d26a9c3c58
Add some security utilities
...
This adds some security utilities to core including:
- A library for basic crypto operations (e.g. to encrypt passwords)
- A better library for cryptographic actions which allows you to specify the charset
- A library for secure string comparisions
Remove .htaccess
Remove .htaccess
Fix typo
Add public API
Use timing constant comparision
Remove CBC constant
Adjust code
Remove confusing $this
2014-08-27 00:18:04 +02:00
2ad0d3f1be
Throw exception if file cannot be accessed via http
...
Format file
Removing calls to deprecated classes and using internal method to get via http
Missed a character
Fix inverted logic
2014-08-22 19:41:30 -04:00
9a5e745a64
fix typo
2014-08-19 16:45:22 +02:00
b3b3354809
move to public namespace
2014-08-19 14:05:08 +02:00
2df52e54d7
Fix STORAGE_* constants usage by moving those constants into \OC\Files\Filesystem.
...
As constants not defined within a class cannot be automatically found by the
autoloader moving those constants into a class makes them accessible to
code which uses them.
Signed-off-by: Stephan Peijnik <speijnik@anexia-it.com>
2014-08-19 13:55:35 +02:00
fdfc5c67f8
Merge pull request #9866 from owncloud/app-upgrade
...
Don't do app upgrades in the background
2014-08-19 13:33:38 +02:00
722a119e46
fix typo in util.php
2014-08-18 15:59:36 +02:00
ccc46be740
Make skeleton directory configurable.
2014-08-16 01:07:42 +02:00
3e493501da
Merge pull request #9890 from owncloud/check-php-charset-master
...
setting and checking default_charset in php.ini to be UTF-8
2014-08-11 22:11:11 +02:00
43d790239d
Extend OC_Util::needUpgrade to also catch app upgrades
2014-08-04 13:41:04 +02:00
c53b56e313
Merge pull request #9798 from owncloud/ocs_share_api_add_expire_date
...
[share api] add OCS api call to set expire date for link shares
2014-07-28 17:28:32 +02:00
260729fd7d
Verify whether the URL is valid
...
Required for https://github.com/owncloud/mail/pull/100#issuecomment-50266017
@karlitschek Backport for stable6 and stable7 requested.
2014-07-27 16:46:32 +02:00
ecc1f92bb6
add OCS api call to set expire date for link shares
2014-07-25 13:38:18 +02:00
07dc0b2fdf
setting and checking default_charset in php.ini to be UTF-8
2014-07-25 09:53:25 +02:00
2fec6cbd5b
Remove forgotten debug log
2014-07-03 12:26:17 +02:00
3e78f41d00
Use getAbsoluteUrl for redirection URL
...
Also separate the function into getDefaultPageUrl() and
redirectToDefaultPage() to make it testable.
2014-07-01 16:02:38 +02:00
c005515ebd
Support for multiple default apps
...
If a default app isn't visible for the user, try the next one.
Else fallback to the "files" app.
2014-07-01 15:42:26 +02:00
894d69184a
Add bak defaultapp setting
2014-07-01 14:28:45 +02:00
ae68a773c0
more strings to translate in utils also some fixes in defaults
2014-06-28 13:29:24 +02:00
fd8b5680dd
Merge pull request #8383 from owncloud/object_storage
...
Object storage
2014-06-27 16:53:03 +02:00
5cae863408
change architecture from inheritance to composition
2014-06-18 12:53:20 +02:00
4e65889f54
only use one config option 'objectstore' for root and home storage configuration
2014-06-18 12:53:20 +02:00
7493ff0624
fix unit test by always initializing the root of the storage in the constructor
2014-06-18 12:53:20 +02:00
10de4a7b90
move creation of / and users 'files' from storage constructor to setupFS / mount initialization
2014-06-18 12:53:20 +02:00
85ccfad37c
change 'object_storage' config param to 'root_storage'
...
copy skeleton only for local filesystems
2014-06-18 12:53:19 +02:00
2bf7e5c02f
make objectstore setup more robust, don't pass user to object store mounted as root
2014-06-18 12:53:19 +02:00
3c66a8c8ed
allow configuring objectstore as home and root storage
2014-06-18 12:53:19 +02:00
799205488c
Prevent loadApps on upgrade
...
Moved OC::needUpgrade() to OCP\Util::needUpgrade() to make it accessible
form the router.
Moved maintenance + upgrade check to the router.
2014-06-18 11:10:07 +02:00
ac7fb1b23e
Remove legacy routing code
...
The getfile routing code was absolutely legacy and not needed anymore. Additionally \OC::$REQUESTEDAPP was never set to the actually accessed application.
This commit removes the legacy routing code and ensures that $REQUESTEDAPP is always set so that other applications (e.g. the firewall or a two-factor authentication) can intercept the currently accessed app.
Testplan:
[x] Installation works
[x] Login with DB works
[x] Logout works
[x] Login with alternate backend works (tested with user_webdavauth)
[x] Other apps are accessible
[x] Redirect on login works (e.g. index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fapps%3Finstalled)
[x] Personal settings are accessible
[x] Admin settings are accessible
[x] Sharing files works
[x] DAV works
[x] OC::$REQUESTEDAPP contains the requested application and can be intercepted by other applications
2014-06-05 11:45:45 +02:00
f1bf06f8cf
Merge pull request #8884 from owncloud/move-flock-to-app
...
remove file locking - code will continue to live in it's own app
2014-06-05 10:54:24 +02:00
ec7225da66
remove file locking - code will continue to live in it's own app
2014-06-04 20:11:54 +02:00
76e04027bc
Upgrade SabreDAV to 1.8.10
...
Updating SabreDAV namespaces
2014-06-04 12:22:23 +02:00
ab6680e9ab
name the storage wrapper to make sure that we don't apply the wrapper multiple times
2014-06-04 07:55:46 +02:00
5365ae416e
flock changes. Work in progress.
2014-06-04 07:55:44 +02:00
555b9cc245
Merge pull request #7614 from owncloud/test_annotations_working
...
Check if ReflectionMethod::getDocComment is working
2014-05-30 22:17:30 +02:00
99d46af0b4
Use instanceOfStorage instead of instanceof
2014-05-29 13:52:58 +02:00
12338e0ef0
allow admin to disable sharing for specific groups of users
2014-05-22 10:43:44 +02:00
06af8e09da
adding annotation check to checkServer()
2014-05-19 21:51:35 +02:00
30f1ec2521
Merge branch 'master' into test_annotations_working
...
Conflicts:
lib/private/util.php
2014-05-19 21:42:30 +02:00
dc36d30953
Remove all occurences of @brief and @returns from PHPDoc
...
* test case added to avoid adding them later
2014-05-19 17:50:53 +02:00
b6e14af861
allow admin to enforce passwords for public link shares
2014-05-16 17:41:09 +02:00
f7e777f7d2
Fix various code errors detected by Scrutinizer
...
Fixed:
- An error with a misplaced bracket in lib/private/util.php
- An error with an incorrect function being called in lib/public/contacts.php
2014-05-13 19:09:14 +01:00
87b548ed91
Fix all PHPDoc types and variable names, in /lib
2014-05-13 19:08:14 +01:00
b5bc37d2e4
Fix @return array PHPDocs, in /lib
2014-05-13 19:08:14 +01:00
a9ac11718e
backup the encryption key after the encryption was disabled so that the user
...
can restore them if needed
2014-05-13 12:35:25 +02:00
287c8981bc
Check if ReflectionMethod::getDocComment is working
2014-05-09 22:44:55 +02:00
5cfc9d973d
Fix PHP Doc and use readable variable name
2014-05-04 13:02:58 +02:00
d091cca636
Fix typo
2014-05-04 12:53:06 +02:00
e88731a477
Some more PHPDoc fixes
2014-04-21 15:44:54 +02:00
d98ae4f9b2
Fix a wrong WebDAV Warning with self-signed-certs
...
Occuring in the admin interface
2014-04-13 05:24:29 +02:00
77ecfdd1a4
Only encode dangerous dangerous characters
...
There is no need to encode all characters into HTML entities, only potential dangerous characters as &, ", ', < and > should get encoded.
This may fix issues like https://github.com/owncloud/calendar/pull/394
2014-04-11 19:42:15 +02:00
7278f2f567
Sub-dir was prepended twice
2014-03-29 20:40:49 +01:00
c14107550d
Use UrlGenerator in OC\Util::redirectToDefaultPage(). Fix #7936
2014-03-28 18:05:48 +01:00
2d592ddc8f
Fix CURLOPT_FOLLOWLOCATION bug with open_basedir or safe_mode restriction enabled.
...
Squashed commit of the following:
commit eaf4f43f687db59137a0b00bc0e12ed4eb0d0943
Merge: 1e9c5behttps://github.com/kev300/core into kev300-master
commit 1e7d7bdd8b5c7f301501cb822cdf2ef0ad3f2872
Author: kev300 <admin@gadeco.de>
Date: Tue Dec 17 14:11:42 2013 +0100
Update util.php
commit 3f0723f054a27a506be7f26932ccb54fff6f2be9
Author: kev300 <admin@gadeco.de>
Date: Tue Dec 17 14:09:15 2013 +0100
Update util.php
commit 512176abdcfbe5b2b060b91033abc9608912d1f8
Author: kev300 <admin@gadeco.de>
Date: Tue Dec 17 14:02:04 2013 +0100
Update util.php
commit 6cbefd080188d287024e0b047b88dd4525d6c2c1
Author: kev300 <admin@gadeco.de>
Date: Mon Dec 16 16:44:46 2013 +0100
Update util.php
Fix CURLOPT_FOLLOWLOCATION bug with open_basedir or safe_mode restriction enabled.
2014-03-28 12:09:29 +01:00
5fa8f7cf12
Merge pull request #7107 from owncloud/load-apps-proper-master
...
Load apps proper master
2014-03-28 10:33:55 +01:00
743ca4581d
Merge pull request #7748 from owncloud/postgresversionwarning
...
Added PostgreSQL version warning on upgrade
2014-03-25 23:17:18 +01:00
6bfeb342db
fixing code style
2014-03-25 23:17:00 +01:00
a25b86a30e
Log exception when PostgreSQL version check failed
2014-03-24 11:54:44 +01:00
6ff96b34ad
Merge branch 'master' into load-apps-proper-master
...
Conflicts:
apps/files/ajax/rawlist.php
cron.php
ocs/v1.php
2014-03-21 14:05:08 +01:00
6de9033d86
Added warning for Mac OS on setup page
2014-03-20 12:57:55 +01:00
36c0f08ec0
Merge pull request #7732 from owncloud/datafolderexistence
...
Added .ocdata file to check for data folder validity
2014-03-20 11:31:28 +01:00
3cd09f2b09
Added PostgreSQL version warning on upgrade
2014-03-17 18:58:00 +01:00
166dfbf58b
use a non-recursive chmod on the datadir
2014-03-17 12:53:55 +01:00
3c46dcd7dd
Added .ocdata file to check for data folder validity
...
In environments where the data folder is mount from another partition,
it is important to check that the data folder we see is actually the
real one. If the mount failed for some reasons, this fix will make
ownCloud temporarily unavailable instead of causing unpredictable
behavior.
2014-03-14 15:36:35 +01:00
f19276f7bc
Merge branch 'master' into no-css-js-delivery-via-php
...
Conflicts:
config/config.sample.php
2014-02-21 09:51:51 +01:00
ec45a3c0e2
Merge pull request #6962 from owncloud/quota-space-root
...
Allow passing a root folder to get the used space from in the quota wrapper
2014-02-20 16:47:59 +01:00
fbea02bebb
kill $coreStyles and $coreScripts
2014-02-20 14:18:01 +01:00
719f1111b6
Merge pull request #6714 from owncloud/files-newfileinvalidcharsfix
...
Added extra checks for invalid file chars in newfile.php and newfolder.php
2014-02-20 11:53:58 +01:00
adaee6a5a1
Scrutinizer Auto-Fixes
...
This patch was automatically generated as part of the following inspection:
https://scrutinizer-ci.com/g/owncloud/core/inspections/cdfecc4e-a37e-4233-8025-f0d7252a8720
Enabled analysis tools:
- PHP Analyzer
- JSHint
- PHP Copy/Paste Detector
- PHP PDepend
2014-02-19 09:31:54 +01:00
c6f4f85e27
Merge branch 'master' into scrutinizer_documentation_patches
...
Conflicts:
lib/private/migration/content.php
2014-02-18 18:31:33 +01:00
797e0a614c
Added extra checks for invalid file chars in newfile.php and newfolder.php
...
- added PHP utility function to check for file name validity
- fixes issue where a user can create a file called ".." from the files UI
- added extra checks to make sure newfile.php and newfolder.php also
check for invalid characters
2014-02-18 17:54:32 +01:00
181bbd4325
Remove usage of legacy OC_Appconfig
2014-02-13 16:28:49 +01:00
b330d07b51
Fix more documentation failes
...
Issue #7111
2014-02-08 11:47:55 +01:00
8ad3fc89be
Merge branch 'master' into quota-space-root
2014-02-07 23:29:26 +01:00
2a6a9a8cef
polish documentation based on scrutinizer patches
2014-02-06 17:02:21 +01:00
0db5fead8e
remove some more global variable $RUNTIME_NOAPPS
2014-02-06 10:04:18 +01:00
bca725dc32
Merge branch 'master' into setup
...
Conflicts:
core/setup.php
2014-01-31 16:43:12 +01:00
a521949baf
Allow passing a root folder to get the used space from in the quota wrapper
2014-01-27 15:41:56 +01:00
23a4d0d44e
OC_Util::setupFS($user) will create a data dir for the given string - no matter if the user really exists - OCP\JSON::checkUserExists($owner); introduces a ready to use check which will bail out with an JSON error
2014-01-21 11:32:30 +01:00
0f794b6889
Merge pull request #6820 from owncloud/phpunit-test-config
...
Load a separate config (if present) when running unit tests
2014-01-20 12:14:09 -08:00
39be83ca8b
Merge pull request #6676 from aseques/check_internet_proxy
...
Fix internet detection to use OC_Util::getUrlContent
2014-01-19 12:08:55 -08:00
6b4c3df087
Load a separate config (if present) when running unit tests
2014-01-17 14:40:48 +01:00
a2cae551f3
fixing typo in redirection query string
2014-01-12 15:49:32 +01:00
2abea96462
Disabled internet checking as mentioned when in proxy mode
2014-01-10 09:33:35 +01:00
c205d8d1c9
Merge remote-tracking branch 'owncloud/master' into fixing-3417-master
...
* owncloud/master: (1989 commits)
[tx-robot] updated from transifex
dont try to register background jobs if we haven't upgraded yet
adjust test
coding style
coding style
On webdav sesssions, loginname was compared to username which does not need to match necessarily
rely only on php DateTime to parse the db datetime string
LDAP: fix method behind save button on advancend and expert tabs, fixes at least Home Folder setinng
Fix webroot for update page
Update 3rdparty ref
update 3rdparty
toggle select all checkbox
remove unneeded ; in comment
LDAP: the browser shall not autofill userdn and password, usually login credentials are inserted. fixes #6283
Add test for having utf8 filenames in the cache
fix fallback overwriting result of getHome
[tx-robot] updated from transifex
fix smbclient directory listing parser
cache the home folder of a User
Send "SET NAMES utf8" to MySQL for PHP below 5.3.6
...
Conflicts:
lib/util.php
2013-12-14 18:32:48 +01:00
61296ed7bb
lower required php version to 5.3.3
2013-12-04 10:25:22 +01:00
7ca0de9bd3
make 5.3.8 the minimum supported version. This fixes several issues with broken PHP versions like: https://github.com/owncloud/core/issues/5734
...
Also make the version compare clearer. It was pure luck that floatval on a php version returned the correct value.
2013-11-29 15:46:10 +01:00
228f1788fa
add new function to generate the human readable version string based on version, channel and build number
2013-11-24 21:26:34 +01:00
4a2f9636cf
Merge pull request #5773 from owncloud/fix-2152-master
...
Make working en_US.UTF-8 locale a hard requirement
2013-11-21 08:03:21 -08:00
cd1cf58875
Fixing the warning notifications
2013-11-21 14:44:25 +01:00
69e8e7dbd5
Now using the "Home" storage detection approach for quota
...
To find out whether to apply a quota, we now try and detect whether the
storage to wrap is a "Home" storage.
2013-11-21 12:17:47 +01:00
356eef0739
Quota storage wrapper is now used for all users in sharing mode
...
When accessing a shared folder, the folder's owner appears as mountpoint
but wasn't wrapped by a quota storage wrapper.
This fix makes sure that all home storages are wrapped by a quota
storage wrapper, if applicable, to make sure quotas are respected when
uploading into shared folders.
2013-11-21 12:04:54 +01:00
368342a085
Update error messages
2013-11-15 14:46:00 +01:00
bcf56b0407
Use \Patchwork\Utf8\Bootup::initLocale
2013-11-15 13:06:35 +01:00
a6d8854d2a
Make working en_US.UTF-8 locale a hard requirement
2013-11-08 14:30:08 +01:00
3f42c890be
we should check if a user is logged in before we check for admin privilege
2013-10-30 22:59:31 +01:00
124984905e
introduce OC_Helper::linkToDocs()
2013-10-21 22:01:27 +02:00
148d2616e5
introduce link_to_docs() and migrate links
2013-10-21 21:29:45 +02:00
5c5621d84e
Merge pull request #5395 from owncloud/more_check_options
...
add options to disable the check for a working .htaccess file in data
2013-10-18 01:23:20 -07:00
6a60a47d59
add options to disable the check for a working .htaccess file in data and for a working WebDAV server. This are advanced settings that are needed in special situations where our check fail and the user runs into an http timeout.
2013-10-17 16:27:43 +02:00
52e31405f7
Added timeout value to WebDAV post setup check
...
Fixes #5357
2013-10-16 12:34:22 +02:00
30faaf92b9
Merge pull request #5142 from owncloud/fix_version_cache_expire
...
correctly expire cache if version file changed.
2013-10-07 03:48:29 -07:00
3f29e4ebea
a few styleguide fixes
2013-10-07 12:27:02 +02:00
72b30e3e45
correctly expire cache if version file changed. Fixes problem that ownCloud only starts upgrading during login
2013-10-05 12:50:36 +02:00
21cbef0d2c
passesCSRFCheck added to OCP\IRequest
2013-10-04 18:13:04 +02:00
61a9098b7d
Add Helper and URLGenerator interfaces to server container
2013-10-04 18:11:02 +02:00
51295e9a6b
Merge branch 'master' into sharing_mail_notification_master
...
Conflicts:
apps/files/index.php
apps/files/templates/index.php
2013-10-04 12:30:49 +02:00
47666796a7
ups. remove debug
2013-10-04 09:42:38 +02:00
e49ee47e7b
use Filesystem::isIgnoredDir
2013-10-04 09:28:46 +02:00
f0a98cc923
fix typo
2013-10-04 09:25:54 +02:00
6d95436695
add public static
2013-10-04 09:24:07 +02:00
e40afbebc6
make it possible to prepopulate a new user gome with a skeleton
2013-10-03 23:22:11 +02:00
a90ea2c069
Merge remote-tracking branch 'origin/master' into setup
2013-10-02 18:23:59 +02:00
8b08b1b455
Merge branch 'master' into sharing_mail_notification_master
...
Conflicts:
lib/private/util.php
2013-10-02 10:11:18 +02:00
9eab8b39df
Merge branch 'master' into fixing-4620-master
2013-10-01 22:57:46 +02:00
e2fe71b6e7
Merge branch 'master' into lib-private-master-2
2013-10-01 16:11:59 +02:00
02d6976263
Merge branch 'master' into lib-private-master-2
2013-09-30 21:29:58 +02:00
9c9dc276b7
move the private namespace OC into lib/private - OCP will stay in lib/public
...
Conflicts:
lib/private/vcategories.php
2013-09-30 16:36:59 +02:00
Lukas Reschke
Clark Tomlinson
Morris Jobke
Stephan Peijnik
Robin Appelman
helix84
Stefan Rado
Thomas Müller
Björn Schießle
Lukas Reschke
Vincent Petry
Volkan Gezer
Jörn Friedrich Dreyer
Lukas Reschke
ringmaster
Robin McCorkell
Thomas Tanghus
kondou
Scrutinizer Auto-Fixer
Joas Schilling
Bart Visscher
st3so
Joan
Andreas Fischer
Frank Karlitschek