/** * @param Exception $e */ function handleException(Exception $e) { $request = \OC::$server->getRequest(); // in case the request content type is text/xml - we assume it's a WebDAV request $isXmlContentType = strpos($request->getHeader('Content-Type'), 'text/xml'); if ($isXmlContentType === 0) { // fire up a simple server to properly process the exception $server = new Server(); if (!$e instanceof RemoteException) { // we shall not log on RemoteException $server->addPlugin(new ExceptionLoggerPlugin('webdav', \OC::$server->getLogger())); } $server->on('beforeMethod', function () use($e) { if ($e instanceof RemoteException) { switch ($e->getCode()) { case OC_Response::STATUS_SERVICE_UNAVAILABLE: throw new ServiceUnavailable($e->getMessage()); case OC_Response::STATUS_NOT_FOUND: throw new \Sabre\DAV\Exception\NotFound($e->getMessage()); } } $class = get_class($e); $msg = $e->getMessage(); throw new ServiceUnavailable("{$class}: {$msg}"); }); $server->exec(); } else { $statusCode = OC_Response::STATUS_INTERNAL_SERVER_ERROR; if ($e instanceof \OC\ServiceUnavailableException) { $statusCode = OC_Response::STATUS_SERVICE_UNAVAILABLE; } if ($e instanceof RemoteException) { // we shall not log on RemoteException OC_Response::setStatus($e->getCode()); OC_Template::printErrorPage($e->getMessage()); } else { \OCP\Util::writeLog('remote', $e->getMessage(), \OCP\Util::FATAL); OC_Response::setStatus($statusCode); OC_Template::printExceptionErrorPage($e); } } }
list($service) = explode('/', $pathInfo); } $file = OCP\CONFIG::getAppValue('core', 'public_' . strip_tags($service)); if (is_null($file)) { header('HTTP/1.0 404 Not Found'); exit; } $parts = explode('/', $file, 2); $app = $parts[0]; // Load all required applications \OC::$REQUESTEDAPP = $app; OC_App::loadApps(array('authentication')); OC_App::loadApps(array('filesystem', 'logging')); if (!\OC::$server->getAppManager()->isInstalled($app)) { throw new Exception('App not installed: ' . $app); } OC_App::loadApp($app); OC_User::setIncognitoMode(true); $baseuri = OC::$WEBROOT . '/public.php/' . $service . '/'; require_once OC_App::getAppPath($app) . '/' . $parts[1]; } catch (\OC\ServiceUnavailableException $ex) { //show the user a detailed error page OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); \OCP\Util::writeLog('remote', $ex->getMessage(), \OCP\Util::FATAL); OC_Template::printExceptionErrorPage($ex); } catch (Exception $ex) { //show the user a detailed error page OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR); \OCP\Util::writeLog('remote', $ex->getMessage(), \OCP\Util::FATAL); OC_Template::printExceptionErrorPage($ex); }
public static function initSession() { // prevents javascript from accessing php session cookies ini_set('session.cookie_httponly', true); // set the cookie path to the ownCloud directory $cookie_path = OC::$WEBROOT ?: '/'; ini_set('session.cookie_path', $cookie_path); // Let the session name be changed in the initSession Hook $sessionName = OC_Util::getInstanceId(); try { // Allow session apps to create a custom session object $useCustomSession = false; $session = self::$server->getSession(); OC_Hook::emit('OC', 'initSession', array('session' => &$session, 'sessionName' => &$sessionName, 'useCustomSession' => &$useCustomSession)); if (!$useCustomSession) { // set the session name to the instance id - which is unique $session = new \OC\Session\Internal($sessionName); } $cryptoWrapper = \OC::$server->getSessionCryptoWrapper(); $session = $cryptoWrapper->wrapSession($session); self::$server->setSession($session); // if session cant be started break with http 500 error } catch (Exception $e) { \OCP\Util::logException('base', $e); //show the user a detailed error page OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR); OC_Template::printExceptionErrorPage($e); } $sessionLifeTime = self::getSessionLifeTime(); // regenerate session id periodically to avoid session fixation /** * @var \OCP\ISession $session */ $session = self::$server->getSession(); if (!$session->exists('SID_CREATED')) { $session->set('SID_CREATED', time()); } else { if (time() - $session->get('SID_CREATED') > $sessionLifeTime / 2) { session_regenerate_id(true); $session->set('SID_CREATED', time()); } } // session timeout if ($session->exists('LAST_ACTIVITY') && time() - $session->get('LAST_ACTIVITY') > $sessionLifeTime) { if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 42000, $cookie_path); } session_unset(); session_destroy(); session_start(); } $session->set('LAST_ACTIVITY', time()); }
public static function initSession() { // prevents javascript from accessing php session cookies ini_set('session.cookie_httponly', '1;'); // set the cookie path to the ownCloud directory $cookie_path = OC::$WEBROOT ?: '/'; ini_set('session.cookie_path', $cookie_path); //set the session object to a dummy session so code relying on the session existing still works self::$session = new \OC\Session\Memory(''); try { // set the session name to the instance id - which is unique self::$session = new \OC\Session\Internal(OC_Util::getInstanceId()); // if session cant be started break with http 500 error } catch (Exception $e) { //show the user a detailed error page OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR); OC_Template::printExceptionErrorPage($e); } $sessionLifeTime = self::getSessionLifeTime(); // regenerate session id periodically to avoid session fixation if (!self::$session->exists('SID_CREATED')) { self::$session->set('SID_CREATED', time()); } else { if (time() - self::$session->get('SID_CREATED') > $sessionLifeTime / 2) { session_regenerate_id(true); self::$session->set('SID_CREATED', time()); } } // session timeout if (self::$session->exists('LAST_ACTIVITY') && time() - self::$session->get('LAST_ACTIVITY') > $sessionLifeTime) { if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 42000, $cookie_path); } session_unset(); session_destroy(); session_start(); } self::$session->set('LAST_ACTIVITY', time()); }