/** * */ function run() { if ($this->checkGet('app', 'usv2')) { $uid = $this->tokens->getUserId(); if ($uid === false || $uid === null) { if ($this->appConfig->getValue('user_servervars2', 'stop_if_empty', false)) { throw new \Exception('token error'); } // Danger: possibilité de fabriquer une boucle avec janus $ssoURL = $this->appConfig->getValue('user_servervars2', 'sso_url', 'http://localhost/sso'); $this->redirector->redirectTo($ssoURL); } else { $isLoggedIn = $this->uag->isLoggedIn(); if (!$isLoggedIn) { $isLoggedIn = $this->uag->login($uid); } if (!$isLoggedIn) { // if ( !$this->uag->isLoggedIn()) { \OC_Log::write('servervars', 'Error trying to log-in the user' . $uid, \OC_Log::DEBUG); return; } \OC::$REQUESTEDAPP = ''; $this->redirector->redirectToDefaultPage(); } } }
* License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ if (OCP\App::isEnabled('user_cas')) { include_once 'CAS.php'; require_once 'user_cas/user_cas.php'; OCP\App::registerAdmin('user_cas', 'settings'); // register user backend OC_User::useBackend('CAS'); OC::$CLASSPATH['OC_USER_CAS_Hooks'] = 'user_cas/lib/hooks.php'; OCP\Util::connectHook('OC_User', 'post_createUser', 'OC_USER_CAS_Hooks', 'post_createUser'); OCP\Util::connectHook('OC_User', 'post_login', 'OC_USER_CAS_Hooks', 'post_login'); OCP\Util::connectHook('OC_User', 'logout', 'OC_USER_CAS_Hooks', 'logout'); if (isset($_GET['app']) && $_GET['app'] == 'user_cas') { require_once 'user_cas/auth.php'; if (!OC_User::login('', '')) { $error = true; OC_Log::write('cas', 'Error trying to authenticate the user', OC_Log::DEBUG); } if (isset($_SERVER["QUERY_STRING"]) && !empty($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] != 'app=user_cas') { header('Location: ' . OC::$WEBROOT . '/?' . $_SERVER["QUERY_STRING"]); exit; } OC::$REQUESTEDAPP = ''; OC_Util::redirectToDefaultPage(); } if (!OCP\User::isLoggedIn()) { // Load js code in order to render the CAS link and to hide parts of the normal login form OCP\Util::addScript('user_cas', 'utils'); } }
/** * Find the route matching $url * * @param string $url The url to find * @throws \Exception * @return void */ public function match($url) { if (substr($url, 0, 6) === '/apps/') { // empty string / 'apps' / $app / rest of the route list(, , $app, ) = explode('/', $url, 4); $app = \OC_App::cleanAppId($app); \OC::$REQUESTEDAPP = $app; $this->loadRoutes($app); } else { if (substr($url, 0, 6) === '/core/' or substr($url, 0, 10) === '/settings/') { \OC::$REQUESTEDAPP = $url; if (!\OC::$server->getConfig()->getSystemValue('maintenance', false) && !Util::needUpgrade()) { \OC_App::loadApps(); } $this->loadRoutes('core'); } else { $this->loadRoutes(); } } $matcher = new UrlMatcher($this->root, $this->context); try { $parameters = $matcher->match($url); } catch (ResourceNotFoundException $e) { if (substr($url, -1) !== '/') { // We allow links to apps/files? for backwards compatibility reasons // However, since Symfony does not allow empty route names, the route // we need to match is '/', so we need to append the '/' here. try { $parameters = $matcher->match($url . '/'); } catch (ResourceNotFoundException $newException) { // If we still didn't match a route, we throw the original exception throw $e; } } else { throw $e; } } \OC::$server->getEventLogger()->start('run_route', 'Run route'); if (isset($parameters['action'])) { $action = $parameters['action']; if (!is_callable($action)) { throw new \Exception('not a callable action'); } unset($parameters['action']); call_user_func($action, $parameters); } elseif (isset($parameters['file'])) { include $parameters['file']; } else { throw new \Exception('no action available'); } \OC::$server->getEventLogger()->end('run_route'); }
exit; } elseif ($request->getParam('service', '')) { $service = $request->getParam('service', ''); } else { $pathInfo = trim($pathInfo, '/'); list($service) = explode('/', $pathInfo); } $file = OCP\CONFIG::getAppValue('core', 'public_' . strip_tags($service)); if (is_null($file)) { header('HTTP/1.0 404 Not Found'); exit; } $parts = explode('/', $file, 2); $app = $parts[0]; // Load all required applications \OC::$REQUESTEDAPP = $app; OC_App::loadApps(array('authentication')); OC_App::loadApps(array('filesystem', 'logging')); if (!\OC::$server->getAppManager()->isInstalled($app)) { throw new Exception('App not installed: ' . $app); } OC_App::loadApp($app); OC_User::setIncognitoMode(true); $baseuri = OC::$WEBROOT . '/public.php/' . $service . '/'; require_once OC_App::getAppPath($app) . '/' . $parts[1]; } catch (\OC\ServiceUnavailableException $ex) { //show the user a detailed error page OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); \OCP\Util::writeLog('remote', $ex->getMessage(), \OCP\Util::FATAL); OC_Template::printExceptionErrorPage($ex); } catch (Exception $ex) {
public static function post_login($parameters) { $uid = $parameters['uid']; $wuid = $uid; $casBackend = new OC_USER_CAS(); $userDB = new OC_User_Database(); /* * Récupération des données du fichier config général /config/config.php */ $serveur_Search = OCP\Config::getSystemValue('serveur_Search', 'error'); $port = OCP\Config::getSystemValue('port', 'error'); $racineAMU = OCP\Config::getSystemValue('racineAMU', 'error'); $racineAMUGRP = OCP\Config::getSystemValue('racineAMUGRP', 'error'); $AMU_nuage_dn = OCP\Config::getSystemValue('AMU_nuage_dn', 'error'); $AMU_nuage_pw = OCP\Config::getSystemValue('AMU_nuage_pw', 'error'); $PQuota = OCP\Config::getSystemValue('PQuota', 'unManaged'); $EQuota = OCP\Config::getSystemValue('EQuota', 'unManaged'); $LDAP = new LDAP_Infos($serveur_Search, $AMU_nuage_dn, $AMU_nuage_pw, $racineAMUGRP, $racineAMUGRP); $restrictGrp = array("cn", "member"); /* * Récupération tableau Groupes * Si le tableau 'groupMapping' est vide pas de contrôle sur les groupes */ $AccesCloud = 0; OCP\Util::writeLog('user_cas', "Authentification (Mapping groups=" . $casBackend->groupMapping . ")", OCP\Util::DEBUG); if ($casBackend->groupMapping) { $wTabGrp = str_replace(array('<br>', '<br />', "\n", "\r"), array('@', '', '@', ''), $casBackend->groupMapping); $tabGRP = explode("@", $wTabGrp); $i = 0; $mesGroupes = array(); foreach ($tabGRP as $key => $value) { $ListeMembre = $LDAP->getMembersOfGroup($value, $restrictGrp); if (in_array($uid, $ListeMembre)) { $AccesCloudAMU = 1; } } } else { $AccesCloud = 1; } /* * Si pas d'acces, alors déconnexion */ if ($AccesCloud == 0) { /* * On vérifie si le compte utilisé est un compte local */ if (!$userDB->userExists($uid)) { OCP\Util::writeLog('user_cas', "Aucun droit d'accès pour l'utilisateur " . $uid, OCP\Util::ERROR); \OC_User::logout(); } else { OCP\Util::writeLog('user_cas', "Authentification locale pour l'utilisateur " . $uid, OCP\Util::DEBUG); OC::$REQUESTEDAPP = ''; OC_Util::redirectToDefaultPage(); exit(0); } } /** * Récupère les groupes liés à l'utilisateur avec la racine définie dans le formulaire 'cas_group_root' * Si 'cas_group_root' n'est pas renseingé => pas de récupération de groupes */ $mesGroupes = array(); OCP\Util::writeLog('user_cas', "Authentification (Racine Groupes LDAP=" . $casBackend->groupRoot . ")", OCP\Util::DEBUG); if ($casBackend->groupRoot) { $i = 0; $ListeGRP = $LDAP->getMemberOf($uid); $a = sizeof($ListeGRP); OCP\Util::writeLog('user_cas', "Taille=" . $a . " UID=" . $uid, OCP\Util::ERROR); OCP\Util::writeLog('user_cas', "Racine Groupe=" . $casBackend->groupRoot, OCP\Util::ERROR); foreach ($ListeGRP as $key => $value) { if (strstr($value, $casBackend->groupRoot)) { $mesGroupes[$i] = strtoupper(str_replace(':', '_', substr($value, 8))); OCP\Util::writeLog('user_cas', "Groupe[{$i}]=" . $mesGroupes[$i], OCP\Util::ERROR); $i++; } } } if (phpCAS::checkAuthentication()) { //$attributes = phpCAS::getAttributes(); $cas_uid = phpCAS::getUser(); if ($cas_uid == $uid) { /* * Récupération des information utilisateur (LDAP) */ $tabLdapUser = $LDAP->getUserInfo($uid); if ($tabLdapUser) { $DisplayName = $tabLdapUser['displayName']; } if (!$userDB->userExists($uid)) { if (preg_match('/[^a-zA-Z0-9 _\\.@\\-]/', $uid)) { OCP\Util::writeLog('cas', 'Utilisateur invalide "' . $uid . '", caracteres autorises "a-zA-Z0-9" and "_.@-" ', OCP\Util::DEBUG); return false; } else { /* * Dans le cas d'une création */ $random_password = \OC_Util::generateRandomBytes(20); $userDB->createUser($uid, $tabLdapUser['userpassword']); $userDB->setDisplayName($uid, $DisplayName); /* * Mise à jour du quota si gestion dans fichier de configuration */ if ($EQuota != "unManaged" && $tabLdapUser['eduPersonPrimaryAffiliation'] == 'student') { update_quota($uid, $EQuota); } if ($PQuota != "unManaged" && $tabLdapUser['eduPersonPrimaryAffiliation'] != 'student') { update_quota($uid, $PQuota); } } } /* * Mise à jour des groupes associés */ if (sizeof($mesGroupes) > 0) { $cas_groups = $mesGroupes; update_groups($uid, $cas_groups, $casBackend->protectedGroups, true); } /* * Mise à jour du mail */ update_mail($uid, $tabLdapUser['Mail']); /* * Mise à jour du display name */ $userDB->setDisplayName($uid, $DisplayName); return true; } } return false; }
public static function init() { // register autoloader spl_autoload_register(array('OC', 'autoload')); OC_Util::issetlocaleworking(); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } self::$CLI = php_sapi_name() == 'cli'; date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); // try to switch magic quotes off. if (get_magic_quotes_gpc() == 1) { ini_set('magic_quotes_runtime', 0); } //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); //copy http auth headers for apache+php-fcgid work around if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; } //set http auth headers for apache+php-cgi work around if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } //set http auth headers for apache+php-cgi work around if variable gets renamed by apache if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } self::initPaths(); // set debug mode if an xdebug session is active if (!defined('DEBUG') || !DEBUG) { if (isset($_COOKIE['XDEBUG_SESSION'])) { define('DEBUG', true); } } if (!defined('PHPUNIT_RUN') and !(defined('DEBUG') and DEBUG)) { register_shutdown_function(array('OC_Log', 'onShutdown')); set_error_handler(array('OC_Log', 'onError')); set_exception_handler(array('OC_Log', 'onException')); } // register the stream wrappers stream_wrapper_register('fakedir', 'OC\\Files\\Stream\\Dir'); stream_wrapper_register('static', 'OC\\Files\\Stream\\StaticStream'); stream_wrapper_register('close', 'OC\\Files\\Stream\\Close'); stream_wrapper_register('oc', 'OC\\Files\\Stream\\OC'); self::initTemplateEngine(); self::checkConfig(); self::checkInstalled(); self::checkSSL(); self::initSession(); $errors = OC_Util::checkServer(); if (count($errors) > 0) { OC_Template::printGuestPage('', 'error', array('errors' => $errors)); exit; } //try to set the session lifetime $sessionLifeTime = self::getSessionLifeTime(); @ini_set('gc_maxlifetime', (string) $sessionLifeTime); // User and Groups if (!OC_Config::getValue("installed", false)) { $_SESSION['user_id'] = ''; } OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SESSION['user_id']) && $_SERVER['PHP_AUTH_USER'] != $_SESSION['user_id']) { OC_User::logout(); } // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; if (!$RUNTIME_NOAPPS) { if ($RUNTIME_APPTYPES) { OC_App::loadApps($RUNTIME_APPTYPES); } else { OC_App::loadApps(); } } //setup extra user backends OC_User::setupBackends(); self::registerCacheHooks(); self::registerFilesystemHooks(); self::registerShareHooks(); //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); //parse the given parameters self::$REQUESTEDAPP = isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? OC_App::cleanAppId(strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'); if (substr_count(self::$REQUESTEDAPP, '?') != 0) { $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDAPP = $app; $_GET['app'] = $app; } self::$REQUESTEDFILE = isset($_GET['getfile']) ? $_GET['getfile'] : null; if (substr_count(self::$REQUESTEDFILE, '?') != 0) { $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDFILE = $file; $_GET['getfile'] = $file; } if (!is_null(self::$REQUESTEDFILE)) { $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE; $parent = OC_App::getAppPath(OC::$REQUESTEDAPP); if (!OC_Helper::issubdirectory($subdir, $parent)) { self::$REQUESTEDFILE = null; header('HTTP/1.0 404 Not Found'); exit; } } // write error into log if locale can't be set if (OC_Util::issetlocaleworking() == false) { OC_Log::write('core', 'setting locale to en_US.UTF-8/en_US.UTF8 failed. Support is probably not installed on your system', OC_Log::ERROR); } if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) { if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { OC_Util::addScript('backgroundjobs'); } } }
public static function init() { // register autoloader spl_autoload_register(array('OC', 'autoload')); setlocale(LC_ALL, 'en_US.UTF-8'); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } self::$CLI = php_sapi_name() == 'cli'; date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); // try to switch magic quotes off. if (function_exists('set_magic_quotes_runtime')) { @set_magic_quotes_runtime(false); } //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); //try to set the session lifetime to 60min @ini_set('gc_maxlifetime', '3600'); //set http auth headers for apache+php-cgi work around if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } //set http auth headers for apache+php-cgi work around if variable gets renamed by apache if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } self::initPaths(); // set debug mode if an xdebug session is active if (!defined('DEBUG') || !DEBUG) { if (isset($_COOKIE['XDEBUG_SESSION'])) { define('DEBUG', true); } } // register the stream wrappers require_once 'streamwrappers.php'; stream_wrapper_register("fakedir", "OC_FakeDirStream"); stream_wrapper_register('static', 'OC_StaticStreamWrapper'); stream_wrapper_register('close', 'OC_CloseStreamWrapper'); self::checkInstalled(); self::checkSSL(); self::initSession(); self::initTemplateEngine(); self::checkUpgrade(); $errors = OC_Util::checkServer(); if (count($errors) > 0) { OC_Template::printGuestPage('', 'error', array('errors' => $errors)); exit; } // User and Groups if (!OC_Config::getValue("installed", false)) { $_SESSION['user_id'] = ''; } OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SESSION['user_id']) && $_SERVER['PHP_AUTH_USER'] != $_SESSION['user_id']) { OC_User::logout(); } // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; if (!$RUNTIME_NOAPPS) { if ($RUNTIME_APPTYPES) { OC_App::loadApps($RUNTIME_APPTYPES); } else { OC_App::loadApps(); } } //setup extra user backends OC_User::setupBackends(); // register cache cleanup jobs OC_BackgroundJob_RegularTask::register('OC_Cache_FileGlobal', 'gc'); OC_Hook::connect('OC_User', 'post_login', 'OC_Cache_File', 'loginListener'); // Check for blacklisted files OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted'); OC_Hook::connect('OC_Filesystem', 'rename', 'OC_Filesystem', 'isBlacklisted'); //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); //parse the given parameters self::$REQUESTEDAPP = isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? str_replace(array('\\0', '/', '\\', '..'), '', strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'); if (substr_count(self::$REQUESTEDAPP, '?') != 0) { $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDAPP = $app; $_GET['app'] = $app; } self::$REQUESTEDFILE = isset($_GET['getfile']) ? $_GET['getfile'] : null; if (substr_count(self::$REQUESTEDFILE, '?') != 0) { $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDFILE = $file; $_GET['getfile'] = $file; } if (!is_null(self::$REQUESTEDFILE)) { $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE; $parent = OC_App::getAppPath(OC::$REQUESTEDAPP); if (!OC_Helper::issubdirectory($subdir, $parent)) { self::$REQUESTEDFILE = null; header('HTTP/1.0 404 Not Found'); exit; } } }
public static function init() { // register autoloader require_once __DIR__ . '/autoloader.php'; self::$loader = new \OC\Autoloader(); self::$loader->registerPrefix('Doctrine\\Common', 'doctrine/common/lib'); self::$loader->registerPrefix('Doctrine\\DBAL', 'doctrine/dbal/lib'); self::$loader->registerPrefix('Symfony\\Component\\Routing', 'symfony/routing'); self::$loader->registerPrefix('Symfony\\Component\\Console', 'symfony/console'); self::$loader->registerPrefix('Sabre\\VObject', '3rdparty'); self::$loader->registerPrefix('Sabre_', '3rdparty'); self::$loader->registerPrefix('Patchwork', '3rdparty'); spl_autoload_register(array(self::$loader, 'load')); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } self::$CLI = php_sapi_name() == 'cli'; date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); // try to switch magic quotes off. if (get_magic_quotes_gpc() == 1) { ini_set('magic_quotes_runtime', 0); } //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); //copy http auth headers for apache+php-fcgid work around if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; } //set http auth headers for apache+php-cgi work around if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } //set http auth headers for apache+php-cgi work around if variable gets renamed by apache if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1]), 2); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } self::initPaths(); if (OC_Config::getValue('instanceid', false)) { // \OC\Memcache\Cache has a hidden dependency on // OC_Util::getInstanceId() for namespacing. See #5409. try { self::$loader->setMemoryCache(\OC\Memcache\Factory::createLowLatency('Autoloader')); } catch (\Exception $ex) { } } OC_Util::isSetLocaleWorking(); // set debug mode if an xdebug session is active if (!defined('DEBUG') || !DEBUG) { if (isset($_COOKIE['XDEBUG_SESSION'])) { define('DEBUG', true); } } if (!defined('PHPUNIT_RUN')) { if (defined('DEBUG') and DEBUG) { OC\Log\ErrorHandler::register(true); set_exception_handler(array('OC_Template', 'printExceptionErrorPage')); } else { OC\Log\ErrorHandler::register(); } OC\Log\ErrorHandler::setLogger(OC_Log::$object); } // register the stream wrappers stream_wrapper_register('fakedir', 'OC\\Files\\Stream\\Dir'); stream_wrapper_register('static', 'OC\\Files\\Stream\\StaticStream'); stream_wrapper_register('close', 'OC\\Files\\Stream\\Close'); stream_wrapper_register('quota', 'OC\\Files\\Stream\\Quota'); stream_wrapper_register('oc', 'OC\\Files\\Stream\\OC'); // setup the basic server self::$server = new \OC\Server(); self::initTemplateEngine(); OC_App::loadApps(array('session')); if (!self::$CLI) { self::initSession(); } else { self::$session = new \OC\Session\Memory(''); } self::checkConfig(); self::checkInstalled(); self::checkSSL(); self::addSecurityHeaders(); $errors = OC_Util::checkServer(); if (count($errors) > 0) { if (self::$CLI) { foreach ($errors as $error) { echo $error['error'] . "\n"; echo $error['hint'] . "\n\n"; } } else { OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); OC_Template::printGuestPage('', 'error', array('errors' => $errors)); } exit; } //try to set the session lifetime $sessionLifeTime = self::getSessionLifeTime(); @ini_set('gc_maxlifetime', (string) $sessionLifeTime); // User and Groups if (!OC_Config::getValue("installed", false)) { self::$session->set('user_id', ''); } OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); if (isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('loginname') && $_SERVER['PHP_AUTH_USER'] !== self::$session->get('loginname')) { $sessionUser = self::$session->get('loginname'); $serverUser = $_SERVER['PHP_AUTH_USER']; OC_Log::write('core', "Session loginname ({$sessionUser}) doesn't match SERVER[PHP_AUTH_USER] ({$serverUser}).", OC_Log::WARN); OC_User::logout(); } // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; if (!$RUNTIME_NOAPPS && !self::checkUpgrade(false)) { if ($RUNTIME_APPTYPES) { OC_App::loadApps($RUNTIME_APPTYPES); } else { OC_App::loadApps(); } } //setup extra user backends OC_User::setupBackends(); self::registerCacheHooks(); self::registerFilesystemHooks(); self::registerPreviewHooks(); self::registerShareHooks(); self::registerLogRotate(); //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); //parse the given parameters self::$REQUESTEDAPP = isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? OC_App::cleanAppId(strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'); if (substr_count(self::$REQUESTEDAPP, '?') != 0) { $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDAPP = $app; $_GET['app'] = $app; } self::$REQUESTEDFILE = isset($_GET['getfile']) ? $_GET['getfile'] : null; if (substr_count(self::$REQUESTEDFILE, '?') != 0) { $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDFILE = $file; $_GET['getfile'] = $file; } if (!is_null(self::$REQUESTEDFILE)) { $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE; $parent = OC_App::getAppPath(OC::$REQUESTEDAPP); if (!OC_Helper::issubdirectory($subdir, $parent)) { self::$REQUESTEDFILE = null; header('HTTP/1.0 404 Not Found'); exit; } } if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) { if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { OC_Util::addScript('backgroundjobs'); } } }
public static function init() { // register autoloader spl_autoload_register(array('OC', 'autoload')); setlocale(LC_ALL, 'en_US.UTF-8'); // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); if (defined('DEBUG') && DEBUG) { ini_set('display_errors', 1); } date_default_timezone_set('UTC'); ini_set('arg_separator.output', '&'); // try to switch magic quotes off. if (function_exists('set_magic_quotes_runtime')) { @set_magic_quotes_runtime(false); } //try to configure php to enable big file uploads. //this doesn´t work always depending on the webserver and php configuration. //Let´s try to overwrite some defaults anyways //try to set the maximum execution time to 60min @set_time_limit(3600); @ini_set('max_execution_time', 3600); @ini_set('max_input_time', 3600); //try to set the maximum filesize to 10G @ini_set('upload_max_filesize', '10G'); @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); //try to set the session lifetime to 60min @ini_set('gc_maxlifetime', '3600'); //set http auth headers for apache+php-cgi work around if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } //set http auth headers for apache+php-cgi work around if variable gets renamed by apache if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { list($name, $password) = explode(':', base64_decode($matches[1])); $_SERVER['PHP_AUTH_USER'] = strip_tags($name); $_SERVER['PHP_AUTH_PW'] = strip_tags($password); } self::initPaths(); // register the stream wrappers require_once 'streamwrappers.php'; stream_wrapper_register("fakedir", "OC_FakeDirStream"); stream_wrapper_register('static', 'OC_StaticStreamWrapper'); stream_wrapper_register('close', 'OC_CloseStreamWrapper'); self::checkInstalled(); self::checkSSL(); // CSRF protection if (isset($_SERVER['HTTP_REFERER'])) { $referer = $_SERVER['HTTP_REFERER']; } else { $referer = ''; } $refererhost = parse_url($referer); if (isset($refererhost['host'])) { $refererhost = $refererhost['host']; } else { $refererhost = ''; } $server = OC_Helper::serverHost(); $serverhost = explode(':', $server); $serverhost = $serverhost['0']; if ($_SERVER['REQUEST_METHOD'] == 'POST' and $refererhost != $serverhost) { $url = OC_Helper::serverProtocol() . '://' . $server . OC::$WEBROOT . '/index.php'; header("Location: {$url}"); exit; } self::initSession(); self::initTemplateEngine(); self::checkUpgrade(); $errors = OC_Util::checkServer(); if (count($errors) > 0) { OC_Template::printGuestPage('', 'error', array('errors' => $errors)); exit; } // TODO: we should get rid of this one, too // WARNING: to make everything even more confusing, // DATADIRECTORY is a var that changes and DATADIRECTORY_ROOT // stays the same, but is set by "datadirectory". // Any questions? OC::$CONFIG_DATADIRECTORY = OC_Config::getValue("datadirectory", OC::$SERVERROOT . "/data"); // User and Groups if (!OC_Config::getValue("installed", false)) { $_SESSION['user_id'] = ''; } OC_User::useBackend(OC_Config::getValue("userbackend", "database")); OC_Group::useBackend(new OC_Group_Database()); // Set up file system unless forbidden global $RUNTIME_NOSETUPFS; if (!$RUNTIME_NOSETUPFS) { OC_Util::setupFS(); } // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; if (!$RUNTIME_NOAPPS) { if ($RUNTIME_APPTYPES) { OC_App::loadApps($RUNTIME_APPTYPES); } else { OC_App::loadApps(); } } // Check for blacklisted files OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted'); //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper', 'cleanTmp')); //parse the given parameters self::$REQUESTEDAPP = isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? str_replace(array('\\0', '/', '\\', '..'), '', strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'); if (substr_count(self::$REQUESTEDAPP, '?') != 0) { $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); $param = substr(self::$REQUESTEDAPP, strpos(self::$REQUESTEDAPP, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDAPP = $app; $_GET['app'] = $app; } self::$REQUESTEDFILE = isset($_GET['getfile']) ? $_GET['getfile'] : null; if (substr_count(self::$REQUESTEDFILE, '?') != 0) { $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); parse_str($param, $get); $_GET = array_merge($_GET, $get); self::$REQUESTEDFILE = $file; $_GET['getfile'] = $file; } if (!is_null(self::$REQUESTEDFILE)) { $subdir = OC::$APPSROOT . '/apps/' . self::$REQUESTEDAPP . '/' . self::$REQUESTEDFILE; $parent = OC::$APPSROOT . '/apps/' . self::$REQUESTEDAPP; if (!OC_Helper::issubdirectory($subdir, $parent)) { self::$REQUESTEDFILE = null; header('HTTP/1.0 404 Not Found'); exit; } } }
/** * Find the route matching $url * * @param string $url The url to find * @throws \Exception * @return void */ public function match($url) { if (substr($url, 0, 6) === '/apps/') { // empty string / 'apps' / $app / rest of the route list(, , $app, ) = explode('/', $url, 4); $app = \OC_App::cleanAppId($app); \OC::$REQUESTEDAPP = $app; $this->loadRoutes($app); } else { if (substr($url, 0, 6) === '/core/' or substr($url, 0, 10) === '/settings/') { \OC::$REQUESTEDAPP = $url; if (!\OC_Config::getValue('maintenance', false) && !\OCP\Util::needUpgrade()) { \OC_App::loadApps(); } $this->loadRoutes('core'); } else { $this->loadRoutes(); } } $matcher = new UrlMatcher($this->root, $this->context); $parameters = $matcher->match($url); if (isset($parameters['action'])) { $action = $parameters['action']; if (!is_callable($action)) { var_dump($action); throw new \Exception('not a callable action'); } unset($parameters['action']); call_user_func($action, $parameters); } elseif (isset($parameters['file'])) { include $parameters['file']; } else { throw new \Exception('no action available'); } }