Blame view
sources/lib/base.php
30.3 KB
03e52840d
Init
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
<?php
/**
* ownCloud
*
* @author Frank Karlitschek
* @copyright 2012 Frank Karlitschek frank@owncloud.org
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
require_once 'public/constants.php';
/**
* Class that is a namespace for all global OC variables
* No, we can not put this class in its own file because it is used by
* OC_autoload!
*/
class OC {
/**
* Associative array for autoloading. classname => filename
*/
public static $CLASSPATH = array();
/**
* The installation path for owncloud on the server (e.g. /srv/http/owncloud)
*/
public static $SERVERROOT = '';
/**
* the current request path relative to the owncloud root (e.g. files/index.php)
*/
private static $SUBURI = '';
/**
* the owncloud root path for http requests (e.g. owncloud/)
*/
public static $WEBROOT = '';
/**
* The installation path of the 3rdparty folder on the server (e.g. /srv/http/owncloud/3rdparty)
*/
public static $THIRDPARTYROOT = '';
/**
* the root path of the 3rdparty folder for http requests (e.g. owncloud/3rdparty)
*/
public static $THIRDPARTYWEBROOT = '';
/**
* The installation path array of the apps folder on the server (e.g. /srv/http/owncloud) 'path' and
* web path in 'url'
*/
public static $APPSROOTS = array();
/*
* requested app
*/
public static $REQUESTEDAPP = '';
/*
* requested file of app
*/
public static $REQUESTEDFILE = '';
/**
* check if owncloud runs in cli mode
*/
public static $CLI = false;
|
|
31b7f2792
Upgrade to ownclo...
|
72 73 74 |
/** * @var OC_Router |
|
03e52840d
Init
|
75 76 77 78 |
*/ protected static $router = null; /** |
|
31b7f2792
Upgrade to ownclo...
|
79 |
* @var \OC\Session\Session |
|
03e52840d
Init
|
80 |
*/ |
|
31b7f2792
Upgrade to ownclo...
|
81 |
public static $session = null; |
|
03e52840d
Init
|
82 |
|
|
31b7f2792
Upgrade to ownclo...
|
83 84 85 86 87 88 89 90 91 |
/** * @var \OC\Autoloader $loader */ public static $loader = null; /** * @var \OC\Server */ public static $server = null; |
|
03e52840d
Init
|
92 93 94 95 96 97 98 99 |
public static function initPaths() {
// calculate the root directories
OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4));
// ensure we can find OC_Config
set_include_path(
OC::$SERVERROOT . '/lib' . PATH_SEPARATOR .
|
|
31b7f2792
Upgrade to ownclo...
|
100 |
get_include_path() |
|
03e52840d
Init
|
101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 |
);
OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)));
$scriptName = OC_Request::scriptName();
if (substr($scriptName, -1) == '/') {
$scriptName .= 'index.php';
//make sure suburi follows the same rules as scriptName
if (substr(OC::$SUBURI, -9) != 'index.php') {
if (substr(OC::$SUBURI, -1) != '/') {
OC::$SUBURI = OC::$SUBURI . '/';
}
OC::$SUBURI = OC::$SUBURI . 'index.php';
}
}
OC::$WEBROOT = substr($scriptName, 0, strlen($scriptName) - strlen(OC::$SUBURI));
if (OC::$WEBROOT != '' and OC::$WEBROOT[0] !== '/') {
OC::$WEBROOT = '/' . OC::$WEBROOT;
}
// search the 3rdparty folder
if (OC_Config::getValue('3rdpartyroot', '') <> '' and OC_Config::getValue('3rdpartyurl', '') <> '') {
OC::$THIRDPARTYROOT = OC_Config::getValue('3rdpartyroot', '');
OC::$THIRDPARTYWEBROOT = OC_Config::getValue('3rdpartyurl', '');
} elseif (file_exists(OC::$SERVERROOT . '/3rdparty')) {
OC::$THIRDPARTYROOT = OC::$SERVERROOT;
OC::$THIRDPARTYWEBROOT = OC::$WEBROOT;
} elseif (file_exists(OC::$SERVERROOT . '/../3rdparty')) {
OC::$THIRDPARTYWEBROOT = rtrim(dirname(OC::$WEBROOT), '/');
OC::$THIRDPARTYROOT = rtrim(dirname(OC::$SERVERROOT), '/');
} else {
|
|
31b7f2792
Upgrade to ownclo...
|
133 |
throw new Exception('3rdparty directory not found! Please put the ownCloud 3rdparty'
|
|
03e52840d
Init
|
134 135 |
.' folder in the ownCloud folder or the folder above.' .' You can also configure the location in the config.php file.'); |
|
03e52840d
Init
|
136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 |
}
// search the apps folder
$config_paths = OC_Config::getValue('apps_paths', array());
if (!empty($config_paths)) {
foreach ($config_paths as $paths) {
if (isset($paths['url']) && isset($paths['path'])) {
$paths['url'] = rtrim($paths['url'], '/');
$paths['path'] = rtrim($paths['path'], '/');
OC::$APPSROOTS[] = $paths;
}
}
} elseif (file_exists(OC::$SERVERROOT . '/apps')) {
OC::$APPSROOTS[] = array('path' => OC::$SERVERROOT . '/apps', 'url' => '/apps', 'writable' => true);
} elseif (file_exists(OC::$SERVERROOT . '/../apps')) {
OC::$APPSROOTS[] = array(
'path' => rtrim(dirname(OC::$SERVERROOT), '/') . '/apps',
'url' => '/apps',
'writable' => true
);
}
if (empty(OC::$APPSROOTS)) {
|
|
31b7f2792
Upgrade to ownclo...
|
158 |
throw new Exception('apps directory not found! Please put the ownCloud apps folder in the ownCloud folder'
|
|
03e52840d
Init
|
159 |
.' or the folder above. You can also configure the location in the config.php file.'); |
|
03e52840d
Init
|
160 161 162 163 164 165 166 167 |
}
$paths = array();
foreach (OC::$APPSROOTS as $path) {
$paths[] = $path['path'];
}
// set the right include path
set_include_path(
|
|
31b7f2792
Upgrade to ownclo...
|
168 169 170 171 172 173 |
OC::$SERVERROOT . '/lib/private' . PATH_SEPARATOR . OC::$SERVERROOT . '/config' . PATH_SEPARATOR . OC::$THIRDPARTYROOT . '/3rdparty' . PATH_SEPARATOR . implode($paths, PATH_SEPARATOR) . PATH_SEPARATOR . get_include_path() . PATH_SEPARATOR . OC::$SERVERROOT |
|
03e52840d
Init
|
174 175 176 177 178 179 180 |
);
}
public static function checkConfig() {
if (file_exists(OC::$SERVERROOT . "/config/config.php")
and !is_writable(OC::$SERVERROOT . "/config/config.php")) {
$defaults = new OC_Defaults();
|
|
31b7f2792
Upgrade to ownclo...
|
181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 |
if (self::$CLI) {
echo "Can't write into config directory!
";
echo "This can usually be fixed by giving the webserver write access to the config directory
";
echo "
";
echo "See " . \OC_Helper::linkToDocs('admin-dir_permissions') . "
";
exit;
} else {
OC_Template::printErrorPage(
"Can't write into config directory!",
'This can usually be fixed by '
.'<a href="' . \OC_Helper::linkToDocs('admin-dir_permissions') . '" target="_blank">giving the webserver write access to the config directory</a>.'
);
}
|
|
03e52840d
Init
|
198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 |
}
}
public static function checkInstalled() {
// Redirect to installer if not installed
if (!OC_Config::getValue('installed', false) && OC::$SUBURI != '/index.php') {
if (!OC::$CLI) {
$url = 'http://' . $_SERVER['SERVER_NAME'] . OC::$WEBROOT . '/index.php';
header("Location: $url");
}
exit();
}
}
public static function checkSSL() {
// redirect to https site if configured
if (OC_Config::getValue("forcessl", false)) {
header('Strict-Transport-Security: max-age=31536000');
ini_set("session.cookie_secure", "on");
if (OC_Request::serverProtocol() <> 'https' and !OC::$CLI) {
$url = "https://" . OC_Request::serverHost() . OC_Request::requestUri();
header("Location: $url");
exit();
}
} else {
// Invalidate HSTS headers
if (OC_Request::serverProtocol() === 'https') {
header('Strict-Transport-Security: max-age=0');
}
}
}
public static function checkMaintenanceMode() {
// Allow ajax update script to execute without being stopped
if (OC_Config::getValue('maintenance', false) && OC::$SUBURI != '/core/ajax/update.php') {
// send http status 503
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
header('Retry-After: 120');
// render error page
|
|
31b7f2792
Upgrade to ownclo...
|
239 |
$tmpl = new OC_Template('', 'update.user', 'guest');
|
|
03e52840d
Init
|
240 |
$tmpl->printPage(); |
|
31b7f2792
Upgrade to ownclo...
|
241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 |
die();
}
}
public static function checkSingleUserMode() {
$user = OC_User::getUserSession()->getUser();
$group = OC_Group::getManager()->get('admin');
if ($user && OC_Config::getValue('singleuser', false) && !$group->inGroup($user)) {
// send http status 503
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
header('Retry-After: 120');
// render error page
$tmpl = new OC_Template('', 'singleuser.user', 'guest');
$tmpl->printPage();
die();
|
|
03e52840d
Init
|
258 259 260 261 262 263 264 265 266 267 268 269 270 271 |
}
}
public static function checkUpgrade($showTemplate = true) {
if (OC_Config::getValue('installed', false)) {
$installedVersion = OC_Config::getValue('version', '0.0.0');
$currentVersion = implode('.', OC_Util::getVersion());
if (version_compare($currentVersion, $installedVersion, '>')) {
if ($showTemplate && !OC_Config::getValue('maintenance', false)) {
OC_Config::setValue('theme', '');
$minimizerCSS = new OC_Minimizer_CSS();
$minimizerCSS->clearCache();
$minimizerJS = new OC_Minimizer_JS();
$minimizerJS->clearCache();
|
|
31b7f2792
Upgrade to ownclo...
|
272 273 |
OC_Util::addScript('update');
$tmpl = new OC_Template('', 'update.admin', 'guest');
|
|
03e52840d
Init
|
274 275 276 277 278 279 280 281 282 283 284 285 286 |
$tmpl->assign('version', OC_Util::getVersionString());
$tmpl->printPage();
exit();
} else {
return true;
}
}
return false;
}
}
public static function initTemplateEngine() {
// Add the stuff we need always
|
|
31b7f2792
Upgrade to ownclo...
|
287 288 |
OC_Util::addScript("jquery-1.10.0.min");
OC_Util::addScript("jquery-migrate-1.2.1.min");
|
|
03e52840d
Init
|
289 290 291 |
OC_Util::addScript("jquery-ui-1.10.0.custom");
OC_Util::addScript("jquery-showpassword");
OC_Util::addScript("jquery.infieldlabel");
|
|
31b7f2792
Upgrade to ownclo...
|
292 |
OC_Util::addScript("jquery.placeholder");
|
|
03e52840d
Init
|
293 294 |
OC_Util::addScript("jquery-tipsy");
OC_Util::addScript("compatibility");
|
|
31b7f2792
Upgrade to ownclo...
|
295 |
OC_Util::addScript("jquery.ocdialog");
|
|
03e52840d
Init
|
296 297 |
OC_Util::addScript("oc-dialogs");
OC_Util::addScript("js");
|
|
31b7f2792
Upgrade to ownclo...
|
298 |
OC_Util::addScript("octemplate");
|
|
03e52840d
Init
|
299 300 301 302 303 |
OC_Util::addScript("eventsource");
OC_Util::addScript("config");
//OC_Util::addScript( "multiselect" );
OC_Util::addScript('search', 'result');
OC_Util::addScript('router');
|
|
31b7f2792
Upgrade to ownclo...
|
304 305 306 307 308 309 310 311 312 |
OC_Util::addScript("oc-requesttoken");
// avatars
if (\OC_Config::getValue('enable_avatars', true) === true) {
\OC_Util::addScript('placeholder');
\OC_Util::addScript('3rdparty', 'md5/md5.min');
\OC_Util::addScript('jquery.avatar');
\OC_Util::addScript('avatar');
}
|
|
03e52840d
Init
|
313 314 |
OC_Util::addStyle("styles");
|
|
31b7f2792
Upgrade to ownclo...
|
315 316 |
OC_Util::addStyle("apps");
OC_Util::addStyle("fixes");
|
|
03e52840d
Init
|
317 318 319 |
OC_Util::addStyle("multiselect");
OC_Util::addStyle("jquery-ui-1.10.0.custom");
OC_Util::addStyle("jquery-tipsy");
|
|
31b7f2792
Upgrade to ownclo...
|
320 |
OC_Util::addStyle("jquery.ocdialog");
|
|
03e52840d
Init
|
321 322 323 324 325 |
}
public static function initSession() {
// prevents javascript from accessing php session cookies
ini_set('session.cookie_httponly', '1;');
|
|
31b7f2792
Upgrade to ownclo...
|
326 327 328 |
// set the cookie path to the ownCloud directory
$cookie_path = OC::$WEBROOT ? : '/';
ini_set('session.cookie_path', $cookie_path);
|
|
03e52840d
Init
|
329 |
|
|
31b7f2792
Upgrade to ownclo...
|
330 331 |
//set the session object to a dummy session so code relying on the session existing still works
self::$session = new \OC\Session\Memory('');
|
|
03e52840d
Init
|
332 |
|
|
31b7f2792
Upgrade to ownclo...
|
333 334 335 336 337 338 339 340 |
try {
// set the session name to the instance id - which is unique
self::$session = new \OC\Session\Internal(OC_Util::getInstanceId());
// if session cant be started break with http 500 error
} catch (Exception $e) {
//show the user a detailed error page
OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR);
OC_Template::printExceptionErrorPage($e);
|
|
03e52840d
Init
|
341 342 343 344 |
} $sessionLifeTime = self::getSessionLifeTime(); // regenerate session id periodically to avoid session fixation |
|
31b7f2792
Upgrade to ownclo...
|
345 346 347 |
if (!self::$session->exists('SID_CREATED')) {
self::$session->set('SID_CREATED', time());
} else if (time() - self::$session->get('SID_CREATED') > $sessionLifeTime / 2) {
|
|
03e52840d
Init
|
348 |
session_regenerate_id(true); |
|
31b7f2792
Upgrade to ownclo...
|
349 |
self::$session->set('SID_CREATED', time());
|
|
03e52840d
Init
|
350 351 352 |
} // session timeout |
|
31b7f2792
Upgrade to ownclo...
|
353 |
if (self::$session->exists('LAST_ACTIVITY') && (time() - self::$session->get('LAST_ACTIVITY') > $sessionLifeTime)) {
|
|
03e52840d
Init
|
354 |
if (isset($_COOKIE[session_name()])) {
|
|
31b7f2792
Upgrade to ownclo...
|
355 |
setcookie(session_name(), '', time() - 42000, $cookie_path); |
|
03e52840d
Init
|
356 357 358 359 360 |
} session_unset(); session_destroy(); session_start(); } |
|
31b7f2792
Upgrade to ownclo...
|
361 362 |
self::$session->set('LAST_ACTIVITY', time());
|
|
03e52840d
Init
|
363 364 365 366 367 368 369 370 |
}
/**
* @return int
*/
private static function getSessionLifeTime() {
return OC_Config::getValue('session_lifetime', 60 * 60 * 24);
}
|
|
31b7f2792
Upgrade to ownclo...
|
371 372 373 |
/** * @return OC_Router */ |
|
03e52840d
Init
|
374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 |
public static function getRouter() {
if (!isset(OC::$router)) {
OC::$router = new OC_Router();
OC::$router->loadRoutes();
}
return OC::$router;
}
public static function loadAppClassPaths() {
foreach (OC_APP::getEnabledApps() as $app) {
$file = OC_App::getAppPath($app) . '/appinfo/classpath.php';
if (file_exists($file)) {
require_once $file;
}
}
}
public static function init() {
// register autoloader
|
|
31b7f2792
Upgrade to ownclo...
|
396 397 398 399 400 401 402 403 404 405 |
require_once __DIR__ . '/autoloader.php';
self::$loader = new \OC\Autoloader();
self::$loader->registerPrefix('Doctrine\\Common', 'doctrine/common/lib');
self::$loader->registerPrefix('Doctrine\\DBAL', 'doctrine/dbal/lib');
self::$loader->registerPrefix('Symfony\\Component\\Routing', 'symfony/routing');
self::$loader->registerPrefix('Symfony\\Component\\Console', 'symfony/console');
self::$loader->registerPrefix('Sabre\\VObject', '3rdparty');
self::$loader->registerPrefix('Sabre_', '3rdparty');
self::$loader->registerPrefix('Patchwork', '3rdparty');
spl_autoload_register(array(self::$loader, 'load'));
|
|
03e52840d
Init
|
406 407 408 409 410 411 412 413 414 415 416 417 418 |
// set some stuff
//ob_start();
error_reporting(E_ALL | E_STRICT);
if (defined('DEBUG') && DEBUG) {
ini_set('display_errors', 1);
}
self::$CLI = (php_sapi_name() == 'cli');
date_default_timezone_set('UTC');
ini_set('arg_separator.output', '&');
// try to switch magic quotes off.
|
|
31b7f2792
Upgrade to ownclo...
|
419 |
if (get_magic_quotes_gpc() == 1) {
|
|
03e52840d
Init
|
420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 |
ini_set('magic_quotes_runtime', 0);
}
//try to configure php to enable big file uploads.
//this doesn´t work always depending on the webserver and php configuration.
//Let´s try to overwrite some defaults anyways
//try to set the maximum execution time to 60min
@set_time_limit(3600);
@ini_set('max_execution_time', 3600);
@ini_set('max_input_time', 3600);
//try to set the maximum filesize to 10G
@ini_set('upload_max_filesize', '10G');
@ini_set('post_max_size', '10G');
@ini_set('file_uploads', '50');
//copy http auth headers for apache+php-fcgid work around
if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
}
//set http auth headers for apache+php-cgi work around
if (isset($_SERVER['HTTP_AUTHORIZATION'])
|
|
31b7f2792
Upgrade to ownclo...
|
444 445 |
&& preg_match('/Basic\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)
) {
|
|
03e52840d
Init
|
446 447 448 449 450 451 452 |
list($name, $password) = explode(':', base64_decode($matches[1]), 2);
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
//set http auth headers for apache+php-cgi work around if variable gets renamed by apache
if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])
|
|
31b7f2792
Upgrade to ownclo...
|
453 454 |
&& preg_match('/Basic\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)
) {
|
|
03e52840d
Init
|
455 456 457 458 459 460 |
list($name, $password) = explode(':', base64_decode($matches[1]), 2);
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
self::initPaths();
|
|
31b7f2792
Upgrade to ownclo...
|
461 462 463 464 465 466 467 468 469 |
if (OC_Config::getValue('instanceid', false)) {
// \OC\Memcache\Cache has a hidden dependency on
// OC_Util::getInstanceId() for namespacing. See #5409.
try {
self::$loader->setMemoryCache(\OC\Memcache\Factory::createLowLatency('Autoloader'));
} catch(\Exception $ex) {
}
}
OC_Util::isSetLocaleWorking();
|
|
03e52840d
Init
|
470 471 472 473 474 475 476 |
// set debug mode if an xdebug session is active
if (!defined('DEBUG') || !DEBUG) {
if (isset($_COOKIE['XDEBUG_SESSION'])) {
define('DEBUG', true);
}
}
|
|
31b7f2792
Upgrade to ownclo...
|
477 478 479 480 481 482 483 |
if (!defined('PHPUNIT_RUN')) {
if (defined('DEBUG') and DEBUG) {
set_exception_handler(array('OC_Template', 'printExceptionErrorPage'));
} else {
OC\Log\ErrorHandler::register();
OC\Log\ErrorHandler::setLogger(OC_Log::$object);
}
|
|
03e52840d
Init
|
484 485 486 487 488 489 |
}
// register the stream wrappers
stream_wrapper_register('fakedir', 'OC\Files\Stream\Dir');
stream_wrapper_register('static', 'OC\Files\Stream\StaticStream');
stream_wrapper_register('close', 'OC\Files\Stream\Close');
|
|
31b7f2792
Upgrade to ownclo...
|
490 |
stream_wrapper_register('quota', 'OC\Files\Stream\Quota');
|
|
03e52840d
Init
|
491 |
stream_wrapper_register('oc', 'OC\Files\Stream\OC');
|
|
31b7f2792
Upgrade to ownclo...
|
492 493 |
// setup the basic server self::$server = new \OC\Server(); |
|
03e52840d
Init
|
494 |
self::initTemplateEngine(); |
|
31b7f2792
Upgrade to ownclo...
|
495 496 497 498 499 |
if (!self::$CLI) {
self::initSession();
} else {
self::$session = new \OC\Session\Memory('');
}
|
|
03e52840d
Init
|
500 501 502 |
self::checkConfig(); self::checkInstalled(); self::checkSSL(); |
|
03e52840d
Init
|
503 504 505 |
$errors = OC_Util::checkServer();
if (count($errors) > 0) {
|
|
31b7f2792
Upgrade to ownclo...
|
506 507 508 509 510 511 512 513 514 515 516 |
if (self::$CLI) {
foreach ($errors as $error) {
echo $error['error']."
";
echo $error['hint'] . "
";
}
} else {
OC_Template::printGuestPage('', 'error', array('errors' => $errors));
}
|
|
03e52840d
Init
|
517 518 519 520 521 522 523 524 525 |
exit;
}
//try to set the session lifetime
$sessionLifeTime = self::getSessionLifeTime();
@ini_set('gc_maxlifetime', (string)$sessionLifeTime);
// User and Groups
if (!OC_Config::getValue("installed", false)) {
|
|
31b7f2792
Upgrade to ownclo...
|
526 |
self::$session->set('user_id', '');
|
|
03e52840d
Init
|
527 528 529 530 |
} OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); |
|
31b7f2792
Upgrade to ownclo...
|
531 532 533 534 535 536 537 |
if (isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('user_id')
&& $_SERVER['PHP_AUTH_USER'] != self::$session->get('user_id')) {
$sessionUser = self::$session->get('user_id');
$serverUser = $_SERVER['PHP_AUTH_USER'];
OC_Log::write('core',
"Session user-id ($sessionUser) doesn't match SERVER[PHP_AUTH_USER] ($serverUser).",
OC_Log::WARN);
|
|
03e52840d
Init
|
538 539 540 541 542 543 544 |
OC_User::logout(); } // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; |
|
31b7f2792
Upgrade to ownclo...
|
545 |
if (!$RUNTIME_NOAPPS && !self::checkUpgrade(false)) {
|
|
03e52840d
Init
|
546 547 548 549 550 551 552 553 554 555 556 557 |
if ($RUNTIME_APPTYPES) {
OC_App::loadApps($RUNTIME_APPTYPES);
} else {
OC_App::loadApps();
}
}
//setup extra user backends
OC_User::setupBackends();
self::registerCacheHooks();
self::registerFilesystemHooks();
|
|
31b7f2792
Upgrade to ownclo...
|
558 |
self::registerPreviewHooks(); |
|
03e52840d
Init
|
559 |
self::registerShareHooks(); |
|
31b7f2792
Upgrade to ownclo...
|
560 |
self::registerLogRotate(); |
|
03e52840d
Init
|
561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 |
//make sure temporary files are cleaned up
register_shutdown_function(array('OC_Helper', 'cleanTmp'));
//parse the given parameters
self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? OC_App::cleanAppId(strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'));
if (substr_count(self::$REQUESTEDAPP, '?') != 0) {
$app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?'));
$param = substr($_GET['app'], strpos($_GET['app'], '?') + 1);
parse_str($param, $get);
$_GET = array_merge($_GET, $get);
self::$REQUESTEDAPP = $app;
$_GET['app'] = $app;
}
self::$REQUESTEDFILE = (isset($_GET['getfile']) ? $_GET['getfile'] : null);
if (substr_count(self::$REQUESTEDFILE, '?') != 0) {
$file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?'));
$param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1);
parse_str($param, $get);
$_GET = array_merge($_GET, $get);
self::$REQUESTEDFILE = $file;
$_GET['getfile'] = $file;
}
if (!is_null(self::$REQUESTEDFILE)) {
$subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE;
$parent = OC_App::getAppPath(OC::$REQUESTEDAPP);
if (!OC_Helper::issubdirectory($subdir, $parent)) {
self::$REQUESTEDFILE = null;
header('HTTP/1.0 404 Not Found');
exit;
}
}
|
|
03e52840d
Init
|
593 594 595 596 597 598 599 600 601 602 603 |
if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) {
if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') {
OC_Util::addScript('backgroundjobs');
}
}
}
/**
* register hooks for the cache
*/
public static function registerCacheHooks() {
|
|
31b7f2792
Upgrade to ownclo...
|
604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 |
if (OC_Config::getValue('installed', false)) { //don't try to do this before we are properly setup
// register cache cleanup jobs
try { //if this is executed before the upgrade to the new backgroundjob system is completed it will throw an exception
\OCP\BackgroundJob::registerJob('OC\Cache\FileGlobalGC');
} catch (Exception $e) {
}
// NOTE: This will be replaced to use OCP
$userSession = \OC_User::getUserSession();
$userSession->listen('postLogin', '\OC\Cache\File', 'loginListener');
}
}
/**
* register hooks for the cache
*/
public static function registerLogRotate() {
if (OC_Config::getValue('installed', false) && OC_Config::getValue('log_rotate_size', false)) {
//don't try to do this before we are properly setup
// register cache cleanup jobs
try { //if this is executed before the upgrade to the new backgroundjob system is completed it will throw an exception
\OCP\BackgroundJob::registerJob('OC\Log\Rotate', OC_Config::getValue("datadirectory", OC::$SERVERROOT.'/data').'/owncloud.log');
} catch (Exception $e) {
}
}
|
|
03e52840d
Init
|
630 631 632 633 634 635 636 637 638 639 640 641 |
}
/**
* register hooks for the filesystem
*/
public static function registerFilesystemHooks() {
// Check for blacklisted files
OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted');
OC_Hook::connect('OC_Filesystem', 'rename', 'OC_Filesystem', 'isBlacklisted');
}
/**
|
|
31b7f2792
Upgrade to ownclo...
|
642 643 644 645 646 647 648 649 650 651 |
* register hooks for previews
*/
public static function registerPreviewHooks() {
OC_Hook::connect('OC_Filesystem', 'post_write', 'OC\Preview', 'post_write');
OC_Hook::connect('OC_Filesystem', 'delete', 'OC\Preview', 'post_delete');
OC_Hook::connect('\OCP\Versions', 'delete', 'OC\Preview', 'post_delete');
OC_Hook::connect('\OCP\Trashbin', 'delete', 'OC\Preview', 'post_delete');
}
/**
|
|
03e52840d
Init
|
652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 |
* register hooks for sharing
*/
public static function registerShareHooks() {
if(\OC_Config::getValue('installed')) {
OC_Hook::connect('OC_User', 'post_deleteUser', 'OCP\Share', 'post_deleteUser');
OC_Hook::connect('OC_User', 'post_addToGroup', 'OCP\Share', 'post_addToGroup');
OC_Hook::connect('OC_User', 'post_removeFromGroup', 'OCP\Share', 'post_removeFromGroup');
OC_Hook::connect('OC_User', 'post_deleteGroup', 'OCP\Share', 'post_deleteGroup');
}
}
/**
* @brief Handle the request
*/
public static function handleRequest() {
// load all the classpaths from the enabled apps so they are available
// in the routing files of each app
OC::loadAppClassPaths();
// Check if ownCloud is installed or in maintenance (update) mode
if (!OC_Config::getValue('installed', false)) {
require_once 'core/setup.php';
exit();
}
$request = OC_Request::getPathInfo();
if(substr($request, -3) !== '.js') {// we need these files during the upgrade
self::checkMaintenanceMode();
self::checkUpgrade();
}
|
|
31b7f2792
Upgrade to ownclo...
|
682 |
// Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP |
|
03e52840d
Init
|
683 |
OC::tryBasicAuthLogin(); |
|
31b7f2792
Upgrade to ownclo...
|
684 |
if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) {
|
|
03e52840d
Init
|
685 686 687 688 |
try {
if (!OC_Config::getValue('maintenance', false)) {
OC_App::loadApps();
}
|
|
31b7f2792
Upgrade to ownclo...
|
689 |
self::checkSingleUserMode(); |
|
03e52840d
Init
|
690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 |
OC::getRouter()->match(OC_Request::getRawPathInfo());
return;
} catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
//header('HTTP/1.0 404 Not Found');
} catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
OC_Response::setStatus(405);
return;
}
}
$app = OC::$REQUESTEDAPP;
$file = OC::$REQUESTEDFILE;
$param = array('app' => $app, 'file' => $file);
// Handle app css files
if (substr($file, -3) == 'css') {
self::loadCSSFile($param);
return;
}
// Handle redirect URL for logged in users
if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
$location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
// Deny the redirect if the URL contains a @
// This prevents unvalidated redirects like ?redirect_url=:user@domain.com
|
|
31b7f2792
Upgrade to ownclo...
|
715 |
if (strpos($location, '@') === false) {
|
|
03e52840d
Init
|
716 717 718 719 720 721 |
header('Location: ' . $location);
return;
}
}
// Handle WebDAV
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
|
|
31b7f2792
Upgrade to ownclo...
|
722 723 724 725 726 |
// not allowed any more to prevent people
// mounting this root directly.
// Users need to mount remote.php/webdav instead.
header('HTTP/1.1 405 Method Not Allowed');
header('Status: 405 Method Not Allowed');
|
|
03e52840d
Init
|
727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 |
return;
}
// Someone is logged in :
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
OC_User::setupBackends();
if (isset($_GET["logout"]) and ($_GET["logout"])) {
if (isset($_COOKIE['oc_token'])) {
OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
}
OC_User::logout();
header("Location: " . OC::$WEBROOT . '/');
} else {
if (is_null($file)) {
$param['file'] = 'index.php';
}
$file_ext = substr($param['file'], -3);
if ($file_ext != 'php'
|| !self::loadAppScriptFile($param)
) {
header('HTTP/1.0 404 Not Found');
}
}
return;
}
// Not handled and not logged in
self::handleLogin();
}
public static function loadAppScriptFile($param) {
OC_App::loadApps();
$app = $param['app'];
$file = $param['file'];
$app_path = OC_App::getAppPath($app);
|
|
31b7f2792
Upgrade to ownclo...
|
762 763 764 765 766 767 768 |
if (OC_App::isEnabled($app) && $app_path !== false) {
$file = $app_path . '/' . $file;
unset($app, $app_path);
if (file_exists($file)) {
require_once $file;
return true;
}
|
|
03e52840d
Init
|
769 |
} |
|
31b7f2792
Upgrade to ownclo...
|
770 |
header('HTTP/1.0 404 Not Found');
|
|
03e52840d
Init
|
771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 |
return false;
}
public static function loadCSSFile($param) {
$app = $param['app'];
$file = $param['file'];
$app_path = OC_App::getAppPath($app);
if (file_exists($app_path . '/' . $file)) {
$app_web_path = OC_App::getAppWebPath($app);
$filepath = $app_web_path . '/' . $file;
$minimizer = new OC_Minimizer_CSS();
$info = array($app_path, $app_web_path, $file);
$minimizer->output(array($info), $filepath);
}
}
protected static function handleLogin() {
OC_App::loadApps(array('prelogin'));
$error = array();
|
|
31b7f2792
Upgrade to ownclo...
|
790 791 792 793 794 |
// auth possible via apache module?
if (OC::tryApacheAuth()) {
$error[] = 'apacheauthfailed';
}
|
|
03e52840d
Init
|
795 |
// remember was checked after last login |
|
31b7f2792
Upgrade to ownclo...
|
796 |
elseif (OC::tryRememberLogin()) {
|
|
03e52840d
Init
|
797 |
$error[] = 'invalidcookie'; |
|
31b7f2792
Upgrade to ownclo...
|
798 799 800 |
}
// logon via web form
elseif (OC::tryFormLogin()) {
|
|
03e52840d
Init
|
801 |
$error[] = 'invalidpassword'; |
|
31b7f2792
Upgrade to ownclo...
|
802 803 804 805 806 807 808 |
if ( OC_Config::getValue('log_authfailip', false) ) {
OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'],
OC_Log::WARN);
} else {
OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:set log_authfailip=true in conf',
OC_Log::WARN);
}
|
|
03e52840d
Init
|
809 |
} |
|
31b7f2792
Upgrade to ownclo...
|
810 |
|
|
03e52840d
Init
|
811 812 813 814 815 816 817 818 819 820 821 822 823 |
OC_Util::displayLoginPage(array_unique($error));
}
protected static function cleanupLoginTokens($user) {
$cutoff = time() - OC_Config::getValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15);
$tokens = OC_Preferences::getKeys($user, 'login_token');
foreach ($tokens as $token) {
$time = OC_Preferences::getValue($user, 'login_token', $token);
if ($time < $cutoff) {
OC_Preferences::deleteKey($user, 'login_token', $token);
}
}
}
|
|
31b7f2792
Upgrade to ownclo...
|
824 825 826 827 828 829 830 831 832 833 834 835 836 |
protected static function tryApacheAuth() {
$return = OC_User::handleApacheAuth();
// if return is true we are logged in -> redirect to the default page
if ($return === true) {
$_REQUEST['redirect_url'] = \OC_Request::requestUri();
OC_Util::redirectToDefaultPage();
exit;
}
// in case $return is null apache based auth is not enabled
return is_null($return) ? false : true;
}
|
|
03e52840d
Init
|
837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 |
protected static function tryRememberLogin() {
if (!isset($_COOKIE["oc_remember_login"])
|| !isset($_COOKIE["oc_token"])
|| !isset($_COOKIE["oc_username"])
|| !$_COOKIE["oc_remember_login"]
|| !OC_Util::rememberLoginAllowed()
) {
return false;
}
OC_App::loadApps(array('authentication'));
if (defined("DEBUG") && DEBUG) {
OC_Log::write('core', 'Trying to login from cookie', OC_Log::DEBUG);
}
// confirm credentials in cookie
if (isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username'])) {
// delete outdated cookies
self::cleanupLoginTokens($_COOKIE['oc_username']);
// get stored tokens
$tokens = OC_Preferences::getKeys($_COOKIE['oc_username'], 'login_token');
// test cookies token against stored tokens
if (in_array($_COOKIE['oc_token'], $tokens, true)) {
// replace successfully used token with a new one
OC_Preferences::deleteKey($_COOKIE['oc_username'], 'login_token', $_COOKIE['oc_token']);
|
|
31b7f2792
Upgrade to ownclo...
|
860 |
$token = OC_Util::generateRandomBytes(32); |
|
03e52840d
Init
|
861 862 863 864 |
OC_Preferences::setValue($_COOKIE['oc_username'], 'login_token', $token, time()); OC_User::setMagicInCookie($_COOKIE['oc_username'], $token); // login OC_User::setUserId($_COOKIE['oc_username']); |
|
03e52840d
Init
|
865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 |
OC_Util::redirectToDefaultPage();
// doesn't return
}
// if you reach this point you have changed your password
// or you are an attacker
// we can not delete tokens here because users may reach
// this point multiple times after a password change
OC_Log::write('core', 'Authentication cookie rejected for user ' . $_COOKIE['oc_username'], OC_Log::WARN);
}
OC_User::unsetMagicInCookie();
return true;
}
protected static function tryFormLogin() {
if (!isset($_POST["user"]) || !isset($_POST['password'])) {
return false;
}
OC_App::loadApps();
//setup extra user backends
OC_User::setupBackends();
if (OC_User::login($_POST["user"], $_POST["password"])) {
// setting up the time zone
if (isset($_POST['timezone-offset'])) {
|
|
31b7f2792
Upgrade to ownclo...
|
891 |
self::$session->set('timezone', $_POST['timezone-offset']);
|
|
03e52840d
Init
|
892 893 894 895 896 897 898 899 |
}
$userid = OC_User::getUser();
self::cleanupLoginTokens($userid);
if (!empty($_POST["remember_login"])) {
if (defined("DEBUG") && DEBUG) {
OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG);
}
|
|
31b7f2792
Upgrade to ownclo...
|
900 |
$token = OC_Util::generateRandomBytes(32); |
|
03e52840d
Init
|
901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 |
OC_Preferences::setValue($userid, 'login_token', $token, time());
OC_User::setMagicInCookie($userid, $token);
} else {
OC_User::unsetMagicInCookie();
}
OC_Util::redirectToDefaultPage();
exit();
}
return true;
}
protected static function tryBasicAuthLogin() {
if (!isset($_SERVER["PHP_AUTH_USER"])
|| !isset($_SERVER["PHP_AUTH_PW"])
) {
return false;
}
OC_App::loadApps(array('authentication'));
if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) {
//OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG);
OC_User::unsetMagicInCookie();
$_SERVER['HTTP_REQUESTTOKEN'] = OC_Util::callRegister();
}
return true;
}
}
// define runtime variables - unless this already has been done
if (!isset($RUNTIME_NOAPPS)) {
$RUNTIME_NOAPPS = false;
}
if (!function_exists('get_temp_dir')) {
function get_temp_dir() {
if ($temp = ini_get('upload_tmp_dir')) return $temp;
if ($temp = getenv('TMP')) return $temp;
if ($temp = getenv('TEMP')) return $temp;
if ($temp = getenv('TMPDIR')) return $temp;
$temp = tempnam(__FILE__, '');
if (file_exists($temp)) {
unlink($temp);
return dirname($temp);
}
if ($temp = sys_get_temp_dir()) return $temp;
return null;
}
}
OC::init();
|
|
31b7f2792
Upgrade to ownclo...
|
952 |