aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsteckbrief <steckbrief@chefmail.de>2016-01-04 21:48:17 +0100
committersteckbrief <steckbrief@chefmail.de>2016-01-04 21:48:17 +0100
commitfbba3876b537e84699b854e098936a5cd4fe0c8b (patch)
tree25ab681f333b83dc7b6859aa7b9504d158a497ec
parent45cd34e42b9a980b76b66310c823fc8d2f5b55cb (diff)
Reduced manual configuration, folder structure created
Determination of storage paths now relative to script directory and programmatically Determination of get and put URLs now based on the slot request request Basic access restriction to default directories
Diffstat (limited to '')
-rw-r--r--storage-backend/config.inc.php21
-rw-r--r--storage-backend/config/.htaccess1
-rw-r--r--storage-backend/config/config.inc.php13
-rw-r--r--storage-backend/files/.htaccess1
-rw-r--r--storage-backend/index.php42
-rw-r--r--storage-backend/slots/.htaccess1
6 files changed, 57 insertions, 22 deletions
diff --git a/storage-backend/config.inc.php b/storage-backend/config.inc.php
deleted file mode 100644
index f9b7537..0000000
--- a/storage-backend/config.inc.php
+++ /dev/null
@@ -1,21 +0,0 @@
-<?php
-/*
- * Configuration file for http upload storage backend
- */
-
-return array(
- // Array of keys of XMPP Server allowed to request slots
- 'valid_xmpp_server_keys' => array('abc'),
- // Max Upload size in bytes
- 'max_upload_file_size' => 10 * 1024 * 1024,
- // Array of characters which are not allowed in filenames
- 'invalid_characters_in_filename' => array('/'),
- // The path to the file storage - IMPORTANT: Add a trailing '/'
- 'storage_base_path' => '[[PATH_TO_STORAGE]]',
- // The path to the directory where the slots are stored - IMPORTANT: Add a trailing '/'
- 'slot_registry_dir' => '[[PATH_TO_SLOT_STORAGE]]',
- // The base URL to put the files - IMPORTANT: Add a trailing '/'
- 'base_url_put' => '[[BASE_URL_FOR_PUT]]',
- // The base URL to get the files - IMPORTANT: Add a trailing '/'
- 'base_url_get' => '[[BASE_URL_FOR_GET]]',
-);
diff --git a/storage-backend/config/.htaccess b/storage-backend/config/.htaccess
new file mode 100644
index 0000000..3418e55
--- /dev/null
+++ b/storage-backend/config/.htaccess
@@ -0,0 +1 @@
+deny from all \ No newline at end of file
diff --git a/storage-backend/config/config.inc.php b/storage-backend/config/config.inc.php
new file mode 100644
index 0000000..dd05a15
--- /dev/null
+++ b/storage-backend/config/config.inc.php
@@ -0,0 +1,13 @@
+<?php
+/*
+ * Configuration file for http upload storage backend
+ */
+
+return [
+ // Array of keys of XMPP Server allowed to request slots
+ 'valid_xmpp_server_keys' => ['abc'],
+ // Max Upload size in bytes
+ 'max_upload_file_size' => 10 * 1024 * 1024,
+ // Array of characters which are not allowed in filenames
+ 'invalid_characters_in_filename' => ['/'],
+];
diff --git a/storage-backend/files/.htaccess b/storage-backend/files/.htaccess
new file mode 100644
index 0000000..45552cb
--- /dev/null
+++ b/storage-backend/files/.htaccess
@@ -0,0 +1 @@
+Options -Indexes \ No newline at end of file
diff --git a/storage-backend/index.php b/storage-backend/index.php
index 1753055..d9c82d5 100644
--- a/storage-backend/index.php
+++ b/storage-backend/index.php
@@ -31,7 +31,12 @@
$method = $_SERVER['REQUEST_METHOD'];
// Load configuration
-$config = require('config.php');
+$config = require(__DIR__.'/config/config.php');
+// Initialize directory config
+$config['storage_base_path'] = __DIR__.'/files/';
+$config['slot_registry_dir'] = __DIR__.'/slots/';
+$config['base_url_put'] = getServerProtocol()."://".getRequestHostname().getRequestUriWithoutFilename().'files/';
+$config['base_url_get'] = $config['base_url_put'];
switch ($method) {
case 'POST':
@@ -173,6 +178,41 @@ function getUploadFilePath($slotUUID, $config, $filename = NULL) {
}
/**
+ * Inspired by https://github.com/owncloud/core/blob/master/lib/private/appframework/http/request.php#L523
+ */
+function getServerProtocol() {
+ if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
+ if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], ',') !== false) {
+ $parts = explode(',', $_SERVER['HTTP_X_FORWARDED_PROTO']);
+ $proto = strtolower(trim($parts[0]));
+ } else {
+ $proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']);
+ }
+ // Verify that the protocol is always HTTP or HTTPS
+ // default to http if an invalid value is provided
+ return $proto === 'https' ? 'https' : 'http';
+ }
+ if (isset($_SERVER['HTTPS'])
+ && $_SERVER['HTTPS'] !== null
+ && $_SERVER['HTTPS'] !== 'off'
+ && $_SERVER['HTTPS'] !== '') {
+ return 'https';
+ }
+ return 'http';
+}
+
+function getRequestHostname() {
+ if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
+ return strtolower($_SERVER['HTTP_X_FORWARDED_HOST']);
+ }
+ return strtolower($_SERVER['HTTP_HOST']);
+}
+
+function getRequestUriWithoutFilename() {
+ return strtolower(substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], '/') + 1));
+}
+
+/**
* Copied from http://rogerstringer.com/2013/11/15/generate-uuids-php/
*/
function generate_uuid() {
diff --git a/storage-backend/slots/.htaccess b/storage-backend/slots/.htaccess
new file mode 100644
index 0000000..3418e55
--- /dev/null
+++ b/storage-backend/slots/.htaccess
@@ -0,0 +1 @@
+deny from all \ No newline at end of file