public function __construct() { $baseUrl = OC_Helper::linkTo('', 'index.php'); $method = $_SERVER['REQUEST_METHOD']; $host = OC_Request::serverHost(); $schema = OC_Request::serverProtocol(); $this->context = new RequestContext($baseUrl, $method, $host, $schema); // TODO cache $this->root = $this->getCollection('root'); }
/** * runs the update actions in maintenance mode, does not upgrade the source files * except the main .htaccess file * * @param string $currentVersion current version to upgrade to * @param string $installedVersion previous version from which to upgrade from * * @throws \Exception * @return bool true if the operation succeeded, false otherwise */ private function doUpgrade($currentVersion, $installedVersion) { // Stop update if the update is over several major versions if (!self::isUpgradePossible($installedVersion, $currentVersion)) { throw new \Exception('Updates between multiple major versions are unsupported.'); } // Update htaccess files for apache hosts if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) { \OC_Setup::updateHtaccess(); } // create empty file in data dir, so we can later find // out that this is indeed an ownCloud data directory // (in case it didn't exist before) file_put_contents(\OC_Config::getValue('datadirectory', \OC::$SERVERROOT . '/data') . '/.ocdata', ''); /* * START CONFIG CHANGES FOR OLDER VERSIONS */ if (!\OC::$CLI && version_compare($installedVersion, '6.90.1', '<')) { // Add the trusted_domains config if it is not existant // This is added to prevent host header poisoning \OC_Config::setValue('trusted_domains', \OC_Config::getValue('trusted_domains', array(\OC_Request::serverHost()))); } /* * STOP CONFIG CHANGES FOR OLDER VERSIONS */ // pre-upgrade repairs $repair = new \OC\Repair(\OC\Repair::getBeforeUpgradeRepairSteps()); $repair->run(); // simulate DB upgrade if ($this->simulateStepEnabled) { $this->checkCoreUpgrade(); // simulate apps DB upgrade $this->checkAppUpgrade($currentVersion); } // upgrade from OC6 to OC7 // TODO removed it again for OC8 $sharePolicy = \OC_Appconfig::getValue('core', 'shareapi_share_policy', 'global'); if ($sharePolicy === 'groups_only') { \OC_Appconfig::setValue('core', 'shareapi_only_share_with_group_members', 'yes'); } if ($this->updateStepEnabled) { $this->doCoreUpgrade(); $disabledApps = \OC_App::checkAppsRequirements(); if (!empty($disabledApps)) { $this->emit('\\OC\\Updater', 'disabledApps', array($disabledApps)); } $this->doAppUpgrade(); // post-upgrade repairs $repair = new \OC\Repair(\OC\Repair::getRepairSteps()); $repair->run(); //Invalidate update feed \OC_Appconfig::setValue('core', 'lastupdatedat', 0); // only set the final version if everything went well \OC_Config::setValue('version', implode('.', \OC_Util::getVersion())); } }
public function testServerHost() { OC_Config::deleteKey('overwritecondaddr'); OC_Config::setValue('overwritehost', 'overwritten.host:8080'); OC_Config::setValue('trusted_domains', array('trusted.host:8080', 'second.trusted.host:8080')); $_SERVER['HTTP_HOST'] = 'trusted.host:8080'; // CLI always gives localhost $oldCLI = OC::$CLI; OC::$CLI = true; $host = OC_Request::serverHost(); $this->assertEquals('localhost', $host); OC::$CLI = false; // overwritehost overrides trusted domain $host = OC_Request::serverHost(); $this->assertEquals('overwritten.host:8080', $host); // trusted domain returned when used OC_Config::deleteKey('overwritehost'); $host = OC_Request::serverHost(); $this->assertEquals('trusted.host:8080', $host); // trusted domain returned when untrusted one in header $_SERVER['HTTP_HOST'] = 'untrusted.host:8080'; OC_Config::deleteKey('overwritehost'); $host = OC_Request::serverHost(); $this->assertEquals('trusted.host:8080', $host); // clean up OC_Config::deleteKey('overwritecondaddr'); OC_Config::deleteKey('overwritehost'); unset($_SERVER['HTTP_HOST']); OC::$CLI = $oldCLI; }
public static function checkSSL() { // redirect to https site if configured if (OC_Config::getValue("forcessl", false)) { header('Strict-Transport-Security: max-age=31536000'); ini_set("session.cookie_secure", "on"); if (OC_Request::serverProtocol() != 'https' and !OC::$CLI) { $url = "https://" . OC_Request::serverHost() . OC_Request::requestUri(); header("Location: {$url}"); exit; } } else { // Invalidate HSTS headers if (OC_Request::serverProtocol() === 'https') { header('Strict-Transport-Security: max-age=0'); } } }
public static function checkSSL() { // redirect to https site if configured if (\OC::$server->getSystemConfig()->getValue('forcessl', false)) { // Default HSTS policy $header = 'Strict-Transport-Security: max-age=31536000'; // If SSL for subdomains is enabled add "; includeSubDomains" to the header if(\OC::$server->getSystemConfig()->getValue('forceSSLforSubdomains', false)) { $header .= '; includeSubDomains'; } header($header); ini_set('session.cookie_secure', 'on'); if (OC_Request::serverProtocol() <> 'https' and !OC::$CLI) { $url = 'https://' . OC_Request::serverHost() . OC_Request::requestUri(); header("Location: $url"); exit(); } } else { // Invalidate HSTS headers if (OC_Request::serverProtocol() === 'https') { header('Strict-Transport-Security: max-age=0'); } } }
/** * Refreshs the roundcube HTTP session * @return boolean true if refresh was successfull, otherwise false */ public static function refresh() { try { OCP\Util::writeLog('roundcube', 'OC_RoundCube_AuthHelper.class.php->refresh(): Preparing refresh for roundcube', OCP\Util::DEBUG); $maildir = OCP\Config::getAppValue('roundcube', 'maildir', ''); $rc_host = OCP\Config::getAppValue('roundcube', 'rcHost', ''); if ($rc_host == '') { $rc_host = OC_Request::serverHost(); } $rc_port = OCP\Config::getAppValue('roundcube', 'rcPort', ''); OC_RoundCube_App::refresh($rc_host, $rc_port, $maildir); OCP\Util::writeLog('roundcube', 'OC_RoundCube_AuthHelper.class.php->refresh(): Finished refresh for roundcube', OCP\Util::DEBUG); return true; } catch (Exception $e) { // We got an exception during login/refresh OCP\Util::writeLog('roundcube', 'OC_RoundCube_AuthHelper.class.php: ' . 'Login error during refresh.' . $e, OCP\Util::DEBUG); return false; } }
public static function install($options) { $l = self::getTrans(); $error = array(); $dbtype = $options['dbtype']; if (empty($options['adminlogin'])) { $error[] = $l->t('Set an admin username.'); } if (empty($options['adminpass'])) { $error[] = $l->t('Set an admin password.'); } if (empty($options['directory'])) { $options['directory'] = OC::$SERVERROOT . "/data"; } if (!isset(self::$dbSetupClasses[$dbtype])) { $dbtype = 'sqlite'; } $class = self::$dbSetupClasses[$dbtype]; $dbSetup = new $class(self::getTrans(), 'db_structure.xml'); $error = array_merge($error, $dbSetup->validate($options)); if (count($error) != 0) { return $error; } //no errors, good $username = htmlspecialchars_decode($options['adminlogin']); $password = htmlspecialchars_decode($options['adminpass']); $datadir = htmlspecialchars_decode($options['directory']); if (isset($options['trusted_domains']) && is_array($options['trusted_domains'])) { $trustedDomains = $options['trusted_domains']; } else { $trustedDomains = array(OC_Request::serverHost()); } if (OC_Util::runningOnWindows()) { $datadir = rtrim(realpath($datadir), '\\'); } //use sqlite3 when available, otherise sqlite2 will be used. if ($dbtype == 'sqlite' and class_exists('SQLite3')) { $dbtype = 'sqlite3'; } //generate a random salt that is used to salt the local user passwords $salt = OC_Util::generateRandomBytes(30); OC_Config::setValue('passwordsalt', $salt); //write the config file OC_Config::setValue('trusted_domains', $trustedDomains); OC_Config::setValue('datadirectory', $datadir); OC_Config::setValue('dbtype', $dbtype); OC_Config::setValue('version', implode('.', OC_Util::getVersion())); try { $dbSetup->initialize($options); $dbSetup->setupDatabase($username); } catch (DatabaseSetupException $e) { $error[] = array('error' => $e->getMessage(), 'hint' => $e->getHint()); return $error; } catch (Exception $e) { $error[] = array('error' => 'Error while trying to create admin user: '******'hint' => ''); return $error; } //create the user and group try { OC_User::createUser($username, $password); } catch (Exception $exception) { $error[] = $exception->getMessage(); } if (count($error) == 0) { OC_Appconfig::setValue('core', 'installedat', microtime(true)); OC_Appconfig::setValue('core', 'lastupdatedat', microtime(true)); OC_AppConfig::setValue('core', 'remote_core.css', '/core/minimizer.php'); OC_AppConfig::setValue('core', 'remote_core.js', '/core/minimizer.php'); OC_Group::createGroup('admin'); OC_Group::addToGroup($username, 'admin'); OC_User::login($username, $password); //guess what this does OC_Installer::installShippedApps(); // create empty file in data dir, so we can later find // out that this is indeed an ownCloud data directory file_put_contents(OC_Config::getValue('datadirectory', OC::$SERVERROOT . '/data') . '/.ocdata', ''); //create htaccess files for apache hosts if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) { self::createHtaccess(); } //and we are done OC_Config::setValue('installed', true); } return $error; }
/** * Makes an URL absolute * @param string $url the url in the ownCloud host * @return string the absolute version of the url */ public function getAbsoluteURL($url) { $separator = $url[0] === '/' ? '' : '/'; if (\OC::$CLI && !defined('PHPUNIT_RUN')) { return rtrim($this->config->getSystemValue('overwrite.cli.url'), '/') . '/' . ltrim($url, '/'); } // The ownCloud web root can already be prepended. $webRoot = substr($url, 0, strlen(\OC::$WEBROOT)) === \OC::$WEBROOT ? '' : \OC::$WEBROOT; return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $webRoot . $separator . $url; }
public static function checkSSL() { // redirect to https site if configured if (OC_Config::getValue("forcessl", false)) { ini_set("session.cookie_secure", "on"); if (OC_Request::serverProtocol() != 'https' and !OC::$CLI) { $url = "https://" . OC_Request::serverHost() . $_SERVER['REQUEST_URI']; header("Location: {$url}"); exit; } } }
<?php // Init owncloud // Check if we are a user OCP\JSON::checkLoggedIn(); OCP\JSON::checkAppEnabled('roundcube'); // CSRF checks OCP\JSON::callCheck(); $l = new OC_L10N('roundcube'); if (isset($_POST['appname']) && $_POST['appname'] == "roundcube") { $ocUser = OCP\User::getUser(); $result = OC_RoundCube_App::cryptEmailIdentity($ocUser, $_POST['rc_mail_username'], $_POST['rc_mail_password']); if ($result) { // update login credentials $maildir = OCP\Config::getAppValue('roundcube', 'maildir', ''); $rc_host = OCP\Config::getAppValue('roundcube', 'rcHost', ''); if ($rc_host == '') { $rc_host = OC_Request::serverHost(); } $rc_port = OCP\Config::getAppValue('roundcube', 'rcPort', null); OC_RoundCube_App::login($rc_host, $rc_port, $maildir, $_POST['rc_mail_username'], $_POST['rc_mail_password']); } else { OC_JSON::error(array("data" => array("message" => $l->t("Unable to store email credentials in the data-base.")))); return false; } } else { OC_JSON::error(array("data" => array("message" => $l->t("Not submitted for us.")))); return false; } OCP\JSON::success(array('data' => array('message' => $l->t('Email-user credentials successfully stored.')))); return true;
/** * Makes an URL absolute * @param string $url the url in the owncloud host * @return string the absolute version of the url */ public function getAbsoluteURL($url) { $separator = $url[0] === '/' ? '' : '/'; // The ownCloud web root can already be prepended. $webRoot = substr($url, 0, strlen(\OC::$WEBROOT)) === \OC::$WEBROOT ? '' : \OC::$WEBROOT; return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $webRoot . $separator . $url; }
/** * runs the update actions in maintenance mode, does not upgrade the source files * except the main .htaccess file * * @param string $currentVersion current version to upgrade to * @param string $installedVersion previous version from which to upgrade from * * @return bool true if the operation succeeded, false otherwise */ private function doUpgrade($currentVersion, $installedVersion) { // Update htaccess files for apache hosts if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) { \OC_Setup::updateHtaccess(); } // create empty file in data dir, so we can later find // out that this is indeed an ownCloud data directory // (in case it didn't exist before) file_put_contents(\OC_Config::getValue('datadirectory', \OC::$SERVERROOT . '/data') . '/.ocdata', ''); /* * START CONFIG CHANGES FOR OLDER VERSIONS */ if (!\OC::$CLI && version_compare($installedVersion, '6.90.1', '<')) { // Add the trusted_domains config if it is not existant // This is added to prevent host header poisoning \OC_Config::setValue('trusted_domains', \OC_Config::getValue('trusted_domains', array(\OC_Request::serverHost()))); } /* * STOP CONFIG CHANGES FOR OLDER VERSIONS */ // pre-upgrade repairs $repair = new \OC\Repair(\OC\Repair::getBeforeUpgradeRepairSteps()); $repair->run(); // simulate DB upgrade if ($this->simulateStepEnabled) { // simulate core DB upgrade \OC_DB::simulateUpdateDbFromStructure(\OC::$SERVERROOT . '/db_structure.xml'); // simulate apps DB upgrade $version = \OC_Util::getVersion(); $apps = \OC_App::getEnabledApps(); foreach ($apps as $appId) { $info = \OC_App::getAppInfo($appId); if (\OC_App::isAppCompatible($version, $info) && \OC_App::shouldUpgrade($appId)) { if (file_exists(\OC_App::getAppPath($appId) . '/appinfo/database.xml')) { \OC_DB::simulateUpdateDbFromStructure(\OC_App::getAppPath($appId) . '/appinfo/database.xml'); } } } $this->emit('\\OC\\Updater', 'dbSimulateUpgrade'); } // upgrade from OC6 to OC7 // TODO removed it again for OC8 $sharePolicy = \OC_Appconfig::getValue('core', 'shareapi_share_policy', 'global'); if ($sharePolicy === 'groups_only') { \OC_Appconfig::setValue('core', 'shareapi_only_share_with_group_members', 'yes'); } if ($this->updateStepEnabled) { // do the real upgrade \OC_DB::updateDbFromStructure(\OC::$SERVERROOT . '/db_structure.xml'); $this->emit('\\OC\\Updater', 'dbUpgrade'); // TODO: why not do this at the end ? \OC_Config::setValue('version', implode('.', \OC_Util::getVersion())); $disabledApps = \OC_App::checkAppsRequirements(); if (!empty($disabledApps)) { $this->emit('\\OC\\Updater', 'disabledApps', array($disabledApps)); } // load all apps to also upgrade enabled apps \OC_App::loadApps(); // post-upgrade repairs $repair = new \OC\Repair(\OC\Repair::getRepairSteps()); $repair->run(); //Invalidate update feed \OC_Appconfig::setValue('core', 'lastupdatedat', 0); } }
/** * Makes an URL absolute * @param string $url the url in the owncloud host * @return string the absolute version of the url */ public function getAbsoluteURL($url) { $separator = $url[0] === '/' ? '' : '/'; return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $separator . $url; }
/** * runs the update actions in maintenance mode, does not upgrade the source files */ public function upgrade() { \OC_DB::enableCaching(false); \OC_Config::setValue('maintenance', true); $installedVersion = \OC_Config::getValue('version', '0.0.0'); $currentVersion = implode('.', \OC_Util::getVersion()); if ($this->log) { $this->log->debug('starting upgrade from ' . $installedVersion . ' to ' . $currentVersion, array('app' => 'core')); } $this->emit('\\OC\\Updater', 'maintenanceStart'); // create empty file in data dir, so we can later find // out that this is indeed an ownCloud data directory // (in case it didn't exist before) file_put_contents(\OC_Config::getValue('datadirectory', \OC::$SERVERROOT . '/data') . '/.ocdata', ''); /* * START CONFIG CHANGES FOR OLDER VERSIONS */ if (!\OC::$CLI && version_compare($installedVersion, '6.00.4', '<')) { // Add the trusted_domains config if it is not existant // This is added to prevent host header poisoning \OC_Config::setValue('trusted_domains', \OC_Config::getValue('trusted_domains', array(\OC_Request::serverHost()))); } /* * STOP CONFIG CHANGES FOR OLDER VERSIONS */ try { \OC_DB::updateDbFromStructure(\OC::$SERVERROOT . '/db_structure.xml'); $this->emit('\\OC\\Updater', 'dbUpgrade'); // do a file cache upgrade for users with files // this can take loooooooooooooooooooooooong $this->upgradeFileCache(); } catch (\Exception $exception) { $this->emit('\\OC\\Updater', 'failure', array($exception->getMessage())); } \OC_Config::setValue('version', implode('.', \OC_Util::getVersion())); \OC_App::checkAppsRequirements(); // load all apps to also upgrade enabled apps \OC_App::loadApps(); $repair = new Repair(); $repair->run(); //Invalidate update feed \OC_Appconfig::setValue('core', 'lastupdatedat', 0); \OC_Config::setValue('maintenance', false); $this->emit('\\OC\\Updater', 'maintenanceEnd'); }
/** * @param $options * @return array */ public static function install($options) { $l = self::getTrans(); $error = array(); $dbType = $options['dbtype']; if (empty($options['adminlogin'])) { $error[] = $l->t('Set an admin username.'); } if (empty($options['adminpass'])) { $error[] = $l->t('Set an admin password.'); } if (empty($options['directory'])) { $options['directory'] = OC::$SERVERROOT . "/data"; } if (!isset(self::$dbSetupClasses[$dbType])) { $dbType = 'sqlite'; } $username = htmlspecialchars_decode($options['adminlogin']); $password = htmlspecialchars_decode($options['adminpass']); $dataDir = htmlspecialchars_decode($options['directory']); $class = self::$dbSetupClasses[$dbType]; /** @var \OC\Setup\AbstractDatabase $dbSetup */ $dbSetup = new $class(self::getTrans(), 'db_structure.xml'); $error = array_merge($error, $dbSetup->validate($options)); // validate the data directory if (!is_dir($dataDir) and !mkdir($dataDir) or !is_writable($dataDir)) { $error[] = $l->t("Can't create or write into the data directory %s", array($dataDir)); } if (count($error) != 0) { return $error; } //no errors, good if (isset($options['trusted_domains']) && is_array($options['trusted_domains'])) { $trustedDomains = $options['trusted_domains']; } else { $trustedDomains = array(OC_Request::serverHost()); } if (OC_Util::runningOnWindows()) { $dataDir = rtrim(realpath($dataDir), '\\'); } //use sqlite3 when available, otherwise sqlite2 will be used. if ($dbType == 'sqlite' and class_exists('SQLite3')) { $dbType = 'sqlite3'; } //generate a random salt that is used to salt the local user passwords $salt = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(30); \OC::$server->getConfig()->setSystemValue('passwordsalt', $salt); // generate a secret $secret = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(48); \OC::$server->getConfig()->setSystemValue('secret', $secret); //write the config file \OC::$server->getConfig()->setSystemValue('trusted_domains', $trustedDomains); \OC::$server->getConfig()->setSystemValue('datadirectory', $dataDir); \OC::$server->getConfig()->setSystemValue('overwrite.cli.url', \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . OC::$WEBROOT); \OC::$server->getConfig()->setSystemValue('dbtype', $dbType); \OC::$server->getConfig()->setSystemValue('version', implode('.', OC_Util::getVersion())); try { $dbSetup->initialize($options); $dbSetup->setupDatabase($username); } catch (DatabaseSetupException $e) { $error[] = array('error' => $e->getMessage(), 'hint' => $e->getHint()); return $error; } catch (Exception $e) { $error[] = array('error' => 'Error while trying to create admin user: '******'hint' => ''); return $error; } //create the user and group try { OC_User::createUser($username, $password); } catch (Exception $exception) { $error[] = $exception->getMessage(); } if (count($error) == 0) { $appConfig = \OC::$server->getAppConfig(); $appConfig->setValue('core', 'installedat', microtime(true)); $appConfig->setValue('core', 'lastupdatedat', microtime(true)); OC_Group::createGroup('admin'); OC_Group::addToGroup($username, 'admin'); OC_User::login($username, $password); //guess what this does OC_Installer::installShippedApps(); // create empty file in data dir, so we can later find // out that this is indeed an ownCloud data directory file_put_contents(OC_Config::getValue('datadirectory', OC::$SERVERROOT . '/data') . '/.ocdata', ''); // Update htaccess files for apache hosts if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) { self::updateHtaccess(); self::protectDataDirectory(); } //and we are done OC_Config::setValue('installed', true); } return $error; }
/** * @brief Makes an $url absolute * @param string $url the url * @return string the absolute url * * Returns a absolute url to the given app and file. */ public static function makeURLAbsolute( $url ) { return OC_Request::serverProtocol(). '://' . OC_Request::serverHost() . $url; }
/** * @brief Returns the server host * @returns string the server host * * Returns the server host, even if the website uses one or more * reverse proxies */ public static function getServerHost() { return \OC_Request::serverHost(); }
/** * Makes an URL absolute * @param string $url the url in the owncloud host * @return string the absolute version of the url */ public function getAbsoluteURL($url) { return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $url; }