Source for file Filesystem.php
Documentation is available at Filesystem.php
+----------------------------------------------------------------------+
| Copyright (c) 2002-2007 Christian Stocker, Hartmut Holzgraefe |
| Redistribution and use in source and binary forms, with or without |
| modification, are permitted provided that the following conditions |
| 1. Redistributions of source code must retain the above copyright |
| notice, this list of conditions and the following disclaimer. |
| 2. Redistributions in binary form must reproduce the above copyright |
| notice, this list of conditions and the following disclaimer in |
| the documentation and/or other materials provided with the |
| 3. The names of the authors may not be used to endorse or promote |
| products derived from this software without specific prior |
| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
| FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
| COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
| INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
| BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
| CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
| ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| POSSIBILITY OF SUCH DAMAGE. |
+----------------------------------------------------------------------+
require_once "HTTP/WebDAV/Server.php";
require_once "System.php";
* Filesystem access using WebDAV
* @author Hartmut Holzgraefe <hartmut@php.net>
* @version @package-version@
* Root directory for WebDAV access
* Defaults to webserver document root (set by ServeRequest)
* MySQL Host where property and locking information is stored
var $db_host = "localhost";
* MySQL database for property/locking information storage
* MySQL table name prefix
* MySQL user for property/locking db access
* MySQL password for property/locking db access
// special treatment for litmus compliance test
// reply on its identifier header
// not needed for the test itself but eases debugging
if (isset ($this->_SERVER['HTTP_X_LITMUS'])) {
error_log("Litmus test ". $this->_SERVER['HTTP_X_LITMUS']);
header("X-Litmus-reply: ". $this->_SERVER['HTTP_X_LITMUS']);
// set root directory, defaults to webserver document root if not set
$this->base = realpath($base); // TODO throw if not a directory
} else if (!$this->base) {
$this->base = $this->_SERVER['DOCUMENT_ROOT'];
// establish connection to property/locking db
// TODO throw on connection problems
// let the base class do all the work
* No authentication is needed here
* @param string HTTP Authentication type (Basic, Digest, ...)
* @return bool true on successful authentication
function check_auth ($type, $user, $pass)
* PROPFIND method handler
* @param array general parameter passing array
* @param array return array for file properties
* @return bool true on success
// get absolute fs path to requested resource
$fspath = $this->base . $options["path"];
// prepare property array
$files["files"] = array ();
// store information for the requested path itself
$files["files"][] = $this->fileinfo($options["path"]);
// information for contained resources requested?
// make sure path ends with '/'
$options["path"] = $this->_slashify ($options["path"]);
// ok, now get all its contents
while ($filename = readdir($handle)) {
if ($filename != "." && $filename != "..") {
$files["files"][] = $this->fileinfo($options["path"]. $filename);
// TODO recursion needed if "Depth: infinite"
* Get properties for a single file/resource
* @param string resource path
* @return array resource properties
// map URI path to filesystem path
$fspath = $this->base . $path;
// TODO remove slash append code when base clase is able to do it itself
$info["path"] = is_dir($fspath) ? $this->_slashify ($path) : $path;
$info["props"] = array ();
// no special beautified displayname here ...
// creation and modification time
// Microsoft extensions: last access time and 'hidden' status
// type and size (caller already made sure that path exists)
// directory (WebDAV collection)
$info["props"][] = $this->mkprop("resourcetype", "collection");
$info["props"][] = $this->mkprop("getcontenttype", "httpd/unix-directory");
// plain file (WebDAV resource)
$info["props"][] = $this->mkprop("resourcetype", "");
$info["props"][] = $this->mkprop("getcontenttype", $this->_mimetype ($fspath));
$info["props"][] = $this->mkprop("getcontenttype", "application/x-non-readable");
$info["props"][] = $this->mkprop("getcontentlength", filesize($fspath));
// get additional properties from database
$query = " SELECT ns, name, value
FROM {$this->db_prefix}properties
$res = mysql_query($query);
while ($row = mysql_fetch_assoc($res)) {
$info["props"][] = $this->mkprop($row["ns"], $row["name"], $row["value"]);
* detect if a given program is found in the search PATH
* helper function used by _mimetype() to detect if the
* external 'file' utility is available
* @param string program name
* @param string optional search path, defaults to $PATH
* @return bool true if executable program found in path
function _can_execute($name, $path = false)
// path defaults to PATH from environment if not set
// check method depends on operating system
if (!strncmp(PHP_OS, "WIN", 3)) {
// on Windows an appropriate COM or EXE file needs to exist
$exts = array(".exe", ".com");
$check_fn = "file_exists";
// anywhere else we look for an executable file of that name
$check_fn = "is_executable";
// now check the directories in the path for the program
foreach (explode(PATH_SEPARATOR, $path) as $dir) {
// skip invalid path entries
if (!file_exists($dir)) continue;
if (!is_dir($dir)) continue;
// and now look for the file
foreach ($exts as $ext) {
if ($check_fn("$dir/$name".$ext)) return true;
* try to detect the mime type of a file
* @param string file path
* @return string guessed mime type
function _mimetype($fspath)
return "httpd/unix-directory";
} else if (function_exists("mime_content_type")) {
// use mime magic extension if available
$mime_type = mime_content_type($fspath);
} else if ($this->_can_execute ("file")) {
// it looks like we have a 'file' command,
// lets see it it does have mime support
$fp = popen("file -i '$fspath' 2>/dev/null", "r");
// popen will not return an error if the binary was not found
// and find may not have mime support using "-i"
// so we test the format of the returned string
// the reply begins with the requested filename
if (!strncmp($reply, "$fspath: ", strlen($fspath)+2)) {
$reply = substr($reply, strlen($fspath)+2);
// followed by the mime type (maybe including options)
if (preg_match('|^[[:alnum:]_-]+/[[:alnum:]_-]+;?.*|', $reply, $matches)) {
$mime_type = $matches[0];
// Fallback solution: try to guess the type by the file extension
// TODO: it has been suggested to delegate mimetype detection
// to apache but this has at least three issues:
// - works only with apache
// - needs file to be within the document tree
// - requires apache mod_magic
// TODO: can we use the registry for this on Windows?
// OTOH if the server is Windos the clients are likely to
// be Windows, too, and tend do ignore the Content-Type
// anyway (overriding it with information taken from
// TODO: have a seperate PEAR class for mimetype detection?
switch (strtolower(strrchr(basename($fspath), "."))) {
$mime_type = "text/html";
$mime_type = "image/gif";
$mime_type = "image/jpeg";
$mime_type = "application/octet-stream";
* @param array parameter passing array
* @return bool true on success
// get absolute fs path to requested resource
$fspath = $this->base . $options["path"];
if (!file_exists ($fspath)) return false;
$options['mimetype'] = $this->_mimetype ($fspath);
// detect modification time
// see rfc2518, section 13.7
// some clients seem to treat this as a reverse rule
// requiering a Last-Modified header if the getlastmodified header was set
$options['mtime'] = filemtime ($fspath);
$options['size'] = filesize ($fspath);
* @param array parameter passing array
* @return bool true on success
// get absolute fs path to requested resource
$fspath = $this->base . $options["path"];
return $this->GetDir($fspath, $options);
// the header output is the same as for HEAD
if (!$this->HEAD($options)) {
// no need to check result here, it is handled by the base class
$options['stream'] = fopen($fspath, "r");
* GET method handler for directories
* This is a very simple mod_index lookalike.
* See RFC 2518, Section 8.4 on GET/HEAD for collections
* @param string directory path
* @return void function has to handle HTTP response itself
function GetDir($fspath, &$options)
$path = $this->_slashify ($options["path"]);
if ($path != $options["path"]) {
header("Location: ".$this->base_uri. $path);
// fixed width directory column format
$format = "%15s %-19s %-s\n";
if (!is_readable($fspath)) {
$handle = opendir($fspath);
echo "<html><head><title>Index of ".htmlspecialchars($options['path'])."</title></head>\n";
echo "<h1>Index of ".htmlspecialchars($options['path'])."</h1>\n";
printf($format, "Size", "Last modified", "Filename");
while ($filename = readdir($handle)) {
if ($filename != "." && $filename != "..") {
$fullpath = $fspath."/".$filename;
$name = htmlspecialchars($filename);
number_format(filesize($fullpath)),
strftime("%Y-%m-%d %H:%M:%S", filemtime($fullpath)),
'<a href="' . $name . '">' . $name . '</a>');
* @param array parameter passing array
* @return bool true on success
$fspath = $this->base . $options["path"];
if (!file_exists ($dir) || !is_dir ($dir)) {
return "409 Conflict"; // TODO right status code for both?
$options["new"] = ! file_exists($fspath);
if ($options["new"] && !is_writeable($dir)) {
if (!$options["new"] && !is_writeable($fspath)) {
if (!$options["new"] && is_dir($fspath)) {
$fp = fopen($fspath, "w");
* @param array general parameter passing array
* @return bool true on success
$path = $this->base . $options["path"];
$parent = dirname ($path);
if (!file_exists ($parent)) {
if ( file_exists($parent."/".$name) ) {
return "405 Method not allowed";
if (!empty($this->_SERVER["CONTENT_LENGTH"])) { // no body parsing yet
return "415 Unsupported media type";
$stat = mkdir($parent."/".$name, 0777);
* @param array general parameter passing array
* @return bool true on success
function DELETE($options)
$path = $this->base . "/" . $options["path"];
if (!file_exists ($path)) {
$query = "DELETE FROM { $this->db_prefix}properties
WHERE path LIKE ' ".$this->_slashify ($options["path"]). "%'";
System ::rm (array ("-rf", $path));
$query = "DELETE FROM { $this->db_prefix}properties
WHERE path = ' $options[path ]' ";
* @param array general parameter passing array
* @return bool true on success
return $this->COPY($options, true );
* @param array general parameter passing array
* @return bool true on success
function COPY($options, $del=false)
// TODO Property updates still broken (Litmus should detect this?)
if (!empty($this->_SERVER["CONTENT_LENGTH"])) { // no body parsing yet
return "415 Unsupported media type";
// no copying to different WebDAV Servers yet
if (isset($options["dest_url"])) {
return "502 bad gateway";
$source = $this->base . $options["path"];
if (!file_exists ($source)) {
if (is_dir($source)) { // resource is a collection
switch ($options["depth"]) {
case "infinity": // valid
case "0": // valid for COPY only
return "400 Bad request";
case "1": // invalid for both COPY and MOVE
return "400 Bad request";
$dest = $this->base . $options["dest"];
$destdir = dirname ($dest);
if (!file_exists ($destdir) || !is_dir ($destdir)) {
$new = !file_exists($dest);
if ($del && is_dir($dest)) {
if (!$options["overwrite"]) {
return "412 precondition failed";
$dest .= basename($source);
if (file_exists($dest)) {
$options["dest"] .= basename($source);
if ($options["overwrite"]) {
$stat = $this->DELETE(array ("path" => $options["dest"]));
if (($stat{0 } != "2") && (substr ($stat, 0 , 3 ) != "404")) {
return "412 precondition failed";
if (!rename($source, $dest)) {
return "500 Internal server error";
$destpath = $this->_unslashify ($options["dest"]);
$query = "UPDATE { $this->db_prefix}properties
SET path = REPLACE(path, ' ".$options["path"]."', '".$destpath."')
WHERE path LIKE '".$this->_slashify ($options["path"]). "%'";
$query = "UPDATE { $this->db_prefix}properties
SET path = ' ".$destpath."'
WHERE path = '".$options["path"]."'";
$files = System::find($source);
$files = array_reverse($files);
if (!is_array($files) || empty($files)) {
return "500 Internal server error";
foreach ($files as $file) {
$file = $this->_slashify ($file);
$destfile = str_replace($source, $dest, $file);
if (!file_exists($destfile)) {
if (!is_writeable(dirname($destfile))) {
} else if (!is_dir($destfile)) {
if (!copy($file, $destfile)) {
$query = "INSERT INTO { $this->db_prefix}properties
FROM { $this->db_prefix}properties
WHERE path = ' ".$options['path']."'";
return ($new && !$existing_col) ? "201 Created" : "204 No Content";
* PROPPATCH method handler
* @param array general parameter passing array
* @return bool true on success
function PROPPATCH(&$options)
$path = $options["path"];
$dir = dirname($path)."/";
foreach ($options["props"] as $key => $prop) {
if ($prop["ns"] == "DAV:") {
$options["props"][$key]['status'] = "403 Forbidden";
if (isset($prop["val"])) {
$query = "REPLACE INTO { $this->db_prefix}properties
SET path = ' $options[path ]'
$query = "DELETE FROM { $this->db_prefix}properties
WHERE path = ' $options[path ]'
* @param array general parameter passing array
* @return bool true on success
// get absolute fs path to requested resource
$fspath = $this->base . $options["path"];
// TODO recursive locks on directories not supported yet
// makes litmus test "32. lock_collection" fail
if (is_dir ($fspath) && !empty ($options["depth"])) {
$options["timeout"] = time()+300; // 5min. hardcoded
if (isset($options["update"])) { // Lock Update
$where = "WHERE path = '$options[path]' AND token = '$options[update]'";
$query = "SELECT owner, exclusivelock FROM { $this->db_prefix}locks $where";
$res = mysql_query($query);
$row = mysql_fetch_assoc($res);
$query = "UPDATE { $this->db_prefix}locks
SET expires = ' $options[timeout ]'
$options['owner'] = $row['owner'];
$options['scope'] = $row["exclusivelock"] ? "exclusive" : "shared";
$options['type'] = $row["exclusivelock"] ? "write" : "read";
$query = "INSERT INTO { $this->db_prefix}locks
SET token = ' $options[locktoken ]'
, path = ' $options[path ]'
, owner = '$options[owner]'
, expires = '$options[timeout]'
, exclusivelock = " .($options['scope'] === "exclusive" ? "1" : "0")
return mysql_affected_rows() ? "200 OK" : "409 Conflict";
* @param array general parameter passing array
* @return bool true on success
function UNLOCK(&$options)
$query = "DELETE FROM { $this->db_prefix}locks
WHERE path = ' $options[path ]'
AND token = ' $options[token ]' ";
return mysql_affected_rows() ? "204 No Content" : "409 Conflict";
* @param string resource path to check for locks
* @return bool true on success
function checkLock($path)
$query = "SELECT owner, token, created, modified, expires, exclusivelock
FROM { $this->db_prefix}locks
$res = mysql_query($query);
$row = mysql_fetch_array($res);
$result = array( "type" => "write",
"scope" => $row["exclusivelock"] ? "exclusive" : "shared",
"owner" => $row['owner'],
"token" => $row['token'],
"created" => $row['created'],
"modified" => $row['modified'],
"expires" => $row['expires']
* create database tables for property and lock storage
* @return bool true on success
function create_database()
Documentation generated on Mon, 11 Mar 2019 15:50:55 -0400 by phpDocumentor 1.4.4. PEAR Logo Copyright © PHP Group 2004.
|