Commit Graph

329 Commits

Author SHA1 Message Date
Thomas Mueller b8b64d6ffc set the session name to the instance id - which is unique
Conflicts:
	lib/base.php
2012-12-12 16:07:51 +01:00
Thomas Tanghus af12b0f5da Autoload classes with 'OC' namespace prefix. 2012-12-11 16:00:48 +01:00
Bart Visscher 1e062ea895 Merge pull request #182 from owncloud/fix-redirect
Make the redirect_url working again
2012-12-07 03:09:19 -08:00
Thomas Müller 76625e9ba5 Merge pull request #647 from owncloud/fix_app_settings_navigation
Move loading of all the apps to setting the active navigation entry.
2012-12-05 01:48:20 -08:00
Thomas Mueller e65abb8054 minified version no longer available 2012-12-04 14:49:19 +01:00
Bart Visscher 8ce3aca331 Move loading of all the apps to setting the active navigation entry.
We can't do the loading before matching the route, because some routes
need to do the loading after matching of the route. For example the
navigation detection of the app settings page.
2012-11-30 12:47:44 +01:00
Jörn Friedrich Dreyer eaa625c9bc Merge pull request #401 from owncloud/share_hooks
Create functions to install standard hooks
2012-11-28 04:35:52 -08:00
Bart Visscher 8bed38c78d Rename install hook functions to register hook 2012-11-15 18:13:54 +01:00
Bernhard Posselt e642d18e26 When using routing in apps, no apps are loaded in the left navigation tree. To fix this: load apps for matching a request 2012-11-15 14:48:18 +01:00
Bart Visscher 530f3f8be9 Create functions to install standard hooks
Also use these in tests that needs them
Fix #151
2012-11-13 23:45:17 +01:00
Bart Visscher 7b53c9d3f0 Merge pull request #157 from owncloud/setup
Make lib/setup.php usable outside of install setup
2012-11-12 13:23:31 -08:00
Thomas Tanghus 7f0c69eb0e Added CRUDS permissions to the OCP namespace. Implements issue #345 2012-11-11 23:09:54 +01:00
Stefan Seidel 8f669880bc Fix WebDAV (and Android Client) not being able to authorize on Debian Squeeze + mod_fcgid installs. 2012-11-09 13:30:07 +01:00
Felix Moeller a4b2ea586d Style: Remove all the dangling white spaces 2012-11-04 22:16:04 +01:00
Felix Moeller 27ab0357ae Checkstyle: Fix last six NewlineBeforeOpenBrace 2012-11-04 18:36:16 +01:00
Thomas Müller 8ac3849a95 Merge pull request #238 from fmms/checkstyle04
Checkstyle fixes
2012-11-04 08:59:45 -08:00
Lukas Reschke 8c4c74b23f Merge pull request #178 from owncloud/JustOneCSRFTokenPerSession
Just one CSRF token per session
2012-11-04 05:54:02 -08:00
Felix Moeller 30d7993e01 Checkstyle fixes: NoSpaceAfterComma 2012-11-04 11:10:46 +01:00
Lukas Reschke d2e842fcc9 Remove uneeded new line 2012-11-01 22:38:21 +01:00
Lukas Reschke 822e4d5f6c Check for redirect_url for logged in users
This checks if there is a redirect_url for logged in users
2012-11-01 22:37:37 +01:00
Lukas Reschke 81f019b6c5 Make the redirect_url working again
Fixes #160
2012-10-31 22:03:55 +01:00
Lukas Reschke 7a7f12a0c1 Create only one CSRF token per session
Before, the CSRF token expired every hour. We had a script in place
which should refresh the token but this don't worked in every case.
(Laptop sleeping etc.)

With this commit, the token will only get once created for every
session so that the "Token expired" warning shouldn't appear.
2012-10-31 18:37:59 +01:00
Bart Visscher 6d09752940 DRY for creating htaccess to protect data-directory 2012-10-30 20:57:19 +01:00
Bart Visscher 246d7ea2ea Separate control code from class definition 2012-10-30 20:56:31 +01:00
Lukas Reschke f6b6780072 Don't use OC_Setup as it will show up the installer 2012-10-29 22:44:49 +01:00
Lukas Reschke 6903475841 Generate .htaccess when upgrading from old versions
When upgrading from old ownCloud versions like 2.x the .htaccess is not
generated - which exposes the data to the internet. This fix will
generate a .htaccess when upgrading. (And no one exists)
Fixes #127
2012-10-29 22:03:18 +01:00
Bart Visscher fecfeac55d Fix introduced style errors 2012-10-27 17:45:15 +02:00
Bart Visscher 894d44e796 Merge remote-tracking branch 'git://github.com/susinths/SabreDAV_1.7.1.git'
Conflicts:
	lib/base.php
2012-10-27 16:33:10 +02:00
Bart Visscher 0120f3fd62 Merge branch 'routing'
Conflicts:
	core/lostpassword/index.php
	core/lostpassword/resetpassword.php
2012-10-27 11:58:02 +02:00
Bart Visscher 43e8293d9c Change Symfony/Component/Routing from submodule to composer fetching 2012-10-27 11:32:16 +02:00
Felix Moeller 6a00a6b9ed Make Jenkins more happy.
This is NoSpaceAfterComma
2012-10-23 00:28:12 +02:00
Bart Visscher 6081bfa2bc Merge branch 'master' into routing
Conflicts:
	lib/search/provider/file.php
	settings/ajax/changepassword.php
	settings/settings.php
2012-10-17 16:38:11 +02:00
Susinthiran Sithamparanathan b2b84f3a6f Update Sabre to version 1.7.1 2012-10-17 16:17:36 +02:00
Lukas Reschke de7b46c66a Use `get_magic_quotes_gpc()` to determine if magic_quotes is enabled
set_magic_quotes_runtime gives a PHP warning
2012-10-16 19:42:17 +02:00
Lukas Reschke 59404b5675 Merge pull request #31 from visit1985/persistentcookies
reresubmit: improved persistent cookies :)
2012-10-16 04:46:22 -07:00
Victor Dubiniuk ddcd738357 Merge branch 'extended_log'
PHP errors logging into the owncloud log
2012-10-16 01:30:45 +03:00
Michael Göhler 8be9c04a3a 128byte is not 128bit - now we realy use 256bit (same as PHPSESSID) 2012-10-15 20:04:22 +02:00
Michael Göhler ae1f33db54 implement fixed php session timeout and session id regeneration 2012-10-14 22:36:26 +02:00
Michael Göhler b92fd984aa removed username and password from token generation 2012-10-14 22:36:26 +02:00
Michael Göhler a6c4046f48 fixed typo and redundant method call 2012-10-14 22:36:25 +02:00
Michael Göhler d8fe6fbb40 added a warning message to the log when a cookie is rejected 2012-10-14 22:36:25 +02:00
Michael Göhler 382f8d060c fixed wrong variable usage 2012-10-14 22:36:25 +02:00
Michael Göhler 38b9bffaea call unsetMagicInCookie if token is invalid 2012-10-14 22:36:25 +02:00
Michael Göhler eb79ccafe3 forgot a class name 2012-10-14 22:36:25 +02:00
Michael Göhler 2ea06f67bd delete all tokens on password change 2012-10-14 22:36:25 +02:00
Michael Göhler 45f1c3f120 further improvements on multiple login token support
outdated tokens are deleted before checking against cookies
if an invalid token is used we delete all stored tokens for saveness
used token will be replaced by a new one after successful authentication
2012-10-14 22:36:25 +02:00
Michael Göhler ee5d0f328f improve token security
switched from time() to internal method OC_Util::generate_random_bytes()
2012-10-14 22:36:25 +02:00
Bart Visscher 4b799a6982 Make the lifetime of the remember login cookie 2012-10-14 22:36:25 +02:00
Bart Visscher 7f3e0b5566 Cleanup login tokens on login success 2012-10-14 22:36:25 +02:00
Bart Visscher 1012d317e3 Add support for multiple login cookie tokens 2012-10-14 22:36:25 +02:00