diff options
| author | steckbrief <steckbrief@chefmail.de> | 2016-01-04 21:48:17 +0100 |
|---|---|---|
| committer | steckbrief <steckbrief@chefmail.de> | 2016-01-04 21:48:17 +0100 |
| commit | fbba3876b537e84699b854e098936a5cd4fe0c8b (patch) | |
| tree | 25ab681f333b83dc7b6859aa7b9504d158a497ec | |
| parent | 45cd34e42b9a980b76b66310c823fc8d2f5b55cb (diff) | |
Reduced manual configuration, folder structure created
Determination of storage paths now relative to script directory and programmatically
Determination of get and put URLs now based on the slot request request
Basic access restriction to default directories
| -rw-r--r-- | storage-backend/config.inc.php | 21 | ||||
| -rw-r--r-- | storage-backend/config/.htaccess | 1 | ||||
| -rw-r--r-- | storage-backend/config/config.inc.php | 13 | ||||
| -rw-r--r-- | storage-backend/files/.htaccess | 1 | ||||
| -rw-r--r-- | storage-backend/index.php | 42 | ||||
| -rw-r--r-- | storage-backend/slots/.htaccess | 1 |
6 files changed, 57 insertions, 22 deletions
diff --git a/storage-backend/config.inc.php b/storage-backend/config.inc.php deleted file mode 100644 index f9b7537..0000000 --- a/storage-backend/config.inc.php +++ /dev/null @@ -1,21 +0,0 @@ -<?php -/* - * Configuration file for http upload storage backend - */ - -return array( - // Array of keys of XMPP Server allowed to request slots - 'valid_xmpp_server_keys' => array('abc'), - // Max Upload size in bytes - 'max_upload_file_size' => 10 * 1024 * 1024, - // Array of characters which are not allowed in filenames - 'invalid_characters_in_filename' => array('/'), - // The path to the file storage - IMPORTANT: Add a trailing '/' - 'storage_base_path' => '[[PATH_TO_STORAGE]]', - // The path to the directory where the slots are stored - IMPORTANT: Add a trailing '/' - 'slot_registry_dir' => '[[PATH_TO_SLOT_STORAGE]]', - // The base URL to put the files - IMPORTANT: Add a trailing '/' - 'base_url_put' => '[[BASE_URL_FOR_PUT]]', - // The base URL to get the files - IMPORTANT: Add a trailing '/' - 'base_url_get' => '[[BASE_URL_FOR_GET]]', -); diff --git a/storage-backend/config/.htaccess b/storage-backend/config/.htaccess new file mode 100644 index 0000000..3418e55 --- /dev/null +++ b/storage-backend/config/.htaccess @@ -0,0 +1 @@ +deny from all
\ No newline at end of file diff --git a/storage-backend/config/config.inc.php b/storage-backend/config/config.inc.php new file mode 100644 index 0000000..dd05a15 --- /dev/null +++ b/storage-backend/config/config.inc.php @@ -0,0 +1,13 @@ +<?php +/* + * Configuration file for http upload storage backend + */ + +return [ + // Array of keys of XMPP Server allowed to request slots + 'valid_xmpp_server_keys' => ['abc'], + // Max Upload size in bytes + 'max_upload_file_size' => 10 * 1024 * 1024, + // Array of characters which are not allowed in filenames + 'invalid_characters_in_filename' => ['/'], +]; diff --git a/storage-backend/files/.htaccess b/storage-backend/files/.htaccess new file mode 100644 index 0000000..45552cb --- /dev/null +++ b/storage-backend/files/.htaccess @@ -0,0 +1 @@ +Options -Indexes
\ No newline at end of file diff --git a/storage-backend/index.php b/storage-backend/index.php index 1753055..d9c82d5 100644 --- a/storage-backend/index.php +++ b/storage-backend/index.php @@ -31,7 +31,12 @@ $method = $_SERVER['REQUEST_METHOD']; // Load configuration -$config = require('config.php'); +$config = require(__DIR__.'/config/config.php'); +// Initialize directory config +$config['storage_base_path'] = __DIR__.'/files/'; +$config['slot_registry_dir'] = __DIR__.'/slots/'; +$config['base_url_put'] = getServerProtocol()."://".getRequestHostname().getRequestUriWithoutFilename().'files/'; +$config['base_url_get'] = $config['base_url_put']; switch ($method) { case 'POST': @@ -173,6 +178,41 @@ function getUploadFilePath($slotUUID, $config, $filename = NULL) { } /** + * Inspired by https://github.com/owncloud/core/blob/master/lib/private/appframework/http/request.php#L523 + */ +function getServerProtocol() { + if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) { + if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], ',') !== false) { + $parts = explode(',', $_SERVER['HTTP_X_FORWARDED_PROTO']); + $proto = strtolower(trim($parts[0])); + } else { + $proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']); + } + // Verify that the protocol is always HTTP or HTTPS + // default to http if an invalid value is provided + return $proto === 'https' ? 'https' : 'http'; + } + if (isset($_SERVER['HTTPS']) + && $_SERVER['HTTPS'] !== null + && $_SERVER['HTTPS'] !== 'off' + && $_SERVER['HTTPS'] !== '') { + return 'https'; + } + return 'http'; +} + +function getRequestHostname() { + if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) { + return strtolower($_SERVER['HTTP_X_FORWARDED_HOST']); + } + return strtolower($_SERVER['HTTP_HOST']); +} + +function getRequestUriWithoutFilename() { + return strtolower(substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], '/') + 1)); +} + +/** * Copied from http://rogerstringer.com/2013/11/15/generate-uuids-php/ */ function generate_uuid() { diff --git a/storage-backend/slots/.htaccess b/storage-backend/slots/.htaccess new file mode 100644 index 0000000..3418e55 --- /dev/null +++ b/storage-backend/slots/.htaccess @@ -0,0 +1 @@ +deny from all
\ No newline at end of file |