diff options
-rw-r--r-- | Zotlabs/Module/Connedit.php | 22 | ||||
-rw-r--r-- | Zotlabs/Module/README.md | 80 | ||||
-rw-r--r-- | Zotlabs/Storage/BasicAuth.php | 53 | ||||
-rw-r--r-- | Zotlabs/Web/Controller.php | 3 |
4 files changed, 149 insertions, 9 deletions
diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php index 33deac4c8..3feba5370 100644 --- a/Zotlabs/Module/Connedit.php +++ b/Zotlabs/Module/Connedit.php @@ -16,14 +16,14 @@ require_once('include/zot.php'); require_once('include/widgets.php'); require_once('include/photos.php'); -/* @brief Initialize the connection-editor - * - * - */ - class Connedit extends \Zotlabs\Web\Controller { + /* @brief Initialize the connection-editor + * + * + */ + function init() { if(! local_channel()) @@ -51,7 +51,7 @@ class Connedit extends \Zotlabs\Web\Controller { * */ - function post() { + function post() { if(! local_channel()) return; @@ -357,7 +357,7 @@ class Connedit extends \Zotlabs\Web\Controller { * */ - function get() { + function get() { $sort_type = 0; $o = ''; @@ -418,7 +418,13 @@ class Connedit extends \Zotlabs\Web\Controller { goaway(z_root() . '/connedit/' . $contact_id); } - + if($cmd === 'resetphoto') { + q("update xchan set xchan_photo_date = '2001-01-01 00:00:00' where xchan_hash = '%s' limit 1", + dbesc($orig_record[0]['xchan_hash']) + ); + $cmd = 'refresh'; + } + if($cmd === 'refresh') { if($orig_record[0]['xchan_network'] === 'zot') { if(! zot_refresh($orig_record[0],\App::get_channel())) diff --git a/Zotlabs/Module/README.md b/Zotlabs/Module/README.md new file mode 100644 index 000000000..3b870dd7b --- /dev/null +++ b/Zotlabs/Module/README.md @@ -0,0 +1,80 @@ +Zotlabs/Module +============== + + +This directory contains controller modules for handling web requests. The +lowercase class name indicates the head of the URL path which this module +handles. There are other methods of attaching (routing) URL paths to +controllers, but this is the primary method used in this project. + +Module controllers MUST reside in this directory and namespace to be +autoloaded (unless other specific routing methods are employed). They +typically use and extend the class definition in Zotlabs/Web/Controller +as a template. + +Template: + + <?php + + namespace Zotlabs\Web; + + + class Controller { + + function init() {} + function post() {} + function get() {} + + } + + +Typical Module declaration for the '/foo' URL route: + + + <?php + namespace Zotlabs\Module; + + class Foo extends \Zotlabs\Web\Controller { + + function init() { + // init() handler goes here + } + + function post() { + // post handler goes here + } + + function get() { + return 'Hello world.' . EOL; + } + + } + +This model provides callbacks for public functions named init(), post(), +and get(). init() is always called. post() is called if $_POST variables +are present, and get() is called if none of the prior functions terminated +the handler. The get() method typically retuns a string which represents +the contents of the content region of the resulting page. Modules which emit +json, xml or other machine-readable formats typically emit their contents +inside the init() function and call 'killme()' to terminate the Module. + +Modules are passed the URL path as argc,argv arguments. For a path such as + + https://mysite.something/foo/bar/baz + +The app will typically invoke the Module class 'Foo' and pass it + + $x = argc(); // $x = 3 + + $x = argv(0); // $x = 'foo' + $x = argv(1); // $x = 'bar' + $x = argv(2); // $x = 'baz' + +These are handled in a similar fashion to their counterparts in the Unix shell +or C/C++ languages. Do not confuse the argc(),argv() functions with the +global variables $argc,$argv which are passed to command line programs. These +are handled separately by command line and Zotlabs/Daemon class functions. + + + +
\ No newline at end of file diff --git a/Zotlabs/Storage/BasicAuth.php b/Zotlabs/Storage/BasicAuth.php index 121a9c3a1..60fc2c988 100644 --- a/Zotlabs/Storage/BasicAuth.php +++ b/Zotlabs/Storage/BasicAuth.php @@ -3,6 +3,8 @@ namespace Zotlabs\Storage; use Sabre\DAV; +use Sabre\HTTP\RequestInterface; +use Sabre\HTTP\ResponseInterface; /** * @brief Authentication backend class for DAV. @@ -145,6 +147,57 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { return true; } + /** + * When this method is called, the backend must check if authentication was + * successful. + * + * The returned value must be one of the following + * + * [true, "principals/username"] + * [false, "reason for failure"] + * + * If authentication was successful, it's expected that the authentication + * backend returns a so-called principal url. + * + * Examples of a principal url: + * + * principals/admin + * principals/user1 + * principals/users/joe + * principals/uid/123457 + * + * If you don't use WebDAV ACL (RFC3744) we recommend that you simply + * return a string such as: + * + * principals/users/[username] + * + * @param RequestInterface $request + * @param ResponseInterface $response + * @return array + */ + function check(RequestInterface $request, ResponseInterface $response) { + + if(local_channel()) { + return [ true, $this->principalPrefix . $this->channel_name ]; + } + + $auth = new \Sabre\HTTP\Auth\Basic( + $this->realm, + $request, + $response + ); + + $userpass = $auth->getCredentials(); + if (!$userpass) { + return [false, "No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured"]; + } + if (!$this->validateUserPass($userpass[0], $userpass[1])) { + return [false, "Username or password was incorrect"]; + } + return [true, $this->principalPrefix . $userpass[0]]; + + } + protected function check_module_access($channel_id) { if($channel_id && \App::$module === 'cdav') { $x = get_pconfig($channel_id,'cdav','enabled'); diff --git a/Zotlabs/Web/Controller.php b/Zotlabs/Web/Controller.php index ac835e008..2d0f58891 100644 --- a/Zotlabs/Web/Controller.php +++ b/Zotlabs/Web/Controller.php @@ -9,4 +9,5 @@ class Controller { function post() {} function get() {} -}
\ No newline at end of file +} + |