f551917a3c
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession restore order os OC::$session and OC::$CLI remove unneded initialization of dummy session write back session when $useCustomSession is true log warning when deprecated app is used
198 lines
7.1 KiB
PHP
198 lines
7.1 KiB
PHP
<?php
|
|
// Load other apps for file previews
|
|
OC_App::loadApps();
|
|
|
|
$appConfig = \OC::$server->getAppConfig();
|
|
|
|
if ($appConfig->getValue('core', 'shareapi_allow_links', 'yes') !== 'yes') {
|
|
header('HTTP/1.0 404 Not Found');
|
|
$tmpl = new OCP\Template('', '404', 'guest');
|
|
$tmpl->printPage();
|
|
exit();
|
|
}
|
|
|
|
if (isset($_GET['t'])) {
|
|
$token = $_GET['t'];
|
|
$linkItem = OCP\Share::getShareByToken($token, false);
|
|
if (is_array($linkItem) && isset($linkItem['uid_owner'])) {
|
|
// seems to be a valid share
|
|
$type = $linkItem['item_type'];
|
|
$fileSource = $linkItem['file_source'];
|
|
$shareOwner = $linkItem['uid_owner'];
|
|
$path = null;
|
|
$rootLinkItem = OCP\Share::resolveReShare($linkItem);
|
|
if (isset($rootLinkItem['uid_owner'])) {
|
|
OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
|
|
OC_Util::tearDownFS();
|
|
OC_Util::setupFS($rootLinkItem['uid_owner']);
|
|
$path = \OC\Files\Filesystem::getPath($linkItem['file_source']);
|
|
}
|
|
}
|
|
}
|
|
if (isset($path)) {
|
|
if (!isset($linkItem['item_type'])) {
|
|
OCP\Util::writeLog('share', 'No item type set for share id: ' . $linkItem['id'], \OCP\Util::ERROR);
|
|
header('HTTP/1.0 404 Not Found');
|
|
$tmpl = new OCP\Template('', '404', 'guest');
|
|
$tmpl->printPage();
|
|
exit();
|
|
}
|
|
if (isset($linkItem['share_with'])) {
|
|
// Authenticate share_with
|
|
$url = OCP\Util::linkToPublic('files') . '&t=' . $token;
|
|
if (isset($_GET['file'])) {
|
|
$url .= '&file=' . urlencode($_GET['file']);
|
|
} else {
|
|
if (isset($_GET['dir'])) {
|
|
$url .= '&dir=' . urlencode($_GET['dir']);
|
|
}
|
|
}
|
|
if (isset($_POST['password'])) {
|
|
$password = $_POST['password'];
|
|
if ($linkItem['share_type'] == OCP\Share::SHARE_TYPE_LINK) {
|
|
// Check Password
|
|
$forcePortable = (CRYPT_BLOWFISH != 1);
|
|
$hasher = new PasswordHash(8, $forcePortable);
|
|
if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''),
|
|
$linkItem['share_with']))) {
|
|
OCP\Util::addStyle('files_sharing', 'authenticate');
|
|
$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
|
|
$tmpl->assign('URL', $url);
|
|
$tmpl->assign('wrongpw', true);
|
|
$tmpl->printPage();
|
|
exit();
|
|
} else {
|
|
// Save item id in session for future requests
|
|
\OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']);
|
|
}
|
|
} else {
|
|
OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type']
|
|
.' for share id '.$linkItem['id'], \OCP\Util::ERROR);
|
|
header('HTTP/1.0 404 Not Found');
|
|
$tmpl = new OCP\Template('', '404', 'guest');
|
|
$tmpl->printPage();
|
|
exit();
|
|
}
|
|
|
|
} else {
|
|
// Check if item id is set in session
|
|
if ( ! \OC::$server->getSession()->exists('public_link_authenticated')
|
|
|| \OC::$server->getSession()->get('public_link_authenticated') !== $linkItem['id']
|
|
) {
|
|
// Prompt for password
|
|
OCP\Util::addStyle('files_sharing', 'authenticate');
|
|
$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
|
|
$tmpl->assign('URL', $url);
|
|
$tmpl->printPage();
|
|
exit();
|
|
}
|
|
}
|
|
}
|
|
$basePath = $path;
|
|
$rootName = \OC_Util::basename($path);
|
|
if (isset($_GET['path']) && \OC\Files\Filesystem::isReadable($basePath . $_GET['path'])) {
|
|
$getPath = \OC\Files\Filesystem::normalizePath($_GET['path']);
|
|
$path .= $getPath;
|
|
} else {
|
|
$getPath = '';
|
|
}
|
|
$dir = dirname($path);
|
|
$file = basename($path);
|
|
// Download the file
|
|
if (isset($_GET['download'])) {
|
|
if (!\OCP\App::isEnabled('files_encryption')) {
|
|
// encryption app requires the session to store the keys in
|
|
\OC::$server->getSession()->close();
|
|
}
|
|
if (isset($_GET['files'])) { // download selected files
|
|
$files = urldecode($_GET['files']);
|
|
$files_list = json_decode($files);
|
|
// in case we get only a single file
|
|
if ($files_list === NULL ) {
|
|
$files_list = array($files);
|
|
}
|
|
OC_Files::get($path, $files_list, $_SERVER['REQUEST_METHOD'] == 'HEAD');
|
|
} else {
|
|
OC_Files::get($dir, $file, $_SERVER['REQUEST_METHOD'] == 'HEAD');
|
|
}
|
|
exit();
|
|
} else {
|
|
OCP\Util::addScript('files', 'file-upload');
|
|
OCP\Util::addStyle('files_sharing', 'public');
|
|
OCP\Util::addStyle('files_sharing', 'mobile');
|
|
OCP\Util::addScript('files_sharing', 'public');
|
|
OCP\Util::addScript('files', 'fileactions');
|
|
OCP\Util::addScript('files', 'jquery.iframe-transport');
|
|
OCP\Util::addScript('files', 'jquery.fileupload');
|
|
$maxUploadFilesize=OCP\Util::maxUploadFilesize($path);
|
|
$tmpl = new OCP\Template('files_sharing', 'public', 'base');
|
|
$tmpl->assign('displayName', \OCP\User::getDisplayName($shareOwner));
|
|
$tmpl->assign('filename', $file);
|
|
$tmpl->assign('directory_path', $linkItem['file_target']);
|
|
$tmpl->assign('mimetype', \OC\Files\Filesystem::getMimeType($path));
|
|
$tmpl->assign('dirToken', $linkItem['token']);
|
|
$tmpl->assign('sharingToken', $token);
|
|
$tmpl->assign('protected', isset($linkItem['share_with']) ? 'true' : 'false');
|
|
|
|
$urlLinkIdentifiers= (isset($token)?'&t='.$token:'')
|
|
.(isset($_GET['dir'])?'&dir='.$_GET['dir']:'')
|
|
.(isset($_GET['file'])?'&file='.$_GET['file']:'');
|
|
// Show file list
|
|
if (\OC\Files\Filesystem::is_dir($path)) {
|
|
$tmpl->assign('dir', $getPath);
|
|
|
|
OCP\Util::addStyle('files', 'files');
|
|
OCP\Util::addStyle('files', 'upload');
|
|
OCP\Util::addScript('files', 'filesummary');
|
|
OCP\Util::addScript('files', 'breadcrumb');
|
|
OCP\Util::addScript('files', 'files');
|
|
OCP\Util::addScript('files', 'filelist');
|
|
OCP\Util::addscript('files', 'keyboardshortcuts');
|
|
$files = array();
|
|
$rootLength = strlen($basePath) + 1;
|
|
$maxUploadFilesize=OCP\Util::maxUploadFilesize($path);
|
|
|
|
$freeSpace=OCP\Util::freeSpace($path);
|
|
$uploadLimit=OCP\Util::uploadLimit();
|
|
$folder = new OCP\Template('files', 'list', '');
|
|
$folder->assign('dir', $getPath);
|
|
$folder->assign('dirToken', $linkItem['token']);
|
|
$folder->assign('permissions', OCP\PERMISSION_READ);
|
|
$folder->assign('isPublic', true);
|
|
$folder->assign('publicUploadEnabled', 'no');
|
|
$folder->assign('files', $files);
|
|
$folder->assign('uploadMaxFilesize', $maxUploadFilesize);
|
|
$folder->assign('uploadMaxHumanFilesize', OCP\Util::humanFileSize($maxUploadFilesize));
|
|
$folder->assign('freeSpace', $freeSpace);
|
|
$folder->assign('uploadLimit', $uploadLimit); // PHP upload limit
|
|
$folder->assign('usedSpacePercent', 0);
|
|
$folder->assign('trash', false);
|
|
$tmpl->assign('folder', $folder->fetchPage());
|
|
$tmpl->assign('downloadURL',
|
|
OCP\Util::linkToPublic('files') . $urlLinkIdentifiers . '&download&path=' . urlencode($getPath));
|
|
} else {
|
|
$tmpl->assign('dir', $dir);
|
|
|
|
// Show file preview if viewer is available
|
|
if ($type == 'file') {
|
|
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files') . $urlLinkIdentifiers . '&download');
|
|
} else {
|
|
$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files')
|
|
.$urlLinkIdentifiers.'&download&path='.urlencode($getPath));
|
|
}
|
|
}
|
|
$tmpl->printPage();
|
|
}
|
|
exit();
|
|
} else {
|
|
OCP\Util::writeLog('share', 'could not resolve linkItem', \OCP\Util::DEBUG);
|
|
}
|
|
|
|
$errorTemplate = new OCP\Template('files_sharing', 'part.404', '');
|
|
$errorContent = $errorTemplate->fetchPage();
|
|
|
|
header('HTTP/1.0 404 Not Found');
|
|
OCP\Util::addStyle('files_sharing', '404');
|
|
$tmpl = new OCP\Template('', '404', 'guest');
|
|
$tmpl->assign('content', $errorContent);
|
|
$tmpl->printPage();
|