function OnBeforeProlog()
{
global $USER, $APPLICATION;
if (isset($_SERVER["PHP_AUTH_USER"]) && (!defined("NOT_CHECK_PERMISSIONS") || NOT_CHECK_PERMISSIONS !== true) && (CWebDavBase::IsDavHeaders("check_all") || !$USER->IsAuthorized())) {
if (strlen($_SERVER["PHP_AUTH_USER"]) > 0 and strlen($_SERVER["PHP_AUTH_PW"]) > 0) {
if (strpos($_SERVER["PHP_AUTH_USER"], $_SERVER['HTTP_HOST'] . "\\") === 0) {
$_SERVER["PHP_AUTH_USER"] = str_replace($_SERVER['HTTP_HOST'] . "\\", "", $_SERVER["PHP_AUTH_USER"]);
} elseif (strpos($_SERVER["PHP_AUTH_USER"], $_SERVER['SERVER_NAME'] . "\\") === 0) {
$_SERVER["PHP_AUTH_USER"] = str_replace($_SERVER['SERVER_NAME'] . "\\", "", $_SERVER["PHP_AUTH_USER"]);
}
$arAuthResult = $USER->Login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"], "N");
$APPLICATION->arAuthResult = $arAuthResult;
}
}
if (($_SERVER['REQUEST_METHOD'] == 'OPTIONS' || $_SERVER['REQUEST_METHOD'] == 'PROPFIND') && (strlen($_SERVER["REAL_FILE_PATH"]) <= 0 && substr($_SERVER['REQUEST_URI'], -1, 1) == '/' || strpos($_SERVER['REQUEST_URI'], 'personal') !== false && strlen($_SERVER["REAL_FILE_PATH"]) <= 0 && !file_exists($_SERVER['DOCUMENT_ROOT'] . $_SERVER['REQUEST_URI']))) {
$res = CUrlRewriter::GetList(array("QUERY" => $_SERVER['REQUEST_URI']));
$good_res = true;
$file_path = "";
foreach ($res as $res_detail) {
if (strpos($res_detail["ID"], "webdav") !== false || strpos($res_detail["ID"], "socialnetwork") !== false) {
$good_res = !$USER->IsAuthorized();
break;
}
}
if ($good_res) {
header("MS-Author-Via: DAV");
if (strpos($_SERVER['HTTP_USER_AGENT'], "Microsoft-WebDAV-MiniRedir") !== false && $_SERVER['REQUEST_METHOD'] == "OPTIONS") {
CWebDavBase::base_OPTIONS();
die;
}
if ($_SERVER['REQUEST_METHOD'] != 'PROPFIND') {
if (!$USER->IsAuthorized()) {
CWebDavBase::SetAuthHeader();
die;
}
CWebDavBase::base_OPTIONS();
die;
}
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
if (!$USER->IsAuthorized()) {
CWebDavBase::SetAuthHeader();
die;
}
CWebDavBase::SetStatus('207 Multi-Status');
echo '<?xml version="1.0" encoding="utf-8" ?>
<D:multistatus xmlns:D="DAV:" xmlns:Office="urn:schemas-microsoft-com:office:office" xmlns:Repl="http://schemas.microsoft.com/repl/" xmlns:Z="urn:schemas-microsoft-com:">
<D:response>
<D:href>http://' . htmlspecialcharsbx($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']) . '</D:href>
<D:propstat>
<D:prop>
<D:displayname></D:displayname>
<D:lockdiscovery/><D:supportedlock/>
<D:isFolder>t</D:isFolder>
<D:iscollection>1</D:iscollection>
<D:ishidden>0</D:ishidden>
<D:getcontenttype>application/octet-stream</D:getcontenttype>
<D:getcontentlength>0</D:getcontentlength>
<D:resourcetype><D:collection/></D:resourcetype>
<Repl:authoritative-directory>t</Repl:authoritative-directory>
<D:getlastmodified>2008-10-29T13:58:59Z</D:getlastmodified>
<D:creationdate>2008-10-29T13:58:59Z</D:creationdate>
<Repl:repl-uid>rid:{D77F5F6A-44A9-4015-AB49-4D3A439808C1}</Repl:repl-uid>
<Repl:resourcetag>rt:D77F5F6A-44A9-4015-AB49-4D3A439808C1@00000000000</Repl:resourcetag>
<D:getetag>"{D77F5F6A-44A9-4015-AB49-4D3A439808C1},0"</D:getetag>
</D:prop>
<D:status>HTTP/1.1 200 OK</D:status>
</D:propstat>
</D:response>
</D:multistatus>';
die;
}
}
} elseif (CWebDavBase::IsDavHeaders("check_all")) {
if (!$USER->IsAuthorized()) {
$res = CUrlRewriter::GetList(array("QUERY" => $_SERVER['REQUEST_URI']));
$good_res = true;
$file_path = "";
foreach ($res as $res_detail) {
if (strpos($res_detail["ID"], "webdav") !== false || strpos($res_detail["ID"], "socialnetwork") !== false) {
$good_res = !$USER->IsAuthorized();
break;
}
}
if ($good_res) {
CWebDavBase::SetAuthHeader();
die;
}
}
return true;
}
}
$arError = array();
/********************************************************************
Check Socnet Permission and Main Data
********************************************************************/
/************** Can View *******************************************/
if ($arParams["PERMISSION"] < "R") {
$arError[] = array("id" => "access_denied", "text" => GetMessage("SONET_ACCESS_DENIED"));
/************** Active Feature *************************************/
} elseif ($object == "user" && !CSocNetFeatures::IsActiveFeature(SONET_ENTITY_USER, $arResult["VARIABLES"]["user_id"], "files") || $object == "group" && !CSocNetFeatures::IsActiveFeature(SONET_ENTITY_GROUP, $arResult["VARIABLES"]["group_id"], "files")) {
$arError[] = array("id" => "fiture_is_not_active", "text" => GetMessage("SONET_FILES_IS_NOT_ACTIVE"));
/************** Check Iblock ID ************************************/
} elseif ($object == "user" && $arParams["FILES_USER_IBLOCK_ID"] <= 0 || $object == "group" && $arParams["FILES_GROUP_IBLOCK_ID"] <= 0) {
$arError[] = array("id" => "iblock_id_empty", "text" => GetMessage("SONET_IBLOCK_ID_EMPTY"));
} elseif ($arParams["USE_AUTH"] == "Y" && (CWebDavBase::IsDavHeaders() || $_SERVER['REQUEST_METHOD'] != "GET" && $_SERVER['REQUEST_METHOD'] != "POST") && !$USER->IsAuthorized()) {
$APPLICATION->RestartBuffer();
CWebDavBase::SetAuthHeader();
header('Content-length: 0');
die;
}
/************** Set Page Title or Add Navigation *******************/
if ($arParams["SET_NAV_CHAIN"] == "Y" || $arParams["SET_TITLE"] == "Y") {
$strTitle = "";
if ($object == "group") {
$arResult["GROUP"] = $arGroup = CSocNetGroup::GetByID($arResult["VARIABLES"]["group_id"]);
$db_res = CSocNetFeatures::GetList(array(), array("ENTITY_ID" => $arResult["GROUP"]["ID"], "ENTITY_TYPE" => SONET_ENTITY_GROUP, "FEATURE" => "files"));
if ($db_res && ($arResult["GROUP"]["FEATURE"] = $db_res->GetNext())) {
$arParams["STR_TITLE"] = $arResult["GROUP"]["FEATURE"]["FEATURE_NAME"] = empty($arResult["GROUP"]["FEATURE"]["FEATURE_NAME"]) ? $arParams["STR_TITLE"] : $arResult["GROUP"]["FEATURE"]["FEATURE_NAME"];
} else {
$arResult["GROUP"]["FEATURE"] = array("FEATURE_NAME" => $arParams["STR_TITLE"]);
}
$strTitle = $arGroup["~NAME"] . ": " . $arParams["STR_TITLE"];
function MakeDavRedirect($ob, $currentPageUrl, $baseURL, $path, $is_root = false)
{
global $APPLICATION, $USER;
if ($ob->IsDavHeaders('check_all') || $_SERVER['REQUEST_METHOD'] == 'DELETE') {
if (!$USER->IsAuthorized()) {
$APPLICATION->RestartBuffer();
CWebDavBase::SetAuthHeader();
header('Content-length: 0');
die;
}
if (!$ob->CheckWebRights()) {
$ob->SetStatus('403 Forbidden');
ShowError(GetMessage("WD_DAV_INSUFFICIENT_RIGHTS"));
die;
} elseif (!$ob->IsMethodAllow($_SERVER['REQUEST_METHOD'])) {
CHTTP::SetStatus('405 Method not allowed');
header('Allow: ' . join(',', array_keys($ob->allow)));
ShowError(GetMessage("WD_DAV_UNSUPORTED_METHOD"));
die;
} else {
$APPLICATION->RestartBuffer();
if (isset($_SERVER['HTTP_DESTINATION'])) {
$pu = parse_url(CWebDavBase::get_request_url($_SERVER['HTTP_DESTINATION']));
$ob->SetBaseURL($baseURL);
$pu['path'] = urldecode($pu['path']);
if (strpos($pu['path'], $baseURL) === false) {
CHTTP::SetStatus('405 Method not allowed');
header('Allow: ' . join(',', array_keys($ob->allow)));
ShowError(GetMessage("WD_DAV_UNSUPORTED_METHOD"));
die;
}
} else {
$ob->SetBaseURL($baseURL);
}
$ob->SetPath($path);
$fn = 'base_' . $_SERVER['REQUEST_METHOD'];
call_user_func(array(&$ob, $fn));
die;
}
} else {
$ob->SetBaseURL($baseURL);
$ob->SetPath(rtrim($path, '/'));
if ($is_root) {
return;
}
$ob->IsDir();
if ($ob->arParams['is_file']) {
$APPLICATION->RestartBuffer();
$ob->base_GET();
die;
} else {
LocalRedirect($currentPageUrl);
}
}
}
