Fix #4

Allow use of symlinks for index.php, generate .htaccess accordingly
This commit is contained in:
bohwaz 2023-01-28 03:30:10 +01:00
parent c6d94e0b4c
commit d1dd1e5778
2 changed files with 35 additions and 31 deletions

View file

@ -1322,9 +1322,9 @@ namespace PicoDAV
public array $users = []; public array $users = [];
public function __construct() public function __construct(string $path)
{ {
$this->path = __DIR__ . '/'; $this->path = $path . '/';
} }
public function auth(): bool public function auth(): bool
@ -1860,7 +1860,10 @@ namespace {
use PicoDAV\Storage; use PicoDAV\Storage;
$uri = strtok($_SERVER['REQUEST_URI'], '?'); $uri = strtok($_SERVER['REQUEST_URI'], '?');
$root = substr(__DIR__, strlen($_SERVER['DOCUMENT_ROOT'])); $self = $_SERVER['SCRIPT_FILENAME'];
$self_dir = dirname($self);
$root = substr(dirname($_SERVER['SCRIPT_FILENAME']), strlen($_SERVER['DOCUMENT_ROOT']));
$root = '/' . ltrim($root, '/');
if (false !== strpos($uri, '..')) { if (false !== strpos($uri, '..')) {
http_response_code(404); http_response_code(404);
@ -1869,8 +1872,8 @@ namespace {
$relative_uri = ltrim(substr($uri, strlen($root)), '/'); $relative_uri = ltrim(substr($uri, strlen($root)), '/');
if (!empty($_SERVER['SERVER_SOFTWARE']) && stristr($_SERVER['SERVER_SOFTWARE'], 'apache') && !file_exists(__DIR__ . '/.htaccess')) { if (!empty($_SERVER['SERVER_SOFTWARE']) && stristr($_SERVER['SERVER_SOFTWARE'], 'apache') && !file_exists($self_dir . '/.htaccess')) {
file_put_contents(__DIR__ . '/.htaccess', 'DirectoryIndex disabled file_put_contents($self_dir . '/.htaccess', str_replace('index.php', basename($self), 'DirectoryIndex disabled
RedirectMatch 404 \\.picodav\\.ini RedirectMatch 404 \\.picodav\\.ini
@ -1884,7 +1887,7 @@ RewriteBase /
#RewriteCond %{REQUEST_METHOD} !GET #RewriteCond %{REQUEST_METHOD} !GET
RewriteRule ^.*$ /index.php [END] RewriteRule ^.*$ /index.php [END]
'); '));
} }
if ($relative_uri == '.webdav/webdav.js' || $relative_uri == '.webdav/webdav.css') { if ($relative_uri == '.webdav/webdav.js' || $relative_uri == '.webdav/webdav.css') {
@ -1906,11 +1909,11 @@ RewriteRule ^.*$ /index.php [END]
$fp = fopen(__FILE__, 'r'); $fp = fopen(__FILE__, 'r');
if ($relative_uri == '.webdav/webdav.js') { if ($relative_uri == '.webdav/webdav.js') {
fseek($fp, 51058, SEEK_SET); fseek($fp, 51249, SEEK_SET);
echo fread($fp, 27769); echo fread($fp, 27769);
} }
else { else {
fseek($fp, 51058 + 27769, SEEK_SET); fseek($fp, 51249 + 27769, SEEK_SET);
echo fread($fp, 7004); echo fread($fp, 7004);
} }
@ -1919,8 +1922,8 @@ RewriteRule ^.*$ /index.php [END]
exit; exit;
} }
const CONFIG_FILE = __DIR__ . '/.picodav.ini'; $config_file = $self_dir . '/.picodav.ini';
define('PicoDAV\INTERNAL_FILES', ['.picodav.ini', basename(__FILE__), '.webdav/webdav.js', '.webdav/webdav.css']); define('PicoDAV\INTERNAL_FILES', ['.picodav.ini', $self_dir, '.webdav/webdav.js', '.webdav/webdav.css']);
const DEFAULT_CONFIG = [ const DEFAULT_CONFIG = [
'ANONYMOUS_READ' => true, 'ANONYMOUS_READ' => true,
@ -1929,11 +1932,10 @@ RewriteRule ^.*$ /index.php [END]
]; ];
$config = []; $config = [];
$storage = new Storage; $storage = new Storage($self_dir);
if (file_exists($config_file)) {
if (file_exists(CONFIG_FILE)) { $config = parse_ini_file($config_file, true);
$config = parse_ini_file(CONFIG_FILE, true);
$users = array_filter($config, 'is_array'); $users = array_filter($config, 'is_array');
$config = array_diff_key($config, $users); $config = array_diff_key($config, $users);
$config = array_change_key_case($config, \CASE_UPPER); $config = array_change_key_case($config, \CASE_UPPER);
@ -1947,7 +1949,7 @@ RewriteRule ^.*$ /index.php [END]
} }
if (count($replace)) { if (count($replace)) {
$lines = file(CONFIG_FILE); $lines = file($config_file);
$current = null; $current = null;
foreach ($lines as &$line) { foreach ($lines as &$line) {
@ -1963,7 +1965,7 @@ RewriteRule ^.*$ /index.php [END]
unset($line, $current); unset($line, $current);
file_put_contents(CONFIG_FILE, implode('', $lines)); file_put_contents($config_file, implode('', $lines));
} }
$storage->users = $users; $storage->users = $users;
@ -1982,7 +1984,7 @@ RewriteRule ^.*$ /index.php [END]
} }
$dav = new Server; $dav = new Server();
$dav->setStorage($storage); $dav->setStorage($storage);
$dav->setBaseURI($root); $dav->setBaseURI($root);

View file

@ -25,9 +25,9 @@ namespace PicoDAV
public array $users = []; public array $users = [];
public function __construct() public function __construct(string $path)
{ {
$this->path = __DIR__ . '/'; $this->path = $path . '/';
} }
public function auth(): bool public function auth(): bool
@ -563,7 +563,10 @@ namespace {
use PicoDAV\Storage; use PicoDAV\Storage;
$uri = strtok($_SERVER['REQUEST_URI'], '?'); $uri = strtok($_SERVER['REQUEST_URI'], '?');
$root = substr(__DIR__, strlen($_SERVER['DOCUMENT_ROOT'])); $self = $_SERVER['SCRIPT_FILENAME'];
$self_dir = dirname($self);
$root = substr(dirname($_SERVER['SCRIPT_FILENAME']), strlen($_SERVER['DOCUMENT_ROOT']));
$root = '/' . ltrim($root, '/');
if (false !== strpos($uri, '..')) { if (false !== strpos($uri, '..')) {
http_response_code(404); http_response_code(404);
@ -572,8 +575,8 @@ namespace {
$relative_uri = ltrim(substr($uri, strlen($root)), '/'); $relative_uri = ltrim(substr($uri, strlen($root)), '/');
if (!empty($_SERVER['SERVER_SOFTWARE']) && stristr($_SERVER['SERVER_SOFTWARE'], 'apache') && !file_exists(__DIR__ . '/.htaccess')) { if (!empty($_SERVER['SERVER_SOFTWARE']) && stristr($_SERVER['SERVER_SOFTWARE'], 'apache') && !file_exists($self_dir . '/.htaccess')) {
file_put_contents(__DIR__ . '/.htaccess', /*__HTACCESS__*/); file_put_contents($self_dir . '/.htaccess', str_replace('index.php', basename($self), /*__HTACCESS__*/));
} }
if ($relative_uri == '.webdav/webdav.js' || $relative_uri == '.webdav/webdav.css') { if ($relative_uri == '.webdav/webdav.js' || $relative_uri == '.webdav/webdav.css') {
@ -608,8 +611,8 @@ namespace {
exit; exit;
} }
const CONFIG_FILE = __DIR__ . '/.picodav.ini'; $config_file = $self_dir . '/.picodav.ini';
define('PicoDAV\INTERNAL_FILES', ['.picodav.ini', basename(__FILE__), '.webdav/webdav.js', '.webdav/webdav.css']); define('PicoDAV\INTERNAL_FILES', ['.picodav.ini', $self_dir, '.webdav/webdav.js', '.webdav/webdav.css']);
const DEFAULT_CONFIG = [ const DEFAULT_CONFIG = [
'ANONYMOUS_READ' => true, 'ANONYMOUS_READ' => true,
@ -618,11 +621,10 @@ namespace {
]; ];
$config = []; $config = [];
$storage = new Storage; $storage = new Storage($self_dir);
if (file_exists($config_file)) {
if (file_exists(CONFIG_FILE)) { $config = parse_ini_file($config_file, true);
$config = parse_ini_file(CONFIG_FILE, true);
$users = array_filter($config, 'is_array'); $users = array_filter($config, 'is_array');
$config = array_diff_key($config, $users); $config = array_diff_key($config, $users);
$config = array_change_key_case($config, \CASE_UPPER); $config = array_change_key_case($config, \CASE_UPPER);
@ -636,7 +638,7 @@ namespace {
} }
if (count($replace)) { if (count($replace)) {
$lines = file(CONFIG_FILE); $lines = file($config_file);
$current = null; $current = null;
foreach ($lines as &$line) { foreach ($lines as &$line) {
@ -652,7 +654,7 @@ namespace {
unset($line, $current); unset($line, $current);
file_put_contents(CONFIG_FILE, implode('', $lines)); file_put_contents($config_file, implode('', $lines));
} }
$storage->users = $users; $storage->users = $users;
@ -671,7 +673,7 @@ namespace {
} }
$dav = new Server; $dav = new Server();
$dav->setStorage($storage); $dav->setStorage($storage);
$dav->setBaseURI($root); $dav->setBaseURI($root);