* SiteMgr: fixed not working anonymous user and using now a random password

phpgwapi/inc/class.accounts_ads.inc.php

@@ -155,7 +155,7 @@ class accounts_ads
 				'use_ssl' => $config['ads_connection'] == 'ssl',
 				'charset' => translation::charset(),
 			);
-			$adldap[$config['ads_domain']] = new adLDAP_egw($options);
+			$adldap[$config['ads_domain']] = new adLDAP($options);
 			if (self::$debug) error_log(__METHOD__."() new adLDAP(".array2string($options).") returned ".array2string($adldap[$config['ads_domain']]).' '.function_backtrace());
 		}
 		//else error_log(__METHOD__."() returning cached adLDAP ".array2string($adldap[$config['ads_domain']]).' '.function_backtrace());

phpgwapi/inc/class.applications.inc.php

@@ -268,7 +268,7 @@ class applications
 				'id'      => (int)$row['app_id'],
 				'order'   => (int)$row['app_order'],
 				'version' => $row['app_version'],
-				'index'   => $row['app_index'],
+				'index'   => $app_name == 'admin' ? 'admin.admin_ui.index&ajax=true' : $row['app_index'],
 				'icon'    => $row['app_icon'],
 				'icon_app'=> $row['app_icon_app'],
 			);

phpgwapi/inc/class.egw_framework.inc.php

@@ -178,10 +178,18 @@ abstract class egw_framework
 	 *
 	 * @param string $url	The url the link is for
 	 * @param string/array	$extravars	Extra params to be passed to the url
+	 * @param string $link_app=null if appname or true, some templates generate a special link-handler url
 	 * @return string	The full url after processing
 	 */
-	static function link($url, $extravars = '')
+	static function link($url, $extravars = '', $link_app=null)
 	{
+		// run all admin urls through admin.admin_ui.index to get admin tree and frameset
+		if (is_array($extravars) && ($link_app == 'admin' || substr($extravars['menuaction'], 0, 6) == 'admin.'))
+		{
+			$extravars['load'] = $extravars['menuaction'];
+			$extravars['menuaction'] = 'admin.admin_ui.index';
+			$extravars['ajax'] = 'true';	// must be last one
+		}
 		return $GLOBALS['egw']->session->link($url, $extravars);
 	}
 

phpgwapi/inc/class.egw_index.inc.php

@@ -49,9 +49,10 @@
 class egw_index implements IteratorAggregate
 {
 	const INDEX_TABLE = 'egw_index';
+	const KEYWORD_TABLE = 'egw_index_keywords';
 	const INDEX_CAT_TABLE = 'egw_cat2entry';
 	const CAT_TABLE = 'egw_categories';
-	const SEPERATORS = "[ ,;.:\"'!/?=()+*><|\n\r-]";
+	const SEPARATORS = "/[ ,;.:\"'!\/?=()+*><|\n\r-]+/";
 	const MIN_KEYWORD_LEN = 4;
 
 	/**
@@ -164,13 +165,14 @@ class egw_index implements IteratorAggregate
 	 * Stores the keywords for an entry in the index
 	 *
 	 * @param string $app
-	 * @param string/int $id
+	 * @param string|int $id
 	 * @param string $owner eGW account_id of the owner of the entry, used to create a "private entry of ..." title
 	 * @param array $fields
-	 * @param array/int/string $cat_ids=null optional cat_id(s) either comma-separated or as array
+	 * @param array|int|string $cat_ids=null optional cat_id(s) either comma-separated or as array
-	 * @return int/boolean false on error, othwerwise number off added keywords
+	 * @param array $ignore_fields=array() keys of fields NOT to index
+	 * @return int|boolean false on error, othwerwise number off added keywords
 	 */
-	static function save($app,$id,$owner,array $fields,$cat_ids=null)
+	static function save($app,$id,$owner,array $fields,$cat_ids=null,array $ignore_fields=array())
 	{
 		if (!$app || !$id)
 		{
@@ -180,14 +182,13 @@ class egw_index implements IteratorAggregate
 		$keywords = array();
 		foreach($fields as $field)
 		{
-			$tmpArray = @preg_split(self::SEPERATORS,$field);
+			if ($ignore_fields && in_array($field, $ignore_fields)) continue;
-			if (is_array($tmpArray)) {
+
-				foreach($tmpArray as $keyword)
+			foreach(preg_split(self::SEPARATORS, $field) as $keyword)
+			{
+				if (!in_array($keyword,$keywords) && strlen($keyword) >= self::MIN_KEYWORD_LEN && !is_numeric($keyword))
 				{
-					if (!in_array($keyword,$keywords) && strlen($keyword) >= self::MIN_KEYWORD_LEN && !is_numeric($keyword))
+					$keywords[] = $keyword;
-					{
-						$keywords[] = $keyword;
-					}
 				}
 			}
 		}
@@ -218,7 +219,7 @@ class egw_index implements IteratorAggregate
 	 * Delete the keywords for an entry or an entire application
 	 *
 	 * @param string $app
-	 * @param string/int $id=null
+	 * @param string|int $id=null
 	 */
 	static function delete($app,$id=null)
 	{
@@ -238,7 +239,7 @@ class egw_index implements IteratorAggregate
 	 * Returns the cats of an entry or multiple entries
 	 *
 	 * @param string $app
-	 * @param string/int/array $ids
+	 * @param string|int|array $ids
 	 * @return array with cats or single id or id => array with cats pairs
 	 */
 	static function cats($app,$ids)
@@ -279,7 +280,7 @@ class egw_index implements IteratorAggregate
 	 *
 	 * @todo reject keywords which are common words ...
 	 * @param string $app
-	 * @param string/int $id
+	 * @param string|int $id
 	 * @param string $keyword
 	 * @param int $owner=null
 	 * @return boolean true if keyword added, false if it was rejected in future
@@ -287,13 +288,28 @@ class egw_index implements IteratorAggregate
 	static private function add($app,$id,$keyword,$owner=null)
 	{
 		// todo: reject keywords which are common words, not sure how to do that for all languages
-		// maybey we can come up with some own little statistic analysis:
+		// mayby we can come up with some own little statistic analysis:
 		// all keywords more common then N % of the entries get deleted and moved to a separate table ...
+		if (!($si = self::$db->select(self::KEYWORD_TABLE, '*', array('si_keyword' => $keyword))->fetch()))
+		{
+			self::$db->insert(self::KEYWORD_TABLE, array(
+				'si_keyword' => $keyword,
+			), false, __LINE__, __FILE__);
 
+			$si_id = self::$db->get_last_insert_id(self::KEYWORD_TABLE, 'si_id');
+		}
+		elseif ($si['si_ignore'])
+		{
+			return false;
+		}
+		else
+		{
+			$si_id = $si['si_id'];
+		}
 		self::$db->insert(self::INDEX_TABLE,array(
-			'si_keyword' => $keyword,
 			'si_app' => $app,
 			'si_app_id' => $id,
+			'si_id' => $si_id,
 			'si_owner' => $owner,
 		),false,__LINE__,__FILE__);
 
@@ -304,8 +320,8 @@ class egw_index implements IteratorAggregate
 	 * Stores the cat_id(s) for an entry
 	 *
 	 * @param string $app
-	 * @param string/int $id
+	 * @param string|int $id
-	 * @param array/int/string $cat_ids=null optional cat_id(s) either comma-separated or as array
+	 * @param array|int|string $cat_ids=null optional cat_id(s) either comma-separated or as array
 	 * @param int $owner=null
 	 * @return boolean true on success, false on error
 	 */
@@ -335,7 +351,7 @@ class egw_index implements IteratorAggregate
 	 * Delete the cat for an entry or an entire application
 	 *
 	 * @param string $app
-	 * @param string/int $id=null
+	 * @param string|int $id=null
 	 */
 	static private function delete_cats($app,$id=null)
 	{

phpgwapi/inc/class.egw_link.inc.php

@@ -1440,7 +1440,7 @@ class egw_link extends solink
 		{
 			if(($method = self::get_registry($app,'file_access')))
 			{
-				$cache |= ExecMethod2($method,$id,$required,$rel_path) ? $required : 0;
+				$cache |= ExecMethod2($method,$id,$required,$rel_path) ? $required|EGW_ACL_READ : 0;
 			}
 			else
 			{

phpgwapi/inc/class.egw_vfs.inc.php

@@ -7,7 +7,7 @@
  * @package api
  * @subpackage vfs
  * @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
- * @copyright (c) 2008-10 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
+ * @copyright (c) 2008-12 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
  * @version $Id$
  */
 
@@ -1302,7 +1302,6 @@ class egw_vfs extends vfs_stream_wrapper
 	 *
 	 * @param string $path
 	 * @param boolean $force_download=false add header('Content-disposition: filename="' . basename($path) . '"'), currently not supported!
-	 * @todo get $force_download working through webdav
 	 * @return string
 	 */
 	static function download_url($path,$force_download=false)

phpgwapi/inc/class.ischedule_server.inc.php

@@ -30,6 +30,15 @@ class ischedule_server extends groupdav
 	 */
 	const VERSION = '1.0';
 
+	/**
+	 * Supported versions for capablities
+	 *
+	 * Might be more then current version above
+	 *
+	 * @var array
+	 */
+	static $supported_versions = array(self::VERSION);
+
 	/**
 	 * Required headers in DKIM signature (DKIM-Signature is always a required header!)
 	 */
@@ -80,12 +89,52 @@ class ischedule_server extends groupdav
 		if (self::$request_starttime) self::log_request();
 	}
 
-	static $supported_components = array('VEVENT', 'VFREEBUSY', 'VTODO');
+	/**
+	 * List of supported components and methods
+	 *
+	 * @var array
+	 */
+	static $supported_components = array(
+		'VFREEBUSY' => array('REQUEST'),
+		'VEVENT' => array('REQUEST', 'REPLY', 'CANCEL'),
+		//'VTODO' => array('REQUEST', 'REPLY', 'CANCEL'),
+	);
+
+	/**
+	 * List of supported calendar-data-types
+	 *
+	 * @var array
+	 */
+	static $supported_calendar_data_types = array(
+		array('content-type' => 'text/calendar', 'version' => '2.0'),
+	);
+
+	/**
+	 * Supported attachment types for capabilities
+	 *
+	 * @var array
+	 */
+	static $supported_attachments = array('external', 'inline');
+
+	/**
+	 * Other capablities
+	 *
+	 * @var array name => value pairs
+	 */
+	static $capablities = array(
+		'max-content-length' => 102400,
+		'min-date-time' => '19910101T000000Z',
+		'max-date-time' => '20381231T000000Z',
+		'max-instances' => 150,
+		'max-recipients' => 250,
+		// for server config: 'administrator' => 'mailto:ischedule-admin@example.com</administrator',
+	);
+
 	/**
 	 * Requiremnt for originator to match depending on method
 	 *
 	 * @var array method => array('ORGANIZER','ATTENDEE')
-	 * @link https://tools.ietf.org/html/draft-desruisseaux-ischedule-01#section-6.1
+	 * @link https://tools.ietf.org/html/draft-desruisseaux-ischedule-03#section-6.1
 	 */
 	static $supported_method2origin_requirement = array(
 		//'PUBLISH' => null,	// no requirement
@@ -147,8 +196,9 @@ class ischedule_server extends groupdav
 		}
 		// check if recipient is a user
 		// todo: multiple recipients, currently we use last recipient for EGroupware enviroment
-		foreach(preg_split('/, */', $headers['recipient']) as $recipient)
+		// it is no error, to not specify a correct user, in that case we return just a request-status of "3.7;Invalid Calendar User"!
-		{
+		//foreach(preg_split('/, */', $headers['recipient']) as $recipient)
+		/*{
 			if (!stripos($recipient, 'mailto:') === 0 ||
 				!($account_id = $GLOBALS['egw']->accounts->name2id(substr($recipient, 7), 'account_email')))
 			{
@@ -161,11 +211,13 @@ class ischedule_server extends groupdav
 		//$GLOBALS['egw']->session->account_domain = $domain;
 		$GLOBALS['egw_info']['user']  = $GLOBALS['egw']->session->read_repositories();
 		translation::init();
+		*/
 
 		// check originator is allowed to iSchedule with recipient
 		// ToDo: preference for user/admin to specify with whom to iSchedule: $allowed_origins
-		$allowed_origins = preg_split('/, ?/', $GLOBALS['egw_info']['user']['groupdav']['ischedule_allowed_origins']);
+		$allowed_origins = preg_split('/, ?/', $GLOBALS['egw_info']['user']['preferences']['groupdav']['ischedule_allowed_origins']);
 		/* disabled 'til UI is ready to specifiy
+		 * ToDo: this should be no error but a response-status of "3.8;No authority"
 		list(,$originator_domain) = explode('@', $headers['Originator']);
 		if (!in_array($headers['Originator'], $allowed_orgins) && !in_array($originator_domain, $allowed_origins))
 		{
@@ -173,6 +225,8 @@ class ischedule_server extends groupdav
 		}*/
 
 		// check method and component of Content-Type are valid
+		// ToDo: no component or method in Content-Type should give an "invalid-scheduling-message" error
+		// only unsupported (not in capablities) component should give "invalid-caledar-data-type"
 		if (!preg_match('/component=([^;]+)/i', $headers['content-type'], $matches) ||
 			(!in_array($component=strtoupper($matches[1]), self::$supported_components)))
 		{
@@ -190,7 +244,7 @@ class ischedule_server extends groupdav
 		$vcal = new Horde_iCalendar();
 		if (!$vcal->parsevCalendar($this->request, 'VCALENDAR', 'utf-8'))
 		{
-			throw new Exception('Bad Request: Failed parsing iCal', 400);
+			throw new Exception('Bad Request: invalid-calendar-data: Failed parsing iCal', 400);
 		}
 		$version = $vcal->getAttribute('VERSION');
 		$handler = new calendar_ical();
@@ -200,7 +254,7 @@ class ischedule_server extends groupdav
 			!($event = $handler->vevent2egw($vcal_comp, $version, $handler->supportedFields,
 				$principalURL='', $check_component='Horde_iCalendar_'.strtolower($component))))
 		{
-			throw new Exception('Bad Request: Failed converting iCal', 400);
+			throw new Exception('Bad Request: invalid-calendar-data: Failed converting iCal', 400);
 		}
 
 		// validate originator matches organizer or attendee
@@ -248,7 +302,7 @@ class ischedule_server extends groupdav
 				break;
 
 			default:
-				throw new exception('Not yet implemented!');
+				throw new Exception ('Bad Request: invalid-calendar-data-type: not implemented', 400);
 		}
 
 		$xml->endElement();	// schedule-response
@@ -346,12 +400,8 @@ class ischedule_server extends groupdav
 	/**
 	 * Validate DKIM signature
 	 *
-	 * For multivalued Recipient header(s): as PHP engine agregates them ", " separated,
+	 * For multivalued and multiple Recipient header(s): PHP engine agregates them ", " separated.
-	 * we can not tell these apart from ", " separated recipients in one header!
+	 * ischedule-relaxed canonisation takes care of that.
-	 *
-	 * Therefore we can only try to validate both situations.
-	 *
-	 * It will fail if multiple recipients in a single header are also ", " separated (just comma works fine).
 	 *
 	 * @param array $headers header-name in lowercase(!) as key
 	 * @param string $body
@@ -633,7 +683,7 @@ yXUKsIQVi3qPyPdB3QIDAQAB
 		return array_combine($matches[1], $matches[2]);
 	}
 
-	const SERIAL = '123';
+	const SERIAL = '124';
 
 	/**
 	 * Serve an iSchedule GET request, currently only action=capabilities
@@ -688,68 +738,74 @@ yXUKsIQVi3qPyPdB3QIDAQAB
 		{
 			error_log(__METHOD__."() invalid iSchedule request using GET without action=capabilities!");
 			header("HTTP/1.1 400 Bad Request");
+			echo "<h1>Invalid iSchedule request using GET without action=capabilities!</h1>\n";
 			return;
 		}
 
 		// generate capabilities
-		/*$xml = new XMLWriter;
+		$xml = new XMLWriter;
 		$xml->openMemory();
 		$xml->setIndent(true);
 		$xml->startDocument('1.0', 'UTF-8');
 		$xml->startElementNs(null, 'query-result', self::ISCHEDULE);
-		$xml->startElement('capability-set');
+		$xml->startElement('capabilities');
 
-		foreach(array(
+		$xml->writeElement('serial-number', self::SERIAL);
-			'versions' => array('version' => array('1.0')),
+
-			'scheduling-messages' => array(
+		$xml->startElement('versions');
-				'component' => array('.name' => array(
+		foreach(self::$supported_versions as $version)
-					'VEVENT' => array('method' => array('REQUEST', 'ADD', 'REPLY', 'CANCEL')),
-					'VTODO' => '',
-					'VFREEBUSY' => '',
-				)),
-			)
-		) as $name => $data)
 		{
-			$xml->writeElement($name, $data);
+			$xml->writeElement('version', $version);
+		}
+		$xml->endElement();	// versions
+
+		$xml->startElement('scheduling-messages');
+		foreach(self::$supported_components as $component => $methods)
+		{
+			$xml->startElement('component');
+			$xml->writeAttribute('name', $component);
+			foreach($methods as $method)
+			{
+				$xml->startElement('method');
+				$xml->writeAttribute('name', $method);
+				$xml->endElement();	// method
+			}
+			$xml->endElement();	// component
+		}
+		$xml->endElement();	// scheduling-messages
+
+		$xml->startElement('calendar-data-types');
+		foreach(self::$supported_calendar_data_types as $data)
+		{
+			$xml->startElement('calendar-data-type');
+			foreach($data as $name => $value)
+			{
+				$xml->writeAttribute($name, $value);
+			}
+			$xml->endElement();	// calendar-data-type
+		}
+		$xml->endElement();	// calendar-data-types
+
+		$xml->startElement('attachments');
+		foreach(self::$supported_attachments as $type)
+		{
+			$xml->writeElement($type, '');
+		}
+		$xml->endElement();	// attachments
+
+		if (!empty($GLOBALS['egw_info']['server']['admin_mails']))
+		{
+			self::$capablities['administrator'] = 'mailto:'.$GLOBALS['egw_info']['server']['admin_mails'];
+		}
+		foreach(self::$capablities as $name => $value)
+		{
+			$xml->writeElement($name, $value);
 		}
 
-		$xml->endElement();	// capability-set
+		$xml->endElement();	// capabilities
 		$xml->endElement();	// query-result
 		$xml->endDocument();
-		$capabilities = $xml->outputMemory();*/
+		$capabilities = $xml->outputMemory();
-
-		$capabilities = '<?xml version="1.0" encoding="utf-8" ?>
-  <query-result xmlns="urn:ietf:params:xml:ns:ischedule">
-    <capabilities>
-      <serial-number>'.self::SERIAL.'</serial-number>
-      <versions>
-        <version>1.0</version>
-      </versions>
-      <scheduling-messages>
-        <component name="VEVENT">
-          <method name="REQUEST"/>
-          <method name="ADD"/>
-          <method name="REPLY"/>
-          <method name="CANCEL"/>
-        </component>
-        <component name="VTODO"/>
-        <component name="VFREEBUSY"/>
-      </scheduling-messages>
-      <calendar-data-types>
-        <calendar-data-type content-type="text/calendar" version="2.0"/>
-      </calendar-data-types>
-      <attachments>
-        <inline/>
-        <external/>
-      </attachments>
-      <max-content-length>102400</max-content-length>
-      <min-date-time>19910101T000000Z</min-date-time>
-      <max-date-time>20381231T000000Z</max-date-time>
-      <max-instances>150</max-instances>
-      <max-recipients>250</max-recipients>
-      <administrator>mailto:ischedule-admin@example.com</administrator>
-    </capabilities>
-  </query-result>';
 
 		// returning capabilities
 		header('Content-Type: application/xml; charset=utf-8');

phpgwapi/inc/class.ldap.inc.php

@@ -124,6 +124,7 @@ class ldap
 	 * @param $passwd='' ldap pw, default $GLOBALS['egw_info']['server']['ldap_root_pw']
 	 * @return resource|boolean resource from ldap_connect() or false on error
 	 * @throws egw_exception_assertion_failed 'LDAP support unavailable!' (no ldap extension)
+	 * @throws egw_exception_no_permission "Can't connect/bind to LDAP server '$host' and dn='$dn'!"
 	 */
 	function ldapConnect($host='', $dn='', $passwd='')
 	{

phpgwapi/inc/class.links_stream_wrapper.inc.php

@@ -129,7 +129,8 @@ class links_stream_wrapper extends links_stream_wrapper_parent
 	 */
 	static function url_stat ( $url, $flags )
 	{
-		$eacl_check=self::check_extended_acl($url,egw_vfs::READABLE);
+		//$eacl_check=self::check_extended_acl($url,egw_vfs::READABLE);
+		$eacl_check=static::check_extended_acl($url,egw_vfs::READABLE);
 		if ( $eacl_check && substr($url,-7) == '/.entry' &&
 			(list($app) = array_slice(explode('/',$url),-3,1)) && $app === 'addressbook')
 		{

phpgwapi/inc/class.mime_magic.inc.php

@@ -99,7 +99,7 @@ class mime_magic
 	 */
 	public static function filename2mine($filename)
 	{
-		return $this->filename2mime($filename);
+		return self::filename2mime($filename);
 	}
 
 	/**

phpgwapi/inc/common_functions.inc.php

@@ -1438,7 +1438,7 @@ if (ini_get('register_globals'))
 	unregister_globals();
 }
 
-if (!function_exists('lang'))	// setup declares an own version
+if (!function_exists('lang') || defined('NO_LANG'))	// setup declares an own version
 {
 	/**
 	 * function to handle multilanguage support

phpgwapi/inc/functions.inc.php

@@ -27,7 +27,7 @@ if (function_exists('get_magic_quotes_runtime') && get_magic_quotes_runtime())
 	set_magic_quotes_runtime(false);
 }
 
-$egw_min_php_version = '5.2';
+$egw_min_php_version = '5.3';
 if (!function_exists('version_compare') || version_compare(PHP_VERSION,$egw_min_php_version) < 0)
 {
 	die("eGroupWare requires PHP $egw_min_php_version or greater.<br />Please contact your System Administrator to upgrade PHP!");

phpgwapi/ischedule.php

@@ -17,6 +17,8 @@
  * @link https://tools.ietf.org/html/draft-desruisseaux-ischedule-03 iSchedule draft from 2013-01-22
  */
 
+ini_set('zlib.output_compression',0);
+
 $GLOBALS['egw_info'] = array(
 	'flags' => array(
 		'noheader'  => True,

setup/inc/class.setup.inc.php

@@ -993,6 +993,12 @@ class setup
 		return true;
 	}
 
+	/**
+	 * Used to store and share password of user "anonymous" between calls to add_account from different app installs
+	 * @var unknown
+	 */
+	protected $anonpw;
+
 	/**
 	 * add an user account or a user group
 	 *
@@ -1005,14 +1011,21 @@ class setup
 	 * @param string/boolean $primary_group Groupname for users primary group or False for a group, default 'Default'
 	 * @param boolean $changepw user has right to change pw, default False = Pw change NOT allowed
 	 * @param string $email
+	 * @param string &$anonpw=null on return password for anonymous user
 	 * @return int the numerical user-id
 	 */
-	function add_account($username,$first,$last,$passwd,$primary_group='Default',$changepw=False,$email='')
+	function add_account($username,$first,$last,$passwd,$primary_group='Default',$changepw=False,$email='',&$anonpw=null)
 	{
 		$this->setup_account_object();
 
 		$primary_group_id = $primary_group ? $this->accounts->name2id($primary_group) : False;
 
+		if ($username == 'anonymous')
+		{
+			if (!isset($this->anonpw)) $this->anonpw = auth::randomstring(16);
+			$passwd = $anonpw = $this->anonpw;
+		}
+
 		if(!($accountid = $this->accounts->name2id($username)))
 		{
 			$account = array(

setup/inc/class.setup_process.inc.php

@@ -296,6 +296,7 @@ class setup_process
 		}
 
 		// so the default_records use the current data
+		$GLOBALS['egw_info']['server'] = array_merge((array)$GLOBALS['egw_info']['server'], $current_config);
 		$GLOBALS['egw_setup']->setup_account_object($current_config);
 	}