From d1dd1e5778a566219ecd2a1c463eed837d56eb89 Mon Sep 17 00:00:00 2001 From: bohwaz Date: Sat, 28 Jan 2023 03:30:10 +0100 Subject: [PATCH] Fix #2 Fix #4 Allow use of symlinks for index.php, generate .htaccess accordingly --- index.php | 36 +++++++++++++++++++----------------- server.php | 30 ++++++++++++++++-------------- 2 files changed, 35 insertions(+), 31 deletions(-) diff --git a/index.php b/index.php index 3d77c51..f3aa02c 100644 --- a/index.php +++ b/index.php @@ -1322,9 +1322,9 @@ namespace PicoDAV public array $users = []; - public function __construct() + public function __construct(string $path) { - $this->path = __DIR__ . '/'; + $this->path = $path . '/'; } public function auth(): bool @@ -1860,7 +1860,10 @@ namespace { use PicoDAV\Storage; $uri = strtok($_SERVER['REQUEST_URI'], '?'); - $root = substr(__DIR__, strlen($_SERVER['DOCUMENT_ROOT'])); + $self = $_SERVER['SCRIPT_FILENAME']; + $self_dir = dirname($self); + $root = substr(dirname($_SERVER['SCRIPT_FILENAME']), strlen($_SERVER['DOCUMENT_ROOT'])); + $root = '/' . ltrim($root, '/'); if (false !== strpos($uri, '..')) { http_response_code(404); @@ -1869,8 +1872,8 @@ namespace { $relative_uri = ltrim(substr($uri, strlen($root)), '/'); - if (!empty($_SERVER['SERVER_SOFTWARE']) && stristr($_SERVER['SERVER_SOFTWARE'], 'apache') && !file_exists(__DIR__ . '/.htaccess')) { - file_put_contents(__DIR__ . '/.htaccess', 'DirectoryIndex disabled + if (!empty($_SERVER['SERVER_SOFTWARE']) && stristr($_SERVER['SERVER_SOFTWARE'], 'apache') && !file_exists($self_dir . '/.htaccess')) { + file_put_contents($self_dir . '/.htaccess', str_replace('index.php', basename($self), 'DirectoryIndex disabled RedirectMatch 404 \\.picodav\\.ini @@ -1884,7 +1887,7 @@ RewriteBase / #RewriteCond %{REQUEST_METHOD} !GET RewriteRule ^.*$ /index.php [END] -'); +')); } if ($relative_uri == '.webdav/webdav.js' || $relative_uri == '.webdav/webdav.css') { @@ -1906,11 +1909,11 @@ RewriteRule ^.*$ /index.php [END] $fp = fopen(__FILE__, 'r'); if ($relative_uri == '.webdav/webdav.js') { - fseek($fp, 51058, SEEK_SET); + fseek($fp, 51249, SEEK_SET); echo fread($fp, 27769); } else { - fseek($fp, 51058 + 27769, SEEK_SET); + fseek($fp, 51249 + 27769, SEEK_SET); echo fread($fp, 7004); } @@ -1919,8 +1922,8 @@ RewriteRule ^.*$ /index.php [END] exit; } - const CONFIG_FILE = __DIR__ . '/.picodav.ini'; - define('PicoDAV\INTERNAL_FILES', ['.picodav.ini', basename(__FILE__), '.webdav/webdav.js', '.webdav/webdav.css']); + $config_file = $self_dir . '/.picodav.ini'; + define('PicoDAV\INTERNAL_FILES', ['.picodav.ini', $self_dir, '.webdav/webdav.js', '.webdav/webdav.css']); const DEFAULT_CONFIG = [ 'ANONYMOUS_READ' => true, @@ -1929,11 +1932,10 @@ RewriteRule ^.*$ /index.php [END] ]; $config = []; - $storage = new Storage; + $storage = new Storage($self_dir); - - if (file_exists(CONFIG_FILE)) { - $config = parse_ini_file(CONFIG_FILE, true); + if (file_exists($config_file)) { + $config = parse_ini_file($config_file, true); $users = array_filter($config, 'is_array'); $config = array_diff_key($config, $users); $config = array_change_key_case($config, \CASE_UPPER); @@ -1947,7 +1949,7 @@ RewriteRule ^.*$ /index.php [END] } if (count($replace)) { - $lines = file(CONFIG_FILE); + $lines = file($config_file); $current = null; foreach ($lines as &$line) { @@ -1963,7 +1965,7 @@ RewriteRule ^.*$ /index.php [END] unset($line, $current); - file_put_contents(CONFIG_FILE, implode('', $lines)); + file_put_contents($config_file, implode('', $lines)); } $storage->users = $users; @@ -1982,7 +1984,7 @@ RewriteRule ^.*$ /index.php [END] } - $dav = new Server; + $dav = new Server(); $dav->setStorage($storage); $dav->setBaseURI($root); diff --git a/server.php b/server.php index 1135e54..8e1f1fc 100644 --- a/server.php +++ b/server.php @@ -25,9 +25,9 @@ namespace PicoDAV public array $users = []; - public function __construct() + public function __construct(string $path) { - $this->path = __DIR__ . '/'; + $this->path = $path . '/'; } public function auth(): bool @@ -563,7 +563,10 @@ namespace { use PicoDAV\Storage; $uri = strtok($_SERVER['REQUEST_URI'], '?'); - $root = substr(__DIR__, strlen($_SERVER['DOCUMENT_ROOT'])); + $self = $_SERVER['SCRIPT_FILENAME']; + $self_dir = dirname($self); + $root = substr(dirname($_SERVER['SCRIPT_FILENAME']), strlen($_SERVER['DOCUMENT_ROOT'])); + $root = '/' . ltrim($root, '/'); if (false !== strpos($uri, '..')) { http_response_code(404); @@ -572,8 +575,8 @@ namespace { $relative_uri = ltrim(substr($uri, strlen($root)), '/'); - if (!empty($_SERVER['SERVER_SOFTWARE']) && stristr($_SERVER['SERVER_SOFTWARE'], 'apache') && !file_exists(__DIR__ . '/.htaccess')) { - file_put_contents(__DIR__ . '/.htaccess', /*__HTACCESS__*/); + if (!empty($_SERVER['SERVER_SOFTWARE']) && stristr($_SERVER['SERVER_SOFTWARE'], 'apache') && !file_exists($self_dir . '/.htaccess')) { + file_put_contents($self_dir . '/.htaccess', str_replace('index.php', basename($self), /*__HTACCESS__*/)); } if ($relative_uri == '.webdav/webdav.js' || $relative_uri == '.webdav/webdav.css') { @@ -608,8 +611,8 @@ namespace { exit; } - const CONFIG_FILE = __DIR__ . '/.picodav.ini'; - define('PicoDAV\INTERNAL_FILES', ['.picodav.ini', basename(__FILE__), '.webdav/webdav.js', '.webdav/webdav.css']); + $config_file = $self_dir . '/.picodav.ini'; + define('PicoDAV\INTERNAL_FILES', ['.picodav.ini', $self_dir, '.webdav/webdav.js', '.webdav/webdav.css']); const DEFAULT_CONFIG = [ 'ANONYMOUS_READ' => true, @@ -618,11 +621,10 @@ namespace { ]; $config = []; - $storage = new Storage; + $storage = new Storage($self_dir); - - if (file_exists(CONFIG_FILE)) { - $config = parse_ini_file(CONFIG_FILE, true); + if (file_exists($config_file)) { + $config = parse_ini_file($config_file, true); $users = array_filter($config, 'is_array'); $config = array_diff_key($config, $users); $config = array_change_key_case($config, \CASE_UPPER); @@ -636,7 +638,7 @@ namespace { } if (count($replace)) { - $lines = file(CONFIG_FILE); + $lines = file($config_file); $current = null; foreach ($lines as &$line) { @@ -652,7 +654,7 @@ namespace { unset($line, $current); - file_put_contents(CONFIG_FILE, implode('', $lines)); + file_put_contents($config_file, implode('', $lines)); } $storage->users = $users; @@ -671,7 +673,7 @@ namespace { } - $dav = new Server; + $dav = new Server(); $dav->setStorage($storage); $dav->setBaseURI($root);