Merge branch 'master' of gitorious.org:owncloud/owncloud

This commit is contained in:
Bjoern Schiessle 2012-06-05 15:29:59 +02:00
commit edecc5bca3
5 changed files with 26 additions and 24 deletions

View File

@ -367,16 +367,18 @@ class OC{
// CSRF protection // CSRF protection
if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer=''; if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer='';
$protocol=OC_Helper::serverProtocol().'://'; $refererhost=parse_url($referer);
if(isset($refererhost['host'])) $refererhost=$refererhost['host']; else $refererhost='';
$server=OC_Helper::serverHost();
$serverhost=explode(':',$server);
$serverhost=$serverhost['0'];
if(!self::$CLI){ if(!self::$CLI){
$server=$protocol.OC_Helper::serverHost(); if(($_SERVER['REQUEST_METHOD']=='POST') and ($refererhost<>$serverhost)) {
if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) { $url = OC_Helper::serverProtocol().'://'.$server.OC::$WEBROOT.'/index.php';
$url = $protocol.OC_Helper::serverProtocol().OC::$WEBROOT.'/index.php';
header("Location: $url"); header("Location: $url");
exit(); exit();
} }
} }
self::initSession(); self::initSession();
self::initTemplateEngine(); self::initTemplateEngine();
self::checkUpgrade(); self::checkUpgrade();

View File

@ -83,7 +83,7 @@ abstract class OC_Group_Backend {
* *
* Checks whether the user is member of a group or not. * Checks whether the user is member of a group or not.
*/ */
public static function inGroup($uid, $gid){ public function inGroup($uid, $gid){
return in_array($gid, $this->getUserGroups($uid)); return in_array($gid, $this->getUserGroups($uid));
} }
@ -95,7 +95,7 @@ abstract class OC_Group_Backend {
* This function fetches all groups a user belongs to. It does not check * This function fetches all groups a user belongs to. It does not check
* if the user exists at all. * if the user exists at all.
*/ */
public static function getUserGroups($uid){ public function getUserGroups($uid){
return array(); return array();
} }
@ -105,7 +105,7 @@ abstract class OC_Group_Backend {
* *
* Returns a list with all groups * Returns a list with all groups
*/ */
public static function getGroups(){ public function getGroups(){
return array(); return array();
} }
@ -122,7 +122,7 @@ abstract class OC_Group_Backend {
* @brief get a list of all users in a group * @brief get a list of all users in a group
* @returns array with user ids * @returns array with user ids
*/ */
public static function usersInGroup($gid){ public function usersInGroup($gid){
return array(); return array();
} }

View File

@ -41,7 +41,7 @@
* Class for group management in a SQL Database (e.g. MySQL, SQLite) * Class for group management in a SQL Database (e.g. MySQL, SQLite)
*/ */
class OC_Group_Database extends OC_Group_Backend { class OC_Group_Database extends OC_Group_Backend {
static private $userGroupCache=array(); private $userGroupCache=array();
/** /**
* @brief Try to create a new group * @brief Try to create a new group
@ -51,7 +51,7 @@ class OC_Group_Database extends OC_Group_Backend {
* Trys to create a new group. If the group name already exists, false will * Trys to create a new group. If the group name already exists, false will
* be returned. * be returned.
*/ */
public static function createGroup( $gid ){ public function createGroup( $gid ){
// Check for existence // Check for existence
$query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups` WHERE gid = ?" ); $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups` WHERE gid = ?" );
$result = $query->execute( array( $gid )); $result = $query->execute( array( $gid ));
@ -76,7 +76,7 @@ class OC_Group_Database extends OC_Group_Backend {
* *
* Deletes a group and removes it from the group_user-table * Deletes a group and removes it from the group_user-table
*/ */
public static function deleteGroup( $gid ){ public function deleteGroup( $gid ){
// Delete the group // Delete the group
$query = OC_DB::prepare( "DELETE FROM `*PREFIX*groups` WHERE gid = ?" ); $query = OC_DB::prepare( "DELETE FROM `*PREFIX*groups` WHERE gid = ?" );
$result = $query->execute( array( $gid )); $result = $query->execute( array( $gid ));
@ -96,7 +96,7 @@ class OC_Group_Database extends OC_Group_Backend {
* *
* Checks whether the user is member of a group or not. * Checks whether the user is member of a group or not.
*/ */
public static function inGroup( $uid, $gid ){ public function inGroup( $uid, $gid ){
// check // check
$query = OC_DB::prepare( "SELECT uid FROM `*PREFIX*group_user` WHERE gid = ? AND uid = ?" ); $query = OC_DB::prepare( "SELECT uid FROM `*PREFIX*group_user` WHERE gid = ? AND uid = ?" );
$result = $query->execute( array( $gid, $uid )); $result = $query->execute( array( $gid, $uid ));
@ -112,9 +112,9 @@ class OC_Group_Database extends OC_Group_Backend {
* *
* Adds a user to a group. * Adds a user to a group.
*/ */
public static function addToGroup( $uid, $gid ){ public function addToGroup( $uid, $gid ){
// No duplicate entries! // No duplicate entries!
if( !self::inGroup( $uid, $gid )){ if( !$this->inGroup( $uid, $gid )){
$query = OC_DB::prepare( "INSERT INTO `*PREFIX*group_user` ( `uid`, `gid` ) VALUES( ?, ? )" ); $query = OC_DB::prepare( "INSERT INTO `*PREFIX*group_user` ( `uid`, `gid` ) VALUES( ?, ? )" );
$result = $query->execute( array( $uid, $gid )); $result = $query->execute( array( $uid, $gid ));
return true; return true;
@ -131,7 +131,7 @@ class OC_Group_Database extends OC_Group_Backend {
* *
* removes the user from a group. * removes the user from a group.
*/ */
public static function removeFromGroup( $uid, $gid ){ public function removeFromGroup( $uid, $gid ){
$query = OC_DB::prepare( "DELETE FROM *PREFIX*group_user WHERE uid = ? AND gid = ?" ); $query = OC_DB::prepare( "DELETE FROM *PREFIX*group_user WHERE uid = ? AND gid = ?" );
$result = $query->execute( array( $uid, $gid )); $result = $query->execute( array( $uid, $gid ));
@ -146,7 +146,7 @@ class OC_Group_Database extends OC_Group_Backend {
* This function fetches all groups a user belongs to. It does not check * This function fetches all groups a user belongs to. It does not check
* if the user exists at all. * if the user exists at all.
*/ */
public static function getUserGroups( $uid ){ public function getUserGroups( $uid ){
// No magic! // No magic!
$query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*group_user` WHERE uid = ?" ); $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*group_user` WHERE uid = ?" );
$result = $query->execute( array( $uid )); $result = $query->execute( array( $uid ));
@ -165,7 +165,7 @@ class OC_Group_Database extends OC_Group_Backend {
* *
* Returns a list with all groups * Returns a list with all groups
*/ */
public static function getGroups(){ public function getGroups(){
$query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups`" ); $query = OC_DB::prepare( "SELECT gid FROM `*PREFIX*groups`" );
$result = $query->execute(); $result = $query->execute();
@ -181,7 +181,7 @@ class OC_Group_Database extends OC_Group_Backend {
* @brief get a list of all users in a group * @brief get a list of all users in a group
* @returns array with user ids * @returns array with user ids
*/ */
public static function usersInGroup($gid){ public function usersInGroup($gid){
$query=OC_DB::prepare('SELECT uid FROM *PREFIX*group_user WHERE gid=?'); $query=OC_DB::prepare('SELECT uid FROM *PREFIX*group_user WHERE gid=?');
$users=array(); $users=array();
$result=$query->execute(array($gid)); $result=$query->execute(array($gid));

View File

@ -120,7 +120,7 @@ class OC_Helper {
*/ */
public static function linkToAbsolute( $app, $file ) { public static function linkToAbsolute( $app, $file ) {
$urlLinkTo = self::linkTo( $app, $file ); $urlLinkTo = self::linkTo( $app, $file );
$urlLinkTo = OC_Helper::serverProtocol(). '://' . self::serverHost() . $urlLinkTo; $urlLinkTo = self::serverProtocol(). '://' . self::serverHost() . $urlLinkTo;
return $urlLinkTo; return $urlLinkTo;
} }

View File

@ -34,7 +34,7 @@ li.selected { background-color:#ddd; }
#content>table:not(.nostyle) { margin-top:3em; } #content>table:not(.nostyle) { margin-top:3em; }
table:not(.nostyle) { width:100%; } table:not(.nostyle) { width:100%; }
#rightcontent { padding-left: 1em; } #rightcontent { padding-left: 1em; }
td.quota { position:relative } td.quota { position:absolute; }
div.quota { float:right; display:block; position:absolute; right:25em; top:0; } div.quota { float:right; display:block; position:absolute; right:25em; top:0; }
select.quota { position:absolute; left:0; top:0; width:10em; } select.quota { position:absolute; left:0; top:0; width:10em; }
input.quota-other { display:none; position:absolute; left:0.1em; top:0.1em; width:7em; border:none; -webkit-box-shadow: none -mox-box-shadow:none ; box-shadow:none; } input.quota-other { display:none; position:absolute; left:0.1em; top:0.1em; width:7em; border:none; -webkit-box-shadow: none -mox-box-shadow:none ; box-shadow:none; }