How to install a webdav server in PHP

pdf

How to install a webdav server in PHP

Par keyphrene, Wednesday 13 August 2008 à 19:57 :: Webdav server in PHP :: #9 :: rss

It's very simple.

Download this package, and decompress it.
The inc folder contains PEAR and the HTTP_WebDAV_Server class.
Copy the inc folder and authenticate.php file in the include_path (see php.ini)
Copy webdav.php file in the root of your site.

The authenticate.php file contains a digest authentification.

The webdav.php file create a webdav server

<?
include_once("authenticate.php");
 
ini_set("error_reporting", "");
 
# Activate if your PHP is CGI mode
$phpcgi = 0;
# Name of your restricted area
$realm = 'Restricted area Keyphrene';
$DBUSER = "your login";
$DBPWD = "your password";
$users = array($DBUSER => $DBPWD);
# With this authentication method, 
# your password is not readable when you use this service
AuthenticationDigestHTTP($realm, $users, $phpcgi);
# AuthenticationBasicHTTP($realm, $users, $phpcgi);
 
require_once "HTTP/WebDAV/Server/Filesystem.php";
$server = new HTTP_WebDAV_Server_Filesystem();
# Database configuration for the lock method
$server->db_host = $DBHOST;
$server->db_name = $DB_WEBDAV;
$server->db_user = $DBUSER;
$server->db_passwd = $DBPWD;
# Real path of your site
$server->ServeRequest($DOCUMENT_ROOT."/www/");
 
?>

To use this service, you must connect you at this adress http://mysite.org/webdav.php. You can configure a lot of access on your site. Becareful, if you must copy files on your server, you must use the good permissions with the FTP client.

Test your webdav connection with Naja, so create a signet

Now, you can browse on your server with a webdav client

Bookmarks

Trackbacks

No trackback.

Write a trackback for this item : http://blog.keyphrene.com/keyphrene/tb.php?id=9&chk=k0gr0d

Comments

1. Le Tuesday 3 October 2006 à 09:32, par matemago

hi, i was trying your method, but i cannot find the way to authenticate myself, a login window appears, but no matter what user:passw combination i use, i never lets me login, can you help me please?

thanks

2. Le Tuesday 3 October 2006 à 20:13, par keyphrene

hi, Have you changed $DBUSER, $DBPWD variables like this : $DBUSER="toto"; $DBPWD="password";

3. Le Wednesday 11 October 2006 à 17:23, par Johannes

Hi,
great idea! I tried to install it but always get the following message:

Warning: uniqid() expects at least 1 parameter, 0 given in /www/htdocs/authenticate.php on line 24

Warning: Cannot modify header information - headers already sent by (output started at /www/htdocs/authenticate.php:24) in /www/htdocs/authenticate.php on line 24
401 Unauthorized

What could be the problem?

Thanks!
Johannes

4. Le Wednesday 11 October 2006 à 20:41, par keyphrene

Replace line 24 in authenticate.php file
header('WWW-Authenticate: Digest realm="'.$realm.'" qop="auth" nonce="'.uniqid().'" opaque="'.md5($realm).'"');
by this line
header('WWW-Authenticate: Digest realm="'.$realm.'" qop="auth" nonce="'.uniqid(rand(), true).'" opaque="'.md5($realm).'"');
You can add this line in the webdav.php to avoid the warnings
ini_set("error_reporting", "");

5. Le Thursday 12 October 2006 à 15:42, par Johannes

Hi,
thanks for the help.

But now I have the same problem like the user "matemago". Although I have set the two variables I get asked for username and password again and again.

Any idea?

Thanks,
Johannes

6. Le Thursday 12 October 2006 à 20:26, par keyphrene

Webdav server is based on extensions to HTTP for PHP. I use PHP 5.

What is your version of PHP?
What is your webdav client?

Your client must supported Digest Authentication. The great interest of this authentication type is that the password is not visible in the network traffic. Firefox use this authentication, but just to read the directory.

7. Le Friday 13 October 2006 à 12:36, par Johannes

Hi,
my PHP version is 5 and the webdav client is Novell Netdrive. But for testing I just used Firefox and accessed DOMAIN/webda.php

Once I comment the line: AuthenticationDigestHTTP($realm, $users);
it works but logically without password protection.

By the way: Where is the uploaded data stored?

Thanks!
Johannes

8. Le Friday 13 October 2006 à 20:20, par keyphrene

You were right, if you comment AuthenticationDigestHTTP($realm, $users), you will lose the password protection.
I don't know if novell netdrive support the digest authentication.
Nevertheless, if you add this code in the authenticate.php file, you will have a basic authentication

///////////////////
// AuthenticationBasicHTTP
function AuthenticationBasicHTTP($realm, $users) {
if (empty($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="'.$realm.'"');
header('HTTP/1.0 401 Unauthorized');
die('401 Unauthorized');
}

$user = $_SERVER['PHP_AUTH_USER'];
if (array_key_exists($user, $users) && $users[$user] == $_SERVER['PHP_AUTH_PW'] ){
return TRUE;
}

header('WWW-Authenticate: Basic realm="'.$realm.'"');
header('HTTP/1.0 401 Unauthorized');
die('401 Unauthorized');
return FALSE;
}
///////////////////
Replace this line in webdav.php
AuthenticationDigestHTTP($realm, $users);
by this
AuthenticationBasicHTTP($realm, $users);

You must to have your uploaded data in the root of this path $DOCUMENT_ROOT."/www/".
Do you can walk in your path with your webdav client?
Do you have an error when you upload your file?
If you want to upload a file, you must give the good permissions on your directory (0777) with a FTP command.

9. Le Friday 13 October 2006 à 20:38, par keyphrene

I release a new package with the last modifications webdav_srv_1.1.zip

10. Le Sunday 21 January 2007 à 09:01, par Remco Janssen

After installing the files and tweeking stuff I now seem to have webdav functionality. But I can't get iCal (MAC OSX) to write files to the webdav server... anyone any idea? permissions on my directory are oke (777)...

11. Le Sunday 21 January 2007 à 10:17, par keyphrene

Have you tested with a webdav client?

12. Le Wednesday 2 May 2007 à 07:11, par anonymous

Will this work as a PHP CGI (i.e. not mod_php)?
I've even tried running it with the Authenticate stuff commented out and it doesn't do anything.

13. Le Sunday 6 May 2007 à 16:16, par keyphrene

I use this package with mod_php (PHP 5.1.4). The Authenticate stuff can be commented for a free connection. You can try to debug this script and post me your trace.

14. Le Tuesday 19 June 2007 à 09:56, par Donny Kurnia

Hi, I got to this site when looking for docs for HTTP_WebDAV. I've tried your code in my Debian machine and it works. I want to put the webdav.php in another directory but it won't work. Is it possible to do this, or it's the limitation of HTTP_WebDAV? I run the same php in XAMPP at WinXP, but it won't work. Can you run it in Windows's apache platform?

Thanks .

15. Le Thursday 12 July 2007 à 06:28, par Standalone

Hi, I use a comercial hosting service so added items to the include path isn't possible (or is it???).

Is there a way to get WebDav support working as a standalone optiont that I can upload to my own webspace?

16. Le Wednesday 18 July 2007 à 07:46, par diyism

I have build a single file mydav.php based on your webdav_srv_1.1.zip.
Just comment this code in Filesystem.php:
/*
// establish connection to property/locking db
mysql_connect($this->db_host, $this->db_user, $this->db_passwd) or die(mysql_error());
mysql_select_db($this->db_name) or die(mysql_error());
// TODO throw on connection problems
*/

17. Le Thursday 26 July 2007 à 07:49, par diyism

I've build an single-filed editon of HTTP_WEBDAV_SERVER

18. Le Thursday 26 July 2007 à 16:59, par ligesh

I am having the same problem. It works beautifully with mod_php, but not with cgi on lighttpd. I traced lighty and found that the php code is executed, but it was printing blank. Something to do with cgi_redirect option or something? Did anyone succeed in getting it running as cgi?

Thanks.

19. Le Sunday 26 August 2007 à 07:38, par keyphrene

Sorry for my lately answers
ANSWER TO Donny Kurnia:
You run it on Windows's apache platform (XAMPP or other distrib), There is no limitation on the directory only on your system permissions.

ANSWER TO Standalone:
You can use this package on your commercial hosting service and add in your include path. I do it on my platform, to avoid any security problems.

ANSWER TO diyism:
You can do it, if you want to avoid database lock, but I don't tested.

ANSWER TO ligesh:
I have tested only on Apache platform. Sorry

20. Le Sunday 28 October 2007 à 05:06, par callous

Please mention the requirements. I was busy trying to get this work, and then it complained about MySQL, which was not even hinted at.

I added the following, for anyone else's reference:

In webdav.php:
ini_set('include_path',ini_get('include_path').':./inc:');

In authenticate.php, the parameters for uniqid
header('WWW-Authenticate: Digest realm="'.$realm.'" qop="auth" nonce="'.uniqid(rand(), true).'" opaque="'.md5($realm).'"');

In Filesystem.php:
require_once "cgifix.php";

And I added a cgifix.php to deal with being loaded as CGI instead of mod_php, taken from us2.php.net/manual/en/fun...

I now hate my hosting provider even more, as I had to nose-into PHP and it still doesn't work.

21. Le Thursday 6 December 2007 à 20:55, par Aldo

My server keeps on sending

[06/Dec/2007:14:26:43 -0500] "PROPFIND /webdav.php/ HTTP/1.1" 401 16

22. Le Wednesday 19 December 2007 à 15:46, par Zarhi

Hi,

There is little mistake in AuthenticateDigestHTTP. When Konqueror send folder with [space] he convert it to '%20'. But '%' is not allowed, so authentication fails.

Solution is to add '%' as allowed char in preg_match_all:

file 'authenticate.php', function 'http_digest_parse':

old: preg_match_all('@(\w+)=([\'"]?)([a-zA-Z0-9=./\_-]+)\2@', $txt, $matches, PREG_SET_ORDER);

new: preg_match_all('@(\w+)=([\'"]?)([%a-zA-Z0-9=./\_-]+)\2@', $txt, $matches, PREG_SET_ORDER);

Folders with '%20' in name also are not correct handled later in webdav functions because of missing urldecode(), but this must be reported to pear.php.net.

Best regards.

23. Le Monday 18 February 2008 à 10:36, par Thomas

Great script.
Does it create the MySQL database itself or do i have to create it manually?

Thanks

24. Le Saturday 23 February 2008 à 17:16, par troggi

Hello,

Congratulations, this piece of code is perfect for my needs.

Everything works great except delete file or folder : infinite loop then error. I tried windows explorer, BitKinex and DavExplorer.

Has anyone encountered those problems ?

25. Le Monday 17 March 2008 à 15:20, par keyphrene

Hi troggi, Have you the good permissions? The FTP process and the php process have not the same owner. With the FTP client, set 777 (rwxrwxrwx) to a file and try to remove this file with a webdav client.

26. Le Monday 17 March 2008 à 15:35, par keyphrene

Hi Thomas, I have added a file to create the table for the lock and unlock operations in this package webdav_srv_1.2

27. Le Saturday 26 July 2008 à 09:19, par keyphrene

Package 1.2 doesn't work with PHP in CGI mode. A new package must be released soon.

28. Le Wednesday 13 August 2008 à 17:56, par keyphrene

Package 1.3 has been released.

29. Le Wednesday 3 September 2008 à 17:58, par Otto

You know, it would be nice if you mentioned that you have to create a database for the property and locking information and then configure those settings in the script.

30. Le Friday 5 September 2008 à 09:03, par Simon

Hi! Thanks for this guide.

Just wanted to add that I've got this working nicely on php 4.4.7. There was only one problem: I couldn't get either AuthenticationDigestHTTP() or AuthenticationBasicHTTP() to work at all, with or without the $phpcgi flag.

I have to admit I didn't try that hard though - I just commented them out and applied HTTP authentication using .htaccess instead, and it worked great!

Thanks again!

31. Le Friday 5 September 2008 à 17:20, par keyphrene

OTTO: Thanks for your remarks.

SIMON: It's a pleasure. Can you post your htacess file for users? Thanks.

32. Le Monday 3 November 2008 à 16:40, par Alfones

i have this problem in WinXp,Php5,Apache 2.22:
i autenticated but:
"The folder you entered does not appear to be valid"

excuse my english

it can to be? :
blog.pclark.net/2005/03/f...

33. Le Monday 3 November 2008 à 19:48, par keyphrene

Can you explain little more? You have used my package. Authentication is OK, but not the listing (PROPFIND).

34. Le Tuesday 4 November 2008 à 08:32, par Alfones

Yes.
Autentication work but after it appair "The folder you entered does not appear to be valid" in Explorer.
I have tested Explorer connection also with:
test.webdav.org/
but it have same bheavorius Behavior.

35. Le Tuesday 4 November 2008 à 11:17, par keyphrene

Authentication is OK, only the path is out. Check $DOCUMENT_ROOT.

36. Le Tuesday 4 November 2008 à 12:17, par Alfones

I Use:
$server->ServeRequest("C:/www/Download"); //_SITE_PATH
or
$server->ServeRequest("C:\www\Download"); //_SITE_PATH

37. Le Tuesday 4 November 2008 à 12:47, par keyphrene

Try with $server->ServeRequest("C:/www/Download/");

38. Le Tuesday 4 November 2008 à 14:47, par Alfones

Now i have solved.
I wrong with include and script.
It work fine with NetDrive.
With Explorer i must to try good.
Ty.

39. Le Tuesday 4 November 2008 à 19:06, par Alfones

If i not can to access to "php.ini" to set include directory how to do to user your script?
I only can to instal in the root directory?

40. Le Tuesday 4 November 2008 à 19:42, par keyphrene

You can use the absolute path to include your script file.

Keyphrene's Blog