Commit Graph

1182 Commits

Author SHA1 Message Date
Bjoern Schiessle 1b142a1155 quota calculation fixed 2012-06-19 09:36:50 +02:00
Victor Dubiniuk db7542b640 Reverting 249190c89b. Fixed in master 2012-06-19 00:56:48 +03:00
Victor Dubiniuk 249190c89b Fix mime-type detection 2012-06-19 00:20:33 +03:00
Bjoern Schiessle 92bb59c95d fixed broken function call 2012-06-18 17:30:21 +02:00
Bjoern Schiessle 814cab97cf ignore "Shared"-directory when calculating free space
Conflicts:

	lib/fileproxy/quota.php
2012-06-18 17:27:42 +02:00
Tom Needham c1744d2eb6 Move user import to personal settings. Fix user migration between servers. 2012-06-15 23:17:31 +00:00
Thomas Tanghus 625cd822c3 Backport CSRF prevention. 2012-06-14 13:52:22 +02:00
Thomas Tanghus 9e7c28835b Allow same host redirects (/somepath). 2012-06-13 18:32:07 +02:00
Thomas Tanghus a21fd725d6 Categories: Turned the debugging down a bit. 2012-06-11 03:07:20 +02:00
Frank Karlitschek cfea28101a 4.0.2 2012-06-10 20:31:31 +02:00
Bartek Przybylski 3970be3d7f fix variable name and undefined index notice 2012-06-10 17:25:19 +02:00
Bartek Przybylski f1250a3867 add function in filesystem to strip webroot 2012-06-10 13:19:10 +02:00
Bartek Przybylski e7d1af48fb handle encrypted images files in oc_image 2012-06-10 13:19:05 +02:00
Bartek Przybylski 7ee722e0da removing app access check, fix title for links in tiles 2012-06-10 13:18:55 +02:00
Bartek Przybylski 9b2b5e0f6d git status 2012-06-10 13:15:23 +02:00
Frank Karlitschek 689c8f5f09 paging not yet implemented. increasing pagesize to 100 as a temporary quickfix 2012-06-09 22:02:29 +02:00
Frank Karlitschek 061938cbb5 finally fix the updater. next is an automatic updater. but this is a bit more tricky. 2012-06-09 17:56:23 +02:00
Robin Appelman 6e1ca36207 fix infinite redirect during setup for windows hosts 2012-06-09 14:38:50 +02:00
Georg Ehrke cf1c3635ff fix loading of OC::$REQUESTEDAPP if WTFE the app parameter is given but empty aka /?app 2012-06-08 22:32:58 +02:00
Frank Karlitschek a7a861b2c6 backport the password salting fix.
a salt is generated during setup and used to salt the user password hases in the database backend
2012-06-08 12:42:35 +02:00
Michael Gapczynski 826a439c15 Supress any warnings if log file does not exist 2012-06-05 18:42:16 -04:00
Frank Karlitschek 4bc7387d7c fi login for hosts running n port 80 2012-06-05 15:28:00 +02:00
Frank Karlitschek 5c9325bbe0 CLI is no availabe in stable4 2012-06-05 14:10:50 +02:00
Frank Karlitschek d3bb01b598 more reliable host detection for reverse proxy scenarios 2012-06-05 12:53:48 +02:00
Arthur Schiwon 454f81fb15 load authentication apps before checking wether user exists. fixes oc-910 2012-06-04 21:31:35 +02:00
Arthur Schiwon 773f3cf973 make it possible to load apps seperately. needed to fix oc-910 without breaking oc-863 2012-06-04 21:30:58 +02:00
Robin Appelman b117a1e3ec update file paths in filecache when the parent is renamed 2012-06-04 18:12:25 +02:00
Bjoern Schiessle ca64a4080f don't allow user to delete Shared dir via webdav and sync client (bug #774) 2012-06-04 18:08:51 +02:00
Bjoern Schiessle 7fbe306990 no move (rename) operation for "Shared" directory 2012-06-04 14:00:35 +02:00
Bjoern Schiessle c8f670dfab Don't allow user to delete, rename and re-share the "Shared" directory 2012-06-04 14:00:35 +02:00
Frank Karlitschek 64fe06710a add deprecated warning 2012-06-04 12:49:33 +02:00
Frank Karlitschek 300f6894e0 4.0.1 2012-06-03 21:06:07 +02:00
Michael Gapczynski 0145c65bf3 Verify user exists when checking if logged in, fix for bug oc-863 2012-06-02 20:09:44 -04:00
Michael Gapczynski 4db5481ad5 Improve efficiency of retrieving log file entries 2012-06-01 14:42:14 -04:00
Frank Karlitschek 52b3305892 add a pdo check 2012-06-01 20:01:23 +02:00
Frank Karlitschek 3ef944521e add check if apps folder is writable. needed to install 3rd party apps 2012-06-01 19:52:45 +02:00
Frank Karlitschek aa9824d35b fix proper error reporting 2012-06-01 16:33:24 +02:00
Frank Karlitschek aa88ec81c7 sort users and groups. fixes oc-779 2012-06-01 14:21:24 +02:00
Frank Karlitschek 0468f53f73 switch magic quotes off.
they are evil and deprecated
2012-06-01 12:42:50 +02:00
Frank Karlitschek 1b34bda76b fix oc-874 2012-06-01 12:16:04 +02:00
Frank Karlitschek 0d2d613f59 added a serverProtocol function that correctly returns the used protocol even if the ssl connection is terminated at a reverse_proxy or at a load balancer 2012-06-01 11:06:49 +02:00
Frank Karlitschek 3a6341c880 fix oc-780 2012-05-31 21:27:46 +02:00
Frank Karlitschek 5d425a9f79 use our own serverHost call so that ownCloud works with reverse proxy servers 2012-05-31 20:16:44 +02:00
Frank Karlitschek 4dc7ed139b don´t hardcode /tmp 2012-05-30 14:18:47 +02:00
Frank Karlitschek c1f7d320e8 mark as 4.0.1 pre 2012-05-29 22:18:07 +02:00
Michael Gapczynski 1d983c28aa Restrict requested app to apps directory 2012-05-29 12:35:52 -04:00
Brice Maron 2f8412defc Set table prefix if not set in postgresql install 2012-05-28 20:56:21 +00:00
Frank Karlitschek 54c421f384 check during ownCloud upgrade if all the installed apps are compatible with the new ownCloud version. Disable them if not 2012-05-26 20:40:12 +02:00
Brice Maron 2774ff1ad8 Add HEAD request management for files ajax/download.php 2012-05-25 11:19:38 +02:00
Frank Karlitschek f97f1b4266 use UTC instead of Berlin as default 2012-05-24 00:47:03 +02:00
Robin Appelman 3775c0d8b2 dont throw errors when apps dont have types configured 2012-05-20 18:52:44 +02:00
Robin Appelman 3b4c47c52e files app is always enabled 2012-05-20 18:52:27 +02:00
Frank Karlitschek 8a0dc774bc 4 2012-05-19 18:20:23 +02:00
Frank Karlitschek 7e49a33d64 getStorage belongs to files not to apps. 2012-05-19 10:44:08 +02:00
Frank Karlitschek 08f7d4c552 document the public classes a bit more 2012-05-19 10:36:57 +02:00
Robin Appelman a2cc772aa5 dont run update scripts for apps that arent enabled 2012-05-19 02:00:46 +02:00
Robin Appelman b096fd9ed8 log upgrades 2012-05-19 01:55:20 +02:00
Robin Appelman df64b9b0e9 strict standards fixes for sqlite3 2012-05-19 01:39:41 +02:00
Michael Gapczynski 90cbc32c77 Fix redirect after login, prevent open redirects 2012-05-18 16:56:48 -04:00
Frank Karlitschek 16224e5e8b "fopen(" interferes with our own classes.
remove it for now and let´s fix this later
2012-05-18 18:22:37 +02:00
Frank Karlitschek 2d3c709163 Merge branch 'master' of gitorious.org:owncloud/owncloud 2012-05-18 15:56:15 +02:00
Frank Karlitschek db77dc91bc only try to install apps that are compatible with oC4 2012-05-18 15:54:36 +02:00
Frank Karlitschek 2e9115efe0 increase to RC2 2012-05-18 15:54:17 +02:00
Michiel de Jong a6ff909911 this code looks wrong to me but i'm putting it back while we find out what the right code should look like 2012-05-18 15:39:28 +02:00
Michiel de Jong 1a874b4c56 make redirect safe by restricting it to current host 2012-05-18 15:32:41 +02:00
Michiel de Jong 9b5e8a2c63 fix redirect to desired page after login 2012-05-18 15:11:01 +02:00
Robin Appelman 48505c5626 improve tar archive backend 2012-05-18 01:54:59 +02:00
Robin Appelman c1ba4deb72 when scanning a folder that is a mountpoint, use the root of the mount for checking if a folder is writable instead of the folder 2012-05-17 01:47:58 +02:00
Robin Appelman aac9629e88 add support for custom ports for mysql/pgsql by adding :portnumber to the database host 2012-05-17 01:06:22 +02:00
Robin Appelman 5fe7200a7f update documentation of oc_user::checkpassword 2012-05-17 00:57:43 +02:00
Robin Appelman 2c99924f7d make sure the group exists in the backend before adding a user to it 2012-05-17 00:47:43 +02:00
Bart Visscher b39f01fce6 Comment spelling fix 2012-05-16 18:52:40 +02:00
Bart Visscher 5d72681d10 Better place to check caching headers 2012-05-16 18:52:40 +02:00
Arthur Schiwon 01b366df80 avoid corrupt ZIP files on lighttpd, should fix oc-467 2012-05-15 11:57:24 +02:00
Thomas Mueller 583dce5276 removing executable bit - again 2012-05-15 00:52:00 +02:00
Robin Appelman 6779f28af4 cache app types during install or update 2012-05-14 22:49:31 +02:00
Thomas Mueller bda2dbec1f Prevent Clickjacking by adding additional headers:
header('X-Frame-Options: Sameorigin');
                header('X-XSS-Protection: 1; mode=block');
                header('X-Content-Type-Options: nosniff');

Thanks to Lukas Reschke for reporting this issue (and many more).
2012-05-14 15:34:28 +02:00
Robin Appelman e7c106d91e selective app loading for remote/public 2012-05-14 00:28:28 +02:00
Michael Gapczynski a332c39472 Check if path_info is empty as well, fixes bug oc-632. Thanks to die3lustigen2. 2012-05-13 15:26:30 -04:00
Robin Appelman 8d475debe0 additional logging when db upgrade fails 2012-05-13 21:21:39 +02:00
Robin Appelman 1a2ab2ef68 prevent user creation with empty password 2012-05-13 20:53:56 +02:00
Thomas Tanghus 3926e2d4f3 VCategories: Made a small check for categories that seems to resolv the problems in Calender. Also reverts the changes from 9e6221b229. 2012-05-13 15:07:07 +02:00
Thomas Tanghus 9e6221b229 VCategories: Suppress error messages stemming from import from file app. 2012-05-13 09:16:53 +02:00
Frank Karlitschek af77ce9a9b This is RC now 2012-05-13 05:11:10 +02:00
Robin Appelman 9eb91a111d update to jquery 1.7.2 2012-05-12 00:37:19 +02:00
Brice Maron 5b7c69f978 Change sqlite escaping of identifier to double quote. Fixing some issues 2012-05-11 19:45:53 +00:00
Bart Visscher 919681f3e6 Make processed css files cachable 2012-05-11 21:33:02 +02:00
Robin Appelman 847832ae77 also set remote/public paths on installing apps 2012-05-11 20:58:23 +02:00
Robin Appelman d12021e3c4 fix sqlite3 driver against updated MDB2 2012-05-11 20:56:02 +02:00
Robin Appelman cf3940425f don't do the initial scanning of the users home folder trough the update system 2012-05-11 20:49:19 +02:00
Robin Appelman 0622fa79ba add temporary filestorage backend for testing purposed 2012-05-11 20:33:56 +02:00
Robin Appelman b40f9670ae allow clearing hooks and fileproxies 2012-05-11 20:33:56 +02:00
Robin Appelman 736739bbbd load remote and public paths from info.xml during upgrade instead of setting them every time 2012-05-11 20:33:56 +02:00
Michiel de Jong c99d7dd94f the ',last' breaks all other rewrite rules and is also not there in the committed .htaccess, so removing it. anybody know why it was there? 2012-05-11 17:59:21 +02:00
Michiel de Jong 347ce2aafa match setup script to .htaccess from repo 2012-05-11 17:30:27 +02:00
Michiel de Jong 4462b26160 oops, typo in lib/setup.php 2012-05-11 17:09:10 +02:00
Michiel de Jong 2dff357a4e add new htaccess things into setup script too 2012-05-11 17:06:04 +02:00
Georg Ehrke 8f2217ca2e make default app choosable 2012-05-11 13:56:52 +02:00
Tom Needham 709b0a1ddc Check if app is enabled before exporting its data 2012-05-10 23:06:53 +00:00
Michael Gapczynski de95bf62a2 Prevent any null bytes related exploits, thanks to Lukas Reschke 2012-05-10 11:44:06 -04:00