public static function sendEmail($args) { $isEncrypted = OC_App::isEnabled('files_encryption'); if (!$isEncrypted || isset($_POST['continue'])) { $continue = true; } else { $continue = false; } if (OC_User::userExists($_POST['user']) && $continue) { $token = hash('sha256', OC_Util::generate_random_bytes(30) . OC_Config::getValue('passwordsalt', '')); OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash('sha256', $token)); // Hash the token again to prevent timing attacks $email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', ''); if (!empty($email)) { $link = OC_Helper::linkToRoute('core_lostpassword_reset', array('user' => $_POST['user'], 'token' => $token)); $link = OC_Helper::makeURLAbsolute($link); $tmpl = new OC_Template('core/lostpassword', 'email'); $tmpl->assign('link', $link, false); $msg = $tmpl->fetchPage(); $l = OC_L10N::get('core'); $from = OCP\Util::getDefaultEmailAddress('lostpassword-noreply'); try { OC_Mail::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud'); } catch (Exception $e) { OC_Template::printErrorPage('A problem occurs during sending the e-mail please contact your administrator.'); } self::displayLostPasswordPage(false, true); } else { self::displayLostPasswordPage(true, false); } } else { self::displayLostPasswordPage(true, false); } }
public static function sendEmail($args) { if (OC_User::userExists($_POST['user'])) { $token = hash('sha256', OC_Util::generate_random_bytes(30) . OC_Config::getValue('passwordsalt', '')); OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash('sha256', $token)); // Hash the token again to prevent timing attacks $email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', ''); if (!empty($email)) { $link = OC_Helper::linkToRoute('core_lostpassword_reset', array('user' => $_POST['user'], 'token' => $token)); $link = OC_Helper::makeURLAbsolute($link); $tmpl = new OC_Template('core/lostpassword', 'email'); $tmpl->assign('link', $link, false); $msg = $tmpl->fetchPage(); $l = OC_L10N::get('core'); $from = 'lostpassword-noreply@' . OCP\Util::getServerHost(); OC_Mail::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud'); echo 'Mailsent'; self::displayLostPasswordPage(false, true); } else { self::displayLostPasswordPage(true, false); } } else { self::displayLostPasswordPage(true, false); } }
public static function av_scan($path) { $path = $path[\OC\Files\Filesystem::signal_param_path]; if ($path != '') { $files_view = \OCP\Files::getStorage("files"); if ($files_view->file_exists($path)) { $root = OC_User::getHome(OC_User::getUser()) . '/files'; $file = $root . $path; $result = self::clamav_scan($file); switch ($result) { case CLAMAV_SCANRESULT_UNCHECKED: //TODO: Show warning to the user: The file can not be checked break; case CLAMAV_SCANRESULT_INFECTED: //remove file $files_view->unlink($path); OCP\JSON::error(array("data" => array("message" => "Virus detected! Can't upload the file."))); $email = OC_Preferences::getValue(OC_User::getUser(), 'settings', 'email', ''); \OCP\Util::writeLog('files_antivirus', 'Email: ' . $email, \OCP\Util::DEBUG); if (!empty($email)) { $tmpl = new OC_Template('files_antivirus', 'notification'); $tmpl->assign('file', $path); $tmpl->assign('host', OCP\Util::getServerHost()); $tmpl->assign('user', OC_User::getUser()); $msg = $tmpl->fetchPage(); $from = OCP\Util::getDefaultEmailAddress('security-noreply'); OCP\Util::sendMail($email, OC_User::getUser(), 'Malware detected', $msg, $from, 'ownCloud', 1); } exit; break; case CLAMAV_SCANRESULT_CLEAN: //do nothing break; } } } }
/** * do the initial handshake * * @param array $params */ public function handshake($params) { $auth = isset($params['auth']) ? $params['auth'] : false; $user = isset($params['user']) ? $params['user'] : false; $time = isset($params['timestamp']) ? $params['timestamp'] : false; $now = time(); if ($now - $time > 10 * 60) { $this->error(400, 'timestamp is more then 10 minutes old'); } if ($auth and $user and $time) { $query = \OCP\DB::prepare("SELECT `user_id`, `user_password_sha256` FROM `*PREFIX*media_users` WHERE `user_id`=?"); $result = $query->execute(array($user)); if ($row = $result->fetchRow()) { $pass = $row['user_password_sha256']; $key = hash('sha256', $time . $pass); if ($key == $auth) { $token = hash('sha256', 'oc_media_' . $key); $this->collection = new Collection($row['user_id']); $date = date('c'); //todo proper update/add/clean dates $songs = $this->collection->getSongCount(); $artists = $this->collection->getArtistCount(); $albums = $this->collection->getAlbumCount(); $query = \OCP\DB::prepare("INSERT INTO `*PREFIX*media_sessions` (`token`, `user_id`, `start`) VALUES (?, ?, now());"); $query->execute(array($token, $user)); $expire = date('c', time() + 600); $tmpl = new \OC_Template('media', 'ampache/handshake'); $tmpl->assign('token', $token); $tmpl->assign('date', $date); $tmpl->assign('songs', $songs); $tmpl->assign('artists', $artists); $tmpl->assign('albums', $albums); $tmpl->assign('expire', $expire); $tmpl->printPage(); return; } } $this->error(400, 'Invalid login'); } else { $this->error(400, 'Missing arguments'); } }
/** * checks if the selected files are within the size constraint. If not, outputs an error page. * * @param dir $dir * @param files $files */ static function validateZipDownload($dir, $files) { if (!OC_Config::getValue('allowZipDownload', true)) { $l = OC_L10N::get('files'); header("HTTP/1.0 409 Conflict"); $tmpl = new OC_Template('', 'error', 'user'); $errors = array(array('error' => $l->t('ZIP download is turned off.'), 'hint' => $l->t('Files need to be downloaded one by one.') . '<br/><a href="javascript:history.back()">' . $l->t('Back to Files') . '</a>')); $tmpl->assign('errors', $errors); $tmpl->printPage(); exit; } $zipLimit = OC_Config::getValue('maxZipInputSize', OC_Helper::computerFileSize('800 MB')); if ($zipLimit > 0) { $totalsize = 0; if (is_array($files)) { foreach ($files as $file) { $totalsize += OC_Filesystem::filesize($dir . '/' . $file); } } else { $totalsize += OC_Filesystem::filesize($dir . '/' . $files); } if ($totalsize > $zipLimit) { $l = OC_L10N::get('files'); header("HTTP/1.0 409 Conflict"); $tmpl = new OC_Template('', 'error', 'user'); $errors = array(array('error' => $l->t('Selected files too large to generate zip file.'), 'hint' => 'Download the files in smaller chunks, seperately or kindly ask your administrator.<br/><a href="javascript:history.back()">' . $l->t('Back to Files') . '</a>')); $tmpl->assign('errors', $errors); $tmpl->printPage(); exit; } } }
/** * return the content of a file or return a zip file containing multiple files * * @param string $dir * @param string $files ; separated list of files to download * @param boolean $only_header ; boolean to only send header of the request */ public static function get($dir, $files, $only_header = false) { $xsendfile = false; if (isset($_SERVER['MOD_X_SENDFILE_ENABLED']) || isset($_SERVER['MOD_X_SENDFILE2_ENABLED']) || isset($_SERVER['MOD_X_ACCEL_REDIRECT_ENABLED'])) { $xsendfile = true; } if (is_array($files) && count($files) === 1) { $files = $files[0]; } if (is_array($files)) { $get_type = GET_TYPE::ZIP_FILES; $basename = basename($dir); if ($basename) { $name = $basename . '.zip'; } else { $name = 'download.zip'; } $filename = $dir . '/' . $name; } else { $filename = $dir . '/' . $files; if (\OC\Files\Filesystem::is_dir($dir . '/' . $files)) { $get_type = GET_TYPE::ZIP_DIR; // downloading root ? if ($files === '') { $name = 'download.zip'; } else { $name = $files . '.zip'; } } else { $get_type = GET_TYPE::FILE; $name = $files; } } if ($get_type === GET_TYPE::FILE) { $zip = false; if ($xsendfile && OC_App::isEnabled('files_encryption')) { $xsendfile = false; } } else { $zip = new ZipStreamer(false); } OC_Util::obEnd(); if ($zip or \OC\Files\Filesystem::isReadable($filename)) { self::sendHeaders($filename, $name, $zip); } elseif (!\OC\Files\Filesystem::file_exists($filename)) { header("HTTP/1.0 404 Not Found"); $tmpl = new OC_Template('', '404', 'guest'); $tmpl->assign('file', $name); $tmpl->printPage(); } else { header("HTTP/1.0 403 Forbidden"); die('403 Forbidden'); } if ($only_header) { return; } if ($zip) { $executionTime = intval(ini_get('max_execution_time')); set_time_limit(0); if ($get_type === GET_TYPE::ZIP_FILES) { foreach ($files as $file) { $file = $dir . '/' . $file; if (\OC\Files\Filesystem::is_file($file)) { $fh = \OC\Files\Filesystem::fopen($file, 'r'); $zip->addFileFromStream($fh, basename($file)); fclose($fh); } elseif (\OC\Files\Filesystem::is_dir($file)) { self::zipAddDir($file, $zip); } } } elseif ($get_type === GET_TYPE::ZIP_DIR) { $file = $dir . '/' . $files; self::zipAddDir($file, $zip); } $zip->finalize(); set_time_limit($executionTime); } else { if ($xsendfile) { $view = \OC\Files\Filesystem::getView(); /** @var $storage \OC\Files\Storage\Storage */ list($storage) = $view->resolvePath($filename); if ($storage->isLocal()) { self::addSendfileHeader($filename); } else { \OC\Files\Filesystem::readfile($filename); } } else { \OC\Files\Filesystem::readfile($filename); } } }
OC_App::setActiveNavigationEntry("admin"); $template = new OC_Template('settings', 'admin', 'user'); $l = OC_L10N::get('settings'); $showLog = \OC::$server->getConfig()->getSystemValue('log_type', 'owncloud') === 'owncloud'; $numEntriesToLoad = 3; $entries = OC_Log_Owncloud::getEntries($numEntriesToLoad + 1); $entriesRemaining = count($entries) > $numEntriesToLoad; $entries = array_slice($entries, 0, $numEntriesToLoad); $logFilePath = OC_Log_Owncloud::getLogFilePath(); $doesLogFileExist = file_exists($logFilePath); $logFileSize = filesize($logFilePath); $config = \OC::$server->getConfig(); $appConfig = \OC::$server->getAppConfig(); $request = \OC::$server->getRequest(); // Should we display sendmail as an option? $template->assign('sendmail_is_available', (bool) \OC_Helper::findBinaryPath('sendmail')); $template->assign('loglevel', $config->getSystemValue("loglevel", 2)); $template->assign('mail_domain', $config->getSystemValue("mail_domain", '')); $template->assign('mail_from_address', $config->getSystemValue("mail_from_address", '')); $template->assign('mail_smtpmode', $config->getSystemValue("mail_smtpmode", '')); $template->assign('mail_smtpsecure', $config->getSystemValue("mail_smtpsecure", '')); $template->assign('mail_smtphost', $config->getSystemValue("mail_smtphost", '')); $template->assign('mail_smtpport', $config->getSystemValue("mail_smtpport", '')); $template->assign('mail_smtpauthtype', $config->getSystemValue("mail_smtpauthtype", '')); $template->assign('mail_smtpauth', $config->getSystemValue("mail_smtpauth", false)); $template->assign('mail_smtpname', $config->getSystemValue("mail_smtpname", '')); $template->assign('mail_smtppassword', $config->getSystemValue("mail_smtppassword", '')); $template->assign('entries', $entries); $template->assign('entriesremain', $entriesRemaining); $template->assign('logFileSize', $logFileSize); $template->assign('doesLogFileExist', $doesLogFileExist);
/** * print error page using Exception details * @param Exception $exception */ public static function printExceptionErrorPage($exception) { try { $request = \OC::$server->getRequest(); $content = new \OC_Template('', 'exception', 'error', false); $content->assign('errorClass', get_class($exception)); $content->assign('errorMsg', $exception->getMessage()); $content->assign('errorCode', $exception->getCode()); $content->assign('file', $exception->getFile()); $content->assign('line', $exception->getLine()); $content->assign('trace', $exception->getTraceAsString()); $content->assign('debugMode', \OC::$server->getSystemConfig()->getValue('debug', false)); $content->assign('remoteAddr', $request->getRemoteAddress()); $content->assign('requestID', $request->getId()); $content->printPage(); } catch (\Exception $e) { $logger = \OC::$server->getLogger(); $logger->logException($exception, ['app' => 'core']); $logger->logException($e, ['app' => 'core']); header(self::getHttpProtocol() . ' 500 Internal Server Error'); header('Content-Type: text/plain; charset=utf-8'); print "Internal Server Error\n\n"; print "The server encountered an internal error and was unable to complete your request.\n"; print "Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.\n"; print "More details can be found in the server log.\n"; } die; }
/** * Prints the upgrade page */ private static function printUpgradePage() { $systemConfig = \OC::$server->getSystemConfig(); $oldTheme = $systemConfig->getValue('theme'); $systemConfig->setValue('theme', ''); \OCP\Util::addScript('config'); // needed for web root \OCP\Util::addScript('update'); // check whether this is a core update or apps update $installedVersion = $systemConfig->getValue('version', '0.0.0'); $currentVersion = implode('.', OC_Util::getVersion()); $appManager = \OC::$server->getAppManager(); $tmpl = new OC_Template('', 'update.admin', 'guest'); $tmpl->assign('version', OC_Util::getVersionString()); // if not a core upgrade, then it's apps upgrade if (version_compare($currentVersion, $installedVersion, '=')) { $tmpl->assign('isAppsOnlyUpgrade', true); } else { $tmpl->assign('isAppsOnlyUpgrade', false); } // get third party apps $ocVersion = OC_Util::getVersion(); $tmpl->assign('appsToUpgrade', $appManager->getAppsNeedingUpgrade($ocVersion)); $tmpl->assign('incompatibleAppsList', $appManager->getIncompatibleApps($ocVersion)); $tmpl->assign('productName', 'ownCloud'); // for now $tmpl->assign('oldTheme', $oldTheme); $tmpl->printPage(); }
/** * create mail body for plain text and html mail * * @param string $filename the shared file * @param string $link link to the shared file * @param int $expiration expiration date (timestamp) * @return array an array of the html mail body and the plain text mail body */ private function createMailBody($filename, $link, $expiration) { $formatedDate = $expiration ? $this->l->l('date', $expiration) : null; $html = new \OC_Template("core", "mail", ""); $html->assign ('link', $link); $html->assign ('user_displayname', $this->senderDisplayName); $html->assign ('filename', $filename); $html->assign('expiration', $formatedDate); $htmlMail = $html->fetchPage(); $alttext = new \OC_Template("core", "altmail", ""); $alttext->assign ('link', $link); $alttext->assign ('user_displayname', $this->senderDisplayName); $alttext->assign ('filename', $filename); $alttext->assign('expiration', $formatedDate); $alttextMail = $alttext->fetchPage(); return array($htmlMail, $alttextMail); }
/** * create mail body for plain text and html mail * * @param string $filename the shared file * @param string $link link to the shared file * @param int $expiration expiration date (timestamp) * @param string $prefix prefix of mail template files * @return array an array of the html mail body and the plain text mail body */ private function createMailBody($filename, $link, $expiration, $prefix = '') { $formattedDate = $expiration ? $this->l->l('date', $expiration) : null; $html = new \OC_Template('core', $prefix . 'mail', ''); $html->assign('link', $link); $html->assign('user_displayname', $this->senderDisplayName); $html->assign('filename', $filename); $html->assign('expiration', $formattedDate); $htmlMail = $html->fetchPage(); $plainText = new \OC_Template('core', $prefix . 'altmail', ''); $plainText->assign('link', $link); $plainText->assign('user_displayname', $this->senderDisplayName); $plainText->assign('filename', $filename); $plainText->assign('expiration', $formattedDate); $plainTextMail = $plainText->fetchPage(); return [$htmlMail, $plainTextMail]; }
$breadcrumb = array(); $pathtohere = ""; foreach (explode("/", $dir) as $i) { if ($i != "") { $pathtohere .= "/" . str_replace('+', '%20', urlencode($i)); $breadcrumb[] = array("dir" => $pathtohere, "name" => $i); } } // make breadcrumb und filelist markup $list = new OC_Template("files", "part.list", ""); $list->assign("files", $files); $list->assign("baseURL", OC_Helper::linkTo("files", "index.php") . "?dir="); $list->assign("downloadURL", OC_Helper::linkTo("files", "download.php") . "?file="); $breadcrumbNav = new OC_Template("files", "part.breadcrumb", ""); $breadcrumbNav->assign("breadcrumb", $breadcrumb); $breadcrumbNav->assign("baseURL", OC_Helper::linkTo("files", "index.php") . "?dir="); $upload_max_filesize = OC_Helper::computerFileSize(ini_get('upload_max_filesize')); $post_max_size = OC_Helper::computerFileSize(ini_get('post_max_size')); $maxUploadFilesize = min($upload_max_filesize, $post_max_size); $freeSpace = OC_Filesystem::free_space('/'); $freeSpace = max($freeSpace, 0); $maxUploadFilesize = min($maxUploadFilesize, $freeSpace); $tmpl = new OC_Template("files", "index", "user"); $tmpl->assign("fileList", $list->fetchPage()); $tmpl->assign("breadcrumb", $breadcrumbNav->fetchPage()); $tmpl->assign('dir', $dir); $tmpl->assign('readonly', !OC_Filesystem::is_writable($dir)); $tmpl->assign("files", $files); $tmpl->assign('uploadMaxFilesize', $maxUploadFilesize); $tmpl->assign('uploadMaxHumanFilesize', OC_Helper::humanFileSize($maxUploadFilesize)); $tmpl->printPage();
<?php /** * Copyright (c) 2011, Robin Appelman <*****@*****.**> * This file is licensed under the Affero General Public License version 3 or later. * See the COPYING-README file. */ require_once '../lib/base.php'; OC_Util::checkAdminUser(); OC_Util::addStyle("settings", "settings"); OC_Util::addScript("settings", "admin"); OC_Util::addScript("settings", "log"); OC_App::setActiveNavigationEntry("admin"); $tmpl = new OC_Template('settings', 'admin', 'user'); $forms = OC_App::getForms('admin'); $entries = OC_Log_Owncloud::getEntries(3); function compareEntries($a, $b) { return $b->time - $a->time; } usort($entries, 'compareEntries'); $tmpl->assign('loglevel', OC_Config::getValue("loglevel", 2)); $tmpl->assign('entries', $entries); $tmpl->assign('forms', array()); foreach ($forms as $form) { $tmpl->append('forms', $form); } $tmpl->printPage();
/** * @param string $user * @throws \Exception */ protected function sendEmail($user) { if (!$this->userManager->userExists($user)) { throw new \Exception($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.')); } $email = $this->config->getUserValue($user, 'settings', 'email'); if (empty($email)) { throw new \Exception($this->l10n->t('Couldn\'t send reset email because there is no ' . 'email address for this username. Please ' . 'contact your administrator.')); } $token = $this->secureRandom->getMediumStrengthGenerator()->generate(21, ISecureRandom::CHAR_DIGITS . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER); $this->config->setUserValue($user, 'owncloud', 'lostpassword', $token); $link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $user, 'token' => $token)); $tmpl = new \OC_Template('core/lostpassword', 'email'); $tmpl->assign('link', $link, false); $msg = $tmpl->fetchPage(); try { $message = $this->mailer->createMessage(); $message->setTo([$email => $user]); $message->setSubject($this->l10n->t('%s password reset', [$this->defaults->getName()])); $message->setPlainBody($msg); $message->setFrom([$this->from => $this->defaults->getName()]); $this->mailer->send($message); } catch (\Exception $e) { throw new \Exception($this->l10n->t('Couldn\'t send reset email. Please contact your administrator.')); } }
/** * Prints the upgrade page */ private static function printUpgradePage() { $systemConfig = \OC::$server->getSystemConfig(); $disableWebUpdater = $systemConfig->getValue('upgrade.disable-web', false); $tooBig = false; if (!$disableWebUpdater) { $apps = \OC::$server->getAppManager(); $tooBig = $apps->isInstalled('user_ldap') || $apps->isInstalled('user_shibboleth'); if (!$tooBig) { // count users $stats = \OC::$server->getUserManager()->countUsers(); $totalUsers = array_sum($stats); $tooBig = $totalUsers > 50; } } if ($disableWebUpdater || $tooBig) { // send http status 503 header('HTTP/1.1 503 Service Temporarily Unavailable'); header('Status: 503 Service Temporarily Unavailable'); header('Retry-After: 120'); // render error page $template = new OC_Template('', 'update.use-cli', 'guest'); $template->assign('productName', 'ownCloud'); // for now $template->assign('version', OC_Util::getVersionString()); $template->assign('tooBig', $tooBig); $template->printPage(); die; } // check whether this is a core update or apps update $installedVersion = $systemConfig->getValue('version', '0.0.0'); $currentVersion = implode('.', \OCP\Util::getVersion()); // if not a core upgrade, then it's apps upgrade $isAppsOnlyUpgrade = version_compare($currentVersion, $installedVersion, '='); $oldTheme = $systemConfig->getValue('theme'); $systemConfig->setValue('theme', ''); \OCP\Util::addScript('config'); // needed for web root \OCP\Util::addScript('update'); \OCP\Util::addStyle('update'); $appManager = \OC::$server->getAppManager(); $tmpl = new OC_Template('', 'update.admin', 'guest'); $tmpl->assign('version', OC_Util::getVersionString()); $tmpl->assign('isAppsOnlyUpgrade', $isAppsOnlyUpgrade); // get third party apps $ocVersion = \OCP\Util::getVersion(); $tmpl->assign('appsToUpgrade', $appManager->getAppsNeedingUpgrade($ocVersion)); $tmpl->assign('incompatibleAppsList', $appManager->getIncompatibleApps($ocVersion)); $tmpl->assign('productName', 'ownCloud'); // for now $tmpl->assign('oldTheme', $oldTheme); $tmpl->printPage(); }
* but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see <http://www.gnu.org/licenses/> * */ OC_Util::checkLoggedIn(); // Load the files we need OC_Util::addStyle("settings", "settings"); \OC::$server->getNavigationManager()->setActiveEntry('help'); if (isset($_GET['mode']) and $_GET['mode'] === 'admin') { $url = \OCP\Util::linkToAbsolute('core', 'doc/admin/index.html'); $style1 = ''; $style2 = ' active'; } else { $url = \OCP\Util::linkToAbsolute('core', 'doc/user/index.html'); $style1 = ' active'; $style2 = ''; } $url1 = \OC::$server->getURLGenerator()->linkToRoute('settings_help') . '?mode=user'; $url2 = \OC::$server->getURLGenerator()->linkToRoute('settings_help') . '?mode=admin'; $tmpl = new OC_Template("settings", "help", "user"); $tmpl->assign("admin", OC_User::isAdminUser(OC_User::getUser())); $tmpl->assign("url", $url); $tmpl->assign("url1", $url1); $tmpl->assign("url2", $url2); $tmpl->assign("style1", $style1); $tmpl->assign("style2", $style2); $tmpl->printPage();
/** * Print a fatal error page and terminates the script * @param string $error_msg The error message to show * @param string $hint An optional hint message * Warning: All data passed to $hint needs to get sanitized using OC_Util::sanitizeHTML */ public static function printErrorPage($error_msg, $hint = '') { $content = new OC_Template('', 'error', 'error'); $errors = array(array('error' => $error_msg, 'hint' => $hint)); $content->assign('errors', $errors); $content->printPage(); die; }
public static function initSession() { // prevents javascript from accessing php session cookies ini_set('session.cookie_httponly', '1;'); // set the session name to the instance id - which is unique session_name(OC_Util::getInstanceId()); // if session cant be started break with http 500 error if (session_start() === false) { OC_Log::write('core', 'Session could not be initialized', OC_Log::ERROR); header('HTTP/1.1 500 Internal Server Error'); OC_Util::addStyle("styles"); $error = 'Session could not be initialized. Please contact your '; $error .= 'system administrator'; $tmpl = new OC_Template('', 'error', 'guest'); $tmpl->assign('errors', array(1 => array('error' => $error))); $tmpl->printPage(); exit; } $sessionLifeTime = self::getSessionLifeTime(); // regenerate session id periodically to avoid session fixation if (!isset($_SESSION['SID_CREATED'])) { $_SESSION['SID_CREATED'] = time(); } else { if (time() - $_SESSION['SID_CREATED'] > $sessionLifeTime / 2) { session_regenerate_id(true); $_SESSION['SID_CREATED'] = time(); } } // session timeout if (isset($_SESSION['LAST_ACTIVITY']) && time() - $_SESSION['LAST_ACTIVITY'] > $sessionLifeTime) { if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 42000, '/'); } session_unset(); session_destroy(); session_start(); } $_SESSION['LAST_ACTIVITY'] = time(); }
$groups = \OC::$server->getGroupManager()->getUserIdGroups(OC_User::getUser()); $groups2 = array_map(function ($group) { return $group->getGID(); }, $groups); sort($groups2); $tmpl->assign('groups', $groups2); // add hardcoded forms from the template $l = \OC::$server->getL10N('settings'); $formsAndMore = []; $formsAndMore[] = ['anchor' => 'avatar', 'section-name' => $l->t('Personal info')]; $formsAndMore[] = ['anchor' => 'clientsbox', 'section-name' => $l->t('Sync clients')]; $forms = OC_App::getForms('personal'); // add bottom hardcoded forms from the template if ($enableCertImport) { $certificatesTemplate = new OC_Template('settings', 'certificates'); $certificatesTemplate->assign('type', 'personal'); $certificatesTemplate->assign('uploadRoute', 'settings.Certificate.addPersonalRootCertificate'); $certificatesTemplate->assign('certs', $certificateManager->listCertificates()); $certificatesTemplate->assign('urlGenerator', $urlGenerator); $forms[] = $certificatesTemplate->fetchPage(); } $formsMap = array_map(function ($form) { if (preg_match('%(<h2(?P<class>[^>]*)>.*?</h2>)%i', $form, $regs)) { $sectionName = str_replace('<h2' . $regs['class'] . '>', '', $regs[0]); $sectionName = str_replace('</h2>', '', $sectionName); $anchor = strtolower($sectionName); $anchor = str_replace(' ', '-', $anchor); return array('anchor' => $anchor, 'section-name' => $sectionName, 'form' => $form); } return array('form' => $form); }, $forms);
$info['version'] = OC_App::getAppVersion($app); $appList[] = $info; } } $remoteApps = OC_App::getAppstoreApps(); if ($remoteApps) { // Remove duplicates foreach ($appList as $app) { foreach ($remoteApps as $key => $remote) { if ($app['name'] == $remote['name']) { unset($remoteApps[$key]); } } } $combinedApps = array_merge($appList, $remoteApps); } else { $combinedApps = $appList; } function app_sort($a, $b) { if ($a['active'] != $b['active']) { return $b['active'] - $a['active']; } return strcmp($a['name'], $b['name']); } usort($combinedApps, 'app_sort'); $tmpl = new OC_Template("settings", "apps", "user"); $tmpl->assign('apps', $combinedApps, false); $appid = isset($_GET['appid']) ? strip_tags($_GET['appid']) : ''; $tmpl->assign('appid', $appid); $tmpl->printPage();
<?php /** * Copyright (c) 2011 Bart Visscher <*****@*****.**> * This file is licensed under the Affero General Public License version 3 or * later. * See the COPYING-README file. */ require_once '../../../lib/base.php'; $l10n = new OC_L10N('calendar'); if (!OC_USER::isLoggedIn()) { die("<script type=\"text/javascript\">document.location = oc_webroot;</script>"); } OC_JSON::checkAppEnabled('calendar'); $calendar = array('id' => 'new', 'displayname' => '', 'calendarcolor' => ''); $tmpl = new OC_Template('calendar', 'part.editcalendar'); $tmpl->assign('new', true); $tmpl->assign('calendar', $calendar); $tmpl->printPage();
<?php /** * ownCloud - user_webdavauth * * @author Frank Karlitschek * @copyright 2012 Frank Karlitschek frank@owncloud.org * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE * License as published by the Free Software Foundation; either * version 3 of the License, or any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Affero General Public * License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ if ($_POST) { if (isset($_POST['webdav_url'])) { OC_CONFIG::setValue('user_webdavauth_url', strip_tags($_POST['webdav_url'])); } } // fill template $tmpl = new OC_Template('user_webdavauth', 'settings'); $tmpl->assign('webdav_url', OC_Config::getValue("user_webdavauth_url")); return $tmpl->fetchPage();
$template->assign('WindowsWarning', OC_Util::runningOnWindows()); // warn if outdated version of a memcache module is used $caches = ['apcu' => ['name' => $l->t('APCu'), 'version' => '4.0.6'], 'redis' => ['name' => $l->t('Redis'), 'version' => '2.2.5']]; $outdatedCaches = []; foreach ($caches as $php_module => $data) { $isOutdated = extension_loaded($php_module) && version_compare(phpversion($php_module), $data['version'], '<'); if ($isOutdated) { $outdatedCaches[$php_module] = $data; } } $template->assign('OutdatedCacheWarning', $outdatedCaches); // add hardcoded forms from the template $forms = OC_App::getForms('admin'); if ($config->getSystemValue('enable_certificate_management', false)) { $certificatesTemplate = new OC_Template('settings', 'certificates'); $certificatesTemplate->assign('type', 'admin'); $certificatesTemplate->assign('uploadRoute', 'settings.Certificate.addSystemRootCertificate'); $certificatesTemplate->assign('certs', $certificateManager->listCertificates()); $certificatesTemplate->assign('urlGenerator', $urlGenerator); $forms[] = $certificatesTemplate->fetchPage(); } $formsAndMore = array(); if ($request->getServerProtocol() !== 'https' || !OC_Util::isAnnotationsWorking() || $suggestedOverwriteCliUrl || !OC_Util::isSetLocaleWorking() || !OC_Util::fileInfoLoaded() || $databaseOverload) { $formsAndMore[] = array('anchor' => 'security-warning', 'section-name' => $l->t('Security & setup warnings')); } $formsAndMore[] = array('anchor' => 'shareAPI', 'section-name' => $l->t('Sharing')); $formsAndMore[] = ['anchor' => 'encryptionAPI', 'section-name' => $l->t('Server-side encryption')]; // Prioritize fileSharingSettings and files_external and move updater to the version $fileSharingSettings = $filesExternal = $updaterAppPanel = $ocDefaultEncryptionModulePanel = ''; foreach ($forms as $index => $form) { if (strpos($form, 'id="fileSharingSettings"')) {
/** * Checks if the version requires an update and shows * @param bool $showTemplate Whether an update screen should get shown * @return bool|void */ public static function checkUpgrade($showTemplate = true) { if (\OCP\Util::needUpgrade()) { $systemConfig = \OC::$server->getSystemConfig(); if ($showTemplate && !$systemConfig->getValue('maintenance', false)) { $version = OC_Util::getVersion(); $oldTheme = $systemConfig->getValue('theme'); $systemConfig->setValue('theme', ''); OC_Util::addScript('config'); // needed for web root OC_Util::addScript('update'); $tmpl = new OC_Template('', 'update.admin', 'guest'); $tmpl->assign('version', OC_Util::getVersionString()); // get third party apps $apps = OC_App::getEnabledApps(); $incompatibleApps = array(); foreach ($apps as $appId) { $info = OC_App::getAppInfo($appId); if (!OC_App::isAppCompatible($version, $info)) { $incompatibleApps[] = $info; } } $tmpl->assign('appList', $incompatibleApps); $tmpl->assign('productName', 'ownCloud'); // for now $tmpl->assign('oldTheme', $oldTheme); $tmpl->printPage(); exit; } else { return true; } } return false; }
<?php /** * ownCloud - Cloudpress * * @author Bastien Ho (EELV - Urbancube) * @copyleft 2012 bastienho@urbancube.fr * @projeturl http://ecolosites.eelv.fr * * Free Software under creative commons licence * http://creativecommons.org/licenses/by-nc/3.0/ * Attribution-NonCommercial 3.0 Unported (CC BY-NC 3.0) * * You are free: * to Share — to copy, distribute and transmit the work * to Remix — to adapt the work * * Under the following conditions: * Attribution — You must attribute the work in the manner specified by the author or licensor (but not in any way that * suggests that they endorse you or your use of the work). * Noncommercial — You may not use this work for commercial purposes. * */ $wp_instance = new OC_wordpress(); // fill template $tmpl = new OC_Template('user_wordpress', 'settings'); foreach ($wp_instance->params as $param => $value) { $tmpl->assign($param, $value); } return $tmpl->fetchPage();
* @author Arthur Schiwon * @copyright 2011 Arthur Schiwon blizzz@arthur-schiwon.de * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE * License as published by the Free Software Foundation; either * version 3 of the License, or any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ require_once '../../lib/base.php'; // Check if we are a user OC_Util::checkLoggedIn(); OC_Util::checkAppEnabled('bookmarks'); require_once 'bookmarksHelper.php'; OC_App::setActiveNavigationEntry('bookmarks_index'); OC_Util::addScript('bookmarks', 'addBm'); OC_Util::addStyle('bookmarks', 'bookmarks'); $tmpl = new OC_Template('bookmarks', 'addBm', 'user'); $url = isset($_GET['url']) ? urldecode($_GET['url']) : ''; $metadata = getURLMetadata($url); $tmpl->assign('URL', htmlentities($metadata['url'])); $tmpl->assign('TITLE', htmlentities($metadata['title'])); $tmpl->printPage();
/** * create mail body for plain text and html mail * * @param string $password one-time encryption password * @return array an array of the html mail body and the plain text mail body */ protected function createMailBody($password) { $html = new \OC_Template("encryption", "mail", ""); $html->assign('password', $password); $htmlMail = $html->fetchPage(); $plainText = new \OC_Template("encryption", "altmail", ""); $plainText->assign('password', $password); $plainTextMail = $plainText->fetchPage(); return [$htmlMail, $plainTextMail]; }
return strcmp($a['name'], $b['name']); }); //links to clients $clients = array('desktop' => $config->getSystemValue('customclient_desktop', $defaults->getSyncClientUrl()), 'android' => $config->getSystemValue('customclient_android', $defaults->getAndroidClientUrl()), 'ios' => $config->getSystemValue('customclient_ios', $defaults->getiOSClientUrl())); // only show root certificate import if external storages are enabled $enableCertImport = false; $externalStorageEnabled = \OC::$server->getAppManager()->isEnabledForUser('files_external'); if ($externalStorageEnabled) { $backends = OC_Mount_Config::getPersonalBackends(); if (!empty($backends)) { $enableCertImport = true; } } // Return template $tmpl = new OC_Template('settings', 'personal', 'user'); $tmpl->assign('usage', OC_Helper::humanFileSize($storageInfo['used'])); $tmpl->assign('total_space', OC_Helper::humanFileSize($storageInfo['total'])); $tmpl->assign('usage_relative', $storageInfo['relative']); $tmpl->assign('clients', $clients); $tmpl->assign('email', $email); $tmpl->assign('languages', $languages); $tmpl->assign('commonlanguages', $commonlanguages); $tmpl->assign('activelanguage', $userLang); $tmpl->assign('passwordChangeSupported', OC_User::canUserChangePassword(OC_User::getUser())); $tmpl->assign('displayNameChangeSupported', OC_User::canUserChangeDisplayName(OC_User::getUser())); $tmpl->assign('displayName', OC_User::getDisplayName()); $tmpl->assign('enableAvatars', $config->getSystemValue('enable_avatars', true)); $tmpl->assign('avatarChangeSupported', OC_User::canUserChangeAvatar(OC_User::getUser())); $tmpl->assign('certs', $certificateManager->listCertificates()); $tmpl->assign('showCertificates', $enableCertImport); $tmpl->assign('urlGenerator', $urlGenerator);
$gids[] = $group['id']; } } $subadmins = false; } // load preset quotas $quotaPreset = $config->getAppValue('files', 'quota_preset', '1 GB, 5 GB, 10 GB'); $quotaPreset = explode(',', $quotaPreset); foreach ($quotaPreset as &$preset) { $preset = trim($preset); } $quotaPreset = array_diff($quotaPreset, array('default', 'none')); $defaultQuota = $config->getAppValue('files', 'default_quota', 'none'); $defaultQuotaIsUserDefined = array_search($defaultQuota, $quotaPreset) === false && array_search($defaultQuota, array('none', 'default')) === false; $tmpl = new OC_Template("settings", "users/main", "user"); $tmpl->assign('groups', $groups); $tmpl->assign('sortGroups', $sortGroupsBy); $tmpl->assign('adminGroup', $adminGroup); $tmpl->assign('isAdmin', (int) $isAdmin); $tmpl->assign('subadmins', $subadmins); $tmpl->assign('numofgroups', count($groups) + count($adminGroup)); $tmpl->assign('quota_preset', $quotaPreset); $tmpl->assign('default_quota', $defaultQuota); $tmpl->assign('defaultQuotaIsUserDefined', $defaultQuotaIsUserDefined); $tmpl->assign('recoveryAdminEnabled', $recoveryAdminEnabled); $tmpl->assign('enableAvatars', \OC::$server->getConfig()->getSystemValue('enable_avatars', true)); $tmpl->assign('show_storage_location', $config->getAppValue('core', 'umgmt_show_storage_location', 'false')); $tmpl->assign('show_last_login', $config->getAppValue('core', 'umgmt_show_last_login', 'false')); $tmpl->assign('show_email', $config->getAppValue('core', 'umgmt_show_email', 'false')); $tmpl->assign('show_backend', $config->getAppValue('core', 'umgmt_show_backend', 'false')); $tmpl->assign('send_email', $config->getAppValue('core', 'umgmt_send_email', 'false'));
/** * print error page using Exception details * @param Exception $exception */ public static function printExceptionErrorPage(Exception $exception) { $request = \OC::$server->getRequest(); $content = new \OC_Template('', 'exception', 'error', false); $content->assign('errorClass', get_class($exception)); $content->assign('errorMsg', $exception->getMessage()); $content->assign('errorCode', $exception->getCode()); $content->assign('file', $exception->getFile()); $content->assign('line', $exception->getLine()); $content->assign('trace', $exception->getTraceAsString()); $content->assign('debugMode', defined('DEBUG') && DEBUG === true); $content->assign('remoteAddr', $request->getRemoteAddress()); $content->assign('requestID', $request->getId()); $content->printPage(); die; }