search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
document closed Debian bug
[davical.git] / inc / caldav-PUT-vcard.php
blob0ced7ec3a9e8e7afcc1a065b30ef840eeb7e2f79
1 <?php
2 /**
3 * CalDAV Server - handle PUT method on VCARD content-types
4 *
5 * @package davical
6 * @subpackage caldav
7 * @author Andrew McMillan <andrew@morphoss.com>
8 * @copyright Morphoss Ltd
9 * @license http://gnu.org/copyleft/gpl.html GNU GPL v2 or later
10 */
11 dbg_error_log("PUT", "method handler");
12
13 require_once('DAVResource.php');
14
15 if ( ! ini_get('open_basedir') && (isset($c->dbg['ALL']) || (isset($c->dbg['put']) && $c->dbg['put'])) ) {
16 $fh = fopen('/tmp/PUT.txt','w');
17 if ( $fh ) {
18 fwrite($fh,$request->raw_post);
19 fclose($fh);
20 }
21 }
22
23 $lock_opener = $request->FailIfLocked();
24
25 require_once('vcard.php');
26 $vcard = new vCard( $request->raw_post );
27 $uid = $vcard->GetPValue('UID');
28 if ( empty($uid) ) {
29 $uid = uuid();
30 $vcard->AddProperty('UID',$uid);
31 }
32
33 if ( $add_member ) {
34 $request->path = $request->dav_name() . $uid . '.vcf';
35 $dest = new DAVResource($request->path);
36 if ( $dest->Exists() ) {
37 $uid = uuid();
38 $vcard->AddProperty('UID',$uid);
39 $request->path = $request->dav_name() . $uid . '.vcf';
40 $dest = new DAVResource($request->path);
41 if ( $dest->Exists() ) throw new Exception("Failed to generate unique segment name for add-member!");
42 }
43 }
44 else {
45 $dest = new DAVResource($request->path);
46 }
47
48 $container = $dest->GetParentContainer();
49 if ( ! $dest->Exists() ) {
50 if ( $container->IsPrincipal() ) {
51 $request->PreconditionFailed(405,'method-not-allowed',translate('A DAViCal principal collection may only contain collections'));
52 }
53 if ( ! $container->Exists() ) {
54 $request->PreconditionFailed( 409, 'collection-must-exist',translate('The destination collection does not exist') );
55 }
56 $container->NeedPrivilege('DAV::bind');
57 }
58 else {
59 if ( $dest->IsCollection() ) {
60 if ( ! isset($c->readonly_webdav_collections) || $c->readonly_webdav_collections ) {
61 $request->PreconditionFailed(405,'method-not-allowed',translate('You may not PUT to a collection URL'));
62 }
63 $request->DoResponse(403,translate('PUT on a collection is only allowed for text/vcard content against an addressbook collection'));
64 }
65 $dest->NeedPrivilege('DAV::write-content');
66 }
67
68 $request->CheckEtagMatch( $dest->Exists(), $dest->unique_tag() );
69
70 $user_no = $dest->GetProperty('user_no');
71 $collection_id = $container->GetProperty('collection_id');
72
73 $original_etag = md5($request->raw_post);
74
75
76 $qry = new AwlQuery();
77 $qry->Begin();
78
79 $uid = $vcard->GetPValue('UID');
80 if ( empty($uid) ) {
81 $uid = uuid();
82 $vcard->AddProperty('UID',$uid);
83 }
84
85 $last_modified = $vcard->GetPValue('REV');
86 if ( empty($last_modified) ) {
87 $last_modified = gmdate( 'Ymd\THis\Z' );
88 $vcard->AddProperty('REV',$last_modified);
89 }
90 elseif ( stripos($last_modified, 'TZ') ) {
91 // At least one of my examples has this crap.
92 $last_modified = str_replace('TZ','T000000Z',$last_modified);
93 $vcard->ClearProperties('REV');
94 $vcard->AddProperty('REV',$last_modified);
95 }
96 elseif( preg_match('{^(\d{8})(\d{6})Z?}', $last_modified, $matches) ) {
97 $last_modified = $matches[1] . 'T' . $matches[2] . 'Z';
98 $vcard->ClearProperties('REV');
99 $vcard->AddProperty('REV',$last_modified);
100 }
101
102 $rendered_card = $vcard->Render();
103 $etag = md5($rendered_card);
104 $params = array(
105 ':user_no' => $user_no,
106 ':dav_name' => $dest->bound_from(),
107 ':etag' => $etag,
108 ':dav_data' => $rendered_card,
109 ':session_user' => $session->user_no,
110 ':modified' => $last_modified
111 );
112 if ( $dest->Exists() ) {
113 $sql = 'UPDATE caldav_data SET caldav_data=:dav_data, dav_etag=:etag, logged_user=:session_user,
114 modified=:modified, user_no=:user_no, caldav_type=\'VCARD\' WHERE dav_name=:dav_name';
115 $response_code = 200;
116 $put_action_type = 'UPDATE';
117 $qry->QDo( $sql, $params );
118
119 $qry->QDo("SELECT dav_id FROM caldav_data WHERE dav_name = :dav_name ", array(':dav_name' => $params[':dav_name']) );
120 }
121 else {
122 $sql = 'INSERT INTO caldav_data ( user_no, dav_name, dav_etag, caldav_data, caldav_type, logged_user, created, modified, collection_id )
123 VALUES( :user_no, :dav_name, :etag, :dav_data, \'VCARD\', :session_user, current_timestamp, :modified, :collection_id )';
124 $params[':collection_id'] = $collection_id;
125 $response_code = 201;
126 $qry->QDo( $sql, $params );
127 $put_action_type = 'INSERT';
128
129 $qry->QDo("SELECT currval('dav_id_seq') AS dav_id" );
130 }
131 $row = $qry->Fetch();
132
133 $vcard->Write( $row->dav_id, $dest->Exists() );
134
135 $qry->QDo("SELECT write_sync_change( $collection_id, $response_code, :dav_name)", array(':dav_name' => $dest->bound_from() ) );
136
137 if ( isset($log_action) && $log_action && function_exists('log_caldav_action') ) {
138 log_caldav_action( $put_action_type, $uid, $user_no, $collection_id, $request->path );
139 }
140 else if ( isset($log_action) && $log_action ) {
141 dbg_error_log( 'PUT', 'No log_caldav_action( %s, %s, %s, %s, %s) can be called.',
142 $put_action_type, $uid, $user_no, $collection_id, $request->path );
143 }
144
145
146 if ( !$qry->Commit() ) {
147 $qry->Rollback();
148 $request->DoResponse( 500, "A database error occurred" );
149 }
150
151 // Uncache anything to do with the collection
152 $cache = getCacheInstance();
153 $cache->delete( 'collection-'.$container->dav_name(), null );
154
155 if ( $add_member ) header('Location: '.$c->protocol_server_port_script.$request->path);
156
157 if ( $etag == $original_etag ) header('ETag: "'. $etag . '"' ); // Only send the ETag if we didn't change what they gave us.
158 if ( $response_code == 200 ) $response_code = 204;
159 $request->DoResponse( $response_code );
DAViCal CalDAV & CardDAV Server