From 357fdb1a4df64864b2394d097b855fded1ce4756 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Fri, 28 Feb 2014 11:59:30 +0100
Subject: [PATCH 1/3] Remove .htaccess creation code

1. We're maintaining the same code twice which leads inevitably to problems as this one. The createHtaccess routine is only used to use the correct paths to the 404 and 403 document.
2. Updating the ownCloud instance as described in our documentation (`Delete everything from your ownCloud installation directory, except data and config.`) will break the links to the ErrorDocuments anyways and show the default error handlers if ownCloud is not installed in the root directory.
---
 .htaccess               |  2 --
 lib/private/setup.php   | 54 ++++++-----------------------------------
 lib/private/updater.php |  6 +++++
 version.php             |  2 +-
 4 files changed, 15 insertions(+), 49 deletions(-)
 mode change 100755 => 100644 .htaccess

diff --git a/.htaccess b/.htaccess
old mode 100755
new mode 100644
index 4ba5095e14..e1ded52dcd
--- a/.htaccess
+++ b/.htaccess
@@ -6,8 +6,6 @@ RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
 </IfModule>
 </IfModule>
 </IfModule>
-ErrorDocument 403 /core/templates/403.php
-ErrorDocument 404 /core/templates/404.php
 <IfModule mod_php5.c>
 php_value upload_max_filesize 513M
 php_value post_max_size 513M
diff --git a/lib/private/setup.php b/lib/private/setup.php
index 3906204bda..25e536543f 100644
--- a/lib/private/setup.php
+++ b/lib/private/setup.php
@@ -106,9 +106,10 @@ class OC_Setup {
 			//guess what this does
 			OC_Installer::installShippedApps();
 
-			//create htaccess files for apache hosts
+			// Update htaccess files for apache hosts
 			if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) {
-				self::createHtaccess();
+				self::updateHtaccess();
+				self::protectDataDirectory();
 			}
 
 			//and we are done
@@ -119,52 +120,13 @@ class OC_Setup {
 	}
 
 	/**
-	 * create .htaccess files for apache hosts
+	 * Append the correct ErrorDocument path for Apache hosts
 	 */
-	private static function createHtaccess() {
-		$content = "<IfModule mod_fcgid.c>\n";
-		$content.= "<IfModule mod_setenvif.c>\n";
-		$content.= "<IfModule mod_headers.c>\n";
-		$content.= "SetEnvIfNoCase ^Authorization$ \"(.+)\" XAUTHORIZATION=$1\n";
-		$content.= "RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION\n";
-		$content.= "</IfModule>\n";
-		$content.= "</IfModule>\n";
-		$content.= "</IfModule>\n";
+	public static function updateHtaccess() {
+		$content.= "\n";
 		$content.= "ErrorDocument 403 ".OC::$WEBROOT."/core/templates/403.php\n";//custom 403 error page
-		$content.= "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php\n";//custom 404 error page
-		$content.= "<IfModule mod_php5.c>\n";
-		$content.= "php_value upload_max_filesize 512M\n";//upload limit
-		$content.= "php_value post_max_size 512M\n";
-		$content.= "php_value memory_limit 512M\n";
-		$content.= "php_value mbstring.func_overload 0\n";
-		$content.= "<IfModule env_module>\n";
-		$content.= "  SetEnv htaccessWorking true\n";
-		$content.= "</IfModule>\n";
-		$content.= "</IfModule>\n";
-		$content.= "<IfModule mod_rewrite.c>\n";
-		$content.= "RewriteEngine on\n";
-		$content.= "RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]\n";
-		$content.= "RewriteRule ^.well-known/host-meta /public.php?service=host-meta [QSA,L]\n";
-		$content.= "RewriteRule ^.well-known/carddav /remote.php/carddav/ [R]\n";
-		$content.= "RewriteRule ^.well-known/caldav /remote.php/caldav/ [R]\n";
-		$content.= "RewriteRule ^apps/([^/]*)/(.*\.(css|php))$ index.php?app=$1&getfile=$2 [QSA,L]\n";
-		$content.= "RewriteRule ^remote/(.*) remote.php [QSA,L]\n";
-		$content.= "</IfModule>\n";
-		$content.= "<IfModule mod_mime.c>\n";
-		$content.= "AddType image/svg+xml svg svgz\n";
-		$content.= "AddEncoding gzip svgz\n";
-		$content.= "</IfModule>\n";
-		$content.= "<IfModule dir_module>\n";
-		$content.= "DirectoryIndex index.php index.html\n";
-		$content.= "</IfModule>\n";
-		$content.= "AddDefaultCharset utf-8\n";
-		$content.= "Options -Indexes\n";
-		$content.= "<IfModule pagespeed_module>\n";
-		$content.= "ModPagespeed Off\n";
-		$content.= "</IfModule>\n";
-		@file_put_contents(OC::$SERVERROOT.'/.htaccess', $content); //supress errors in case we don't have permissions for it
-
-		self::protectDataDirectory();
+		$content.= "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php";//custom 404 error page
+		@file_put_contents(OC::$SERVERROOT.'/.htaccess', $content, FILE_APPEND); //supress errors in case we don't have permissions for it
 	}
 
 	public static function protectDataDirectory() {
diff --git a/lib/private/updater.php b/lib/private/updater.php
index f05d5038b7..67764771fd 100644
--- a/lib/private/updater.php
+++ b/lib/private/updater.php
@@ -92,6 +92,7 @@ class Updater extends BasicEmitter {
 
 	/**
 	 * runs the update actions in maintenance mode, does not upgrade the source files
+	 * except the main .htaccess file
 	 */
 	public function upgrade() {
 		\OC_DB::enableCaching(false);
@@ -103,6 +104,11 @@ class Updater extends BasicEmitter {
 		}
 		$this->emit('\OC\Updater', 'maintenanceStart');
 
+		// Update htaccess files for apache hosts
+		if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) {
+			\OC_Setup::updateHtaccess();
+		}
+
 		/*
 		 * START CONFIG CHANGES FOR OLDER VERSIONS
 		 */
diff --git a/version.php b/version.php
index 470aa89507..5e5fa22cf8 100644
--- a/version.php
+++ b/version.php
@@ -1,7 +1,7 @@
 <?php
 
 // We only can count up. The 4. digit is only for the internal patchlevel to trigger DB upgrades between betas, final and RCs. This is _not_ the public version number. Reset minor/patchlevel when updating major/minor version number.
-$OC_Version=array(6, 90, 0, 1);
+$OC_Version=array(6, 90, 0, 2);
 
 // The human readable string
 $OC_VersionString='7.0 pre alpha';

From d1c04e113667c8f497c9dad7bc7feeddeaed5317 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Fri, 28 Feb 2014 13:32:09 +0100
Subject: [PATCH 2/3] Typo + use regular assignment

---
 lib/private/setup.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/private/setup.php b/lib/private/setup.php
index 25e536543f..65f295ee34 100644
--- a/lib/private/setup.php
+++ b/lib/private/setup.php
@@ -123,10 +123,10 @@ class OC_Setup {
 	 * Append the correct ErrorDocument path for Apache hosts
 	 */
 	public static function updateHtaccess() {
-		$content.= "\n";
+		$content = "\n";
 		$content.= "ErrorDocument 403 ".OC::$WEBROOT."/core/templates/403.php\n";//custom 403 error page
 		$content.= "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php";//custom 404 error page
-		@file_put_contents(OC::$SERVERROOT.'/.htaccess', $content, FILE_APPEND); //supress errors in case we don't have permissions for it
+		@file_put_contents(OC::$SERVERROOT.'/.htaccess', $content, FILE_APPEND); //suppress errors in case we don't have permissions for it
 	}
 
 	public static function protectDataDirectory() {

From 229e3dcba86db3bd91bbddd78079bf340edff710 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Fri, 28 Feb 2014 13:35:53 +0100
Subject: [PATCH 3/3] A version bump is not necessary here

---
 version.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/version.php b/version.php
index 5e5fa22cf8..470aa89507 100644
--- a/version.php
+++ b/version.php
@@ -1,7 +1,7 @@
 <?php
 
 // We only can count up. The 4. digit is only for the internal patchlevel to trigger DB upgrades between betas, final and RCs. This is _not_ the public version number. Reset minor/patchlevel when updating major/minor version number.
-$OC_Version=array(6, 90, 0, 2);
+$OC_Version=array(6, 90, 0, 1);
 
 // The human readable string
 $OC_VersionString='7.0 pre alpha';