Browse files

Getting rid of warning suppression by @ prefixes (PEAR Bug #10637)

Untested and unfinished yet, some @s in front of file system functions
either need to be added back as there still might be uncaught conditions
for which warnings would screw up the XML response, or maybe disabling
display_warnings would be an option


git-svn-id: http://svn.php.net/repository/pear/packages/HTTP_WebDAV_Server/trunk@233416 c90b9560-bf6c-de11-be94-00142212c4b1
  • Loading branch information...
1 parent ea491bc commit 1513efff5f3956c0e13a29a0ce9b97490d5f13ca Hartmut Holzgraefe committed Apr 6, 2007
Showing with 64 additions and 25 deletions.
  1. +28 −11 Server.php
  2. +36 −14 Server/Filesystem.php
View
39 Server.php
@@ -143,8 +143,11 @@ function ServeRequest()
}
// default uri is the complete request uri
- $uri = (@$this->_SERVER["HTTPS"] === "on" ? "https:" : "http:");
- $uri.= "//".$this->_SERVER["HTTP_HOST"].$this->_SERVER["SCRIPT_NAME"];
+ $uri = "http";
+ if (isset($this->_SERVER["HTTPS"]) && $this->_SERVER["HTTPS"] === "on") {
+ $uri = "https";
+ }
+ $uri.= "://".$this->_SERVER["HTTP_HOST"].$this->_SERVER["SCRIPT_NAME"];
$path_info = empty($this->_SERVER["PATH_INFO"]) ? "/" : $this->_SERVER["PATH_INFO"];
@@ -602,8 +605,11 @@ function http_PROPFIND()
// search property name in requested properties
foreach ((array)$options["props"] as $reqprop) {
+ if (!isset($regprop["xmlns"])) {
+ $reqprop["xmlns"] = "";
+ }
if ( $reqprop["name"] == $prop["name"]
- && @$reqprop["xmlns"] == $prop["ns"]) {
+ && $reqprop["xmlns"] == $prop["ns"]) {
$found = true;
break;
}
@@ -639,8 +645,11 @@ function http_PROPFIND()
// check if property exists in result
foreach ($file["props"] as $prop) {
+ if (!isset($prop["xmlns"])) {
+ $prop["xmlns"] = "";
+ }
if ( $reqprop["name"] == $prop["name"]
- && @$reqprop["xmlns"] == $prop["ns"]) {
+ && $reqprop["xmlns"] == $prop["ns"]) {
$found = true;
break;
}
@@ -1582,16 +1591,24 @@ function mkprop()
*/
function _check_auth()
{
+ $auth_type = isset($this->_SERVER["AUTH_TYPE"])
+ ? $this->_SERVER["AUTH_TYPE"]
+ : null;
+
+ $auth_user = isset($this->_SERVER["PHP_AUTH_USER"])
+ ? $this->_SERVER["PHP_AUTH_USER"]
+ : null;
+
+ $auth_pw = isset($this->_SERVER["PHP_AUTH_PW"])
+ ? $this->_SERVER["PHP_AUTH_PW"]
+ : null;
+
if (method_exists($this, "checkAuth")) {
// PEAR style method name
- return $this->checkAuth(@$this->_SERVER["AUTH_TYPE"],
- @$this->_SERVER["PHP_AUTH_USER"],
- @$this->_SERVER["PHP_AUTH_PW"]);
+ return $this->checkAuth($auth_type, $auth_uset, $auth_pw);
} else if (method_exists($this, "check_auth")) {
// old (pre 1.0) method name
- return $this->check_auth(@$this->_SERVER["AUTH_TYPE"],
- @$this->_SERVER["PHP_AUTH_USER"],
- @$this->_SERVER["PHP_AUTH_PW"]);
+ return $this->check_auth($auth_type, $auth_uset, $auth_pw);
} else {
// no method found -> no authentication required
return true;
@@ -1773,7 +1790,7 @@ function _if_header_parser($str)
$not = "";
}
- if (@is_array($uris[$uri])) {
+ if (isset($uris[$uri]) && is_array($uris[$uri])) {
$uris[$uri] = array_merge($uris[$uri], $list);
} else {
$uris[$uri] = $list;
View
50 Server/Filesystem.php
@@ -133,13 +133,12 @@ function PROPFIND(&$options, &$files)
$files["files"][] = $this->fileinfo($options["path"]);
// information for contained resources requested?
- if (!empty($options["depth"])) { // TODO check for is_dir() first?
-
+ if (!empty($options["depth"]) && is_dir($fspath) && is_readable($fspath)) {
// make sure path ends with '/'
$options["path"] = $this->_slashify($options["path"]);
// try to open directory
- $handle = @opendir($fspath);
+ $handle = opendir($fspath);
if ($handle) {
// ok, now get all its contents
@@ -265,7 +264,7 @@ function _can_execute($name, $path = false)
*/
function _mimetype($fspath)
{
- if (@is_dir($fspath)) {
+ if (is_dir($fspath)) {
// directories are easy
return "httpd/unix-directory";
} else if (function_exists("mime_content_type")) {
@@ -382,7 +381,11 @@ function GetDir($fspath, &$options)
// fixed width directory column format
$format = "%15s %-19s %-s\n";
- $handle = @opendir($fspath);
+ if (!is_readable($fspath)) {
+ return false;
+ }
+
+ $handle = opendir($fspath);
if (!$handle) {
return false;
}
@@ -425,8 +428,13 @@ function PUT(&$options)
{
$fspath = $this->base . $options["path"];
- if (!@is_dir(dirname($fspath))) {
- return "409 Conflict";
+ $dir = dirname($fspath);
+ if (!file_exists($dir) || !is_dir($dir)) {
+ return "409 Conflict"; // TODO right status code for both?
+ }
+
+ if (!is_writeable($dir) || !is_writeable($fspath) || is_dir($fspath)) {
+ return "403 Forbidden";
}
$options["new"] = ! file_exists($fspath);
@@ -534,10 +542,19 @@ function COPY($options, $del=false)
return "502 bad gateway";
}
- $source = $this->base .$options["path"];
- if (!file_exists($source)) return "404 Not found";
+ $source = $this->base . $options["path"];
+ if (!file_exists($source)) {
+ return "404 Not found";
+ }
$dest = $this->base . $options["dest"];
+ $destdir = dirname($dest);
+
+ if (!file_exists($destdir)) || !is_dir($destdir) {
+ return "403 Forbidden"; // TODO right status code?
+ }
+
+
$new = !file_exists($dest);
$existing_col = false;
@@ -609,14 +626,19 @@ function COPY($options, $del=false)
$destfile = str_replace($source, $dest, $file);
if (is_dir($file)) {
- if (!is_dir($destfile)) {
- // TODO "mkdir -p" here? (only natively supported by PHP 5)
- if (!@mkdir($destfile)) {
+ if (!file_exists($destfile)) {
+ if (!is_writeable(dirname($destfile))) {
+ return "403 Forbidden";
+ }
+ if (!mkdir($destfile)) {
return "409 Conflict";
}
- }
+ } else if (!is_dir($destfile)) {
+ return "409 Conflict";
+ }
} else {
- if (!@copy($file, $destfile)) {
+
+ if (!copy($file, $destfile)) {
return "409 Conflict";
}
}

0 comments on commit 1513eff

Please sign in to comment.