diff options
author | Andrew Manning <tamanning@zoho.com> | 2016-04-20 21:05:01 -0400 |
---|---|---|
committer | Andrew Manning <tamanning@zoho.com> | 2016-04-20 21:05:01 -0400 |
commit | b96eb1c8230ae2f5986d6f22934c606bbca9728e (patch) | |
tree | fecd2279927b61da28801094dc7d6b1cfa8d98fe /mod/dav.php | |
parent | 7594796ee11c0b245d02d145868a13ac3d84ebfc (diff) | |
parent | 635580091a227529cb491e6441a5acbfff3177be (diff) | |
download | volse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.tar.gz volse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.tar.bz2 volse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.zip |
Merge branch 'dev' into toggle-context-help
Diffstat (limited to 'mod/dav.php')
-rw-r--r-- | mod/dav.php | 142 |
1 files changed, 0 insertions, 142 deletions
diff --git a/mod/dav.php b/mod/dav.php deleted file mode 100644 index e2a857dca..000000000 --- a/mod/dav.php +++ /dev/null @@ -1,142 +0,0 @@ -<?php -/** - * @file mod/dav.php - * @brief Initialize Hubzilla's cloud (SabreDAV). - * - * Module for accessing the DAV storage area from a DAV client. - */ - -use Sabre\DAV; -use Zotlabs\Storage; - -// composer autoloader for SabreDAV -require_once('vendor/autoload.php'); - -// workaround for HTTP-auth in CGI mode -if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { - $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; - if(strlen($userpass)) { - list($name, $password) = explode(':', $userpass); - $_SERVER['PHP_AUTH_USER'] = $name; - $_SERVER['PHP_AUTH_PW'] = $password; - } -} - -if (x($_SERVER, 'HTTP_AUTHORIZATION')) { - $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ; - if(strlen($userpass)) { - list($name, $password) = explode(':', $userpass); - $_SERVER['PHP_AUTH_USER'] = $name; - $_SERVER['PHP_AUTH_PW'] = $password; - } -} - -/** - * @brief Fires up the SabreDAV server. - * - * @param App &$a - */ -function dav_init(&$a) { - - require_once('include/reddav.php'); - - if (! is_dir('store')) - os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); - - $which = null; - if (argc() > 1) - $which = argv(1); - - $profile = 0; - - App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n"; - - if ($which) - profile_load($a, $which, $profile); - - $auth = new Zotlabs\Storage\BasicAuth(); - - $ob_hash = get_observer_hash(); - - if ($ob_hash) { - if (local_channel()) { - $channel = App::get_channel(); - $auth->setCurrentUser($channel['channel_address']); - $auth->channel_id = $channel['channel_id']; - $auth->channel_hash = $channel['channel_hash']; - $auth->channel_account_id = $channel['channel_account_id']; - if($channel['channel_timezone']) - $auth->setTimezone($channel['channel_timezone']); - } - $auth->observer = $ob_hash; - } - - if ($_GET['davguest']) - $_SESSION['davguest'] = true; - - $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); - $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); - $_SERVER['QUERY_STRING'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['QUERY_STRING']); - - $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); - $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); - $_SERVER['REQUEST_URI'] = preg_replace('/[\?&]davguest=(.*?)([\?&]|$)/ism', '', $_SERVER['REQUEST_URI']); - - $rootDirectory = new Zotlabs\Storage\Directory('/', $auth); - - // A SabreDAV server-object - $server = new DAV\Server($rootDirectory); - // prevent overwriting changes each other with a lock backend - $lockBackend = new DAV\Locks\Backend\File('store/[data]/locks'); - $lockPlugin = new DAV\Locks\Plugin($lockBackend); - - $server->addPlugin($lockPlugin); - - // The next section of code allows us to bypass prompting for http-auth if a - // FILE is being accessed anonymously and permissions allow this. This way - // one can create hotlinks to public media files in their cloud and anonymous - // viewers won't get asked to login. - // If a DIRECTORY is accessed or there are permission issues accessing the - // file and we aren't previously authenticated via zot, prompt for HTTP-auth. - // This will be the default case for mounting a DAV directory. - // In order to avoid prompting for passwords for viewing a DIRECTORY, add - // the URL query parameter 'davguest=1'. - - $isapublic_file = false; - $davguest = ((x($_SESSION, 'davguest')) ? true : false); - - if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) { - try { - $x = RedFileData('/' . App::$cmd, $auth); - if($x instanceof Zotlabs\Storage\File) - $isapublic_file = true; - } - catch (Exception $e) { - $isapublic_file = false; - } - } - - if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) { - try { - $auth->Authenticate($server, t('$Projectname channel')); - } - catch (Exception $e) { - logger('mod_cloud: auth exception' . $e->getMessage()); - http_status_exit($e->getHTTPCode(), $e->getMessage()); - } - } - -// require_once('Zotlabs/Storage/Browser.php'); - // provide a directory view for the cloud in Hubzilla - $browser = new Zotlabs\Storage\Browser($auth); - $auth->setBrowserPlugin($browser); - - // Experimental QuotaPlugin -// require_once('Zotlabs/Storage/QuotaPlugin.php'); -// $server->addPlugin(new Zotlabs\Storage\QuotaPlugin($auth)); - - // All we need to do now, is to fire up the server - $server->exec(); - - killme(); -} |