Commit Graph

2265 Commits

Author SHA1 Message Date
Felix Moeller ddfcc96ab5 Checkstyle: LowerCaseConstant 2012-10-23 08:20:17 +02:00
Felix Moeller 2d61f03452 More Checkstyle cleanup
This is for all LowerCaseConstant warnings
2012-10-23 08:01:09 +02:00
Jenkins for ownCloud bc2a648f2d [tx-robot] updated from transifex 2012-10-23 02:06:03 +02:00
Felix Moeller 6a00a6b9ed Make Jenkins more happy.
This is NoSpaceAfterComma
2012-10-23 00:28:12 +02:00
Lukas Reschke 65619af05b Disable enhancedauth by default
Admins can still enable it via config.php
2012-10-22 23:04:39 +02:00
Felix Moeller 03581ef463 Correct a first issue Checkstyle is complaining about ...
This is BracketsNotRequired
2012-10-22 21:40:33 +02:00
Felix Moeller 37296b8b6d Adding the t() function to have the labels in the search results translated
This should solve #55
2012-10-22 20:55:05 +02:00
Thomas Müller 126d16f16d Fixing undefined $language 2012-10-22 17:09:34 +03:00
Björn Schießle d68b89cae4 add parameter to specify user for which OC_Filesystem should be initialized.
(needed to share files via public links where no user is logged in)
2012-10-22 14:55:53 +02:00
Jenkins for ownCloud d8e945466d [tx-robot] updated from transifex 2012-10-22 02:06:18 +02:00
Bart Visscher 051dde08db Check for file exists before loading app version file 2012-10-20 23:49:55 +02:00
Jenkins for ownCloud cfbd310d34 [tx-robot] updated from transifex 2012-10-20 02:03:53 +02:00
scambra 41b597e179 Translate formatDate using jquery datepicker 2012-10-19 13:56:19 +02:00
scambra a24d8db4b2 translate datepicker 2012-10-19 13:56:19 +02:00
Björn Schießle 08ee2fcf93 check if mount point was already loaded to avoid redundant read operations 2012-10-18 17:30:01 +02:00
Björn Schießle 65b0824d35 typo from previous commit fixed 2012-10-18 17:15:30 +02:00
Björn Schießle 2499c24b8b load system wide configured mount points before accessing shared files 2012-10-18 17:15:30 +02:00
Björn Schießle 00ed2e87c9 check for mount points if file was shared from a different user 2012-10-18 17:15:30 +02:00
Thomas Müller e4c0bb59e5 Merge pull request #39 from scambra/date-l10n-fixes
Date l10n fixes
2012-10-18 08:09:58 -07:00
Jörn Friedrich Dreyer a7d8519550 when using oracle use LOWER() to make searching files case insensitive 2012-10-18 14:19:34 +02:00
Bart Visscher 6081bfa2bc Merge branch 'master' into routing
Conflicts:
	lib/search/provider/file.php
	settings/ajax/changepassword.php
	settings/settings.php
2012-10-17 16:38:11 +02:00
Susinthiran Sithamparanathan b2b84f3a6f Update Sabre to version 1.7.1 2012-10-17 16:17:36 +02:00
Bart Visscher 44287d680b Check for file exists before loading app version file 2012-10-17 14:06:25 +02:00
Bart Visscher 04824162d9 core.js and core.css don't need to be absolute 2012-10-17 10:52:16 +02:00
Jenkins for ownCloud fd6adc7d08 [tx-robot] updated from transifex 2012-10-16 23:39:13 +02:00
Michael Gapczynski c00f5d164f Fix unshareAll() 2012-10-16 16:27:23 -04:00
Lukas Reschke 379b775a56 Delete user files in /data/ after deleting a user 2012-10-16 22:05:06 +02:00
Michael Gapczynski 012ea1ed83 Add unshareAll() function to Share API 2012-10-16 15:38:52 -04:00
icewind1991 247626b5c2 Merge pull request #36 from scambra/filecache-fixes
delete fscache on deleting user
2012-10-16 11:46:50 -07:00
scambra d8eb62232e don't duplicate locales with country code 2012-10-16 20:31:46 +02:00
scambra ec253f1354 Use strftime to format date with translated month names 2012-10-16 20:19:35 +02:00
Lukas Reschke de7b46c66a Use `get_magic_quotes_gpc()` to determine if magic_quotes is enabled
set_magic_quotes_runtime gives a PHP warning
2012-10-16 19:42:17 +02:00
scambra e8441becdb delete fscache on deleting user 2012-10-16 17:34:35 +02:00
Lukas Reschke e7c9d5fe54 Set oc_token to httponly 2012-10-16 13:53:40 +02:00
Lukas Reschke 59404b5675 Merge pull request #31 from visit1985/persistentcookies
reresubmit: improved persistent cookies :)
2012-10-16 04:46:22 -07:00
Lukas Reschke e299c241df Make enhanced auth configurable 2012-10-16 01:08:05 +02:00
Lukas Reschke c85c35dfae Don't add the enhanced auth time to the configuration 2012-10-16 01:04:34 +02:00
Lukas Reschke 5c0407306c Set a standard value for enhanced auth time 2012-10-16 01:04:20 +02:00
Lukas Reschke 6f2e8788ca Make enhanced auth time configurable 2012-10-16 01:02:03 +02:00
Lukas Reschke f4142bd2a8 Move isUserVerified to OC_Util 2012-10-16 00:47:38 +02:00
Lukas Reschke 77e18b01ba Move the ( to the right position 2012-10-16 00:47:38 +02:00
Lukas Reschke 91d4b23efe Fix PHP notice 2012-10-16 00:47:38 +02:00
Lukas Reschke 1a187d1ca5 Fix PHP notice 2012-10-16 00:47:38 +02:00
Lukas Reschke 097f429816 Add isUserVerified() 2012-10-16 00:47:38 +02:00
Victor Dubiniuk ddcd738357 Merge branch 'extended_log'
PHP errors logging into the owncloud log
2012-10-16 01:30:45 +03:00
Lukas Reschke c9ac1364d1 "deny from all" instead directory 2012-10-15 23:35:27 +02:00
Lukas Reschke 3eb43c1fbe Show a warning in the installer if .htaccess is not working 2012-10-15 23:25:15 +02:00
Michael Göhler 8be9c04a3a 128byte is not 128bit - now we realy use 256bit (same as PHPSESSID) 2012-10-15 20:04:22 +02:00
Lukas Reschke fa71e51e67 Use /dev/urandom instead of /dev/random
The usage of /dev/urandom is enough secure
2012-10-15 19:21:37 +02:00
Lukas Reschke 6e045b9ea1 Check if $_Post 2012-10-15 17:42:38 +02:00
Lukas Reschke 1c865f702c Change verifyUser so that external json files can call it 2012-10-15 17:42:38 +02:00
Lukas Reschke 4d7b0e9bb3 verifyUser() for the json part 2012-10-15 17:42:38 +02:00
Lukas Reschke d33bec09fe Verify password page for users 2012-10-15 17:42:38 +02:00
Lukas Reschke f08ff3b6e6 Correct formatting 2012-10-15 15:25:40 +03:00
Lukas Reschke c930ac9f88 Merge pull request #30 from visit1985/logonpage
extend logon page to display multiple error messages
2012-10-15 03:52:11 -07:00
Michael Göhler 22fa23b4da extend configkey column to hold 128bit values 2012-10-14 22:37:05 +02:00
Michael Göhler ae1f33db54 implement fixed php session timeout and session id regeneration 2012-10-14 22:36:26 +02:00
Michael Göhler b92fd984aa removed username and password from token generation 2012-10-14 22:36:26 +02:00
Michael Göhler a6c4046f48 fixed typo and redundant method call 2012-10-14 22:36:25 +02:00
Michael Göhler d8fe6fbb40 added a warning message to the log when a cookie is rejected 2012-10-14 22:36:25 +02:00
Michael Göhler 382f8d060c fixed wrong variable usage 2012-10-14 22:36:25 +02:00
Michael Göhler 38b9bffaea call unsetMagicInCookie if token is invalid 2012-10-14 22:36:25 +02:00
Michael Göhler eb79ccafe3 forgot a class name 2012-10-14 22:36:25 +02:00
Michael Göhler 2ea06f67bd delete all tokens on password change 2012-10-14 22:36:25 +02:00
Michael Göhler 45f1c3f120 further improvements on multiple login token support
outdated tokens are deleted before checking against cookies
if an invalid token is used we delete all stored tokens for saveness
used token will be replaced by a new one after successful authentication
2012-10-14 22:36:25 +02:00
Michael Göhler ee5d0f328f improve token security
switched from time() to internal method OC_Util::generate_random_bytes()
2012-10-14 22:36:25 +02:00
Bart Visscher 4b799a6982 Make the lifetime of the remember login cookie 2012-10-14 22:36:25 +02:00
Bart Visscher 7f3e0b5566 Cleanup login tokens on login success 2012-10-14 22:36:25 +02:00
Bart Visscher 1012d317e3 Add support for multiple login cookie tokens 2012-10-14 22:36:25 +02:00
Bart Visscher 4af5b016cc Whitespace cleanup 2012-10-14 21:04:08 +02:00
Michael Göhler 7095b3a083 extend logon page to display multiple error messages 2012-10-14 19:57:24 +02:00
Lukas Reschke 2c427f050e Show a warning in the installer if no secure RNG is available 2012-10-14 17:18:30 +02:00
Lukas Reschke d6c4b83f13 Fallback to /dev/random if openssl_random_pseudo_bytes not available 2012-10-14 16:14:45 +02:00
Jenkins for ownCloud c88cf5cae5 [tx-robot] updated from transifex 2012-10-14 02:08:47 +02:00
Robin Appelman 93cbd96662 don't increase the size of the users home folder twice 2012-10-13 14:52:58 +02:00
Jenkins for ownCloud d386bc8737 [tx-robot] updated from transifex 2012-10-13 02:08:50 +02:00
Lukas Reschke 77fbdb2ca8 Fix the require path 2012-10-13 01:10:04 +02:00
Björn Schießle e38b736a1e fix bug #1977: remove etags from database after version rollback so that the client can detect the changes 2012-10-12 17:37:59 +02:00
Björn Schießle 079f0788d2 this is no longer needed, commit cb91e27ab3 should fix the issue 2012-10-12 17:35:57 +02:00
Björn Schießle d4fd83301a remove unneeded variable 2012-10-12 16:33:57 +02:00
Björn Schießle cb91e27ab3 check if directory already exist before executing mkdir 2012-10-12 16:31:03 +02:00
Bart Visscher 9a35bd76fb Use resolved path for require_once in autoloader 2012-10-12 15:47:41 +02:00
Bart Visscher 351f724193 whitespace fixes 2012-10-12 15:47:41 +02:00
Robin Appelman d589869a34 disable log when running tests 2012-10-12 15:45:05 +02:00
Björn Schießle d7f43945e7 nortmalize path before adding it to the fscache to avoid multiple fscache entries for the same file 2012-10-12 10:26:49 +02:00
Jenkins for ownCloud b761143047 [tx-robot] updated from transifex 2012-10-12 02:07:10 +02:00
Björn Schießle 86d978be78 add *.ai files to the mimetypes list 2012-10-11 16:14:29 +02:00
Björn Schießle 4d451f649d fixed offset calculation (bug #1961) 2012-10-11 12:42:57 +02:00
Bart Visscher 2c3674ea87 Add logging when stripping apps from autoload include path 2012-10-10 21:06:15 +02:00
Bart Visscher d4feb77eaf Remove unused search code 2012-10-10 21:06:15 +02:00
Bart Visscher c5983d37ad No need to use array_search 2012-10-10 21:06:15 +02:00
Bart Visscher fe40277ec2 Use __DIR__ instead of __FILE__ to get SERVERROOT 2012-10-10 21:06:15 +02:00
Lukas Reschke d525654fcd Correct indentation 2012-10-10 19:01:32 +02:00
Lukas Reschke cda2135966 Send a HSTS HTTP header to enforce SSL 2012-10-10 18:56:14 +02:00
Frank Karlitschek fe5b4d2fba marks as 5.0 pre alpha 2012-10-10 15:35:19 +02:00
Björn Schießle 38e9bc2adb extract the right parent directory from the path
add parent directory to the file cache if it does not exist yet.
2012-10-09 16:24:49 +02:00
Frank Karlitschek 8e0676a66b 4.5 final 2012-10-09 16:02:01 +02:00
Björn Schießle 2bd4035076 $CONFIG_DBTYPE was never assigned but used in this function 2012-10-09 11:17:10 +02:00
Björn Schießle 003241e847 fix for bug #1942: Allow user to share with every group if "allow users to share with anyone" is set 2012-10-09 10:36:24 +02:00
Frank Karlitschek 67a4aa7cf0 RC 3 2012-10-08 23:58:17 +02:00
Robin Appelman 035d83fe91 don't use the workaround for shared files on the /Shared folder 2012-10-08 23:37:50 +02:00
Michael Gapczynski 025d308929 Actually fix shared webdav access 2012-10-08 17:21:52 -04:00
Michael Gapczynski 33d1906f23 Fix getting file info for subfolders in shared folders 2012-10-08 16:05:57 -04:00
Jörn Friedrich Dreyer dc116b994d reenable hack to use CURRENT_TIMESTAMP for postgresql when creating the database, fixes oc-1852
TODO for OC5: use CURRENT_TIMESTAMP for all databases. mysql supports it as a default for DATETIME since 5.6.5 [1]
as a fallback we could use <default>0000-01-01 00:00:00</default> everywhere
[1] http://bugs.mysql.com/bug.php?id=27645
http://dev.mysql.com/doc/refman/5.0/en/timestamp-initialization.html
http://www.postgresql.org/docs/8.1/static/functions-datetime.html
http://www.sqlite.org/lang_createtable.html
http://docs.oracle.com/cd/B19306_01/server.102/b14200/functions037.htm
2012-10-08 17:24:15 +02:00
Frank Karlitschek b296328c61 put all the calls into one function and use tabs instead of spaces. Thanks to danimo for bugging me :-) 2012-10-08 15:58:50 +02:00
Frank Karlitschek c701bed2e3 fix a lot of small layout bugs and make the apps page overall prettier plus add ratings finally 2012-10-08 15:49:48 +02:00
Arthur Schiwon 3affeb5bd7 destroy invalid sessions 2012-10-08 13:36:11 +02:00
Björn Schießle 8357754ff1 added "uid_owner" to select statement 2012-10-08 13:22:08 +02:00
Frank Karlitschek e9f04bedd4 add a sane socket timeout so that the interface stays responsive with a slow or not working internet connection 2012-10-08 12:00:29 +02:00
Frank Karlitschek b7a5cc2fda use socket timeout of 10 sec to stay responsive even with a slow internet connection or a not working server 2012-10-08 11:53:00 +02:00
Michael Gapczynski 5f462ec6f7 Fix - "Correct checking item source for share from same owner when generating item target" 2012-10-06 18:13:11 -04:00
Frank Karlitschek 5eaf95eedd check for SimpleXML which seems to bw non default on Free BSD 2012-10-06 17:37:38 +02:00
Robin Appelman 5d196f14db set folder size to 0 when scanning the filesystem 2012-10-05 22:35:51 +02:00
Bart Visscher c2b4e53453 Add API description to OC_Route and OC_Router 2012-10-05 17:42:46 +02:00
Jörn Friedrich Dreyer ee6d96b7a8 really fix checkstyle on archive tar 2012-10-05 12:54:18 +02:00
Jörn Friedrich Dreyer b5f11195af fix checkstyle on archive zip/tar 2012-10-05 12:42:11 +02:00
Jörn Friedrich Dreyer 00b34a09ea cache tar archive headers 2012-10-05 12:29:36 +02:00
Björn Schießle f493e97f5d always generate access token, also for forms shown to anonymous users (e.g. public shares) 2012-10-05 10:32:38 +02:00
Bart Visscher f3a211c03c Implement routing on javascript side 2012-10-05 09:42:36 +02:00
Jenkins for ownCloud 5c042d88ad [tx-robot] updated from transifex 2012-10-04 02:07:35 +02:00
Frank Karlitschek 2d86258fc3 RC2 2012-10-03 12:39:48 +02:00
Michael Gapczynski 68c8faf39c Correct checking item source for share from same owner when generating item target 2012-10-02 16:37:39 -04:00
Björn Schießle 431d92e7b2 we are sharing the same file again if item_source of the already shared file and the newly shared file is the same. Therefore we can use the same target name 2012-10-02 21:37:10 +02:00
Björn Schießle db954f5aba remove unnecessary code and add missing items to select statement 2012-10-02 18:59:20 +02:00
Björn Schießle 3e3038cafc merge all possible conflicts into on array 2012-10-02 13:10:46 +02:00
Frank Karlitschek 3fdebaa5dc automatically remove and prevent installation of apps with a require version less than the current one. We check now the first ad second part of the version number.
Also increase the require tags of the core apps to 4.9 Please note that 4.9 is the internal versionnumber of the upcoming 4.5 release.
You have to pu a <require>4.9</require> into the info.xml of your app to make it as compatible with 4.5
2012-10-02 12:10:45 +02:00
Arthur Schiwon 783c02eda9 fix create folder and upload file issue on win, fixes oc-1747, solution follows suggestion from bug tracker 2012-10-02 11:45:47 +02:00
Björn Schießle c6c0fcc7c8 We can't rely on the assumption that if the matching target is from the same owner that the share type will be different.
Files in different folders can have the same name. Therefore also a unique name has to be generated if the matching
target it from the same user. Also for folders and files with the same name a unique target name has to be generated

If matching target is from the same owner, use the same target. The share type will be different so this isn't the sa
2012-10-02 11:41:26 +02:00
Arthur Schiwon 68fa2b10da Search: fix Notice and thus broken search with activiated error reporting 2012-10-01 19:11:26 +02:00
Robin Appelman 91d12a2f3d update the filecache by setting mtimes to 0 when the mount configuration has changed instead of clearing the cache 2012-09-30 16:12:16 +02:00
Robin Appelman 113c339c41 fix updating the filecache for when contents of a folder has changed 2012-09-30 16:11:01 +02:00
Robin Appelman 258782584e fix mimetype detection using the 'file' command in some edge cases 2012-09-30 03:58:58 +02:00
Robin Appelman f8eebcbb01 reload the current url when login in instead of always redirecting to the default app (oc-1873) 2012-09-30 03:47:37 +02:00
Lukas Reschke e8afb3d312 Fix a typo 2012-09-30 00:08:20 +03:00
Bart Visscher 210ea4d9d9 fix actioninclude 2012-09-29 18:03:34 +02:00
Lukas Reschke ef57e9294b Fallback for systems without openssl 2012-09-29 16:44:02 +02:00
Lukas Reschke 992c2c9d4b mt_rand() is not secure from a cryptographic point of view, let's use openssl_random_pseudo_bytes() here 2012-09-29 15:41:13 +02:00
Lukas Reschke 578aa4e425 Removed sectoken
This token is completly useless since an attacker can easily extract it
from the page.
2012-09-29 15:18:38 +02:00
Lukas Reschke bd804b74c4 mt_rand() is not secure from a security point of view and predictable. Let's use openssl_random_pseudo_bytes() instead.
Before: 26 bits entropy
After: 72 bits entropy
2012-09-29 15:03:09 +02:00
Jenkins for ownCloud dc66e94ee3 [tx-robot] updated from transifex 2012-09-29 02:04:55 +02:00
Bart Visscher d0bd2bbf27 Convert menu entries of settings pages to use router 2012-09-28 23:20:17 +02:00
Bart Visscher 22d22d19c0 Do urlencoding in linkTo functions 2012-09-28 22:27:52 +02:00
Bart Visscher dbdf3bde7c Implement route for download in OC_Search_Provider_File 2012-09-28 22:20:17 +02:00
Bart Visscher c9317b5a68 Merge branch 'master' into routing 2012-09-28 21:41:21 +02:00
Bart Visscher fed34aecfa Fix syntax error in removeETagHook 2012-09-28 21:30:06 +02:00
Bart Visscher 24bb7d16b7 urlencode filename in search result, fixes problems with & in name 2012-09-28 21:18:20 +02:00
Bart Visscher 366ae6661d Simplify generating file search results 2012-09-28 21:18:20 +02:00
Lukas Reschke cfc9839812 Merge pull request #19 from arkascha/master
Reimplementation of CSRF protection strategy
2012-09-28 10:54:11 -07:00
Christian Reiner 71454b1bca Fix to preserve backward compatibility for apps creating static links containing the request token (currently the contacts app and maybe some 3rd party implementations) 2012-09-28 18:57:20 +02:00
Björn Schießle 35357f3afb etag has to be removed after version rollback to enable the sync client to detect the changes (bug #1829) 2012-09-28 18:50:36 +02:00