egroupware/groupdav.php

<?php
/**
 * EGroupware - CalDAV/CardDAV/GroupDAV server
 *
 * For Apache FCGI you need the following rewrite rule:
 *
 * 	RewriteEngine on
 * 	RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
 *
 * Otherwise authentication request will be send over and over again, as password is NOT available to PHP!
 *
 * Using the PEAR HTTP/WebDAV/Server class (which need to be installed!)
 *
 * @link http://www.egroupware.org
 * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
 * @package api
 * @subpackage groupdav
 * @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
 * @copyright (c) 2007-11 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
 * @version $Id$
 */

// switching off output compression for Lighttpd and HTTPS, as it makes problems with TB Lightning
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' &&
	strpos($_SERVER['SERVER_SOFTWARE'],'lighttpd/1.4') === 0 &&
	strpos($_SERVER['HTTP_USER_AGENT'],'Lightning') !== false)
{
	ini_set('zlib.output_compression',0);
}
//error_log("HTTPS='$_SERVER[HTTPS]', SERVER_SOFTWARE='$_SERVER[SERVER_SOFTWARE]', HTTP_USER_AGENT='$_SERVER[HTTP_USER_AGENT]', REQUEST_METHOD='$_SERVER[REQUEST_METHOD]' --> zlib.output_compression=".ini_get('zlib.output_compression'));

$starttime = microtime(true);

$GLOBALS['egw_info'] = array(
	'flags' => array(
		'noheader'  => True,
		'currentapp' => 'groupdav',
		'no_exception_handler' => 'basic_auth',	// we use a basic auth exception handler (sends exception message as basic auth realm)
		'autocreate_session_callback' => array('egw_digest_auth','autocreate_session_callback'),
		'auth_realm' => 'EGroupware CalDAV/CardDAV/GroupDAV server',	// cant use groupdav::REALM as autoloading and include path not yet setup!
	)
);
// if you move this file somewhere else, you need to adapt the path to the header!
$egw_dir = dirname(__FILE__);
require_once($egw_dir.'/phpgwapi/inc/class.egw_digest_auth.inc.php');
include($egw_dir.'/header.inc.php');

$GLOBALS['egw_info']['user']['preferences'] = $GLOBALS['egw']->preferences->read_repository();

$headertime = microtime(true);

$groupdav = new groupdav();
$groupdav->ServeRequest();
//error_log(sprintf('GroupDAV %s: status "%s", took %5.3f s'.($headertime?' (header include took %5.3f s)':''),$_SERVER['REQUEST_METHOD'].($_SERVER['REQUEST_METHOD']=='REPORT'?' '.$groupdav->propfind_options['root']['name']:'').' '.$_SERVER['PATH_INFO'],$groupdav->_http_status,microtime(true)-$starttime,$headertime-$starttime));
First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`<?php`
			`/**`
switching off output compression for Lighttpd and HTTPS, as it makes problems with TB Lightning 2011-09-16 17:34:26 +02:00			`* EGroupware - CalDAV/CardDAV/GroupDAV server`
First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`*`
documented required rewrite rule for Apache FCGI 2013-03-18 09:14:47 +01:00			`* For Apache FCGI you need the following rewrite rule:`
			`*`
			`* RewriteEngine on`
			`* RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]`
			`*`
			`* Otherwise authentication request will be send over and over again, as password is NOT available to PHP!`
			`*`
First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`* Using the PEAR HTTP/WebDAV/Server class (which need to be installed!)`
			`*`
			`* @link http://www.egroupware.org`
			`* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License`
			`* @package api`
			`* @subpackage groupdav`
			`* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>`
switching off output compression for Lighttpd and HTTPS, as it makes problems with TB Lightning 2011-09-16 17:34:26 +02:00			`* @copyright (c) 2007-11 by Ralf Becker <RalfBecker-AT-outdoor-training.de>`
First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`* @version $Id$`
			`*/`

switching off output compression for Lighttpd and HTTPS, as it makes problems with TB Lightning 2011-09-16 17:34:26 +02:00			`// switching off output compression for Lighttpd and HTTPS, as it makes problems with TB Lightning`
			`if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' &&`
			`strpos($_SERVER['SERVER_SOFTWARE'],'lighttpd/1.4') === 0 &&`
			`strpos($_SERVER['HTTP_USER_AGENT'],'Lightning') !== false)`
			`{`
			`ini_set('zlib.output_compression',0);`
			`}`
			`//error_log("HTTPS='$_SERVER[HTTPS]', SERVER_SOFTWARE='$_SERVER[SERVER_SOFTWARE]', HTTP_USER_AGENT='$_SERVER[HTTP_USER_AGENT]', REQUEST_METHOD='$_SERVER[REQUEST_METHOD]' --> zlib.output_compression=".ini_get('zlib.output_compression'));`

Improved exception handling: - exceptions get now always logged to the error_log - in the webgui it's now configurable, if the message contains a stacktrace (incl. function arguments) - default no (security) - command line interfaces get detected and contain no html anymore - webdav and groupdav send the exceptions as basic auth realms to the client - webdav and groupdav login failures contain the reason as part of the basic auth realm 2008-10-26 13:13:01 +01:00			`$starttime = microtime(true);`

supporting digest auth (see RFC 2617), which is more secure then basic auth on http (no cleartext password), it currently requires cleartext passwords in the database, to calculate the A1 hash! 2010-05-05 11:19:37 +02:00			`$GLOBALS['egw_info'] = array(`
			`'flags' => array(`
			`'noheader' => True,`
			`'currentapp' => 'groupdav',`
			`'no_exception_handler' => 'basic_auth', // we use a basic auth exception handler (sends exception message as basic auth realm)`
			`'autocreate_session_callback' => array('egw_digest_auth','autocreate_session_callback'),`
			`'auth_realm' => 'EGroupware CalDAV/CardDAV/GroupDAV server', // cant use groupdav::REALM as autoloading and include path not yet setup!`
			`)`
First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`);`
			`// if you move this file somewhere else, you need to adapt the path to the header!`
* iPhone and Mac Addressbook support aka Apple CalDAV/CardDAV autodetection Addressbook does NOT allow to specify the URL, unlike iCal which allows it after autodetection fails. This, some XML specifics set now for Apple addressbook user-agents and etags for addressbook collection itself allow now to use EGroupware with iPhone or Mac addressbook. The later was working before, if you edited the URL into a decompiled plist file, but failed now because of a new REPORT it tries on the principal, to find out shared addessbooks, which we not yet support, but failed to tell in the correct way (501 Not Implemented). Addressbook sync now the personal addressbook, because that is what we tell it as addressbook-home-set. We should add some configuration so user can choose what addressbook to set as addressbook-home-set, or to set the "all" addressbook (/addressbook). For the later we could add some prefs like SyncML to specify filters or eg. a distribution list. 2010-09-25 11:08:37 +02:00			`$egw_dir = dirname(__FILE__);`
			`require_once($egw_dir.'/phpgwapi/inc/class.egw_digest_auth.inc.php');`
			`include($egw_dir.'/header.inc.php');`
First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00
Support Free/Busy information with credentials as part of the URL 2010-06-26 13:35:11 +02:00			`$GLOBALS['egw_info']['user']['preferences'] = $GLOBALS['egw']->preferences->read_repository();`

Improved exception handling: - exceptions get now always logged to the error_log - in the webgui it's now configurable, if the message contains a stacktrace (incl. function arguments) - default no (security) - command line interfaces get detected and contain no html anymore - webdav and groupdav send the exceptions as basic auth realms to the client - webdav and groupdav login failures contain the reason as part of the basic auth realm 2008-10-26 13:13:01 +01:00			`$headertime = microtime(true);`

First version of new CalDav/CardDAV/GroupDAV access for calendar and addressbook (infolog will follow). CalDAV is tested so far with lightning 0.8 and Apple's iCal. Please note that both distinguish between iCalServer and CalDAV! The URL is currently http://domain.com/egroupware/groupdav.php/calendar/ 2008-05-08 22:31:32 +02:00			`$groupdav = new groupdav();`
			`$groupdav->ServeRequest();`
* CalDAV/CardDAV/GroupDAV new user preference to log requests and responses to Apache error-log 2011-11-23 17:34:39 +01:00			`//error_log(sprintf('GroupDAV %s: status "%s", took %5.3f s'.($headertime?' (header include took %5.3f s)':''),$_SERVER['REQUEST_METHOD'].($_SERVER['REQUEST_METHOD']=='REPORT'?' '.$groupdav->propfind_options['root']['name']:'').' '.$_SERVER['PATH_INFO'],$groupdav->_http_status,microtime(true)-$starttime,$headertime-$starttime));`