mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix merge conflicts

This commit is contained in:
Robin 2010-04-28 12:01:05 +02:00
parent 09add452d9 854e0c5a9c
commit fb498b9534
21 changed files with 2161 additions and 600 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
files/rename.php → admin/index.php
View File

@ -1,10 +1,10 @@
<?php
/**
* ownCloud - ajax frontend
* ownCloud
*
* @author Robin Appelman
* @copyright 2010 Robin Appelman icewind1991@gmail.com
* @author Frank Karlitschek
* @copyright 2010 Frank Karlitschek karlitschek@kde.org
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@ -20,15 +20,22 @@
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
$CONFIG_ERROR='';
require_once('../inc/lib_base.php');
$dir=$_GET['dir'];
$file=$_GET['file'];
$newname=$_GET['newname'];
if($file!=$newname and $newname!='' and isset($_SESSION['username']) and $_SESSION['username'] and strpos($dir,'..')===false){
$source=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$file;
$target=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$newname;
rename($source,$target);
}
?>
OC_UTIL::showheader();
$FIRSTRUN=false;
echo('<div class="center">');
OC_CONFIG::showadminform();
echo('</div>');
OC_UTIL::showfooter();
?>

1
admin/index.php~ Normal file
View File

@ -0,0 +1 @@

91
css/default.php
View File

@ -46,6 +46,7 @@ html,body {
}
body.error {background-color: #F0F0F0;}
td.error{color:#FF0000; text-align:center}
body,th,td,ul,li,a,div,p,pre {color:#333333; font-family:Verdana,"Bitstream Vera Sans",Arial,Helvetica,Sans,"Bitstream Vera Serif"; font-size:9.0pt;}
a img {
@ -220,6 +221,7 @@ div.breadcrumb{
}
div.fileactionlist{
z-index:50;
position:absolute;
background-color: #DDDDDD;
margin-top:5px;
@ -260,6 +262,12 @@ td.sizetext{
text-align:right;
}
input.fileSelector{
margin-right:17px;
float:left;
}
td.fileSelector, td.fileicon{
width:16px;
}
@ -287,6 +295,7 @@ div.fileList{
height:100%;
min-height:200px;
top:0px;
<!-- border-bottom: 3px solid #CCC; -->
}
div.fileList table{
@ -321,4 +330,86 @@ table.browser thead td,table.browser tfoot td{
tr.hint, tr.hint td{
background:transparent;
}
#debug{
position:fixed;
bottom:20px;
left:20px;
border:solid 1px black;
}
.dragClone{
position:absolute;
}
div.breadcrumb{
float:left;
background:transparent;
}
div.moreActionsButton>p{
padding:0px;
margin:0px;
width:100%;
height:100%;
}
div.moreActionsButton{
background-color:white;
display:inline;
border:1px solid black;
cursor:pointer;
padding-right:10px;
text-align:right;
width:90px;
height:19px;
float:right;
margin-top:2px !important;
right:2px;
position:absolute;
background:#DDD url(<?php if(isset($WEBROOT)) echo($WEBROOT); ?>/img/arrow_up.png) no-repeat scroll center right;
}
td.moreActionsButtonClicked{
background:#DDD url(<?php if(isset($WEBROOT)) echo($WEBROOT); ?>/img/arrow_down.png) no-repeat scroll center right !important
}
tr.utilityline{
height:24px;
}
td.actionsSelected{
position:absolute;
width:790px;
}
div.moreActionsList{
background:#EEE;
position:absolute;
bottom:19px;
right:-2px;
border:1px solid black;
min-width:330px;
text-align:right;
float:right;
}
div.moreActionsList input{
<!-- float:right; -->
}
div.moreActionsList>table{
width:100%;
}
div.moreActionsList td{
width:300px;
text-align:right;
padding-top:3px !important;
padding-bottom:3px !important;
}
div.moreActionsList tr:hover{
background-color:#DDD;
}

30
files/move.php → files/api.php
View File

@ -22,14 +22,28 @@
*/
require_once('../inc/lib_base.php');
$sourceDir=$_GET['sourcedir'];
$targetDir=$_GET['targetdir'];
$source=$_GET['source'];
$target=$_GET['target'];
if(isset($_SESSION['username']) and $_SESSION['username'] and strpos($sourceDir,'..')===false and strpos($source,'..')===false and strpos($targetDir,'..')===false and strpos($target,'..')===false){
$target=$CONFIG_DATADIRECTORY.'/'.$targetDir.'/'.$target.'/'.$source;
$source=$CONFIG_DATADIRECTORY.'/'.$sourceDir.'/'.$source;
rename($source,$target);
$arguments=$_POST;
foreach($arguments as &$argument){
$argument=stripslashes($argument);
}
ob_clean();
switch($arguments['action']){
case 'delete':
OC_FILES::delete($arguments['dir'],$arguments['file']);
break;
case 'rename':
OC_FILES::move($arguments['dir'],$arguments['file'],$arguments['dir'],$arguments['newname']);
break;
case 'new':
OC_FILES::newfile($arguments['dir'],$arguments['name'],$arguments['type']);
break;
case 'move':
OC_FILES::move($arguments['sourcedir'],$arguments['source'],$arguments['targetdir'],$arguments['target']);
break;
case 'get':
OC_FILES::get($arguments['dir'],$arguments['file']);
break;
}
?>

108
files/get_file.php
View File

@ -1,108 +0,0 @@
<?php
/**
* ownCloud - ajax frontend
*
* @author Robin Appelman
* @copyright 2010 Robin Appelman icewind1991@gmail.com
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
//note this file is for getting files themselves, get_files.php is for getting a list of files.
require_once('../inc/lib_base.php');
if(!function_exists('sys_get_temp_dir')) {
function sys_get_temp_dir() {
if( $temp=getenv('TMP') ) return $temp;
if( $temp=getenv('TEMP') ) return $temp;
if( $temp=getenv('TMPDIR') ) return $temp;
$temp=tempnam(__FILE__,'');
if (file_exists($temp)) {
unlink($temp);
return dirname($temp);
}
return null;
}
}
function addDir($dir,$zip,$internalDir=''){
$dirname=basename($dir);
$zip->addEmptyDir($internalDir.$dirname);
$internalDir.=$dirname.='/';
$files=OC_FILES::getdirectorycontent($dir);
foreach($files as $file){
$filename=$file['name'];
$file=$dir.'/'.$filename;
if(is_file($file)){
$zip->addFile($file,$internalDir.$filename);
}elseif(is_dir($file)){
addDir($file,$zip,$internalDir);
}
}
}
$files=$_GET['files'];
$dir=(isset($_GET['dir']))?$_GET['dir']:'';
if(strstr($files,'..') or strstr($dir,'..')){
die();
}
if(strpos($files,',')){
$files=explode(',',$files);
}
if(is_array($files)){
$zip = new ZipArchive();
$filename = sys_get_temp_dir()."/ownCloud.zip";
if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) {
exit("cannot open <$filename>\n");
}
foreach($files as $file){
$file=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$file;
if(is_file($file)){
$zip->addFile($file,basename($file));
}elseif(is_dir($file)){
addDir($file,$zip);
}
}
$zip->close();
}elseif(is_dir($CONFIG_DATADIRECTORY.'/'.$dir.'/'.$files)){
$zip = new ZipArchive();
$filename = sys_get_temp_dir()."/ownCloud.zip";
if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) {
exit("cannot open <$filename>\n");
}
$file=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$files;
addDir($file,$zip);
$zip->close();
}else{
$zip=false;
$filename=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$files;
}
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($filename));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($filename));
ob_end_clean();
readfile($filename);
if($zip){
unlink($filename);
}
?>

49
files/get_files.php
View File

@ -47,12 +47,14 @@ $dirname=(isset($files[0]))?$files[0]['directory']:'';
$dirname=substr($dirname,strrpos($dirname,'/'));
$max_upload=min(return_bytes(ini_get('post_max_size')),return_bytes(ini_get('upload_max_filesize')));
ob_clean();
echo "<?xml version='1.0' standalone='yes'?>\n";
echo "<?xml version='1.0' encoding='UTF-8' standalone='yes'?>\n";
echo "<dir name='$dirname' max_upload='$max_upload'>\n";
if(is_array($files)){
foreach($files as $file){
$attributes='';
foreach($file as $name=>$data){
$data=utf8_encode($data);
$data=utf8tohtml($data);
$data=str_replace("'",'&#39;',$data);
if (is_string($name)) $attributes.=" $name='$data'";
}
@ -60,5 +62,48 @@ if(is_array($files)){
echo "<file$attributes/>\n";
}
}
echo "\n</dir>";
echo "</dir>";
// converts a UTF8-string into HTML entities
// - $utf8: the UTF8-string to convert
// - $encodeTags: booloean. TRUE will convert "<" to "&lt;"
// - return: returns the converted HTML-string
function utf8tohtml($utf8, $encodeTags=true) {
$result = '';
for ($i = 0; $i < strlen($utf8); $i++) {
$char = $utf8[$i];
$ascii = ord($char);
if ($ascii < 128) {
// one-byte character
$result .= ($encodeTags) ? htmlentities($char) : $char;
} else if ($ascii < 192) {
// non-utf8 character or not a start byte
} else if ($ascii < 224) {
// two-byte character
$result .= htmlentities(substr($utf8, $i, 2), ENT_QUOTES, 'UTF-8');
$i++;
} else if ($ascii < 240) {
// three-byte character
$ascii1 = ord($utf8[$i+1]);
$ascii2 = ord($utf8[$i+2]);
$unicode = (15 & $ascii) * 4096 +
(63 & $ascii1) * 64 +
(63 & $ascii2);
$result .= "&#$unicode;";
$i += 2;
} else if ($ascii < 248) {
// four-byte character
$ascii1 = ord($utf8[$i+1]);
$ascii2 = ord($utf8[$i+2]);
$ascii3 = ord($utf8[$i+3]);
$unicode = (15 & $ascii) * 262144 +
(63 & $ascii1) * 4096 +
(63 & $ascii2) * 64 +
(63 & $ascii3);
$result .= "&#$unicode;";
$i += 3;
}
}
return $result;
}
?>

38
files/new.php
View File

@ -1,38 +0,0 @@
<?php
/**
* ownCloud - ajax frontend
*
* @author Robin Appelman
* @copyright 2010 Robin Appelman icewind1991@gmail.com
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
require_once('../inc/lib_base.php');
$dir=$_GET['dir'];
$name=$_GET['name'];
$type=$_GET['type'];
if(isset($_SESSION['username']) and $_SESSION['username'] and strpos($dir,'..')===false and strpos($name,'..')===false){
$file=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$name;
if($type=='dir'){
mkdir($file);
}elseif($type=='file'){
$fileHandle=fopen($file, 'w') or die("can't open file");
fclose($fileHandle);
}
}
?>

2
files/upload.php
View File

@ -22,6 +22,8 @@
*/
require_once('../inc/lib_base.php');
// sleep(5); //immitate slow internet.
$fileName=$_FILES['file']['name'];
$source=$_FILES['file']['tmp_name'];
$target=$CONFIG_DATADIRECTORY.'/'.$_GET['dir'].'/'.$fileName;

33
inc/HTTP/WebDAV/Server.php
View File

@ -1,3 +1,4 @@
<<<<<<< HEAD:inc/HTTP/WebDAV/Server.php
<?php // $Id$
/*
+----------------------------------------------------------------------+
@ -33,9 +34,35 @@
+----------------------------------------------------------------------+
*/
require_once "HTTP/WebDAV/Tools/_parse_propfind.php";
require_once "HTTP/WebDAV/Tools/_parse_proppatch.php";
require_once "HTTP/WebDAV/Tools/_parse_lockinfo.php";
oc_require_once "HTTP/WebDAV/Tools/_parse_propfind.php";
oc_require_once "HTTP/WebDAV/Tools/_parse_proppatch.php";
oc_require_once "HTTP/WebDAV/Tools/_parse_lockinfo.php";
=======
<?php
//
// +----------------------------------------------------------------------+
// | PHP Version 4 |
// +----------------------------------------------------------------------+
// | Copyright (c) 1997-2003 The PHP Group |
// +----------------------------------------------------------------------+
// | This source file is subject to version 2.02 of the PHP license, |
// | that is bundled with this package in the file LICENSE, and is |
// | available at through the world-wide-web at |
// | http://www.php.net/license/2_02.txt. |
// | If you did not receive a copy of the PHP license and are unable to |
// | obtain it through the world-wide-web, please send a note to |
// | license@php.net so we can mail you a copy immediately. |
// +----------------------------------------------------------------------+
// | Authors: Hartmut Holzgraefe <hholzgra@php.net> |
// | Christian Stocker <chregu@bitflux.ch> |
// +----------------------------------------------------------------------+
//
// $Id: Server.php,v 1.46 2006/03/03 21:43:09 hholzgra Exp $
//
oc_require_once("HTTP/WebDAV/Tools/_parse_propfind.php");
oc_require_once("HTTP/WebDAV/Tools/_parse_proppatch.php");
oc_require_once("HTTP/WebDAV/Tools/_parse_lockinfo.php");
>>>>>>> 854e0c5a9c9060e827fbbfddffeeeadfc2d27278:inc/HTTP/WebDAV/Server.php
/**
* Virtual base class for implementing WebDAV servers

726
inc/HTTP/WebDAV/Server/Filesystem.php
View File

@ -1,3 +1,4 @@
<<<<<<< HEAD:inc/HTTP/WebDAV/Server/Filesystem.php
<?php // $Id$
/*
+----------------------------------------------------------------------+
@ -32,9 +33,9 @@
| POSSIBILITY OF SUCH DAMAGE. |
+----------------------------------------------------------------------+
*/
require_once "lib_base.php";
require_once "HTTP/WebDAV/Server.php";
require_once "System.php";
require_once "../../../lib_base.php";
oc_require_once "HTTP/WebDAV/Server.php";
oc_require_once "System.php";
/**
* Filesystem access using WebDAV
@ -853,3 +854,722 @@
* indent-tabs-mode:nil
* End:
*/
=======
<?php
oc_require_once("HTTP/WebDAV/Server.php");
oc_require_once("System.php");
/**
* Filesystem access using WebDAV
*
* @access public
*/
class HTTP_WebDAV_Server_Filesystem extends HTTP_WebDAV_Server
{
/**
* Root directory for WebDAV access
*
* Defaults to webserver document root (set by ServeRequest)
*
* @access private
* @var string
*/
var $base = "";
/**
* Serve a webdav request
*
* @access public
* @param string
*/
function ServeRequest($base = false)
{
// special treatment for litmus compliance test
// reply on its identifier header
// not needed for the test itself but eases debugging
if (function_exists("apache_request_headers")) {
foreach(apache_request_headers() as $key => $value) {
if (stristr($key,"litmus")) {
error_log("Litmus test $value");
header("X-Litmus-reply: ".$value);
}
}
}
// set root directory, defaults to webserver document root if not set
if ($base) {
$this->base = realpath($base); // TODO throw if not a directory
} else if (!$this->base) {
$this->base = $_SERVER['DOCUMENT_ROOT'];
}
// let the base class do all the work
parent::ServeRequest();
}
/**
* No authentication is needed here
*
* @access private
* @param string HTTP Authentication type (Basic, Digest, ...)
* @param string Username
* @param string Password
* @return bool true on successful authentication
*/
function check_auth($type, $user, $pass)
{
return true;
}
/**
* PROPFIND method handler
*
* @param array general parameter passing array
* @param array return array for file properties
* @return bool true on success
*/
function PROPFIND(&$options, &$files)
{
// get absolute fs path to requested resource
$fspath = $this->base . $options["path"];
// sanity check
if (!file_exists($fspath)) {
return false;
}
// prepare property array
$files["files"] = array();
// store information for the requested path itself
$files["files"][] = $this->fileinfo($options["path"]);
// information for contained resources requested?
if (!empty($options["depth"])) { // TODO check for is_dir() first?
// make sure path ends with '/'
$options["path"] = $this->_slashify($options["path"]);
// try to open directory
$handle = @opendir($fspath);
if ($handle) {
// ok, now get all its contents
while ($filename = readdir($handle)) {
if ($filename != "." && $filename != "..") {
$files["files"][] = $this->fileinfo($options["path"].$filename);
}
}
// TODO recursion needed if "Depth: infinite"
}
}
// ok, all done
return true;
}
/**
* Get properties for a single file/resource
*
* @param string resource path
* @return array resource properties
*/
function fileinfo($path)
{
// map URI path to filesystem path
$fspath = $this->base . $path;
// create result array
$info = array();
// TODO remove slash append code when base clase is able to do it itself
$info["path"] = is_dir($fspath) ? $this->_slashify($path) : $path;
$info["props"] = array();
// no special beautified displayname here ...
$info["props"][] = $this->mkprop("displayname", strtoupper($path));
// creation and modification time
$info["props"][] = $this->mkprop("creationdate", filectime($fspath));
$info["props"][] = $this->mkprop("getlastmodified", filemtime($fspath));
// type and size (caller already made sure that path exists)
if (is_dir($fspath)) {
// directory (WebDAV collection)
$info["props"][] = $this->mkprop("resourcetype", "collection");
$info["props"][] = $this->mkprop("getcontenttype", "httpd/unix-directory");
} else {
// plain file (WebDAV resource)
$info["props"][] = $this->mkprop("resourcetype", "");
if (is_readable($fspath)) {
$info["props"][] = $this->mkprop("getcontenttype", $this->_mimetype($fspath));
} else {
$info["props"][] = $this->mkprop("getcontenttype", "application/x-non-readable");
}
$info["props"][] = $this->mkprop("getcontentlength", filesize($fspath));
}
// get additional properties from database
$query = "SELECT ns, name, value FROM properties WHERE path = '$path'";
$res = OC_DB::query($query);
while ($row = OC_DB::fetch_assoc($res)) {
$info["props"][] = $this->mkprop($row["ns"], $row["name"], $row["value"]);
}
OC_DB::free_result($res);
return $info;
}
/**
* detect if a given program is found in the search PATH
*
* helper function used by _mimetype() to detect if the
* external 'file' utility is available
*
* @param string program name
* @param string optional search path, defaults to $PATH
* @return bool true if executable program found in path
*/
function _can_execute($name, $path = false)
{
// path defaults to PATH from environment if not set
if ($path === false) {
$path = getenv("PATH");
}
// check method depends on operating system
if (!strncmp(PHP_OS, "WIN", 3)) {
// on Windows an appropriate COM or EXE file needs to exist
$exts = array(".exe", ".com");
$check_fn = "file_exists";
} else {
// anywhere else we look for an executable file of that name
$exts = array("");
$check_fn = "is_executable";
}
// now check the directories in the path for the program
foreach (explode(PATH_SEPARATOR, $path) as $dir) {
// skip invalid path entries
if (!file_exists($dir)) continue;
if (!is_dir($dir)) continue;
// and now look for the file
foreach ($exts as $ext) {
if ($check_fn("$dir/$name".$ext)) return true;
}
}
return false;
}
/**
* try to detect the mime type of a file
*
* @param string file path
* @return string guessed mime type
*/
function _mimetype($fspath)
{
if (@is_dir($fspath)) {
// directories are easy
return "httpd/unix-directory";
} else if (function_exists("mime_content_type")) {
// use mime magic extension if available
$mime_type = mime_content_type($fspath);
} else if ($this->_can_execute("file")) {
// it looks like we have a 'file' command,
// lets see it it does have mime support
$fp = popen("file -i '$fspath' 2>/dev/null", "r");
$reply = fgets($fp);
pclose($fp);
// popen will not return an error if the binary was not found
// and find may not have mime support using "-i"
// so we test the format of the returned string
// the reply begins with the requested filename
if (!strncmp($reply, "$fspath: ", strlen($fspath)+2)) {
$reply = substr($reply, strlen($fspath)+2);
// followed by the mime type (maybe including options)
if (preg_match('/^[[:alnum:]_-]+/[[:alnum:]_-]+;?.*/', $reply, $matches)) {
$mime_type = $matches[0];
}
}
}
if (empty($mime_type)) {
// Fallback solution: try to guess the type by the file extension
// TODO: add more ...
// TODO: it has been suggested to delegate mimetype detection
// to apache but this has at least three issues:
// - works only with apache
// - needs file to be within the document tree
// - requires apache mod_magic
// TODO: can we use the registry for this on Windows?
// OTOH if the server is Windos the clients are likely to
// be Windows, too, and tend do ignore the Content-Type
// anyway (overriding it with information taken from
// the registry)
// TODO: have a seperate PEAR class for mimetype detection?
switch (strtolower(strrchr(basename($fspath), "."))) {
case ".html":
$mime_type = "text/html";
break;
case ".gif":
$mime_type = "image/gif";
break;
case ".jpg":
$mime_type = "image/jpeg";
break;
default:
$mime_type = "application/octet-stream";
break;
}
}
return $mime_type;
}
/**
* GET method handler
*
* @param array parameter passing array
* @return bool true on success
*/
function GET(&$options)
{
// get absolute fs path to requested resource
$fspath = $this->base . $options["path"];
// sanity check
if (!file_exists($fspath)) return false;
// is this a collection?
if (is_dir($fspath)) {
return $this->GetDir($fspath, $options);
}
// detect resource type
$options['mimetype'] = $this->_mimetype($fspath);
// detect modification time
// see rfc2518, section 13.7
// some clients seem to treat this as a reverse rule
// requiering a Last-Modified header if the getlastmodified header was set
$options['mtime'] = filemtime($fspath);
// detect resource size
$options['size'] = filesize($fspath);
// no need to check result here, it is handled by the base class
$options['stream'] = fopen($fspath, "r");
return true;
}
/**
* GET method handler for directories
*
* This is a very simple mod_index lookalike.
* See RFC 2518, Section 8.4 on GET/HEAD for collections
*
* @param string directory path
* @return void function has to handle HTTP response itself
*/
function GetDir($fspath, &$options)
{
$path = $this->_slashify($options["path"]);
if ($path != $options["path"]) {
header("Location: ".$this->base_uri.$path);
exit;
}
// fixed width directory column format
$format = "%15s %-19s %-s\n";
$handle = @opendir($fspath);
if (!$handle) {
return false;
}
echo "<html><head><title>Index of ".htmlspecialchars($options['path'])."</title></head>\n";
echo "<h1>Index of ".htmlspecialchars($options['path'])."</h1>\n";
echo "<pre>";
printf($format, "Size", "Last modified", "Filename");
echo "<hr>";
while ($filename = readdir($handle)) {
if ($filename != "." && $filename != "..") {
$fullpath = $fspath."/".$filename;
$name = htmlspecialchars($filename);
printf($format,
number_format(filesize($fullpath)),
strftime("%Y-%m-%d %H:%M:%S", filemtime($fullpath)),
"<a href='$this->base_uri$path$name'>$name</a>");
}
}
echo "</pre>";
closedir($handle);
echo "</html>\n";
exit;
}
/**
* PUT method handler
*
* @param array parameter passing array
* @return bool true on success
*/
function PUT(&$options)
{
$fspath = $this->base . $options["path"];
if (!@is_dir(dirname($fspath))) {
return "409 Conflict";
}
$options["new"] = ! file_exists($fspath);
$fp = fopen($fspath, "w");
return $fp;
}
/**
* MKCOL method handler
*
* @param array general parameter passing array
* @return bool true on success
*/
function MKCOL($options)
{
$path = $this->base .$options["path"];
$parent = dirname($path);
$name = basename($path);
if (!file_exists($parent)) {
return "409 Conflict";
}
if (!is_dir($parent)) {
return "403 Forbidden";
}
if ( file_exists($parent."/".$name) ) {
return "405 Method not allowed";
}
if (!empty($_SERVER["CONTENT_LENGTH"])) { // no body parsing yet
return "415 Unsupported media type";
}
$stat = mkdir ($parent."/".$name,0777);
if (!$stat) {
return "403 Forbidden";
}
return ("201 Created");
}
/**
* DELETE method handler
*
* @param array general parameter passing array
* @return bool true on success
*/
function DELETE($options)
{
$path = $this->base . "/" .$options["path"];
if (!file_exists($path)) {
return "404 Not found";
}
if (is_dir($path)) {
$query = "DELETE FROM properties WHERE path LIKE '".$this->_slashify($options["path"])."%'";
OC_DB::query($query);
System::rm("-rf $path");
} else {
unlink ($path);
}
$query = "DELETE FROM properties WHERE path = '$options[path]'";
OC_DB::query($query);
return "204 No Content";
}
/**
* MOVE method handler
*
* @param array general parameter passing array
* @return bool true on success
*/
function MOVE($options)
{
return $this->COPY($options, true);
}
/**
* COPY method handler
*
* @param array general parameter passing array
* @return bool true on success
*/
function COPY($options, $del=false)
{
// TODO Property updates still broken (Litmus should detect this?)
if (!empty($_SERVER["CONTENT_LENGTH"])) { // no body parsing yet
return "415 Unsupported media type";
}
// no copying to different WebDAV Servers yet
if (isset($options["dest_url"])) {
return "502 bad gateway";
}
$source = $this->base .$options["path"];
if (!file_exists($source)) return "404 Not found";
$dest = $this->base . $options["dest"];
$new = !file_exists($dest);
$existing_col = false;
if (!$new) {
if ($del && is_dir($dest)) {
if (!$options["overwrite"]) {
return "412 precondition failed";
}
$dest .= basename($source);
if (file_exists($dest)) {
$options["dest"] .= basename($source);
} else {
$new = true;
$existing_col = true;
}
}
}
if (!$new) {
if ($options["overwrite"]) {
$stat = $this->DELETE(array("path" => $options["dest"]));
if (($stat{0} != "2") && (substr($stat, 0, 3) != "404")) {
return $stat;
}
} else {
return "412 precondition failed";
}
}
if (is_dir($source) && ($options["depth"] != "infinity")) {
// RFC 2518 Section 9.2, last paragraph
return "400 Bad request";
}
if ($del) {
if (!rename($source, $dest)) {
return "500 Internal server error";
}
$destpath = $this->_unslashify($options["dest"]);
if (is_dir($source)) {
$query = "UPDATE properties
SET path = REPLACE(path, '".$options["path"]."', '".$destpath."')
WHERE path LIKE '".$this->_slashify($options["path"])."%'";
OC_DB::query($query);
}
$query = "UPDATE properties
SET path = '".$destpath."'
WHERE path = '".$options["path"]."'";
OC_DB::query($query);
} else {
if (is_dir($source)) {
$files = System::find($source);
$files = array_reverse($files);
} else {
$files = array($source);
}
if (!is_array($files) || empty($files)) {
return "500 Internal server error";
}
foreach ($files as $file) {
if (is_dir($file)) {
$file = $this->_slashify($file);
}
$destfile = str_replace($source, $dest, $file);
if (is_dir($file)) {
if (!is_dir($destfile)) {
// TODO "mkdir -p" here? (only natively supported by PHP 5)
if (!mkdir($destfile)) {
return "409 Conflict";
}
} else {
error_log("existing dir '$destfile'");
}
} else {
if (!copy($file, $destfile)) {
return "409 Conflict";
}
}
}
$query = "INSERT INTO properties SELECT ... FROM properties WHERE path = '".$options['path']."'";
}
return ($new && !$existing_col) ? "201 Created" : "204 No Content";
}
/**
* PROPPATCH method handler
*
* @param array general parameter passing array
* @return bool true on success
*/
function PROPPATCH(&$options)
{
global $prefs, $tab;
$msg = "";
$path = $options["path"];
$dir = dirname($path)."/";
$base = basename($path);
foreach($options["props"] as $key => $prop) {
if ($prop["ns"] == "DAV:") {
$options["props"][$key]['status'] = "403 Forbidden";
} else {
if (isset($prop["val"])) {
$query = "REPLACE INTO properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'";
error_log($query);
} else {
$query = "DELETE FROM properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'";
}
OC_DB::query($query);
}
}
return "";
}
/**
* LOCK method handler
*
* @param array general parameter passing array
* @return bool true on success
*/
function LOCK(&$options)
{
if (isset($options["update"])) { // Lock Update
$query = "UPDATE locks SET expires = ".(time()+300);
OC_DB::query($query);
if (OC_DB::affected_rows()) {
$options["timeout"] = 300; // 5min hardcoded
return true;
} else {
return false;
}
}
$options["timeout"] = time()+300; // 5min. hardcoded
$query = "INSERT INTO locks
SET token = '$options[locktoken]'
, path = '$options[path]'
, owner = '$options[owner]'
, expires = '$options[timeout]'
, exclusivelock = " .($options['scope'] === "exclusive" ? "1" : "0")
;
OC_DB::query($query);
return OC_DB::affected_rows() ? "200 OK" : "409 Conflict";
}
/**
* UNLOCK method handler
*
* @param array general parameter passing array
* @return bool true on success
*/
function UNLOCK(&$options)
{
$query = "DELETE FROM locks
WHERE path = '$options[path]'
AND token = '$options[token]'";
OC_DB::query($query);
return OC_DB::affected_rows() ? "204 No Content" : "409 Conflict";
}
/**
* checkLock() helper
*
* @param string resource path to check for locks
* @return bool true on success
*/
function checkLock($path)
{
$result = false;
$query = "SELECT owner, token, expires, exclusivelock
FROM locks
WHERE path = '$path'
";
$res = OC_DB::query($query);
if ($res) {
$row = OC_DB::fetch_assoc($res);
OC_DB::free_result($res);
if ($row) {
$result = array( "type" => "write",
"scope" => $row["exclusivelock"] ? "exclusive" : "shared",
"depth" => 0,
"owner" => $row['owner'],
"token" => $row['token'],
"expires" => $row['expires']
);
}
}
return $result;
}
/**
* create database tables for property and lock storage
*
* @param void
* @return bool true on success
*/
function create_database()
{
// TODO
return false;
}
}
?>
>>>>>>> 854e0c5a9c9060e827fbbfddffeeeadfc2d27278:inc/HTTP/WebDAV/Server/Filesystem.php

203
inc/lib_base.php
View File

@ -40,11 +40,10 @@ if($WEBROOT{0}!=='/'){
}
// set the right include path
set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config');
// set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config');
// define default config values
$CONFIG_ADMINLOGIN='';
$CONFIG_ADMINPASSWORD='';
$CONFIG_INSTALLED=false;
$CONFIG_DATADIRECTORY=$SERVERROOT.'/data';
$CONFIG_HTTPFORCESSL=false;
$CONFIG_DATEFORMAT='j M Y G:i';
@ -52,7 +51,7 @@ $CONFIG_DBNAME='owncloud';
$CONFIG_DBTYPE='sqlite';
// include the generated configfile
@include_once('config.php');
@oc_include_once('config.php');
// redirect to https site if configured
if(isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL){
@ -64,12 +63,22 @@ if(isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL){
}
// load core libs
require_once('lib_files.php');
require_once('lib_log.php');
require_once('lib_config.php');
oc_require_once('lib_files.php');
oc_require_once('lib_log.php');
oc_require_once('lib_config.php');
oc_require_once('lib_user.php');
oc_require_once('lib_ocs.php');
if(OC_USER::isLoggedIn()){
//jail the user in a seperate data folder
$CONFIG_DATADIRECTORY=$SERVERROOT.'/data/'.$_SESSION['username_clean'];
if(!is_dir($CONFIG_DATADIRECTORY)){
mkdir($CONFIG_DATADIRECTORY);
}
}
// load plugins
$CONFIG_LOADPLUGINS='music';
$CONFIG_LOADPLUGINS='';
$plugins=explode(' ',$CONFIG_LOADPLUGINS);
if(isset($plugins[0]['url'])) foreach($plugins as $plugin) require_once('plugins/'.$plugin.'/lib_'.$plugin.'.php');
@ -81,46 +90,6 @@ OC_UTIL::checkserver();
OC_USER::logoutlisener();
$loginresult=OC_USER::loginlisener();
/**
* Class for usermanagement
*
*/
class OC_USER {
/**
* check if the login button is pressed and logg the user in
*
*/
public static function loginlisener(){
global $CONFIG_ADMINLOGIN;
global $CONFIG_ADMINPASSWORD;
if(isset($_POST['loginbutton']) and isset($_POST['password']) and isset($_POST['login'])){
if($_POST['login']==$CONFIG_ADMINLOGIN and $_POST['password']==$CONFIG_ADMINPASSWORD){
$_SESSION['username']=$_POST['login'];
OC_LOG::event($_SESSION['username'],1,'');
return('');
}else{
return('error');
}
}
return('');
}
/**
* check if the logout button is pressed and logout the user
*
*/
public static function logoutlisener(){
if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){
OC_LOG::event($_SESSION['username'],2,'');
unset($_SESSION['username']);
}
}
}
/**
* Class for utility functions
*
@ -163,7 +132,7 @@ class OC_UTIL {
public static function showheader(){
global $CONFIG_ADMINLOGIN;
global $WEBROOT;
require('templates/header.php');;
oc_require('templates/header.php');;
}
/**
@ -173,7 +142,7 @@ class OC_UTIL {
public static function showfooter(){
global $CONFIG_FOOTEROWNERNAME;
global $CONFIG_FOOTEROWNEREMAIL;
require('templates/footer.php');;
oc_require('templates/footer.php');;
}
/**
@ -204,8 +173,11 @@ class OC_UTIL {
if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo('<td class="navigationitemselected"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>');
}
if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/log">Log</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/log">Log</a></td>');
if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/settings">Settings</a></td>');
if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/log">Log</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/log">Log</a></td>');
if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/settings">Settings</a></td>');
if(OC_USER::ingroup($_SESSION['username'],'admin')){
if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>');
}
echo('<td class="navigationitem"><a href="?logoutbutton=1">Logout</a></td>');
echo('</tr></table>');
}
@ -217,7 +189,7 @@ class OC_UTIL {
*/
public static function showloginform(){
global $loginresult;
require('templates/loginform.php');
oc_require('templates/loginform.php');
}
@ -284,6 +256,32 @@ class OC_DB {
return $result;
}
/**
* executes a query on the database and returns the result in an array
*
* @param string $cmd
* @return result-set
*/
static function select($cmd) {
global $CONFIG_DBTYPE;
$result=OC_DB::query($cmd);
if($result){
$data=array();
if($CONFIG_DBTYPE=='sqlite'){
while($row=$result->fetch(SQLITE_ASSOC)){
$data[]=$row;
}
}elseif($CONFIG_DBTYPE=='mysql'){
while($row=$result->fetch_array(MYSQLI_ASSOC)){
$data[]=$row;
}
}
return $data;
}else{
return false;
}
}
/**
* executes multiply queries on the database
*
@ -455,4 +453,101 @@ class OC_DB {
}
?>
//custom require/include functions because not all hosts allow us to set the include path
function oc_require($file){
global $SERVERROOT;
global $DOCUMENTROOT;
global $WEBROOT;
global $CONFIG_DBNAME;
global $CONFIG_DBHOST;
global $CONFIG_DBUSER;
global $CONFIG_DBPASSWORD;
global $CONFIG_DBTYPE;
global $CONFIG_DATADIRECTORY;
global $CONFIG_HTTPFORCESSL;
global $CONFIG_DATEFORMAT;
global $CONFIG_INSTALLED;
if(is_file($file)){
require($file);
}elseif(is_file($SERVERROOT.'/'.$file)){
require($SERVERROOT.'/'.$file);
}elseif(is_file($SERVERROOT.'/inc/'.$file)){
require($SERVERROOT.'/inc/'.$file);
}elseif(is_file($SERVERROOT.'/config/'.$file)){
require($SERVERROOT.'/config/'.$file);
}
}
function oc_require_once($file){
global $SERVERROOT;
global $DOCUMENTROOT;
global $WEBROOT;
global $CONFIG_DBNAME;
global $CONFIG_DBHOST;
global $CONFIG_DBUSER;
global $CONFIG_DBPASSWORD;
global $CONFIG_DBTYPE;
global $CONFIG_DATADIRECTORY;
global $CONFIG_HTTPFORCESSL;
global $CONFIG_DATEFORMAT;
global $CONFIG_INSTALLED;
if(is_file($file)){
require_once($file);
}elseif(is_file($SERVERROOT.'/'.$file)){
require_once($SERVERROOT.'/'.$file);
}elseif(is_file($SERVERROOT.'/inc/'.$file)){
require_once($SERVERROOT.'/inc/'.$file);
}elseif(is_file($SERVERROOT.'/config/'.$file)){
require_once($SERVERROOT.'/config/'.$file);
}
}
function oc_include($file){
global $SERVERROOT;
global $DOCUMENTROOT;
global $WEBROOT;
global $CONFIG_DBNAME;
global $CONFIG_DBHOST;
global $CONFIG_DBUSER;
global $CONFIG_DBPASSWORD;
global $CONFIG_DBTYPE;
global $CONFIG_DATADIRECTORY;
global $CONFIG_HTTPFORCESSL;
global $CONFIG_DATEFORMAT;
global $CONFIG_INSTALLED;
if(is_file($file)){
include($file);
}elseif(is_file($SERVERROOT.'/'.$file)){
include($SERVERROOT.'/'.$file);
}elseif(is_file($SERVERROOT.'/inc/'.$file)){
include($SERVERROOT.'/inc/'.$file);
}elseif(is_file($SERVERROOT.'/config/'.$file)){
include($SERVERROOT.'/config/'.$file);
}
}
function oc_include_once($file){
global $SERVERROOT;
global $DOCUMENTROOT;
global $WEBROOT;
global $CONFIG_DBNAME;
global $CONFIG_DBHOST;
global $CONFIG_DBUSER;
global $CONFIG_DBPASSWORD;
global $CONFIG_DBTYPE;
global $CONFIG_DATADIRECTORY;
global $CONFIG_HTTPFORCESSL;
global $CONFIG_DATEFORMAT;
global $CONFIG_INSTALLED;
if(is_file($file)){
include_once($file);
}elseif(is_file($SERVERROOT.'/'.$file)){
include_once($SERVERROOT.'/'.$file);
}elseif(is_file($SERVERROOT.'/inc/'.$file)){
include_once($SERVERROOT.'/inc/'.$file);
}elseif(is_file($SERVERROOT.'/config/'.$file)){
include_once($SERVERROOT.'/config/'.$file);
}
}
?>

373
inc/lib_config.php
View File

@ -11,122 +11,250 @@ class OC_CONFIG{
global $CONFIG_HTTPFORCESSL;
global $CONFIG_DATEFORMAT;
global $CONFIG_DBNAME;
require('templates/configform.php');
oc_require('templates/configform.php');
}
/**
* lisen for configuration changes and write it to the file
* show the configform
*
*/
public static function writeconfiglisener(){
global $DOCUMENTROOT;
global $SERVERROOT;
global $WEBROOT;
global $CONFIG_DBHOST;
global $CONFIG_DBNAME;
global $CONFIG_DBUSER;
global $CONFIG_DBPASSWORD;
global $CONFIG_DBTYPE;
public static function showadminform(){
global $CONFIG_ADMINLOGIN;
global $CONFIG_ADMINPASSWORD;
if(isset($_POST['set_config'])){
global $CONFIG_DATADIRECTORY;
global $CONFIG_HTTPFORCESSL;
global $CONFIG_DATEFORMAT;
global $CONFIG_DBNAME;
global $CONFIG_INSTALLED;
$allow=false;
if(!$CONFIG_INSTALLED){
$allow=true;
}elseif(OC_USER::isLoggedIn()){
if(OC_USER::ingroup($_SESSION['username'],'admin')){
$allow=true;
}
}
if($allow){
oc_require('templates/adminform.php');
}
}
//checkdata
$error='';
$FIRSTRUN=empty($CONFIG_ADMINLOGIN);
if(!$FIRSTRUN){
if($_POST['currentpassword']!=$CONFIG_ADMINPASSWORD){
$error.='wrong password<br />';
}
}
if(!isset($_POST['adminlogin']) or empty($_POST['adminlogin'])) $error.='admin login not set<br />';
if((!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])) and $FIRSTRUN) $error.='admin password not set<br />';
if((!isset($_POST['adminpassword2']) or empty($_POST['adminpassword2'])) and $FIRSTRUN) $error.='retype admin password not set<br />';
if(!isset($_POST['datadirectory']) or empty($_POST['datadirectory'])) $error.='data directory not set<br />';
if(!isset($_POST['dateformat']) or empty($_POST['dateformat'])) $error.='dateformat not set<br />';
if(!isset($_POST['dbname']) or empty($_POST['dbname'])) $error.='databasename not set<br />';
if($_POST['adminpassword']<>$_POST['adminpassword2'] ) $error.='admin passwords are not the same<br />';
$dbtype=$_POST['dbtype'];
if($dbtype=='mysql'){
if(!isset($_POST['dbhost']) or empty($_POST['dbhost'])) $error.='database host not set<br />';
if(!isset($_POST['dbuser']) or empty($_POST['dbuser'])) $error.='database user not set<br />';
if($_POST['dbpassword']<>$_POST['dbpassword2'] ) $error.='database passwords are not the same<br />';
}
if(!$FIRSTRUN){
if(!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])){
$_POST['adminpassword']=$CONFIG_ADMINPASSWORD;
}
if(!isset($_POST['dbpassword']) or empty($_POST['dbpassword'])){
$_POST['dbpassword']=$CONFIG_DBPASSWORD;
}
}
if(empty($error)) {
//create/fill database
$CONFIG_DBTYPE=$dbtype;
$CONFIG_DBNAME=$_POST['dbname'];
if($dbtype=='mysql'){
$CONFIG_DBHOST=$_POST['dbhost'];
$CONFIG_DBUSER=$_POST['dbuser'];
$CONFIG_DBPASSWORD=$_POST['dbpassword'];
}
try{
if(isset($_POST['createdatabase']) and $CONFIG_DBTYPE=='mysql'){
self::createdatabase($_POST['dbadminuser'],$_POST['dbadminpwd']);
}
}catch(Exception $e){
$error.='error while trying to create the database<br/>';
}
if($CONFIG_DBTYPE=='sqlite'){
$f=@fopen($SERVERROOT.'/'.$CONFIG_DBNAME,'a+');
if(!$f){
$error.='path of sqlite database not writable by server<br/>';
}
}
try{
if(isset($_POST['filldb'])){
self::filldatabase();
}
}catch(Exception $e){
$error.='error while trying to fill the database<br/>';
}
//storedata
$config='<?php '."\n";
$config.='$CONFIG_ADMINLOGIN=\''.$_POST['adminlogin']."';\n";
$config.='$CONFIG_ADMINPASSWORD=\''.$_POST['adminpassword']."';\n";
$config.='$CONFIG_DATADIRECTORY=\''.$_POST['datadirectory']."';\n";
if(isset($_POST['forcessl'])) $config.='$CONFIG_HTTPFORCESSL=true'.";\n"; else $config.='$CONFIG_HTTPFORCESSL=false'.";\n";
$config.='$CONFIG_DATEFORMAT=\''.$_POST['dateformat']."';\n";
$config.='$CONFIG_DBTYPE=\''.$dbtype."';\n";
$config.='$CONFIG_DBNAME=\''.$_POST['dbname']."';\n";
if($dbtype=='mysql'){
$config.='$CONFIG_DBHOST=\''.$_POST['dbhost']."';\n";
$config.='$CONFIG_DBUSER=\''.$_POST['dbuser']."';\n";
$config.='$CONFIG_DBPASSWORD=\''.$_POST['dbpassword']."';\n";
}
$config.='?> ';
$filename=$SERVERROOT.'/config/config.php';
if(empty($error)){
header("Location: ".$WEBROOT."/");
try{
file_put_contents($filename,$config);
}catch(Exception $e){
$error.='error while trying to save the configuration file<br/>';
return $error;
public static function createuserlisener(){
if(OC_USER::isLoggedIn()){
if(OC_USER::ingroup($_SESSION['username'],'admin')){
if(isset($_POST['new_username']) and isset($_POST['new_password'])){
if(OC_USER::createuser($_POST['new_username'],$_POST['new_password'])){
return 'user successfully created';
}else{
return 'error while trying to create user';
}
}else{
return false;
}
}else{
return $error;
return false;
}
}
return($error);
}
public static function creategrouplisener(){
if(OC_USER::isLoggedIn()){
if(isset($_POST['creategroup']) and $_POST['creategroup']==1){
if(OC_USER::creategroup($_POST['groupname'])){
if(OC_USER::addtogroup($_SESSION['username'],$_POST['groupname'])){
return 'group successfully created';
}else{
return 'error while trying to add user to the new created group';
}
}else{
return 'error while trying to create group';
}
}else{
return false;
}
}else{
return false;
}
}
/**
* lisen for configuration changes
*
*/
public static function configlisener(){
if(OC_USER::isLoggedIn()){
if(isset($_POST['config']) and $_POST['config']==1){
$error='';
if(!OC_USER::checkpassword($_SESSION['username'],$_POST['currentpassword'])){
$error.='wrong password<br />';
}else{
if(isset($_POST['changepass']) and $_POST['changepass']==1){
if(!isset($_POST['password']) or empty($_POST['password'])) $error.='password not set<br />';
if(!isset($_POST['password2']) or empty($_POST['password2'])) $error.='retype password not set<br />';
if($_POST['password']<>$_POST['password2'] ) $error.='passwords are not the same<br />';
if(empty($error)){
if(!OC_USER::setpassword($_SESSION['username'],$_POST['password'])){
$error.='error while trying to set password<br />';
}
}
}
}
return $error;
}else{
return false;
}
}else{
return false;
}
}
/**
* lisen for admin configuration changes and write it to the file
*4bd0be1185e76
*/
public static function writeadminlisener(){
global $CONFIG_INSTALLED;
$allow=false;
if(!$CONFIG_INSTALLED){
$allow=true;
}elseif(OC_USER::isLoggedIn()){
if(OC_USER::ingroup($_SESSION['username'],'admin')){
$allow=true;
}
}
if($allow){
global $DOCUMENTROOT;
global $SERVERROOT;
global $WEBROOT;
global $CONFIG_DBHOST;
global $CONFIG_DBNAME;
global $CONFIG_DBUSER;
global $CONFIG_DBPASSWORD;
global $CONFIG_DBTYPE;
global $CONFIG_ADMINLOGIN;
global $CONFIG_ADMINPASSWORD;
if(isset($_POST['set_config'])){
//checkdata
$error='';
$FIRSTRUN=empty($CONFIG_ADMINLOGIN);
if(!$FIRSTRUN){
if($_POST['currentpassword']!=$CONFIG_ADMINPASSWORD){
$error.='wrong password<br />';
}
}
if(!isset($_POST['adminlogin']) or empty($_POST['adminlogin'])) $error.='admin login not set<br />';
if((!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])) and $FIRSTRUN) $error.='admin password not set<br />';
if((!isset($_POST['adminpassword2']) or empty($_POST['adminpassword2'])) and $FIRSTRUN) $error.='retype admin password not set<br />';
if(!isset($_POST['datadirectory']) or empty($_POST['datadirectory'])) $error.='data directory not set<br />';
if(!isset($_POST['dateformat']) or empty($_POST['dateformat'])) $error.='dateformat not set<br />';
if(!isset($_POST['dbname']) or empty($_POST['dbname'])) $error.='databasename not set<br />';
if($_POST['adminpassword']<>$_POST['adminpassword2'] ) $error.='admin passwords are not the same<br />';
$dbtype=$_POST['dbtype'];
if($dbtype=='mysql'){
if(!isset($_POST['dbhost']) or empty($_POST['dbhost'])) $error.='database host not set<br />';
if(!isset($_POST['dbuser']) or empty($_POST['dbuser'])) $error.='database user not set<br />';
if($_POST['dbpassword']<>$_POST['dbpassword2'] ) $error.='database passwords are not the same<br />';
}
if(!$FIRSTRUN){
if(!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])){
$_POST['adminpassword']=$CONFIG_ADMINPASSWORD;
}
if(!isset($_POST['dbpassword']) or empty($_POST['dbpassword'])){
$_POST['dbpassword']=$CONFIG_DBPASSWORD;
}
}
if(!is_dir($_POST['datadirectory'])){
try{
mkdir($_POST['datadirectory']);
}catch(Exception $e){
$error.='error while trying to create data directory<br/>';
}
}
if(empty($error)) {
//create/fill database
$CONFIG_DBTYPE=$dbtype;
$CONFIG_DBNAME=$_POST['dbname'];
if($dbtype=='mysql'){
$CONFIG_DBHOST=$_POST['dbhost'];
$CONFIG_DBUSER=$_POST['dbuser'];
$CONFIG_DBPASSWORD=$_POST['dbpassword'];
}
try{
if(isset($_POST['createdatabase']) and $CONFIG_DBTYPE=='mysql'){
self::createdatabase($_POST['dbadminuser'],$_POST['dbadminpwd']);
}
}catch(Exception $e){
$error.='error while trying to create the database<br/>';
}
if($CONFIG_DBTYPE=='sqlite'){
$f=@fopen($SERVERROOT.'/'.$CONFIG_DBNAME,'a+');
if(!$f){
$error.='path of sqlite database not writable by server<br/>';
}
}
try{
if(isset($_POST['filldb'])){
self::filldatabase();
}
}catch(Exception $e){
echo 'testin';
$error.='error while trying to fill the database<br/>';
}
if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){
$error.='error while trying to create the admin user<br/>';
}
if(OC_USER::getgroupid('admin')==0){
if(!OC_USER::creategroup('admin')){
$error.='error while trying to create the admin group<br/>';
}
}
if(!OC_USER::addtogroup($_POST['adminlogin'],'admin')){
$error.='error while trying to add the admin user to the admin group<br/>';
}
//storedata
$config='<?php '."\n";
// $config.='$CONFIG_ADMINLOGIN=\''.$_POST['adminlogin']."';\n";
// $config.='$CONFIG_ADMINPASSWORD=\''.$_POST['adminpassword']."';\n";
$config.='$CONFIG_INSTALLED=true;'."\n";
$config.='$CONFIG_DATADIRECTORY=\''.$_POST['datadirectory']."';\n";
if(isset($_POST['forcessl'])) $config.='$CONFIG_HTTPFORCESSL=true'.";\n"; else $config.='$CONFIG_HTTPFORCESSL=false'.";\n";
$config.='$CONFIG_DATEFORMAT=\''.$_POST['dateformat']."';\n";
$config.='$CONFIG_DBTYPE=\''.$dbtype."';\n";
$config.='$CONFIG_DBNAME=\''.$_POST['dbname']."';\n";
if($dbtype=='mysql'){
$config.='$CONFIG_DBHOST=\''.$_POST['dbhost']."';\n";
$config.='$CONFIG_DBUSER=\''.$_POST['dbuser']."';\n";
$config.='$CONFIG_DBPASSWORD=\''.$_POST['dbpassword']."';\n";
}
$config.='?> ';
}
$filename=$SERVERROOT.'/config/config.php';
if(empty($error)){
header("Location: ".$WEBROOT."/");
try{
file_put_contents($filename,$config);
}catch(Exception $e){
$error.='error while trying to save the configuration file<br/>';
return $error;
}
}else{
return $error;
}
}
}
return($error);
}
}
}
/**
* Fills the database with the initial tables
@ -163,9 +291,19 @@ CREATE TABLE 'properties' (
'ns' varchar(120) NOT NULL DEFAULT 'DAV:',
'value' text,
PRIMARY KEY ('path','name','ns')
);";
);
CREATE TABLE 'users' (
'user_id' int(11) NOT NULL,
'user_name' varchar(64) NOT NULL DEFAULT '',
'user_name_clean' varchar(64) NOT NULL DEFAULT '',
'user_password' varchar(40) NOT NULL DEFAULT '',
PRIMARY KEY ('user_id'),
UNIQUE ('user_name' ,'user_name_clean')
);
";
}elseif($CONFIG_DBTYPE=='mysql'){
$query="SET SQL_MODE=\"NO_AUTO_VALUE_ON_ZERO\";
$query="SET SQL_MODE='NO_AUTO_VALUE_ON_ZERO';
CREATE TABLE IF NOT EXISTS `locks` (
`token` varchar(255) NOT NULL DEFAULT '',
@ -201,6 +339,31 @@ CREATE TABLE IF NOT EXISTS `properties` (
PRIMARY KEY (`path`,`name`,`ns`),
KEY `path` (`path`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `users` (
`user_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`user_name` VARCHAR( 64 ) NOT NULL ,
`user_name_clean` VARCHAR( 64 ) NOT NULL ,
`user_password` VARCHAR( 340) NOT NULL ,
UNIQUE (
`user_name` ,
`user_name_clean`
)
) ENGINE = MYISAM ;
CREATE TABLE IF NOT EXISTS `groups` (
`group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`group_name` VARCHAR( 64 ) NOT NULL ,
UNIQUE (
`group_name`
)
) ENGINE = MYISAM ;
CREATE TABLE IF NOT EXISTS `user_group` (
`user_group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`user_id` VARCHAR( 64 ) NOT NULL ,
`group_id` VARCHAR( 64 ) NOT NULL
) ENGINE = MYISAM ;
";
}
OC_DB::multiquery($query);

410
inc/lib_files.php
View File

@ -29,132 +29,306 @@
*/
class OC_FILES {
/**
* show a web GUI filebrowser
*
* @param basedir $basedir
* @param dir $dir
*/
public static function showbrowser($basedir,$dir){/*
global $CONFIG_DATEFORMAT;
global $WEBROOT;
/**
* show a web GUI filebrowser
*
* @param basedir $basedir
* @param dir $dir
*/
public static function showbrowser($basedir,$dir){
echo '<div id="content"></div>';
}
$directory=$basedir.'/'.$dir;
// exit if try to access files outside our directory
if(strstr($dir,'..')<>false) exit();
$directory=realpath($directory);
$dirs=explode('/',$dir);
// breadcrumb
if(count($dirs)>1) {
echo('<div class="center"><table cellpadding="2" cellspacing="0" border="0"><tr>');
echo('<td class="nametext"><a href="'.$WEBROOT.'/">home</a></td>');
$currentdir='';
foreach($dirs as $d) {
$currentdir.='/'.$d.'';
if($d<>'') echo('<td class="nametext"><a href="'.$WEBROOT.'/?dir='.$currentdir.'"><img src="'.$WEBROOT.'/img/arrow.png" />&nbsp;'.$d.'</a></td>');
}
echo('</tr></table></div>');
}
// files and directories
echo('<div class="center"><table cellpadding="6" cellspacing="0" border="0" class="browser">');
$filesfound=false;
$content=self::getdirectorycontent($directory);
if($content){
foreach($content as $file){
echo('<tr class="browserline">');
OC_UTIL::showicon($file['type']);
if($file['type']=='dir') echo('<td class="nametext"><a href="'.$WEBROOT.'/?dir='.$dir.'/'.$file['name'].'">'.$file['name'].'</a></td>');
if($file['type']<>'dir') echo('<td class="nametext"><a href="'.$WEBROOT.'/?dir='.$dir.'&file='.$file['name'].'">'.$file['name'].'</a></td>');
if($file['type']<>'dir') echo('<td class="sizetext">'.$file['size'].' byte</td>'); else echo('<td></td>');
echo('<td class="sizetext">'.date($CONFIG_DATEFORMAT,$file['mtime']).'</td>');
echo('</tr>');
}
}
echo('</table>');
if(!$content) echo('<p>no files here</p>');
echo('</div>');*/
echo '<div id="content"></div>';
}
/**
* get the content of a directory
* @param dir $directory
*/
public static function getdirectorycontent($directory){
$filesfound=true;
$content=array();
$dirs=array();
$file=array();
$files=array();
if (is_dir($directory)) {
if ($dh = opendir($directory)) {
while (($filename = readdir($dh)) !== false) {
if($filename<>'.' and $filename<>'..'){
$file=array();
$filesfound=true;
$file['name']=$filename;
$file['directory']=$directory;
$stat=stat($directory.'/'.$filename);
$file=array_merge($file,$stat);
$file['type']=filetype($directory .'/'. $filename);
if($file['type']=='dir'){
$dirs[$file['name']]=$file;
}else{
$files[$file['name']]=$file;
}
}
}
closedir($dh);
}
}
ksort($dirs);
ksort($files);
$content=array_merge($dirs,$files);
if($filesfound){
return $content;
}else{
return false;
}
}
/**
* get the content of a directory
* @param dir $directory
*/
public static function getdirectorycontent($directory){
$filesfound=true;
$content=array();
$dirs=array();
$file=array();
$files=array();
if (is_dir($directory)) {
if ($dh = opendir($directory)) {
while (($filename = readdir($dh)) !== false) {
if($filename<>'.' and $filename<>'..'){
$file=array();
$filesfound=true;
$file['name']=$filename;
$file['directory']=$directory;
$stat=stat($directory.'/'.$filename);
$file=array_merge($file,$stat);
$file['mime']=OC_FILES::getMimeType($directory .'/'. $filename);
$file['type']=filetype($directory .'/'. $filename);
if($file['type']=='dir'){
$dirs[$file['name']]=$file;
}else{
$files[$file['name']]=$file;
}
}
}
closedir($dh);
}
}
ksort($dirs);
ksort($files);
$content=array_merge($dirs,$files);
if($filesfound){
return $content;
}else{
return false;
}
}
/**
* return the cntent of a file
*
* @param dir $dir
* @param file $file
*/
public static function get($dir,$file){
if(isset($_SESSION['username']) and $_SESSION['username']<>'') {
global $CONFIG_DATADIRECTORY;
$filename=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$file;
/**
* return the content of a file or return a zip file containning multiply files
*
* @param dir $dir
* @param file $file
*/
public static function get($dir,$files){
global $CONFIG_DATADIRECTORY;
if(strstr($files,'..') or strstr($dir,'..')){
die();
}
if(is_array($files)){
$zip = new ZipArchive();
$filename = sys_get_temp_dir()."/ownCloud.zip";
if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) {
exit("cannot open <$filename>\n");
}
foreach($files as $file){
$file=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$file;
if(is_file($file)){
$zip->addFile($file,basename($file));
}elseif(is_dir($file)){
zipAddDir($file,$zip);
}
}
$zip->close();
}elseif(is_dir($CONFIG_DATADIRECTORY.'/'.$dir.'/'.$files)){
$zip = new ZipArchive();
$filename = sys_get_temp_dir()."/ownCloud.zip";
if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) {
exit("cannot open <$filename>\n");
}
$file=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$files;
zipAddDir($file,$zip);
$zip->close();
}else{
$zip=false;
$filename=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$files;
}
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($filename));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($filename));
ob_end_clean();
readfile($filename);
if($zip){
unlink($filename);
}
}
/**
* move a file or folder
*
* @param dir $sourceDir
* @param file $source
* @param dir $targetDir
* @param file $target
*/
public static function move($sourceDir,$source,$targetDir,$target){
global $CONFIG_DATADIRECTORY;
if(OC_USER::isLoggedIn() and strpos($sourceDir,'..')===false and strpos($source,'..')===false and strpos($targetDir,'..')===false and strpos($target,'..')===false){
$targetFile=$CONFIG_DATADIRECTORY.'/'.$targetDir.'/'.$target;
$sourceFile=$CONFIG_DATADIRECTORY.'/'.$sourceDir.'/'.$source;
rename($sourceFile,$targetFile);
}
}
/**
* create a new file or folder
*
* @param dir $dir
* @param file $name
* @param type $type
*/
public static function newfile($dir,$name,$type){
global $CONFIG_DATADIRECTORY;
if(OC_USER::isLoggedIn() and strpos($dir,'..')===false and strpos($name,'..')===false){
$file=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$name;
if($type=='dir'){
mkdir($file);
}elseif($type=='file'){
$fileHandle=fopen($file, 'w') or die("can't open file");
fclose($fileHandle);
}
}
}
/**
* deletes a file or folder
*
* @param dir $dir
* @param file $name
*/
public static function delete($dir,$file){
global $CONFIG_DATADIRECTORY;
if(OC_USER::isLoggedIn() and strpos($dir,'..')===false){
$file=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$file;
if(is_file($file)){
unlink($file);
}elseif(is_dir($file)){
rmdir($file);
}
}
}
/**
* try to detect the mime type of a file
*
* @param string file path
* @return string guessed mime type
*/
function getMimeType($fspath){
if (@is_dir($fspath)) {
// directories are easy
return "httpd/unix-directory";
} else if (function_exists("mime_content_type")) {
// use mime magic extension if available
$mime_type = mime_content_type($fspath);
} else if (OC_FILES::canExecute("file")) {
// it looks like we have a 'file' command,
// lets see it it does have mime support
$fp = popen("file -i '$fspath' 2>/dev/null", "r");
$reply = fgets($fp);
pclose($fp);
// popen will not return an error if the binary was not found
// and find may not have mime support using "-i"
// so we test the format of the returned string
// the reply begins with the requested filename
if (!strncmp($reply, "$fspath: ", strlen($fspath)+2)) {
$reply = substr($reply, strlen($fspath)+2);
// followed by the mime type (maybe including options)
if (preg_match('/^[[:alnum:]_-]+/[[:alnum:]_-]+;?.*/', $reply, $matches)) {
$mime_type = $matches[0];
}
}
}
if (empty($mime_type)) {
// Fallback solution: try to guess the type by the file extension
// TODO: add more ...
switch (strtolower(strrchr(basename($fspath), "."))) {
case ".html":
$mime_type = "text/html";
break;
case ".txt":
$mime_type = "text/plain";
break;
case ".css":
$mime_type = "text/css";
break;
case ".gif":
$mime_type = "image/gif";
break;
case ".jpg":
$mime_type = "image/jpeg";
break;
case ".jpg":
$mime_type = "png/jpeg";
break;
default:
$mime_type = "application/octet-stream";
break;
}
}
return $mime_type;
}
/**
* detect if a given program is found in the search PATH
*
* helper function used by _mimetype() to detect if the
* external 'file' utility is available
*
* @param string program name
* @param string optional search path, defaults to $PATH
* @return bool true if executable program found in path
*/
function canExecute($name, $path = false)
{
// path defaults to PATH from environment if not set
if ($path === false) {
$path = getenv("PATH");
}
// check method depends on operating system
if (!strncmp(PHP_OS, "WIN", 3)) {
// on Windows an appropriate COM or EXE file needs to exist
$exts = array(".exe", ".com");
$check_fn = "file_exists";
} else {
// anywhere else we look for an executable file of that name
$exts = array("");
$check_fn = "is_executable";
}
// now check the directories in the path for the program
foreach (explode(PATH_SEPARATOR, $path) as $dir) {
// skip invalid path entries
if (!file_exists($dir)) continue;
if (!is_dir($dir)) continue;
// exit if try to access files outside our directory
if(strstr($filename,'..')<>false) exit();
OC_LOG::event($_SESSION['username'],3,$dir.'/'.$file);
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($filename));
readfile($filename);
}
exit;
}
// and now look for the file
foreach ($exts as $ext) {
if ($check_fn("$dir/$name".$ext)) return true;
}
}
return false;
}
}
function zipAddDir($dir,$zip,$internalDir=''){
$dirname=basename($dir);
$zip->addEmptyDir($internalDir.$dirname);
$internalDir.=$dirname.='/';
$files=OC_FILES::getdirectorycontent($dir);
foreach($files as $file){
$filename=$file['name'];
$file=$dir.'/'.$filename;
if(is_file($file)){
$zip->addFile($file,$internalDir.$filename);
}elseif(is_dir($file)){
zipAddDir($file,$zip,$internalDir);
}
}
}
if(!function_exists('sys_get_temp_dir')) {
function sys_get_temp_dir() {
if( $temp=getenv('TMP') ) return $temp;
if( $temp=getenv('TEMP') ) return $temp;
if( $temp=getenv('TMPDIR') ) return $temp;
$temp=tempnam(__FILE__,'');
if (file_exists($temp)) {
unlink($temp);
return dirname($temp);
}
return null;
}
}
?>
?>

277
inc/lib_user.php Normal file
View File

@ -0,0 +1,277 @@
<?php
/**
* ownCloud
*
* @author Frank Karlitschek
* @copyright 2010 Frank Karlitschek karlitschek@kde.org
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
if(!$CONFIG_INSTALLED){
$_SESSION['user_id']=false;
$_SESSION['username']='';
$_SESSION['username_clean']='';
}
/**
* Class for usermanagement
*
*/
class OC_USER {
/**
* check if the login button is pressed and logg the user in
*
*/
public static function loginlisener(){
if(isset($_POST['loginbutton']) and isset($_POST['password']) and isset($_POST['login'])){
if(OC_USER::login($_POST['login'],$_POST['password'])){
OC_LOG::event($_SESSION['username'],1,'');
return('');
}else{
return('error');
}
}
return('');
}
/**
* try to create a new user
*
*/
public static function createuser($username,$password){
if(OC_USER::getuserid($username)!=0){
return false;
}else{
$password=sha1($password);
$usernameclean=strtolower($username);
$username=mysql_escape_string($username);
$usernameclean=mysql_escape_string($usernameclean);
$query="INSERT INTO `users` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`)VALUES (NULL , '$username', '$usernameclean', '$password')";
$result=OC_DB::query($query);
return ($result)?true:false;
}
}
/**
* try to login a user
*
*/
public static function login($username,$password){
$password=sha1($password);
$usernameclean=strtolower($username);
$username=mysql_escape_string($username);
$usernameclean=mysql_escape_string($usernameclean);
$query="SELECT user_id FROM `users` WHERE `user_name_clean` = '$usernameclean' AND `user_password` = '$password' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_id'])){
$_SESSION['user_id']=$result[0]['user_id'];
$_SESSION['username']=$username;
$_SESSION['username_clean']=$usernameclean;
return true;
}else{
return false;
}
}
/**
* check if the logout button is pressed and logout the user
*
*/
public static function logoutlisener(){
if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){
OC_LOG::event($_SESSION['username'],2,'');
$_SESSION['user_id']=false;
$_SESSION['username']='';
$_SESSION['username_clean']='';
}
}
/**
* check if a user is logged in
*
*/
public static function isLoggedIn(){
return (isset($_SESSION['user_id']) && $_SESSION['user_id'])?true:false;
}
/**
* try to create a new group
*
*/
public static function creategroup($groupname){
if(OC_USER::getgroupid($groupname)==0){
$groupname=mysql_escape_string($groupname);
$query="INSERT INTO `groups` (`group_id` ,`group_name`) VALUES (NULL , '$groupname');";
$result=OC_DB::query($query);
return ($result)?true:false;
}else{
return false;
}
}
/**
* get the id of a user
*
*/
public static function getuserid($username){
$usernameclean=strtolower($username);
$username=mysql_escape_string($username);
$usernameclean=mysql_escape_string($usernameclean);
$query="SELECT user_id FROM `users` WHERE `user_name_clean` = '$usernameclean' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_id'])){
return $result[0]['user_id'];
}else{
return 0;
}
}
/**
* get the id of a group
*
*/
public static function getgroupid($groupname){
$groupname=mysql_escape_string($groupname);
$query="SELECT group_id FROM `groups` WHERE `group_name` = '$groupname' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['group_id'])){
return $result[0]['group_id'];
}else{
return 0;
}
}
/**
* get the name of a group
*
*/
public static function getgroupname($groupid){
$groupid=(integer)$groupid;
$query="SELECT group_name FROM `groups` WHERE `group_id` = '$groupid' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['group_name'])){
return $result[0]['group_name'];
}else{
return 0;
}
}
/**
* check if a user belongs to a group
*
*/
public static function ingroup($username,$groupname){
$userid=OC_USER::getuserid($username);
$groupid=OC_USER::getgroupid($groupname);
if($groupid>0 and $userid>0){
$query="SELECT user_group_id FROM `user_group` WHERE `group_id` = '$groupid ' AND `user_id` = '$userid 'LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_group_id'])){
return true;
}else{
return false;
}
}else{
return false;
}
}
/**
* add a user to a group
*
*/
public static function addtogroup($username,$groupname){
if(!OC_USER::ingroup($username,$groupname)){
$userid=OC_USER::getuserid($username);
$groupid=OC_USER::getgroupid($groupname);
if($groupid!=0 and $userid!=0){
$query="INSERT INTO `user_group` (`user_group_id` ,`user_id` ,`group_id`) VALUES (NULL , '$userid', '$groupid');";
$result=OC_DB::query($query);
if($result){
return true;
}else{
return false;
}
}else{
return false;
}
}else{
return true;
}
}
public static function generatepassword(){
return uniqid();
}
/**
* get all groups the user belongs to
*
*/
public static function getusergroups($username){
$userid=OC_USER::getuserid($username);
$query="SELECT group_id FROM `user_group` WHERE `user_id` = '$userid'";
$result=OC_DB::select($query);
$groups=array();
if(is_array($result)){
foreach($result as $group){
$groupid=$group['group_id'];
$groups[]=OC_USER::getgroupname($groupid);
}
}
return $groups;
}
/**
* set the password of a user
*
*/
public static function setpassword($username,$password){
$password=sha1($password);
$userid=OC_USER::getuserid($username);
$query="UPDATE `users` SET `user_password` = '$password' WHERE `user_id` =$userid LIMIT 1 ;";
$result=OC_DB::query($query);
if($result){
return true;
}else{
return false;
}
}
/**
* check the password of a user
*
*/
public static function checkpassword($username,$password){
$password=sha1($password);
$usernameclean=strtolower($username);
$username=mysql_escape_string($username);
$usernameclean=mysql_escape_string($usernameclean);
$query="SELECT user_id FROM `users` WHERE `user_name_clean` = '$usernameclean' AND `user_password` = '$password' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){
return true;
}else{
return false;
}
}
}
?>

106
inc/templates/adminform.php Normal file
View File

@ -0,0 +1,106 @@
<?php
global $FIRSTRUN;
global $CONFIG_ERROR;
if(!isset($fillDB)) $fillDB=true;
if(!isset($CONFIG_DBHOST)) $CONFIG_DBHOST='localhost';
if(!isset($CONFIG_DBUSER)) $CONFIG_DBUSER='owncloud';
$newuserpassword=OC_USER::generatepassword();
?>
<script type="text/javascript">
function showDBAdmin(){
var show=document.getElementById('dbcreate').checked;
document.getElementById('dbAdminUser').style.display=(show)?'table-row':'none';
document.getElementById('dbAdminPwd').style.display=(show)?'table-row':'none';
}
function dbtypechange(){
var dropdown=action=document.getElementById('dbtype');
var type=dropdown.options[dropdown.selectedIndex].value;
var inputs=Array('dbhost','dbuser','dbpass','dbpass_retype','dbcreaterow','dbAdminPwd','dbAdminUser');
var id,element;
if(type=='sqlite'){
for(i in inputs){
id=inputs[i];
element=document.getElementById(id);
if(element){
element.style.display='none';
}
}
}else if(type=='mysql'){
for(i in inputs){
id=inputs[i];
element=document.getElementById(id);
if(element){
element.style.display='table-row';
}
}
showDBAdmin()
}
}
</script>
<form method="post" enctype="multipart/form-data">
<table cellpadding="5" cellspacing="5" border="0" class="loginform">
<?php
if(!empty($CONFIG_ERROR) and !$FIRSTRUN){
echo "<tr><td colspan='3' class='error'>$CONFIG_ERROR</td></tr>";
}
if(!$FIRSTRUN){?>
<tr><td>current password</td><td><input type="password" name="currentpassword" size="30" class="formstyle"></input></td></tr>
<?php
}
if($FIRSTRUN){?>
<tr><td>admin login:</td><td><input type="text" name="adminlogin" size="30" class="formstyle" value=""></input></td></tr>
<tr><td>admin password:</td><td><input type="password" name="adminpassword" size="30" class="formstyle"></input></td><td>(leave empty to keep current password)</td></tr>
<tr><td>retype admin password:</td><td><input type="password" name="adminpassword2" size="30" class="formstyle"></input></td></tr>
<?php
}
?>
<tr><td>data directory:</td><td><input type="text" name="datadirectory" size="30" class="formstyle" value="<?php echo($CONFIG_DATADIRECTORY);?>"></input></td></tr>
<tr><td>force ssl:</td><td><input type="checkbox" name="forcessl" size="30" class="formstyle" value='<?php echo($CONFIG_HTTPFORCESSL);?>'></input></td></tr>
<tr><td>date format:</td><td><input type="text" name="dateformat" size="30" class="formstyle" value='<?php echo($CONFIG_DATEFORMAT);?>'></input></td></tr>
<tr><td>database type:</td><td>
<select id='dbtype' name="dbtype" onchange='dbtypechange()'>
<?php
global $CONFIG_DBTYPE;
if($CONFIG_DBTYPE=='sqlite'){
?>
<option value="sqlite">SQLite</option>
<option value="mysql">MySQL</option>
<?php
}else{
?>
<option value="mysql">MySQL</option>
<option value="sqlite">SQLite</option>
<?php
}
?>
</select>
</td></tr>
<tr id='dbhost'><td>database host:</td><td><input type="text" name="dbhost" size="30" class="formstyle" value='<?php echo($CONFIG_DBHOST);?>'></input></td></tr>
<tr><td>database name:</td><td><input type="text" name="dbname" size="30" class="formstyle" value='<?php echo($CONFIG_DBNAME);?>'></input></td></tr>
<tr id='dbuser'><td>database user:</td><td><input type="text" name="dbuser" size="30" class="formstyle" value='<?php echo($CONFIG_DBUSER);?>'></input></td></tr>
<tr id='dbpass'><td>database password:</td><td><input type="password" name="dbpassword" size="30" class="formstyle" value=''></input></td><td>(leave empty to keep current password)</td></tr>
<tr id='dbpass_retype'><td>retype database password:</td><td><input type="password" name="dbpassword2" size="30" class="formstyle" value=''></input></td></tr>
<tr id='dbcreaterow'><td>create database and user:</td><td><input id='dbcreate' type="checkbox" name="createdatabase" size="30" class="formstyle" value='1' <?php if($FIRSTRUN) echo 'checked'; ?> onchange='showDBAdmin()'></input></td></tr>
<tr id='dbAdminUser'><td>database administrative user:</td><td><input type="text" name="dbadminuser" size="30" class="formstyle" value='root'></input></td></tr>
<tr id='dbAdminPwd'><td>database administrative password:</td><td><input type="password" name="dbadminpwd" size="30" class="formstyle" value=''></input></td></tr>
<tr><td>automaticly fill initial database:</td><td><input type="checkbox" name="filldb" size="30" class="formstyle" value='1' <?php if($FIRSTRUN) echo 'checked'; ?>></input></td></tr>
<tr><td></td><td><input type="submit" name="set_config" alt="save" value="save" class="formstyle" /></td></tr>
</table></form><br/>
<?php
if(!$FIRSTRUN){?>
<br/>
<form method="post" enctype="multipart/form-data">
<table cellpadding="5" cellspacing="5" border="0" class="loginform">
<tr><td colspan='2'>Create new user:</td></tr>
<tr><td>user name</td><td><input type='text' name='new_username' class="formstyle"></input></td></tr>
<tr><td>password</td><td><input type='text' name='new_password' class="formstyle" autocomplete="off" value='<?php echo($newuserpassword);?>'></input></td></tr>
<tr><td></td><td><input type='submit' value='create' class="formstyle"></input></td></tr>
</table>
</form>
<?php
}
?>
<script type="text/javascript">
dbtypechange()
</script>

99
inc/templates/configform.php
View File

@ -4,85 +4,48 @@ global $CONFIG_ERROR;
if(!isset($fillDB)) $fillDB=true;
if(!isset($CONFIG_DBHOST)) $CONFIG_DBHOST='localhost';
if(!isset($CONFIG_DBUSER)) $CONFIG_DBUSER='owncloud';
$newuserpassword=OC_USER::generatepassword();
?>
<script type="text/javascript">
function showDBAdmin(){
var show=document.getElementById('dbcreate').checked;
document.getElementById('dbAdminUser').style.display=(show)?'table-row':'none';
document.getElementById('dbAdminPwd').style.display=(show)?'table-row':'none';
}
function dbtypechange(){
var dropdown=action=document.getElementById('dbtype');
var type=dropdown.options[dropdown.selectedIndex].value;
var inputs=Array('dbhost','dbuser','dbpass','dbpass_retype','dbcreaterow','dbAdminPwd','dbAdminUser');
var id,element;
if(type=='sqlite'){
for(i in inputs){
id=inputs[i];
element=document.getElementById(id);
if(element){
element.style.display='none';
}
}
}else if(type=='mysql'){
for(i in inputs){
id=inputs[i];
element=document.getElementById(id);
if(element){
element.style.display='table-row';
}
}
showDBAdmin()
}
changepassset=function(){
var change=document.getElementById('changepass').checked;
if(!change){
document.getElementById('new_password').style.display='none';
document.getElementById('new_password_retype').style.display='none';
}else{
document.getElementById('new_password').style.display='table-row';
document.getElementById('new_password_retype').style.display='table-row';
}
}
</script>
<form method="post" enctype="multipart/form-data">
<input type='hidden' name='config' value='1'>
<table cellpadding="5" cellspacing="5" border="0" class="loginform">
<?php
if(!empty($CONFIG_ERROR) and !$FIRSTRUN){
echo "<tr><td colspan='3' class='error'>$CONFIG_ERROR</td></tr>";
}
if(!$FIRSTRUN){?>
<tr><td>current password</td><td><input type="password" name="currentpassword" size="30" class="formstyle"></input></td></tr>
<?php
}
?>
<tr><td>admin login:</td><td><input type="text" name="adminlogin" size="30" class="formstyle" value="<?php echo($CONFIG_ADMINLOGIN);?>"></input></td></tr>
<tr><td>admin password:</td><td><input type="password" name="adminpassword" size="30" class="formstyle"></input></td><td>(leave empty to keep current password)</td></tr>
<tr><td>retype admin password:</td><td><input type="password" name="adminpassword2" size="30" class="formstyle"></input></td></tr>
<tr><td>data directory:</td><td><input type="text" name="datadirectory" size="30" class="formstyle" value="<?php echo($CONFIG_DATADIRECTORY);?>"></input></td></tr>
<tr><td>force ssl:</td><td><input type="checkbox" name="forcessl" size="30" class="formstyle" value='<?php echo($CONFIG_HTTPFORCESSL);?>'></input></td></tr>
<tr><td>date format:</td><td><input type="text" name="dateformat" size="30" class="formstyle" value='<?php echo($CONFIG_DATEFORMAT);?>'></input></td></tr>
<tr><td>database type:</td><td>
<select id='dbtype' name="dbtype" onchange='dbtypechange()'>
<?php
global $CONFIG_DBTYPE;
if($CONFIG_DBTYPE=='sqlite'){
?>
<option value="sqlite">SQLite</option>
<option value="mysql">MySQL</option>
<?php
}else{
?>
<option value="mysql">MySQL</option>
<option value="sqlite">SQLite</option>
<tr><td>enter password</td><td><input type="password" name="currentpassword" size="30" class="formstyle"></input></td></tr>
<tr><td>change password:</td><td><input onchange='changepassset()' id='changepass' type="checkbox" name="changepass" size="30" class="formstyle" value='1'></input></td></tr>
<tr style='display:none' id='new_password'><td>new password:</td><td><input type="password" name="password" size="30" class="formstyle"></input></td></tr>
<tr style='display:none' id='new_password_retype'><td>retype admin password:</td><td><input type="password" name="password2" size="30" class="formstyle"></input></td></tr>
</table>
</form>
Groups:
<form method="post" enctype="multipart/form-data">
<input type='hidden' name='creategroup' value='1'>
<table cellpadding="5" cellspacing="5" border="0" class="loginform">
<tr><td colspan='2' class='center'>Current groups</td></tr>
<?php
$groups=OC_USER::getusergroups($_SESSION['username']);
foreach($groups as $group){
?>
<tr><td><?php echo $group;?></td></tr>
<?php
}
?>
</select>
</td></tr>
<tr id='dbhost'><td>database host:</td><td><input type="text" name="dbhost" size="30" class="formstyle" value='<?php echo($CONFIG_DBHOST);?>'></input></td></tr>
<tr><td>database name:</td><td><input type="text" name="dbname" size="30" class="formstyle" value='<?php echo($CONFIG_DBNAME);?>'></input></td></tr>
<tr id='dbuser'><td>database user:</td><td><input type="text" name="dbuser" size="30" class="formstyle" value='<?php echo($CONFIG_DBUSER);?>'></input></td></tr>
<tr id='dbpass'><td>database password:</td><td><input type="password" name="dbpassword" size="30" class="formstyle" value=''></input></td><td>(leave empty to keep current password)</td></tr>
<tr id='dbpass_retype'><td>retype database password:</td><td><input type="password" name="dbpassword2" size="30" class="formstyle" value=''></input></td></tr>
<tr id='dbcreaterow'><td>create database and user:</td><td><input id='dbcreate' type="checkbox" name="createdatabase" size="30" class="formstyle" value='1' <?php if($FIRSTRUN) echo 'checked'; ?> onchange='showDBAdmin()'></input></td></tr>
<tr id='dbAdminUser'><td>database administrative user:</td><td><input type="text" name="dbadminuser" size="30" class="formstyle" value='root'></input></td></tr>
<tr id='dbAdminPwd'><td>database administrative password:</td><td><input type="password" name="dbadminpwd" size="30" class="formstyle" value=''></input></td></tr>
<tr><td>automaticly fill initial database:</td><td><input type="checkbox" name="filldb" size="30" class="formstyle" value='1' <?php if($FIRSTRUN) echo 'checked'; ?>></input></td></tr>
<tr><td></td><td><input type="submit" name="set_config" alt="save" value="save" class="formstyle" /></td></tr>
</table></form>
<script type="text/javascript">
dbtypechange()
</script>
<tr><td colspan='2' class='center'>Create new group</td></tr>
<tr><td><input type='text' name='groupname' class="formstyle"></input></td><td><input type='submit' value='create' class="formstyle"></input></td></tr>
</table>
</form>

19
inc/templates/header.php
View File

@ -4,7 +4,7 @@
<head>
<title>ownCloud</title>
<base href="<?php echo($WEBROOT); ?>/"/>
<link rel="stylesheet" type="text/css" href="css/default.php"/>
<link rel="stylesheet" type="text/css" href="<?php echo($WEBROOT)?>/css/default.php"/>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_ajax.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_timer.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_notification.js'></script>
@ -12,6 +12,7 @@
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_files.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_event.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_drag.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_api.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/filebrowser.js'></script>
<?php
foreach(OC_UTIL::$scripts as $script){
@ -31,15 +32,25 @@ echo('<h1><a id="owncloud-logo" href="'.$WEBROOT.'"><span>ownCloud</span></a></h
// check if already configured. otherwise start configuration wizard
$error=OC_CONFIG::writeconfiglisener();
$error=OC_CONFIG::writeadminlisener();
if($e=OC_CONFIG::configlisener()){
$error.=$e;
}
if($e=OC_CONFIG::createuserlisener()){
$error.=$e;
}
if($e=OC_CONFIG::creategrouplisener()){
$error.=$e;
}
$CONFIG_ERROR=$error;
if(empty($CONFIG_ADMINLOGIN)) {
global $CONFIG_INSTALLED;
if(!$CONFIG_INSTALLED) {
global $FIRSTRUN;
$FIRSTRUN=true;
echo('<div class="center">');
echo('<p class="errortext">'.$error.'</p>');
echo('<p class="highlighttext">First Run Wizard</p>');
OC_CONFIG::showconfigform();
OC_CONFIG::showadminform();
echo('</div>');
OC_UTIL::showfooter();
exit();

6
js/filebrowser.js
View File

@ -129,16 +129,16 @@ OC_FILES.browser.files.show=function(parent,fileList){
for(name in fileList){
file=fileList[name];
if(!OC_FILES.browser.files.fileNodes[file.name]){
OC_FILES.browser.files.add(file.name,file.type,file.size,file.date);
OC_FILES.browser.files.add(file.name,file.type,file.size,file.date,file.mime);
}
}
}
}
OC_FILES.browser.files.add=function(name,type,size,date){
OC_FILES.browser.files.add=function(name,type,size,date,mime){
if(name){
if(!size) size=0;
if(!date) date=getTimeString();
OC_FILES.files[name]=new OC_FILES.file(OC_FILES.dir,name,type);
OC_FILES.files[name]=new OC_FILES.file(OC_FILES.dir,name,type,mime);
tr=document.createElement('tr');
OC_FILES.browser.files.fileNodes[name]=tr;
OC_FILES.browser.files.tbody.appendChild(tr);

26
files/delete.php → js/lib_api.js
View File

@ -1,5 +1,3 @@
<?php
/**
* ownCloud - ajax frontend
*
@ -20,17 +18,17 @@
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
require_once('../inc/lib_base.php');
$dir=$_GET['dir'];
$file=$_GET['file'];
if(isset($_SESSION['username']) and $_SESSION['username'] and strpos($dir,'..')===false){
$file=$CONFIG_DATADIRECTORY.'/'.$dir.'/'.$file;
if(is_file($file)){
unlink($file);
}elseif(is_dir($file)){
rmdir($file);
OC_API=new Object();
OC_API.run=function(action,params,callback,callbackparams){
var xmlloader=new OCXMLLoader();
xmlloader.setCallBack(callback);
xmlloader.method="POST";
var paramString='action='+action;
for(name in params){
paramString+='&'+name+'='+encodeURIComponent(params[name]);
}
}
?>
xmlloader.arg=callbackparams;
xmlloader.load('files/api.php',paramString);
}

116
js/lib_files.js
View File

@ -49,7 +49,7 @@ OC_FILES.getdirectorycontent_parse=function(req){
if(fileElements.length>0){
for(index=0;index<fileElements.length;index++){
var file=new Array();
var attributes=Array('size','name','type','directory','date');
var attributes=Array('size','name','type','directory','date','mime');
for(i in attributes){
var name=attributes[i];
file[name]=fileElements.item(index).getAttribute(name);
@ -87,6 +87,10 @@ OC_FILES.getdirectorycontent=function(dir,callback,refresh){
OC_FILES.dir='';
OC_FILES.get=function(dir,file){
window.location='files/get_file.php?dir='+encodeURIComponent(dir)+'&files='+encodeURIComponent(file);
}
OC_FILES.upload=function(dir,iframeId){
var file=new Object;
var fileSelector=document.getElementById('fileSelector');
@ -102,6 +106,11 @@ OC_FILES.upload=function(dir,iframeId){
return false;
}
}
var mime='';
if(fileSelector.files && fileSelector.files[0].type){
var mime=fileSelector.files[0].type;
}
file.dir=dir;
file.dir=dir;
file.name=name;
file.type='file';
@ -114,9 +123,10 @@ OC_FILES.upload=function(dir,iframeId){
OC_FILES.cache.incomplete[dir][name]['name']=name;
OC_FILES.cache.incomplete[dir][name]['type']='incomplete';
OC_FILES.cache.incomplete[dir][name]['size']=size;
OC_FILES.cache.incomplete[dir][name]['mime']=mime;
OC_FILES.uploadIFrames[iframeId].file=file;
OC_FILES.uploadIFrames[iframeId].addEvent('onload',new callBack(OC_FILES.upload_callback,OC_FILES.uploadIFrames[iframeId]));
OC_FILES.browser.files.add(name,'incomplete',size);
OC_FILES.browser.files.add(name,'incomplete',size,null,mime);
OC_FILES.uploadForm.submit();
if(OC_FILES.uploadForm.parentElement){
OC_FILES.uploadForm.className='hidden';
@ -137,7 +147,7 @@ OC_FILES.upload_callback=function(iframeId){
OC_FILES.cache.files[file.name]['type']=file.type;
this.uploadForm.parentNode.removeChild(this.uploadForm);
this.parentNode.removeChild(this);
delete OC_FILES.uploadIFrames[file.iframeId];
OC_FILES.uploadIFrames[file.iframeId]=null;
OC_FILES.browser.show(file.dir);
}
}
@ -154,14 +164,12 @@ OC_FILES.rename=function(dir,file,event){
OC_FILES.browser.show(OC_FILES.dir);
return false;
}
xmlloader=new OCXMLLoader();
xmlloader.setCallBack(OC_FILES.rename_callback);
xmlloader.arg=new Object;
xmlloader.arg.oldname=file;
xmlloader.arg.newname=newname;
xmlloader.arg.dir=dir;
xmlloader.arg.type=OC_FILES.cache.files[file]['type'];
xmlloader.load('files/rename.php?dir='+dir+'&file='+file+'&newname='+newname);
arg=new Object;
arg.oldname=file;
arg.newname=newname;
arg.dir=dir;
arg.type=OC_FILES.cache.files[file]['type'];
OC_API.run('rename',{dir:dir,file:file,newname:newname},OC_FILES.rename_callback,arg)
if(!OC_FILES.cache.incomplete[dir]){
OC_FILES.cache.incomplete[dir]=Array();
}
@ -184,12 +192,9 @@ OC_FILES.rename_callback=function(req,file){
}
OC_FILES.remove=function(dir,file){
remove=confirm('remove file \''+file+'\'?');
remove=confirm('delete file \''+file+'\'?');
if(remove){
xmlloader=new OCXMLLoader();
xmlloader.setCallBack(OC_FILES.remove_callback);
xmlloader.arg=file;
xmlloader.load('files/delete.php?dir='+dir+'&file='+file);
OC_API.run('delete',{dir:dir,file:file},OC_FILES.remove_callback,file)
OC_FILES.browser.files.remove(file);
delete OC_FILES.cache.files[file];
}
@ -212,13 +217,11 @@ OC_FILES.getSelected=function(){
}
OC_FILES.newFile=function(type,name,dir){
xmlloader=new OCXMLLoader();
xmlloader.arg=new Object;
xmlloader.arg.name=name;
xmlloader.arg.dir=dir;
xmlloader.arg.type=type;
xmlloader.setCallBack(OC_FILES.new_callback);
xmlloader.load('files/new.php?type='+type+'&dir='+dir+'&name='+name);
arg=new Object;
arg.name=name;
arg.dir=dir;
arg.type=type;
OC_API.run('new',{dir:dir,name:name,type:type},OC_FILES.new_callback,arg)
if(!OC_FILES.cache.incomplete[dir]){
OC_FILES.cache.incomplete[dir]=Array();
}
@ -233,8 +236,9 @@ OC_FILES.new_callback=function(req,file){
OC_FILES.cache.files[file.name]=OC_FILES.cache.incomplete[file.dir][file.name];
delete OC_FILES.cache.incomplete[file.dir][file.name];
OC_FILES.cache.files[file.name]['type']=file.type;
OC_FILES.browser.files.remove(name);
OC_FILES.browser.show(OC_FILES.dir);
OC_FILES.browser.files.remove(file.name);
// OC_FILES.browser.files.add(name);
OC_FILES.browser.show(OC_FILES.dir,true);
}
OC_FILES.move=function(source,target,sourceDir,targetDir){
@ -248,17 +252,15 @@ OC_FILES.move=function(source,target,sourceDir,targetDir){
if(!OC_FILES.cache.incomplete[targetDir+'/'+target]){
OC_FILES.cache.incomplete[targetDir+'/'+target]=Array();
}
xmlloader=new OCXMLLoader();
xmlloader.arg=new Object;
xmlloader.arg.source=source;
xmlloader.arg.target=target;
xmlloader.arg.sourceDir=sourceDir;
xmlloader.arg.targetDir=targetDir;
xmlloader.arg.type=OC_FILES.cache.files[source]['type'];
arg=new Object;
arg.source=source;
arg.target=target;
arg.sourceDir=sourceDir;
arg.targetDir=targetDir;
arg.type=OC_FILES.cache.files[source]['type'];
OC_FILES.cache.files[source]['type']='incomplete';
OC_FILES.cache.incomplete[targetDir+'/'+target][source]=OC_FILES.cache.files[source]
xmlloader.setCallBack(OC_FILES.move_callback);
xmlloader.load('files/move.php?sourcedir='+sourceDir+'&targetdir='+targetDir+'&source='+source+'&target='+target);
OC_FILES.cache.incomplete[targetDir+'/'+target][source]=OC_FILES.cache.files[source];
OC_API.run('move',{sourcedir:sourceDir,source:source,targetdir:targetDir,target:target},OC_FILES.move_callback,arg);
}
}
@ -293,11 +295,12 @@ OC_FILES.actions_selected.download=function(){
if(files.length==0){
return false;
}else if(files.length>1){
files.join(';');
files=files.join(';');
}else{
files=files[0];
}
window.location=WEBROOT+'/files/get_file.php?dir='+OC_FILES.dir+'&files='+files;
OC_FILES.get(dir,files);
// window.location=WEBROOT+'/files/get_file.php?dir='+OC_FILES.dir+'&files='+files;
}
OC_FILES.actions_selected['delete']=function(){
@ -309,11 +312,17 @@ OC_FILES.actions_selected['delete']=function(){
OC_FILES.files=Array();
OC_FILES.file=function(dir,file,type){
OC_FILES.file=function(dir,file,type,mime){
if(file){
this.type=type;
this.file=file;
this.dir=dir;
this.mime=mime;
if(mime){
var mimeParts=mime.split('/');
this.mime1=mimeParts[0];
this.mime2=mimeParts[1];
}
this.actions=new Object();
if(file.lastIndexOf('.')){
this.extention=file.substr(file.lastIndexOf('.')+1);
@ -332,10 +341,17 @@ OC_FILES.file=function(dir,file,type){
}
}
}
if(OC_FILES.fileActions[this.extention]){
for(index in OC_FILES.fileActions[this.extention]){
if(OC_FILES.fileActions[this.extention][index].call){
this.actions[index]=OC_FILES.fileActions[this.extention][index];
if(OC_FILES.fileActions[this.mime1]){
for(index in OC_FILES.fileActions[this.mime1]){
if(OC_FILES.fileActions[this.mime1][index].call){
this.actions[index]=OC_FILES.fileActions[this.mime1][index];
}
}
}
if(OC_FILES.fileActions[this.mime]){
for(index in OC_FILES.fileActions[this.mime]){
if(OC_FILES.fileActions[this.mime][index].call){
this.actions[index]=OC_FILES.fileActions[this.mime][index];
}
}
}
@ -361,7 +377,7 @@ OC_FILES.fileActions.all.rename=function(){
OC_FILES.browser.show_rename(this.dir,this.file);
}
OC_FILES.fileActions.all.download=function(){
window.location=WEBROOT+'/files/get_file.php?dir='+this.dir+'&files='+this.file;
OC_FILES.get(this.dir,this.file);
}
OC_FILES.fileActions.all['default']=OC_FILES.fileActions.all.download;
@ -373,19 +389,13 @@ OC_FILES.fileActions.dir.open=function(){
OC_FILES.fileActions.dir['default']=OC_FILES.fileActions.dir.open;
OC_FILES.fileActions.dir.dropOn=function(file){
OC_FILES.move(file.file,this.file,file.dir,this.dir);
OC_FILES.move(file.file,file.file,file.dir,this.dir+'/'+this.file);
}
OC_FILES.fileActions.jpg=new Object()
OC_FILES.fileActions.image=new Object()
OC_FILES.fileActions.jpg.show=function(){
// window.open(WEBROOT+'/files/open_file.php?dir='+this.dir+'&file='+this.file);
OC_FILES.fileActions.image.show=function(){
OC_FILES.browser.showImage(this.dir,this.file);
}
OC_FILES.fileActions.jpg['default']=OC_FILES.fileActions.jpg.show;
OC_FILES.fileActions.jpeg=OC_FILES.fileActions.jpg
OC_FILES.fileActions.png=OC_FILES.fileActions.jpg
OC_FILES.fileActions.gif=OC_FILES.fileActions.jpg
OC_FILES.fileActions.bmp=OC_FILES.fileActions.jpg
OC_FILES.fileActions.image['default']=OC_FILES.fileActions.image.show;

17
webdav/owncloud.php
View File

@ -23,7 +23,7 @@
require_once('../inc/lib_base.php');
require_once('HTTP/WebDAV/Server/Filesystem.php');
oc_require_once('HTTP/WebDAV/Server/Filesystem.php');
ini_set('default_charset', 'UTF-8');
@ -38,12 +38,15 @@ if(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['REDIRECT_REMOTE_USER']))
$user=$_SERVER['PHP_AUTH_USER'];
$passwd=$_SERVER['PHP_AUTH_PW'];
if(($user==$CONFIG_ADMINLOGIN) and ($passwd==$CONFIG_ADMINPASSWORD )){
$server = new HTTP_WebDAV_Server_Filesystem();
$server->db_name = $CONFIG_DBNAME;
$server->ServeRequest($CONFIG_DATADIRECTORY);
if(OC_USER::login($user,$passwd)){
$CONFIG_DATADIRECTORY=$SERVERROOT.'/data/'.$_SESSION['username_clean'];
if(!is_dir($CONFIG_DATADIRECTORY)){
mkdir($CONFIG_DATADIRECTORY);
}
$server = new HTTP_WebDAV_Server_Filesystem();
$server->db_name = $CONFIG_DBNAME;
$server->ServeRequest($CONFIG_DATADIRECTORY);
}else{
header('WWW-Authenticate: Basic realm="ownCloud"');
header('HTTP/1.0 401 Unauthorized');