Thomas Tanghus
af12b0f5da
Autoload classes with 'OC' namespace prefix.
2012-12-11 16:00:48 +01:00
Bart Visscher
1e062ea895
Merge pull request #182 from owncloud/fix-redirect
...
Make the redirect_url working again
2012-12-07 03:09:19 -08:00
Thomas Müller
76625e9ba5
Merge pull request #647 from owncloud/fix_app_settings_navigation
...
Move loading of all the apps to setting the active navigation entry.
2012-12-05 01:48:20 -08:00
Thomas Mueller
e65abb8054
minified version no longer available
2012-12-04 14:49:19 +01:00
Bart Visscher
8ce3aca331
Move loading of all the apps to setting the active navigation entry.
...
We can't do the loading before matching the route, because some routes
need to do the loading after matching of the route. For example the
navigation detection of the app settings page.
2012-11-30 12:47:44 +01:00
Jörn Friedrich Dreyer
eaa625c9bc
Merge pull request #401 from owncloud/share_hooks
...
Create functions to install standard hooks
2012-11-28 04:35:52 -08:00
Bart Visscher
8bed38c78d
Rename install hook functions to register hook
2012-11-15 18:13:54 +01:00
Bernhard Posselt
e642d18e26
When using routing in apps, no apps are loaded in the left navigation tree. To fix this: load apps for matching a request
2012-11-15 14:48:18 +01:00
Bart Visscher
530f3f8be9
Create functions to install standard hooks
...
Also use these in tests that needs them
Fix #151
2012-11-13 23:45:17 +01:00
Bart Visscher
7b53c9d3f0
Merge pull request #157 from owncloud/setup
...
Make lib/setup.php usable outside of install setup
2012-11-12 13:23:31 -08:00
Thomas Tanghus
7f0c69eb0e
Added CRUDS permissions to the OCP namespace. Implements issue #345
2012-11-11 23:09:54 +01:00
Stefan Seidel
8f669880bc
Fix WebDAV (and Android Client) not being able to authorize on Debian Squeeze + mod_fcgid installs.
2012-11-09 13:30:07 +01:00
Felix Moeller
a4b2ea586d
Style: Remove all the dangling white spaces
2012-11-04 22:16:04 +01:00
Felix Moeller
27ab0357ae
Checkstyle: Fix last six NewlineBeforeOpenBrace
2012-11-04 18:36:16 +01:00
Thomas Müller
8ac3849a95
Merge pull request #238 from fmms/checkstyle04
...
Checkstyle fixes
2012-11-04 08:59:45 -08:00
Lukas Reschke
8c4c74b23f
Merge pull request #178 from owncloud/JustOneCSRFTokenPerSession
...
Just one CSRF token per session
2012-11-04 05:54:02 -08:00
Felix Moeller
30d7993e01
Checkstyle fixes: NoSpaceAfterComma
2012-11-04 11:10:46 +01:00
Lukas Reschke
d2e842fcc9
Remove uneeded new line
2012-11-01 22:38:21 +01:00
Lukas Reschke
822e4d5f6c
Check for redirect_url for logged in users
...
This checks if there is a redirect_url for logged in users
2012-11-01 22:37:37 +01:00
Lukas Reschke
81f019b6c5
Make the redirect_url working again
...
Fixes #160
2012-10-31 22:03:55 +01:00
Lukas Reschke
7a7f12a0c1
Create only one CSRF token per session
...
Before, the CSRF token expired every hour. We had a script in place
which should refresh the token but this don't worked in every case.
(Laptop sleeping etc.)
With this commit, the token will only get once created for every
session so that the "Token expired" warning shouldn't appear.
2012-10-31 18:37:59 +01:00
Bart Visscher
6d09752940
DRY for creating htaccess to protect data-directory
2012-10-30 20:57:19 +01:00
Bart Visscher
246d7ea2ea
Separate control code from class definition
2012-10-30 20:56:31 +01:00
Lukas Reschke
f6b6780072
Don't use OC_Setup as it will show up the installer
2012-10-29 22:44:49 +01:00
Lukas Reschke
6903475841
Generate .htaccess when upgrading from old versions
...
When upgrading from old ownCloud versions like 2.x the .htaccess is not
generated - which exposes the data to the internet. This fix will
generate a .htaccess when upgrading. (And no one exists)
Fixes #127
2012-10-29 22:03:18 +01:00
Bart Visscher
fecfeac55d
Fix introduced style errors
2012-10-27 17:45:15 +02:00
Bart Visscher
894d44e796
Merge remote-tracking branch 'git://github.com/susinths/SabreDAV_1.7.1.git'
...
Conflicts:
lib/base.php
2012-10-27 16:33:10 +02:00
Bart Visscher
0120f3fd62
Merge branch 'routing'
...
Conflicts:
core/lostpassword/index.php
core/lostpassword/resetpassword.php
2012-10-27 11:58:02 +02:00
Bart Visscher
43e8293d9c
Change Symfony/Component/Routing from submodule to composer fetching
2012-10-27 11:32:16 +02:00
Felix Moeller
6a00a6b9ed
Make Jenkins more happy.
...
This is NoSpaceAfterComma
2012-10-23 00:28:12 +02:00
Bart Visscher
6081bfa2bc
Merge branch 'master' into routing
...
Conflicts:
lib/search/provider/file.php
settings/ajax/changepassword.php
settings/settings.php
2012-10-17 16:38:11 +02:00
Susinthiran Sithamparanathan
b2b84f3a6f
Update Sabre to version 1.7.1
2012-10-17 16:17:36 +02:00
Lukas Reschke
de7b46c66a
Use `get_magic_quotes_gpc()` to determine if magic_quotes is enabled
...
set_magic_quotes_runtime gives a PHP warning
2012-10-16 19:42:17 +02:00
Lukas Reschke
59404b5675
Merge pull request #31 from visit1985/persistentcookies
...
reresubmit: improved persistent cookies :)
2012-10-16 04:46:22 -07:00
Victor Dubiniuk
ddcd738357
Merge branch 'extended_log'
...
PHP errors logging into the owncloud log
2012-10-16 01:30:45 +03:00
Michael Göhler
8be9c04a3a
128byte is not 128bit - now we realy use 256bit (same as PHPSESSID)
2012-10-15 20:04:22 +02:00
Michael Göhler
ae1f33db54
implement fixed php session timeout and session id regeneration
2012-10-14 22:36:26 +02:00
Michael Göhler
b92fd984aa
removed username and password from token generation
2012-10-14 22:36:26 +02:00
Michael Göhler
a6c4046f48
fixed typo and redundant method call
2012-10-14 22:36:25 +02:00
Michael Göhler
d8fe6fbb40
added a warning message to the log when a cookie is rejected
2012-10-14 22:36:25 +02:00
Michael Göhler
382f8d060c
fixed wrong variable usage
2012-10-14 22:36:25 +02:00
Michael Göhler
38b9bffaea
call unsetMagicInCookie if token is invalid
2012-10-14 22:36:25 +02:00
Michael Göhler
eb79ccafe3
forgot a class name
2012-10-14 22:36:25 +02:00
Michael Göhler
2ea06f67bd
delete all tokens on password change
2012-10-14 22:36:25 +02:00
Michael Göhler
45f1c3f120
further improvements on multiple login token support
...
outdated tokens are deleted before checking against cookies
if an invalid token is used we delete all stored tokens for saveness
used token will be replaced by a new one after successful authentication
2012-10-14 22:36:25 +02:00
Michael Göhler
ee5d0f328f
improve token security
...
switched from time() to internal method OC_Util::generate_random_bytes()
2012-10-14 22:36:25 +02:00
Bart Visscher
4b799a6982
Make the lifetime of the remember login cookie
2012-10-14 22:36:25 +02:00
Bart Visscher
7f3e0b5566
Cleanup login tokens on login success
2012-10-14 22:36:25 +02:00
Bart Visscher
1012d317e3
Add support for multiple login cookie tokens
2012-10-14 22:36:25 +02:00
Michael Göhler
7095b3a083
extend logon page to display multiple error messages
2012-10-14 19:57:24 +02:00
Bart Visscher
9a35bd76fb
Use resolved path for require_once in autoloader
2012-10-12 15:47:41 +02:00
Bart Visscher
2c3674ea87
Add logging when stripping apps from autoload include path
2012-10-10 21:06:15 +02:00
Bart Visscher
fe40277ec2
Use __DIR__ instead of __FILE__ to get SERVERROOT
2012-10-10 21:06:15 +02:00
Lukas Reschke
cda2135966
Send a HSTS HTTP header to enforce SSL
2012-10-10 18:56:14 +02:00
Arthur Schiwon
3affeb5bd7
destroy invalid sessions
2012-10-08 13:36:11 +02:00
Bart Visscher
f3a211c03c
Implement routing on javascript side
2012-10-05 09:42:36 +02:00
Robin Appelman
f8eebcbb01
reload the current url when login in instead of always redirecting to the default app (oc-1873)
2012-09-30 03:47:37 +02:00
Lukas Reschke
578aa4e425
Removed sectoken
...
This token is completly useless since an attacker can easily extract it
from the page.
2012-09-29 15:18:38 +02:00
Bart Visscher
c9317b5a68
Merge branch 'master' into routing
2012-09-28 21:41:21 +02:00
Bart Visscher
bf1057143c
Merge branch 'master' into routing
...
Conflicts:
apps/files/js/filelist.js
core/js/js.js
lib/ocs.php
2012-09-28 15:38:49 +02:00
Christian Reiner
743826bbf3
Reimplementation of CSRF protection including autorefresh
2012-09-28 13:30:44 +02:00
VicDeo
2b6869bcea
Uncaught exception logging
2012-09-26 14:38:06 +03:00
Lukas Reschke
c4fc291fa7
Passwords containing a ":" don't work with this explode
...
Thanks to mETz
2012-09-25 19:57:40 +02:00
Victor Dubiniuk
bbf8bb0bb3
Log PHP errors to the OC log
2012-09-12 22:30:04 +03:00
Michael Gapczynski
c5f9b887ff
Don't call clearCache() for OC_Minimizer statically, create OC_Minimizer objects for both CSS and JS to clear cache after upgrade
2012-09-12 01:18:07 -04:00
Robin Appelman
46422e6dbe
don't use regular expresions for a simple string replace
2012-09-08 23:40:23 +02:00
Bart Visscher
ceec5e593c
Remove redundant loadApps
2012-09-07 16:19:08 +02:00
Bart Visscher
5eba579827
Merge branch 'master' into routing
...
Conflicts:
apps/files/js/fileactions.js
lib/base.php
lib/helper.php
lib/ocs.php
2012-09-07 15:51:44 +02:00
Thomas Mueller
3829460ab8
adding space between) and {
2012-09-07 15:22:01 +02:00
Bart Visscher
5e55b4d6e7
Whitespace fixes in lib
2012-09-07 14:08:29 +02:00
Bart Visscher
9ea7817a40
Remove core.{css,js} cache on upgrade
2012-09-07 13:42:22 +02:00
Thomas Müller
9eccc0121a
Respect coding style
2012-09-05 13:22:38 +03:00
Thomas Müller
7901fc33a8
fixing syntax error
2012-09-04 15:54:38 +03:00
Thomas Müller
aff08925c1
fixing syntax error - sorry for that
2012-09-04 15:46:43 +03:00
Thomas Müller
2028500c0a
fixing syntax error - sorry for that
2012-09-04 15:42:58 +03:00
Thomas Müller
e4e0b5a822
Respect coding style
2012-09-04 15:34:09 +03:00
Robin Appelman
2508f64efe
set debug mode if an xdebug session is active
2012-09-01 20:52:13 +02:00
Robin Appelman
a7255181ad
fix autoloader throwing errors for non-oc classes
2012-09-01 15:36:52 +02:00
Robin Appelman
3dacf149de
allow configuring user backends in config.php
2012-09-01 02:50:27 +02:00
Robin Appelman
f67aef608f
load authentication apps on login
2012-09-01 02:50:27 +02:00
Robin Appelman
ebd813ae95
don't throw errors in the autoloader when a class doesn't exist
2012-09-01 02:50:27 +02:00
Bart Visscher
b483f2aab8
Merge branch 'master' into routing
...
Conflicts:
apps/contacts/js/contacts.js
apps/contacts/lib/search.php
apps/files_archive/js/archive.js
apps/gallery/lib/tiles.php
apps/gallery/templates/index.php
lib/ocs.php
2012-08-30 21:49:28 +02:00
Bart Visscher
db18218a1b
Space before tab fixes
2012-08-29 20:34:44 +02:00
Bart Visscher
52f2e7112e
Whitespace fixes in lib
2012-08-29 20:28:45 +02:00
Bart Visscher
53e51fe46b
Clean user cache on login
2012-08-28 23:07:28 +02:00
Bart Visscher
8a02a8852f
Add background job for global file cache cleanup
2012-08-28 23:07:28 +02:00
Bart Visscher
63af75586b
Merge branch 'master' into routing
2012-08-15 17:39:00 +02:00
Bart Visscher
db4111f6d5
Routing: Add some core routes
2012-08-12 16:52:36 +02:00
Bart Visscher
8c02494744
Routing: Prepare load funtions to be called from OC_Router
2012-08-12 16:16:22 +02:00
Lukas Reschke
0d8df3f55c
Revert "Combine install checks in lib/base.php"
...
This reverts commit aa9fbf6639
.
2012-08-11 17:07:35 +02:00
Michael Gapczynski
465767670b
Check blacklist when renaming files
2012-08-11 11:04:04 -04:00
Bart Visscher
1025e451a7
Add router match to OC::handleRequest
2012-08-11 01:36:16 +02:00
Bart Visscher
c2160433cd
Merge branch 'master' into routing
...
Conflicts:
lib/base.php
2012-08-11 00:43:26 +02:00
Bart Visscher
72b2324b68
Move loading of routes to OC::getRouter function
2012-08-10 23:31:11 +02:00
Bart Visscher
3722928c46
Change access to router object to getter function
2012-08-10 23:30:04 +02:00
Bart Visscher
3e8b6e816a
Create OC_Router in OC::init
2012-08-10 23:03:57 +02:00
Lukas Reschke
8ec45870a3
Validate cookie properly and prevent auth bypass
...
BIG (!) thanks to Julien CAYSSOL
2012-08-10 15:28:59 +02:00
Jakob Sack
0ea4fa298c
Backgroundjobs: don't try to access OC_Appconfig if ownCloud has not been installed
2012-08-10 13:53:40 +02:00
Jakob Sack
81b997b56e
Merge branch 'backgroundjobs'
2012-08-10 13:00:51 +02:00
Bart Visscher
82b10954e7
Simplify loading app php script files
2012-08-10 12:27:37 +02:00