Lukas Reschke
f4142bd2a8
Move isUserVerified to OC_Util
2012-10-16 00:47:38 +02:00
Lukas Reschke
1a187d1ca5
Fix PHP notice
2012-10-16 00:47:38 +02:00
Lukas Reschke
fa71e51e67
Use /dev/urandom instead of /dev/random
...
The usage of /dev/urandom is enough secure
2012-10-15 19:21:37 +02:00
Lukas Reschke
6e045b9ea1
Check if $_Post
2012-10-15 17:42:38 +02:00
Lukas Reschke
d33bec09fe
Verify password page for users
2012-10-15 17:42:38 +02:00
Lukas Reschke
f08ff3b6e6
Correct formatting
2012-10-15 15:25:40 +03:00
Lukas Reschke
c930ac9f88
Merge pull request #30 from visit1985/logonpage
...
extend logon page to display multiple error messages
2012-10-15 03:52:11 -07:00
Bart Visscher
4af5b016cc
Whitespace cleanup
2012-10-14 21:04:08 +02:00
Michael Göhler
7095b3a083
extend logon page to display multiple error messages
2012-10-14 19:57:24 +02:00
Lukas Reschke
2c427f050e
Show a warning in the installer if no secure RNG is available
2012-10-14 17:18:30 +02:00
Lukas Reschke
d6c4b83f13
Fallback to /dev/random if openssl_random_pseudo_bytes not available
2012-10-14 16:14:45 +02:00
Björn Schießle
cb91e27ab3
check if directory already exist before executing mkdir
2012-10-12 16:31:03 +02:00
Bart Visscher
351f724193
whitespace fixes
2012-10-12 15:47:41 +02:00
Frank Karlitschek
fe5b4d2fba
marks as 5.0 pre alpha
2012-10-10 15:35:19 +02:00
Frank Karlitschek
8e0676a66b
4.5 final
2012-10-09 16:02:01 +02:00
Frank Karlitschek
67a4aa7cf0
RC 3
2012-10-08 23:58:17 +02:00
Frank Karlitschek
5eaf95eedd
check for SimpleXML which seems to bw non default on Free BSD
2012-10-06 17:37:38 +02:00
Frank Karlitschek
2d86258fc3
RC2
2012-10-03 12:39:48 +02:00
Frank Karlitschek
3fdebaa5dc
automatically remove and prevent installation of apps with a require version less than the current one. We check now the first ad second part of the version number.
...
Also increase the require tags of the core apps to 4.9 Please note that 4.9 is the internal versionnumber of the upcoming 4.5 release.
You have to pu a <require>4.9</require> into the info.xml of your app to make it as compatible with 4.5
2012-10-02 12:10:45 +02:00
Robin Appelman
91d12a2f3d
update the filecache by setting mtimes to 0 when the mount configuration has changed instead of clearing the cache
2012-09-30 16:12:16 +02:00
Lukas Reschke
ef57e9294b
Fallback for systems without openssl
2012-09-29 16:44:02 +02:00
Lukas Reschke
578aa4e425
Removed sectoken
...
This token is completly useless since an attacker can easily extract it
from the page.
2012-09-29 15:18:38 +02:00
Lukas Reschke
bd804b74c4
mt_rand() is not secure from a security point of view and predictable. Let's use openssl_random_pseudo_bytes() instead.
...
Before: 26 bits entropy
After: 72 bits entropy
2012-09-29 15:03:09 +02:00
Bart Visscher
22d22d19c0
Do urlencoding in linkTo functions
2012-09-28 22:27:52 +02:00
Christian Reiner
4dbd4c35c5
Merge branch 'master' of git://github.com/owncloud/core
2012-09-28 13:31:01 +02:00
Christian Reiner
743826bbf3
Reimplementation of CSRF protection including autorefresh
2012-09-28 13:30:44 +02:00
Robin Appelman
e8df2eeefc
some more sane column sizes for appconfig and preferences
2012-09-27 22:49:01 +02:00
Frank Karlitschek
cf14ad2f7d
RC 1
2012-09-27 04:10:19 +02:00
Robin Appelman
74ec2765b3
db indexes for appconfig and preferences
2012-09-20 01:36:52 +02:00
Frank Karlitschek
fe7288b65a
beta 4
2012-09-19 16:32:40 +02:00
Arthur Schiwon
93d0defe9a
set configuvalue in table appconfig back to clob. Likely to break LDAP settings, probably responsible for some bugs with it. Might also cause damage in other apps. That's why it was once already set to clob
2012-09-19 12:55:07 +02:00
Frank Karlitschek
a3718ca036
i just learned that we also have to check if directories are readable. it seams that is_readable also checks for 'x' right.
2012-09-16 22:49:03 +02:00
Frank Karlitschek
5a149dcfab
mark as an updated beta 3 with some more fixes
2012-09-13 11:39:26 +02:00
Frank Karlitschek
f31264a0c2
this is now 4.5 beta 3
2012-09-12 12:12:23 +02:00
Michael Gapczynski
60feaf9abf
Merge branch 'master' into share_expiration
...
Conflicts:
core/js/share.js
lib/util.php
2012-09-12 01:06:57 -04:00
Michael Gapczynski
b194ac3dde
Add expiration column to share table and bump version number
2012-09-12 01:01:45 -04:00
Thomas Mueller
5c1a79210f
added hint to restart the web server in case recetly installed php modules are still not available
2012-09-11 23:51:12 +02:00
Thomas Mueller
3829460ab8
adding space between) and {
2012-09-07 15:22:01 +02:00
Frank Karlitschek
294cff27a7
add check for zlib
2012-09-07 01:39:11 +02:00
Robin Appelman
d4fd47d43f
clear user filecache after the user mount configuration has changed
2012-09-06 23:14:43 +02:00
Bart Visscher
5153b8b293
Add url-params to url with new parameter in linkTo function
2012-09-03 21:51:32 +02:00
Frank Karlitschek
bb65e173d4
4.5 beta 2
2012-09-03 20:38:50 +02:00
Bart Visscher
c958d5ba80
Fix filesystem setup for shared public link with logged in user
2012-08-29 21:35:55 +02:00
Michael Gapczynski
8d490b9880
Fix shared storage working with user backend defined data directories
2012-08-29 14:39:13 -04:00
Bart Visscher
db18218a1b
Space before tab fixes
2012-08-29 20:34:44 +02:00
Bart Visscher
52f2e7112e
Whitespace fixes in lib
2012-08-29 20:28:45 +02:00
Michael Gapczynski
fd2ca21fc2
Allow share_with column to be null for links
2012-08-28 09:51:00 -04:00
Frank Karlitschek
70b71338cd
beta 1
2012-08-28 07:22:31 +02:00
Georg Ehrke
ead7de6bff
only mount every single homefolder when using sharing app
2012-08-27 16:10:37 +02:00
Georg Ehrke
b56a46bdea
fix filesharing for multiple data directories
2012-08-27 15:55:46 +02:00
Georg Ehrke
045c94ec3e
enable user backends to define their own place where to store the data
2012-08-26 22:04:31 +02:00
Frank Karlitschek
1d7018158e
4.5 alpha 1
2012-08-21 18:47:26 +02:00
Michael Gapczynski
cb0464ca4e
Bump version number for Share API
2012-08-19 22:36:19 -04:00
Jakob Sack
1d7e3071e0
bump version to reate new tables
2012-08-11 17:32:17 +02:00
Bart Visscher
667cd318fe
Use OC_Util::displayLoginPage and cleanup the function
2012-08-10 11:43:04 +02:00
Bart Visscher
c4f1a1de5b
Added function to make url absolute
2012-08-07 20:43:00 +02:00
Bart Visscher
fe6450002d
Change hardcoded urls to use linkTo function
2012-08-06 18:51:41 +02:00
Georg Ehrke
e1d14ab461
Merge branch 'master' into subadmin
2012-07-26 16:47:05 +02:00
Robin Appelman
856d9c0b54
some indention fixes
2012-07-24 00:39:59 +02:00
Georg Ehrke
5508a95065
Merge branch 'master' into subadmin
2012-07-21 13:14:52 +02:00
Robin Appelman
48306a3c4f
fix unused variables
2012-07-20 17:58:05 +02:00
Georg Ehrke
e707e94857
subadmins can now add users
2012-07-15 16:31:28 +02:00
Georg Ehrke
d0b625352c
some work on subadmins
2012-07-09 21:51:19 +02:00
Bart Visscher
280c59e914
More helpfull debug msg for redirectToDefaultPage
2012-07-04 17:51:07 +02:00
Bart Visscher
432aa58bab
Spelling fixes
2012-06-22 17:21:56 +02:00
Brice Maron
115c30bdb4
Enhance hint about writable app directory
2012-06-22 13:57:54 +02:00
Brice Maron
84b9ac2678
Correct writable check for app dir
2012-06-21 19:35:34 +00:00
Frank Karlitschek
e95055b2bd
check if the data directory is accessible via http. Show a big security warning if yes
2012-06-21 14:07:04 +02:00
Bart Visscher
7a3d606cac
Prefer requested app before redirecting to default page
2012-06-20 17:10:49 +02:00
Bart Visscher
6404476bec
Delay setup of FS until OC_Filesystem is used
2012-06-20 17:10:49 +02:00
Bart Visscher
5c8e774cea
Small code reorder
2012-06-20 17:10:48 +02:00
Bart Visscher
f54ef5a464
Remove OC::$CONFIG_DATADIRECTORY, not used
2012-06-19 22:54:14 +02:00
Bart Visscher
d8b32c2f0e
Move check code from setupFS to checkServer
2012-06-19 22:54:13 +02:00
Bjoern Schiessle
d2936bd90c
introducing a sanitize HTML function for the internal and the public API. This
...
allows to easily convert strings to HTML before displaying them on the web page
to reduce the risk of xss vulnerabilities.
2012-06-19 17:20:19 +02:00
Thomas Tanghus
89464721c7
Added JSON methods for CSRF prevention. Make request token accessible from template and add js var.
2012-06-13 17:33:19 +02:00
Frank Karlitschek
9e9c40eabd
fix time call
2012-06-13 17:27:49 +02:00
Thomas Tanghus
2ee809fd86
Allow same host redirects (/somepath).
2012-06-11 15:21:37 +02:00
Frank Karlitschek
cd16c5e479
implement a simple request token session garbage collector
2012-06-11 12:13:08 +02:00
Michael Gapczynski
3c57fb935b
Mount personal mount points into filesystem
2012-06-10 16:34:44 -04:00
Thomas Tanghus
b16136642b
Bump version to trigger db update.
2012-06-09 16:05:21 +02:00
Frank Karlitschek
344299a074
add two csrf check calls. Review and lot´s of porting needed.
2012-06-09 15:05:14 +02:00
Robin Appelman
dcf1eed816
add unique instance id
2012-06-05 19:32:48 +02:00
Bart Visscher
9d936976a9
Make check for writable apps dir configurable
2012-06-05 17:51:52 +02:00
Bart Visscher
4a5973662c
Merge branch 'unstable'
...
Conflicts:
apps/files_external/tests/config.php
apps/files_versions/ajax/getVersions.php
apps/files_versions/appinfo/app.php
apps/files_versions/history.php
apps/files_versions/js/versions.js
apps/files_versions/templates/history.php
apps/files_versions/versions.php
lib/base.php
2012-06-04 23:02:05 +02:00
Frank Karlitschek
4aa96de537
add a check for pdo
2012-06-01 20:00:33 +02:00
Frank Karlitschek
07e1e3a945
check if apps folder is writable
2012-06-01 19:54:07 +02:00
Frank Karlitschek
c0db603d29
this is 5 pre alpha now
2012-05-19 18:21:33 +02:00
Michael Gapczynski
90cbc32c77
Fix redirect after login, prevent open redirects
2012-05-18 16:56:48 -04:00
Frank Karlitschek
2d3c709163
Merge branch 'master' of gitorious.org:owncloud/owncloud
2012-05-18 15:56:15 +02:00
Frank Karlitschek
2e9115efe0
increase to RC2
2012-05-18 15:54:17 +02:00
Michiel de Jong
a6ff909911
this code looks wrong to me but i'm putting it back while we find out what the right code should look like
2012-05-18 15:39:28 +02:00
Michiel de Jong
1a874b4c56
make redirect safe by restricting it to current host
2012-05-18 15:32:41 +02:00
Michiel de Jong
9b5e8a2c63
fix redirect to desired page after login
2012-05-18 15:11:01 +02:00
Bart Visscher
ce1e4425c2
Combine and minimize core and default app js files
2012-05-16 18:53:46 +02:00
Bart Visscher
f71fec8cdc
Combine and minimize core and default app css files
2012-05-16 18:53:46 +02:00
Frank Karlitschek
af77ce9a9b
This is RC now
2012-05-13 05:11:10 +02:00
Bart Visscher
b022ccb863
Whitespace fixes
2012-05-10 09:14:26 +02:00
Michael Gapczynski
051442bc76
Sanitize redirect urls
2012-05-08 17:41:50 -04:00
Frank Karlitschek
43978abd80
increase to 4 beta
2012-05-07 22:58:22 +02:00
Frank Karlitschek
e2fb094693
some more porting
2012-05-01 21:07:08 +02:00