* @version $Id$ * @license GPL * @package WebDAVAdmin * * Copyright (c) 2007 Jan Dittberner * * This file is part of WebDAVAdmin. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License as * published by the Free Software Foundation; either version 2 of the * License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA * 02110-1301 USA. */ /** Include common code. */ include_once('common.inc.php'); /** Format string for group lines in .htaccess files. */ define('GROUPLINEFORMAT', "require group %s\n"); /** Regular expression for finding group lines in .htaccess files. */ define('GROUPLINERE', '/^require\s+group\s+(.*)$/i'); /** Regular expression matching legal directory names. */ define('DIRNAMERE', '/^[a-zA-Z0-9 -_.]+$/'); /** * List of mandatory groups. These groups are assigned to every new or * changed directory. */ $mandatorygroups = array(ADMIN_GROUP); /** * Gets the group names allowed to access the given directory from its * .htaccess file. Mandatory groups are excluded. * * @param string $dirname a fully qualified directory name * @return an array of group names */ function getDirGroupsFromHtaccess($dirname) { $htaccessname = $dirname . DIRECTORY_SEPARATOR . ".htaccess"; $groups = array(); if (false !== ($fh = fopen($htaccessname, "r"))) { while (!feof($fh)) { $buffer = fgets($fh); if (preg_match_all(GROUPLINERE, trim($buffer), $matches)) { $grouparr = explode(" ", $matches[1][0]); foreach ($grouparr as $group) { $group = trim($group); if (!in_array($group, $GLOBALS['mandatorygroups'])) { array_push($groups, $group); } } } } } fclose($fh); return $groups; } /** * Gets the names of groups for a directory. * * @param string $dirname directory name relative to {@link DAV_ROOT} * @return an array of group names * @see #getDirGroupsFromHtaccess(string) */ function getDirGroups($dirname) { return getDirGroupsFromHtaccess(DAV_ROOT . DIRECTORY_SEPARATOR . $dirname); } /** * Counts the visible files and their accumulated size in a directory * tree. * * @param string $dirname a fully qualified directory name * @param array $retval a two component array index 0 is the file * count, index 2 is the accumulated size of files * @return array updated with the data from subdirectories and files * of $dirname */ function countFilesRecursive($dirname, $retval = array(0, 0)) { $dh = opendir($dirname); while (false !== ($entry = readdir($dh))) { $fullname = $dirname . DIRECTORY_SEPARATOR . $entry; if (strpos($entry, '.') !== 0) { if (is_dir($fullname)) { $retval = countFilesRecursive($fullname, $retval); } else if (is_file($fullname)) { $retval = array($retval[0] + 1, $retval[1] + filesize($fullname)); } } } closedir($dh); return $retval; } /** * Gets the data of a directory. * * @param string $dirname a fully qualified directory name * @return array of containing directory data */ function getDirectoryData($dirname) { $dir = array(); $dir['name'] = basename($dirname); $dir['groups'] = getDirGroupsFromHtaccess($dirname); list($dir['filecount'], $dir['filesize']) = countFilesRecursive($dirname); $dir['maydelete'] = ($dir['filecount'] == 0) ? 1 : 0; $dir['filesize'] = sprintf("%d kBytes", $dir['filesize'] / 1024); return $dir; } /** * Gets XML encoded data of a directory. * * @param string $dirname dirname relative to {@link DAV_ROOT} * @return XML string */ function getDirectoryDataAsXml($dirname) { if (is_dir(DAV_ROOT . $dirname)) { $dirdata = getDirectoryData(DAV_ROOT . $dirname); header("Content-Type: text/xml; charset=UTF-8"); return sprintf('%s%s%d%s%d', $dirdata['name'], implode(", ", $dirdata['groups']), $dirdata['filecount'], $dirdata['filesize'], $dirdata['maydelete']); } else { errorAsXml(sprintf(_("Invalid directory name %s!"), $dirname)); } } /** * Gets XML encoded data of a deleted directory. * * @param string $dirname directory name relative to {@link DAV_ROOT} * @return XML string */ function getDeletedDirectoryData($dirname) { header("Content-Type: text/xml; charset=UTF-8"); return sprintf('%s', $dirname); } /** * Gets the list of directory data for all valid directories below * {@link DAV_ROOT}. * * @return array of directory data arrays * @see #getDirectoryData(string) */ function getDirectories() { $dirs = array(); if (false !== ($entries = scandir(DAV_ROOT))) { foreach ($entries as $entry) { if (is_dir(DAV_ROOT . $entry)) { if (strpos($entry, '.') !== 0) { if ($entry != ADMIN_DIR) { array_push($dirs, getDirectoryData(DAV_ROOT . $entry)); } } } } } return $dirs; } /** * Sets the groups of a directory in its .htaccess file. Mandatory * groups are added automatically. * * @param string $dirname directory name relative to {@link DAV_ROOT} * @param array &$groups reference to a list of group names */ function setGroups($dirname, &$groups) { $fullname = DAV_ROOT . $dirname; foreach ($groups as $key => $value) { $groups[$key] = trim($value); } foreach ($GLOBALS['mandatorygroups'] as $mgroup) { if (!in_array($mgroup, $groups)) { array_push($groups, $mgroup); } } $found = false; $lines = array(); $found = false; if (is_dir($fullname)) { $htaccess = $fullname . DIRECTORY_SEPARATOR . ".htaccess"; if (file_exists($htaccess) && (false !== ($fh = fopen($htaccess, "r")))) { while (!feof($fh)) { $buffer = fgets($fh); if (preg_match(GROUPLINERE, $buffer)) { array_push($lines, sprintf(GROUPLINEFORMAT, join(" ", $groups))); $found = true; } else { array_push($lines, $buffer); } } fclose($fh); } if (!$found) { array_push($lines, sprintf(GROUPLINEFORMAT, join(" ", $groups))); } if (false !== ($fh = fopen($htaccess, "w"))) { foreach ($lines as $line) { fwrite($fh, $line); } fclose($fh); } } } /** * Updates a directory to be accessible by the given list of * groups. The directory is created if it doesn't exist. * * @param string $dirname directory name relative to {@link DAV_ROOT} * @param array $groups a list of group names */ function updateDirectory($dirname, $groups) { if (preg_match(DIRNAMERE, $dirname, $matches)) { if ($dirname != ADMIN_DIR) { $fullname = DAV_ROOT . $dirname; if (file_exists($fullname)) { if (!is_dir($fullname)) { errorAsXml(sprintf(_("There already is a directory entry named %s, but it's not a directory!"), $dirname)); } } else { mkdir($fullname); } setGroups($dirname, $groups); } return; } errorAsXml(sprintf(_("Invalid directory name %s!"), $dirname)); } /** * Recursively deletes the given directory. * * @param string $fullname fully qualified directory name */ function delrecursive($fullname) { $dh = opendir($fullname); while (false !== ($entry = readdir($dh))) { if ($entry != "." && $entry != "..") { $entryname = $fullname . DIRECTORY_SEPARATOR . $entry; if (is_dir($entryname)) { delrecursive($entryname); } else { unlink($entryname); } } } closedir($dh); rmdir($fullname); return true; } /** * Deletes the given directory if it has a valid name and is not the * administration interface directory. * * @param string $dirname directory name relative to {@link DAV_ROOT} */ function deleteDirectory($dirname) { if (preg_match(DIRNAMERE, $dirname, $matches)) { if ($dirname != ADMIN_DIR) { $fullname = DAV_ROOT . $dirname; if (is_dir($fullname)) { return delrecursive($fullname); } } errorAsXml(_("Tried to delete the administration interface directory!")); } errorAsXml(sprintf(_("Invalid directory name %s!"), $dirname)); } if ($_GET) { // handle get requests with data if ($_GET['method']) { switch ($_GET['method']) { case 'getdirectorydata': print getDirectoryDataAsXml($_GET['dirname']); break; default: errorAsXml(sprintf(_("Unexpected values %s!"), serialize($_GET))); } } else { invalidCall(); } } elseif ($_POST) { // handle post requests with data if ($_POST['method']) { switch ($_POST['method']) { case 'submitdirectory': updateDirectory($_POST['dirname'], explode(",", $_POST['groups'])); print getDirectoryDataAsXml($_POST['dirname']); break; case 'deletedirectory': if (deleteDirectory($_POST['dirname'])) { print getDeletedDirectoryData($_POST['dirname']); } else { errorAsXml(_("Delete failed!")); } break; default: errorAsXml(sprintf(_("Unexpected values %s!"), serialize($_POST))); } } else { invalidCall(); } } else { // handle requests without data header("Content-Type: text/html; charset=UTF-8"); $smarty->assign("directories", getDirectories()); $smarty->display("directories.html"); } ?>