aboutsummaryrefslogtreecommitdiffstats
path: root/storage-backend/index.php
diff options
context:
space:
mode:
Diffstat (limited to 'storage-backend/index.php')
-rw-r--r--storage-backend/index.php40
1 files changed, 27 insertions, 13 deletions
diff --git a/storage-backend/index.php b/storage-backend/index.php
index f46e0eb..77a38f0 100644
--- a/storage-backend/index.php
+++ b/storage-backend/index.php
@@ -67,8 +67,8 @@ switch ($method) {
case 'POST':
// parse post parameters
// check if all parameters are present - return 400 (bad request) if a parameter is missing / empty
- $xmppServerKey = getMandatoryPostParameter('xmpp_server_key');
- $userJid = getMandatoryPostParameter('user_jid');
+ $xmppServerKey = getMandatoryPost('xmpp_server_key');
+ $userJid = getMandatoryPost('user_jid');
$slotType = getOptionalPostParameter('slot_type', 'upload');
// Check if xmppServerKey is allowed to request slots
@@ -78,14 +78,16 @@ switch ($method) {
switch ($slotType) {
case 'list':
- $slots = readSlots($userJid);
- $result = ['list' => $slots];
+ $limit = getOptionalPostParameter('limit', $config['list_default_limit']);
+ $offset = getOptionalPostParameter('offset', 0);
+ $files = listFiles($userJid, $limit, $offset);
+ $result = ['list' => $files];
break;
case 'upload':
default:
// Check if all parameters needed for an upload are present - return 400 (bad request) if a parameter is missing / empty
- $filename = rawurlencode(getMandatoryPostParameter('filename'));
- $filesize = getMandatoryPostParameter('size');
+ $filename = rawurlencode(getMandatoryPost('filename'));
+ $filesize = getMandatoryPost('size');
$mimeType = getOptionalPostParameter('content_type');
$recipientJid = getOptionalPostParameter('recipient_jid', 'Unknown'); // Optional for backwards compatibility (xep-0363 v0.1)
@@ -143,7 +145,8 @@ switch ($method) {
sendHttpReturnCodeAndJson(403, "Uploaded file size differs from requested slot size.");
}
// check actual mime type with registered mime type
- if (!is_null($slotParameters['content_type']) && !empty($slotParameters['content_type']) && mime_content_type($uploadFilePath) != $slotParameters['content_type']) {
+ $uploadedContentType = mime_content_type($uploadFilePath);
+ if (!is_null($slotParameters['content_type']) && !empty($slotParameters['content_type']) && $uploadedContentType != $slotParameters['content_type']) {
unlink($uploadFilePath);
sendHttpReturnCodeAndJson(403, "Uploaded file content type differs from requested slot content type.");
}
@@ -193,6 +196,17 @@ switch ($method) {
sendHttpReturnCodeAndJson(500, "Could not delete file.");
}
break;
+ case 'GET':
+ $actionParameter = getMandatoryGet('action');
+
+ switch ($actionParameter) {
+ case 'version':
+ echo json_encode(require_once(__DIR__.'/lib/version.inc.php'));
+ break;
+ default:
+ sendHttpReturnCodeAndJson(403, "Access not allowed.");
+ }
+ break;
default:
sendHttpReturnCodeAndJson(403, "Access not allowed.");
break;
@@ -212,12 +226,12 @@ function checkFilenameParameter($filename, $slotParameters) {
return $slotParameters['filename'] == $filename;
}
-function getMandatoryPostParameter($parameterName) {
- $parameter = $_POST[$parameterName];
- if (!isset($parameter) || is_null($parameter) || empty($parameter)) {
- sendHttpReturnCodeAndJson(400, ['msg' => 'Missing parameter.', 'err_code' => 4, 'parameters' => ['missing_parameter' => $parameterName]]);
- }
- return $parameter;
+function getMandatoryPost($parameterName) {
+ return getMandatoryPostParameter($parameterName, ['msg' => 'Missing parameter.', 'err_code' => 4, 'parameters' => ['missing_parameter' => $parameterName]], true);
+}
+
+function getMandatoryGet($parameterName) {
+ return getMandatoryGetParameter($parameterName, ['msg' => 'Missing parameter.', 'err_code' => 4, 'parameters' => ['missing_parameter' => $parameterName]], true);
}
function getUUIDFromUri($uri) {