Dolibarr / dolibarr

htdocs/includes/sabre/sabre/dav/lib/DAV/Exception/UnsupportedMediaType.php

Indentation +9 added lines, -9 removed lines

@@ -18,13 +18,13 @@
  */
 class UnsupportedMediaType extends DAV\Exception
 {
-    /**
-     * returns the http statuscode for this exception.
-     *
-     * @return int
-     */
-    public function getHTTPCode()
-    {
-        return 415;
-    }
+	/**
+	 * returns the http statuscode for this exception.
+	 *
+	 * @return int
+	 */
+	public function getHTTPCode()
+	{
+		return 415;
+	}
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/Exception/NotAuthenticated.php

Indentation +9 added lines, -9 removed lines

@@ -18,13 +18,13 @@
  */
 class NotAuthenticated extends DAV\Exception
 {
-    /**
-     * Returns the HTTP statuscode for this exception.
-     *
-     * @return int
-     */
-    public function getHTTPCode()
-    {
-        return 401;
-    }
+	/**
+	 * Returns the HTTP statuscode for this exception.
+	 *
+	 * @return int
+	 */
+	public function getHTTPCode()
+	{
+		return 401;
+	}
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/Exception/PreconditionFailed.php

Indentation +40 added lines, -40 removed lines

@@ -19,47 +19,47 @@
  */
 class PreconditionFailed extends DAV\Exception
 {
-    /**
-     * When this exception is thrown, the header-name might be set.
-     *
-     * This allows the exception-catching code to determine which HTTP header
-     * caused the exception.
-     *
-     * @var string
-     */
-    public $header = null;
+	/**
+	 * When this exception is thrown, the header-name might be set.
+	 *
+	 * This allows the exception-catching code to determine which HTTP header
+	 * caused the exception.
+	 *
+	 * @var string
+	 */
+	public $header = null;
 
-    /**
-     * Create the exception.
-     *
-     * @param string $message
-     * @param string $header
-     */
-    public function __construct($message, $header = null)
-    {
-        parent::__construct($message);
-        $this->header = $header;
-    }
+	/**
+	 * Create the exception.
+	 *
+	 * @param string $message
+	 * @param string $header
+	 */
+	public function __construct($message, $header = null)
+	{
+		parent::__construct($message);
+		$this->header = $header;
+	}
 
-    /**
-     * Returns the HTTP statuscode for this exception.
-     *
-     * @return int
-     */
-    public function getHTTPCode()
-    {
-        return 412;
-    }
+	/**
+	 * Returns the HTTP statuscode for this exception.
+	 *
+	 * @return int
+	 */
+	public function getHTTPCode()
+	{
+		return 412;
+	}
 
-    /**
-     * This method allows the exception to include additional information into the WebDAV error response.
-     */
-    public function serialize(DAV\Server $server, \DOMElement $errorNode)
-    {
-        if ($this->header) {
-            $prop = $errorNode->ownerDocument->createElement('s:header');
-            $prop->nodeValue = $this->header;
-            $errorNode->appendChild($prop);
-        }
-    }
+	/**
+	 * This method allows the exception to include additional information into the WebDAV error response.
+	 */
+	public function serialize(DAV\Server $server, \DOMElement $errorNode)
+	{
+		if ($this->header) {
+			$prop = $errorNode->ownerDocument->createElement('s:header');
+			$prop->nodeValue = $this->header;
+			$errorNode->appendChild($prop);
+		}
+	}
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/Node.php

Indentation +31 added lines, -31 removed lines

@@ -15,37 +15,37 @@
  */
 abstract class Node implements INode
 {
-    /**
-     * Returns the last modification time as a unix timestamp.
-     *
-     * If the information is not available, return null.
-     *
-     * @return int
-     */
-    public function getLastModified()
-    {
-        return null;
-    }
+	/**
+	 * Returns the last modification time as a unix timestamp.
+	 *
+	 * If the information is not available, return null.
+	 *
+	 * @return int
+	 */
+	public function getLastModified()
+	{
+		return null;
+	}
 
-    /**
-     * Deletes the current node.
-     *
-     * @throws Exception\Forbidden
-     */
-    public function delete()
-    {
-        throw new Exception\Forbidden('Permission denied to delete node');
-    }
+	/**
+	 * Deletes the current node.
+	 *
+	 * @throws Exception\Forbidden
+	 */
+	public function delete()
+	{
+		throw new Exception\Forbidden('Permission denied to delete node');
+	}
 
-    /**
-     * Renames the node.
-     *
-     * @param string $name The new name
-     *
-     * @throws Exception\Forbidden
-     */
-    public function setName($name)
-    {
-        throw new Exception\Forbidden('Permission denied to rename file');
-    }
+	/**
+	 * Renames the node.
+	 *
+	 * @param string $name The new name
+	 *
+	 * @throws Exception\Forbidden
+	 */
+	public function setName($name)
+	{
+		throw new Exception\Forbidden('Permission denied to rename file');
+	}
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/PropFind.php

Indentation +294 added lines, -294 removed lines

@@ -12,324 +12,324 @@
  */
 class PropFind
 {
-    /**
-     * A normal propfind.
-     */
-    const NORMAL = 0;
+	/**
+	 * A normal propfind.
+	 */
+	const NORMAL = 0;
 
-    /**
-     * An allprops request.
-     *
-     * While this was originally intended for instructing the server to really
-     * fetch every property, because it was used so often and it's so heavy
-     * this turned into a small list of default properties after a while.
-     *
-     * So 'all properties' now means a hardcoded list.
-     */
-    const ALLPROPS = 1;
+	/**
+	 * An allprops request.
+	 *
+	 * While this was originally intended for instructing the server to really
+	 * fetch every property, because it was used so often and it's so heavy
+	 * this turned into a small list of default properties after a while.
+	 *
+	 * So 'all properties' now means a hardcoded list.
+	 */
+	const ALLPROPS = 1;
 
-    /**
-     * A propname request. This just returns a list of properties that are
-     * defined on a node, without their values.
-     */
-    const PROPNAME = 2;
+	/**
+	 * A propname request. This just returns a list of properties that are
+	 * defined on a node, without their values.
+	 */
+	const PROPNAME = 2;
 
-    /**
-     * Creates the PROPFIND object.
-     *
-     * @param string $path
-     * @param int    $depth
-     * @param int    $requestType
-     */
-    public function __construct($path, array $properties, $depth = 0, $requestType = self::NORMAL)
-    {
-        $this->path = $path;
-        $this->properties = $properties;
-        $this->depth = $depth;
-        $this->requestType = $requestType;
+	/**
+	 * Creates the PROPFIND object.
+	 *
+	 * @param string $path
+	 * @param int    $depth
+	 * @param int    $requestType
+	 */
+	public function __construct($path, array $properties, $depth = 0, $requestType = self::NORMAL)
+	{
+		$this->path = $path;
+		$this->properties = $properties;
+		$this->depth = $depth;
+		$this->requestType = $requestType;
 
-        if (self::ALLPROPS === $requestType) {
-            $this->properties = [
-                '{DAV:}getlastmodified',
-                '{DAV:}getcontentlength',
-                '{DAV:}resourcetype',
-                '{DAV:}quota-used-bytes',
-                '{DAV:}quota-available-bytes',
-                '{DAV:}getetag',
-                '{DAV:}getcontenttype',
-            ];
-        }
+		if (self::ALLPROPS === $requestType) {
+			$this->properties = [
+				'{DAV:}getlastmodified',
+				'{DAV:}getcontentlength',
+				'{DAV:}resourcetype',
+				'{DAV:}quota-used-bytes',
+				'{DAV:}quota-available-bytes',
+				'{DAV:}getetag',
+				'{DAV:}getcontenttype',
+			];
+		}
 
-        foreach ($this->properties as $propertyName) {
-            // Seeding properties with 404's.
-            $this->result[$propertyName] = [404, null];
-        }
-        $this->itemsLeft = count($this->result);
-    }
+		foreach ($this->properties as $propertyName) {
+			// Seeding properties with 404's.
+			$this->result[$propertyName] = [404, null];
+		}
+		$this->itemsLeft = count($this->result);
+	}
 
-    /**
-     * Handles a specific property.
-     *
-     * This method checks whether the specified property was requested in this
-     * PROPFIND request, and if so, it will call the callback and use the
-     * return value for it's value.
-     *
-     * Example:
-     *
-     * $propFind->handle('{DAV:}displayname', function() {
-     *      return 'hello';
-     * });
-     *
-     * Note that handle will only work the first time. If null is returned, the
-     * value is ignored.
-     *
-     * It's also possible to not pass a callback, but immediately pass a value
-     *
-     * @param string $propertyName
-     * @param mixed  $valueOrCallBack
-     */
-    public function handle($propertyName, $valueOrCallBack)
-    {
-        if ($this->itemsLeft && isset($this->result[$propertyName]) && 404 === $this->result[$propertyName][0]) {
-            if (is_callable($valueOrCallBack)) {
-                $value = $valueOrCallBack();
-            } else {
-                $value = $valueOrCallBack;
-            }
-            if (!is_null($value)) {
-                --$this->itemsLeft;
-                $this->result[$propertyName] = [200, $value];
-            }
-        }
-    }
+	/**
+	 * Handles a specific property.
+	 *
+	 * This method checks whether the specified property was requested in this
+	 * PROPFIND request, and if so, it will call the callback and use the
+	 * return value for it's value.
+	 *
+	 * Example:
+	 *
+	 * $propFind->handle('{DAV:}displayname', function() {
+	 *      return 'hello';
+	 * });
+	 *
+	 * Note that handle will only work the first time. If null is returned, the
+	 * value is ignored.
+	 *
+	 * It's also possible to not pass a callback, but immediately pass a value
+	 *
+	 * @param string $propertyName
+	 * @param mixed  $valueOrCallBack
+	 */
+	public function handle($propertyName, $valueOrCallBack)
+	{
+		if ($this->itemsLeft && isset($this->result[$propertyName]) && 404 === $this->result[$propertyName][0]) {
+			if (is_callable($valueOrCallBack)) {
+				$value = $valueOrCallBack();
+			} else {
+				$value = $valueOrCallBack;
+			}
+			if (!is_null($value)) {
+				--$this->itemsLeft;
+				$this->result[$propertyName] = [200, $value];
+			}
+		}
+	}
 
-    /**
-     * Sets the value of the property.
-     *
-     * If status is not supplied, the status will default to 200 for non-null
-     * properties, and 404 for null properties.
-     *
-     * @param string $propertyName
-     * @param mixed  $value
-     * @param int    $status
-     */
-    public function set($propertyName, $value, $status = null)
-    {
-        if (is_null($status)) {
-            $status = is_null($value) ? 404 : 200;
-        }
-        // If this is an ALLPROPS request and the property is
-        // unknown, add it to the result; else ignore it:
-        if (!isset($this->result[$propertyName])) {
-            if (self::ALLPROPS === $this->requestType) {
-                $this->result[$propertyName] = [$status, $value];
-            }
+	/**
+	 * Sets the value of the property.
+	 *
+	 * If status is not supplied, the status will default to 200 for non-null
+	 * properties, and 404 for null properties.
+	 *
+	 * @param string $propertyName
+	 * @param mixed  $value
+	 * @param int    $status
+	 */
+	public function set($propertyName, $value, $status = null)
+	{
+		if (is_null($status)) {
+			$status = is_null($value) ? 404 : 200;
+		}
+		// If this is an ALLPROPS request and the property is
+		// unknown, add it to the result; else ignore it:
+		if (!isset($this->result[$propertyName])) {
+			if (self::ALLPROPS === $this->requestType) {
+				$this->result[$propertyName] = [$status, $value];
+			}
 
-            return;
-        }
-        if (404 !== $status && 404 === $this->result[$propertyName][0]) {
-            --$this->itemsLeft;
-        } elseif (404 === $status && 404 !== $this->result[$propertyName][0]) {
-            ++$this->itemsLeft;
-        }
-        $this->result[$propertyName] = [$status, $value];
-    }
+			return;
+		}
+		if (404 !== $status && 404 === $this->result[$propertyName][0]) {
+			--$this->itemsLeft;
+		} elseif (404 === $status && 404 !== $this->result[$propertyName][0]) {
+			++$this->itemsLeft;
+		}
+		$this->result[$propertyName] = [$status, $value];
+	}
 
-    /**
-     * Returns the current value for a property.
-     *
-     * @param string $propertyName
-     *
-     * @return mixed
-     */
-    public function get($propertyName)
-    {
-        return isset($this->result[$propertyName]) ? $this->result[$propertyName][1] : null;
-    }
+	/**
+	 * Returns the current value for a property.
+	 *
+	 * @param string $propertyName
+	 *
+	 * @return mixed
+	 */
+	public function get($propertyName)
+	{
+		return isset($this->result[$propertyName]) ? $this->result[$propertyName][1] : null;
+	}
 
-    /**
-     * Returns the current status code for a property name.
-     *
-     * If the property does not appear in the list of requested properties,
-     * null will be returned.
-     *
-     * @param string $propertyName
-     *
-     * @return int|null
-     */
-    public function getStatus($propertyName)
-    {
-        return isset($this->result[$propertyName]) ? $this->result[$propertyName][0] : null;
-    }
+	/**
+	 * Returns the current status code for a property name.
+	 *
+	 * If the property does not appear in the list of requested properties,
+	 * null will be returned.
+	 *
+	 * @param string $propertyName
+	 *
+	 * @return int|null
+	 */
+	public function getStatus($propertyName)
+	{
+		return isset($this->result[$propertyName]) ? $this->result[$propertyName][0] : null;
+	}
 
-    /**
-     * Updates the path for this PROPFIND.
-     *
-     * @param string $path
-     */
-    public function setPath($path)
-    {
-        $this->path = $path;
-    }
+	/**
+	 * Updates the path for this PROPFIND.
+	 *
+	 * @param string $path
+	 */
+	public function setPath($path)
+	{
+		$this->path = $path;
+	}
 
-    /**
-     * Returns the path this PROPFIND request is for.
-     *
-     * @return string
-     */
-    public function getPath()
-    {
-        return $this->path;
-    }
+	/**
+	 * Returns the path this PROPFIND request is for.
+	 *
+	 * @return string
+	 */
+	public function getPath()
+	{
+		return $this->path;
+	}
 
-    /**
-     * Returns the depth of this propfind request.
-     *
-     * @return int
-     */
-    public function getDepth()
-    {
-        return $this->depth;
-    }
+	/**
+	 * Returns the depth of this propfind request.
+	 *
+	 * @return int
+	 */
+	public function getDepth()
+	{
+		return $this->depth;
+	}
 
-    /**
-     * Updates the depth of this propfind request.
-     *
-     * @param int $depth
-     */
-    public function setDepth($depth)
-    {
-        $this->depth = $depth;
-    }
+	/**
+	 * Updates the depth of this propfind request.
+	 *
+	 * @param int $depth
+	 */
+	public function setDepth($depth)
+	{
+		$this->depth = $depth;
+	}
 
-    /**
-     * Returns all propertynames that have a 404 status, and thus don't have a
-     * value yet.
-     *
-     * @return array
-     */
-    public function get404Properties()
-    {
-        if (0 === $this->itemsLeft) {
-            return [];
-        }
-        $result = [];
-        foreach ($this->result as $propertyName => $stuff) {
-            if (404 === $stuff[0]) {
-                $result[] = $propertyName;
-            }
-        }
+	/**
+	 * Returns all propertynames that have a 404 status, and thus don't have a
+	 * value yet.
+	 *
+	 * @return array
+	 */
+	public function get404Properties()
+	{
+		if (0 === $this->itemsLeft) {
+			return [];
+		}
+		$result = [];
+		foreach ($this->result as $propertyName => $stuff) {
+			if (404 === $stuff[0]) {
+				$result[] = $propertyName;
+			}
+		}
 
-        return $result;
-    }
+		return $result;
+	}
 
-    /**
-     * Returns the full list of requested properties.
-     *
-     * This returns just their names, not a status or value.
-     *
-     * @return array
-     */
-    public function getRequestedProperties()
-    {
-        return $this->properties;
-    }
+	/**
+	 * Returns the full list of requested properties.
+	 *
+	 * This returns just their names, not a status or value.
+	 *
+	 * @return array
+	 */
+	public function getRequestedProperties()
+	{
+		return $this->properties;
+	}
 
-    /**
-     * Returns true if this was an '{DAV:}allprops' request.
-     *
-     * @return bool
-     */
-    public function isAllProps()
-    {
-        return self::ALLPROPS === $this->requestType;
-    }
+	/**
+	 * Returns true if this was an '{DAV:}allprops' request.
+	 *
+	 * @return bool
+	 */
+	public function isAllProps()
+	{
+		return self::ALLPROPS === $this->requestType;
+	}
 
-    /**
-     * Returns a result array that's often used in multistatus responses.
-     *
-     * The array uses status codes as keys, and property names and value pairs
-     * as the value of the top array.. such as :
-     *
-     * [
-     *  200 => [ '{DAV:}displayname' => 'foo' ],
-     * ]
-     *
-     * @return array
-     */
-    public function getResultForMultiStatus()
-    {
-        $r = [
-            200 => [],
-            404 => [],
-        ];
-        foreach ($this->result as $propertyName => $info) {
-            if (!isset($r[$info[0]])) {
-                $r[$info[0]] = [$propertyName => $info[1]];
-            } else {
-                $r[$info[0]][$propertyName] = $info[1];
-            }
-        }
-        // Removing the 404's for multi-status requests.
-        if (self::ALLPROPS === $this->requestType) {
-            unset($r[404]);
-        }
+	/**
+	 * Returns a result array that's often used in multistatus responses.
+	 *
+	 * The array uses status codes as keys, and property names and value pairs
+	 * as the value of the top array.. such as :
+	 *
+	 * [
+	 *  200 => [ '{DAV:}displayname' => 'foo' ],
+	 * ]
+	 *
+	 * @return array
+	 */
+	public function getResultForMultiStatus()
+	{
+		$r = [
+			200 => [],
+			404 => [],
+		];
+		foreach ($this->result as $propertyName => $info) {
+			if (!isset($r[$info[0]])) {
+				$r[$info[0]] = [$propertyName => $info[1]];
+			} else {
+				$r[$info[0]][$propertyName] = $info[1];
+			}
+		}
+		// Removing the 404's for multi-status requests.
+		if (self::ALLPROPS === $this->requestType) {
+			unset($r[404]);
+		}
 
-        return $r;
-    }
+		return $r;
+	}
 
-    /**
-     * The path that we're fetching properties for.
-     *
-     * @var string
-     */
-    protected $path;
+	/**
+	 * The path that we're fetching properties for.
+	 *
+	 * @var string
+	 */
+	protected $path;
 
-    /**
-     * The Depth of the request.
-     *
-     * 0 means only the current item. 1 means the current item + its children.
-     * It can also be DEPTH_INFINITY if this is enabled in the server.
-     *
-     * @var int
-     */
-    protected $depth = 0;
+	/**
+	 * The Depth of the request.
+	 *
+	 * 0 means only the current item. 1 means the current item + its children.
+	 * It can also be DEPTH_INFINITY if this is enabled in the server.
+	 *
+	 * @var int
+	 */
+	protected $depth = 0;
 
-    /**
-     * The type of request. See the TYPE constants.
-     */
-    protected $requestType;
+	/**
+	 * The type of request. See the TYPE constants.
+	 */
+	protected $requestType;
 
-    /**
-     * A list of requested properties.
-     *
-     * @var array
-     */
-    protected $properties = [];
+	/**
+	 * A list of requested properties.
+	 *
+	 * @var array
+	 */
+	protected $properties = [];
 
-    /**
-     * The result of the operation.
-     *
-     * The keys in this array are property names.
-     * The values are an array with two elements: the http status code and then
-     * optionally a value.
-     *
-     * Example:
-     *
-     * [
-     *    "{DAV:}owner" : [404],
-     *    "{DAV:}displayname" : [200, "Admin"]
-     * ]
-     *
-     * @var array
-     */
-    protected $result = [];
+	/**
+	 * The result of the operation.
+	 *
+	 * The keys in this array are property names.
+	 * The values are an array with two elements: the http status code and then
+	 * optionally a value.
+	 *
+	 * Example:
+	 *
+	 * [
+	 *    "{DAV:}owner" : [404],
+	 *    "{DAV:}displayname" : [200, "Admin"]
+	 * ]
+	 *
+	 * @var array
+	 */
+	protected $result = [];
 
-    /**
-     * This is used as an internal counter for the number of properties that do
-     * not yet have a value.
-     *
-     * @var int
-     */
-    protected $itemsLeft;
+	/**
+	 * This is used as an internal counter for the number of properties that do
+	 * not yet have a value.
+	 *
+	 * @var int
+	 */
+	protected $itemsLeft;
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/PartialUpdate/Plugin.php

Indentation +185 added lines, -185 removed lines

@@ -24,189 +24,189 @@
  */
 class Plugin extends DAV\ServerPlugin
 {
-    const RANGE_APPEND = 1;
-    const RANGE_START = 2;
-    const RANGE_END = 3;
-
-    /**
-     * Reference to server.
-     *
-     * @var DAV\Server
-     */
-    protected $server;
-
-    /**
-     * Initializes the plugin.
-     *
-     * This method is automatically called by the Server class after addPlugin.
-     */
-    public function initialize(DAV\Server $server)
-    {
-        $this->server = $server;
-        $server->on('method:PATCH', [$this, 'httpPatch']);
-    }
-
-    /**
-     * Returns a plugin name.
-     *
-     * Using this name other plugins will be able to access other plugins
-     * using DAV\Server::getPlugin
-     *
-     * @return string
-     */
-    public function getPluginName()
-    {
-        return 'partialupdate';
-    }
-
-    /**
-     * Use this method to tell the server this plugin defines additional
-     * HTTP methods.
-     *
-     * This method is passed a uri. It should only return HTTP methods that are
-     * available for the specified uri.
-     *
-     * We claim to support PATCH method (partirl update) if and only if
-     *     - the node exist
-     *     - the node implements our partial update interface
-     *
-     * @param string $uri
-     *
-     * @return array
-     */
-    public function getHTTPMethods($uri)
-    {
-        $tree = $this->server->tree;
-
-        if ($tree->nodeExists($uri)) {
-            $node = $tree->getNodeForPath($uri);
-            if ($node instanceof IPatchSupport) {
-                return ['PATCH'];
-            }
-        }
-
-        return [];
-    }
-
-    /**
-     * Returns a list of features for the HTTP OPTIONS Dav: header.
-     *
-     * @return array
-     */
-    public function getFeatures()
-    {
-        return ['sabredav-partialupdate'];
-    }
-
-    /**
-     * Patch an uri.
-     *
-     * The WebDAV patch request can be used to modify only a part of an
-     * existing resource. If the resource does not exist yet and the first
-     * offset is not 0, the request fails
-     */
-    public function httpPatch(RequestInterface $request, ResponseInterface $response)
-    {
-        $path = $request->getPath();
-
-        // Get the node. Will throw a 404 if not found
-        $node = $this->server->tree->getNodeForPath($path);
-        if (!$node instanceof IPatchSupport) {
-            throw new DAV\Exception\MethodNotAllowed('The target resource does not support the PATCH method.');
-        }
-
-        $range = $this->getHTTPUpdateRange($request);
-
-        if (!$range) {
-            throw new DAV\Exception\BadRequest('No valid "X-Update-Range" found in the headers');
-        }
-
-        $contentType = strtolower(
-            (string) $request->getHeader('Content-Type')
-        );
-
-        if ('application/x-sabredav-partialupdate' != $contentType) {
-            throw new DAV\Exception\UnsupportedMediaType('Unknown Content-Type header "'.$contentType.'"');
-        }
-
-        $len = $this->server->httpRequest->getHeader('Content-Length');
-        if (!$len) {
-            throw new DAV\Exception\LengthRequired('A Content-Length header is required');
-        }
-        switch ($range[0]) {
-            case self::RANGE_START:
-                // Calculate the end-range if it doesn't exist.
-                if (!$range[2]) {
-                    $range[2] = $range[1] + $len - 1;
-                } else {
-                    if ($range[2] < $range[1]) {
-                        throw new DAV\Exception\RequestedRangeNotSatisfiable('The end offset ('.$range[2].') is lower than the start offset ('.$range[1].')');
-                    }
-                    if ($range[2] - $range[1] + 1 != $len) {
-                        throw new DAV\Exception\RequestedRangeNotSatisfiable('Actual data length ('.$len.') is not consistent with begin ('.$range[1].') and end ('.$range[2].') offsets');
-                    }
-                }
-                break;
-        }
-
-        if (!$this->server->emit('beforeWriteContent', [$path, $node, null])) {
-            return;
-        }
-
-        $body = $this->server->httpRequest->getBody();
-
-        $etag = $node->patch($body, $range[0], isset($range[1]) ? $range[1] : null);
-
-        $this->server->emit('afterWriteContent', [$path, $node]);
-
-        $response->setHeader('Content-Length', '0');
-        if ($etag) {
-            $response->setHeader('ETag', $etag);
-        }
-        $response->setStatus(204);
-
-        // Breaks the event chain
-        return false;
-    }
-
-    /**
-     * Returns the HTTP custom range update header.
-     *
-     * This method returns null if there is no well-formed HTTP range request
-     * header. It returns array(1) if it was an append request, array(2,
-     * $start, $end) if it's a start and end range, lastly it's array(3,
-     * $endoffset) if the offset was negative, and should be calculated from
-     * the end of the file.
-     *
-     * Examples:
-     *
-     * null - invalid
-     * [1] - append
-     * [2,10,15] - update bytes 10, 11, 12, 13, 14, 15
-     * [2,10,null] - update bytes 10 until the end of the patch body
-     * [3,-5] - update from 5 bytes from the end of the file.
-     *
-     * @return array|null
-     */
-    public function getHTTPUpdateRange(RequestInterface $request)
-    {
-        $range = $request->getHeader('X-Update-Range');
-        if (is_null($range)) {
-            return null;
-        }
-
-        // Matching "Range: bytes=1234-5678: both numbers are optional
-
-        if (!preg_match('/^(append)|(?:bytes=([0-9]+)-([0-9]*))|(?:bytes=(-[0-9]+))$/i', $range, $matches)) {
-            return null;
-        }
-
-        if ('append' === $matches[1]) {
-            return [self::RANGE_APPEND];
-        } elseif (strlen($matches[2]) > 0) {
-            return [self::RANGE_START, (int) $matches[2], (int) $matches[3] ?: null];
-        } else {
-            return [self::RANGE_END, (int) $matches[4]];
-        }
-    }
+	const RANGE_APPEND = 1;
+	const RANGE_START = 2;
+	const RANGE_END = 3;
+
+	/**
+	 * Reference to server.
+	 *
+	 * @var DAV\Server
+	 */
+	protected $server;
+
+	/**
+	 * Initializes the plugin.
+	 *
+	 * This method is automatically called by the Server class after addPlugin.
+	 */
+	public function initialize(DAV\Server $server)
+	{
+		$this->server = $server;
+		$server->on('method:PATCH', [$this, 'httpPatch']);
+	}
+
+	/**
+	 * Returns a plugin name.
+	 *
+	 * Using this name other plugins will be able to access other plugins
+	 * using DAV\Server::getPlugin
+	 *
+	 * @return string
+	 */
+	public function getPluginName()
+	{
+		return 'partialupdate';
+	}
+
+	/**
+	 * Use this method to tell the server this plugin defines additional
+	 * HTTP methods.
+	 *
+	 * This method is passed a uri. It should only return HTTP methods that are
+	 * available for the specified uri.
+	 *
+	 * We claim to support PATCH method (partirl update) if and only if
+	 *     - the node exist
+	 *     - the node implements our partial update interface
+	 *
+	 * @param string $uri
+	 *
+	 * @return array
+	 */
+	public function getHTTPMethods($uri)
+	{
+		$tree = $this->server->tree;
+
+		if ($tree->nodeExists($uri)) {
+			$node = $tree->getNodeForPath($uri);
+			if ($node instanceof IPatchSupport) {
+				return ['PATCH'];
+			}
+		}
+
+		return [];
+	}
+
+	/**
+	 * Returns a list of features for the HTTP OPTIONS Dav: header.
+	 *
+	 * @return array
+	 */
+	public function getFeatures()
+	{
+		return ['sabredav-partialupdate'];
+	}
+
+	/**
+	 * Patch an uri.
+	 *
+	 * The WebDAV patch request can be used to modify only a part of an
+	 * existing resource. If the resource does not exist yet and the first
+	 * offset is not 0, the request fails
+	 */
+	public function httpPatch(RequestInterface $request, ResponseInterface $response)
+	{
+		$path = $request->getPath();
+
+		// Get the node. Will throw a 404 if not found
+		$node = $this->server->tree->getNodeForPath($path);
+		if (!$node instanceof IPatchSupport) {
+			throw new DAV\Exception\MethodNotAllowed('The target resource does not support the PATCH method.');
+		}
+
+		$range = $this->getHTTPUpdateRange($request);
+
+		if (!$range) {
+			throw new DAV\Exception\BadRequest('No valid "X-Update-Range" found in the headers');
+		}
+
+		$contentType = strtolower(
+			(string) $request->getHeader('Content-Type')
+		);
+
+		if ('application/x-sabredav-partialupdate' != $contentType) {
+			throw new DAV\Exception\UnsupportedMediaType('Unknown Content-Type header "'.$contentType.'"');
+		}
+
+		$len = $this->server->httpRequest->getHeader('Content-Length');
+		if (!$len) {
+			throw new DAV\Exception\LengthRequired('A Content-Length header is required');
+		}
+		switch ($range[0]) {
+			case self::RANGE_START:
+				// Calculate the end-range if it doesn't exist.
+				if (!$range[2]) {
+					$range[2] = $range[1] + $len - 1;
+				} else {
+					if ($range[2] < $range[1]) {
+						throw new DAV\Exception\RequestedRangeNotSatisfiable('The end offset ('.$range[2].') is lower than the start offset ('.$range[1].')');
+					}
+					if ($range[2] - $range[1] + 1 != $len) {
+						throw new DAV\Exception\RequestedRangeNotSatisfiable('Actual data length ('.$len.') is not consistent with begin ('.$range[1].') and end ('.$range[2].') offsets');
+					}
+				}
+				break;
+		}
+
+		if (!$this->server->emit('beforeWriteContent', [$path, $node, null])) {
+			return;
+		}
+
+		$body = $this->server->httpRequest->getBody();
+
+		$etag = $node->patch($body, $range[0], isset($range[1]) ? $range[1] : null);
+
+		$this->server->emit('afterWriteContent', [$path, $node]);
+
+		$response->setHeader('Content-Length', '0');
+		if ($etag) {
+			$response->setHeader('ETag', $etag);
+		}
+		$response->setStatus(204);
+
+		// Breaks the event chain
+		return false;
+	}
+
+	/**
+	 * Returns the HTTP custom range update header.
+	 *
+	 * This method returns null if there is no well-formed HTTP range request
+	 * header. It returns array(1) if it was an append request, array(2,
+	 * $start, $end) if it's a start and end range, lastly it's array(3,
+	 * $endoffset) if the offset was negative, and should be calculated from
+	 * the end of the file.
+	 *
+	 * Examples:
+	 *
+	 * null - invalid
+	 * [1] - append
+	 * [2,10,15] - update bytes 10, 11, 12, 13, 14, 15
+	 * [2,10,null] - update bytes 10 until the end of the patch body
+	 * [3,-5] - update from 5 bytes from the end of the file.
+	 *
+	 * @return array|null
+	 */
+	public function getHTTPUpdateRange(RequestInterface $request)
+	{
+		$range = $request->getHeader('X-Update-Range');
+		if (is_null($range)) {
+			return null;
+		}
+
+		// Matching "Range: bytes=1234-5678: both numbers are optional
+
+		if (!preg_match('/^(append)|(?:bytes=([0-9]+)-([0-9]*))|(?:bytes=(-[0-9]+))$/i', $range, $matches)) {
+			return null;
+		}
+
+		if ('append' === $matches[1]) {
+			return [self::RANGE_APPEND];
+		} elseif (strlen($matches[2]) > 0) {
+			return [self::RANGE_START, (int) $matches[2], (int) $matches[3] ?: null];
+		} else {
+			return [self::RANGE_END, (int) $matches[4]];
+		}
+	}
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/PartialUpdate/IPatchSupport.php

Indentation +29 added lines, -29 removed lines

@@ -17,33 +17,33 @@
  */
 interface IPatchSupport extends DAV\IFile
 {
-    /**
-     * Updates the file based on a range specification.
-     *
-     * The first argument is the data, which is either a readable stream
-     * resource or a string.
-     *
-     * The second argument is the type of update we're doing.
-     * This is either:
-     * * 1. append
-     * * 2. update based on a start byte
-     * * 3. update based on an end byte
-     *;
-     * The third argument is the start or end byte.
-     *
-     * After a successful put operation, you may choose to return an ETag. The
-     * etag must always be surrounded by double-quotes. These quotes must
-     * appear in the actual string you're returning.
-     *
-     * Clients may use the ETag from a PUT request to later on make sure that
-     * when they update the file, the contents haven't changed in the mean
-     * time.
-     *
-     * @param resource|string $data
-     * @param int             $rangeType
-     * @param int             $offset
-     *
-     * @return string|null
-     */
-    public function patch($data, $rangeType, $offset = null);
+	/**
+	 * Updates the file based on a range specification.
+	 *
+	 * The first argument is the data, which is either a readable stream
+	 * resource or a string.
+	 *
+	 * The second argument is the type of update we're doing.
+	 * This is either:
+	 * * 1. append
+	 * * 2. update based on a start byte
+	 * * 3. update based on an end byte
+	 *;
+	 * The third argument is the start or end byte.
+	 *
+	 * After a successful put operation, you may choose to return an ETag. The
+	 * etag must always be surrounded by double-quotes. These quotes must
+	 * appear in the actual string you're returning.
+	 *
+	 * Clients may use the ETag from a PUT request to later on make sure that
+	 * when they update the file, the contents haven't changed in the mean
+	 * time.
+	 *
+	 * @param resource|string $data
+	 * @param int             $rangeType
+	 * @param int             $offset
+	 *
+	 * @return string|null
+	 */
+	public function patch($data, $rangeType, $offset = null);
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/Browser/Plugin.php

Indentation +722 added lines, -722 removed lines

@@ -26,404 +26,404 @@ 
  */
 class Plugin extends DAV\ServerPlugin
 {
-    /**
-     * reference to server class.
-     *
-     * @var DAV\Server
-     */
-    protected $server;
-
-    /**
-     * enablePost turns on the 'actions' panel, which allows people to create
-     * folders and upload files straight from a browser.
-     *
-     * @var bool
-     */
-    protected $enablePost = true;
-
-    /**
-     * A list of properties that are usually not interesting. This can cut down
-     * the browser output a bit by removing the properties that most people
-     * will likely not want to see.
-     *
-     * @var array
-     */
-    public $uninterestingProperties = [
-        '{DAV:}supportedlock',
-        '{DAV:}acl-restrictions',
+	/**
+	 * reference to server class.
+	 *
+	 * @var DAV\Server
+	 */
+	protected $server;
+
+	/**
+	 * enablePost turns on the 'actions' panel, which allows people to create
+	 * folders and upload files straight from a browser.
+	 *
+	 * @var bool
+	 */
+	protected $enablePost = true;
+
+	/**
+	 * A list of properties that are usually not interesting. This can cut down
+	 * the browser output a bit by removing the properties that most people
+	 * will likely not want to see.
+	 *
+	 * @var array
+	 */
+	public $uninterestingProperties = [
+		'{DAV:}supportedlock',
+		'{DAV:}acl-restrictions',
 //        '{DAV:}supported-privilege-set',
-        '{DAV:}supported-method-set',
-    ];
-
-    /**
-     * Creates the object.
-     *
-     * By default it will allow file creation and uploads.
-     * Specify the first argument as false to disable this
-     *
-     * @param bool $enablePost
-     */
-    public function __construct($enablePost = true)
-    {
-        $this->enablePost = $enablePost;
-    }
-
-    /**
-     * Initializes the plugin and subscribes to events.
-     */
-    public function initialize(DAV\Server $server)
-    {
-        $this->server = $server;
-        $this->server->on('method:GET', [$this, 'httpGetEarly'], 90);
-        $this->server->on('method:GET', [$this, 'httpGet'], 200);
-        $this->server->on('onHTMLActionsPanel', [$this, 'htmlActionsPanel'], 200);
-        if ($this->enablePost) {
-            $this->server->on('method:POST', [$this, 'httpPOST']);
-        }
-    }
-
-    /**
-     * This method intercepts GET requests that have ?sabreAction=info
-     * appended to the URL.
-     */
-    public function httpGetEarly(RequestInterface $request, ResponseInterface $response)
-    {
-        $params = $request->getQueryParameters();
-        if (isset($params['sabreAction']) && 'info' === $params['sabreAction']) {
-            return $this->httpGet($request, $response);
-        }
-    }
-
-    /**
-     * This method intercepts GET requests to collections and returns the html.
-     *
-     * @return bool
-     */
-    public function httpGet(RequestInterface $request, ResponseInterface $response)
-    {
-        // We're not using straight-up $_GET, because we want everything to be
-        // unit testable.
-        $getVars = $request->getQueryParameters();
-
-        // CSP headers
-        $response->setHeader('Content-Security-Policy', "default-src 'none'; img-src 'self'; style-src 'self'; font-src 'self';");
-
-        $sabreAction = isset($getVars['sabreAction']) ? $getVars['sabreAction'] : null;
-
-        switch ($sabreAction) {
-            case 'asset':
-                // Asset handling, such as images
-                $this->serveAsset(isset($getVars['assetName']) ? $getVars['assetName'] : null);
-
-                return false;
-            default:
-            case 'info':
-                try {
-                    $this->server->tree->getNodeForPath($request->getPath());
-                } catch (DAV\Exception\NotFound $e) {
-                    // We're simply stopping when the file isn't found to not interfere
-                    // with other plugins.
-                    return;
-                }
-
-                $response->setStatus(200);
-                $response->setHeader('Content-Type', 'text/html; charset=utf-8');
-
-                $response->setBody(
-                    $this->generateDirectoryIndex($request->getPath())
-                );
-
-                return false;
-
-            case 'plugins':
-                $response->setStatus(200);
-                $response->setHeader('Content-Type', 'text/html; charset=utf-8');
-
-                $response->setBody(
-                    $this->generatePluginListing()
-                );
-
-                return false;
-        }
-    }
-
-    /**
-     * Handles POST requests for tree operations.
-     *
-     * @return bool
-     */
-    public function httpPOST(RequestInterface $request, ResponseInterface $response)
-    {
-        $contentType = $request->getHeader('Content-Type');
-        if (!\is_string($contentType)) {
-            return;
-        }
-        list($contentType) = explode(';', $contentType);
-        if ('application/x-www-form-urlencoded' !== $contentType &&
-            'multipart/form-data' !== $contentType) {
-            return;
-        }
-        $postVars = $request->getPostData();
-
-        if (!isset($postVars['sabreAction'])) {
-            return;
-        }
-
-        $uri = $request->getPath();
-
-        if ($this->server->emit('onBrowserPostAction', [$uri, $postVars['sabreAction'], $postVars])) {
-            switch ($postVars['sabreAction']) {
-                case 'mkcol':
-                    if (isset($postVars['name']) && trim($postVars['name'])) {
-                        // Using basename() because we won't allow slashes
-                        list(, $folderName) = Uri\split(trim($postVars['name']));
-
-                        if (isset($postVars['resourceType'])) {
-                            $resourceType = explode(',', $postVars['resourceType']);
-                        } else {
-                            $resourceType = ['{DAV:}collection'];
-                        }
-
-                        $properties = [];
-                        foreach ($postVars as $varName => $varValue) {
-                            // Any _POST variable in clark notation is treated
-                            // like a property.
-                            if ('{' === $varName[0]) {
-                                // PHP will convert any dots to underscores.
-                                // This leaves us with no way to differentiate
-                                // the two.
-                                // Therefore we replace the string *DOT* with a
-                                // real dot. * is not allowed in uris so we
-                                // should be good.
-                                $varName = str_replace('*DOT*', '.', $varName);
-                                $properties[$varName] = $varValue;
-                            }
-                        }
-
-                        $mkCol = new MkCol(
-                            $resourceType,
-                            $properties
-                        );
-                        $this->server->createCollection($uri.'/'.$folderName, $mkCol);
-                    }
-                    break;
-
-                // @codeCoverageIgnoreStart
-                case 'put':
-                    if ($_FILES) {
-                        $file = current($_FILES);
-                    } else {
-                        break;
-                    }
-
-                    list(, $newName) = Uri\split(trim($file['name']));
-                    if (isset($postVars['name']) && trim($postVars['name'])) {
-                        $newName = trim($postVars['name']);
-                    }
-
-                    // Making sure we only have a 'basename' component
-                    list(, $newName) = Uri\split($newName);
-
-                    if (is_uploaded_file($file['tmp_name'])) {
-                        $this->server->createFile($uri.'/'.$newName, fopen($file['tmp_name'], 'r'));
-                    }
-                    break;
-                // @codeCoverageIgnoreEnd
-            }
-        }
-        $response->setHeader('Location', $request->getUrl());
-        $response->setStatus(302);
-
-        return false;
-    }
-
-    /**
-     * Escapes a string for html.
-     *
-     * @param string $value
-     *
-     * @return string
-     */
-    public function escapeHTML($value)
-    {
-        return htmlspecialchars($value, ENT_QUOTES, 'UTF-8');
-    }
-
-    /**
-     * Generates the html directory index for a given url.
-     *
-     * @param string $path
-     *
-     * @return string
-     */
-    public function generateDirectoryIndex($path)
-    {
-        $html = $this->generateHeader($path ? $path : '/', $path);
-
-        $node = $this->server->tree->getNodeForPath($path);
-        if ($node instanceof DAV\ICollection) {
-            $html .= "<section><h1>Nodes</h1>\n";
-            $html .= '<table class="nodeTable">';
-
-            $subNodes = $this->server->getPropertiesForChildren($path, [
-                '{DAV:}displayname',
-                '{DAV:}resourcetype',
-                '{DAV:}getcontenttype',
-                '{DAV:}getcontentlength',
-                '{DAV:}getlastmodified',
-            ]);
-
-            foreach ($subNodes as $subPath => $subProps) {
-                $subNode = $this->server->tree->getNodeForPath($subPath);
-                $fullPath = $this->server->getBaseUri().HTTP\encodePath($subPath);
-                list(, $displayPath) = Uri\split($subPath);
-
-                $subNodes[$subPath]['subNode'] = $subNode;
-                $subNodes[$subPath]['fullPath'] = $fullPath;
-                $subNodes[$subPath]['displayPath'] = $displayPath;
-            }
-            uasort($subNodes, [$this, 'compareNodes']);
-
-            foreach ($subNodes as $subProps) {
-                $type = [
-                    'string' => 'Unknown',
-                    'icon' => 'cog',
-                ];
-                if (isset($subProps['{DAV:}resourcetype'])) {
-                    $type = $this->mapResourceType($subProps['{DAV:}resourcetype']->getValue(), $subProps['subNode']);
-                }
-
-                $html .= '<tr>';
-                $html .= '<td class="nameColumn"><a href="'.$this->escapeHTML($subProps['fullPath']).'"><span class="oi" data-glyph="'.$this->escapeHTML($type['icon']).'"></span> '.$this->escapeHTML($subProps['displayPath']).'</a></td>';
-                $html .= '<td class="typeColumn">'.$this->escapeHTML($type['string']).'</td>';
-                $html .= '<td>';
-                if (isset($subProps['{DAV:}getcontentlength'])) {
-                    $html .= $this->escapeHTML($subProps['{DAV:}getcontentlength'].' bytes');
-                }
-                $html .= '</td><td>';
-                if (isset($subProps['{DAV:}getlastmodified'])) {
-                    $lastMod = $subProps['{DAV:}getlastmodified']->getTime();
-                    $html .= $this->escapeHTML($lastMod->format('F j, Y, g:i a'));
-                }
-                $html .= '</td><td>';
-                if (isset($subProps['{DAV:}displayname'])) {
-                    $html .= $this->escapeHTML($subProps['{DAV:}displayname']);
-                }
-                $html .= '</td>';
-
-                $buttonActions = '';
-                if ($subProps['subNode'] instanceof DAV\IFile) {
-                    $buttonActions = '<a href="'.$this->escapeHTML($subProps['fullPath']).'?sabreAction=info"><span class="oi" data-glyph="info"></span></a>';
-                }
-                $this->server->emit('browserButtonActions', [$subProps['fullPath'], $subProps['subNode'], &$buttonActions]);
-
-                $html .= '<td>'.$buttonActions.'</td>';
-                $html .= '</tr>';
-            }
-
-            $html .= '</table>';
-        }
-
-        $html .= '</section>';
-        $html .= '<section><h1>Properties</h1>';
-        $html .= '<table class="propTable">';
-
-        // Allprops request
-        $propFind = new PropFindAll($path);
-        $properties = $this->server->getPropertiesByNode($propFind, $node);
-
-        $properties = $propFind->getResultForMultiStatus()[200];
-
-        foreach ($properties as $propName => $propValue) {
-            if (!in_array($propName, $this->uninterestingProperties)) {
-                $html .= $this->drawPropertyRow($propName, $propValue);
-            }
-        }
-
-        $html .= '</table>';
-        $html .= '</section>';
-
-        /* Start of generating actions */
-
-        $output = '';
-        if ($this->enablePost) {
-            $this->server->emit('onHTMLActionsPanel', [$node, &$output, $path]);
-        }
-
-        if ($output) {
-            $html .= '<section><h1>Actions</h1>';
-            $html .= "<div class=\"actions\">\n";
-            $html .= $output;
-            $html .= "</div>\n";
-            $html .= "</section>\n";
-        }
-
-        $html .= $this->generateFooter();
-
-        $this->server->httpResponse->setHeader('Content-Security-Policy', "default-src 'none'; img-src 'self'; style-src 'self'; font-src 'self';");
-
-        return $html;
-    }
-
-    /**
-     * Generates the 'plugins' page.
-     *
-     * @return string
-     */
-    public function generatePluginListing()
-    {
-        $html = $this->generateHeader('Plugins');
-
-        $html .= '<section><h1>Plugins</h1>';
-        $html .= '<table class="propTable">';
-        foreach ($this->server->getPlugins() as $plugin) {
-            $info = $plugin->getPluginInfo();
-            $html .= '<tr><th>'.$info['name'].'</th>';
-            $html .= '<td>'.$info['description'].'</td>';
-            $html .= '<td>';
-            if (isset($info['link']) && $info['link']) {
-                $html .= '<a href="'.$this->escapeHTML($info['link']).'"><span class="oi" data-glyph="book"></span></a>';
-            }
-            $html .= '</td></tr>';
-        }
-        $html .= '</table>';
-        $html .= '</section>';
-
-        /* Start of generating actions */
-
-        $html .= $this->generateFooter();
-
-        return $html;
-    }
-
-    /**
-     * Generates the first block of HTML, including the <head> tag and page
-     * header.
-     *
-     * Returns footer.
-     *
-     * @param string $title
-     * @param string $path
-     *
-     * @return string
-     */
-    public function generateHeader($title, $path = null)
-    {
-        $version = '';
-        if (DAV\Server::$exposeVersion) {
-            $version = DAV\Version::VERSION;
-        }
-
-        $vars = [
-            'title' => $this->escapeHTML($title),
-            'favicon' => $this->escapeHTML($this->getAssetUrl('favicon.ico')),
-            'style' => $this->escapeHTML($this->getAssetUrl('sabredav.css')),
-            'iconstyle' => $this->escapeHTML($this->getAssetUrl('openiconic/open-iconic.css')),
-            'logo' => $this->escapeHTML($this->getAssetUrl('sabredav.png')),
-            'baseUrl' => $this->server->getBaseUri(),
-        ];
-
-        $html = <<<HTML
+		'{DAV:}supported-method-set',
+	];
+
+	/**
+	 * Creates the object.
+	 *
+	 * By default it will allow file creation and uploads.
+	 * Specify the first argument as false to disable this
+	 *
+	 * @param bool $enablePost
+	 */
+	public function __construct($enablePost = true)
+	{
+		$this->enablePost = $enablePost;
+	}
+
+	/**
+	 * Initializes the plugin and subscribes to events.
+	 */
+	public function initialize(DAV\Server $server)
+	{
+		$this->server = $server;
+		$this->server->on('method:GET', [$this, 'httpGetEarly'], 90);
+		$this->server->on('method:GET', [$this, 'httpGet'], 200);
+		$this->server->on('onHTMLActionsPanel', [$this, 'htmlActionsPanel'], 200);
+		if ($this->enablePost) {
+			$this->server->on('method:POST', [$this, 'httpPOST']);
+		}
+	}
+
+	/**
+	 * This method intercepts GET requests that have ?sabreAction=info
+	 * appended to the URL.
+	 */
+	public function httpGetEarly(RequestInterface $request, ResponseInterface $response)
+	{
+		$params = $request->getQueryParameters();
+		if (isset($params['sabreAction']) && 'info' === $params['sabreAction']) {
+			return $this->httpGet($request, $response);
+		}
+	}
+
+	/**
+	 * This method intercepts GET requests to collections and returns the html.
+	 *
+	 * @return bool
+	 */
+	public function httpGet(RequestInterface $request, ResponseInterface $response)
+	{
+		// We're not using straight-up $_GET, because we want everything to be
+		// unit testable.
+		$getVars = $request->getQueryParameters();
+
+		// CSP headers
+		$response->setHeader('Content-Security-Policy', "default-src 'none'; img-src 'self'; style-src 'self'; font-src 'self';");
+
+		$sabreAction = isset($getVars['sabreAction']) ? $getVars['sabreAction'] : null;
+
+		switch ($sabreAction) {
+			case 'asset':
+				// Asset handling, such as images
+				$this->serveAsset(isset($getVars['assetName']) ? $getVars['assetName'] : null);
+
+				return false;
+			default:
+			case 'info':
+				try {
+					$this->server->tree->getNodeForPath($request->getPath());
+				} catch (DAV\Exception\NotFound $e) {
+					// We're simply stopping when the file isn't found to not interfere
+					// with other plugins.
+					return;
+				}
+
+				$response->setStatus(200);
+				$response->setHeader('Content-Type', 'text/html; charset=utf-8');
+
+				$response->setBody(
+					$this->generateDirectoryIndex($request->getPath())
+				);
+
+				return false;
+
+			case 'plugins':
+				$response->setStatus(200);
+				$response->setHeader('Content-Type', 'text/html; charset=utf-8');
+
+				$response->setBody(
+					$this->generatePluginListing()
+				);
+
+				return false;
+		}
+	}
+
+	/**
+	 * Handles POST requests for tree operations.
+	 *
+	 * @return bool
+	 */
+	public function httpPOST(RequestInterface $request, ResponseInterface $response)
+	{
+		$contentType = $request->getHeader('Content-Type');
+		if (!\is_string($contentType)) {
+			return;
+		}
+		list($contentType) = explode(';', $contentType);
+		if ('application/x-www-form-urlencoded' !== $contentType &&
+			'multipart/form-data' !== $contentType) {
+			return;
+		}
+		$postVars = $request->getPostData();
+
+		if (!isset($postVars['sabreAction'])) {
+			return;
+		}
+
+		$uri = $request->getPath();
+
+		if ($this->server->emit('onBrowserPostAction', [$uri, $postVars['sabreAction'], $postVars])) {
+			switch ($postVars['sabreAction']) {
+				case 'mkcol':
+					if (isset($postVars['name']) && trim($postVars['name'])) {
+						// Using basename() because we won't allow slashes
+						list(, $folderName) = Uri\split(trim($postVars['name']));
+
+						if (isset($postVars['resourceType'])) {
+							$resourceType = explode(',', $postVars['resourceType']);
+						} else {
+							$resourceType = ['{DAV:}collection'];
+						}
+
+						$properties = [];
+						foreach ($postVars as $varName => $varValue) {
+							// Any _POST variable in clark notation is treated
+							// like a property.
+							if ('{' === $varName[0]) {
+								// PHP will convert any dots to underscores.
+								// This leaves us with no way to differentiate
+								// the two.
+								// Therefore we replace the string *DOT* with a
+								// real dot. * is not allowed in uris so we
+								// should be good.
+								$varName = str_replace('*DOT*', '.', $varName);
+								$properties[$varName] = $varValue;
+							}
+						}
+
+						$mkCol = new MkCol(
+							$resourceType,
+							$properties
+						);
+						$this->server->createCollection($uri.'/'.$folderName, $mkCol);
+					}
+					break;
+
+				// @codeCoverageIgnoreStart
+				case 'put':
+					if ($_FILES) {
+						$file = current($_FILES);
+					} else {
+						break;
+					}
+
+					list(, $newName) = Uri\split(trim($file['name']));
+					if (isset($postVars['name']) && trim($postVars['name'])) {
+						$newName = trim($postVars['name']);
+					}
+
+					// Making sure we only have a 'basename' component
+					list(, $newName) = Uri\split($newName);
+
+					if (is_uploaded_file($file['tmp_name'])) {
+						$this->server->createFile($uri.'/'.$newName, fopen($file['tmp_name'], 'r'));
+					}
+					break;
+				// @codeCoverageIgnoreEnd
+			}
+		}
+		$response->setHeader('Location', $request->getUrl());
+		$response->setStatus(302);
+
+		return false;
+	}
+
+	/**
+	 * Escapes a string for html.
+	 *
+	 * @param string $value
+	 *
+	 * @return string
+	 */
+	public function escapeHTML($value)
+	{
+		return htmlspecialchars($value, ENT_QUOTES, 'UTF-8');
+	}
+
+	/**
+	 * Generates the html directory index for a given url.
+	 *
+	 * @param string $path
+	 *
+	 * @return string
+	 */
+	public function generateDirectoryIndex($path)
+	{
+		$html = $this->generateHeader($path ? $path : '/', $path);
+
+		$node = $this->server->tree->getNodeForPath($path);
+		if ($node instanceof DAV\ICollection) {
+			$html .= "<section><h1>Nodes</h1>\n";
+			$html .= '<table class="nodeTable">';
+
+			$subNodes = $this->server->getPropertiesForChildren($path, [
+				'{DAV:}displayname',
+				'{DAV:}resourcetype',
+				'{DAV:}getcontenttype',
+				'{DAV:}getcontentlength',
+				'{DAV:}getlastmodified',
+			]);
+
+			foreach ($subNodes as $subPath => $subProps) {
+				$subNode = $this->server->tree->getNodeForPath($subPath);
+				$fullPath = $this->server->getBaseUri().HTTP\encodePath($subPath);
+				list(, $displayPath) = Uri\split($subPath);
+
+				$subNodes[$subPath]['subNode'] = $subNode;
+				$subNodes[$subPath]['fullPath'] = $fullPath;
+				$subNodes[$subPath]['displayPath'] = $displayPath;
+			}
+			uasort($subNodes, [$this, 'compareNodes']);
+
+			foreach ($subNodes as $subProps) {
+				$type = [
+					'string' => 'Unknown',
+					'icon' => 'cog',
+				];
+				if (isset($subProps['{DAV:}resourcetype'])) {
+					$type = $this->mapResourceType($subProps['{DAV:}resourcetype']->getValue(), $subProps['subNode']);
+				}
+
+				$html .= '<tr>';
+				$html .= '<td class="nameColumn"><a href="'.$this->escapeHTML($subProps['fullPath']).'"><span class="oi" data-glyph="'.$this->escapeHTML($type['icon']).'"></span> '.$this->escapeHTML($subProps['displayPath']).'</a></td>';
+				$html .= '<td class="typeColumn">'.$this->escapeHTML($type['string']).'</td>';
+				$html .= '<td>';
+				if (isset($subProps['{DAV:}getcontentlength'])) {
+					$html .= $this->escapeHTML($subProps['{DAV:}getcontentlength'].' bytes');
+				}
+				$html .= '</td><td>';
+				if (isset($subProps['{DAV:}getlastmodified'])) {
+					$lastMod = $subProps['{DAV:}getlastmodified']->getTime();
+					$html .= $this->escapeHTML($lastMod->format('F j, Y, g:i a'));
+				}
+				$html .= '</td><td>';
+				if (isset($subProps['{DAV:}displayname'])) {
+					$html .= $this->escapeHTML($subProps['{DAV:}displayname']);
+				}
+				$html .= '</td>';
+
+				$buttonActions = '';
+				if ($subProps['subNode'] instanceof DAV\IFile) {
+					$buttonActions = '<a href="'.$this->escapeHTML($subProps['fullPath']).'?sabreAction=info"><span class="oi" data-glyph="info"></span></a>';
+				}
+				$this->server->emit('browserButtonActions', [$subProps['fullPath'], $subProps['subNode'], &$buttonActions]);
+
+				$html .= '<td>'.$buttonActions.'</td>';
+				$html .= '</tr>';
+			}
+
+			$html .= '</table>';
+		}
+
+		$html .= '</section>';
+		$html .= '<section><h1>Properties</h1>';
+		$html .= '<table class="propTable">';
+
+		// Allprops request
+		$propFind = new PropFindAll($path);
+		$properties = $this->server->getPropertiesByNode($propFind, $node);
+
+		$properties = $propFind->getResultForMultiStatus()[200];
+
+		foreach ($properties as $propName => $propValue) {
+			if (!in_array($propName, $this->uninterestingProperties)) {
+				$html .= $this->drawPropertyRow($propName, $propValue);
+			}
+		}
+
+		$html .= '</table>';
+		$html .= '</section>';
+
+		/* Start of generating actions */
+
+		$output = '';
+		if ($this->enablePost) {
+			$this->server->emit('onHTMLActionsPanel', [$node, &$output, $path]);
+		}
+
+		if ($output) {
+			$html .= '<section><h1>Actions</h1>';
+			$html .= "<div class=\"actions\">\n";
+			$html .= $output;
+			$html .= "</div>\n";
+			$html .= "</section>\n";
+		}
+
+		$html .= $this->generateFooter();
+
+		$this->server->httpResponse->setHeader('Content-Security-Policy', "default-src 'none'; img-src 'self'; style-src 'self'; font-src 'self';");
+
+		return $html;
+	}
+
+	/**
+	 * Generates the 'plugins' page.
+	 *
+	 * @return string
+	 */
+	public function generatePluginListing()
+	{
+		$html = $this->generateHeader('Plugins');
+
+		$html .= '<section><h1>Plugins</h1>';
+		$html .= '<table class="propTable">';
+		foreach ($this->server->getPlugins() as $plugin) {
+			$info = $plugin->getPluginInfo();
+			$html .= '<tr><th>'.$info['name'].'</th>';
+			$html .= '<td>'.$info['description'].'</td>';
+			$html .= '<td>';
+			if (isset($info['link']) && $info['link']) {
+				$html .= '<a href="'.$this->escapeHTML($info['link']).'"><span class="oi" data-glyph="book"></span></a>';
+			}
+			$html .= '</td></tr>';
+		}
+		$html .= '</table>';
+		$html .= '</section>';
+
+		/* Start of generating actions */
+
+		$html .= $this->generateFooter();
+
+		return $html;
+	}
+
+	/**
+	 * Generates the first block of HTML, including the <head> tag and page
+	 * header.
+	 *
+	 * Returns footer.
+	 *
+	 * @param string $title
+	 * @param string $path
+	 *
+	 * @return string
+	 */
+	public function generateHeader($title, $path = null)
+	{
+		$version = '';
+		if (DAV\Server::$exposeVersion) {
+			$version = DAV\Version::VERSION;
+		}
+
+		$vars = [
+			'title' => $this->escapeHTML($title),
+			'favicon' => $this->escapeHTML($this->getAssetUrl('favicon.ico')),
+			'style' => $this->escapeHTML($this->getAssetUrl('sabredav.css')),
+			'iconstyle' => $this->escapeHTML($this->getAssetUrl('openiconic/open-iconic.css')),
+			'logo' => $this->escapeHTML($this->getAssetUrl('sabredav.png')),
+			'baseUrl' => $this->server->getBaseUri(),
+		];
+
+		$html = <<<HTML
 <!DOCTYPE html>
 <html>
 <head>
@@ -443,67 +443,67 @@ 
     <nav>
 HTML;
 
-        // If the path is empty, there's no parent.
-        if ($path) {
-            list($parentUri) = Uri\split($path);
-            $fullPath = $this->server->getBaseUri().HTTP\encodePath($parentUri);
-            $html .= '<a href="'.$fullPath.'" class="btn">⇤ Go to parent</a>';
-        } else {
-            $html .= '<span class="btn disabled">⇤ Go to parent</span>';
-        }
-
-        $html .= ' <a href="?sabreAction=plugins" class="btn"><span class="oi" data-glyph="puzzle-piece"></span> Plugins</a>';
-
-        $html .= '</nav>';
-
-        return $html;
-    }
-
-    /**
-     * Generates the page footer.
-     *
-     * Returns html.
-     *
-     * @return string
-     */
-    public function generateFooter()
-    {
-        $version = '';
-        if (DAV\Server::$exposeVersion) {
-            $version = DAV\Version::VERSION;
-        }
-        $year = date('Y');
-
-        return <<<HTML
+		// If the path is empty, there's no parent.
+		if ($path) {
+			list($parentUri) = Uri\split($path);
+			$fullPath = $this->server->getBaseUri().HTTP\encodePath($parentUri);
+			$html .= '<a href="'.$fullPath.'" class="btn">⇤ Go to parent</a>';
+		} else {
+			$html .= '<span class="btn disabled">⇤ Go to parent</span>';
+		}
+
+		$html .= ' <a href="?sabreAction=plugins" class="btn"><span class="oi" data-glyph="puzzle-piece"></span> Plugins</a>';
+
+		$html .= '</nav>';
+
+		return $html;
+	}
+
+	/**
+	 * Generates the page footer.
+	 *
+	 * Returns html.
+	 *
+	 * @return string
+	 */
+	public function generateFooter()
+	{
+		$version = '';
+		if (DAV\Server::$exposeVersion) {
+			$version = DAV\Version::VERSION;
+		}
+		$year = date('Y');
+
+		return <<<HTML
 <footer>Generated by SabreDAV $version (c)2007-$year <a href="http://sabre.io/">http://sabre.io/</a></footer>
 </body>
 </html>
 HTML;
-    }
-
-    /**
-     * This method is used to generate the 'actions panel' output for
-     * collections.
-     *
-     * This specifically generates the interfaces for creating new files, and
-     * creating new directories.
-     *
-     * @param mixed  $output
-     * @param string $path
-     */
-    public function htmlActionsPanel(DAV\INode $node, &$output, $path)
-    {
-        if (!$node instanceof DAV\ICollection) {
-            return;
-        }
-
-        // We also know fairly certain that if an object is a non-extended
-        // SimpleCollection, we won't need to show the panel either.
-        if ('Sabre\\DAV\\SimpleCollection' === get_class($node)) {
-            return;
-        }
-
-        $output .= <<<HTML
+	}
+
+	/**
+	 * This method is used to generate the 'actions panel' output for
+	 * collections.
+	 *
+	 * This specifically generates the interfaces for creating new files, and
+	 * creating new directories.
+	 *
+	 * @param mixed  $output
+	 * @param string $path
+	 */
+	public function htmlActionsPanel(DAV\INode $node, &$output, $path)
+	{
+		if (!$node instanceof DAV\ICollection) {
+			return;
+		}
+
+		// We also know fairly certain that if an object is a non-extended
+		// SimpleCollection, we won't need to show the panel either.
+		if ('Sabre\\DAV\\SimpleCollection' === get_class($node)) {
+			return;
+		}
+
+		$output .= <<<HTML
 <form method="post" action="">
 <h3>Create new folder</h3>
 <input type="hidden" name="sabreAction" value="mkcol" />
@@ -518,272 +518,272 @@ 
 <input type="submit" value="upload" />
 </form>
 HTML;
-    }
-
-    /**
-     * This method takes a path/name of an asset and turns it into url
-     * suiteable for http access.
-     *
-     * @param string $assetName
-     *
-     * @return string
-     */
-    protected function getAssetUrl($assetName)
-    {
-        return $this->server->getBaseUri().'?sabreAction=asset&assetName='.urlencode($assetName);
-    }
-
-    /**
-     * This method returns a local pathname to an asset.
-     *
-     * @param string $assetName
-     *
-     * @throws DAV\Exception\NotFound
-     *
-     * @return string
-     */
-    protected function getLocalAssetPath($assetName)
-    {
-        $assetDir = __DIR__.'/assets/';
-        $path = $assetDir.$assetName;
-
-        // Making sure people aren't trying to escape from the base path.
-        $path = str_replace('\\', '/', $path);
-        if (false !== strpos($path, '/../') || '/..' === strrchr($path, '/')) {
-            throw new DAV\Exception\NotFound('Path does not exist, or escaping from the base path was detected');
-        }
-        $realPath = realpath($path);
-        if ($realPath && 0 === strpos($realPath, realpath($assetDir)) && file_exists($path)) {
-            return $path;
-        }
-        throw new DAV\Exception\NotFound('Path does not exist, or escaping from the base path was detected');
-    }
-
-    /**
-     * This method reads an asset from disk and generates a full http response.
-     *
-     * @param string $assetName
-     */
-    protected function serveAsset($assetName)
-    {
-        $assetPath = $this->getLocalAssetPath($assetName);
-
-        // Rudimentary mime type detection
-        $mime = 'application/octet-stream';
-        $map = [
-            'ico' => 'image/vnd.microsoft.icon',
-            'png' => 'image/png',
-            'css' => 'text/css',
-        ];
-
-        $ext = substr($assetName, strrpos($assetName, '.') + 1);
-        if (isset($map[$ext])) {
-            $mime = $map[$ext];
-        }
-
-        $this->server->httpResponse->setHeader('Content-Type', $mime);
-        $this->server->httpResponse->setHeader('Content-Length', filesize($assetPath));
-        $this->server->httpResponse->setHeader('Cache-Control', 'public, max-age=1209600');
-        $this->server->httpResponse->setStatus(200);
-        $this->server->httpResponse->setBody(fopen($assetPath, 'r'));
-    }
-
-    /**
-     * Sort helper function: compares two directory entries based on type and
-     * display name. Collections sort above other types.
-     *
-     * @param array $a
-     * @param array $b
-     *
-     * @return int
-     */
-    protected function compareNodes($a, $b)
-    {
-        $typeA = (isset($a['{DAV:}resourcetype']))
-            ? (in_array('{DAV:}collection', $a['{DAV:}resourcetype']->getValue()))
-            : false;
-
-        $typeB = (isset($b['{DAV:}resourcetype']))
-            ? (in_array('{DAV:}collection', $b['{DAV:}resourcetype']->getValue()))
-            : false;
-
-        // If same type, sort alphabetically by filename:
-        if ($typeA === $typeB) {
-            return strnatcasecmp($a['displayPath'], $b['displayPath']);
-        }
-
-        return ($typeA < $typeB) ? 1 : -1;
-    }
-
-    /**
-     * Maps a resource type to a human-readable string and icon.
-     *
-     * @param DAV\INode $node
-     *
-     * @return array
-     */
-    private function mapResourceType(array $resourceTypes, $node)
-    {
-        if (!$resourceTypes) {
-            if ($node instanceof DAV\IFile) {
-                return [
-                    'string' => 'File',
-                    'icon' => 'file',
-                ];
-            } else {
-                return [
-                    'string' => 'Unknown',
-                    'icon' => 'cog',
-                ];
-            }
-        }
-
-        $types = [
-            '{http://calendarserver.org/ns/}calendar-proxy-write' => [
-                'string' => 'Proxy-Write',
-                'icon' => 'people',
-            ],
-            '{http://calendarserver.org/ns/}calendar-proxy-read' => [
-                'string' => 'Proxy-Read',
-                'icon' => 'people',
-            ],
-            '{urn:ietf:params:xml:ns:caldav}schedule-outbox' => [
-                'string' => 'Outbox',
-                'icon' => 'inbox',
-            ],
-            '{urn:ietf:params:xml:ns:caldav}schedule-inbox' => [
-                'string' => 'Inbox',
-                'icon' => 'inbox',
-            ],
-            '{urn:ietf:params:xml:ns:caldav}calendar' => [
-                'string' => 'Calendar',
-                'icon' => 'calendar',
-            ],
-            '{http://calendarserver.org/ns/}shared-owner' => [
-                'string' => 'Shared',
-                'icon' => 'calendar',
-            ],
-            '{http://calendarserver.org/ns/}subscribed' => [
-                'string' => 'Subscription',
-                'icon' => 'calendar',
-            ],
-            '{urn:ietf:params:xml:ns:carddav}directory' => [
-                'string' => 'Directory',
-                'icon' => 'globe',
-            ],
-            '{urn:ietf:params:xml:ns:carddav}addressbook' => [
-                'string' => 'Address book',
-                'icon' => 'book',
-            ],
-            '{DAV:}principal' => [
-                'string' => 'Principal',
-                'icon' => 'person',
-            ],
-            '{DAV:}collection' => [
-                'string' => 'Collection',
-                'icon' => 'folder',
-            ],
-        ];
-
-        $info = [
-            'string' => [],
-            'icon' => 'cog',
-        ];
-        foreach ($resourceTypes as $k => $resourceType) {
-            if (isset($types[$resourceType])) {
-                $info['string'][] = $types[$resourceType]['string'];
-            } else {
-                $info['string'][] = $resourceType;
-            }
-        }
-        foreach ($types as $key => $resourceInfo) {
-            if (in_array($key, $resourceTypes)) {
-                $info['icon'] = $resourceInfo['icon'];
-                break;
-            }
-        }
-        $info['string'] = implode(', ', $info['string']);
-
-        return $info;
-    }
-
-    /**
-     * Draws a table row for a property.
-     *
-     * @param string $name
-     * @param mixed  $value
-     *
-     * @return string
-     */
-    private function drawPropertyRow($name, $value)
-    {
-        $html = new HtmlOutputHelper(
-            $this->server->getBaseUri(),
-            $this->server->xml->namespaceMap
-        );
-
-        return '<tr><th>'.$html->xmlName($name).'</th><td>'.$this->drawPropertyValue($html, $value).'</td></tr>';
-    }
-
-    /**
-     * Draws a table row for a property.
-     *
-     * @param HtmlOutputHelper $html
-     * @param mixed            $value
-     *
-     * @return string
-     */
-    private function drawPropertyValue($html, $value)
-    {
-        if (is_scalar($value)) {
-            return $html->h($value);
-        } elseif ($value instanceof HtmlOutput) {
-            return $value->toHtml($html);
-        } elseif ($value instanceof \Sabre\Xml\XmlSerializable) {
-            // There's no default html output for this property, we're going
-            // to output the actual xml serialization instead.
-            $xml = $this->server->xml->write('{DAV:}root', $value, $this->server->getBaseUri());
-            // removing first and last line, as they contain our root
-            // element.
-            $xml = explode("\n", $xml);
-            $xml = array_slice($xml, 2, -2);
-
-            return '<pre>'.$html->h(implode("\n", $xml)).'</pre>';
-        } else {
-            return '<em>unknown</em>';
-        }
-    }
-
-    /**
-     * Returns a plugin name.
-     *
-     * Using this name other plugins will be able to access other plugins;
-     * using \Sabre\DAV\Server::getPlugin
-     *
-     * @return string
-     */
-    public function getPluginName()
-    {
-        return 'browser';
-    }
-
-    /**
-     * Returns a bunch of meta-data about the plugin.
-     *
-     * Providing this information is optional, and is mainly displayed by the
-     * Browser plugin.
-     *
-     * The description key in the returned array may contain html and will not
-     * be sanitized.
-     *
-     * @return array
-     */
-    public function getPluginInfo()
-    {
-        return [
-            'name' => $this->getPluginName(),
-            'description' => 'Generates HTML indexes and debug information for your sabre/dav server',
-            'link' => 'http://sabre.io/dav/browser-plugin/',
-        ];
-    }
+	}
+
+	/**
+	 * This method takes a path/name of an asset and turns it into url
+	 * suiteable for http access.
+	 *
+	 * @param string $assetName
+	 *
+	 * @return string
+	 */
+	protected function getAssetUrl($assetName)
+	{
+		return $this->server->getBaseUri().'?sabreAction=asset&assetName='.urlencode($assetName);
+	}
+
+	/**
+	 * This method returns a local pathname to an asset.
+	 *
+	 * @param string $assetName
+	 *
+	 * @throws DAV\Exception\NotFound
+	 *
+	 * @return string
+	 */
+	protected function getLocalAssetPath($assetName)
+	{
+		$assetDir = __DIR__.'/assets/';
+		$path = $assetDir.$assetName;
+
+		// Making sure people aren't trying to escape from the base path.
+		$path = str_replace('\\', '/', $path);
+		if (false !== strpos($path, '/../') || '/..' === strrchr($path, '/')) {
+			throw new DAV\Exception\NotFound('Path does not exist, or escaping from the base path was detected');
+		}
+		$realPath = realpath($path);
+		if ($realPath && 0 === strpos($realPath, realpath($assetDir)) && file_exists($path)) {
+			return $path;
+		}
+		throw new DAV\Exception\NotFound('Path does not exist, or escaping from the base path was detected');
+	}
+
+	/**
+	 * This method reads an asset from disk and generates a full http response.
+	 *
+	 * @param string $assetName
+	 */
+	protected function serveAsset($assetName)
+	{
+		$assetPath = $this->getLocalAssetPath($assetName);
+
+		// Rudimentary mime type detection
+		$mime = 'application/octet-stream';
+		$map = [
+			'ico' => 'image/vnd.microsoft.icon',
+			'png' => 'image/png',
+			'css' => 'text/css',
+		];
+
+		$ext = substr($assetName, strrpos($assetName, '.') + 1);
+		if (isset($map[$ext])) {
+			$mime = $map[$ext];
+		}
+
+		$this->server->httpResponse->setHeader('Content-Type', $mime);
+		$this->server->httpResponse->setHeader('Content-Length', filesize($assetPath));
+		$this->server->httpResponse->setHeader('Cache-Control', 'public, max-age=1209600');
+		$this->server->httpResponse->setStatus(200);
+		$this->server->httpResponse->setBody(fopen($assetPath, 'r'));
+	}
+
+	/**
+	 * Sort helper function: compares two directory entries based on type and
+	 * display name. Collections sort above other types.
+	 *
+	 * @param array $a
+	 * @param array $b
+	 *
+	 * @return int
+	 */
+	protected function compareNodes($a, $b)
+	{
+		$typeA = (isset($a['{DAV:}resourcetype']))
+			? (in_array('{DAV:}collection', $a['{DAV:}resourcetype']->getValue()))
+			: false;
+
+		$typeB = (isset($b['{DAV:}resourcetype']))
+			? (in_array('{DAV:}collection', $b['{DAV:}resourcetype']->getValue()))
+			: false;
+
+		// If same type, sort alphabetically by filename:
+		if ($typeA === $typeB) {
+			return strnatcasecmp($a['displayPath'], $b['displayPath']);
+		}
+
+		return ($typeA < $typeB) ? 1 : -1;
+	}
+
+	/**
+	 * Maps a resource type to a human-readable string and icon.
+	 *
+	 * @param DAV\INode $node
+	 *
+	 * @return array
+	 */
+	private function mapResourceType(array $resourceTypes, $node)
+	{
+		if (!$resourceTypes) {
+			if ($node instanceof DAV\IFile) {
+				return [
+					'string' => 'File',
+					'icon' => 'file',
+				];
+			} else {
+				return [
+					'string' => 'Unknown',
+					'icon' => 'cog',
+				];
+			}
+		}
+
+		$types = [
+			'{http://calendarserver.org/ns/}calendar-proxy-write' => [
+				'string' => 'Proxy-Write',
+				'icon' => 'people',
+			],
+			'{http://calendarserver.org/ns/}calendar-proxy-read' => [
+				'string' => 'Proxy-Read',
+				'icon' => 'people',
+			],
+			'{urn:ietf:params:xml:ns:caldav}schedule-outbox' => [
+				'string' => 'Outbox',
+				'icon' => 'inbox',
+			],
+			'{urn:ietf:params:xml:ns:caldav}schedule-inbox' => [
+				'string' => 'Inbox',
+				'icon' => 'inbox',
+			],
+			'{urn:ietf:params:xml:ns:caldav}calendar' => [
+				'string' => 'Calendar',
+				'icon' => 'calendar',
+			],
+			'{http://calendarserver.org/ns/}shared-owner' => [
+				'string' => 'Shared',
+				'icon' => 'calendar',
+			],
+			'{http://calendarserver.org/ns/}subscribed' => [
+				'string' => 'Subscription',
+				'icon' => 'calendar',
+			],
+			'{urn:ietf:params:xml:ns:carddav}directory' => [
+				'string' => 'Directory',
+				'icon' => 'globe',
+			],
+			'{urn:ietf:params:xml:ns:carddav}addressbook' => [
+				'string' => 'Address book',
+				'icon' => 'book',
+			],
+			'{DAV:}principal' => [
+				'string' => 'Principal',
+				'icon' => 'person',
+			],
+			'{DAV:}collection' => [
+				'string' => 'Collection',
+				'icon' => 'folder',
+			],
+		];
+
+		$info = [
+			'string' => [],
+			'icon' => 'cog',
+		];
+		foreach ($resourceTypes as $k => $resourceType) {
+			if (isset($types[$resourceType])) {
+				$info['string'][] = $types[$resourceType]['string'];
+			} else {
+				$info['string'][] = $resourceType;
+			}
+		}
+		foreach ($types as $key => $resourceInfo) {
+			if (in_array($key, $resourceTypes)) {
+				$info['icon'] = $resourceInfo['icon'];
+				break;
+			}
+		}
+		$info['string'] = implode(', ', $info['string']);
+
+		return $info;
+	}
+
+	/**
+	 * Draws a table row for a property.
+	 *
+	 * @param string $name
+	 * @param mixed  $value
+	 *
+	 * @return string
+	 */
+	private function drawPropertyRow($name, $value)
+	{
+		$html = new HtmlOutputHelper(
+			$this->server->getBaseUri(),
+			$this->server->xml->namespaceMap
+		);
+
+		return '<tr><th>'.$html->xmlName($name).'</th><td>'.$this->drawPropertyValue($html, $value).'</td></tr>';
+	}
+
+	/**
+	 * Draws a table row for a property.
+	 *
+	 * @param HtmlOutputHelper $html
+	 * @param mixed            $value
+	 *
+	 * @return string
+	 */
+	private function drawPropertyValue($html, $value)
+	{
+		if (is_scalar($value)) {
+			return $html->h($value);
+		} elseif ($value instanceof HtmlOutput) {
+			return $value->toHtml($html);
+		} elseif ($value instanceof \Sabre\Xml\XmlSerializable) {
+			// There's no default html output for this property, we're going
+			// to output the actual xml serialization instead.
+			$xml = $this->server->xml->write('{DAV:}root', $value, $this->server->getBaseUri());
+			// removing first and last line, as they contain our root
+			// element.
+			$xml = explode("\n", $xml);
+			$xml = array_slice($xml, 2, -2);
+
+			return '<pre>'.$html->h(implode("\n", $xml)).'</pre>';
+		} else {
+			return '<em>unknown</em>';
+		}
+	}
+
+	/**
+	 * Returns a plugin name.
+	 *
+	 * Using this name other plugins will be able to access other plugins;
+	 * using \Sabre\DAV\Server::getPlugin
+	 *
+	 * @return string
+	 */
+	public function getPluginName()
+	{
+		return 'browser';
+	}
+
+	/**
+	 * Returns a bunch of meta-data about the plugin.
+	 *
+	 * Providing this information is optional, and is mainly displayed by the
+	 * Browser plugin.
+	 *
+	 * The description key in the returned array may contain html and will not
+	 * be sanitized.
+	 *
+	 * @return array
+	 */
+	public function getPluginInfo()
+	{
+		return [
+			'name' => $this->getPluginName(),
+			'description' => 'Generates HTML indexes and debug information for your sabre/dav server',
+			'link' => 'http://sabre.io/dav/browser-plugin/',
+		];
+	}
 }

Upper-Lower-Casing +3 added lines, -3 removed lines

@@ -441,7 +441,7 @@ 
     </header>
 
     <nav>
-HTML;
+html;
 
         // If the path is empty, there's no parent.
         if ($path) {
@@ -478,7 +478,7 @@ 
 <footer>Generated by SabreDAV $version (c)2007-$year <a href="http://sabre.io/">http://sabre.io/</a></footer>
 </body>
 </html>
-HTML;
+html;
     }
 
     /**
@@ -517,7 +517,7 @@ 
 <label>File:</label> <input type="file" name="file" /><br />
 <input type="submit" value="upload" />
 </form>
-HTML;
+html;
     }
 
     /**

htdocs/includes/sabre/sabre/dav/lib/DAV/Browser/HtmlOutput.php

Indentation +14 added lines, -14 removed lines

@@ -17,18 +17,18 @@
  */
 interface HtmlOutput
 {
-    /**
-     * Generate html representation for this value.
-     *
-     * The html output is 100% trusted, and no effort is being made to sanitize
-     * it. It's up to the implementor to sanitize user provided values.
-     *
-     * The output must be in UTF-8.
-     *
-     * The baseUri parameter is a url to the root of the application, and can
-     * be used to construct local links.
-     *
-     * @return string
-     */
-    public function toHtml(HtmlOutputHelper $html);
+	/**
+	 * Generate html representation for this value.
+	 *
+	 * The html output is 100% trusted, and no effort is being made to sanitize
+	 * it. It's up to the implementor to sanitize user provided values.
+	 *
+	 * The output must be in UTF-8.
+	 *
+	 * The baseUri parameter is a url to the root of the application, and can
+	 * be used to construct local links.
+	 *
+	 * @return string
+	 */
+	public function toHtml(HtmlOutputHelper $html);
 }