diff --git a/apps/files/ajax/move.php b/apps/files/ajax/move.php
index 93063e52eb..04a260265c 100644
--- a/apps/files/ajax/move.php
+++ b/apps/files/ajax/move.php
@@ -18,7 +18,7 @@ if(\OC\Files\Filesystem::file_exists($target . '/' . $file)) {
exit;
}
-if ($dir != '' || $file != 'Shared') {
+if ($target != '' || strtolower($file) != 'shared') {
$targetFile = \OC\Files\Filesystem::normalizePath($target . '/' . $file);
$sourceFile = \OC\Files\Filesystem::normalizePath($dir . '/' . $file);
if(\OC\Files\Filesystem::rename($sourceFile, $targetFile)) {
diff --git a/apps/files/js/file-upload.js b/apps/files/js/file-upload.js
index f962a7044a..aa85644cef 100644
--- a/apps/files/js/file-upload.js
+++ b/apps/files/js/file-upload.js
@@ -82,7 +82,7 @@ OC.Upload = {
*/
isProcessing:function() {
var count = 0;
-
+
jQuery.each(this._uploads,function(i, data) {
if (data.state() === 'pending') {
count++;
@@ -208,13 +208,13 @@ $(document).ready(function() {
add: function(e, data) {
OC.Upload.log('add', e, data);
var that = $(this);
-
+
// we need to collect all data upload objects before starting the upload so we can check their existence
// and set individual conflict actions. unfortunately there is only one variable that we can use to identify
// the selection a data upload is part of, so we have to collect them in data.originalFiles
// turning singleFileUploads off is not an option because we want to gracefully handle server errors like
// already exists
-
+
// create a container where we can store the data objects
if ( ! data.originalFiles.selection ) {
// initialize selection and remember number of files to upload
@@ -225,34 +225,34 @@ $(document).ready(function() {
};
}
var selection = data.originalFiles.selection;
-
+
// add uploads
if ( selection.uploads.length < selection.filesToUpload ) {
// remember upload
selection.uploads.push(data);
}
-
+
//examine file
var file = data.files[0];
try {
// FIXME: not so elegant... need to refactor that method to return a value
- Files.isFileNameValid(file.name);
+ Files.isFileNameValid(file.name, FileList.getCurrentDirectory());
}
catch (errorMessage) {
data.textStatus = 'invalidcharacters';
data.errorThrown = errorMessage;
}
-
+
if (file.type === '' && file.size === 4096) {
data.textStatus = 'dirorzero';
data.errorThrown = t('files', 'Unable to upload {filename} as it is a directory or has 0 bytes',
{filename: file.name}
);
}
-
+
// add size
selection.totalBytes += file.size;
-
+
// check PHP upload limit
if (selection.totalBytes > $('#upload_limit').val()) {
data.textStatus = 'sizeexceedlimit';
@@ -270,7 +270,7 @@ $(document).ready(function() {
'size2': humanFileSize($('#free_space').val())
});
}
-
+
// end upload for whole selection on error
if (data.errorThrown) {
// trigger fileupload fail
@@ -281,12 +281,12 @@ $(document).ready(function() {
// check existing files when all is collected
if ( selection.uploads.length >= selection.filesToUpload ) {
-
+
//remove our selection hack:
delete data.originalFiles.selection;
var callbacks = {
-
+
onNoConflicts: function (selection) {
$.each(selection.uploads, function(i, upload) {
upload.submit();
@@ -309,7 +309,7 @@ $(document).ready(function() {
};
OC.Upload.checkExistingFiles(selection, callbacks);
-
+
}
return true; // continue adding files
@@ -439,7 +439,7 @@ $(document).ready(function() {
});
fileupload.on('fileuploadstop', function(e, data) {
OC.Upload.log('progress handle fileuploadstop', e, data);
-
+
$('#uploadprogresswrapper input.stop').fadeOut();
$('#uploadprogressbar').fadeOut();
Files.updateStorageStatistics();
@@ -531,7 +531,7 @@ $(document).ready(function() {
if ($(this).children('p').length === 0) {
return;
}
-
+
$('#new .error').tipsy('hide');
$('#new li').each(function(i,element) {
@@ -545,7 +545,7 @@ $(document).ready(function() {
var text=$(this).children('p').text();
$(this).data('text',text);
$(this).children('p').remove();
-
+
// add input field
var form = $('');
var input = $('');
@@ -562,7 +562,7 @@ $(document).ready(function() {
throw t('files', 'URL cannot be empty');
} else if (type !== 'web' && !Files.isFileNameValid(filename)) {
// Files.isFileNameValid(filename) throws an exception itself
- } else if ($('#dir').val() === '/' && filename === 'Shared') {
+ } else if (FileList.getCurrentDirectory() === '/' && filename.toLowerCase() === 'shared') {
throw t('files', 'In the home folder \'Shared\' is a reserved filename');
} else if (FileList.inList(filename)) {
throw t('files', '{new_name} already exists', {new_name: filename});
diff --git a/apps/files/js/filelist.js b/apps/files/js/filelist.js
index 550c10dba3..770d5fa3e0 100644
--- a/apps/files/js/filelist.js
+++ b/apps/files/js/filelist.js
@@ -419,15 +419,12 @@ window.FileList={
len = input.val().length;
}
input.selectRange(0, len);
-
var checkInput = function () {
var filename = input.val();
if (filename !== oldname) {
- if (!Files.isFileNameValid(filename)) {
- // Files.isFileNameValid(filename) throws an exception itself
- } else if($('#dir').val() === '/' && filename === 'Shared') {
- throw t('files','In the home folder \'Shared\' is a reserved filename');
- } else if (FileList.inList(filename)) {
+ // Files.isFileNameValid(filename) throws an exception itself
+ Files.isFileNameValid(filename, FileList.getCurrentDirectory());
+ if (FileList.inList(filename)) {
throw t('files', '{new_name} already exists', {new_name: filename});
}
}
@@ -1156,9 +1153,9 @@ $(document).ready(function() {
// need to initially switch the dir to the one from the hash (IE8)
FileList.changeDirectory(parseCurrentDirFromUrl(), false, true);
}
- }
- FileList.setCurrentDir(parseCurrentDirFromUrl(), false);
+ FileList.setCurrentDir(parseCurrentDirFromUrl(), false);
+ }
FileList.createFileSummary();
});
diff --git a/apps/files/js/files.js b/apps/files/js/files.js
index f454612070..48e5771ae8 100644
--- a/apps/files/js/files.js
+++ b/apps/files/js/files.js
@@ -87,9 +87,12 @@ var Files = {
* Throws a string exception with an error message if
* the file name is not valid
*/
- isFileNameValid: function (name) {
+ isFileNameValid: function (name, root) {
var trimmedName = name.trim();
- if (trimmedName === '.' || trimmedName === '..') {
+ if (trimmedName === '.'
+ || trimmedName === '..'
+ || (root === '/' && trimmedName.toLowerCase() === 'shared'))
+ {
throw t('files', '"{name}" is an invalid file name.', {name: name});
} else if (trimmedName.length === 0) {
throw t('files', 'File name cannot be empty.');
diff --git a/apps/files/tests/js/filesSpec.js b/apps/files/tests/js/filesSpec.js
index 018c8ef0f3..95bf87e03e 100644
--- a/apps/files/tests/js/filesSpec.js
+++ b/apps/files/tests/js/filesSpec.js
@@ -48,6 +48,41 @@ describe('Files tests', function() {
expect(error).toEqual(false);
}
});
+ it('Validates correct file names do not create Shared folder in root', function() {
+ // create shared file in subfolder
+ var error = false;
+ try {
+ expect(Files.isFileNameValid('shared', '/foo')).toEqual(true);
+ expect(Files.isFileNameValid('Shared', '/foo')).toEqual(true);
+ }
+ catch (e) {
+ error = e;
+ }
+ expect(error).toEqual(false);
+
+ // create shared file in root
+ var threwException = false;
+ try {
+ Files.isFileNameValid('Shared', '/');
+ console.error('Invalid file name not detected');
+ }
+ catch (e) {
+ threwException = true;
+ }
+ expect(threwException).toEqual(true);
+
+ // create shared file in root
+ var threwException = false;
+ try {
+ Files.isFileNameValid('shared', '/');
+ console.error('Invalid file name not detected');
+ }
+ catch (e) {
+ threwException = true;
+ }
+ expect(threwException).toEqual(true);
+
+ });
it('Detects invalid file names', function() {
var fileNames = [
'',
diff --git a/apps/files_external/js/settings.js b/apps/files_external/js/settings.js
index dbc9f54829..cd2a3103eb 100644
--- a/apps/files_external/js/settings.js
+++ b/apps/files_external/js/settings.js
@@ -264,7 +264,7 @@ $(document).ready(function() {
OC.MountConfig.saveStorage($(this).parent().parent());
});
- $('#sslCertificate').on('click', 'td.remove>img', function() {
+ $('#sslCertificate').on('click', 'td.remove>img', function() {
var $tr = $(this).parent().parent();
var row = this.parentNode.parentNode;
$.post(OC.filePath('files_external', 'ajax', 'removeRootCertificate.php'), {cert: row.id});
diff --git a/apps/files_external/lib/config.php b/apps/files_external/lib/config.php
index 1069e2b42e..2767076eef 100755
--- a/apps/files_external/lib/config.php
+++ b/apps/files_external/lib/config.php
@@ -476,7 +476,7 @@ class OC_Mount_Config {
*/
public static function checksmbclient() {
if(function_exists('shell_exec')) {
- $output=shell_exec('which smbclient 2> /dev/null');
+ $output=shell_exec('command -v smbclient 2> /dev/null');
return !empty($output);
}else{
return false;
diff --git a/core/css/styles.css b/core/css/styles.css
index bf9ca835dc..69cf6df07d 100644
--- a/core/css/styles.css
+++ b/core/css/styles.css
@@ -175,6 +175,7 @@ button, .button,
border: 1px solid rgba(190,190,190,.9);
cursor: pointer;
border-radius: 3px;
+ outline: none;
}
input[type="submit"]:hover, input[type="submit"]:focus,
input[type="button"]:hover, input[type="button"]:focus,
diff --git a/core/js/router.js b/core/js/router.js
index e6ef54a186..e764783ca8 100644
--- a/core/js/router.js
+++ b/core/js/router.js
@@ -32,37 +32,37 @@ OC.Router = {
var optional = true;
$(route.tokens).each(function(i, token) {
if ('text' === token[0]) {
- url = token[1] + url;
- optional = false;
+ url = token[1] + url;
+ optional = false;
- return;
+ return;
}
if ('variable' === token[0]) {
- if (false === optional || !(token[3] in route.defaults)
- || ((token[3] in params) && params[token[3]] != route.defaults[token[3]])) {
+ if (false === optional || !(token[3] in route.defaults)
+ || ((token[3] in params) && params[token[3]] != route.defaults[token[3]])) {
var value;
if (token[3] in params) {
- value = params[token[3]];
- delete unusedParams[token[3]];
+ value = params[token[3]];
+ delete unusedParams[token[3]];
} else if (token[3] in route.defaults) {
- value = route.defaults[token[3]];
+ value = route.defaults[token[3]];
} else if (optional) {
- return;
+ return;
} else {
- throw new Error('The route "' + name + '" requires the parameter "' + token[3] + '".');
+ throw new Error('The route "' + name + '" requires the parameter "' + token[3] + '".');
}
var empty = true === value || false === value || '' === value;
if (!empty || !optional) {
- url = token[1] + encodeURIComponent(value).replace(/%2F/g, '/') + url;
+ url = token[1] + encodeURIComponent(value).replace(/%2F/g, '/') + url;
}
optional = false;
- }
+ }
- return;
+ return;
}
throw new Error('The token type "' + token[0] + '" is not supported.');
diff --git a/core/js/share.js b/core/js/share.js
index 0939259b7d..129e50b22d 100644
--- a/core/js/share.js
+++ b/core/js/share.js
@@ -584,8 +584,8 @@ $(document).ready(function() {
$(checkboxes).filter('input[name="edit"]').attr('checked', false);
// Check Edit if Create, Update, or Delete is checked
} else if (($(this).attr('name') == 'create'
- || $(this).attr('name') == 'update'
- || $(this).attr('name') == 'delete'))
+ || $(this).attr('name') == 'update'
+ || $(this).attr('name') == 'delete'))
{
$(checkboxes).filter('input[name="edit"]').attr('checked', true);
}
diff --git a/lib/private/connector/sabre/directory.php b/lib/private/connector/sabre/directory.php
index 02d1a9f4ba..3ed9e94d69 100644
--- a/lib/private/connector/sabre/directory.php
+++ b/lib/private/connector/sabre/directory.php
@@ -50,7 +50,7 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa
*/
public function createFile($name, $data = null) {
- if ($name === 'Shared' && empty($this->path)) {
+ if (strtolower($name) === 'shared' && empty($this->path)) {
throw new \Sabre_DAV_Exception_Forbidden();
}
@@ -86,7 +86,7 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa
*/
public function createDirectory($name) {
- if ($name === 'Shared' && empty($this->path)) {
+ if (strtolower($name) === 'shared' && empty($this->path)) {
throw new \Sabre_DAV_Exception_Forbidden();
}
diff --git a/lib/private/connector/sabre/objecttree.php b/lib/private/connector/sabre/objecttree.php
index d2fa425b22..accf020daa 100644
--- a/lib/private/connector/sabre/objecttree.php
+++ b/lib/private/connector/sabre/objecttree.php
@@ -94,6 +94,9 @@ class ObjectTree extends \Sabre_DAV_ObjectTree {
}
if ($sourceDir !== $destinationDir) {
// for a full move we need update privileges on sourcePath and sourceDir as well as destinationDir
+ if (ltrim($destinationDir, '/') === '' && strtolower($sourceNode->getName()) === 'shared') {
+ throw new \Sabre_DAV_Exception_Forbidden();
+ }
if (!$fs->isUpdatable($sourceDir)) {
throw new \Sabre_DAV_Exception_Forbidden();
}
diff --git a/lib/private/installer.php b/lib/private/installer.php
index 11633a4d4a..64e8e3a5e7 100644
--- a/lib/private/installer.php
+++ b/lib/private/installer.php
@@ -464,7 +464,7 @@ class OC_Installer{
// is the code checker enabled?
if(OC_Config::getValue('appcodechecker', true)) {
// check if grep is installed
- $grep = exec('which grep');
+ $grep = exec('command -v grep');
if($grep=='') {
OC_Log::write('core',
'grep not installed. So checking the code of the app "'.$appname.'" was not possible',
diff --git a/lib/private/preview.php b/lib/private/preview.php
index b0d91fd568..74051fbc2a 100755
--- a/lib/private/preview.php
+++ b/lib/private/preview.php
@@ -408,6 +408,7 @@ class Preview {
$image->loadFromFileHandle($stream);
$this->preview = $image->valid() ? $image : null;
$this->resizeAndCrop();
+ fclose($stream);
}
if (is_null($this->preview)) {
diff --git a/lib/private/preview/movies.php b/lib/private/preview/movies.php
index 71cd3bae05..7e0ff51ad2 100644
--- a/lib/private/preview/movies.php
+++ b/lib/private/preview/movies.php
@@ -9,7 +9,7 @@
namespace OC\Preview;
function findBinaryPath($program) {
- exec('which ' . escapeshellarg($program) . ' 2> /dev/null', $output, $returnCode);
+ exec('command -v ' . escapeshellarg($program) . ' 2> /dev/null', $output, $returnCode);
if ($returnCode === 0 && count($output) > 0) {
return escapeshellcmd($output[0]);
}
diff --git a/lib/private/preview/office-cl.php b/lib/private/preview/office-cl.php
index b11fed13ba..6e4d4321eb 100644
--- a/lib/private/preview/office-cl.php
+++ b/lib/private/preview/office-cl.php
@@ -64,12 +64,12 @@ if (!\OC_Util::runningOnWindows()) {
$cmd = \OC_Config::getValue('preview_libreoffice_path', null);
}
- $whichLibreOffice = shell_exec('which libreoffice');
+ $whichLibreOffice = shell_exec('command -v libreoffice');
if($cmd === '' && !empty($whichLibreOffice)) {
$cmd = 'libreoffice';
}
- $whichOpenOffice = shell_exec('which openoffice');
+ $whichOpenOffice = shell_exec('command -v openoffice');
if($cmd === '' && !empty($whichOpenOffice)) {
$cmd = 'openoffice';
}
diff --git a/lib/private/preview/office.php b/lib/private/preview/office.php
index 269e1dad74..882c4426e6 100644
--- a/lib/private/preview/office.php
+++ b/lib/private/preview/office.php
@@ -15,9 +15,9 @@ if (extension_loaded('imagick')) {
// LibreOffice preview is currently not supported on Windows
if (!\OC_Util::runningOnWindows()) {
- $whichLibreOffice = ($isShellExecEnabled ? shell_exec('which libreoffice') : '');
+ $whichLibreOffice = ($isShellExecEnabled ? shell_exec('command -v libreoffice') : '');
$isLibreOfficeAvailable = !empty($whichLibreOffice);
- $whichOpenOffice = ($isShellExecEnabled ? shell_exec('which libreoffice') : '');
+ $whichOpenOffice = ($isShellExecEnabled ? shell_exec('command -v libreoffice') : '');
$isOpenOfficeAvailable = !empty($whichOpenOffice);
//let's see if there is libreoffice or openoffice on this machine
if($isShellExecEnabled && ($isLibreOfficeAvailable || $isOpenOfficeAvailable || is_string(\OC_Config::getValue('preview_libreoffice_path', null)))) {