本文整理汇总了PHP中AJXP_Utils::sanitize方法的典型用法代码示例。如果您正苦于以下问题:PHP AJXP_Utils::sanitize方法的具体用法?PHP AJXP_Utils::sanitize怎么用?PHP AJXP_Utils::sanitize使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类AJXP_Utils的用法示例。
在下文中一共展示了AJXP_Utils::sanitize方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: switchActions
public function switchActions($actionName, $httpVars, $fileVars)
{
switch ($actionName) {
case "accept_invitation":
$remoteShareId = \AJXP_Utils::sanitize($httpVars["remote_share_id"], AJXP_SANITIZE_ALPHANUM);
$store = new SQLStore();
$remoteShare = $store->remoteShareById($remoteShareId);
if ($remoteShare !== null) {
$client = new OCSClient();
$client->acceptInvitation($remoteShare);
$remoteShare->setStatus(OCS_INVITATION_STATUS_ACCEPTED);
$store->storeRemoteShare($remoteShare);
}
break;
case "reject_invitation":
$remoteShareId = \AJXP_Utils::sanitize($httpVars["remote_share_id"], AJXP_SANITIZE_ALPHANUM);
$store = new SQLStore();
$remoteShare = $store->remoteShareById($remoteShareId);
if ($remoteShare !== null) {
$client = new OCSClient();
$client->declineInvitation($remoteShare);
$store->deleteRemoteShare($remoteShare);
\ConfService::getInstance()->invalidateLoadedRepositories();
}
break;
default:
break;
}
return null;
}示例2: __construct
/**
* Initialize an empty mask, or from a serializedForm.
* @param array|null $serializedForm
*/
function __construct($serializedForm = null)
{
if ($serializedForm != null) {
foreach ($serializedForm as $path => $permissionValue) {
$path = AJXP_Utils::sanitize(AJXP_Utils::securePath($path), AJXP_SANITIZE_DIRNAME);
if (!is_array($permissionValue) || $permissionValue["children"]) {
continue;
}
$perm = new AJXP_Permission();
if ($permissionValue["read"]) {
$perm->setRead();
}
if ($permissionValue["write"]) {
$perm->setWrite();
}
if ($permissionValue["deny"]) {
$perm->setDeny();
}
if ($perm->isEmpty()) {
continue;
}
$this->updateBranch($path, $perm);
}
}
}示例3: tryToLogUser
function tryToLogUser(&$httpVars, $isLast = false)
{
if (!isset($httpVars["get_action"]) || $httpVars["get_action"] != "login") {
return false;
}
$rememberLogin = "";
$rememberPass = "";
$secureToken = "";
$loggedUser = null;
include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php";
if (AuthService::suspectBruteForceLogin() && (!isset($httpVars["captcha_code"]) || !CaptchaProvider::checkCaptchaResult($httpVars["captcha_code"]))) {
$loggingResult = -4;
} else {
$userId = isset($httpVars["userid"]) ? AJXP_Utils::sanitize($httpVars["userid"], AJXP_SANITIZE_EMAILCHARS) : null;
$userPass = isset($httpVars["password"]) ? trim($httpVars["password"]) : null;
$rememberMe = isset($httpVars["remember_me"]) && $httpVars["remember_me"] == "true" ? true : false;
$cookieLogin = isset($httpVars["cookie_login"]) ? true : false;
$loggingResult = AuthService::logUser($userId, $userPass, false, $cookieLogin, $httpVars["login_seed"]);
if ($rememberMe && $loggingResult == 1) {
$rememberLogin = "notify";
$rememberPass = "notify";
}
if ($loggingResult == 1) {
session_regenerate_id(true);
$secureToken = AuthService::generateSecureToken();
}
if ($loggingResult < 1 && AuthService::suspectBruteForceLogin()) {
$loggingResult = -4;
// Force captcha reload
}
}
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser != null) {
$force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
$passId = -1;
if (isset($httpVars["tmp_repository_id"])) {
$passId = $httpVars["tmp_repository_id"];
} else {
if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
$passId = $force;
}
}
$res = ConfService::switchUserToActiveRepository($loggedUser, $passId);
if (!$res) {
AuthService::disconnect();
$loggingResult = -3;
}
}
if ($loggedUser != null && (AuthService::hasRememberCookie() || isset($rememberMe) && $rememberMe == true)) {
AuthService::refreshRememberCookie($loggedUser);
}
AJXP_XMLWriter::header();
AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass, $secureToken);
AJXP_XMLWriter::close();
if ($loggingResult > 0 || $isLast) {
exit;
}
}示例4: switchActions
public function switchActions($actionName, $httpVars, $fileVars)
{
if ($actionName != "changes" || !isset($httpVars["seq_id"])) {
return false;
}
require_once AJXP_BIN_FOLDER . "/dibi.compact.php";
dibi::connect($this->sqlDriver);
HTMLWriter::charsetHeader('application/json', 'UTF-8');
$res = dibi::query("SELECT\n [seq] , [ajxp_changes].[repository_identifier] , [ajxp_changes].[node_id] , [type] , [source] , [target] , [ajxp_index].[bytesize], [ajxp_index].[md5], [ajxp_index].[mtime], [ajxp_index].[node_path]\n FROM [ajxp_changes]\n LEFT JOIN [ajxp_index]\n ON [ajxp_changes].[node_id] = [ajxp_index].[node_id]\n WHERE [ajxp_changes].[repository_identifier] = %s AND [seq] > %i\n ORDER BY [ajxp_changes].[node_id], [seq] ASC", $this->computeIdentifier(ConfService::getRepository()), AJXP_Utils::sanitize($httpVars["seq_id"], AJXP_SANITIZE_ALPHANUM));
echo '{"changes":[';
$previousNodeId = -1;
$previousRow = null;
$order = array("path" => 0, "content" => 1, "create" => 2, "delete" => 3);
$relocateAttrs = array("bytesize", "md5", "mtime", "node_path", "repository_identifier");
foreach ($res as $row) {
$row->node = array();
foreach ($relocateAttrs as $att) {
$row->node[$att] = $row->{$att};
unset($row->{$att});
}
if ($row->node_id == $previousNodeId) {
$previousRow->target = $row->target;
$previousRow->seq = $row->seq;
if ($order[$row->type] > $order[$previousRow->type]) {
$previousRow->type = $row->type;
}
} else {
if (isset($previousRow) && ($previousRow->source != $previousRow->target || $previousRow->type == "content")) {
echo json_encode($previousRow) . ",";
}
$previousRow = $row;
$previousNodeId = $row->node_id;
}
$lastSeq = $row->seq;
flush();
}
if (isset($previousRow) && ($previousRow->source != $previousRow->target || $previousRow->type == "content")) {
echo json_encode($previousRow);
}
if (isset($lastSeq)) {
echo '], "last_seq":' . $lastSeq . '}';
} else {
$lastSeq = dibi::query("SELECT MAX([seq]) FROM [ajxp_changes]")->fetchSingle();
if (empty($lastSeq)) {
$lastSeq = 1;
}
echo '], "last_seq":' . $lastSeq . '}';
}
}示例5: switchActions
public function switchActions($actionName, $httpVars, $fileVars)
{
if ($actionName != "changes" || !isset($httpVars["seq_id"])) {
return false;
}
if (!dibi::isConnected()) {
dibi::connect($this->sqlDriver);
}
$filter = null;
$masks = array();
$currentRepo = $this->accessDriver->repository;
AJXP_Controller::applyHook("role.masks", array($currentRepo->getId(), &$masks, AJXP_Permission::READ));
$recycle = $currentRepo->getOption("RECYCLE_BIN");
$recycle = !empty($recycle) ? $recycle : false;
if ($this->options["OBSERVE_STORAGE_CHANGES"] === true) {
// Do it every XX minutes
$minutes = 5;
if (isset($this->options["OBSERVE_STORAGE_EVERY"])) {
$minutes = intval($this->options["OBSERVE_STORAGE_EVERY"]);
}
$file = $this->getResyncTimestampFile();
$last = 0;
if (is_file($file)) {
$last = intval(file_get_contents($file));
}
if (time() - $last > $minutes * 60) {
$this->resyncAction("resync_storage", array(), array());
}
}
if ($this->options["REQUIRES_INDEXATION"]) {
if (ConfService::backgroundActionsSupported()) {
AJXP_Controller::applyActionInBackground(ConfService::getRepository()->getId(), "index", array());
} else {
AJXP_Controller::findActionAndApply("index", array(), array());
}
// Unset the REQUIRES_INDEXATION FLAG
$meta = $currentRepo->getOption("META_SOURCES");
unset($meta["meta.syncable"]["REQUIRES_INDEXATION"]);
$currentRepo->addOption("META_SOURCES", $meta);
ConfService::replaceRepository($currentRepo->getId(), $currentRepo);
}
HTMLWriter::charsetHeader('application/json', 'UTF-8');
$stream = isset($httpVars["stream"]);
$separator = $stream ? "\n" : ",";
$veryLastSeq = intval(dibi::query("SELECT MAX([seq]) FROM [ajxp_changes]")->fetchSingle());
$seqId = intval(AJXP_Utils::sanitize($httpVars["seq_id"], AJXP_SANITIZE_ALPHANUM));
if ($veryLastSeq > 0 && $seqId > $veryLastSeq) {
// This is not normal! Send a signal reload all changes from start.
if (!$stream) {
echo json_encode(array('changes' => array(), 'last_seq' => 1));
} else {
echo 'LAST_SEQ:1';
}
return null;
}
$ands = array();
$ands[] = array("[ajxp_changes].[repository_identifier] = %s", $this->computeIdentifier($currentRepo));
$ands[] = array("[seq] > %i", $seqId);
if (isset($httpVars["filter"])) {
$filter = AJXP_Utils::decodeSecureMagic($httpVars["filter"]);
$filterLike = rtrim($filter, "/") . "/";
$ands[] = array("[source] LIKE %like~ OR [target] LIKE %like~", $filterLike, $filterLike);
}
if (count($masks)) {
$ors = array();
foreach ($masks as $mask) {
$filterLike = rtrim($mask, "/") . "/";
$ors[] = array("[source] LIKE %like~ OR [target] LIKE %like~", $filterLike, $filterLike);
}
if (count($ors)) {
$ands[] = array("%or", $ors);
}
}
$res = dibi::query("SELECT\n [seq] , [ajxp_changes].[repository_identifier] , [ajxp_changes].[node_id] , [type] , [source] , [target] , [ajxp_index].[bytesize], [ajxp_index].[md5], [ajxp_index].[mtime], [ajxp_index].[node_path]\n FROM [ajxp_changes]\n LEFT JOIN [ajxp_index]\n ON [ajxp_changes].[node_id] = [ajxp_index].[node_id]\n WHERE %and\n ORDER BY [ajxp_changes].[node_id], [seq] ASC", $ands);
if (!$stream) {
echo '{"changes":[';
}
$previousNodeId = -1;
$previousRow = null;
$order = array("path" => 0, "content" => 1, "create" => 2, "delete" => 3);
$relocateAttrs = array("bytesize", "md5", "mtime", "node_path", "repository_identifier");
$valuesSent = false;
foreach ($res as $row) {
$row->node = array();
foreach ($relocateAttrs as $att) {
$row->node[$att] = $row->{$att};
unset($row->{$att});
}
if (!empty($recycle)) {
$this->cancelRecycleNodes($row, $recycle);
}
if (!isset($httpVars["flatten"]) || $httpVars["flatten"] == "false") {
if (!$this->filterMasks($row, $masks) && !$this->filterRow($row, $filter)) {
if ($valuesSent) {
echo $separator;
}
echo json_encode($row);
$valuesSent = true;
}
} else {
//.........这里部分代码省略.........
示例6: switchAction
public function switchAction($action, $httpVars, $fileVars)
{
$selection = new UserSelection();
$dir = $httpVars["dir"] or "";
$dir = AJXP_Utils::decodeSecureMagic($dir);
if ($dir == "/") {
$dir = "";
}
$selection->initFromHttpVars($httpVars);
if (!$selection->isEmpty()) {
//$this->filterUserSelectionToHidden($selection->getFiles());
}
$urlBase = "pydio://" . ConfService::getRepository()->getId();
$mess = ConfService::getMessages();
switch ($action) {
case "monitor_compression":
$percentFile = fsAccessWrapper::getRealFSReference($urlBase . $dir . "/.zip_operation_" . $httpVars["ope_id"]);
$percent = 0;
if (is_file($percentFile)) {
$percent = intval(file_get_contents($percentFile));
}
if ($percent < 100) {
AJXP_XMLWriter::header();
AJXP_XMLWriter::triggerBgAction("monitor_compression", $httpVars, $mess["powerfs.1"] . " ({$percent}%)", true, 1);
AJXP_XMLWriter::close();
} else {
@unlink($percentFile);
AJXP_XMLWriter::header();
if ($httpVars["on_end"] == "reload") {
AJXP_XMLWriter::triggerBgAction("reload_node", array(), "powerfs.2", true, 2);
} else {
$archiveName = AJXP_Utils::sanitize($httpVars["archive_name"], AJXP_SANITIZE_FILENAME);
$archiveName = str_replace("'", "\\'", $archiveName);
$jsCode = "\n PydioApi.getClient().downloadSelection(null, \$('download_form'), 'postcompress_download', {ope_id:'" . $httpVars["ope_id"] . "',archive_name:'" . $archiveName . "'});\n ";
AJXP_XMLWriter::triggerBgJsAction($jsCode, $mess["powerfs.3"], true);
AJXP_XMLWriter::triggerBgAction("reload_node", array(), "powerfs.2", true, 2);
}
AJXP_XMLWriter::close();
}
break;
case "postcompress_download":
$archive = AJXP_Utils::getAjxpTmpDir() . DIRECTORY_SEPARATOR . $httpVars["ope_id"] . "_" . AJXP_Utils::sanitize(AJXP_Utils::decodeSecureMagic($httpVars["archive_name"]), AJXP_SANITIZE_FILENAME);
$fsDriver = AJXP_PluginsService::getInstance()->getUniqueActivePluginForType("access");
if (is_file($archive)) {
if (!$fsDriver->getFilteredOption("USE_XSENDFILE", ConfService::getRepository()) && !$fsDriver->getFilteredOption("USE_XACCELREDIRECT", ConfService::getRepository())) {
register_shutdown_function("unlink", $archive);
}
$fsDriver->readFile($archive, "force-download", $httpVars["archive_name"], false, null, true);
} else {
echo "<script>alert('Cannot find archive! Is ZIP correctly installed?');</script>";
}
break;
case "compress":
case "precompress":
$archiveName = AJXP_Utils::sanitize(AJXP_Utils::decodeSecureMagic($httpVars["archive_name"]), AJXP_SANITIZE_FILENAME);
if (!ConfService::currentContextIsCommandLine() && ConfService::backgroundActionsSupported()) {
$opeId = substr(md5(time()), 0, 10);
$httpVars["ope_id"] = $opeId;
AJXP_Controller::applyActionInBackground(ConfService::getRepository()->getId(), $action, $httpVars);
AJXP_XMLWriter::header();
$bgParameters = array("dir" => SystemTextEncoding::toUTF8($dir), "archive_name" => SystemTextEncoding::toUTF8($archiveName), "on_end" => isset($httpVars["on_end"]) ? $httpVars["on_end"] : "reload", "ope_id" => $opeId);
AJXP_XMLWriter::triggerBgAction("monitor_compression", $bgParameters, $mess["powerfs.1"] . " (0%)", true);
AJXP_XMLWriter::close();
session_write_close();
exit;
}
$rootDir = fsAccessWrapper::getRealFSReference($urlBase) . $dir;
$percentFile = $rootDir . "/.zip_operation_" . $httpVars["ope_id"];
$compressLocally = $action == "compress" ? true : false;
// List all files
$todo = array();
$args = array();
$replaceSearch = array($rootDir, "\\");
$replaceReplace = array("", "/");
foreach ($selection->getFiles() as $selectionFile) {
$baseFile = $selectionFile;
$args[] = escapeshellarg(substr($selectionFile, strlen($dir) + ($dir == "/" ? 0 : 1)));
$selectionFile = fsAccessWrapper::getRealFSReference($urlBase . $selectionFile);
$todo[] = ltrim(str_replace($replaceSearch, $replaceReplace, $selectionFile), "/");
if (is_dir($selectionFile)) {
$objects = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($selectionFile), RecursiveIteratorIterator::SELF_FIRST);
foreach ($objects as $name => $object) {
$todo[] = str_replace($replaceSearch, $replaceReplace, $name);
}
}
if (trim($baseFile, "/") == "") {
// ROOT IS SELECTED, FIX IT
$args = array(escapeshellarg(basename($rootDir)));
$rootDir = dirname($rootDir);
break;
}
}
$cmdSeparator = PHP_OS == "WIN32" || PHP_OS == "WINNT" || PHP_OS == "Windows" ? "&" : ";";
if (!$compressLocally) {
$archiveName = AJXP_Utils::getAjxpTmpDir() . DIRECTORY_SEPARATOR . $httpVars["ope_id"] . "_" . $archiveName;
}
chdir($rootDir);
$cmd = $this->getFilteredOption("ZIP_PATH") . " -r " . escapeshellarg($archiveName) . " " . implode(" ", $args);
$fsDriver = AJXP_PluginsService::getInstance()->getUniqueActivePluginForType("access");
$c = $fsDriver->getConfigs();
//.........这里部分代码省略.........
示例7: switchAction
//.........这里部分代码省略.........
$node->removeMetadata("ajxp_bookmarked", true, AJXP_METADATA_SCOPE_REPOSITORY, true);
}
} else {
if ($httpVars["bm_action"] == "rename_bookmark" && isset($httpVars["bm_title"])) {
$title = AJXP_Utils::decodeSecureMagic($httpVars["bm_title"]);
$bmUser->renameBookmark($bmPath, $title);
}
}
}
AJXP_Controller::applyHook("msg.instant", array("<reload_bookmarks/>", ConfService::getRepository()->getId()));
if (AuthService::usersEnabled() && AuthService::getLoggedUser() != null) {
$bmUser->save("user");
AuthService::updateUser($bmUser);
} else {
if (!AuthService::usersEnabled()) {
$bmUser->save("user");
}
}
}
AJXP_XMLWriter::header();
AJXP_XMLWriter::writeBookmarks($bmUser->getBookmarks(), true, isset($httpVars["format"]) ? $httpVars["format"] : "legacy");
AJXP_XMLWriter::close();
break;
//------------------------------------
// SAVE USER PREFERENCE
//------------------------------------
//------------------------------------
// SAVE USER PREFERENCE
//------------------------------------
case "save_user_pref":
$userObject = AuthService::getLoggedUser();
$i = 0;
while (isset($httpVars["pref_name_" . $i]) && isset($httpVars["pref_value_" . $i])) {
$prefName = AJXP_Utils::sanitize($httpVars["pref_name_" . $i], AJXP_SANITIZE_ALPHANUM);
$prefValue = AJXP_Utils::sanitize(SystemTextEncoding::magicDequote($httpVars["pref_value_" . $i]));
if ($prefName == "password") {
continue;
}
if ($prefName != "pending_folder" && $userObject == null) {
$i++;
continue;
}
$userObject->setPref($prefName, $prefValue);
$userObject->save("user");
AuthService::updateUser($userObject);
//setcookie("AJXP_$prefName", $prefValue);
$i++;
}
header("Content-Type:text/plain");
print "SUCCESS";
break;
//------------------------------------
// SAVE USER PREFERENCE
//------------------------------------
//------------------------------------
// SAVE USER PREFERENCE
//------------------------------------
case "custom_data_edit":
case "user_create_user":
$data = array();
if ($action == "user_create_user" && isset($httpVars["NEW_new_user_id"])) {
$updating = false;
AJXP_Utils::parseStandardFormParameters($httpVars, $data, null, "NEW_");
$original_id = AJXP_Utils::decodeSecureMagic($data["new_user_id"]);
$data["new_user_id"] = AJXP_Utils::decodeSecureMagic($data["new_user_id"], AJXP_SANITIZE_EMAILCHARS);
if ($original_id != $data["new_user_id"]) {示例8: createOrLoadSharedRepository
/**
* @param array $httpVars
* @param bool $update
* @return Repository
* @throws Exception
*/
protected function createOrLoadSharedRepository($httpVars, &$update)
{
if (!isset($httpVars["repo_label"]) || $httpVars["repo_label"] == "") {
$mess = ConfService::getMessages();
throw new Exception($mess["349"]);
}
if (isset($httpVars["repository_id"])) {
$editingRepo = ConfService::getRepositoryById($httpVars["repository_id"]);
$update = true;
}
// CHECK REPO DOES NOT ALREADY EXISTS WITH SAME LABEL
$label = AJXP_Utils::sanitize(AJXP_Utils::securePath($httpVars["repo_label"]), AJXP_SANITIZE_HTML);
$description = AJXP_Utils::sanitize(AJXP_Utils::securePath($httpVars["repo_description"]), AJXP_SANITIZE_HTML);
$exists = $this->checkRepoWithSameLabel($label, isset($editingRepo) ? $editingRepo : null);
if ($exists) {
$mess = ConfService::getMessages();
throw new Exception($mess["share_center.352"]);
}
$loggedUser = AuthService::getLoggedUser();
if (isset($editingRepo)) {
$this->getShareStore()->testUserCanEditShare($editingRepo->getOwner(), $editingRepo->options);
$newRepo = $editingRepo;
$replace = false;
if ($editingRepo->getDisplay() != $label) {
$newRepo->setDisplay($label);
$replace = true;
}
if ($editingRepo->getDescription() != $description) {
$newRepo->setDescription($description);
$replace = true;
}
$newScope = isset($httpVars["share_scope"]) && $httpVars["share_scope"] == "public" ? "public" : "private";
$oldScope = $editingRepo->getOption("SHARE_ACCESS");
$currentOwner = $editingRepo->getOwner();
if ($newScope != $oldScope && $currentOwner != AuthService::getLoggedUser()->getId()) {
$mess = ConfService::getMessages();
throw new Exception($mess["share_center.224"]);
}
if ($newScope !== $oldScope) {
$editingRepo->addOption("SHARE_ACCESS", $newScope);
$replace = true;
}
if (isset($httpVars["transfer_owner"])) {
$newOwner = $httpVars["transfer_owner"];
if ($newOwner != $currentOwner && $currentOwner != AuthService::getLoggedUser()->getId()) {
$mess = ConfService::getMessages();
throw new Exception($mess["share_center.224"]);
}
$editingRepo->setOwnerData($editingRepo->getParentId(), $newOwner, $editingRepo->getUniqueUser());
$replace = true;
}
if ($replace) {
ConfService::replaceRepository($newRepo->getId(), $newRepo);
}
} else {
$options = $this->accessDriver->makeSharedRepositoryOptions($httpVars, $this->repository);
// TMP TESTS
$options["SHARE_ACCESS"] = $httpVars["share_scope"];
$newRepo = $this->repository->createSharedChild($label, $options, $this->repository->getId(), $loggedUser->getId(), null);
$gPath = $loggedUser->getGroupPath();
if (!empty($gPath) && !ConfService::getCoreConf("CROSSUSERS_ALLGROUPS", "conf")) {
$newRepo->setGroupPath($gPath);
}
$newRepo->setDescription($description);
// Smells like dirty hack!
$newRepo->options["PATH"] = SystemTextEncoding::fromStorageEncoding($newRepo->options["PATH"]);
if (isset($httpVars["filter_nodes"])) {
$newRepo->setContentFilter(new ContentFilter($httpVars["filter_nodes"]));
}
ConfService::addRepository($newRepo);
}
return $newRepo;
}示例9: authTokenActions
/**
* @param String $action
* @param Array $httpVars
* @param Array $fileVars
* @return String
*/
function authTokenActions($action, $httpVars, $fileVars)
{
if (AuthService::getLoggedUser() == null) {
return;
}
$this->storage = ConfService::getConfStorageImpl();
if (!is_a($this->storage, "sqlConfDriver")) {
return false;
}
$user = AuthService::getLoggedUser()->getId();
if (AuthService::getLoggedUser()->isAdmin() && isset($httpVars["user_id"])) {
$user = AJXP_Utils::sanitize($httpVars["user_id"], AJXP_SANITIZE_EMAILCHARS);
}
switch ($action) {
case "keystore_generate_auth_token":
if (ConfService::getCoreConf("SESSION_SET_CREDENTIALS", "auth")) {
$this->logDebug("Keystore Generate Tokens", "Session Credentials set: returning empty tokens to force basic authentication");
HTMLWriter::charsetHeader("text/plain");
echo "";
break;
}
$token = AJXP_Utils::generateRandomString();
$private = AJXP_Utils::generateRandomString();
$data = array("USER_ID" => $user, "PRIVATE" => $private);
if (!empty($httpVars["device"])) {
// Revoke previous tokens for this device
$device = $httpVars["device"];
$keys = $this->storage->simpleStoreList("keystore", null, "", "serial", '%"DEVICE_ID";s:' . strlen($device) . ':"' . $device . '"%');
foreach ($keys as $keyId => $keyData) {
if ($keyData["USER_ID"] != $user) {
continue;
}
$this->storage->simpleStoreClear("keystore", $keyId);
}
$data["DEVICE_ID"] = $device;
}
$data["DEVICE_UA"] = $_SERVER['HTTP_USER_AGENT'];
$data["DEVICE_IP"] = $_SERVER['REMOTE_ADDR'];
$this->storage->simpleStoreSet("keystore", $token, $data, "serial");
HTMLWriter::charsetHeader("application/json");
echo json_encode(array("t" => $token, "p" => $private));
break;
case "keystore_revoke_tokens":
// Invalidate previous tokens
$mess = ConfService::getMessages();
$passedKeyId = "";
if (isset($httpVars["key_id"])) {
$passedKeyId = $httpVars["key_id"];
}
$keys = $this->storage->simpleStoreList("keystore", null, $passedKeyId, "serial", '%"USER_ID";s:' . strlen($user) . ':"' . $user . '"%');
foreach ($keys as $keyId => $keyData) {
$this->storage->simpleStoreClear("keystore", $keyId);
}
$message = array("result" => "SUCCESS", "message" => $mess["keystore.8"]);
HTMLWriter::charsetHeader("application/json");
echo json_encode($message);
break;
case "keystore_list_tokens":
if (!isset($user)) {
break;
}
$keys = $this->storage->simpleStoreList("keystore", null, "", "serial", '%"USER_ID";s:' . strlen($user) . ':"' . $user . '"%');
foreach ($keys as $keyId => &$keyData) {
unset($keyData["PRIVATE"]);
unset($keyData["USER_ID"]);
$deviceDesc = "Web Browser";
$deviceOS = "Unkown";
if (isset($keyData["DEVICE_UA"])) {
$agent = $keyData["DEVICE_UA"];
if (strpos($agent, "python-requests") !== false) {
$deviceDesc = "PydioSync";
if (strpos($agent, "Darwin") !== false) {
$deviceOS = "Mac OS X";
} else {
if (strpos($agent, "Windows/7") !== false) {
$deviceOS = "Windows 7";
} else {
if (strpos($agent, "Windows/8") !== false) {
$deviceOS = "Windows 8";
} else {
if (strpos($agent, "Linux") !== false) {
$deviceOS = "Linux";
}
}
}
}
} else {
$deviceOS = AJXP_Utils::osFromUserAgent($agent);
}
}
$keyData["DEVICE_DESC"] = $deviceDesc;
$keyData["DEVICE_OS"] = $deviceOS;
}
header("Content-type: application/json;");
//.........这里部分代码省略.........
示例10: switchAction
//.........这里部分代码省略.........
$user = AuthService::getLoggedUser();
$activeRepId = ConfService::getCurrentRootDirIndex();
$user->setArrayPref("history", "last_repository", $activeRepId);
$user->save();
}
//$logMessage = "Successfully Switched!";
AJXP_Logger::logAction("Switch Repository", array("rep. id" => $repository_id));
break;
//------------------------------------
// BOOKMARK BAR
//------------------------------------
//------------------------------------
// BOOKMARK BAR
//------------------------------------
case "get_bookmarks":
$bmUser = null;
if (AuthService::usersEnabled() && AuthService::getLoggedUser() != null) {
$bmUser = AuthService::getLoggedUser();
} else {
if (!AuthService::usersEnabled()) {
$confStorage = ConfService::getConfStorageImpl();
$bmUser = $confStorage->createUserObject("shared");
}
}
if ($bmUser == null) {
exit(1);
}
if (isset($_GET["bm_action"]) && isset($_GET["bm_path"])) {
if ($_GET["bm_action"] == "add_bookmark") {
$title = "";
if (isset($_GET["bm_title"])) {
$title = $_GET["bm_title"];
}
if ($title == "" && $_GET["bm_path"] == "/") {
$title = ConfService::getCurrentRootDirDisplay();
}
$bmUser->addBookMark(SystemTextEncoding::magicDequote($_GET["bm_path"]), SystemTextEncoding::magicDequote($title));
} else {
if ($_GET["bm_action"] == "delete_bookmark") {
$bmUser->removeBookmark($_GET["bm_path"]);
} else {
if ($_GET["bm_action"] == "rename_bookmark" && isset($_GET["bm_title"])) {
$bmUser->renameBookmark($_GET["bm_path"], $_GET["bm_title"]);
}
}
}
}
if (AuthService::usersEnabled() && AuthService::getLoggedUser() != null) {
$bmUser->save();
AuthService::updateUser($bmUser);
} else {
if (!AuthService::usersEnabled()) {
$bmUser->save();
}
}
AJXP_XMLWriter::header();
AJXP_XMLWriter::writeBookmarks($bmUser->getBookmarks());
AJXP_XMLWriter::close();
exit(1);
break;
//------------------------------------
// SAVE USER PREFERENCE
//------------------------------------
//------------------------------------
// SAVE USER PREFERENCE
//------------------------------------
case "save_user_pref":
$userObject = AuthService::getLoggedUser();
$i = 0;
while (isset($_GET["pref_name_" . $i]) && isset($_GET["pref_value_" . $i])) {
$prefName = AJXP_Utils::sanitize($_GET["pref_name_" . $i], AJXP_SANITIZE_ALPHANUM);
$prefValue = AJXP_Utils::sanitize(SystemTextEncoding::magicDequote($_GET["pref_value_" . $i]));
if ($prefName == "password") {
continue;
}
if ($prefName != "pending_folder" && ($userObject == null || $userObject->getId() == "guest")) {
$i++;
continue;
}
$userObject->setPref($prefName, $prefValue);
$userObject->save();
AuthService::updateUser($userObject);
//setcookie("AJXP_$prefName", $prefValue);
$i++;
}
header("Content-Type:text/plain");
print "SUCCESS";
exit(1);
break;
default:
break;
}
if (isset($logMessage) || isset($errorMessage)) {
$xmlBuffer .= AJXP_XMLWriter::sendMessage(isset($logMessage) ? $logMessage : null, isset($errorMessage) ? $errorMessage : null, false);
}
if (isset($requireAuth)) {
$xmlBuffer .= AJXP_XMLWriter::requireAuth(false);
}
return $xmlBuffer;
}示例11: actionUnshare
protected function actionUnshare($remoteId, $token, $parameters)
{
$token = \AJXP_Utils::sanitize($token, AJXP_SANITIZE_ALPHANUM);
$remoteId = \AJXP_Utils::sanitize($remoteId, AJXP_SANITIZE_ALPHANUM);
$store = new SQLStore();
$remoteShare = $store->remoteShareForOcsRemoteId($remoteId);
if (empty($remoteShare)) {
throw new InvalidArgumentsException();
}
if ($token !== $remoteShare->getOcsToken()) {
throw new InvalidArgumentsException();
}
$targetUser = $remoteShare->getUser();
$store->deleteRemoteShare($remoteShare);
$response = $this->buildResponse("ok", 200, "Successfully removed share.");
$this->sendResponse($response, $this->getFormat($parameters));
$userRole = \AuthService::getRole("AJXP_USR_/" . $targetUser);
if ($userRole !== false) {
// Artificially "touch" user role
// to force repositories reload if he is logged in
\AuthService::updateRole($userRole);
}
}示例12: listRepositories
public function listRepositories($root, $child, $hashValue = null, $returnNodes = false, $file = "", $aliasedDir = null, $httpVars)
{
$REPOS_PER_PAGE = 50;
$allNodes = array();
if ($hashValue == null) {
$hashValue = 1;
}
$offset = ($hashValue - 1) * $REPOS_PER_PAGE;
$count = null;
// Load all repositories = normal, templates, and templates children
$criteria = array("ORDERBY" => array("KEY" => "display", "DIR" => "ASC"), "CURSOR" => array("OFFSET" => $offset, "LIMIT" => $REPOS_PER_PAGE));
$currentUserIsGroupAdmin = AuthService::getLoggedUser() != null && AuthService::getLoggedUser()->getGroupPath() != "/";
if ($currentUserIsGroupAdmin) {
$criteria = array_merge($criteria, array("owner_user_id" => AJXP_FILTER_EMPTY, "groupPath" => "regexp:/^" . str_replace("/", "\\/", AuthService::getLoggedUser()->getGroupPath()) . '/'));
} else {
$criteria["parent_uuid"] = AJXP_FILTER_EMPTY;
}
if (isset($httpVars) && is_array($httpVars) && isset($httpVars["template_children_id"])) {
$criteria["parent_uuid"] = AJXP_Utils::sanitize($httpVars["template_children_id"], AJXP_SANITIZE_ALPHANUM);
}
$repos = ConfService::listRepositoriesWithCriteria($criteria, $count);
if (!$returnNodes) {
AJXP_XMLWriter::renderPaginationData($count, $hashValue, ceil($count / $REPOS_PER_PAGE));
AJXP_XMLWriter::sendFilesListComponentConfig('<columns switchDisplayMode="list" switchGridMode="filelist" template_name="ajxp_conf.repositories">
<column messageId="ajxp_conf.8" attributeName="ajxp_label" sortType="String"/>
<column messageId="ajxp_conf.9" attributeName="accessType" sortType="String"/>
<column messageId="ajxp_conf.125" attributeName="slug" sortType="String"/>
</columns>');
}
$driverLabels = array();
foreach ($repos as $repoIndex => $repoObject) {
if ($repoObject->getAccessType() == "ajxp_conf" || $repoObject->getAccessType() == "ajxp_shared") {
continue;
}
if (!AuthService::canAdministrate($repoObject)) {
continue;
}
if (is_numeric($repoIndex)) {
$repoIndex = "" . $repoIndex;
}
$icon = "hdd_external_unmount.png";
$editable = $repoObject->isWriteable();
if ($repoObject->isTemplate) {
$icon = "hdd_external_mount.png";
if (AuthService::getLoggedUser() != null && AuthService::getLoggedUser()->getGroupPath() != "/") {
$editable = false;
}
}
$accessType = $repoObject->getAccessType();
$accessLabel = $this->getDriverLabel($accessType, $driverLabels);
$meta = array("repository_id" => $repoIndex, "accessType" => ($repoObject->isTemplate ? "Template for " : "") . $repoObject->getAccessType(), "accessLabel" => $accessLabel, "icon" => $icon, "owner" => $repoObject->hasOwner() ? $repoObject->getOwner() : "", "openicon" => $icon, "slug" => $repoObject->getSlug(), "parentname" => "/repositories", "ajxp_mime" => "repository" . ($editable ? "_editable" : ""), "is_template" => $repoObject->isTemplate ? "true" : "false");
$nodeKey = "/data/repositories/{$repoIndex}";
$label = $repoObject->getDisplay();
if (in_array($nodeKey, $this->currentBookmarks)) {
$meta = array_merge($meta, array("ajxp_bookmarked" => "true", "overlay_icon" => "bookmark.png"));
}
$xml = AJXP_XMLWriter::renderNode($nodeKey, AJXP_Utils::xmlEntities(SystemTextEncoding::toUTF8($label)), true, $meta, true, false);
if ($returnNodes) {
$allNodes[$nodeKey] = $xml;
} else {
print $xml;
}
if ($repoObject->isTemplate) {
// Now Load children for template repositories
$children = ConfService::listRepositoriesWithCriteria(array("parent_uuid" => $repoIndex . ""), $count);
foreach ($children as $childId => $childObject) {
if (!AuthService::canAdministrate($childObject)) {
continue;
}
if (is_numeric($childId)) {
$childId = "" . $childId;
}
$meta = array("repository_id" => $childId, "accessType" => $childObject->getAccessType(), "accessLabel" => $this->getDriverLabel($childObject->getAccessType(), $driverLabels), "icon" => "repo_child.png", "slug" => $childObject->getSlug(), "owner" => $childObject->hasOwner() ? $childObject->getOwner() : "", "openicon" => "repo_child.png", "parentname" => "/repositories", "ajxp_mime" => "repository_editable", "template_name" => $label);
$cNodeKey = "/data/repositories/{$childId}";
if (in_array($cNodeKey, $this->currentBookmarks)) {
$meta = array_merge($meta, array("ajxp_bookmarked" => "true", "overlay_icon" => "bookmark.png"));
}
$xml = AJXP_XMLWriter::renderNode($cNodeKey, AJXP_Utils::xmlEntities(SystemTextEncoding::toUTF8($childObject->getDisplay())), true, $meta, true, false);
if ($returnNodes) {
$allNodes[$cNodeKey] = $xml;
} else {
print $xml;
}
}
}
}
}示例13: decodeSecureMagic
/**
* Perform standard urldecode, sanitization, securepath and magicDequote
* @static
* @param $data
* @param int $sanitizeLevel
* @return string
*/
public static function decodeSecureMagic($data, $sanitizeLevel = AJXP_SANITIZE_HTML)
{
return SystemTextEncoding::fromUTF8(AJXP_Utils::sanitize(AJXP_Utils::securePath(SystemTextEncoding::magicDequote($data)), $sanitizeLevel));
}示例14: applyAction
//.........这里部分代码省略.........
$qb = new Elastica\QueryBuilder();
$fullQuery = new Elastica\Query();
$filter = $qb->query()->match("ajxp_scope", "shared");
$fullQuery->setQuery($qb->query()->bool()->addMust($fieldQuery)->addFilter($filter));
$result = $search->search($fullQuery, $searchOptions);
$this->logDebug(__FUNCTION__, "Search finished. ");
$hits = $result->getResults();
AJXP_XMLWriter::header();
foreach ($hits as $hit) {
$source = $hit->getSource();
if ($source["serialized_metadata"] != null) {
$meta = unserialize(base64_decode($source["serialized_metadata"]));
$tmpNode = new AJXP_Node(SystemTextEncoding::fromUTF8($source["node_url"]), $meta);
} else {
$tmpNode = new AJXP_Node(SystemTextEncoding::fromUTF8($source["node_url"]), array());
$tmpNode->loadNodeInfo();
}
if (!file_exists($tmpNode->getUrl())) {
$this->currentType->deleteById($hit->getId());
continue;
}
$tmpNode->search_score = sprintf("%0.2f", $hit->getScore());
AJXP_XMLWriter::renderAjxpNode($tmpNode);
}
AJXP_XMLWriter::close();
} else {
if ($actionName == "search_by_keyword") {
$scope = "user";
try {
$this->loadIndex($repoId, false);
} catch (Exception $ex) {
throw new Exception($messages["index.lucene.7"]);
}
/*
$sParts = array();
$searchField = $httpVars["field"];
if ($scope == "user") {
if (AuthService::usersEnabled() && AuthService::getLoggedUser() == null) {
throw new Exception("Cannot find current user");
}
$sParts[] = "ajxp_scope:user";
$sParts[] = "ajxp_user:".AuthService::getLoggedUser()->getId();
} else {
$sParts[] = "ajxp_scope:shared";
}
$query = implode(" AND ", $sParts);
$this->logDebug("Query : $query");*/
$searchField = AJXP_Utils::sanitize($httpVars["field"], AJXP_SANITIZE_ALPHANUM);
$fieldQuery = new Elastica\Query\QueryString();
$fields = array($searchField);
$fieldQuery->setQuery($searchField == "ajxp_node" ? "yes" : "true");
$fieldQuery->setFields($fields);
$fieldQuery->setAllowLeadingWildcard(false);
$fieldQuery->setFuzzyMinSim(0.8);
$search = new Elastica\Search($this->client);
$search->addIndex($this->currentIndex)->addType($this->currentType);
$maxResults = $this->getFilteredOption("MAX_RESULTS");
if (isset($httpVars['limit'])) {
$maxResults = intval($httpVars['limit']);
}
$searchOptions = array(\Elastica\Search::OPTION_SEARCH_TYPE => \Elastica\Search::OPTION_SEARCH_TYPE_QUERY_THEN_FETCH, \Elastica\Search::OPTION_SIZE => $maxResults);
/* ADD SCOPE FILTER
$term = new Elastica\Filter\Term();
$term->setTerm("ajxp_scope", "user");*/
$qb = new Elastica\QueryBuilder();
$fullQuery = new Elastica\Query();
$fullQuery->setQuery($qb->query()->bool()->addMust($fieldQuery)->addMust($qb->query()->match("ajxp_scope", "user"))->addMust($qb->query()->match("user", AuthService::getLoggedUser()->getId())));
$result = $search->search($fullQuery, $searchOptions);
$this->logDebug(__FUNCTION__, "Search finished. ");
$hits = $result->getResults();
AJXP_XMLWriter::header();
$leafNodes = [];
foreach ($hits as $hit) {
if ($hit->serialized_metadata != null) {
$meta = unserialize(base64_decode($hit->serialized_metadata));
$tmpNode = new AJXP_Node(SystemTextEncoding::fromUTF8($hit->node_url), $meta);
} else {
$tmpNode = new AJXP_Node(SystemTextEncoding::fromUTF8($hit->node_url), array());
$tmpNode->loadNodeInfo();
}
if (!file_exists($tmpNode->getUrl())) {
$this->currentType->deleteById($hit->id);
continue;
}
$tmpNode->search_score = sprintf("%0.2f", $hit->score);
if ($tmpNode->isLeaf()) {
$leafNodes[] = $tmpNode;
} else {
AJXP_XMLWriter::renderAjxpNode($tmpNode);
}
}
foreach ($leafNodes as $leaf) {
AJXP_XMLWriter::renderAjxpNode($leaf);
}
AJXP_XMLWriter::close();
}
}
}示例15: parseHttpVars
/**
* Update some internal configs from httpVars
* @param $httpVars
* @throws Exception
*/
public function parseHttpVars($httpVars)
{
$data =& $this->internal;
$data["DOWNLOAD_DISABLED"] = isset($httpVars["simple_right_download"]) ? false : true;
$data["AJXP_APPLICATION_BASE"] = AJXP_Utils::detectServerURL(true);
if (isset($httpVars["minisite_layout"])) {
$data["AJXP_TEMPLATE_NAME"] = $httpVars["minisite_layout"];
}
if (isset($httpVars["expiration"])) {
if (intval($httpVars["expiration"]) > 0) {
$data["EXPIRE_TIME"] = time() + intval($httpVars["expiration"]) * 86400;
} else {
if (isset($data["EXPIRE_TIME"])) {
unset($data["EXPIRE_TIME"]);
}
}
}
if (isset($httpVars["downloadlimit"])) {
if (intval($httpVars["downloadlimit"]) > 0) {
$data["DOWNLOAD_LIMIT"] = intval($httpVars["downloadlimit"]);
} else {
if (isset($data["DOWNLOAD_LIMIT"])) {
unset($data["DOWNLOAD_LIMIT"]);
}
}
}
if (isset($httpVars["custom_handle"]) && !empty($httpVars["custom_handle"]) && (!isset($this->hash) || $httpVars["custom_handle"] != $this->hash)) {
// Existing already
$value = AJXP_Utils::sanitize($httpVars["custom_handle"], AJXP_SANITIZE_ALPHANUM);
$value = strtolower($value);
if (strlen($value) < $this->store->hashMinLength) {
$mess = ConfService::getMessages();
throw new Exception(str_replace("%s", $this->store->hashMinLength, $mess["share_center.223"]));
}
$test = $this->store->loadShare($value);
$mess = ConfService::getMessages();
if (!empty($test)) {
throw new Exception($mess["share_center.172"]);
}
if (!isset($this->hash)) {
$this->hash = $value;
} else {
$this->newHash = $value;
}
}
}