DAViCal
caldav-PUT-default.php
1 <?php
11 dbg_error_log("PUT", "method handler");
12 
13 require_once('DAVResource.php');
14 
15 if ( ! ini_get('open_basedir') && (isset($c->dbg['ALL']) || (isset($c->dbg['put']) && $c->dbg['put'])) ) {
16  $fh = fopen('/var/log/davical/PUT.debug','w');
17  if ( $fh ) {
18  fwrite($fh,$request->raw_post);
19  fclose($fh);
20  }
21 }
22 
23 $lock_opener = $request->FailIfLocked();
24 
25 if ( $add_member ) {
26  $request->path = $request->dav_name() . uuid();
27  $dest = new DAVResource($request->path);
28  if ( $dest->Exists() ) {
29  $request->path = $request->dav_name() . uuid();
30  $dest = new DAVResource($request->path);
31  if ( $dest->Exists() ) throw new Exception("Failed to generate unique segment name for add-member!");
32  }
33 }
34 else {
35  $dest = new DAVResource($request->path);
36 }
37 
38 $container = $dest->GetParentContainer();
39 if ( $container->IsCalendar() ) {
40  $request->PreconditionFailed(412,'urn:ietf:params:xml:ns:caldav:supported-calendar-data',
41  translate('Incorrect content type for calendar: ') . $request->content_type );
42 }
43 else if ( $container->IsAddressbook() ) {
44  $request->PreconditionFailed(412,'urn:ietf:params:xml:ns:carddav:supported-address-data',
45  translate('Incorrect content type for addressbook: ') . $request->content_type );
46 }
47 if ( ! $dest->Exists() ) {
48  if ( $container->IsPrincipal() ) {
49  $request->DoResponse(403,translate('A DAViCal principal collection may only contain collections'));
50  }
51  if ( ! $container->Exists() ) {
52  $request->DoResponse( 409, translate('Destination collection does not exist') );
53  }
54  $container->NeedPrivilege('DAV::bind');
55 }
56 else {
57  if ( $dest->IsCollection() ) {
58  if ( ! isset($c->readonly_webdav_collections) || $c->readonly_webdav_collections ) {
59  $request->DoResponse(403,translate('You may not PUT to a collection URL'));
60  }
61  $request->DoResponse(403,translate('PUT on a collection is only allowed for text/calendar content against a calendar collection'));
62  }
63  $dest->NeedPrivilege('DAV::write-content');
64 }
65 
66 $request->CheckEtagMatch( $dest->Exists(), $dest->unique_tag() );
67 
68 $collection_id = $container->GetProperty('collection_id');
69 
70 $qry = new AwlQuery();
71 $qry->Begin();
72 
73 $etag = md5($request->raw_post);
74 $params = array(
75  ':user_no' => $dest->GetProperty('user_no'),
76  ':dav_name' => $dest->bound_from(),
77  ':etag' => $etag,
78  ':dav_data' => $request->raw_post,
79  ':session_user' => $session->user_no
80 );
81 if ( $dest->Exists() ) {
82  $sql = 'UPDATE caldav_data SET caldav_data=:dav_data, dav_etag=:etag, logged_user=:session_user,
83  modified=current_timestamp WHERE user_no=:user_no AND dav_name=:dav_name';
84  $response_code = 200;
85 }
86 else {
87  $sql = 'INSERT INTO caldav_data ( user_no, dav_name, dav_etag, caldav_data, logged_user, created, modified, collection_id )
88  VALUES( :user_no, :dav_name, :etag, :dav_data, :session_user, current_timestamp, current_timestamp, :collection_id )';
89  $params[':collection_id'] = $collection_id;
90  $response_code = 201;
91 }
92 $qry->QDo( $sql, $params );
93 
94 $qry->QDo("SELECT write_sync_change( $collection_id, $response_code, :dav_name)", array(':dav_name' => $dest->bound_from() ) );
95 
96 if ( !$qry->Exec('COMMIT') ) {
97  $qry->Rollback();
98  $response_code = 500;
99 }
100 
101 // Uncache anything to do with the collection
102 $cache = getCacheInstance();
103 $cache->delete( 'collection-'.$container->dav_name(), null );
104 
105 header('ETag: "'. $etag . '"' );
106 if ( $response_code == 200 ) $response_code = 204;
107 $request->DoResponse( $response_code );