[ZendTo] Re: Per-user library

Achim J. Latz achim+zendto at qustodium.net
Wed Jan 9 14:53:47 GMT 2013


Hello Artyom:

On 09/01/2013 07:44, Artyom Aleksandrov wrote:
> Hi, I hope it help you.
>
> http://forums.devshed.com/apache-development-15/do-something-different-if-one-directory-exists-turn-off-re-writing-626439.html

I managed to get it working yesterday, by adding the following lines to 
000-zendto

     BrowserMatch "^WebDAVLib/1.*" redirect-carefully

# if authenticated user, but no user dir exists yet: create it!
     RewriteCond %{LA-U:REMOTE_USER} (.+)
     RewriteCond /var/zendto/library/%{LA-U:REMOTE_USER} !-d
     RewriteRule ^/library/?(.*)$ 
/create_user_dir.php?user=%{REMOTE_USER}   [PT,L]

# if authenticated user, redirect to existing folder

     RewriteCond %{LA-U:REMOTE_USER} (.+)
     RewriteRule ^/library(.*) /var/zendto/library/%1$1



create_user_dir.php looks as follows:

<?php
require "../config/preferences.php";

$headers = apache_request_headers();
$username = $_SERVER["PHP_AUTH_USER"];
$library_path = $NSSDROPBOX_PREFS['libraryDirectory'];
$folder_dest = $library_path . "/" . $username;

// check if directory exists (should not, otherwise we would not be here)!
if (!is_dir($folder_dest)) {
         if (!mkdir ($folder_dest, 0755)) {
                 die('Failed to create folder $folder_dest');
         }
}

$host  = $_SERVER['HTTP_HOST'];
header("Location: http://$host/library/");

?>


Any suggestions as the where the massive security holes are?

Best regards, Achim


More information about the ZendTo mailing list