Commit Graph

18 Commits

Author SHA1 Message Date
Joas Schilling 5e04254d40
Install from migrations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-25 12:47:37 +02:00
Lukas Reschke 3d2600b039
Add Phan plugin to check for SQL injections
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Joas Schilling 1c0bffe87f
Fix translations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:40:53 -05:00
Morris Jobke edd55b0ea9
Use SystemConfig instead of AllConfig for DB stuff
* preparation for followup PRs to clean up the DB bootstrapping

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 15:53:49 -06:00
Joas Schilling 7293a4e5ec
Allow to reuse the same name when installing a new instance
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-12 17:28:57 +01:00
Joas Schilling a5a35cda7c
Lower the role name before using it
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-09 16:41:01 +01:00
Joas Schilling 0d6134f512
Revert "Quote database and role in queries"
This reverts commit 9ebd5d5bb2.
2016-12-09 15:36:14 +01:00
Lari Tikkanen 9ebd5d5bb2 Quote database and role in queries
Fixes #1793
Signed-off-by: Lari Tikkanen <lartza@outlook.com>
2016-12-07 22:12:25 +02:00
Robin Appelman 5365c1a32f
handle postgres setup when we cant connect as admin 2016-12-05 16:00:05 +01:00
Roeland Jago Douma 7fb88ec506
Use proper ALTER ROLE syntax
Fixes #1260

See https://www.postgresql.org/docs/9.0/static/sql-alterrole.html
2016-09-05 10:45:11 +02:00
Joas Schilling 0215b004da
Update with robin 2016-07-21 18:13:58 +02:00
Joas Schilling ba87db3fcc
Fix others 2016-07-21 18:13:57 +02:00
Joas Schilling 9781312648
Prevent syntax error when creating user or changing password 2016-07-18 11:44:10 +02:00
Robin Appelman 7ffda5d10f use pdo for postgres setup 2016-07-12 14:38:24 +02:00
Thomas Pulzer 0638937ada Changed the input option for database-port to required when parameter was provided.
Added casting database port to int for input sanitation in pgsql and oci connections.
2016-07-06 11:31:28 +02:00
Thomas Pulzer d367318088 Added occ install option for database-port.
Extended the database setup to store the database port.
Changed the PostgreSQL connection error message for clarification.
2016-07-06 09:58:38 +02:00
Lukas Reschke aba539703c
Update license headers 2016-05-26 19:57:24 +02:00
Roeland Jago Douma 479245a301
Move \OC\Repair to PSR-4 2016-04-22 13:00:41 +02:00