break; } } dbg_error_log("cardquery", "Generated SQL was '%s'", $sql); return array('sql' => $sql, 'params' => $params); } /** * Something that we can handle, at least roughly correctly. */ $responses = array(); $target_collection = new DAVResource($request->path); $bound_from = $target_collection->bound_from(); if (!$target_collection->Exists()) { $request->DoResponse(404); } if (!($target_collection->IsAddressbook() || $target_collection->IsSchedulingCollection())) { $request->DoResponse(403, translate('The addressbook-query report must be run against an addressbook collection')); } /** * @todo Once we are past DB version 1.2.1 we can change this query more radically. The best performance to * date seems to be: * SELECT caldav_data.*,address_item.* FROM collection JOIN address_item USING (collection_id,user_no) * JOIN caldav_data USING (dav_id) WHERE collection.dav_name = '/user1/home/' * AND caldav_data.caldav_type = 'VEVENT' ORDER BY caldav_data.user_no, caldav_data.dav_name; */ $params = array(); $where = ' WHERE caldav_data.collection_id = ' . $target_collection->resource_id(); if (is_array($qry_filters)) { dbg_log_array('cardquery', 'qry_filters', $qry_filters, true); $components = array(); $filter_fragment = SqlFilterCardDAV($qry_filters, $components);
} else { dbg_error_log("calquery", "Got bizarre CALDAV:FILTER[%s=%s]] which does not contain comp-filter = VCALENDAR!!", $filter->GetNSTag(), $filter->GetAttribute("name")); } return SqlFilterFragment($filter, $components); } /** * Something that we can handle, at least roughly correctly. */ $responses = array(); $target_collection = new DAVResource($request->path); $bound_from = $target_collection->bound_from(); if (!$target_collection->Exists()) { $request->DoResponse(404); } $params = array(); if (!($target_collection->IsCalendar() || $target_collection->IsSchedulingCollection())) { if (!(isset($c->allow_recursive_report) && $c->allow_recursive_report)) { $request->DoResponse(403, translate('The calendar-query report must be run against a calendar or a scheduling collection')); } else { if ($request->path == '/' || $target_collection->IsPrincipal() || $target_collection->IsAddressbook()) { $request->DoResponse(403, translate('The calendar-query report may not be run against that URL.')); } } /** * We're here because they allow recursive reports, and this appears to be such a location. */ $where = 'WHERE caldav_data.collection_id IN '; $where .= '(SELECT bound_source_id FROM dav_binding WHERE dav_binding.dav_name ~ :path_match '; $where .= 'UNION '; $where .= 'SELECT collection_id FROM collection WHERE collection.dav_name ~ :path_match) '; $distinct = 'DISTINCT ON (calendar_item.uid) ';
/** * A slightly simpler version of write_resource which will make more sense for calling from * an external program. This makes assumptions that the collection and user do exist * and bypasses all checks for whether it is reasonable to write this here. * @param string $path The path to the resource being written * @param string $caldav_data The actual resource to be written * @param string $put_action_type INSERT or UPDATE depending on what we are to do * @return boolean True for success, false for failure. */ function simple_write_resource($path, $caldav_data, $put_action_type, $write_action_log = false) { global $session; /** * We pull the user_no & collection_id out of the collection table, based on the resource path */ $dav_resource = new DAVResource($path); $etag = md5($caldav_data); $collection_path = preg_replace('#/[^/]*$#', '/', $path); $collection = new DAVResource($collection_path); if ($collection->IsCollection() || $collection->IsSchedulingCollection()) { return write_resource($dav_resource, $caldav_data, $collection, $session->user_no, $etag, $put_action_type, false, $write_action_log); } return false; }
{ $components = array(); return SqlFilterFragment($filter, $components); } /** * Something that we can handle, at least roughly correctly. */ $responses = array(); $target_collection = new DAVResource($request->path); $bound_from = $target_collection->bound_from(); if (!$target_collection->Exists()) { $request->DoResponse(404); } $params = array(); $where = ' WHERE caldav_data.collection_id = ' . $target_collection->resource_id(); if (!($target_collection->IsCalendar() || $target_collection->IsSchedulingCollection())) { if (!(isset($c->allow_recursive_report) && $c->allow_recursive_report) || $target_collection->IsSchedulingCollection()) { $request->DoResponse(403, translate('The calendar-query report must be run against a calendar or a scheduling collection')); } /** * We're here because they allow recursive reports, and this appears to be such a location. */ $where = 'WHERE (collection.dav_name ~ :path_match '; $where .= 'OR collection.collection_id IN (SELECT bound_source_id FROM dav_binding WHERE dav_binding.dav_name ~ :path_match)) '; $params = array(':path_match' => '^' . $target_collection->bound_from()); } if (is_array($qry_filters)) { dbg_log_array("calquery", "qry_filters", $qry_filters, true); $components = array(); $filter_fragment = SqlFilterFragment($qry_filters, $components); if ($filter_fragment !== false) {
* @copyright Morphoss Ltd - http://www.morphoss.com/ * @license http://gnu.org/copyleft/gpl.html GNU GPL v2 or later */ dbg_error_log('BIND', 'method handler'); require_once 'AwlQuery.php'; $request->NeedPrivilege('DAV::bind'); if (!$request->IsCollection()) { $request->PreconditionFailed(403, 'DAV::bind-into-collection', translate('The BIND Request-URI MUST identify a collection.')); } $parent_container = $request->path; if (preg_match('{[^/]$}', $parent_container)) { $parent_container .= '/'; } require_once 'DAVResource.php'; $parent = new DAVResource($parent_container); if (!$parent->Exists() || $parent->IsSchedulingCollection()) { $request->PreconditionFailed(403, 'DAV::method-not-allowed', translate('The BIND method is not allowed at that location.')); } require_once 'XMLDocument.php'; $reply = new XMLDocument(array('DAV:' => '')); $position = 0; $xmltree = BuildXMLTree($request->xml_tags, $position); $segment = $xmltree->GetElements('DAV::segment'); $segment = $segment[0]->GetContent(); if (preg_match('{[/\\\\]}', $segment)) { $request->PreconditionFailed(403, 'DAV::name-allowed', translate('That destination name contains invalid characters.')); } $href = $xmltree->GetElements('DAV::href'); $href = $href[0]->GetContent(); $destination_path = $parent_container . $segment . '/'; $destination = new DAVResource($destination_path);
require_once 'AwlQuery.php'; $request->NeedPrivilege('DAV::bind'); $displayname = $request->path; // Enforce trailling '/' on collection name if (!preg_match('#/$#', $request->path)) { dbg_error_log('MKCOL', 'Add trailling "/" to "%s"', $request->path); $request->path .= '/'; } $parent_container = '/'; if (preg_match('#^(.*/)([^/]+)(/)?$#', $request->path, $matches)) { $parent_container = $matches[1]; $displayname = $matches[2]; } require_once 'DAVResource.php'; $parent = new DAVResource($parent_container); if ($parent->IsSchedulingCollection('inbox')) { $request->PreconditionFailed(403, 'urn:ietf:params:xml:ns:caldav:no-mkcol-in-inbox'); } $request_type = $request->method; $is_calendar = $request_type == 'MKCALENDAR'; $is_addressbook = false; $resourcetypes = '<DAV::collection/>'; if ($is_calendar) { $resourcetypes .= '<urn:ietf:params:xml:ns:caldav:calendar/>'; } require_once 'XMLDocument.php'; $reply = new XMLDocument(array('DAV:' => '', 'urn:ietf:params:xml:ns:caldav' => 'C')); $failure_code = null; $failure = array(); $dav_properties = array(); if (isset($request->xml_tags)) {