mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update to the svn version of "HTTP WebDAV server" (integration to owncloud was made with alimited knowledge, so it may be ugly).Anyway it improves a lot the score on litmus testsuite on my server.

This commit is contained in:
root 2010-04-21 12:04:22 +02:00
parent 964c9b362c
commit 09add452d9
5 changed files with 1696 additions and 1350 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

428
inc/HTTP/WebDAV/Server.php Executable file → Normal file
View File

@ -1,30 +1,42 @@
<?php
//
// +----------------------------------------------------------------------+
// | PHP Version 4 |
// +----------------------------------------------------------------------+
// | Copyright (c) 1997-2003 The PHP Group |
// +----------------------------------------------------------------------+
// | This source file is subject to version 2.02 of the PHP license, |
// | that is bundled with this package in the file LICENSE, and is |
// | available at through the world-wide-web at |
// | http://www.php.net/license/2_02.txt. |
// | If you did not receive a copy of the PHP license and are unable to |
// | obtain it through the world-wide-web, please send a note to |
// | license@php.net so we can mail you a copy immediately. |
// +----------------------------------------------------------------------+
// | Authors: Hartmut Holzgraefe <hholzgra@php.net> |
// | Christian Stocker <chregu@bitflux.ch> |
// +----------------------------------------------------------------------+
//
// $Id: Server.php,v 1.46 2006/03/03 21:43:09 hholzgra Exp $
//
<?php // $Id$
/*
+----------------------------------------------------------------------+
| Copyright (c) 2002-2007 Christian Stocker, Hartmut Holzgraefe |
| All rights reserved |
| |
| Redistribution and use in source and binary forms, with or without |
| modification, are permitted provided that the following conditions |
| are met: |
| |
| 1. Redistributions of source code must retain the above copyright |
| notice, this list of conditions and the following disclaimer. |
| 2. Redistributions in binary form must reproduce the above copyright |
| notice, this list of conditions and the following disclaimer in |
| the documentation and/or other materials provided with the |
| distribution. |
| 3. The names of the authors may not be used to endorse or promote |
| products derived from this software without specific prior |
| written permission. |
| |
| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
| FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
| COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
| INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
| BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
| CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
| ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| POSSIBILITY OF SUCH DAMAGE. |
+----------------------------------------------------------------------+
*/
require_once "HTTP/WebDAV/Tools/_parse_propfind.php";
require_once "HTTP/WebDAV/Tools/_parse_proppatch.php";
require_once "HTTP/WebDAV/Tools/_parse_lockinfo.php";
/**
* Virtual base class for implementing WebDAV servers
*
@ -32,7 +44,7 @@ require_once "HTTP/WebDAV/Tools/_parse_lockinfo.php";
*
* @package HTTP_WebDAV_Server
* @author Hartmut Holzgraefe <hholzgra@php.net>
* @version 0.99.1dev
* @version @package_version@
*/
class HTTP_WebDAV_Server
{
@ -96,6 +108,16 @@ class HTTP_WebDAV_Server
*/
var $_prop_encoding = "utf-8";
/**
* Copy of $_SERVER superglobal array
*
* Derived classes may extend the constructor to
* modify its contents
*
* @var array
*/
var $_SERVER;
// }}}
// {{{ Constructor
@ -109,6 +131,10 @@ class HTTP_WebDAV_Server
{
// PHP messages destroy XML output -> switch them off
ini_set("display_errors", 0);
// copy $_SERVER variables to local _SERVER array
// so that derived classes can simply modify these
$this->_SERVER = $_SERVER;
}
// }}}
@ -125,16 +151,27 @@ class HTTP_WebDAV_Server
function ServeRequest()
{
// prevent warning in litmus check 'delete_fragment'
if (strstr($_SERVER["REQUEST_URI"], '#')) {
if (strstr($this->_SERVER["REQUEST_URI"], '#')) {
$this->http_status("400 Bad Request");
return;
}
// default uri is the complete request uri
$uri = (@$_SERVER["HTTPS"] === "on" ? "https:" : "http:");
$uri.= "//$_SERVER[HTTP_HOST]$_SERVER[SCRIPT_NAME]";
$uri = "http";
if (isset($this->_SERVER["HTTPS"]) && $this->_SERVER["HTTPS"] === "on") {
$uri = "https";
}
$uri.= "://".$this->_SERVER["HTTP_HOST"].$this->_SERVER["SCRIPT_NAME"];
$path_info = empty($_SERVER["PATH_INFO"]) ? "/" : $_SERVER["PATH_INFO"];
// WebDAV has no concept of a query string and clients (including cadaver)
// seem to pass '?' unencoded, so we need to extract the path info out
// of the request URI ourselves
$path_info = substr($this->_SERVER["REQUEST_URI"], strlen($this->_SERVER["SCRIPT_NAME"]));
// just in case the path came in empty ...
if (empty($path_info)) {
$path_info = "/";
}
$this->base_uri = $uri;
$this->uri = $uri . $path_info;
@ -142,7 +179,7 @@ class HTTP_WebDAV_Server
// set path
$this->path = $this->_urldecode($path_info);
if (!strlen($this->path)) {
if ($_SERVER["REQUEST_METHOD"] == "GET") {
if ($this->_SERVER["REQUEST_METHOD"] == "GET") {
// redirect clients that try to GET a collection
// WebDAV clients should never try this while
// regular HTTP clients might ...
@ -154,7 +191,7 @@ class HTTP_WebDAV_Server
}
}
if(ini_get("magic_quotes_gpc")) {
if (ini_get("magic_quotes_gpc")) {
$this->path = stripslashes($this->path);
}
@ -163,13 +200,13 @@ class HTTP_WebDAV_Server
if (empty($this->dav_powered_by)) {
header("X-Dav-Powered-By: PHP class: ".get_class($this));
} else {
header("X-Dav-Powered-By: ".$this->dav_powered_by );
header("X-Dav-Powered-By: ".$this->dav_powered_by);
}
// check authentication
// for the motivation for not checking OPTIONS requests on / see
// http://pear.php.net/bugs/bug.php?id=5363
if ( ( !(($_SERVER['REQUEST_METHOD'] == 'OPTIONS') && ($this->path == "/")))
if ( ( !(($this->_SERVER['REQUEST_METHOD'] == 'OPTIONS') && ($this->path == "/")))
&& (!$this->_check_auth())) {
// RFC2518 says we must use Digest instead of Basic
// but Microsoft Clients do not support Digest
@ -185,12 +222,12 @@ class HTTP_WebDAV_Server
}
// check
if(! $this->_check_if_header_conditions()) {
if (! $this->_check_if_header_conditions()) {
return;
}
// detect requested method names
$method = strtolower($_SERVER["REQUEST_METHOD"]);
$method = strtolower($this->_SERVER["REQUEST_METHOD"]);
$wrapper = "http_".$method;
// activate HEAD emulation by GET if no HEAD method found
@ -201,7 +238,7 @@ class HTTP_WebDAV_Server
if (method_exists($this, $wrapper) && ($method == "options" || method_exists($this, $method))) {
$this->$wrapper(); // call method by name
} else { // method not found/implemented
if ($_SERVER["REQUEST_METHOD"] == "LOCK") {
if ($this->_SERVER["REQUEST_METHOD"] == "LOCK") {
$this->http_status("412 Precondition failed");
} else {
$this->http_status("405 Method not allowed");
@ -465,7 +502,7 @@ class HTTP_WebDAV_Server
* OPTIONS method handler
*
* The OPTIONS method handler creates a valid OPTIONS reply
* including Dav: and Allowed: heaers
* including Dav: and Allowed: headers
* based on the implemented methods found in the actual instance
*
* @param void
@ -488,7 +525,7 @@ class HTTP_WebDAV_Server
// tell clients what we found
$this->http_status("200 OK");
header("DAV: " .join("," , $dav));
header("DAV: " .join(", ", $dav));
header("Allow: ".join(", ", $allow));
header("Content-length: 0");
@ -508,11 +545,13 @@ class HTTP_WebDAV_Server
function http_PROPFIND()
{
$options = Array();
$files = Array();
$options["path"] = $this->path;
// search depth from header (default is "infinity)
if (isset($_SERVER['HTTP_DEPTH'])) {
$options["depth"] = $_SERVER["HTTP_DEPTH"];
if (isset($this->_SERVER['HTTP_DEPTH'])) {
$options["depth"] = $this->_SERVER["HTTP_DEPTH"];
} else {
$options["depth"] = "infinity";
}
@ -527,9 +566,30 @@ class HTTP_WebDAV_Server
// call user handler
if (!$this->PROPFIND($options, $files)) {
$files = array("files" => array());
if (method_exists($this, "checkLock")) {
// is locked?
$lock = $this->checkLock($this->path);
if (is_array($lock) && count($lock)) {
$created = isset($lock['created']) ? $lock['created'] : time();
$modified = isset($lock['modified']) ? $lock['modified'] : time();
$files['files'][] = array("path" => $this->_slashify($this->path),
"props" => array($this->mkprop("displayname", $this->path),
$this->mkprop("creationdate", $created),
$this->mkprop("getlastmodified", $modified),
$this->mkprop("resourcetype", ""),
$this->mkprop("getcontenttype", ""),
$this->mkprop("getcontentlength", 0))
);
}
}
if (empty($files['files'])) {
$this->http_status("404 Not Found");
return;
}
}
// collect namespaces here
$ns_hash = array();
@ -538,7 +598,7 @@ class HTTP_WebDAV_Server
$ns_defs = "xmlns:ns0=\"urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/\"";
// now we loop over all returned file entries
foreach($files["files"] as $filekey => $file) {
foreach ($files["files"] as $filekey => $file) {
// nothing to do if no properties were returend for a file
if (!isset($file["props"]) || !is_array($file["props"])) {
@ -546,7 +606,7 @@ class HTTP_WebDAV_Server
}
// now loop over all returned properties
foreach($file["props"] as $key => $prop) {
foreach ($file["props"] as $key => $prop) {
// as a convenience feature we do not require that user handlers
// restrict returned properties to the requested ones
// here we strip all unrequested entries out of the response
@ -566,9 +626,12 @@ class HTTP_WebDAV_Server
$found = false;
// search property name in requested properties
foreach((array)$options["props"] as $reqprop) {
foreach ((array)$options["props"] as $reqprop) {
if (!isset($reqprop["xmlns"])) {
$reqprop["xmlns"] = "";
}
if ( $reqprop["name"] == $prop["name"]
&& @$reqprop["xmlns"] == $prop["ns"]) {
&& $reqprop["xmlns"] == $prop["ns"]) {
$found = true;
break;
}
@ -597,26 +660,30 @@ class HTTP_WebDAV_Server
// we also need to add empty entries for properties that were requested
// but for which no values where returned by the user handler
if (is_array($options['props'])) {
foreach($options["props"] as $reqprop) {
if($reqprop['name']=="") continue; // skip empty entries
foreach ($options["props"] as $reqprop) {
if ($reqprop['name']=="") continue; // skip empty entries
$found = false;
if (!isset($reqprop["xmlns"])) {
$reqprop["xmlns"] = "";
}
// check if property exists in result
foreach($file["props"] as $prop) {
foreach ($file["props"] as $prop) {
if ( $reqprop["name"] == $prop["name"]
&& @$reqprop["xmlns"] == $prop["ns"]) {
&& $reqprop["xmlns"] == $prop["ns"]) {
$found = true;
break;
}
}
if (!$found) {
if($reqprop["xmlns"]==="DAV:" && $reqprop["name"]==="lockdiscovery") {
if ($reqprop["xmlns"]==="DAV:" && $reqprop["name"]==="lockdiscovery") {
// lockdiscovery is handled by the base class
$files["files"][$filekey]["props"][]
= $this->mkprop("DAV:",
"lockdiscovery" ,
"lockdiscovery",
$this->lockdiscovery($files["files"][$filekey]['path']));
} else {
// add empty value for this property
@ -643,18 +710,21 @@ class HTTP_WebDAV_Server
echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
echo "<D:multistatus xmlns:D=\"DAV:\">\n";
foreach($files["files"] as $file) {
foreach ($files["files"] as $file) {
// ignore empty or incomplete entries
if(!is_array($file) || empty($file) || !isset($file["path"])) continue;
if (!is_array($file) || empty($file) || !isset($file["path"])) continue;
$path = $file['path'];
if(!is_string($path) || $path==="") continue;
if (!is_string($path) || $path==="") continue;
echo " <D:response $ns_defs>\n";
/* TODO right now the user implementation has to make sure
collections end in a slash, this should be done in here
by checking the resource attribute */
$href = $this->_mergePathes($_SERVER['SCRIPT_NAME'], $path);
$href = $this->_mergePaths($this->_SERVER['SCRIPT_NAME'], $path);
/* minimal urlencoding is needed for the resource path */
$href = $this->_urlencode($href);
echo " <D:href>$href</D:href>\n";
@ -663,16 +733,16 @@ class HTTP_WebDAV_Server
echo " <D:propstat>\n";
echo " <D:prop>\n";
foreach($file["props"] as $key => $prop) {
foreach ($file["props"] as $key => $prop) {
if (!is_array($prop)) continue;
if (!isset($prop["name"])) continue;
if (!isset($prop["val"]) || $prop["val"] === "" || $prop["val"] === false) {
// empty properties (cannot use empty() for check as "0" is a legal value here)
if($prop["ns"]=="DAV:") {
if ($prop["ns"]=="DAV:") {
echo " <D:$prop[name]/>\n";
} else if(!empty($prop["ns"])) {
} else if (!empty($prop["ns"])) {
echo " <".$ns_hash[$prop["ns"]].":$prop[name]/>\n";
} else {
echo " <$prop[name] xmlns=\"\"/>";
@ -682,7 +752,7 @@ class HTTP_WebDAV_Server
switch ($prop["name"]) {
case "creationdate":
echo " <D:creationdate ns0:dt=\"dateTime.tz\">"
. gmdate("Y-m-d\\TH:i:s\\Z",$prop['val'])
. gmdate("Y-m-d\\TH:i:s\\Z", $prop['val'])
. "</D:creationdate>\n";
break;
case "getlastmodified":
@ -701,6 +771,17 @@ class HTTP_WebDAV_Server
echo $prop["val"];
echo " </D:lockdiscovery>\n";
break;
// the following are non-standard Microsoft extensions to the DAV namespace
case "lastaccessed":
echo " <D:lastaccessed ns0:dt=\"dateTime.rfc1123\">"
. gmdate("D, d M Y H:i:s ", $prop['val'])
. "GMT</D:lastaccessed>\n";
break;
case "ishidden":
echo " <D:ishidden>"
. is_string($prop['val']) ? $prop['val'] : ($prop['val'] ? 'true' : 'false')
. "</D:ishidden>\n";
break;
default:
echo " <D:$prop[name]>"
. $this->_prop_encode(htmlspecialchars($prop['val']))
@ -731,7 +812,7 @@ class HTTP_WebDAV_Server
echo " <D:propstat>\n";
echo " <D:prop>\n";
foreach($file["noprops"] as $key => $prop) {
foreach ($file["noprops"] as $key => $prop) {
if ($prop["ns"] == "DAV:") {
echo " <D:$prop[name]/>\n";
} else if ($prop["ns"] == "") {
@ -765,8 +846,9 @@ class HTTP_WebDAV_Server
*/
function http_PROPPATCH()
{
if($this->_check_lock_status($this->path)) {
if ($this->_check_lock_status($this->path)) {
$options = Array();
$options["path"] = $this->path;
$propinfo = new _parse_proppatch("php://input");
@ -787,9 +869,9 @@ class HTTP_WebDAV_Server
echo "<D:multistatus xmlns:D=\"DAV:\">\n";
echo " <D:response>\n";
echo " <D:href>".$this->_urlencode($this->_mergePathes($_SERVER["SCRIPT_NAME"], $this->path))."</D:href>\n";
echo " <D:href>".$this->_urlencode($this->_mergePaths($this->_SERVER["SCRIPT_NAME"], $this->path))."</D:href>\n";
foreach($options["props"] as $prop) {
foreach ($options["props"] as $prop) {
echo " <D:propstat>\n";
echo " <D:prop><$prop[name] xmlns=\"$prop[ns]\"/></D:prop>\n";
echo " <D:status>HTTP/1.1 $prop[status]</D:status>\n";
@ -823,6 +905,7 @@ class HTTP_WebDAV_Server
function http_MKCOL()
{
$options = Array();
$options["path"] = $this->path;
$stat = $this->MKCOL($options);
@ -885,14 +968,14 @@ class HTTP_WebDAV_Server
. (isset($options['size']) ? $options['size'] : "*"));
while ($size && !feof($options['stream'])) {
$buffer = fread($options['stream'], 4096);
$size -= strlen($buffer);
$size -= $this->bytes($buffer);
echo $buffer;
}
} else {
$this->http_status("206 partial");
if (isset($options['size'])) {
header("Content-length: ".($options['size'] - $range['start']));
header("Content-range: $start-$end/"
header("Content-range: ".$range['start']."-".$range['end']."/"
. (isset($options['size']) ? $options['size'] : "*"));
}
fpassthru($options['stream']);
@ -918,10 +1001,10 @@ class HTTP_WebDAV_Server
$this->_multipart_byterange_header($options['mimetype'], $from, $to, $total);
fseek($options['stream'], $start, SEEK_SET);
fseek($options['stream'], $from, SEEK_SET);
while ($size && !feof($options['stream'])) {
$buffer = fread($options['stream'], 4096);
$size -= strlen($buffer);
$size -= $this->bytes($buffer);
echo $buffer;
}
}
@ -939,7 +1022,7 @@ class HTTP_WebDAV_Server
if (is_array($options['data'])) {
// reply to partial request
} else {
header("Content-length: ".strlen($options['data']));
header("Content-length: ".$this->bytes($options['data']));
echo $options['data'];
}
}
@ -950,7 +1033,7 @@ class HTTP_WebDAV_Server
if (false === $status) {
$this->http_status("404 not found");
} else {
// TODO: check setting of headers in various code pathes above
// TODO: check setting of headers in various code paths above
$this->http_status("$status");
}
}
@ -966,10 +1049,10 @@ class HTTP_WebDAV_Server
function _get_ranges(&$options)
{
// process Range: header if present
if (isset($_SERVER['HTTP_RANGE'])) {
if (isset($this->_SERVER['HTTP_RANGE'])) {
// we only support standard "bytes" range specifications for now
if (preg_match('/bytes\s*=\s*(.+)/', $_SERVER['HTTP_RANGE'], $matches)) {
if (preg_match('/bytes\s*=\s*(.+)/', $this->_SERVER['HTTP_RANGE'], $matches)) {
$options["ranges"] = array();
// ranges are comma separated
@ -1053,12 +1136,21 @@ class HTTP_WebDAV_Server
ob_end_clean();
}
if (!isset($options['mimetype'])) {
$options['mimetype'] = "application/octet-stream";
}
header("Content-type: $options[mimetype]");
if (isset($options['mtime'])) {
header("Last-modified:".gmdate("D, d M Y H:i:s ", $options['mtime'])."GMT");
}
if (isset($options['size'])) {
header("Content-length: ".$options['size']);
}
if($status===true) $status = "200 OK";
if($status===false) $status = "404 Not found";
if ($status === true) $status = "200 OK";
if ($status === false) $status = "404 Not found";
$this->http_status($status);
}
@ -1078,17 +1170,17 @@ class HTTP_WebDAV_Server
if ($this->_check_lock_status($this->path)) {
$options = Array();
$options["path"] = $this->path;
$options["content_length"] = $_SERVER["CONTENT_LENGTH"];
$options["content_length"] = $this->_SERVER["CONTENT_LENGTH"];
// get the Content-type
if (isset($_SERVER["CONTENT_TYPE"])) {
if (isset($this->_SERVER["CONTENT_TYPE"])) {
// for now we do not support any sort of multipart requests
if (!strncmp($_SERVER["CONTENT_TYPE"], "multipart/", 10)) {
if (!strncmp($this->_SERVER["CONTENT_TYPE"], "multipart/", 10)) {
$this->http_status("501 not implemented");
echo "The service does not support mulipart PUT requests";
return;
}
$options["content_type"] = $_SERVER["CONTENT_TYPE"];
$options["content_type"] = $this->_SERVER["CONTENT_TYPE"];
} else {
// default content type if none given
$options["content_type"] = "application/octet-stream";
@ -1099,7 +1191,7 @@ class HTTP_WebDAV_Server
does not understand or implement and MUST return a 501
(Not Implemented) response in such cases."
*/
foreach ($_SERVER as $key => $val) {
foreach ($this->_SERVER as $key => $val) {
if (strncmp($key, "HTTP_CONTENT", 11)) continue;
switch ($key) {
case 'HTTP_CONTENT_ENCODING': // RFC 2616 14.11
@ -1111,7 +1203,11 @@ class HTTP_WebDAV_Server
case 'HTTP_CONTENT_LANGUAGE': // RFC 2616 14.12
// we assume it is not critical if this one is ignored
// in the actual PUT implementation ...
$options["content_language"] = $value;
$options["content_language"] = $val;
break;
case 'HTTP_CONTENT_LENGTH':
// defined on IIS and has the same value as CONTENT_LENGTH
break;
case 'HTTP_CONTENT_LOCATION': // RFC 2616 14.14
@ -1141,6 +1237,10 @@ class HTTP_WebDAV_Server
// on implementations that do not support this ...
break;
case 'HTTP_CONTENT_TYPE':
// defined on IIS and has the same value as CONTENT_TYPE
break;
case 'HTTP_CONTENT_MD5': // RFC 2616 14.15
// TODO: maybe we can just pretend here?
$this->http_status("501 not implemented");
@ -1208,8 +1308,8 @@ class HTTP_WebDAV_Server
function http_DELETE()
{
// check RFC 2518 Section 9.2, last paragraph
if (isset($_SERVER["HTTP_DEPTH"])) {
if ($_SERVER["HTTP_DEPTH"] != "infinity") {
if (isset($this->_SERVER["HTTP_DEPTH"])) {
if ($this->_SERVER["HTTP_DEPTH"] != "infinity") {
$this->http_status("400 Bad Request");
return;
}
@ -1283,25 +1383,33 @@ class HTTP_WebDAV_Server
$options = Array();
$options["path"] = $this->path;
if (isset($_SERVER['HTTP_DEPTH'])) {
$options["depth"] = $_SERVER["HTTP_DEPTH"];
if (isset($this->_SERVER['HTTP_DEPTH'])) {
$options["depth"] = $this->_SERVER["HTTP_DEPTH"];
} else {
$options["depth"] = "infinity";
}
if (isset($_SERVER["HTTP_TIMEOUT"])) {
$options["timeout"] = explode(",", $_SERVER["HTTP_TIMEOUT"]);
if (isset($this->_SERVER["HTTP_TIMEOUT"])) {
$options["timeout"] = explode(",", $this->_SERVER["HTTP_TIMEOUT"]);
}
if(empty($_SERVER['CONTENT_LENGTH']) && !empty($_SERVER['HTTP_IF'])) {
if (empty($this->_SERVER['CONTENT_LENGTH']) && !empty($this->_SERVER['HTTP_IF'])) {
// check if locking is possible
if(!$this->_check_lock_status($this->path)) {
if (!$this->_check_lock_status($this->path)) {
$this->http_status("423 Locked");
return;
}
// refresh lock
$options["update"] = substr($_SERVER['HTTP_IF'], 2, -2);
$options["locktoken"] = substr($this->_SERVER['HTTP_IF'], 2, -2);
$options["update"] = $options["locktoken"];
// setting defaults for required fields, LOCK() SHOULD overwrite these
$options['owner'] = "unknown";
$options['scope'] = "exclusive";
$options['type'] = "write";
$stat = $this->LOCK($options);
} else {
// extract lock request information from request XML payload
@ -1311,7 +1419,7 @@ class HTTP_WebDAV_Server
}
// check if locking is possible
if(!$this->_check_lock_status($this->path, $lockinfo->lockscope === "shared")) {
if (!$this->_check_lock_status($this->path, $lockinfo->lockscope === "shared")) {
$this->http_status("423 Locked");
return;
}
@ -1320,29 +1428,40 @@ class HTTP_WebDAV_Server
$options["scope"] = $lockinfo->lockscope;
$options["type"] = $lockinfo->locktype;
$options["owner"] = $lockinfo->owner;
$options["locktoken"] = $this->_new_locktoken();
$stat = $this->LOCK($options);
}
if(is_bool($stat)) {
if (is_bool($stat)) {
$http_stat = $stat ? "200 OK" : "423 Locked";
} else {
$http_stat = $stat;
$http_stat = (string)$stat;
}
$this->http_status($http_stat);
if ($http_stat{0} == 2) { // 2xx states are ok
if($options["timeout"]) {
if ($options["timeout"]) {
// if multiple timeout values were given we take the first only
if (is_array($options["timeout"])) {
reset($options["timeout"]);
$options["timeout"] = current($options["timeout"]);
}
// if the timeout is numeric only we need to reformat it
if (is_numeric($options["timeout"])) {
// more than a million is considered an absolute timestamp
// less is more likely a relative value
if($options["timeout"]>1000000) {
if ($options["timeout"]>1000000) {
$timeout = "Second-".($options['timeout']-time());
} else {
$timeout = "Second-$options[timeout]";
}
} else {
// non-numeric values are passed on verbatim,
// no error checking is performed here in this case
// TODO: send "Infinite" on invalid timeout strings?
$timeout = $options["timeout"];
}
} else {
$timeout = "Infinite";
}
@ -1381,14 +1500,14 @@ class HTTP_WebDAV_Server
$options = Array();
$options["path"] = $this->path;
if (isset($_SERVER['HTTP_DEPTH'])) {
$options["depth"] = $_SERVER["HTTP_DEPTH"];
if (isset($this->_SERVER['HTTP_DEPTH'])) {
$options["depth"] = $this->_SERVER["HTTP_DEPTH"];
} else {
$options["depth"] = "infinity";
}
// strip surrounding <>
$options["token"] = substr(trim($_SERVER["HTTP_LOCK_TOKEN"]), 1, -1);
$options["token"] = substr(trim($this->_SERVER["HTTP_LOCK_TOKEN"]), 1, -1);
// call user method
$stat = $this->UNLOCK($options);
@ -1407,36 +1526,43 @@ class HTTP_WebDAV_Server
$options = Array();
$options["path"] = $this->path;
if (isset($_SERVER["HTTP_DEPTH"])) {
$options["depth"] = $_SERVER["HTTP_DEPTH"];
if (isset($this->_SERVER["HTTP_DEPTH"])) {
$options["depth"] = $this->_SERVER["HTTP_DEPTH"];
} else {
$options["depth"] = "infinity";
}
extract(parse_url($_SERVER["HTTP_DESTINATION"]));
$path = urldecode($path);
$http_host = $host;
if (isset($port) && $port != 80)
$http_host.= ":$port";
$http_header_host = preg_replace("/:80$/", "", $this->_SERVER["HTTP_HOST"]);
$http_header_host = preg_replace("/:80$/", "", $_SERVER["HTTP_HOST"]);
$url = parse_url($this->_SERVER["HTTP_DESTINATION"]);
$path = urldecode($url["path"]);
if (isset($url["host"])) {
// TODO check url scheme, too
$http_host = $url["host"];
if (isset($url["port"]) && $url["port"] != 80)
$http_host.= ":".$url["port"];
} else {
// only path given, set host to self
$http_host == $http_header_host;
}
if ($http_host == $http_header_host &&
!strncmp($_SERVER["SCRIPT_NAME"], $path,
strlen($_SERVER["SCRIPT_NAME"]))) {
$options["dest"] = substr($path, strlen($_SERVER["SCRIPT_NAME"]));
!strncmp($this->_SERVER["SCRIPT_NAME"], $path,
strlen($this->_SERVER["SCRIPT_NAME"]))) {
$options["dest"] = substr($path, strlen($this->_SERVER["SCRIPT_NAME"]));
if (!$this->_check_lock_status($options["dest"])) {
$this->http_status("423 Locked");
return;
}
} else {
$options["dest_url"] = $_SERVER["HTTP_DESTINATION"];
$options["dest_url"] = $this->_SERVER["HTTP_DESTINATION"];
}
// see RFC 2518 Sections 9.6, 8.8.4 and 8.9.3
if (isset($_SERVER["HTTP_OVERWRITE"])) {
$options["overwrite"] = $_SERVER["HTTP_OVERWRITE"] == "T";
if (isset($this->_SERVER["HTTP_OVERWRITE"])) {
$options["overwrite"] = $this->_SERVER["HTTP_OVERWRITE"] == "T";
} else {
$options["overwrite"] = true;
}
@ -1463,7 +1589,7 @@ class HTTP_WebDAV_Server
// all other METHODS need both a http_method() wrapper
// and a method() implementation
// the base class supplies wrappers only
foreach(get_class_methods($this) as $method) {
foreach (get_class_methods($this) as $method) {
if (!strncmp("http_", $method, 5)) {
$method = strtoupper(substr($method, 5));
if (method_exists($this, $method)) {
@ -1519,16 +1645,24 @@ class HTTP_WebDAV_Server
*/
function _check_auth()
{
$auth_type = isset($this->_SERVER["AUTH_TYPE"])
? $this->_SERVER["AUTH_TYPE"]
: null;
$auth_user = isset($this->_SERVER["PHP_AUTH_USER"])
? $this->_SERVER["PHP_AUTH_USER"]
: null;
$auth_pw = isset($this->_SERVER["PHP_AUTH_PW"])
? $this->_SERVER["PHP_AUTH_PW"]
: null;
if (method_exists($this, "checkAuth")) {
// PEAR style method name
return $this->checkAuth(@$_SERVER["AUTH_TYPE"],
@$_SERVER["PHP_AUTH_USER"],
@$_SERVER["PHP_AUTH_PW"]);
return $this->checkAuth($auth_type, $auth_user, $auth_pw);
} else if (method_exists($this, "check_auth")) {
// old (pre 1.0) method name
return $this->check_auth(@$_SERVER["AUTH_TYPE"],
@$_SERVER["PHP_AUTH_USER"],
@$_SERVER["PHP_AUTH_PW"]);
return $this->check_auth($auth_type, $auth_user, $auth_pw);
} else {
// no method found -> no authentication required
return true;
@ -1649,7 +1783,6 @@ class HTTP_WebDAV_Server
{
$pos = 0;
$len = strlen($str);
$uris = array();
// parser loop
@ -1711,8 +1844,8 @@ class HTTP_WebDAV_Server
$not = "";
}
if (@is_array($uris[$uri])) {
$uris[$uri] = array_merge($uris[$uri],$list);
if (isset($uris[$uri]) && is_array($uris[$uri])) {
$uris[$uri] = array_merge($uris[$uri], $list);
} else {
$uris[$uri] = $list;
}
@ -1732,17 +1865,17 @@ class HTTP_WebDAV_Server
*/
function _check_if_header_conditions()
{
if (isset($_SERVER["HTTP_IF"])) {
if (isset($this->_SERVER["HTTP_IF"])) {
$this->_if_header_uris =
$this->_if_header_parser($_SERVER["HTTP_IF"]);
$this->_if_header_parser($this->_SERVER["HTTP_IF"]);
foreach($this->_if_header_uris as $uri => $conditions) {
foreach ($this->_if_header_uris as $uri => $conditions) {
if ($uri == "") {
$uri = $this->uri;
}
// all must match
$state = true;
foreach($conditions as $condition) {
foreach ($conditions as $condition) {
// lock tokens may be free form (RFC2518 6.3)
// but if opaquelocktokens are used (RFC2518 6.4)
// we have to check the format (litmus tests this)
@ -1783,6 +1916,13 @@ class HTTP_WebDAV_Server
{
// not really implemented here,
// implementations must override
// a lock token can never be from the DAV: scheme
// litmus uses DAV:no-lock in some tests
if (!strncmp("<DAV:", $condition, 5)) {
return false;
}
return true;
}
@ -1803,7 +1943,7 @@ class HTTP_WebDAV_Server
// ... and lock is not owned?
if (is_array($lock) && count($lock)) {
// FIXME doesn't check uri restrictions yet
if (!isset($_SERVER["HTTP_IF"]) || !strstr($_SERVER["HTTP_IF"], $lock["token"])) {
if (!isset($this->_SERVER["HTTP_IF"]) || !strstr($this->_SERVER["HTTP_IF"], $lock["token"])) {
if (!$exclusive_only || ($lock["scope"] !== "shared"))
return false;
}
@ -1872,7 +2012,7 @@ class HTTP_WebDAV_Server
function http_status($status)
{
// simplified success case
if($status === true) {
if ($status === true) {
$status = "200 OK";
}
@ -1887,7 +2027,7 @@ class HTTP_WebDAV_Server
/**
* private minimalistic version of PHP urlencode()
*
* only blanks and XML special chars must be encoded here
* only blanks, percent and XML special chars must be encoded here
* full urlencode() encoding confuses some clients ...
*
* @param string URL to encode
@ -1896,6 +2036,7 @@ class HTTP_WebDAV_Server
function _urlencode($url)
{
return strtr($url, array(" "=>"%20",
"%"=>"%25",
"&"=>"%26",
"<"=>"%3C",
">"=>"%3E",
@ -1912,7 +2053,7 @@ class HTTP_WebDAV_Server
*/
function _urldecode($path)
{
return urldecode($path);
return rawurldecode($path);
}
/**
@ -1940,7 +2081,8 @@ class HTTP_WebDAV_Server
* @param string directory path
* @returns string directory path wiht trailing slash
*/
function _slashify($path) {
function _slashify($path)
{
if ($path[strlen($path)-1] != '/') {
$path = $path."/";
}
@ -1953,21 +2095,22 @@ class HTTP_WebDAV_Server
* @param string directory path
* @returns string directory path wihtout trailing slash
*/
function _unslashify($path) {
function _unslashify($path)
{
if ($path[strlen($path)-1] == '/') {
$path = substr($path, 0, strlen($path, 0, -1));
$path = substr($path, 0, strlen($path) -1);
}
return $path;
}
/**
* Merge two pathes, make sure there is exactly one slash between them
* Merge two paths, make sure there is exactly one slash between them
*
* @param string parent path
* @param string child path
* @return string merged path
*/
function _mergePathes($parent, $child)
function _mergePaths($parent, $child)
{
if ($child{0} == '/') {
return $this->_unslashify($parent).$child;
@ -1975,9 +2118,26 @@ class HTTP_WebDAV_Server
return $this->_slashify($parent).$child;
}
}
/**
* mbstring.func_overload save strlen version: counting the bytes not the chars
*
* @param string $str
* @return int
*/
function bytes($str)
{
static $func_overload;
if (is_null($func_overload))
{
$func_overload = @extension_loaded('mbstring') ? ini_get('mbstring.func_overload') : 0;
}
return $func_overload & 2 ? mb_strlen($str,'ascii') : strlen($str);
}
}
/*
/*
* Local variables:
* tab-width: 4
* c-basic-offset: 4

300
inc/HTTP/WebDAV/Server/Filesystem.php Executable file → Normal file
View File

@ -1,5 +1,37 @@
<?php
<?php // $Id$
/*
+----------------------------------------------------------------------+
| Copyright (c) 2002-2007 Christian Stocker, Hartmut Holzgraefe |
| All rights reserved |
| |
| Redistribution and use in source and binary forms, with or without |
| modification, are permitted provided that the following conditions |
| are met: |
| |
| 1. Redistributions of source code must retain the above copyright |
| notice, this list of conditions and the following disclaimer. |
| 2. Redistributions in binary form must reproduce the above copyright |
| notice, this list of conditions and the following disclaimer in |
| the documentation and/or other materials provided with the |
| distribution. |
| 3. The names of the authors may not be used to endorse or promote |
| products derived from this software without specific prior |
| written permission. |
| |
| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
| FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
| COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
| INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
| BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
| CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
| ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| POSSIBILITY OF SUCH DAMAGE. |
+----------------------------------------------------------------------+
*/
require_once "lib_base.php";
require_once "HTTP/WebDAV/Server.php";
require_once "System.php";
@ -8,6 +40,8 @@
* Filesystem access using WebDAV
*
* @access public
* @author Hartmut Holzgraefe <hartmut@php.net>
* @version @package-version@
*/
class HTTP_WebDAV_Server_Filesystem extends HTTP_WebDAV_Server
{
@ -32,22 +66,23 @@
// special treatment for litmus compliance test
// reply on its identifier header
// not needed for the test itself but eases debugging
if (function_exists("apache_request_headers")) {
foreach(apache_request_headers() as $key => $value) {
if (stristr($key,"litmus")) {
error_log("Litmus test $value");
header("X-Litmus-reply: ".$value);
}
}
if (isset($this->_SERVER['HTTP_X_LITMUS'])) {
error_log("Litmus test ".$this->_SERVER['HTTP_X_LITMUS']);
header("X-Litmus-reply: ".$this->_SERVER['HTTP_X_LITMUS']);
}
// set root directory, defaults to webserver document root if not set
if ($base) {
$this->base = realpath($base); // TODO throw if not a directory
} else if (!$this->base) {
$this->base = $_SERVER['DOCUMENT_ROOT'];
$this->base = $this->_SERVER['DOCUMENT_ROOT'];
}
// establish connection to property/locking db
// mysql_connect($this->db_host, $this->db_user, $this->db_passwd) or die(mysql_error());
// mysql_select_db($this->db_name) or die(mysql_error());
// TODO throw on connection problems
// let the base class do all the work
parent::ServeRequest();
}
@ -91,13 +126,13 @@
$files["files"][] = $this->fileinfo($options["path"]);
// information for contained resources requested?
if (!empty($options["depth"])) { // TODO check for is_dir() first?
if (!empty($options["depth"]) && is_dir($fspath) && is_readable($fspath)) {
// make sure path ends with '/'
$options["path"] = $this->_slashify($options["path"]);
// try to open directory
$handle = @opendir($fspath);
$handle = opendir($fspath);
if ($handle) {
// ok, now get all its contents
@ -138,6 +173,10 @@
$info["props"][] = $this->mkprop("creationdate", filectime($fspath));
$info["props"][] = $this->mkprop("getlastmodified", filemtime($fspath));
// Microsoft extensions: last access time and 'hidden' status
$info["props"][] = $this->mkprop("lastaccessed", fileatime($fspath));
$info["props"][] = $this->mkprop("ishidden", ('.' === substr(basename($fspath), 0, 1)));
// type and size (caller already made sure that path exists)
if (is_dir($fspath)) {
// directory (WebDAV collection)
@ -155,12 +194,14 @@
}
// get additional properties from database
$query = "SELECT ns, name, value FROM properties WHERE path = '$path'";
$res = OC_DB::query($query);
while ($row = OC_DB::fetch_assoc($res)) {
$query = "SELECT ns, name, value
FROM {$this->db_prefix}properties
WHERE path = '$path'";
$res = mysql_query($query);
while ($row = mysql_fetch_assoc($res)) {
$info["props"][] = $this->mkprop($row["ns"], $row["name"], $row["value"]);
}
OC_DB::free_result($res);
mysql_free_result($res);
return $info;
}
@ -217,7 +258,7 @@
*/
function _mimetype($fspath)
{
if (@is_dir($fspath)) {
if (is_dir($fspath)) {
// directories are easy
return "httpd/unix-directory";
} else if (function_exists("mime_content_type")) {
@ -238,7 +279,7 @@
if (!strncmp($reply, "$fspath: ", strlen($fspath)+2)) {
$reply = substr($reply, strlen($fspath)+2);
// followed by the mime type (maybe including options)
if (preg_match('/^[[:alnum:]_-]+/[[:alnum:]_-]+;?.*/', $reply, $matches)) {
if (preg_match('|^[[:alnum:]_-]+/[[:alnum:]_-]+;?.*|', $reply, $matches)) {
$mime_type = $matches[0];
}
}
@ -278,12 +319,12 @@
}
/**
* GET method handler
* HEAD method handler
*
* @param array parameter passing array
* @return bool true on success
*/
function GET(&$options)
function HEAD(&$options)
{
// get absolute fs path to requested resource
$fspath = $this->base . $options["path"];
@ -291,11 +332,6 @@
// sanity check
if (!file_exists($fspath)) return false;
// is this a collection?
if (is_dir($fspath)) {
return $this->GetDir($fspath, $options);
}
// detect resource type
$options['mimetype'] = $this->_mimetype($fspath);
@ -308,6 +344,30 @@
// detect resource size
$options['size'] = filesize($fspath);
return true;
}
/**
* GET method handler
*
* @param array parameter passing array
* @return bool true on success
*/
function GET(&$options)
{
// get absolute fs path to requested resource
$fspath = $this->base . $options["path"];
// is this a collection?
if (is_dir($fspath)) {
return $this->GetDir($fspath, $options);
}
// the header output is the same as for HEAD
if (!$this->HEAD($options)) {
return false;
}
// no need to check result here, it is handled by the base class
$options['stream'] = fopen($fspath, "r");
@ -334,7 +394,11 @@
// fixed width directory column format
$format = "%15s %-19s %-s\n";
$handle = @opendir($fspath);
if (!is_readable($fspath)) {
return false;
}
$handle = opendir($fspath);
if (!$handle) {
return false;
}
@ -354,7 +418,7 @@
printf($format,
number_format(filesize($fullpath)),
strftime("%Y-%m-%d %H:%M:%S", filemtime($fullpath)),
"<a href='$this->base_uri$path$name'>$name</a>");
"<a href='$name'>$name</a>");
}
}
@ -377,12 +441,23 @@
{
$fspath = $this->base . $options["path"];
if (!@is_dir(dirname($fspath))) {
return "409 Conflict";
$dir = dirname($fspath);
if (!file_exists($dir) || !is_dir($dir)) {
return "409 Conflict"; // TODO right status code for both?
}
$options["new"] = ! file_exists($fspath);
if ($options["new"] && !is_writeable($dir)) {
return "403 Forbidden";
}
if (!$options["new"] && !is_writeable($fspath)) {
return "403 Forbidden";
}
if (!$options["new"] && is_dir($fspath)) {
return "403 Forbidden";
}
$fp = fopen($fspath, "w");
return $fp;
@ -413,11 +488,11 @@
return "405 Method not allowed";
}
if (!empty($_SERVER["CONTENT_LENGTH"])) { // no body parsing yet
if (!empty($this->_SERVER["CONTENT_LENGTH"])) { // no body parsing yet
return "415 Unsupported media type";
}
$stat = mkdir ($parent."/".$name,0777);
$stat = mkdir($parent."/".$name, 0777);
if (!$stat) {
return "403 Forbidden";
}
@ -441,14 +516,16 @@
}
if (is_dir($path)) {
$query = "DELETE FROM properties WHERE path LIKE '".$this->_slashify($options["path"])."%'";
OC_DB::query($query);
System::rm("-rf $path");
$query = "DELETE FROM {$this->db_prefix}properties
WHERE path LIKE '".$this->_slashify($options["path"])."%'";
mysql_query($query);
System::rm(array("-rf", $path));
} else {
unlink ($path);
unlink($path);
}
$query = "DELETE FROM properties WHERE path = '$options[path]'";
OC_DB::query($query);
$query = "DELETE FROM {$this->db_prefix}properties
WHERE path = '$options[path]'";
mysql_query($query);
return "204 No Content";
}
@ -475,7 +552,7 @@
{
// TODO Property updates still broken (Litmus should detect this?)
if (!empty($_SERVER["CONTENT_LENGTH"])) { // no body parsing yet
if (!empty($this->_SERVER["CONTENT_LENGTH"])) { // no body parsing yet
return "415 Unsupported media type";
}
@ -484,10 +561,33 @@
return "502 bad gateway";
}
$source = $this->base .$options["path"];
if (!file_exists($source)) return "404 Not found";
$source = $this->base . $options["path"];
if (!file_exists($source)) {
return "404 Not found";
}
if (is_dir($source)) { // resource is a collection
switch ($options["depth"]) {
case "infinity": // valid
break;
case "0": // valid for COPY only
if ($del) { // MOVE?
return "400 Bad request";
}
break;
case "1": // invalid for both COPY and MOVE
default:
return "400 Bad request";
}
}
$dest = $this->base . $options["dest"];
$destdir = dirname($dest);
if (!file_exists($destdir) || !is_dir($destdir)) {
return "409 Conflict";
}
$new = !file_exists($dest);
$existing_col = false;
@ -518,27 +618,22 @@
}
}
if (is_dir($source) && ($options["depth"] != "infinity")) {
// RFC 2518 Section 9.2, last paragraph
return "400 Bad request";
}
if ($del) {
if (!rename($source, $dest)) {
return "500 Internal server error";
}
$destpath = $this->_unslashify($options["dest"]);
if (is_dir($source)) {
$query = "UPDATE properties
$query = "UPDATE {$this->db_prefix}properties
SET path = REPLACE(path, '".$options["path"]."', '".$destpath."')
WHERE path LIKE '".$this->_slashify($options["path"])."%'";
OC_DB::query($query);
mysql_query($query);
}
$query = "UPDATE properties
$query = "UPDATE {$this->db_prefix}properties
SET path = '".$destpath."'
WHERE path = '".$options["path"]."'";
OC_DB::query($query);
mysql_query($query);
} else {
if (is_dir($source)) {
$files = System::find($source);
@ -560,22 +655,28 @@
$destfile = str_replace($source, $dest, $file);
if (is_dir($file)) {
if (!is_dir($destfile)) {
// TODO "mkdir -p" here? (only natively supported by PHP 5)
if (!file_exists($destfile)) {
if (!is_writeable(dirname($destfile))) {
return "403 Forbidden";
}
if (!mkdir($destfile)) {
return "409 Conflict";
}
} else {
error_log("existing dir '$destfile'");
} else if (!is_dir($destfile)) {
return "409 Conflict";
}
} else {
if (!copy($file, $destfile)) {
return "409 Conflict";
}
}
}
$query = "INSERT INTO properties SELECT ... FROM properties WHERE path = '".$options['path']."'";
$query = "INSERT INTO {$this->db_prefix}properties
SELECT *
FROM {$this->db_prefix}properties
WHERE path = '".$options['path']."'";
}
return ($new && !$existing_col) ? "201 Created" : "204 No Content";
@ -592,23 +693,27 @@
global $prefs, $tab;
$msg = "";
$path = $options["path"];
$dir = dirname($path)."/";
$base = basename($path);
foreach($options["props"] as $key => $prop) {
foreach ($options["props"] as $key => $prop) {
if ($prop["ns"] == "DAV:") {
$options["props"][$key]['status'] = "403 Forbidden";
} else {
if (isset($prop["val"])) {
$query = "REPLACE INTO properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'";
error_log($query);
$query = "REPLACE INTO {$this->db_prefix}properties
SET path = '$options[path]'
, name = '$prop[name]'
, ns= '$prop[ns]'
, value = '$prop[val]'";
} else {
$query = "DELETE FROM properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'";
$query = "DELETE FROM {$this->db_prefix}properties
WHERE path = '$options[path]'
AND name = '$prop[name]'
AND ns = '$prop[ns]'";
}
OC_DB::query($query);
mysql_query($query);
}
}
@ -624,30 +729,54 @@
*/
function LOCK(&$options)
{
if (isset($options["update"])) { // Lock Update
$query = "UPDATE locks SET expires = ".(time()+300);
OC_DB::query($query);
// get absolute fs path to requested resource
$fspath = $this->base . $options["path"];
// TODO recursive locks on directories not supported yet
// makes litmus test "32. lock_collection" fail
if (is_dir($fspath) && !empty($options["depth"])) {
return "409 Conflict";
}
$options["timeout"] = time()+300; // 5min. hardcoded
if (isset($options["update"])) { // Lock Update
$where = "WHERE path = '$options[path]' AND token = '$options[update]'";
$query = "SELECT owner, exclusivelock FROM {$this->db_prefix}locks $where";
$res = mysql_query($query);
$row = mysql_fetch_assoc($res);
mysql_free_result($res);
if (is_array($row)) {
$query = "UPDATE {$this->db_prefix}locks
SET expires = '$options[timeout]'
, modified = ".time()."
$where";
mysql_query($query);
$options['owner'] = $row['owner'];
$options['scope'] = $row["exclusivelock"] ? "exclusive" : "shared";
$options['type'] = $row["exclusivelock"] ? "write" : "read";
if (OC_DB::affected_rows()) {
$options["timeout"] = 300; // 5min hardcoded
return true;
} else {
return false;
}
}
$options["timeout"] = time()+300; // 5min. hardcoded
$query = "INSERT INTO locks
$query = "INSERT INTO {$this->db_prefix}locks
SET token = '$options[locktoken]'
, path = '$options[path]'
, created = ".time()."
, modified = ".time()."
, owner = '$options[owner]'
, expires = '$options[timeout]'
, exclusivelock = " .($options['scope'] === "exclusive" ? "1" : "0")
;
OC_DB::query($query);
mysql_query($query);
return OC_DB::affected_rows() ? "200 OK" : "409 Conflict";
return mysql_affected_rows() ? "200 OK" : "409 Conflict";
}
/**
@ -658,12 +787,12 @@
*/
function UNLOCK(&$options)
{
$query = "DELETE FROM locks
$query = "DELETE FROM {$this->db_prefix}locks
WHERE path = '$options[path]'
AND token = '$options[token]'";
OC_DB::query($query);
mysql_query($query);
return OC_DB::affected_rows() ? "204 No Content" : "409 Conflict";
return mysql_affected_rows() ? "204 No Content" : "409 Conflict";
}
/**
@ -676,15 +805,15 @@
{
$result = false;
$query = "SELECT owner, token, expires, exclusivelock
FROM locks
$query = "SELECT owner, token, created, modified, expires, exclusivelock
FROM {$this->db_prefix}locks
WHERE path = '$path'
";
$res = OC_DB::query($query);
$res = mysql_query($query);
if ($res) {
$row = OC_DB::fetch_assoc($res);
OC_DB::free_result($res);
$row = mysql_fetch_array($res);
mysql_free_result($res);
if ($row) {
$result = array( "type" => "write",
@ -692,6 +821,8 @@
"depth" => 0,
"owner" => $row['owner'],
"token" => $row['token'],
"created" => $row['created'],
"modified" => $row['modified'],
"expires" => $row['expires']
);
}
@ -712,8 +843,13 @@
// TODO
return false;
}
}
}
?>
/*
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* indent-tabs-mode:nil
* End:
*/

62
inc/HTTP/WebDAV/Tools/_parse_lockinfo.php Executable file → Normal file
View File

@ -1,31 +1,45 @@
<?php
//
// +----------------------------------------------------------------------+
// | PHP Version 4 |
// +----------------------------------------------------------------------+
// | Copyright (c) 1997-2003 The PHP Group |
// +----------------------------------------------------------------------+
// | This source file is subject to version 2.02 of the PHP license, |
// | that is bundled with this package in the file LICENSE, and is |
// | available at through the world-wide-web at |
// | http://www.php.net/license/2_02.txt. |
// | If you did not receive a copy of the PHP license and are unable to |
// | obtain it through the world-wide-web, please send a note to |
// | license@php.net so we can mail you a copy immediately. |
// +----------------------------------------------------------------------+
// | Authors: Hartmut Holzgraefe <hholzgra@php.net> |
// | Christian Stocker <chregu@bitflux.ch> |
// +----------------------------------------------------------------------+
//
// $Id: _parse_lockinfo.php,v 1.2 2004/01/05 12:32:40 hholzgra Exp $
//
<?php // $Id$
/*
+----------------------------------------------------------------------+
| Copyright (c) 2002-2007 Christian Stocker, Hartmut Holzgraefe |
| All rights reserved |
| |
| Redistribution and use in source and binary forms, with or without |
| modification, are permitted provided that the following conditions |
| are met: |
| |
| 1. Redistributions of source code must retain the above copyright |
| notice, this list of conditions and the following disclaimer. |
| 2. Redistributions in binary form must reproduce the above copyright |
| notice, this list of conditions and the following disclaimer in |
| the documentation and/or other materials provided with the |
| distribution. |
| 3. The names of the authors may not be used to endorse or promote |
| products derived from this software without specific prior |
| written permission. |
| |
| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
| FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
| COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
| INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
| BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
| CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
| ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| POSSIBILITY OF SUCH DAMAGE. |
+----------------------------------------------------------------------+
*/
/**
* helper class for parsing LOCK request bodies
*
* @package HTTP_WebDAV_Server
* @author Hartmut Holzgraefe <hholzgra@php.net>
* @version 0.99.1dev
* @version @package-version@
*/
class _parse_lockinfo
{
@ -105,7 +119,7 @@ class _parse_lockinfo
XML_OPTION_CASE_FOLDING, false);
// parse input
while($this->success && !feof($f_in)) {
while ($this->success && !feof($f_in)) {
$line = fgets($f_in);
if (is_string($line)) {
$had_input = true;
@ -114,7 +128,7 @@ class _parse_lockinfo
}
// finish parsing
if($had_input) {
if ($had_input) {
$this->success &= xml_parse($xml_parser, "", true);
}

61
inc/HTTP/WebDAV/Tools/_parse_propfind.php Executable file → Normal file
View File

@ -1,31 +1,44 @@
<?php
//
// +----------------------------------------------------------------------+
// | PHP Version 4 |
// +----------------------------------------------------------------------+
// | Copyright (c) 1997-2003 The PHP Group |
// +----------------------------------------------------------------------+
// | This source file is subject to version 2.02 of the PHP license, |
// | that is bundled with this package in the file LICENSE, and is |
// | available at through the world-wide-web at |
// | http://www.php.net/license/2_02.txt. |
// | If you did not receive a copy of the PHP license and are unable to |
// | obtain it through the world-wide-web, please send a note to |
// | license@php.net so we can mail you a copy immediately. |
// +----------------------------------------------------------------------+
// | Authors: Hartmut Holzgraefe <hholzgra@php.net> |
// | Christian Stocker <chregu@bitflux.ch> |
// +----------------------------------------------------------------------+
//
// $Id: _parse_propfind.php,v 1.2 2004/01/05 12:33:22 hholzgra Exp $
//
<?php // $Id$
/*
+----------------------------------------------------------------------+
| Copyright (c) 2002-2007 Christian Stocker, Hartmut Holzgraefe |
| All rights reserved |
| |
| Redistribution and use in source and binary forms, with or without |
| modification, are permitted provided that the following conditions |
| are met: |
| |
| 1. Redistributions of source code must retain the above copyright |
| notice, this list of conditions and the following disclaimer. |
| 2. Redistributions in binary form must reproduce the above copyright |
| notice, this list of conditions and the following disclaimer in |
| the documentation and/or other materials provided with the |
| distribution. |
| 3. The names of the authors may not be used to endorse or promote |
| products derived from this software without specific prior |
| written permission. |
| |
| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
| FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
| COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
| INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
| BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
| CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
| ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| POSSIBILITY OF SUCH DAMAGE. |
+----------------------------------------------------------------------+
*/
/**
* helper class for parsing PROPFIND request bodies
*
* @package HTTP_WebDAV_Server
* @author Hartmut Holzgraefe <hholzgra@php.net>
* @version 0.99.1dev
* @version @package-version@
*/
class _parse_propfind
{
@ -94,7 +107,7 @@ class _parse_propfind
// parse input
while($this->success && !feof($f_in)) {
while ($this->success && !feof($f_in)) {
$line = fgets($f_in);
if (is_string($line)) {
$had_input = true;
@ -103,7 +116,7 @@ class _parse_propfind
}
// finish parsing
if($had_input) {
if ($had_input) {
$this->success &= xml_parse($xml_parser, "", true);
}

71
inc/HTTP/WebDAV/Tools/_parse_proppatch.php Executable file → Normal file
View File

@ -1,31 +1,45 @@
<?php
//
// +----------------------------------------------------------------------+
// | PHP Version 4 |
// +----------------------------------------------------------------------+
// | Copyright (c) 1997-2003 The PHP Group |
// +----------------------------------------------------------------------+
// | This source file is subject to version 2.02 of the PHP license, |
// | that is bundled with this package in the file LICENSE, and is |
// | available at through the world-wide-web at |
// | http://www.php.net/license/2_02.txt. |
// | If you did not receive a copy of the PHP license and are unable to |
// | obtain it through the world-wide-web, please send a note to |
// | license@php.net so we can mail you a copy immediately. |
// +----------------------------------------------------------------------+
// | Authors: Hartmut Holzgraefe <hholzgra@php.net> |
// | Christian Stocker <chregu@bitflux.ch> |
// +----------------------------------------------------------------------+
//
// $Id: _parse_proppatch.php,v 1.3 2004/01/05 12:41:34 hholzgra Exp $
//
<?php // $Id$
/*
+----------------------------------------------------------------------+
| Copyright (c) 2002-2007 Christian Stocker, Hartmut Holzgraefe |
| All rights reserved |
| |
| Redistribution and use in source and binary forms, with or without |
| modification, are permitted provided that the following conditions |
| are met: |
| |
| 1. Redistributions of source code must retain the above copyright |
| notice, this list of conditions and the following disclaimer. |
| 2. Redistributions in binary form must reproduce the above copyright |
| notice, this list of conditions and the following disclaimer in |
| the documentation and/or other materials provided with the |
| distribution. |
| 3. The names of the authors may not be used to endorse or promote |
| products derived from this software without specific prior |
| written permission. |
| |
| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
| FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
| COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
| INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
| BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
| CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
| ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| POSSIBILITY OF SUCH DAMAGE. |
+----------------------------------------------------------------------+
*/
/**
* helper class for parsing PROPPATCH request bodies
*
* @package HTTP_WebDAV_Server
* @author Hartmut Holzgraefe <hholzgra@php.net>
* @version 0.99.1dev
* @version @package-version@
*/
class _parse_proppatch
{
@ -152,9 +166,11 @@ class _parse_proppatch
if ($this->depth >= 4) {
$this->current["val"] .= "<$tag";
if (isset($attr)) {
foreach ($attr as $key => $val) {
$this->current["val"] .= ' '.$key.'="'.str_replace('"','&quot;', $val).'"';
}
}
$this->current["val"] .= ">";
}
@ -204,11 +220,18 @@ class _parse_proppatch
* @return void
* @access private
*/
function _data($parser, $data) {
function _data($parser, $data)
{
if (isset($this->current)) {
$this->current["val"] .= $data;
}
}
}
?>
/*
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* indent-tabs-mode:nil
* End:
*/