.
*
*/
// set some stuff
ob_start();
// error_reporting(E_ALL | E_STRICT);
error_reporting(E_ALL); // MDB2 gives loads of strict error, disabling for now
date_default_timezone_set('Europe/Berlin');
ini_set('arg_separator.output','&');
ini_set('session.cookie_httponly','1;');
session_start();
// calculate the documentroot
$SERVERROOT=substr(__FILE__,0,-17);
$DOCUMENTROOT=$_SERVER['DOCUMENT_ROOT'];
$SERVERROOT=str_replace("\\",'/',$SERVERROOT);
if(strpos($SERVERROOT,$DOCUMENTROOT)===0){
//if the serverroot is a subdir of the documentroot we can use this
$count=strlen($DOCUMENTROOT);
$WEBROOT=substr($SERVERROOT,$count);
}else{
//try some common patterns
$WEBROOT='';
if(strpos($_SERVER['REQUEST_URI'],'/~')!==false){
//owncloud is probable installed in a users home folder, extract the username from the uri and use it as base for the webroot
$part=substr($_SERVER['REQUEST_URI'],strpos($_SERVER['REQUEST_URI'],'/~')+1);
$part=substr($part,0,strpos($part,'/'));
$WEBROOT.='/'.$part;
}
if(strpos($SERVERROOT,'public_html')!==false){
//a common used folder name for websevers to store their sites
if($WEBROOT{strlen($WEBROOT)-1}!=='/'){
$WEBROOT.='/';
}
$WEBROOT.=substr($SERVERROOT,strpos($SERVERROOT,'public_html')+strlen('public_html'));
}
}
if($WEBROOT{0}!=='/' and $WEBROOT!=''){
$WEBROOT='/'.$WEBROOT;
}
// $WEBROOT='http://localhost'.$WEBROOT;
// set the right include path
// set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config');
// define default config values
$CONFIG_INSTALLED=false;
$CONFIG_DATADIRECTORY=$SERVERROOT.'/data';
$CONFIG_BACKUPDIRECTORY=$SERVERROOT.'/backup';
$CONFIG_HTTPFORCESSL=false;
$CONFIG_ENABLEBACKUP=false;
$CONFIG_DATEFORMAT='j M Y G:i';
$CONFIG_DBNAME='owncloud';
$CONFIG_DBTYPE='sqlite';
// include the generated configfile
@include_once($SERVERROOT.'/config/config.php');
$CONFIG_DATADIRECTORY_ROOT=$CONFIG_DATADIRECTORY;// store this in a seperate variable so we can change the data directory to jail users.
// redirect to https site if configured
if(isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL){
if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') {
$url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
header("Location: $url");
exit;
}
}
// load core libs
oc_require_once('lib_files.php');
oc_require_once('lib_filesystem.php');
oc_require_once('lib_filestorage.php');
oc_require_once('lib_fileobserver.php');
oc_require_once('lib_log.php');
oc_require_once('lib_config.php');
oc_require_once('lib_user.php');
oc_require_once('lib_ocs.php');
@oc_require_once('MDB2.php');
@oc_require_once('MDB2/Schema.php');
oc_require_once('lib_connect.php');
if(!is_dir($CONFIG_DATADIRECTORY_ROOT)){
@mkdir($CONFIG_DATADIRECTORY_ROOT) or die("Can't create data directory ($CONFIG_DATADIRECTORY_ROOT), you can usually fix this by setting the owner of '$SERVERROOT' to the user that the web server uses (www-data for debian/ubuntu)");
}
if(OC_USER::isLoggedIn()){
//jail the user in a seperate data folder
$CONFIG_DATADIRECTORY=$CONFIG_DATADIRECTORY_ROOT.'/'.$_SESSION['username_clean'];
if(!is_dir($CONFIG_DATADIRECTORY)){
mkdir($CONFIG_DATADIRECTORY);
}
$rootStorage=new OC_FILESTORAGE_LOCAL(array('datadir'=>$CONFIG_DATADIRECTORY));
if($CONFIG_ENABLEBACKUP){
if(!is_dir($CONFIG_BACKUPDIRECTORY)){
mkdir($CONFIG_BACKUPDIRECTORY);
}
if(!is_dir($CONFIG_BACKUPDIRECTORY.'/'.$_SESSION['username_clean'])){
mkdir($CONFIG_BACKUPDIRECTORY.'/'.$_SESSION['username_clean']);
}
$backupStorage=new OC_FILESTORAGE_LOCAL(array('datadir'=>$CONFIG_BACKUPDIRECTORY.'/'.$_SESSION['username_clean']));
$backup=new OC_FILEOBSERVER_BACKUP(array('storage'=>$backupStorage));
$rootStorage->addObserver($backup);
}
OC_FILESYSTEM::mount($rootStorage,'/');
}
// load plugins
$CONFIG_LOADPLUGINS='';
$plugins=explode(' ',$CONFIG_LOADPLUGINS);
if(isset($plugins[0]['url'])) foreach($plugins as $plugin) oc_require_once('plugins/'.$plugin.'/lib_'.$plugin.'.php');
// check if the server is correctly configured for ownCloud
OC_UTIL::checkserver();
// listen for login or logout actions
OC_USER::logoutlisener();
$loginresult=OC_USER::loginlisener();
/**
* Class for utility functions
*
*/
class OC_UTIL {
public static $scripts=array();
/**
* add a javascript file
*
* @param url $url
*/
public static function addscript($url){
self::$scripts[]=$url;
}
/**
* array to store all the optional navigation buttons of the plugins
*
*/
static private $NAVIGATION = array();
/**
* check if the current server configuration is suitable for ownCloud
*
*/
public static function checkserver(){
global $SERVERROOT;
global $CONFIG_DATADIRECTORY_ROOT;
global $CONFIG_BACKUPDIRECTORY;
global $CONFIG_ENABLEBACKUP;
global $CONFIG_INSTALLED;
$error='';
if(!is_callable('sqlite_open') and !is_callable('mysql_connect')){
$error.='No database drivers (sqlite or mysql) installed.
';
}
global $CONFIG_DBTYPE;
global $CONFIG_DBNAME;
if($CONFIG_DBTYPE=='sqlite'){
$file=$SERVERROOT.'/'.$CONFIG_DBNAME;
if(file_exists($file)){
$prems=substr(decoct(fileperms($file)),-3);
if(substr($prems,2,1)!='0'){
@chmod($file,0660);
clearstatcache();
$prems=substr(decoct(fileperms($file)),-3);
if(substr($prems,2,1)!='0'){
$error.='SQLite database file ('.$file.') is readable from the web
';
}
}
}
}
$prems=substr(decoct(fileperms($CONFIG_DATADIRECTORY_ROOT)),-3);
if(substr($prems,-1)!='0'){
chmodr($CONFIG_DATADIRECTORY_ROOT,0770);
clearstatcache();
$prems=substr(decoct(fileperms($CONFIG_DATADIRECTORY_ROOT)),-3);
if(substr($prems,2,1)!='0'){
$error.='Data directory ('.$CONFIG_DATADIRECTORY_ROOT.') is readable from the web
';
}
}
if($CONFIG_ENABLEBACKUP){
$prems=substr(decoct(fileperms($CONFIG_BACKUPDIRECTORY)),-3);
if(substr($prems,-1)!='0'){
chmodr($CONFIG_BACKUPDIRECTORY,0770);
clearstatcache();
$prems=substr(decoct(fileperms($CONFIG_BACKUPDIRECTORY)),-3);
if(substr($prems,2,1)!='0'){
$error.='Data directory ('.$CONFIG_BACKUPDIRECTORY.') is readable from the web
';
}
}
}
if($error){
die($error);
}
}
/**
* show the header of the web GUI
*
*/
public static function showheader(){
global $CONFIG_ADMINLOGIN;
global $WEBROOT;
oc_require('templates/header.php');;
}
/**
* check if we need to use the layout optimized for smaller screen, currently only checks for iPhone/Android
* @return bool
*/
public static function hasSmallScreen(){
$userAgent=strtolower($_SERVER['HTTP_USER_AGENT']);
if(strpos($userAgent,'android') or strpos($userAgent,'iphone') or strpos($userAgent,'ipod')){//todo, add support for more devices
return true;
}
return false;
}
/**
* show the footer of the web GUI
*
*/
public static function showfooter(){
global $CONFIG_FOOTEROWNERNAME;
global $CONFIG_FOOTEROWNEREMAIL;
oc_require('templates/footer.php');;
}
/**
* add an navigationentry to the main navigation
*
* @param name $name
* @param url $url
*/
public static function addnavigationentry($name,$url) {
$entry=array();
$entry['name']=$name;
$entry['url']=$url;
OC_UTIL::$NAVIGATION[]=$entry;
}
/**
* show the main navigation
*
*/
public static function shownavigation(){
global $WEBROOT;
global $SERVERROOT;
echo('
'.$_SESSION['username'].' | '); if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/index.php') echo('Files | '); else echo('Files | '); foreach(OC_UTIL::$NAVIGATION as $NAVI) { if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo(''.$NAVI['name'].' | '); else echo(''.$NAVI['name'].' | '); } if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('Log | '); else echo('Log | '); if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('Settings | '); else echo('Settings | '); if(OC_USER::ingroup($_SESSION['username'],'admin')){ if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo('Admin Panel | '); else echo('Admin Panel | '); } echo('Logout | '); echo('