Mirrors
/
nextcloud-server
mirror of https://github.com/nextcloud/server
3
0
Fork 0
Code Releases Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9408 Commits
598 Branches
798 Tags
4.1 GiB
Tree: e969a78cf9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e969a78cf9'
${ noResults }
nextcloud-server/lib/util.php

702 lines
21 KiB
Raw Normal View History

Use autoload
15 years ago
whitespace fixes
13 years ago
Renaming classes :-)
15 years ago
Use autoload
15 years ago
provide early file system when using webdav
14 years ago
Use autoload
15 years ago
Combine and minimize core and default app css files
14 years ago
Combine and minimize core and default app js files
14 years ago
Use autoload
15 years ago
adding space between) and {
13 years ago
Use autoload
15 years ago
Fix filesystem setup for shared public link with logged in user
13 years ago
adding space between) and {
13 years ago
Fix filesystem setup for shared public link with logged in user
13 years ago
make sure all filesystem apps are loaded when setupFS is proceeded, to make sure the emmited setup-hook is received. Fixes #89
13 years ago
check if RUNTIME_NOAPPS is set before using it
13 years ago
make sure all filesystem apps are loaded when setupFS is proceeded, to make sure the emmited setup-hook is received. Fixes #89
13 years ago
Fix filesystem setup for shared public link with logged in user
13 years ago
Remove OC::$CONFIG_DATADIRECTORY, not used
14 years ago
always mount the root filesystem, sometimes we need the filesystem when not logged in
14 years ago
adding space between) and {
13 years ago
merge master into filesystem
13 years ago
provide early file system when using webdav
14 years ago
Small code reorder
14 years ago
adding space between) and {
13 years ago
Delay setup of FS until OC_Filesystem is used
14 years ago
enable user backends to define their own place where to store the data
13 years ago
adding space between) and {
13 years ago
Remove OC::$CONFIG_DATADIRECTORY, not used
14 years ago
Use autoload
15 years ago
fix filesharing for multiple data directories
13 years ago
Remove incorrect extra parameter for init() call
13 years ago
merge master into filesystem
13 years ago
a bit of refactoring for oc_filesystem and implement user quota
14 years ago
check if directory already exist before executing mkdir
13 years ago
a bit of refactoring for oc_filesystem and implement user quota
14 years ago
check if directory already exist before executing mkdir
13 years ago
merge master into filesystem
13 years ago
Delay setup of FS until OC_Filesystem is used
14 years ago
Use autoload
15 years ago
merge master into filesystem
13 years ago
Use autoload
15 years ago
adding space between) and {
13 years ago
don't use depricated OC_Filesystem
13 years ago
Use autoload
15 years ago
remove whitespaces, no code change
13 years ago
Use autoload
15 years ago
adding space between) and {
13 years ago
4.5 final
13 years ago
Bumb version number for displayname db upgrade
13 years ago
add status file. useful for external administration. show the ownClopud version at least in the config dialog.
14 years ago
adding space between) and {
13 years ago
marks as 5.0 pre alpha
13 years ago
Use autoload
15 years ago
some indention fixes
14 years ago
adding space between) and {
13 years ago
fixing indent
13 years ago
some indention fixes
14 years ago
Show the different editions to the user. Used in the status call, on the personal settings page and in the updater to update to the next available version from the same edition.
14 years ago
Use autoload
15 years ago
some more porting
14 years ago
Use autoload
15 years ago
adding space between) and {
13 years ago
Use autoload
15 years ago
adding space between) and {
13 years ago
Use autoload
15 years ago
some more porting
14 years ago
Use autoload
15 years ago
adding space between) and {
13 years ago
Use autoload
15 years ago
adding space between) and {
13 years ago
Use autoload
15 years ago
Change gallery thumbnail generation to OC_Image
14 years ago
Use autoload
15 years ago
adding space between) and {
13 years ago
merge master into filesystem
13 years ago
Use autoload
15 years ago
some indention fixes
14 years ago
merge master into filesystem
13 years ago
some indention fixes
14 years ago
remove PgeNavi. It's no longer used
13 years ago
adding space between) and {
13 years ago
merge log into admin
14 years ago
NoSpaceAfterComma first in new branch
13 years ago
merge log into admin
14 years ago
Use strftime to format date with translated month names
14 years ago
Use autoload
15 years ago
adding space between) and {
13 years ago
Use autoload
15 years ago
added hint to restart the web server in case recetly installed php modules are still not available
13 years ago
Use autoload
15 years ago
adding space between) and {
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
added hint to restart the web server in case recetly installed php modules are still not available
13 years ago
Use autoload
15 years ago
change the error hint from suggesting to change the owner of a directory to changing the permissions. changing the owner of a director is not possible via ftp.
14 years ago
Use autoload
15 years ago
Move check code from setupFS to checkServer
14 years ago
i just learned that we also have to check if directories are readable. it seams that is_readable also checks for 'x' right.
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
Move check code from setupFS to checkServer
14 years ago
Correct writable check for app dir
14 years ago
i just learned that we also have to check if directories are readable. it seams that is_readable also checks for 'x' right.
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
Enhance hint about writable app directory
14 years ago
Correct writable check for app dir
14 years ago
Move check code from setupFS to checkServer
14 years ago
Remove OC::$CONFIG_DATADIRECTORY, not used
14 years ago
Move check code from setupFS to checkServer
14 years ago
adding space between) and {
13 years ago
Remove OC::$CONFIG_DATADIRECTORY, not used
14 years ago
Move permissions check to new function checkDataDirectoryPermissions()
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
Move check code from setupFS to checkServer
14 years ago
i just learned that we also have to check if directories are readable. it seams that is_readable also checks for 'x' right.
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
Move data directory permission checks after data directory existence checks
13 years ago
Move permissions check to new function checkDataDirectoryPermissions()
13 years ago
Use autoload
15 years ago
check for php modules
14 years ago
adding space between) and {
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
added hint to restart the web server in case recetly installed php modules are still not available
13 years ago
check for php modules
14 years ago
adding space between) and {
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
added hint to restart the web server in case recetly installed php modules are still not available
13 years ago
check for php modules
14 years ago
adding space between) and {
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
added hint to restart the web server in case recetly installed php modules are still not available
13 years ago
add check for ctype
14 years ago
adding space between) and {
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
added hint to restart the web server in case recetly installed php modules are still not available
13 years ago
check if PHP mod JSON is installed
14 years ago
adding space between) and {
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
added hint to restart the web server in case recetly installed php modules are still not available
13 years ago
check if PHP mod GD is installed
14 years ago
adding space between) and {
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
added hint to restart the web server in case recetly installed php modules are still not available
13 years ago
add check for zlib
13 years ago
Check for iconv
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
Check for iconv
13 years ago
check for SimpleXML which seems to bw non default on Free BSD
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
check for SimpleXML which seems to bw non default on Free BSD
13 years ago
adding space between) and {
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
added hint to restart the web server in case recetly installed php modules are still not available
13 years ago
we require php 5.3 now. so please notify the user if an old version is in use
14 years ago
adding space between) and {
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
added hint to restart the web server in case recetly installed php modules are still not available
13 years ago
in case file based session handling in enabled - we need to make sure the configured folder is writable
13 years ago
added hint to restart the web server in case recetly installed php modules are still not available
13 years ago
Checkstyle fixes: NoSpaceAfterComma
13 years ago
add a check for pdo
14 years ago
Use autoload
15 years ago
Move some common code to OC_Util Created the following function: - checkLoggedIn - checkAdminUser - redirectToDefaultPage
14 years ago
Move permissions check to new function checkDataDirectoryPermissions()
13 years ago
extend logon page to display multiple error messages
13 years ago
Use OC_Util::displayLoginPage and cleanup the function
13 years ago
extend logon page to display multiple error messages
13 years ago
Use OC_Util::displayLoginPage and cleanup the function
13 years ago
More style fixes
13 years ago
Use OC_Util::displayLoginPage and cleanup the function
13 years ago
Merge branch 'lostpassword' Conflicts: core/templates/login.php index.php lib/util.php
14 years ago
Use OC_Util::displayLoginPage and cleanup the function
13 years ago
Move display of login page to function in OC_Util
14 years ago
Use OC_Util::displayLoginPage and cleanup the function
13 years ago
Fix warning about redirect_url not set
13 years ago
fixing indent
13 years ago
add support for apps to register alternative login methods below the standard login a list of icons/button will be displayed
13 years ago
Move display of login page to function in OC_Util
14 years ago
enhance errormessages on setup
14 years ago
Check if the application is actually enabled
14 years ago
fixing indent
13 years ago
adding space between) and {
13 years ago
Use separate function to make absolute urls
14 years ago
Check if the application is actually enabled
14 years ago
Move some common code to OC_Util Created the following function: - checkLoggedIn - checkAdminUser - redirectToDefaultPage
14 years ago
fixing indent
13 years ago
adding space between) and {
13 years ago
Move some common code to OC_Util Created the following function: - checkLoggedIn - checkAdminUser - redirectToDefaultPage
14 years ago
adding space between) and {
13 years ago
add multiple domains reverse proxy support Add support for a reverse proxy that handles multiple domains via different web roots (http[s]://proxy.tld/domain.tld/owncloud). As the reverse proxy web root is transparent for the web server the REQUEST_URI and SCRIPT_NAME need manual adjustments. This patch replace the direct use of this _SERVER variables with function calls and extend this functions to overwrite the web root. Additionally it adds a Sabre request backend that extends the Sabre_HTTP_Request to use the same functions.
13 years ago
Move some common code to OC_Util Created the following function: - checkLoggedIn - checkAdminUser - redirectToDefaultPage
14 years ago
fixing indent
13 years ago
adding space between) and {
13 years ago
Check if user is admin - bool There was no "isAdminUser()" function which returned bool. This is irritiating as there were a loooooooot of places in the code which checked this itself with `OC_Group::inGroup($uid, 'admin)` - why not use a function for this? (Especially if you consider that we might change the group name in the future, which would lead to problems then) Additionally, @Raydiation needed such a method for his AppFramework :)
13 years ago
Use separate function to make absolute urls
14 years ago
Move some common code to OC_Util Created the following function: - checkLoggedIn - checkAdminUser - redirectToDefaultPage
14 years ago
some work on subadmins
14 years ago
fixing indent
13 years ago
adding space between) and {
13 years ago
some work on subadmins
14 years ago
subadmins can now add users
14 years ago
some work on subadmins
14 years ago
Move some common code to OC_Util Created the following function: - checkLoggedIn - checkAdminUser - redirectToDefaultPage
14 years ago
fixing indent
13 years ago
adding space between) and {
13 years ago
Make the redirect_url working again Fixes #160
13 years ago
Prefer requested app before redirecting to default page
14 years ago
Change hardcoded urls to use linkTo function
13 years ago
Prefer requested app before redirecting to default page
14 years ago
Change hardcoded urls to use linkTo function
13 years ago
Added function to make url absolute
13 years ago
Change hardcoded urls to use linkTo function
13 years ago
redirect url fixed
14 years ago
More helpfull debug msg for redirectToDefaultPage
14 years ago
Move some common code to OC_Util Created the following function: - checkLoggedIn - checkAdminUser - redirectToDefaultPage
14 years ago
add unique instance id
14 years ago
adding space between) and {
13 years ago
Checkstyle: NoSpaceAfterComma
13 years ago
adding space between) and {
13 years ago
add unique instance id
14 years ago
NoSpaceAfterComma first in new branch
13 years ago
add unique instance id
14 years ago
add two csrf check calls. Review and lot´s of porting needed.
14 years ago
Reimplementation of CSRF protection including autorefresh
13 years ago
Whitespace cleanup
13 years ago
Reimplementation of CSRF protection including autorefresh
13 years ago
Added JSON methods for CSRF prevention. Make request token accessible from template and add js var.
14 years ago
Reimplementation of CSRF protection including autorefresh
13 years ago
add two csrf check calls. Review and lot´s of porting needed.
14 years ago
adding space between) and {
13 years ago
Generate only one CSRF token
13 years ago
Create only one CSRF token per session Before, the CSRF token expired every hour. We had a script in place which should refresh the token but this don't worked in every case. (Laptop sleeping etc.) With this commit, the token will only get once created for every session so that the "Token expired" warning shouldn't appear.
13 years ago
Generate only one CSRF token
13 years ago
Create only one CSRF token per session Before, the CSRF token expired every hour. We had a script in place which should refresh the token but this don't worked in every case. (Laptop sleeping etc.) With this commit, the token will only get once created for every session so that the "Token expired" warning shouldn't appear.
13 years ago
Generate only one CSRF token
13 years ago
Create only one CSRF token per session Before, the CSRF token expired every hour. We had a script in place which should refresh the token but this don't worked in every case. (Laptop sleeping etc.) With this commit, the token will only get once created for every session so that the "Token expired" warning shouldn't appear.
13 years ago
implement a simple request token session garbage collector
14 years ago
Create only one CSRF token per session Before, the CSRF token expired every hour. We had a script in place which should refresh the token but this don't worked in every case. (Laptop sleeping etc.) With this commit, the token will only get once created for every session so that the "Token expired" warning shouldn't appear.
13 years ago
add two csrf check calls. Review and lot´s of porting needed.
14 years ago
Added JSON methods for CSRF prevention. Make request token accessible from template and add js var.
14 years ago
Reimplementation of CSRF protection including autorefresh
13 years ago
Fix a typo
13 years ago
add two csrf check calls. Review and lot´s of porting needed.
14 years ago
adding space between) and {
13 years ago
add two csrf check calls. Review and lot´s of porting needed.
14 years ago
adding space between) and {
13 years ago
add two csrf check calls. Review and lot´s of porting needed.
14 years ago
adding space between) and {
13 years ago
Added JSON methods for CSRF prevention. Make request token accessible from template and add js var.
14 years ago
add two csrf check calls. Review and lot´s of porting needed.
14 years ago
Added JSON methods for CSRF prevention. Make request token accessible from template and add js var.
14 years ago
add two csrf check calls. Review and lot´s of porting needed.
14 years ago
Generate only one CSRF token
13 years ago
Create only one CSRF token per session Before, the CSRF token expired every hour. We had a script in place which should refresh the token but this don't worked in every case. (Laptop sleeping etc.) With this commit, the token will only get once created for every session so that the "Token expired" warning shouldn't appear.
13 years ago
Generate only one CSRF token
13 years ago
Added JSON methods for CSRF prevention. Make request token accessible from template and add js var.
14 years ago
Generate only one CSRF token
13 years ago
add two csrf check calls. Review and lot´s of porting needed.
14 years ago
Added JSON methods for CSRF prevention. Make request token accessible from template and add js var.
14 years ago
adding space between) and {
13 years ago
Added JSON methods for CSRF prevention. Make request token accessible from template and add js var.
14 years ago
Whitespace fixes in lib
13 years ago
check if the data directory is accessible via http. Show a big security warning if yes
14 years ago
Spelling fixes
14 years ago
Whitespace fixes in lib
13 years ago
introducing a sanitize HTML function for the internal and the public API. This allows to easily convert strings to HTML before displaying them on the web page to reduce the risk of xss vulnerabilities.
14 years ago
Spelling fixes
14 years ago
introducing a sanitize HTML function for the internal and the public API. This allows to easily convert strings to HTML before displaying them on the web page to reduce the risk of xss vulnerabilities.
14 years ago
adding space between) and {
13 years ago
Move { to same line
13 years ago
Expand if to multiple lines Oneliners are ugly.
13 years ago
introducing a sanitize HTML function for the internal and the public API. This allows to easily convert strings to HTML before displaying them on the web page to reduce the risk of xss vulnerabilities.
14 years ago
check if the data directory is accessible via http. Show a big security warning if yes
14 years ago
some indention fixes
14 years ago
check if the data directory is accessible via http. Show a big security warning if yes
14 years ago
some indention fixes
14 years ago
possible fix for bombarding the server with the htaccess test during setup
13 years ago
Checkstyle: Fix the last two SpaceBeforeOpenBrace
13 years ago
possible fix for bombarding the server with the htaccess test during setup
13 years ago
some indention fixes
14 years ago
check if the data directory is accessible via http. Show a big security warning if yes
14 years ago
Added function to make url absolute
13 years ago
some indention fixes
14 years ago
check if the data directory is accessible via http. Show a big security warning if yes
14 years ago
some indention fixes
14 years ago
check if the data directory is accessible via http. Show a big security warning if yes
14 years ago
add a check and a warning if the ownClodu server is not able to establish http connections to the internet. The reason is that users complained that external filesystem support, the update checker, downloading of new apps or the nowledgebase don´t work and don´t know why.
13 years ago
fixing indent
13 years ago
add a check and a warning if setlocale is working
13 years ago
setlocale test is pointless on Windows
13 years ago
add a check and a warning if setlocale is working
13 years ago
we get best results regarding mime type detection if we use fileinfo - let's tell the admin about that
13 years ago
fixing indent
13 years ago
Fix "Line indented incorrectly"
13 years ago
add a check and a warning if the ownClodu server is not able to establish http connections to the internet. The reason is that users complained that external filesystem support, the update checker, downloading of new apps or the nowledgebase don´t work and don´t know why.
13 years ago
fixing indent
13 years ago
Fixed new checkstyle issues in util.php from build #1341.
13 years ago
add a check and a warning if the ownClodu server is not able to establish http connections to the internet. The reason is that users complained that external filesystem support, the update checker, downloading of new apps or the nowledgebase don´t work and don´t know why.
13 years ago
add function to safely end output buffering
13 years ago
add a check and a warning if the ownClodu server is not able to establish http connections to the internet. The reason is that users complained that external filesystem support, the update checker, downloading of new apps or the nowledgebase don´t work and don´t know why.
13 years ago
fixing indent
13 years ago
Fixed new checkstyle issues in util.php from build #1341.
13 years ago
add a check and a warning if the ownClodu server is not able to establish http connections to the internet. The reason is that users complained that external filesystem support, the update checker, downloading of new apps or the nowledgebase don´t work and don´t know why.
13 years ago
add function to safely end output buffering
13 years ago
add a check and a warning if the ownClodu server is not able to establish http connections to the internet. The reason is that users complained that external filesystem support, the update checker, downloading of new apps or the nowledgebase don´t work and don´t know why.
13 years ago
add function to safely end output buffering
13 years ago
add a check and a warning if the ownClodu server is not able to establish http connections to the internet. The reason is that users complained that external filesystem support, the update checker, downloading of new apps or the nowledgebase don´t work and don´t know why.
13 years ago
add function to safely end output buffering
13 years ago
add a check and a warning if the ownClodu server is not able to establish http connections to the internet. The reason is that users complained that external filesystem support, the update checker, downloading of new apps or the nowledgebase don´t work and don´t know why.
13 years ago
Correct formatting
13 years ago
fixing indent
13 years ago
Fallback for systems without openssl
13 years ago
Fallback to /dev/random if openssl_random_pseudo_bytes not available
13 years ago
Whitespace cleanup
13 years ago
Fallback for systems without openssl
13 years ago
More Checkstyle cleanup This is for all LowerCaseConstant warnings
13 years ago
Fallback for systems without openssl
13 years ago
Use /dev/urandom instead of /dev/random The usage of /dev/urandom is enough secure
13 years ago
More Checkstyle cleanup This is for all LowerCaseConstant warnings
13 years ago
Whitespace cleanup
13 years ago
Fallback to /dev/random if openssl_random_pseudo_bytes not available
13 years ago
Whitespace cleanup
13 years ago
Fallback for systems without openssl
13 years ago
Whitespace cleanup
13 years ago
Fallback for systems without openssl
13 years ago
Whitespace cleanup
13 years ago
Fallback for systems without openssl
13 years ago
Whitespace cleanup
13 years ago
Correct formatting
13 years ago
fixing indent
13 years ago
Show a warning in the installer if no secure RNG is available
13 years ago
Whitespace cleanup
13 years ago
Show a warning in the installer if no secure RNG is available
13 years ago
More Checkstyle cleanup This is for all LowerCaseConstant warnings
13 years ago
Show a warning in the installer if no secure RNG is available
13 years ago
Use /dev/urandom instead of /dev/random The usage of /dev/urandom is enough secure
13 years ago
More Checkstyle cleanup This is for all LowerCaseConstant warnings
13 years ago
Show a warning in the installer if no secure RNG is available
13 years ago
Whitespace cleanup
13 years ago
fixing indent
13 years ago
Fix "Line indented incorrectly"
13 years ago
fixing indent
13 years ago
new function \OC_Util::runningOnWindows()
13 years ago
Use autoload
15 years ago
  1. <?php
  2. /**
  3. * Class for utility functions
  4. *
  5. */
  7. class OC_Util {
  8. public static $scripts=array();
  9. public static $styles=array();
  10. public static $headers=array();
  11. private static $rootMounted=false;
  12. private static $fsSetup=false;
  13. public static $core_styles=array();
  14. public static $core_scripts=array();
  16. // Can be set up
  17. public static function setupFS( $user = '' ) {// configure the initial filesystem based on the configuration
  18. if(self::$fsSetup) {//setting up the filesystem twice can only lead to trouble
  19. return false;
  20. }
  22. // If we are not forced to load a specific user we load the one that is logged in
  23. if( $user == "" && OC_User::isLoggedIn()) {
  24. $user = OC_User::getUser();
  25. }
  27. // load all filesystem apps before, so no setup-hook gets lost
  28. if(!isset($RUNTIME_NOAPPS) || !$RUNTIME_NOAPPS) {
  29. OC_App::loadApps(array('filesystem'));
  30. }
  32. // the filesystem will finish when $user is not empty,
  33. // mark fs setup here to avoid doing the setup from loading
  34. // OC_Filesystem
  35. if ($user != '') {
  36. self::$fsSetup=true;
  37. }
  39. $CONFIG_DATADIRECTORY = OC_Config::getValue( "datadirectory", OC::$SERVERROOT."/data" );
  40. //first set up the local "root" storage
  41. if(!self::$rootMounted) {
  42. \OC\Files\Filesystem::mount('\OC\Files\Storage\Local', array('datadir'=>$CONFIG_DATADIRECTORY), '/');
  43. self::$rootMounted=true;
  44. }
  46. if( $user != "" ) { //if we aren't logged in, there is no use to set up the filesystem
  47. $user_dir = '/'.$user.'/files';
  48. $user_root = OC_User::getHome($user);
  49. $userdirectory = $user_root . '/files';
  50. if( !is_dir( $userdirectory )) {
  51. mkdir( $userdirectory, 0755, true );
  52. }
  53. //jail the user into his "home" directory
  54. \OC\Files\Filesystem::init($user_dir);
  56. $quotaProxy=new OC_FileProxy_Quota();
  57. $fileOperationProxy = new OC_FileProxy_FileOperations();
  58. OC_FileProxy::register($quotaProxy);
  59. OC_FileProxy::register($fileOperationProxy);
  61. OC_Hook::emit('OC_Filesystem', 'setup', array('user' => $user, 'user_dir' => $user_dir));
  62. }
  63. return true;
  64. }
  66. public static function tearDownFS() {
  67. \OC\Files\Filesystem::tearDown();
  68. self::$fsSetup=false;
  69. }
  71. /**
  72. * get the current installed version of ownCloud
  73. * @return array
  74. */
  75. public static function getVersion() {
  76. // hint: We only can count up. So the internal version number of ownCloud 4.5 will be 4.90.0. This is not visible to the user
  77. return array(4, 91, 9);
  78. }
  80. /**
  81. * get the current installed version string of ownCloud
  82. * @return string
  83. */
  84. public static function getVersionString() {
  85. return '5.0 pre alpha';
  86. }
  88. /**
  89. * get the current installed edition of ownCloud. There is the community edition that just returns an empty string and the enterprise edition that returns "Enterprise".
  90. * @return string
  91. */
  92. public static function getEditionString() {
  93. return '';
  94. }
  96. /**
  97. * add a javascript file
  98. *
  99. * @param appid $application
  100. * @param filename $file
  101. */
  102. public static function addScript( $application, $file = null ) {
  103. if( is_null( $file )) {
  104. $file = $application;
  105. $application = "";
  106. }
  107. if( !empty( $application )) {
  108. self::$scripts[] = "$application/js/$file";
  109. }else{
  110. self::$scripts[] = "js/$file";
  111. }
  112. }
  114. /**
  115. * add a css file
  116. *
  117. * @param appid $application
  118. * @param filename $file
  119. */
  120. public static function addStyle( $application, $file = null ) {
  121. if( is_null( $file )) {
  122. $file = $application;
  123. $application = "";
  124. }
  125. if( !empty( $application )) {
  126. self::$styles[] = "$application/css/$file";
  127. }else{
  128. self::$styles[] = "css/$file";
  129. }
  130. }
  132. /**
  133. * @brief Add a custom element to the header
  134. * @param string tag tag name of the element
  135. * @param array $attributes array of attributes for the element
  136. * @param string $text the text content for the element
  137. */
  138. public static function addHeader( $tag, $attributes, $text='') {
  139. self::$headers[] = array('tag'=>$tag, 'attributes'=>$attributes, 'text'=>$text);
  140. }
  142. /**
  143. * formats a timestamp in the "right" way
  144. *
  145. * @param int timestamp $timestamp
  146. * @param bool dateOnly option to omit time from the result
  147. */
  148. public static function formatDate( $timestamp, $dateOnly=false) {
  149. if(isset($_SESSION['timezone'])) {//adjust to clients timezone if we know it
  150. $systemTimeZone = intval(date('O'));
  151. $systemTimeZone=(round($systemTimeZone/100, 0)*60)+($systemTimeZone%100);
  152. $clientTimeZone=$_SESSION['timezone']*60;
  153. $offset=$clientTimeZone-$systemTimeZone;
  154. $timestamp=$timestamp+$offset*60;
  155. }
  156. $l=OC_L10N::get('lib');
  157. return $l->l($dateOnly ? 'date' : 'datetime', $timestamp);
  158. }
  160. /**
  161. * check if the current server configuration is suitable for ownCloud
  162. * @return array arrays with error messages and hints
  163. */
  164. public static function checkServer() {
  165. $errors=array();
  167. $web_server_restart= false;
  168. //check for database drivers
  169. if(!(is_callable('sqlite_open') or class_exists('SQLite3')) and !is_callable('mysql_connect') and !is_callable('pg_connect')) {
  170. $errors[]=array('error'=>'No database drivers (sqlite, mysql, or postgresql) installed.<br/>', 'hint'=>'');//TODO: sane hint
  171. $web_server_restart= true;
  172. }
  174. //common hint for all file permissons error messages
  175. $permissionsHint="Permissions can usually be fixed by giving the webserver write access to the ownCloud directory";
  177. // Check if config folder is writable.
  178. if(!is_writable(OC::$SERVERROOT."/config/") or !is_readable(OC::$SERVERROOT."/config/")) {
  179. $errors[]=array('error'=>"Can't write into config directory 'config'", 'hint'=>"You can usually fix this by giving the webserver user write access to the config directory in owncloud");
  180. }
  182. // Check if there is a writable install folder.
  183. if(OC_Config::getValue('appstoreenabled', true)) {
  184. if( OC_App::getInstallPath() === null || !is_writable(OC_App::getInstallPath()) || !is_readable(OC_App::getInstallPath()) ) {
  185. $errors[]=array('error'=>"Can't write into apps directory", 'hint'=>"You can usually fix this by giving the webserver user write access to the apps directory
  186. in owncloud or disabling the appstore in the config file.");
  187. }
  188. }
  189. $CONFIG_DATADIRECTORY = OC_Config::getValue( "datadirectory", OC::$SERVERROOT."/data" );
  190. // Create root dir.
  191. if(!is_dir($CONFIG_DATADIRECTORY)) {
  192. $success=@mkdir($CONFIG_DATADIRECTORY);
  193. if ($success) {
  194. $errors = array_merge($errors, self::checkDataDirectoryPermissions($CONFIG_DATADIRECTORY));
  195. } else {
  196. $errors[]=array('error'=>"Can't create data directory (".$CONFIG_DATADIRECTORY.")", 'hint'=>"You can usually fix this by giving the webserver write access to the ownCloud directory '".OC::$SERVERROOT."' (in a terminal, use the command 'chown -R www-data:www-data /path/to/your/owncloud/install/data' ");
  197. }
  198. } else if(!is_writable($CONFIG_DATADIRECTORY) or !is_readable($CONFIG_DATADIRECTORY)) {
  199. $errors[]=array('error'=>'Data directory ('.$CONFIG_DATADIRECTORY.') not writable by ownCloud<br/>', 'hint'=>$permissionsHint);
  200. } else {
  201. $errors = array_merge($errors, self::checkDataDirectoryPermissions($CONFIG_DATADIRECTORY));
  202. }
  203. // check if all required php modules are present
  204. if(!class_exists('ZipArchive')) {
  205. $errors[]=array('error'=>'PHP module zip not installed.<br/>', 'hint'=>'Please ask your server administrator to install the module.');
  206. $web_server_restart= false;
  207. }
  209. if(!function_exists('mb_detect_encoding')) {
  210. $errors[]=array('error'=>'PHP module mb multibyte not installed.<br/>', 'hint'=>'Please ask your server administrator to install the module.');
  211. $web_server_restart= false;
  212. }
  213. if(!function_exists('ctype_digit')) {
  214. $errors[]=array('error'=>'PHP module ctype is not installed.<br/>', 'hint'=>'Please ask your server administrator to install the module.');
  215. $web_server_restart= false;
  216. }
  217. if(!function_exists('json_encode')) {
  218. $errors[]=array('error'=>'PHP module JSON is not installed.<br/>', 'hint'=>'Please ask your server administrator to install the module.');
  219. $web_server_restart= false;
  220. }
  221. if(!function_exists('imagepng')) {
  222. $errors[]=array('error'=>'PHP module GD is not installed.<br/>', 'hint'=>'Please ask your server administrator to install the module.');
  223. $web_server_restart= false;
  224. }
  225. if(!function_exists('gzencode')) {
  226. $errors[]=array('error'=>'PHP module zlib is not installed.<br/>', 'hint'=>'Please ask your server administrator to install the module.');
  227. $web_server_restart= false;
  228. }
  229. if(!function_exists('iconv')) {
  230. $errors[]=array('error'=>'PHP module iconv is not installed.<br/>', 'hint'=>'Please ask your server administrator to install the module.');
  231. $web_server_restart= false;
  232. }
  233. if(!function_exists('simplexml_load_string')) {
  234. $errors[]=array('error'=>'PHP module SimpleXML is not installed.<br/>', 'hint'=>'Please ask your server administrator to install the module.');
  235. $web_server_restart= false;
  236. }
  237. if(floatval(phpversion())<5.3) {
  238. $errors[]=array('error'=>'PHP 5.3 is required.<br/>', 'hint'=>'Please ask your server administrator to update PHP to version 5.3 or higher. PHP 5.2 is no longer supported by ownCloud and the PHP community.');
  239. $web_server_restart= false;
  240. }
  241. if(!defined('PDO::ATTR_DRIVER_NAME')) {
  242. $errors[]=array('error'=>'PHP PDO module is not installed.<br/>', 'hint'=>'Please ask your server administrator to install the module.');
  243. $web_server_restart= false;
  244. }
  246. $handler = ini_get("session.save_handler");
  247. if($handler == "files") {
  248. $tmpDir = session_save_path();
  249. if($tmpDir != ""){
  250. if(!@is_writable($tmpDir)){
  251. $errors[]=array('error' => 'The temporary folder used by PHP to save the session data is either incorrect or not writable! Please check : '.session_save_path().'<br/>',
  252. 'hint'=>'Please ask your server administrator to grant write access or define another temporary folder.');
  253. }
  254. }
  255. }
  257. if($web_server_restart) {
  258. $errors[]=array('error'=>'PHP modules have been installed, but they are still listed as missing?<br/>', 'hint'=>'Please ask your server administrator to restart the web server.');
  259. }
  261. return $errors;
  262. }
  264. /**
  265. * Check for correct file permissions of data directory
  266. * @return array arrays with error messages and hints
  267. */
  268. public static function checkDataDirectoryPermissions($dataDirectory) {
  269. $errors = array();
  270. if (stristr(PHP_OS, 'WIN')) {
  271. //TODO: permissions checks for windows hosts
  272. } else {
  273. $permissionsModHint = 'Please change the permissions to 0770 so that the directory cannot be listed by other users.';
  274. $prems = substr(decoct(@fileperms($dataDirectory)), -3);
  275. if (substr($prems, -1) != '0') {
  276. OC_Helper::chmodr($dataDirectory, 0770);
  277. clearstatcache();
  278. $prems = substr(decoct(@fileperms($dataDirectory)), -3);
  279. if (substr($prems, 2, 1) != '0') {
  280. $errors[] = array('error' => 'Data directory ('.$dataDirectory.') is readable for other users<br/>', 'hint' => $permissionsModHint);
  281. }
  282. }
  283. }
  284. return $errors;
  285. }
  287. public static function displayLoginPage($errors = array()) {
  288. $parameters = array();
  289. foreach( $errors as $key => $value ) {
  290. $parameters[$value] = true;
  291. }
  292. if (!empty($_POST['user'])) {
  293. $parameters["username"] = OC_Util::sanitizeHTML($_POST['user']).'"';
  294. $parameters['user_autofocus'] = false;
  295. } else {
  296. $parameters["username"] = '';
  297. $parameters['user_autofocus'] = true;
  298. }
  299. if (isset($_REQUEST['redirect_url'])) {
  300. $redirect_url = OC_Util::sanitizeHTML($_REQUEST['redirect_url']);
  301. $parameters['redirect_url'] = urlencode($redirect_url);
  302. }
  304. $parameters['alt_login'] = OC_App::getAlternativeLogIns();
  305. OC_Template::printGuestPage("", "login", $parameters);
  306. }
  309. /**
  310. * Check if the app is enabled, redirects to home if not
  311. */
  312. public static function checkAppEnabled($app) {
  313. if( !OC_App::isEnabled($app)) {
  314. header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' ));
  315. exit();
  316. }
  317. }
  319. /**
  320. * Check if the user is logged in, redirects to home if not. With
  321. * redirect URL parameter to the request URI.
  322. */
  323. public static function checkLoggedIn() {
  324. // Check if we are a user
  325. if( !OC_User::isLoggedIn()) {
  326. header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php', array('redirect_url' => OC_Request::requestUri())));
  327. exit();
  328. }
  329. }
  331. /**
  332. * Check if the user is a admin, redirects to home if not
  333. */
  334. public static function checkAdminUser() {
  335. if( !OC_User::isAdminUser(OC_User::getUser())) {
  336. header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' ));
  337. exit();
  338. }
  339. }
  341. /**
  342. * Check if the user is a subadmin, redirects to home if not
  343. * @return array $groups where the current user is subadmin
  344. */
  345. public static function checkSubAdminUser() {
  346. if(!OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
  347. header( 'Location: '.OC_Helper::linkToAbsolute( '', 'index.php' ));
  348. exit();
  349. }
  350. return true;
  351. }
  353. /**
  354. * Redirect to the user default page
  355. */
  356. public static function redirectToDefaultPage() {
  357. if(isset($_REQUEST['redirect_url'])) {
  358. $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
  359. }
  360. else if (isset(OC::$REQUESTEDAPP) && !empty(OC::$REQUESTEDAPP)) {
  361. $location = OC_Helper::linkToAbsolute( OC::$REQUESTEDAPP, 'index.php' );
  362. }
  363. else {
  364. $defaultpage = OC_Appconfig::getValue('core', 'defaultpage');
  365. if ($defaultpage) {
  366. $location = OC_Helper::makeURLAbsolute(OC::$WEBROOT.'/'.$defaultpage);
  367. }
  368. else {
  369. $location = OC_Helper::linkToAbsolute( 'files', 'index.php' );
  370. }
  371. }
  372. OC_Log::write('core', 'redirectToDefaultPage: '.$location, OC_Log::DEBUG);
  373. header( 'Location: '.$location );
  374. exit();
  375. }
  377. /**
  378. * get an id unqiue for this instance
  379. * @return string
  380. */
  381. public static function getInstanceId() {
  382. $id=OC_Config::getValue('instanceid', null);
  383. if(is_null($id)) {
  384. $id=uniqid();
  385. OC_Config::setValue('instanceid', $id);
  386. }
  387. return $id;
  388. }
  390. /**
  391. * @brief Static lifespan (in seconds) when a request token expires.
  392. * @see OC_Util::callRegister()
  393. * @see OC_Util::isCallRegistered()
  394. * @description
  395. * Also required for the client side to compute the piont in time when to
  396. * request a fresh token. The client will do so when nearly 97% of the
  397. * timespan coded here has expired.
  398. */
  399. public static $callLifespan = 3600; // 3600 secs = 1 hour
  401. /**
  402. * @brief Register an get/post call. Important to prevent CSRF attacks.
  403. * @todo Write howto: CSRF protection guide
  404. * @return $token Generated token.
  405. * @description
  406. * Creates a 'request token' (random) and stores it inside the session.
  407. * Ever subsequent (ajax) request must use such a valid token to succeed,
  408. * otherwise the request will be denied as a protection against CSRF.
  409. * The tokens expire after a fixed lifespan.
  410. * @see OC_Util::$callLifespan
  411. * @see OC_Util::isCallRegistered()
  412. */
  413. public static function callRegister() {
  414. // Check if a token exists
  415. if(!isset($_SESSION['requesttoken'])) {
  416. // No valid token found, generate a new one.
  417. $requestToken = self::generate_random_bytes(20);
  418. $_SESSION['requesttoken']=$requestToken;
  419. } else {
  420. // Valid token already exists, send it
  421. $requestToken = $_SESSION['requesttoken'];
  422. }
  423. return($requestToken);
  424. }
  426. /**
  427. * @brief Check an ajax get/post call if the request token is valid.
  428. * @return boolean False if request token is not set or is invalid.
  429. * @see OC_Util::$callLifespan
  430. * @see OC_Util::callRegister()
  431. */
  432. public static function isCallRegistered() {
  433. if(isset($_GET['requesttoken'])) {
  434. $token=$_GET['requesttoken'];
  435. }elseif(isset($_POST['requesttoken'])) {
  436. $token=$_POST['requesttoken'];
  437. }elseif(isset($_SERVER['HTTP_REQUESTTOKEN'])) {
  438. $token=$_SERVER['HTTP_REQUESTTOKEN'];
  439. }else{
  440. //no token found.
  441. return false;
  442. }
  444. // Check if the token is valid
  445. if($token !== $_SESSION['requesttoken']) {
  446. // Not valid
  447. return false;
  448. } else {
  449. // Valid token
  450. return true;
  451. }
  452. }
  454. /**
  455. * @brief Check an ajax get/post call if the request token is valid. exit if not.
  456. * Todo: Write howto
  457. */
  458. public static function callCheck() {
  459. if(!OC_Util::isCallRegistered()) {
  460. exit;
  461. }
  462. }
  464. /**
  465. * @brief Public function to sanitize HTML
  466. *
  467. * This function is used to sanitize HTML and should be applied on any
  468. * string or array of strings before displaying it on a web page.
  469. *
  470. * @param string or array of strings
  471. * @return array with sanitized strings or a single sanitized string, depends on the input parameter.
  472. */
  473. public static function sanitizeHTML( &$value ) {
  474. if (is_array($value) || is_object($value)) {
  475. array_walk_recursive($value, 'OC_Util::sanitizeHTML');
  476. } else {
  477. $value = htmlentities($value, ENT_QUOTES, 'UTF-8'); //Specify encoding for PHP<5.4
  478. }
  479. return $value;
  480. }
  483. /**
  484. * Check if the htaccess file is working by creating a test file in the data directory and trying to access via http
  485. */
  486. public static function ishtaccessworking() {
  487. // testdata
  488. $filename='/htaccesstest.txt';
  489. $testcontent='testcontent';
  491. // creating a test file
  492. $testfile = OC_Config::getValue( "datadirectory", OC::$SERVERROOT."/data" ).'/'.$filename;
  494. if(file_exists($testfile)) {// already running this test, possible recursive call
  495. return false;
  496. }
  498. $fp = @fopen($testfile, 'w');
  499. @fwrite($fp, $testcontent);
  500. @fclose($fp);
  502. // accessing the file via http
  503. $url = OC_Helper::makeURLAbsolute(OC::$WEBROOT.'/data'.$filename);
  504. $fp = @fopen($url, 'r');
  505. $content=@fread($fp, 2048);
  506. @fclose($fp);
  508. // cleanup
  509. @unlink($testfile);
  511. // does it work ?
  512. if($content==$testcontent) {
  513. return(false);
  514. }else{
  515. return(true);
  516. }
  517. }
  520. /**
  521. * Check if the setlocal call doesn't work. This can happen if the right local packages are not available on the server.
  522. */
  523. public static function issetlocaleworking() {
  524. // setlocale test is pointless on Windows
  525. if (OC_Util::runningOnWindows() ) {
  526. return true;
  527. }
  529. $result=setlocale(LC_ALL, 'en_US.UTF-8');
  530. if($result==false) {
  531. return(false);
  532. }else{
  533. return(true);
  534. }
  535. }
  537. /**
  538. * Check if the PHP module fileinfo is loaded.
  539. * @return bool
  540. */
  541. public static function fileInfoLoaded() {
  542. return function_exists('finfo_open');
  543. }
  545. /**
  546. * Check if the ownCloud server can connect to the internet
  547. */
  548. public static function isinternetconnectionworking() {
  550. // try to connect to owncloud.org to see if http connections to the internet are possible.
  551. $connected = @fsockopen("www.owncloud.org", 80);
  552. if ($connected) {
  553. fclose($connected);
  554. return true;
  555. }else{
  557. // second try in case one server is down
  558. $connected = @fsockopen("apps.owncloud.com", 80);
  559. if ($connected) {
  560. fclose($connected);
  561. return true;
  562. }else{
  563. return false;
  564. }
  566. }
  568. }
  570. /**
  571. * clear all levels of output buffering
  572. */
  573. public static function obEnd(){
  574. while (ob_get_level()) {
  575. ob_end_clean();
  576. }
  577. }
  580. /**
  581. * @brief Generates a cryptographical secure pseudorandom string
  582. * @param Int with the length of the random string
  583. * @return String
  584. * Please also update secureRNG_available if you change something here
  585. */
  586. public static function generate_random_bytes($length = 30) {
  588. // Try to use openssl_random_pseudo_bytes
  589. if(function_exists('openssl_random_pseudo_bytes')) {
  590. $pseudo_byte = bin2hex(openssl_random_pseudo_bytes($length, $strong));
  591. if($strong == true) {
  592. return substr($pseudo_byte, 0, $length); // Truncate it to match the length
  593. }
  594. }
  596. // Try to use /dev/urandom
  597. $fp = @file_get_contents('/dev/urandom', false, null, 0, $length);
  598. if ($fp !== false) {
  599. $string = substr(bin2hex($fp), 0, $length);
  600. return $string;
  601. }
  603. // Fallback to mt_rand()
  604. $characters = '0123456789';
  605. $characters .= 'abcdefghijklmnopqrstuvwxyz';
  606. $charactersLength = strlen($characters)-1;
  607. $pseudo_byte = "";
  609. // Select some random characters
  610. for ($i = 0; $i < $length; $i++) {
  611. $pseudo_byte .= $characters[mt_rand(0, $charactersLength)];
  612. }
  613. return $pseudo_byte;
  614. }
  616. /**
  617. * @brief Checks if a secure random number generator is available
  618. * @return bool
  619. */
  620. public static function secureRNG_available() {
  622. // Check openssl_random_pseudo_bytes
  623. if(function_exists('openssl_random_pseudo_bytes')) {
  624. openssl_random_pseudo_bytes(1, $strong);
  625. if($strong == true) {
  626. return true;
  627. }
  628. }
  630. // Check /dev/urandom
  631. $fp = @file_get_contents('/dev/urandom', false, null, 0, 1);
  632. if ($fp !== false) {
  633. return true;
  634. }
  636. return false;
  637. }
  639. /**
  640. * @Brief Get file content via curl.
  641. * @param string $url Url to get content
  642. * @return string of the response or false on error
  643. * This function get the content of a page via curl, if curl is enabled.
  644. * If not, file_get_element is used.
  645. */
  647. public static function getUrlContent($url){
  649. if (function_exists('curl_init')) {
  651. $curl = curl_init();
  653. curl_setopt($curl, CURLOPT_HEADER, 0);
  654. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  655. curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
  656. curl_setopt($curl, CURLOPT_URL, $url);
  657. curl_setopt($curl, CURLOPT_USERAGENT, "ownCloud Server Crawler");
  658. if(OC_Config::getValue('proxy','')<>'') {
  659. curl_setopt($curl, CURLOPT_PROXY, OC_Config::getValue('proxy'));
  660. }
  661. if(OC_Config::getValue('proxyuserpwd','')<>'') {
  662. curl_setopt($curl, CURLOPT_PROXYUSERPWD, OC_Config::getValue('proxyuserpwd'));
  663. }
  664. $data = curl_exec($curl);
  665. curl_close($curl);
  667. } else {
  668. $contextArray = null;
  670. if(OC_Config::getValue('proxy','')<>'') {
  671. $contextArray = array(
  672. 'http' => array(
  673. 'timeout' => 10,
  674. 'proxy' => OC_Config::getValue('proxy')
  675. )
  676. );
  677. } else {
  678. $contextArray = array(
  679. 'http' => array(
  680. 'timeout' => 10
  681. )
  682. );
  683. }
  686. $ctx = stream_context_create(
  687. $contextArray
  688. );
  689. $data=@file_get_contents($url, 0, $ctx);
  691. }
  692. return $data;
  693. }
  695. /**
  696. * @return bool - well are we running on windows or not
  697. */
  698. public static function runningOnWindows() {
  699. return (substr(PHP_OS, 0, 3) === "WIN");
  700. }
  702. }