Skip to content

Commit

Permalink
Merge pull request #49 from bpcurse/feature_development
Browse files Browse the repository at this point in the history 
Feature development
  • Loading branch information
@bpcurse
bpcurse authored Apr 14, 2021
2 parents 5de2ead + 7d68e0a commit 4772e86
Show file tree
Hide file tree
Showing 11 changed files with 91 additions and 30 deletions.
7 changes: 7 additions & 0 deletions config.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,13 @@
// Default password (NOT RECOMMENDED - DANGEROUS)
// $user_pass = 'goodpassword';

/**
* Security settings
*/
// Allowed frame ancestors e.g. your cloud URL incl. https:// (if you want to open the script from external sites app)
// Multiple URLs can be set by separating them with a space
// $frame_ancestors = 'https://cloud.example.com';

/**
* Folder settings
*/
Expand Down
4 changes: 3 additions & 1 deletion email.php
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
<?php

session_start();
$active_page = 'email';
require_once 'functions.php';
include_once 'config.php';

session_secure_start();

require_once 'l10n/'.$_SESSION['language'].'.php';

if(!$_SESSION['authenticated']) {
Expand Down
71 changes: 53 additions & 18 deletions functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -418,7 +418,7 @@ function select_data_single_user(
$item_data = $item == 'percentage_used'
? (in_array($quota, [-3, 0, 'none'])
? 'N/A'
: round(($used / $quota * 100), 1))
: round($used / $quota * 100, 1))
: $data['ocs']['data'][$item];

// Filter/format different data sets
Expand Down Expand Up @@ -859,11 +859,11 @@ function build_table_user_data($user_data) {
for($col = 0; $col < sizeof($user_data[$row]); $col++) {
$selected_data = $user_data[$row][$col];

$color_text = ($selected_data === 'N/A')
$color_text = $selected_data === 'N/A'
? ' color: grey;'
: ' color: unset;';

$align = (in_array($col, $keypos_right_align, true))
$align = in_array($col, $keypos_right_align, true)
? 'text-align: right; white-space: nowrap;'
: (in_array($col, $keypos_center_align, true)
? 'text-align: center;'
Expand Down Expand Up @@ -946,23 +946,28 @@ function build_table_groupfolder_data() {

// Iterate through collected user data by row and column, build HTML table
foreach($_SESSION['raw_groupfolders_data']['ocs']['data'] as $groupfolder) {

$groups = build_csv_line($groupfolder['groups'], true, ', ');

$manager = null;
foreach($groupfolder['manage'] as $item)
$manager = $item['id'];
$manager = build_csv_line($groupfolder['manage'], false, ', ', 'id', 'type');

$acl = ($groupfolder['acl'])
$acl = $groupfolder['acl']
? '<span style="color: green">&#10004;</span>'
: null;

$percent_used = round($groupfolder['size'] / $groupfolder['quota'] * 100,2);
$percent_used = $groupfolder['quota'] == -3
? 'N/A'
: round($groupfolder['size'] / $groupfolder['quota'] * 100, 1);

$color_text = $percent_used === "N/A"
? "style='color: grey;'"
: "";

$table_groupfolder_data .= "<tr><td>".utf8_decode($groupfolder['id'])."</td>
<td>".$groupfolder['mount_point']."</td>
<td>{$groupfolder['mount_point']}</td>
<td>$groups</td>
<td class='align_r'>".format_size($groupfolder['size'])."</td>
<td class='align_r'>".round($percent_used, 1)."</td>
<td class='align_r'$color_text>$percent_used</td>
<td class='align_r'>".format_size($groupfolder['quota'])."</td>
<td class='align_c'>$acl</td>
<td>$manager</td></tr>";
Expand Down Expand Up @@ -1142,9 +1147,7 @@ function build_groupfolder_data($array = null) {
foreach($_SESSION['raw_groupfolders_data']['ocs']['data'] as $groupfolder) {
$groups = build_csv_line($groupfolder['groups'], true, ', ');

$manager = null;
foreach($groupfolder['manage'] as $item)
$manager = $item['id'];
$manager = build_csv_line($groupfolder['manage'], false, ', ', 'id', 'type');

if(!$array)
$acl = ($groupfolder['acl'])
Expand All @@ -1153,7 +1156,7 @@ function build_groupfolder_data($array = null) {
else
$acl = $groupfolder['acl'];

$percent_used = round(($groupfolder['size'] / $groupfolder['quota'] * 100),1);
$percent_used = round($groupfolder['size'] / $groupfolder['quota'] * 100, 1);

$groupfolder_data = [$groupfolder['id'],$groupfolder['mount_point'],
$groups,format_size($groupfolder['size']),$percent_used,
Expand All @@ -1180,12 +1183,21 @@ function build_groupfolder_data($array = null) {
* @return $csv_line CSV formatted string
*
*/
function build_csv_line($array = null, $return_key = false, $delimiter = ',') {
function build_csv_line($array = null, $return_key = false, $delimiter = ',',
$subarray_id = null, $subarray_type = null) {

$array = $array ?? $_SESSION['data_choices'];

$i = 0;
foreach($array as $key => $item) {
if ($return_key)

if($subarray_id)
$item = $subarray_type
? "{$item[$subarray_id]} ({$item[$subarray_type]})"
: $item[$subarray_id];


if($return_key)
$csv_line .= ($i === 0)
? $key
: $delimiter.$key;
Expand All @@ -1194,8 +1206,10 @@ function build_csv_line($array = null, $return_key = false, $delimiter = ',') {
? $item
: $delimiter.$item;
$i++;

}
return $csv_line;

}

/**
Expand All @@ -1208,10 +1222,12 @@ function build_csv_line($array = null, $return_key = false, $delimiter = ',') {
*
*/
function format_size($size) {
if ($size === 0)
if($size === 0)
return "0 MB";
if ($size === null)
if($size === null)
return '-';
if($size == -3)
return '∞ GB';

$s = array('B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB');
$e = floor(log($size, 1024));
Expand Down Expand Up @@ -1250,3 +1266,22 @@ function random_str(
$pieces []= $keyspace[random_int(0, $max)];
return implode('', $pieces);
}

function set_security_headers() {

include 'config.php';

header("X-Content-Type-Options: nosniff");
header("Content-Security-Policy: frame-ancestors 'self' $frame_ancestors");
header("X-Robots-Tag: none");
header("Referrer-Policy: same-origin");

}

function session_secure_start() {

session_set_cookie_params(
'3600', '/', $_SERVER['SERVER_NAME'], isset($_SERVER["HTTPS"]), true);
session_start();

}
4 changes: 3 additions & 1 deletion groupfolders.php
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
<?php

session_start();
$active_page = 'groupfolders';
require_once 'functions.php';
include_once 'config.php';

session_secure_start();

require_once 'l10n/'.$_SESSION['language'].'.php';

echo "<html lang='{$_SESSION['language']}'>";
Expand Down
4 changes: 3 additions & 1 deletion groupfolders_detail.php
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
<?php

session_start();
$active_page = 'groupfolders';
require_once 'functions.php';
include_once 'config.php';

session_secure_start();

require_once 'l10n/'.$_SESSION['language'].'.php';

$export_type = $_POST['export_type'];
Expand Down
4 changes: 3 additions & 1 deletion groups.php
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
<?php

session_start();
$active_page = 'groups';
require_once 'functions.php';
include_once 'config.php';

session_secure_start();

require_once 'l10n/'.$_SESSION['language'].'.php';

echo "<html lang='{$_SESSION['language']}'>";
Expand Down
4 changes: 3 additions & 1 deletion groups_detail.php
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
<?php

session_start();
$active_page = 'groups';
require_once 'functions.php';
include_once 'config.php';

session_secure_start();

require_once 'l10n/'.$_SESSION['language'].'.php';

$export_type = $_POST['export_type'];
Expand Down
7 changes: 5 additions & 2 deletions index.php
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
<?php

session_start();
$active_page = "index";
require_once 'functions.php';
include_once 'config.php';

session_secure_start();

/**
* Get parameters if any, set defaults
*/
Expand All @@ -22,8 +23,9 @@
session_destroy();
session_write_close();
setcookie(session_name(),'',0,'/');

header('Location: index.php');

}

$target_url = filter_input(INPUT_GET, 'url', FILTER_SANITIZE_URL)
Expand Down Expand Up @@ -82,6 +84,7 @@
calculate_quota();
}

set_security_headers();
echo "<html lang='{$_SESSION['language']}'>";

?>
Expand Down
4 changes: 3 additions & 1 deletion statistics.php
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
<?php

session_start();
$active_page = 'statistics';
require_once 'functions.php';
include_once 'config.php';

session_secure_start();

require_once 'l10n/'.$_SESSION['language'].'.php';

echo "<html lang='{$_SESSION['language']}'>"
Expand Down
4 changes: 3 additions & 1 deletion users.php
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
<?php

session_start();
$active_page = 'users';
require_once 'functions.php';
include_once 'config.php';

session_secure_start();

require_once 'l10n/'.$_SESSION['language'].'.php';

$export_type = $_SESSION['export_type'];
Expand Down
8 changes: 5 additions & 3 deletions users_detail.php
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
<?php

session_start();
$active_page = 'users';
require_once 'functions.php';
include_once 'config.php';

session_secure_start();

require_once 'l10n/'.$_SESSION['language'].'.php';

// Filter POST array and save keys with value 'true' as constant
Expand All @@ -13,7 +15,7 @@
header('Content-Type: text/html; charset=utf-8');
exit(L10N_ERROR . L10N_SELECT_AT_LEAST_ONE_COLUMN . L10N_RETURN_TO_FORM);
}

$_SESSION['filters_set'] = array_keys($_POST, 'set_filter');
$_SESSION['filter_group'] = $_POST['filter_group'] ?? null;
$_SESSION['filter_ll_since'] = $_POST['filter_ll_since'] ?? null;
Expand Down Expand Up @@ -78,7 +80,7 @@ function sortTable() {
<?php

include 'navigation.php';

if(!$_SESSION['authenticated']) {
header('Content-Type: text/html; charset=utf-8');
exit('<br>'.L10N_CONNECTION_NEEDED);
Expand Down

0 comments on commit 4772e86

Please sign in to comment.