Commit ac7fb1b2 authored by Lukas Reschke's avatar Lukas Reschke Committed by Thomas Müller
Browse files

Remove legacy routing code

The getfile routing code was absolutely legacy and not needed anymore. Additionally \OC::$REQUESTEDAPP was never set to the actually accessed application.

This commit removes the legacy routing code and ensures that $REQUESTEDAPP is always set so that other applications (e.g. the firewall or a two-factor authentication) can intercept the currently accessed app.

Testplan:
[x] Installation works
[x] Login with DB works
[x] Logout works
[x] Login with alternate backend works (tested with user_webdavauth)
[x] Other apps are accessible
[x] Redirect on login works (e.g. index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fapps%3Finstalled)
[x] Personal settings are accessible
[x] Admin settings are accessible
[x] Sharing files works
[x] DAV works
[x] OC::$REQUESTEDAPP contains the requested application and can be intercepted by other applications
parent d0eb8f86
......@@ -24,7 +24,6 @@ RewriteRule ^\.well-known/carddav /remote.php/carddav/ [R]
RewriteRule ^\.well-known/caldav /remote.php/caldav/ [R]
RewriteRule ^apps/calendar/caldav\.php remote.php/caldav/ [QSA,L]
RewriteRule ^apps/contacts/carddav\.php remote.php/carddav/ [QSA,L]
RewriteRule ^apps/([^/]*)/(.*\.(php))$ index.php?app=$1&getfile=$2 [QSA,L]
RewriteRule ^remote/(.*) remote.php [QSA,L]
</IfModule>
<IfModule mod_mime.c>
......
......@@ -60,14 +60,11 @@ class OC {
public static $configDir;
/*
/**
* requested app
*/
public static $REQUESTEDAPP = '';
/*
* requested file of app
*/
public static $REQUESTEDFILE = '';
/**
* check if owncloud runs in cli mode
*/
......@@ -574,12 +571,6 @@ class OC {
OC_User::useBackend(new OC_User_Database());
OC_Group::useBackend(new OC_Group_Database());
// Load minimum set of apps - which is filesystem, authentication and logging
if (!self::checkUpgrade(false)) {
OC_App::loadApps(array('authentication'));
OC_App::loadApps(array('filesystem', 'logging'));
}
//setup extra user backends
OC_User::setupBackends();
......@@ -592,35 +583,6 @@ class OC {
//make sure temporary files are cleaned up
register_shutdown_function(array('OC_Helper', 'cleanTmp'));
//parse the given parameters
self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? OC_App::cleanAppId(strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'));
if (substr_count(self::$REQUESTEDAPP, '?') != 0) {
$app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?'));
$param = substr($_GET['app'], strpos($_GET['app'], '?') + 1);
parse_str($param, $get);
$_GET = array_merge($_GET, $get);
self::$REQUESTEDAPP = $app;
$_GET['app'] = $app;
}
self::$REQUESTEDFILE = (isset($_GET['getfile']) ? $_GET['getfile'] : null);
if (substr_count(self::$REQUESTEDFILE, '?') != 0) {
$file = substr(self::$REQUESTEDFILE, 0, strpos(self::$REQUESTEDFILE, '?'));
$param = substr(self::$REQUESTEDFILE, strpos(self::$REQUESTEDFILE, '?') + 1);
parse_str($param, $get);
$_GET = array_merge($_GET, $get);
self::$REQUESTEDFILE = $file;
$_GET['getfile'] = $file;
}
if (!is_null(self::$REQUESTEDFILE)) {
$subdir = OC_App::getAppPath(OC::$REQUESTEDAPP) . '/' . self::$REQUESTEDFILE;
$parent = OC_App::getAppPath(OC::$REQUESTEDAPP);
if (!OC_Helper::isSubDirectory($subdir, $parent)) {
self::$REQUESTEDFILE = null;
header('HTTP/1.0 404 Not Found');
exit;
}
}
if (OC_Config::getValue('installed', false) && !self::checkUpgrade(false)) {
if (OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') {
OC_Util::addScript('backgroundjobs');
......@@ -729,6 +691,7 @@ class OC {
OC::tryBasicAuthLogin();
}
if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) {
try {
if (!OC_Config::getValue('maintenance', false) && !self::needUpgrade()) {
......@@ -745,9 +708,16 @@ class OC {
}
}
$app = OC::$REQUESTEDAPP;
$file = OC::$REQUESTEDFILE;
$param = array('app' => $app, 'file' => $file);
// Load minimum set of apps
if (!self::checkUpgrade(false)) {
// For logged-in users: Load everything
if(OC_User::isLoggedIn()) {
OC_App::loadApps();
} else {
// For guests: Load only authentication, filesystem and logging
OC_App::loadApps(array('authentication', 'filesystem', 'logging'));
}
}
// Handle redirect URL for logged in users
if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
......@@ -778,7 +748,7 @@ class OC {
return;
}
// Someone is logged in :
// Someone is logged in
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
OC_User::setupBackends();
......@@ -800,20 +770,13 @@ class OC {
// redirect to webroot and add slash if webroot is empty
header("Location: " . OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : ''));
} else {
if (is_null($file)) {
$param['file'] = 'index.php';
}
$file_ext = substr($param['file'], -3);
if ($file_ext != 'php'
|| !self::loadAppScriptFile($param)
) {
header('HTTP/1.0 404 Not Found');
}
// Redirect to default application
OC_Util::redirectToDefaultPage();
}
return;
} else {
// Not handled and not logged in
self::handleLogin();
}
// Not handled and not logged in
self::handleLogin();
}
/**
......
......@@ -188,8 +188,11 @@ class Router implements IRouter {
if (substr($url, 0, 6) === '/apps/') {
// empty string / 'apps' / $app / rest of the route
list(, , $app,) = explode('/', $url, 4);
\OC::$REQUESTEDAPP = $app;
$this->loadRoutes($app);
} else if (substr($url, 0, 6) === '/core/' or substr($url, 0, 10) === '/settings/') {
\OC::$REQUESTEDAPP = $url;
\OC_App::loadApps();
$this->loadRoutes('core');
} else {
$this->loadRoutes();
......
......@@ -767,15 +767,12 @@ class OC_Util {
$urlGenerator = \OC::$server->getURLGenerator();
if(isset($_REQUEST['redirect_url'])) {
$location = urldecode($_REQUEST['redirect_url']);
}
else if (isset(OC::$REQUESTEDAPP) && !empty(OC::$REQUESTEDAPP)) {
$location = $urlGenerator->getAbsoluteURL('/index.php/apps/'.OC::$REQUESTEDAPP.'/index.php');
} else {
$defaultPage = OC_Appconfig::getValue('core', 'defaultpage');
if ($defaultPage) {
$location = $urlGenerator->getAbsoluteURL($defaultPage);
} else {
$location = $urlGenerator->getAbsoluteURL('/index.php/files/index.php');
$location = $urlGenerator->getAbsoluteURL('/index.php/apps/files');
}
}
OC_Log::write('core', 'redirectToDefaultPage: '.$location, OC_Log::DEBUG);
......
......@@ -24,6 +24,10 @@ try {
$parts = explode('/', $file, 2);
$app = $parts[0];
// Load all required applications
\OC::$REQUESTEDAPP = $app;
OC_App::loadApps(array('authentication', 'filesystem', 'logging'));
OC_Util::checkAppEnabled($app);
OC_App::loadApp($app);
OC_User::setIncognitoMode(true);
......
<?php
try {
require_once 'lib/base.php';
$path_info = OC_Request::getPathInfo();
if ($path_info === false || $path_info === '') {
......@@ -24,6 +23,11 @@ try {
$parts=explode('/', $file, 2);
$app=$parts[0];
// Load all required applications
\OC::$REQUESTEDAPP = $app;
OC_App::loadApps(array('authentication', 'filesystem', 'logging'));
switch ($app) {
case 'core':
$file = OC::$SERVERROOT .'/'. $file;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment