2010-03-10 15:03:40 +03:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/**
|
|
|
|
* ownCloud
|
|
|
|
*
|
2011-03-02 01:20:16 +03:00
|
|
|
* @author Frank Karlitschek
|
|
|
|
* @copyright 2010 Frank Karlitschek karlitschek@kde.org
|
|
|
|
*
|
2010-03-10 15:03:40 +03:00
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
2011-03-02 01:20:16 +03:00
|
|
|
* License as published by the Free Software Foundation; either
|
2010-03-10 15:03:40 +03:00
|
|
|
* version 3 of the License, or any later version.
|
2011-03-02 01:20:16 +03:00
|
|
|
*
|
2010-03-10 15:03:40 +03:00
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
2011-03-02 01:20:16 +03:00
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public
|
2010-03-10 15:03:40 +03:00
|
|
|
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
2011-03-02 01:20:16 +03:00
|
|
|
*
|
2010-03-10 15:03:40 +03:00
|
|
|
*/
|
|
|
|
|
2011-05-18 00:34:31 +04:00
|
|
|
$RUNTIME_NOAPPS = TRUE; //no apps, yet
|
2011-04-18 16:05:21 +04:00
|
|
|
|
2011-07-27 21:25:49 +04:00
|
|
|
require_once('lib/base.php');
|
2011-04-16 17:47:27 +04:00
|
|
|
|
2011-09-18 22:57:05 +04:00
|
|
|
// Setup required :
|
2011-07-29 23:36:03 +04:00
|
|
|
$not_installed = !OC_Config::getValue('installed', false);
|
2011-10-03 16:41:55 +04:00
|
|
|
if($not_installed) {
|
2011-10-10 13:48:58 +04:00
|
|
|
// Check for autosetup:
|
|
|
|
$autosetup_file = OC::$SERVERROOT."/config/autoconfig.php";
|
|
|
|
if( file_exists( $autosetup_file )){
|
2011-10-16 23:42:24 +04:00
|
|
|
OC_Log::write('core','Autoconfig file found, setting up owncloud...',OC_Log::INFO);
|
2011-10-10 13:48:58 +04:00
|
|
|
include( $autosetup_file );
|
|
|
|
$_POST['install'] = 'true';
|
|
|
|
$_POST = array_merge ($_POST, $AUTOCONFIG);
|
|
|
|
unlink($autosetup_file);
|
|
|
|
}
|
2011-09-18 22:57:05 +04:00
|
|
|
OC_Util::addScript('setup');
|
2011-05-18 00:34:31 +04:00
|
|
|
require_once('setup.php');
|
2011-08-07 17:39:01 +04:00
|
|
|
exit();
|
2011-05-18 00:34:31 +04:00
|
|
|
}
|
|
|
|
|
2011-09-18 22:57:05 +04:00
|
|
|
// Handle WebDAV
|
|
|
|
if($_SERVER['REQUEST_METHOD']=='PROPFIND'){
|
2012-05-07 22:22:55 +04:00
|
|
|
header('location: '.OC_Helper::linkToRemote('webdav'));
|
2011-08-04 22:06:33 +04:00
|
|
|
exit();
|
|
|
|
}
|
2012-05-17 23:56:33 +04:00
|
|
|
elseif(!OC_User::isLoggedIn() && substr(OC::$REQUESTEDFILE,-3) == 'css'){
|
|
|
|
OC_App::loadApps();
|
|
|
|
OC::loadfile();
|
|
|
|
}
|
2011-05-18 00:34:31 +04:00
|
|
|
// Someone is logged in :
|
2011-07-29 23:36:03 +04:00
|
|
|
elseif(OC_User::isLoggedIn()) {
|
2012-04-26 16:52:55 +04:00
|
|
|
OC_App::loadApps();
|
2011-05-18 00:34:31 +04:00
|
|
|
if(isset($_GET["logout"]) and ($_GET["logout"])) {
|
2011-07-29 23:36:03 +04:00
|
|
|
OC_User::logout();
|
2011-09-18 21:37:54 +04:00
|
|
|
header("Location: ".OC::$WEBROOT.'/');
|
2011-04-16 15:24:26 +04:00
|
|
|
exit();
|
2012-04-26 16:52:55 +04:00
|
|
|
}else{
|
2012-04-19 18:44:49 +04:00
|
|
|
if(is_null(OC::$REQUESTEDFILE)){
|
|
|
|
OC::loadapp();
|
|
|
|
}else{
|
|
|
|
OC::loadfile();
|
|
|
|
}
|
2011-04-16 14:18:42 +04:00
|
|
|
}
|
2011-05-18 00:34:31 +04:00
|
|
|
|
2011-10-01 13:08:49 +04:00
|
|
|
// For all others cases, we display the guest page :
|
2012-04-27 01:17:46 +04:00
|
|
|
} else {
|
2011-09-18 11:15:30 +04:00
|
|
|
OC_App::loadApps();
|
2011-10-01 13:08:49 +04:00
|
|
|
$error = false;
|
|
|
|
// remember was checked after last login
|
|
|
|
if(isset($_COOKIE["oc_remember_login"]) && isset($_COOKIE["oc_token"]) && isset($_COOKIE["oc_username"]) && $_COOKIE["oc_remember_login"]) {
|
|
|
|
if(defined("DEBUG") && DEBUG) {
|
2011-10-16 23:42:24 +04:00
|
|
|
OC_Log::write('core','Trying to login from cookie',OC_Log::DEBUG);
|
2011-07-20 17:04:14 +04:00
|
|
|
}
|
2011-10-01 13:08:49 +04:00
|
|
|
// confirm credentials in cookie
|
|
|
|
if(isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username']) &&
|
|
|
|
OC_Preferences::getValue($_COOKIE['oc_username'], "login", "token") == $_COOKIE['oc_token']) {
|
|
|
|
OC_User::setUserId($_COOKIE['oc_username']);
|
|
|
|
OC_Util::redirectToDefaultPage();
|
|
|
|
}
|
2011-10-04 21:41:00 +04:00
|
|
|
else {
|
|
|
|
OC_User::unsetMagicInCookie();
|
|
|
|
}
|
2012-02-20 14:21:46 +04:00
|
|
|
|
2011-10-01 13:08:49 +04:00
|
|
|
// Someone wants to log in :
|
2012-04-27 01:17:46 +04:00
|
|
|
} elseif(isset($_POST["user"]) and isset($_POST['password']) and isset($_SESSION['sectoken']) and isset($_POST['sectoken']) and ($_SESSION['sectoken']==$_POST['sectoken']) ) {
|
2011-10-01 13:08:49 +04:00
|
|
|
if(OC_User::login($_POST["user"], $_POST["password"])) {
|
|
|
|
if(!empty($_POST["remember_login"])){
|
|
|
|
if(defined("DEBUG") && DEBUG) {
|
2011-10-16 23:42:24 +04:00
|
|
|
OC_Log::write('core','Setting remember login to cookie',OC_Log::DEBUG);
|
2011-10-01 13:08:49 +04:00
|
|
|
}
|
2011-12-14 16:26:34 +04:00
|
|
|
$token = md5($_POST["user"].time().$_POST['password']);
|
2011-10-01 13:08:49 +04:00
|
|
|
OC_Preferences::setValue($_POST['user'], 'login', 'token', $token);
|
|
|
|
OC_User::setMagicInCookie($_POST["user"], $token);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
OC_User::unsetMagicInCookie();
|
|
|
|
}
|
|
|
|
OC_Util::redirectToDefaultPage();
|
|
|
|
} else {
|
|
|
|
$error = true;
|
2011-07-20 17:04:14 +04:00
|
|
|
}
|
2012-04-27 01:17:46 +04:00
|
|
|
|
2011-12-01 05:02:45 +04:00
|
|
|
// The user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
|
2012-04-27 01:17:46 +04:00
|
|
|
} elseif(isset($_SERVER["PHP_AUTH_USER"]) && isset($_SERVER["PHP_AUTH_PW"])){
|
2011-12-01 05:02:45 +04:00
|
|
|
if (OC_User::login($_SERVER["PHP_AUTH_USER"],$_SERVER["PHP_AUTH_PW"])) {
|
|
|
|
//OC_Log::write('core',"Logged in with HTTP Authentication",OC_Log::DEBUG);
|
|
|
|
OC_User::unsetMagicInCookie();
|
|
|
|
OC_Util::redirectToDefaultPage();
|
|
|
|
}else{
|
|
|
|
$error = true;
|
2011-10-14 22:33:11 +04:00
|
|
|
}
|
2011-12-01 05:02:45 +04:00
|
|
|
}
|
2012-05-11 18:42:28 +04:00
|
|
|
if(!array_key_exists('sectoken', $_SESSION) || (array_key_exists('sectoken', $_SESSION) && is_null(OC::$REQUESTEDFILE)) || substr(OC::$REQUESTEDFILE, -3) == 'php'){
|
2012-04-27 16:55:06 +04:00
|
|
|
$sectoken=rand(1000000,9999999);
|
|
|
|
$_SESSION['sectoken']=$sectoken;
|
2012-05-09 01:41:50 +04:00
|
|
|
OC_Template::printGuestPage('', 'login', array('error' => $error, 'sectoken' => $sectoken, 'redirect' => isset($_REQUEST['redirect_url'])?htmlentities($_REQUEST['redirect_url']):'' ));
|
2012-04-27 16:55:06 +04:00
|
|
|
}
|
2010-03-10 15:03:40 +03:00
|
|
|
}
|