extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2025-01-03 04:29:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

allow "email" GET parameter and some docu

Browse Source
This commit is contained in:
Ralf Becker 2021-04-13 18:15:10 +02:00
parent 3f989f33d1
commit 87f1554fdf
1 changed files with 24 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
calendar/freebusy.php
View File

@ -1,13 +1,21 @@
<?php <?php
/** /**
* iCal import and export via Horde iCalendar classes * EGroupware - simple / non-CalDAV freebusy URL eg. exported as FBURL in vCard of users
*
* Usage:
* - https://egw.example.org/egroupware/calendar/freebusy.php?user=%NAME%
* - https://egw.example.org/egroupware/calendar/freebusy.php?email=%NAME%@%SERVER%
* Authentication is required unless explicitly switched off in calendar preferences of the requested user:
* + EGroupware "sessionid" cookie
* + basic auth credentials of an EGroupware user
* + "password" GET parameter with a configured password from the requested user's preferences
* + "cred" GET parameter with base64 encoded "<username>:<password>" of an EGroupware user
* *
* @link http://www.egroupware.org * @link http://www.egroupware.org
* @author Ralf Becker <RalfBecker-AT-outdoor-training.de> * @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
* @package calendar * @package calendar
* @subpackage export * @subpackage export
* @version $Id$
*/ */
use EGroupware\Api; use EGroupware\Api;
@ -54,17 +62,24 @@ if (!$logged_in)
// fix for SOGo connector, which does not decode the = in our f/b url // fix for SOGo connector, which does not decode the = in our f/b url
if (strpos($_SERVER['QUERY_STRING'],'=3D') !== false && substr($_GET['user'],0,2) == '3D') if (strpos($_SERVER['QUERY_STRING'],'=3D') !== false && substr($_GET['user'],0,2) == '3D')
{ {
$_GET['user'] = substr($_GET['user'],2); foreach(['user', 'email', 'password', 'cred'] as $name)
if (isset($_GET['password'])) $_GET['password'] = substr($_GET['password'],2); {
if (isset($_GET['cred'])) $_GET['cred'] = substr($_GET['cred'],2); if (isset($_GET[$name])) $_GET[$name] = substr($_GET[$name],2);
}
} }
if (!is_numeric($user = $_GET['user'])) if (isset($_GET['user']) && !is_numeric($user = $_GET['user']))
{ {
// check if user contains the current domain --> remove it // check if user contains the current domain --> remove it
list(,$domain) = explode('@',$user); list(, $domain) = explode('@', $user);
if ($domain === $GLOBALS['egw_info']['user']['domain']) if ($domain === $GLOBALS['egw_info']['user']['domain'])
list($user) = explode('@',$user); {
$user = $GLOBALS['egw']->accounts->name2id($user,'account_lid','u'); list($user) = explode('@', $user);
}
$user = $GLOBALS['egw']->accounts->name2id($user, 'account_lid', 'u');
}
elseif (isset($_GET['email']))
{
$user = $GLOBALS['egw']->accounts->name2id($_GET['email'], 'account_email', 'u');
} }
if ($user === false || !($username = $GLOBALS['egw']->accounts->id2name($user))) if ($user === false || !($username = $GLOBALS['egw']->accounts->id2name($user)))
{ {