f8337c9d72
Using POST instead of GET.
2012-06-11 11:56:11 +02:00
cc653a8a40
Sanitize user input
2012-06-11 11:54:45 +02:00
8f09299e24
Sanitizing user input
2012-06-11 11:54:03 +02:00
f2216dc9d2
Gallery: Fix database creation on update, also only from version less then 0.5
2012-06-11 11:20:51 +02:00
c898a8a6c9
Contacts: 11th hour fix for invalid VCARD from CardDAV.
2012-06-10 20:54:52 +02:00
cdac0eae46
Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4
2012-06-10 20:47:35 +02:00
6a44d02898
XSS--
2012-06-10 19:54:04 +02:00
3970be3d7f
fix variable name and undefined index notice
2012-06-10 17:25:19 +02:00
31d48d4ba4
adding missing file
2012-06-10 13:20:49 +02:00
de6b683b50
fix first time image loading error
2012-06-10 13:19:22 +02:00
2dca0926b0
gallery: removing search provider for now
2012-06-10 13:19:17 +02:00
7ee722e0da
removing app access check, fix title for links in tiles
2012-06-10 13:18:55 +02:00
e073cd756c
tabs for spaces, fix array key name
2012-06-10 13:18:47 +02:00
f6c07094c2
hide share button until sharing wont be fixed
2012-06-10 13:18:41 +02:00
1853a83874
adding navigation bar to gallery
2012-06-10 13:18:36 +02:00
fe64e625ff
remove old code
2012-06-10 13:18:30 +02:00
f0f9269161
adding missing file
2012-06-10 13:18:17 +02:00
6682c60866
pictures: update script and removal some all stuff
2012-06-10 13:17:23 +02:00
9c1cc15c8d
adding title when fancybox is displayed
2012-06-10 13:16:19 +02:00
c932f93a40
replace spaces with tabs, use const and linkTo instead of static path
2012-06-10 13:16:12 +02:00
276aefba81
hack for file download
2012-06-10 13:16:06 +02:00
71b4cddd52
removing test image
2012-06-10 13:16:00 +02:00
c67de113c6
aviod incorrect image size returning in gallery listing
2012-06-10 13:15:51 +02:00
63c02fd595
use fancybox to display image preview
2012-06-10 13:15:45 +02:00
7aff5eae6c
navigate on galleries
2012-06-10 13:15:39 +02:00
2b80102909
new db scheme
2012-06-10 13:15:32 +02:00
9b2b5e0f6d
git status
2012-06-10 13:15:23 +02:00
746994c2be
Fixed merge conflict.
2012-06-10 12:59:36 +02:00
be6848a549
let´s put the files_odfviewer application into the stable4 branch for convinience. We release it as part of ownCloud 4.0.x anyways.
2012-06-09 23:18:56 +02:00
642e7ce110
fix another XSS
2012-06-09 16:44:48 +02:00
f955f6a685
fix XSS in Calendar
2012-06-09 16:36:01 +02:00
ff4b175622
increase height of event dialog
2012-06-09 15:40:27 +02:00
009fbd89b4
fix creation of monthly repeated events
2012-06-09 15:40:27 +02:00
0f454215e7
Code cleanup.
2012-06-09 15:04:08 +02:00
59d16c5f9a
Contacts: Use POST instead of GET.
2012-06-09 15:02:23 +02:00
23533a763a
Don't fix bugs not present in this branch ;-)
2012-06-08 20:44:58 +02:00
5eb5d23ac1
Contacts: Closed stupid XSS hole. Thanks AnybodyElse ;-)
...
Conflicts:
apps/contacts/ajax/uploadphoto.php
2012-06-08 20:43:42 +02:00
eb192ff4f3
code cleanup from previous commit
2012-06-08 16:31:12 +02:00
cf1430df45
Merge branch 'stable4' of gitorious.org:owncloud/owncloud into stable4
2012-06-08 16:27:07 +02:00
0722ff6e32
fix for bug #872 : Folders not holding any images are ignored, even if they hold subfolders with images
2012-06-08 16:24:31 +02:00
0dc371f579
typo in var
2012-06-08 14:58:07 +02:00
8c7fa15aaf
Sharing, fix: connect to hooks from the correct classes
2012-06-08 11:58:00 +02:00
0f68276921
LDAP: cache the results, reduce LDAP searches
2012-06-07 18:56:06 +02:00
4beabe23e7
ldap: enable the destructor
2012-06-07 18:15:11 +02:00
f3f3c791ba
ldap: correct query condition and determining of success
2012-06-07 13:40:26 +02:00
691f00eb39
ldap: check index carefully, can be 0
2012-06-07 13:40:16 +02:00
9266f4da99
Migration: Fixed wrong download URL: http://forum.owncloud.org/viewtopic.php?f=4&t=2511
2012-06-07 13:10:19 +02:00
de6d550cce
Calendar: Added more explicit sync links and fixed indentation.
2012-06-07 12:22:25 +02:00
3d48bf18d3
Contacts: Import upload button was obscured on Android browser.
2012-06-07 10:58:15 +02:00
bb07c20bf4
fixed var name, $filename should be $foldername
2012-06-06 18:11:23 +02:00
48ccfa42d3
LDPA: don't drop legal whitespaces when sanitizing DN. Fixes oc-914
2012-06-06 12:31:22 +02:00
517bd28940
Corrected typos.
2012-06-06 11:49:45 +02:00
f1b10fcc93
update translations
2012-06-06 00:29:44 +02:00
063c9accb6
prevent creating files with a / the name
2012-06-06 00:04:02 +02:00
3a5076d646
show pictures in folder with special characters, e.g. '+'
2012-06-05 17:58:23 +02:00
769d94ab26
linkTo instead of hard links in Files and Files_Archive. Hope that makes sense.
2012-06-05 14:14:26 +02:00
44260a552c
xss vulnerability fixed
2012-06-05 10:49:36 +02:00
e817504569
xss vulnerability fixed
2012-06-05 10:49:26 +02:00
4bc88ef59d
prevent xss attacks by manipulating image file names
2012-06-04 18:11:17 +02:00
d5566d0267
prevent xss attacks by manipulating text file names
2012-06-04 18:11:08 +02:00
c8f670dfab
Don't allow user to delete, rename and re-share the "Shared" directory
2012-06-04 14:00:35 +02:00
8983c6dd6b
commited a bit too much before
2012-06-04 13:27:55 +02:00
d657263403
Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4
2012-06-04 13:13:53 +02:00
74ac2ac63a
Contacts: When editing photo on a newly created contact the name in the contact list was cleared.
2012-06-04 13:13:43 +02:00
b48228ae3d
LDAP: link to documentation on settings page
2012-06-04 13:04:18 +02:00
34464b1f8b
LDAP group backend: Set configured true when it is... fixe oc-887
2012-06-01 16:02:04 +02:00
86279bc192
LDAP group backend: If a group filter is not configured, do not do anything. Fixes oc-867
2012-06-01 14:05:08 +02:00
e44f9ab46e
correctly detect https
2012-06-01 11:47:14 +02:00
8ed13e627e
don´t do warnings.
...
Not sure if this start_session call is really needed here.
2012-06-01 11:08:40 +02:00
670022cc8a
fix the breadcrumb
2012-05-31 21:43:07 +02:00
c3ccdbaa79
more fixes
2012-05-31 21:14:46 +02:00
d56966f14f
someone broke this completely. Hope it works again. Please check your apache error log and turn php notices on if you work on ajax call
2012-05-31 20:45:39 +02:00
739c5488a5
Merge branch 'stable4' of gitorious.org:owncloud/owncloud into stable4
2012-05-31 20:17:30 +02:00
5d425a9f79
use our own serverHost call so that ownCloud works with reverse proxy servers
2012-05-31 20:16:44 +02:00
0059535140
fix potential XSS
2012-05-31 20:03:15 +02:00
7ec3e37199
LDAP: make queries compatible also with PostgreSQL
2012-05-31 13:06:27 +02:00
449b9b92f0
LDAP: fix wrong value for input type
2012-05-30 22:37:00 +02:00
93849916bb
LDAP: support for 'member' as group-member-association
2012-05-30 22:36:48 +02:00
4dc7ed139b
don´t hardcode /tmp
2012-05-30 14:18:47 +02:00
6515c5c1e7
Contacts: NOTE wasn't saved properly.
2012-05-29 16:45:52 +02:00
1c1ed52867
fix status
...
of timezone detection
2012-05-29 13:14:36 +02:00
d1f0261b5d
Correct typo in last_insert_id for calendar and pg fix #oc-731
2012-05-28 20:57:52 +00:00
cf113409ad
Contacts: Fix XSS.
2012-05-28 14:41:48 +02:00
53da328aa1
Contacts: Double check XSS.
2012-05-28 12:56:56 +02:00
8bd6d862b8
Please don't tell me I did that :-P
2012-05-28 12:52:18 +02:00
5b7ef90d3a
add urlencode for caldav link
2012-05-28 10:50:10 +02:00
3db5fb891c
allow longer paths for gallery
2012-05-26 21:54:49 +02:00
1645f77aad
fix share for users with a point within their name
2012-05-26 15:41:32 +02:00
2774ff1ad8
Add HEAD request management for files ajax/download.php
2012-05-25 11:19:38 +02:00
d8ca4f78cf
Fix private link sharing via email, fix for bug oc-750
2012-05-23 19:36:39 -04:00
20e9903396
Correct small style problem with task app fix #oc-689
2012-05-23 22:36:36 +00:00
647888eea2
add a ldap encryption warning
2012-05-22 12:35:28 +02:00
54a3717005
Contacts: Backport XSS fix.
2012-05-21 21:49:35 +02:00
d7c09d8bb5
add a warning
2012-05-20 10:59:37 +02:00
5a48ade933
Make sure sharing and versions dropdowns come down in the same location for all files
2012-05-19 11:24:23 -04:00
d4072c82dd
some fixes for contacts, gallery and openid
2012-05-19 15:22:21 +02:00
07fa8da278
fix for calendar
2012-05-19 15:05:58 +02:00
7e49a33d64
getStorage belongs to files not to apps.
2012-05-19 10:44:08 +02:00
35bd601215
Fix check for when to store a new version of a file
2012-05-18 22:27:43 -04:00
f750da1802
Fix revert link on history page of file versions
2012-05-18 22:07:48 -04:00
89f5701d1a
Fix versioning of shared files
2012-05-18 22:07:48 -04:00
ea7456a06a
Forgot to actually call remove on the history dropdown
2012-05-18 10:53:58 -04:00
fcb4d2aaee
Remove the history dropdown before creating a new one
2012-05-18 10:42:49 -04:00
122d1efecf
Don't show the select form in the history dropdown if a file has no other versions
2012-05-18 10:39:43 -04:00
c1bb8139a0
LDAP: we're 0.2 now
2012-05-18 18:00:30 +02:00
bae954a797
LDAP: only check once for name conflicts on update. Set a value on install as well
2012-05-18 18:00:30 +02:00
7922338050
Contacts: Added MS opacity mumbo-jumbo that I can't test myself to file form fields.
2012-05-18 17:39:19 +02:00
e606213fa0
make upload work with IE again
2012-05-18 17:07:00 +02:00
0c7efc234b
LDAP: update meta info
2012-05-18 17:07:00 +02:00
9e73524168
mark the apps as part of the shipped package and increase the requirement to ownCloud 4
2012-05-18 16:06:57 +02:00
ea33b4aaa1
LDAP: don't make us of global constants (completing, was removed with latest additions to update.php)
2012-05-18 12:55:38 +02:00
253f101b39
LDAP: check wether applying naming rule would end up in conflicts on update, if so don't do it
2012-05-18 12:55:37 +02:00
73a72054a3
fix call of all versions page
2012-05-18 12:00:35 +02:00
b7aee58ef9
Hooks aren't working across different users' filesystems, so update the mtime of the Shared folder for all shared item events
2012-05-17 21:26:55 -04:00
48505c5626
improve tar archive backend
2012-05-18 01:54:59 +02:00
5b42325b01
History dropdown clean-up
2012-05-17 18:57:52 -04:00
74d49920f2
Close history dropdown on success. Avoids confusion.
2012-05-17 21:22:48 +00:00
0aac70aaf1
Revert google webfont removal. Sadly this causes havoc with the editor!
2012-05-17 20:23:43 +00:00
fbe0d0d4fd
Fix private links inside folders
2012-05-17 16:12:33 -04:00
6146b6a131
fix paths to images and set height for calendar management dialog
2012-05-17 21:51:38 +02:00
57d41bb1f8
Merge branch 'merge-requests/115'
2012-05-17 15:39:39 -04:00
cbfbbe672c
Merge commit 'refs/merge-requests/115' of git://gitorious.org/owncloud/owncloud into merge-requests/115
...
Conflicts:
apps/files/templates/index.php
2012-05-17 15:38:28 -04:00
2cc0515161
no use for double quotes here
2012-05-17 21:03:06 +02:00
f998ed331a
removing dead code
2012-05-17 21:01:42 +02:00
3e454d3459
oops! was hardcoding my test domain inadvertently
2012-05-17 21:00:11 +02:00
7a7c301d7d
LDAP: follow user- and groupname char limitations for LDAP display names
...
WARNING: may affect existing installations if display names included unallowed characters. Allowed are only a-zA-Z0-9._-@ This fix is however needed, because names with unallowed characters may cause conflicts
2012-05-17 17:17:40 +02:00
57cf0ae3d1
LDAP: remove unnecessary debug output
2012-05-17 17:17:40 +02:00
38c56388c1
LDAP: Fix case sensitivity issues with display name attribute
2012-05-17 17:17:40 +02:00
b9cd0ecc8a
Contacts: wrong name was set on initial load.
2012-05-17 16:46:39 +02:00
cf181e88bb
Try to setup a user's filesystem if the user hasn't logged in before and is shared a file
2012-05-17 09:24:54 -04:00
2f1e601809
Contacts: Disable in-app import if encryption is enabled, and make an attempt of supporting IE uploads too. Can't test it though...
2012-05-17 14:31:04 +02:00
bfdb374a2c
allow reverting file from history dropdown
2012-05-17 02:16:33 +02:00
4ccfd27fa2
fix versioning for movable apps
2012-05-17 01:53:23 +02:00
ac8bfc218e
update translations
2012-05-17 00:36:21 +02:00
d216678481
Contacts: removed check for empty FN field because Chrome/Chromium barfed.
2012-05-16 23:45:43 +02:00
9e83c3f823
add caldav and carddav files in their old place for backward compatibility - add rewriterule for caldav and carddav
2012-05-16 21:05:15 +02:00
ab18a0bfe8
ldap: unique index names for the database, fixes non-creating of indexes for the second table and potential issues in the app
2012-05-16 18:11:42 +02:00
eceed497b1
fix paths in apps/remoteStorage/ajax/revokeToken.php
2012-05-16 18:08:50 +02:00
fbc2892083
try to remove deprecated files from /files on update
2012-05-16 15:59:36 +02:00
c04074692e
Fix incorrect toaddress being passed for emailing private links
2012-05-15 19:05:26 -04:00
0f66870470
Contacts: Corrected i18n call.
2012-05-15 18:49:38 +02:00
b619821f4a
Create a new OC_Share object instead of manually inserting rows when adding a user to a group share, prevents a couple of potential bugs
2012-05-15 12:03:20 -04:00
6673375eeb
No multiple file sharing in this next release, sharing UI isn't ready for it :(
2012-05-15 11:45:59 -04:00
7b92c27777
Check if a file is encrypted before sharing (encrypted files cannot be shared)
2012-05-15 11:29:02 -04:00
35effbcd3f
LDAP: convert all DNs to lowercase so to make comparisons and everything work
2012-05-15 11:12:29 +02:00
568b6a7f56
Make only writable files draggable
2012-05-14 20:41:06 -04:00
a3b06e9658
Check if a private link points to a folder or file and change text accordingly
2012-05-14 20:21:31 -04:00
cda9dcc7aa
Fix private link emailing and clean up file name displayed in email
2012-05-14 20:21:31 -04:00
5cf42b88af
Replace all %2F with a / in private link
2012-05-14 20:21:31 -04:00
583dce5276
removing executable bit - again
2012-05-15 00:52:00 +02:00
Lukas Reschke
Bart Visscher
Thomas Tanghus
Frank Karlitschek
Bartek Przybylski
Georg Ehrke
Bjoern Schiessle
Arthur Schiwon
Robin Appelman
Brice Maron
Michael Gapczynski
Tom Needham
Michiel de Jong
Thomas Mueller