Commit Graph

16231 Commits

Author SHA1 Message Date
Thomas Müller 3219433e20 Merge pull request #7036 from LeBlaaanc/patch-1
Removed '/'. Fixes #7035.
2014-02-20 14:29:41 +01:00
Lukas Reschke 0241ddc759 Merge pull request #6519 from nhirokinet/master
Security Update: session fixation
2014-02-20 14:28:26 +01:00
icewind1991 742f54b6d5 Merge pull request #7301 from owncloud/fix-fuckup
fix master - #7274 brokes it
2014-02-20 13:40:12 +01:00
Björn Schießle 16eb43c033 Merge pull request #7247 from owncloud/sharing_cleanup_step1
clean up the sharing ajax calls, add mail notification class
2014-02-20 11:56:20 +01:00
Lukas Reschke 719f1111b6 Merge pull request #6714 from owncloud/files-newfileinvalidcharsfix
Added extra checks for invalid file chars in newfile.php and newfolder.php
2014-02-20 11:53:58 +01:00
Lukas Reschke 8114843973 Merge pull request #7287 from owncloud/subdirectory-harden
Hardening: Remove dangerous characters + Subdirectory Check
2014-02-20 11:46:11 +01:00
Lukas Reschke 65c0b73c87 Merge pull request #7255 from owncloud/fix-admin-remote
An admin should not be able to add remote and public services on its own
2014-02-20 11:16:43 +01:00
Morris Jobke 3bd984ebf0 Merge pull request #7295 from owncloud/optimize_images_kondou
Optimize images
2014-02-20 10:35:14 +01:00
Vincent Petry 49f2014e0c Revert "Added extra checks for ext storage class"
This reverts commit 9e9a5b9ea1.

Unit tests weren't ready, need further tweaking.
2014-02-20 10:01:49 +01:00
Lukas Reschke 8f22535e75 Merge pull request #7284 from owncloud/ldap_filter_compilation
LDAP: improve compilation of filters
2014-02-20 09:55:02 +01:00
Lukas Reschke 38d6c56249 Merge pull request #7294 from owncloud/extstorage-configclass
Added extra checks for ext storage class
2014-02-20 09:53:52 +01:00
Morris Jobke b76a3993d4 fix master - #7274 brokes it 2014-02-20 09:47:59 +01:00
kondou 90f351afa2 Optimize some images
and strip metadata from png images with optipng in image_optimization.sh
2014-02-19 21:31:50 +01:00
Bjoern Schiessle 2fd75d8f1c clean up the sharing ajax calls, add mail notification class 2014-02-19 19:33:00 +01:00
Vincent Petry 9e9a5b9ea1 Added extra checks for ext storage class 2014-02-19 19:08:28 +01:00
Lukas Reschke a4f71267f0 Merge pull request #7027 from owncloud/extstorage-webdavurlencodingfixes
Fixed ext storage webdav path encoding
2014-02-19 18:57:59 +01:00
Vincent Petry b2b35cd335 Fixed ext storage webdav path encoding
- Some WebDAV servers like lighttpd need paths in URLs to be properly
encoded
- Added error log output when curl connection failed
- Added check for 'resourcetype' in case the WebDAV server doesn't
  support/return it
- Fixed touch() to return false if the server doesn't implement
  PROPPATCH
- Added optional delay in WebDAV unit tests to use when testing against
  lighttpd's WebDAV
2014-02-19 18:34:08 +01:00
Lukas Reschke 2d5b3899a6 Hardening: Remove dangerous characters + Subdirectory Check
If an user is able to create folders in /core/l10n/ he is able to execute arbitrary code. Therefore I've added an `issubdirectory` check and removed all potential dangerous characters from `$lang`.
2014-02-19 15:38:00 +01:00
Vincent Petry 952584e9c7 Merge pull request #7195 from owncloud/files-selectall
Do not send file list for select all on Download/delete
2014-02-19 14:33:24 +01:00
Arthur Schiwon c0328b4f0f LDAP: improve compilation of filters 2014-02-19 13:13:01 +01:00
Thomas Müller f9d4780d27 Merge pull request #7275 from owncloud/3rdparty-fix
fix 3rdparty submodule
2014-02-19 12:26:41 +01:00
Jan-Christoph Borchardt 4920373050 Merge pull request #7278 from owncloud/issue/7277
Add event parameter to keyup event
2014-02-19 12:20:47 +01:00
Jan-Christoph Borchardt 7330f61a94 Merge pull request #4799 from owncloud/tune_legacy_cache_webdav_properties_prefixing_master
Concatenate string in SQL instead of PHP
2014-02-19 11:58:48 +01:00
Morris Jobke bcad6e641a Merge pull request #7274 from owncloud/scrutinizer-patch-1
Scrutinizer Auto-Fixes
2014-02-19 11:51:04 +01:00
Morris Jobke f944707a15 fix wrong removes 2014-02-19 11:50:17 +01:00
icewind1991 2d5ab1a5c4 Merge pull request #7260 from owncloud/watcher-policy
Allow setting the frequency of which the file watcher checks for updates
2014-02-19 11:17:27 +01:00
Joas Schilling c196e59e88 Add event parameter to keyup event
Fix issue #7277
2014-02-19 10:25:52 +01:00
Morris Jobke 8caf77f7c9 fix 3rdparty submodule 2014-02-19 10:02:44 +01:00
Robin Appelman eea1abae20 add unit tests for watcher policies 2014-02-19 09:52:51 +01:00
Vincent Petry e517e642be Merge pull request #7257 from owncloud/filelist-fileinfo
use a FileInfo object of the directory when generting the filelist
2014-02-19 09:40:11 +01:00
Scrutinizer Auto-Fixer adaee6a5a1 Scrutinizer Auto-Fixes
This patch was automatically generated as part of the following inspection:
https://scrutinizer-ci.com/g/owncloud/core/inspections/cdfecc4e-a37e-4233-8025-f0d7252a8720

Enabled analysis tools:
 - PHP Analyzer
 - JSHint
 - PHP Copy/Paste Detector
 - PHP PDepend
2014-02-19 09:31:54 +01:00
Thomas Müller 1e321406ee Merge pull request #7114 from owncloud/scrutinizer_documentation_patches
polish documentation based on scrutinizer patches
2014-02-19 07:04:37 +01:00
Thomas Müller c6f4f85e27 Merge branch 'master' into scrutinizer_documentation_patches
Conflicts:
	lib/private/migration/content.php
2014-02-18 18:31:33 +01:00
Tom Needham 635b8f6b83 Merge pull request #7252 from owncloud/autocomplete-autocapitalize-autocorrect
do not autocapitalize fields on mobile, fix user name input
2014-02-18 18:26:56 +01:00
icewind1991 3cc7228c7c Merge pull request #7253 from owncloud/preferences-caching
Add caching to OC\Preferences
2014-02-18 18:17:58 +01:00
Thomas Müller 8991e4505a Merge pull request #6796 from owncloud/statementwrapper-bindparam
Add bindParam to the database statement wrapper
2014-02-18 18:13:57 +01:00
Thomas Müller 1e84d6b14b Merge pull request #7190 from owncloud/appconfig-legacy-apps
Remove usage of legacy OC_Appconfig
2014-02-18 18:10:22 +01:00
Vincent Petry bd71a1b7b6 Added file name check in webdav connector
- added file name check for the put, rename and setNames() methods which
  throw a "Bad Request" whenever invalid characters are used
- replaced \OC\Filesystem usage with $this->getFS() to be able to write
  unit tests
2014-02-18 17:54:32 +01:00
Vincent Petry 797e0a614c Added extra checks for invalid file chars in newfile.php and newfolder.php
- added PHP utility function to check for file name validity
- fixes issue where a user can create a file called ".." from the files UI
- added extra checks to make sure newfile.php and newfolder.php also
  check for invalid characters
2014-02-18 17:54:32 +01:00
Tom Needham a573fe7d76 Merge pull request #6650 from owncloud/migration_unit_tests
User migration fix, and basic unit test
2014-02-18 17:35:49 +01:00
Lukas Reschke 3b1083f46e Merge pull request #7176 from owncloud/style
Some style fixes
2014-02-18 17:30:26 +01:00
tomneedham 0beaeed713 Remove unused variables 2014-02-18 16:28:04 +00:00
tomneedham 589a7b220b Fix poor spelling 2014-02-18 16:23:16 +00:00
Robin Appelman 2166683e3b Allow setting the frequency of which the file watcher checks for updates 2014-02-18 16:34:25 +01:00
Robin Appelman d18b9f6ea4 use a FileInfo object of the directory when generting the filelist 2014-02-18 15:39:35 +01:00
Robin Appelman ac2e3ab373 remove some unneeded isset's 2014-02-18 14:27:55 +01:00
Robin Appelman 2e97a4cd32 Fix some phpdoc 2014-02-18 14:26:27 +01:00
Lukas Reschke c19cacb29f Check whether the app is set 2014-02-18 14:12:49 +01:00
Lukas Reschke 1352c63dca Check whether the Key is set 2014-02-18 12:47:05 +01:00
Lukas Reschke dc6f1d875d An admin should not be able to add remote and public services on its own. This should only be possible programmatically.
This change is due the fact that an admin may not be expected to execute arbitrary code in every environment.
2014-02-18 12:32:57 +01:00