Merge branch 'master' of github.com:owncloud/core into vcategories_db
Conflicts: lib/vcategories.php
This commit is contained in:
commit
1147dc9774
1
README
1
README
|
@ -4,6 +4,7 @@ A personal cloud which runs on your own server.
|
|||
http://ownCloud.org
|
||||
|
||||
Installation instructions: http://owncloud.org/support
|
||||
Contribution Guidelines: http://owncloud.org/dev/contribute/
|
||||
|
||||
Source code: https://github.com/owncloud
|
||||
Mailing list: https://mail.kde.org/mailman/listinfo/owncloud
|
||||
|
|
|
@ -26,16 +26,12 @@ OCP\Util::addscript('user_ldap', 'settings');
|
|||
OCP\Util::addstyle('user_ldap', 'settings');
|
||||
|
||||
if ($_POST) {
|
||||
$clearCache = false;
|
||||
foreach($params as $param) {
|
||||
if(isset($_POST[$param])) {
|
||||
$clearCache = true;
|
||||
if('ldap_agent_password' == $param) {
|
||||
OCP\Config::setAppValue('user_ldap', $param, base64_encode($_POST[$param]));
|
||||
} elseif('ldap_cache_ttl' == $param) {
|
||||
if(OCP\Config::getAppValue('user_ldap', $param,'') != $_POST[$param]) {
|
||||
$ldap = new \OCA\user_ldap\lib\Connection('user_ldap');
|
||||
$ldap->clearCache();
|
||||
OCP\Config::setAppValue('user_ldap', $param, $_POST[$param]);
|
||||
}
|
||||
} elseif('home_folder_naming_rule' == $param) {
|
||||
$value = empty($_POST[$param]) ? 'opt:username' : 'attr:'.$_POST[$param];
|
||||
OCP\Config::setAppValue('user_ldap', $param, $value);
|
||||
|
@ -54,6 +50,10 @@ if ($_POST) {
|
|||
OCP\Config::setAppValue('user_ldap', $param, 0);
|
||||
}
|
||||
}
|
||||
if($clearCache) {
|
||||
$ldap = new \OCA\user_ldap\lib\Connection('user_ldap');
|
||||
$ldap->clearCache();
|
||||
}
|
||||
}
|
||||
|
||||
// fill template
|
||||
|
|
|
@ -21,7 +21,6 @@
|
|||
*
|
||||
*/
|
||||
|
||||
print_r($_POST);
|
||||
if($_POST) {
|
||||
|
||||
if(isset($_POST['webdav_url'])) {
|
||||
|
|
|
@ -1,40 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* ownCloud
|
||||
* @author Christian Reiner
|
||||
* @copyright 2011-2012 Christian Reiner <foss@christian-reiner.info>
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
||||
* License as published by the Free Software Foundation; either
|
||||
* version 3 of the license, or any later version.
|
||||
*
|
||||
* This library is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
* License along with this library.
|
||||
* If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
/**
|
||||
* @file core/ajax/requesttoken.php
|
||||
* @brief Ajax method to retrieve a fresh request protection token for ajax calls
|
||||
* @return json: success/error state indicator including a fresh request token
|
||||
* @author Christian Reiner
|
||||
*/
|
||||
|
||||
// don't load apps or filesystem for this task
|
||||
$RUNTIME_NOAPPS = true;
|
||||
$RUNTIME_NOSETUPFS = true;
|
||||
|
||||
// Sanity checks
|
||||
// using OCP\JSON::callCheck() below protects the token refreshing itself.
|
||||
//OCP\JSON::callCheck ( );
|
||||
OCP\JSON::checkLoggedIn ( );
|
||||
// hand out a fresh token
|
||||
OCP\JSON::success ( array ( 'token' => OCP\Util::callRegister() ) );
|
||||
?>
|
|
@ -40,7 +40,7 @@ OC.EventSource=function(src,data){
|
|||
dataStr+=name+'='+encodeURIComponent(data[name])+'&';
|
||||
}
|
||||
}
|
||||
dataStr+='requesttoken='+OC.Request.Token;
|
||||
dataStr+='requesttoken='+OC.EventSource.requesttoken;
|
||||
if(!this.useFallBack && typeof EventSource !='undefined'){
|
||||
this.source=new EventSource(src+'?'+dataStr);
|
||||
this.source.onmessage=function(e){
|
||||
|
|
|
@ -1,55 +0,0 @@
|
|||
/**
|
||||
* ownCloud
|
||||
*
|
||||
* @file core/js/requesttoken.js
|
||||
* @brief Routine to refresh the Request protection request token periodically
|
||||
* @author Christian Reiner (arkascha)
|
||||
* @copyright 2011-2012 Christian Reiner <foss@christian-reiner.info>
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
||||
* License as published by the Free Software Foundation; either
|
||||
* version 3 of the license, or any later version.
|
||||
*
|
||||
* This library is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public
|
||||
* License along with this library.
|
||||
* If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
OC.Request = {
|
||||
// the request token
|
||||
Token: {},
|
||||
// the lifespan span (in secs)
|
||||
Lifespan: {},
|
||||
// method to refresh the local request token periodically
|
||||
Refresh: function(){
|
||||
// just a client side console log to preserve efficiency
|
||||
console.log("refreshing request token (lifebeat)");
|
||||
var dfd=new $.Deferred();
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
url: OC.filePath('core','ajax','requesttoken.php'),
|
||||
cache: false,
|
||||
data: { },
|
||||
dataType: 'json'
|
||||
}).done(function(response){
|
||||
// store refreshed token inside this class
|
||||
OC.Request.Token=response.token;
|
||||
dfd.resolve();
|
||||
}).fail(dfd.reject);
|
||||
return dfd;
|
||||
}
|
||||
}
|
||||
// accept requesttoken and lifespan into the OC namespace
|
||||
OC.Request.Token = oc_requesttoken;
|
||||
OC.Request.Lifespan = oc_requestlifespan;
|
||||
// refresh the request token periodically shortly before it becomes invalid on the server side
|
||||
setInterval(OC.Request.Refresh,Math.floor(1000*OC.Request.Lifespan*0.93)), // 93% of lifespan value, close to when the token expires
|
||||
// early bind token as additional ajax argument for every single request
|
||||
$(document).bind('ajaxSend', function(elm, xhr, s){xhr.setRequestHeader('requesttoken', OC.Request.Token);});
|
|
@ -13,9 +13,6 @@ $this->create('search_ajax_search', '/search/ajax/search.php')
|
|||
// AppConfig
|
||||
$this->create('core_ajax_appconfig', '/core/ajax/appconfig.php')
|
||||
->actionInclude('core/ajax/appconfig.php');
|
||||
// RequestToken
|
||||
$this->create('core_ajax_requesttoken', '/core/ajax/requesttoken.php')
|
||||
->actionInclude('core/ajax/requesttoken.php');
|
||||
// Share
|
||||
$this->create('core_ajax_share', '/core/ajax/share.php')
|
||||
->actionInclude('core/ajax/share.php');
|
||||
|
|
|
@ -11,7 +11,6 @@
|
|||
var oc_webroot = '<?php echo OC::$WEBROOT; ?>';
|
||||
var oc_appswebroots = <?php echo $_['apps_paths'] ?>;
|
||||
var oc_requesttoken = '<?php echo $_['requesttoken']; ?>';
|
||||
var oc_requestlifespan = '<?php echo $_['requestlifespan']; ?>';
|
||||
</script>
|
||||
<?php foreach ($_['jsfiles'] as $jsfile): ?>
|
||||
<script type="text/javascript" src="<?php echo $jsfile; ?>"></script>
|
||||
|
|
|
@ -11,7 +11,6 @@
|
|||
var oc_webroot = '<?php echo OC::$WEBROOT; ?>';
|
||||
var oc_appswebroots = <?php echo $_['apps_paths'] ?>;
|
||||
var oc_requesttoken = '<?php echo $_['requesttoken']; ?>';
|
||||
var oc_requestlifespan = '<?php echo $_['requestlifespan']; ?>';
|
||||
var datepickerFormatDate = <?php echo json_encode($l->l('jsdate', 'jsdate')) ?>;
|
||||
var dayNames = <?php echo json_encode(array((string)$l->t('Sunday'), (string)$l->t('Monday'), (string)$l->t('Tuesday'), (string)$l->t('Wednesday'), (string)$l->t('Thursday'), (string)$l->t('Friday'), (string)$l->t('Saturday'))) ?>;
|
||||
var monthNames = <?php echo json_encode(array((string)$l->t('January'), (string)$l->t('February'), (string)$l->t('March'), (string)$l->t('April'), (string)$l->t('May'), (string)$l->t('June'), (string)$l->t('July'), (string)$l->t('August'), (string)$l->t('September'), (string)$l->t('October'), (string)$l->t('November'), (string)$l->t('December'))) ?>;
|
||||
|
|
|
@ -12,7 +12,6 @@
|
|||
var oc_appswebroots = <?php echo $_['apps_paths'] ?>;
|
||||
var oc_current_user = '<?php echo OC_User::getUser() ?>';
|
||||
var oc_requesttoken = '<?php echo $_['requesttoken']; ?>';
|
||||
var oc_requestlifespan = '<?php echo $_['requestlifespan']; ?>';
|
||||
var datepickerFormatDate = <?php echo json_encode($l->l('jsdate', 'jsdate')) ?>;
|
||||
var dayNames = <?php echo json_encode(array((string)$l->t('Sunday'), (string)$l->t('Monday'), (string)$l->t('Tuesday'), (string)$l->t('Wednesday'), (string)$l->t('Thursday'), (string)$l->t('Friday'), (string)$l->t('Saturday'))) ?>;
|
||||
var monthNames = <?php echo json_encode(array((string)$l->t('January'), (string)$l->t('February'), (string)$l->t('March'), (string)$l->t('April'), (string)$l->t('May'), (string)$l->t('June'), (string)$l->t('July'), (string)$l->t('August'), (string)$l->t('September'), (string)$l->t('October'), (string)$l->t('November'), (string)$l->t('December'))) ?>;
|
||||
|
@ -21,6 +20,13 @@
|
|||
<?php foreach($_['jsfiles'] as $jsfile): ?>
|
||||
<script type="text/javascript" src="<?php echo $jsfile; ?>"></script>
|
||||
<?php endforeach; ?>
|
||||
<script type="text/javascript">
|
||||
requesttoken = '<?php echo $_['requesttoken']; ?>';
|
||||
OC.EventSource.requesttoken=requesttoken;
|
||||
$(document).bind('ajaxSend', function(elm, xhr, s) {
|
||||
xhr.setRequestHeader('requesttoken', requesttoken);
|
||||
});
|
||||
</script>
|
||||
<?php foreach($_['headers'] as $header): ?>
|
||||
<?php
|
||||
echo '<'.$header['tag'].' ';
|
||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2012-11-04 00:00+0100\n"
|
||||
"POT-Creation-Date: 2012-11-05 00:03+0100\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
@ -29,7 +29,7 @@ msgstr ""
|
|||
msgid "This category already exists: "
|
||||
msgstr ""
|
||||
|
||||
#: js/js.js:243 templates/layout.user.php:53 templates/layout.user.php:54
|
||||
#: js/js.js:243 templates/layout.user.php:59 templates/layout.user.php:60
|
||||
msgid "Settings"
|
||||
msgstr ""
|
||||
|
||||
|
@ -314,87 +314,87 @@ msgstr ""
|
|||
msgid "Finish setup"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
#: templates/layout.guest.php:15 templates/layout.user.php:16
|
||||
msgid "Sunday"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
#: templates/layout.guest.php:15 templates/layout.user.php:16
|
||||
msgid "Monday"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
#: templates/layout.guest.php:15 templates/layout.user.php:16
|
||||
msgid "Tuesday"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
#: templates/layout.guest.php:15 templates/layout.user.php:16
|
||||
msgid "Wednesday"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
#: templates/layout.guest.php:15 templates/layout.user.php:16
|
||||
msgid "Thursday"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
#: templates/layout.guest.php:15 templates/layout.user.php:16
|
||||
msgid "Friday"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
#: templates/layout.guest.php:15 templates/layout.user.php:16
|
||||
msgid "Saturday"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "January"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "February"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "March"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "April"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "May"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "June"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "July"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "August"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "September"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "October"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "November"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:17 templates/layout.user.php:18
|
||||
#: templates/layout.guest.php:16 templates/layout.user.php:17
|
||||
msgid "December"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.guest.php:42
|
||||
#: templates/layout.guest.php:41
|
||||
msgid "web services under your control"
|
||||
msgstr ""
|
||||
|
||||
#: templates/layout.user.php:38
|
||||
#: templates/layout.user.php:44
|
||||
msgid "Log out"
|
||||
msgstr ""
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2012-11-04 00:00+0100\n"
|
||||
"POT-Creation-Date: 2012-11-05 00:03+0100\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2012-11-04 00:00+0100\n"
|
||||
"POT-Creation-Date: 2012-11-05 00:03+0100\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2012-11-04 00:00+0100\n"
|
||||
"POT-Creation-Date: 2012-11-05 00:03+0100\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2012-11-04 00:00+0100\n"
|
||||
"POT-Creation-Date: 2012-11-05 00:03+0100\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2012-11-04 00:00+0100\n"
|
||||
"POT-Creation-Date: 2012-11-05 00:03+0100\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2012-11-04 00:01+0100\n"
|
||||
"POT-Creation-Date: 2012-11-05 00:03+0100\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2012-11-04 00:01+0100\n"
|
||||
"POT-Creation-Date: 2012-11-05 00:03+0100\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2012-11-04 00:00+0100\n"
|
||||
"POT-Creation-Date: 2012-11-05 00:03+0100\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
|
|
@ -397,8 +397,7 @@ class MDB2_Driver_sqlite3 extends MDB2_Driver_Common
|
|||
}
|
||||
|
||||
if ($this->fix_assoc_fields_names ||
|
||||
$this->options['portability'] & MDB2_PORTABILITY_FIX_ASSOC_FIELD_NAMES)
|
||||
{
|
||||
$this->options['portability'] & MDB2_PORTABILITY_FIX_ASSOC_FIELD_NAMES) {
|
||||
$this->connection->exec("PRAGMA short_column_names = 1");
|
||||
$this->fix_assoc_fields_names = true;
|
||||
}
|
||||
|
|
|
@ -130,8 +130,7 @@ class OC_Archive_TAR extends OC_Archive{
|
|||
if( $file == $header['filename']
|
||||
or $file.'/' == $header['filename']
|
||||
or '/'.$file.'/' == $header['filename']
|
||||
or '/'.$file == $header['filename'])
|
||||
{
|
||||
or '/'.$file == $header['filename']) {
|
||||
return $header;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -264,8 +264,6 @@ class OC{
|
|||
OC_Util::addScript( "jquery-tipsy" );
|
||||
OC_Util::addScript( "oc-dialogs" );
|
||||
OC_Util::addScript( "js" );
|
||||
// request protection token MUST be defined after the jquery library but before any $('document').ready()
|
||||
OC_Util::addScript( "requesttoken" );
|
||||
OC_Util::addScript( "eventsource" );
|
||||
OC_Util::addScript( "config" );
|
||||
//OC_Util::addScript( "multiselect" );
|
||||
|
@ -526,8 +524,7 @@ class OC{
|
|||
}
|
||||
$file_ext = substr($param['file'], -3);
|
||||
if ($file_ext != 'php'
|
||||
|| !self::loadAppScriptFile($param))
|
||||
{
|
||||
|| !self::loadAppScriptFile($param)) {
|
||||
header('HTTP/1.0 404 Not Found');
|
||||
}
|
||||
}
|
||||
|
@ -597,8 +594,7 @@ class OC{
|
|||
if(!isset($_COOKIE["oc_remember_login"])
|
||||
|| !isset($_COOKIE["oc_token"])
|
||||
|| !isset($_COOKIE["oc_username"])
|
||||
|| !$_COOKIE["oc_remember_login"])
|
||||
{
|
||||
|| !$_COOKIE["oc_remember_login"]) {
|
||||
return false;
|
||||
}
|
||||
OC_App::loadApps(array('authentication'));
|
||||
|
|
|
@ -172,7 +172,6 @@ class OC_Template{
|
|||
$this->application = $app;
|
||||
$this->vars = array();
|
||||
$this->vars['requesttoken'] = OC_Util::callRegister();
|
||||
$this->vars['requestlifespan'] = OC_Util::$callLifespan;
|
||||
$parts = explode('/', $app); // fix translation when app is something like core/lostpassword
|
||||
$this->l10n = OC_L10N::get($parts[0]);
|
||||
|
||||
|
@ -391,7 +390,6 @@ class OC_Template{
|
|||
$page = new OC_TemplateLayout($this->renderas);
|
||||
if($this->renderas == 'user') {
|
||||
$page->assign('requesttoken', $this->vars['requesttoken']);
|
||||
$page->assign('requestlifespan', $this->vars['requestlifespan']);
|
||||
}
|
||||
|
||||
// Add custom headers
|
||||
|
|
29
lib/util.php
29
lib/util.php
|
@ -472,17 +472,6 @@ class OC_Util {
|
|||
return $id;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Static lifespan (in seconds) when a request token expires.
|
||||
* @see OC_Util::callRegister()
|
||||
* @see OC_Util::isCallRegistered()
|
||||
* @description
|
||||
* Also required for the client side to compute the piont in time when to
|
||||
* request a fresh token. The client will do so when nearly 97% of the
|
||||
* timespan coded here has expired.
|
||||
*/
|
||||
public static $callLifespan = 3600; // 3600 secs = 1 hour
|
||||
|
||||
/**
|
||||
* @brief Register an get/post call. Important to prevent CSRF attacks.
|
||||
* @todo Write howto: CSRF protection guide
|
||||
|
@ -491,30 +480,24 @@ class OC_Util {
|
|||
* Creates a 'request token' (random) and stores it inside the session.
|
||||
* Ever subsequent (ajax) request must use such a valid token to succeed,
|
||||
* otherwise the request will be denied as a protection against CSRF.
|
||||
* The tokens expire after a fixed lifespan.
|
||||
* @see OC_Util::$callLifespan
|
||||
* @see OC_Util::isCallRegistered()
|
||||
*/
|
||||
public static function callRegister() {
|
||||
// Check if a token exists
|
||||
if(!isset($_SESSION['requesttoken']) || time() >$_SESSION['requesttoken']['time']) {
|
||||
if(!isset($_SESSION['requesttoken'])) {
|
||||
// No valid token found, generate a new one.
|
||||
$requestTokenArray = array(
|
||||
"requesttoken" => self::generate_random_bytes(20),
|
||||
"time" => time()+self::$callLifespan,
|
||||
);
|
||||
$_SESSION['requesttoken']=$requestTokenArray;
|
||||
$requestToken = self::generate_random_bytes(20);
|
||||
$_SESSION['requesttoken']=$requestToken;
|
||||
} else {
|
||||
// Valid token already exists, send it
|
||||
$requestTokenArray = $_SESSION['requesttoken'];
|
||||
$requestToken = $_SESSION['requesttoken'];
|
||||
}
|
||||
return($requestTokenArray['requesttoken']);
|
||||
return($requestToken);
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Check an ajax get/post call if the request token is valid.
|
||||
* @return boolean False if request token is not set or is invalid.
|
||||
* @see OC_Util::$callLifespan
|
||||
* @see OC_Util::callRegister()
|
||||
*/
|
||||
public static function isCallRegistered() {
|
||||
|
@ -530,7 +513,7 @@ class OC_Util {
|
|||
}
|
||||
|
||||
// Check if the token is valid
|
||||
if(!isset($_SESSION['requesttoken']) || time() > $_SESSION['requesttoken']["time"]) {
|
||||
if($token !== $_SESSION['requesttoken']) {
|
||||
// Not valid
|
||||
return false;
|
||||
} else {
|
||||
|
|
|
@ -661,6 +661,7 @@ class OC_VCategories {
|
|||
if(!is_array($names)) {
|
||||
$names = array($names);
|
||||
}
|
||||
|
||||
OC_Log::write('core', __METHOD__ . ', before: '
|
||||
. print_r($this->categories, true), OC_Log::DEBUG);
|
||||
foreach($names as $name) {
|
||||
|
@ -724,6 +725,7 @@ class OC_VCategories {
|
|||
unset($categories[$this->array_searchi($name, $categories)]);
|
||||
}
|
||||
}
|
||||
|
||||
$object->setString('CATEGORIES', implode(',', $categories));
|
||||
if($vobject !== $object) {
|
||||
$vobject[$componentname] = $object;
|
||||
|
|
|
@ -16,8 +16,7 @@ if(OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
|
|||
$userstatus = 'subadmin';
|
||||
}
|
||||
if(OC_User::getUser() === $username) {
|
||||
if (OC_User::checkPassword($username, $oldPassword))
|
||||
{
|
||||
if (OC_User::checkPassword($username, $oldPassword)) {
|
||||
$userstatus = 'user';
|
||||
} else {
|
||||
if (!OC_Util::isUserVerified()) {
|
||||
|
|
|
@ -12,8 +12,7 @@
|
|||
<?php
|
||||
$url=OC_Helper::linkTo( "settings", "help.php" ).'?page=';
|
||||
$pageNavi=OC_Util::getPageNavi($_['pagecount'], $_['page'], $url);
|
||||
if($pageNavi)
|
||||
{
|
||||
if($pageNavi) {
|
||||
$pageNavi->printPage();
|
||||
}
|
||||
?>
|
||||
|
|
Loading…
Reference in New Issue