[Pkg-owncloud-commits] [owncloud] 38/83: fixes #6050

[David Prévot]

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch 5.0
in repository owncloud.

commit 4221490d04f1f02e89c5f06f6250fb9ec113eac9
Author: Thomas Müller <thomas.mueller at tmit.eu>
Date:   Tue Nov 26 14:13:33 2013 +0100

    fixes #6050
---
 lib/request.php       | 29 +++++++++++++++++++++--------
 tests/lib/request.php | 11 ++++++++---
 2 files changed, 29 insertions(+), 11 deletions(-)

diff --git a/lib/request.php b/lib/request.php
index 770ccd5..dc8e3e6 100755
--- a/lib/request.php
+++ b/lib/request.php
@@ -141,17 +141,30 @@ class OC_Request {
 			$requestUri = '/' . ltrim($requestUri, '/');
 		}
 
+		// Remove the query string from REQUEST_URI
+		if ($pos = strpos($requestUri, '?')) {
+			$requestUri = substr($requestUri, 0, $pos);
+		}
+
 		$scriptName = $_SERVER['SCRIPT_NAME'];
-		// in case uri and script name don't match we better throw an exception
-		if (strpos($requestUri, $scriptName) !== 0) {
-			throw new Exception("REQUEST_URI($requestUri) does not start with the SCRIPT_NAME($scriptName)");
+		$path_info = $requestUri;
+
+		// strip off the script name's dir and file name
+		list($path, $name) = \Sabre_DAV_URLUtil::splitPath($scriptName);
+		if (!empty($path)) {
+			if( $path === $path_info || strpos($path_info, $path.'/') === 0) {
+				$path_info = substr($path_info, strlen($path));
+			} else {
+				throw new Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')");
+			}
 		}
-		$path_info = substr($requestUri, strlen($scriptName));
-		// Remove the query string from REQUEST_URI
-		if ($pos = strpos($path_info, '?')) {
-			$path_info = substr($path_info, 0, $pos);
+		if (strpos($path_info, '/'.$name.'/') === 0) {
+			$path_info = substr($path_info, strlen($name) + 1);
 		}
-		return $path_info;
+		if (strpos($path_info, $name) === 0) {
+			$path_info = substr($path_info, strlen($name));
+		}
+		return rtrim($path_info, '/');
 	}
 
 	/**
diff --git a/tests/lib/request.php b/tests/lib/request.php
index a740751..090cebc 100644
--- a/tests/lib/request.php
+++ b/tests/lib/request.php
@@ -42,6 +42,13 @@ class Test_Request extends PHPUnit_Framework_TestCase {
 			array('/core/ajax/translations.php', 'index.php/core/ajax/translations.php', 'index.php'),
 			array('/core/ajax/translations.php', '/index.php/core/ajax/translations.php', '/index.php'),
 			array('/core/ajax/translations.php', '//index.php/core/ajax/translations.php', '/index.php'),
+			array('', '/oc/core', '/oc/core/index.php'),
+			array('', '/oc/core/', '/oc/core/index.php'),
+			array('', '/oc/core/index.php', '/oc/core/index.php'),
+			array('/core/ajax/translations.php', '/core/ajax/translations.php', 'index.php'),
+			array('/core/ajax/translations.php', '//core/ajax/translations.php', '/index.php'),
+			array('/core/ajax/translations.php', '/oc/core/ajax/translations.php', '/oc/index.php'),
+			array('/1', '/oc/core/1', '/oc/core/index.php'),
 		);
 	}
 
@@ -60,9 +67,7 @@ class Test_Request extends PHPUnit_Framework_TestCase {
 
 	function rawPathInfoThrowsExceptionProvider() {
 		return array(
-			array('core/ajax/translations.php', '/index.php'),
-			array('/core/ajax/translations.php', '/index.php'),
-			array('//core/ajax/translations.php', '/index.php'),
+			array('/oc/core1', '/oc/core/index.php'),
 		);
 	}
 }

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git