- Модуль: webdav
- Путь к файлу: ~/bitrix/modules/webdav/classes/general.php
- Класс: CWebDavBase
- Вызов: CWebDavBase::OnBeforeProlog
static function OnBeforeProlog()
{
global $USER, $APPLICATION;
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS')
{
if (preg_match("/Livechat-Auth-Id/i", $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
{
return;
}
}
if (isset($_SERVER["PHP_AUTH_USER"]) &&
(!defined("NOT_CHECK_PERMISSIONS") || NOT_CHECK_PERMISSIONS!==true) &&
(CWebDavBase::IsDavHeaders("check_all") ||
!$USER->IsAuthorized()))
{
if ($_SERVER["PHP_AUTH_USER"] <> '' and
$_SERVER["PHP_AUTH_PW"] <> '')
{
if (mb_strpos($_SERVER["PHP_AUTH_USER"], $_SERVER['HTTP_HOST']."\") === 0)
{
$_SERVER["PHP_AUTH_USER"] = str_replace($_SERVER['HTTP_HOST']."\", "", $_SERVER["PHP_AUTH_USER"]);
}
elseif (mb_strpos($_SERVER["PHP_AUTH_USER"], $_SERVER['SERVER_NAME']."\") === 0)
{
$_SERVER["PHP_AUTH_USER"] = str_replace($_SERVER['SERVER_NAME']."\", "", $_SERVER["PHP_AUTH_USER"]);
}
$arAuthResult = $USER->Login($_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"], "N");
$APPLICATION->arAuthResult = $arAuthResult;
}
}
if (
($_SERVER['REQUEST_METHOD']=='OPTIONS' || $_SERVER['REQUEST_METHOD']=='PROPFIND') &&
(
(
$_SERVER["REAL_FILE_PATH"] == '' &&
mb_substr($_SERVER['REQUEST_URI'], -1, 1) == '/'
) || (
mb_strpos($_SERVER['REQUEST_URI'], 'personal') !== false &&
$_SERVER["REAL_FILE_PATH"] == '' &&
!file_exists($_SERVER['DOCUMENT_ROOT'].$_SERVER['REQUEST_URI'])
) // windows scans all the path up to the root, fails if 404, and we have it in /company/personal/...
)
)
{
$res = CUrlRewriter::GetList(Array("QUERY"=>$_SERVER['REQUEST_URI']));
$good_res = true;
$file_path = "";
foreach($res as $res_detail)
{
if(mb_strpos($res_detail["ID"], "webdav") !== false || mb_strpos($res_detail["ID"], "socialnetwork") !== false)
{
$good_res = (!$USER->IsAuthorized()/* && $APPLICATION->GetFileAccessPermission(Array(SITE_ID, $res_detail["PATH"]), Array(2)) < "R"*/);
break;
}
}
if($good_res)
{
header("MS-Author-Via: DAV");
if ( (mb_strpos($_SERVER['HTTP_USER_AGENT'], "Microsoft-WebDAV-MiniRedir") !== false ) && // for office 2007, windows xp
($_SERVER['REQUEST_METHOD'] == "OPTIONS") ) {
CWebDavBase::base_OPTIONS();
die();
}
if($_SERVER['REQUEST_METHOD']!='PROPFIND')
{
if(!$USER->IsAuthorized())
{
CWebDavBase::SetAuthHeader();
die();
}
CWebDavBase::base_OPTIONS();
die();
}
if($_SERVER['REQUEST_METHOD']=='PROPFIND')
{
if(!$USER->IsAuthorized())
{
CWebDavBase::SetAuthHeader();
die();
}
CWebDavBase::SetStatus('207 Multi-Status');
echo '
http://'.htmlspecialcharsbx($_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']).'
t
1
0
application/octet-stream
0
t
2008-10-29T13:58:59Z
2008-10-29T13:58:59Z
rid:{D77F5F6A-44A9-4015-AB49-4D3A439808C1}
rt:D77F5F6A-44A9-4015-AB49-4D3A439808C1@00000000000
"{D77F5F6A-44A9-4015-AB49-4D3A439808C1},0"
HTTP/1.1 200 OK
';
die();
}
}
}
elseif (CWebDavBase::IsDavHeaders("check_all"))
{
if (!$USER->IsAuthorized())
{
$res = CUrlRewriter::GetList(Array("QUERY"=>$_SERVER['REQUEST_URI']));
$good_res = true;
$file_path = "";
foreach($res as $res_detail)
{
if(mb_strpos($res_detail["ID"], "webdav") !== false || mb_strpos($res_detail["ID"], "socialnetwork") !== false)
{
$good_res = (!$USER->IsAuthorized()/* && $APPLICATION->GetFileAccessPermission(Array(SITE_ID, $res_detail["PATH"]), Array(2)) < "R"*/);
break;
}
}
if ($good_res)
{
CWebDavBase::SetAuthHeader();
die();
}
}
return true;
}
}