public function __construct() { $baseUrl = OC_Helper::linkTo('', 'index.php'); $method = $_SERVER['REQUEST_METHOD']; $host = OC_Request::serverHost(); $schema = OC_Request::serverProtocol(); $this->context = new RequestContext($baseUrl, $method, $host, $schema); // TODO cache $this->root = $this->getCollection('root'); }
/** * @brief Returns the server protocol * @returns string the server protocol * * Returns the server protocol. It respects reverse proxy servers and load balancers */ public static function getServerProtocol() { return \OC_Request::serverProtocol(); }
/** * @param $options * @return array */ public static function install($options) { $l = self::getTrans(); $error = array(); $dbType = $options['dbtype']; if (empty($options['adminlogin'])) { $error[] = $l->t('Set an admin username.'); } if (empty($options['adminpass'])) { $error[] = $l->t('Set an admin password.'); } if (empty($options['directory'])) { $options['directory'] = OC::$SERVERROOT . "/data"; } if (!isset(self::$dbSetupClasses[$dbType])) { $dbType = 'sqlite'; } $username = htmlspecialchars_decode($options['adminlogin']); $password = htmlspecialchars_decode($options['adminpass']); $dataDir = htmlspecialchars_decode($options['directory']); $class = self::$dbSetupClasses[$dbType]; /** @var \OC\Setup\AbstractDatabase $dbSetup */ $dbSetup = new $class(self::getTrans(), 'db_structure.xml'); $error = array_merge($error, $dbSetup->validate($options)); // validate the data directory if (!is_dir($dataDir) and !mkdir($dataDir) or !is_writable($dataDir)) { $error[] = $l->t("Can't create or write into the data directory %s", array($dataDir)); } if (count($error) != 0) { return $error; } //no errors, good if (isset($options['trusted_domains']) && is_array($options['trusted_domains'])) { $trustedDomains = $options['trusted_domains']; } else { $trustedDomains = array(OC_Request::serverHost()); } if (OC_Util::runningOnWindows()) { $dataDir = rtrim(realpath($dataDir), '\\'); } //use sqlite3 when available, otherwise sqlite2 will be used. if ($dbType == 'sqlite' and class_exists('SQLite3')) { $dbType = 'sqlite3'; } //generate a random salt that is used to salt the local user passwords $salt = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(30); \OC::$server->getConfig()->setSystemValue('passwordsalt', $salt); // generate a secret $secret = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(48); \OC::$server->getConfig()->setSystemValue('secret', $secret); //write the config file \OC::$server->getConfig()->setSystemValue('trusted_domains', $trustedDomains); \OC::$server->getConfig()->setSystemValue('datadirectory', $dataDir); \OC::$server->getConfig()->setSystemValue('overwrite.cli.url', \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . OC::$WEBROOT); \OC::$server->getConfig()->setSystemValue('dbtype', $dbType); \OC::$server->getConfig()->setSystemValue('version', implode('.', OC_Util::getVersion())); try { $dbSetup->initialize($options); $dbSetup->setupDatabase($username); } catch (DatabaseSetupException $e) { $error[] = array('error' => $e->getMessage(), 'hint' => $e->getHint()); return $error; } catch (Exception $e) { $error[] = array('error' => 'Error while trying to create admin user: '******'hint' => ''); return $error; } //create the user and group try { OC_User::createUser($username, $password); } catch (Exception $exception) { $error[] = $exception->getMessage(); } if (count($error) == 0) { $appConfig = \OC::$server->getAppConfig(); $appConfig->setValue('core', 'installedat', microtime(true)); $appConfig->setValue('core', 'lastupdatedat', microtime(true)); OC_Group::createGroup('admin'); OC_Group::addToGroup($username, 'admin'); OC_User::login($username, $password); //guess what this does OC_Installer::installShippedApps(); // create empty file in data dir, so we can later find // out that this is indeed an ownCloud data directory file_put_contents(OC_Config::getValue('datadirectory', OC::$SERVERROOT . '/data') . '/.ocdata', ''); // Update htaccess files for apache hosts if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) { self::updateHtaccess(); self::protectDataDirectory(); } //and we are done OC_Config::setValue('installed', true); } return $error; }
public function testServerProtocol() { unset($_SERVER['HTTP_X_FORWARDED_PROTO']); unset($_SERVER['HTTP_HTTPS']); unset($_SERVER['REMOTE_ADDR']); OC_Config::deleteKey('overwriteprotocol'); OC_Config::deleteKey('overwritecondaddr'); OC_Config::setValue('overwriteprotocol', 'https'); OC_Config::setValue('overwritecondaddr', ''); $proto = OC_Request::serverProtocol(); $this->assertEquals('https', $proto); OC_Config::setValue('overwriteprotocol', 'https'); OC_Config::setValue('overwritecondaddr', '^somehost\\..*$'); $_SERVER['REMOTE_ADDR'] = 'somehost.test:8080'; $proto = OC_Request::serverProtocol(); $this->assertEquals('https', $proto); // Following checks without overwriting the protocol OC_Config::setValue('overwriteprotocol', ''); unset($_SERVER['HTTP_X_FORWARDED_PROTO']); unset($_SERVER['HTTP_HTTPS']); $proto = OC_Request::serverProtocol(); $this->assertEquals('http', $proto); unset($_SERVER['HTTP_X_FORWARDED_PROTO']); $_SERVER['HTTP_HTTPS'] = 'on'; $proto = OC_Request::serverProtocol(); $this->assertEquals('https', $proto); $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https'; $proto = OC_Request::serverProtocol(); $this->assertEquals('https', $proto); $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https,http,http'; $proto = OC_Request::serverProtocol(); $this->assertEquals('https', $proto); // clean up unset($_SERVER['HTTP_X_FORWARDED_PROTO']); unset($_SERVER['HTTP_PROTO']); unset($_SERVER['REMOTE_ADDR']); OC_Config::deleteKey('overwriteprotocol'); OC_Config::deleteKey('overwritecondaddr'); }
public static function checkSSL() { // redirect to https site if configured if (OC_Config::getValue("forcessl", false)) { header('Strict-Transport-Security: max-age=31536000'); ini_set("session.cookie_secure", "on"); if (OC_Request::serverProtocol() != 'https' and !OC::$CLI) { $url = "https://" . OC_Request::serverHost() . OC_Request::requestUri(); header("Location: {$url}"); exit; } } else { // Invalidate HSTS headers if (OC_Request::serverProtocol() === 'https') { header('Strict-Transport-Security: max-age=0'); } } }
public static function checkSSL() { // redirect to https site if configured if (\OC::$server->getSystemConfig()->getValue('forcessl', false)) { // Default HSTS policy $header = 'Strict-Transport-Security: max-age=31536000'; // If SSL for subdomains is enabled add "; includeSubDomains" to the header if(\OC::$server->getSystemConfig()->getValue('forceSSLforSubdomains', false)) { $header .= '; includeSubDomains'; } header($header); ini_set('session.cookie_secure', 'on'); if (OC_Request::serverProtocol() <> 'https' and !OC::$CLI) { $url = 'https://' . OC_Request::serverHost() . OC_Request::requestUri(); header("Location: $url"); exit(); } } else { // Invalidate HSTS headers if (OC_Request::serverProtocol() === 'https') { header('Strict-Transport-Security: max-age=0'); } } }
/** * @brief Makes an $url absolute * @param string $url the url * @return string the absolute url * * Returns a absolute url to the given app and file. */ public static function makeURLAbsolute( $url ) { return OC_Request::serverProtocol(). '://' . OC_Request::serverHost() . $url; }
public static function checkSSL() { // redirect to https site if configured if (OC_Config::getValue("forcessl", false)) { ini_set("session.cookie_secure", "on"); if (OC_Request::serverProtocol() != 'https' and !OC::$CLI) { $url = "https://" . OC_Request::serverHost() . $_SERVER['REQUEST_URI']; header("Location: {$url}"); exit; } } }
$template->assign('allowPublicUpload', $appConfig->getValue('core', 'shareapi_allow_public_upload', 'yes')); $template->assign('allowResharing', $appConfig->getValue('core', 'shareapi_allow_resharing', 'yes')); $template->assign('allowPublicMailNotification', $appConfig->getValue('core', 'shareapi_allow_public_notification', 'no')); $template->assign('allowMailNotification', $appConfig->getValue('core', 'shareapi_allow_mail_notification', 'no')); $template->assign('onlyShareWithGroupMembers', \OC\Share\Share::shareWithGroupMembersOnly()); $databaseOverload = (strpos(\OCP\Config::getSystemValue('dbtype'), 'sqlite') !== false); $template->assign('databaseOverload', $databaseOverload); // warn if Windows is used $template->assign('WindowsWarning', OC_Util::runningOnWindows()); // add hardcoded forms from the template $forms = OC_App::getForms('admin'); $l = OC_L10N::get('settings'); $formsAndMore = array(); if (OC_Request::serverProtocol() !== 'https' || !OC_Util::isAnnotationsWorking() || $suggestedOverwriteCliUrl || !OC_Util::isSetLocaleWorking() || !OC_Util::isPhpCharSetUtf8() || !OC_Util::fileInfoLoaded() || $databaseOverload ) { $formsAndMore[] = array('anchor' => 'security-warning', 'section-name' => $l->t('Security & Setup Warnings')); } $formsMap = array_map(function ($form) { if (preg_match('%(<h2[^>]*>.*?</h2>)%i', $form, $regs)) { $sectionName = str_replace('<h2>', '', $regs[0]); $sectionName = str_replace('</h2>', '', $sectionName); $anchor = strtolower($sectionName); $anchor = str_replace(' ', '-', $anchor); return array( 'anchor' => 'goto-' . $anchor,
$tmpl->assign('old_php', OC_Util::isPHPoutdated()); $tmpl->assign('backgroundjobs_mode', OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax')); $tmpl->assign('cron_log', OC_Config::getValue('cron_log', true)); $tmpl->assign('lastcron', OC_Appconfig::getValue('core', 'lastcron', false)); $tmpl->assign('shareAPIEnabled', OC_Appconfig::getValue('core', 'shareapi_enabled', 'yes')); $tmpl->assign('shareDefaultExpireDateSet', OC_Appconfig::getValue('core', 'shareapi_default_expire_date', 'no')); $tmpl->assign('shareExpireAfterNDays', OC_Appconfig::getValue('core', 'shareapi_expire_after_n_days', '7')); $tmpl->assign('shareEnforceExpireDate', OC_Appconfig::getValue('core', 'shareapi_enforce_expire_date', 'no')); $excludeGroups = OC_Appconfig::getValue('core', 'shareapi_exclude_groups', 'no') === 'yes' ? true : false; $tmpl->assign('shareExcludeGroups', $excludeGroups); $excludedGroupsList = OC_Appconfig::getValue('core', 'shareapi_exclude_groups_list', ''); $excludedGroupsList = explode(',', $excludedGroupsList); // FIXME: this should be JSON! $tmpl->assign('shareExcludedGroupsList', implode('|', $excludedGroupsList)); // Check if connected using HTTPS $tmpl->assign('isConnectedViaHTTPS', OC_Request::serverProtocol() === 'https'); $tmpl->assign('enforceHTTPSEnabled', OC_Config::getValue("forcessl", false)); // If the current webroot is non-empty but the webroot from the config is, // and system cron is used, the URL generator fails to build valid URLs. $shouldSuggestOverwriteWebroot = $config->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'cron' && \OC::$WEBROOT && \OC::$WEBROOT !== '/' && !$config->getSystemValue('overwritewebroot', ''); $tmpl->assign('suggestedOverwriteWebroot', $shouldSuggestOverwriteWebroot ? \OC::$WEBROOT : ''); $tmpl->assign('allowLinks', OC_Appconfig::getValue('core', 'shareapi_allow_links', 'yes')); $tmpl->assign('enforceLinkPassword', \OCP\Util::isPublicLinkPasswordRequired()); $tmpl->assign('allowPublicUpload', OC_Appconfig::getValue('core', 'shareapi_allow_public_upload', 'yes')); $tmpl->assign('allowResharing', OC_Appconfig::getValue('core', 'shareapi_allow_resharing', 'yes')); $tmpl->assign('allowMailNotification', OC_Appconfig::getValue('core', 'shareapi_allow_mail_notification', 'no')); $tmpl->assign('onlyShareWithGroupMembers', \OC\Share\Share::shareWithGroupMembersOnly()); $tmpl->assign('forms', array()); foreach ($forms as $form) { $tmpl->append('forms', $form); }
$tmpl->assign('shareExcludeGroups', $excludeGroups); $allGroups = OC_Group::getGroups(); $excludedGroupsList = OC_Appconfig::getValue('core', 'shareapi_exclude_groups_list', ''); $excludedGroups = $excludedGroupsList !== '' ? explode(',', $excludedGroupsList) : array(); $groups = array(); foreach ($allGroups as $group) { if (in_array($group, $excludedGroups)) { $groups[$group] = array('gid' => $group, 'excluded' => true); } else { $groups[$group] = array('gid' => $group, 'excluded' => false); } } ksort($groups); $tmpl->assign('groups', $groups); // Check if connected using HTTPS if (OC_Request::serverProtocol() === 'https') { $connectedHTTPS = true; } else { $connectedHTTPS = false; } $tmpl->assign('isConnectedViaHTTPS', $connectedHTTPS); $tmpl->assign('enforceHTTPSEnabled', OC_Config::getValue("forcessl", false)); $tmpl->assign('allowLinks', OC_Appconfig::getValue('core', 'shareapi_allow_links', 'yes')); $tmpl->assign('enforceLinkPassword', \OCP\Util::isPublicLinkPasswordRequired()); $tmpl->assign('allowPublicUpload', OC_Appconfig::getValue('core', 'shareapi_allow_public_upload', 'yes')); $tmpl->assign('allowResharing', OC_Appconfig::getValue('core', 'shareapi_allow_resharing', 'yes')); $tmpl->assign('allowMailNotification', OC_Appconfig::getValue('core', 'shareapi_allow_mail_notification', 'no')); $tmpl->assign('onlyShareWithGroupMembers', \OC\Share\Share::shareWithGroupMembersOnly()); $tmpl->assign('forms', array()); foreach ($forms as $form) { $tmpl->append('forms', $form);
/** * Makes an URL absolute * @param string $url the url in the owncloud host * @return string the absolute version of the url */ public function getAbsoluteURL($url) { $separator = $url[0] === '/' ? '' : '/'; // The ownCloud web root can already be prepended. $webRoot = substr($url, 0, strlen(\OC::$WEBROOT)) === \OC::$WEBROOT ? '' : \OC::$WEBROOT; return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $webRoot . $separator . $url; }
/** * Makes an URL absolute * @param string $url the url in the owncloud host * @return string the absolute version of the url */ public function getAbsoluteURL($url) { $separator = $url[0] === '/' ? '' : '/'; return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $separator . $url; }
$suggestedOverwriteCliUrl = $shouldSuggestOverwriteCliUrl ? \OC::$WEBROOT : ''; $template->assign('suggestedOverwriteCliUrl', $suggestedOverwriteCliUrl); $template->assign('allowLinks', $appConfig->getValue('core', 'shareapi_allow_links', 'yes')); $template->assign('enforceLinkPassword', \OCP\Util::isPublicLinkPasswordRequired()); $template->assign('allowPublicUpload', $appConfig->getValue('core', 'shareapi_allow_public_upload', 'yes')); $template->assign('allowResharing', $appConfig->getValue('core', 'shareapi_allow_resharing', 'yes')); $template->assign('allowPublicMailNotification', $appConfig->getValue('core', 'shareapi_allow_public_notification', 'no')); $template->assign('allowMailNotification', $appConfig->getValue('core', 'shareapi_allow_mail_notification', 'no')); $template->assign('onlyShareWithGroupMembers', \OC\Share\Share::shareWithGroupMembersOnly()); $databaseOverload = strpos(\OCP\Config::getSystemValue('dbtype'), 'sqlite') !== false; $template->assign('databaseOverload', $databaseOverload); // add hardcoded forms from the template $forms = OC_App::getForms('admin'); $l = OC_L10N::get('settings'); $formsAndMore = array(); if (OC_Request::serverProtocol() !== 'https' || !OC_Util::isAnnotationsWorking() || $suggestedOverwriteWebRoot || !OC_Util::isSetLocaleWorking() || !OC_Util::isPhpCharSetUtf8() || !OC_Util::fileInfoLoaded() || $databaseOverload) { $formsAndMore[] = array('anchor' => 'security-warning', 'section-name' => $l->t('Security & Setup Warnings')); } $formsMap = array_map(function ($form) { if (preg_match('%(<h2[^>]*>.*?</h2>)%i', $form, $regs)) { $sectionName = str_replace('<h2>', '', $regs[0]); $sectionName = str_replace('</h2>', '', $sectionName); $anchor = strtolower($sectionName); $anchor = str_replace(' ', '-', $anchor); return array('anchor' => 'goto-' . $anchor, 'section-name' => $sectionName, 'form' => $form); } return array('form' => $form); }, $forms); $formsAndMore = array_merge($formsAndMore, $formsMap); // add bottom hardcoded forms from the template $formsAndMore[] = array('anchor' => 'backgroundjobs', 'section-name' => $l->t('Cron'));
/** * Makes an URL absolute * @param string $url the url in the ownCloud host * @return string the absolute version of the url */ public function getAbsoluteURL($url) { $separator = $url[0] === '/' ? '' : '/'; if (\OC::$CLI && !defined('PHPUNIT_RUN')) { return rtrim($this->config->getSystemValue('overwrite.cli.url'), '/') . '/' . ltrim($url, '/'); } // The ownCloud web root can already be prepended. $webRoot = substr($url, 0, strlen(\OC::$WEBROOT)) === \OC::$WEBROOT ? '' : \OC::$WEBROOT; return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $webRoot . $separator . $url; }
/** * Makes an URL absolute * @param string $url the url in the owncloud host * @return string the absolute version of the url */ public function getAbsoluteURL($url) { return \OC_Request::serverProtocol() . '://' . \OC_Request::serverHost() . $url; }