37e6ac9a2a
initPaths: set include path before any owncloud function is called
...
Ensure we can find basic owncloud classes while detecting the owncloud
paths in function initPaths by add OC::$SERVERROOT . '/lib' to include
path before any owncloud function is called.
This fix a bug with XAMPP that cannot find the class OC_Config in
function OC_Request::scriptName when called from function
OC_Base::initPaths.
2013-02-02 12:07:18 +01:00
2488a495c6
Merge pull request #1384 from owncloud/upgrade_fix
...
Check for upgrade/maintance mode before trying to load an app
2013-02-01 07:12:06 -08:00
ab2b79cda6
add multiple domains reverse proxy support
...
Add support for a reverse proxy that handles multiple domains via different
web roots (http[s]://proxy.tld/domain.tld/owncloud).
As the reverse proxy web root is transparent for the web server the
REQUEST_URI and SCRIPT_NAME need manual adjustments. This patch replace
the direct use of this _SERVER variables with function calls and extend
this functions to overwrite the web root. Additionally it adds a Sabre
request backend that extends the Sabre_HTTP_Request to use the same
functions.
2013-01-31 18:42:31 +01:00
057920b165
Still load js files in maintance mode
2013-01-30 23:05:44 +01:00
f452d2d0c4
Check for upgrade/maintance mode before trying to load an app
2013-01-30 22:55:33 +01:00
207aa22d12
merge master into filesystem
2013-01-30 19:24:24 +01:00
0bce22966c
Update lib/base.php
...
Correction of typo "locate" -> "locale".
2013-01-30 14:27:08 +01:00
74f6f85628
merge master into filesystem
2013-01-28 19:37:58 +01:00
232cc3211b
add oc:// streamwrapper to provide access to ownCloud's virtual filesystem
2013-01-28 15:35:30 +01:00
c9c919da57
Move streamwrappers to seperate files and put them in a namespace
2013-01-28 15:34:15 +01:00
1d44a99ebb
Merge branch 'master' into updater-CSP
...
Conflicts:
core/templates/update.php
2013-01-28 09:57:24 +01:00
930b9b9cd0
merge master into filesystem
2013-01-26 18:49:45 +01:00
2cc77759aa
lookup for OCA classes in all apps folders
2013-01-26 12:45:50 +01:00
dbc13cf6ee
Move update inline JS
2013-01-25 19:18:16 +01:00
7f49d35930
Move checkMaintenance and checkUpgrade
...
This is needed to ensure that the routing and linkTo() function for CSP
are available.
2013-01-25 19:15:02 +01:00
0d2a58bc5d
Initialize router also if ownCloud isn't installed
2013-01-25 14:57:52 +01:00
b4c3dd84b4
update to jquery-ui 1.10.0
2013-01-23 11:37:52 +01:00
8ca78fcf3f
Move requesttoken to oc-requesttoken.js
2013-01-21 20:24:18 +01:00
83d6221322
merge master into filesytem
2013-01-20 03:11:04 +01:00
f1939866f3
Merge pull request #1214 from Raydiation/master
...
Load Classpaths of apps before appinfo/routes.php
2013-01-19 09:44:48 -08:00
487e401361
Typo fix (comment) /lib/base.php
2013-01-18 10:52:29 -08:00
5df57e4ada
Merge pull request #1181 from owncloud/return-503-in-maintenance
...
in case of maintenance the error page returns http status 503.
2013-01-18 04:02:03 -08:00
2b95ae1e6d
spaces to tabs
2013-01-17 21:44:40 +01:00
a8094abac7
load classpaths of apps before routes
2013-01-17 21:42:46 +01:00
5445b94416
merge master into filesystem
2013-01-16 19:04:50 +01:00
a8f963d9cf
Spaces to tabs
2013-01-16 18:09:16 +01:00
31ce320c52
in case of maintenance the error page returns http status 503.
...
This is necessary to enable the desktop sync client to react properly.
Currently the SabreDAV plugin OC_Connector_Sabre_MaintenancePlugin is not executed because this error page is returned before the SabreDAV code is executed
2013-01-14 21:39:55 +01:00
0ca5047da5
Autoload namespaced test classes
2013-01-07 00:36:01 +01:00
a94405b4e4
Only show the version updating to instead of worrying about converting internal to a formatted version
2013-01-04 20:13:00 -05:00
f2e6df807d
Add back check if installed around background jobs
2013-01-04 14:16:59 -05:00
7505837079
Basic update progress of database update only
2013-01-03 21:32:33 -05:00
a52aa69ffe
Rearrange code to prepare for updater feedback
2013-01-03 14:11:00 -05:00
ce443818d4
Check if oc_token cookie exists before trying to use it
2013-01-02 19:59:04 -05:00
7d811e57e6
setting the timezone is now part of the login process and true part of the core.
2012-12-20 11:10:45 +01:00
196f1c3786
add a check and a warning if setlocale is working
2012-12-19 15:10:33 +01:00
b8b64d6ffc
set the session name to the instance id - which is unique
...
Conflicts:
lib/base.php
2012-12-12 16:07:51 +01:00
af12b0f5da
Autoload classes with 'OC' namespace prefix.
2012-12-11 16:00:48 +01:00
1e062ea895
Merge pull request #182 from owncloud/fix-redirect
...
Make the redirect_url working again
2012-12-07 03:09:19 -08:00
76625e9ba5
Merge pull request #647 from owncloud/fix_app_settings_navigation
...
Move loading of all the apps to setting the active navigation entry.
2012-12-05 01:48:20 -08:00
e65abb8054
minified version no longer available
2012-12-04 14:49:19 +01:00
8ce3aca331
Move loading of all the apps to setting the active navigation entry.
...
We can't do the loading before matching the route, because some routes
need to do the loading after matching of the route. For example the
navigation detection of the app settings page.
2012-11-30 12:47:44 +01:00
eaa625c9bc
Merge pull request #401 from owncloud/share_hooks
...
Create functions to install standard hooks
2012-11-28 04:35:52 -08:00
8bed38c78d
Rename install hook functions to register hook
2012-11-15 18:13:54 +01:00
e642d18e26
When using routing in apps, no apps are loaded in the left navigation tree. To fix this: load apps for matching a request
2012-11-15 14:48:18 +01:00
530f3f8be9
Create functions to install standard hooks
...
Also use these in tests that needs them
Fix #151
2012-11-13 23:45:17 +01:00
7b53c9d3f0
Merge pull request #157 from owncloud/setup
...
Make lib/setup.php usable outside of install setup
2012-11-12 13:23:31 -08:00
7f0c69eb0e
Added CRUDS permissions to the OCP namespace. Implements issue #345
2012-11-11 23:09:54 +01:00
8f669880bc
Fix WebDAV (and Android Client) not being able to authorize on Debian Squeeze + mod_fcgid installs.
2012-11-09 13:30:07 +01:00
a4b2ea586d
Style: Remove all the dangling white spaces
2012-11-04 22:16:04 +01:00
27ab0357ae
Checkstyle: Fix last six NewlineBeforeOpenBrace
2012-11-04 18:36:16 +01:00
8ac3849a95
Merge pull request #238 from fmms/checkstyle04
...
Checkstyle fixes
2012-11-04 08:59:45 -08:00
8c4c74b23f
Merge pull request #178 from owncloud/JustOneCSRFTokenPerSession
...
Just one CSRF token per session
2012-11-04 05:54:02 -08:00
30d7993e01
Checkstyle fixes: NoSpaceAfterComma
2012-11-04 11:10:46 +01:00
d2e842fcc9
Remove uneeded new line
2012-11-01 22:38:21 +01:00
822e4d5f6c
Check for redirect_url for logged in users
...
This checks if there is a redirect_url for logged in users
2012-11-01 22:37:37 +01:00
81f019b6c5
Make the redirect_url working again
...
Fixes #160
2012-10-31 22:03:55 +01:00
7a7f12a0c1
Create only one CSRF token per session
...
Before, the CSRF token expired every hour. We had a script in place
which should refresh the token but this don't worked in every case.
(Laptop sleeping etc.)
With this commit, the token will only get once created for every
session so that the "Token expired" warning shouldn't appear.
2012-10-31 18:37:59 +01:00
6d09752940
DRY for creating htaccess to protect data-directory
2012-10-30 20:57:19 +01:00
246d7ea2ea
Separate control code from class definition
2012-10-30 20:56:31 +01:00
f6b6780072
Don't use OC_Setup as it will show up the installer
2012-10-29 22:44:49 +01:00
6903475841
Generate .htaccess when upgrading from old versions
...
When upgrading from old ownCloud versions like 2.x the .htaccess is not
generated - which exposes the data to the internet. This fix will
generate a .htaccess when upgrading. (And no one exists)
Fixes #127
2012-10-29 22:03:18 +01:00
fecfeac55d
Fix introduced style errors
2012-10-27 17:45:15 +02:00
894d44e796
Merge remote-tracking branch 'git://github.com/susinths/SabreDAV_1.7.1.git'
...
Conflicts:
lib/base.php
2012-10-27 16:33:10 +02:00
0120f3fd62
Merge branch 'routing'
...
Conflicts:
core/lostpassword/index.php
core/lostpassword/resetpassword.php
2012-10-27 11:58:02 +02:00
43e8293d9c
Change Symfony/Component/Routing from submodule to composer fetching
2012-10-27 11:32:16 +02:00
6a00a6b9ed
Make Jenkins more happy.
...
This is NoSpaceAfterComma
2012-10-23 00:28:12 +02:00
6081bfa2bc
Merge branch 'master' into routing
...
Conflicts:
lib/search/provider/file.php
settings/ajax/changepassword.php
settings/settings.php
2012-10-17 16:38:11 +02:00
b2b84f3a6f
Update Sabre to version 1.7.1
2012-10-17 16:17:36 +02:00
de7b46c66a
Use `get_magic_quotes_gpc()` to determine if magic_quotes is enabled
...
set_magic_quotes_runtime gives a PHP warning
2012-10-16 19:42:17 +02:00
59404b5675
Merge pull request #31 from visit1985/persistentcookies
...
reresubmit: improved persistent cookies :)
2012-10-16 04:46:22 -07:00
ddcd738357
Merge branch 'extended_log'
...
PHP errors logging into the owncloud log
2012-10-16 01:30:45 +03:00
8be9c04a3a
128byte is not 128bit - now we realy use 256bit (same as PHPSESSID)
2012-10-15 20:04:22 +02:00
ae1f33db54
implement fixed php session timeout and session id regeneration
2012-10-14 22:36:26 +02:00
b92fd984aa
removed username and password from token generation
2012-10-14 22:36:26 +02:00
a6c4046f48
fixed typo and redundant method call
2012-10-14 22:36:25 +02:00
d8fe6fbb40
added a warning message to the log when a cookie is rejected
2012-10-14 22:36:25 +02:00
382f8d060c
fixed wrong variable usage
2012-10-14 22:36:25 +02:00
38b9bffaea
call unsetMagicInCookie if token is invalid
2012-10-14 22:36:25 +02:00
eb79ccafe3
forgot a class name
2012-10-14 22:36:25 +02:00
2ea06f67bd
delete all tokens on password change
2012-10-14 22:36:25 +02:00
45f1c3f120
further improvements on multiple login token support
...
outdated tokens are deleted before checking against cookies
if an invalid token is used we delete all stored tokens for saveness
used token will be replaced by a new one after successful authentication
2012-10-14 22:36:25 +02:00
ee5d0f328f
improve token security
...
switched from time() to internal method OC_Util::generate_random_bytes()
2012-10-14 22:36:25 +02:00
4b799a6982
Make the lifetime of the remember login cookie
2012-10-14 22:36:25 +02:00
7f3e0b5566
Cleanup login tokens on login success
2012-10-14 22:36:25 +02:00
1012d317e3
Add support for multiple login cookie tokens
2012-10-14 22:36:25 +02:00
7095b3a083
extend logon page to display multiple error messages
2012-10-14 19:57:24 +02:00
9a35bd76fb
Use resolved path for require_once in autoloader
2012-10-12 15:47:41 +02:00
2c3674ea87
Add logging when stripping apps from autoload include path
2012-10-10 21:06:15 +02:00
fe40277ec2
Use __DIR__ instead of __FILE__ to get SERVERROOT
2012-10-10 21:06:15 +02:00
cda2135966
Send a HSTS HTTP header to enforce SSL
2012-10-10 18:56:14 +02:00
3affeb5bd7
destroy invalid sessions
2012-10-08 13:36:11 +02:00
f3a211c03c
Implement routing on javascript side
2012-10-05 09:42:36 +02:00
f8eebcbb01
reload the current url when login in instead of always redirecting to the default app (oc-1873)
2012-09-30 03:47:37 +02:00
578aa4e425
Removed sectoken
...
This token is completly useless since an attacker can easily extract it
from the page.
2012-09-29 15:18:38 +02:00
c9317b5a68
Merge branch 'master' into routing
2012-09-28 21:41:21 +02:00
bf1057143c
Merge branch 'master' into routing
...
Conflicts:
apps/files/js/filelist.js
core/js/js.js
lib/ocs.php
2012-09-28 15:38:49 +02:00
743826bbf3
Reimplementation of CSRF protection including autorefresh
2012-09-28 13:30:44 +02:00
2b6869bcea
Uncaught exception logging
2012-09-26 14:38:06 +03:00
c4fc291fa7
Passwords containing a ":" don't work with this explode
...
Thanks to mETz
2012-09-25 19:57:40 +02:00
bbf8bb0bb3
Log PHP errors to the OC log
2012-09-12 22:30:04 +03:00
herbrechtsmeier
Bart Visscher
Robin Appelman
irgsmirx
Thomas Mueller
Lukas Reschke
Bernhard Posselt
davidgumberg
Michael Gapczynski
Frank Karlitschek
Thomas Tanghus
Jörn Friedrich Dreyer
Stefan Seidel
Felix Moeller
Susinthiran Sithamparanathan
Victor Dubiniuk
Michael Göhler
Arthur Schiwon
Christian Reiner