diff --git a/apps/files/index.php b/apps/files/index.php index b64bde44cc..08193eaee7 100644 --- a/apps/files/index.php +++ b/apps/files/index.php @@ -38,36 +38,36 @@ OCP\App::setActiveNavigationEntry('files_index'); $dir = isset($_GET['dir']) ? stripslashes($_GET['dir']) : ''; // Redirect if directory does not exist if (!OC_Filesystem::is_dir($dir . '/')) { - header('Location: ' . $_SERVER['SCRIPT_NAME'] . ''); - exit(); + header('Location: ' . $_SERVER['SCRIPT_NAME'] . ''); + exit(); } $files = array(); foreach (OC_Files::getdirectorycontent($dir) as $i) { - $i['date'] = OCP\Util::formatDate($i['mtime']); - if ($i['type'] == 'file') { - $fileinfo = pathinfo($i['name']); - $i['basename'] = $fileinfo['filename']; - if (!empty($fileinfo['extension'])) { - $i['extension'] = '.' . $fileinfo['extension']; - } else { - $i['extension'] = ''; - } - } - if ($i['directory'] == '/') { - $i['directory'] = ''; - } - $files[] = $i; + $i['date'] = OCP\Util::formatDate($i['mtime']); + if ($i['type'] == 'file') { + $fileinfo = pathinfo($i['name']); + $i['basename'] = $fileinfo['filename']; + if (!empty($fileinfo['extension'])) { + $i['extension'] = '.' . $fileinfo['extension']; + } else { + $i['extension'] = ''; + } + } + if ($i['directory'] == '/') { + $i['directory'] = ''; + } + $files[] = $i; } // Make breadcrumb $breadcrumb = array(); $pathtohere = ''; foreach (explode('/', $dir) as $i) { - if ($i != '') { - $pathtohere .= '/' . $i; - $breadcrumb[] = array('dir' => $pathtohere, 'name' => $i); - } + if ($i != '') { + $pathtohere .= '/' . $i; + $breadcrumb[] = array('dir' => $pathtohere, 'name' => $i); + } } // make breadcrumb und filelist markup @@ -89,13 +89,13 @@ $maxUploadFilesize = min($maxUploadFilesize, $freeSpace); $permissions = OCP\PERMISSION_READ; if (OC_Filesystem::isUpdatable($dir . '/')) { - $permissions |= OCP\PERMISSION_UPDATE; + $permissions |= OCP\PERMISSION_UPDATE; } if (OC_Filesystem::isDeletable($dir . '/')) { - $permissions |= OCP\PERMISSION_DELETE; + $permissions |= OCP\PERMISSION_DELETE; } if (OC_Filesystem::isSharable($dir . '/')) { - $permissions |= OCP\PERMISSION_SHARE; + $permissions |= OCP\PERMISSION_SHARE; } $tmpl = new OCP\Template('files', 'index', 'user'); diff --git a/apps/files_external/templates/settings.php b/apps/files_external/templates/settings.php index dd537d779a..ebfcbfdc42 100644 --- a/apps/files_external/templates/settings.php +++ b/apps/files_external/templates/settings.php @@ -1,7 +1,7 @@
t('External Storage'); ?> - '')) echo ''.$_['dependencies'].''; ?> + '')) echo ''.$_['dependencies'].''; ?> '> diff --git a/apps/files_versions/templates/settings.php b/apps/files_versions/templates/settings.php index 88063cb075..bfca8366f5 100644 --- a/apps/files_versions/templates/settings.php +++ b/apps/files_versions/templates/settings.php @@ -1,6 +1,6 @@ -
- t('Files Versioning');?> - />
-
+
+ t('Files Versioning');?> + />
+
diff --git a/config/config.sample.php b/config/config.sample.php index 33aafab548..dafb536fa6 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -123,12 +123,12 @@ $CONFIG = array( 'path'=> '/var/www/owncloud/apps', 'url' => '/apps', 'writable' => true, - ), - ), - 'user_backends'=>array( - array( - 'class'=>'OC_User_IMAP', - 'arguments'=>array('{imap.gmail.com:993/imap/ssl}INBOX') - ) - ) + ), +), +'user_backends'=>array( + array( + 'class'=>'OC_User_IMAP', + 'arguments'=>array('{imap.gmail.com:993/imap/ssl}INBOX') + ) +) ); diff --git a/core/templates/login.php b/core/templates/login.php index 10093baabf..43e4599780 100644 --- a/core/templates/login.php +++ b/core/templates/login.php @@ -1,50 +1,50 @@ -
- '; - } ?> -
    - -
  • - t('Automatic logon rejected!'); ?>
    - t('If you did not change your password recently, your account may be compromised!'); ?> -
    - t('Please change your password to secure your account again.'); ?> -
    • - - - -
  • - t('Lost your password?'); ?> -
    • -     - -
-

- - autocomplete="on" required/> - - -

+
+ '; + } ?> +
    + +
  • + t('Automatic logon rejected!'); ?>
    + t('If you did not change your password recently, your account may be compromised!'); ?> +
    + t('Please change your password to secure your account again.'); ?> +
    • + + + +
  • + t('Lost your password?'); ?> +
    • +     + +
+

+ + autocomplete="on" required/> + + +

-

- /> - - -

- - - -
+

+ /> + + +

+ + + +
diff --git a/lib/base.php b/lib/base.php index 3d3e7d59f9..6896c91822 100644 --- a/lib/base.php +++ b/lib/base.php @@ -29,169 +29,169 @@ require_once 'public/constants.php'; */ class OC { - /** - * Assoziative array for autoloading. classname => filename - */ - public static $CLASSPATH = array(); - /** - * The installation path for owncloud on the server (e.g. /srv/http/owncloud) - */ - public static $SERVERROOT = ''; - /** - * the current request path relative to the owncloud root (e.g. files/index.php) - */ - private static $SUBURI = ''; - /** - * the owncloud root path for http requests (e.g. owncloud/) - */ - public static $WEBROOT = ''; - /** - * The installation path of the 3rdparty folder on the server (e.g. /srv/http/owncloud/3rdparty) - */ - public static $THIRDPARTYROOT = ''; - /** - * the root path of the 3rdparty folder for http requests (e.g. owncloud/3rdparty) - */ - public static $THIRDPARTYWEBROOT = ''; - /** - * The installation path array of the apps folder on the server (e.g. /srv/http/owncloud) 'path' and - * web path in 'url' - */ - public static $APPSROOTS = array(); - /* - * requested app - */ - public static $REQUESTEDAPP = ''; - /* - * requested file of app - */ - public static $REQUESTEDFILE = ''; - /** - * check if owncloud runs in cli mode - */ - public static $CLI = false; - /* - * OC router - */ - protected static $router = null; + /** + * Assoziative array for autoloading. classname => filename + */ + public static $CLASSPATH = array(); + /** + * The installation path for owncloud on the server (e.g. /srv/http/owncloud) + */ + public static $SERVERROOT = ''; + /** + * the current request path relative to the owncloud root (e.g. files/index.php) + */ + private static $SUBURI = ''; + /** + * the owncloud root path for http requests (e.g. owncloud/) + */ + public static $WEBROOT = ''; + /** + * The installation path of the 3rdparty folder on the server (e.g. /srv/http/owncloud/3rdparty) + */ + public static $THIRDPARTYROOT = ''; + /** + * the root path of the 3rdparty folder for http requests (e.g. owncloud/3rdparty) + */ + public static $THIRDPARTYWEBROOT = ''; + /** + * The installation path array of the apps folder on the server (e.g. /srv/http/owncloud) 'path' and + * web path in 'url' + */ + public static $APPSROOTS = array(); + /* + * requested app + */ + public static $REQUESTEDAPP = ''; + /* + * requested file of app + */ + public static $REQUESTEDFILE = ''; + /** + * check if owncloud runs in cli mode + */ + public static $CLI = false; + /* + * OC router + */ + protected static $router = null; - /** - * SPL autoload - */ - public static function autoload($className) - { - if (array_key_exists($className, OC::$CLASSPATH)) { - $path = OC::$CLASSPATH[$className]; - /** @TODO: Remove this when necessary - Remove "apps/" from inclusion path for smooth migration to mutli app dir - */ - if (strpos($path, 'apps/') === 0) { - OC_Log::write('core', 'include path for class "' . $className . '" starts with "apps/"', OC_Log::DEBUG); - $path = str_replace('apps/', '', $path); - } - } elseif (strpos($className, 'OC_') === 0) { - $path = strtolower(str_replace('_', '/', substr($className, 3)) . '.php'); - } elseif (strpos($className, 'OC\\') === 0) { - $path = strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); - } elseif (strpos($className, 'OCP\\') === 0) { - $path = 'public/' . strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); - } elseif (strpos($className, 'OCA\\') === 0) { - $path = 'apps/' . strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); - } elseif (strpos($className, 'Sabre_') === 0) { - $path = str_replace('_', '/', $className) . '.php'; - } elseif (strpos($className, 'Symfony\\Component\\Routing\\') === 0) { - $path = 'symfony/routing/' . str_replace('\\', '/', $className) . '.php'; - } elseif (strpos($className, 'Sabre\\VObject') === 0) { - $path = str_replace('\\', '/', $className) . '.php'; - } elseif (strpos($className, 'Test_') === 0) { - $path = 'tests/lib/' . strtolower(str_replace('_', '/', substr($className, 5)) . '.php'); - } else { - return false; - } + /** + * SPL autoload + */ + public static function autoload($className) + { + if (array_key_exists($className, OC::$CLASSPATH)) { + $path = OC::$CLASSPATH[$className]; + /** @TODO: Remove this when necessary + Remove "apps/" from inclusion path for smooth migration to mutli app dir + */ + if (strpos($path, 'apps/') === 0) { + OC_Log::write('core', 'include path for class "' . $className . '" starts with "apps/"', OC_Log::DEBUG); + $path = str_replace('apps/', '', $path); + } + } elseif (strpos($className, 'OC_') === 0) { + $path = strtolower(str_replace('_', '/', substr($className, 3)) . '.php'); + } elseif (strpos($className, 'OC\\') === 0) { + $path = strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); + } elseif (strpos($className, 'OCP\\') === 0) { + $path = 'public/' . strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); + } elseif (strpos($className, 'OCA\\') === 0) { + $path = 'apps/' . strtolower(str_replace('\\', '/', substr($className, 3)) . '.php'); + } elseif (strpos($className, 'Sabre_') === 0) { + $path = str_replace('_', '/', $className) . '.php'; + } elseif (strpos($className, 'Symfony\\Component\\Routing\\') === 0) { + $path = 'symfony/routing/' . str_replace('\\', '/', $className) . '.php'; + } elseif (strpos($className, 'Sabre\\VObject') === 0) { + $path = str_replace('\\', '/', $className) . '.php'; + } elseif (strpos($className, 'Test_') === 0) { + $path = 'tests/lib/' . strtolower(str_replace('_', '/', substr($className, 5)) . '.php'); + } else { + return false; + } - if ($fullPath = stream_resolve_include_path($path)) { - require_once $fullPath; - } - return false; - } + if ($fullPath = stream_resolve_include_path($path)) { + require_once $fullPath; + } + return false; + } - public static function initPaths() - { - // calculate the root directories - OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4)); - OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT))); - $scriptName = $_SERVER["SCRIPT_NAME"]; - if (substr($scriptName, -1) == '/') { - $scriptName .= 'index.php'; - //make sure suburi follows the same rules as scriptName - if (substr(OC::$SUBURI, -9) != 'index.php') { - if (substr(OC::$SUBURI, -1) != '/') { - OC::$SUBURI = OC::$SUBURI . '/'; - } - OC::$SUBURI = OC::$SUBURI . 'index.php'; - } - } + public static function initPaths() + { + // calculate the root directories + OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4)); + OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT))); + $scriptName = $_SERVER["SCRIPT_NAME"]; + if (substr($scriptName, -1) == '/') { + $scriptName .= 'index.php'; + //make sure suburi follows the same rules as scriptName + if (substr(OC::$SUBURI, -9) != 'index.php') { + if (substr(OC::$SUBURI, -1) != '/') { + OC::$SUBURI = OC::$SUBURI . '/'; + } + OC::$SUBURI = OC::$SUBURI . 'index.php'; + } + } - OC::$WEBROOT = substr($scriptName, 0, strlen($scriptName) - strlen(OC::$SUBURI)); + OC::$WEBROOT = substr($scriptName, 0, strlen($scriptName) - strlen(OC::$SUBURI)); - if (OC::$WEBROOT != '' and OC::$WEBROOT[0] !== '/') { - OC::$WEBROOT = '/' . OC::$WEBROOT; - } + if (OC::$WEBROOT != '' and OC::$WEBROOT[0] !== '/') { + OC::$WEBROOT = '/' . OC::$WEBROOT; + } - // ensure we can find OC_Config - set_include_path( - OC::$SERVERROOT . '/lib' . PATH_SEPARATOR . - get_include_path() - ); + // ensure we can find OC_Config + set_include_path( + OC::$SERVERROOT . '/lib' . PATH_SEPARATOR . + get_include_path() + ); - // search the 3rdparty folder - if (OC_Config::getValue('3rdpartyroot', '') <> '' and OC_Config::getValue('3rdpartyurl', '') <> '') { - OC::$THIRDPARTYROOT = OC_Config::getValue('3rdpartyroot', ''); - OC::$THIRDPARTYWEBROOT = OC_Config::getValue('3rdpartyurl', ''); - } elseif (file_exists(OC::$SERVERROOT . '/3rdparty')) { - OC::$THIRDPARTYROOT = OC::$SERVERROOT; - OC::$THIRDPARTYWEBROOT = OC::$WEBROOT; - } elseif (file_exists(OC::$SERVERROOT . '/../3rdparty')) { - OC::$THIRDPARTYWEBROOT = rtrim(dirname(OC::$WEBROOT), '/'); - OC::$THIRDPARTYROOT = rtrim(dirname(OC::$SERVERROOT), '/'); - } else { - echo("3rdparty directory not found! Please put the ownCloud 3rdparty folder in the ownCloud folder or the folder above. You can also configure the location in the config.php file."); - exit; - } - // search the apps folder - $config_paths = OC_Config::getValue('apps_paths', array()); - if (!empty($config_paths)) { - foreach ($config_paths as $paths) { - if (isset($paths['url']) && isset($paths['path'])) { - $paths['url'] = rtrim($paths['url'], '/'); - $paths['path'] = rtrim($paths['path'], '/'); - OC::$APPSROOTS[] = $paths; - } - } - } elseif (file_exists(OC::$SERVERROOT . '/apps')) { - OC::$APPSROOTS[] = array('path' => OC::$SERVERROOT . '/apps', 'url' => '/apps', 'writable' => true); - } elseif (file_exists(OC::$SERVERROOT . '/../apps')) { - OC::$APPSROOTS[] = array('path' => rtrim(dirname(OC::$SERVERROOT), '/') . '/apps', 'url' => '/apps', 'writable' => true); - } + // search the 3rdparty folder + if (OC_Config::getValue('3rdpartyroot', '') <> '' and OC_Config::getValue('3rdpartyurl', '') <> '') { + OC::$THIRDPARTYROOT = OC_Config::getValue('3rdpartyroot', ''); + OC::$THIRDPARTYWEBROOT = OC_Config::getValue('3rdpartyurl', ''); + } elseif (file_exists(OC::$SERVERROOT . '/3rdparty')) { + OC::$THIRDPARTYROOT = OC::$SERVERROOT; + OC::$THIRDPARTYWEBROOT = OC::$WEBROOT; + } elseif (file_exists(OC::$SERVERROOT . '/../3rdparty')) { + OC::$THIRDPARTYWEBROOT = rtrim(dirname(OC::$WEBROOT), '/'); + OC::$THIRDPARTYROOT = rtrim(dirname(OC::$SERVERROOT), '/'); + } else { + echo("3rdparty directory not found! Please put the ownCloud 3rdparty folder in the ownCloud folder or the folder above. You can also configure the location in the config.php file."); + exit; + } + // search the apps folder + $config_paths = OC_Config::getValue('apps_paths', array()); + if (!empty($config_paths)) { + foreach ($config_paths as $paths) { + if (isset($paths['url']) && isset($paths['path'])) { + $paths['url'] = rtrim($paths['url'], '/'); + $paths['path'] = rtrim($paths['path'], '/'); + OC::$APPSROOTS[] = $paths; + } + } + } elseif (file_exists(OC::$SERVERROOT . '/apps')) { + OC::$APPSROOTS[] = array('path' => OC::$SERVERROOT . '/apps', 'url' => '/apps', 'writable' => true); + } elseif (file_exists(OC::$SERVERROOT . '/../apps')) { + OC::$APPSROOTS[] = array('path' => rtrim(dirname(OC::$SERVERROOT), '/') . '/apps', 'url' => '/apps', 'writable' => true); + } - if (empty(OC::$APPSROOTS)) { - echo("apps directory not found! Please put the ownCloud apps folder in the ownCloud folder or the folder above. You can also configure the location in the config.php file."); - exit; - } - $paths = array(); - foreach (OC::$APPSROOTS as $path) - $paths[] = $path['path']; + if (empty(OC::$APPSROOTS)) { + echo("apps directory not found! Please put the ownCloud apps folder in the ownCloud folder or the folder above. You can also configure the location in the config.php file."); + exit; + } + $paths = array(); + foreach (OC::$APPSROOTS as $path) + $paths[] = $path['path']; - // set the right include path - set_include_path( - OC::$SERVERROOT . '/lib' . PATH_SEPARATOR . - OC::$SERVERROOT . '/config' . PATH_SEPARATOR . - OC::$THIRDPARTYROOT . '/3rdparty' . PATH_SEPARATOR . - implode($paths, PATH_SEPARATOR) . PATH_SEPARATOR . - get_include_path() . PATH_SEPARATOR . - OC::$SERVERROOT - ); - } + // set the right include path + set_include_path( + OC::$SERVERROOT . '/lib' . PATH_SEPARATOR . + OC::$SERVERROOT . '/config' . PATH_SEPARATOR . + OC::$THIRDPARTYROOT . '/3rdparty' . PATH_SEPARATOR . + implode($paths, PATH_SEPARATOR) . PATH_SEPARATOR . + get_include_path() . PATH_SEPARATOR . + OC::$SERVERROOT + ); + } public static function checkConfig() { if (file_exists(OC::$SERVERROOT . "/config/config.php") and !is_writable(OC::$SERVERROOT . "/config/config.php")) { @@ -202,31 +202,31 @@ class OC } } - public static function checkInstalled() - { - // Redirect to installer if not installed - if (!OC_Config::getValue('installed', false) && OC::$SUBURI != '/index.php') { - if (!OC::$CLI) { - $url = 'http://' . $_SERVER['SERVER_NAME'] . OC::$WEBROOT . '/index.php'; - header("Location: $url"); - } - exit(); - } - } + public static function checkInstalled() + { + // Redirect to installer if not installed + if (!OC_Config::getValue('installed', false) && OC::$SUBURI != '/index.php') { + if (!OC::$CLI) { + $url = 'http://' . $_SERVER['SERVER_NAME'] . OC::$WEBROOT . '/index.php'; + header("Location: $url"); + } + exit(); + } + } - public static function checkSSL() - { - // redirect to https site if configured - if (OC_Config::getValue("forcessl", false)) { - header('Strict-Transport-Security: max-age=31536000'); - ini_set("session.cookie_secure", "on"); - if (OC_Request::serverProtocol() <> 'https' and !OC::$CLI) { - $url = "https://" . OC_Request::serverHost() . $_SERVER['REQUEST_URI']; - header("Location: $url"); - exit(); - } - } - } + public static function checkSSL() + { + // redirect to https site if configured + if (OC_Config::getValue("forcessl", false)) { + header('Strict-Transport-Security: max-age=31536000'); + ini_set("session.cookie_secure", "on"); + if (OC_Request::serverProtocol() <> 'https' and !OC::$CLI) { + $url = "https://" . OC_Request::serverHost() . $_SERVER['REQUEST_URI']; + header("Location: $url"); + exit(); + } + } + } public static function checkMaintenanceMode() { // Allow ajax update script to execute without being stopped @@ -258,504 +258,504 @@ class OC } } - public static function initTemplateEngine() - { - // Add the stuff we need always - OC_Util::addScript("jquery-1.7.2.min"); - OC_Util::addScript("jquery-ui-1.8.16.custom.min"); - OC_Util::addScript("jquery-showpassword"); - OC_Util::addScript("jquery.infieldlabel"); - OC_Util::addScript("jquery-tipsy"); - OC_Util::addScript("oc-dialogs"); - OC_Util::addScript("js"); - OC_Util::addScript("eventsource"); - OC_Util::addScript("config"); - //OC_Util::addScript( "multiselect" ); - OC_Util::addScript('search', 'result'); - OC_Util::addScript('router'); + public static function initTemplateEngine() + { + // Add the stuff we need always + OC_Util::addScript("jquery-1.7.2.min"); + OC_Util::addScript("jquery-ui-1.8.16.custom.min"); + OC_Util::addScript("jquery-showpassword"); + OC_Util::addScript("jquery.infieldlabel"); + OC_Util::addScript("jquery-tipsy"); + OC_Util::addScript("oc-dialogs"); + OC_Util::addScript("js"); + OC_Util::addScript("eventsource"); + OC_Util::addScript("config"); + //OC_Util::addScript( "multiselect" ); + OC_Util::addScript('search', 'result'); + OC_Util::addScript('router'); - OC_Util::addStyle("styles"); - OC_Util::addStyle("multiselect"); - OC_Util::addStyle("jquery-ui-1.8.16.custom"); - OC_Util::addStyle("jquery-tipsy"); - } + OC_Util::addStyle("styles"); + OC_Util::addStyle("multiselect"); + OC_Util::addStyle("jquery-ui-1.8.16.custom"); + OC_Util::addStyle("jquery-tipsy"); + } - public static function initSession() - { - // prevents javascript from accessing php session cookies - ini_set('session.cookie_httponly', '1;'); + public static function initSession() + { + // prevents javascript from accessing php session cookies + ini_set('session.cookie_httponly', '1;'); - // set the session name to the instance id - which is unique - session_name(OC_Util::getInstanceId()); + // set the session name to the instance id - which is unique + session_name(OC_Util::getInstanceId()); - // (re)-initialize session - session_start(); + // (re)-initialize session + session_start(); - // regenerate session id periodically to avoid session fixation - if (!isset($_SESSION['SID_CREATED'])) { - $_SESSION['SID_CREATED'] = time(); - } else if (time() - $_SESSION['SID_CREATED'] > 900) { - session_regenerate_id(true); - $_SESSION['SID_CREATED'] = time(); - } + // regenerate session id periodically to avoid session fixation + if (!isset($_SESSION['SID_CREATED'])) { + $_SESSION['SID_CREATED'] = time(); + } else if (time() - $_SESSION['SID_CREATED'] > 900) { + session_regenerate_id(true); + $_SESSION['SID_CREATED'] = time(); + } - // session timeout - if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 3600)) { - if (isset($_COOKIE[session_name()])) { - setcookie(session_name(), '', time() - 42000, '/'); - } - session_unset(); - session_destroy(); - session_start(); - } - $_SESSION['LAST_ACTIVITY'] = time(); - } + // session timeout + if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 3600)) { + if (isset($_COOKIE[session_name()])) { + setcookie(session_name(), '', time() - 42000, '/'); + } + session_unset(); + session_destroy(); + session_start(); + } + $_SESSION['LAST_ACTIVITY'] = time(); + } - public static function getRouter() - { - if (!isset(OC::$router)) { - OC::$router = new OC_Router(); - OC::$router->loadRoutes(); - } + public static function getRouter() + { + if (!isset(OC::$router)) { + OC::$router = new OC_Router(); + OC::$router->loadRoutes(); + } - return OC::$router; - } + return OC::$router; + } - public static function init() - { - // register autoloader - spl_autoload_register(array('OC', 'autoload')); - setlocale(LC_ALL, 'en_US.UTF-8'); + public static function init() + { + // register autoloader + spl_autoload_register(array('OC', 'autoload')); + setlocale(LC_ALL, 'en_US.UTF-8'); - // set some stuff - //ob_start(); - error_reporting(E_ALL | E_STRICT); - if (defined('DEBUG') && DEBUG) { - ini_set('display_errors', 1); - } - self::$CLI = (php_sapi_name() == 'cli'); + // set some stuff + //ob_start(); + error_reporting(E_ALL | E_STRICT); + if (defined('DEBUG') && DEBUG) { + ini_set('display_errors', 1); + } + self::$CLI = (php_sapi_name() == 'cli'); - date_default_timezone_set('UTC'); - ini_set('arg_separator.output', '&'); + date_default_timezone_set('UTC'); + ini_set('arg_separator.output', '&'); - // try to switch magic quotes off. - if (get_magic_quotes_gpc()) { - @set_magic_quotes_runtime(false); - } + // try to switch magic quotes off. + if (get_magic_quotes_gpc()) { + @set_magic_quotes_runtime(false); + } - //try to configure php to enable big file uploads. - //this doesn´t work always depending on the webserver and php configuration. - //Let´s try to overwrite some defaults anyways + //try to configure php to enable big file uploads. + //this doesn´t work always depending on the webserver and php configuration. + //Let´s try to overwrite some defaults anyways - //try to set the maximum execution time to 60min - @set_time_limit(3600); - @ini_set('max_execution_time', 3600); - @ini_set('max_input_time', 3600); + //try to set the maximum execution time to 60min + @set_time_limit(3600); + @ini_set('max_execution_time', 3600); + @ini_set('max_input_time', 3600); - //try to set the maximum filesize to 10G - @ini_set('upload_max_filesize', '10G'); - @ini_set('post_max_size', '10G'); - @ini_set('file_uploads', '50'); + //try to set the maximum filesize to 10G + @ini_set('upload_max_filesize', '10G'); + @ini_set('post_max_size', '10G'); + @ini_set('file_uploads', '50'); - //try to set the session lifetime to 60min - @ini_set('gc_maxlifetime', '3600'); + //try to set the session lifetime to 60min + @ini_set('gc_maxlifetime', '3600'); - //copy http auth headers for apache+php-fcgid work around - if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { - $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; - } + //copy http auth headers for apache+php-fcgid work around + if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { + $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; + } - //set http auth headers for apache+php-cgi work around - if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { - list($name, $password) = explode(':', base64_decode($matches[1]), 2); - $_SERVER['PHP_AUTH_USER'] = strip_tags($name); - $_SERVER['PHP_AUTH_PW'] = strip_tags($password); - } + //set http auth headers for apache+php-cgi work around + if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)) { + list($name, $password) = explode(':', base64_decode($matches[1]), 2); + $_SERVER['PHP_AUTH_USER'] = strip_tags($name); + $_SERVER['PHP_AUTH_PW'] = strip_tags($password); + } - //set http auth headers for apache+php-cgi work around if variable gets renamed by apache - if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { - list($name, $password) = explode(':', base64_decode($matches[1]), 2); - $_SERVER['PHP_AUTH_USER'] = strip_tags($name); - $_SERVER['PHP_AUTH_PW'] = strip_tags($password); - } + //set http auth headers for apache+php-cgi work around if variable gets renamed by apache + if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) { + list($name, $password) = explode(':', base64_decode($matches[1]), 2); + $_SERVER['PHP_AUTH_USER'] = strip_tags($name); + $_SERVER['PHP_AUTH_PW'] = strip_tags($password); + } - self::initPaths(); + self::initPaths(); - register_shutdown_function(array('OC_Log', 'onShutdown')); - set_error_handler(array('OC_Log', 'onError')); - set_exception_handler(array('OC_Log', 'onException')); + register_shutdown_function(array('OC_Log', 'onShutdown')); + set_error_handler(array('OC_Log', 'onError')); + set_exception_handler(array('OC_Log', 'onException')); - // set debug mode if an xdebug session is active - if (!defined('DEBUG') || !DEBUG) { - if (isset($_COOKIE['XDEBUG_SESSION'])) { - define('DEBUG', true); - } - } + // set debug mode if an xdebug session is active + if (!defined('DEBUG') || !DEBUG) { + if (isset($_COOKIE['XDEBUG_SESSION'])) { + define('DEBUG', true); + } + } - // register the stream wrappers - require_once 'streamwrappers.php'; - stream_wrapper_register("fakedir", "OC_FakeDirStream"); - stream_wrapper_register('static', 'OC_StaticStreamWrapper'); - stream_wrapper_register('close', 'OC_CloseStreamWrapper'); + // register the stream wrappers + require_once 'streamwrappers.php'; + stream_wrapper_register("fakedir", "OC_FakeDirStream"); + stream_wrapper_register('static', 'OC_StaticStreamWrapper'); + stream_wrapper_register('close', 'OC_CloseStreamWrapper'); - self::checkConfig(); - self::checkInstalled(); - self::checkSSL(); - self::initSession(); - self::initTemplateEngine(); - self::checkMaintenanceMode(); - self::checkUpgrade(); + self::checkConfig(); + self::checkInstalled(); + self::checkSSL(); + self::initSession(); + self::initTemplateEngine(); + self::checkMaintenanceMode(); + self::checkUpgrade(); - $errors = OC_Util::checkServer(); - if (count($errors) > 0) { - OC_Template::printGuestPage('', 'error', array('errors' => $errors)); - exit; - } + $errors = OC_Util::checkServer(); + if (count($errors) > 0) { + OC_Template::printGuestPage('', 'error', array('errors' => $errors)); + exit; + } - // User and Groups - if (!OC_Config::getValue("installed", false)) { - $_SESSION['user_id'] = ''; - } + // User and Groups + if (!OC_Config::getValue("installed", false)) { + $_SESSION['user_id'] = ''; + } - OC_User::useBackend(new OC_User_Database()); - OC_Group::useBackend(new OC_Group_Database()); + OC_User::useBackend(new OC_User_Database()); + OC_Group::useBackend(new OC_Group_Database()); - if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SESSION['user_id']) && $_SERVER['PHP_AUTH_USER'] != $_SESSION['user_id']) { - OC_User::logout(); - } + if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SESSION['user_id']) && $_SERVER['PHP_AUTH_USER'] != $_SESSION['user_id']) { + OC_User::logout(); + } - // Load Apps - // This includes plugins for users and filesystems as well - global $RUNTIME_NOAPPS; - global $RUNTIME_APPTYPES; - if (!$RUNTIME_NOAPPS) { - if ($RUNTIME_APPTYPES) { - OC_App::loadApps($RUNTIME_APPTYPES); - } else { - OC_App::loadApps(); - } - } + // Load Apps + // This includes plugins for users and filesystems as well + global $RUNTIME_NOAPPS; + global $RUNTIME_APPTYPES; + if (!$RUNTIME_NOAPPS) { + if ($RUNTIME_APPTYPES) { + OC_App::loadApps($RUNTIME_APPTYPES); + } else { + OC_App::loadApps(); + } + } - //setup extra user backends - OC_User::setupBackends(); + //setup extra user backends + OC_User::setupBackends(); - self::registerCacheHooks(); - self::registerFilesystemHooks(); - self::registerShareHooks(); + self::registerCacheHooks(); + self::registerFilesystemHooks(); + self::registerShareHooks(); - //make sure temporary files are cleaned up - register_shutdown_function(array('OC_Helper', 'cleanTmp')); + //make sure temporary files are cleaned up + register_shutdown_function(array('OC_Helper', 'cleanTmp')); - //parse the given parameters - self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? str_replace(array('\0', '/', '\\', '..'), '', strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files')); - if (substr_count(self::$REQUESTEDAPP, '?') != 0) { - $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); - $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1); - parse_str($param, $get); - $_GET = array_merge($_GET, $get); - self::$REQUESTEDAPP = $app; - $_GET['app'] = $app; - } - self::$REQUESTEDFILE = (isset($_GET['getfile']) ? $_GET['getfile'] : null); - if (substr_count(self::$REQUESTEDFILE, '?') != 0) { - $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); - $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); - parse_str($param, $get); - $_GET = array_merge($_GET, $get); - self::$REQUESTEDFILE = $file; - $_GET['getfile'] = $file; - } - if (!is_null(self::$REQUESTEDFILE)) { - $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE; - $parent = OC_App::getAppPath(OC::$REQUESTEDAPP); - if (!OC_Helper::issubdirectory($subdir, $parent)) { - self::$REQUESTEDFILE = null; - header('HTTP/1.0 404 Not Found'); - exit; - } - } + //parse the given parameters + self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? str_replace(array('\0', '/', '\\', '..'), '', strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files')); + if (substr_count(self::$REQUESTEDAPP, '?') != 0) { + $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); + $param = substr($_GET['app'], strpos($_GET['app'], '?') + 1); + parse_str($param, $get); + $_GET = array_merge($_GET, $get); + self::$REQUESTEDAPP = $app; + $_GET['app'] = $app; + } + self::$REQUESTEDFILE = (isset($_GET['getfile']) ? $_GET['getfile'] : null); + if (substr_count(self::$REQUESTEDFILE, '?') != 0) { + $file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?')); + $param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1); + parse_str($param, $get); + $_GET = array_merge($_GET, $get); + self::$REQUESTEDFILE = $file; + $_GET['getfile'] = $file; + } + if (!is_null(self::$REQUESTEDFILE)) { + $subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE; + $parent = OC_App::getAppPath(OC::$REQUESTEDAPP); + if (!OC_Helper::issubdirectory($subdir, $parent)) { + self::$REQUESTEDFILE = null; + header('HTTP/1.0 404 Not Found'); + exit; + } + } - // write error into log if locale can't be set - if (OC_Util::issetlocaleworking() == false) { - OC_Log::write('core', 'setting locate to en_US.UTF-8 failed. Support is probably not installed on your system', OC_Log::ERROR); - } - if (OC_Config::getValue('installed', false)) { - if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { - OC_Util::addScript('backgroundjobs'); + // write error into log if locale can't be set + if (OC_Util::issetlocaleworking() == false) { + OC_Log::write('core', 'setting locate to en_US.UTF-8 failed. Support is probably not installed on your system', OC_Log::ERROR); + } + if (OC_Config::getValue('installed', false)) { + if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { + OC_Util::addScript('backgroundjobs'); + } } } - } - /** - * register hooks for the cache - */ - public static function registerCacheHooks() - { - // register cache cleanup jobs - OC_BackgroundJob_RegularTask::register('OC_Cache_FileGlobal', 'gc'); - OC_Hook::connect('OC_User', 'post_login', 'OC_Cache_File', 'loginListener'); - } + /** + * register hooks for the cache + */ + public static function registerCacheHooks() + { + // register cache cleanup jobs + OC_BackgroundJob_RegularTask::register('OC_Cache_FileGlobal', 'gc'); + OC_Hook::connect('OC_User', 'post_login', 'OC_Cache_File', 'loginListener'); + } - /** - * register hooks for the filesystem - */ - public static function registerFilesystemHooks() - { - // Check for blacklisted files - OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted'); - OC_Hook::connect('OC_Filesystem', 'rename', 'OC_Filesystem', 'isBlacklisted'); - } + /** + * register hooks for the filesystem + */ + public static function registerFilesystemHooks() + { + // Check for blacklisted files + OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted'); + OC_Hook::connect('OC_Filesystem', 'rename', 'OC_Filesystem', 'isBlacklisted'); + } - /** - * register hooks for sharing - */ - public static function registerShareHooks() - { - OC_Hook::connect('OC_User', 'post_deleteUser', 'OCP\Share', 'post_deleteUser'); - OC_Hook::connect('OC_User', 'post_addToGroup', 'OCP\Share', 'post_addToGroup'); - OC_Hook::connect('OC_User', 'post_removeFromGroup', 'OCP\Share', 'post_removeFromGroup'); - OC_Hook::connect('OC_User', 'post_deleteGroup', 'OCP\Share', 'post_deleteGroup'); - } + /** + * register hooks for sharing + */ + public static function registerShareHooks() + { + OC_Hook::connect('OC_User', 'post_deleteUser', 'OCP\Share', 'post_deleteUser'); + OC_Hook::connect('OC_User', 'post_addToGroup', 'OCP\Share', 'post_addToGroup'); + OC_Hook::connect('OC_User', 'post_removeFromGroup', 'OCP\Share', 'post_removeFromGroup'); + OC_Hook::connect('OC_User', 'post_deleteGroup', 'OCP\Share', 'post_deleteGroup'); + } - /** - * @brief Handle the request - */ - public static function handleRequest() - { - if (!OC_Config::getValue('installed', false)) { - require_once 'core/setup.php'; - exit(); - } - // Handle redirect URL for logged in users - if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) { - $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url'])); - header('Location: ' . $location); - return; - } - // Handle WebDAV - if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') { - header('location: ' . OC_Helper::linkToRemote('webdav')); - return; - } - try { - OC::getRouter()->match(OC_Request::getPathInfo()); - return; - } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) { - //header('HTTP/1.0 404 Not Found'); - } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) { - OC_Response::setStatus(405); - return; - } - $app = OC::$REQUESTEDAPP; - $file = OC::$REQUESTEDFILE; - $param = array('app' => $app, 'file' => $file); - // Handle app css files - if (substr($file, -3) == 'css') { - self::loadCSSFile($param); - return; - } - // Someone is logged in : - if (OC_User::isLoggedIn()) { - OC_App::loadApps(); - OC_User::setupBackends(); - if (isset($_GET["logout"]) and ($_GET["logout"])) { - if (isset($_COOKIE['oc_token'])) { - OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']); + /** + * @brief Handle the request + */ + public static function handleRequest() + { + if (!OC_Config::getValue('installed', false)) { + require_once 'core/setup.php'; + exit(); } - OC_User::logout(); - header("Location: " . OC::$WEBROOT . '/'); - } else { - if (is_null($file)) { - $param['file'] = 'index.php'; - } - $file_ext = substr($param['file'], -3); - if ($file_ext != 'php' - || !self::loadAppScriptFile($param) - ) { - header('HTTP/1.0 404 Not Found'); - } - } - return; - } - // Not handled and not logged in - self::handleLogin(); - } + // Handle redirect URL for logged in users + if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) { + $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url'])); + header('Location: ' . $location); + return; + } + // Handle WebDAV + if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') { + header('location: ' . OC_Helper::linkToRemote('webdav')); + return; + } + try { + OC::getRouter()->match(OC_Request::getPathInfo()); + return; + } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) { + //header('HTTP/1.0 404 Not Found'); + } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) { + OC_Response::setStatus(405); + return; + } + $app = OC::$REQUESTEDAPP; + $file = OC::$REQUESTEDFILE; + $param = array('app' => $app, 'file' => $file); + // Handle app css files + if (substr($file, -3) == 'css') { + self::loadCSSFile($param); + return; + } + // Someone is logged in : + if (OC_User::isLoggedIn()) { + OC_App::loadApps(); + OC_User::setupBackends(); + if (isset($_GET["logout"]) and ($_GET["logout"])) { + if (isset($_COOKIE['oc_token'])) { + OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']); + } + OC_User::logout(); + header("Location: " . OC::$WEBROOT . '/'); + } else { + if (is_null($file)) { + $param['file'] = 'index.php'; + } + $file_ext = substr($param['file'], -3); + if ($file_ext != 'php' + || !self::loadAppScriptFile($param) + ) { + header('HTTP/1.0 404 Not Found'); + } + } + return; + } + // Not handled and not logged in + self::handleLogin(); + } - public static function loadAppScriptFile($param) - { - OC_App::loadApps(); - $app = $param['app']; - $file = $param['file']; - $app_path = OC_App::getAppPath($app); - $file = $app_path . '/' . $file; - unset($app, $app_path); - if (file_exists($file)) { - require_once $file; - return true; - } - return false; - } + public static function loadAppScriptFile($param) + { + OC_App::loadApps(); + $app = $param['app']; + $file = $param['file']; + $app_path = OC_App::getAppPath($app); + $file = $app_path . '/' . $file; + unset($app, $app_path); + if (file_exists($file)) { + require_once $file; + return true; + } + return false; + } - public static function loadCSSFile($param) - { - $app = $param['app']; - $file = $param['file']; - $app_path = OC_App::getAppPath($app); - if (file_exists($app_path . '/' . $file)) { - $app_web_path = OC_App::getAppWebPath($app); - $filepath = $app_web_path . '/' . $file; - $minimizer = new OC_Minimizer_CSS(); - $info = array($app_path, $app_web_path, $file); - $minimizer->output(array($info), $filepath); - } - } + public static function loadCSSFile($param) + { + $app = $param['app']; + $file = $param['file']; + $app_path = OC_App::getAppPath($app); + if (file_exists($app_path . '/' . $file)) { + $app_web_path = OC_App::getAppWebPath($app); + $filepath = $app_web_path . '/' . $file; + $minimizer = new OC_Minimizer_CSS(); + $info = array($app_path, $app_web_path, $file); + $minimizer->output(array($info), $filepath); + } + } - protected static function handleLogin() - { - OC_App::loadApps(array('prelogin')); - $error = array(); - // remember was checked after last login - if (OC::tryRememberLogin()) { - $error[] = 'invalidcookie'; + protected static function handleLogin() + { + OC_App::loadApps(array('prelogin')); + $error = array(); + // remember was checked after last login + if (OC::tryRememberLogin()) { + $error[] = 'invalidcookie'; - // Someone wants to log in : - } elseif (OC::tryFormLogin()) { - $error[] = 'invalidpassword'; + // Someone wants to log in : + } elseif (OC::tryFormLogin()) { + $error[] = 'invalidpassword'; - // The user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP - } elseif (OC::tryBasicAuthLogin()) { - $error[] = 'invalidpassword'; - } - OC_Util::displayLoginPage(array_unique($error)); - } + // The user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP + } elseif (OC::tryBasicAuthLogin()) { + $error[] = 'invalidpassword'; + } + OC_Util::displayLoginPage(array_unique($error)); + } - protected static function cleanupLoginTokens($user) - { - $cutoff = time() - OC_Config::getValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); - $tokens = OC_Preferences::getKeys($user, 'login_token'); - foreach ($tokens as $token) { - $time = OC_Preferences::getValue($user, 'login_token', $token); - if ($time < $cutoff) { - OC_Preferences::deleteKey($user, 'login_token', $token); - } - } - } + protected static function cleanupLoginTokens($user) + { + $cutoff = time() - OC_Config::getValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); + $tokens = OC_Preferences::getKeys($user, 'login_token'); + foreach ($tokens as $token) { + $time = OC_Preferences::getValue($user, 'login_token', $token); + if ($time < $cutoff) { + OC_Preferences::deleteKey($user, 'login_token', $token); + } + } + } - protected static function tryRememberLogin() - { - if (!isset($_COOKIE["oc_remember_login"]) - || !isset($_COOKIE["oc_token"]) - || !isset($_COOKIE["oc_username"]) - || !$_COOKIE["oc_remember_login"] - ) { - return false; - } - OC_App::loadApps(array('authentication')); - if (defined("DEBUG") && DEBUG) { - OC_Log::write('core', 'Trying to login from cookie', OC_Log::DEBUG); - } - // confirm credentials in cookie - if (isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username'])) { - // delete outdated cookies - self::cleanupLoginTokens($_COOKIE['oc_username']); - // get stored tokens - $tokens = OC_Preferences::getKeys($_COOKIE['oc_username'], 'login_token'); - // test cookies token against stored tokens - if (in_array($_COOKIE['oc_token'], $tokens, true)) { - // replace successfully used token with a new one - OC_Preferences::deleteKey($_COOKIE['oc_username'], 'login_token', $_COOKIE['oc_token']); - $token = OC_Util::generate_random_bytes(32); - OC_Preferences::setValue($_COOKIE['oc_username'], 'login_token', $token, time()); - OC_User::setMagicInCookie($_COOKIE['oc_username'], $token); - // login - OC_User::setUserId($_COOKIE['oc_username']); - OC_Util::redirectToDefaultPage(); - // doesn't return - } - // if you reach this point you have changed your password - // or you are an attacker - // we can not delete tokens here because users may reach - // this point multiple times after a password change - OC_Log::write('core', 'Authentication cookie rejected for user ' . $_COOKIE['oc_username'], OC_Log::WARN); - } - OC_User::unsetMagicInCookie(); - return true; - } + protected static function tryRememberLogin() + { + if (!isset($_COOKIE["oc_remember_login"]) + || !isset($_COOKIE["oc_token"]) + || !isset($_COOKIE["oc_username"]) + || !$_COOKIE["oc_remember_login"] + ) { + return false; + } + OC_App::loadApps(array('authentication')); + if (defined("DEBUG") && DEBUG) { + OC_Log::write('core', 'Trying to login from cookie', OC_Log::DEBUG); + } + // confirm credentials in cookie + if (isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username'])) { + // delete outdated cookies + self::cleanupLoginTokens($_COOKIE['oc_username']); + // get stored tokens + $tokens = OC_Preferences::getKeys($_COOKIE['oc_username'], 'login_token'); + // test cookies token against stored tokens + if (in_array($_COOKIE['oc_token'], $tokens, true)) { + // replace successfully used token with a new one + OC_Preferences::deleteKey($_COOKIE['oc_username'], 'login_token', $_COOKIE['oc_token']); + $token = OC_Util::generate_random_bytes(32); + OC_Preferences::setValue($_COOKIE['oc_username'], 'login_token', $token, time()); + OC_User::setMagicInCookie($_COOKIE['oc_username'], $token); + // login + OC_User::setUserId($_COOKIE['oc_username']); + OC_Util::redirectToDefaultPage(); + // doesn't return + } + // if you reach this point you have changed your password + // or you are an attacker + // we can not delete tokens here because users may reach + // this point multiple times after a password change + OC_Log::write('core', 'Authentication cookie rejected for user ' . $_COOKIE['oc_username'], OC_Log::WARN); + } + OC_User::unsetMagicInCookie(); + return true; + } - protected static function tryFormLogin() - { - if (!isset($_POST["user"]) || !isset($_POST['password'])) { - return false; - } + protected static function tryFormLogin() + { + if (!isset($_POST["user"]) || !isset($_POST['password'])) { + return false; + } - OC_App::loadApps(); + OC_App::loadApps(); - //setup extra user backends - OC_User::setupBackends(); + //setup extra user backends + OC_User::setupBackends(); - if (OC_User::login($_POST["user"], $_POST["password"])) { - // setting up the time zone - if (isset($_POST['timezone-offset'])) { - $_SESSION['timezone'] = $_POST['timezone-offset']; - } + if (OC_User::login($_POST["user"], $_POST["password"])) { + // setting up the time zone + if (isset($_POST['timezone-offset'])) { + $_SESSION['timezone'] = $_POST['timezone-offset']; + } - self::cleanupLoginTokens($_POST['user']); - if (!empty($_POST["remember_login"])) { - if (defined("DEBUG") && DEBUG) { - OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG); - } - $token = OC_Util::generate_random_bytes(32); - OC_Preferences::setValue($_POST['user'], 'login_token', $token, time()); - OC_User::setMagicInCookie($_POST["user"], $token); - } else { - OC_User::unsetMagicInCookie(); - } - OC_Util::redirectToDefaultPage(); - exit(); - } - return true; - } + self::cleanupLoginTokens($_POST['user']); + if (!empty($_POST["remember_login"])) { + if (defined("DEBUG") && DEBUG) { + OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG); + } + $token = OC_Util::generate_random_bytes(32); + OC_Preferences::setValue($_POST['user'], 'login_token', $token, time()); + OC_User::setMagicInCookie($_POST["user"], $token); + } else { + OC_User::unsetMagicInCookie(); + } + OC_Util::redirectToDefaultPage(); + exit(); + } + return true; + } - protected static function tryBasicAuthLogin() - { - if (!isset($_SERVER["PHP_AUTH_USER"]) - || !isset($_SERVER["PHP_AUTH_PW"]) - ) { - return false; - } - OC_App::loadApps(array('authentication')); - if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { - //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); - OC_User::unsetMagicInCookie(); - $_REQUEST['redirect_url'] = (isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : ''); - OC_Util::redirectToDefaultPage(); - } - return true; - } + protected static function tryBasicAuthLogin() + { + if (!isset($_SERVER["PHP_AUTH_USER"]) + || !isset($_SERVER["PHP_AUTH_PW"]) + ) { + return false; + } + OC_App::loadApps(array('authentication')); + if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { + //OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG); + OC_User::unsetMagicInCookie(); + $_REQUEST['redirect_url'] = (isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : ''); + OC_Util::redirectToDefaultPage(); + } + return true; + } } // define runtime variables - unless this already has been done if (!isset($RUNTIME_NOAPPS)) { - $RUNTIME_NOAPPS = false; + $RUNTIME_NOAPPS = false; } if (!function_exists('get_temp_dir')) { - function get_temp_dir() - { - if ($temp = ini_get('upload_tmp_dir')) return $temp; - if ($temp = getenv('TMP')) return $temp; - if ($temp = getenv('TEMP')) return $temp; - if ($temp = getenv('TMPDIR')) return $temp; - $temp = tempnam(__FILE__, ''); - if (file_exists($temp)) { - unlink($temp); - return dirname($temp); - } - if ($temp = sys_get_temp_dir()) return $temp; + function get_temp_dir() + { + if ($temp = ini_get('upload_tmp_dir')) return $temp; + if ($temp = getenv('TMP')) return $temp; + if ($temp = getenv('TEMP')) return $temp; + if ($temp = getenv('TMPDIR')) return $temp; + $temp = tempnam(__FILE__, ''); + if (file_exists($temp)) { + unlink($temp); + return dirname($temp); + } + if ($temp = sys_get_temp_dir()) return $temp; - return null; - } + return null; + } } OC::init(); diff --git a/lib/l10n.php b/lib/l10n.php index f70dfa5e34..ca53b3cf65 100644 --- a/lib/l10n.php +++ b/lib/l10n.php @@ -141,15 +141,15 @@ class OC_L10N{ } } - /** - * @brief Translating - * @param $text String The text we need a translation for - * @param array $parameters default:array() Parameters for sprintf - * @return \OC_L10N_String Translation or the same text - * - * Returns the translation. If no translation is found, $text will be - * returned. - */ + /** + * @brief Translating + * @param $text String The text we need a translation for + * @param array $parameters default:array() Parameters for sprintf + * @return \OC_L10N_String Translation or the same text + * + * Returns the translation. If no translation is found, $text will be + * returned. + */ public function t($text, $parameters = array()) { return new OC_L10N_String($this, $text, $parameters); } diff --git a/lib/ocsclient.php b/lib/ocsclient.php index 24081425f1..ca0665da43 100644 --- a/lib/ocsclient.php +++ b/lib/ocsclient.php @@ -39,11 +39,11 @@ class OC_OCSClient{ return($url); } - /** - * @brief Get the url of the OCS KB server. - * @returns string of the KB server - * This function returns the url of the OCS knowledge base server. It´s possible to set it in the config file or it will fallback to the default - */ + /** + * @brief Get the url of the OCS KB server. + * @returns string of the KB server + * This function returns the url of the OCS knowledge base server. It´s possible to set it in the config file or it will fallback to the default + */ private static function getKBURL() { $url = OC_Config::getValue('knowledgebaseurl', 'http://api.apps.owncloud.com/v1'); return($url); @@ -59,7 +59,7 @@ class OC_OCSClient{ return($data); } - /** + /** * @brief Get all the categories from the OCS server * @returns array with category ids * @note returns NULL if config value appstoreenabled is set to false @@ -242,7 +242,7 @@ class OC_OCSClient{ } $kbe['totalitems'] = $data->meta->totalitems; } - return $kbe; + return $kbe; } diff --git a/lib/public/api.php b/lib/public/api.php index a85daa1935..95d333f216 100644 --- a/lib/public/api.php +++ b/lib/public/api.php @@ -26,7 +26,7 @@ namespace OCP; * This class provides functions to manage apps in ownCloud */ class API { - + /** * registers an api call * @param string $method the http method @@ -40,5 +40,5 @@ class API { public static function register($method, $url, $action, $app, $authLevel = OC_API::USER_AUTH, $defaults = array(), $requirements = array()){ \OC_API::register($method, $url, $action, $app, $authLevel, $defaults, $requirements); } - + } diff --git a/lib/public/util.php b/lib/public/util.php index 1320ffabd8..8197482c0d 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -203,7 +203,7 @@ class Util { $host_name = self::getServerHostName(); // handle localhost installations if ($host_name === 'localhost') { - $host_name = "example.com"; + $host_name = "example.com"; } return $user_part.'@'.$host_name; } diff --git a/lib/template.php b/lib/template.php index f10a637346..f7124ebc09 100644 --- a/lib/template.php +++ b/lib/template.php @@ -103,7 +103,7 @@ function simple_file_size($bytes) { } function relative_modified_date($timestamp) { - $l=OC_L10N::get('lib'); + $l=OC_L10N::get('lib'); $timediff = time() - $timestamp; $diffminutes = round($timediff/60); $diffhours = round($diffminutes/60); diff --git a/settings/ajax/togglegroups.php b/settings/ajax/togglegroups.php index 548dc2e209..9bba9c5269 100644 --- a/settings/ajax/togglegroups.php +++ b/settings/ajax/togglegroups.php @@ -31,8 +31,8 @@ $action = "add"; // Toggle group if( OC_Group::inGroup( $username, $group )) { $action = "remove"; - $error = $l->t("Unable to remove user from group %s", $group); - $success = OC_Group::removeFromGroup( $username, $group ); + $error = $l->t("Unable to remove user from group %s", $group); + $success = OC_Group::removeFromGroup( $username, $group ); $usersInGroup=OC_Group::usersInGroup($group); if(count($usersInGroup)==0) { OC_Group::deleteGroup($group); diff --git a/settings/templates/admin.php b/settings/templates/admin.php index 683b4a407a..0097489743 100644 --- a/settings/templates/admin.php +++ b/settings/templates/admin.php @@ -10,13 +10,13 @@ $levels = array('Debug', 'Info', 'Warning', 'Error', 'Fatal'); // is htaccess working ? if (!$_['htaccessworking']) { - ?> + ?>
- t('Security Warning');?> + t('Security Warning');?> - t('Your data directory and your files are probably accessible from the internet. The .htaccess file that ownCloud provides is not working. We strongly suggest that you configure your webserver in a way that the data directory is no longer accessible or you move the data directory outside the webserver document root.'); ?> - + t('Your data directory and your files are probably accessible from the internet. The .htaccess file that ownCloud provides is not working. We strongly suggest that you configure your webserver in a way that the data directory is no longer accessible or you move the data directory outside the webserver document root.'); ?> +
+ ?>
- t('Locale not working');?> + t('Locale not working');?> - - t('This ownCloud server can\'t set system locale to "en_US.UTF-8". This means that there might be problems with certain characters in file names. We strongly suggest to install the required packages on your system to support en_US.UTF-8.'); ?> - + + t('This ownCloud server can\'t set system locale to "en_US.UTF-8". This means that there might be problems with certain characters in file names. We strongly suggest to install the required packages on your system to support en_US.UTF-8.'); ?> +
+ ?>
- t('Internet connection not working');?> + t('Internet connection not working');?> - - t('This ownCloud server has no working internet connection. This means that some of the features like mounting of external storage, notifications about updates or installation of 3rd party apps don´t work. Accessing files from remote and sending of notification emails might also not work. We suggest to enable internet connection for this server if you want to have all features of ownCloud.'); ?> - + + t('This ownCloud server has no working internet connection. This means that some of the features like mounting of external storage, notifications about updates or installation of 3rd party apps don´t work. Accessing files from remote and sending of notification emails might also not work. We suggest to enable internet connection for this server if you want to have all features of ownCloud.'); ?> +
- t('Cron');?> -
- - - - - - - - - -
- > -
- t("Execute one task with each page loaded"); ?> -
- > -
- t("cron.php is registered at a webcron service. Call the cron.php page in the owncloud root once a minute over http."); ?> -
- > -
- t("Use systems cron service. Call the cron.php file in the owncloud folder via a system cronjob once a minute."); ?> -
+ t('Cron');?> + + + + + + + + + + +
+ > +
+ t("Execute one task with each page loaded"); ?> +
+ > +
+ t("cron.php is registered at a webcron service. Call the cron.php page in the owncloud root once a minute over http."); ?> +
+ > +
+ t("Use systems cron service. Call the cron.php file in the owncloud folder via a system cronjob once a minute."); ?> +
- t('Sharing');?> - - - - - - - - - - - - - -
- /> -
- t('Allow apps to use the Share API'); ?> -
> - /> -
- t('Allow users to share items to the public with links'); ?> -
> - /> -
- t('Allow users to share items shared with them again'); ?> -
> - /> -
- /> -
-
+ t('Sharing');?> + + + + + + + + + + + + + +
+ /> +
+ t('Allow apps to use the Share API'); ?> +
> + /> +
+ t('Allow users to share items to the public with links'); ?> +
> + /> +
+ t('Allow users to share items shared with them again'); ?> +
> + /> +
+ /> +
+
- t('Security');?> - - - - -
- - /> -
- t('Enforces the clients to connect to ownCloud via an encrypted connection.'); ?> - "; - echo $l->t('Please connect to this ownCloud instance via HTTPS to enable or disable the SSL enforcement.'); - echo ""; - } - ?> -
+ t('Security');?> + + + + +
+ + /> +
+ t('Enforces the clients to connect to ownCloud via an encrypted connection.'); ?> + "; + echo $l->t('Please connect to this ownCloud instance via HTTPS to enable or disable the SSL enforcement.'); + echo ""; + } + ?> +
- t('Log');?> - t('Log level');?> + + + + - - - - - - - - - -
- level];?> - - app;?> - - message;?> - - time);?> -
- - ...'> - + + + + + + + + + +
+ level];?> + + app;?> + + message;?> + + time);?> +
+ + ...'> +
- t('Version');?> - ownCloud - ()
- t('Developed by the ownCloud community, the source code is licensed under the AGPL.'); ?> + t('Version');?> + ownCloud + ()
+ t('Developed by the ownCloud community, the source code is licensed under the AGPL.'); ?>
diff --git a/settings/templates/apps.php b/settings/templates/apps.php index 179ce9c540..0490f63fb6 100644 --- a/settings/templates/apps.php +++ b/settings/templates/apps.php @@ -29,7 +29,7 @@

- + diff --git a/settings/templates/help.php b/settings/templates/help.php index b697905f7e..8f51cd8701 100644 --- a/settings/templates/help.php +++ b/settings/templates/help.php @@ -1,14 +1,14 @@
- + t( 'User Documentation' ); ?> - t( 'Administrator Documentation' ); ?> + t( 'Administrator Documentation' ); ?> - t( 'Online Documentation' ); ?> - t( 'Forum' ); ?> - + t( 'Online Documentation' ); ?> + t( 'Forum' ); ?> + t( 'Bugtracker' ); ?> - t( 'Commercial Support' ); ?> + t( 'Commercial Support' ); ?>


@@ -18,14 +18,14 @@