2011-07-27 17:07:28 +00:00
< ? php
/**
* Class for utility functions
*
*/
2012-10-12 13:37:44 +00:00
2011-07-29 19:36:03 +00:00
class OC_Util {
2011-07-27 17:07:28 +00:00
public static $scripts = array ();
public static $styles = array ();
public static $headers = array ();
2012-02-05 22:49:22 +00:00
private static $rootMounted = false ;
2011-07-27 17:07:28 +00:00
private static $fsSetup = false ;
2012-05-14 15:57:43 +00:00
public static $core_styles = array ();
2012-05-14 21:15:53 +00:00
public static $core_scripts = array ();
2011-07-27 17:07:28 +00:00
// Can be set up
2012-09-07 13:22:01 +00:00
public static function setupFS ( $user = '' ) { // configure the initial filesystem based on the configuration
if ( self :: $fsSetup ) { //setting up the filesystem twice can only lead to trouble
2011-07-27 17:07:28 +00:00
return false ;
}
2012-08-29 19:35:55 +00:00
// If we are not forced to load a specific user we load the one that is logged in
2012-09-07 13:22:01 +00:00
if ( $user == " " && OC_User :: isLoggedIn ()) {
2012-08-29 19:35:55 +00:00
$user = OC_User :: getUser ();
}
2012-10-28 12:47:53 +00:00
// load all filesystem apps before, so no setup-hook gets lost
2012-10-28 14:10:15 +00:00
if ( ! isset ( $RUNTIME_NOAPPS ) || ! $RUNTIME_NOAPPS ) {
2012-10-28 12:47:53 +00:00
OC_App :: loadApps ( array ( 'filesystem' ));
}
2012-08-29 19:35:55 +00:00
// the filesystem will finish when $user is not empty,
// mark fs setup here to avoid doing the setup from loading
// OC_Filesystem
if ( $user != '' ) {
self :: $fsSetup = true ;
}
2012-06-19 20:50:28 +00:00
$CONFIG_DATADIRECTORY = OC_Config :: getValue ( " datadirectory " , OC :: $SERVERROOT . " /data " );
2012-02-05 20:45:41 +00:00
//first set up the local "root" storage
2012-09-07 13:22:01 +00:00
if ( ! self :: $rootMounted ) {
2012-10-28 17:12:31 +00:00
OC_Filesystem :: mount ( 'OC_Filestorage_Local' , array ( 'datadir' => $CONFIG_DATADIRECTORY ), '/' );
2012-02-05 22:49:22 +00:00
self :: $rootMounted = true ;
}
2012-06-20 06:57:21 +00:00
2012-09-07 13:22:01 +00:00
if ( $user != " " ) { //if we aren't logged in, there is no use to set up the filesystem
2012-06-19 15:38:04 +00:00
$user_dir = '/' . $user . '/files' ;
2012-08-26 20:03:02 +00:00
$user_root = OC_User :: getHome ( $user );
$userdirectory = $user_root . '/files' ;
2012-09-07 13:22:01 +00:00
if ( ! is_dir ( $userdirectory )) {
2012-06-19 20:50:28 +00:00
mkdir ( $userdirectory , 0755 , true );
2011-07-27 17:07:28 +00:00
}
2012-08-27 13:55:22 +00:00
//jail the user into his "home" directory
2012-08-29 18:36:51 +00:00
OC_Filesystem :: mount ( 'OC_Filestorage_Local' , array ( 'datadir' => $user_root ), $user );
2012-10-22 12:52:59 +00:00
OC_Filesystem :: init ( $user_dir , $user );
2011-08-15 18:37:50 +00:00
$quotaProxy = new OC_FileProxy_Quota ();
2012-10-12 14:29:35 +00:00
$fileOperationProxy = new OC_FileProxy_FileOperations ();
2011-08-15 18:37:50 +00:00
OC_FileProxy :: register ( $quotaProxy );
2012-10-12 14:29:35 +00:00
OC_FileProxy :: register ( $fileOperationProxy );
2012-06-10 20:34:21 +00:00
// Load personal mount config
2012-10-18 15:08:25 +00:00
self :: loadUserMountPoints ( $user );
2012-06-19 15:38:04 +00:00
OC_Hook :: emit ( 'OC_Filesystem' , 'setup' , array ( 'user' => $user , 'user_dir' => $user_dir ));
2011-07-27 17:07:28 +00:00
}
}
2012-09-07 13:22:01 +00:00
public static function tearDownFS () {
2011-07-29 19:36:03 +00:00
OC_Filesystem :: tearDown ();
2011-07-27 17:07:28 +00:00
self :: $fsSetup = false ;
}
2012-10-28 12:45:37 +00:00
2012-10-18 15:08:25 +00:00
public static function loadUserMountPoints ( $user ) {
2012-10-26 16:17:43 +00:00
$user_dir = '/' . $user . '/files' ;
$user_root = OC_User :: getHome ( $user );
2012-10-18 14:38:36 +00:00
$userdirectory = $user_root . '/files' ;
2012-10-26 16:17:43 +00:00
if ( is_file ( $user_root . '/mount.php' )) {
$mountConfig = include $user_root . '/mount.php' ;
if ( isset ( $mountConfig [ 'user' ][ $user ])) {
foreach ( $mountConfig [ 'user' ][ $user ] as $mountPoint => $options ) {
OC_Filesystem :: mount ( $options [ 'class' ], $options [ 'options' ], $mountPoint );
}
}
2012-10-28 12:45:37 +00:00
2012-10-26 16:17:43 +00:00
$mtime = filemtime ( $user_root . '/mount.php' );
2012-10-28 17:12:31 +00:00
$previousMTime = OC_Preferences :: getValue ( $user , 'files' , 'mountconfigmtime' , 0 );
2012-10-26 16:17:43 +00:00
if ( $mtime > $previousMTime ) { //mount config has changed, filecache needs to be updated
OC_FileCache :: triggerUpdate ( $user );
2012-10-28 17:12:31 +00:00
OC_Preferences :: setValue ( $user , 'files' , 'mountconfigmtime' , $mtime );
2012-10-26 16:17:43 +00:00
}
2012-10-28 12:45:37 +00:00
}
2012-10-18 14:38:36 +00:00
}
2011-07-27 17:07:28 +00:00
/**
* get the current installed version of ownCloud
* @ return array
*/
2012-09-07 13:22:01 +00:00
public static function getVersion () {
2012-10-09 14:02:01 +00:00
// hint: We only can count up. So the internal version number of ownCloud 4.5 will be 4.90.0. This is not visible to the user
2012-11-12 13:44:00 +00:00
return array ( 4 , 91 , 02 );
2011-09-28 11:52:26 +00:00
}
/**
* get the current installed version string of ownCloud
* @ return string
*/
2012-09-07 13:22:01 +00:00
public static function getVersionString () {
2012-10-10 13:35:19 +00:00
return '5.0 pre alpha' ;
2011-07-27 17:07:28 +00:00
}
2012-07-23 22:39:59 +00:00
/**
* get the current installed edition of ownCloud . There is the community edition that just returns an empty string and the enterprise edition that returns " Enterprise " .
* @ return string
*/
2012-09-07 13:22:01 +00:00
public static function getEditionString () {
2013-01-02 22:02:38 +00:00
return '' ;
2012-07-23 22:39:59 +00:00
}
2012-04-01 09:20:12 +00:00
2011-07-27 17:07:28 +00:00
/**
* add a javascript file
*
2012-05-01 19:07:08 +00:00
* @ param appid $application
* @ param filename $file
2011-07-27 17:07:28 +00:00
*/
2012-09-07 13:22:01 +00:00
public static function addScript ( $application , $file = null ) {
if ( is_null ( $file )) {
2011-07-27 17:07:28 +00:00
$file = $application ;
$application = " " ;
}
2012-09-07 13:22:01 +00:00
if ( ! empty ( $application )) {
2011-07-27 17:07:28 +00:00
self :: $scripts [] = " $application /js/ $file " ;
} else {
self :: $scripts [] = " js/ $file " ;
}
}
/**
* add a css file
*
2012-05-01 19:07:08 +00:00
* @ param appid $application
* @ param filename $file
2011-07-27 17:07:28 +00:00
*/
2012-09-07 13:22:01 +00:00
public static function addStyle ( $application , $file = null ) {
if ( is_null ( $file )) {
2011-07-27 17:07:28 +00:00
$file = $application ;
$application = " " ;
}
2012-09-07 13:22:01 +00:00
if ( ! empty ( $application )) {
2011-07-27 17:07:28 +00:00
self :: $styles [] = " $application /css/ $file " ;
} else {
self :: $styles [] = " css/ $file " ;
}
}
/**
* @ brief Add a custom element to the header
* @ param string tag tag name of the element
2012-02-07 21:33:01 +00:00
* @ param array $attributes array of attributes for the element
2011-07-27 17:07:28 +00:00
* @ param string $text the text content for the element
*/
2012-09-07 13:22:01 +00:00
public static function addHeader ( $tag , $attributes , $text = '' ) {
2012-11-04 10:10:46 +00:00
self :: $headers [] = array ( 'tag' => $tag , 'attributes' => $attributes , 'text' => $text );
2011-07-27 17:07:28 +00:00
}
2012-07-23 22:39:59 +00:00
/**
* formats a timestamp in the " right " way
*
* @ param int timestamp $timestamp
* @ param bool dateOnly option to ommit time from the result
*/
2012-12-13 18:26:05 +00:00
public static function formatDate ( $timestamp , $dateOnly = false ) {
2012-09-07 13:22:01 +00:00
if ( isset ( $_SESSION [ 'timezone' ])) { //adjust to clients timezone if we know it
2012-04-16 10:21:12 +00:00
$systemTimeZone = intval ( date ( 'O' ));
2012-10-28 17:12:31 +00:00
$systemTimeZone = ( round ( $systemTimeZone / 100 , 0 ) * 60 ) + ( $systemTimeZone % 100 );
2012-04-16 10:21:12 +00:00
$clientTimeZone = $_SESSION [ 'timezone' ] * 60 ;
$offset = $clientTimeZone - $systemTimeZone ;
$timestamp = $timestamp + $offset * 60 ;
}
2012-06-07 12:44:59 +00:00
$l = OC_L10N :: get ( 'lib' );
return $l -> l ( $dateOnly ? 'date' : 'datetime' , $timestamp );
2011-07-27 17:07:28 +00:00
}
/**
* check if the current server configuration is suitable for ownCloud
* @ return array arrays with error messages and hints
*/
2012-09-07 13:22:01 +00:00
public static function checkServer () {
2011-07-27 17:07:28 +00:00
$errors = array ();
2012-09-11 21:51:12 +00:00
$web_server_restart = false ;
2011-07-27 17:07:28 +00:00
//check for database drivers
2012-09-07 13:22:01 +00:00
if ( ! ( is_callable ( 'sqlite_open' ) or class_exists ( 'SQLite3' )) and ! is_callable ( 'mysql_connect' ) and ! is_callable ( 'pg_connect' )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'No database drivers (sqlite, mysql, or postgresql) installed.<br/>' , 'hint' => '' ); //TODO: sane hint
2012-09-11 21:51:12 +00:00
$web_server_restart = true ;
2011-07-27 17:07:28 +00:00
}
//common hint for all file permissons error messages
2011-10-22 17:39:05 +00:00
$permissionsHint = " Permissions can usually be fixed by giving the webserver write access to the ownCloud directory " ;
2011-07-27 17:07:28 +00:00
2012-06-19 20:12:05 +00:00
// Check if config folder is writable.
2012-09-16 20:49:03 +00:00
if ( ! is_writable ( OC :: $SERVERROOT . " /config/ " ) or ! is_readable ( OC :: $SERVERROOT . " /config/ " )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => " Can't write into config directory 'config' " , 'hint' => " You can usually fix this by giving the webserver user write access to the config directory in owncloud " );
2012-06-19 20:12:05 +00:00
}
2012-06-21 19:35:34 +00:00
// Check if there is a writable install folder.
if ( OC_Config :: getValue ( 'appstoreenabled' , true )) {
2012-09-16 20:49:03 +00:00
if ( OC_App :: getInstallPath () === null || ! is_writable ( OC_App :: getInstallPath ()) || ! is_readable ( OC_App :: getInstallPath ()) ) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => " Can't write into apps directory " , 'hint' => " You can usually fix this by giving the webserver user write access to the apps directory
2012-06-22 11:57:54 +00:00
in owncloud or disabling the appstore in the config file . " );
2012-06-21 19:35:34 +00:00
}
2012-06-19 20:12:05 +00:00
}
2012-06-19 20:50:28 +00:00
$CONFIG_DATADIRECTORY = OC_Config :: getValue ( " datadirectory " , OC :: $SERVERROOT . " /data " );
2011-07-27 17:07:28 +00:00
//check for correct file permissions
2012-09-07 13:22:01 +00:00
if ( ! stristr ( PHP_OS , 'WIN' )) {
2012-08-29 18:34:44 +00:00
$permissionsModHint = " Please change the permissions to 0770 so that the directory cannot be listed by other users. " ;
2012-10-28 17:12:31 +00:00
$prems = substr ( decoct ( @ fileperms ( $CONFIG_DATADIRECTORY )), - 3 );
if ( substr ( $prems , - 1 ) != '0' ) {
OC_Helper :: chmodr ( $CONFIG_DATADIRECTORY , 0770 );
2011-07-27 17:07:28 +00:00
clearstatcache ();
2012-10-28 17:12:31 +00:00
$prems = substr ( decoct ( @ fileperms ( $CONFIG_DATADIRECTORY )), - 3 );
if ( substr ( $prems , 2 , 1 ) != '0' ) {
$errors [] = array ( 'error' => 'Data directory (' . $CONFIG_DATADIRECTORY . ') is readable for other users<br/>' , 'hint' => $permissionsModHint );
2011-07-27 17:07:28 +00:00
}
}
2012-09-07 13:22:01 +00:00
if ( OC_Config :: getValue ( " enablebackup " , false )) {
2012-06-19 20:12:05 +00:00
$CONFIG_BACKUPDIRECTORY = OC_Config :: getValue ( " backupdirectory " , OC :: $SERVERROOT . " /backup " );
2012-10-28 17:12:31 +00:00
$prems = substr ( decoct ( @ fileperms ( $CONFIG_BACKUPDIRECTORY )), - 3 );
if ( substr ( $prems , - 1 ) != '0' ) {
OC_Helper :: chmodr ( $CONFIG_BACKUPDIRECTORY , 0770 );
2011-07-27 17:07:28 +00:00
clearstatcache ();
2012-10-28 17:12:31 +00:00
$prems = substr ( decoct ( @ fileperms ( $CONFIG_BACKUPDIRECTORY )), - 3 );
if ( substr ( $prems , 2 , 1 ) != '0' ) {
$errors [] = array ( 'error' => 'Data directory (' . $CONFIG_BACKUPDIRECTORY . ') is readable for other users<br/>' , 'hint' => $permissionsModHint );
2011-07-27 17:07:28 +00:00
}
}
}
} else {
2011-09-18 18:57:05 +00:00
//TODO: permissions checks for windows hosts
2011-07-27 17:07:28 +00:00
}
2012-06-19 20:12:05 +00:00
// Create root dir.
2012-09-07 13:22:01 +00:00
if ( ! is_dir ( $CONFIG_DATADIRECTORY )) {
2012-06-19 20:50:28 +00:00
$success =@ mkdir ( $CONFIG_DATADIRECTORY );
2012-06-19 20:12:05 +00:00
if ( ! $success ) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => " Can't create data directory ( " . $CONFIG_DATADIRECTORY . " ) " , 'hint' => " You can usually fix this by giving the webserver write access to the ownCloud directory ' " . OC :: $SERVERROOT . " ' (in a terminal, use the command 'chown -R www-data:www-data /path/to/your/owncloud/install/data' " );
2012-06-19 20:12:05 +00:00
}
2012-09-16 20:49:03 +00:00
} else if ( ! is_writable ( $CONFIG_DATADIRECTORY ) or ! is_readable ( $CONFIG_DATADIRECTORY )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'Data directory (' . $CONFIG_DATADIRECTORY . ') not writable by ownCloud<br/>' , 'hint' => $permissionsHint );
2011-07-27 17:07:28 +00:00
}
2011-09-27 17:08:38 +00:00
// check if all required php modules are present
2012-09-07 13:22:01 +00:00
if ( ! class_exists ( 'ZipArchive' )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'PHP module zip not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-11 21:51:12 +00:00
$web_server_restart = false ;
2011-09-27 17:08:38 +00:00
}
2012-09-07 13:22:01 +00:00
if ( ! function_exists ( 'mb_detect_encoding' )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'PHP module mb multibyte not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-11 21:51:12 +00:00
$web_server_restart = false ;
2011-09-27 17:08:38 +00:00
}
2012-09-07 13:22:01 +00:00
if ( ! function_exists ( 'ctype_digit' )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'PHP module ctype is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-11 21:51:12 +00:00
$web_server_restart = false ;
2011-09-28 09:47:29 +00:00
}
2012-09-07 13:22:01 +00:00
if ( ! function_exists ( 'json_encode' )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'PHP module JSON is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-11 21:51:12 +00:00
$web_server_restart = false ;
2012-04-17 17:06:45 +00:00
}
2012-09-07 13:22:01 +00:00
if ( ! function_exists ( 'imagepng' )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'PHP module GD is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-11 21:51:12 +00:00
$web_server_restart = false ;
2012-04-17 17:09:41 +00:00
}
2012-09-07 13:22:01 +00:00
if ( ! function_exists ( 'gzencode' )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'PHP module zlib is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-11 21:51:12 +00:00
$web_server_restart = false ;
2012-04-17 17:09:41 +00:00
}
2012-10-25 14:49:55 +00:00
if ( ! function_exists ( 'iconv' )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'PHP module iconv is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-10-25 14:49:55 +00:00
$web_server_restart = false ;
}
2012-10-06 15:37:38 +00:00
if ( ! function_exists ( 'simplexml_load_string' )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'PHP module SimpleXML is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-10-06 15:37:38 +00:00
$web_server_restart = false ;
}
2012-09-07 13:22:01 +00:00
if ( floatval ( phpversion ()) < 5.3 ) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'PHP 5.3 is required.<br/>' , 'hint' => 'Please ask your server administrator to update PHP to version 5.3 or higher. PHP 5.2 is no longer supported by ownCloud and the PHP community.' );
2012-09-11 21:51:12 +00:00
$web_server_restart = false ;
2012-04-30 11:28:31 +00:00
}
2012-09-07 13:22:01 +00:00
if ( ! defined ( 'PDO::ATTR_DRIVER_NAME' )) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'PHP PDO module is not installed.<br/>' , 'hint' => 'Please ask your server administrator to install the module.' );
2012-09-11 21:51:12 +00:00
$web_server_restart = false ;
}
if ( $web_server_restart ) {
2012-11-04 10:10:46 +00:00
$errors [] = array ( 'error' => 'PHP modules have been installed, but they are still listed as missing?<br/>' , 'hint' => 'Please ask your server administrator to restart the web server.' );
2012-06-01 18:00:33 +00:00
}
2011-07-27 17:07:28 +00:00
return $errors ;
}
2011-09-18 19:31:56 +00:00
2012-10-12 14:12:43 +00:00
public static function displayLoginPage ( $errors = array ()) {
2012-08-09 16:27:59 +00:00
$parameters = array ();
2012-10-12 14:12:43 +00:00
foreach ( $errors as $key => $value ) {
$parameters [ $value ] = true ;
}
2012-08-09 16:27:59 +00:00
if ( ! empty ( $_POST [ 'user' ])) {
2012-12-14 22:50:21 +00:00
$parameters [ " username " ] = OC_Util :: sanitizeHTML ( $_POST [ 'user' ]) . '"' ;
2012-08-09 16:27:59 +00:00
$parameters [ 'user_autofocus' ] = false ;
2011-09-30 21:48:20 +00:00
} else {
$parameters [ " username " ] = '' ;
2012-08-09 16:27:59 +00:00
$parameters [ 'user_autofocus' ] = true ;
2011-09-25 20:47:29 +00:00
}
2012-08-09 16:27:59 +00:00
if ( isset ( $_REQUEST [ 'redirect_url' ])) {
$redirect_url = OC_Util :: sanitizeHTML ( $_REQUEST [ 'redirect_url' ]);
2012-12-07 11:07:56 +00:00
$parameters [ 'redirect_url' ] = urlencode ( $redirect_url );
2013-01-02 22:02:38 +00:00
}
2011-09-25 20:47:29 +00:00
OC_Template :: printGuestPage ( " " , " login " , $parameters );
}
2011-09-28 09:44:46 +00:00
2011-09-30 21:05:10 +00:00
/**
2013-01-02 22:02:38 +00:00
* Check if the app is enabled , redirects to home if not
*/
2012-09-07 13:22:01 +00:00
public static function checkAppEnabled ( $app ) {
if ( ! OC_App :: isEnabled ( $app )) {
2012-02-16 18:45:00 +00:00
header ( 'Location: ' . OC_Helper :: linkToAbsolute ( '' , 'index.php' ));
2011-09-30 21:05:10 +00:00
exit ();
}
}
2011-09-18 19:31:56 +00:00
/**
2013-01-02 22:02:38 +00:00
* Check if the user is logged in , redirects to home if not . With
* redirect URL parameter to the request URI .
*/
2012-09-07 13:22:01 +00:00
public static function checkLoggedIn () {
2011-09-18 19:31:56 +00:00
// Check if we are a user
2012-09-07 13:22:01 +00:00
if ( ! OC_User :: isLoggedIn ()) {
2012-09-28 20:27:52 +00:00
header ( 'Location: ' . OC_Helper :: linkToAbsolute ( '' , 'index.php' , array ( 'redirect_url' => $_SERVER [ " REQUEST_URI " ])));
2011-09-18 19:31:56 +00:00
exit ();
}
}
/**
2013-01-02 22:02:38 +00:00
* Check if the user is a admin , redirects to home if not
*/
2012-09-07 13:22:01 +00:00
public static function checkAdminUser () {
2011-09-18 19:31:56 +00:00
// Check if we are a user
self :: checkLoggedIn ();
2012-10-15 14:14:24 +00:00
self :: verifyUser ();
2012-09-07 13:22:01 +00:00
if ( ! OC_Group :: inGroup ( OC_User :: getUser (), 'admin' )) {
2012-02-16 18:45:00 +00:00
header ( 'Location: ' . OC_Helper :: linkToAbsolute ( '' , 'index.php' ));
2011-09-18 19:31:56 +00:00
exit ();
}
}
2012-07-09 19:51:19 +00:00
/**
2013-01-02 22:02:38 +00:00
* Check if the user is a subadmin , redirects to home if not
* @ return array $groups where the current user is subadmin
*/
2012-09-07 13:22:01 +00:00
public static function checkSubAdminUser () {
2012-07-09 19:51:19 +00:00
// Check if we are a user
self :: checkLoggedIn ();
2012-10-15 14:14:24 +00:00
self :: verifyUser ();
2012-10-28 17:12:31 +00:00
if ( OC_Group :: inGroup ( OC_User :: getUser (), 'admin' )) {
2012-07-15 14:31:28 +00:00
return true ;
2012-07-09 19:51:19 +00:00
}
2012-09-07 13:22:01 +00:00
if ( ! OC_SubAdmin :: isSubAdmin ( OC_User :: getUser ())) {
2012-07-09 19:51:19 +00:00
header ( 'Location: ' . OC_Helper :: linkToAbsolute ( '' , 'index.php' ));
exit ();
}
2012-07-15 14:31:28 +00:00
return true ;
2012-07-09 19:51:19 +00:00
}
2012-10-15 14:14:24 +00:00
/**
2013-01-02 22:02:38 +00:00
* Check if the user verified the login with his password in the last 15 minutes
* If not , the user will be shown a password verification page
*/
2012-10-15 14:14:24 +00:00
public static function verifyUser () {
2012-10-22 21:04:39 +00:00
if ( OC_Config :: getValue ( 'enhancedauth' , false ) === true ) {
2013-01-02 22:02:38 +00:00
// Check password to set session
2012-10-15 23:08:05 +00:00
if ( isset ( $_POST [ 'password' ])) {
if ( OC_User :: login ( OC_User :: getUser (), $_POST [ " password " ] ) === true ) {
$_SESSION [ 'verifiedLogin' ] = time () + OC_Config :: getValue ( 'enhancedauthtime' , 15 * 60 );
}
2012-10-15 14:40:47 +00:00
}
2012-10-15 14:14:24 +00:00
2013-01-02 22:02:38 +00:00
// Check if the user verified his password
2012-10-15 23:08:05 +00:00
if ( ! isset ( $_SESSION [ 'verifiedLogin' ]) OR $_SESSION [ 'verifiedLogin' ] < time ()) {
OC_Template :: printGuestPage ( " " , " verify " , array ( 'username' => OC_User :: getUser ()));
exit ();
}
2012-10-15 14:14:24 +00:00
}
}
2012-10-15 22:47:22 +00:00
/**
2013-01-02 22:02:38 +00:00
* Check if the user verified the login with his password
* @ return bool
*/
2012-10-15 22:47:22 +00:00
public static function isUserVerified () {
2012-10-22 21:04:39 +00:00
if ( OC_Config :: getValue ( 'enhancedauth' , false ) === true ) {
2012-10-15 23:08:05 +00:00
if ( ! isset ( $_SESSION [ 'verifiedLogin' ]) OR $_SESSION [ 'verifiedLogin' ] < time ()) {
return false ;
}
2012-10-15 22:47:22 +00:00
}
2012-10-22 21:04:39 +00:00
return true ;
2012-10-15 22:47:22 +00:00
}
2012-10-28 12:45:37 +00:00
2011-09-18 19:31:56 +00:00
/**
2013-01-02 22:02:38 +00:00
* Redirect to the user default page
*/
2012-09-07 13:22:01 +00:00
public static function redirectToDefaultPage () {
2012-10-31 21:03:55 +00:00
if ( isset ( $_REQUEST [ 'redirect_url' ])) {
$location = OC_Helper :: makeURLAbsolute ( urldecode ( $_REQUEST [ 'redirect_url' ]));
2012-06-20 15:10:17 +00:00
}
else if ( isset ( OC :: $REQUESTEDAPP ) && ! empty ( OC :: $REQUESTEDAPP )) {
2012-08-06 16:49:06 +00:00
$location = OC_Helper :: linkToAbsolute ( OC :: $REQUESTEDAPP , 'index.php' );
2012-06-20 15:10:17 +00:00
}
else {
2012-08-06 16:49:06 +00:00
$defaultpage = OC_Appconfig :: getValue ( 'core' , 'defaultpage' );
if ( $defaultpage ) {
2012-08-06 20:15:55 +00:00
$location = OC_Helper :: makeURLAbsolute ( OC :: $WEBROOT . '/' . $defaultpage );
2012-08-06 16:49:06 +00:00
}
else {
$location = OC_Helper :: linkToAbsolute ( 'files' , 'index.php' );
}
2011-10-04 17:27:57 +00:00
}
2012-07-03 15:54:12 +00:00
OC_Log :: write ( 'core' , 'redirectToDefaultPage: ' . $location , OC_Log :: DEBUG );
header ( 'Location: ' . $location );
2011-09-18 19:31:56 +00:00
exit ();
}
2012-06-05 17:32:48 +00:00
/**
* get an id unqiue for this instance
* @ return string
*/
2012-09-07 13:22:01 +00:00
public static function getInstanceId () {
2012-10-23 20:53:54 +00:00
$id = OC_Config :: getValue ( 'instanceid' , null );
2012-09-07 13:22:01 +00:00
if ( is_null ( $id )) {
2012-06-05 17:32:48 +00:00
$id = uniqid ();
2012-10-28 17:12:31 +00:00
OC_Config :: setValue ( 'instanceid' , $id );
2012-06-05 17:32:48 +00:00
}
return $id ;
}
2012-06-09 13:05:14 +00:00
2012-09-28 11:30:44 +00:00
/**
* @ brief Register an get / post call . Important to prevent CSRF attacks .
* @ todo Write howto : CSRF protection guide
2012-06-13 15:33:19 +00:00
* @ return $token Generated token .
2012-09-28 11:30:44 +00:00
* @ description
* Creates a 'request token' ( random ) and stores it inside the session .
* Ever subsequent ( ajax ) request must use such a valid token to succeed ,
* otherwise the request will be denied as a protection against CSRF .
* @ see OC_Util :: isCallRegistered ()
2012-06-09 13:05:14 +00:00
*/
2012-09-07 13:22:01 +00:00
public static function callRegister () {
2012-10-28 19:50:50 +00:00
// Check if a token exists
2012-10-31 17:37:59 +00:00
if ( ! isset ( $_SESSION [ 'requesttoken' ])) {
2012-10-28 19:50:50 +00:00
// No valid token found, generate a new one.
2012-10-31 17:37:59 +00:00
$requestToken = self :: generate_random_bytes ( 20 );
$_SESSION [ 'requesttoken' ] = $requestToken ;
2012-10-28 19:50:50 +00:00
} else {
// Valid token already exists, send it
2012-10-31 17:37:59 +00:00
$requestToken = $_SESSION [ 'requesttoken' ];
2012-06-11 10:13:08 +00:00
}
2012-10-31 17:37:59 +00:00
return ( $requestToken );
2012-06-09 13:05:14 +00:00
}
/**
2012-06-13 15:33:19 +00:00
* @ brief Check an ajax get / post call if the request token is valid .
* @ return boolean False if request token is not set or is invalid .
2012-10-28 17:24:11 +00:00
* @ see OC_Util :: callRegister ()
2012-06-09 13:05:14 +00:00
*/
2012-09-07 13:22:01 +00:00
public static function isCallRegistered () {
2012-06-09 13:05:14 +00:00
if ( isset ( $_GET [ 'requesttoken' ])) {
$token = $_GET [ 'requesttoken' ];
2012-09-07 13:22:01 +00:00
} elseif ( isset ( $_POST [ 'requesttoken' ])) {
2012-06-09 13:05:14 +00:00
$token = $_POST [ 'requesttoken' ];
2012-09-07 13:22:01 +00:00
} elseif ( isset ( $_SERVER [ 'HTTP_REQUESTTOKEN' ])) {
2012-06-13 15:33:19 +00:00
$token = $_SERVER [ 'HTTP_REQUESTTOKEN' ];
2012-06-09 13:05:14 +00:00
} else {
2012-06-13 15:33:19 +00:00
//no token found.
return false ;
2012-06-09 13:05:14 +00:00
}
2012-10-28 19:50:50 +00:00
// Check if the token is valid
2012-10-31 17:37:59 +00:00
if ( $token !== $_SESSION [ 'requesttoken' ]) {
2012-10-28 19:50:50 +00:00
// Not valid
2012-06-13 15:33:19 +00:00
return false ;
2012-10-28 19:50:50 +00:00
} else {
// Valid token
return true ;
2012-06-09 13:05:14 +00:00
}
}
2012-06-13 15:33:19 +00:00
/**
* @ brief Check an ajax get / post call if the request token is valid . exit if not .
* Todo : Write howto
*/
2012-09-07 13:22:01 +00:00
public static function callCheck () {
2012-06-13 15:33:19 +00:00
if ( ! OC_Util :: isCallRegistered ()) {
exit ;
}
}
2012-08-29 06:38:33 +00:00
2012-06-21 12:07:04 +00:00
/**
* @ brief Public function to sanitize HTML
*
2012-06-22 06:17:35 +00:00
* This function is used to sanitize HTML and should be applied on any
* string or array of strings before displaying it on a web page .
2012-08-29 06:38:33 +00:00
*
2012-06-19 15:20:19 +00:00
* @ param string or array of strings
2012-06-22 06:17:35 +00:00
* @ return array with sanitized strings or a single sanitized string , depends on the input parameter .
2012-06-19 15:20:19 +00:00
*/
2012-09-07 13:22:01 +00:00
public static function sanitizeHTML ( & $value ) {
2012-10-28 17:12:31 +00:00
if ( is_array ( $value ) || is_object ( $value )) array_walk_recursive ( $value , 'OC_Util::sanitizeHTML' );
2012-06-21 12:07:04 +00:00
else $value = htmlentities ( $value , ENT_QUOTES , 'UTF-8' ); //Specify encoding for PHP<5.4
2012-06-19 15:20:19 +00:00
return $value ;
}
2012-06-21 12:07:04 +00:00
2012-07-23 22:39:59 +00:00
/**
* Check if the htaccess file is working by creating a test file in the data directory and trying to access via http
*/
public static function ishtaccessworking () {
2012-06-21 12:07:04 +00:00
// testdata
$filename = '/htaccesstest.txt' ;
$testcontent = 'testcontent' ;
// creating a test file
2012-07-23 22:39:59 +00:00
$testfile = OC_Config :: getValue ( " datadirectory " , OC :: $SERVERROOT . " /data " ) . '/' . $filename ;
2012-10-26 16:17:43 +00:00
2012-11-04 17:18:03 +00:00
if ( file_exists ( $testfile )) { // already running this test, possible recursive call
2012-10-26 16:17:43 +00:00
return false ;
}
2012-07-23 22:39:59 +00:00
$fp = @ fopen ( $testfile , 'w' );
@ fwrite ( $fp , $testcontent );
@ fclose ( $fp );
2012-06-21 12:07:04 +00:00
// accessing the file via http
2012-08-06 20:15:55 +00:00
$url = OC_Helper :: makeURLAbsolute ( OC :: $WEBROOT . '/data' . $filename );
2012-07-23 22:39:59 +00:00
$fp = @ fopen ( $url , 'r' );
$content =@ fread ( $fp , 2048 );
@ fclose ( $fp );
2012-06-21 12:07:04 +00:00
// cleanup
@ unlink ( $testfile );
// does it work ?
if ( $content == $testcontent ) {
return ( false );
} else {
return ( true );
}
2012-07-23 22:39:59 +00:00
}
2012-06-21 12:07:04 +00:00
2012-11-08 17:08:44 +00:00
2013-01-02 22:02:38 +00:00
/**
* Check if the setlocal call doesn ' t work . This can happen if the right local packages are not available on the server .
*/
2012-12-19 14:10:33 +00:00
public static function issetlocaleworking () {
$result = setlocale ( LC_ALL , 'en_US.UTF-8' );
if ( $result == false ) {
return ( false );
} else {
return ( true );
}
}
2013-01-02 22:02:38 +00:00
/**
* Check if the ownCloud server can connect to the internet
*/
2012-12-14 22:04:42 +00:00
public static function isinternetconnectionworking () {
2012-11-08 17:08:44 +00:00
// try to connect to owncloud.org to see if http connections to the internet are possible.
2013-01-02 22:02:38 +00:00
$connected = @ fsockopen ( " www.owncloud.org " , 80 );
2012-11-09 23:58:03 +00:00
if ( $connected ) {
2012-11-08 17:08:44 +00:00
fclose ( $connected );
2012-11-29 16:58:24 +00:00
return true ;
2012-11-08 17:08:44 +00:00
} else {
// second try in case one server is down
2013-01-02 22:02:38 +00:00
$connected = @ fsockopen ( " apps.owncloud.com " , 80 );
2012-11-09 23:58:03 +00:00
if ( $connected ) {
2012-11-08 17:08:44 +00:00
fclose ( $connected );
2012-11-29 16:58:24 +00:00
return true ;
2012-11-08 17:08:44 +00:00
} else {
2012-11-29 16:58:24 +00:00
return false ;
2012-11-08 17:08:44 +00:00
}
}
}
2012-11-29 16:58:24 +00:00
/**
* clear all levels of output buffering
*/
public static function obEnd (){
while ( ob_get_level ()) {
ob_end_clean ();
}
}
2012-11-08 17:08:44 +00:00
2012-10-15 12:25:40 +00:00
/**
2013-01-02 22:02:38 +00:00
* @ brief Generates a cryptographical secure pseudorandom string
* @ param Int with the length of the random string
* @ return String
* Please also update secureRNG_available if you change something here
*/
2012-09-29 14:44:02 +00:00
public static function generate_random_bytes ( $length = 30 ) {
2012-10-14 14:14:45 +00:00
// Try to use openssl_random_pseudo_bytes
2012-10-14 19:04:08 +00:00
if ( function_exists ( 'openssl_random_pseudo_bytes' )) {
2012-09-29 14:44:02 +00:00
$pseudo_byte = bin2hex ( openssl_random_pseudo_bytes ( $length , $strong ));
2012-10-23 06:01:09 +00:00
if ( $strong == true ) {
2012-09-29 14:44:02 +00:00
return substr ( $pseudo_byte , 0 , $length ); // Truncate it to match the length
}
}
2012-10-15 17:21:37 +00:00
// Try to use /dev/urandom
$fp = @ file_get_contents ( '/dev/urandom' , false , null , 0 , $length );
2012-10-23 06:01:09 +00:00
if ( $fp !== false ) {
2012-10-14 19:04:08 +00:00
$string = substr ( bin2hex ( $fp ), 0 , $length );
2012-10-14 14:14:45 +00:00
return $string ;
}
2012-10-14 19:04:08 +00:00
// Fallback to mt_rand()
2012-09-29 14:44:02 +00:00
$characters = '0123456789' ;
2012-10-14 19:04:08 +00:00
$characters .= 'abcdefghijklmnopqrstuvwxyz' ;
2012-09-29 14:44:02 +00:00
$charactersLength = strlen ( $characters ) - 1 ;
$pseudo_byte = " " ;
// Select some random characters
for ( $i = 0 ; $i < $length ; $i ++ ) {
$pseudo_byte .= $characters [ mt_rand ( 0 , $charactersLength )];
2012-10-14 19:04:08 +00:00
}
2012-09-29 14:44:02 +00:00
return $pseudo_byte ;
}
2012-10-14 19:04:08 +00:00
2012-10-15 12:25:40 +00:00
/**
2013-01-02 22:02:38 +00:00
* @ brief Checks if a secure random number generator is available
* @ return bool
*/
2012-10-14 15:17:06 +00:00
public static function secureRNG_available () {
// Check openssl_random_pseudo_bytes
2012-10-14 19:04:08 +00:00
if ( function_exists ( 'openssl_random_pseudo_bytes' )) {
2012-10-14 15:17:06 +00:00
openssl_random_pseudo_bytes ( 1 , $strong );
2012-10-23 06:01:09 +00:00
if ( $strong == true ) {
2012-10-14 15:17:06 +00:00
return true ;
}
}
2012-10-15 17:21:37 +00:00
// Check /dev/urandom
$fp = @ file_get_contents ( '/dev/urandom' , false , null , 0 , 1 );
2012-10-23 06:01:09 +00:00
if ( $fp !== false ) {
2012-10-14 15:17:06 +00:00
return true ;
}
return false ;
2012-10-14 19:04:08 +00:00
}
2013-01-02 22:02:38 +00:00
/**
* @ Brief Get file content via curl .
* @ param string $url Url to get content
* @ return string of the response or false on error
* This function get the content of a page via curl , if curl is enabled .
* If not , file_get_element is used .
*/
public static function getUrlContent ( $url ){
if ( function_exists ( 'curl_init' )) {
$curl = curl_init ();
curl_setopt ( $curl , CURLOPT_HEADER , 0 );
curl_setopt ( $curl , CURLOPT_RETURNTRANSFER , 1 );
curl_setopt ( $curl , CURLOPT_CONNECTTIMEOUT , 10 );
curl_setopt ( $curl , CURLOPT_URL , $url );
curl_setopt ( $curl , CURLOPT_USERAGENT , " ownCloud Server Crawler " );
if ( OC_Config :: getValue ( 'proxy' , '' ) <> '' ) {
curl_setopt ( $curl , CURLOPT_PROXY , OC_Config :: getValue ( 'proxy' ));
}
if ( OC_Config :: getValue ( 'proxyuserpwd' , '' ) <> '' ) {
curl_setopt ( $curl , CURLOPT_PROXYUSERPWD , OC_Config :: getValue ( 'proxyuserpwd' ));
}
$data = curl_exec ( $curl );
curl_close ( $curl );
} else {
$contextArray = null ;
if ( OC_Config :: getValue ( 'proxy' , '' ) <> '' ) {
$contextArray = array (
'http' => array (
'timeout' => 10 ,
'proxy' => OC_Config :: getValue ( 'proxy' )
)
);
} else {
$contextArray = array (
'http' => array (
'timeout' => 10
)
);
}
$ctx = stream_context_create (
$contextArray
);
$data =@ file_get_contents ( $url , 0 , $ctx );
}
return $data ;
2012-12-14 22:04:42 +00:00
}
2013-01-02 22:02:38 +00:00
2012-09-30 14:12:16 +00:00
}