Blame view
sources/lib/base.php
30.3 KB
03e52840d
Init
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
<?php
/**
* ownCloud
*
* @author Frank Karlitschek
* @copyright 2012 Frank Karlitschek frank@owncloud.org
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
require_once 'public/constants.php';
/**
* Class that is a namespace for all global OC variables
* No, we can not put this class in its own file because it is used by
* OC_autoload!
*/
class OC {
/**
* Associative array for autoloading. classname => filename
*/
public static $CLASSPATH = array();
/**
* The installation path for owncloud on the server (e.g. /srv/http/owncloud)
*/
public static $SERVERROOT = '';
/**
* the current request path relative to the owncloud root (e.g. files/index.php)
*/
private static $SUBURI = '';
/**
* the owncloud root path for http requests (e.g. owncloud/)
*/
public static $WEBROOT = '';
/**
* The installation path of the 3rdparty folder on the server (e.g. /srv/http/owncloud/3rdparty)
*/
public static $THIRDPARTYROOT = '';
/**
* the root path of the 3rdparty folder for http requests (e.g. owncloud/3rdparty)
*/
public static $THIRDPARTYWEBROOT = '';
/**
* The installation path array of the apps folder on the server (e.g. /srv/http/owncloud) 'path' and
* web path in 'url'
*/
public static $APPSROOTS = array();
/*
* requested app
*/
public static $REQUESTEDAPP = '';
/*
* requested file of app
*/
public static $REQUESTEDFILE = '';
/**
* check if owncloud runs in cli mode
*/
public static $CLI = false;
|
|
31b7f2792
Upgrade to ownclo...
|
72 73 74 |
/** * @var OC_Router |
|
03e52840d
Init
|
75 76 77 78 |
*/ protected static $router = null; /** |
|
31b7f2792
Upgrade to ownclo...
|
79 |
* @var \OC\Session\Session |
|
03e52840d
Init
|
80 |
*/ |
|
31b7f2792
Upgrade to ownclo...
|
81 |
public static $session = null; |
|
03e52840d
Init
|
82 |
|
|
31b7f2792
Upgrade to ownclo...
|
83 84 85 86 87 88 89 90 91 |
/** * @var \OC\Autoloader $loader */ public static $loader = null; /** * @var \OC\Server */ public static $server = null; |
|
03e52840d
Init
|
92 93 94 95 96 97 98 99 |
public static function initPaths() {
// calculate the root directories
OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4));
// ensure we can find OC_Config
set_include_path(
OC::$SERVERROOT . '/lib' . PATH_SEPARATOR .
|
|
31b7f2792
Upgrade to ownclo...
|
100 |
get_include_path() |
|
03e52840d
Init
|
101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 |
);
OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)));
$scriptName = OC_Request::scriptName();
if (substr($scriptName, -1) == '/') {
$scriptName .= 'index.php';
//make sure suburi follows the same rules as scriptName
if (substr(OC::$SUBURI, -9) != 'index.php') {
if (substr(OC::$SUBURI, -1) != '/') {
OC::$SUBURI = OC::$SUBURI . '/';
}
OC::$SUBURI = OC::$SUBURI . 'index.php';
}
}
OC::$WEBROOT = substr($scriptName, 0, strlen($scriptName) - strlen(OC::$SUBURI));
if (OC::$WEBROOT != '' and OC::$WEBROOT[0] !== '/') {
OC::$WEBROOT = '/' . OC::$WEBROOT;
}
// search the 3rdparty folder
if (OC_Config::getValue('3rdpartyroot', '') <> '' and OC_Config::getValue('3rdpartyurl', '') <> '') {
OC::$THIRDPARTYROOT = OC_Config::getValue('3rdpartyroot', '');
OC::$THIRDPARTYWEBROOT = OC_Config::getValue('3rdpartyurl', '');
} elseif (file_exists(OC::$SERVERROOT . '/3rdparty')) {
OC::$THIRDPARTYROOT = OC::$SERVERROOT;
OC::$THIRDPARTYWEBROOT = OC::$WEBROOT;
} elseif (file_exists(OC::$SERVERROOT . '/../3rdparty')) {
OC::$THIRDPARTYWEBROOT = rtrim(dirname(OC::$WEBROOT), '/');
OC::$THIRDPARTYROOT = rtrim(dirname(OC::$SERVERROOT), '/');
} else {
|
|
31b7f2792
Upgrade to ownclo...
|
133 |
throw new Exception('3rdparty directory not found! Please put the ownCloud 3rdparty'
|
|
a293d369c
Update sources to...
|
134 135 |
. ' folder in the ownCloud folder or the folder above.' . ' You can also configure the location in the config.php file.'); |
|
03e52840d
Init
|
136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 |
}
// search the apps folder
$config_paths = OC_Config::getValue('apps_paths', array());
if (!empty($config_paths)) {
foreach ($config_paths as $paths) {
if (isset($paths['url']) && isset($paths['path'])) {
$paths['url'] = rtrim($paths['url'], '/');
$paths['path'] = rtrim($paths['path'], '/');
OC::$APPSROOTS[] = $paths;
}
}
} elseif (file_exists(OC::$SERVERROOT . '/apps')) {
OC::$APPSROOTS[] = array('path' => OC::$SERVERROOT . '/apps', 'url' => '/apps', 'writable' => true);
} elseif (file_exists(OC::$SERVERROOT . '/../apps')) {
OC::$APPSROOTS[] = array(
'path' => rtrim(dirname(OC::$SERVERROOT), '/') . '/apps',
'url' => '/apps',
'writable' => true
);
}
if (empty(OC::$APPSROOTS)) {
|
|
31b7f2792
Upgrade to ownclo...
|
158 |
throw new Exception('apps directory not found! Please put the ownCloud apps folder in the ownCloud folder'
|
|
a293d369c
Update sources to...
|
159 |
. ' or the folder above. You can also configure the location in the config.php file.'); |
|
03e52840d
Init
|
160 161 162 163 164 165 166 167 |
}
$paths = array();
foreach (OC::$APPSROOTS as $path) {
$paths[] = $path['path'];
}
// set the right include path
set_include_path(
|
|
31b7f2792
Upgrade to ownclo...
|
168 169 170 171 172 173 |
OC::$SERVERROOT . '/lib/private' . PATH_SEPARATOR . OC::$SERVERROOT . '/config' . PATH_SEPARATOR . OC::$THIRDPARTYROOT . '/3rdparty' . PATH_SEPARATOR . implode($paths, PATH_SEPARATOR) . PATH_SEPARATOR . get_include_path() . PATH_SEPARATOR . OC::$SERVERROOT |
|
03e52840d
Init
|
174 175 176 177 178 |
);
}
public static function checkConfig() {
if (file_exists(OC::$SERVERROOT . "/config/config.php")
|
|
a293d369c
Update sources to...
|
179 180 |
and !is_writable(OC::$SERVERROOT . "/config/config.php")
) {
|
|
03e52840d
Init
|
181 |
$defaults = new OC_Defaults(); |
|
31b7f2792
Upgrade to ownclo...
|
182 183 184 185 186 187 188 189 190 191 192 193 194 195 |
if (self::$CLI) {
echo "Can't write into config directory!
";
echo "This can usually be fixed by giving the webserver write access to the config directory
";
echo "
";
echo "See " . \OC_Helper::linkToDocs('admin-dir_permissions') . "
";
exit;
} else {
OC_Template::printErrorPage(
"Can't write into config directory!",
'This can usually be fixed by '
|
|
a293d369c
Update sources to...
|
196 |
. '<a href="' . \OC_Helper::linkToDocs('admin-dir_permissions') . '" target="_blank">giving the webserver write access to the config directory</a>.'
|
|
31b7f2792
Upgrade to ownclo...
|
197 198 |
); } |
|
03e52840d
Init
|
199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 |
}
}
public static function checkInstalled() {
// Redirect to installer if not installed
if (!OC_Config::getValue('installed', false) && OC::$SUBURI != '/index.php') {
if (!OC::$CLI) {
$url = 'http://' . $_SERVER['SERVER_NAME'] . OC::$WEBROOT . '/index.php';
header("Location: $url");
}
exit();
}
}
public static function checkSSL() {
// redirect to https site if configured
if (OC_Config::getValue("forcessl", false)) {
header('Strict-Transport-Security: max-age=31536000');
ini_set("session.cookie_secure", "on");
if (OC_Request::serverProtocol() <> 'https' and !OC::$CLI) {
$url = "https://" . OC_Request::serverHost() . OC_Request::requestUri();
header("Location: $url");
exit();
}
} else {
// Invalidate HSTS headers
if (OC_Request::serverProtocol() === 'https') {
header('Strict-Transport-Security: max-age=0');
}
}
}
public static function checkMaintenanceMode() {
// Allow ajax update script to execute without being stopped
if (OC_Config::getValue('maintenance', false) && OC::$SUBURI != '/core/ajax/update.php') {
// send http status 503
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
header('Retry-After: 120');
// render error page
|
|
31b7f2792
Upgrade to ownclo...
|
240 |
$tmpl = new OC_Template('', 'update.user', 'guest');
|
|
03e52840d
Init
|
241 |
$tmpl->printPage(); |
|
31b7f2792
Upgrade to ownclo...
|
242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 |
die();
}
}
public static function checkSingleUserMode() {
$user = OC_User::getUserSession()->getUser();
$group = OC_Group::getManager()->get('admin');
if ($user && OC_Config::getValue('singleuser', false) && !$group->inGroup($user)) {
// send http status 503
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
header('Retry-After: 120');
// render error page
$tmpl = new OC_Template('', 'singleuser.user', 'guest');
$tmpl->printPage();
die();
|
|
03e52840d
Init
|
259 260 |
} } |
|
a293d369c
Update sources to...
|
261 262 263 264 265 266 |
/**
* check if the instance needs to preform an upgrade
*
* @return bool
*/
public static function needUpgrade() {
|
|
03e52840d
Init
|
267 268 269 |
if (OC_Config::getValue('installed', false)) {
$installedVersion = OC_Config::getValue('version', '0.0.0');
$currentVersion = implode('.', OC_Util::getVersion());
|
|
a293d369c
Update sources to...
|
270 271 |
return version_compare($currentVersion, $installedVersion, '>');
} else {
|
|
03e52840d
Init
|
272 273 274 |
return false; } } |
|
a293d369c
Update sources to...
|
275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 |
public static function checkUpgrade($showTemplate = true) {
if (self::needUpgrade()) {
if ($showTemplate && !OC_Config::getValue('maintenance', false)) {
OC_Config::setValue('theme', '');
$minimizerCSS = new OC_Minimizer_CSS();
$minimizerCSS->clearCache();
$minimizerJS = new OC_Minimizer_JS();
$minimizerJS->clearCache();
OC_Util::addScript('config'); // needed for web root
OC_Util::addScript('update');
$tmpl = new OC_Template('', 'update.admin', 'guest');
$tmpl->assign('version', OC_Util::getVersionString());
$tmpl->printPage();
exit();
} else {
return true;
}
}
return false;
}
|
|
03e52840d
Init
|
295 296 |
public static function initTemplateEngine() {
// Add the stuff we need always
|
|
31b7f2792
Upgrade to ownclo...
|
297 298 |
OC_Util::addScript("jquery-1.10.0.min");
OC_Util::addScript("jquery-migrate-1.2.1.min");
|
|
03e52840d
Init
|
299 300 301 |
OC_Util::addScript("jquery-ui-1.10.0.custom");
OC_Util::addScript("jquery-showpassword");
OC_Util::addScript("jquery.infieldlabel");
|
|
31b7f2792
Upgrade to ownclo...
|
302 |
OC_Util::addScript("jquery.placeholder");
|
|
03e52840d
Init
|
303 304 |
OC_Util::addScript("jquery-tipsy");
OC_Util::addScript("compatibility");
|
|
31b7f2792
Upgrade to ownclo...
|
305 |
OC_Util::addScript("jquery.ocdialog");
|
|
03e52840d
Init
|
306 307 |
OC_Util::addScript("oc-dialogs");
OC_Util::addScript("js");
|
|
31b7f2792
Upgrade to ownclo...
|
308 |
OC_Util::addScript("octemplate");
|
|
03e52840d
Init
|
309 310 311 312 313 |
OC_Util::addScript("eventsource");
OC_Util::addScript("config");
//OC_Util::addScript( "multiselect" );
OC_Util::addScript('search', 'result');
OC_Util::addScript('router');
|
|
31b7f2792
Upgrade to ownclo...
|
314 315 316 317 318 319 320 321 322 |
OC_Util::addScript("oc-requesttoken");
// avatars
if (\OC_Config::getValue('enable_avatars', true) === true) {
\OC_Util::addScript('placeholder');
\OC_Util::addScript('3rdparty', 'md5/md5.min');
\OC_Util::addScript('jquery.avatar');
\OC_Util::addScript('avatar');
}
|
|
03e52840d
Init
|
323 324 |
OC_Util::addStyle("styles");
|
|
a293d369c
Update sources to...
|
325 |
OC_Util::addStyle("icons");
|
|
31b7f2792
Upgrade to ownclo...
|
326 327 |
OC_Util::addStyle("apps");
OC_Util::addStyle("fixes");
|
|
03e52840d
Init
|
328 329 330 |
OC_Util::addStyle("multiselect");
OC_Util::addStyle("jquery-ui-1.10.0.custom");
OC_Util::addStyle("jquery-tipsy");
|
|
31b7f2792
Upgrade to ownclo...
|
331 |
OC_Util::addStyle("jquery.ocdialog");
|
|
03e52840d
Init
|
332 333 334 335 336 |
}
public static function initSession() {
// prevents javascript from accessing php session cookies
ini_set('session.cookie_httponly', '1;');
|
|
31b7f2792
Upgrade to ownclo...
|
337 338 339 |
// set the cookie path to the ownCloud directory
$cookie_path = OC::$WEBROOT ? : '/';
ini_set('session.cookie_path', $cookie_path);
|
|
03e52840d
Init
|
340 |
|
|
31b7f2792
Upgrade to ownclo...
|
341 342 |
//set the session object to a dummy session so code relying on the session existing still works
self::$session = new \OC\Session\Memory('');
|
|
03e52840d
Init
|
343 |
|
|
31b7f2792
Upgrade to ownclo...
|
344 345 346 347 348 349 350 351 |
try {
// set the session name to the instance id - which is unique
self::$session = new \OC\Session\Internal(OC_Util::getInstanceId());
// if session cant be started break with http 500 error
} catch (Exception $e) {
//show the user a detailed error page
OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR);
OC_Template::printExceptionErrorPage($e);
|
|
03e52840d
Init
|
352 353 354 355 |
} $sessionLifeTime = self::getSessionLifeTime(); // regenerate session id periodically to avoid session fixation |
|
31b7f2792
Upgrade to ownclo...
|
356 357 358 |
if (!self::$session->exists('SID_CREATED')) {
self::$session->set('SID_CREATED', time());
} else if (time() - self::$session->get('SID_CREATED') > $sessionLifeTime / 2) {
|
|
03e52840d
Init
|
359 |
session_regenerate_id(true); |
|
31b7f2792
Upgrade to ownclo...
|
360 |
self::$session->set('SID_CREATED', time());
|
|
03e52840d
Init
|
361 362 363 |
} // session timeout |
|
31b7f2792
Upgrade to ownclo...
|
364 |
if (self::$session->exists('LAST_ACTIVITY') && (time() - self::$session->get('LAST_ACTIVITY') > $sessionLifeTime)) {
|
|
03e52840d
Init
|
365 |
if (isset($_COOKIE[session_name()])) {
|
|
31b7f2792
Upgrade to ownclo...
|
366 |
setcookie(session_name(), '', time() - 42000, $cookie_path); |
|
03e52840d
Init
|
367 368 369 370 371 |
} session_unset(); session_destroy(); session_start(); } |
|
31b7f2792
Upgrade to ownclo...
|
372 373 |
self::$session->set('LAST_ACTIVITY', time());
|
|
03e52840d
Init
|
374 375 376 377 378 379 380 381 |
}
/**
* @return int
*/
private static function getSessionLifeTime() {
return OC_Config::getValue('session_lifetime', 60 * 60 * 24);
}
|
|
31b7f2792
Upgrade to ownclo...
|
382 383 384 |
/** * @return OC_Router */ |
|
03e52840d
Init
|
385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 |
public static function getRouter() {
if (!isset(OC::$router)) {
OC::$router = new OC_Router();
OC::$router->loadRoutes();
}
return OC::$router;
}
public static function loadAppClassPaths() {
foreach (OC_APP::getEnabledApps() as $app) {
$file = OC_App::getAppPath($app) . '/appinfo/classpath.php';
if (file_exists($file)) {
require_once $file;
}
}
}
public static function init() {
// register autoloader
|
|
31b7f2792
Upgrade to ownclo...
|
407 408 409 410 411 412 413 414 415 416 |
require_once __DIR__ . '/autoloader.php';
self::$loader = new \OC\Autoloader();
self::$loader->registerPrefix('Doctrine\\Common', 'doctrine/common/lib');
self::$loader->registerPrefix('Doctrine\\DBAL', 'doctrine/dbal/lib');
self::$loader->registerPrefix('Symfony\\Component\\Routing', 'symfony/routing');
self::$loader->registerPrefix('Symfony\\Component\\Console', 'symfony/console');
self::$loader->registerPrefix('Sabre\\VObject', '3rdparty');
self::$loader->registerPrefix('Sabre_', '3rdparty');
self::$loader->registerPrefix('Patchwork', '3rdparty');
spl_autoload_register(array(self::$loader, 'load'));
|
|
03e52840d
Init
|
417 418 419 420 421 422 423 424 425 426 427 428 429 |
// set some stuff
//ob_start();
error_reporting(E_ALL | E_STRICT);
if (defined('DEBUG') && DEBUG) {
ini_set('display_errors', 1);
}
self::$CLI = (php_sapi_name() == 'cli');
date_default_timezone_set('UTC');
ini_set('arg_separator.output', '&');
// try to switch magic quotes off.
|
|
31b7f2792
Upgrade to ownclo...
|
430 |
if (get_magic_quotes_gpc() == 1) {
|
|
03e52840d
Init
|
431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 |
ini_set('magic_quotes_runtime', 0);
}
//try to configure php to enable big file uploads.
//this doesn´t work always depending on the webserver and php configuration.
//Let´s try to overwrite some defaults anyways
//try to set the maximum execution time to 60min
@set_time_limit(3600);
@ini_set('max_execution_time', 3600);
@ini_set('max_input_time', 3600);
//try to set the maximum filesize to 10G
@ini_set('upload_max_filesize', '10G');
@ini_set('post_max_size', '10G');
@ini_set('file_uploads', '50');
//copy http auth headers for apache+php-fcgid work around
if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
}
//set http auth headers for apache+php-cgi work around
if (isset($_SERVER['HTTP_AUTHORIZATION'])
|
|
31b7f2792
Upgrade to ownclo...
|
455 456 |
&& preg_match('/Basic\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches)
) {
|
|
03e52840d
Init
|
457 458 459 460 461 462 463 |
list($name, $password) = explode(':', base64_decode($matches[1]), 2);
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
//set http auth headers for apache+php-cgi work around if variable gets renamed by apache
if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])
|
|
31b7f2792
Upgrade to ownclo...
|
464 465 |
&& preg_match('/Basic\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)
) {
|
|
03e52840d
Init
|
466 467 468 469 470 471 |
list($name, $password) = explode(':', base64_decode($matches[1]), 2);
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
self::initPaths();
|
|
31b7f2792
Upgrade to ownclo...
|
472 473 474 475 476 |
if (OC_Config::getValue('instanceid', false)) {
// \OC\Memcache\Cache has a hidden dependency on
// OC_Util::getInstanceId() for namespacing. See #5409.
try {
self::$loader->setMemoryCache(\OC\Memcache\Factory::createLowLatency('Autoloader'));
|
|
a293d369c
Update sources to...
|
477 |
} catch (\Exception $ex) {
|
|
31b7f2792
Upgrade to ownclo...
|
478 479 480 |
} } OC_Util::isSetLocaleWorking(); |
|
03e52840d
Init
|
481 482 483 484 485 486 487 |
// set debug mode if an xdebug session is active
if (!defined('DEBUG') || !DEBUG) {
if (isset($_COOKIE['XDEBUG_SESSION'])) {
define('DEBUG', true);
}
}
|
|
31b7f2792
Upgrade to ownclo...
|
488 489 |
if (!defined('PHPUNIT_RUN')) {
if (defined('DEBUG') and DEBUG) {
|
|
a293d369c
Update sources to...
|
490 |
OC\Log\ErrorHandler::register(true); |
|
31b7f2792
Upgrade to ownclo...
|
491 492 493 |
set_exception_handler(array('OC_Template', 'printExceptionErrorPage'));
} else {
OC\Log\ErrorHandler::register();
|
|
31b7f2792
Upgrade to ownclo...
|
494 |
} |
|
a293d369c
Update sources to...
|
495 |
OC\Log\ErrorHandler::setLogger(OC_Log::$object); |
|
03e52840d
Init
|
496 497 498 499 500 501 |
}
// register the stream wrappers
stream_wrapper_register('fakedir', 'OC\Files\Stream\Dir');
stream_wrapper_register('static', 'OC\Files\Stream\StaticStream');
stream_wrapper_register('close', 'OC\Files\Stream\Close');
|
|
31b7f2792
Upgrade to ownclo...
|
502 |
stream_wrapper_register('quota', 'OC\Files\Stream\Quota');
|
|
03e52840d
Init
|
503 |
stream_wrapper_register('oc', 'OC\Files\Stream\OC');
|
|
31b7f2792
Upgrade to ownclo...
|
504 505 |
// setup the basic server self::$server = new \OC\Server(); |
|
03e52840d
Init
|
506 |
self::initTemplateEngine(); |
|
31b7f2792
Upgrade to ownclo...
|
507 508 509 510 511 |
if (!self::$CLI) {
self::initSession();
} else {
self::$session = new \OC\Session\Memory('');
}
|
|
03e52840d
Init
|
512 513 514 |
self::checkConfig(); self::checkInstalled(); self::checkSSL(); |
|
03e52840d
Init
|
515 516 517 |
$errors = OC_Util::checkServer();
if (count($errors) > 0) {
|
|
31b7f2792
Upgrade to ownclo...
|
518 519 |
if (self::$CLI) {
foreach ($errors as $error) {
|
|
a293d369c
Update sources to...
|
520 521 |
echo $error['error'] . " "; |
|
31b7f2792
Upgrade to ownclo...
|
522 523 524 525 526 527 528 |
echo $error['hint'] . "
";
}
} else {
OC_Template::printGuestPage('', 'error', array('errors' => $errors));
}
|
|
03e52840d
Init
|
529 530 531 532 533 534 535 536 537 |
exit;
}
//try to set the session lifetime
$sessionLifeTime = self::getSessionLifeTime();
@ini_set('gc_maxlifetime', (string)$sessionLifeTime);
// User and Groups
if (!OC_Config::getValue("installed", false)) {
|
|
31b7f2792
Upgrade to ownclo...
|
538 |
self::$session->set('user_id', '');
|
|
03e52840d
Init
|
539 540 541 542 |
} OC_User::useBackend(new OC_User_Database()); OC_Group::useBackend(new OC_Group_Database()); |
|
a293d369c
Update sources to...
|
543 544 545 |
if (isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('loginname')
&& $_SERVER['PHP_AUTH_USER'] !== self::$session->get('loginname')) {
$sessionUser = self::$session->get('loginname');
|
|
31b7f2792
Upgrade to ownclo...
|
546 547 |
$serverUser = $_SERVER['PHP_AUTH_USER'];
OC_Log::write('core',
|
|
a293d369c
Update sources to...
|
548 |
"Session loginname ($sessionUser) doesn't match SERVER[PHP_AUTH_USER] ($serverUser).", |
|
31b7f2792
Upgrade to ownclo...
|
549 |
OC_Log::WARN); |
|
03e52840d
Init
|
550 551 552 553 554 555 556 |
OC_User::logout(); } // Load Apps // This includes plugins for users and filesystems as well global $RUNTIME_NOAPPS; global $RUNTIME_APPTYPES; |
|
31b7f2792
Upgrade to ownclo...
|
557 |
if (!$RUNTIME_NOAPPS && !self::checkUpgrade(false)) {
|
|
03e52840d
Init
|
558 559 560 561 562 563 564 565 566 567 568 569 |
if ($RUNTIME_APPTYPES) {
OC_App::loadApps($RUNTIME_APPTYPES);
} else {
OC_App::loadApps();
}
}
//setup extra user backends
OC_User::setupBackends();
self::registerCacheHooks();
self::registerFilesystemHooks();
|
|
31b7f2792
Upgrade to ownclo...
|
570 |
self::registerPreviewHooks(); |
|
03e52840d
Init
|
571 |
self::registerShareHooks(); |
|
31b7f2792
Upgrade to ownclo...
|
572 |
self::registerLogRotate(); |
|
03e52840d
Init
|
573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 |
//make sure temporary files are cleaned up
register_shutdown_function(array('OC_Helper', 'cleanTmp'));
//parse the given parameters
self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? OC_App::cleanAppId(strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'));
if (substr_count(self::$REQUESTEDAPP, '?') != 0) {
$app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?'));
$param = substr($_GET['app'], strpos($_GET['app'], '?') + 1);
parse_str($param, $get);
$_GET = array_merge($_GET, $get);
self::$REQUESTEDAPP = $app;
$_GET['app'] = $app;
}
self::$REQUESTEDFILE = (isset($_GET['getfile']) ? $_GET['getfile'] : null);
if (substr_count(self::$REQUESTEDFILE, '?') != 0) {
$file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?'));
$param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1);
parse_str($param, $get);
$_GET = array_merge($_GET, $get);
self::$REQUESTEDFILE = $file;
$_GET['getfile'] = $file;
}
if (!is_null(self::$REQUESTEDFILE)) {
$subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE;
$parent = OC_App::getAppPath(OC::$REQUESTEDAPP);
if (!OC_Helper::issubdirectory($subdir, $parent)) {
self::$REQUESTEDFILE = null;
header('HTTP/1.0 404 Not Found');
exit;
}
}
|
|
03e52840d
Init
|
605 606 607 608 609 610 611 612 613 614 615 |
if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) {
if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') {
OC_Util::addScript('backgroundjobs');
}
}
}
/**
* register hooks for the cache
*/
public static function registerCacheHooks() {
|
|
a293d369c
Update sources to...
|
616 617 |
if (OC_Config::getValue('installed', false) && !self::needUpgrade()) { //don't try to do this before we are properly setup
\OCP\BackgroundJob::registerJob('OC\Cache\FileGlobalGC');
|
|
31b7f2792
Upgrade to ownclo...
|
618 |
|
|
31b7f2792
Upgrade to ownclo...
|
619 620 621 622 623 624 625 626 627 628 |
// NOTE: This will be replaced to use OCP
$userSession = \OC_User::getUserSession();
$userSession->listen('postLogin', '\OC\Cache\File', 'loginListener');
}
}
/**
* register hooks for the cache
*/
public static function registerLogRotate() {
|
|
a293d369c
Update sources to...
|
629 |
if (OC_Config::getValue('installed', false) && OC_Config::getValue('log_rotate_size', false) && !self::needUpgrade()) {
|
|
31b7f2792
Upgrade to ownclo...
|
630 |
//don't try to do this before we are properly setup |
|
a293d369c
Update sources to...
|
631 |
\OCP\BackgroundJob::registerJob('OC\Log\Rotate', OC_Config::getValue("datadirectory", OC::$SERVERROOT . '/data') . '/owncloud.log');
|
|
31b7f2792
Upgrade to ownclo...
|
632 |
} |
|
03e52840d
Init
|
633 634 635 636 637 638 639 640 641 642 643 644 |
}
/**
* register hooks for the filesystem
*/
public static function registerFilesystemHooks() {
// Check for blacklisted files
OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted');
OC_Hook::connect('OC_Filesystem', 'rename', 'OC_Filesystem', 'isBlacklisted');
}
/**
|
|
31b7f2792
Upgrade to ownclo...
|
645 646 647 648 649 650 651 652 653 654 |
* register hooks for previews
*/
public static function registerPreviewHooks() {
OC_Hook::connect('OC_Filesystem', 'post_write', 'OC\Preview', 'post_write');
OC_Hook::connect('OC_Filesystem', 'delete', 'OC\Preview', 'post_delete');
OC_Hook::connect('\OCP\Versions', 'delete', 'OC\Preview', 'post_delete');
OC_Hook::connect('\OCP\Trashbin', 'delete', 'OC\Preview', 'post_delete');
}
/**
|
|
03e52840d
Init
|
655 656 657 |
* register hooks for sharing
*/
public static function registerShareHooks() {
|
|
a293d369c
Update sources to...
|
658 |
if (\OC_Config::getValue('installed')) {
|
|
03e52840d
Init
|
659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 |
OC_Hook::connect('OC_User', 'post_deleteUser', 'OCP\Share', 'post_deleteUser');
OC_Hook::connect('OC_User', 'post_addToGroup', 'OCP\Share', 'post_addToGroup');
OC_Hook::connect('OC_User', 'post_removeFromGroup', 'OCP\Share', 'post_removeFromGroup');
OC_Hook::connect('OC_User', 'post_deleteGroup', 'OCP\Share', 'post_deleteGroup');
}
}
/**
* @brief Handle the request
*/
public static function handleRequest() {
// load all the classpaths from the enabled apps so they are available
// in the routing files of each app
OC::loadAppClassPaths();
// Check if ownCloud is installed or in maintenance (update) mode
if (!OC_Config::getValue('installed', false)) {
require_once 'core/setup.php';
exit();
}
$request = OC_Request::getPathInfo();
|
|
a293d369c
Update sources to...
|
681 |
if (substr($request, -3) !== '.js') { // we need these files during the upgrade
|
|
03e52840d
Init
|
682 683 684 |
self::checkMaintenanceMode(); self::checkUpgrade(); } |
|
31b7f2792
Upgrade to ownclo...
|
685 |
// Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP |
|
03e52840d
Init
|
686 |
OC::tryBasicAuthLogin(); |
|
31b7f2792
Upgrade to ownclo...
|
687 |
if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) {
|
|
03e52840d
Init
|
688 689 690 691 |
try {
if (!OC_Config::getValue('maintenance', false)) {
OC_App::loadApps();
}
|
|
31b7f2792
Upgrade to ownclo...
|
692 |
self::checkSingleUserMode(); |
|
03e52840d
Init
|
693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 |
OC::getRouter()->match(OC_Request::getRawPathInfo());
return;
} catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
//header('HTTP/1.0 404 Not Found');
} catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
OC_Response::setStatus(405);
return;
}
}
$app = OC::$REQUESTEDAPP;
$file = OC::$REQUESTEDFILE;
$param = array('app' => $app, 'file' => $file);
// Handle app css files
if (substr($file, -3) == 'css') {
self::loadCSSFile($param);
return;
}
// Handle redirect URL for logged in users
if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
$location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
// Deny the redirect if the URL contains a @
// This prevents unvalidated redirects like ?redirect_url=:user@domain.com
|
|
31b7f2792
Upgrade to ownclo...
|
718 |
if (strpos($location, '@') === false) {
|
|
03e52840d
Init
|
719 720 721 722 723 724 |
header('Location: ' . $location);
return;
}
}
// Handle WebDAV
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
|
|
31b7f2792
Upgrade to ownclo...
|
725 726 727 728 729 |
// not allowed any more to prevent people
// mounting this root directly.
// Users need to mount remote.php/webdav instead.
header('HTTP/1.1 405 Method Not Allowed');
header('Status: 405 Method Not Allowed');
|
|
03e52840d
Init
|
730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 |
return;
}
// Someone is logged in :
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
OC_User::setupBackends();
if (isset($_GET["logout"]) and ($_GET["logout"])) {
if (isset($_COOKIE['oc_token'])) {
OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
}
OC_User::logout();
header("Location: " . OC::$WEBROOT . '/');
} else {
if (is_null($file)) {
$param['file'] = 'index.php';
}
$file_ext = substr($param['file'], -3);
if ($file_ext != 'php'
|| !self::loadAppScriptFile($param)
) {
header('HTTP/1.0 404 Not Found');
}
}
return;
}
// Not handled and not logged in
self::handleLogin();
}
public static function loadAppScriptFile($param) {
OC_App::loadApps();
$app = $param['app'];
$file = $param['file'];
$app_path = OC_App::getAppPath($app);
|
|
31b7f2792
Upgrade to ownclo...
|
765 766 767 768 769 770 771 |
if (OC_App::isEnabled($app) && $app_path !== false) {
$file = $app_path . '/' . $file;
unset($app, $app_path);
if (file_exists($file)) {
require_once $file;
return true;
}
|
|
03e52840d
Init
|
772 |
} |
|
31b7f2792
Upgrade to ownclo...
|
773 |
header('HTTP/1.0 404 Not Found');
|
|
03e52840d
Init
|
774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 |
return false;
}
public static function loadCSSFile($param) {
$app = $param['app'];
$file = $param['file'];
$app_path = OC_App::getAppPath($app);
if (file_exists($app_path . '/' . $file)) {
$app_web_path = OC_App::getAppWebPath($app);
$filepath = $app_web_path . '/' . $file;
$minimizer = new OC_Minimizer_CSS();
$info = array($app_path, $app_web_path, $file);
$minimizer->output(array($info), $filepath);
}
}
protected static function handleLogin() {
OC_App::loadApps(array('prelogin'));
$error = array();
|
|
31b7f2792
Upgrade to ownclo...
|
793 794 795 796 |
// auth possible via apache module?
if (OC::tryApacheAuth()) {
$error[] = 'apacheauthfailed';
|
|
a293d369c
Update sources to...
|
797 |
} // remember was checked after last login |
|
31b7f2792
Upgrade to ownclo...
|
798 |
elseif (OC::tryRememberLogin()) {
|
|
03e52840d
Init
|
799 |
$error[] = 'invalidcookie'; |
|
a293d369c
Update sources to...
|
800 |
} // logon via web form |
|
31b7f2792
Upgrade to ownclo...
|
801 |
elseif (OC::tryFormLogin()) {
|
|
03e52840d
Init
|
802 |
$error[] = 'invalidpassword'; |
|
31b7f2792
Upgrade to ownclo...
|
803 804 805 |
if ( OC_Config::getValue('log_authfailip', false) ) {
OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:'.$_SERVER['REMOTE_ADDR'],
OC_Log::WARN);
|
|
a293d369c
Update sources to...
|
806 |
} else {
|
|
31b7f2792
Upgrade to ownclo...
|
807 808 809 |
OC_Log::write('core', 'Login failed: user \''.$_POST["user"].'\' , wrong password, IP:set log_authfailip=true in conf',
OC_Log::WARN);
}
|
|
03e52840d
Init
|
810 |
} |
|
31b7f2792
Upgrade to ownclo...
|
811 |
|
|
03e52840d
Init
|
812 813 814 815 816 817 818 819 820 821 822 823 824 |
OC_Util::displayLoginPage(array_unique($error));
}
protected static function cleanupLoginTokens($user) {
$cutoff = time() - OC_Config::getValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15);
$tokens = OC_Preferences::getKeys($user, 'login_token');
foreach ($tokens as $token) {
$time = OC_Preferences::getValue($user, 'login_token', $token);
if ($time < $cutoff) {
OC_Preferences::deleteKey($user, 'login_token', $token);
}
}
}
|
|
31b7f2792
Upgrade to ownclo...
|
825 826 827 828 829 830 831 832 833 834 835 836 837 |
protected static function tryApacheAuth() {
$return = OC_User::handleApacheAuth();
// if return is true we are logged in -> redirect to the default page
if ($return === true) {
$_REQUEST['redirect_url'] = \OC_Request::requestUri();
OC_Util::redirectToDefaultPage();
exit;
}
// in case $return is null apache based auth is not enabled
return is_null($return) ? false : true;
}
|
|
03e52840d
Init
|
838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 |
protected static function tryRememberLogin() {
if (!isset($_COOKIE["oc_remember_login"])
|| !isset($_COOKIE["oc_token"])
|| !isset($_COOKIE["oc_username"])
|| !$_COOKIE["oc_remember_login"]
|| !OC_Util::rememberLoginAllowed()
) {
return false;
}
OC_App::loadApps(array('authentication'));
if (defined("DEBUG") && DEBUG) {
OC_Log::write('core', 'Trying to login from cookie', OC_Log::DEBUG);
}
// confirm credentials in cookie
if (isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username'])) {
// delete outdated cookies
self::cleanupLoginTokens($_COOKIE['oc_username']);
// get stored tokens
$tokens = OC_Preferences::getKeys($_COOKIE['oc_username'], 'login_token');
// test cookies token against stored tokens
if (in_array($_COOKIE['oc_token'], $tokens, true)) {
// replace successfully used token with a new one
OC_Preferences::deleteKey($_COOKIE['oc_username'], 'login_token', $_COOKIE['oc_token']);
|
|
31b7f2792
Upgrade to ownclo...
|
861 |
$token = OC_Util::generateRandomBytes(32); |
|
03e52840d
Init
|
862 863 864 865 |
OC_Preferences::setValue($_COOKIE['oc_username'], 'login_token', $token, time()); OC_User::setMagicInCookie($_COOKIE['oc_username'], $token); // login OC_User::setUserId($_COOKIE['oc_username']); |
|
03e52840d
Init
|
866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 |
OC_Util::redirectToDefaultPage();
// doesn't return
}
// if you reach this point you have changed your password
// or you are an attacker
// we can not delete tokens here because users may reach
// this point multiple times after a password change
OC_Log::write('core', 'Authentication cookie rejected for user ' . $_COOKIE['oc_username'], OC_Log::WARN);
}
OC_User::unsetMagicInCookie();
return true;
}
protected static function tryFormLogin() {
if (!isset($_POST["user"]) || !isset($_POST['password'])) {
return false;
}
OC_App::loadApps();
//setup extra user backends
OC_User::setupBackends();
if (OC_User::login($_POST["user"], $_POST["password"])) {
// setting up the time zone
if (isset($_POST['timezone-offset'])) {
|
|
31b7f2792
Upgrade to ownclo...
|
892 |
self::$session->set('timezone', $_POST['timezone-offset']);
|
|
03e52840d
Init
|
893 894 895 896 897 898 899 900 |
}
$userid = OC_User::getUser();
self::cleanupLoginTokens($userid);
if (!empty($_POST["remember_login"])) {
if (defined("DEBUG") && DEBUG) {
OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG);
}
|
|
31b7f2792
Upgrade to ownclo...
|
901 |
$token = OC_Util::generateRandomBytes(32); |
|
03e52840d
Init
|
902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 |
OC_Preferences::setValue($userid, 'login_token', $token, time());
OC_User::setMagicInCookie($userid, $token);
} else {
OC_User::unsetMagicInCookie();
}
OC_Util::redirectToDefaultPage();
exit();
}
return true;
}
protected static function tryBasicAuthLogin() {
if (!isset($_SERVER["PHP_AUTH_USER"])
|| !isset($_SERVER["PHP_AUTH_PW"])
) {
return false;
}
OC_App::loadApps(array('authentication'));
if (OC_User::login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) {
//OC_Log::write('core',"Logged in with HTTP Authentication", OC_Log::DEBUG);
OC_User::unsetMagicInCookie();
$_SERVER['HTTP_REQUESTTOKEN'] = OC_Util::callRegister();
}
return true;
}
}
// define runtime variables - unless this already has been done
if (!isset($RUNTIME_NOAPPS)) {
$RUNTIME_NOAPPS = false;
}
if (!function_exists('get_temp_dir')) {
function get_temp_dir() {
if ($temp = ini_get('upload_tmp_dir')) return $temp;
if ($temp = getenv('TMP')) return $temp;
if ($temp = getenv('TEMP')) return $temp;
if ($temp = getenv('TMPDIR')) return $temp;
$temp = tempnam(__FILE__, '');
if (file_exists($temp)) {
unlink($temp);
return dirname($temp);
}
if ($temp = sys_get_temp_dir()) return $temp;
return null;
}
}
OC::init();
|
|
31b7f2792
Upgrade to ownclo...
|
953 |