidden dependency on // OC_Util::getInstanceId() for namespacing. See #5409. try { self::$loader->setMemoryCache(\OC\Memcache\Factory::createLowLatency('Autoloader')); } catch (\Exception $ex) { } } OC_Util::isSetLocaleWorking(); // set debug mode if an xdebug session is active if (!defined('DEBUG') || !DEBUG) { if (isset($_COOKIE['XDEBUG_SESSION'])) { define('DEBUG', true); } } if (!defined('PHPUNIT_RUN')) { if (defined('DEBUG') and DEBUG) { OC\Log\ErrorHandler::register(true); set_exception_handler(array('OC_Template', 'printExceptionErrorPage')); } else { OC\Log\ErrorHandler::register(); } OC\Log\ErrorHandler::setLogger(OC_Log::$object); } // register the stream wrappers stream_wrapper_register('fakedir', 'OC\\Files\\Stream\\Dir'); stream_wrapper_register('static', 'OC\\Files\\Stream\\StaticStream'); stream_wrapper_register('close', 'OC\\Files\\Stream\\Close'); stream_wrapper_register('quota', 'OC\\Files\\Stream\\Quota'); stream_wrapper_register('oc', 'OC\\Files\\Stream\\OC'); // setup the basic server self::$server = new \OC\Server(); self::initTemplateEngine(); OC_App::loadApps(array('session')); if (!self::$CLI) { self::initSession(); } else { self::$session = new \OC\Session\Memory(''); } self::checkConfig(); self::checkInstalled(); self::checkSSL(); self::addSecurityHeaders(); $errors = OC_Util::checkServer(); if (count($errors) > 0) { if (self::$CLI) { foreach ($errors as $error) { echo $error['error'] . "\n"; echo $error['hint'] . "\n\n"; } } else { OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); OC_Template::printGuestPage('', 'error', array('errors' => $errors)); } exit; } //try to set the session lifetime $sessionLifeTime = self::getSessionLifeTime(); @ini_set('gc_maxlifetime', (string) $sessionLifeTime); // User and Groups if (!OC_Config::getValue("installed", false)) { self::$session->set('user_id', ''); } OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); if (isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('loginname') && $_SERVER['PHP_AUTH_USER'] !== self::$session->get('loginname')) { $sessionUser = self::$session->get('loginname'); $serverUser = $_SERVER['PHP_AUTH_USER']; OC_Log::write('core', "Session loginname ({$sessionUser}) doesn't match SERVER[PHP_AUTH_USER] ({$serverUser}).", OC_Log::WARN); OC_User::logout(); } // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; if (!$RUNTIME_NOAPPS && !self::checkUpgrade(false)) { if ($RUNTIME_APPTYPES) { OC_App::loadApps($RUNTIME_APPTYPES); } else { OC_App::loadApps(); } } //setup extra user backends OC_User::setupBackends(); self::registerCacheHooks(); self::registerFilesystemHooks(); self::registerPreviewHooks(); self::registerShareHooks(); self::registerLogRotate(); //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); //parse the given parameters self::$REQUESTEDAPP = isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? OC_App::cleanAppId(strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'); if (substr_count(self::$REQUESTEDAPP, '?') != 0) { $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDAPP = $app; $_GET['app'] = $app; } self::$REQUESTEDFILE = isset($_GET['getfile']) ? $_GET['getfile'] : null; if (substr_count(self::$REQUESTEDFILE, '?') != 0) { $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDFILE = $file; $_GET['getfile'] = $file; } if (!is_null(self::$REQUESTEDFILE)) { $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE; $parent = OC_App::getAppPath(OC::$REQUESTEDAPP); if (!OC_Helper::issubdirectory($subdir, $parent)) { self::$REQUESTEDFILE = null; header('HTTP/1.0 404 Not Found'); exit; } } if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) { if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { OC_Util::addScript('backgroundjobs'); } } }
public static function init() { // register autoloader require_once __DIR__ . '/autoloader.php'; self::$loader = new \OC\Autoloader(); self::$loader->registerPrefix('Doctrine\\Common', 'doctrine/common/lib'); self::$loader->registerPrefix('Doctrine\\DBAL', 'doctrine/dbal/lib'); self::$loader->registerPrefix('Symfony\\Component\\Routing', 'symfony/routing'); self::$loader->registerPrefix('Symfony\\Component\\Console', 'symfony/console'); self::$loader->registerPrefix('Patchwork', '3rdparty'); self::$loader->registerPrefix('Pimple', '3rdparty/Pimple'); spl_autoload_register(array(self::$loader, 'load')); // make a dummy session available as early as possible since error pages need it self::$session = new \OC\Session\Memory(''); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } self::$CLI = php_sapi_name() == 'cli'; date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); // try to switch magic quotes off. if (get_magic_quotes_gpc() == 1) { ini_set('magic_quotes_runtime', 0); } //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); //copy http auth headers for apache+php-fcgid work around if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; } //set http auth headers for apache+php-cgi work around if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } //set http auth headers for apache+php-cgi work around if variable gets renamed by apache if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } self::initPaths(); if (OC_Config::getValue('instanceid', false)) { // \OC\Memcache\Cache has a hidden dependency on // OC_Util::getInstanceId() for namespacing. See #5409. try { self::$loader->setMemoryCache(\OC\Memcache\Factory::createLowLatency('Autoloader')); } catch (\Exception $ex) { } } OC_Util::isSetLocaleWorking(); // setup 3rdparty autoloader $vendorAutoLoad = OC::$THIRDPARTYROOT . '/3rdparty/autoload.php'; if (file_exists($vendorAutoLoad)) { require_once $vendorAutoLoad; } // set debug mode if an xdebug session is active if (!defined('DEBUG') || !DEBUG) { if (isset($_COOKIE['XDEBUG_SESSION'])) { define('DEBUG', true); } } if (!defined('PHPUNIT_RUN')) { OC\Log\ErrorHandler::setLogger(OC_Log::$object); if (defined('DEBUG') and DEBUG) { OC\Log\ErrorHandler::register(true); set_exception_handler(array('OC_Template', 'printExceptionErrorPage')); } else { OC\Log\ErrorHandler::register(); } } // register the stream wrappers stream_wrapper_register('fakedir', 'OC\\Files\\Stream\\Dir'); stream_wrapper_register('static', 'OC\\Files\\Stream\\StaticStream'); stream_wrapper_register('close', 'OC\\Files\\Stream\\Close'); stream_wrapper_register('quota', 'OC\\Files\\Stream\\Quota'); stream_wrapper_register('oc', 'OC\\Files\\Stream\\OC'); // setup the basic server self::$server = new \OC\Server(); self::initTemplateEngine(); OC_App::loadApps(array('session')); if (!self::$CLI) { self::initSession(); } else { self::$session = new \OC\Session\Memory(''); } self::checkConfig(); self::checkInstalled(); self::checkSSL(); OC_Response::addSecurityHeaders(); $errors = OC_Util::checkServer(); if (count($errors) > 0) { if (self::$CLI) { foreach ($errors as $error) { echo $error['error'] . "\n"; echo $error['hint'] . "\n\n"; } } else { OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); OC_Template::printGuestPage('', 'error', array('errors' => $errors)); } exit; } //try to set the session lifetime $sessionLifeTime = self::getSessionLifeTime(); @ini_set('gc_maxlifetime', (string) $sessionLifeTime); // User and Groups if (!OC_Config::getValue("installed", false)) { self::$session->set('user_id', ''); } OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); //setup extra user backends OC_User::setupBackends(); self::registerCacheHooks(); self::registerFilesystemHooks(); self::registerPreviewHooks(); self::registerShareHooks(); self::registerLogRotate(); //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) { if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { OC_Util::addScript('backgroundjobs'); } } }
<?php /** * ownCloud - user_ldap * * @author Dominik Schmidt * @copyright 2011 Dominik Schmidt dev@dominik-schmidt.de * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE * License as published by the Free Software Foundation; either * version 3 of the License, or any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Affero General Public * License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ require_once 'apps/user_ldap/lib_ldap.php'; require_once 'apps/user_ldap/user_ldap.php'; require_once 'apps/user_ldap/group_ldap.php'; OCP\App::registerAdmin('user_ldap', 'settings'); // register user backend OC_User::useBackend('LDAP'); OC_Group::useBackend(new OC_GROUP_LDAP()); // add settings page to navigation $entry = array('id' => 'user_ldap_settings', 'order' => 1, 'href' => OCP\Util::linkTo('user_ldap', 'settings.php'), 'name' => 'LDAP');
return $gid === self::GroupName; } public function getUserGroups($uid) { return array(self::GroupName); } public function groupExists($gid) { return $gid === self::GroupName; } public function getGroups($search = '', $limit = -1, $offset = 0) { if ($offset <= 0 && (!strlen($search) || false !== stripos(self::GroupName, $search))) { return array(self::GroupName); } return array(); } public function usersInGroup($gid, $search = '', $limit = -1, $offset = 0) { if ($gid !== self::GroupName) { return array(); } return \OC_User::getUsers($search, $limit, $offset); } public function countUsersInGroup($gid, $search = '') { return count(self::usersInGroup($gid)); } } \OC_Group::useBackend(new GROUP_EVERY());
<?php /** * ownCloud - Django Authentification Backend * * @author Florian Reinhard * @copyright 2012 Florian Reinhard <*****@*****.**> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE * License as published by the Free Software Foundation; either * version 3 of the License, or any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ require_once 'apps/django_auth/lib/user.php'; require_once 'apps/django_auth/lib/group.php'; define('OC_GROUP_BACKEND_DJANGO_STAFF_IS_ADMIN', true); define('OC_GROUP_BACKEND_DJANGO_SUPERUSER_IS_ADMIN', true); OC_APP::registerAdmin('django_auth', 'settings'); OC_User::useBackend('Django'); OC_Group::useBackend(new OC_GROUP_DJANGO());
<?php $installedVersion = OCP\Config::getAppValue('files_sharing', 'installed_version'); if (version_compare($installedVersion, '0.3', '<')) { $update_error = false; $query = OCP\DB::prepare('SELECT * FROM `*PREFIX*sharing`'); $result = $query->execute(); $groupShares = array(); //we need to set up user backends, otherwise creating the shares will fail with "because user does not exist" OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); OC_App::loadApps(array('authentication')); $rootView = new \OC\Files\View(''); while ($row = $result->fetchRow()) { $meta = $rootView->getFileInfo(${$row}['source']); $itemSource = $meta['fileid']; if ($itemSource != -1) { $file = $meta; if ($file['mimetype'] == 'httpd/unix-directory') { $itemType = 'folder'; } else { $itemType = 'file'; } if ($row['permissions'] == 0) { $permissions = OCP\PERMISSION_READ | OCP\PERMISSION_SHARE; } else { $permissions = OCP\PERMISSION_READ | OCP\PERMISSION_UPDATE | OCP\PERMISSION_SHARE; if ($itemType == 'folder') { $permissions |= OCP\PERMISSION_CREATE; } }
public static function init() { // register autoloader spl_autoload_register(array('OC', 'autoload')); OC_Util::issetlocaleworking(); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } self::$CLI = php_sapi_name() == 'cli'; date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); // try to switch magic quotes off. if (get_magic_quotes_gpc() == 1) { ini_set('magic_quotes_runtime', 0); } //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); //copy http auth headers for apache+php-fcgid work around if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; } //set http auth headers for apache+php-cgi work around if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } //set http auth headers for apache+php-cgi work around if variable gets renamed by apache if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } self::initPaths(); // set debug mode if an xdebug session is active if (!defined('DEBUG') || !DEBUG) { if (isset($_COOKIE['XDEBUG_SESSION'])) { define('DEBUG', true); } } if (!defined('PHPUNIT_RUN') and !(defined('DEBUG') and DEBUG)) { register_shutdown_function(array('OC_Log', 'onShutdown')); set_error_handler(array('OC_Log', 'onError')); set_exception_handler(array('OC_Log', 'onException')); } // register the stream wrappers stream_wrapper_register('fakedir', 'OC\\Files\\Stream\\Dir'); stream_wrapper_register('static', 'OC\\Files\\Stream\\StaticStream'); stream_wrapper_register('close', 'OC\\Files\\Stream\\Close'); stream_wrapper_register('oc', 'OC\\Files\\Stream\\OC'); self::initTemplateEngine(); self::checkConfig(); self::checkInstalled(); self::checkSSL(); self::initSession(); $errors = OC_Util::checkServer(); if (count($errors) > 0) { OC_Template::printGuestPage('', 'error', array('errors' => $errors)); exit; } //try to set the session lifetime $sessionLifeTime = self::getSessionLifeTime(); @ini_set('gc_maxlifetime', (string) $sessionLifeTime); // User and Groups if (!OC_Config::getValue("installed", false)) { $_SESSION['user_id'] = ''; } OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SESSION['user_id']) && $_SERVER['PHP_AUTH_USER'] != $_SESSION['user_id']) { OC_User::logout(); } // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; if (!$RUNTIME_NOAPPS) { if ($RUNTIME_APPTYPES) { OC_App::loadApps($RUNTIME_APPTYPES); } else { OC_App::loadApps(); } } //setup extra user backends OC_User::setupBackends(); self::registerCacheHooks(); self::registerFilesystemHooks(); self::registerShareHooks(); //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); //parse the given parameters self::$REQUESTEDAPP = isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? OC_App::cleanAppId(strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'); if (substr_count(self::$REQUESTEDAPP, '?') != 0) { $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDAPP = $app; $_GET['app'] = $app; } self::$REQUESTEDFILE = isset($_GET['getfile']) ? $_GET['getfile'] : null; if (substr_count(self::$REQUESTEDFILE, '?') != 0) { $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDFILE = $file; $_GET['getfile'] = $file; } if (!is_null(self::$REQUESTEDFILE)) { $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE; $parent = OC_App::getAppPath(OC::$REQUESTEDAPP); if (!OC_Helper::issubdirectory($subdir, $parent)) { self::$REQUESTEDFILE = null; header('HTTP/1.0 404 Not Found'); exit; } } // write error into log if locale can't be set if (OC_Util::issetlocaleworking() == false) { OC_Log::write('core', 'setting locale to en_US.UTF-8/en_US.UTF8 failed. Support is probably not installed on your system', OC_Log::ERROR); } if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) { if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { OC_Util::addScript('backgroundjobs'); } } }
public static function init() { // register autoloader spl_autoload_register(array('OC', 'autoload')); setlocale(LC_ALL, 'en_US.UTF-8'); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } self::$CLI = php_sapi_name() == 'cli'; date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); // try to switch magic quotes off. if (function_exists('set_magic_quotes_runtime')) { @set_magic_quotes_runtime(false); } //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); //try to set the session lifetime to 60min @ini_set('gc_maxlifetime', '3600'); //set http auth headers for apache+php-cgi work around if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } //set http auth headers for apache+php-cgi work around if variable gets renamed by apache if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } self::initPaths(); // set debug mode if an xdebug session is active if (!defined('DEBUG') || !DEBUG) { if (isset($_COOKIE['XDEBUG_SESSION'])) { define('DEBUG', true); } } // register the stream wrappers require_once 'streamwrappers.php'; stream_wrapper_register("fakedir", "OC_FakeDirStream"); stream_wrapper_register('static', 'OC_StaticStreamWrapper'); stream_wrapper_register('close', 'OC_CloseStreamWrapper'); self::checkInstalled(); self::checkSSL(); self::initSession(); self::initTemplateEngine(); self::checkUpgrade(); $errors = OC_Util::checkServer(); if (count($errors) > 0) { OC_Template::printGuestPage('', 'error', array('errors' => $errors)); exit; } // User and Groups if (!OC_Config::getValue("installed", false)) { $_SESSION['user_id'] = ''; } OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SESSION['user_id']) && $_SERVER['PHP_AUTH_USER'] != $_SESSION['user_id']) { OC_User::logout(); } // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; if (!$RUNTIME_NOAPPS) { if ($RUNTIME_APPTYPES) { OC_App::loadApps($RUNTIME_APPTYPES); } else { OC_App::loadApps(); } } //setup extra user backends OC_User::setupBackends(); // register cache cleanup jobs OC_BackgroundJob_RegularTask::register('OC_Cache_FileGlobal', 'gc'); OC_Hook::connect('OC_User', 'post_login', 'OC_Cache_File', 'loginListener'); // Check for blacklisted files OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted'); OC_Hook::connect('OC_Filesystem', 'rename', 'OC_Filesystem', 'isBlacklisted'); //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); //parse the given parameters self::$REQUESTEDAPP = isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? str_replace(array('\\0', '/', '\\', '..'), '', strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'); if (substr_count(self::$REQUESTEDAPP, '?') != 0) { $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDAPP = $app; $_GET['app'] = $app; } self::$REQUESTEDFILE = isset($_GET['getfile']) ? $_GET['getfile'] : null; if (substr_count(self::$REQUESTEDFILE, '?') != 0) { $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDFILE = $file; $_GET['getfile'] = $file; } if (!is_null(self::$REQUESTEDFILE)) { $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE; $parent = OC_App::getAppPath(OC::$REQUESTEDAPP); if (!OC_Helper::issubdirectory($subdir, $parent)) { self::$REQUESTEDFILE = null; header('HTTP/1.0 404 Not Found'); exit; } } }
<?php /** * This file is part of OpenMediaVault. * * @license http://www.gnu.org/licenses/gpl.html GPL Version 3 * @author Volker Theile <*****@*****.**> * @copyright Copyright (c) 2009-2016 Volker Theile * * OpenMediaVault is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * any later version. * * OpenMediaVault is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with OpenMediaVault. If not, see <http://www.gnu.org/licenses/>. */ require_once OC_App::getAppPath("user_openmediavault") . "/user_openmediavault.php"; require_once OC_App::getAppPath("user_openmediavault") . "/group_openmediavault.php"; OC_User::useBackend(new OC_User_OpenMediaVault()); OC_Group::useBackend(new OC_Group_OpenMediaVault());
$ocVersion = implode('.', OCP\Util::getVersion()); if (version_compare($ocVersion, '5.0', '<')) { if (!function_exists('p')) { function p($string) { print OC_Util::sanitizeHTML($string); } } } require_once 'user_saml/user_saml.php'; OCP\App::registerAdmin('user_saml', 'settings'); // Use user_group_admin groups for group management if available if (OCP\App::isEnabled('user_group_admin')) { OC::$CLASSPATH['OC_User_Group_Admin_Backend'] = 'apps/user_group_admin/lib/backend.php'; OC::$CLASSPATH['OC_User_Group_Admin_Util'] = 'apps/user_group_admin/lib/util.php'; OC_Group::useBackend(new OC_User_Group_Admin_Backend()); } // register user backend OC_User::useBackend('SAML'); OC::$CLASSPATH['OC_USER_SAML_Hooks'] = 'user_saml/lib/hooks.php'; OCP\Util::connectHook('OC_User', 'post_login', 'OC_USER_SAML_Hooks', 'post_login'); OCP\Util::connectHook('OC_User', 'logout', 'OC_USER_SAML_Hooks', 'logout'); $forceLogin = OCP\Config::getAppValue('user_saml', 'saml_force_saml_login', false) && shouldEnforceAuthentication(); if (isset($_GET['app']) && $_GET['app'] == 'user_saml' || !OCP\User::isLoggedIn() && $forceLogin && !isset($_GET['admin_login'])) { require_once 'user_saml/auth.php'; if (!OC_User::login('', '')) { $error = true; OC_Log::write('saml', 'Error trying to authenticate the user', OC_Log::DEBUG); } if (isset($_GET["linktoapp"])) { $path = OC::$WEBROOT . '/?app=' . $_GET["linktoapp"];
function testMultiBackend() { $backend1 = new OC_Group_Dummy(); $backend2 = new OC_Group_Dummy(); OC_Group::useBackend($backend1); OC_Group::useBackend($backend2); $group1 = uniqid(); $group2 = uniqid(); OC_Group::createGroup($group1); //groups should be added to the first registered backend $this->assertEqual(array($group1), $backend1->getGroups()); $this->assertEqual(array(), $backend2->getGroups()); $this->assertEqual(array($group1), OC_Group::getGroups()); $this->assertTrue(OC_Group::groupExists($group1)); $this->assertFalse(OC_Group::groupExists($group2)); $backend1->createGroup($group2); $this->assertEqual(array($group1, $group2), OC_Group::getGroups()); $this->assertTrue(OC_Group::groupExists($group1)); $this->assertTrue(OC_Group::groupExists($group2)); $user1 = uniqid(); $user2 = uniqid(); $this->assertFalse(OC_Group::inGroup($user1, $group1)); $this->assertFalse(OC_Group::inGroup($user2, $group1)); $this->assertTrue(OC_Group::addToGroup($user1, $group1)); $this->assertTrue(OC_Group::inGroup($user1, $group1)); $this->assertFalse(OC_Group::inGroup($user2, $group1)); $this->assertFalse($backend2->inGroup($user1, $group1)); $this->assertFalse(OC_Group::addToGroup($user1, $group1)); $this->assertEqual(array($user1), OC_Group::usersInGroup($group1)); $this->assertEqual(array($group1), OC_Group::getUserGroups($user1)); $this->assertEqual(array(), OC_Group::getUserGroups($user2)); OC_Group::deleteGroup($group1); $this->assertEqual(array(), OC_Group::getUserGroups($user1)); $this->assertEqual(array(), OC_Group::usersInGroup($group1)); $this->assertFalse(OC_Group::inGroup($user1, $group1)); }
public static function init() { // register autoloader spl_autoload_register(array('OC', 'autoload')); setlocale(LC_ALL, 'en_US.UTF-8'); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); // try to switch magic quotes off. if (function_exists('set_magic_quotes_runtime')) { @set_magic_quotes_runtime(false); } //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); //try to set the session lifetime to 60min @ini_set('gc_maxlifetime', '3600'); //set http auth headers for apache+php-cgi work around if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } //set http auth headers for apache+php-cgi work around if variable gets renamed by apache if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } self::initPaths(); // register the stream wrappers require_once 'streamwrappers.php'; stream_wrapper_register("fakedir", "OC_FakeDirStream"); stream_wrapper_register('static', 'OC_StaticStreamWrapper'); stream_wrapper_register('close', 'OC_CloseStreamWrapper'); self::checkInstalled(); self::checkSSL(); // CSRF protection if (isset($_SERVER['HTTP_REFERER'])) { $referer = $_SERVER['HTTP_REFERER']; } else { $referer = ''; } $refererhost = parse_url($referer); if (isset($refererhost['host'])) { $refererhost = $refererhost['host']; } else { $refererhost = ''; } $server = OC_Helper::serverHost(); $serverhost = explode(':', $server); $serverhost = $serverhost['0']; if ($_SERVER['REQUEST_METHOD'] == 'POST' and $refererhost != $serverhost) { $url = OC_Helper::serverProtocol() . '://' . $server . OC::$WEBROOT . '/index.php'; header("Location: {$url}"); exit; } self::initSession(); self::initTemplateEngine(); self::checkUpgrade(); $errors = OC_Util::checkServer(); if (count($errors) > 0) { OC_Template::printGuestPage('', 'error', array('errors' => $errors)); exit; } // TODO: we should get rid of this one, too // WARNING: to make everything even more confusing, // DATADIRECTORY is a var that changes and DATADIRECTORY_ROOT // stays the same, but is set by "datadirectory". // Any questions? OC::$CONFIG_DATADIRECTORY = OC_Config::getValue("datadirectory", OC::$SERVERROOT . "/data"); // User and Groups if (!OC_Config::getValue("installed", false)) { $_SESSION['user_id'] = ''; } OC_User::useBackend(OC_Config::getValue("userbackend", "database")); OC_Group::useBackend(new OC_Group_Database()); // Set up file system unless forbidden global $RUNTIME_NOSETUPFS; if (!$RUNTIME_NOSETUPFS) { OC_Util::setupFS(); } // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; if (!$RUNTIME_NOAPPS) { if ($RUNTIME_APPTYPES) { OC_App::loadApps($RUNTIME_APPTYPES); } else { OC_App::loadApps(); } } // Check for blacklisted files OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted'); //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); //parse the given parameters self::$REQUESTEDAPP = isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? str_replace(array('\\0', '/', '\\', '..'), '', strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'); if (substr_count(self::$REQUESTEDAPP, '?') != 0) { $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); $param = substr(self::$REQUESTEDAPP, strpos(self::$REQUESTEDAPP, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDAPP = $app; $_GET['app'] = $app; } self::$REQUESTEDFILE = isset($_GET['getfile']) ? $_GET['getfile'] : null; if (substr_count(self::$REQUESTEDFILE, '?') != 0) { $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDFILE = $file; $_GET['getfile'] = $file; } if (!is_null(self::$REQUESTEDFILE)) { $subdir = OC::$APPSROOT . '/apps/' . self::$REQUESTEDAPP . '/' . self::$REQUESTEDFILE; $parent = OC::$APPSROOT . '/apps/' . self::$REQUESTEDAPP; if (!OC_Helper::issubdirectory($subdir, $parent)) { self::$REQUESTEDFILE = null; header('HTTP/1.0 404 Not Found'); exit; } } }