During preview generation if we provide an invalid JPG file the system
errors out with a PHP Fatal Error. Now we can't catch Fatal Errors (in
5.6). I suspect that exif_imagetype to fall back to the extention.
However a valid jpg file has a size. So we request the size of the image
and just drop out if that returns false.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
`\OC_User::loginWithApache` is used in combination with backend mechanisms like our SSO / SAML integration. Those can optionally already provide a displayname using other means. For example by mapping SAML attributes.
The current approach makes it however impossible for backends using `\OCP\Authentication\IApacheBackend` to set a displayname on their own. Because the display name will simply be overwritten with the loginname.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* we introduced this setting in the begining because our
avatar support caused some performance issues, but we
fixed them and should only provide one way how Nextcloud
looks
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Prevent PHP request to get killed when using fclose callback
* Add ignore_user_abort everywhere where the time limit is set to 0
Signed-off-by: Robin Appelman <robin@icewind.nl>
* Allow clearing default user backends in config.php
When specifying "user_backends" in config.php, a new option "default"
when set to false will prevent the default user backend to be
registered. The default one is the database backend.
This makes it possible to select exclusive user backends from apps.
* Testing app provides test user backend for alternative homes
The backend provide md5 result to getHome()
* Only md5 the user home when it's not the admin
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
When installing an app from the appstore the `\OC_App::getAppVersion` code is triggered twice:
- First when the downloader tries to compare the current version to the new version on the appstore to check if there is a newer version. This protects against downgrade attacks and is implemented in `\OC\Installer::downloadApp`.
- Second, when the app is actually installed the current version is written to the database. (`\OC\Installer::installApp`)
This fails however when the version is actually cached. Because in step 1 the cached version will be set to "0" and then be reused in the second step.
While this is probably not the cleanest version I assume this is an approach that is least invasive. Feedback and suggestions welcome :)
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Added the system config which sets all conditions to true that query the
FrontControllerActive mod_env variable.
Signed-off-by: Felix A. Epp <work@felixepp.de>
If the session is cleared and closed for whatever reason the loadVersion
will write to the session anyways. This will lead to an exception.
This should fix#1303
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>