619ee56835
Don't use double quotes in MySQL queries
...
MySQL databases with the ANSI_QUOTES mode enabled treat " as an identifier
quote (see https://dev.mysql.com/doc/refman/5.7/en/sql-mode.html#sqlmode_ansi_quotes ).
So for such databases the 'occ upgrade' fails with an error message like this:
... unknown column 'oc_*' in where clause.
This fix replaces the doulbe quotes with single quotes that should be always
used in MySQL queries to quote literal strings.
Signed-off-by: Robin Müller <robin.mueller@1und1.de>
2018-03-06 11:25:07 +01:00
ff7237a098
Merge pull request #8668 from nextcloud/8217_13
...
[stable13] Use proper lanugage in langauge code
2018-03-06 09:47:20 +01:00
d3d0d9e11d
[tx-robot] updated from transifex
2018-03-06 01:12:41 +00:00
19ded76b77
Display the proper language strings in setttings
...
Since this was moved to lib, we have to the lib language files.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-05 19:48:16 +01:00
34671d6ad4
Use proper lanugage in langauge code
...
Fixes #8180
The _ is not valid in language codes use - instead.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-05 19:44:54 +01:00
6104a7043e
Merge pull request #8636 from nextcloud/8289_13
...
[stable13] AppData hardening
2018-03-05 12:38:43 +01:00
479b9465c0
Merge pull request #8631 from nextcloud/stable13-8372
...
[13] Properly encapsulate require_once for app.php
2018-03-05 12:35:50 +01:00
d74bad2dc1
[tx-robot] updated from transifex
2018-03-05 01:12:36 +00:00
7717dbbe30
[tx-robot] updated from transifex
2018-03-04 01:13:07 +00:00
9413f97b92
Hardening of SimpleFile getContent
...
if file_get_contents fails remove the file. And traverse up the tree
checking if the other folders are there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-02 21:23:41 +01:00
9f7e05e737
Add throws annotation
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-03-02 17:16:36 +01:00
a61608e8c7
Properly encapsulate require_once for app.php
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-03-02 17:16:36 +01:00
369b3b28c7
[tx-robot] updated from transifex
2018-03-02 01:12:43 +00:00
03f127f162
[tx-robot] updated from transifex
2018-03-01 01:12:37 +00:00
2c6f3c88cf
Merge pull request #8099 from nextcloud/7873_13
...
[stable13] Don't perform CSRF check on OCS routes with Bearer auth
2018-02-28 14:34:20 +01:00
d33a93c6f9
[tx-robot] updated from transifex
2018-02-28 01:12:57 +00:00
4c52fed779
[tx-robot] updated from transifex
2018-02-27 01:14:50 +00:00
a5b73fe761
[tx-robot] updated from transifex
2018-02-23 01:12:43 +00:00
27aa0761bc
Merge pull request #8470 from nextcloud/13-8468
...
[stable13] Use mb_* string methods to extract first character for generated avatars
2018-02-21 13:29:28 +01:00
f1568b96ce
Use mb_* string methods to extract first character for generated avatars
...
This fixes #8451 where the first character is a non-ASCII character. The `$string[0]` notation only extracted one byte and thus resulting in an invalid code. The `mb_strtoupper` method also allows to convert characters independently from the current locale on the server.
See also http://php.net/manual/en/function.mb-strtoupper.php
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-21 12:40:16 +01:00
86be2687fb
[tx-robot] updated from transifex
2018-02-21 01:12:33 +00:00
d63caf5829
Better result handling of email search
...
1. Local users should not be returned when searching for empty string
2. The limit of the response should be respected
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-02-20 17:47:54 +01:00
a3de507b76
Merge pull request #8440 from nextcloud/8428_13
...
[stable13] Use TTF fonts for avatar generation
2018-02-20 08:21:04 +01:00
16a4e7192c
[tx-robot] updated from transifex
2018-02-20 01:12:21 +00:00
a4159378be
Avatar generation use ttf (for ancient compatibility)
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-02-19 22:12:56 +01:00
b5029f8975
[tx-robot] updated from transifex
2018-02-19 01:12:17 +00:00
b631cc1286
[tx-robot] updated from transifex
2018-02-17 01:12:30 +00:00
ef367f8bfe
[tx-robot] updated from transifex
2018-02-14 21:37:55 +00:00
adb9ad29fa
[tx-robot] updated from transifex
2018-02-14 01:12:17 +00:00
2e271313c9
[tx-robot] updated from transifex
2018-02-12 21:34:01 +00:00
1b3e3dfada
Load guest css on any guest and error page
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-09 17:46:48 +01:00
9c9c438c8b
[tx-robot] updated from transifex
2018-02-09 15:29:20 +00:00
197c97e242
Merge pull request #8102 from nextcloud/s3-uploader-13
...
[13] Use S3Client::upload instead of splitting single/multipart upload ourselves
2018-02-08 14:31:23 +01:00
e2cb6a3b3c
Merge pull request #8183 from robert-scheck/pki-validation-stable13
...
[stable13] Handle SSL certificate verifications for others than Let's Encrypt
2018-02-08 11:02:33 +01:00
f1cd334281
Don't perform CSRF check on OCS routes with Bearer auth
...
Fixes #5694
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-02-08 10:16:38 +01:00
6296c498b2
actually return stream from swift
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-02-08 08:10:08 +01:00
5e3cb24efa
[tx-robot] updated from transifex
2018-02-08 01:10:40 +00:00
f8740a1f0c
[tx-robot] updated from transifex
2018-02-07 11:32:08 +00:00
7486d021b1
Merge pull request #8197 from nextcloud/stable13-8144
...
[stable13] Repair step to clear frontend related caches
2018-02-07 09:02:37 +01:00
1ec43c8265
[tx-robot] updated from transifex
2018-02-07 01:10:36 +00:00
b55b1b5854
Merge pull request #8045 from nextcloud/8002_13
...
[stable13] Dont polute the log on DAV emaillogin
2018-02-06 15:34:28 +01:00
69b22c2d61
Move depsCache clearing to SCSSCacher/JSCombiner
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-06 12:32:50 +01:00
bf24b4db24
Add tests and class mapping
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-06 12:32:50 +01:00
31313178a5
Add repair step to clear frontend related caches
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-06 12:32:48 +01:00
b2068704e7
Merge pull request #8156 from nextcloud/stable13-8078
...
[Stable13] Scss hardening
2018-02-06 12:17:45 +01:00
de07c82a4d
Handle SSL certificate verifications for others than Let's Encrypt
...
Do no longer (wrongly) rewrite URLs like
* http://example.net/.well-known/pki-validation/file.txt (Comodo)
* http://example.net/.well-known/pki-validation/fileauth.txt (DigiCert, Thawte, GeoTrust)
* http://example.net/.well-known/pki-validation/gsdv.txt (GlobalSign)
* http://example.net/.well-known/pki-validation/starfield.htm (Starfield, GoDaddy)
* http://example.net/.well-known/pki-validation/swisssign-check.txt (SwissSign)
for automated SSL certificate verifications. All (common commercial)
certificate authorities (CA) except Let's Encrypt (via ACME) seem to
use "pki-validation" rather "acme-challenge" for their domain control
validation (DCV).
Signed-off-by: Robert Scheck <robert@fedoraproject.org>
2018-02-05 15:37:23 +01:00
b88aeb2166
Do not try to get the jailed path if we can't find the id
...
Fixes #8047
If we can't find the file by id there we should just return null instead
of trying to get the jailed path of null.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-02-05 12:42:47 +01:00
064ff027fd
[tx-robot] updated from transifex
2018-02-03 01:10:43 +00:00
106af04355
Do not rewrite absolute URLs
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-02 13:05:58 +01:00
cee941a6a3
Clear injectect variables when resetting the cache
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-02 13:05:52 +01:00
73ae7b0c5f
Make sure that injected variables do not break the CSS generation
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-02 13:05:25 +01:00
d8e0a6ee32
SCSS files are only cached if their size is > 0
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-02 13:05:03 +01:00
6989c65acf
[tx-robot] updated from transifex
2018-02-02 01:10:28 +00:00
501685288b
[tx-robot] updated from transifex
2018-02-01 18:28:19 +00:00
d5e56b34c4
[tx-robot] updated from transifex
2018-02-01 17:20:02 +00:00
62f4454d99
Merge pull request #8138 from nextcloud/13-update-doc-version
...
Update doc link version to 13
2018-02-01 14:45:45 +01:00
f46573d836
Update doc link version to 13
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-01 13:53:24 +01:00
2e6e969fbc
[tx-robot] updated from transifex
2018-02-01 01:11:06 +00:00
119de6467f
Create the migrations table also with the UTF8mb4 collation
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-01-31 15:54:28 +01:00
7ab3a7e2c3
Use S3Client::upload instead of splitting single/multipart upload ourselves
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-01-29 16:11:05 +01:00
0aca61d73e
[tx-robot] updated from transifex
2018-01-26 01:11:04 +00:00
2bed7a7f95
Fix tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-25 12:23:56 +01:00
9dfd3544c2
Don't polute log when loggin into dav with email
...
* We first try the email as username but this fails
* Then we get the uid from the email and try again
We should not log the first attempt since it polutes the log with failed
login attempts while the login actually is valid.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-25 12:23:50 +01:00
e79a755d08
[tx-robot] updated from transifex
2018-01-25 01:11:19 +00:00
a0f62b71c8
Merge pull request #8030 from nextcloud/7986_12
...
[stable13] If the preview is size 0 it is invalid
2018-01-24 16:40:44 +01:00
1a21524f6f
Merge pull request #8025 from nextcloud/13-8020
...
[stable13] Make sure we always know for sure if an avatar is generated or not
2018-01-24 16:28:55 +01:00
f259e1cb8c
If the preview is size 0 it is invalid
...
* delete it
* throw a NotFound Exception
- This should a proper 404 to the user
- Next time it is then regenerated
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-24 16:11:36 +01:00
986623e2ac
Send a proper response for status.php on trusted domain error
...
* fixes #7732
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-24 15:42:25 +01:00
0209690d55
Make sure we always know for sure if an avatar is generated or not
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-01-24 15:05:38 +01:00
883817e62a
[tx-robot] updated from transifex
2018-01-21 01:11:04 +00:00
809928c176
Correctly drop the ownCloud migrations table
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-01-18 15:59:05 +01:00
92bc33dd1e
Backport of format self-mentions, but don't offer them #7914
...
comments should compile mentions also if done by author
it is used by clients for formatting reasons, there is no reason not format
the author if her handle is included in the comment body.
It is unrelated to sending out notifications.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
do not offer the handle of the current user for auto completion
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
add types to php doc
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-18 12:08:08 +01:00
414d6e2184
Merge pull request #7915 from nextcloud/backport/7909/fix-migration-type-hints
...
Fix the type hints of migrations and correctly inject the wrapped sch…
2018-01-17 14:55:18 +01:00
ed999066e5
Fix the type hints of migrations and correctly inject the wrapped schema into migrations
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-01-17 13:53:09 +01:00
7ea3623cd9
Merge pull request #7887 from nextcloud/backport/7879/dont-disable-shipped-apps-on-errors
...
[stable13] Keep all shipped apps enabled because they should be okay
2018-01-16 21:52:36 +01:00
4b2e98953b
Merge pull request #7883 from nextcloud/search-and-13
...
[13] Support arbitrary number of arguments for d:or and d:and in search queries
2018-01-16 20:21:08 +01:00
d639dfacb7
Keep all shipped apps enabled because they should be okay
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-01-16 13:41:09 +01:00
0fafa794da
Add OCP\User deprecations to app code checker
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-16 13:33:58 +01:00
3a1390fdb7
Support arbitrary number of arguments for d:or and d:and in search queries
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-01-16 13:27:52 +01:00
09908a737f
Deprecated checkLoggedIn and other old ways to access control
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-16 10:43:03 +01:00
2a24f45b5f
[tx-robot] updated from transifex
2018-01-11 01:11:35 +00:00
03a7d9bbfa
Merge pull request #7635 from Abijeet/bug-7106
...
Fixes password input being prompted every time.
2018-01-10 20:10:40 +01:00
4823ac969a
Merge pull request #7763 from nextcloud/pos_fix_7751
...
Do not instantiate node when not needed
2018-01-10 15:40:10 +01:00
f6d84bdb23
Log a missing setting as INFO not as WARNING
...
It can happen for all kinds of reasons that a setting is not available.
(A user removes a folder, a setting got deleted). So don't polute the
log on default settings.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-10 09:02:01 +01:00
4596423b14
Do not instantiate node when not needed
...
Use the lazy functions is possible. This avoids getting the node if not
required.
Possible fix for #7751
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-09 19:51:50 +01:00
9386b07ed8
Merge pull request #7731 from nextcloud/preview_size_inc
...
Max preview size to 4096x4096
2018-01-09 11:07:02 +01:00
de5467811a
Fixes password input being prompted every time.
...
Fixes #7106
- Echoing the current server time via a JS variable and storing the current time on page load in JS.
- Calculating the diff and taking it into account when deciding whether to show the password confirmation.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-01-08 23:47:52 +05:30
e2352cc06f
Max preview size to 4096x4096
...
With HiDPI screens. And even normal HD screens you want more detail from
your pictures. Or the ability to somewhat zoom on you previews. For this
we need somewhat larger previews.
Moving the default to 4096x4096 is a step up. Users that want the old
behavior can still set the values in config.php
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-08 15:35:55 +01:00
faa68b28cb
Only return 1 type
...
Throw proper exception if we can't get the mimetype for a preview. Catch
it later on so we can just return a not found for the preview.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-07 14:36:37 +01:00
5b21650097
Don't lie about the preview mimetype
...
For legacy reasons we stored all the previews with a png extention.
However we did not put png data in them all the time.
This caused the preview endpoints to always report that a preview is a
png file. Which was a lie.
Since we abstract away from the storage etc in the previewmanager. There
is no need anymore to store them as .png files and instead we can use
the actual file extention.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-07 11:41:54 +01:00
2e683d3502
[tx-robot] updated from transifex
2018-01-06 01:11:09 +00:00
68e205e827
Merge pull request #7712 from nextcloud/jsconfig_l10n
...
Use correct L10N files for jsconfig
2018-01-05 15:22:10 +01:00
30ac28f950
Use correct L10N files for jsconfig
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-05 14:33:03 +01:00
1f8896d8c9
[tx-robot] updated from transifex
2018-01-05 01:11:18 +00:00
f87977ef2d
Merge pull request #7702 from nextcloud/composer_upd
...
Composer updated
2018-01-04 17:24:09 +01:00
e7aebcfd6b
Merge pull request #7699 from nextcloud/bugfix/7528/drop-owncloud-migrations-table-and-recreate-it
...
Drop the ownCloud migration table instead of reusing it
2018-01-04 16:52:52 +01:00
0280cff66f
Composer updated
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-04 16:31:16 +01:00
7154050201
Drop the ownCloud migration table instead of reusing it
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-01-04 14:58:01 +01:00
e655732458
Merge pull request #7570 from nextcloud/s3-legacy-auth
...
add option to use legacy v2 auth with s3
2018-01-04 13:17:58 +01:00
298b79410d
[tx-robot] updated from transifex
2018-01-04 09:48:31 +00:00
Robin Müller
Roeland Jago Douma
Nextcloud bot
Roeland Jago Douma
Joas Schilling
Julius Härtl
Morris Jobke
Robin Appelman
Robert Scheck
Christoph Wurst
Arthur Schiwon
Jan-Christoph Borchardt
Abijeet