public static function sendEmail($args)
{
$isEncrypted = OC_App::isEnabled('files_encryption');
if (!$isEncrypted || isset($_POST['continue'])) {
$continue = true;
} else {
$continue = false;
}
if (OC_User::userExists($_POST['user']) && $continue) {
$token = hash('sha256', OC_Util::generate_random_bytes(30) . OC_Config::getValue('passwordsalt', ''));
OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash('sha256', $token));
// Hash the token again to prevent timing attacks
$email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
if (!empty($email)) {
$link = OC_Helper::linkToRoute('core_lostpassword_reset', array('user' => $_POST['user'], 'token' => $token));
$link = OC_Helper::makeURLAbsolute($link);
$tmpl = new OC_Template('core/lostpassword', 'email');
$tmpl->assign('link', $link, false);
$msg = $tmpl->fetchPage();
$l = OC_L10N::get('core');
$from = OCP\Util::getDefaultEmailAddress('lostpassword-noreply');
try {
OC_Mail::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud');
} catch (Exception $e) {
OC_Template::printErrorPage('A problem occurs during sending the e-mail please contact your administrator.');
}
self::displayLostPasswordPage(false, true);
} else {
self::displayLostPasswordPage(true, false);
}
} else {
self::displayLostPasswordPage(true, false);
}
}
public static function sendEmail($args)
{
if (OC_User::userExists($_POST['user'])) {
$token = hash('sha256', OC_Util::generate_random_bytes(30) . OC_Config::getValue('passwordsalt', ''));
OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash('sha256', $token));
// Hash the token again to prevent timing attacks
$email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
if (!empty($email)) {
$link = OC_Helper::linkToRoute('core_lostpassword_reset', array('user' => $_POST['user'], 'token' => $token));
$link = OC_Helper::makeURLAbsolute($link);
$tmpl = new OC_Template('core/lostpassword', 'email');
$tmpl->assign('link', $link, false);
$msg = $tmpl->fetchPage();
$l = OC_L10N::get('core');
$from = 'lostpassword-noreply@' . OCP\Util::getServerHost();
OC_Mail::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud');
echo 'Mailsent';
self::displayLostPasswordPage(false, true);
} else {
self::displayLostPasswordPage(true, false);
}
} else {
self::displayLostPasswordPage(true, false);
}
}
public function dopre()
{
$user = OC_User::getUser();
if (!$user) {
return false;
}
if (!OC_User::isEnabled($user) && OC_User::userExists($user)) {
header('HTTP/1.1 401 Unauthorized');
header('Status: 401 Unauthorized');
$template = new \OC_Template('user_permission', 'userdisable', 'guest');
$template->printPage();
die;
}
}
/**
* @NoAdminRequired
* @NoCSRFRequired
* @PublicPage
*/
public function validateEmail()
{
$email = $this->request->getParam('email');
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
return new TemplateResponse('', 'error', array(array('error' => $this->l10n->t('Email address you entered is not valid'))), 'error');
return new TemplateResponse('', 'error', array('errors' => array(array('error' => $this->l10n->t('Email address you entered is not valid'), 'hint' => ''))), 'error');
}
if ($this->pendingreg->find($email)) {
return new TemplateResponse('', 'error', array('errors' => array(array('error' => $this->l10n->t('There is already a pending registration with this email'), 'hint' => ''))), 'error');
}
if ($this->config->getUsersForUserValue('settings', 'email', $email)) {
return new TemplateResponse('', 'error', array('errors' => array(array('error' => $this->l10n->t('There is an existing user with this email'), 'hint' => ''))), 'error');
}
// FEATURE: allow only from specific email domain
$token = $this->pendingreg->save($email);
//TODO: check for error
$link = $this->urlgenerator->linkToRoute('registration.register.verifyToken', array('token' => $token));
$link = $this->urlgenerator->getAbsoluteURL($link);
$from = Util::getDefaultEmailAddress('register');
$res = new TemplateResponse('registration', 'email', array('link' => $link), 'blank');
$msg = $res->render();
try {
$this->mail->sendMail($email, 'ownCloud User', $this->l10n->t('Verify your ownCloud registration request'), $msg, $from, 'ownCloud');
} catch (\Exception $e) {
\OC_Template::printErrorPage('A problem occurs during sending the e-mail please contact your administrator.');
return;
}
return new TemplateResponse('registration', 'message', array('msg' => $this->l10n->t('Verification email successfully sent.')), 'guest');
}
/**
* insert the @input values when they do not exist yet
* @param string $table name
* @param array $input key->value pairs
* @return int count of inserted rows
*/
public function insertIfNotExist($table, $input)
{
$query = 'INSERT INTO `' . $table . '` (`' . implode('`,`', array_keys($input)) . '`) SELECT ' . str_repeat('?,', count($input) - 1) . '? ' . 'FROM `' . $table . '` WHERE ';
$inserts = array_values($input);
foreach ($input as $key => $value) {
$query .= '`' . $key . '`';
if (is_null($value)) {
$query .= ' IS NULL AND ';
} else {
$inserts[] = $value;
$query .= ' = ? AND ';
}
}
$query = substr($query, 0, strlen($query) - 5);
$query .= ' HAVING COUNT(*) = 0';
try {
return $this->conn->executeUpdate($query, $inserts);
} catch (\Doctrine\DBAL\DBALException $e) {
$entry = 'DB Error: "' . $e->getMessage() . '"<br />';
$entry .= 'Offending command was: ' . $query . '<br />';
\OC_Log::write('core', $entry, \OC_Log::FATAL);
error_log('DB error: ' . $entry);
\OC_Template::printErrorPage($entry);
}
}
public function display($post)
{
$defaults = array('adminlogin' => '', 'adminpass' => '', 'dbuser' => '', 'dbpass' => '', 'dbname' => '', 'dbtablespace' => '', 'dbhost' => 'localhost', 'dbtype' => '');
$parameters = array_merge($defaults, $post);
\OC_Util::addVendorScript('strengthify/jquery.strengthify');
\OC_Util::addVendorStyle('strengthify/strengthify');
\OC_Util::addScript('setup');
\OC_Template::printGuestPage('', 'installation', $parameters);
}
public function run()
{
if (!\OC_Template::isAssetPipelineEnabled()) {
$this->emit('\\OC\\Repair', 'info', array('Asset pipeline disabled -> nothing to do'));
return;
}
$assetDir = \OC::$SERVERROOT . '/assets';
\OC_Helper::rmdirr($assetDir, false);
$this->emit('\\OC\\Repair', 'info', array('Asset cache cleared.'));
}
public function run()
{
if (!\OC_Template::isAssetPipelineEnabled()) {
$this->emit('\\OC\\Repair', 'info', array('Asset pipeline disabled -> nothing to do'));
return;
}
$assetDir = \OC::$server->getConfig()->getSystemValue('assetdirectory', \OC::$SERVERROOT) . '/assets';
\OC_Helper::rmdirr($assetDir, false);
$this->emit('\\OC\\Repair', 'info', array('Asset cache cleared.'));
}
public function run(IOutput $output)
{
if (!\OC_Template::isAssetPipelineEnabled()) {
$output->info('Asset pipeline disabled -> nothing to do');
return;
}
$assetDir = \OC::$server->getConfig()->getSystemValue('assetdirectory', \OC::$SERVERROOT) . '/assets';
\OC_Helper::rmdirr($assetDir, false);
$output->info('Asset cache cleared.');
}
public static function av_scan($path)
{
$path = $path[\OC\Files\Filesystem::signal_param_path];
if ($path != '') {
$files_view = \OCP\Files::getStorage("files");
if ($files_view->file_exists($path)) {
$root = OC_User::getHome(OC_User::getUser()) . '/files';
$file = $root . $path;
$result = self::clamav_scan($file);
switch ($result) {
case CLAMAV_SCANRESULT_UNCHECKED:
//TODO: Show warning to the user: The file can not be checked
break;
case CLAMAV_SCANRESULT_INFECTED:
//remove file
$files_view->unlink($path);
OCP\JSON::error(array("data" => array("message" => "Virus detected! Can't upload the file.")));
$email = OC_Preferences::getValue(OC_User::getUser(), 'settings', 'email', '');
\OCP\Util::writeLog('files_antivirus', 'Email: ' . $email, \OCP\Util::DEBUG);
if (!empty($email)) {
$tmpl = new OC_Template('files_antivirus', 'notification');
$tmpl->assign('file', $path);
$tmpl->assign('host', OCP\Util::getServerHost());
$tmpl->assign('user', OC_User::getUser());
$msg = $tmpl->fetchPage();
$from = OCP\Util::getDefaultEmailAddress('security-noreply');
OCP\Util::sendMail($email, OC_User::getUser(), 'Malware detected', $msg, $from, 'ownCloud', 1);
}
exit;
break;
case CLAMAV_SCANRESULT_CLEAN:
//do nothing
break;
}
}
}
}
public function insertIfNotExist($table, $input)
{
// NOTE: For SQLite we have to use this clumsy approach
// otherwise all fieldnames used must have a unique key.
$query = 'SELECT COUNT(*) FROM `' . $table . '` WHERE ';
$inserts = array();
foreach ($input as $key => $value) {
$query .= '`' . $key . '`';
if (is_null($value)) {
$query .= ' IS NULL AND ';
} else {
$inserts[] = $value;
$query .= ' = ? AND ';
}
}
$query = substr($query, 0, strlen($query) - 5);
try {
$stmt = $this->conn->prepare($query);
$result = $stmt->execute($inserts);
} catch (\Doctrine\DBAL\DBALException $e) {
$entry = 'DB Error: "' . $e->getMessage() . '"<br />';
$entry .= 'Offending command was: ' . $query . '<br />';
\OC_Log::write('core', $entry, \OC_Log::FATAL);
error_log('DB error: ' . $entry);
\OC_Template::printErrorPage($entry);
}
if ($stmt->fetchColumn() === '0') {
$query = 'INSERT INTO `' . $table . '` (`' . implode('`,`', array_keys($input)) . '`) VALUES(' . str_repeat('?,', count($input) - 1) . '? ' . ')';
} else {
return 0;
//no rows updated
}
try {
$statement = $this->conn->prepare($query);
$result = $statement->execute(array_values($input));
} catch (\Doctrine\DBAL\DBALException $e) {
$entry = 'DB Error: "' . $e->getMessage() . '"<br />';
$entry .= 'Offending command was: ' . $query . '<br />';
\OC_Log::write('core', $entry, \OC_Log::FATAL);
error_log('DB error: ' . $entry);
\OC_Template::printErrorPage($entry);
}
return $result;
}
/**
* @param Exception $e
*/
function handleException(Exception $e)
{
$request = \OC::$server->getRequest();
// in case the request content type is text/xml - we assume it's a WebDAV request
$isXmlContentType = strpos($request->getHeader('Content-Type'), 'text/xml');
if ($isXmlContentType === 0) {
// fire up a simple server to properly process the exception
$server = new Server();
if (!$e instanceof RemoteException) {
// we shall not log on RemoteException
$server->addPlugin(new ExceptionLoggerPlugin('webdav', \OC::$server->getLogger()));
}
$server->on('beforeMethod', function () use($e) {
if ($e instanceof RemoteException) {
switch ($e->getCode()) {
case OC_Response::STATUS_SERVICE_UNAVAILABLE:
throw new ServiceUnavailable($e->getMessage());
case OC_Response::STATUS_NOT_FOUND:
throw new \Sabre\DAV\Exception\NotFound($e->getMessage());
}
}
$class = get_class($e);
$msg = $e->getMessage();
throw new ServiceUnavailable("{$class}: {$msg}");
});
$server->exec();
} else {
$statusCode = OC_Response::STATUS_INTERNAL_SERVER_ERROR;
if ($e instanceof \OC\ServiceUnavailableException) {
$statusCode = OC_Response::STATUS_SERVICE_UNAVAILABLE;
}
if ($e instanceof RemoteException) {
// we shall not log on RemoteException
OC_Response::setStatus($e->getCode());
OC_Template::printErrorPage($e->getMessage());
} else {
\OCP\Util::writeLog('remote', $e->getMessage(), \OCP\Util::FATAL);
OC_Response::setStatus($statusCode);
OC_Template::printExceptionErrorPage($e);
}
}
}
<?php
/**
* ownCloud - Cloudpress
*
* @author Bastien Ho (EELV - Urbancube)
* @copyleft 2012 bastienho@urbancube.fr
* @projeturl http://ecolosites.eelv.fr
*
* Free Software under creative commons licence
* http://creativecommons.org/licenses/by-nc/3.0/
* Attribution-NonCommercial 3.0 Unported (CC BY-NC 3.0)
*
* You are free:
* to Share — to copy, distribute and transmit the work
* to Remix — to adapt the work
*
* Under the following conditions:
* Attribution — You must attribute the work in the manner specified by the author or licensor (but not in any way that
* suggests that they endorse you or your use of the work).
* Noncommercial — You may not use this work for commercial purposes.
*
*/
$wp_instance = new OC_wordpress();
// fill template
$tmpl = new OC_Template('user_wordpress', 'settings');
foreach ($wp_instance->params as $param => $value) {
$tmpl->assign($param, $value);
}
return $tmpl->fetchPage();
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
use OC\Lock\NoopLockingProvider;
OC_Util::checkAdminUser();
OC_App::setActiveNavigationEntry("admin");
$template = new OC_Template('settings', 'admin', 'user');
$l = OC_L10N::get('settings');
$showLog = \OC::$server->getConfig()->getSystemValue('log_type', 'owncloud') === 'owncloud';
$numEntriesToLoad = 3;
$entries = OC_Log_Owncloud::getEntries($numEntriesToLoad + 1);
$entriesRemaining = count($entries) > $numEntriesToLoad;
$entries = array_slice($entries, 0, $numEntriesToLoad);
$logFilePath = OC_Log_Owncloud::getLogFilePath();
$doesLogFileExist = file_exists($logFilePath);
$logFileSize = filesize($logFilePath);
$config = \OC::$server->getConfig();
$appConfig = \OC::$server->getAppConfig();
$request = \OC::$server->getRequest();
// Should we display sendmail as an option?
$template->assign('sendmail_is_available', (bool) \OC_Helper::findBinaryPath('sendmail'));
$template->assign('loglevel', $config->getSystemValue("loglevel", 2));
/**
* @param string $renderAs
* @param string $appId application id
*/
public function __construct($renderAs, $appId = '')
{
// yes - should be injected ....
$this->config = \OC::$server->getConfig();
// Decide which page we show
if ($renderAs == 'user') {
parent::__construct('core', 'layout.user');
if (in_array(OC_App::getCurrentApp(), ['settings', 'admin', 'help']) !== false) {
$this->assign('bodyid', 'body-settings');
} else {
$this->assign('bodyid', 'body-user');
}
// Update notification
if ($this->config->getSystemValue('updatechecker', true) === true && OC_User::isAdminUser(OC_User::getUser())) {
$updater = new \OC\Updater(\OC::$server->getHTTPHelper(), \OC::$server->getConfig());
$data = $updater->check();
if (isset($data['version']) && $data['version'] != '' and $data['version'] !== array()) {
$this->assign('updateAvailable', true);
$this->assign('updateVersion', $data['versionstring']);
$this->assign('updateLink', $data['web']);
\OCP\Util::addScript('core', 'update-notification');
} else {
$this->assign('updateAvailable', false);
// No update available or not an admin user
}
} else {
$this->assign('updateAvailable', false);
// Update check is disabled
}
// Add navigation entry
$this->assign('application', '');
$this->assign('appid', $appId);
$navigation = OC_App::getNavigation();
$this->assign('navigation', $navigation);
$settingsNavigation = OC_App::getSettingsNavigation();
$this->assign('settingsnavigation', $settingsNavigation);
foreach ($navigation as $entry) {
if ($entry['active']) {
$this->assign('application', $entry['name']);
break;
}
}
foreach ($settingsNavigation as $entry) {
if ($entry['active']) {
$this->assign('application', $entry['name']);
break;
}
}
$userDisplayName = OC_User::getDisplayName();
$this->assign('user_displayname', $userDisplayName);
$this->assign('user_uid', OC_User::getUser());
$this->assign('appsmanagement_active', strpos(\OC::$server->getRequest()->getRequestUri(), \OC::$server->getURLGenerator()->linkToRoute('settings.AppSettings.viewApps')) === 0);
$this->assign('enableAvatars', $this->config->getSystemValue('enable_avatars', true));
$this->assign('userAvatarSet', \OC_Helper::userAvatarSet(OC_User::getUser()));
} else {
if ($renderAs == 'error') {
parent::__construct('core', 'layout.guest', '', false);
$this->assign('bodyid', 'body-login');
} else {
if ($renderAs == 'guest') {
parent::__construct('core', 'layout.guest');
$this->assign('bodyid', 'body-login');
} else {
parent::__construct('core', 'layout.base');
}
}
}
// Send the language to our layouts
$this->assign('language', OC_L10N::findLanguage());
if (empty(self::$versionHash)) {
$v = OC_App::getAppVersions();
$v['core'] = implode('.', \OC_Util::getVersion());
self::$versionHash = md5(implode(',', $v));
}
$useAssetPipeline = self::isAssetPipelineEnabled();
if ($useAssetPipeline) {
$this->append('jsfiles', OC_Helper::linkToRoute('js_config', array('v' => self::$versionHash)));
$this->generateAssets();
} else {
// Add the js files
$jsFiles = self::findJavascriptFiles(OC_Util::$scripts);
$this->assign('jsfiles', array(), false);
if ($this->config->getSystemValue('installed', false) && $renderAs != 'error') {
$this->append('jsfiles', OC_Helper::linkToRoute('js_config', array('v' => self::$versionHash)));
}
foreach ($jsFiles as $info) {
$web = $info[1];
$file = $info[2];
$this->append('jsfiles', $web . '/' . $file . '?v=' . self::$versionHash);
}
// Add the css files
$cssFiles = self::findStylesheetFiles(OC_Util::$styles);
$this->assign('cssfiles', array());
foreach ($cssFiles as $info) {
$web = $info[1];
$file = $info[2];
$this->append('cssfiles', $web . '/' . $file . '?v=' . self::$versionHash);
}
}
}
// warn if Windows is used
$template->assign('WindowsWarning', OC_Util::runningOnWindows());
// warn if outdated version of a memcache module is used
$caches = ['apcu' => ['name' => $l->t('APCu'), 'version' => '4.0.6'], 'redis' => ['name' => $l->t('Redis'), 'version' => '2.2.5']];
$outdatedCaches = [];
foreach ($caches as $php_module => $data) {
$isOutdated = extension_loaded($php_module) && version_compare(phpversion($php_module), $data['version'], '<');
if ($isOutdated) {
$outdatedCaches[$php_module] = $data;
}
}
$template->assign('OutdatedCacheWarning', $outdatedCaches);
// add hardcoded forms from the template
$forms = OC_App::getForms('admin');
if ($config->getSystemValue('enable_certificate_management', false)) {
$certificatesTemplate = new OC_Template('settings', 'certificates');
$certificatesTemplate->assign('type', 'admin');
$certificatesTemplate->assign('uploadRoute', 'settings.Certificate.addSystemRootCertificate');
$certificatesTemplate->assign('certs', $certificateManager->listCertificates());
$certificatesTemplate->assign('urlGenerator', $urlGenerator);
$forms[] = $certificatesTemplate->fetchPage();
}
$formsAndMore = array();
if ($request->getServerProtocol() !== 'https' || !OC_Util::isAnnotationsWorking() || $suggestedOverwriteCliUrl || !OC_Util::isSetLocaleWorking() || !OC_Util::fileInfoLoaded() || $databaseOverload) {
$formsAndMore[] = array('anchor' => 'security-warning', 'section-name' => $l->t('Security & setup warnings'));
}
$formsAndMore[] = array('anchor' => 'shareAPI', 'section-name' => $l->t('Sharing'));
$formsAndMore[] = ['anchor' => 'encryptionAPI', 'section-name' => $l->t('Server-side encryption')];
// Prioritize fileSharingSettings and files_external and move updater to the version
$fileSharingSettings = $filesExternal = $updaterAppPanel = $ocDefaultEncryptionModulePanel = '';
foreach ($forms as $index => $form) {
list($service) = explode('/', $pathInfo);
}
$file = OCP\CONFIG::getAppValue('core', 'public_' . strip_tags($service));
if (is_null($file)) {
header('HTTP/1.0 404 Not Found');
exit;
}
$parts = explode('/', $file, 2);
$app = $parts[0];
// Load all required applications
\OC::$REQUESTEDAPP = $app;
OC_App::loadApps(array('authentication'));
OC_App::loadApps(array('filesystem', 'logging'));
if (!\OC::$server->getAppManager()->isInstalled($app)) {
throw new Exception('App not installed: ' . $app);
}
OC_App::loadApp($app);
OC_User::setIncognitoMode(true);
$baseuri = OC::$WEBROOT . '/public.php/' . $service . '/';
require_once OC_App::getAppPath($app) . '/' . $parts[1];
} catch (\OC\ServiceUnavailableException $ex) {
//show the user a detailed error page
OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
\OCP\Util::writeLog('remote', $ex->getMessage(), \OCP\Util::FATAL);
OC_Template::printExceptionErrorPage($ex);
} catch (Exception $ex) {
//show the user a detailed error page
OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR);
\OCP\Util::writeLog('remote', $ex->getMessage(), \OCP\Util::FATAL);
OC_Template::printExceptionErrorPage($ex);
}
/**
* @param string $renderAs
* @param string $appId application id
*/
public function __construct($renderAs, $appId = '')
{
// yes - should be injected ....
$this->config = \OC::$server->getConfig();
// Decide which page we show
if ($renderAs == 'user') {
parent::__construct('core', 'layout.user');
if (in_array(\OC_App::getCurrentApp(), ['settings', 'admin', 'help']) !== false) {
$this->assign('bodyid', 'body-settings');
} else {
$this->assign('bodyid', 'body-user');
}
// Code integrity notification
$integrityChecker = \OC::$server->getIntegrityCodeChecker();
if (!$integrityChecker->hasPassedCheck()) {
\OCP\Util::addScript('core', 'integritycheck-failed-notification');
}
// Add navigation entry
$this->assign('application', '');
$this->assign('appid', $appId);
$navigation = \OC_App::getNavigation();
$this->assign('navigation', $navigation);
$settingsNavigation = \OC_App::getSettingsNavigation();
$this->assign('settingsnavigation', $settingsNavigation);
foreach ($navigation as $entry) {
if ($entry['active']) {
$this->assign('application', $entry['name']);
break;
}
}
foreach ($settingsNavigation as $entry) {
if ($entry['active']) {
$this->assign('application', $entry['name']);
break;
}
}
$userDisplayName = \OC_User::getDisplayName();
$appsMgmtActive = strpos(\OC::$server->getRequest()->getRequestUri(), \OC::$server->getURLGenerator()->linkToRoute('settings.AppSettings.viewApps')) === 0;
if ($appsMgmtActive) {
$l = \OC::$server->getL10N('lib');
$this->assign('application', $l->t('Apps'));
}
$this->assign('user_displayname', $userDisplayName);
$this->assign('user_uid', \OC_User::getUser());
$this->assign('appsmanagement_active', $appsMgmtActive);
$this->assign('enableAvatars', $this->config->getSystemValue('enable_avatars', true) === true);
if (\OC_User::getUser() === false) {
$this->assign('userAvatarSet', false);
} else {
$this->assign('userAvatarSet', \OC::$server->getAvatarManager()->getAvatar(\OC_User::getUser())->exists());
}
} else {
if ($renderAs == 'error') {
parent::__construct('core', 'layout.guest', '', false);
$this->assign('bodyid', 'body-login');
} else {
if ($renderAs == 'guest') {
parent::__construct('core', 'layout.guest');
$this->assign('bodyid', 'body-login');
} else {
parent::__construct('core', 'layout.base');
}
}
}
// Send the language to our layouts
$this->assign('language', \OC_L10N::findLanguage());
if (\OC::$server->getSystemConfig()->getValue('installed', false)) {
if (empty(self::$versionHash)) {
$v = \OC_App::getAppVersions();
$v['core'] = implode('.', \OCP\Util::getVersion());
self::$versionHash = md5(implode(',', $v));
}
} else {
self::$versionHash = md5('not installed');
}
$useAssetPipeline = self::isAssetPipelineEnabled();
if ($useAssetPipeline) {
$this->append('jsfiles', \OC::$server->getURLGenerator()->linkToRoute('js_config', ['v' => self::$versionHash]));
$this->generateAssets();
} else {
// Add the js files
$jsFiles = self::findJavascriptFiles(\OC_Util::$scripts);
$this->assign('jsfiles', array());
if ($this->config->getSystemValue('installed', false) && $renderAs != 'error') {
$this->append('jsfiles', \OC::$server->getURLGenerator()->linkToRoute('js_config', ['v' => self::$versionHash]));
}
foreach ($jsFiles as $info) {
$web = $info[1];
$file = $info[2];
$this->append('jsfiles', $web . '/' . $file . '?v=' . self::$versionHash);
}
// Add the css files
$cssFiles = self::findStylesheetFiles(\OC_Util::$styles);
$this->assign('cssfiles', array());
foreach ($cssFiles as $info) {
$web = $info[1];
$file = $info[2];
$this->append('cssfiles', $web . '/' . $file . '?v=' . self::$versionHash);
}
}
}
/**
* return the content of a file or return a zip file containing multiple files
*
* @param string $dir
* @param string $files ; separated list of files to download
* @param boolean $only_header ; boolean to only send header of the request
*/
public static function get($dir, $files, $only_header = false)
{
$view = \OC\Files\Filesystem::getView();
$xsendfile = false;
if (\OC::$server->getLockingProvider() instanceof NoopLockingProvider) {
if (isset($_SERVER['MOD_X_SENDFILE_ENABLED']) || isset($_SERVER['MOD_X_SENDFILE2_ENABLED']) || isset($_SERVER['MOD_X_ACCEL_REDIRECT_ENABLED'])) {
$xsendfile = true;
}
}
if (is_array($files) && count($files) === 1) {
$files = $files[0];
}
if (is_array($files)) {
$get_type = self::ZIP_FILES;
$basename = basename($dir);
if ($basename) {
$name = $basename . '.zip';
} else {
$name = 'download.zip';
}
$filename = $dir . '/' . $name;
} else {
$filename = $dir . '/' . $files;
if (\OC\Files\Filesystem::is_dir($dir . '/' . $files)) {
$get_type = self::ZIP_DIR;
// downloading root ?
if ($files === '') {
$name = 'download.zip';
} else {
$name = $files . '.zip';
}
} else {
$get_type = self::FILE;
$name = $files;
}
}
if ($get_type === self::FILE) {
$zip = false;
if ($xsendfile && \OC::$server->getEncryptionManager()->isEnabled()) {
$xsendfile = false;
}
} else {
$zip = new ZipStreamer(false);
}
OC_Util::obEnd();
try {
if ($get_type === self::FILE) {
$view->lockFile($filename, ILockingProvider::LOCK_SHARED);
}
if ($zip or \OC\Files\Filesystem::isReadable($filename)) {
self::sendHeaders($filename, $name, $zip);
} elseif (!\OC\Files\Filesystem::file_exists($filename)) {
header("HTTP/1.0 404 Not Found");
$tmpl = new OC_Template('', '404', 'guest');
$tmpl->printPage();
exit;
} else {
header("HTTP/1.0 403 Forbidden");
die('403 Forbidden');
}
if ($only_header) {
return;
}
if ($zip) {
$executionTime = intval(ini_get('max_execution_time'));
set_time_limit(0);
if ($get_type === self::ZIP_FILES) {
foreach ($files as $file) {
$file = $dir . '/' . $file;
if (\OC\Files\Filesystem::is_file($file)) {
$fh = \OC\Files\Filesystem::fopen($file, 'r');
$zip->addFileFromStream($fh, basename($file));
fclose($fh);
} elseif (\OC\Files\Filesystem::is_dir($file)) {
self::zipAddDir($file, $zip);
}
}
} elseif ($get_type === self::ZIP_DIR) {
$file = $dir . '/' . $files;
self::zipAddDir($file, $zip);
}
$zip->finalize();
set_time_limit($executionTime);
} else {
if ($xsendfile) {
/** @var $storage \OC\Files\Storage\Storage */
list($storage) = $view->resolvePath($filename);
if ($storage->isLocal()) {
self::addSendfileHeader($filename);
} else {
\OC\Files\Filesystem::readfile($filename);
}
} else {
\OC\Files\Filesystem::readfile($filename);
}
}
if ($get_type === self::FILE) {
$view->unlockFile($filename, ILockingProvider::LOCK_SHARED);
}
} catch (\OCP\Lock\LockedException $ex) {
$l = \OC::$server->getL10N('core');
$hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
\OC_Template::printErrorPage($l->t('File is currently busy, please try again later'), $hint);
} catch (\Exception $ex) {
$l = \OC::$server->getL10N('core');
$hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
\OC_Template::printErrorPage($l->t('Can\'t read file'), $hint);
}
}
<?php
if (!isset($_)) {
//allow the template to be loaded standalone
require_once '../../../lib/base.php';
$tmpl = new OC_Template('media', 'player');
$tmpl->printPage();
exit;
}
?>
Music
<div class='player-controls' id="playercontrols">
<div class="player" id="jp-player"></div>
<ul class="jp-controls">
<li><a href="#" class="jp-play action"><img class="svg" alt="<?php
echo $l->t('Play');
?>
" src="<?php
echo image_path('core', 'actions/play.svg');
?>
" /></a></li>
<li><a href="#" class="jp-pause action"><img class="svg" alt="<?php
echo $l->t('Pause');
?>
" src="<?php
echo image_path('core', 'actions/pause.svg');
?>
" /></a></li>
<li><a href="#" class="jp-next action"><img class="svg" alt="<?php
echo $l->t('Next');
?>
/**
* create mail body for plain text and html mail
*
* @param string $password one-time encryption password
* @return array an array of the html mail body and the plain text mail body
*/
protected function createMailBody($password)
{
$html = new \OC_Template("encryption", "mail", "");
$html->assign('password', $password);
$htmlMail = $html->fetchPage();
$plainText = new \OC_Template("encryption", "altmail", "");
$plainText->assign('password', $password);
$plainTextMail = $plainText->fetchPage();
return [$htmlMail, $plainTextMail];
}
/**
* @param array $errors
*/
public static function displayLoginPage($errors = array())
{
$parameters = array();
foreach ($errors as $value) {
$parameters[$value] = true;
}
if (!empty($_REQUEST['user'])) {
$parameters["username"] = $_REQUEST['user'];
$parameters['user_autofocus'] = false;
} else {
$parameters["username"] = '';
$parameters['user_autofocus'] = true;
}
if (isset($_REQUEST['redirect_url'])) {
$redirectUrl = $_REQUEST['redirect_url'];
$parameters['redirect_url'] = urlencode($redirectUrl);
}
$parameters['alt_login'] = OC_App::getAlternativeLogIns();
$parameters['rememberLoginAllowed'] = self::rememberLoginAllowed();
OC_Template::printGuestPage("", "login", $parameters);
}
/**
* return the content of a file or return a zip file containing multiple files
*
* @param string $dir
* @param string $files ; separated list of files to download
* @param boolean $only_header ; boolean to only send header of the request
*/
public static function get($dir, $files, $only_header = false)
{
$xsendfile = false;
if (isset($_SERVER['MOD_X_SENDFILE_ENABLED']) || isset($_SERVER['MOD_X_SENDFILE2_ENABLED']) || isset($_SERVER['MOD_X_ACCEL_REDIRECT_ENABLED'])) {
$xsendfile = true;
}
if (is_array($files) && count($files) === 1) {
$files = $files[0];
}
if (is_array($files)) {
$get_type = GET_TYPE::ZIP_FILES;
$basename = basename($dir);
if ($basename) {
$name = $basename . '.zip';
} else {
$name = 'download.zip';
}
$filename = $dir . '/' . $name;
} else {
$filename = $dir . '/' . $files;
if (\OC\Files\Filesystem::is_dir($dir . '/' . $files)) {
$get_type = GET_TYPE::ZIP_DIR;
// downloading root ?
if ($files === '') {
$name = 'download.zip';
} else {
$name = $files . '.zip';
}
} else {
$get_type = GET_TYPE::FILE;
$name = $files;
}
}
if ($get_type === GET_TYPE::FILE) {
$zip = false;
if ($xsendfile && OC_App::isEnabled('files_encryption')) {
$xsendfile = false;
}
} else {
$zip = new ZipStreamer(false);
}
OC_Util::obEnd();
if ($zip or \OC\Files\Filesystem::isReadable($filename)) {
self::sendHeaders($filename, $name, $zip);
} elseif (!\OC\Files\Filesystem::file_exists($filename)) {
header("HTTP/1.0 404 Not Found");
$tmpl = new OC_Template('', '404', 'guest');
$tmpl->assign('file', $name);
$tmpl->printPage();
} else {
header("HTTP/1.0 403 Forbidden");
die('403 Forbidden');
}
if ($only_header) {
return;
}
if ($zip) {
$executionTime = intval(ini_get('max_execution_time'));
set_time_limit(0);
if ($get_type === GET_TYPE::ZIP_FILES) {
foreach ($files as $file) {
$file = $dir . '/' . $file;
if (\OC\Files\Filesystem::is_file($file)) {
$fh = \OC\Files\Filesystem::fopen($file, 'r');
$zip->addFileFromStream($fh, basename($file));
fclose($fh);
} elseif (\OC\Files\Filesystem::is_dir($file)) {
self::zipAddDir($file, $zip);
}
}
} elseif ($get_type === GET_TYPE::ZIP_DIR) {
$file = $dir . '/' . $files;
self::zipAddDir($file, $zip);
}
$zip->finalize();
set_time_limit($executionTime);
} else {
if ($xsendfile) {
$view = \OC\Files\Filesystem::getView();
/** @var $storage \OC\Files\Storage\Storage */
list($storage) = $view->resolvePath($filename);
if ($storage->isLocal()) {
self::addSendfileHeader($filename);
} else {
\OC\Files\Filesystem::readfile($filename);
}
} else {
\OC\Files\Filesystem::readfile($filename);
}
}
}
if (defined("DEBUG") && DEBUG) {
OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG);
}
$token = md5($_POST["user"] . time() . $_POST['password']);
OC_Preferences::setValue($_POST['user'], 'login', 'token', $token);
OC_User::setMagicInCookie($_POST["user"], $token);
} else {
OC_User::unsetMagicInCookie();
}
OC_Util::redirectToDefaultPage();
} else {
$error = true;
}
// The user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
} elseif (isset($_SERVER["PHP_AUTH_USER"]) && isset($_SERVER["PHP_AUTH_PW"])) {
if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) {
//OC_Log::write('core',"Logged in with HTTP Authentication",OC_Log::DEBUG);
OC_User::unsetMagicInCookie();
$_REQUEST['redirect_url'] = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
OC_Util::redirectToDefaultPage();
} else {
$error = true;
}
}
if (!array_key_exists('sectoken', $_SESSION) || array_key_exists('sectoken', $_SESSION) && is_null(OC::$REQUESTEDFILE) || substr(OC::$REQUESTEDFILE, -3) == 'php') {
$sectoken = rand(1000000, 9999999);
$_SESSION['sectoken'] = $sectoken;
$redirect_url = isset($_REQUEST['redirect_url']) ? OC_Util::sanitizeHTML($_REQUEST['redirect_url']) : $_SERVER['REQUEST_URI'];
OC_Template::printGuestPage('', 'login', array('error' => $error, 'sectoken' => $sectoken, 'redirect' => $redirect_url));
}
}
/**
* checks if the selected files are within the size constraint. If not, outputs an error page.
*
* @param dir $dir
* @param files $files
*/
static function validateZipDownload($dir, $files)
{
if (!OC_Config::getValue('allowZipDownload', true)) {
$l = OC_L10N::get('files');
header("HTTP/1.0 409 Conflict");
$tmpl = new OC_Template('', 'error', 'user');
$errors = array(array('error' => $l->t('ZIP download is turned off.'), 'hint' => $l->t('Files need to be downloaded one by one.') . '<br/><a href="javascript:history.back()">' . $l->t('Back to Files') . '</a>'));
$tmpl->assign('errors', $errors);
$tmpl->printPage();
exit;
}
$zipLimit = OC_Config::getValue('maxZipInputSize', OC_Helper::computerFileSize('800 MB'));
if ($zipLimit > 0) {
$totalsize = 0;
if (is_array($files)) {
foreach ($files as $file) {
$totalsize += OC_Filesystem::filesize($dir . '/' . $file);
}
} else {
$totalsize += OC_Filesystem::filesize($dir . '/' . $files);
}
if ($totalsize > $zipLimit) {
$l = OC_L10N::get('files');
header("HTTP/1.0 409 Conflict");
$tmpl = new OC_Template('', 'error', 'user');
$errors = array(array('error' => $l->t('Selected files too large to generate zip file.'), 'hint' => 'Download the files in smaller chunks, seperately or kindly ask your administrator.<br/><a href="javascript:history.back()">' . $l->t('Back to Files') . '</a>'));
$tmpl->assign('errors', $errors);
$tmpl->printPage();
exit;
}
}
}
/**
* @param View $view
* @param string $name
* @param string $dir
* @param boolean $onlyHeader
*/
private static function getSingleFile($view, $dir, $name, $onlyHeader)
{
$filename = $dir . '/' . $name;
OC_Util::obEnd();
$view->lockFile($filename, ILockingProvider::LOCK_SHARED);
if (\OC\Files\Filesystem::isReadable($filename)) {
self::sendHeaders($filename, $name);
} elseif (!\OC\Files\Filesystem::file_exists($filename)) {
header("HTTP/1.0 404 Not Found");
$tmpl = new OC_Template('', '404', 'guest');
$tmpl->printPage();
exit;
} else {
header("HTTP/1.0 403 Forbidden");
die('403 Forbidden');
}
if ($onlyHeader) {
return;
}
$view->readfile($filename);
}
if (isset($group['id'])) {
$gids[] = $group['id'];
}
}
$subadmins = false;
}
// load preset quotas
$quotaPreset = $config->getAppValue('files', 'quota_preset', '1 GB, 5 GB, 10 GB');
$quotaPreset = explode(',', $quotaPreset);
foreach ($quotaPreset as &$preset) {
$preset = trim($preset);
}
$quotaPreset = array_diff($quotaPreset, array('default', 'none'));
$defaultQuota = $config->getAppValue('files', 'default_quota', 'none');
$defaultQuotaIsUserDefined = array_search($defaultQuota, $quotaPreset) === false && array_search($defaultQuota, array('none', 'default')) === false;
$tmpl = new OC_Template("settings", "users/main", "user");
$tmpl->assign('groups', $groups);
$tmpl->assign('sortGroups', $sortGroupsBy);
$tmpl->assign('adminGroup', $adminGroup);
$tmpl->assign('isAdmin', (int) $isAdmin);
$tmpl->assign('subadmins', $subadmins);
$tmpl->assign('numofgroups', count($groups) + count($adminGroup));
$tmpl->assign('quota_preset', $quotaPreset);
$tmpl->assign('default_quota', $defaultQuota);
$tmpl->assign('defaultQuotaIsUserDefined', $defaultQuotaIsUserDefined);
$tmpl->assign('recoveryAdminEnabled', $recoveryAdminEnabled);
$tmpl->assign('enableAvatars', \OC::$server->getConfig()->getSystemValue('enable_avatars', true));
$tmpl->assign('show_storage_location', $config->getAppValue('core', 'umgmt_show_storage_location', 'false'));
$tmpl->assign('show_last_login', $config->getAppValue('core', 'umgmt_show_last_login', 'false'));
$tmpl->assign('show_email', $config->getAppValue('core', 'umgmt_show_email', 'false'));
$tmpl->assign('show_backend', $config->getAppValue('core', 'umgmt_show_backend', 'false'));
/**
* Ends dialog when session is in full web
*/
function denyOnWeb($respons)
{
\OC_Template::printErrorPage($this->getNiceMessage($respons));
$this->doesExit();
}
public function __construct($renderas)
{
// Decide which page we show
if ($renderas == 'user') {
parent::__construct('core', 'layout.user');
if (in_array(OC_APP::getCurrentApp(), array('settings', 'admin', 'help')) !== false) {
$this->assign('bodyid', 'body-settings', false);
} else {
$this->assign('bodyid', 'body-user', false);
}
// Add navigation entry
$navigation = OC_App::getNavigation();
$this->assign('navigation', $navigation, false);
$this->assign('settingsnavigation', OC_App::getSettingsNavigation(), false);
foreach ($navigation as $entry) {
if ($entry['active']) {
$this->assign('application', $entry['name'], false);
break;
}
}
} else {
if ($renderas == 'guest') {
parent::__construct('core', 'layout.guest');
} else {
parent::__construct('core', 'layout.base');
}
}
$apps_paths = array();
foreach (OC_App::getEnabledApps() as $app) {
$apps_paths[$app] = OC_App::getAppWebPath($app);
}
$this->assign('apps_paths', str_replace('\\/', '/', json_encode($apps_paths)), false);
// Ugly unescape slashes waiting for better solution
if (OC_Config::getValue('installed', false) && !OC_AppConfig::getValue('core', 'remote_core.css', false)) {
OC_AppConfig::setValue('core', 'remote_core.css', '/core/minimizer.php');
OC_AppConfig::setValue('core', 'remote_core.js', '/core/minimizer.php');
}
// Add the js files
$jsfiles = self::findJavascriptFiles(OC_Util::$scripts);
$this->assign('jsfiles', array(), false);
if (!empty(OC_Util::$core_scripts)) {
$this->append('jsfiles', OC_Helper::linkToRemoteBase('core.js', false));
}
foreach ($jsfiles as $info) {
$root = $info[0];
$web = $info[1];
$file = $info[2];
$this->append('jsfiles', $web . '/' . $file);
}
// Add the css files
$cssfiles = self::findStylesheetFiles(OC_Util::$styles);
$this->assign('cssfiles', array());
if (!empty(OC_Util::$core_styles)) {
$this->append('cssfiles', OC_Helper::linkToRemoteBase('core.css', false));
}
foreach ($cssfiles as $info) {
$root = $info[0];
$web = $info[1];
$file = $info[2];
$paths = explode('/', $file);
$in_root = false;
foreach (OC::$APPSROOTS as $app_root) {
if ($root == $app_root['path']) {
$in_root = true;
break;
}
}
if ($in_root) {
$app = $paths[0];
unset($paths[0]);
$path = implode('/', $paths);
$this->append('cssfiles', OC_Helper::linkTo($app, $path));
} else {
$this->append('cssfiles', $web . '/' . $file);
}
}
}
/**
* print error page using Exception details
* @param Exception $exception
*/
public static function printExceptionErrorPage($exception)
{
try {
$request = \OC::$server->getRequest();
$content = new \OC_Template('', 'exception', 'error', false);
$content->assign('errorClass', get_class($exception));
$content->assign('errorMsg', $exception->getMessage());
$content->assign('errorCode', $exception->getCode());
$content->assign('file', $exception->getFile());
$content->assign('line', $exception->getLine());
$content->assign('trace', $exception->getTraceAsString());
$content->assign('debugMode', \OC::$server->getSystemConfig()->getValue('debug', false));
$content->assign('remoteAddr', $request->getRemoteAddress());
$content->assign('requestID', $request->getId());
$content->printPage();
} catch (\Exception $e) {
$logger = \OC::$server->getLogger();
$logger->logException($exception, ['app' => 'core']);
$logger->logException($e, ['app' => 'core']);
header(self::getHttpProtocol() . ' 500 Internal Server Error');
header('Content-Type: text/plain; charset=utf-8');
print "Internal Server Error\n\n";
print "The server encountered an internal error and was unable to complete your request.\n";
print "Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.\n";
print "More details can be found in the server log.\n";
}
die;
}
