Commit Graph

183 Commits

Author SHA1 Message Date
Lukas Reschke 2bd1c17345 Don't encode url unecessary twice
The URL was previously encoded twice which leads to getting redirected to a 404 page when the password has been entered incorrect at least once.

Testplan:

- [ ] Opening `http://localhost/core/index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fadmin` redirects to the admin page when providing the correct credentials
- [ ] Opening `http://localhost/core/index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fadmin` redirects to the admin page when providing the invalid credentials and then providing valid ones.
- [ ] Logging in as admin then going to the admin page and clearing the cookies and refreshing will show the login and when repeating the above test steps you're redirected correctly.

Fixes https://github.com/owncloud/core/issues/9804
2015-02-02 15:09:59 +01:00
Lukas Reschke 30a5758a95 Don't check for `always_populate_raw_post_data` on HHVM
HHVM seems to have problems with this at the moment (even setting those values in the php.ini of HHVM doesn't have helped much) and thus the unit test execution failed.

So it's better if we disable this check for now for HHVM.
2015-01-23 13:54:34 +01:00
Morris Jobke 7e4afa3f25 Merge pull request #13593 from owncloud/add-check-for-raw-post-data
Add check for `HTTP_RAW_POST_DATA` setting for >= 5.6
2015-01-22 23:59:52 +01:00
Morris Jobke 254a1fa12a Merge pull request #13314 from owncloud/login-hook-logout
Return false if the login is canceled in a hook
2015-01-22 23:34:19 +01:00
Morris Jobke 55c28608c9 translate error messages 2015-01-22 14:52:47 +01:00
Robin Appelman 8a9acc5083 Allow custom error messages for the login page 2015-01-22 14:13:02 +01:00
Lukas Reschke bb80cf4eca Add check for `HTTP_RAW_POST_DATA` setting for >= 5.6
PHP 5.6 otherwise throws notices for perfectly valid code which results in broken endpoints.

Fixes https://github.com/owncloud/core/issues/13592
2015-01-22 13:50:38 +01:00
Bernhard Posselt 6737dd111d ignore core 2015-01-14 15:27:37 +01:00
Bernhard Posselt 4ec4914bb4 move check into addTranslation method 2015-01-14 14:57:56 +01:00
Bernhard Posselt 1cce1f0e6b dont load core scritps 2015-01-14 14:43:11 +01:00
Bernhard Posselt d6f1ff7993 only load translsations for apps 2015-01-14 13:48:21 +01:00
Bernhard Posselt 8cb60b2366 make translation lookup faster (O(n) -> O(1)) 2015-01-14 13:39:29 +01:00
Bernhard Posselt 717e3acd9b autoload app's js translations 2015-01-14 13:34:52 +01:00
Bjoern Schiessle 89f17ef6fe adapt decrypt all and restore/delete key backups to the new folder structure for encryption key introduced with OC8 2015-01-13 12:45:33 +01:00
Lukas Reschke e80ece9a2b Verify whether value is already normalized
Apparently `normalizer_normalize` is not verifying itself whether the string needs to be converted or not. Or does it at least not very performantly.

This simple change leads to a 4% performance gain on the processing of normalizeUnicode. Since this method is called quite often (i.e. for every file path) this has actually a measurable impact. For examples searches are now 200ms faster on my machine. Still not perfect but way to go.

Part of https://github.com/owncloud/core/issues/13221
2015-01-10 12:12:40 +01:00
Thomas Müller 296a852063 check for working htaccess will result in a dead lock because the server is blocking the request to itself - fixes #13153 2015-01-08 09:13:18 +01:00
Thomas Müller aec79b0c0e Merge pull request #13043 from owncloud/check-for-hash
Check for hash
2014-12-28 14:12:57 +01:00
Lukas Reschke 222e4a0762 Check for hash
See https://github.com/owncloud/core/pull/13042
2014-12-28 13:23:34 +01:00
Frank Karlitschek 4a40e5699c remove Edition 2014-12-25 11:36:41 +01:00
Frank Karlitschek 3dea2b95c6 Automatically detect the edition based on the enterprise_key app. 2014-12-25 09:48:15 +01:00
Thomas Müller 775f6a1354 make sure styles and scripts are only loaded once 2014-12-16 18:26:43 +01:00
Joas Schilling 4d232e536e Deprecate Util::formatDate()
Make DateTimeFormatter a service and adjust tests that have been inaccurate
2014-12-10 11:58:56 +01:00
Lukas Reschke ddcf2b84ec Remove checks for safe mode and magic quotes
Both are removed from 5.4.0

Safe Mode: http://php.net/manual/en/features.safe-mode.php
> This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.

Magic Quotes: http://php.net/manual/en/security.magicquotes.php
> This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.
2014-12-05 19:14:47 +01:00
Lukas Reschke 1b0bc2e099 PHP 5.4 is now required for master
🍻
2014-12-04 10:46:38 +01:00
Joas Schilling 2c39aec8cb Replace deprecated constant with new class constant 2014-11-25 16:30:21 +01:00
Lukas Reschke 9a1673c79d Check for XMLWriter class
This is not installed by default in all cases and will break the DAV features of ownCloud. Lot's of reports such as https://github.com/owncloud/ios-issues/issues/167#issuecomment-63798507
2014-11-20 13:13:14 +01:00
Morris Jobke d763b32048 ability to add bower resources
* add addVendorScript & addVendorStyle
* refactoring of addScript and addStyle
* add shortcuts vendorScript and vendorStyle
2014-11-03 20:54:40 +01:00
Vincent Petry bed81ea854 Merge pull request #11080 from owncloud/addheader-text-2
Fix the addHeader tag attributes text methods to not ignore the text parameter
2014-10-30 18:13:46 +01:00
Thomas Müller a589d61b78 in case a translation javascript is not found we no longer bail out
remove translation.php
2014-10-29 10:09:12 +01:00
Vincent Petry ec1a73fab9 Added OC.L10N namespace with translation functions
Added addTranslations and fixed de.js file

Fixed de.js to use OC.L10N.register() and use to correct expected
format.

Added JS unit tests for OC.L10N class

Include translations JS script for all apps
2014-10-29 10:09:12 +01:00
Lukas Reschke 510d0b2cf3 Fix the "addHeader($tag, $attributes, $text)" methods to not ignore the $text parameter
Also support closing tags with no text content given

Conflicts:
	lib/private/template.php
2014-10-28 11:15:58 +01:00
Lukas Reschke d6380a5395 Merge pull request #11786 from owncloud/MakeSupportedDBsConfigurable
Make supported DBs configurable within config.php
2014-10-27 22:24:16 +01:00
Lukas Reschke 233c49f4b9 Make supported DBs configurable within config.php
This commit will make the supported DBs for installation configurable within config.php. By default the following databases are tested: "sqlite", "mysql", "pgsql". The reason behind this is that there might be instances where we want to prevent SQLite to be used by mistake.

To test this play around with the new configuration parameter "supportedDatabases".
2014-10-27 21:39:34 +01:00
Lukas Reschke b3a04840b5 Add type hinting to functions
It's only reasonable to have proper type hinting here which might even help us to catch bugs.
2014-10-24 14:13:40 +02:00
Lukas Reschke 2d2a4741ce Make files non executable
There is not much sense in having these files marked executable, we should avoid that.
2014-10-24 11:14:51 +02:00
Robin Appelman 1e69f5e7ac Log some basic events 2014-10-20 13:38:38 +02:00
Jörn Friedrich Dreyer 9b0f0df7f5 make skeleton compatible with objectstore
suspend encryption proxy when copying skeleton
2014-10-20 11:28:36 +02:00
Jörn Friedrich Dreyer c27fd94ec8 in cli mode return true for isHtaccessWorking 2014-10-15 16:59:28 +02:00
Lukas Reschke e762ff2bbd Merge pull request #11356 from owncloud/redirect-only-to-the-same-domain
Redirect only to absolute URL
2014-10-01 12:47:43 +02:00
Lukas Reschke 41374986d3 Remove dead code 2014-09-29 17:20:29 +02:00
Lukas Reschke 6e7365fc17 Redirect only to absolute URL
We do not want to redirect to other domains using the "?redirect_url=" feature. Please notice, that the ownCloud project does not consider open redirectors as security issue.
2014-09-29 17:07:43 +02:00
Vincent Petry 9fc23e1967 Merge pull request #10934 from owncloud/datadir-write-setup
Don't complain about non-writable datadirs before we're installed
2014-09-25 14:32:32 +02:00
Vincent Petry 89e02e89d4 Merge pull request #7051 from owncloud/postsetupajaxcheck
Moved WebDAV check to client side JS
2014-09-23 16:55:16 +02:00
Thomas Müller c587a4aaa2 Merge pull request #11222 from owncloud/store-users-timezone-master
send browsers timezone back tp the server on login
2014-09-23 13:45:21 +02:00
Thomas Müller 42fe0b9e08 Merge pull request #11241 from owncloud/use-lower-case
Use only lower-case letters
2014-09-23 12:16:58 +02:00
Vincent Petry e65ceb08fc Moved WebDAV and internet checks to client side JS
- Added setup checks in JavaScript
- Moved isWebDAVWorking to JS using SetupChecks
- Moved internet connection checks to an ajax call that goes through the
  server
2014-09-23 11:16:14 +02:00
Lukas Reschke 1565d82b81 Use only lower-case letters
Fixes https://github.com/owncloud/core/issues/11239
2014-09-22 21:29:03 +02:00
Lukas Reschke 6eeb905871 Do only follow HTTP and HTTPS redirects
We do not want to follow redirects to other protocols since they might allow an adversary to bypass network restrictions. (i.e. a redirect to ftp:// might be used to access files of a FTP server which might be in a secure zone and not be reachable from the net but from the ownCloud server)

Get final redirect manually using get_headers()

Migrate to HTTPHelper class and add unit tests
2014-09-22 20:02:32 +02:00
Thomas Müller 814114ab8e enhance formatDate function to accept an optional argument containing the time zone 2014-09-22 15:03:28 +02:00
Robin Appelman 23dd7cb51d Don't complain about non-writable datadirs before we're installed 2014-09-18 13:33:13 +02:00