Lukas Reschke
360c22fd28
Validate cookie to prevent auth bypasses.
2012-08-24 14:58:48 +02:00
Bart Visscher
5e7086adc9
Move login handling to OC class
2012-08-10 12:17:13 +02:00
Bart Visscher
1823dafe44
Remove checks before displaying login page
...
At that point the checks are already done before
2012-08-10 12:09:19 +02:00
Bart Visscher
667cd318fe
Use OC_Util::displayLoginPage and cleanup the function
2012-08-10 11:43:04 +02:00
Bart Visscher
3387454094
Move login code from index.php to OC class
2012-08-08 22:42:51 +02:00
Bart Visscher
9156fb73fd
Move handling request of index.php to OC class
2012-08-08 22:42:50 +02:00
Bjoern Schiessle
902c649dad
use new sanitize HTML function backported
...
Conflicts:
lib/template.php
2012-06-20 16:59:51 +02:00
Bjoern Schiessle
089ae980c4
use new sanitize HTML function
2012-06-19 17:24:55 +02:00
Bart Visscher
79f9d61ec8
Allow apps to load before login, needed for user_openid
2012-06-18 15:40:48 +02:00
Bjoern Schiessle
0074062b53
fixed xss vulnerability
2012-06-15 16:16:00 +02:00
Bjoern Schiessle
3ddaedee3b
fixed xss vulnerability
2012-06-15 15:51:06 +02:00
Thomas Tanghus
f589df7366
Redirect HTTP Auth requests to REQUEST_URI. Partial fix for http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-874
2012-06-13 18:31:36 +02:00
Thomas Tanghus
4f6978c30f
Redirect HTTP Auth requests to REQUEST_URI. Partial fix for http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-874
2012-06-11 15:22:58 +02:00
Robin Appelman
ba1dec64c1
load all apps when loging in, needed for apps listening to login hooks
2012-06-09 15:58:30 +02:00
Robin Appelman
ec55eaef5b
dont load apps when displaying the login page
...
and only load authentication apps during login
2012-06-09 15:28:57 +02:00
Frank Karlitschek
a945fa10a6
update copyright
2012-05-26 19:14:24 +02:00
Michael Gapczynski
90cbc32c77
Fix redirect after login, prevent open redirects
2012-05-18 16:56:48 -04:00
Michiel de Jong
1a874b4c56
make redirect safe by restricting it to current host
2012-05-18 15:32:41 +02:00
Michiel de Jong
9b5e8a2c63
fix redirect to desired page after login
2012-05-18 15:11:01 +02:00
Georg Ehrke
b35c6b57a9
allow loading of css files even if a user isn't logged in
2012-05-17 21:56:33 +02:00
Georg Ehrke
232788396d
some changes for login
2012-05-11 16:43:45 +02:00
Michael Gapczynski
051442bc76
Sanitize redirect urls
2012-05-08 17:41:50 -04:00
Bart Visscher
4dbc2093c6
Create a function for linking to remote.php
2012-05-07 21:47:14 +02:00
Georg Ehrke
e33b12a375
fix path of webdav
2012-05-07 12:07:39 +02:00
Frank Karlitschek
d2b0de614e
fix an XSS bug
2012-05-06 23:06:38 +02:00
Georg Ehrke
da03d05700
create folder 'remote' for the remote services like caldav, carddav and webdav
2012-05-02 16:41:23 +02:00
Georg Ehrke
657d02371c
fix login
2012-04-27 14:55:26 +02:00
Georg Ehrke
993d655aad
Merge branch 'master' into movable_apps_2
2012-04-27 10:30:50 +02:00
Frank Karlitschek
74b5e22a68
some more csrf fixes
2012-04-26 23:17:46 +02:00
Georg Ehrke
3f64eb25ab
some fixes fore movable apps
2012-04-26 14:52:55 +02:00
Georg Ehrke
2e85313701
optimize code
2012-04-19 22:26:36 +02:00
Georg Ehrke
85019887df
add loading of files
2012-04-19 16:44:49 +02:00
Georg Ehrke
3e0e6e35f4
open app thru index.php
2012-04-18 08:20:51 +02:00
Arthur Schiwon
30d524b426
load apps before logout so that logout-hook works
2012-02-20 11:21:46 +01:00
Bart Visscher
f47444e1f7
Use separate function to make absolute urls
2012-02-17 22:07:14 +01:00
Thomas Tanghus
f3e8776dc6
Merge git://gitorious.org/owncloud/owncloud into tanghus_remote_backup
2011-12-16 17:43:06 +01:00
Robin Appelman
a862fec9a3
make remember login token also dependent on password to protect against some brute force attacks on this token
2011-12-14 13:26:34 +01:00
Thomas Olsen
21d613cbc6
Added export.php for contacts app. Works the same way as the one in the calendar app, except there is no UI for it.
...
Fixed indentation in /index.php
2011-12-01 02:02:45 +01:00
Robin Appelman
b0127e3918
use OC_Log instead of error_log
2011-10-16 21:42:24 +02:00
Robin Appelman
9a5af50f32
Merge commit 'refs/merge-requests/59' of git://gitorious.org/owncloud/owncloud
2011-10-14 20:34:36 +02:00
Patrick Stricker
2cc5f5e19e
made work with http authentication kind of sso login
2011-10-13 10:04:39 +02:00
Thomas Schmidt
e710bcb6d3
add owncloud autosetup option
2011-10-10 11:48:58 +02:00
Marvin Thomas Rabe
4bcb6f5346
remeber cookie bug fixed
2011-10-04 19:41:00 +02:00
Marvin Thomas Rabe
33f24a42b8
redirect url fixed
2011-10-04 19:27:57 +02:00
Marvin Thomas Rabe
6d8985ceb2
added infield labels. readded fade in of login button. updated label on install page.
2011-10-03 14:41:55 +02:00
Marvin Thomas Rabe
481a37fcf3
Show database only in advanced
2011-10-03 13:32:16 +02:00
Marvin Thomas Rabe
c943f48547
fixed link to password recovery. removed duplicated and unused code out of index.php.
2011-10-01 11:08:49 +02:00
Bart Visscher
21a88613a1
Merge branch 'lostpassword'
...
Conflicts:
core/templates/login.php
index.php
lib/util.php
2011-09-30 23:48:20 +02:00
Marvin Thomas Rabe
ccfa2dd24c
Error when only oc_remember_login cookie set fixed.
...
Filled username field when oc_username is set repaired.
Problems with "advanced settings" button in installation wizard fixed.
CSS improved - login and installation now looks more clean.
Request password link removed (email feature not implemented yet).
Database radio button bugs removed.
It is possible to have an empty database password, now ownCloud will support this "security issue".
Ignore Mac OS X ".DSstore" files.
Fade in/out of login button and remember checkbox removed due to some display errors.
2011-09-30 18:25:34 +02:00
Frank Karlitschek
bf3248bee9
remove warning by check cookie before accessing it.
2011-09-27 15:31:30 +02:00
Bart Visscher
950d4e1da4
Move lostpassword code to own app
2011-09-26 21:17:26 +02:00
Bart Visscher
aae6881494
Move display of login page to function in OC_Util
2011-09-26 21:17:17 +02:00
Robin Appelman
3bccebacbc
prevent people from triggering the setup manually
2011-09-24 19:06:08 +02:00
Florian Pritz
8648e3c43c
only call error_log() if DEBUG is true
...
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-24 18:41:47 +02:00
Bart Visscher
e990ef3542
Move some common code to OC_Util
...
Created the following function:
- checkLoggedIn
- checkAdminUser
- redirectToDefaultPage
2011-09-18 21:31:56 +02:00
Bart Visscher
8966ed5a00
Cleanup lib/base.php
2011-09-18 20:57:05 +02:00
Bart Visscher
82c7598861
Remove global vars and use the OC static version.
...
Removed global vars are DOCUMENTROOT, SERVERROOT, SUBURI, WEBROOT and CONFIG_DATADIRECTORY
2011-09-18 19:37:54 +02:00
Bartek Przybylski
94696ea7de
remember changed not to store password in cookie
2011-09-18 15:05:53 +02:00
Bartek Przybylski
68e7666293
Changed behaviour of remember checkbox
2011-09-18 09:15:30 +02:00
Michael Gapczynski
1c955606a1
Initial work on resetting forgotten passwords. It works, but still need to email a token to allow reset
2011-08-29 14:37:18 -04:00
Serge Martin
7c254dd94d
Exit after call to setup
2011-08-07 15:39:01 +02:00
Robin Appelman
01cecc8388
redirect index.php to files/webdav.php for webdav (PROPFIND) requests
2011-08-04 20:06:33 +02:00
Jakob Sack
bafd684eb6
Renaming classes :-)
2011-07-29 21:36:03 +02:00
Jakob Sack
2f807a3c7f
Delete requires in applications where possible
2011-07-27 19:25:49 +02:00
Robin Appelman
9d1c5c855b
fix warning if no username is set in the cookie
2011-07-22 00:47:20 +02:00
Bartek Przybylski
c5776fdae4
remember login added
2011-07-20 15:04:14 +02:00
Kamil Domanski
0603391405
fixed page reload after logout
2011-06-20 21:09:34 +02:00
Jakob Sack
b31a8ac985
More l10n-stuff
2011-06-19 23:33:34 +02:00
François Kubler
13ddf8100f
New installer.
...
* Forms have been revamped (CSS + javascript),
* Process has been improved : errors are displayed on the form page,
* Some changes in the index.php page so that everything related to installation is in lib/setup.php
* Also added a small function in OC_HELPER class to set input values.
All these should improve the installation process in terms of ergonomics.
Well, I do hope so.
2011-05-17 22:34:31 +02:00
Jakob Sack
6b83e5ccfe
renamed installer.php to setup.php
2011-05-06 22:50:18 +02:00
Robin Appelman
a977ba31ce
create .htaccess files during installation for apache users
2011-04-18 14:12:53 +02:00
Robin Appelman
fde08b2389
installer now works when using mysql
2011-04-17 11:10:03 +02:00
Robin Appelman
3263b80ea9
first-run wizzard wip
2011-04-17 00:45:05 +02:00
Robin Appelman
5409b34b06
check if an item in an array exists before we use it
2011-04-16 21:17:57 +02:00
Frank Karlitschek
26974d0465
fixing other peoples bad coding style ;-)
2011-04-16 20:52:12 +02:00
Robin Appelman
c5f9c5b8a3
fix infinite redirect error that happend in rare cases
2011-04-16 19:22:26 +02:00
Robin Appelman
1495ec0f31
show server configuration errors on seperate page
2011-04-16 15:49:55 +02:00
Jakob Sack
b5f913a3fc
Merge branch 'refactoring' of git://anongit.kde.org/owncloud into refactoring
2011-04-16 14:59:27 +02:00
Jakob Sack
4c74029489
First sketch of a user administration
2011-04-16 14:59:10 +02:00
Robin Appelman
50035f5a92
redirect to owncloud root after logout
2011-04-16 13:24:26 +02:00
Jakob Sack
8465f76e7e
Use OC_CONFIG where possible
2011-04-16 12:18:42 +02:00
Robin Appelman
232654cb60
get rid of the oc_require and friends
2011-04-16 10:12:53 +02:00
Jakob Sack
132695ceb1
Start of the refactoring. Commit is quite big because I forgot to use git right from the beginning. Sorry.
2011-03-01 23:20:16 +01:00
Jonathan Riddell
d294c2f6bd
Fix licencing, make headers refer to intended AGPL, include copy of AGPL
2011-02-09 14:50:27 +00:00
Martin T. H. Sandsmark
64d4d57615
fix permissions, start to implement private data api
2010-07-16 11:36:03 +02:00
Thibaut GRIDEL
19ab1292fb
simple fixes
2010-05-02 11:24:46 +02:00
Robin
38bdf4083a
same fixes, this time hopefully without merge conflict
2010-04-19 19:46:42 +02:00
Frank Karlitschek
7adbbfe05c
add Open Collaboration API support. You can now connect your ownCloud with the KDE Social Desktop and push notifications to your Social News Plasmoid. This requires KDE trunk or KDE SV 4.5
2010-04-14 16:58:52 +02:00
Frank Karlitschek
c69eab18d2
Merge commit 'refs/merge-requests/18' of git://gitorious.org/owncloud/owncloud
...
merge
Conflicts:
index.php
2010-04-12 15:50:39 +02:00
Robin
4a1d9370fc
small visual changes
2010-04-12 14:49:10 +02:00
Robin
48341b0826
visual changes
2010-04-12 14:31:22 +02:00
Frank Karlitschek
2a75c0d044
merge Adityas improvements
2010-03-29 16:21:00 +02:00
Robin
f16f1e508f
added option to load js files from php
2010-03-28 13:07:13 +02:00
root
6d57de7b32
cleanup autoconfiguration wizard, add settings page, make it run from subdirectories, huge cleanup
2010-03-16 08:48:36 +01:00
Robin
35b9aabd01
do not asume owncloud is installed in the root of the webserver
2010-03-15 15:41:53 +01:00
Frank Karlitschek
d12bd67ebf
Merge commit 'refs/merge-requests/3' of git://gitorious.org/owncloud/owncloud
2010-03-14 22:01:38 +01:00
CharlyCoste
c921e5422d
<br /> is not a valid strict xhtml1.0 tag. Not semantic. Replacing it by CSS instructions on semantic tags.
2010-03-14 02:03:29 +01:00
Aaron Reichman
a98a83802b
Changed spelling of lisener to listener
2010-03-13 13:34:46 -08:00
Frank Karlitschek
16f3bd4e23
commiting ownCloud 1.0 beta 1
2010-03-10 13:03:40 +01:00