nextcloud /
server
@@ -128,7 +128,7 @@ discard block |
||
| 128 | 128 | * @param string $stream |
| 129 | 129 | * @see http://www.php.net/manual/en/reserved.variables.php |
| 130 | 130 | */ |
| 131 | - public function __construct(array $vars=array(), |
|
| 131 | + public function __construct(array $vars = array(), |
|
| 132 | 132 | ISecureRandom $secureRandom = null, |
| 133 | 133 | IConfig $config, |
| 134 | 134 | CsrfTokenManager $csrfTokenManager = null, |
@@ -139,11 +139,11 @@ discard block |
||
| 139 | 139 | $this->config = $config; |
| 140 | 140 | $this->csrfTokenManager = $csrfTokenManager; |
| 141 | 141 | |
| 142 | - if(!array_key_exists('method', $vars)) { |
|
| 142 | + if (!array_key_exists('method', $vars)) { |
|
| 143 | 143 | $vars['method'] = 'GET'; |
| 144 | 144 | } |
| 145 | 145 | |
| 146 | - foreach($this->allowedKeys as $name) { |
|
| 146 | + foreach ($this->allowedKeys as $name) { |
|
| 147 | 147 | $this->items[$name] = isset($vars[$name]) |
| 148 | 148 | ? $vars[$name] |
| 149 | 149 | : array(); |
@@ -248,12 +248,12 @@ discard block |
||
| 248 | 248 | * @return mixed|null |
| 249 | 249 | */ |
| 250 | 250 | public function __get($name) { |
| 251 | - switch($name) { |
|
| 251 | + switch ($name) { |
|
| 252 | 252 | case 'put': |
| 253 | 253 | case 'patch': |
| 254 | 254 | case 'get': |
| 255 | 255 | case 'post': |
| 256 | - if($this->method !== strtoupper($name)) { |
|
| 256 | + if ($this->method !== strtoupper($name)) { |
|
| 257 | 257 | throw new \LogicException(sprintf('%s cannot be accessed in a %s request.', $name, $this->method)); |
| 258 | 258 | } |
| 259 | 259 | return $this->getContent(); |
@@ -304,14 +304,14 @@ discard block |
||
| 304 | 304 | */ |
| 305 | 305 | public function getHeader($name) { |
| 306 | 306 | |
| 307 | - $name = strtoupper(str_replace(array('-'),array('_'),$name)); |
|
| 308 | - if (isset($this->server['HTTP_' . $name])) { |
|
| 309 | - return $this->server['HTTP_' . $name]; |
|
| 307 | + $name = strtoupper(str_replace(array('-'), array('_'), $name)); |
|
| 308 | + if (isset($this->server['HTTP_'.$name])) { |
|
| 309 | + return $this->server['HTTP_'.$name]; |
|
| 310 | 310 | } |
| 311 | 311 | |
| 312 | 312 | // There's a few headers that seem to end up in the top-level |
| 313 | 313 | // server array. |
| 314 | - switch($name) { |
|
| 314 | + switch ($name) { |
|
| 315 | 315 | case 'CONTENT_TYPE' : |
| 316 | 316 | case 'CONTENT_LENGTH' : |
| 317 | 317 | if (isset($this->server[$name])) { |
@@ -432,21 +432,21 @@ discard block |
||
| 432 | 432 | // 'application/json' must be decoded manually. |
| 433 | 433 | if (strpos($this->getHeader('Content-Type'), 'application/json') !== false) { |
| 434 | 434 | $params = json_decode(file_get_contents($this->inputStream), true); |
| 435 | - if($params !== null && count($params) > 0) { |
|
| 435 | + if ($params !== null && count($params) > 0) { |
|
| 436 | 436 | $this->items['params'] = $params; |
| 437 | - if($this->method === 'POST') { |
|
| 437 | + if ($this->method === 'POST') { |
|
| 438 | 438 | $this->items['post'] = $params; |
| 439 | 439 | } |
| 440 | 440 | } |
| 441 | 441 | |
| 442 | 442 | // Handle application/x-www-form-urlencoded for methods other than GET |
| 443 | 443 | // or post correctly |
| 444 | - } elseif($this->method !== 'GET' |
|
| 444 | + } elseif ($this->method !== 'GET' |
|
| 445 | 445 | && $this->method !== 'POST' |
| 446 | 446 | && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) { |
| 447 | 447 | |
| 448 | 448 | parse_str(file_get_contents($this->inputStream), $params); |
| 449 | - if(is_array($params)) { |
|
| 449 | + if (is_array($params)) { |
|
| 450 | 450 | $this->items['params'] = $params; |
| 451 | 451 | } |
| 452 | 452 | } |
@@ -463,11 +463,11 @@ discard block |
||
| 463 | 463 | * @return bool true if CSRF check passed |
| 464 | 464 | */ |
| 465 | 465 | public function passesCSRFCheck() { |
| 466 | - if($this->csrfTokenManager === null) { |
|
| 466 | + if ($this->csrfTokenManager === null) { |
|
| 467 | 467 | return false; |
| 468 | 468 | } |
| 469 | 469 | |
| 470 | - if(!$this->passesStrictCookieCheck()) { |
|
| 470 | + if (!$this->passesStrictCookieCheck()) { |
|
| 471 | 471 | return false; |
| 472 | 472 | } |
| 473 | 473 | |
@@ -495,7 +495,7 @@ discard block |
||
| 495 | 495 | if ($this->getHeader('OCS-APIREQUEST')) { |
| 496 | 496 | return false; |
| 497 | 497 | } |
| 498 | - if($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) { |
|
| 498 | + if ($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) { |
|
| 499 | 499 | return false; |
| 500 | 500 | } |
| 501 | 501 | |
@@ -520,7 +520,7 @@ discard block |
||
| 520 | 520 | protected function getProtectedCookieName($name) { |
| 521 | 521 | $cookieParams = $this->getCookieParams(); |
| 522 | 522 | $prefix = ''; |
| 523 | - if($cookieParams['secure'] === true && $cookieParams['path'] === '/') { |
|
| 523 | + if ($cookieParams['secure'] === true && $cookieParams['path'] === '/') { |
|
| 524 | 524 | $prefix = '__Host-'; |
| 525 | 525 | } |
| 526 | 526 | |
@@ -535,12 +535,12 @@ discard block |
||
| 535 | 535 | * @since 9.1.0 |
| 536 | 536 | */ |
| 537 | 537 | public function passesStrictCookieCheck() { |
| 538 | - if(!$this->cookieCheckRequired()) { |
|
| 538 | + if (!$this->cookieCheckRequired()) { |
|
| 539 | 539 | return true; |
| 540 | 540 | } |
| 541 | 541 | |
| 542 | 542 | $cookieName = $this->getProtectedCookieName('nc_sameSiteCookiestrict'); |
| 543 | - if($this->getCookie($cookieName) === 'true' |
|
| 543 | + if ($this->getCookie($cookieName) === 'true' |
|
| 544 | 544 | && $this->passesLaxCookieCheck()) { |
| 545 | 545 | return true; |
| 546 | 546 | } |
@@ -555,12 +555,12 @@ discard block |
||
| 555 | 555 | * @since 9.1.0 |
| 556 | 556 | */ |
| 557 | 557 | public function passesLaxCookieCheck() { |
| 558 | - if(!$this->cookieCheckRequired()) { |
|
| 558 | + if (!$this->cookieCheckRequired()) { |
|
| 559 | 559 | return true; |
| 560 | 560 | } |
| 561 | 561 | |
| 562 | 562 | $cookieName = $this->getProtectedCookieName('nc_sameSiteCookielax'); |
| 563 | - if($this->getCookie($cookieName) === 'true') { |
|
| 563 | + if ($this->getCookie($cookieName) === 'true') { |
|
| 564 | 564 | return true; |
| 565 | 565 | } |
| 566 | 566 | return false; |
@@ -573,12 +573,12 @@ discard block |
||
| 573 | 573 | * @return string |
| 574 | 574 | */ |
| 575 | 575 | public function getId() { |
| 576 | - if(isset($this->server['UNIQUE_ID'])) { |
|
| 576 | + if (isset($this->server['UNIQUE_ID'])) { |
|
| 577 | 577 | return $this->server['UNIQUE_ID']; |
| 578 | 578 | } |
| 579 | 579 | |
| 580 | - if(empty($this->requestId)) { |
|
| 581 | - $validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS; |
|
| 580 | + if (empty($this->requestId)) { |
|
| 581 | + $validChars = ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS; |
|
| 582 | 582 | $this->requestId = $this->secureRandom->generate(20, $validChars); |
| 583 | 583 | } |
| 584 | 584 | |
@@ -596,15 +596,15 @@ discard block |
||
| 596 | 596 | $remoteAddress = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : ''; |
| 597 | 597 | $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); |
| 598 | 598 | |
| 599 | - if(is_array($trustedProxies) && in_array($remoteAddress, $trustedProxies)) { |
|
| 599 | + if (is_array($trustedProxies) && in_array($remoteAddress, $trustedProxies)) { |
|
| 600 | 600 | $forwardedForHeaders = $this->config->getSystemValue('forwarded_for_headers', [ |
| 601 | 601 | 'HTTP_X_FORWARDED_FOR' |
| 602 | 602 | // only have one default, so we cannot ship an insecure product out of the box |
| 603 | 603 | ]); |
| 604 | 604 | |
| 605 | - foreach($forwardedForHeaders as $header) { |
|
| 606 | - if(isset($this->server[$header])) { |
|
| 607 | - foreach(explode(',', $this->server[$header]) as $IP) { |
|
| 605 | + foreach ($forwardedForHeaders as $header) { |
|
| 606 | + if (isset($this->server[$header])) { |
|
| 607 | + foreach (explode(',', $this->server[$header]) as $IP) { |
|
| 608 | 608 | $IP = trim($IP); |
| 609 | 609 | if (filter_var($IP, FILTER_VALIDATE_IP) !== false) { |
| 610 | 610 | return $IP; |
@@ -623,7 +623,7 @@ discard block |
||
| 623 | 623 | * @return bool |
| 624 | 624 | */ |
| 625 | 625 | private function isOverwriteCondition($type = '') { |
| 626 | - $regex = '/' . $this->config->getSystemValue('overwritecondaddr', '') . '/'; |
|
| 626 | + $regex = '/'.$this->config->getSystemValue('overwritecondaddr', '').'/'; |
|
| 627 | 627 | $remoteAddr = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : ''; |
| 628 | 628 | return $regex === '//' || preg_match($regex, $remoteAddr) === 1 |
| 629 | 629 | || $type !== 'protocol'; |
@@ -635,7 +635,7 @@ discard block |
||
| 635 | 635 | * @return string Server protocol (http or https) |
| 636 | 636 | */ |
| 637 | 637 | public function getServerProtocol() { |
| 638 | - if($this->config->getSystemValue('overwriteprotocol') !== '' |
|
| 638 | + if ($this->config->getSystemValue('overwriteprotocol') !== '' |
|
| 639 | 639 | && $this->isOverwriteCondition('protocol')) { |
| 640 | 640 | return $this->config->getSystemValue('overwriteprotocol'); |
| 641 | 641 | } |
@@ -677,7 +677,7 @@ discard block |
||
| 677 | 677 | 'HTTP/2', |
| 678 | 678 | ]; |
| 679 | 679 | |
| 680 | - if(in_array($claimedProtocol, $validProtocols, true)) { |
|
| 680 | + if (in_array($claimedProtocol, $validProtocols, true)) { |
|
| 681 | 681 | return $claimedProtocol; |
| 682 | 682 | } |
| 683 | 683 | |
@@ -691,8 +691,8 @@ discard block |
||
| 691 | 691 | */ |
| 692 | 692 | public function getRequestUri() { |
| 693 | 693 | $uri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : ''; |
| 694 | - if($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) { |
|
| 695 | - $uri = $this->getScriptName() . substr($uri, strlen($this->server['SCRIPT_NAME'])); |
|
| 694 | + if ($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) { |
|
| 695 | + $uri = $this->getScriptName().substr($uri, strlen($this->server['SCRIPT_NAME'])); |
|
| 696 | 696 | } |
| 697 | 697 | return $uri; |
| 698 | 698 | } |
@@ -706,7 +706,7 @@ discard block |
||
| 706 | 706 | $requestUri = isset($this->server['PATH_INFO']) ? $this->server['PATH_INFO'] : ''; |
| 707 | 707 | // remove too many leading slashes - can be caused by reverse proxy configuration |
| 708 | 708 | if (strpos($requestUri, '/') === 0) { |
| 709 | - $requestUri = '/' . ltrim($requestUri, '/'); |
|
| 709 | + $requestUri = '/'.ltrim($requestUri, '/'); |
|
| 710 | 710 | } |
| 711 | 711 | |
| 712 | 712 | $requestUri = preg_replace('%/{2,}%', '/', $requestUri); |
@@ -723,7 +723,7 @@ discard block |
||
| 723 | 723 | // FIXME: Sabre does not really belong here |
| 724 | 724 | list($path, $name) = \Sabre\Uri\split($scriptName); |
| 725 | 725 | if (!empty($path)) { |
| 726 | - if($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) { |
|
| 726 | + if ($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) { |
|
| 727 | 727 | $pathInfo = substr($pathInfo, strlen($path)); |
| 728 | 728 | } else { |
| 729 | 729 | throw new \Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')"); |
@@ -735,7 +735,7 @@ discard block |
||
| 735 | 735 | if (strpos($pathInfo, $name) === 0) { |
| 736 | 736 | $pathInfo = substr($pathInfo, strlen($name)); |
| 737 | 737 | } |
| 738 | - if($pathInfo === false || $pathInfo === '/'){ |
|
| 738 | + if ($pathInfo === false || $pathInfo === '/') { |
|
| 739 | 739 | return ''; |
| 740 | 740 | } else { |
| 741 | 741 | return $pathInfo; |
@@ -753,7 +753,7 @@ discard block |
||
| 753 | 753 | $pathInfo = rawurldecode($pathInfo); |
| 754 | 754 | $encoding = mb_detect_encoding($pathInfo, ['UTF-8', 'ISO-8859-1']); |
| 755 | 755 | |
| 756 | - switch($encoding) { |
|
| 756 | + switch ($encoding) { |
|
| 757 | 757 | case 'ISO-8859-1' : |
| 758 | 758 | $pathInfo = utf8_encode($pathInfo); |
| 759 | 759 | } |
@@ -769,12 +769,12 @@ discard block |
||
| 769 | 769 | */ |
| 770 | 770 | public function getScriptName() { |
| 771 | 771 | $name = $this->server['SCRIPT_NAME']; |
| 772 | - $overwriteWebRoot = $this->config->getSystemValue('overwritewebroot'); |
|
| 772 | + $overwriteWebRoot = $this->config->getSystemValue('overwritewebroot'); |
|
| 773 | 773 | if ($overwriteWebRoot !== '' && $this->isOverwriteCondition()) { |
| 774 | 774 | // FIXME: This code is untestable due to __DIR__, also that hardcoded path is really dangerous |
| 775 | 775 | $serverRoot = str_replace('\\', '/', substr(__DIR__, 0, -strlen('lib/private/appframework/http/'))); |
| 776 | 776 | $suburi = str_replace('\\', '/', substr(realpath($this->server['SCRIPT_FILENAME']), strlen($serverRoot))); |
| 777 | - $name = '/' . ltrim($overwriteWebRoot . $suburi, '/'); |
|
| 777 | + $name = '/'.ltrim($overwriteWebRoot.$suburi, '/'); |
|
| 778 | 778 | } |
| 779 | 779 | return $name; |
| 780 | 780 | } |
@@ -844,7 +844,7 @@ discard block |
||
| 844 | 844 | return $host; |
| 845 | 845 | } else { |
| 846 | 846 | $trustedList = $this->config->getSystemValue('trusted_domains', []); |
| 847 | - if(!empty($trustedList)) { |
|
| 847 | + if (!empty($trustedList)) { |
|
| 848 | 848 | return $trustedList[0]; |
| 849 | 849 | } else { |
| 850 | 850 | return ''; |
@@ -859,7 +859,7 @@ discard block |
||
| 859 | 859 | * isn't met |
| 860 | 860 | */ |
| 861 | 861 | private function getOverwriteHost() { |
| 862 | - if($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) { |
|
| 862 | + if ($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) { |
|
| 863 | 863 | return $this->config->getSystemValue('overwritehost'); |
| 864 | 864 | } |
| 865 | 865 | return null; |
