diff --git a/icalsrv.php b/icalsrv.php
index 0000347321..d69988c1e4 100644
--- a/icalsrv.php
+++ b/icalsrv.php
@@ -40,531 +40,516 @@
* @todo make code robust against xss attacke etc.
*/
- //-------- basic operation configuration variables ----------
+ //-------- basic operation configuration variables ----------
-$logdir = false; // set to false for no logging
-#$logdir = '/tmp'; // set to a valid (writable) directory to get log file generation
+ $logdir = False; // set to false for no logging
+ #$logdir = '/tmp'; // set to a valid (writable) directory to get log file generation
-// set to true for debug logging to errorlog
-#$isdebug = True;
-$isdebug = False;
+ // set to true for debug logging to errorlog
+ //$isdebug = True;
+ $isdebug = False;
-/** Disallow users to import in non owned calendars and infologs
- * @var boolean $disable_nonowner_import
- */
-$disable_nonowner_import = false;
+ /** Disallow users to import in non owned calendars and infologs
+ * @var boolean $disable_nonowner_import
+ */
+ $disable_nonowner_import = false;
-// icalsrv variant with session setup modeled after xmlrpc.php
+ // icalsrv variant with session setup modeled after xmlrpc.php
-$GLOBALS['egw_info'] = array();
-$GLOBALS['egw_info']['flags'] =
- array(
- 'currentapp' => 'login',
- 'noheader' => True,
+ //die(print_r($_COOKIE, true));
+ $icalsrv = array();
+
+ $GLOBALS['egw_info'] = array();
+ $GLOBALS['egw_info']['flags'] = array(
+ 'currentapp' => 'login',
+ 'noheader' => True,
+ 'nonavbar' => True,
'disable_Template_class' => True
- );
-include('header.inc.php');
+ );
+ include('header.inc.php');
-// silly for now but who knows...
-$GLOBALS['egw_info']['server']['icalsrv'] = true;
+ $ical_login = split('\@',$_SERVER['PHP_AUTH_USER']);
+ if($ical_login[1])
+ {
+ $ical_user = $ical_login[0];
+ $domain = $ical_login[1];
+ unset($ical_login);
+ }
+ else
+ {
+ $ical_user = $_SERVER['PHP_AUTH_USER'];
+ $domain = get_var('domain',array('COOKIE','GET'));
+ }
-/** Control and status of the icalsrv session setup
- * @bug icalsrv enabled checking is not yet working...
- * @var array $icalsrv
- */
-$icalsrv = array();
+ $sessionid = get_var('sessionid',array('COOKIE','GET'));
+ $kp3 = get_var('kp3',array('COOKIE','GET'));
+ $domain = $domain ? $domain : $GLOBALS['egw_info']['server']['default_domain'];
-// Somehow check if icalsrv is enabled none of the 2 ways works yet..
-// either via 1:
-$icalsrv['enabled'] = isset($GLOBALS['egw_info']['user']['apps']['icalsrv']);
-// or via 2: the configdata
-$c =& CreateObject('phpgwapi.config','icalsrv');
-$c->read_repository();
-$config =& $c->config_data;
-unset($c);
-$icalsrv['enabled'] = $config['icalsrv_enabled'];
+ $icalsrv['session_ok'] = $GLOBALS['egw']->session->verify($sessionid,$kp3);
+ if($icalsrv['session_ok'])
+ {
+ $icalsrv['authed'] = True;
+ }
-// or via 3: force it! Yes this works :-)
-$icalsrv['enabled'] = true;
+ if(!$icalsrv['session_ok'] && isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']))
+ {
+ $icalsrv['authed'] = $GLOBALS['egw']->session->create($ical_user . '@' . $domain, $_SERVER['PHP_AUTH_PW'], 'text');
+ }
+ if($icalsrv['authed'])
+ {
+ $icalsrv['session_ok'] = True;
+ // This may not even be necessary:
+ $GLOBALS['egw_info']['flags']['currentapp'] = 'icalsrv';
+ }
-if(!$icalsrv['enabled']) {
- fail_exit('IcalSRV not enabled','403');
- }
-
-// now check if we have a session there (according to cookie and auth)
-// define this function ourselves if not there..
-if(!function_exists('getallheaders')) {
- function getallheaders(){
- settype($headers,'array');
- foreach($_SERVER as $h => $v) {
- if(ereg('HTTP_(.+)',$h,$hp)){
- $headers[$hp[1]] = $v;
+ // bad session or bad authentication so please re-authenticate..
+ if(!($icalsrv['session_ok'] && $icalsrv['authed']))
+ {
+ if($isdebug)
+ {
+ error_log('line ' . __LINE__ . ': Session: '. $icalsrv['session_ok'] . ', Authed: ' . $icalsrv['authed']);
}
- }
- return $headers;
+ header('WWW-Authenticate: Basic realm="ICal Server"');
+ header('HTTP/1.1 401 Unauthorized');
+ exit;
}
- }
-$headers = getallheaders();
-$auth_header = $headers['Authorization']
- ? $headers['Authorization'] : $headers['authorization'];
-if(eregi('Basic *([^ ]*)',$auth_header,$auth)) {
- list($sessionid,$kp3) = explode(':',base64_decode($auth[1]));
- // echo "auth='$auth[1]', sessionid='$sessionid', kp3='$kp3'\n";
- } else {
- $sessionid = get_var('sessionid',array('COOKIE','GET'));
- $kp3 = get_var('kp3',array('COOKIE','GET'));
- }
-if($icalsrv['session_ok'] = $GLOBALS['egw']->session->verify($sessionid,$kp3)){
- $s_user_id = $GLOBALS['egw_info']['user']['account_id'];
- // check if the new user is the one from the session
- $a_user_id = $GLOBALS['egw']->accounts->name2id($_SERVER['PHP_AUTH_USER']);
- if( !($a_user_id == $s_user_id)){
- $icalsrv['session_ok'] = false;
- }
- } else {
- if($isdebug)
- error_log('NO OLD SESSION');
- }
+ /* Moved after the auth header send. It is normal to save this check until now, similar to how simple eGroupWare access control works for a browser login. (Milosch) */
+ if(!@isset($GLOBALS['egw_info']['user']['apps']['icalsrv']))
+ {
+ fail_exit('IcalSRV not enabled','403');
+ }
+
+ // Ok! We have a session and access to icalsrv!
+
+ // now set the variables that will control the working mode of icalvircal
+ // the defines are in the egwical_resourcehandler sourcefile
+ require_once EGW_SERVER_ROOT. '/egwical/inc/class.egwical_resourcehandler.inc.php' ;
+
+ /** uid mapping export configuration switch
+ * @var int
+ * Parameter that determines, a the time of export from Egw (aka dowload by client), how
+ * ical elements (like VEVENT's) get their uid fields filled, from data in
+ * the related Egroupware element.
+ * See further in @ref secuidmapping in the egwical_resourcehandler documentation.
+ */
+ $uid_export_mode = UMM_ID2UID;
+
+ /** uid mapping import configuration switch
+ * @var int
+ * Parameter that determines, at the time of import into Egw (aka publish by client), how
+ * ical elements (like VEVENT's) will find, based on their uid fields, related egw
+ * elements, that are then updated with the ical info.
+ * See further in @ref secuidmapping in the egwical_resourcehandler documentation.
+ */
+ $uid_import_mode = UMM_UID2ID;
+
+ /**
+ * @section secisuidmapping Basic Possible settings of UID to ID mapping.
+ *
+ * @warning the default setting in icalsrv.php is one of the 3 basic uid mapping modes:
+ * #The standard mode that allows a published client calendar to add new events and todos
+ * to the egw calendar, and allows to update already before published (to egw) and
+ * at least once downloaded (from egw) events and todos.
+ * .
+ * setting:
$uid_export_mode = UMM_ID2UID; $uid_import_mode = UMM_UID2ID;
(default)
+ * #The fool proof mode that will prevent accidental change or deletion of existing
+ * egw events or todos. Note that the price to pay is duplication on republishing or
+ * re-download!
+ * .
+ * setting: $uid_export_mode = UMM_NEWUID; $uid_import_mode = UMM_NEWID;
(discouraged)
+ * #The flaky sync mode that in principle would make each event and todo recognizable by
+ * both the client and egw at each moment. In this mode a once given uid field is both used
+ * in the client and in egw. Unfortunately there are quite some problems with this, making it
+ * very unreliable to use!
+ * .
+ * setting: $uid_export_mode = UMM_UID2UID; $uid_import_mode = UMM_UID2UID;
(discouraged!)
+ */
+
+ /** allow elements gone(deleted) in egw to be imported again from client
+ * @var boolean $reimport_missing_elements
+ */
+ $reimport_missing_elements = true;
+
+
+ //-------- end of basic operation configuration variables ----------
+
+
+ #error_log('_SERVER:' . print_r($_SERVER, true));
+
+
+ // go parse our request uri
+ $requri = $_SERVER['REQUEST_URI'];
+ $reqpath= $_SERVER['PATH_INFO'];
+ $reqagent = $_SERVER['HTTP_USER_AGENT'];
+
+ # maybe later also do something with content_type?
+ # if(!empty($_SERVER['CONTENT_TYPE'])) {
+ # if(strpos($_SERVER['CONTENT_TYPE'], 'application/vnd....+xml') !== false) {
+ # ical/ics ???
+
+
+ // ex1: $requri='egroupware/icalsrv.php/demouser/todos.ics'
+ // then $reqpath='/demouser/todos.ics'
+ // $rvc_owner='demouser'
+ // $rvc_basename='/todos.ics'
+ // ex2:or $recuri ='egroupware/icalsrv.php/uk/holidays.ics'
+ // then $reqpath='/uk/holidays.ics'
+ // $rvc_owner = null; // unset
+ // $rvc_basename=null; // unset
+ // ex3: $requri='egroupware/icalsrv.php/demouser/todos?pw=mypw01'
+ // then $reqpath='/demouser/todos.ics'
+ // $rvc_owner='demouser'
+ // $rvc_basename='/todos.ics'
+ // $_GET['pw'] = 'mypw01'
+
+ // S-- parse the $reqpath to get $reqvircal names
+ unset($reqvircal_owner);
+ unset($reqvircal_owner_id);
+ unset($reqvircal_basename);
+
+ if(empty($_SERVER['PATH_INFO']))
+ {
+ // no specific calendar requested, so do default.ics
+ $reqvircal_pathname = '/default.ics';
+
+ // try owner + base for a personal vircal request
+ }
+ elseif(preg_match('#^/([\w]+)(/[^<^>^?]+)$#', $_SERVER['PATH_INFO'], $matches))
+ {
+ $reqvircal_pathname = $matches[0];
+ $reqvircal_owner = $matches[1];
+ $reqvircal_basename = $matches[2];
+
+ if(!$reqvircal_owner_id = $GLOBALS['egw']->accounts->name2id($reqvircal_owner))
+ {
+ // owner is unknown, so forget about personal calendar
+
+ unset($reqvircal_owner);
+ unset($reqvircal_basename);
+ }
+
+ // check for decent non personal path
+ }
+ elseif(preg_match('#^(/[^<^>]+)$#', $_SERVER['PATH_INFO'], $matches))
+ {
+ $reqvircal_pathname = $matches[0];
+
+ // just default to standard path
+ }
+ else
+ {
+ $reqvircal_pathname = 'default.ics';
+ }
-if (!$icalsrv['session_ok'] and isset($_SERVER['PHP_AUTH_USER'])
- and isset($_SERVER['PHP_AUTH_PW'])) {
- // $login = $_SERVER['PHP_AUTH_USER'];
- // $domain = 'default';
- // check for a possible valid login domain present as parameter
- if(isset($_GET['domain'])){
- $domain = $_GET['domain'];
- }else{
- $domain = $GLOBALS['egw_info']['server']['default_domain'];
- }
- if(!array_key_exists($domain, $GLOBALS['egw_domain'])){
- error_log('icalsrv.php: login, invalid domain:' .$domain);
- } else {
- $userlogin = $_SERVER['PHP_AUTH_USER'] . '@' . $domain;
if($isdebug)
- error_log('TRY NEW SESSION FOR login:' . $userlogin);
+ {
+ error_log('http-user-agent:' . $reqagent
+ . ',pathinfo:' . $reqpath . ',rvc_pathname:' . $reqvircal_pathname
+ . ',rvc_owner:' . $reqvircal_owner . ',rvc_owner_id:' . $reqvircal_owner_id
+ . ',rvc_basename:' . $reqvircal_basename);
+ }
+ // S1A search for the requested calendar in the vircal_ardb's
+ if(is_numeric($reqvircal_owner_id))
+ {
+ // check if the requested personal calender is provided by the owner..
- $sess_id = $GLOBALS['egw']->session->create($userlogin, $_SERVER['PHP_AUTH_PW'],
- 'text');
- }
- if ($sess_id) {
- $icalsrv['session_ok'] = true;
- $GLOBALS['egw_info']['user']['account_id'] = $sess_id->account_id;
- }
- }
+ /**
+ * @todo 1. create somehow the list of available personal vircal arstores
+ * note: this should be done via preferences and read repository, but how....
+ * I have to find out and write it...
+ */
-if($icalsrv['session_ok']){
- $icalsrv['authed'] = $GLOBALS['egw']->auth->authenticate($_SERVER['PHP_AUTH_USER'],
- $_SERVER['PHP_AUTH_PW']);
- }
+ // find personal database of (array stored) virtual calendars
+ $cnmsg = 'calendar [' . $reqvircal_basename . '] for user [' . $reqvircal_owner . ']';
+ $vo_personal_vircal_ardb =& CreateObject('icalsrv.personal_vircal_ardb', $reqvircal_owner_id);
+ if(!(is_object($vo_personal_vircal_ardb)))
+ {
+ error_log('icalsrv.php: couldnot create personal vircal_ardb for user:' . $reqvircal_owner);
+ fail_exit('could not access' . $cnmsg, '403');
+ }
-// bad session or bad authentication so please re-authenticate..
-if (!($icalsrv['session_ok'] && $icalsrv['authed'])) {
- header('WWW-Authenticate: Basic realm="ICal Server"');
- header('HTTP/1.1 401 Unauthorized');
- exit;
- }
+ // check if a //list.html is requested
+ if($reqvircal_basename == '/list.html')
+ {
+ echo $vo_personal_vircal_ardb->listing(1);
+ $GLOBALS['egw']->common->egw_exit();
+ }
+
+ error_log('vo_personal_vircal_ardb:' . print_r($vo_personal_vircal_ardb->calendars, true));
+
+ // search our calendar in personal vircal database
+ if(!($vircal_arstore = $vo_personal_vircal_ardb->calendars[$reqvircal_basename]))
+ {
+ error_log('icalsrv.php: ' . $cnmsg . ' not found.');
+ fail_exit($cnmsg . ' not found.' , '404');
+ }
+ // oke we have a valid personal vircal in array_storage format!
+ }
+ else
+ {
+ // check if the requested system calender is provided by system
+ $cnmsg = 'system calendar [' . $reqvircal_pathname . ']';
+ /**
+ * @todo 1. create somehow the list of available system vircal
+ * arstores note: this should be done via preferences and read
+ * repository, but how.... I have to find out
+ */
+
+ // find system database of (array stored) virtual calendars
+ $system_vircal_ardb = CreateObject('icalsrv.system_vircal_ardb');
+ if(!(is_object($system_vircal_ardb)))
+ {
+ error_log('icalsrv.php: couldnot create system vircal_ardb');
+ fail_exit('couldnot access ' . $cnmsg, '403');
+ }
+
+ // check if a /list.html is requested
+ if($reqvircal_pathname == '/list.html')
+ {
+ echo $system_vircal_ardb->listing(1);
+ $GLOBALS['egw']->common->egw_exit();
+ }
+
+ // search our calendar in system vircal database
+ if(!($vircal_arstore = $system_vircal_ardb->calendars[$reqvircal_pathname]))
+ {
+ fail_exit($cnmsg . ' not found', '404');
+ }
+ // oke we have a valid system vircal in array_storage format!
+ }
+ //die(print_r($_COOKIE,true). " in ". __FILE__.", line ".__LINE__);
+ if($isdebug)
+ {
+ error_log('vircal_arstore:' . print_r($vircal_arstore, true));
+ }
+
+ // build a virtual calendar with ical facilities from the found vircal
+ // array_storage data
+ $icalvc =& CreateObject('icalsrv.icalvircal');
+ if(! $icalvc->fromArray($vircal_arstore))
+ {
+ error_log('icalsrv.php: ' . $cnmsg . ' couldnot restore from repository.' );
+ fail_exit($cnmsg . ' internal problem ' , '403');
+ }
+
+ // YES: $icalvc created ok! acces rights needs to be checked though!
+
+ // HACK: ATM basic auth is always needed!! (JVL) ,so we force icalvc into it
+ $icalvc->auth = ':basic';
-// oke we have a session!
+ // check if the virtual calendar demands authentication
+ if(strpos($icalvc->auth,'none') !== false)
+ {
+ // no authentication demanded so continue
+ }
+ elseif(strpos($icalvc->auth,'basic') !== false)
+ {
+ //basic http authentication demanded
+ //so exit on non authenticated http request
-// now set the variables that will control the working mode of icalvircal
-// the defines are in the egwical_resourcehandler sourcefile
-require_once EGW_SERVER_ROOT. '/egwical/inc/class.egwical_resourcehandler.inc.php' ;
+ //-- As we atm only allow authenticated users the
+ // actions in the next lines are already done at the begining
+ // of this file --
+ // if((!isset($_SERVER['PHP_AUTH_USER'])) ||
+ // (!$GLOBALS['egw']->auth->authenticate($_SERVER['PHP_AUTH_USER'],
+ // $_SERVER['PHP_AUTH_PW']))) {
+ // if($isdebug)
+ // error_log('SESSION IS SETUP, BUT AUTHENTICATE FAILED'.$_SERVER['PHP_AUTH_USER'] );
+ // header('WWW-Authenticate: Basic realm="ICal Server"');
+ // header('HTTP/1.1 401 Unauthorized');
+ // exit;
+ // }
-/** uid mapping export configuration switch
- * @var int
- * Parameter that determines, a the time of export from Egw (aka dowload by client), how
- * ical elements (like VEVENT's) get their uid fields filled, from data in
- * the related Egroupware element.
- * See further in @ref secuidmapping in the egwical_resourcehandler documentation.
- */
-$uid_export_mode = UMM_ID2UID;
-
-/** uid mapping import configuration switch
- * @var int
- * Parameter that determines, at the time of import into Egw (aka publish by client), how
- * ical elements (like VEVENT's) will find, based on their uid fields, related egw
- * elements, that are then updated with the ical info.
- * See further in @ref secuidmapping in the egwical_resourcehandler documentation.
- */
-$uid_import_mode = UMM_UID2ID;
-
-/**
- * @section secisuidmapping Basic Possible settings of UID to ID mapping.
- *
- * @warning the default setting in icalsrv.php is one of the 3 basic uid mapping modes:
- * #The standard mode that allows a published client calendar to add new events and todos
- * to the egw calendar, and allows to update already before published (to egw) and
- * at least once downloaded (from egw) events and todos.
- * .
- * setting: $uid_export_mode = UMM_ID2UID; $uid_import_mode = UMM_UID2ID;
(default)
- * #The fool proof mode that will prevent accidental change or deletion of existing
- * egw events or todos. Note that the price to pay is duplication on republishing or
- * re-download!
- * .
- * setting: $uid_export_mode = UMM_NEWUID; $uid_import_mode = UMM_NEWID;
(discouraged)
- * #The flaky sync mode that in principle would make each event and todo recognizable by
- * both the client and egw at each moment. In this mode a once given uid field is both used
- * in the client and in egw. Unfortunately there are quite some problems with this, making it
- * very unreliable to use!
- * .
- * setting: $uid_export_mode = UMM_UID2UID; $uid_import_mode = UMM_UID2UID;
(discouraged!)
- */
-
-/** allow elements gone(deleted) in egw to be imported again from client
- * @var boolean $reimport_missing_elements
- */
-$reimport_missing_elements = true;
-
-
-//-------- end of basic operation configuration variables ----------
-
-
-#error_log('_SERVER:' . print_r($_SERVER, true));
-
-
-// go parse our request uri
-$requri = $_SERVER['REQUEST_URI'];
-$reqpath= $_SERVER['PATH_INFO'];
-$reqagent = $_SERVER['HTTP_USER_AGENT'];
-
-# maybe later also do something with content_type?
-# if (!empty($_SERVER['CONTENT_TYPE'])) {
-# if (strpos($_SERVER['CONTENT_TYPE'], 'application/vnd....+xml') !== false) {
-# ical/ics ???
-
-
-// ex1: $requri='egroupware/icalsrv.php/demouser/todos.ics'
-// then $reqpath='/demouser/todos.ics'
-// $rvc_owner='demouser'
-// $rvc_basename='/todos.ics'
-// ex2:or $recuri ='egroupware/icalsrv.php/uk/holidays.ics'
-// then $reqpath='/uk/holidays.ics'
-// $rvc_owner = null; // unset
-// $rvc_basename=null; // unset
-// ex3: $requri='egroupware/icalsrv.php/demouser/todos?pw=mypw01'
-// then $reqpath='/demouser/todos.ics'
-// $rvc_owner='demouser'
-// $rvc_basename='/todos.ics'
-// $_GET['pw'] = 'mypw01'
-
-// S-- parse the $reqpath to get $reqvircal names
-unset($reqvircal_owner);
-unset($reqvircal_owner_id);
-unset($reqvircal_basename);
-
-if(empty($_SERVER['PATH_INFO'])){
- // no specific calendar requested, so do default.ics
- $reqvircal_pathname = '/default.ics';
-
- // try owner + base for a personal vircal request
- } elseif (preg_match('#^/([\w]+)(/[^<^>^?]+)$#', $_SERVER['PATH_INFO'], $matches)){
- $reqvircal_pathname = $matches[0];
- $reqvircal_owner = $matches[1];
- $reqvircal_basename = $matches[2];
-
- if(!$reqvircal_owner_id = $GLOBALS['egw']->accounts->name2id($reqvircal_owner)){
- // owner is unknown, so forget about personal calendar
-
- unset($reqvircal_owner);
- unset($reqvircal_basename);
- }
-
- // check for decent non personal path
- } elseif (preg_match('#^(/[^<^>]+)$#', $_SERVER['PATH_INFO'], $matches)){
- $reqvircal_pathname = $matches[0];
-
- // just default to standard path
- } else {
- $reqvircal_pathname = 'default.ics';
- }
-
-
-if($isdebug)
- error_log('http-user-agent:' . $reqagent .
- ',pathinfo:' . $reqpath . ',rvc_pathname:' . $reqvircal_pathname .
- ',rvc_owner:' . $reqvircal_owner . ',rvc_owner_id:' . $reqvircal_owner_id .
- ',rvc_basename:' . $reqvircal_basename);
-
-// S1A search for the requested calendar in the vircal_ardb's
-if(is_numeric($reqvircal_owner_id)){
- // check if the requested personal calender is provided by the owner..
-
- /**
- * @todo 1. create somehow the list of available personal vircal arstores
- * note: this should be done via preferences and read repository, but how....
- * I have to find out and write it...
- */
-
- // find personal database of (array stored) virtual calendars
- $cnmsg = 'calendar [' . $reqvircal_basename . '] for user [' . $reqvircal_owner . ']';
- $vo_personal_vircal_ardb =& CreateObject('icalsrv.personal_vircal_ardb', $reqvircal_owner_id);
- if(!(is_object($vo_personal_vircal_ardb))){
- error_log('icalsrv.php: couldnot create personal vircal_ardb for user:' . $reqvircal_owner);
- fail_exit('couldnot access' . $cnmsg, '403');
- }
-
- // check if a //list.html is requested
- if ($reqvircal_basename == '/list.html'){
- echo $vo_personal_vircal_ardb->listing(1);
- $GLOBALS['egw']->common->egw_exit();
- }
-
-# error_log('vo_personal_vircal_ardb:' . print_r($vo_personal_vircal_ardb->calendars, true));
-
- // search our calendar in personal vircal database
- if(!($vircal_arstore = $vo_personal_vircal_ardb->calendars[$reqvircal_basename])){
- error_log('icalsrv.php: ' . $cnmsg . ' not found.');
- fail_exit($cnmsg . ' not found.' , '404');
- }
- // oke we have a valid personal vircal in array_storage format!
-
- } else {
- // check if the requested system calender is provided by system
- $cnmsg = 'system calendar [' . $reqvircal_pathname . ']';
- /**
- * @todo 1. create somehow the list of available system vircal
- * arstores note: this should be done via preferences and read
- * repository, but how.... I have to find out
- */
-
- // find system database of (array stored) virtual calendars
- $system_vircal_ardb = CreateObject('icalsrv.system_vircal_ardb');
- if(!(is_object($system_vircal_ardb))){
- error_log('icalsrv.php: couldnot create system vircal_ardb');
- fail_exit('couldnot access ' . $cnmsg, '403');
- }
-
- // check if a /list.html is requested
- if ($reqvircal_pathname == '/list.html'){
- echo $system_vircal_ardb->listing(1);
- $GLOBALS['egw']->common->egw_exit();
- }
-
- // search our calendar in system vircal database
- if(!($vircal_arstore = $system_vircal_ardb->calendars[$reqvircal_pathname])){
- fail_exit($cnmsg . ' not found', '404');
- }
- // oke we have a valid system vircal in array_storage format!
-
- }
-if($isdebug)
- error_log('vircal_arstore:' . print_r($vircal_arstore, true));
-
-// build a virtual calendar with ical facilities from the found vircal
-// array_storage data
-$icalvc =& CreateObject('icalsrv.icalvircal');
-if(! $icalvc->fromArray($vircal_arstore)){
- error_log('icalsrv.php: ' . $cnmsg . ' couldnot restore from repository.' );
- fail_exit($cnmsg . ' internal problem ' , '403');
- }
-
-// YES: $icalvc created ok! acces rights needs to be checked though!
-
-// HACK: ATM basic auth is always needed!! (JVL) ,so we force icalvc into it
-$icalvc->auth = ':basic';
-
-
-// check if the virtual calendar demands authentication
-if(strpos($icalvc->auth,'none') !== false){
- // no authentication demanded so continue
-
- } elseif(strpos($icalvc->auth,'basic') !== false){
- //basic http authentication demanded
- //so exit on non authenticated http request
-
- //-- As we atm only allow authenticated users the
- // actions in the next lines are already done at the begining
- // of this file --
-// if ((!isset($_SERVER['PHP_AUTH_USER'])) ||
-// (!$GLOBALS['egw']->auth->authenticate($_SERVER['PHP_AUTH_USER'],
-// $_SERVER['PHP_AUTH_PW']))) {
-// if($isdebug)
-// error_log('SESSION IS SETUP, BUT AUTHENTICATE FAILED'.$_SERVER['PHP_AUTH_USER'] );
-// header('WWW-Authenticate: Basic realm="ICal Server"');
-// header('HTTP/1.1 401 Unauthorized');
-// exit;
-// }
-
-// // else, use the active basic authentication to set preferences
-// $user_id = $GLOBALS['egw']->accounts->name2id($_SERVER['PHP_AUTH_USER']);
-// $GLOBALS['egw_info']['user']['account_id'] = $user_id;
-// error_log(' ACCOUNT SETUP FOR'
-// . $GLOBALS['egw_info']['user']['account_id']);
-
-
- } elseif(strpos($icalvc->auth,'ssl') !== false){
- // ssl demanded, check if we are in https authenticated connection
- // if not redirect to https
- error_log('icalsrv.php:' . $cnmsg . ' demands secure connection');
- fail_exit($cnmsg . ' demands secure connection: please use https', '403');
-
- } else {
- error_log('*** icalsrv.php:' . $cnmsg . ' requires unknown authentication method:'
+ // // else, use the active basic authentication to set preferences
+ // $user_id = $GLOBALS['egw']->accounts->name2id($_SERVER['PHP_AUTH_USER']);
+ // $GLOBALS['egw_info']['user']['account_id'] = $user_id;
+ // error_log(' ACCOUNT SETUP FOR'
+ // . $GLOBALS['egw_info']['user']['account_id']);
+ }
+ elseif(strpos($icalvc->auth,'ssl') !== false)
+ {
+ // ssl demanded, check if we are in https authenticated connection
+ // if not redirect to https
+ error_log('icalsrv.php:' . $cnmsg . ' demands secure connection');
+ fail_exit($cnmsg . ' demands secure connection: please use https', '403');
+ }
+ else
+ {
+ error_log('*** icalsrv.php:' . $cnmsg . ' requires unknown authentication method:'
. $icalcv->auth);
- fail_exit($cnmsg . ' demands unavailable authentication method:'
- . $icalcv->auth, '403');
- }
-
-
-/**
- * @todo this extra password checkin should, at least for logged-in users,
- * better be incorporated in the ACL checkings. At some time...
- */
-// check if an extra password is needed too
-if(strpos($icalvc->auth,'passw') !== false){
- //extra parameter password authentication demanded
- //so exit if pw parameter is not valid
- if ((!isset($_GET['password'])) ||
- (!$icalvc->pw !== $_GET['password']) ) {
- error_log('icalsrv.php:' . $cnmsg . ' demands extra password parameter');
- fail_exit($cnmsg . ' demands extra password parameter', '403');
- }
- }
-
-// now we are authenticated enough
-// go setup import and export mode in our ical virtual calendar
-
-$icalvc->uid_mapping_export = $uid_export_mode;
-$icalvc->uid_mapping_import = $uid_import_mode;
-$icalvc->reimport_missing_elements = $reimport_missing_elements;
-$logmsg = "";
-
-// oke now process the actual import or export to/from icalvc..
-if ($_SERVER['REQUEST_METHOD'] == 'PUT') {
- // *** PUT Request so do an Import *************
-
- if($isdebug)
- error_log('icalsrv.php: importing, by user:' .$GLOBALS['egw_info']['user']['account_id']
- . ' for virtual calendar of: ' . $reqvircal_owner_id);
- // check if importing in not owned calendars is disabled
- if($reqvircal_owner_id
- && ($GLOBALS['egw_info']['user']['account_id'] !== $reqvircal_owner_id)){
- if($disable_nonowner_import){
- error_log('icalsrv.php: importing in non owner calendars currently disabled');
- fail_exit('importing in non owner calendars currently disabled', '403');
- }
- }
- if(isset($reqvircal_owner_id) && ($reqvircal_owner_id < 0)){
- error_log('icalsrv.php: importing in group calendars not allowed');
- fail_exit('importing in groupcalendars is not allowed', '403');
- }
-
- // I0 read the payload
- $logmsg = 'IMPORTING in '. $importMode . ' mode';
- $fpput = fopen("php://input", "r");
- $vcalstr = "";
- while ($data = fread($fpput, 1024)){
- $vcalstr .= $data;
- }
- fclose($fpput);
-
- // import the icaldata into the virtual calendar
- // note: ProductType is auto derived from $vcalstr
- $import_table =& $icalvc->import_vcal($vcalstr);
-
- // count the successes..
- if ($import_table === false) {
- $msg = 'icalsrv.php: importing '. $cnmsg . ' ERRORS';
- fail_exit($msg,'403');
- } else {
- $logmsg .= "\n imported " . $cnmsg . ' : ';
- foreach ($import_table as $rsc_class => $vids){
- $logmsg .= "\n resource: " . $rsc_class . ' : ' . count($vids) .' elements OK';
+ fail_exit($cnmsg . ' demands unavailable authentication method:'
+ . $icalcv->auth, '403');
}
- }
- // DONE importing
- if($logdir) log_ical($logmsg,"import",$vcalstr);
- // handle response ...
- $GLOBALS['egw']->common->egw_exit();
+ /**
+ * @todo this extra password checkin should, at least for logged-in users,
+ * better be incorporated in the ACL checkings. At some time...
+ */
+ // check if an extra password is needed too
+ if(strpos($icalvc->auth,'passw') !== false)
+ {
+ //extra parameter password authentication demanded
+ //so exit if pw parameter is not valid
+ if((!isset($_GET['password'])) ||
+ (!$icalvc->pw !== $_GET['password']))
+ {
+ error_log('icalsrv.php:' . $cnmsg . ' demands extra password parameter');
+ fail_exit($cnmsg . ' demands extra password parameter', '403');
+ }
+ }
- } else {
+ // now we are authenticated enough
+ // go setup import and export mode in our ical virtual calendar
- // *** GET (or POST?) Request so do an export
- $logmsg = 'EXPORTING';
- // derive a ProductType from our http Agent and set it in icalvc
- $icalvc->deviceType = egwical_resourcehandler::httpUserAgent2deviceType($reqagent);
+ $icalvc->uid_mapping_export = $uid_export_mode;
+ $icalvc->uid_mapping_import = $uid_import_mode;
+ $icalvc->reimport_missing_elements = $reimport_missing_elements;
+ $logmsg = "";
- // export the data from the virtual calendar
- $vcalstr = $icalvc->export_vcal();
+ // oke now process the actual import or export to/from icalvc..
+ if($_SERVER['REQUEST_METHOD'] == 'PUT')
+ {
+ // *** PUT Request so do an Import *************
- // handle response
- if ($vcalstr === false) {
- $msg = 'icalsrv.php: exporting '. $cnmsg . ' ERRORS';
- fail_exit($msg,'403');
- } else {
- $logmsg .= "\n exported " . $cnmsg ." : OK ";
- }
- // DONE exporting
+ if($isdebug)
+ {
+ error_log('icalsrv.php: importing, by user:' .$GLOBALS['egw_info']['user']['account_id']
+ . ' for virtual calendar of: ' . $reqvircal_owner_id);
+ }
+ // check if importing in not owned calendars is disabled
+ if($reqvircal_owner_id
+ && ($GLOBALS['egw_info']['user']['account_id'] !== $reqvircal_owner_id))
+ {
+ if($disable_nonowner_import)
+ {
+ error_log('icalsrv.php: importing in non owner calendars currently disabled');
+ fail_exit('importing in non owner calendars currently disabled', '403');
+ }
+ }
+ if(isset($reqvircal_owner_id) && ($reqvircal_owner_id < 0))
+ {
+ error_log('icalsrv.php: importing in group calendars not allowed');
+ fail_exit('importing in groupcalendars is not allowed', '403');
+ }
- if($logdir) log_ical($logmsg,"export",$vcalstr);
- // handle response ...
- $content_type = egwical_resourcehandler::deviceType2contentType($icalvc->deviceType);
- if($content_type){
- header($content_type);
- }
- echo $vcalstr;
- $GLOBALS['egw']->common->egw_exit();
-
- }
+ // I0 read the payload
+ $logmsg = 'IMPORTING in '. $importMode . ' mode';
+ $fpput = fopen("php://input", "r");
+ $vcalstr = "";
+ while($data = fread($fpput, 1024))
+ {
+ $vcalstr .= $data;
+ }
+ fclose($fpput);
+ // import the icaldata into the virtual calendar
+ // note: ProductType is auto derived from $vcalstr
+ $import_table =& $icalvc->import_vcal($vcalstr);
+ // count the successes..
+ if($import_table === false)
+ {
+ $msg = 'icalsrv.php: importing '. $cnmsg . ' ERRORS';
+ fail_exit($msg,'403');
+ }
+ else
+ {
+ $logmsg .= "\n imported " . $cnmsg . ' : ';
+ foreach($import_table as $rsc_class => $vids)
+ {
+ $logmsg .= "\n resource: " . $rsc_class . ' : ' . count($vids) .' elements OK';
+ }
+ }
+ // DONE importing
+ if($logdir)
+ {
+ log_ical($logmsg,"import",$vcalstr);
+ }
-// // --- SOME UTILITY FUNCTIONS -------
+ // handle response ...
+ $GLOBALS['egw']->common->egw_exit();
+ }
+ else
+ {
+ // *** GET (or POST?) Request so do an export
+ $logmsg = 'EXPORTING';
+ // derive a ProductType from our http Agent and set it in icalvc
+ $icalvc->deviceType = egwical_resourcehandler::httpUserAgent2deviceType($reqagent);
-/**
- * Exit with an error message in html
- * @param $msg string
- * message that gets return as html error description
- */
-function fail_exit($msg, $errno = '403')
-{
- // log the error in the http server error logging files
- error_log('resp: ' . $errno . ' ' . $msg);
- // return http error $errno can this be done this way?
- header('HTTP/1.1 '. $errno . ' ' . $msg);
-# header('HTTP/1.1 403 ' . $msg);
- $GLOBALS['egw']->common->egw_exit();
-}
+ // export the data from the virtual calendar
+ $vcalstr = $icalvc->export_vcal();
+ // handle response
+ if($vcalstr === false)
+ {
+ $msg = 'icalsrv.php: exporting '. $cnmsg . ' ERRORS';
+ fail_exit($msg,'403');
+ }
+ else
+ {
+ $logmsg .= "\n exported " . $cnmsg ." : OK ";
+ }
+ // DONE exporting
+ if($logdir) log_ical($logmsg,"export",$vcalstr);
+ // handle response ...
+ $content_type = egwical_resourcehandler::deviceType2contentType($icalvc->deviceType);
+ if($content_type)
+ {
+ header($content_type);
+ }
+ echo $vcalstr;
+ $GLOBALS['egw']->common->egw_exit();
+ }
+ // // --- SOME UTILITY FUNCTIONS -------
-/*
- * Log info and data to logfiles if logging is set
- *
- * @param $msg string with loginfo
- * @param $data data to be logged
- * @param $icalmethod $string value can be import or export
- * @global $logdir string/boolean log directory. Set to false to disab logging
- */
-function log_ical($msg,$icalmethod="data",$data)
-{
- global $logdir;
- if (!$logdir) return; // loggin seems off
+ /**
+ * Exit with an error message in html
+ * @param $msg string
+ * message that gets return as html error description
+ */
+ function fail_exit($msg, $errno = '403')
+ {
+ // log the error in the http server error logging files
+ error_log('resp: ' . $errno . ' ' . $msg);
+ // return http error $errno can this be done this way?
+ header('HTTP/1.1 '. $errno . ' ' . $msg);
+ # header('HTTP/1.1 403 ' . $msg);
+ $GLOBALS['egw']->common->egw_exit();
+ }
- // some info used for logging
- $logstamp = date("U");
- $loguser = $_SERVER['PHP_AUTH_USER'];
- $logdate = date("Ymd:His");
- // filename for log info, only used when logging is on
- $fnloginfo = "$logdir/ical.log";
+ /*
+ * Log info and data to logfiles if logging is set
+ *
+ * @param $msg string with loginfo
+ * @param $data data to be logged
+ * @param $icalmethod $string value can be import or export
+ * @global $logdir string/boolean log directory. Set to false to disab logging
+ */
+ function log_ical($msg,$icalmethod="data",$data)
+ {
+ global $logdir;
+ if(!$logdir) return; // loggin seems off
- // log info
- $fnlogdata = $logdir . "/ical." . $icalmethod . '.' . $logstamp . ".ics";
- $fp = fopen("$fnloginfo",'a+');
- fwrite($fp,"\n\n$loguser on $logdate : $msg, \n data in $fnlogdata ");
- fclose($fp);
- // log data
- $fp = fopen("$fnlogdata", "w");
- fputs($fp, $data);
- fclose($fp);
-}
+ // some info used for logging
+ $logstamp = date("U");
+ $loguser = $_SERVER['PHP_AUTH_USER'];
+ $logdate = date("Ymd:His");
+ // filename for log info, only used when logging is on
+ $fnloginfo = "$logdir/ical.log";
-
-
-
-?>
\ No newline at end of file
+ // log info
+ $fnlogdata = $logdir . "/ical." . $icalmethod . '.' . $logstamp . ".ics";
+ $fp = fopen("$fnloginfo",'a+');
+ fwrite($fp,"\n\n$loguser on $logdate : $msg, \n data in $fnlogdata ");
+ fclose($fp);
+ // log data
+ $fp = fopen("$fnlogdata", "w");
+ fputs($fp, $data);
+ fclose($fp);
+ }
+?>