diff options
Diffstat (limited to '')
-rw-r--r-- | storage-backend/index.php | 101 |
1 files changed, 9 insertions, 92 deletions
diff --git a/storage-backend/index.php b/storage-backend/index.php index 99d919c..d153e63 100644 --- a/storage-backend/index.php +++ b/storage-backend/index.php @@ -11,6 +11,7 @@ * size * content_type * user_jid + * receipient_jid * 403: In case the XMPP Server Key is not valid * 406: * File is empty (error code: 1) @@ -46,7 +47,9 @@ * The slot's delete token does not match the header field "X-FILETRANSFER-HTTP-DELETE-TOKEN" * The slot's delete token is not valid any more */ - +include_once(__DIR__.'/lib/functions.common.inc.php'); +include_once(__DIR__.'/lib/functions.http.inc.php'); +include_once(__DIR__.'/lib/functions.filetransfer.inc.php'); $method = $_SERVER['REQUEST_METHOD']; // Load configuration @@ -101,6 +104,7 @@ switch ($method) { $filename = rawurlencode(getMandatoryPostParameter('filename')); $filesize = getMandatoryPostParameter('size'); $mimeType = getOptionalPostParameter('content_type'); + $receipientJid = getMandatoryPostParameter('receipient_jid'); // check file name - return 406 (not acceptable) if file contains invalid characters foreach ($config['invalid_characters_in_filename'] as $invalidCharacter) { @@ -118,7 +122,7 @@ switch ($method) { } // generate slot uuid, register slot uuid and expected file size and expected mime type $slotUUID = generate_uuid(); - registerSlot($slotUUID, $filename, $filesize, $mimeType, $userJid, $config); + registerSlot($slotUUID, $filename, $filesize, $mimeType, $userJid, $receipientJid, $config); if (!mkdir(getUploadFilePath($slotUUID, $config))) { sendHttpReturnCodeAndJson(500, "Could not create directory for upload."); } @@ -217,13 +221,6 @@ function checkFilenameParameter($filename, $slotParameters) { return $slotParameters['filename'] == $filename; } -function loadSlotParameters($slotUUID, $config) { - $slotParameters = require(getSlotFilePath($slotUUID, $config)); - $slotParameters['filename'] = $slotParameters['filename']; - - return $slotParameters; -} - function getMandatoryPostParameter($parameterName) { $parameter = $_POST[$parameterName]; if (!isset($parameter) || is_null($parameter) || empty($parameter)) { @@ -232,27 +229,6 @@ function getMandatoryPostParameter($parameterName) { return $parameter; } -function getOptionalPostParameter($parameterName, $default = NULL) { - $parameter = $_POST[$parameterName]; - if (!isset($parameter) || is_null($parameter) || empty($parameter)) { - $parameter = $default; - } - return $parameter; -} - -function sendHttpReturnCodeAndJson($code, $data) { - if (!is_array($data)) { - $data = ['msg' => $data]; - } - header('Content-Type: application/json'); - sendHttpReturnCodeAndMessage($code, json_encode($data)); -} - -function sendHttpReturnCodeAndMessage($code, $text = '') { - http_response_code($code); - exit($text); -} - function getUUIDFromUri($uri) { $pattern = "/[a-f0-9]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/"; preg_match($pattern, $uri, $matches); @@ -264,10 +240,11 @@ function getFilenameFromUri($uri) { return substr($uri, $lastSlash); } -function registerSlot($slotUUID, $filename, $filesize, $contentType, $userJid, $config) { +function registerSlot($slotUUID, $filename, $filesize, $contentType, $userJid, $receipientJid, $config) { $contents = "<?php\n/*\n * This is an autogenerated file - do not edit\n */\n\n"; $contents .= 'return [\'filename\' => \''.$filename.'\', \'filesize\' => \''.$filesize.'\', '; - $contents .= '\'content_type\' => \''.$contentType.'\', \'user_jid\' => \''.$userJid.'\'];\n?>'; + $contents .= '\'content_type\' => \''.$contentType.'\', \'user_jid\' => \''.$userJid.'\', \'receipient_jid\' => \''.$receipientJid.'\'];'; + $contents .= "\n?>"; if (!file_put_contents(getSlotFilePath($slotUUID, $config), $contents)) { sendHttpReturnCodeAndMessage(500, "Could not create slot registry entry."); } @@ -286,64 +263,4 @@ function registerDeleteToken($slotUUID, $filename, $deleteToken, $config) { function slotExists($slotUUID, $config) { return file_exists(getSlotFilePath($slotUUID, $config)); } - -function getSlotFilePath($slotUUID, $config) { - return $config['slot_registry_dir'].$slotUUID; -} - -function getUploadFilePath($slotUUID, $config, $filename = NULL) { - $path = $config['storage_base_path'].$slotUUID; - if (!is_null($filename)) { - $path .= '/'.$filename; - } - return $path; -} - -/** - * Inspired by https://github.com/owncloud/core/blob/master/lib/private/appframework/http/request.php#L523 - */ -function getServerProtocol() { - if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) { - if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], ',') !== false) { - $parts = explode(',', $_SERVER['HTTP_X_FORWARDED_PROTO']); - $proto = strtolower(trim($parts[0])); - } else { - $proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']); - } - // Verify that the protocol is always HTTP or HTTPS - // default to http if an invalid value is provided - return $proto === 'https' ? 'https' : 'http'; - } - if (isset($_SERVER['HTTPS']) - && $_SERVER['HTTPS'] !== null - && $_SERVER['HTTPS'] !== 'off' - && $_SERVER['HTTPS'] !== '') { - return 'https'; - } - return 'http'; -} - -function getRequestHostname() { - if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) { - return strtolower($_SERVER['HTTP_X_FORWARDED_HOST']); - } - return strtolower($_SERVER['HTTP_HOST']); -} - -function getRequestUriWithoutFilename() { - return strtolower(substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], '/') + 1)); -} - -/** - * Copied from http://rogerstringer.com/2013/11/15/generate-uuids-php/ - */ -function generate_uuid() { - return sprintf( '%04x%04x-%04x-%04x-%04x-%04x%04x%04x', - mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), - mt_rand( 0, 0xffff ), - mt_rand( 0, 0x0fff ) | 0x4000, - mt_rand( 0, 0x3fff ) | 0x8000, - mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ) - ); -} ?> |