Commit Graph

341 Commits

Author SHA1 Message Date
Robin Appelman d33f697a5f merge master into filesystem 2012-11-30 00:18:42 +01:00
Robin Appelman 59d5aa2cb7 add function to safely end output buffering 2012-11-29 17:58:24 +01:00
Michael Gapczynski b76d1afe19 Create public function initMountPoints() for initializing a specified user's mount points 2012-11-22 00:44:48 -05:00
Michael Gapczynski 77fdb16b7c Remove incorrect extra parameter for init() call 2012-11-22 00:23:11 -05:00
Robin Appelman 97380f3485 merge master into filesystem 2012-11-21 22:37:14 +01:00
Jörn Friedrich Dreyer d8a171df26 implement share via link token 2012-11-20 15:03:12 +01:00
Brice Maron 8fa7d6a48a Fix typo in getUrlContent fix #514 2012-11-19 17:13:07 +00:00
Robin Appelman a922eb756e merge master into filesystem 2012-11-18 14:07:52 +01:00
Brice Maron 4337e0fb99 Little case fix 2012-11-17 22:12:24 +00:00
Brice Maron 71adad8817 Add User agent when OC does a request 2012-11-17 21:08:58 +00:00
Thomas Müller ac3e962732 Merge pull request #375 from tdevos/master
Use curl to get remote file content
2012-11-17 12:31:25 -08:00
thomas d2047a00cf Remove parentheses in return, modify description, and fix a mistake 2012-11-15 20:46:17 +01:00
Robin Appelman bf2ac9f113 merge master into filesystem 2012-11-15 00:37:54 +01:00
thomas 40dd5ae61c change and transfert getUrlContent 2012-11-14 23:14:04 +01:00
Thomas Tanghus bfb6faa850 Bump version to trigger update. 2012-11-13 12:11:18 +01:00
Diederik de Haas f6daddadf5 Fixed new checkstyle issues in util.php from build #1341. 2012-11-10 00:58:03 +01:00
Frank Karlitschek 55f75c6d8e add a check and a warning if the ownClodu server is not able to establish http connections to the internet. The reason is that users complained that external filesystem support, the update checker, downloading of new apps or the nowledgebase don´t work and don´t know why. 2012-11-08 18:08:44 +01:00
Robin Appelman 961ff01a93 merge master into filesystem 2012-11-07 17:18:56 +01:00
Felix Moeller 1205749f8c Checkstyle: Fix the last two SpaceBeforeOpenBrace 2012-11-04 18:18:03 +01:00
Thomas Müller 8ac3849a95 Merge pull request #238 from fmms/checkstyle04
Checkstyle fixes
2012-11-04 08:59:45 -08:00
Lukas Reschke 8c4c74b23f Merge pull request #178 from owncloud/JustOneCSRFTokenPerSession
Just one CSRF token per session
2012-11-04 05:54:02 -08:00
Felix Moeller 30d7993e01 Checkstyle fixes: NoSpaceAfterComma 2012-11-04 11:10:46 +01:00
Felix Moeller afadf93d31 Checkstyle: many fixes 2012-11-02 19:53:02 +01:00
Lukas Reschke 81f019b6c5 Make the redirect_url working again
Fixes #160
2012-10-31 22:03:55 +01:00
Lukas Reschke 7a7f12a0c1 Create only one CSRF token per session
Before, the CSRF token expired every hour. We had a script in place
which should refresh the token but this don't worked in every case.
(Laptop sleeping etc.)

With this commit, the token will only get once created for every
session so that the "Token expired" warning shouldn't appear.
2012-10-31 18:37:59 +01:00
Robin Appelman 6e9e263497 merge master into filesystem 2012-10-30 22:59:55 +01:00
Lukas Reschke ac784baef6 Generate only one CSRF token 2012-10-29 16:35:29 +01:00
Lukas Reschke 4d61eb3e4c Fix a typo 2012-10-29 16:33:39 +01:00
Felix Moeller b7a02f0c93 NoSpaceAfterComma
first in new branch
2012-10-28 18:12:31 +01:00
Arthur Schiwon be215a097a check if RUNTIME_NOAPPS is set before using it 2012-10-28 15:10:22 +01:00
Arthur Schiwon b8a48b55a3 make sure all filesystem apps are loaded when setupFS is proceeded, to make sure the emmited setup-hook is received. Fixes #89 2012-10-28 13:48:08 +01:00
Arthur Schiwon 5b9ba2e033 remove whitespaces, no code change 2012-10-28 13:48:08 +01:00
Robin Appelman c22a723785 add file permissions cache 2012-10-26 19:07:29 +02:00
Robin Appelman ad5957207d merge master into filesystem 2012-10-26 18:29:24 +02:00
Robin Appelman ad720c4c17 possible fix for bombarding the server with the htaccess test during setup 2012-10-26 18:24:06 +02:00
Robin Appelman 7bc49d2a57 merge master into filesystem 2012-10-25 18:26:08 +02:00
Lukas Reschke 228a05a792 Check for iconv 2012-10-25 16:49:55 +02:00
Robin Appelman 7b150dfa96 merge master into filesystem 2012-10-24 15:32:29 +02:00
Felix Moeller e73b817a38 Checkstyle: NoSpaceAfterComma 2012-10-23 22:53:54 +02:00
Robin Appelman 7424f3aef6 merge master into filesystem 2012-10-23 16:16:46 +02:00
Felix Moeller 2d61f03452 More Checkstyle cleanup
This is for all LowerCaseConstant warnings
2012-10-23 08:01:09 +02:00
Felix Moeller 03581ef463 Correct a first issue Checkstyle is complaining about ...
This is BracketsNotRequired
2012-10-22 21:40:33 +02:00
Lukas Reschke 65619af05b Disable enhancedauth by default
Admins can still enable it via config.php
2012-10-22 23:04:39 +02:00
Björn Schießle d68b89cae4 add parameter to specify user for which OC_Filesystem should be initialized.
(needed to share files via public links where no user is logged in)
2012-10-22 14:55:53 +02:00
Robin Appelman 9712a78559 merge master into filesystem 2012-10-18 23:24:28 +02:00
Björn Schießle 2499c24b8b load system wide configured mount points before accessing shared files 2012-10-18 17:15:30 +02:00
Björn Schießle 00ed2e87c9 check for mount points if file was shared from a different user 2012-10-18 17:15:30 +02:00
Robin Appelman 77cef5f514 merge master into filesystem 2012-10-17 13:14:17 +02:00
scambra ec253f1354 Use strftime to format date with translated month names 2012-10-16 20:19:35 +02:00
Lukas Reschke e299c241df Make enhanced auth configurable 2012-10-16 01:08:05 +02:00
Lukas Reschke 5c0407306c Set a standard value for enhanced auth time 2012-10-16 01:04:20 +02:00
Lukas Reschke 6f2e8788ca Make enhanced auth time configurable 2012-10-16 01:02:03 +02:00
Lukas Reschke f4142bd2a8 Move isUserVerified to OC_Util 2012-10-16 00:47:38 +02:00
Lukas Reschke 1a187d1ca5 Fix PHP notice 2012-10-16 00:47:38 +02:00
Lukas Reschke fa71e51e67 Use /dev/urandom instead of /dev/random
The usage of /dev/urandom is enough secure
2012-10-15 19:21:37 +02:00
Lukas Reschke 6e045b9ea1 Check if $_Post 2012-10-15 17:42:38 +02:00
Lukas Reschke d33bec09fe Verify password page for users 2012-10-15 17:42:38 +02:00
Lukas Reschke f08ff3b6e6 Correct formatting 2012-10-15 15:25:40 +03:00
Lukas Reschke c930ac9f88 Merge pull request #30 from visit1985/logonpage
extend logon page to display multiple error messages
2012-10-15 03:52:11 -07:00
Bart Visscher 4af5b016cc Whitespace cleanup 2012-10-14 21:04:08 +02:00
Michael Göhler 7095b3a083 extend logon page to display multiple error messages 2012-10-14 19:57:24 +02:00
Lukas Reschke 2c427f050e Show a warning in the installer if no secure RNG is available 2012-10-14 17:18:30 +02:00
Lukas Reschke d6c4b83f13 Fallback to /dev/random if openssl_random_pseudo_bytes not available 2012-10-14 16:14:45 +02:00
Robin Appelman 11e9ce25e6 merge master into filesystem 2012-10-13 04:29:20 +02:00
Björn Schießle cb91e27ab3 check if directory already exist before executing mkdir 2012-10-12 16:31:03 +02:00
Bart Visscher 351f724193 whitespace fixes 2012-10-12 15:47:41 +02:00
Robin Appelman fb2d2bc201 merge master into filesystem 2012-10-11 22:54:39 +02:00
Frank Karlitschek fe5b4d2fba marks as 5.0 pre alpha 2012-10-10 15:35:19 +02:00
Robin Appelman aaa1b73364 don't use depricated OC_Filesystem 2012-10-10 13:18:36 +02:00
Robin Appelman d717a5e55c remove old filecache 2012-10-10 11:51:14 +02:00
Robin Appelman 13e7e82d19 merge master into filesystem 2012-10-10 11:30:44 +02:00
Frank Karlitschek 8e0676a66b 4.5 final 2012-10-09 16:02:01 +02:00
Frank Karlitschek 67a4aa7cf0 RC 3 2012-10-08 23:58:17 +02:00
Robin Appelman e7899e17de merge phpunit into filesystem 2012-10-08 13:53:53 +02:00
Frank Karlitschek 5eaf95eedd check for SimpleXML which seems to bw non default on Free BSD 2012-10-06 17:37:38 +02:00
Frank Karlitschek 2d86258fc3 RC2 2012-10-03 12:39:48 +02:00
Robin Appelman 3c8e5ea358 this index cant be unique due to collisions of the root of different storages 2012-10-03 11:31:13 +02:00
Robin Appelman 6134e554f2 new filecache table 2012-10-02 23:46:35 +02:00
Robin Appelman ac44506b40 Merge branch 'master' into filesystem 2012-10-02 23:29:13 +02:00
Frank Karlitschek 3fdebaa5dc automatically remove and prevent installation of apps with a require version less than the current one. We check now the first ad second part of the version number.
Also increase the require tags of the core apps to 4.9 Please note that 4.9 is the internal versionnumber of the upcoming 4.5 release.
You have to pu a <require>4.9</require> into the info.xml of your app to make it as compatible with 4.5
2012-10-02 12:10:45 +02:00
Robin Appelman b7eb3f3dff merge master into filesystem 2012-10-01 14:21:49 +02:00
Robin Appelman 91d12a2f3d update the filecache by setting mtimes to 0 when the mount configuration has changed instead of clearing the cache 2012-09-30 16:12:16 +02:00
Lukas Reschke ef57e9294b Fallback for systems without openssl 2012-09-29 16:44:02 +02:00
Lukas Reschke 578aa4e425 Removed sectoken
This token is completly useless since an attacker can easily extract it
from the page.
2012-09-29 15:18:38 +02:00
Lukas Reschke bd804b74c4 mt_rand() is not secure from a security point of view and predictable. Let's use openssl_random_pseudo_bytes() instead.
Before: 26 bits entropy
After: 72 bits entropy
2012-09-29 15:03:09 +02:00
Bart Visscher 22d22d19c0 Do urlencoding in linkTo functions 2012-09-28 22:27:52 +02:00
Christian Reiner 4dbd4c35c5 Merge branch 'master' of git://github.com/owncloud/core 2012-09-28 13:31:01 +02:00
Christian Reiner 743826bbf3 Reimplementation of CSRF protection including autorefresh 2012-09-28 13:30:44 +02:00
Robin Appelman e8df2eeefc some more sane column sizes for appconfig and preferences 2012-09-27 22:49:01 +02:00
Frank Karlitschek cf14ad2f7d RC 1 2012-09-27 04:10:19 +02:00
Robin Appelman 93292516d9 Merge branch 'master' into filesystem 2012-09-22 14:28:14 +02:00
Robin Appelman 74ec2765b3 db indexes for appconfig and preferences 2012-09-20 01:36:52 +02:00
Frank Karlitschek fe7288b65a beta 4 2012-09-19 16:32:40 +02:00
Arthur Schiwon 93d0defe9a set configuvalue in table appconfig back to clob. Likely to break LDAP settings, probably responsible for some bugs with it. Might also cause damage in other apps. That's why it was once already set to clob 2012-09-19 12:55:07 +02:00
Frank Karlitschek a3718ca036 i just learned that we also have to check if directories are readable. it seams that is_readable also checks for 'x' right. 2012-09-16 22:49:03 +02:00
Frank Karlitschek 5a149dcfab mark as an updated beta 3 with some more fixes 2012-09-13 11:39:26 +02:00
Frank Karlitschek f31264a0c2 this is now 4.5 beta 3 2012-09-12 12:12:23 +02:00
Michael Gapczynski 60feaf9abf Merge branch 'master' into share_expiration
Conflicts:
	core/js/share.js
	lib/util.php
2012-09-12 01:06:57 -04:00
Michael Gapczynski b194ac3dde Add expiration column to share table and bump version number 2012-09-12 01:01:45 -04:00
Thomas Mueller 5c1a79210f added hint to restart the web server in case recetly installed php modules are still not available 2012-09-11 23:51:12 +02:00
Robin Appelman bd83422095 put filestorages in a namespace 2012-09-07 18:30:48 +02:00
Thomas Mueller 3829460ab8 adding space between) and { 2012-09-07 15:22:01 +02:00
Frank Karlitschek 294cff27a7 add check for zlib 2012-09-07 01:39:11 +02:00
Robin Appelman d4fd47d43f clear user filecache after the user mount configuration has changed 2012-09-06 23:14:43 +02:00
Bart Visscher 5153b8b293 Add url-params to url with new parameter in linkTo function 2012-09-03 21:51:32 +02:00
Frank Karlitschek bb65e173d4 4.5 beta 2 2012-09-03 20:38:50 +02:00
Bart Visscher c958d5ba80 Fix filesystem setup for shared public link with logged in user 2012-08-29 21:35:55 +02:00
Michael Gapczynski 8d490b9880 Fix shared storage working with user backend defined data directories 2012-08-29 14:39:13 -04:00
Bart Visscher db18218a1b Space before tab fixes 2012-08-29 20:34:44 +02:00
Bart Visscher 52f2e7112e Whitespace fixes in lib 2012-08-29 20:28:45 +02:00
Michael Gapczynski fd2ca21fc2 Allow share_with column to be null for links 2012-08-28 09:51:00 -04:00
Frank Karlitschek 70b71338cd beta 1 2012-08-28 07:22:31 +02:00
Georg Ehrke ead7de6bff only mount every single homefolder when using sharing app 2012-08-27 16:10:37 +02:00
Georg Ehrke b56a46bdea fix filesharing for multiple data directories 2012-08-27 15:55:46 +02:00
Georg Ehrke 045c94ec3e enable user backends to define their own place where to store the data 2012-08-26 22:04:31 +02:00
Frank Karlitschek 1d7018158e 4.5 alpha 1 2012-08-21 18:47:26 +02:00
Michael Gapczynski cb0464ca4e Bump version number for Share API 2012-08-19 22:36:19 -04:00
Jakob Sack 1d7e3071e0 bump version to reate new tables 2012-08-11 17:32:17 +02:00
Bart Visscher 667cd318fe Use OC_Util::displayLoginPage and cleanup the function 2012-08-10 11:43:04 +02:00
Bart Visscher c4f1a1de5b Added function to make url absolute 2012-08-07 20:43:00 +02:00
Bart Visscher fe6450002d Change hardcoded urls to use linkTo function 2012-08-06 18:51:41 +02:00
Georg Ehrke e1d14ab461 Merge branch 'master' into subadmin 2012-07-26 16:47:05 +02:00
Robin Appelman 856d9c0b54 some indention fixes 2012-07-24 00:39:59 +02:00
Georg Ehrke 5508a95065 Merge branch 'master' into subadmin 2012-07-21 13:14:52 +02:00
Robin Appelman 48306a3c4f fix unused variables 2012-07-20 17:58:05 +02:00
Georg Ehrke e707e94857 subadmins can now add users 2012-07-15 16:31:28 +02:00
Georg Ehrke d0b625352c some work on subadmins 2012-07-09 21:51:19 +02:00
Bart Visscher 280c59e914 More helpfull debug msg for redirectToDefaultPage 2012-07-04 17:51:07 +02:00
Bart Visscher 432aa58bab Spelling fixes 2012-06-22 17:21:56 +02:00
Brice Maron 115c30bdb4 Enhance hint about writable app directory 2012-06-22 13:57:54 +02:00
Brice Maron 84b9ac2678 Correct writable check for app dir 2012-06-21 19:35:34 +00:00
Frank Karlitschek e95055b2bd check if the data directory is accessible via http. Show a big security warning if yes 2012-06-21 14:07:04 +02:00
Bart Visscher 7a3d606cac Prefer requested app before redirecting to default page 2012-06-20 17:10:49 +02:00
Bart Visscher 6404476bec Delay setup of FS until OC_Filesystem is used 2012-06-20 17:10:49 +02:00
Bart Visscher 5c8e774cea Small code reorder 2012-06-20 17:10:48 +02:00
Bart Visscher f54ef5a464 Remove OC::$CONFIG_DATADIRECTORY, not used 2012-06-19 22:54:14 +02:00
Bart Visscher d8b32c2f0e Move check code from setupFS to checkServer 2012-06-19 22:54:13 +02:00
Bjoern Schiessle d2936bd90c introducing a sanitize HTML function for the internal and the public API. This
allows to easily convert strings to HTML before displaying them on the web page
to reduce the risk of xss vulnerabilities.
2012-06-19 17:20:19 +02:00
Thomas Tanghus 89464721c7 Added JSON methods for CSRF prevention. Make request token accessible from template and add js var. 2012-06-13 17:33:19 +02:00
Frank Karlitschek 9e9c40eabd fix time call 2012-06-13 17:27:49 +02:00
Thomas Tanghus 2ee809fd86 Allow same host redirects (/somepath). 2012-06-11 15:21:37 +02:00
Frank Karlitschek cd16c5e479 implement a simple request token session garbage collector 2012-06-11 12:13:08 +02:00
Michael Gapczynski 3c57fb935b Mount personal mount points into filesystem 2012-06-10 16:34:44 -04:00
Thomas Tanghus b16136642b Bump version to trigger db update. 2012-06-09 16:05:21 +02:00
Frank Karlitschek 344299a074 add two csrf check calls. Review and lot´s of porting needed. 2012-06-09 15:05:14 +02:00
Robin Appelman dcf1eed816 add unique instance id 2012-06-05 19:32:48 +02:00
Bart Visscher 9d936976a9 Make check for writable apps dir configurable 2012-06-05 17:51:52 +02:00
Bart Visscher 4a5973662c Merge branch 'unstable'
Conflicts:
	apps/files_external/tests/config.php
	apps/files_versions/ajax/getVersions.php
	apps/files_versions/appinfo/app.php
	apps/files_versions/history.php
	apps/files_versions/js/versions.js
	apps/files_versions/templates/history.php
	apps/files_versions/versions.php
	lib/base.php
2012-06-04 23:02:05 +02:00
Frank Karlitschek 4aa96de537 add a check for pdo 2012-06-01 20:00:33 +02:00
Frank Karlitschek 07e1e3a945 check if apps folder is writable 2012-06-01 19:54:07 +02:00