aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2014-01-05 19:25:56 -0800
committerfriendica <info@friendica.com>2014-01-05 19:25:56 -0800
commitdaf5daa2d3c53a70102c930647bb1e0e755abe28 (patch)
tree16f98552676e4d12c6420b21786b2413511d7210 /mod
parente10c237386c95a180a1b6951304b98ce1d953551 (diff)
downloadvolse-hubzilla-daf5daa2d3c53a70102c930647bb1e0e755abe28.tar.gz
volse-hubzilla-daf5daa2d3c53a70102c930647bb1e0e755abe28.tar.bz2
volse-hubzilla-daf5daa2d3c53a70102c930647bb1e0e755abe28.zip
disable web browser post inputs if no storage write permission
Diffstat (limited to 'mod')
-rw-r--r--mod/cloud.php84
1 files changed, 6 insertions, 78 deletions
diff --git a/mod/cloud.php b/mod/cloud.php
index 1b2b65d05..a72d0f108 100644
--- a/mod/cloud.php
+++ b/mod/cloud.php
@@ -1,23 +1,5 @@
<?php
- // This module is currently !!!HIGHLY EXPERIMENTAL!!!
- // You should think twice before running this on a production server
- // as security mechanisms are not yet implemented and those that
- // are implemented probably don't work.
-
- // DAV mounts will probably fail if you don't use SSL, because some platforms refuse to send
- // basic auth over non-encrypted connections.
- // One could use digest auth - but then one has to calculate the A1 digest and store it for
- // all acounts. We aren't doing that. We have a stored password already. We don't need another
- // one. The login unfortunately is the channel nickname (webbie) as we have no way of passing
- // the destination channel to DAV. You should be able to login with your account credentials
- // and be directed to your default channel.
-
- // This interface does not yet support Red stored files. Consider any content in your "store"
- // directory to be throw-away until advised otherwise.
-
-
-
use Sabre\DAV;
require_once('vendor/autoload.php');
@@ -44,69 +26,10 @@
-class RedBasicAuth extends Sabre\DAV\Auth\Backend\AbstractBasic {
-
- public $channel_name = '';
- public $channel_id = 0;
- public $channel_hash = '';
- public $observer = '';
-
- public $owner_id;
-
- protected function validateUserPass($username, $password) {
- require_once('include/auth.php');
- $record = account_verify_password($email,$pass);
- if($record && $record['account_default_channel']) {
- $r = q("select * from channel where channel_account_id = %d and channel_id = %d limit 1",
- intval($record['account_id']),
- intval($record['account_default_channel'])
- );
- if($r) {
- $this->currentUser = $r[0]['channel_address'];
- $this->channel_name = $r[0]['channel_address'];
- $this->channel_id = $r[0]['channel_id'];
- $this->channel_hash = $this->observer = $r[0]['channel_hash'];
- return true;
- }
- }
- $r = q("select * from channel where channel_address = '%s' limit 1",
- dbesc($username)
- );
- if($r) {
- $x = q("select * from account where account_id = %d limit 1",
- intval($r[0]['channel_account_id'])
- );
- if($x) {
- foreach($x as $record) {
- if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)
- && (hash('whirlpool',$record['account_salt'] . $password) === $record['account_password'])) {
- logger('(DAV) RedBasicAuth: password verified for ' . $username);
- $this->currentUser = $r[0]['channel_address'];
- $this->channel_name = $r[0]['channel_address'];
- $this->channel_id = $r[0]['channel_id'];
- $this->channel_hash = $this->observer = $r[0]['channel_hash'];
- return true;
- }
- }
- }
- }
- logger('(DAV) RedBasicAuth: password failed for ' . $username);
- return false;
- }
-
- function setCurrentUser($name) {
- $this->currentUser = $name;
- }
-
-
-}
function cloud_init(&$a) {
- if(! get_config('system','enable_cloud'))
- killme();
-
require_once('include/reddav.php');
$auth = new RedBasicAuth();
@@ -136,7 +59,12 @@ function cloud_init(&$a) {
if(! $auth->observer)
$auth->Authenticate($server,'Red Matrix');
- $browser = new DAV\Browser\Plugin();
+// $browser = new DAV\Browser\Plugin();
+
+ $browser = new RedBrowser($auth);
+
+ $auth->setBrowserPlugin($browser);
+
$server->addPlugin($browser);