/** * Check if the password is correct without logging in the user * * @param string $uid The username * @param string $password The password * * @return true/false */ public function checkPassword($uid, $password) { $uidEscaped = escapeshellarg($uid); $password = escapeshellarg($password); $result = array(); $command = self::SMBCLIENT . ' //' . $this->host . '/dummy -U' . $uidEscaped . '%' . $password; $lastline = exec($command, $output, $retval); if ($retval === 127) { OCP\Util::writeLog('user_external', 'ERROR: smbclient executable missing', OCP\Util::ERROR); return false; } else { if (strpos($lastline, self::LOGINERROR) !== false) { //normal login error return false; } else { if (strpos($lastline, 'NT_STATUS_BAD_NETWORK_NAME') !== false) { //login on minor error goto login; } else { if ($retval != 0) { //some other error OCP\Util::writeLog('user_external', 'ERROR: smbclient error: ' . trim($lastline), OCP\Util::ERROR); return false; } else { login: $this->storeUser($uid); return $uid; } } } } }
/** * @brief Gets the VCard as an OC_VObject * @returns The card or null if the card could not be parsed. */ public static function getContactVCard($id) { $card = self::getContactObject($id); $vcard = OC_VObject::parse($card['carddata']); // Try to fix cards with missing 'N' field from pre ownCloud 4. Hot damn, this is ugly... if (!is_null($vcard) && !$vcard->__isset('N')) { $version = OCP\App::getAppVersion('contacts'); if ($version >= 5) { OCP\Util::writeLog('contacts', 'OC_Contacts_App::getContactVCard. Deprecated check for missing N field', OCP\Util::DEBUG); } OCP\Util::writeLog('contacts', 'getContactVCard, Missing N field', OCP\Util::DEBUG); if ($vcard->__isset('FN')) { OCP\Util::writeLog('contacts', 'getContactVCard, found FN field: ' . $vcard->__get('FN'), OCP\Util::DEBUG); $n = implode(';', array_reverse(array_slice(explode(' ', $vcard->__get('FN')), 0, 2))) . ';;;'; $vcard->setString('N', $n); OC_Contacts_VCard::edit($id, $vcard); } else { // Else just add an empty 'N' field :-P $vcard->setString('N', 'Unknown;Name;;;'); } } if (!is_null($vcard) && !isset($vcard->REV)) { $rev = new DateTime('@' . $card['lastmodified']); $vcard->setString('REV', $rev->format(DateTime::W3C)); } return $vcard; }
/** * Check if the password is correct without logging in the user * * @param string $uid The username * @param string $password The password * * @return true/false */ public function checkPassword($uid, $password) { if (!function_exists('imap_open')) { OCP\Util::writeLog('user_external', 'ERROR: PHP imap extension is not installed', OCP\Util::ERROR); return false; } // Check if we only want logins from ONE domain and strip the domain part from UID if ($this->domain != '') { $pieces = explode('@', $uid); if (count($pieces) == 1) { $username = $uid . "@" . $this->domain; } elseif (count($pieces) == 2 and $pieces[1] == $this->domain) { $username = $uid; $uid = $pieces[0]; } else { return false; } } else { $username = $uid; } $mbox = @imap_open($this->mailbox, $username, $password, OP_HALFOPEN, 1); imap_errors(); imap_alerts(); if ($mbox !== FALSE) { imap_close($mbox); $uid = mb_strtolower($uid); $this->storeUser($uid); return $uid; } else { return false; } }
/** * @brief Get the source file path and the permissions granted for a shared file * @param string Shared target file path * @return Returns array with the keys path and permissions or false if not found */ private function getFile($target) { $target = '/' . $target; $target = rtrim($target, '/'); if (isset($this->files[$target])) { return $this->files[$target]; } else { $pos = strpos($target, '/', 1); // Get shared folder name if ($pos !== false) { $folder = substr($target, 0, $pos); if (isset($this->files[$folder])) { $file = $this->files[$folder]; } else { $file = OCP\Share::getItemSharedWith('folder', $folder, OC_Share_Backend_File::FORMAT_SHARED_STORAGE); } if ($file) { $this->files[$target]['path'] = $file['path'] . substr($target, strlen($folder)); $this->files[$target]['permissions'] = $file['permissions']; return $this->files[$target]; } } else { $file = OCP\Share::getItemSharedWith('file', $target, OC_Share_Backend_File::FORMAT_SHARED_STORAGE); if ($file) { $this->files[$target] = $file; return $this->files[$target]; } } OCP\Util::writeLog('files_sharing', 'File source not found for: ' . $target, OCP\Util::ERROR); return false; } }
public static function writePhoto($params) { $path = $params[OC_Filesystem::signal_param_path]; if (self::isPhoto($path)) { OCP\Util::writeLog('gallery', 'updating thumbnail for ' . $path, OCP\Util::DEBUG); \OC\Pictures\ThumbnailsManager::getInstance()->getThumbnail($path); } }
function __construct($source) { $this->path = $source; $this->zip = new ZipArchive(); if ($this->zip->open($source, ZipArchive::CREATE)) { } else { OCP\Util::writeLog('files_archive', 'Error while opening archive ' . $source, OCP\Util::WARN); } }
/** * Get an layer * @NoAdminRequired * @NoCSRFRequired */ public function getlayer() { $layer = $this->params('layer') ? $this->params('layer') : null; if ($layer === "contacts") { if (\OCP\App::isEnabled('contacts')) { } else { OCP\Util::writeLog('maps', "App contacts missing for Maps", \OCP\Util::WARN); } } }
private function createUser($uid) { if (preg_match('/[^a-zA-Z0-9 _\\.@\\-]/', $uid)) { OCP\Util::writeLog('saml', 'Invalid username "' . $uid . '", allowed chars "a-zA-Z0-9" and "_.@-" ', OCP\Util::DEBUG); return false; } else { $random_password = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(64); OCP\Util::writeLog('user_openam', 'Creating new user: ' . $uid, OCP\Util::DEBUG); OC_User::createUser($uid, $random_password); return $uid; } }
public static function logout($parameters) { $samlBackend = new OC_USER_SAML(); if ($samlBackend->auth->isAuthenticated()) { OCP\Util::writeLog('saml', 'Executing SAML logout', OCP\Util::DEBUG); unset($_COOKIE["SimpleSAMLAuthToken"]); setcookie('SimpleSAMLAuthToken', '', time() - 3600, \OC::$WEBROOT); setcookie('SimpleSAMLAuthToken', '', time() - 3600, \OC::$WEBROOT . '/'); $samlBackend->auth->logout(); } return true; }
function debug($msg, $tracelevel = 0, $debuglevel = OCP\Util::DEBUG) { if (PHP_VERSION >= "5.4") { $call = debug_backtrace(false, $tracelevel + 1); } else { $call = debug_backtrace(false); } $call = $call[$tracelevel]; if ($debuglevel !== false) { OCP\Util::writeLog('contacts', $call['file'] . '. Line: ' . $call['line'] . ': ' . $msg, $debuglevel); } }
public function checkPassword($uid, $password) { if (!phpCAS::forceAuthentication()) { return false; } $uid = phpCAS::getUser(); if ($uid === false) { OCP\Util::writeLog('user_cas', 'phpCAS return no user !', OCP\Util::ERROR); return false; } return $uid; }
function shutdown() { $l = OC_L10N::get('news'); $error = error_get_last(); if ($error['type'] & (E_ERROR | E_COMPILE_ERROR | E_CORE_ERROR)) { //all fatal errors if (strpos($error['message'], 'get_uri')) { //handle a fatal error caused by a SimplePie bug (https://github.com/simplepie/simplepie/issues/214) OCP\Util::writeLog('news', 'ajax/createfeed.php: Fatal error:' . $error['message'], OCP\Util::ERROR); exit; } } }
public function checkPassword($uid, $assertion) { if ($this->_isPersonaRequest) { $email = OCA\User_persona\Validator::Validate($assertion); if ($email) { return OCA\User_persona\Policy::apply($email, $uid); } //we've got incorrect assertion OCP\Util::writeLog('OC_USER_PERSONA', 'Validation failed. Incorrect Assertion.', OCP\Util::DEBUG); OCP\JSON::error(array('msg' => 'Incorrect Assertion')); exit; } return false; }
/** * @brief returns informations about an event * @param int $id - id of the event * @param bool $security - check access rights or not * @param bool $shared - check if the user got access via sharing * @return mixed - bool / array */ public static function getEventObject($id, $security = true, $shared = false) { $event = OC_Calendar_Object::find($id); if ($shared === true || $security === true) { $permissions = self::getPermissions($id, self::EVENT); OCP\Util::writeLog('contacts', __METHOD__ . ' id: ' . $id . ', permissions: ' . $permissions, OCP\Util::DEBUG); if (self::getPermissions($id, self::EVENT)) { return $event; } } else { return $event; } return false; }
public static function changePassword($aParams) { if (isset($aParams['uid'], $aParams['password'])) { $sUser = $aParams['uid']; $sEmail = $sUser; $sPassword = $aParams['password']; $sUrl = trim(OCP\Config::getAppValue('rainloop', 'rainloop-url', '')); $sPath = trim(OCP\Config::getAppValue('rainloop', 'rainloop-path', '')); if ('' !== $sUrl && '' !== $sPath) { OCP\Util::writeLog('rainloop', 'rainloop|login: Setting new RainLoop password for ' . $sEmail, OCP\Util::DEBUG); $sPassword = self::encodePassword($sPassword, md5($sEmail)); return OCP\Config::setUserValue($sUser, 'rainloop', 'rainloop-password', $sPassword); } } return false; }
/** * Check if the password is correct without logging in the user * * @param string $uid The username * @param string $password The password * * @return true/false */ public function checkPassword($uid, $password) { if (false === array_search($this->protocol, stream_get_wrappers())) { OCP\Util::writeLog('user_external', 'ERROR: Stream wrapper not available: ' . $this->protocol, OCP\Util::ERROR); return false; } // opendir handles the as %-encoded string, but this is not true for usernames and passwords, encode them before passing them $url = sprintf('%s://%s:%s@%s/', $this->protocol, urlencode($uid), urlencode($password), $this->host); $result = @opendir($url); if (is_resource($result)) { $this->storeUser($uid); return $uid; } else { return false; } }
public function stream_read($count) { //$count will always be 8192 https://bugs.php.net/bug.php?id=21641 //This makes this function a lot simpler but will breake everything the moment it's fixed $this->writeCache = ''; if ($count != 8192) { OCP\Util::writeLog('files_encryption', 'php bug 21641 no longer holds, decryption will not work', OCP\Util::FATAL); die; } $data = fread($this->source, 8192); if (strlen($data)) { $result = OC_Crypt::decrypt($data); } else { $result = ''; } return $result; }
/** * Check if the password is correct without logging in the user * * @param string $uid The username * @param string $password The password * * @return true/false */ public function checkPassword($uid, $password) { if (!function_exists('imap_open')) { OCP\Util::writeLog('user_external', 'ERROR: PHP imap extension is not installed', OCP\Util::ERROR); return false; } $mbox = @imap_open($this->mailbox, $uid, $password, OP_HALFOPEN); imap_errors(); imap_alerts(); if ($mbox !== FALSE) { imap_close($mbox); $this->storeUser($uid); return $uid; } else { return false; } }
function curl_exec_follow($ch, &$maxredirect = null) { $mr = $maxredirect === null ? 5 : intval($maxredirect); if (ini_get('open_basedir') == '' && ini_get('safe_mode' == 'Off')) { curl_setopt($ch, CURLOPT_FOLLOWLOCATION, $mr > 0); curl_setopt($ch, CURLOPT_MAXREDIRS, $mr); } else { curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); if ($mr > 0) { $newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL); $rch = curl_copy_handle($ch); curl_setopt($ch, CURLOPT_USERAGENT, "Owncloud Bookmark Crawl"); curl_setopt($rch, CURLOPT_HEADER, true); curl_setopt($rch, CURLOPT_NOBODY, true); curl_setopt($rch, CURLOPT_FORBID_REUSE, false); curl_setopt($rch, CURLOPT_RETURNTRANSFER, true); do { curl_setopt($rch, CURLOPT_URL, $newurl); $header = curl_exec($rch); if (curl_errno($rch)) { $code = 0; } else { $code = curl_getinfo($rch, CURLINFO_HTTP_CODE); if ($code == 301 || $code == 302) { preg_match('/Location:(.*?)\\n/', $header, $matches); $newurl = trim(array_pop($matches)); } else { $code = 0; } } } while ($code && --$mr); curl_close($rch); if (!$mr) { if ($maxredirect === null) { OCP\Util::writeLog('bookmark', 'Too many redirects. When following redirects, libcurl hit the maximum amount on bookmark', OCP\Util::ERROR); } else { $maxredirect = 0; } return false; } curl_setopt($ch, CURLOPT_URL, $newurl); } } return curl_exec($ch); }
/** * Check if roundcube table exists in the current database. * * @return bool TRUE if table exists, FALSE if no table found. */ public static function tableExists() { OCP\Util::writeLog('roundcube', 'OC_RoundCube_DB_Util.class.php: ' . 'Checking if roundcube table exists.', OCP\Util::DEBUG); // Try a select statement against the table // Run it in try/catch in case PDO is in ERRMODE_EXCEPTION. try { $sql = 'SELECT * FROM `*PREFIX*roundcube` LIMIT 1'; OCP\Util::writeLog('roundcube', 'OC_RoundCube_DB_Util.class.php: ' . 'Used SQL: ' . $sql, OCP\Util::DEBUG); $query = \OCP\DB::prepare($sql); $result = $query->execute(); } catch (Exception $e) { // We got an exception == table not found OCP\Util::writeLog('roundcube', 'OC_RoundCube_DB_Util.class.php: ' . 'Table roundcube does not exists. ' . $e, OCP\Util::DEBUG); return false; } OCP\Util::writeLog('roundcube', 'OC_RoundCube_DB_Util.class.php: ' . 'Table roundcube exists.', OCP\Util::DEBUG); return true; }
/** * @method import * @brief Imports all data from a given resource into this apps storage areas * @author Christian Reiner */ function import ( ) { OCP\Util::writeLog ( 'shorty','Starting data migration import for Shorty', OCP\Util::INFO ); switch( $this->appinfo->version ) { default: $query = $this->content->prepare( "SELECT * FROM shorty WHERE user LIKE ?" ); $result = $query->execute( array( $this->olduid ) ); if (is_array(is_array($result))) { while( $row = $result->fetchRow() ) { $param = array ( 'id' => $row['id'], 'status' => $row['status'], 'title' => $row['title'], 'favicon' => $row['favicon'], 'source' => $row['source'], 'target' => $row['target'], 'user' => $row['user'], 'until' => $row['until'], 'created' => $row['created'], 'accessed' => $row['accessed'], 'clicks' => $row['clicks'], 'notes' => $row['notes'], ); // import each shorty one by one, no special treatment required, since no autoincrement id is used $query = OCP\DB::prepare( sprintf ( "INSERT INTO *PREFIX*shorty(%s) VALUES (%s)", implode(',',array_keys($param)), implode(',',array_fill(0,count($param),'?')) ) ); $query->execute( $param ); } // while } // if break; } // switch // check for success by counting the generated entries $count = OC_Shorty_Tools::countShortys(); if( (is_array($result) && is_array($count)) && (count($result)==$count['sum_shortys']) ) return true; else return false; } // function import
private function getWeatherData($unit) { if ($this->city != "") { $additionalParameter = ""; if ($unit == "c") { $additionalParameter .= "&units=metric"; } $url = $this->basicUrl . $this->city . $this->fixUrlParameter . $additionalParameter; //OCP\Util::writeLog('ocDashboard',"openweather xml url: ".$url, \OCP\Util::DEBUG); $reader = new XMLReader(); $reader->open($url); $data = array(); while ($reader->read()) { if ($reader->nodeType == XMLReader::ELEMENT) { if (isset($this->xmlNodeAttributes[$reader->name])) { $n = 0; while (isset($data[$n][$reader->name])) { $n++; } foreach ($this->xmlNodeAttributes[$reader->name] as $key) { $data[$n][$reader->name][$key] = $reader->getAttribute($key); } if (in_array($reader->name, $this->xmlAddUnit)) { $data[$n][$reader->name]['unit'] = $this->getUnit($reader->name, $unit); } } else { if (isset($this->xmlNodeValueKeys[$reader->name])) { $data[$reader->name] = $reader->readInnerXml(); } } } } $reader->close(); if (count($data) > 0) { $this->weatherData = $data; } else { OCP\Util::writeLog('ocDashboard', "openweather - could not fetch data for " . $this->city, \OCP\Util::ERROR); $this->errorMsg = $this->l->t("Could not fetch data for \"%s\".<br>Please try another value.<br><a href='%s'>» settings</a>", array($this->city, \OCP\Util::linkToRoute('settings_personal'))); } } }
private function getXml() { $code = ""; $code = OCP\Config::getUserValue($this->user, "ocDashboard", "ocDashboard_weather_city"); if (!isset($code) || $code == "" || !is_numeric($code)) { $this->errorMsg = "The city code is not valid."; return false; } else { $unit = OCP\Config::getUserValue($this->user, "ocDashboard", "ocDashboard_weather_unit", $this->getDefaultValue('unit')); $url = $this->cityUrl; $url = str_replace("###unit###", $unit, $url); $url = str_replace("###code###", $code, $url); $con = @file_get_contents($url); if ($con != "" && strlen($con) > 500) { $this->xml = new SimpleXMLElement($con); return true; } else { OCP\Util::writeLog('ocDashboard', "Weather coul not load: " . $url, \OCP\Util::WARN); $this->errorMsg = "The city code is not valid."; return false; } } }
public function checkPassword( $uid, $password ) { $arr = explode('://', $this->webdavauth_url, 2); if( ! isset($arr) OR count($arr) !== 2) { OCP\Util::writeLog('OC_USER_WEBDAVAUTH', 'Invalid Url: "'.$this->webdavauth_url.'" ', 3); return false; } list($webdavauth_protocol, $webdavauth_url_path) = $arr; $url= $webdavauth_protocol.'://'.urlencode($uid).':'.urlencode($password).'@'.$webdavauth_url_path; $headers = get_headers($url); if($headers==false) { OCP\Util::writeLog('OC_USER_WEBDAVAUTH', 'Not possible to connect to WebDAV Url: "'.$webdavauth_protocol.'://'.$webdavauth_url_path.'" ', 3); return false; } $returncode= substr($headers[0], 9, 3); if(substr($returncode, 0, 1) === '2') { return $uid; } else { return false; } }
/** * Check if the password is correct without logging in the user * * @param string $uid The username * @param string $password The password * * @return true/false */ public function checkPassword($uid, $password) { $user = OC_DB::executeAudited( 'SELECT * FROM `*PREFIX*users`' . ' WHERE `uid` = ?', array($uid) )->fetchRow(); OCP\Util::writeLog('user_external', 'LOG: $user is now:'.print_r($user)); $Hasher = new PasswordHash(8, false); $hashed_password = $Hasher->HashPassword($password); if($hashed_password === $user['password']){ $uid=mb_strtolower($uid); $this->storeUser($uid); return $uid; }else{ return false; } /* if (!function_exists('imap_open')) { OCP\Util::writeLog('user_external', 'ERROR: PHP imap extension is not installed', OCP\Util::ERROR); return false; } $mbox = @imap_open($this->mailbox, $uid, $password, OP_HALFOPEN, 1); imap_errors(); imap_alerts(); if($mbox !== FALSE) { imap_close($mbox); $uid = mb_strtolower($uid); $this->storeUser($uid); return $uid; }else{ return false; }*/ }
function debug($msg) { OCP\Util::writeLog('contacts', 'ajax/categories/delete.php: ' . $msg, OCP\Util::DEBUG); }
/** * @brief Move card(s) to an address book * @param integer $aid Address book id * @param $id Array or integer of cards to be moved. * @return boolean * */ public static function moveToAddressBook($aid, $id) { OC_Contacts_App::getAddressbook($aid); // check for user ownership. if (is_array($id)) { $id_sql = join(',', array_fill(0, count($id), '?')); $prep = 'UPDATE *PREFIX*contacts_cards SET addressbookid = ? WHERE id IN (' . $id_sql . ')'; try { $stmt = OCP\DB::prepare($prep); //$aid = array($aid); $vals = array_merge((array) $aid, $id); $result = $stmt->execute($vals); } catch (Exception $e) { OCP\Util::writeLog('contacts', 'OC_Contacts_VCard::moveToAddressBook:, exception: ' . $e->getMessage(), OCP\Util::DEBUG); OCP\Util::writeLog('contacts', 'OC_Contacts_VCard::moveToAddressBook, ids: ' . join(',', $vals), OCP\Util::DEBUG); OCP\Util::writeLog('contacts', 'SQL:' . $prep, OCP\Util::DEBUG); return false; } } else { try { $stmt = OCP\DB::prepare('UPDATE *PREFIX*contacts_cards SET addressbookid = ? WHERE id = ?'); $result = $stmt->execute(array($aid, $id)); } catch (Exception $e) { OCP\Util::writeLog('contacts', 'OC_Contacts_VCard::moveToAddressBook:, exception: ' . $e->getMessage(), OCP\Util::DEBUG); OCP\Util::writeLog('contacts', 'OC_Contacts_VCard::moveToAddressBook, id: ' . $id, OCP\Util::DEBUG); return false; } } OC_Contacts_Addressbook::touch($aid); return true; }
$userDirectory = '/' . OCP\USER::getUser() . '/files'; $sources = explode(';', $_POST['sources']); $uid_shared_with = $_POST['uid_shared_with']; $permissions = $_POST['permissions']; foreach ($sources as $source) { $file = OC_FileCache::get($source); $path = ltrim($source, '/'); $source = $userDirectory . $source; // Check if the file exists or if the file is being reshared if ($source && $file['encrypted'] == false && (OC_FILESYSTEM::file_exists($path) && OC_FILESYSTEM::is_readable($path) || OC_Share::getSource($source))) { try { $shared = new OC_Share($source, $uid_shared_with, $permissions); // If this is a private link, return the token if ($uid_shared_with == OC_Share::PUBLICLINK) { OCP\JSON::success(array('data' => $shared->getToken())); } else { OCP\JSON::success(); } } catch (Exception $exception) { OCP\Util::writeLog('files_sharing', 'Unexpected Error : ' . $exception->getMessage(), OCP\Util::ERROR); OCP\JSON::error(array('data' => array('message' => $exception->getMessage()))); } } else { if ($file['encrypted'] == true) { OCP\JSON::error(array('data' => array('message' => 'Encrypted files cannot be shared'))); } else { OCP\Util::writeLog('files_sharing', 'File does not exist or is not readable :' . $source, OCP\Util::ERROR); OCP\JSON::error(array('data' => array('message' => 'File does not exist or is not readable'))); } } }
private function createUser($uid) { if (preg_match('/[^a-zA-Z0-9 _\\.@\\-]/', $uid)) { OCP\Util::writeLog('saml', 'Invalid username "' . $uid . '", allowed chars "a-zA-Z0-9" and "_.@-" ', OCP\Util::DEBUG); return false; } else { $random_password = \OC_Util::generateRandomBytes(64); OCP\Util::writeLog('saml', 'Creating new user: ' . $uid, OCP\Util::DEBUG); OC_User::createUser($uid, $random_password); return $uid; } }
* ownCloud - Addressbook * * @author Thomas Tanghus * @copyright 2012 Thomas Tanghus <*****@*****.**> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE * License as published by the Free Software Foundation; either * version 3 of the License, or any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Affero General Public * License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ // Init owncloud // Check if we are a user OCP\JSON::checkLoggedIn(); OCP\JSON::checkAppEnabled('contacts'); $tmp_path = $_GET['tmp_path']; $id = $_GET['id']; OCP\Util::writeLog('contacts', 'ajax/cropphoto.php: tmp_path: ' . $tmp_path . ', exists: ' . file_exists($tmp_path), OCP\Util::DEBUG); $tmpl = new OCP\Template("contacts", "part.cropphoto"); $tmpl->assign('tmp_path', $tmp_path); $tmpl->assign('id', $id); $page = $tmpl->fetchPage(); OCP\JSON::success(array('data' => array('page' => $page)));