public static function sendEmail($args) { if (OC_User::userExists($_POST['user'])) { $token = hash('sha256', OC_Util::generate_random_bytes(30) . OC_Config::getValue('passwordsalt', '')); OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash('sha256', $token)); // Hash the token again to prevent timing attacks $email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', ''); if (!empty($email)) { $link = OC_Helper::linkToRoute('core_lostpassword_reset', array('user' => $_POST['user'], 'token' => $token)); $link = OC_Helper::makeURLAbsolute($link); $tmpl = new OC_Template('core/lostpassword', 'email'); $tmpl->assign('link', $link, false); $msg = $tmpl->fetchPage(); $l = OC_L10N::get('core'); $from = 'lostpassword-noreply@' . OCP\Util::getServerHost(); OC_Mail::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud'); echo 'Mailsent'; self::displayLostPasswordPage(false, true); } else { self::displayLostPasswordPage(true, false); } } else { self::displayLostPasswordPage(true, false); } }
public static function apiConfig($parameters) { $xml['version'] = '1.7'; $xml['website'] = 'ownCloud'; $xml['host'] = OCP\Util::getServerHost(); $xml['contact'] = ''; $xml['ssl'] = 'false'; return new OC_OCS_Result($xml); }
/** * @brief Check if the password is correct * @param $uid The username * @param $password The password * @returns true/false * * Check if the password is correct without logging in the user */ public function checkPassword($uid, $password) { // Get identity from user and redirect browser to OpenID Server $openid = new SimpleOpenID(); $openid->SetIdentity($uid); $openid->SetTrustRoot('http://' . OCP\Util::getServerHost()); if ($openid->GetOpenIDServer()) { $openid->SetApprovedURL('http://' . OCP\Util::getServerHost() . OC::$WEBROOT); // Send Response from OpenID server to this script $openid->Redirect(); // This will redirect user to OpenID Server exit; } else { return false; } exit; }
public static function av_scan($path) { $path = $path[\OC\Files\Filesystem::signal_param_path]; if ($path != '') { $files_view = \OCP\Files::getStorage("files"); if ($files_view->file_exists($path)) { $root = OC_User::getHome(OC_User::getUser()) . '/files'; $file = $root . $path; $result = self::clamav_scan($file); switch ($result) { case CLAMAV_SCANRESULT_UNCHECKED: //TODO: Show warning to the user: The file can not be checked break; case CLAMAV_SCANRESULT_INFECTED: //remove file $files_view->unlink($path); OCP\JSON::error(array("data" => array("message" => "Virus detected! Can't upload the file."))); $email = OC_Preferences::getValue(OC_User::getUser(), 'settings', 'email', ''); \OCP\Util::writeLog('files_antivirus', 'Email: ' . $email, \OCP\Util::DEBUG); if (!empty($email)) { $tmpl = new OC_Template('files_antivirus', 'notification'); $tmpl->assign('file', $path); $tmpl->assign('host', OCP\Util::getServerHost()); $tmpl->assign('user', OC_User::getUser()); $msg = $tmpl->fetchPage(); $from = OCP\Util::getDefaultEmailAddress('security-noreply'); OCP\Util::sendMail($email, OC_User::getUser(), 'Malware detected', $msg, $from, 'ownCloud', 1); } exit; break; case CLAMAV_SCANRESULT_CLEAN: //do nothing break; } } } }
* This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE * License as published by the Free Software Foundation; either * version 3 of the License, or any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Affero General Public * License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ require_once '../lib/base.php'; $url = 'http://' . substr(OCP\Util::getServerHost() . $_SERVER['REQUEST_URI'], 0, -17) . 'ocs/v1.php/'; echo ' <providers> <provider> <id>ownCloud</id> <location>' . $url . '</location> <name>ownCloud</name> <icon></icon> <termsofuse></termsofuse> <register></register> <services> <config ocsversion="1.7" /> <activity ocsversion="1.7" /> <cloud ocsversion="1.7" /> </services> </provider>
public static function saveUserSettings($appName, $ocUser, $rcUser, $rcPassword) { $l = new OC_L10N('roundcube'); if (isset($appName) && $appName == "roundcube") { $result = self::cryptEmailIdentity($ocUser, $rcUser, $rcPassword, true); OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->saveUserSettings(): Starting saving new users data for ' . $ocUser . ' as roundcube user ' . $rcUser, OCP\Util::DEBUG); if ($result) { // update login credentials $rcMaildir = OCP\Config::getAppValue('roundcube', 'maildir', ''); $rcHost = OCP\Config::getAppValue('roundcube', 'rcHost', ''); $rcPort = OCP\Config::getAppValue('roundcube', 'rcPort', ''); if ($rcHost == '') { $rc_host = OCP\Util::getServerHost(); } // login again if (self::login($rcHost, $rcPort, $rcMaildir, $rcUser, $rcPassword)) { OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->saveUserSettings(): Saved user settings successfull.', OCP\Util::DEBUG); OCP\JSON::success(array('data' => array('message' => $l->t('Email-user credentials successfully stored. Please login again to OwnCloud for applying the new settings.')))); return true; } else { OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->saveUserSettings(): Login errors', OCP\Util::DEBUG); OC_JSON::error(array("data" => array("message" => $l->t("Unable to login into roundcube. There are login errors.")))); return false; } } else { OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->saveUserSettings(): Unable to save email credentials.', OCP\Util::DEBUG); OC_JSON::error(array("data" => array("message" => $l->t("Unable to store email credentials in the data-base.")))); return false; } } else { OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->saveUserSettings(): Not for roundcube app.', OCP\Util::DEBUG); OC_JSON::error(array("data" => array("message" => $l->t("Not submitted for us.")))); return false; } }
* This code is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see <http://www.gnu.org/licenses/> * */ require_once '../lib/base.php'; header('Content-type: application/xml'); $url = OCP\Util::getServerProtocol() . '://' . substr(OCP\Util::getServerHost() . OCP\Util::getRequestUri(), 0, -17) . 'ocs/v1.php/'; $writer = new XMLWriter(); $writer->openURI('php://output'); $writer->startDocument('1.0', 'UTF-8'); $writer->setIndent(4); $writer->startElement('providers'); $writer->startElement('provider'); $writer->writeElement('id', 'ownCloud'); $writer->writeElement('location', $url); $writer->writeElement('name', 'ownCloud'); $writer->writeElement('icon', ''); $writer->writeElement('termsofuse', ''); $writer->writeElement('register', ''); $writer->startElement('services'); $writer->startElement('config'); $writer->writeAttribute('ocsversion', '1.7');
/** * return the config data of this server * @param string $format * @return string xml/json */ public static function apiConfig($parameters) { $format = $parameters['format']; $user = OC_OCS::checkpassword(false); $url = substr(OCP\Util::getServerHost() . $_SERVER['SCRIPT_NAME'], 0, -11) . ''; $xml['version'] = '1.7'; $xml['website'] = 'ownCloud'; $xml['host'] = OCP\Util::getServerHost(); $xml['contact'] = ''; $xml['ssl'] = 'false'; echo OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'config', '', 1); }
<form id="openidform"> <fieldset class="personalblock"> <legend><strong><?php p($l->t('OpenID')); ?> </strong></legend> <?php p(OCP\Util::getServerProtocol() . '://' . OCP\Util::getServerHost() . OC::$WEBROOT . '/?'); p(OCP\USER::getUser()); ?> <br /><em><?php p($l->t('you can authenticate to other sites with this address')); ?> </em><br /> <label for="identity"><?php p($l->t('Authorized OpenID provider')); ?> </label> <input type="text" name="identity" id="identity" value="<?php p($_['identity']); ?> " placeholder="<?php p($l->t('Your address at Wordpress, Identi.ca, …')); ?> " /><span class="msg"></span> </fieldset> </form>
* Copyright (c) 2012 Frank Karlitschek frank@owncloud.org * This file is licensed under the Affero General Public License version 3 or * later. * See the COPYING-README file. */ $RUNTIME_NOAPPS = TRUE; //no apps require_once '../../lib/base.php'; // Someone lost their password: if (isset($_POST['user'])) { if (OC_User::userExists($_POST['user'])) { $token = hash("sha256", $_POST['user'] . OC_Util::generate_random_bytes(10)); OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token); $email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', ''); if (!empty($email)) { $link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php', array('user' => $_POST['user'], 'token' => $token)); $tmpl = new OC_Template('core/lostpassword', 'email'); $tmpl->assign('link', $link, false); $msg = $tmpl->fetchPage(); $l = OC_L10N::get('core'); $from = 'lostpassword-noreply@' . OCP\Util::getServerHost(); OC_MAIL::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud'); echo 'sent'; } OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true)); } else { OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false)); } } else { OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false)); }
<?php OCP\JSON::checkLoggedIn(); OCP\JSON::callCheck(); OCP\JSON::checkAppEnabled('files_sharing'); $user = OCP\USER::getUser(); // TODO translations $type = strpos($_POST['file'], '.') === false ? 'folder' : 'file'; $subject = $user . ' shared a ' . $type . ' with you'; $link = $_POST['link']; $text = $user . ' shared the ' . $type . ' ' . $_POST['file'] . ' with you. It is available for download here: ' . $link; $fromaddress = OCP\Config::getUserValue($user, 'settings', 'email', 'sharing-noreply@' . OCP\Util::getServerHost()); try { OCP\Util::sendMail($_POST['toaddress'], $_POST['toaddress'], $subject, $text, $fromaddress, $user); OCP\JSON::success(); } catch (Exception $exception) { OCP\JSON::error(array('data' => array('message' => $exception->getMessage()))); }
/** * Determine the HTTP request protocol * @name $proto * @global string $GLOBALS['proto'] */ $GLOBALS['proto'] = isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on' ? 'https' : 'http'; // Set the authorization state - DO NOT OVERRIDE $profile['authorized'] = false; global $IDENTITY; global $USERNAME; // Set a default IDP URL if (!array_key_exists('idp_url', $profile)) { $profile['idp_url'] = $IDENTITY; } //Determine the requested URL - DO NOT OVERRIDE $profile['req_url'] = sprintf("%s://%s%s", $proto, OCP\Util::getServerHost(), $_SERVER["REQUEST_URI"]); // Set the default allowance for testing if (!array_key_exists('allow_test', $profile)) { $profile['allow_test'] = false; } // Set the default allowance for gmp if (!array_key_exists('allow_gmp', $profile)) { $profile['allow_gmp'] = false; } // Set the default force bigmath - BAD IDEA to override this if (!array_key_exists('force_bigmath', $profile)) { $profile['force_bigmath'] = false; } // Determine if GMP is usable $profile['use_gmp'] = extension_loaded('gmp') && $profile['allow_gmp'] ? true : false; // Determine if I can perform big math functions
} else { $ocUser = OCP\User::getUser(); $mail_userdata_entries = OC_RoundCube_App::checkLoginData(OCP\User::getUser()); // TODO create dropdown list $mail_userdata = $mail_userdata_entries[0]; // // Nope. Already logged in at the start. Then starting to support // multiple accounts, a re-login with other credentials than the // default ID could be provided. // $disable_control_nav = OCP\Config::getAppValue('roundcube', 'removeControlNav', false); $enable_autologin = OCP\Config::getAppValue('roundcube', 'autoLogin', false); $maildir = OCP\Config::getAppValue('roundcube', 'maildir', ''); $rc_host = OCP\Config::getAppValue('roundcube', 'rcHost', ''); if ($rc_host == '') { $rc_host = OCP\Util::getServerHost(); } $rc_port = OCP\Config::getAppValue('roundcube', 'rcPort', null); OCP\Util::writeLog('roundcube', 'tpl.mail.php: Opening iframe for RC-host ' . $rc_host . ' with port ' . $rc_port, OCP\Util::DEBUG); OCP\Util::writeLog('roundcube', 'tpl.mail.php: Preparing pre-check before rendering mail view ', OCP\Util::INFO); if ($mail_userdata['id'] != '') { if ($mail_userdata['oc_user'] == OCP\User::getUser()) { if (!$enable_autologin && empty($mail_userdata)) { OCP\Util::writeLog('roundcube', 'tpl.mail.php: No valid user login data found.', OCP\Util::ERROR); $html_output = $html_output . $this->inc("part.error.no-settings"); } else { OCP\Util::writeLog('roundcube', 'tpl.mail.php: Found valid user login data.', OCP\Util::DEBUG); if ($maildir != '') { $mailAppReturn = OC_RoundCube_App::showMailFrame($rc_host, $rc_port, $maildir); if ($mailAppReturn->isErrorOccurred()) { OCP\Util::writeLog('roundcube', 'Not rendering roundcube iframe view due to errors', OCP\Util::ERROR);
public static function getServerHost() { $rc_host = OCP\Config::getAppValue('roundcube', 'rcHost', ''); if ($rc_host == '') { $rc_host = OCP\Util::getServerHost(); } OCP\Util::writeLog('roundcube', 'OC_RoundCube_AuthHelper.class.php->getServerHost():' . ' rcHost: ' . $rc_host, OCP\Util::DEBUG); return $rc_host; }