コード例 #1
0
ファイル: minimizer.php プロジェクト: noci2012/owncloud
 public function output($files, $cache_key)
 {
     header('Content-Type: ' . $this->contentType);
     OC_Response::enableCaching();
     $etag = $this->generateETag($files);
     $cache_key .= '-' . $etag;
     $gzout = false;
     $cache = OC_Cache::getGlobalCache();
     if (!OC_Request::isNoCache() && (!defined('DEBUG') || !DEBUG)) {
         OC_Response::setETagHeader($etag);
         $gzout = $cache->get($cache_key . '.gz');
     }
     if (!$gzout) {
         $out = $this->minimizeFiles($files);
         $gzout = gzencode($out);
         $cache->set($cache_key . '.gz', $gzout);
         OC_Response::setETagHeader($etag);
     }
     if ($encoding = OC_Request::acceptGZip()) {
         header('Content-Encoding: ' . $encoding);
         $out = $gzout;
     } else {
         $out = gzdecode($gzout);
     }
     header('Content-Length: ' . strlen($out));
     echo $out;
 }
コード例 #2
0
ファイル: files.php プロジェクト: hyb148/core
 /**
  * @param string $filename
  * @param string $name
  */
 private static function sendHeaders($filename, $name)
 {
     OC_Response::setContentDispositionHeader($name, 'attachment');
     header('Content-Transfer-Encoding: binary');
     OC_Response::disableCaching();
     $filesize = \OC\Files\Filesystem::filesize($filename);
     header('Content-Type: ' . \OC_Helper::getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename)));
     if ($filesize > -1) {
         OC_Response::setContentLengthHeader($filesize);
     }
 }
コード例 #3
0
ファイル: mailtemplate.php プロジェクト: CDN-Sparks/owncloud
 public function renderContent()
 {
     if ($this->isEditable()) {
         list($app, $filename) = explode('/templates/', $this->path, 2);
         $name = substr($filename, 0, -4);
         list(, $template) = $this->findTemplate($this->theme, $app, $name, '');
         \OC_Response::sendFile($template);
     } else {
         throw new SecurityException('Template not editable.', 403);
     }
 }
コード例 #4
0
ファイル: files.php プロジェクト: 0x17de/core
 /**
  * @param string $filename
  * @param string $name
  * @param boolean $isAttachment ; enforce download of file
  */
 private static function sendHeaders($filename, $name, $isAttachment = true)
 {
     if ($isAttachment) {
         OC_Response::setContentDispositionHeader($name, 'attachment');
     }
     header('Content-Transfer-Encoding: binary');
     OC_Response::disableCaching();
     $fileSize = \OC\Files\Filesystem::filesize($filename);
     $type = \OC::$server->getMimeTypeDetector()->getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename));
     header('Content-Type: ' . $type);
     if ($fileSize > -1) {
         OC_Response::setContentLengthHeader($fileSize);
     }
 }
コード例 #5
0
ファイル: files.php プロジェクト: olucao/owncloud-core
 /**
  * @param string $filename
  * @param string $name
  * @param bool $zip
  */
 private static function sendHeaders($filename, $name, $zip = false)
 {
     OC_Response::setContentDispositionHeader($name, 'attachment');
     header('Content-Transfer-Encoding: binary');
     OC_Response::disableCaching();
     if ($zip) {
         header('Content-Type: application/zip');
     } else {
         $filesize = \OC\Files\Filesystem::filesize($filename);
         header('Content-Type: ' . \OC\Files\Filesystem::getMimeType($filename));
         if ($filesize > -1) {
             header("Content-Length: " . $filesize);
         }
     }
 }
コード例 #6
0
ファイル: helper.php プロジェクト: olucao/owncloud-core
 /**
  * Sets up the filesystem and user for public sharing
  * @param string $token string share token
  * @param string $relativePath optional path relative to the share
  * @param string $password optional password
  */
 public static function setupFromToken($token, $relativePath = null, $password = null)
 {
     \OC_User::setIncognitoMode(true);
     $linkItem = \OCP\Share::getShareByToken($token, !$password);
     if ($linkItem === false || $linkItem['item_type'] !== 'file' && $linkItem['item_type'] !== 'folder') {
         \OC_Response::setStatus(404);
         \OC_Log::write('core-preview', 'Passed token parameter is not valid', \OC_Log::DEBUG);
         exit;
     }
     if (!isset($linkItem['uid_owner']) || !isset($linkItem['file_source'])) {
         \OC_Response::setStatus(500);
         \OC_Log::write('core-preview', 'Passed token seems to be valid, but it does not contain all necessary information . ("' . $token . '")', \OC_Log::WARN);
         exit;
     }
     $rootLinkItem = \OCP\Share::resolveReShare($linkItem);
     $path = null;
     if (isset($rootLinkItem['uid_owner'])) {
         \OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
         \OC_Util::tearDownFS();
         \OC_Util::setupFS($rootLinkItem['uid_owner']);
         $path = \OC\Files\Filesystem::getPath($linkItem['file_source']);
     }
     if ($path === null) {
         \OCP\Util::writeLog('share', 'could not resolve linkItem', \OCP\Util::DEBUG);
         \OC_Response::setStatus(404);
         \OCP\JSON::error(array('success' => false));
         exit;
     }
     if (!isset($linkItem['item_type'])) {
         \OCP\Util::writeLog('share', 'No item type set for share id: ' . $linkItem['id'], \OCP\Util::ERROR);
         \OC_Response::setStatus(404);
         \OCP\JSON::error(array('success' => false));
         exit;
     }
     if (isset($linkItem['share_with'])) {
         if (!self::authenticate($linkItem, $password)) {
             \OC_Response::setStatus(403);
             \OCP\JSON::error(array('success' => false));
             exit;
         }
     }
     $basePath = $path;
     if ($relativePath !== null && \OC\Files\Filesystem::isReadable($basePath . $relativePath)) {
         $path .= \OC\Files\Filesystem::normalizePath($relativePath);
     }
     return array('linkItem' => $linkItem, 'basePath' => $basePath, 'realPath' => $path);
 }
コード例 #7
0
ファイル: remote.php プロジェクト: rosarion/core
/**
 * @param Exception $e
 */
function handleException(Exception $e)
{
    $request = \OC::$server->getRequest();
    // in case the request content type is text/xml - we assume it's a WebDAV request
    $isXmlContentType = strpos($request->getHeader('Content-Type'), 'text/xml');
    if ($isXmlContentType === 0) {
        // fire up a simple server to properly process the exception
        $server = new Server();
        if (!$e instanceof RemoteException) {
            // we shall not log on RemoteException
            $server->addPlugin(new ExceptionLoggerPlugin('webdav', \OC::$server->getLogger()));
        }
        $server->on('beforeMethod', function () use($e) {
            if ($e instanceof RemoteException) {
                switch ($e->getCode()) {
                    case OC_Response::STATUS_SERVICE_UNAVAILABLE:
                        throw new ServiceUnavailable($e->getMessage());
                    case OC_Response::STATUS_NOT_FOUND:
                        throw new \Sabre\DAV\Exception\NotFound($e->getMessage());
                }
            }
            $class = get_class($e);
            $msg = $e->getMessage();
            throw new ServiceUnavailable("{$class}: {$msg}");
        });
        $server->exec();
    } else {
        $statusCode = OC_Response::STATUS_INTERNAL_SERVER_ERROR;
        if ($e instanceof \OC\ServiceUnavailableException) {
            $statusCode = OC_Response::STATUS_SERVICE_UNAVAILABLE;
        }
        if ($e instanceof RemoteException) {
            // we shall not log on RemoteException
            OC_Response::setStatus($e->getCode());
            OC_Template::printErrorPage($e->getMessage());
        } else {
            \OCP\Util::writeLog('remote', $e->getMessage(), \OCP\Util::FATAL);
            OC_Response::setStatus($statusCode);
            OC_Template::printExceptionErrorPage($e);
        }
    }
}
コード例 #8
0
ファイル: response.php プロジェクト: adolfo2103/hcloudfilem
 /**
  * Send redirect response
  * @param string $location to redirect to
  */
 public static function redirect($location)
 {
     \OC_Response::redirect($location);
 }
コード例 #9
0
 /**
  * @NoAdminRequired
  * @PublicPage
  * Store the document content to its origin
  */
 public function save()
 {
     try {
         $esId = $this->request->server['HTTP_WEBODF_SESSION_ID'];
         if (!$esId) {
             throw new \Exception('Session id can not be empty');
         }
         $memberId = $this->request->server['HTTP_WEBODF_MEMBER_ID'];
         $currentMember = new Db\Member();
         $currentMember->load($memberId);
         //check if member belongs to the session
         if ($esId != $currentMember->getEsId()) {
             throw new \Exception($memberId . ' does not belong to session ' . $esId);
         }
         // Extra info for future usage
         // $sessionRevision = $this->request->server['HTTP_WEBODF_SESSION_REVISION'];
         //NB ouch! New document content is passed as an input stream content
         $stream = fopen('php://input', 'r');
         if (!$stream) {
             throw new \Exception('New content missing');
         }
         $content = stream_get_contents($stream);
         $session = new Db\Session();
         $session->load($esId);
         if (!$session->getEsId()) {
             throw new \Exception('Session does not exist');
         }
         try {
             if ($currentMember->getIsGuest()) {
                 $file = File::getByShareToken($currentMember->getToken());
             } else {
                 $file = new File($session->getFileId());
             }
             list($view, $path) = $file->getOwnerViewAndPath(true);
         } catch (\Exception $e) {
             //File was deleted or unshared. We need to save content as new file anyway
             //Sorry, but for guests it would be lost :(
             if ($this->uid) {
                 $view = new View('/' . $this->uid . '/files');
                 $dir = \OCP\Config::getUserValue($this->uid, 'documents', 'save_path', '');
                 $path = Helper::getNewFileName($view, $dir . 'New Document.odt');
             } else {
                 throw $e;
             }
         }
         $member = new Db\Member();
         $members = $member->getActiveCollection($esId);
         $memberIds = array_map(function ($x) {
             return $x['member_id'];
         }, $members);
         // Active users except current user
         $memberCount = count($memberIds) - 1;
         if ($view->file_exists($path)) {
             $currentHash = sha1($view->file_get_contents($path));
             if (!Helper::isVersionsEnabled() && $currentHash !== $session->getGenesisHash()) {
                 // Original file was modified externally. Save to a new one
                 $path = Helper::getNewFileName($view, $path, '-conflict');
             }
             $mimetype = $view->getMimeType($path);
         } else {
             $mimetype = Storage::MIMETYPE_LIBREOFFICE_WORDPROCESSOR;
         }
         $data = Filter::write($content, $mimetype);
         if ($view->file_put_contents($path, $data['content'])) {
             // Not a last user
             if ($memberCount > 0) {
                 // Update genesis hash to prevent conflicts
                 $this->logger->debug('Update hash', array('app' => $this->appName));
                 $session->updateGenesisHash($esId, sha1($data['content']));
             } else {
                 // Last user. Kill session data
                 Db\Session::cleanUp($esId);
             }
             $view->touch($path);
         }
         $response = array('status' => 'success');
     } catch (\Exception $e) {
         $this->logger->warning('Saving failed. Reason:' . $e->getMessage(), array('app' => $this->appName));
         \OC_Response::setStatus(500);
         $response = array();
     }
     return $response;
 }
コード例 #10
0
ファイル: base.php プロジェクト: CDN-Sparks/owncloud
 /**
  * @brief Handle the request
  */
 public static function handleRequest()
 {
     // load all the classpaths from the enabled apps so they are available
     // in the routing files of each app
     OC::loadAppClassPaths();
     // Check if ownCloud is installed or in maintenance (update) mode
     if (!OC_Config::getValue('installed', false)) {
         require_once 'core/setup.php';
         exit;
     }
     $request = OC_Request::getPathInfo();
     if (substr($request, -3) !== '.js') {
         // we need these files during the upgrade
         self::checkMaintenanceMode();
         self::checkUpgrade();
     }
     if (!self::$CLI) {
         try {
             if (!OC_Config::getValue('maintenance', false)) {
                 OC_App::loadApps();
             }
             OC::getRouter()->match(OC_Request::getRawPathInfo());
             return;
         } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
             //header('HTTP/1.0 404 Not Found');
         } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
             OC_Response::setStatus(405);
             return;
         }
     }
     $app = OC::$REQUESTEDAPP;
     $file = OC::$REQUESTEDFILE;
     $param = array('app' => $app, 'file' => $file);
     // Handle app css files
     if (substr($file, -3) == 'css') {
         self::loadCSSFile($param);
         return;
     }
     // Handle redirect URL for logged in users
     if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
         $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
         // Deny the redirect if the URL contains a @
         // This prevents unvalidated redirects like ?redirect_url=:user@domain.com
         if (strpos($location, '@') === FALSE) {
             header('Location: ' . $location);
             return;
         }
     }
     // Handle WebDAV
     if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
         header('location: ' . OC_Helper::linkToRemote('webdav'));
         return;
     }
     // Someone is logged in :
     if (OC_User::isLoggedIn()) {
         OC_App::loadApps();
         OC_User::setupBackends();
         if (isset($_GET["logout"]) and $_GET["logout"]) {
             if (isset($_COOKIE['oc_token'])) {
                 OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
             }
             OC_User::logout();
             header("Location: " . OC::$WEBROOT . '/');
         } else {
             if (is_null($file)) {
                 $param['file'] = 'index.php';
             }
             $file_ext = substr($param['file'], -3);
             if ($file_ext != 'php' || !self::loadAppScriptFile($param)) {
                 header('HTTP/1.0 404 Not Found');
             }
         }
         return;
     }
     // Not handled and not logged in
     self::handleLogin();
 }
コード例 #11
0
ファイル: router.php プロジェクト: omusico/isle-web-framework
 /**
  * Generate JSON response for routing in javascript
  */
 public static function JSRoutes()
 {
     $router = OC::getRouter();
     $etag = $router->getCacheKey();
     OC_Response::enableCaching();
     OC_Response::setETagHeader($etag);
     $root = $router->getCollection('root');
     $routes = array();
     foreach ($root->all() as $name => $route) {
         $compiled_route = $route->compile();
         $defaults = $route->getDefaults();
         unset($defaults['action']);
         $routes[$name] = array('tokens' => $compiled_route->getTokens(), 'defaults' => $defaults);
     }
     OCP\JSON::success(array('data' => $routes));
 }
コード例 #12
0
<?php

/**
 * @author Lukas Reschke
 * @copyright 2014 Lukas Reschke lukas@owncloud.com
 *
 * This file is licensed under the Affero General Public License version 3 or
 * later.
 * See the COPYING-README file.
 */
// This file is just used to redirect the legacy sharing URLs (< ownCloud 8) to the new ones
$urlGenerator = new \OC\URLGenerator(\OC::$server->getConfig());
$token = isset($_GET['t']) ? $_GET['t'] : '';
$route = isset($_GET['download']) ? 'files_sharing.sharecontroller.downloadShare' : 'files_sharing.sharecontroller.showShare';
OC_Response::redirect($urlGenerator->linkToRoute($route, array('token' => $token)));
コード例 #13
0
ファイル: files.php プロジェクト: CDN-Sparks/owncloud
 /**
  * return the content of a file or return a zip file containing multiple files
  *
  * @param string $dir
  * @param string $file ; separated list of files to download
  * @param boolean $only_header ; boolean to only send header of the request
  */
 public static function get($dir, $files, $only_header = false)
 {
     $xsendfile = false;
     if (isset($_SERVER['MOD_X_SENDFILE_ENABLED']) || isset($_SERVER['MOD_X_ACCEL_REDIRECT_ENABLED'])) {
         $xsendfile = true;
     }
     if (is_array($files) && count($files) == 1) {
         $files = $files[0];
     }
     if (is_array($files)) {
         self::validateZipDownload($dir, $files);
         $executionTime = intval(ini_get('max_execution_time'));
         set_time_limit(0);
         $zip = new ZipArchive();
         if ($xsendfile) {
             $filename = OC_Helper::tmpFileNoClean('.zip');
         } else {
             $filename = OC_Helper::tmpFile('.zip');
         }
         if ($zip->open($filename, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE) !== true) {
             exit("cannot open <{$filename}>\n");
         }
         foreach ($files as $file) {
             $file = $dir . '/' . $file;
             if (\OC\Files\Filesystem::is_file($file)) {
                 $tmpFile = \OC\Files\Filesystem::toTmpFile($file);
                 self::$tmpFiles[] = $tmpFile;
                 $zip->addFile($tmpFile, basename($file));
             } elseif (\OC\Files\Filesystem::is_dir($file)) {
                 self::zipAddDir($file, $zip);
             }
         }
         $zip->close();
         $basename = basename($dir);
         if ($basename) {
             $name = $basename . '.zip';
         } else {
             $name = 'owncloud.zip';
         }
         set_time_limit($executionTime);
     } elseif (\OC\Files\Filesystem::is_dir($dir . '/' . $files)) {
         self::validateZipDownload($dir, $files);
         $executionTime = intval(ini_get('max_execution_time'));
         set_time_limit(0);
         $zip = new ZipArchive();
         if ($xsendfile) {
             $filename = OC_Helper::tmpFileNoClean('.zip');
         } else {
             $filename = OC_Helper::tmpFile('.zip');
         }
         if ($zip->open($filename, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE) !== true) {
             exit("cannot open <{$filename}>\n");
         }
         $file = $dir . '/' . $files;
         self::zipAddDir($file, $zip);
         $zip->close();
         $name = $files . '.zip';
         set_time_limit($executionTime);
     } else {
         $zip = false;
         $filename = $dir . '/' . $files;
         $name = $files;
     }
     OC_Util::obEnd();
     if ($zip or \OC\Files\Filesystem::isReadable($filename)) {
         if (preg_match("/MSIE/", $_SERVER["HTTP_USER_AGENT"])) {
             header('Content-Disposition: attachment; filename="' . rawurlencode($name) . '"');
         } else {
             header('Content-Disposition: attachment; filename*=UTF-8\'\'' . rawurlencode($name) . '; filename="' . rawurlencode($name) . '"');
         }
         header('Content-Transfer-Encoding: binary');
         OC_Response::disableCaching();
         if ($zip) {
             ini_set('zlib.output_compression', 'off');
             header('Content-Type: application/zip');
             header('Content-Length: ' . filesize($filename));
             self::addSendfileHeader($filename);
         } else {
             header('Content-Type: ' . \OC\Files\Filesystem::getMimeType($filename));
             header("Content-Length: " . \OC\Files\Filesystem::filesize($filename));
             list($storage) = \OC\Files\Filesystem::resolvePath($filename);
             if ($storage instanceof \OC\Files\Storage\Local) {
                 self::addSendfileHeader(\OC\Files\Filesystem::getLocalFile($filename));
             }
         }
     } elseif ($zip or !\OC\Files\Filesystem::file_exists($filename)) {
         header("HTTP/1.0 404 Not Found");
         $tmpl = new OC_Template('', '404', 'guest');
         $tmpl->assign('file', $name);
         $tmpl->printPage();
     } else {
         header("HTTP/1.0 403 Forbidden");
         die('403 Forbidden');
     }
     if ($only_header) {
         return;
     }
     if ($zip) {
         $handle = fopen($filename, 'r');
         if ($handle) {
             $chunkSize = 8 * 1024;
             // 1 MB chunks
             while (!feof($handle)) {
                 echo fread($handle, $chunkSize);
                 flush();
             }
         }
         if (!$xsendfile) {
             unlink($filename);
         }
     } else {
         \OC\Files\Filesystem::readfile($filename);
     }
     foreach (self::$tmpFiles as $tmpFile) {
         if (file_exists($tmpFile) and is_file($tmpFile)) {
             unlink($tmpFile);
         }
     }
 }
コード例 #14
0
ファイル: list.php プロジェクト: olucao/owncloud-core
if (isset($_POST['password'])) {
    $password = $_POST['password'];
}
$relativePath = null;
if (isset($_GET['dir'])) {
    $relativePath = $_GET['dir'];
}
$sortAttribute = isset($_GET['sort']) ? $_GET['sort'] : 'name';
$sortDirection = isset($_GET['sortdirection']) ? $_GET['sortdirection'] === 'desc' : false;
$data = \OCA\Files_Sharing\Helper::setupFromToken($token, $relativePath, $password);
$linkItem = $data['linkItem'];
// Load the files
$dir = $data['realPath'];
$dir = \OC\Files\Filesystem::normalizePath($dir);
if (!\OC\Files\Filesystem::is_dir($dir . '/')) {
    \OC_Response::setStatus(\OC_Response::STATUS_NOT_FOUND);
    \OCP\JSON::error(array('success' => false));
    exit;
}
$data = array();
// make filelist
$files = \OCA\Files\Helper::getFiles($dir, $sortAttribute, $sortDirection);
$formattedFiles = array();
foreach ($files as $file) {
    $entry = \OCA\Files\Helper::formatFileInfo($file);
    unset($entry['directory']);
    // for now
    $entry['permissions'] = \OCP\PERMISSION_READ;
    $formattedFiles[] = $entry;
}
$data['directory'] = $relativePath;
コード例 #15
0
ファイル: base.php プロジェクト: CDN-Sparks/owncloud
 /**
  * @brief Handle the request
  */
 public static function handleRequest()
 {
     // load all the classpaths from the enabled apps so they are available
     // in the routing files of each app
     OC::loadAppClassPaths();
     // Check if ownCloud is installed or in maintenance (update) mode
     if (!OC_Config::getValue('installed', false)) {
         require_once 'core/setup.php';
         exit;
     }
     $host = OC_Request::insecureServerHost();
     // if the host passed in headers isn't trusted
     if (!OC::$CLI && OC_Request::getOverwriteHost() === null && !OC_Request::isTrustedDomain($host)) {
         header('HTTP/1.1 400 Bad Request');
         header('Status: 400 Bad Request');
         OC_Template::printErrorPage('You are accessing the server from an untrusted domain.', 'Please contact your administrator. If you are an administrator of this instance, configure the "trusted_domain" setting in config/config.php. An example configuration is provided in config/config.sample.php.');
         return;
     }
     $request = OC_Request::getPathInfo();
     if (substr($request, -3) !== '.js') {
         // we need these files during the upgrade
         self::checkMaintenanceMode();
         self::checkUpgrade();
     }
     // Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
     OC::tryBasicAuthLogin();
     if (!self::$CLI and (!isset($_GET["logout"]) or $_GET["logout"] !== 'true')) {
         try {
             if (!OC_Config::getValue('maintenance', false)) {
                 OC_App::loadApps();
             }
             self::checkSingleUserMode();
             OC::getRouter()->match(OC_Request::getRawPathInfo());
             return;
         } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
             //header('HTTP/1.0 404 Not Found');
         } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
             OC_Response::setStatus(405);
             return;
         }
     }
     $app = OC::$REQUESTEDAPP;
     $file = OC::$REQUESTEDFILE;
     $param = array('app' => $app, 'file' => $file);
     // Handle app css files
     if (substr($file, -3) == 'css') {
         self::loadCSSFile($param);
         return;
     }
     // Handle redirect URL for logged in users
     if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
         $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
         // Deny the redirect if the URL contains a @
         // This prevents unvalidated redirects like ?redirect_url=:user@domain.com
         if (strpos($location, '@') === false) {
             header('Location: ' . $location);
             return;
         }
     }
     // Handle WebDAV
     if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
         // not allowed any more to prevent people
         // mounting this root directly.
         // Users need to mount remote.php/webdav instead.
         header('HTTP/1.1 405 Method Not Allowed');
         header('Status: 405 Method Not Allowed');
         return;
     }
     // Someone is logged in :
     if (OC_User::isLoggedIn()) {
         OC_App::loadApps();
         OC_User::setupBackends();
         if (isset($_GET["logout"]) and $_GET["logout"]) {
             if (isset($_COOKIE['oc_token'])) {
                 OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
             }
             OC_User::logout();
             header("Location: " . OC::$WEBROOT . '/');
         } else {
             if (is_null($file)) {
                 $param['file'] = 'index.php';
             }
             $file_ext = substr($param['file'], -3);
             if ($file_ext != 'php' || !self::loadAppScriptFile($param)) {
                 header('HTTP/1.0 404 Not Found');
             }
         }
         return;
     }
     // Not handled and not logged in
     self::handleLogin();
 }
コード例 #16
0
 public static function getTmpAvatar($args)
 {
     \OC_JSON::checkLoggedIn();
     \OC_JSON::callCheck();
     $tmpavatar = \OC_Cache::get('tmpavatar');
     if (is_null($tmpavatar)) {
         $l = new \OC_L10n('core');
         \OC_JSON::error(array("data" => array("message" => $l->t("No temporary profile picture available, try again"))));
         return;
     }
     $image = new \OC_Image($tmpavatar);
     \OC_Response::disableCaching();
     \OC_Response::setLastModifiedHeader(time());
     \OC_Response::setETagHeader(crc32($image->data()));
     $image->show();
 }
コード例 #17
0
 /**
  * return the content of a file or return a zip file containning multiply files
  *
  * @param dir  $dir
  * @param file $file ; seperated list of files to download
  * @param boolean $only_header ; boolean to only send header of the request
  */
 public static function get($dir, $files, $only_header = false)
 {
     if (strpos($files, ';')) {
         $files = explode(';', $files);
     }
     if (is_array($files)) {
         self::validateZipDownload($dir, $files);
         $executionTime = intval(ini_get('max_execution_time'));
         set_time_limit(0);
         $zip = new ZipArchive();
         $filename = OC_Helper::tmpFile('.zip');
         if ($zip->open($filename, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE) !== TRUE) {
             exit("cannot open <{$filename}>\n");
         }
         foreach ($files as $file) {
             $file = $dir . '/' . $file;
             if (OC_Filesystem::is_file($file)) {
                 $tmpFile = OC_Filesystem::toTmpFile($file);
                 self::$tmpFiles[] = $tmpFile;
                 $zip->addFile($tmpFile, basename($file));
             } elseif (OC_Filesystem::is_dir($file)) {
                 self::zipAddDir($file, $zip);
             }
         }
         $zip->close();
         set_time_limit($executionTime);
     } elseif (OC_Filesystem::is_dir($dir . '/' . $files)) {
         self::validateZipDownload($dir, $files);
         $executionTime = intval(ini_get('max_execution_time'));
         set_time_limit(0);
         $zip = new ZipArchive();
         $filename = OC_Helper::tmpFile('.zip');
         if ($zip->open($filename, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE) !== TRUE) {
             exit("cannot open <{$filename}>\n");
         }
         $file = $dir . '/' . $files;
         self::zipAddDir($file, $zip);
         $zip->close();
         set_time_limit($executionTime);
     } else {
         $zip = false;
         $filename = $dir . '/' . $files;
     }
     @ob_end_clean();
     if ($zip or OC_Filesystem::is_readable($filename)) {
         header('Content-Disposition: attachment; filename="' . basename($filename) . '"');
         header('Content-Transfer-Encoding: binary');
         OC_Response::disableCaching();
         if ($zip) {
             ini_set('zlib.output_compression', 'off');
             header('Content-Type: application/zip');
             header('Content-Length: ' . filesize($filename));
         } else {
             $fileData = OC_FileCache::get($filename);
             header('Content-Type: ' . $fileData['mimetype']);
         }
     } elseif ($zip or !OC_Filesystem::file_exists($filename)) {
         header("HTTP/1.0 404 Not Found");
         $tmpl = new OC_Template('', '404', 'guest');
         $tmpl->assign('file', $filename);
         $tmpl->printPage();
     } else {
         header("HTTP/1.0 403 Forbidden");
         die('403 Forbidden');
     }
     if ($only_header) {
         if (!$zip) {
             header("Content-Length: " . OC_Filesystem::filesize($filename));
         }
         return;
     }
     if ($zip) {
         $handle = fopen($filename, 'r');
         if ($handle) {
             $chunkSize = 8 * 1024;
             // 1 MB chunks
             while (!feof($handle)) {
                 echo fread($handle, $chunkSize);
                 flush();
             }
         }
         unlink($filename);
     } else {
         OC_Filesystem::readfile($filename);
     }
     foreach (self::$tmpFiles as $tmpFile) {
         if (file_exists($tmpFile) and is_file($tmpFile)) {
             unlink($tmpFile);
         }
     }
 }
コード例 #18
0
ファイル: ocs.php プロジェクト: ryanshoover/core
 /**
 	main function to handle the REST request
 	**/
 public static function handle()
 {
     // overwrite the 404 error page returncode
     header("HTTP/1.0 200 OK");
     if ($_SERVER['REQUEST_METHOD'] == 'GET') {
         $method = 'get';
     } elseif ($_SERVER['REQUEST_METHOD'] == 'PUT') {
         $method = 'put';
         parse_str(file_get_contents("php://input"), $put_vars);
     } elseif ($_SERVER['REQUEST_METHOD'] == 'POST') {
         $method = 'post';
     } else {
         echo 'internal server error: method not supported';
         exit;
     }
     $format = self::readData($method, 'format', 'text', '');
     $router = new OC_Router();
     $router->useCollection('root');
     // CONFIG
     $router->create('config', '/config.{format}')->defaults(array('format' => $format))->action('OC_OCS', 'apiConfig')->requirements(array('format' => 'xml|json'));
     // PERSON
     $router->create('person_check', '/person/check.{format}')->post()->defaults(array('format' => $format))->action(function ($parameters) {
         $format = $parameters['format'];
         $login = OC_OCS::readData('post', 'login', 'text');
         $passwd = OC_OCS::readData('post', 'password', 'text');
         OC_OCS::personCheck($format, $login, $passwd);
     })->requirements(array('format' => 'xml|json'));
     // ACTIVITY
     // activityget - GET ACTIVITY   page,pagesize als urlparameter
     $router->create('activity_get', '/activity.{format}')->defaults(array('format' => $format))->action(function ($parameters) {
         $format = $parameters['format'];
         $page = OC_OCS::readData('get', 'page', 'int', 0);
         $pagesize = OC_OCS::readData('get', 'pagesize', 'int', 10);
         if ($pagesize < 1 or $pagesize > 100) {
             $pagesize = 10;
         }
         OC_OCS::activityGet($format, $page, $pagesize);
     })->requirements(array('format' => 'xml|json'));
     // activityput - POST ACTIVITY
     $router->create('activity_put', '/activity.{format}')->post()->defaults(array('format' => $format))->action(function ($parameters) {
         $format = $parameters['format'];
         $message = OC_OCS::readData('post', 'message', 'text');
         OC_OCS::activityPut($format, $message);
     })->requirements(array('format' => 'xml|json'));
     // PRIVATEDATA
     // get - GET DATA
     $router->create('privatedata_get', '/privatedata/getattribute/{app}/{key}.{format}')->defaults(array('app' => '', 'key' => '', 'format' => $format))->action(function ($parameters) {
         $format = $parameters['format'];
         $app = addslashes(strip_tags($parameters['app']));
         $key = addslashes(strip_tags($parameters['key']));
         OC_OCS::privateDataGet($format, $app, $key);
     })->requirements(array('format' => 'xml|json'));
     // set - POST DATA
     $router->create('privatedata_set', '/privatedata/setattribute/{app}/{key}.{format}')->post()->defaults(array('format' => $format))->action(function ($parameters) {
         $format = $parameters['format'];
         $app = addslashes(strip_tags($parameters['app']));
         $key = addslashes(strip_tags($parameters['key']));
         $value = OC_OCS::readData('post', 'value', 'text');
         OC_OCS::privateDataSet($format, $app, $key, $value);
     })->requirements(array('format' => 'xml|json'));
     // delete - POST DATA
     $router->create('privatedata_delete', '/privatedata/deleteattribute/{app}/{key}.{format}')->post()->defaults(array('format' => $format))->action(function ($parameters) {
         $format = $parameters['format'];
         $app = addslashes(strip_tags($parameters['app']));
         $key = addslashes(strip_tags($parameters['key']));
         OC_OCS::privateDataDelete($format, $app, $key);
     })->requirements(array('format' => 'xml|json'));
     // CLOUD
     // systemWebApps
     $router->create('system_webapps', '/cloud/system/webapps.{format}')->defaults(array('format' => $format))->action(function ($parameters) {
         $format = $parameters['format'];
         OC_OCS::systemwebapps($format);
     })->requirements(array('format' => 'xml|json'));
     // quotaget
     $router->create('quota_get', '/cloud/user/{user}.{format}')->defaults(array('format' => $format))->action(function ($parameters) {
         $format = $parameters['format'];
         $user = $parameters['user'];
         OC_OCS::quotaGet($format, $user);
     })->requirements(array('format' => 'xml|json'));
     // quotaset
     $router->create('quota_set', '/cloud/user/{user}.{format}')->post()->defaults(array('format' => $format))->action(function ($parameters) {
         $format = $parameters['format'];
         $user = $parameters['user'];
         $quota = self::readData('post', 'quota', 'int');
         OC_OCS::quotaSet($format, $user, $quota);
     })->requirements(array('format' => 'xml|json'));
     // keygetpublic
     $router->create('keygetpublic', '/cloud/user/{user}/publickey.{format}')->defaults(array('format' => $format))->action(function ($parameters) {
         $format = $parameters['format'];
         $user = $parameters['user'];
         OC_OCS::publicKeyGet($format, $user);
     })->requirements(array('format' => 'xml|json'));
     // keygetprivate
     $router->create('keygetpublic', '/cloud/user/{user}/privatekey.{format}')->defaults(array('format' => $format))->action(function ($parameters) {
         $format = $parameters['format'];
         $user = $parameters['user'];
         OC_OCS::privateKeyGet($format, $user);
     })->requirements(array('format' => 'xml|json'));
     // add more calls here
     // please document all the call in the draft spec
     // http://www.freedesktop.org/wiki/Specifications/open-collaboration-services-1.7#CLOUD
     // TODO:
     // users
     // groups
     // bookmarks
     // sharing
     // versioning
     // news (rss)
     try {
         $router->match($_SERVER['PATH_INFO']);
     } catch (ResourceNotFoundException $e) {
         $txt = 'Invalid query, please check the syntax. ' . 'API specifications are here: ' . 'http://www.freedesktop.org/wiki/Specifications/open-collaboration-services.' . 'DEBUG OUTPUT:' . "\n";
         $txt .= OC_OCS::getdebugoutput();
         echo OC_OCS::generatexml($format, 'failed', 999, $txt);
     } catch (MethodNotAllowedException $e) {
         OC_Response::setStatus(405);
     }
     exit;
 }
コード例 #19
0
 /**
  * Store the document content to its origin
  */
 public static function save()
 {
     try {
         $esId = @$_SERVER['HTTP_WEBODF_SESSION_ID'];
         if (!$esId) {
             throw new \Exception('Session id can not be empty');
         }
         $memberId = @$_SERVER['HTTP_WEBODF_MEMBER_ID'];
         $currentMember = new Db\Member();
         $currentMember->load($memberId);
         if (is_null($currentMember->getIsGuest()) || $currentMember->getIsGuest()) {
             self::preDispatchGuest();
         } else {
             $uid = self::preDispatch();
         }
         //check if member belongs to the session
         if ($esId != $currentMember->getEsId()) {
             throw new \Exception($memberId . ' does not belong to session ' . $esId);
         }
         // Extra info for future usage
         // $sessionRevision = Helper::getArrayValueByKey($_SERVER, 'HTTP_WEBODF_SESSION_REVISION');
         $stream = fopen('php://input', 'r');
         if (!$stream) {
             throw new \Exception('New content missing');
         }
         $content = stream_get_contents($stream);
         $session = new Db\Session();
         $session->load($esId);
         if (!$session->getEsId()) {
             throw new \Exception('Session does not exist');
         }
         try {
             if ($currentMember->getIsGuest()) {
                 $file = File::getByShareToken($currentMember->getToken());
             } else {
                 $file = new File($session->getFileId());
             }
             list($view, $path) = $file->getOwnerViewAndPath(true);
         } catch (\Exception $e) {
             //File was deleted or unshared. We need to save content as new file anyway
             //Sorry, but for guests it would be lost :(
             if (isset($uid)) {
                 $view = new \OC\Files\View('/' . $uid . '/files');
                 $dir = \OCP\Config::getUserValue(\OCP\User::getUser(), 'documents', 'save_path', '');
                 $path = Helper::getNewFileName($view, $dir . 'New Document.odt');
             }
         }
         $member = new Db\Member();
         $members = $member->getActiveCollection($esId);
         $memberIds = array_map(function ($x) {
             return $x['member_id'];
         }, $members);
         // Active users except current user
         $memberCount = count($memberIds) - 1;
         if ($view->file_exists($path)) {
             $proxyStatus = \OC_FileProxy::$enabled;
             \OC_FileProxy::$enabled = false;
             $currentHash = sha1($view->file_get_contents($path));
             \OC_FileProxy::$enabled = $proxyStatus;
             if (!Helper::isVersionsEnabled() && $currentHash !== $session->getGenesisHash()) {
                 // Original file was modified externally. Save to a new one
                 $path = Helper::getNewFileName($view, $path, '-conflict');
             }
             $mimetype = $view->getMimeType($path);
         } else {
             $mimetype = Storage::MIMETYPE_LIBREOFFICE_WORDPROCESSOR;
         }
         $data = Filter::write($content, $mimetype);
         if ($view->file_put_contents($path, $data['content'])) {
             // Not a last user
             if ($memberCount > 0) {
                 // Update genesis hash to prevent conflicts
                 Helper::debugLog('Update hash');
                 $session->updateGenesisHash($esId, sha1($data['content']));
             } else {
                 // Last user. Kill session data
                 Db\Session::cleanUp($esId);
             }
             $view->touch($path);
         }
         \OCP\JSON::success();
     } catch (\Exception $e) {
         Helper::warnLog('Saving failed. Reason:' . $e->getMessage());
         //\OCP\JSON::error(array('message'=>$e->getMessage()));
         \OC_Response::setStatus(500);
     }
     exit;
 }
コード例 #20
0
ファイル: files.php プロジェクト: hjimmy/owncloud
 /**
  * return the content of a file or return a zip file containing multiple files
  *
  * @param string $dir
  * @param string $file ; separated list of files to download
  * @param boolean $only_header ; boolean to only send header of the request
  */
 public static function get($dir, $files, $only_header = false)
 {
     $xsendfile = false;
     if (isset($_SERVER['MOD_X_SENDFILE_ENABLED']) || isset($_SERVER['MOD_X_SENDFILE2_ENABLED']) || isset($_SERVER['MOD_X_ACCEL_REDIRECT_ENABLED'])) {
         $xsendfile = true;
     }
     if (is_array($files) && count($files) == 1) {
         $files = $files[0];
     }
     if (is_array($files)) {
         self::validateZipDownload($dir, $files);
         $executionTime = intval(ini_get('max_execution_time'));
         set_time_limit(0);
         $zip = new ZipArchive();
         $filename = OC_Helper::tmpFile('.zip');
         if ($zip->open($filename, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE) !== true) {
             $l = OC_L10N::get('lib');
             throw new Exception($l->t('cannot open "%s"', array($filename)));
         }
         foreach ($files as $file) {
             $file = $dir . '/' . $file;
             if (\OC\Files\Filesystem::is_file($file)) {
                 $tmpFile = \OC\Files\Filesystem::toTmpFile($file);
                 self::$tmpFiles[] = $tmpFile;
                 $zip->addFile($tmpFile, basename($file));
             } elseif (\OC\Files\Filesystem::is_dir($file)) {
                 self::zipAddDir($file, $zip);
             }
         }
         $zip->close();
         if ($xsendfile) {
             $filename = OC_Helper::moveToNoClean($filename);
         }
         $basename = basename($dir);
         if ($basename) {
             $name = $basename . '.zip';
         } else {
             $name = 'download.zip';
         }
         set_time_limit($executionTime);
     } elseif (\OC\Files\Filesystem::is_dir($dir . '/' . $files)) {
         self::validateZipDownload($dir, $files);
         $executionTime = intval(ini_get('max_execution_time'));
         set_time_limit(0);
         $zip = new ZipArchive();
         $filename = OC_Helper::tmpFile('.zip');
         if ($zip->open($filename, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE) !== true) {
             $l = OC_L10N::get('lib');
             throw new Exception($l->t('cannot open "%s"', array($filename)));
         }
         $file = $dir . '/' . $files;
         self::zipAddDir($file, $zip);
         $zip->close();
         if ($xsendfile) {
             $filename = OC_Helper::moveToNoClean($filename);
         }
         $name = $files . '.zip';
         set_time_limit($executionTime);
     } else {
         $zip = false;
         $filename = $dir . '/' . $files;
         $name = $files;
         if ($xsendfile && OC_App::isEnabled('files_encryption')) {
             $xsendfile = false;
         }
     }
     OC_Util::obEnd();
     if ($zip or \OC\Files\Filesystem::isReadable($filename)) {
         OC_Response::setContentDispositionHeader($name, 'attachment');
         header('Content-Transfer-Encoding: binary');
         OC_Response::disableCaching();
         if ($zip) {
             ini_set('zlib.output_compression', 'off');
             header('Content-Type: application/zip');
             header('Content-Length: ' . filesize($filename));
             self::addSendfileHeader($filename);
         } else {
             $filesize = \OC\Files\Filesystem::filesize($filename);
             header('Content-Type: ' . \OC\Files\Filesystem::getMimeType($filename));
             if ($filesize > -1) {
                 header("Content-Length: " . $filesize);
             }
             if ($xsendfile) {
                 list($storage) = \OC\Files\Filesystem::resolvePath(\OC\Files\Filesystem::getView()->getAbsolutePath($filename));
                 /**
                  * @var \OC\Files\Storage\Storage $storage
                  */
                 if ($storage->instanceOfStorage('\\OC\\Files\\Storage\\Local')) {
                     self::addSendfileHeader(\OC\Files\Filesystem::getLocalFile($filename));
                 }
             }
         }
     } elseif ($zip or !\OC\Files\Filesystem::file_exists($filename)) {
         header("HTTP/1.0 404 Not Found");
         $tmpl = new OC_Template('', '404', 'guest');
         $tmpl->assign('file', $name);
         $tmpl->printPage();
     } else {
         header("HTTP/1.0 403 Forbidden");
         die('403 Forbidden');
     }
     if ($only_header) {
         return;
     }
     if ($zip) {
         $handle = fopen($filename, 'r');
         if ($handle) {
             $chunkSize = 8 * 1024;
             // 1 MB chunks
             while (!feof($handle)) {
                 echo fread($handle, $chunkSize);
                 flush();
             }
         }
         if (!$xsendfile) {
             unlink($filename);
         }
     } else {
         \OC\Files\Filesystem::readfile($filename);
     }
     foreach (self::$tmpFiles as $tmpFile) {
         if (file_exists($tmpFile) and is_file($tmpFile)) {
             unlink($tmpFile);
         }
     }
 }
コード例 #21
0
ファイル: base.php プロジェクト: krsvital/core
 /**
  * Handle the request
  */
 public static function handleRequest()
 {
     \OC::$server->getEventLogger()->start('handle_request', 'Handle request');
     $systemConfig = \OC::$server->getSystemConfig();
     // load all the classpaths from the enabled apps so they are available
     // in the routing files of each app
     OC::loadAppClassPaths();
     // Check if ownCloud is installed or in maintenance (update) mode
     if (!$systemConfig->getValue('installed', false)) {
         \OC::$server->getSession()->clear();
         $setupHelper = new OC\Setup(\OC::$server->getConfig(), \OC::$server->getIniWrapper(), \OC::$server->getL10N('lib'), new \OC_Defaults(), \OC::$server->getLogger(), \OC::$server->getSecureRandom());
         $controller = new OC\Core\Setup\Controller($setupHelper);
         $controller->run($_POST);
         exit;
     }
     $request = \OC::$server->getRequest()->getPathInfo();
     if (substr($request, -3) !== '.js') {
         // we need these files during the upgrade
         self::checkMaintenanceMode();
         self::checkUpgrade();
     }
     // Always load authentication apps
     OC_App::loadApps(['authentication']);
     // Load minimum set of apps
     if (!self::checkUpgrade(false) && !$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
         // For logged-in users: Load everything
         if (OC_User::isLoggedIn()) {
             OC_App::loadApps();
         } else {
             // For guests: Load only filesystem and logging
             OC_App::loadApps(array('filesystem', 'logging'));
             \OC_User::tryBasicAuthLogin();
         }
     }
     if (!self::$CLI and (!isset($_GET["logout"]) or $_GET["logout"] !== 'true')) {
         try {
             if (!$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
                 OC_App::loadApps(array('filesystem', 'logging'));
                 OC_App::loadApps();
             }
             self::checkSingleUserMode();
             OC_Util::setupFS();
             OC::$server->getRouter()->match(\OC::$server->getRequest()->getRawPathInfo());
             return;
         } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
             //header('HTTP/1.0 404 Not Found');
         } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
             OC_Response::setStatus(405);
             return;
         }
     }
     // Handle redirect URL for logged in users
     if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
         $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
         // Deny the redirect if the URL contains a @
         // This prevents unvalidated redirects like ?redirect_url=:user@domain.com
         if (strpos($location, '@') === false) {
             header('Location: ' . $location);
             return;
         }
     }
     // Handle WebDAV
     if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
         // not allowed any more to prevent people
         // mounting this root directly.
         // Users need to mount remote.php/webdav instead.
         header('HTTP/1.1 405 Method Not Allowed');
         header('Status: 405 Method Not Allowed');
         return;
     }
     // Redirect to index if the logout link is accessed without valid session
     // this is needed to prevent "Token expired" messages while login if a session is expired
     // @see https://github.com/owncloud/core/pull/8443#issuecomment-42425583
     if (isset($_GET['logout']) && !OC_User::isLoggedIn()) {
         header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
         return;
     }
     // Someone is logged in
     if (OC_User::isLoggedIn()) {
         OC_App::loadApps();
         OC_User::setupBackends();
         OC_Util::setupFS();
         if (isset($_GET["logout"]) and $_GET["logout"]) {
             OC_JSON::callCheck();
             if (isset($_COOKIE['oc_token'])) {
                 \OC::$server->getConfig()->deleteUserValue(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
             }
             OC_User::logout();
             // redirect to webroot and add slash if webroot is empty
             header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
         } else {
             // Redirect to default application
             OC_Util::redirectToDefaultPage();
         }
     } else {
         // Not handled and not logged in
         self::handleLogin();
     }
 }
コード例 #22
0
 public static function loadfile()
 {
     if (file_exists(OC::$APPSROOT . '/apps/' . OC::$REQUESTEDAPP . '/' . OC::$REQUESTEDFILE)) {
         if (substr(OC::$REQUESTEDFILE, -3) == 'css') {
             $appswebroot = (string) OC::$APPSWEBROOT;
             $webroot = (string) OC::$WEBROOT;
             $filepath = OC::$APPSROOT . '/apps/' . OC::$REQUESTEDAPP . '/' . OC::$REQUESTEDFILE;
             header('Content-Type: text/css');
             OC_Response::enableCaching();
             OC_Response::setLastModifiedHeader(filemtime($filepath));
             $cssfile = file_get_contents($filepath);
             $cssfile = str_replace('%appswebroot%', $appswebroot, $cssfile);
             $cssfile = str_replace('%webroot%', $webroot, $cssfile);
             OC_Response::setETagHeader(md5($cssfile));
             header('Content-Length: ' . strlen($cssfile));
             echo $cssfile;
             exit;
         } elseif (substr(OC::$REQUESTEDFILE, -3) == 'php') {
             require_once OC::$APPSROOT . '/apps/' . OC::$REQUESTEDAPP . '/' . OC::$REQUESTEDFILE;
         }
     } else {
         header('HTTP/1.0 404 Not Found');
         exit;
     }
 }
コード例 #23
0
ファイル: api.php プロジェクト: nem0xff/core
 /**
  * respond to a call
  * @param OC_OCS_Result $result
  * @param string $format the format xml|json
  */
 public static function respond($result, $format = 'xml')
 {
     // Send 401 headers if unauthorised
     if ($result->getStatusCode() === API::RESPOND_UNAUTHORISED) {
         header('WWW-Authenticate: Basic realm="Authorisation Required"');
         header('HTTP/1.0 401 Unauthorized');
     }
     foreach ($result->getHeaders() as $name => $value) {
         header($name . ': ' . $value);
     }
     $meta = $result->getMeta();
     $data = $result->getData();
     if (self::isV2(\OC::$server->getRequest())) {
         $statusCode = self::mapStatusCodes($result->getStatusCode());
         if (!is_null($statusCode)) {
             $meta['statuscode'] = $statusCode;
             OC_Response::setStatus($statusCode);
         }
     }
     self::setContentType($format);
     $body = self::renderResult($format, $meta, $data);
     echo $body;
 }
コード例 #24
0
ファイル: base.php プロジェクト: olucao/owncloud-core
 /**
  * Handle the request
  */
 public static function handleRequest()
 {
     $l = \OC_L10N::get('lib');
     // load all the classpaths from the enabled apps so they are available
     // in the routing files of each app
     OC::loadAppClassPaths();
     // Check if ownCloud is installed or in maintenance (update) mode
     if (!OC_Config::getValue('installed', false)) {
         $controller = new OC\Core\Setup\Controller();
         $controller->run($_POST);
         exit;
     }
     $host = OC_Request::insecureServerHost();
     // if the host passed in headers isn't trusted
     if (!OC::$CLI && OC_Request::getOverwriteHost() === null && !OC_Request::isTrustedDomain($host)) {
         header('HTTP/1.1 400 Bad Request');
         header('Status: 400 Bad Request');
         OC_Template::printErrorPage($l->t('You are accessing the server from an untrusted domain.'), $l->t('Please contact your administrator. If you are an administrator of this instance, configure the "trusted_domain" setting in config/config.php. An example configuration is provided in config/config.sample.php.'));
         return;
     }
     $request = OC_Request::getPathInfo();
     if (substr($request, -3) !== '.js') {
         // we need these files during the upgrade
         self::checkMaintenanceMode();
         self::checkUpgrade();
     }
     if (!OC_User::isLoggedIn()) {
         // Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
         OC::tryBasicAuthLogin();
     }
     if (!self::$CLI and (!isset($_GET["logout"]) or $_GET["logout"] !== 'true')) {
         try {
             if (!OC_Config::getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
                 OC_App::loadApps(array('authentication'));
                 OC_App::loadApps(array('filesystem', 'logging'));
                 OC_App::loadApps();
             }
             self::checkSingleUserMode();
             OC::$server->getRouter()->match(OC_Request::getRawPathInfo());
             return;
         } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
             //header('HTTP/1.0 404 Not Found');
         } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
             OC_Response::setStatus(405);
             return;
         }
     }
     // Load minimum set of apps
     if (!self::checkUpgrade(false)) {
         // For logged-in users: Load everything
         if (OC_User::isLoggedIn()) {
             OC_App::loadApps();
         } else {
             // For guests: Load only authentication, filesystem and logging
             OC_App::loadApps(array('authentication'));
             OC_App::loadApps(array('filesystem', 'logging'));
         }
     }
     // Handle redirect URL for logged in users
     if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
         $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
         // Deny the redirect if the URL contains a @
         // This prevents unvalidated redirects like ?redirect_url=:user@domain.com
         if (strpos($location, '@') === false) {
             header('Location: ' . $location);
             return;
         }
     }
     // Handle WebDAV
     if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
         // not allowed any more to prevent people
         // mounting this root directly.
         // Users need to mount remote.php/webdav instead.
         header('HTTP/1.1 405 Method Not Allowed');
         header('Status: 405 Method Not Allowed');
         return;
     }
     // Redirect to index if the logout link is accessed without valid session
     // this is needed to prevent "Token expired" messages while login if a session is expired
     // @see https://github.com/owncloud/core/pull/8443#issuecomment-42425583
     if (isset($_GET['logout']) && !OC_User::isLoggedIn()) {
         header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
         return;
     }
     // Someone is logged in
     if (OC_User::isLoggedIn()) {
         OC_App::loadApps();
         OC_User::setupBackends();
         if (isset($_GET["logout"]) and $_GET["logout"]) {
             OC_JSON::callCheck();
             if (isset($_COOKIE['oc_token'])) {
                 OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
             }
             if (isset($_SERVER['PHP_AUTH_USER'])) {
                 if (isset($_COOKIE['oc_ignore_php_auth_user'])) {
                     // Ignore HTTP Authentication for 5 more mintues.
                     setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], time() + 300, OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
                 } elseif ($_SERVER['PHP_AUTH_USER'] === self::$session->get('loginname')) {
                     // Ignore HTTP Authentication to allow a different user to log in.
                     setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], 0, OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
                 }
             }
             OC_User::logout();
             // redirect to webroot and add slash if webroot is empty
             header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
         } else {
             // Redirect to default application
             OC_Util::redirectToDefaultPage();
         }
     } else {
         // Not handled and not logged in
         self::handleLogin();
     }
 }
コード例 #25
0
ファイル: shareinfo.php プロジェクト: samj1912/repo
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */
OCP\JSON::checkAppEnabled('files_sharing');
if (!isset($_GET['t'])) {
    \OC_Response::setStatus(400);
    //400 Bad Request
    exit;
}
if (OCA\Files_Sharing\Helper::isOutgoingServer2serverShareEnabled() === false) {
    \OC_Response::setStatus(404);
    // 404 not found
    exit;
}
$token = $_GET['t'];
$password = null;
if (isset($_POST['password'])) {
    $password = $_POST['password'];
}
$relativePath = null;
if (isset($_GET['dir'])) {
    $relativePath = $_GET['dir'];
}
$data = \OCA\Files_Sharing\Helper::setupFromToken($token, $relativePath, $password);
$linkItem = $data['linkItem'];
// Load the files
コード例 #26
0
ファイル: thumbnail.php プロジェクト: CDN-Sparks/owncloud
 public function show()
 {
     if ($this->useOriginal) {
         $fp = @$this->view->fopen($this->path, 'rb');
         $mtime = $this->view->filemtime($this->path);
         $size = $this->view->filesize($this->path);
         $mime = $this->view->getMimetype($this->path);
     } else {
         $fp = @fopen($this->path, 'rb');
         $mtime = filemtime($this->path);
         $size = filesize($this->path);
         $mime = \OC_Helper::getMimetype($this->path);
     }
     if ($fp) {
         \OCP\Response::enableCaching();
         \OCP\Response::setLastModifiedHeader($mtime);
         header('Content-Length: ' . $size);
         header('Content-Type: ' . $mime);
         fpassthru($fp);
     } else {
         \OC_Response::setStatus(\OC_Response::STATUS_NOT_FOUND);
     }
 }
コード例 #27
0
ファイル: preview.php プロジェクト: GitHubUser4234/core
    //400 Bad Request
    \OCP\Util::writeLog('core-preview', 'x and/or y set to 0', \OCP\Util::DEBUG);
    exit;
}
try {
    $preview = new \OC\Preview(\OC_User::getUser(), 'files_trashbin/files', $file);
    $view = new \OC\Files\View('/' . \OC_User::getUser() . '/files_trashbin/files');
    if ($view->is_dir($file)) {
        $mimetype = 'httpd/unix-directory';
    } else {
        $pathInfo = pathinfo(ltrim($file, '/'));
        $fileName = $pathInfo['basename'];
        // if in root dir
        if ($pathInfo['dirname'] === '.') {
            // cut off the .d* suffix
            $i = strrpos($fileName, '.');
            if ($i !== false) {
                $fileName = substr($fileName, 0, $i);
            }
        }
        $mimetype = \OC::$server->getMimeTypeDetector()->detectPath($fileName);
    }
    $preview->setMimetype($mimetype);
    $preview->setMaxX($maxX);
    $preview->setMaxY($maxY);
    $preview->setScalingUp($scalingUp);
    $preview->showPreview();
} catch (\Exception $e) {
    \OC_Response::setStatus(500);
    \OCP\Util::writeLog('core', $e->getmessage(), \OCP\Util::DEBUG);
}
コード例 #28
0
ファイル: base.php プロジェクト: GitHubUser4234/core
 /**
  * Handle the request
  */
 public static function handleRequest()
 {
     \OC::$server->getEventLogger()->start('handle_request', 'Handle request');
     $systemConfig = \OC::$server->getSystemConfig();
     // load all the classpaths from the enabled apps so they are available
     // in the routing files of each app
     OC::loadAppClassPaths();
     // Check if ownCloud is installed or in maintenance (update) mode
     if (!$systemConfig->getValue('installed', false)) {
         \OC::$server->getSession()->clear();
         $setupHelper = new OC\Setup(\OC::$server->getConfig(), \OC::$server->getIniWrapper(), \OC::$server->getL10N('lib'), new \OC_Defaults(), \OC::$server->getLogger(), \OC::$server->getSecureRandom());
         $controller = new OC\Core\Controller\SetupController($setupHelper);
         $controller->run($_POST);
         exit;
     }
     $request = \OC::$server->getRequest();
     // Check if requested URL matches 'index.php/occ'
     $isOccControllerRequested = preg_match('|/index\\.php$|', $request->getScriptName()) === 1 && strpos($request->getPathInfo(), '/occ/') === 0;
     $requestPath = $request->getRawPathInfo();
     if (substr($requestPath, -3) !== '.js') {
         // we need these files during the upgrade
         self::checkMaintenanceMode($request);
         $needUpgrade = self::checkUpgrade(!$isOccControllerRequested);
     }
     // emergency app disabling
     if ($requestPath === '/disableapp' && $request->getMethod() === 'POST' && (string) $request->getParam('appid') !== '') {
         \OCP\JSON::callCheck();
         \OCP\JSON::checkAdminUser();
         $appId = (string) $request->getParam('appid');
         $appId = \OC_App::cleanAppId($appId);
         \OC_App::disable($appId);
         \OC_JSON::success();
         exit;
     }
     try {
         // Always load authentication apps
         OC_App::loadApps(['authentication']);
     } catch (\OC\NeedsUpdateException $e) {
         if ($isOccControllerRequested && $needUpgrade) {
             OC::$server->getRouter()->match(\OC::$server->getRequest()->getRawPathInfo());
             return;
         }
         throw $e;
     }
     // Load minimum set of apps
     if (!self::checkUpgrade(false) && !$systemConfig->getValue('maintenance', false)) {
         // For logged-in users: Load everything
         if (OC_User::isLoggedIn()) {
             OC_App::loadApps();
         } else {
             // For guests: Load only filesystem and logging
             OC_App::loadApps(array('filesystem', 'logging'));
             self::handleLogin($request);
         }
     }
     if (!self::$CLI) {
         try {
             if (!$systemConfig->getValue('maintenance', false) && !self::checkUpgrade(false)) {
                 OC_App::loadApps(array('filesystem', 'logging'));
                 OC_App::loadApps();
             }
             self::checkSingleUserMode();
             OC_Util::setupFS();
             OC::$server->getRouter()->match(\OC::$server->getRequest()->getRawPathInfo());
             return;
         } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
             //header('HTTP/1.0 404 Not Found');
         } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
             OC_Response::setStatus(405);
             return;
         }
     }
     // Handle WebDAV
     if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
         // not allowed any more to prevent people
         // mounting this root directly.
         // Users need to mount remote.php/webdav instead.
         header('HTTP/1.1 405 Method Not Allowed');
         header('Status: 405 Method Not Allowed');
         return;
     }
     // Someone is logged in
     if (OC_User::isLoggedIn()) {
         OC_App::loadApps();
         OC_User::setupBackends();
         OC_Util::setupFS();
         // FIXME
         // Redirect to default application
         OC_Util::redirectToDefaultPage();
     } else {
         // Not handled and not logged in
         header('Location: ' . \OC::$server->getURLGenerator()->linkToRouteAbsolute('core.login.showLoginForm'));
     }
 }
コード例 #29
0
        exit;
    }
    $sharedFile = \OC\Files\Filesystem::normalizePath($file);
}
if ($linkedItem['item_type'] === 'file') {
    $parent = $pathInfo['parent'];
    $path = $view->getPath($parent);
    $sharedFile = $pathInfo['name'];
}
$path = \OC\Files\Filesystem::normalizePath($path, false);
if (substr($path, 0, 1) === '/') {
    $path = substr($path, 1);
}
if ($maxX === 0 || $maxY === 0) {
    \OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST);
    \OCP\Util::writeLog('core-preview', 'x and/or y set to 0', \OCP\Util::DEBUG);
    exit;
}
$root = 'files/' . $path;
try {
    $preview = new \OC\Preview($userId, $root);
    $preview->setFile($sharedFile);
    $preview->setMaxX($maxX);
    $preview->setMaxY($maxY);
    $preview->setScalingUp($scalingUp);
    $preview->setKeepAspect($keepAspect);
    $preview->showPreview();
} catch (\Exception $e) {
    \OC_Response::setStatus(\OC_Response::STATUS_INTERNAL_SERVER_ERROR);
    \OCP\Util::writeLog('core', $e->getmessage(), \OCP\Util::DEBUG);
}
コード例 #30
0
ファイル: v1.php プロジェクト: hjimmy/owncloud
* ownCloud
*
* @author Frank Karlitschek
* @copyright 2012 Frank Karlitschek frank@owncloud.org
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library.  If not, see <http://www.gnu.org/licenses/>.
*
*/
require_once '../lib/base.php';
use Symfony\Component\Routing\Exception\ResourceNotFoundException;
use Symfony\Component\Routing\Exception\MethodNotAllowedException;
try {
    OC::getRouter()->match('/ocs' . OC_Request::getRawPathInfo());
} catch (ResourceNotFoundException $e) {
    OC_API::setContentType();
    OC_OCS::notFound();
} catch (MethodNotAllowedException $e) {
    OC_API::setContentType();
    OC_Response::setStatus(405);
}