nextcloud/apps/files_sharing/public.php

179 lines
7.0 KiB
PHP
Raw Normal View History

2012-08-27 23:46:05 +04:00
<?php
// Load other apps for file previews
OC_App::loadApps();
// Compatibility with shared-by-link items from ownCloud 4.0
// requires old Sharing table !
// support will be removed in OC 5.0,a
if (isset($_GET['token'])) {
unset($_GET['file']);
$qry = \OC_DB::prepare('SELECT `source` FROM `*PREFIX*sharing` WHERE `target` = ? LIMIT 1');
$filepath = $qry->execute(array($_GET['token']))->fetchOne();
if(isset($filepath)) {
$info = OC_FileCache_Cached::get($filepath, '');
if(strtolower($info['mimetype']) == 'httpd/unix-directory') {
$_GET['dir'] = $filepath;
} else {
$_GET['file'] = $filepath;
}
\OCP\Util::writeLog('files_sharing', 'You have files that are shared by link originating from ownCloud 4.0. Redistribute the new links, because backwards compatibility will be removed in ownCloud 5.', \OCP\Util::WARN);
}
}
// Enf of backward compatibility
2012-09-19 07:56:00 +04:00
if (isset($_GET['file']) || isset($_GET['dir'])) {
if (isset($_GET['dir'])) {
$type = 'folder';
$path = $_GET['dir'];
$baseDir = basename($path);
$dir = $baseDir;
} else {
$type = 'file';
$path = $_GET['file'];
}
$uidOwner = substr($path, 1, strpos($path, '/', 1) - 1);
2012-08-27 23:46:05 +04:00
if (OCP\User::userExists($uidOwner)) {
OC_Util::setupFS($uidOwner);
2012-09-19 07:56:00 +04:00
$fileSource = OC_Filecache::getId($path, '');
if ($fileSource != -1 && ($linkItem = OCP\Share::getItemSharedWithByLink($type, $fileSource, $uidOwner))) {
2012-08-27 23:46:05 +04:00
if (isset($linkItem['share_with'])) {
// Check password
if (isset($_POST['password'])) {
$password = $_POST['password'];
$storedHash = $linkItem['share_with'];
$forcePortable = (CRYPT_BLOWFISH != 1);
$hasher = new PasswordHash(8, $forcePortable);
if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''), $storedHash))) {
$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
$tmpl->assign('URL', OCP\Util::linkToPublic('files').'&file='.$_GET['file']);
2012-08-27 23:46:05 +04:00
$tmpl->assign('error', true);
$tmpl->printPage();
exit();
} else {
// Save item id in session for future requests
$_SESSION['public_link_authenticated'] = $linkItem['id'];
2012-08-27 23:46:05 +04:00
}
// Check if item id is set in session
} else if (!isset($_SESSION['public_link_authenticated']) || $_SESSION['public_link_authenticated'] !== $linkItem['id']) {
2012-08-27 23:46:05 +04:00
// Prompt for password
$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
$tmpl->assign('URL', OCP\Util::linkToPublic('files').'&file='.$_GET['file']);
2012-08-27 23:46:05 +04:00
$tmpl->printPage();
exit();
}
}
$path = $linkItem['path'];
2012-09-19 07:56:00 +04:00
if (isset($_GET['path'])) {
$path .= $_GET['path'];
$dir .= $_GET['path'];
if (!OC_Filesystem::file_exists($path)) {
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');
$tmpl->printPage();
exit();
}
}
2012-08-27 23:46:05 +04:00
// Download the file
if (isset($_GET['download'])) {
$mimetype = OC_Filesystem::getMimeType($path);
header('Content-Transfer-Encoding: binary');
header('Content-Disposition: attachment; filename="'.basename($path).'"');
header('Content-Type: '.$mimetype);
header('Content-Length: '.OC_Filesystem::filesize($path));
OCP\Response::disableCaching();
@ob_clean();
OC_Filesystem::readfile($path);
} else {
OCP\Util::addStyle('files_sharing', 'public');
OCP\Util::addScript('files_sharing', 'public');
OCP\Util::addScript('files', 'fileactions');
$tmpl = new OCP\Template('files_sharing', 'public', 'base');
2012-08-27 23:46:05 +04:00
$tmpl->assign('owner', $uidOwner);
// Show file list
if (OC_Filesystem::is_dir($path)) {
2012-09-19 07:56:00 +04:00
OCP\Util::addStyle('files', 'files');
OCP\Util::addScript('files', 'files');
OCP\Util::addScript('files', 'filelist');
$files = array();
$rootLength = strlen($baseDir) + 1;
foreach (OC_Files::getDirectoryContent($path) as $i) {
$i['date'] = OCP\Util::formatDate($i['mtime']);
if ($i['type'] == 'file') {
$fileinfo = pathinfo($i['name']);
$i['basename'] = $fileinfo['filename'];
$i['extension'] = isset($fileinfo['extension']) ? ('.'.$fileinfo['extension']) : '';
}
$i['directory'] = substr($i['directory'], $rootLength);
if ($i['directory'] == '/') {
$i['directory'] = '';
}
$i['permissions'] = OCP\Share::PERMISSION_READ;
$files[] = $i;
}
// Make breadcrumb
$breadcrumb = array();
$pathtohere = '';
foreach (explode('/', $dir) as $i) {
if ($i != '') {
if ($i != $baseDir) {
$pathtohere .= '/'.$i;
}
$breadcrumb[] = array('dir' => $pathtohere, 'name' => $i);
}
}
$list = new OCP\Template('files', 'part.list', '');
$list->assign('files', $files, false);
$list->assign('baseURL', OCP\Util::linkToPublic('files').'&dir='.$_GET['dir'].'&path=', false);
$list->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path=', false);
$breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', '' );
$breadcrumbNav->assign('breadcrumb', $breadcrumb, false);
$breadcrumbNav->assign('baseURL', OCP\Util::linkToPublic('files').'&dir='.$_GET['dir'].'&path=', false);
$folder = new OCP\Template('files', 'index', '');
$folder->assign('fileList', $list->fetchPage(), false);
$folder->assign('breadcrumb', $breadcrumbNav->fetchPage(), false);
$folder->assign('dir', basename($dir));
$folder->assign('isCreatable', false);
$folder->assign('permissions', 0);
$folder->assign('files', $files);
$folder->assign('uploadMaxFilesize', 0);
$folder->assign('uploadMaxHumanFilesize', 0);
$folder->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true)));
$tmpl->assign('folder', $folder->fetchPage(), false);
2012-09-21 13:48:20 +04:00
$tmpl->assign('uidOwner', $uidOwner);
2012-09-19 07:56:00 +04:00
$tmpl->assign('dir', basename($dir));
$tmpl->assign('filename', basename($path));
$tmpl->assign('mimetype', OC_Filesystem::getMimeType($path));
$tmpl->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true)));
if (isset($_GET['path'])) {
$getPath = $_GET['path'];
} else {
$getPath = '';
}
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath);
2012-08-27 23:46:05 +04:00
} else {
// Show file preview if viewer is available
2012-09-21 13:48:20 +04:00
$tmpl->assign('uidOwner', $uidOwner);
2012-08-27 23:46:05 +04:00
$tmpl->assign('dir', dirname($path));
$tmpl->assign('filename', basename($path));
$tmpl->assign('mimetype', OC_Filesystem::getMimeType($path));
2012-09-19 07:56:00 +04:00
if ($type == 'file') {
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&file='.$_GET['file'].'&download');
2012-09-19 07:56:00 +04:00
} else {
if (isset($_GET['path'])) {
$getPath = $_GET['path'];
} else {
$getPath = '';
}
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath);
2012-09-19 07:56:00 +04:00
}
2012-08-27 23:46:05 +04:00
}
$tmpl->printPage();
}
exit();
}
}
}
header('HTTP/1.0 404 Not Found');
$tmpl = new OCP\Template('', '404', 'guest');
2012-09-21 13:48:20 +04:00
$tmpl->printPage();