Commit Graph

4397 Commits

Author SHA1 Message Date
Robin Appelman 8f616ecf76 fix potential xss in multiselect 2012-06-09 15:08:05 +02:00
Thomas Tanghus 0f454215e7 Code cleanup. 2012-06-09 15:04:08 +02:00
Thomas Tanghus 83caaa6d3f Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-09 15:02:38 +02:00
Thomas Tanghus 59d16c5f9a Contacts: Use POST instead of GET. 2012-06-09 15:02:23 +02:00
Robin Appelman 6e1ca36207 fix infinite redirect during setup for windows hosts 2012-06-09 14:38:50 +02:00
Georg Ehrke cf1c3635ff fix loading of OC::$REQUESTEDAPP if WTFE the app parameter is given but empty aka /?app 2012-06-08 22:32:58 +02:00
Thomas Tanghus 23533a763a Don't fix bugs not present in this branch ;-) 2012-06-08 20:44:58 +02:00
Thomas Tanghus 5eb5d23ac1 Contacts: Closed stupid XSS hole. Thanks AnybodyElse ;-)
Conflicts:

	apps/contacts/ajax/uploadphoto.php
2012-06-08 20:43:42 +02:00
Bjoern Schiessle eb192ff4f3 code cleanup from previous commit 2012-06-08 16:31:12 +02:00
Bjoern Schiessle cf1430df45 Merge branch 'stable4' of gitorious.org:owncloud/owncloud into stable4 2012-06-08 16:27:07 +02:00
Bjoern Schiessle 0722ff6e32 fix for bug #872: Folders not holding any images are ignored, even if they hold subfolders with images 2012-06-08 16:24:31 +02:00
Arthur Schiwon 0dc371f579 typo in var 2012-06-08 14:58:07 +02:00
Frank Karlitschek a7a861b2c6 backport the password salting fix.
a salt is generated during setup and used to salt the user password hases in the database backend
2012-06-08 12:42:35 +02:00
Arthur Schiwon 8c7fa15aaf Sharing, fix: connect to hooks from the correct classes 2012-06-08 11:58:00 +02:00
Bjoern Schiessle 4a15cf28a9 fixed broken lines in user table
Conflicts:

	settings/css/settings.css
2012-06-08 11:44:04 +02:00
Arthur Schiwon 0f68276921 LDAP: cache the results, reduce LDAP searches 2012-06-07 18:56:06 +02:00
Arthur Schiwon 4beabe23e7 ldap: enable the destructor 2012-06-07 18:15:11 +02:00
Michael Gapczynski d28e0f4d5b Remove old internal mail call for password reset, fixes bug oc-934
Conflicts:
	core/lostpassword/index.php
2012-06-07 09:36:23 -04:00
Arthur Schiwon f3f3c791ba ldap: correct query condition and determining of success 2012-06-07 13:40:26 +02:00
Arthur Schiwon 691f00eb39 ldap: check index carefully, can be 0 2012-06-07 13:40:16 +02:00
Thomas Tanghus 9266f4da99 Migration: Fixed wrong download URL: http://forum.owncloud.org/viewtopic.php?f=4&t=2511 2012-06-07 13:10:19 +02:00
Thomas Tanghus de6d550cce Calendar: Added more explicit sync links and fixed indentation. 2012-06-07 12:22:25 +02:00
Thomas Tanghus 3d48bf18d3 Contacts: Import upload button was obscured on Android browser. 2012-06-07 10:58:15 +02:00
Bjoern Schiessle bb07c20bf4 fixed var name, $filename should be $foldername 2012-06-06 18:11:23 +02:00
Arthur Schiwon 48ccfa42d3 LDPA: don't drop legal whitespaces when sanitizing DN. Fixes oc-914 2012-06-06 12:31:22 +02:00
Thomas Tanghus 517bd28940 Corrected typos. 2012-06-06 11:49:45 +02:00
Michael Gapczynski 826a439c15 Supress any warnings if log file does not exist 2012-06-05 18:42:16 -04:00
Robin Appelman f1b10fcc93 update translations 2012-06-06 00:29:44 +02:00
Robin Appelman 063c9accb6 prevent creating files with a / the name 2012-06-06 00:04:02 +02:00
Bjoern Schiessle 3a5076d646 show pictures in folder with special characters, e.g. '+' 2012-06-05 17:58:23 +02:00
Frank Karlitschek 4bc7387d7c fi login for hosts running n port 80 2012-06-05 15:28:00 +02:00
Arthur Schiwon 769d94ab26 linkTo instead of hard links in Files and Files_Archive. Hope that makes sense. 2012-06-05 14:14:26 +02:00
Frank Karlitschek 5c9325bbe0 CLI is no availabe in stable4 2012-06-05 14:10:50 +02:00
Frank Karlitschek d3bb01b598 more reliable host detection for reverse proxy scenarios 2012-06-05 12:53:48 +02:00
Bjoern Schiessle 44260a552c xss vulnerability fixed 2012-06-05 10:49:36 +02:00
Bjoern Schiessle e817504569 xss vulnerability fixed 2012-06-05 10:49:26 +02:00
Arthur Schiwon ae2bcf968d Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-04 21:33:02 +02:00
Arthur Schiwon 454f81fb15 load authentication apps before checking wether user exists. fixes oc-910 2012-06-04 21:31:35 +02:00
Arthur Schiwon 773f3cf973 make it possible to load apps seperately. needed to fix oc-910 without breaking oc-863 2012-06-04 21:30:58 +02:00
Tom Needham daa4d2cd84 Validate email on save 2012-06-04 18:44:55 +00:00
Robin Appelman b117a1e3ec update file paths in filecache when the parent is renamed 2012-06-04 18:12:25 +02:00
Bjoern Schiessle 4bc88ef59d prevent xss attacks by manipulating image file names 2012-06-04 18:11:17 +02:00
Bjoern Schiessle d5566d0267 prevent xss attacks by manipulating text file names 2012-06-04 18:11:08 +02:00
Bjoern Schiessle ca64a4080f don't allow user to delete Shared dir via webdav and sync client (bug #774) 2012-06-04 18:08:51 +02:00
Bjoern Schiessle 7fbe306990 no move (rename) operation for "Shared" directory 2012-06-04 14:00:35 +02:00
Bjoern Schiessle c8f670dfab Don't allow user to delete, rename and re-share the "Shared" directory 2012-06-04 14:00:35 +02:00
Arthur Schiwon 8983c6dd6b commited a bit too much before 2012-06-04 13:27:55 +02:00
Thomas Tanghus d657263403 Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-04 13:13:53 +02:00
Thomas Tanghus 74ac2ac63a Contacts: When editing photo on a newly created contact the name in the contact list was cleared. 2012-06-04 13:13:43 +02:00
Arthur Schiwon 8554525ebe Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-04 13:04:37 +02:00