verifyDir() public static method

This function verifies whether a given directory is below the root.
public static verifyDir ( string $dir ) : boolean
$dir string The directory to check.
return boolean True if the directory is below the root.
コード例 #1
0
ファイル: Auth.php プロジェクト: DSNS-LAB/Dmail
 /**
  * Authenticate to the backend.
  *
  * @param array $credentials  An array of login credentials. If empty,
  *                            attempts to login to the cached session.
  * <pre>
  * 'password' - (string) The user password.
  * 'backend' - (string) The backend key to use (from backends.php).
  * 'userId' - (string) The username.
  * </pre>
  *
  * @return mixed  If authentication was successful, and no session
  *                exists, an array of data to add to the session.
  *                Otherwise returns false.
  * @throws Horde_Auth_Exception
  */
 public static function authenticate($credentials = array())
 {
     $result = false;
     // Do 'horde' authentication.
     $gollem_app = $GLOBALS['registry']->getApiInstance('gollem', 'application');
     if (!empty($gollem_app->initParams['authentication']) && $gollem_app->initParams['authentication'] == 'horde') {
         if ($registry->getAuth()) {
             return $result;
         }
         throw new Horde_Auth_Exception('', Horde_Auth::REASON_FAILED);
     }
     // Load backend.
     if (!isset($credentials['backend_key'])) {
         $credentials['backend_key'] = self::getPreferredBackend();
     }
     $backend = self::getBackend($credentials['backend_key']);
     // Check for hordeauth.
     if ((!isset($credentials['userId']) || !isset($credentials['password'])) && !$GLOBALS['session']->exists('gollem', 'backend_key') && self::canAutoLogin($credentials['backend_key'])) {
         if (!empty($backend['hordeauth'])) {
             $credentials['userId'] = self::getAutologinID($credentials['backend_key']);
             $credentials['password'] = $GLOBALS['registry']->getAuthCredential('password');
         }
     }
     // Check for hardcoded backend credentials.
     if (!isset($credentials['userId']) && !empty($backend['params']['username'])) {
         $credentials['userId'] = $backend['params']['username'];
     }
     if (!isset($credentials['password']) && !empty($backend['params']['password'])) {
         $credentials['password'] = $backend['params']['password'];
     }
     if (!isset($credentials['userId']) || !isset($credentials['password'])) {
         throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN);
     }
     try {
         $vfs = $GLOBALS['injector']->getInstance('Gollem_Factory_Vfs')->create($credentials['backend_key']);
         $params = array('username' => $credentials['userId'], 'password' => $credentials['password']);
         foreach (array_keys($backend['loginparams']) as $param) {
             if (isset($credentials[$param])) {
                 $backend['params'][$param] = $params[$param] = $credentials[$param];
             }
         }
         $vfs->setParams($params);
         $vfs->checkCredentials();
     } catch (Horde_Exception $e) {
         throw new Horde_Auth_Exception($e->getMessage(), Horde_Auth::REASON_MESSAGE);
     }
     // Set current backend.
     Gollem::$backend =& $backend;
     // Mark backend as authenticated.
     $backend['auth'] = true;
     // Save username in backend configuration.
     if (!isset($backend['params']['username'])) {
         $backend['params']['username'] = $credentials['userId'];
     }
     if (!isset($backend['params']['password'])) {
         $backend['params']['password'] = $credentials['password'];
     }
     // Make sure we have a 'root' parameter.
     if (empty($backend['root'])) {
         $backend['root'] = '/';
     }
     $backend['root'] = Horde_Util::realPath($backend['root']);
     // Make sure we have a 'home' parameter.
     if (empty($backend['home'])) {
         $backend['home'] = empty($backend['params']['home']) ? $vfs->getCurrentDirectory() : $backend['params']['home'];
         if (empty($backend['home'])) {
             $backend['home'] = $backend['root'];
         }
     }
     // Make sure the home parameter lives under root if it is a relative
     // directory.
     if (strpos($backend['home'], '/') !== 0) {
         $backend['home'] = $backend['root'] . '/' . $backend['home'];
     }
     $backend['home'] = Horde_Util::realPath($backend['home']);
     $backend['dir'] = $backend['home'];
     // Verify that home is below root.
     if (!Gollem::verifyDir($backend['home'])) {
         throw new Horde_Auth_Exception('Backend Configuration Error: Home directory not below root.', Horde_Auth::REASON_MESSAGE);
     }
     // Create the home directory if it doesn't already exist.
     if ($backend['home'] != '/' && !empty($backend['createhome'])) {
         $pos = strrpos($backend['home'], '/');
         $cr_dir = substr($backend['home'], 0, $pos);
         $cr_file = substr($backend['home'], $pos + 1);
         if (!$vfs->exists($cr_dir, $cr_file)) {
             try {
                 $res = Gollem::createFolder($cr_dir, $cr_file, $vfs);
             } catch (Gollem_Exception $e) {
                 throw new Horde_Auth_Exception('Backend Configuration Error: Could not create home directory ' . $backend['home'] . ': ' . $e->getMessage(), Horde_Auth::REASON_MESSAGE);
             }
         }
     }
     // Write the backend to the session.
     $backends = self::_getBackends();
     $backends[$credentials['backend_key']] = $backend;
     self::_setBackends($backends);
     return array('backend_key' => $credentials['backend_key']);
 }