egroupware/groupdav.php

<?php
/**
 * eGroupWare - GroupDAV access
 *
 * Using the PEAR HTTP/WebDAV/Server class (which need to be installed!)
 *
 * @link http://www.egroupware.org
 * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
 * @package api
 * @subpackage groupdav
 * @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
 * @copyright (c) 2007/8 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
 * @version $Id$
 */

$starttime = microtime(true);

/**
 * check if the given user has access
 *
 * Create a session or if the user has no account return authenticate header and 401 Unauthorized
 *
 * @param array &$account
 * @return int session-id
 */
function check_access(&$account)
{
	$account = array(
		'login'  => $_SERVER['PHP_AUTH_USER'],
		'passwd' => $_SERVER['PHP_AUTH_PW'],
		'passwd_type' => 'text',
	);
	// no session for clients known to NOT use it (no cookie support)
	$agent = strtolower($_SERVER['HTTP_USER_AGENT']);
	foreach(array(
		'davkit',	// Apple iCal
		'bionicmessage.net',
		'zideone',
		'lightning',
	) as $test)
	{
		if (($no_session = strpos($agent,$test) !== false)) break;
	}
	//error_log("GroupDAV PHP_AUTH_USER={$_SERVER['PHP_AUTH_USER']}, HTTP_USER_AGENT={$_SERVER['HTTP_USER_AGENT']} --> no_session=".(int)$no_session);

	if (!isset($_SERVER['PHP_AUTH_USER']) || !($sessionid = $GLOBALS['egw']->session->create($account,'','',$no_session)))
	{
		header('WWW-Authenticate: Basic realm="'.groupdav::REALM.
			// if the session class gives a reason why the login failed --> append it to the REALM
			($GLOBALS['egw']->session->reason ? ': '.$GLOBALS['egw']->session->reason : '').'"');
		header('HTTP/1.1 401 Unauthorized');
		header('X-WebDAV-Status: 401 Unauthorized', true);
		exit;
	}
	return $sessionid;
}

$GLOBALS['egw_info']['flags'] = array(
	'noheader'  => True,
	'currentapp' => 'groupdav',
	'autocreate_session_callback' => 'check_access',
	'no_exception_handler' => 'basic_auth',	// we use a basic auth exception handler (sends exception message as basic auth realm)
);
// if you move this file somewhere else, you need to adapt the path to the header!
include(dirname(__FILE__).'/header.inc.php');

$headertime = microtime(true);

$groupdav = new groupdav();
$groupdav->ServeRequest();
//error_log(sprintf("GroupDAV %s request took %5.3f s (header include took %5.3f s)",$_SERVER['REQUEST_METHOD'],microtime(true)-$starttime,$headertime-$starttime));
First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`<?php`
			`/**`
			`* eGroupWare - GroupDAV access`
			`*`
			`* Using the PEAR HTTP/WebDAV/Server class (which need to be installed!)`
			`*`
			`* @link http://www.egroupware.org`
			`* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License`
			`* @package api`
			`* @subpackage groupdav`
			`* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>`
			`* @copyright (c) 2007/8 by Ralf Becker <RalfBecker-AT-outdoor-training.de>`
			`* @version $Id$`
			`*/`

Improved exception handling: - exceptions get now always logged to the error_log - in the webgui it's now configurable, if the message contains a stacktrace (incl. function arguments) - default no (security) - command line interfaces get detected and contain no html anymore - webdav and groupdav send the exceptions as basic auth realms to the client - webdav and groupdav login failures contain the reason as part of the basic auth realm 2008-10-26 13:13:01 +01:00			`$starttime = microtime(true);`

First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`/**`
			`* check if the given user has access`
			`*`
			`* Create a session or if the user has no account return authenticate header and 401 Unauthorized`
			`*`
			`* @param array &$account`
			`* @return int session-id`
			`*/`
			`function check_access(&$account)`
			`{`
			`$account = array(`
			`'login' => $_SERVER['PHP_AUTH_USER'],`
			`'passwd' => $_SERVER['PHP_AUTH_PW'],`
			`'passwd_type' => 'text',`
			`);`
"extra param to session::create() to not create a session, eg. for GroupDAV clients know to not support cookies, eg. Apple's iCal" 2008-05-10 22:05:12 +02:00			`// no session for clients known to NOT use it (no cookie support)`
"one more client without session support" 2008-05-19 09:55:37 +02:00			`$agent = strtolower($_SERVER['HTTP_USER_AGENT']);`
			`foreach(array(`
			`'davkit', // Apple iCal`
			`'bionicmessage.net',`
"UPPS, patterns have to be lowercase" 2008-10-05 12:08:58 +02:00			`'zideone',`
			`'lightning',`
"one more client without session support" 2008-05-19 09:55:37 +02:00			`) as $test)`
			`{`
			`if (($no_session = strpos($agent,$test) !== false)) break;`
			`}`
"extra param to session::create() to not create a session, eg. for GroupDAV clients know to not support cookies, eg. Apple's iCal" 2008-05-10 22:05:12 +02:00			`//error_log("GroupDAV PHP_AUTH_USER={$_SERVER['PHP_AUTH_USER']}, HTTP_USER_AGENT={$_SERVER['HTTP_USER_AGENT']} --> no_session=".(int)$no_session);`

Improved exception handling: - exceptions get now always logged to the error_log - in the webgui it's now configurable, if the message contains a stacktrace (incl. function arguments) - default no (security) - command line interfaces get detected and contain no html anymore - webdav and groupdav send the exceptions as basic auth realms to the client - webdav and groupdav login failures contain the reason as part of the basic auth realm 2008-10-26 13:13:01 +01:00			`if (!isset($_SERVER['PHP_AUTH_USER']) \|\| !($sessionid = $GLOBALS['egw']->session->create($account,'','',$no_session)))`
First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`{`
Improved exception handling: - exceptions get now always logged to the error_log - in the webgui it's now configurable, if the message contains a stacktrace (incl. function arguments) - default no (security) - command line interfaces get detected and contain no html anymore - webdav and groupdav send the exceptions as basic auth realms to the client - webdav and groupdav login failures contain the reason as part of the basic auth realm 2008-10-26 13:13:01 +01:00			`header('WWW-Authenticate: Basic realm="'.groupdav::REALM.`
			`// if the session class gives a reason why the login failed --> append it to the REALM`
			`($GLOBALS['egw']->session->reason ? ': '.$GLOBALS['egw']->session->reason : '').'"');`
"UPPS, patterns have to be lowercase" 2008-10-05 12:08:58 +02:00			`header('HTTP/1.1 401 Unauthorized');`
			`header('X-WebDAV-Status: 401 Unauthorized', true);`
			`exit;`
First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`}`
			`return $sessionid;`
			`}`

			`$GLOBALS['egw_info']['flags'] = array(`
			`'noheader' => True,`
			`'currentapp' => 'groupdav',`
			`'autocreate_session_callback' => 'check_access',`
Improved exception handling: - exceptions get now always logged to the error_log - in the webgui it's now configurable, if the message contains a stacktrace (incl. function arguments) - default no (security) - command line interfaces get detected and contain no html anymore - webdav and groupdav send the exceptions as basic auth realms to the client - webdav and groupdav login failures contain the reason as part of the basic auth realm 2008-10-26 13:13:01 +01:00			`'no_exception_handler' => 'basic_auth', // we use a basic auth exception handler (sends exception message as basic auth realm)`
First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`);`
			`// if you move this file somewhere else, you need to adapt the path to the header!`
			`include(dirname(__FILE__).'/header.inc.php');`

Improved exception handling: - exceptions get now always logged to the error_log - in the webgui it's now configurable, if the message contains a stacktrace (incl. function arguments) - default no (security) - command line interfaces get detected and contain no html anymore - webdav and groupdav send the exceptions as basic auth realms to the client - webdav and groupdav login failures contain the reason as part of the basic auth realm 2008-10-26 13:13:01 +01:00			`$headertime = microtime(true);`

First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`$groupdav = new groupdav();`
			`$groupdav->ServeRequest();`
Improved exception handling: - exceptions get now always logged to the error_log - in the webgui it's now configurable, if the message contains a stacktrace (incl. function arguments) - default no (security) - command line interfaces get detected and contain no html anymore - webdav and groupdav send the exceptions as basic auth realms to the client - webdav and groupdav login failures contain the reason as part of the basic auth realm 2008-10-26 13:13:01 +01:00			`//error_log(sprintf("GroupDAV %s request took %5.3f s (header include took %5.3f s)",$_SERVER['REQUEST_METHOD'],microtime(true)-$starttime,$headertime-$starttime));`