forked from ezsystems/ezpublish-legacy
/
webdav.php
executable file
·137 lines (117 loc) · 4.6 KB
/
webdav.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
<?php
//
// This is the index_webdav.php file. Manages WebDAV sessions.
//
// Created on: <15-Aug-2003 15:15:15 bh>
//
// Copyright (C) 1999-2004 eZ systems as. All rights reserved.
//
// This source file is part of the eZ publish (tm) Open Source Content
// Management System.
//
// This file may be distributed and/or modified under the terms of the
// "GNU General Public License" version 2 as published by the Free
// Software Foundation and appearing in the file LICENSE.GPL included in
// the packaging of this file.
//
// Licencees holding valid "eZ publish professional licences" may use this
// file in accordance with the "eZ publish professional licence" Agreement
// provided with the Software.
//
// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING
// THE WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR
// PURPOSE.
//
// The "eZ publish professional licence" is available at
// http://ez.no/products/licences/professional/. For pricing of this licence
// please contact us via e-mail to licence@ez.no. Further contact
// information is available at http://ez.no/home/contact/.
//
// The "GNU General Public License" (GPL) is available at
// http://www.gnu.org/copyleft/gpl.html.
//
// Contact licence@ez.no if any conditions of this licencing isn't clear to
// you.
//
ob_start();
// Turn off session stuff, isn't needed for WebDAV operations.
$GLOBALS['eZSiteBasics']['session-required'] = false;
include_once( "kernel/classes/webdav/ezwebdavcontentserver.php" );
include_once( "lib/ezutils/classes/ezsys.php" );
/*! Reads settings from site.ini and passes them to eZDebug.
*/
function eZUpdateDebugSettings()
{
$ini =& eZINI::instance();
$debugSettings = array();
$debugSettings['debug-enabled'] = $ini->variable( 'DebugSettings', 'DebugOutput' ) == 'enabled';
$debugSettings['debug-by-ip'] = $ini->variable( 'DebugSettings', 'DebugByIP' ) == 'enabled';
$debugSettings['debug-ip-list'] = $ini->variable( 'DebugSettings', 'DebugIPList' );
eZDebug::updateSettings( $debugSettings );
}
// Grab the main WebDAV setting (enable/disable) from the WebDAV ini file.
$ini =& eZINI::instance( WEBDAV_INI_FILE );
$enable = $ini->variable( 'GeneralSettings', 'EnableWebDAV' );
// Check and proceed only if WebDAV functionality is enabled:
if ( $enable == true )
{
append_to_log( "Requested URI is: " . $_SERVER['REQUEST_URI'] );
// Initialize/set the index file.
eZSys::init( 'webdav.php' );
// The top/root folder is publicly available (without auth):
if ( $_SERVER['REQUEST_URI'] == '' ||
$_SERVER['REQUEST_URI'] == '/' ||
$_SERVER['REQUEST_URI'] == '/webdav.php/' ||
$_SERVER['REQUEST_URI'] == '/webdav.php' )
{
$testServer = new eZWebDAVContentServer ();
$testServer->processClientRequest ();
}
// Else: need to login with username/password:
else
{
// Get the name of the site that is being browsed.
$currentSite = getCurrentSiteFromPath ( $_SERVER['REQUEST_URI'] );
// Proceed only if the current site is valid:
if ( $currentSite )
{
// Change site to the site being browsed:
setSiteAccess( $currentSite );
// Get the username and the password.
$loginUsername = $_SERVER['PHP_AUTH_USER'];
$loginPassword = $_SERVER['PHP_AUTH_PW'];
// Strip away "domainname\" from a possible "domainname\password" string.
if ( preg_match( "#(.*)\\\\(.*)$#", $loginUsername, $matches ) )
{
$loginUsername = $matches[2];
}
// Check if username & password contain someting, attempt to login.
if ( ( !isset( $loginUsername ) ) || ( !isset( $loginPassword ) ) ||
( !ezuser::loginUser( $loginUsername, $loginPassword ) ) )
{
header('HTTP/1.0 401 Unauthorized');
header('WWW-Authenticate: Basic realm="'.WEBDAV_AUTH_REALM.'"');
print( WEBDAV_AUTH_FAILED );
}
// Else: non-empty & valid values were supplied: login successful!
else
{
// Create & initialize a new instance of the content server.
$testServer = new eZWebDAVContentServer ();
// Process the request.
$testServer->processClientRequest ();
}
}
// Else: site-name is invalid (was not among available sites).
else
{
print( WEBDAV_INVALID_SITE );
}
}
}
// Else: WebDAV functionality is disabled, do nothing...
else
{
print ( WEBDAV_DISABLED );
}
?>