verify the path in the autoloader
This commit is contained in:
parent
0d4562c938
commit
e9b91b1798
|
@ -34,12 +34,33 @@ class Autoloader {
|
||||||
|
|
||||||
private $classPaths = array();
|
private $classPaths = array();
|
||||||
|
|
||||||
|
private $validRoots = [];
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Optional low-latency memory cache for class to path mapping.
|
* Optional low-latency memory cache for class to path mapping.
|
||||||
|
*
|
||||||
* @var \OC\Memcache\Cache
|
* @var \OC\Memcache\Cache
|
||||||
*/
|
*/
|
||||||
protected $memoryCache;
|
protected $memoryCache;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Autoloader constructor.
|
||||||
|
*
|
||||||
|
* @param string[] $validRoots
|
||||||
|
*/
|
||||||
|
public function __construct(array $validRoots) {
|
||||||
|
$this->validRoots = $validRoots;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add a path to the list of valid php roots for auto loading
|
||||||
|
*
|
||||||
|
* @param string $root
|
||||||
|
*/
|
||||||
|
public function addValidRoot($root) {
|
||||||
|
$this->validRoots[] = $root;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* disable the usage of the global classpath \OC::$CLASSPATH
|
* disable the usage of the global classpath \OC::$CLASSPATH
|
||||||
*/
|
*/
|
||||||
|
@ -102,6 +123,15 @@ class Autoloader {
|
||||||
return $paths;
|
return $paths;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected function isValidPath($fullPath) {
|
||||||
|
foreach ($this->validRoots as $root) {
|
||||||
|
if (substr($fullPath, 0, strlen($root) + 1) === $root . '/') {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
throw new \Exception('Path not allowed');
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Load the specified class
|
* Load the specified class
|
||||||
*
|
*
|
||||||
|
@ -119,7 +149,7 @@ class Autoloader {
|
||||||
$pathsToRequire = array();
|
$pathsToRequire = array();
|
||||||
foreach ($this->findClass($class) as $path) {
|
foreach ($this->findClass($class) as $path) {
|
||||||
$fullPath = stream_resolve_include_path($path);
|
$fullPath = stream_resolve_include_path($path);
|
||||||
if ($fullPath) {
|
if ($fullPath && $this->isValidPath($fullPath)) {
|
||||||
$pathsToRequire[] = $fullPath;
|
$pathsToRequire[] = $fullPath;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -138,6 +168,7 @@ class Autoloader {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the optional low-latency cache for class to path mapping.
|
* Sets the optional low-latency cache for class to path mapping.
|
||||||
|
*
|
||||||
* @param \OC\Memcache\Cache $memoryCache Instance of memory cache.
|
* @param \OC\Memcache\Cache $memoryCache Instance of memory cache.
|
||||||
*/
|
*/
|
||||||
public function setMemoryCache(\OC\Memcache\Cache $memoryCache = null) {
|
public function setMemoryCache(\OC\Memcache\Cache $memoryCache = null) {
|
||||||
|
|
19
lib/base.php
19
lib/base.php
|
@ -115,9 +115,6 @@ class OC {
|
||||||
* the app path list is empty or contains an invalid path
|
* the app path list is empty or contains an invalid path
|
||||||
*/
|
*/
|
||||||
public static function initPaths() {
|
public static function initPaths() {
|
||||||
// calculate the root directories
|
|
||||||
OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4));
|
|
||||||
|
|
||||||
// ensure we can find OC_Config
|
// ensure we can find OC_Config
|
||||||
set_include_path(
|
set_include_path(
|
||||||
OC::$SERVERROOT . '/lib' . PATH_SEPARATOR .
|
OC::$SERVERROOT . '/lib' . PATH_SEPARATOR .
|
||||||
|
@ -519,10 +516,20 @@ class OC {
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function init() {
|
public static function init() {
|
||||||
|
// calculate the root directories
|
||||||
|
OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4));
|
||||||
|
|
||||||
// register autoloader
|
// register autoloader
|
||||||
$loaderStart = microtime(true);
|
$loaderStart = microtime(true);
|
||||||
require_once __DIR__ . '/autoloader.php';
|
require_once __DIR__ . '/autoloader.php';
|
||||||
self::$loader = new \OC\Autoloader();
|
self::$loader = new \OC\Autoloader([
|
||||||
|
OC::$SERVERROOT . '/lib',
|
||||||
|
OC::$SERVERROOT . '/core',
|
||||||
|
OC::$SERVERROOT . '/settings',
|
||||||
|
OC::$SERVERROOT . '/ocs',
|
||||||
|
OC::$SERVERROOT . '/ocs-provider',
|
||||||
|
OC::$SERVERROOT . '/3rdparty'
|
||||||
|
]);
|
||||||
spl_autoload_register(array(self::$loader, 'load'));
|
spl_autoload_register(array(self::$loader, 'load'));
|
||||||
$loaderEnd = microtime(true);
|
$loaderEnd = microtime(true);
|
||||||
|
|
||||||
|
@ -545,6 +552,10 @@ class OC {
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
foreach(OC::$APPSROOTS as $appRoot) {
|
||||||
|
self::$loader->addValidRoot($appRoot['path']);
|
||||||
|
}
|
||||||
|
|
||||||
// setup the basic server
|
// setup the basic server
|
||||||
self::$server = new \OC\Server(\OC::$WEBROOT);
|
self::$server = new \OC\Server(\OC::$WEBROOT);
|
||||||
\OC::$server->getEventLogger()->log('autoloader', 'Autoloader', $loaderStart, $loaderEnd);
|
\OC::$server->getEventLogger()->log('autoloader', 'Autoloader', $loaderStart, $loaderEnd);
|
||||||
|
|
|
@ -8,6 +8,8 @@ if ($configDir) {
|
||||||
|
|
||||||
require_once __DIR__ . '/../lib/base.php';
|
require_once __DIR__ . '/../lib/base.php';
|
||||||
|
|
||||||
|
\OC::$loader->addValidRoot(OC::$SERVERROOT . '/tests');
|
||||||
|
|
||||||
// load minimum set of apps
|
// load minimum set of apps
|
||||||
OC_App::loadApps(array('authentication'));
|
OC_App::loadApps(array('authentication'));
|
||||||
OC_App::loadApps(array('filesystem', 'logging'));
|
OC_App::loadApps(array('filesystem', 'logging'));
|
||||||
|
|
|
@ -16,7 +16,7 @@ class AutoLoader extends TestCase {
|
||||||
|
|
||||||
protected function setUp() {
|
protected function setUp() {
|
||||||
parent::setUp();
|
parent::setUp();
|
||||||
$this->loader = new \OC\AutoLoader();
|
$this->loader = new \OC\AutoLoader([]);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testLeadingSlashOnClassName() {
|
public function testLeadingSlashOnClassName() {
|
||||||
|
|
|
@ -1,31 +1,31 @@
|
||||||
<?php
|
<?php
|
||||||
/**
|
|
||||||
* ownCloud
|
|
||||||
*
|
|
||||||
* @author Bernhard Posselt
|
|
||||||
* @copyright 2012 Bernhard Posselt <dev@bernhard-posselt.com>
|
|
||||||
*
|
|
||||||
* This library is free software; you can redistribute it and/or
|
|
||||||
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
|
||||||
* License as published by the Free Software Foundation; either
|
|
||||||
* version 3 of the License, or any later version.
|
|
||||||
*
|
|
||||||
* This library is distributed in the hope that it will be useful,
|
|
||||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
|
||||||
*
|
|
||||||
* You should have received a copy of the GNU Affero General Public
|
|
||||||
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ownCloud
|
||||||
|
*
|
||||||
|
* @author Bernhard Posselt
|
||||||
|
* @copyright 2012 Bernhard Posselt <dev@bernhard-posselt.com>
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
||||||
|
* License as published by the Free Software Foundation; either
|
||||||
|
* version 3 of the License, or any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public
|
||||||
|
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
class Test_TemplateFunctions extends \Test\TestCase {
|
class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
|
|
||||||
protected function setUp() {
|
protected function setUp() {
|
||||||
parent::setUp();
|
parent::setUp();
|
||||||
|
|
||||||
$loader = new \OC\Autoloader();
|
$loader = new \OC\Autoloader([OC::$SERVERROOT . '/lib']);
|
||||||
$loader->load('OC_Template');
|
$loader->load('OC_Template');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -60,7 +60,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
// Test relative_modified_date with dates only
|
// Test relative_modified_date with dates only
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
public function testRelativeDateToday(){
|
public function testRelativeDateToday() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime;
|
$elementTime = $currentTime;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
||||||
|
@ -74,7 +74,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('today', $result);
|
$this->assertEquals('today', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeDateYesterday(){
|
public function testRelativeDateYesterday() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 24 * 3600;
|
$elementTime = $currentTime - 24 * 3600;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
||||||
|
@ -88,7 +88,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('yesterday', $result);
|
$this->assertEquals('yesterday', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeDate2DaysAgo(){
|
public function testRelativeDate2DaysAgo() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 48 * 3600;
|
$elementTime = $currentTime - 48 * 3600;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
||||||
|
@ -102,7 +102,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('2 days ago', $result);
|
$this->assertEquals('2 days ago', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeDateLastMonth(){
|
public function testRelativeDateLastMonth() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 86400 * 31;
|
$elementTime = $currentTime - 86400 * 31;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
||||||
|
@ -115,7 +115,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('last month', $result);
|
$this->assertEquals('last month', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeDateMonthsAgo(){
|
public function testRelativeDateMonthsAgo() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 86400 * 65;
|
$elementTime = $currentTime - 86400 * 65;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
||||||
|
@ -128,7 +128,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('4 months ago', $result);
|
$this->assertEquals('4 months ago', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeDateLastYear(){
|
public function testRelativeDateLastYear() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 86400 * 365;
|
$elementTime = $currentTime - 86400 * 365;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
||||||
|
@ -141,7 +141,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('last year', $result);
|
$this->assertEquals('last year', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeDateYearsAgo(){
|
public function testRelativeDateYearsAgo() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 86400 * 365.25 * 2;
|
$elementTime = $currentTime - 86400 * 365.25 * 2;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
$result = (string)relative_modified_date($elementTime, $currentTime, true);
|
||||||
|
@ -158,7 +158,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
// Test relative_modified_date with timestamps only (date + time value)
|
// Test relative_modified_date with timestamps only (date + time value)
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|
||||||
public function testRelativeTimeSecondsAgo(){
|
public function testRelativeTimeSecondsAgo() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 5;
|
$elementTime = $currentTime - 5;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
||||||
|
@ -166,7 +166,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('seconds ago', $result);
|
$this->assertEquals('seconds ago', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeTimeMinutesAgo(){
|
public function testRelativeTimeMinutesAgo() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 190;
|
$elementTime = $currentTime - 190;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
||||||
|
@ -174,7 +174,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('3 minutes ago', $result);
|
$this->assertEquals('3 minutes ago', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeTimeHoursAgo(){
|
public function testRelativeTimeHoursAgo() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 7500;
|
$elementTime = $currentTime - 7500;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
||||||
|
@ -182,7 +182,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('2 hours ago', $result);
|
$this->assertEquals('2 hours ago', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeTime2DaysAgo(){
|
public function testRelativeTime2DaysAgo() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 48 * 3600;
|
$elementTime = $currentTime - 48 * 3600;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
||||||
|
@ -196,7 +196,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('2 days ago', $result);
|
$this->assertEquals('2 days ago', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeTimeLastMonth(){
|
public function testRelativeTimeLastMonth() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 86400 * 31;
|
$elementTime = $currentTime - 86400 * 31;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
||||||
|
@ -209,7 +209,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('last month', $result);
|
$this->assertEquals('last month', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeTimeMonthsAgo(){
|
public function testRelativeTimeMonthsAgo() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 86400 * 65;
|
$elementTime = $currentTime - 86400 * 65;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
||||||
|
@ -222,7 +222,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('4 months ago', $result);
|
$this->assertEquals('4 months ago', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeTimeLastYear(){
|
public function testRelativeTimeLastYear() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 86400 * 365;
|
$elementTime = $currentTime - 86400 * 365;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
||||||
|
@ -235,7 +235,7 @@ class Test_TemplateFunctions extends \Test\TestCase {
|
||||||
$this->assertEquals('last year', $result);
|
$this->assertEquals('last year', $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRelativeTimeYearsAgo(){
|
public function testRelativeTimeYearsAgo() {
|
||||||
$currentTime = 1380703592;
|
$currentTime = 1380703592;
|
||||||
$elementTime = $currentTime - 86400 * 365.25 * 2;
|
$elementTime = $currentTime - 86400 * 365.25 * 2;
|
||||||
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
$result = (string)relative_modified_date($elementTime, $currentTime, false);
|
||||||
|
|
Loading…
Reference in New Issue