From c693ee2adb1b8b251d7905791eeca0946c31c68b Mon Sep 17 00:00:00 2001 From: Sam Tuke Date: Thu, 26 Apr 2012 16:48:43 +0100 Subject: [PATCH 1/3] added available version names to files dropdown menu via new ajax script --- apps/files_versions/ajax/getVersions.php | 54 ++++++++++++++ apps/files_versions/history.php | 2 +- apps/files_versions/js/versions.js | 89 ++++++++++++++++------- apps/files_versions/templates/history.php | 8 +- 4 files changed, 122 insertions(+), 31 deletions(-) create mode 100644 apps/files_versions/ajax/getVersions.php diff --git a/apps/files_versions/ajax/getVersions.php b/apps/files_versions/ajax/getVersions.php new file mode 100644 index 0000000000..fbe65146ac --- /dev/null +++ b/apps/files_versions/ajax/getVersions.php @@ -0,0 +1,54 @@ +'; html += '
'; - html += ''; + html += ''; html += ''; - html += ''; html += '
'; - html += '
'; html += ''; html += ''; html += '
'; html += ''; - html += '
'; if (filename) { $('tr').filterAttr('data-file',filename).addClass('mouseOver'); @@ -39,27 +55,44 @@ function createVersionsDropdown(filename, files) { } else { $(html).appendTo($('thead .share')); } -// $.getJSON(OC.linkTo('files_sharing', 'ajax/userautocomplete.php'), function(users) { -// if (users) { -// $.each(users, function(index, row) { -// $(row).appendTo('#share_with'); -// }); -// $('#share_with').trigger('liszt:updated'); -// } -// }); -// $.getJSON(OC.linkTo('files_sharing', 'ajax/getitem.php'), { source: files }, function(users) { -// if (users) { -// $.each(users, function(index, row) { -// if (row.uid_shared_with == 'public') { -// showPublicLink(row.token, '/'+filename); -// } else if (isNaN(index)) { -// addUser(row.uid_shared_with, row.permissions, index.substr(0, index.lastIndexOf('-'))); -// } else { -// addUser(row.uid_shared_with, row.permissions, false); -// } -// }); -// } + +// $.getJSON(OC.linkTo('files_sharing', 'ajax/userautocomplete.php'), function(users) { +// if (users) { +// $.each(users, function(index, row) { +// $(row).appendTo('#share_with'); // }); +// $('#share_with').trigger('liszt:updated'); +// } +// }); + $.getJSON(OC.linkTo('files_versions', 'ajax/getVersions.php'), { source: files }, function(versions) { + if (versions) { + + $.each( versions, function(index, row ) { + + addVersion( row ); + }); + + } + + }); + + function addVersion( name ) { + + var version = ''; + +// } else { +// var checked = ((permissions > 0) ? 'checked="checked"' : 'style="display:none;"'); +// var style = ((permissions == 0) ? 'style="display:none;"' : ''); +// var user = '
  • '; +// user += ''; +// user += uid_shared_with; +// user += ''; +// user += ''; +// user += '
  • '; +// } + + $(version).appendTo('#found_versions'); + } $('#dropdown').show('blind'); $('#share_with').chosen(); diff --git a/apps/files_versions/templates/history.php b/apps/files_versions/templates/history.php index d33d2b0f68..92a3eb9c07 100644 --- a/apps/files_versions/templates/history.php +++ b/apps/files_versions/templates/history.php @@ -10,8 +10,12 @@ echo('Versions of '.$_['path']).'
    '; echo('

    You can click on the revert button to revert to the specific verson.


    '); - foreach ($_['versions'] as $v){ - echo(' '.OC_Util::formatDate($v).' Revert

    '); + foreach ( $_['versions'] as $v ){ + + echo ' '; + echo OC_Util::formatDate( $v ); + echo ' Revert

    '; + } } From 6bdefef31e87f6c1be2ed7693fd2f6d203e32462 Mon Sep 17 00:00:00 2001 From: Frank Karlitschek Date: Thu, 26 Apr 2012 19:35:33 +0200 Subject: [PATCH 2/3] csrf protection --- core/lostpassword/index.php | 19 +++++++++++++------ core/lostpassword/templates/lostpassword.php | 1 + 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/core/lostpassword/index.php b/core/lostpassword/index.php index b6cdd601d6..2b87a1eb11 100644 --- a/core/lostpassword/index.php +++ b/core/lostpassword/index.php @@ -9,13 +9,14 @@ $RUNTIME_NOAPPS = TRUE; //no apps require_once('../../lib/base.php'); + // Someone lost their password: if (isset($_POST['user'])) { if (OC_User::userExists($_POST['user'])) { $token = sha1($_POST['user'].md5(uniqid(rand(), true))); OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token); $email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', ''); - if (!empty($email)) { + if (!empty($email) and isset($_POST['sectoken']) and isset($_SESSION['sectoken']) and ($_POST['sectoken']==$_SESSION['sectoken']) ) { $link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php').'?user='.$_POST['user'].'&token='.$token; $tmpl = new OC_Template('core/lostpassword', 'email'); $tmpl->assign('link', $link); @@ -23,14 +24,20 @@ if (isset($_POST['user'])) { $l = OC_L10N::get('core'); $from = 'lostpassword-noreply@' . $_SERVER['HTTP_HOST']; $r=mail($email, $l->t('Owncloud password reset'), $msg, 'From:' . $from); -//if($r==false) echo('error'); else echo('works!!!!!!!'); - OC_MAIL::send($email,$_POST['user'],$l->t('Owncloud password reset'),$msg,$from,'ownCloud'); + OC_MAIL::send($email,$_POST['user'],$l->t('ownCloud password reset'),$msg,$from,'ownCloud'); + echo('sent'); } - OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true)); + $sectoken=rand(1000000,9999999); + $_SESSION['sectoken']=$sectoken; + OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true, 'sectoken' => $sectoken)); } else { - OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false)); + $sectoken=rand(1000000,9999999); + $_SESSION['sectoken']=$sectoken; + OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false, 'sectoken' => $sectoken)); } } else { - OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false)); + $sectoken=rand(1000000,9999999); + $_SESSION['sectoken']=$sectoken; + OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false, 'sectoken' => $sectoken)); } diff --git a/core/lostpassword/templates/lostpassword.php b/core/lostpassword/templates/lostpassword.php index 4b871963b8..754eabdad6 100644 --- a/core/lostpassword/templates/lostpassword.php +++ b/core/lostpassword/templates/lostpassword.php @@ -10,6 +10,7 @@

    +

    From 18a024e251cbcdaafb0ef2893cd5cf8544b03f4d Mon Sep 17 00:00:00 2001 From: Sam Tuke Date: Thu, 26 Apr 2012 18:45:17 +0100 Subject: [PATCH 3/3] started implementing ajax file rollback --- apps/files_versions/ajax/getVersions.php | 11 +++++-- apps/files_versions/ajax/rollbackVersion.php | 26 ++++++++++++++++ apps/files_versions/history.php | 9 ++++-- apps/files_versions/js/versions.js | 32 ++++++++++++-------- 4 files changed, 61 insertions(+), 17 deletions(-) create mode 100644 apps/files_versions/ajax/rollbackVersion.php diff --git a/apps/files_versions/ajax/getVersions.php b/apps/files_versions/ajax/getVersions.php index fbe65146ac..32aac10b71 100644 --- a/apps/files_versions/ajax/getVersions.php +++ b/apps/files_versions/ajax/getVersions.php @@ -11,9 +11,16 @@ $source = strip_tags( $source ); if( OCA_Versions\Storage::isversioned( $source ) ) { $count=5; //show the newest revisions - $versions=OCA_Versions\Storage::getversions( $source, $count); + $versions = OCA_Versions\Storage::getversions( $source, $count); + $versionsFormatted = array(); + + foreach ( $versions AS $version ) { + + $versionsFormatted[] = OC_Util::formatDate( $version ); + + } - $versionsSorted = array_reverse( $versions ); + $versionsSorted = array_reverse( $versionsFormatted ); if ( !empty( $versionsSorted ) ) { OC_JSON::encodedPrint($versionsSorted); diff --git a/apps/files_versions/ajax/rollbackVersion.php b/apps/files_versions/ajax/rollbackVersion.php new file mode 100644 index 0000000000..660411973a --- /dev/null +++ b/apps/files_versions/ajax/rollbackVersion.php @@ -0,0 +1,26 @@ + \ No newline at end of file diff --git a/apps/files_versions/history.php b/apps/files_versions/history.php index 434feaf357..05a5db55da 100644 --- a/apps/files_versions/history.php +++ b/apps/files_versions/history.php @@ -32,13 +32,18 @@ if ( isset( $_GET['path'] ) ) { // roll back to old version if button clicked if( isset( $_GET['revert'] ) ) { - \OCA_Versions\Storage::rollback( $path, $_GET['revert'] ); + + if( \OCA_Versions\Storage::rollback( $path, $_GET['revert'] ) ) { + + echo ""; + + } } // show the history only if there is something to show if( OCA_Versions\Storage::isversioned( $path ) ) { - $count=5; //show the newest revisions + $count=999; //show the newest revisions $versions=OCA_Versions\Storage::getversions( $path, $count); $tmpl = new OC_Template( 'files_versions', 'history', 'user' ); diff --git a/apps/files_versions/js/versions.js b/apps/files_versions/js/versions.js index 5018b75f15..a9e60a0cfa 100644 --- a/apps/files_versions/js/versions.js +++ b/apps/files_versions/js/versions.js @@ -17,17 +17,7 @@ $(document).ready(function(){ async: false, success: function(versions) { if (versions) { - - // icon = OC.imagePath('core', 'actions/shared'); - // $.each(users, function(index, row) { - // if (row.uid_shared_with == 'public') { - // icon = OC.imagePath('core', 'actions/public'); - // } - // }); - // } else { - // icon = OC.imagePath('core', 'actions/share'); } - shared_status[file]= { timestamp: new Date().getTime(), icon: icon }; } }); @@ -37,15 +27,15 @@ $(document).ready(function(){ function createVersionsDropdown(filename, files) { var historyUrl = '../apps/files_versions/history.php?path='+encodeURIComponent($('#dir').val()).replace(/%2F/g, '/')+'/'+encodeURIComponent(filename); - //alert( historyUrl ); + var html = '