Commit Graph

93 Commits

Author SHA1 Message Date
Lukas Reschke 63a90a129b Use proper RNG generator
OC_Util::generateRandomBytes() only returns lowercase alphanumeric values.
We should use the new RNG which has a broader characterset.
2014-09-03 17:46:48 +02:00
Robin Appelman a9a37b5363 Don't automatically setup the filesystem the moment we load OC\Files\FileSystem 2014-09-02 16:15:42 +02:00
Jörn Friedrich Dreyer f551917a3c kill OC::$session
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession

restore order os OC::$session and OC::$CLI

remove unneded initialization of dummy session

write back session when $useCustomSession is true

log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
Jörn Friedrich Dreyer fd798fd982 update deprecation docs 2014-08-14 12:22:34 +02:00
Thomas Müller a72dae6842 Merge pull request #10144 from owncloud/issue/9972
Issue/9972 Fix issues with group and username `0`
2014-08-06 09:53:13 +02:00
Joas Schilling 4865c52aa6 Fix isLoggedIn() check for user '0'
Fix #9972
2014-08-04 15:53:55 +02:00
Vincent Petry 4e957c7b18 Merge pull request #8443 from owncloud/csrf-on-login-and-logout
Add CSRF check on login and logout
2014-06-02 11:27:20 +02:00
Arthur Schiwon 2c89962919 clean up tryRememberLogin and save the timestamp of users last login 2014-05-21 18:03:37 +02:00
Thomas Müller f8cb8f4803 Merge branch 'master' into csrf-on-login-and-logout
Conflicts:
	core/templates/login.php
2014-05-19 20:40:55 +02:00
Morris Jobke dc36d30953 Remove all occurences of @brief and @returns from PHPDoc
* test case added to avoid adding them later
2014-05-19 17:50:53 +02:00
Robin McCorkell 3bed3d2a23 Change parameter type for useBackend 2014-05-13 19:08:14 +01:00
Robin McCorkell a7ae2e874a Squash 'a | b' into 'a|b', in /lib 2014-05-13 19:08:14 +01:00
Robin McCorkell b5bc37d2e4 Fix @return array PHPDocs, in /lib 2014-05-13 19:08:14 +01:00
Robin McCorkell b653ad164b Replace @returns with @return, in /lib 2014-05-13 19:08:14 +01:00
Lukas Reschke 73b914ddbc Add CSRF check on login and logout
This is a minor issue and not worth a backport in my opinion as it could break more things than it's worth having it.
2014-05-04 13:56:21 +02:00
Lukas Reschke e88731a477 Some more PHPDoc fixes 2014-04-21 15:44:54 +02:00
Thomas Müller 6ff96b34ad Merge branch 'master' into load-apps-proper-master
Conflicts:
	apps/files/ajax/rawlist.php
	cron.php
	ocs/v1.php
2014-03-21 14:05:08 +01:00
Lukas Reschke 69325c5eeb Move session_regenerate_id to `login()` 2014-02-21 08:11:07 +01:00
Lukas Reschke 0241ddc759 Merge pull request #6519 from nhirokinet/master
Security Update: session fixation
2014-02-20 14:28:26 +01:00
Scrutinizer Auto-Fixer adaee6a5a1 Scrutinizer Auto-Fixes
This patch was automatically generated as part of the following inspection:
https://scrutinizer-ci.com/g/owncloud/core/inspections/cdfecc4e-a37e-4233-8025-f0d7252a8720

Enabled analysis tools:
 - PHP Analyzer
 - JSHint
 - PHP Copy/Paste Detector
 - PHP PDepend
2014-02-19 09:31:54 +01:00
Thomas Müller 9fac95c2ab Merge branch 'master' into scrutinizer_documentation_patches
Conflicts:
	lib/private/appconfig.php
2014-02-14 23:03:27 +01:00
Jörn Friedrich Dreyer 2a6a9a8cef polish documentation based on scrutinizer patches 2014-02-06 17:02:21 +01:00
Thomas Müller 79fc4f3126 Within OC:init() the minimum set of apps is loaded - which is filesystem, authentication and logging 2014-02-06 11:34:27 +01:00
Robin Appelman 8d6a3a00b4 Revert "Use Cache->clear to cleanup the filecache for removed users"
This reverts commit 5a5b6f187e.
2014-02-03 16:29:04 +01:00
Robin Appelman 5a5b6f187e Use Cache->clear to cleanup the filecache for removed users 2014-01-22 13:00:45 +01:00
Robin Appelman 374e3475c9 Also remove the user's home storage from the storage table when deleting a user 2014-01-21 23:58:48 +01:00
Thomas Müller 22bd69f75c set login name within apache auth backend 2014-01-09 10:28:24 +01:00
nhirokinet c2e2c59ca7 Update user.php to fix duplicate session-duplicate 2013-12-22 01:31:04 +09:00
Bjoern Schiessle 6deda1b9f6 return false if user is in incognito mode 2013-11-27 16:52:30 +01:00
blizzz 4f15282bc9 Merge pull request #6058 from owncloud/ldap2avatar
Set Avatar for LDAP users automatically (if a picture is available)
2013-11-26 12:05:32 -08:00
Bjoern Schiessle 7e4f50d4e3 add incognito mode, allows to hide my user ID. For example, this is useful to access public resources while a user is still logged in 2013-11-22 13:55:38 +01:00
Arthur Schiwon 8ccac86c98 Enable user backends to provide avatar images 2013-11-22 13:25:20 +01:00
Bjoern Schiessle db0fa6c529 use getHome() to delete users data 2013-10-29 18:01:37 +01:00
Bjoern Schiessle f021dad204 remove user from cache if he was deleted successfully 2013-10-29 15:50:33 +01:00
Andreas Fischer 06f9b7b862 Fix logout link HTML.
<a id="logout" href=/projects/owncloud/core/index.php?logout=true>
2013-10-14 22:31:13 +02:00
Victor Dubiniuk 77f43c357c User::delete should return bool 2013-10-07 22:30:15 +03:00
Andreas Fischer 47ed6a5135 Move backend finding into its own method. 2013-10-07 12:26:25 +02:00
Thomas Müller 131d82e41e move call to print_unescaped() to template 2013-10-07 11:49:43 +02:00
Andreas Fischer aa34438d06 Also replace ApacheBackend with Authentication\IApacheBackend in user. 2013-10-02 15:11:49 +02:00
Thomas Müller 621ab1c7ee fixing various PHPDoc comments 2013-10-02 15:04:42 +02:00
Thomas Müller 4cecede13d code cleanup - remove special case for webdav in handleApacheAuth() 2013-10-02 00:55:35 +02:00
Thomas Müller 7e9e23f210 Merge branch 'master' into apache-auth-master 2013-10-02 00:21:11 +02:00
Thomas Müller 9c9dc276b7 move the private namespace OC into lib/private - OCP will stay in lib/public
Conflicts:
	lib/private/vcategories.php
2013-09-30 16:36:59 +02:00