/**
* set Content-Type header to jsonrequest
*/
public static function setContentTypeHeader($type='application/json') {
if (!self::$send_content_type_header) {
// We send json data
header( 'Content-Type: '.$type );
self::$send_content_type_header = true;
}
}
function handleUnexpectedShutdown()
{
if (!my_temporary_cron_class::$sent) {
if (OC::$CLI) {
echo 'Unexpected error!' . PHP_EOL;
} else {
OC_JSON::error(array('data' => array('message' => 'Unexpected error!')));
}
}
}
function handleUnexpectedShutdown()
{
// Delete lockfile
if (!TemporaryCronClass::$keeplock && file_exists(TemporaryCronClass::$lockfile)) {
unlink(TemporaryCronClass::$lockfile);
}
// Say goodbye if the app did not shutdown properly
if (!TemporaryCronClass::$sent) {
if (OC::$CLI) {
echo 'Unexpected error!' . PHP_EOL;
} else {
OC_JSON::error(array('data' => array('message' => 'Unexpected error!')));
}
}
}
function index()
{
if (isset($_GET['fileid'])) {
$fileIds = array($_GET['fileid']);
} else {
$fileIds = OCA\Search_Lucene\Indexer::getUnindexed();
}
$eventSource = new OC_EventSource();
$eventSource->send('count', count($fileIds));
$skippedDirs = explode(';', OCP\Config::getUserValue(OCP\User::getUser(), 'search_lucene', 'skipped_dirs', '.git;.svn;.CVS;.bzr'));
foreach ($fileIds as $id) {
$skipped = false;
$fileStatus = OCA\Search_Lucene\Status::fromFileId($id);
try {
//before we start mark the file as error so we know there was a problem when the php execution dies
$fileStatus->markError();
$path = OC\Files\Filesystem::getPath($id);
$eventSource->send('indexing', $path);
foreach ($skippedDirs as $skippedDir) {
if (strpos($path, '/' . $skippedDir . '/') !== false || strrpos($path, '/' . $skippedDir) === strlen($path) - (strlen($skippedDir) + 1)) {
$result = $fileStatus->markSkipped();
$skipped = true;
break;
}
}
if (!$skipped) {
if (OCA\Search_Lucene\Indexer::indexFile($path, OCP\User::getUser())) {
$result = $fileStatus->markIndexed();
}
}
if (!$result) {
OC_JSON::error(array('message' => 'Could not index file.'));
$eventSource->send('error', $path);
}
} catch (Exception $e) {
//sqlite might report database locked errors when stock filescan is in progress
//this also catches db locked exception that might come up when using sqlite
\OCP\Util::writeLog('search_lucene', $e->getMessage() . ' Trace:\\n' . $e->getTraceAsString(), \OCP\Util::ERROR);
OC_JSON::error(array('message' => 'Could not index file.'));
$eventSource->send('error', $e->getMessage());
//try to mark the file as new to let it reindex
$fileStatus->markNew();
// Add UI to trigger rescan of files with status 'E'rror?
}
}
$eventSource->send('done', '');
$eventSource->close();
}
function index()
{
$fileIds = OCA\Search_Lucene\Indexer::getUnindexed();
$eventSource = new OC_EventSource();
$eventSource->send('count', count($fileIds));
$skippedDirs = explode(';', OCP\Config::getUserValue(OCP\User::getUser(), 'search_lucene', 'skipped_dirs', '.git;.svn;.CVS;.bzr'));
$query = OC_DB::prepare('INSERT INTO `*PREFIX*lucene_status` VALUES (?,?)');
foreach ($fileIds as $id) {
$skipped = false;
try {
//before we start mark the file as error so we know there was a problem when the php execution dies
$result = $query->execute(array($id, 'E'));
$path = OC\Files\Filesystem::getPath($id);
$eventSource->send('indexing', $path);
//clean jobs for indexed file
$param = json_encode(array('path' => $path, 'user' => OCP\User::getUser()));
$cleanjobquery = OC_DB::prepare('DELETE FROM `*PREFIX*queuedtasks` WHERE `app`=? AND `parameters`=?');
$cleanjobquery->execute(array('search_lucene', $param));
foreach ($skippedDirs as $skippedDir) {
if (strpos($path, '/' . $skippedDir . '/') !== false || strrpos($path, '/' . $skippedDir) === strlen($path) - (strlen($skippedDir) + 1)) {
$result = $query->execute(array($id, 'S'));
$skipped = true;
break;
}
}
if (!$skipped) {
if (OCA\Search_Lucene\Indexer::indexFile($path, OCP\User::getUser())) {
$result = $query->execute(array($id, 'I'));
}
}
if (!$result) {
OC_JSON::error(array('message' => 'Could not index file.'));
$eventSource->send('error', $path);
}
} catch (PDOException $e) {
//sqlite might report database locked errors when stock filescan is in progress
//this also catches db locked exception that might come up when using sqlite
\OCP\Util::writeLog('search_lucene', $e->getMessage() . ' Trace:\\n' . $e->getTraceAsString(), \OCP\Util::ERROR);
OC_JSON::error(array('message' => 'Could not index file.'));
$eventSource->send('error', $e->getMessage());
//try to mark the file as new to let it reindex
$query->execute(array($id, 'N'));
// Add UI to trigger rescan of files with status 'E'rror?
}
}
$eventSource->send('done', '');
$eventSource->close();
}
public static function getDisplayNames($args)
{
\OC_JSON::checkLoggedIn();
\OC_JSON::callCheck();
$users = $_GET['users'];
$result = array();
$userManager = \OC::$server->getUserManager();
foreach ($users as $user) {
$userObject = $userManager->get($user);
if (is_object($userObject)) {
$result[$user] = $userObject->getDisplayName();
} else {
$result[$user] = $user;
}
}
\OC_JSON::success(array('users' => $result));
}
}
}
}
$count = 0;
// enable l10n support
$l = \OC::$server->getL10N('core');
foreach ($groups as $group) {
if ($count < 15) {
if (!isset($_GET['itemShares']) || !isset($_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP]) || !is_array((string) $_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP]) || !in_array($group, (string) $_GET['itemShares'][OCP\Share::SHARE_TYPE_GROUP])) {
$shareWith[] = array('label' => $group, 'value' => array('shareType' => OCP\Share::SHARE_TYPE_GROUP, 'shareWith' => $group));
$count++;
}
} else {
break;
}
}
// allow user to add unknown remote addresses for server-to-server share
$backend = \OCP\Share::getBackend((string) $_GET['itemType']);
if ($backend->isShareTypeAllowed(\OCP\Share::SHARE_TYPE_REMOTE)) {
if (substr_count((string) $_GET['search'], '@') === 1) {
$shareWith[] = array('label' => (string) $_GET['search'], 'value' => array('shareType' => \OCP\Share::SHARE_TYPE_REMOTE, 'shareWith' => (string) $_GET['search']));
}
}
$sorter = new \OC\Share\SearchResultSorter((string) $_GET['search'], 'label', new \OC\Log());
usort($shareWith, array($sorter, 'sort'));
OC_JSON::success(array('data' => $shareWith));
}
break;
}
}
}
OCP\JSON::callCheck();
OC_JSON::checkLoggedIn();
$l = \OC::$server->getL10N('settings');
$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
$displayName = (string) $_POST["displayName"];
$userstatus = null;
if (OC_User::isAdminUser(OC_User::getUser())) {
$userstatus = 'admin';
}
$isUserAccessible = false;
$subadminUserObject = \OC::$server->getUserManager()->get(\OC_User::getUser());
$targetUserObject = \OC::$server->getUserManager()->get($username);
if ($subadminUserObject !== null && $targetUserObject !== null) {
$isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($subadminUserObject, $targetUserObject);
}
if ($isUserAccessible) {
$userstatus = 'subadmin';
}
if ($username === OC_User::getUser() && OC_User::canUserChangeDisplayName($username)) {
$userstatus = 'changeOwnDisplayName';
}
if (is_null($userstatus)) {
OC_JSON::error(array("data" => array("message" => $l->t("Authentication error"))));
exit;
}
// Return Success story
if (OC_User::setDisplayName($username, $displayName)) {
OC_JSON::success(array("data" => array("message" => $l->t('Your full name has been changed.'), "username" => $username, 'displayName' => $displayName)));
} else {
OC_JSON::error(array("data" => array("message" => $l->t("Unable to change full name"), 'displayName' => OC_User::getDisplayName($username))));
}
OCP\JSON::checkAdminUser();
OCP\JSON::callCheck();
if (!array_key_exists('appid', $_POST)) {
OCP\JSON::error(array('message' => 'No AppId given!'));
return;
}
$appId = (string) $_POST['appid'];
if (!is_numeric($appId)) {
$appId = \OC::$server->getAppConfig()->getValue($appId, 'ocsid', null);
if ($appId === null) {
OCP\JSON::error(array('message' => 'No OCS-ID found for app!'));
exit;
}
}
$appId = OC_App::cleanAppId($appId);
$config = \OC::$server->getConfig();
$config->setSystemValue('maintenance', true);
try {
$result = OC_Installer::updateAppByOCSId($appId);
$config->setSystemValue('maintenance', false);
} catch (Exception $ex) {
$config->setSystemValue('maintenance', false);
OC_JSON::error(array("data" => array("message" => $ex->getMessage())));
return;
}
if ($result !== false) {
OC_JSON::success(array('data' => array('appid' => $appId)));
} else {
$l = \OC::$server->getL10N('settings');
OC_JSON::error(array("data" => array("message" => $l->t("Couldn't update app."))));
}
/**
* @param string $format
* @return string
*/
public static function renderResult($format, $meta, $data)
{
$response = array('ocs' => array('meta' => $meta, 'data' => $data));
if ($format == 'json') {
return OC_JSON::encode($response);
}
$writer = new XMLWriter();
$writer->openMemory();
$writer->setIndent(true);
$writer->startDocument();
self::toXML($response, $writer);
$writer->endDocument();
return $writer->outputMemory(true);
}
}
}
} else {
if ($param === 'removeHeaderNav') {
OCP\Config::setAppValue('roundcube', 'removeHeaderNav', false);
}
if ($param === 'removeControlNav') {
OCP\Config::setAppValue('roundcube', 'removeControlNav', false);
}
if ($param === 'autoLogin') {
OCP\Config::setAppValue('roundcube', 'autoLogin', false);
}
if ($param === 'enableDebug') {
OCP\Config::setAppValue('roundcube', 'enableDebug', false);
}
if ($param === 'rcNoCronRefresh') {
OCP\Config::setAppValue('roundcube', 'rcNoCronRefresh', false);
}
}
}
// update login status
$username = OCP\User::getUser();
$params = array("uid" => $username);
$loginHelper = new OC_RoundCube_AuthHelper();
$loginHelper->login($params);
} else {
OC_JSON::error(array("data" => array("message" => $l->t("Not submitted for us."))));
return false;
}
OCP\JSON::success(array('data' => array('message' => $l->t('Application settings successfully stored.'))));
return true;
<?php // Init owncloud require_once '../../lib/base.php'; OC_JSON::checkAdminUser(); OC_JSON::setContentTypeHeader(); OC_App::disable($_POST['appid']);
/**
* ownCloud - bookmarks plugin
*
* @author Arthur Schiwon
* @copyright 2011 Arthur Schiwon blizzz@arthur-schiwon.de
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
//no apps or filesystem
$RUNTIME_NOSETUPFS = true;
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('bookmarks');
$id = $_POST['id'];
if (!OC_Bookmarks_Bookmarks::deleteUrl($id)) {
OC_JSON::error();
exit;
}
OCP\JSON::success();
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*/
OCP\JSON::checkAppEnabled('external');
OCP\User::checkAdminUser();
OCP\JSON::callCheck();
$sites = array();
for ($i = 0; $i < sizeof($_POST['site_name']); $i++) {
if (!empty($_POST['site_name'][$i]) && !empty($_POST['site_url'][$i])) {
array_push($sites, array(strip_tags($_POST['site_name'][$i]), strip_tags($_POST['site_url'][$i])));
}
}
$l = OC_L10N::get('external');
foreach ($sites as $site) {
if (strpos($site[1], 'https://') === 0) {
continue;
}
if (strpos($site[1], 'http://') === 0) {
continue;
}
OC_JSON::error(array("data" => array("message" => $l->t('Please enter valid urls - they have to start with either http:// or https://'))));
return;
}
if (sizeof($sites) == 0) {
$appConfig = \OC::$server->getAppConfig();
$appConfig->deleteKey('external', 'sites');
} else {
OCP\Config::setAppValue('external', 'sites', json_encode($sites));
}
OC_JSON::success(array("data" => array("message" => $l->t("External sites saved."))));
public static function changeUserPassword($args)
{
// Check if we are an user
\OC_JSON::callCheck();
\OC_JSON::checkLoggedIn();
$l = new \OC_L10n('settings');
if (isset($_POST['username'])) {
$username = $_POST['username'];
} else {
\OC_JSON::error(array('data' => array('message' => $l->t('No user supplied'))));
exit;
}
$password = isset($_POST['password']) ? $_POST['password'] : null;
$recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null;
$isUserAccessible = false;
$currentUserObject = \OC::$server->getUserSession()->getUser();
$targetUserObject = \OC::$server->getUserManager()->get($username);
if ($currentUserObject !== null && $targetUserObject !== null) {
$isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject);
}
if (\OC_User::isAdminUser(\OC_User::getUser())) {
$userstatus = 'admin';
} elseif ($isUserAccessible) {
$userstatus = 'subadmin';
} else {
\OC_JSON::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
if (\OC_App::isEnabled('encryption')) {
//handle the recovery case
$crypt = new \OCA\Encryption\Crypto\Crypt(\OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig(), \OC::$server->getL10N('encryption'));
$keyStorage = \OC::$server->getEncryptionKeyStorage();
$util = new \OCA\Encryption\Util(new \OC\Files\View(), $crypt, \OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig(), \OC::$server->getUserManager());
$keyManager = new \OCA\Encryption\KeyManager($keyStorage, $crypt, \OC::$server->getConfig(), \OC::$server->getUserSession(), new \OCA\Encryption\Session(\OC::$server->getSession()), \OC::$server->getLogger(), $util);
$recovery = new \OCA\Encryption\Recovery(\OC::$server->getUserSession(), $crypt, \OC::$server->getSecureRandom(), $keyManager, \OC::$server->getConfig(), $keyStorage, \OC::$server->getEncryptionFilesHelper(), new \OC\Files\View());
$recoveryAdminEnabled = $recovery->isRecoveryKeyEnabled();
$validRecoveryPassword = false;
$recoveryEnabledForUser = false;
if ($recoveryAdminEnabled) {
$validRecoveryPassword = $keyManager->checkRecoveryPassword($recoveryPassword);
$recoveryEnabledForUser = $recovery->isRecoveryEnabledForUser($username);
}
if ($recoveryEnabledForUser && $recoveryPassword === '') {
\OC_JSON::error(array('data' => array('message' => $l->t('Please provide an admin recovery password, otherwise all user data will be lost'))));
} elseif ($recoveryEnabledForUser && !$validRecoveryPassword) {
\OC_JSON::error(array('data' => array('message' => $l->t('Wrong admin recovery password. Please check the password and try again.'))));
} else {
// now we know that everything is fine regarding the recovery password, let's try to change the password
$result = \OC_User::setPassword($username, $password, $recoveryPassword);
if (!$result && $recoveryEnabledForUser) {
\OC_JSON::error(array("data" => array("message" => $l->t("Backend doesn't support password change, but the user's encryption key was successfully updated."))));
} elseif (!$result && !$recoveryEnabledForUser) {
\OC_JSON::error(array("data" => array("message" => $l->t("Unable to change password"))));
} else {
\OC_JSON::success(array("data" => array("username" => $username)));
}
}
} else {
// if encryption is disabled, proceed
if (!is_null($password) && \OC_User::setPassword($username, $password)) {
\OC_JSON::success(array('data' => array('username' => $username)));
} else {
\OC_JSON::error(array('data' => array('message' => $l->t('Unable to change password'))));
}
}
}
<?php
/**
* ownCloud
*
* @author Robin Appelman
* @copyright 2010 Robin Appelman icewind1991@gmail.com
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
// Check if we are a user
OC_JSON::checkLoggedIn();
$query = isset($_GET['query']) ? $_GET['query'] : '';
if ($query) {
$result = \OC::$server->getSearch()->search($query);
OC_JSON::encodedPrint($result);
} else {
echo 'false';
}
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU AFFERO GENERAL PUBLIC
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
* Displays <a href="http://opensource.org/licenses/AGPL-3.0">GNU AFFERO GENERAL PUBLIC LICENSE</a>
* @license http://opensource.org/licenses/AGPL-3.0 GNU AFFERO GENERAL PUBLIC LICENSE
*
*/
include_once "user_otp/lib/utils.php";
$l = OC_L10N::get('settings');
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('user_otp');
OCP\JSON::callCheck();
if ($_POST && $_POST["uid"] && OC_User::isAdminUser(OCP\User::getUser())) {
OC_JSON::checkSubAdminUser();
$uid = $_POST["uid"];
} else {
$uid = OCP\User::getUser();
}
// Get data
$mOtp = new MultiOtpDb(OCP\Config::getAppValue('user_otp', 'EncryptionKey', 'DefaultCliEncryptionKey'));
$mOtp->EnableVerboseLog();
//$mOtp->SetDisplayLogOption(1);
if ($_POST && $_POST["otp_action"] === "delete_otp" && $mOtp->CheckUserExists($uid)) {
if ($mOtp->DeleteUser($uid)) {
OCP\JSON::success(array("data" => array("message" => $l->t("OTP Changed"))));
} else {
OCP\JSON::error(array("data" => array("message" => $l->t("check apps folder rights"))));
}
} else {
echo ' externalapp';
}
?>
" href="?appid=<?php
echo $app['id'];
?>
"><?php
echo htmlentities($app['name']);
?>
</a>
<script type="application/javascript">
appData_<?php
echo $app['id'];
?>
=<?php
OC_JSON::encodedPrint($app, false);
?>
;
</script>
<?php
if (!$app['internal']) {
echo '<small class="externalapp list">3rd party</small>';
}
?>
</li>
<?php
}
?>
</ul>
<div id="rightcontent">
<div class="appinfo">
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
OC_JSON::checkAdminUser();
OCP\JSON::callCheck();
$username = (string) $_POST['username'];
$group = (string) $_POST['group'];
$subAdminManager = \OC::$server->getGroupManager()->getSubAdmin();
$targetUserObject = \OC::$server->getUserManager()->get($username);
$targetGroupObject = \OC::$server->getGroupManager()->get($group);
$isSubAdminOfGroup = false;
if ($targetUserObject !== null && $targetUserObject !== null) {
$isSubAdminOfGroup = $subAdminManager->isSubAdminofGroup($targetUserObject, $targetGroupObject);
}
// Toggle group
if ($isSubAdminOfGroup) {
$subAdminManager->deleteSubAdmin($targetUserObject, $targetGroupObject);
} else {
$subAdminManager->createSubAdmin($targetUserObject, $targetGroupObject);
}
OC_JSON::success();
/**
* Handle the request
*/
public static function handleRequest()
{
\OC::$server->getEventLogger()->start('handle_request', 'Handle request');
$systemConfig = \OC::$server->getSystemConfig();
// load all the classpaths from the enabled apps so they are available
// in the routing files of each app
OC::loadAppClassPaths();
// Check if ownCloud is installed or in maintenance (update) mode
if (!$systemConfig->getValue('installed', false)) {
\OC::$server->getSession()->clear();
$setupHelper = new OC\Setup(\OC::$server->getConfig(), \OC::$server->getIniWrapper(), \OC::$server->getL10N('lib'), new \OC_Defaults(), \OC::$server->getLogger(), \OC::$server->getSecureRandom());
$controller = new OC\Core\Setup\Controller($setupHelper);
$controller->run($_POST);
exit;
}
$request = \OC::$server->getRequest()->getPathInfo();
if (substr($request, -3) !== '.js') {
// we need these files during the upgrade
self::checkMaintenanceMode();
self::checkUpgrade();
}
// Always load authentication apps
OC_App::loadApps(['authentication']);
// Load minimum set of apps
if (!self::checkUpgrade(false) && !$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
// For logged-in users: Load everything
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
} else {
// For guests: Load only filesystem and logging
OC_App::loadApps(array('filesystem', 'logging'));
\OC_User::tryBasicAuthLogin();
}
}
if (!self::$CLI and (!isset($_GET["logout"]) or $_GET["logout"] !== 'true')) {
try {
if (!$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
OC_App::loadApps(array('filesystem', 'logging'));
OC_App::loadApps();
}
self::checkSingleUserMode();
OC_Util::setupFS();
OC::$server->getRouter()->match(\OC::$server->getRequest()->getRawPathInfo());
return;
} catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
//header('HTTP/1.0 404 Not Found');
} catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
OC_Response::setStatus(405);
return;
}
}
// Handle redirect URL for logged in users
if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
$location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
// Deny the redirect if the URL contains a @
// This prevents unvalidated redirects like ?redirect_url=:user@domain.com
if (strpos($location, '@') === false) {
header('Location: ' . $location);
return;
}
}
// Handle WebDAV
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
// not allowed any more to prevent people
// mounting this root directly.
// Users need to mount remote.php/webdav instead.
header('HTTP/1.1 405 Method Not Allowed');
header('Status: 405 Method Not Allowed');
return;
}
// Redirect to index if the logout link is accessed without valid session
// this is needed to prevent "Token expired" messages while login if a session is expired
// @see https://github.com/owncloud/core/pull/8443#issuecomment-42425583
if (isset($_GET['logout']) && !OC_User::isLoggedIn()) {
header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
return;
}
// Someone is logged in
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
OC_User::setupBackends();
OC_Util::setupFS();
if (isset($_GET["logout"]) and $_GET["logout"]) {
OC_JSON::callCheck();
if (isset($_COOKIE['oc_token'])) {
\OC::$server->getConfig()->deleteUserValue(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
}
OC_User::logout();
// redirect to webroot and add slash if webroot is empty
header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
} else {
// Redirect to default application
OC_Util::redirectToDefaultPage();
}
} else {
// Not handled and not logged in
self::handleLogin();
}
}
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
OC_JSON::checkSubAdminUser();
OCP\JSON::callCheck();
$username = isset($_POST["username"]) ? (string) $_POST["username"] : '';
if ($username === '' && !OC_User::isAdminUser(OC_User::getUser()) || !OC_User::isAdminUser(OC_User::getUser()) && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
$l = \OC::$server->getL10N('core');
OC_JSON::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
//make sure the quota is in the expected format
$quota = (string) $_POST["quota"];
if ($quota !== 'none' and $quota !== 'default') {
$quota = OC_Helper::computerFileSize($quota);
$quota = OC_Helper::humanFileSize($quota);
}
// Return Success story
if ($username) {
\OC::$server->getConfig()->setUserValue($username, 'files', 'quota', $quota);
} else {
//set the default quota when no username is specified
if ($quota === 'default') {
//'default' as default quota makes no sense
$quota = 'none';
}
OC_Appconfig::setValue('files', 'default_quota', $quota);
}
OC_JSON::success(array("data" => array("username" => $username, 'quota' => $quota)));
// Init owncloud
global $eventSource;
if (!OC_User::isLoggedIn()) {
exit;
}
\OC::$server->getSession()->close();
// Get the params
$dir = isset($_REQUEST['dir']) ? '/' . trim($_REQUEST['dir'], '/\\') : '';
$filename = isset($_REQUEST['filename']) ? trim($_REQUEST['filename'], '/\\') : '';
$content = isset($_REQUEST['content']) ? $_REQUEST['content'] : '';
$source = isset($_REQUEST['source']) ? trim($_REQUEST['source'], '/\\') : '';
if ($source) {
$eventSource = \OC::$server->createEventSource();
} else {
OC_JSON::callCheck();
}
function progress($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max)
{
static $filesize = 0;
static $lastsize = 0;
global $eventSource;
switch ($notification_code) {
case STREAM_NOTIFY_FILE_SIZE_IS:
$filesize = $bytes_max;
break;
case STREAM_NOTIFY_PROGRESS:
if ($bytes_transferred > 0) {
if (!isset($filesize) || $filesize === 0) {
} else {
$progress = (int) ($bytes_transferred / $filesize * 100);
if ($app === 'core' && isset($_POST['key']) && (substr((string) $_POST['key'], 0, 7) === 'remote_' || substr((string) $_POST['key'], 0, 7) === 'public_')) {
OC_JSON::error(array('data' => array('message' => 'Unexpected error!')));
return;
}
$result = false;
$appConfig = \OC::$server->getAppConfig();
switch ($action) {
case 'getValue':
$result = $appConfig->getValue($app, (string) $_GET['key'], (string) $_GET['defaultValue']);
break;
case 'setValue':
$result = $appConfig->setValue($app, (string) $_POST['key'], (string) $_POST['value']);
break;
case 'getApps':
$result = $appConfig->getApps();
break;
case 'getKeys':
$result = $appConfig->getKeys($app);
break;
case 'hasKey':
$result = $appConfig->hasKey($app, (string) $_GET['key']);
break;
case 'deleteKey':
$result = $appConfig->deleteKey($app, (string) $_POST['key']);
break;
case 'deleteApp':
$result = $appConfig->deleteApp($app);
break;
}
OC_JSON::success(array('data' => $result));
<?php
/**
* Copyright (c) 2011 Bart Visscher <*****@*****.**>
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
require_once '../../../lib/base.php';
$l10n = new OC_L10N('calendar');
if (!OC_USER::isLoggedIn()) {
die("<script type=\"text/javascript\">document.location = oc_webroot;</script>");
}
OC_JSON::checkAppEnabled('calendar');
$calendar = array('id' => 'new', 'displayname' => '', 'calendarcolor' => '');
$tmpl = new OC_Template('calendar', 'part.editcalendar');
$tmpl->assign('new', true);
$tmpl->assign('calendar', $calendar);
$tmpl->printPage();
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
\OCP\JSON::checkAppEnabled('files_external_listing');
\OCP\JSON::checkLoggedIn();
\OCP\JSON::callCheck();
\OC_JSON::checkAdminUser();
$defaultDir = '/home';
if (\OC_Util::runningOnWindows()) {
$defaultDir = 'C:\\';
}
$localroot = OCP\Config::getAppValue('files_external_listing', 'starting_dir', $defaultDir);
if (isset($_POST['path'])) {
$path = realpath($_POST['path']);
if (strpos($path, $localroot) === 0 or empty($_POST['path'])) {
if (empty($_POST['path'])) {
$path = $localroot;
}
if (!is_dir($path)) {
//path is incorrect or is a file. Nothing to do, we work only with dirs
OCP\JSON::error(array('data' => array('message' => 'Incorrect path: ' . $_POST['path'])));
} elseif (isset($_POST['isnotempty']) && $_POST['isnotempty']) {
<?php
// Init owncloud
require_once '../../lib/base.php';
OC_JSON::checkLoggedIn();
// Get data
$dir = $_GET["dir"];
$file = $_GET["file"];
$target = $_GET["target"];
if (OC_Files::move($dir, $file, $target, $file)) {
OC_JSON::success(array("data" => array("dir" => $dir, "files" => $file)));
} else {
OC_JSON::error(array("data" => array("message" => "Could move {$file}")));
}
if (OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group)) {
$groups[] = $group;
}
}
if (count($groups) == 0) {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
}
} else {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
}
}
$username = $_POST["username"];
$password = $_POST["password"];
// Does the group exist?
if (in_array($username, OC_User::getUsers())) {
OC_JSON::error(array("data" => array("message" => "User already exists")));
exit;
}
// Return Success story
try {
OC_User::createUser($username, $password);
foreach ($groups as $i) {
if (!OC_Group::groupExists($i)) {
OC_Group::createGroup($i);
}
OC_Group::addToGroup($username, $i);
}
OC_JSON::success(array("data" => array("username" => $username, "groups" => implode(", ", OC_Group::getUserGroups($username)))));
} catch (Exception $exception) {
OC_JSON::error(array("data" => array("message" => $exception->getMessage())));
}
<?php
/**
* ownCloud - ajax frontend
*
* @author Jakob Sack
* @copyright 2011 Jakob Sack kde@jakobsack.de
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
$app = isset($_POST["app"]) ? $_POST["app"] : "";
$app = OC_App::cleanAppId($app);
$l = OC_L10N::get($app);
OC_JSON::success(array('data' => $l->getTranslations(), 'plural_form' => $l->getPluralFormString()));
<?php
/**
* Copyright (c) 2011 Georg Ehrke <ownclouddev at georgswebsite dot de>
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
require_once '../../../lib/base.php';
OC_JSON::checkLoggedIn();
$duration = OC_Preferences::getValue(OC_User::getUser(), 'calendar', 'duration', "60");
OC_JSON::encodedPrint(array("duration" => $duration));
?>
<?php
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
OCP\JSON::checkAppEnabled('bookmarks');
$l = new OC_l10n('bookmarks');
if (empty($_FILES)) {
OCP\Util::writeLog('bookmarks', "No file provided for import", \OCP\Util::WARN);
$error[] = $l->t('No file provided for import');
} elseif (isset($_FILES['bm_import'])) {
$file = $_FILES['bm_import']['tmp_name'];
if ($_FILES['bm_import']['type'] == 'text/html') {
$error = OC_Bookmarks_Bookmarks::importFile($file);
if (empty($errors)) {
OCP\JSON::success();
//force charset as not set by OC_JSON
header('Content-Type: application/json; charset=utf-8');
exit;
}
} else {
$error[] = $l->t('Unsupported file type for import');
}
}
OC_JSON::error(array('data' => $error));
//force charset as not set by OC_JSON
header('Content-Type: application/json; charset=utf-8');
exit;