2011-07-27 21:07:28 +04:00
< ? php
/**
* Class for utility functions
*
*/
2012-10-12 17:37:44 +04:00
2011-07-29 23:36:03 +04:00
class OC_Util {
2011-07-27 21:07:28 +04:00
public static $scripts = array ();
public static $styles = array ();
public static $headers = array ();
2012-02-06 02:49:22 +04:00
private static $rootMounted = false ;
2011-07-27 21:07:28 +04:00
private static $fsSetup = false ;
2012-05-14 19:57:43 +04:00
public static $core_styles = array ();
2012-05-15 01:15:53 +04:00
public static $core_scripts = array ();
2011-07-27 21:07:28 +04:00
// Can be set up
2012-09-07 17:22:01 +04:00
public static function setupFS ( $user = '' ) { // configure the initial filesystem based on the configuration
if ( self :: $fsSetup ) { //setting up the filesystem twice can only lead to trouble
2011-07-27 21:07:28 +04:00
return false ;
}
2012-08-29 23:35:55 +04:00
// If we are not forced to load a specific user we load the one that is logged in
2012-09-07 17:22:01 +04:00
if ( $user == " " && OC_User :: isLoggedIn ()) {
2012-08-29 23:35:55 +04:00
$user = OC_User :: getUser ();
}
2012-10-28 16:47:53 +04:00
// load all filesystem apps before, so no setup-hook gets lost
2012-10-28 18:10:15 +04:00
if ( ! isset ( $RUNTIME_NOAPPS ) || ! $RUNTIME_NOAPPS ) {
2012-10-28 16:47:53 +04:00
OC_App :: loadApps ( array ( 'filesystem' ));
}
2012-08-29 23:35:55 +04:00
// the filesystem will finish when $user is not empty,
// mark fs setup here to avoid doing the setup from loading
// OC_Filesystem
if ( $user != '' ) {
self :: $fsSetup = true ;
}
2012-06-20 00:50:28 +04:00
$CONFIG_DATADIRECTORY = OC_Config :: getValue ( " datadirectory " , OC :: $SERVERROOT . " /data " );
2012-02-06 00:45:41 +04:00
//first set up the local "root" storage
2012-09-07 17:22:01 +04:00
if ( ! self :: $rootMounted ) {
2012-10-25 20:26:08 +04:00
\OC\Files\Filesystem :: mount ( '\OC\Files\Storage\Local' , array ( 'datadir' => $CONFIG_DATADIRECTORY ), '/' );
2012-02-06 02:49:22 +04:00
self :: $rootMounted = true ;
}
2012-06-20 10:57:21 +04:00
2012-09-07 17:22:01 +04:00
if ( $user != " " ) { //if we aren't logged in, there is no use to set up the filesystem
2012-06-19 19:38:04 +04:00
$user_dir = '/' . $user . '/files' ;
2012-08-27 00:03:02 +04:00
$user_root = OC_User :: getHome ( $user );
$userdirectory = $user_root . '/files' ;
2012-09-07 17:22:01 +04:00
if ( ! is_dir ( $userdirectory )) {
2012-06-20 00:50:28 +04:00
mkdir ( $userdirectory , 0755 , true );
2011-07-27 21:07:28 +04:00
}
2012-08-27 17:55:22 +04:00
//jail the user into his "home" directory
2013-02-11 04:09:58 +04:00
\OC\Files\Filesystem :: init ( $user , $user_dir );
2012-10-23 18:16:46 +04:00
2011-08-15 22:37:50 +04:00
$quotaProxy = new OC_FileProxy_Quota ();
2012-10-12 18:29:35 +04:00
$fileOperationProxy = new OC_FileProxy_FileOperations ();
2011-08-15 22:37:50 +04:00
OC_FileProxy :: register ( $quotaProxy );
2012-10-12 18:29:35 +04:00
OC_FileProxy :: register ( $fileOperationProxy );
2012-10-19 01:24:28 +04:00
2012-06-19 19:38:04 +04:00
OC_Hook :: emit ( 'OC_Filesystem' , 'setup' , array ( 'user' => $user , 'user_dir' => $user_dir ));
2011-07-27 21:07:28 +04:00
}
2012-10-26 20:29:24 +04:00
return true ;
2011-07-27 21:07:28 +04:00
}
2012-09-07 17:22:01 +04:00
public static function tearDownFS () {
2012-10-10 15:18:36 +04:00
\OC\Files\Filesystem :: tearDown ();
2011-07-27 21:07:28 +04:00
self :: $fsSetup = false ;
}
2012-10-28 16:45:37 +04:00
2011-07-27 21:07:28 +04:00
/**
* get the current installed version of ownCloud
* @ return array
*/
2012-09-07 17:22:01 +04:00
public static function getVersion () {
2012-10-09 18:02:01 +04:00
// hint: We only can count up. So the internal version number of ownCloud 4.5 will be 4.90.0. This is not visible to the user
2013-02-09 20:13:43 +04:00
return array ( 4 , 92 , 10 );
2011-09-28 15:52:26 +04:00
}
/**
* get the current installed version string of ownCloud
* @ return string
*/
2012-09-07 17:22:01 +04:00
public static function getVersionString () {
2013-02-09 20:13:43 +04:00
return '5.0 alpha 1' ;
2011-07-27 21:07:28 +04:00
}
2012-07-24 02:39:59 +04:00
/**
* get the current installed edition of ownCloud . There is the community edition that just returns an empty string and the enterprise edition that returns " Enterprise " .
* @ return string
*/
2012-09-07 17:22:01 +04:00
public static function getEditionString () {
2013-01-03 02:02:38 +04:00
return '' ;
2012-07-24 02:39:59 +04:00
}
2012-04-01 13:20:12 +04:00
2011-07-27 21:07:28 +04:00
/**
* add a javascript file
*
2012-05-01 23:07:08 +04:00
* @ param appid $application
* @ param filename $file
2011-07-27 21:07:28 +04:00
*/
2012-09-07 17:22:01 +04:00
public static function addScript ( $application , $file = null ) {
if ( is_null ( $file )) {
2011-07-27 21:07:28 +04:00
$file = $application ;
$application = " " ;
}
2012-09-07 17:22:01 +04:00
if ( ! empty ( $application )) {
2011-07-27 21:07:28 +04:00
self :: $scripts [] = " $application /js/ $file " ;
} else {
self :: $scripts [] = " js/ $file " ;
}
}
/**
* add a css file
*
2012-05-01 23:07:08 +04:00
* @ param appid $application
* @ param filename $file
2011-07-27 21:07:28 +04:00
*/
2012-09-07 17:22:01 +04:00
public static function addStyle ( $application , $file = null ) {
if ( is_null ( $file )) {
2011-07-27 21:07:28 +04:00
$file = $application ;
$application = " " ;
}
2012-09-07 17:22:01 +04:00
if ( ! empty ( $application )) {
2011-07-27 21:07:28 +04:00
self :: $styles [] = " $application /css/ $file " ;
} else {
self :: $styles [] = " css/ $file " ;
}
}
/**
* @ brief Add a custom element to the header
* @ param string tag tag name of the element
2012-02-08 01:33:01 +04:00
* @ param array $attributes array of attributes for the element
2011-07-27 21:07:28 +04:00
* @ param string $text the text content for the element
*/
2012-09-07 17:22:01 +04:00
public static function addHeader ( $tag , $attributes , $text = '' ) {
2012-11-30 03:18:42 +04:00
self :: $headers [] = array ( 'tag' => $tag , 'attributes' => $attributes , 'text' => $text );
2011-07-27 21:07:28 +04:00
}
2012-07-24 02:39:59 +04:00
/**
* formats a timestamp in the " right " way
*
* @ param int timestamp $timestamp
2012-11-30 03:18:42 +04:00
* @ param bool dateOnly option to omit time from the result
2012-07-24 02:39:59 +04:00
*/
2012-12-13 22:26:05 +04:00
public static function formatDate ( $timestamp , $dateOnly = false ) {
2012-09-07 17:22:01 +04:00
if ( isset ( $_SESSION [ 'timezone' ])) { //adjust to clients timezone if we know it
2012-04-16 14:21:12 +04:00
$systemTimeZone = intval ( date ( 'O' ));
2012-10-28 21:12:31 +04:00
$systemTimeZone = ( round ( $systemTimeZone / 100 , 0 ) * 60 ) + ( $systemTimeZone % 100 );
2012-04-16 14:21:12 +04:00
$clientTimeZone = $_SESSION [ 'timezone' ] * 60 ;
$offset = $clientTimeZone - $systemTimeZone ;
$timestamp = $timestamp + $offset * 60 ;
}
2012-06-07 16:44:59 +04:00
$l = OC_L10N :: get ( 'lib' );
return $l -> l ( $dateOnly ? 'date' : 'datetime' , $timestamp );
2011-07-27 21:07:28 +04:00
}
/**
* check if the current server configuration is suitable for ownCloud
* @ return array arrays with error messages and hints
*/
2012-09-07 17:22:01 +04:00
public static function checkServer () {
2011-07-27 21:07:28 +04:00
$errors = array ();
2012-09-12 01:51:12 +04:00
$web_server_restart = false ;
2011-07-27 21:07:28 +04:00
//check for database drivers
2012-09-07 17:22:01 +04:00
if ( ! ( is_callable ( 'sqlite_open' ) or class_exists ( 'SQLite3' )) and ! is_callable ( 'mysql_connect' ) and ! is_callable ( 'pg_connect' )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'No database drivers (sqlite, mysql, or postgresql) installed.<br/>' , 'hint' => '' ); //TODO: sane hint
2012-09-12 01:51:12 +04:00
$web_server_restart = true ;
2011-07-27 21:07:28 +04:00
}
//common hint for all file permissons error messages
2011-10-22 21:39:05 +04:00
$permissionsHint = " Permissions can usually be fixed by giving the webserver write access to the ownCloud directory " ;
2011-07-27 21:07:28 +04:00
2012-06-20 00:12:05 +04:00
// Check if config folder is writable.
2012-09-17 00:49:03 +04:00
if ( ! is_writable ( OC :: $SERVERROOT . " /config/ " ) or ! is_readable ( OC :: $SERVERROOT . " /config/ " )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => " Can't write into config directory 'config' " , 'hint' => " You can usually fix this by giving the webserver user write access to the config directory in owncloud " );
2012-06-20 00:12:05 +04:00
}
2012-06-21 23:35:34 +04:00
// Check if there is a writable install folder.
if ( OC_Config :: getValue ( 'appstoreenabled' , true )) {
2012-09-17 00:49:03 +04:00
if ( OC_App :: getInstallPath () === null || ! is_writable ( OC_App :: getInstallPath ()) || ! is_readable ( OC_App :: getInstallPath ()) ) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => " Can't write into apps directory " , 'hint' => " You can usually fix this by giving the webserver user write access to the apps directory
2012-06-22 15:57:54 +04:00
in owncloud or disabling the appstore in the config file . " );
2012-06-21 23:35:34 +04:00
}
2012-06-20 00:12:05 +04:00
}
2012-06-20 00:50:28 +04:00
$CONFIG_DATADIRECTORY = OC_Config :: getValue ( " datadirectory " , OC :: $SERVERROOT . " /data " );
2012-06-20 00:12:05 +04:00
// Create root dir.
2012-09-07 17:22:01 +04:00
if ( ! is_dir ( $CONFIG_DATADIRECTORY )) {
2012-06-20 00:50:28 +04:00
$success =@ mkdir ( $CONFIG_DATADIRECTORY );
2013-01-19 08:30:56 +04:00
if ( $success ) {
$errors = array_merge ( $errors , self :: checkDataDirectoryPermissions ( $CONFIG_DATADIRECTORY ));
} else {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => " Can't create data directory ( " . $CONFIG_DATADIRECTORY . " ) " , 'hint' => " You can usually fix this by giving the webserver write access to the ownCloud directory ' " . OC :: $SERVERROOT . " ' (in a terminal, use the command 'chown -R www-data:www-data /path/to/your/owncloud/install/data' " );
2012-06-20 00:12:05 +04:00
}
2012-09-17 00:49:03 +04:00
} else if ( ! is_writable ( $CONFIG_DATADIRECTORY ) or ! is_readable ( $CONFIG_DATADIRECTORY )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'Data directory (' . $CONFIG_DATADIRECTORY . ') not writable by ownCloud<br/>' , 'hint' => $permissionsHint );
2013-01-13 08:35:13 +04:00
} else {
2013-01-19 08:30:56 +04:00
$errors = array_merge ( $errors , self :: checkDataDirectoryPermissions ( $CONFIG_DATADIRECTORY ));
2011-07-27 21:07:28 +04:00
}
2011-09-27 21:08:38 +04:00
// check if all required php modules are present
2012-09-07 17:22:01 +04:00
if ( ! class_exists ( 'ZipArchive' )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'PHP module zip not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-12 01:51:12 +04:00
$web_server_restart = false ;
2011-09-27 21:08:38 +04:00
}
2012-09-07 17:22:01 +04:00
if ( ! function_exists ( 'mb_detect_encoding' )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'PHP module mb multibyte not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-12 01:51:12 +04:00
$web_server_restart = false ;
2011-09-27 21:08:38 +04:00
}
2012-09-07 17:22:01 +04:00
if ( ! function_exists ( 'ctype_digit' )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'PHP module ctype is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-12 01:51:12 +04:00
$web_server_restart = false ;
2011-09-28 13:47:29 +04:00
}
2012-09-07 17:22:01 +04:00
if ( ! function_exists ( 'json_encode' )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'PHP module JSON is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-12 01:51:12 +04:00
$web_server_restart = false ;
2012-04-17 21:06:45 +04:00
}
2012-09-07 17:22:01 +04:00
if ( ! function_exists ( 'imagepng' )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'PHP module GD is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-12 01:51:12 +04:00
$web_server_restart = false ;
2012-04-17 21:09:41 +04:00
}
2012-09-07 17:22:01 +04:00
if ( ! function_exists ( 'gzencode' )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'PHP module zlib is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-12 01:51:12 +04:00
$web_server_restart = false ;
2012-09-07 03:39:11 +04:00
}
2012-10-25 18:49:55 +04:00
if ( ! function_exists ( 'iconv' )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'PHP module iconv is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-10-25 18:49:55 +04:00
$web_server_restart = false ;
}
2012-10-06 19:37:38 +04:00
if ( ! function_exists ( 'simplexml_load_string' )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'PHP module SimpleXML is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-10-06 19:37:38 +04:00
$web_server_restart = false ;
}
2012-09-07 17:22:01 +04:00
if ( floatval ( phpversion ()) < 5.3 ) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'PHP 5.3 is required.<br/>' , 'hint' => 'Please ask your server administrator to update PHP to version 5.3 or higher. PHP 5.2 is no longer supported by ownCloud and the PHP community.' );
2012-09-12 01:51:12 +04:00
$web_server_restart = false ;
2012-04-30 15:28:31 +04:00
}
2012-09-07 17:22:01 +04:00
if ( ! defined ( 'PDO::ATTR_DRIVER_NAME' )) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'PHP PDO module is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-12 01:51:12 +04:00
$web_server_restart = false ;
}
2013-02-04 18:32:01 +04:00
$handler = ini_get ( " session.save_handler " );
if ( $handler == " files " ) {
$tmpDir = session_save_path ();
if ( $tmpDir != " " ){
if ( !@ is_writable ( $tmpDir )){
$errors [] = array ( 'error' => 'The temporary folder used by PHP to save the session data is either incorrect or not writable! Please check : ' . session_save_path () . '<br/>' ,
'hint' => 'Please ask your server administrator to grant write access or define another temporary folder.' );
}
}
}
2012-09-12 01:51:12 +04:00
if ( $web_server_restart ) {
2012-11-04 14:10:46 +04:00
$errors [] = array ( 'error' => 'PHP modules have been installed, but they are still listed as missing?<br/>' , 'hint' => 'Please ask your server administrator to restart the web server.' );
2012-06-01 22:00:33 +04:00
}
2011-07-27 21:07:28 +04:00
return $errors ;
}
2011-09-18 23:31:56 +04:00
2013-01-19 08:30:56 +04:00
/**
* Check for correct file permissions of data directory
* @ return array arrays with error messages and hints
*/
public static function checkDataDirectoryPermissions ( $dataDirectory ) {
$errors = array ();
if ( stristr ( PHP_OS , 'WIN' )) {
//TODO: permissions checks for windows hosts
} else {
$permissionsModHint = 'Please change the permissions to 0770 so that the directory cannot be listed by other users.' ;
$prems = substr ( decoct ( @ fileperms ( $dataDirectory )), - 3 );
if ( substr ( $prems , - 1 ) != '0' ) {
OC_Helper :: chmodr ( $dataDirectory , 0770 );
clearstatcache ();
$prems = substr ( decoct ( @ fileperms ( $dataDirectory )), - 3 );
if ( substr ( $prems , 2 , 1 ) != '0' ) {
$errors [] = array ( 'error' => 'Data directory (' . $dataDirectory . ') is readable for other users<br/>' , 'hint' => $permissionsModHint );
}
}
}
return $errors ;
}
2012-10-12 18:12:43 +04:00
public static function displayLoginPage ( $errors = array ()) {
2012-08-09 20:27:59 +04:00
$parameters = array ();
2012-10-12 18:12:43 +04:00
foreach ( $errors as $key => $value ) {
$parameters [ $value ] = true ;
}
2012-08-09 20:27:59 +04:00
if ( ! empty ( $_POST [ 'user' ])) {
2012-12-15 02:50:21 +04:00
$parameters [ " username " ] = OC_Util :: sanitizeHTML ( $_POST [ 'user' ]) . '"' ;
2012-08-09 20:27:59 +04:00
$parameters [ 'user_autofocus' ] = false ;
2011-10-01 01:48:20 +04:00
} else {
$parameters [ " username " ] = '' ;
2012-08-09 20:27:59 +04:00
$parameters [ 'user_autofocus' ] = true ;
2011-09-26 00:47:29 +04:00
}
2012-08-09 20:27:59 +04:00
if ( isset ( $_REQUEST [ 'redirect_url' ])) {
$redirect_url = OC_Util :: sanitizeHTML ( $_REQUEST [ 'redirect_url' ]);
2012-12-07 15:07:56 +04:00
$parameters [ 'redirect_url' ] = urlencode ( $redirect_url );
2013-01-03 02:02:38 +04:00
}
2013-01-29 20:28:08 +04:00
$parameters [ 'alt_login' ] = OC_App :: getAlternativeLogIns ();
2011-09-26 00:47:29 +04:00
OC_Template :: printGuestPage ( " " , " login " , $parameters );
}
2011-09-28 13:44:46 +04:00
2011-10-01 01:05:10 +04:00
/**
2013-01-03 02:02:38 +04:00
* Check if the app is enabled , redirects to home if not
*/
2012-09-07 17:22:01 +04:00
public static function checkAppEnabled ( $app ) {
if ( ! OC_App :: isEnabled ( $app )) {
2012-02-16 22:45:00 +04:00
header ( 'Location: ' . OC_Helper :: linkToAbsolute ( '' , 'index.php' ));
2011-10-01 01:05:10 +04:00
exit ();
}
}
2011-09-18 23:31:56 +04:00
/**
2013-01-03 02:02:38 +04:00
* Check if the user is logged in , redirects to home if not . With
* redirect URL parameter to the request URI .
*/
2012-09-07 17:22:01 +04:00
public static function checkLoggedIn () {
2011-09-18 23:31:56 +04:00
// Check if we are a user
2012-09-07 17:22:01 +04:00
if ( ! OC_User :: isLoggedIn ()) {
2012-09-09 14:54:47 +04:00
header ( 'Location: ' . OC_Helper :: linkToAbsolute ( '' , 'index.php' , array ( 'redirect_url' => OC_Request :: requestUri ())));
2011-09-18 23:31:56 +04:00
exit ();
}
}
/**
2013-01-03 02:02:38 +04:00
* Check if the user is a admin , redirects to home if not
*/
2012-09-07 17:22:01 +04:00
public static function checkAdminUser () {
2013-01-14 22:45:17 +04:00
if ( ! OC_User :: isAdminUser ( OC_User :: getUser ())) {
2012-02-16 22:45:00 +04:00
header ( 'Location: ' . OC_Helper :: linkToAbsolute ( '' , 'index.php' ));
2011-09-18 23:31:56 +04:00
exit ();
}
}
2012-07-09 23:51:19 +04:00
/**
2013-01-03 02:02:38 +04:00
* Check if the user is a subadmin , redirects to home if not
* @ return array $groups where the current user is subadmin
*/
2012-09-07 17:22:01 +04:00
public static function checkSubAdminUser () {
if ( ! OC_SubAdmin :: isSubAdmin ( OC_User :: getUser ())) {
2012-07-09 23:51:19 +04:00
header ( 'Location: ' . OC_Helper :: linkToAbsolute ( '' , 'index.php' ));
exit ();
}
2012-07-15 18:31:28 +04:00
return true ;
2012-07-09 23:51:19 +04:00
}
2011-09-18 23:31:56 +04:00
/**
2013-01-03 02:02:38 +04:00
* Redirect to the user default page
*/
2012-09-07 17:22:01 +04:00
public static function redirectToDefaultPage () {
2012-11-01 01:03:55 +04:00
if ( isset ( $_REQUEST [ 'redirect_url' ])) {
$location = OC_Helper :: makeURLAbsolute ( urldecode ( $_REQUEST [ 'redirect_url' ]));
2012-06-20 19:10:17 +04:00
}
else if ( isset ( OC :: $REQUESTEDAPP ) && ! empty ( OC :: $REQUESTEDAPP )) {
2012-08-06 20:49:06 +04:00
$location = OC_Helper :: linkToAbsolute ( OC :: $REQUESTEDAPP , 'index.php' );
2012-06-20 19:10:17 +04:00
}
else {
2012-08-06 20:49:06 +04:00
$defaultpage = OC_Appconfig :: getValue ( 'core' , 'defaultpage' );
if ( $defaultpage ) {
2012-08-07 00:15:55 +04:00
$location = OC_Helper :: makeURLAbsolute ( OC :: $WEBROOT . '/' . $defaultpage );
2012-08-06 20:49:06 +04:00
}
else {
$location = OC_Helper :: linkToAbsolute ( 'files' , 'index.php' );
}
2011-10-04 21:27:57 +04:00
}
2012-07-03 19:54:12 +04:00
OC_Log :: write ( 'core' , 'redirectToDefaultPage: ' . $location , OC_Log :: DEBUG );
header ( 'Location: ' . $location );
2011-09-18 23:31:56 +04:00
exit ();
}
2012-06-05 21:32:48 +04:00
/**
* get an id unqiue for this instance
* @ return string
*/
2012-09-07 17:22:01 +04:00
public static function getInstanceId () {
2012-10-24 00:53:54 +04:00
$id = OC_Config :: getValue ( 'instanceid' , null );
2012-09-07 17:22:01 +04:00
if ( is_null ( $id )) {
2012-06-05 21:32:48 +04:00
$id = uniqid ();
2012-10-28 21:12:31 +04:00
OC_Config :: setValue ( 'instanceid' , $id );
2012-06-05 21:32:48 +04:00
}
return $id ;
}
2012-06-09 17:05:14 +04:00
/**
2012-09-28 15:30:44 +04:00
* @ brief Static lifespan ( in seconds ) when a request token expires .
* @ see OC_Util :: callRegister ()
* @ see OC_Util :: isCallRegistered ()
* @ description
* Also required for the client side to compute the piont in time when to
* request a fresh token . The client will do so when nearly 97 % of the
2012-10-14 23:04:08 +04:00
* timespan coded here has expired .
2012-09-28 15:30:44 +04:00
*/
public static $callLifespan = 3600 ; // 3600 secs = 1 hour
/**
* @ brief Register an get / post call . Important to prevent CSRF attacks .
* @ todo Write howto : CSRF protection guide
2012-06-13 19:33:19 +04:00
* @ return $token Generated token .
2012-09-28 15:30:44 +04:00
* @ description
* Creates a 'request token' ( random ) and stores it inside the session .
* Ever subsequent ( ajax ) request must use such a valid token to succeed ,
* otherwise the request will be denied as a protection against CSRF .
* The tokens expire after a fixed lifespan .
* @ see OC_Util :: $callLifespan
* @ see OC_Util :: isCallRegistered ()
2012-06-09 17:05:14 +04:00
*/
2012-09-07 17:22:01 +04:00
public static function callRegister () {
2012-10-28 23:50:50 +04:00
// Check if a token exists
2012-10-31 21:37:59 +04:00
if ( ! isset ( $_SESSION [ 'requesttoken' ])) {
2012-10-28 23:50:50 +04:00
// No valid token found, generate a new one.
2012-10-31 21:37:59 +04:00
$requestToken = self :: generate_random_bytes ( 20 );
$_SESSION [ 'requesttoken' ] = $requestToken ;
2012-10-28 23:50:50 +04:00
} else {
// Valid token already exists, send it
2012-10-31 21:37:59 +04:00
$requestToken = $_SESSION [ 'requesttoken' ];
2012-06-11 14:13:08 +04:00
}
2012-10-31 21:37:59 +04:00
return ( $requestToken );
2012-06-09 17:05:14 +04:00
}
/**
2012-06-13 19:33:19 +04:00
* @ brief Check an ajax get / post call if the request token is valid .
* @ return boolean False if request token is not set or is invalid .
2012-09-28 15:30:44 +04:00
* @ see OC_Util :: $callLifespan
2012-10-28 21:24:11 +04:00
* @ see OC_Util :: callRegister ()
2012-06-09 17:05:14 +04:00
*/
2012-09-07 17:22:01 +04:00
public static function isCallRegistered () {
2012-06-09 17:05:14 +04:00
if ( isset ( $_GET [ 'requesttoken' ])) {
$token = $_GET [ 'requesttoken' ];
2012-09-07 17:22:01 +04:00
} elseif ( isset ( $_POST [ 'requesttoken' ])) {
2012-06-09 17:05:14 +04:00
$token = $_POST [ 'requesttoken' ];
2012-09-07 17:22:01 +04:00
} elseif ( isset ( $_SERVER [ 'HTTP_REQUESTTOKEN' ])) {
2012-06-13 19:33:19 +04:00
$token = $_SERVER [ 'HTTP_REQUESTTOKEN' ];
2012-06-09 17:05:14 +04:00
} else {
2012-06-13 19:33:19 +04:00
//no token found.
return false ;
2012-06-09 17:05:14 +04:00
}
2012-10-28 23:50:50 +04:00
// Check if the token is valid
2012-10-31 21:37:59 +04:00
if ( $token !== $_SESSION [ 'requesttoken' ]) {
2012-10-28 23:50:50 +04:00
// Not valid
2012-06-13 19:33:19 +04:00
return false ;
2012-10-28 23:50:50 +04:00
} else {
// Valid token
return true ;
2012-06-09 17:05:14 +04:00
}
}
2012-06-13 19:33:19 +04:00
/**
* @ brief Check an ajax get / post call if the request token is valid . exit if not .
* Todo : Write howto
*/
2012-09-07 17:22:01 +04:00
public static function callCheck () {
2012-06-13 19:33:19 +04:00
if ( ! OC_Util :: isCallRegistered ()) {
exit ;
}
}
2012-08-29 10:38:33 +04:00
2012-06-21 16:07:04 +04:00
/**
* @ brief Public function to sanitize HTML
*
2012-06-22 10:17:35 +04:00
* This function is used to sanitize HTML and should be applied on any
* string or array of strings before displaying it on a web page .
2012-08-29 10:38:33 +04:00
*
2012-06-19 19:20:19 +04:00
* @ param string or array of strings
2012-06-22 10:17:35 +04:00
* @ return array with sanitized strings or a single sanitized string , depends on the input parameter .
2012-06-19 19:20:19 +04:00
*/
2012-09-07 17:22:01 +04:00
public static function sanitizeHTML ( & $value ) {
2013-01-15 01:04:31 +04:00
if ( is_array ( $value ) || is_object ( $value )) {
2013-01-15 01:01:52 +04:00
array_walk_recursive ( $value , 'OC_Util::sanitizeHTML' );
} else {
$value = htmlentities ( $value , ENT_QUOTES , 'UTF-8' ); //Specify encoding for PHP<5.4
}
2012-06-19 19:20:19 +04:00
return $value ;
}
2012-06-21 16:07:04 +04:00
2012-07-24 02:39:59 +04:00
/**
* Check if the htaccess file is working by creating a test file in the data directory and trying to access via http
*/
public static function ishtaccessworking () {
2012-06-21 16:07:04 +04:00
// testdata
$filename = '/htaccesstest.txt' ;
$testcontent = 'testcontent' ;
// creating a test file
2012-07-24 02:39:59 +04:00
$testfile = OC_Config :: getValue ( " datadirectory " , OC :: $SERVERROOT . " /data " ) . '/' . $filename ;
2012-10-26 20:17:43 +04:00
2012-11-04 21:18:03 +04:00
if ( file_exists ( $testfile )) { // already running this test, possible recursive call
2012-10-26 20:17:43 +04:00
return false ;
}
2012-07-24 02:39:59 +04:00
$fp = @ fopen ( $testfile , 'w' );
@ fwrite ( $fp , $testcontent );
@ fclose ( $fp );
2012-06-21 16:07:04 +04:00
// accessing the file via http
2012-08-07 00:15:55 +04:00
$url = OC_Helper :: makeURLAbsolute ( OC :: $WEBROOT . '/data' . $filename );
2012-07-24 02:39:59 +04:00
$fp = @ fopen ( $url , 'r' );
$content =@ fread ( $fp , 2048 );
@ fclose ( $fp );
2012-06-21 16:07:04 +04:00
// cleanup
@ unlink ( $testfile );
// does it work ?
if ( $content == $testcontent ) {
return ( false );
} else {
return ( true );
}
2012-07-24 02:39:59 +04:00
}
2012-06-21 16:07:04 +04:00
2013-02-06 02:33:44 +04:00
/**
* we test if webDAV is working properly
*
* The basic assumption is that if the server returns 401 / Not Authenticated for an unauthenticated PROPFIND
* the web server it self is setup properly .
*
* Why not an authenticated PROFIND and other verbs ?
* - We don ' t have the password available
* - We have no idea about other auth methods implemented ( e . g . OAuth with Bearer header )
*
*/
public static function isWebDAVWorking () {
2013-02-08 18:23:26 +04:00
if ( ! function_exists ( 'curl_init' )) {
return ;
}
2013-02-06 02:33:44 +04:00
$settings = array (
'baseUri' => OC_Helper :: linkToRemote ( 'webdav' ),
);
$client = new \Sabre_DAV_Client ( $settings );
$return = true ;
try {
// test PROPFIND
$client -> propfind ( '' , array ( '{DAV:}resourcetype' ));
} catch ( \Sabre_DAV_Exception_NotAuthenticated $e ) {
$return = true ;
} catch ( \Exception $e ) {
$return = false ;
}
return $return ;
}
2012-11-08 21:08:44 +04:00
2013-01-03 02:02:38 +04:00
/**
* Check if the setlocal call doesn ' t work . This can happen if the right local packages are not available on the server .
*/
2012-12-19 18:10:33 +04:00
public static function issetlocaleworking () {
2013-02-05 18:46:55 +04:00
// setlocale test is pointless on Windows
if ( OC_Util :: runningOnWindows () ) {
return true ;
}
2013-02-08 20:49:54 +04:00
$result = setlocale ( LC_ALL , 'en_US.UTF-8' , 'en_US.UTF8' );
if ( $result == false ) {
return false ;
}
return true ;
2012-12-19 18:10:33 +04:00
}
2013-02-04 18:04:26 +04:00
/**
* Check if the PHP module fileinfo is loaded .
* @ return bool
*/
public static function fileInfoLoaded () {
return function_exists ( 'finfo_open' );
}
2013-01-03 02:02:38 +04:00
/**
* Check if the ownCloud server can connect to the internet
*/
2012-12-15 02:04:42 +04:00
public static function isinternetconnectionworking () {
2012-11-08 21:08:44 +04:00
// try to connect to owncloud.org to see if http connections to the internet are possible.
2013-01-03 02:02:38 +04:00
$connected = @ fsockopen ( " www.owncloud.org " , 80 );
2012-11-10 03:58:03 +04:00
if ( $connected ) {
2012-11-08 21:08:44 +04:00
fclose ( $connected );
2012-11-29 20:58:24 +04:00
return true ;
2012-11-08 21:08:44 +04:00
} else {
// second try in case one server is down
2013-01-03 02:02:38 +04:00
$connected = @ fsockopen ( " apps.owncloud.com " , 80 );
2012-11-10 03:58:03 +04:00
if ( $connected ) {
2012-11-08 21:08:44 +04:00
fclose ( $connected );
2012-11-29 20:58:24 +04:00
return true ;
2012-11-08 21:08:44 +04:00
} else {
2012-11-29 20:58:24 +04:00
return false ;
2012-11-08 21:08:44 +04:00
}
}
}
2012-11-29 20:58:24 +04:00
/**
* clear all levels of output buffering
*/
public static function obEnd (){
while ( ob_get_level ()) {
ob_end_clean ();
}
}
2012-11-08 21:08:44 +04:00
2012-10-15 16:25:40 +04:00
/**
2013-01-03 02:02:38 +04:00
* @ brief Generates a cryptographical secure pseudorandom string
* @ param Int with the length of the random string
* @ return String
* Please also update secureRNG_available if you change something here
*/
2012-09-29 18:44:02 +04:00
public static function generate_random_bytes ( $length = 30 ) {
2012-10-14 18:14:45 +04:00
// Try to use openssl_random_pseudo_bytes
2012-10-14 23:04:08 +04:00
if ( function_exists ( 'openssl_random_pseudo_bytes' )) {
2012-09-29 18:44:02 +04:00
$pseudo_byte = bin2hex ( openssl_random_pseudo_bytes ( $length , $strong ));
2012-10-23 10:01:09 +04:00
if ( $strong == true ) {
2012-09-29 18:44:02 +04:00
return substr ( $pseudo_byte , 0 , $length ); // Truncate it to match the length
}
}
2012-10-15 21:21:37 +04:00
// Try to use /dev/urandom
$fp = @ file_get_contents ( '/dev/urandom' , false , null , 0 , $length );
2012-10-23 10:01:09 +04:00
if ( $fp !== false ) {
2012-10-14 23:04:08 +04:00
$string = substr ( bin2hex ( $fp ), 0 , $length );
2012-10-14 18:14:45 +04:00
return $string ;
}
2012-10-14 23:04:08 +04:00
// Fallback to mt_rand()
2012-09-29 18:44:02 +04:00
$characters = '0123456789' ;
2012-10-14 23:04:08 +04:00
$characters .= 'abcdefghijklmnopqrstuvwxyz' ;
2012-09-29 18:44:02 +04:00
$charactersLength = strlen ( $characters ) - 1 ;
$pseudo_byte = " " ;
// Select some random characters
for ( $i = 0 ; $i < $length ; $i ++ ) {
$pseudo_byte .= $characters [ mt_rand ( 0 , $charactersLength )];
2012-10-14 23:04:08 +04:00
}
2012-09-29 18:44:02 +04:00
return $pseudo_byte ;
}
2012-10-14 23:04:08 +04:00
2012-10-15 16:25:40 +04:00
/**
2013-01-03 02:02:38 +04:00
* @ brief Checks if a secure random number generator is available
* @ return bool
*/
2012-10-14 19:17:06 +04:00
public static function secureRNG_available () {
// Check openssl_random_pseudo_bytes
2012-10-14 23:04:08 +04:00
if ( function_exists ( 'openssl_random_pseudo_bytes' )) {
2012-10-14 19:17:06 +04:00
openssl_random_pseudo_bytes ( 1 , $strong );
2012-10-23 10:01:09 +04:00
if ( $strong == true ) {
2012-10-14 19:17:06 +04:00
return true ;
}
}
2012-10-15 21:21:37 +04:00
// Check /dev/urandom
$fp = @ file_get_contents ( '/dev/urandom' , false , null , 0 , 1 );
2012-10-23 10:01:09 +04:00
if ( $fp !== false ) {
2012-10-14 19:17:06 +04:00
return true ;
}
return false ;
2012-10-14 23:04:08 +04:00
}
2013-01-03 02:02:38 +04:00
/**
* @ Brief Get file content via curl .
* @ param string $url Url to get content
* @ return string of the response or false on error
* This function get the content of a page via curl , if curl is enabled .
* If not , file_get_element is used .
*/
public static function getUrlContent ( $url ){
if ( function_exists ( 'curl_init' )) {
$curl = curl_init ();
curl_setopt ( $curl , CURLOPT_HEADER , 0 );
curl_setopt ( $curl , CURLOPT_RETURNTRANSFER , 1 );
curl_setopt ( $curl , CURLOPT_CONNECTTIMEOUT , 10 );
curl_setopt ( $curl , CURLOPT_URL , $url );
2013-02-05 02:38:10 +04:00
curl_setopt ( $curl , CURLOPT_FOLLOWLOCATION , true );
curl_setopt ( $curl , CURLOPT_MAXREDIRS , 10 );
2013-01-03 02:02:38 +04:00
curl_setopt ( $curl , CURLOPT_USERAGENT , " ownCloud Server Crawler " );
if ( OC_Config :: getValue ( 'proxy' , '' ) <> '' ) {
curl_setopt ( $curl , CURLOPT_PROXY , OC_Config :: getValue ( 'proxy' ));
}
if ( OC_Config :: getValue ( 'proxyuserpwd' , '' ) <> '' ) {
curl_setopt ( $curl , CURLOPT_PROXYUSERPWD , OC_Config :: getValue ( 'proxyuserpwd' ));
}
$data = curl_exec ( $curl );
curl_close ( $curl );
} else {
$contextArray = null ;
if ( OC_Config :: getValue ( 'proxy' , '' ) <> '' ) {
$contextArray = array (
'http' => array (
'timeout' => 10 ,
'proxy' => OC_Config :: getValue ( 'proxy' )
)
);
} else {
$contextArray = array (
'http' => array (
'timeout' => 10
)
);
}
$ctx = stream_context_create (
$contextArray
);
$data =@ file_get_contents ( $url , 0 , $ctx );
}
return $data ;
2012-12-15 02:04:42 +04:00
}
2013-01-03 02:02:38 +04:00
2013-02-05 18:43:12 +04:00
/**
* @ return bool - well are we running on windows or not
*/
public static function runningOnWindows () {
return ( substr ( PHP_OS , 0 , 3 ) === " WIN " );
}
2011-07-27 21:07:28 +04:00
}