Commit Graph

661 Commits

Author SHA1 Message Date
Lukas Reschke 6e78c4fcc0 Disallow URLs containing a @ 2013-04-23 00:26:40 +03:00
Robin Appelman e63633b5f3 Don't try to use backgroundjobs before the installtion is done 2013-04-22 20:23:23 +02:00
Robin Appelman 40de36a8f3 Try to supress pre-upgrade backgroundjob error 2013-04-21 00:58:15 +02:00
Robin Appelman 07f510692c Ensure we don't throw an exception before we can upgrade to the new backgroundjob system 2013-04-21 00:08:55 +02:00
Robin Appelman 7948341a86 Rework background job system 2013-04-20 23:27:46 +02:00
Thomas Tanghus 4ccc9d896a Merge pull request #3010 from owncloud/fix-cookie_path
Don't use empty session.cookie_path, otherwise we get multiple cookies
2013-04-19 01:17:35 -07:00
Thomas Tanghus e09c17de5b Added explanation 2013-04-18 22:29:50 +02:00
Bart Visscher e4876c9117 Don't use empty session.cookie_path, otherwise we get multiple cookies 2013-04-18 21:11:58 +02:00
Thomas Tanghus 9facb67fab Let autoloader resolve paths under apps lib directory. 2013-04-18 08:30:09 +02:00
Brice Maron 43d0f1fabf Warn when we do an upgrade 2013-04-17 21:29:14 +02:00
Lukas Reschke fbffbe0170 Juse send the cookies in the ownCloud directory 2013-04-06 00:16:52 +02:00
VicDeo 3e9ea6d13b Remove space before parethesis 2013-03-20 16:54:06 +04:00
VicDeo c3a64012d8 Remove leading and trailing backslashes in classname. Ref #2310 2013-03-19 16:40:52 +03:00
Frank Karlitschek 63336f2acb remove deprecated call 2013-03-17 22:05:45 +01:00
Michael Gapczynski 5300d6ad55 Clear the CSS and JS cache earlier to make sure update goes smoothly 2013-03-05 21:13:07 -05:00
Bart Visscher d800f35bf4 Disable loading of backgroundjobs js when upgrade is needed 2013-03-03 23:15:22 +01:00
Bart Visscher a2d6b27170 Check maintenance mode before loading apps in route matcher 2013-03-03 23:15:18 +01:00
Bernhard Posselt 2f036bcc54 Merge pull request #1972 from owncloud/raw-pathinfo
Use the plain urlencoded path info for the routing matching
2013-02-27 13:43:47 -08:00
Bart Visscher 56f3917f36 Use the plain urlencoded path info for the routing matching 2013-02-27 21:38:58 +01:00
Bernhard Posselt 888e4f21d2 timeout after a longer time 2013-02-27 15:44:00 +01:00
Bart Visscher 3a7322342e Merge pull request #1956 from owncloud/session-error-format
add styles before session init
2013-02-27 05:21:17 -08:00
Bernhard Posselt a1afc2e34f only add style.css to initsession 2013-02-27 11:36:05 +01:00
Bernhard Posselt 18b7a2bf21 add css and scripts before session init 2013-02-27 11:17:14 +01:00
Bart Visscher 4a26d63867 Fix using wrong quotes for breaking long lines
Fixes #1925
2013-02-26 20:48:01 +01:00
Bernhard Posselt 7f7b8bc07a use error template 2013-02-25 19:17:29 +01:00
Bernhard Posselt aba60dba28 added simple error message for the browser 2013-02-25 18:47:34 +01:00
Bernhard Posselt bc2fefed59 write an error log when session could not be initialized 2013-02-25 18:42:09 +01:00
Bernhard Posselt 55c72617c6 set http 500 when session could not be started to prevent serving of empty files see #1049 2013-02-25 18:37:05 +01:00
Robin Appelman 0395715348 set DEBUG from xdebug session before we first use it 2013-02-15 03:15:09 +01:00
Robin Appelman bcabdd7dd5 Don't cache errors/exceptions when debug is enabled 2013-02-15 03:14:41 +01:00
Bart Visscher 9058d398a7 Merge pull request #1662 from owncloud/style-cleanup
Style cleanup
2013-02-14 12:54:36 -08:00
Lukas Reschke be194c5b5b Invalidate existing HSTS headers 2013-02-14 19:23:29 +01:00
Thomas Mueller 8877087b57 adding a compatibility.js as a single source to define all fallback function declarations 2013-02-14 12:20:04 +01:00
Bart Visscher ffae6f4b84 Style-fix: Breakup long lines 2013-02-14 08:38:37 +01:00
Bart Visscher 5c4a804ddb Fix SpaceBeforeOpenBrace errors 2013-02-14 08:36:26 +01:00
Thomas Müller 0222c589ac Merge pull request #1546 from owncloud/fix-loading-hooks
Fix loading hooks when going though the routing system
2013-02-09 09:59:41 -08:00
Thomas Müller e68cf72458 Merge pull request #1543 from owncloud/utf8-locale-master
some systems use en_US.UTF8 instead of en_US.UTF-8
2013-02-09 09:58:05 -08:00
Thomas Müller d67d9566ce Merge branch 'master' into clean-app-id 2013-02-09 17:28:30 +01:00
Bart Visscher 9dddcae9ca Remove invalid characters from app id to prevent loading of invalid resources 2013-02-09 15:10:40 +01:00
Thomas Müller 279cbeb001 Merge pull request #1481 from owncloud/fixing-1354-master
basic WebDAV test in place now
2013-02-09 05:13:33 -08:00
Bart Visscher fba9739448 Always load the apps before trying to match a route 2013-02-08 19:06:59 +01:00
Thomas Müller 232a98524c some systems use en_US.UTF8 instead of en_US.UTF-8 2013-02-08 17:49:54 +01:00
Robin Appelman afa1a6d2b3 Don't try to use routes when called from cli 2013-02-07 17:53:38 +01:00
Thomas Mueller 5788d36c8d Merge branch 'master' into fixing-1354-master
Conflicts:
	settings/admin.php
	settings/templates/admin.php
2013-02-07 10:44:28 +01:00
Bart Visscher 3582f7bd09 Execute the post setup check after finishing the setup 2013-02-06 17:56:45 +01:00
Thomas Mueller 1adcc5fd23 basic WebDAV test in place now 2013-02-05 23:33:44 +01:00
Thomas Mueller 77369d8164 disable error handler while running phpunit 2013-02-05 16:44:02 +01:00
herbrechtsmeier 37e6ac9a2a initPaths: set include path before any owncloud function is called
Ensure we can find basic owncloud classes while detecting the owncloud
paths in function initPaths by add OC::$SERVERROOT . '/lib' to include
path before any owncloud function is called.

This fix a bug with XAMPP that cannot find the class OC_Config in
function OC_Request::scriptName when called from function
OC_Base::initPaths.
2013-02-02 12:07:18 +01:00
Bart Visscher 2488a495c6 Merge pull request #1384 from owncloud/upgrade_fix
Check for upgrade/maintance mode before trying to load an app
2013-02-01 07:12:06 -08:00
Stefan Herbrechtsmeier ab2b79cda6 add multiple domains reverse proxy support
Add support for a reverse proxy that handles multiple domains via different
web roots (http[s]://proxy.tld/domain.tld/owncloud).

As the reverse proxy web root is transparent for the web server the
REQUEST_URI and SCRIPT_NAME need manual adjustments. This patch replace
the direct use of this _SERVER variables with function calls and extend
this functions to overwrite the web root. Additionally it adds a Sabre
request backend that extends the Sabre_HTTP_Request to use the same
functions.
2013-01-31 18:42:31 +01:00
Robin Appelman 057920b165 Still load js files in maintance mode 2013-01-30 23:05:44 +01:00
Robin Appelman f452d2d0c4 Check for upgrade/maintance mode before trying to load an app 2013-01-30 22:55:33 +01:00
Robin Appelman 207aa22d12 merge master into filesystem 2013-01-30 19:24:24 +01:00
irgsmirx 0bce22966c Update lib/base.php
Correction of typo "locate" -> "locale".
2013-01-30 14:27:08 +01:00
Robin Appelman 74f6f85628 merge master into filesystem 2013-01-28 19:37:58 +01:00
Robin Appelman 232cc3211b add oc:// streamwrapper to provide access to ownCloud's virtual filesystem 2013-01-28 15:35:30 +01:00
Robin Appelman c9c919da57 Move streamwrappers to seperate files and put them in a namespace 2013-01-28 15:34:15 +01:00
Thomas Mueller 1d44a99ebb Merge branch 'master' into updater-CSP
Conflicts:
	core/templates/update.php
2013-01-28 09:57:24 +01:00
Robin Appelman 930b9b9cd0 merge master into filesystem 2013-01-26 18:49:45 +01:00
Thomas Mueller 2cc77759aa lookup for OCA classes in all apps folders 2013-01-26 12:45:50 +01:00
Lukas Reschke dbc13cf6ee Move update inline JS 2013-01-25 19:18:16 +01:00
Lukas Reschke 7f49d35930 Move checkMaintenance and checkUpgrade
This is needed to ensure that the routing and linkTo() function for CSP
are available.
2013-01-25 19:15:02 +01:00
Lukas Reschke 0d2a58bc5d Initialize router also if ownCloud isn't installed 2013-01-25 14:57:52 +01:00
Thomas Mueller b4c3dd84b4 update to jquery-ui 1.10.0 2013-01-23 11:37:52 +01:00
Lukas Reschke 8ca78fcf3f Move requesttoken to oc-requesttoken.js 2013-01-21 20:24:18 +01:00
Robin Appelman 83d6221322 merge master into filesytem 2013-01-20 03:11:04 +01:00
Bernhard Posselt f1939866f3 Merge pull request #1214 from Raydiation/master
Load Classpaths of apps before appinfo/routes.php
2013-01-19 09:44:48 -08:00
davidgumberg 487e401361 Typo fix (comment) /lib/base.php 2013-01-18 10:52:29 -08:00
Thomas Müller 5df57e4ada Merge pull request #1181 from owncloud/return-503-in-maintenance
in case of maintenance the error page returns http status 503.
2013-01-18 04:02:03 -08:00
Bernhard Posselt 2b95ae1e6d spaces to tabs 2013-01-17 21:44:40 +01:00
Bernhard Posselt a8094abac7 load classpaths of apps before routes 2013-01-17 21:42:46 +01:00
Robin Appelman 5445b94416 merge master into filesystem 2013-01-16 19:04:50 +01:00
Bart Visscher a8f963d9cf Spaces to tabs 2013-01-16 18:09:16 +01:00
Thomas Mueller 31ce320c52 in case of maintenance the error page returns http status 503.
This is necessary to enable the desktop sync client to react properly.
Currently the SabreDAV plugin OC_Connector_Sabre_MaintenancePlugin is not executed because this error page is returned before the SabreDAV code is executed
2013-01-14 21:39:55 +01:00
Robin Appelman 0ca5047da5 Autoload namespaced test classes 2013-01-07 00:36:01 +01:00
Michael Gapczynski a94405b4e4 Only show the version updating to instead of worrying about converting internal to a formatted version 2013-01-04 20:13:00 -05:00
Michael Gapczynski f2e6df807d Add back check if installed around background jobs 2013-01-04 14:16:59 -05:00
Michael Gapczynski 7505837079 Basic update progress of database update only 2013-01-03 21:32:33 -05:00
Michael Gapczynski a52aa69ffe Rearrange code to prepare for updater feedback 2013-01-03 14:11:00 -05:00
Michael Gapczynski ce443818d4 Check if oc_token cookie exists before trying to use it 2013-01-02 19:59:04 -05:00
Thomas Müller 7d811e57e6 setting the timezone is now part of the login process and true part of the core. 2012-12-20 11:10:45 +01:00
Frank Karlitschek 196f1c3786 add a check and a warning if setlocale is working 2012-12-19 15:10:33 +01:00
Thomas Mueller b8b64d6ffc set the session name to the instance id - which is unique
Conflicts:
	lib/base.php
2012-12-12 16:07:51 +01:00
Thomas Tanghus af12b0f5da Autoload classes with 'OC' namespace prefix. 2012-12-11 16:00:48 +01:00
Bart Visscher 1e062ea895 Merge pull request #182 from owncloud/fix-redirect
Make the redirect_url working again
2012-12-07 03:09:19 -08:00
Thomas Müller 76625e9ba5 Merge pull request #647 from owncloud/fix_app_settings_navigation
Move loading of all the apps to setting the active navigation entry.
2012-12-05 01:48:20 -08:00
Thomas Mueller e65abb8054 minified version no longer available 2012-12-04 14:49:19 +01:00
Bart Visscher 8ce3aca331 Move loading of all the apps to setting the active navigation entry.
We can't do the loading before matching the route, because some routes
need to do the loading after matching of the route. For example the
navigation detection of the app settings page.
2012-11-30 12:47:44 +01:00
Jörn Friedrich Dreyer eaa625c9bc Merge pull request #401 from owncloud/share_hooks
Create functions to install standard hooks
2012-11-28 04:35:52 -08:00
Bart Visscher 8bed38c78d Rename install hook functions to register hook 2012-11-15 18:13:54 +01:00
Bernhard Posselt e642d18e26 When using routing in apps, no apps are loaded in the left navigation tree. To fix this: load apps for matching a request 2012-11-15 14:48:18 +01:00
Bart Visscher 530f3f8be9 Create functions to install standard hooks
Also use these in tests that needs them
Fix #151
2012-11-13 23:45:17 +01:00
Bart Visscher 7b53c9d3f0 Merge pull request #157 from owncloud/setup
Make lib/setup.php usable outside of install setup
2012-11-12 13:23:31 -08:00
Thomas Tanghus 7f0c69eb0e Added CRUDS permissions to the OCP namespace. Implements issue #345 2012-11-11 23:09:54 +01:00
Stefan Seidel 8f669880bc Fix WebDAV (and Android Client) not being able to authorize on Debian Squeeze + mod_fcgid installs. 2012-11-09 13:30:07 +01:00
Felix Moeller a4b2ea586d Style: Remove all the dangling white spaces 2012-11-04 22:16:04 +01:00
Felix Moeller 27ab0357ae Checkstyle: Fix last six NewlineBeforeOpenBrace 2012-11-04 18:36:16 +01:00
Thomas Müller 8ac3849a95 Merge pull request #238 from fmms/checkstyle04
Checkstyle fixes
2012-11-04 08:59:45 -08:00
Lukas Reschke 8c4c74b23f Merge pull request #178 from owncloud/JustOneCSRFTokenPerSession
Just one CSRF token per session
2012-11-04 05:54:02 -08:00
Felix Moeller 30d7993e01 Checkstyle fixes: NoSpaceAfterComma 2012-11-04 11:10:46 +01:00
Lukas Reschke d2e842fcc9 Remove uneeded new line 2012-11-01 22:38:21 +01:00
Lukas Reschke 822e4d5f6c Check for redirect_url for logged in users
This checks if there is a redirect_url for logged in users
2012-11-01 22:37:37 +01:00
Lukas Reschke 81f019b6c5 Make the redirect_url working again
Fixes #160
2012-10-31 22:03:55 +01:00
Lukas Reschke 7a7f12a0c1 Create only one CSRF token per session
Before, the CSRF token expired every hour. We had a script in place
which should refresh the token but this don't worked in every case.
(Laptop sleeping etc.)

With this commit, the token will only get once created for every
session so that the "Token expired" warning shouldn't appear.
2012-10-31 18:37:59 +01:00
Bart Visscher 6d09752940 DRY for creating htaccess to protect data-directory 2012-10-30 20:57:19 +01:00
Bart Visscher 246d7ea2ea Separate control code from class definition 2012-10-30 20:56:31 +01:00
Lukas Reschke f6b6780072 Don't use OC_Setup as it will show up the installer 2012-10-29 22:44:49 +01:00
Lukas Reschke 6903475841 Generate .htaccess when upgrading from old versions
When upgrading from old ownCloud versions like 2.x the .htaccess is not
generated - which exposes the data to the internet. This fix will
generate a .htaccess when upgrading. (And no one exists)
Fixes #127
2012-10-29 22:03:18 +01:00
Bart Visscher fecfeac55d Fix introduced style errors 2012-10-27 17:45:15 +02:00
Bart Visscher 894d44e796 Merge remote-tracking branch 'git://github.com/susinths/SabreDAV_1.7.1.git'
Conflicts:
	lib/base.php
2012-10-27 16:33:10 +02:00
Bart Visscher 0120f3fd62 Merge branch 'routing'
Conflicts:
	core/lostpassword/index.php
	core/lostpassword/resetpassword.php
2012-10-27 11:58:02 +02:00
Bart Visscher 43e8293d9c Change Symfony/Component/Routing from submodule to composer fetching 2012-10-27 11:32:16 +02:00
Felix Moeller 6a00a6b9ed Make Jenkins more happy.
This is NoSpaceAfterComma
2012-10-23 00:28:12 +02:00
Bart Visscher 6081bfa2bc Merge branch 'master' into routing
Conflicts:
	lib/search/provider/file.php
	settings/ajax/changepassword.php
	settings/settings.php
2012-10-17 16:38:11 +02:00
Susinthiran Sithamparanathan b2b84f3a6f Update Sabre to version 1.7.1 2012-10-17 16:17:36 +02:00
Lukas Reschke de7b46c66a Use `get_magic_quotes_gpc()` to determine if magic_quotes is enabled
set_magic_quotes_runtime gives a PHP warning
2012-10-16 19:42:17 +02:00
Lukas Reschke 59404b5675 Merge pull request #31 from visit1985/persistentcookies
reresubmit: improved persistent cookies :)
2012-10-16 04:46:22 -07:00
Victor Dubiniuk ddcd738357 Merge branch 'extended_log'
PHP errors logging into the owncloud log
2012-10-16 01:30:45 +03:00
Michael Göhler 8be9c04a3a 128byte is not 128bit - now we realy use 256bit (same as PHPSESSID) 2012-10-15 20:04:22 +02:00
Michael Göhler ae1f33db54 implement fixed php session timeout and session id regeneration 2012-10-14 22:36:26 +02:00
Michael Göhler b92fd984aa removed username and password from token generation 2012-10-14 22:36:26 +02:00
Michael Göhler a6c4046f48 fixed typo and redundant method call 2012-10-14 22:36:25 +02:00
Michael Göhler d8fe6fbb40 added a warning message to the log when a cookie is rejected 2012-10-14 22:36:25 +02:00
Michael Göhler 382f8d060c fixed wrong variable usage 2012-10-14 22:36:25 +02:00
Michael Göhler 38b9bffaea call unsetMagicInCookie if token is invalid 2012-10-14 22:36:25 +02:00
Michael Göhler eb79ccafe3 forgot a class name 2012-10-14 22:36:25 +02:00
Michael Göhler 2ea06f67bd delete all tokens on password change 2012-10-14 22:36:25 +02:00
Michael Göhler 45f1c3f120 further improvements on multiple login token support
outdated tokens are deleted before checking against cookies
if an invalid token is used we delete all stored tokens for saveness
used token will be replaced by a new one after successful authentication
2012-10-14 22:36:25 +02:00
Michael Göhler ee5d0f328f improve token security
switched from time() to internal method OC_Util::generate_random_bytes()
2012-10-14 22:36:25 +02:00
Bart Visscher 4b799a6982 Make the lifetime of the remember login cookie 2012-10-14 22:36:25 +02:00
Bart Visscher 7f3e0b5566 Cleanup login tokens on login success 2012-10-14 22:36:25 +02:00
Bart Visscher 1012d317e3 Add support for multiple login cookie tokens 2012-10-14 22:36:25 +02:00
Michael Göhler 7095b3a083 extend logon page to display multiple error messages 2012-10-14 19:57:24 +02:00
Bart Visscher 9a35bd76fb Use resolved path for require_once in autoloader 2012-10-12 15:47:41 +02:00
Bart Visscher 2c3674ea87 Add logging when stripping apps from autoload include path 2012-10-10 21:06:15 +02:00
Bart Visscher fe40277ec2 Use __DIR__ instead of __FILE__ to get SERVERROOT 2012-10-10 21:06:15 +02:00
Lukas Reschke cda2135966 Send a HSTS HTTP header to enforce SSL 2012-10-10 18:56:14 +02:00
Arthur Schiwon 3affeb5bd7 destroy invalid sessions 2012-10-08 13:36:11 +02:00
Bart Visscher f3a211c03c Implement routing on javascript side 2012-10-05 09:42:36 +02:00
Robin Appelman f8eebcbb01 reload the current url when login in instead of always redirecting to the default app (oc-1873) 2012-09-30 03:47:37 +02:00
Lukas Reschke 578aa4e425 Removed sectoken
This token is completly useless since an attacker can easily extract it
from the page.
2012-09-29 15:18:38 +02:00
Bart Visscher c9317b5a68 Merge branch 'master' into routing 2012-09-28 21:41:21 +02:00
Bart Visscher bf1057143c Merge branch 'master' into routing
Conflicts:
	apps/files/js/filelist.js
	core/js/js.js
	lib/ocs.php
2012-09-28 15:38:49 +02:00
Christian Reiner 743826bbf3 Reimplementation of CSRF protection including autorefresh 2012-09-28 13:30:44 +02:00
VicDeo 2b6869bcea Uncaught exception logging 2012-09-26 14:38:06 +03:00
Lukas Reschke c4fc291fa7 Passwords containing a ":" don't work with this explode
Thanks to mETz
2012-09-25 19:57:40 +02:00
Victor Dubiniuk bbf8bb0bb3 Log PHP errors to the OC log 2012-09-12 22:30:04 +03:00
Michael Gapczynski c5f9b887ff Don't call clearCache() for OC_Minimizer statically, create OC_Minimizer objects for both CSS and JS to clear cache after upgrade 2012-09-12 01:18:07 -04:00
Robin Appelman 46422e6dbe don't use regular expresions for a simple string replace 2012-09-08 23:40:23 +02:00
Bart Visscher ceec5e593c Remove redundant loadApps 2012-09-07 16:19:08 +02:00
Bart Visscher 5eba579827 Merge branch 'master' into routing
Conflicts:
	apps/files/js/fileactions.js
	lib/base.php
	lib/helper.php
	lib/ocs.php
2012-09-07 15:51:44 +02:00
Thomas Mueller 3829460ab8 adding space between) and { 2012-09-07 15:22:01 +02:00
Bart Visscher 5e55b4d6e7 Whitespace fixes in lib 2012-09-07 14:08:29 +02:00
Bart Visscher 9ea7817a40 Remove core.{css,js} cache on upgrade 2012-09-07 13:42:22 +02:00
Thomas Müller 9eccc0121a Respect coding style 2012-09-05 13:22:38 +03:00
Thomas Müller 7901fc33a8 fixing syntax error 2012-09-04 15:54:38 +03:00
Thomas Müller aff08925c1 fixing syntax error - sorry for that 2012-09-04 15:46:43 +03:00
Thomas Müller 2028500c0a fixing syntax error - sorry for that 2012-09-04 15:42:58 +03:00
Thomas Müller e4e0b5a822 Respect coding style 2012-09-04 15:34:09 +03:00
Robin Appelman 2508f64efe set debug mode if an xdebug session is active 2012-09-01 20:52:13 +02:00
Robin Appelman a7255181ad fix autoloader throwing errors for non-oc classes 2012-09-01 15:36:52 +02:00
Robin Appelman 3dacf149de allow configuring user backends in config.php 2012-09-01 02:50:27 +02:00
Robin Appelman f67aef608f load authentication apps on login 2012-09-01 02:50:27 +02:00
Robin Appelman ebd813ae95 don't throw errors in the autoloader when a class doesn't exist 2012-09-01 02:50:27 +02:00
Bart Visscher b483f2aab8 Merge branch 'master' into routing
Conflicts:
	apps/contacts/js/contacts.js
	apps/contacts/lib/search.php
	apps/files_archive/js/archive.js
	apps/gallery/lib/tiles.php
	apps/gallery/templates/index.php
	lib/ocs.php
2012-08-30 21:49:28 +02:00
Bart Visscher db18218a1b Space before tab fixes 2012-08-29 20:34:44 +02:00
Bart Visscher 52f2e7112e Whitespace fixes in lib 2012-08-29 20:28:45 +02:00
Bart Visscher 53e51fe46b Clean user cache on login 2012-08-28 23:07:28 +02:00
Bart Visscher 8a02a8852f Add background job for global file cache cleanup 2012-08-28 23:07:28 +02:00
Bart Visscher 63af75586b Merge branch 'master' into routing 2012-08-15 17:39:00 +02:00
Bart Visscher db4111f6d5 Routing: Add some core routes 2012-08-12 16:52:36 +02:00
Bart Visscher 8c02494744 Routing: Prepare load funtions to be called from OC_Router 2012-08-12 16:16:22 +02:00
Lukas Reschke 0d8df3f55c Revert "Combine install checks in lib/base.php"
This reverts commit aa9fbf6639.
2012-08-11 17:07:35 +02:00
Michael Gapczynski 465767670b Check blacklist when renaming files 2012-08-11 11:04:04 -04:00
Bart Visscher 1025e451a7 Add router match to OC::handleRequest 2012-08-11 01:36:16 +02:00
Bart Visscher c2160433cd Merge branch 'master' into routing
Conflicts:
	lib/base.php
2012-08-11 00:43:26 +02:00
Bart Visscher 72b2324b68 Move loading of routes to OC::getRouter function 2012-08-10 23:31:11 +02:00
Bart Visscher 3722928c46 Change access to router object to getter function 2012-08-10 23:30:04 +02:00
Bart Visscher 3e8b6e816a Create OC_Router in OC::init 2012-08-10 23:03:57 +02:00
Lukas Reschke 8ec45870a3 Validate cookie properly and prevent auth bypass
BIG (!) thanks to Julien CAYSSOL
2012-08-10 15:28:59 +02:00
Jakob Sack 0ea4fa298c Backgroundjobs: don't try to access OC_Appconfig if ownCloud has not been installed 2012-08-10 13:53:40 +02:00
Jakob Sack 81b997b56e Merge branch 'backgroundjobs' 2012-08-10 13:00:51 +02:00
Bart Visscher 82b10954e7 Simplify loading app php script files 2012-08-10 12:27:37 +02:00
Bart Visscher 5e7086adc9 Move login handling to OC class 2012-08-10 12:17:13 +02:00
Bart Visscher 83403784d1 Always load when the requested file is css 2012-08-10 11:43:04 +02:00
Bart Visscher da07245f59 Move OC::loadfile and OC::loadapp next to OC::handleRequest 2012-08-10 11:43:04 +02:00
Bart Visscher e3c732040b Make OC::loadfile and OC::loadapp protected, only used in OC::handleRequest 2012-08-10 11:43:04 +02:00
Bart Visscher 0973969386 Cleanup OC::loadfile 2012-08-10 11:43:04 +02:00
Bart Visscher aa9fbf6639 Combine install checks in lib/base.php 2012-08-10 11:43:04 +02:00
Jakob Sack 889f0a1c6d rename appconfig keys for backgroundjobs 2012-08-09 10:40:39 +02:00
Jakob Sack 13a0818fec Be more precise regarding backgroundjobs mode 2012-08-09 01:02:05 +02:00
Bart Visscher 3387454094 Move login code from index.php to OC class 2012-08-08 22:42:51 +02:00
Bart Visscher 9156fb73fd Move handling request of index.php to OC class 2012-08-08 22:42:50 +02:00
Bart Visscher 7522a23693 Remove unused RUNTIME_NOSETUPFS var 2012-08-08 22:42:50 +02:00
Bart Visscher 99ce7ba1df Move serverHost and serverProtocol functions to OC_Request 2012-08-07 20:43:00 +02:00
Bart Visscher 6d0390dcca Fix rewriting GET parameters with ? in REQUESTEDAPP 2012-08-07 20:43:00 +02:00
Bart Visscher d579defc66 Merge branch 'master' into routing 2012-07-25 17:51:36 +02:00
Arthur Schiwon 57c375ea24 Support for OCA namespace 2012-07-25 12:56:08 +02:00
Bart Visscher d0cae6a99a Very basic conversion of ocs to Symfony Routing Component 2012-07-21 19:43:50 +02:00
Robin Appelman 33b8de91ea allow a more flexible way of using user backends 2012-07-19 16:31:55 +02:00
Bart Visscher 621b83df72 Remove referer check, this is unreliable. The header doesnt need te exist, or can be wrong 2012-07-04 17:51:07 +02:00
Robin Appelman 12f7cb8767 fix running tests from cli 2012-06-27 13:21:45 +02:00
Bart Visscher 2f0b4983e9 Move app upgrade check to loading of apps 2012-06-27 01:05:12 +02:00
Brice Maron 09a9f5400e Trim url and path of appsroot to have and standart type of path fix oc-1107 2012-06-25 15:50:27 +02:00
Brice Maron df60d6d5d2 Fixes for multi app dir :
Url should be given as relative path (to webroot)
Correct link construction from js
2012-06-22 12:24:56 +02:00
Brice Maron b5953e7a83 Provide solution for smoother migration for apps to multi-app dir 2012-06-21 22:22:36 +00:00
Brice Maron e5c56b2433 Merge branch 'master' into multi_app_dir
Conflicts:
	lib/app.php
	lib/base.php
	lib/minimizer/css.php
	lib/minimizer/js.php
	lib/template.php
	lib/util.php
2012-06-21 17:15:35 +00:00
Bart Visscher 6404476bec Delay setup of FS until OC_Filesystem is used 2012-06-20 17:10:49 +02:00
Bart Visscher f54ef5a464 Remove OC::$CONFIG_DATADIRECTORY, not used 2012-06-19 22:54:14 +02:00
Bart Visscher 332603a263 Move formfactor code to OC_Template 2012-06-18 15:40:48 +02:00
Bart Visscher 977cd0df6b Fix errors for minimizer 2012-06-18 11:33:24 +02:00
Bart Visscher 6e9cd63fa1 Only check for apps owncloud version requirment when there is a new owncloud version 2012-06-16 20:52:10 +02:00
Bart Visscher 6d3ae575b6 Remove $DOCUMENTROOT, not used 2012-06-16 00:11:36 +02:00
Brice Maron 4753cc3ebd Merge branch 'master' into multi_app_dir
Conflicts:
	apps/bookmarks/ajax/addBookmark.php
	config/config.sample.php
	lib/app.php
	remote.php
2012-06-14 21:16:59 +00:00
Brice Maron 6da5a2fdd4 Add possibility to choose the installation folder 2012-06-14 21:00:02 +00:00
Robin Appelman 76de92477f fix infinite redirect during setup for windows hosts 2012-06-09 14:38:05 +02:00
Georg Ehrke bdd12df4a2 fix loading of OC::$REQUESTEDAPP if WTFE the app parameter is given but empty aka /?app 2012-06-08 22:31:44 +02:00
Brice Maron 9ec68c819b Change parameter 'web' to 'url' and take array of array in config instead of : separated values 2012-06-07 20:36:55 +00:00
Bart Visscher 4260dce826 Better handling of core.css and core.js
Fixes calling remote.php on install.
Fixes http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-933
2012-06-07 21:35:40 +02:00
Brice Maron 0f7fdd4148 ReAdd possibility to load existing app folders 2012-06-07 19:15:31 +00:00
Brice Maron e8447e0bda Rework to fit with minizer 2012-06-06 21:11:15 +00:00
Brice Maron cc494259d3 Unit path and webpath, correct some more 2012-06-06 20:24:15 +00:00
Brice Maron b6c5ca126b First almost working version 2012-06-06 20:23:17 +00:00
Arthur Schiwon 6ca2b49292 avoid too-early database access and thus make owncloud installable again 2012-06-06 17:29:57 +02:00
Bart Visscher 57326ea1f8 Move setting remote_core.* to after setup of OC, also check if it is not set yet 2012-06-05 17:51:52 +02:00
Frank Karlitschek e747fd794e fix login for hosts running on port 80 2012-06-05 15:26:31 +02:00
Frank Karlitschek e3031ae28b more reliable host detection for reverse proxy servers 2012-06-05 12:52:23 +02:00
Bart Visscher 4a5973662c Merge branch 'unstable'
Conflicts:
	apps/files_external/tests/config.php
	apps/files_versions/ajax/getVersions.php
	apps/files_versions/appinfo/app.php
	apps/files_versions/history.php
	apps/files_versions/js/versions.js
	apps/files_versions/templates/history.php
	apps/files_versions/versions.php
	lib/base.php
2012-06-04 23:02:05 +02:00
Frank Karlitschek 75d56f24f2 try to switch magic quotes off.
it´s evil and deprecated
2012-06-01 12:41:38 +02:00
Frank Karlitschek 24d14783d7 added a serverProtocol function that correctly returns the used protocol even if the ssl connection is terminated at a reverse_proxy or at a load balancer 2012-06-01 10:38:44 +02:00
Michael Gapczynski fbe58755e5 Restrict requested app to apps directory 2012-05-29 12:31:47 -04:00
Frank Karlitschek a945fa10a6 update copyright 2012-05-26 19:14:24 +02:00
Frank Karlitschek 24318354f2 changed the default from Berlin to UTC.
Greetings form Berlin by the way ;-)
2012-05-24 00:49:21 +02:00
Robin Appelman 60fdc13ae6 enable running unit tests from cli 2012-05-22 20:22:53 +02:00
Robin Appelman b096fd9ed8 log upgrades 2012-05-19 01:55:20 +02:00
Bart Visscher ce1e4425c2 Combine and minimize core and default app js files 2012-05-16 18:53:46 +02:00
Bart Visscher f71fec8cdc Combine and minimize core and default app css files 2012-05-16 18:53:46 +02:00
Bart Visscher 5d72681d10 Better place to check caching headers 2012-05-16 18:52:40 +02:00
Robin Appelman 9eb91a111d update to jquery 1.7.2 2012-05-12 00:37:19 +02:00
Bart Visscher 919681f3e6 Make processed css files cachable 2012-05-11 21:33:02 +02:00
Bart Visscher 97233b77cd Remove DOCUMENTROOT static var, and make SUBURI var private 2012-05-11 21:31:51 +02:00
Georg Ehrke 8f2217ca2e make default app choosable 2012-05-11 13:56:52 +02:00
Michael Gapczynski de95bf62a2 Prevent any null bytes related exploits, thanks to Lukas Reschke 2012-05-10 11:44:06 -04:00
Bart Visscher c2230580c1 Remove unused OC static variable CONFIG_DATADIRECTORY_ROOT 2012-05-10 09:14:27 +02:00
Georg Ehrke d032345191 fix validation of getfile parameter - i hate this bloody merge conflicts 2012-05-07 13:23:55 +02:00
Georg Ehrke da03d05700 create folder 'remote' for the remote services like caldav, carddav and webdav 2012-05-02 16:41:23 +02:00
Georg Ehrke 3aedbc5f95 remove debug message 2012-04-27 22:22:58 +02:00
Georg Ehrke 06e9ac8591 fix parsing of app parameter and fix external app 2012-04-27 22:22:03 +02:00
Georg Ehrke 993d655aad Merge branch 'master' into movable_apps_2 2012-04-27 10:30:50 +02:00
Frank Karlitschek ee0cb68f5e some csrf fixes. needs testing 2012-04-27 01:18:21 +02:00
Georg Ehrke 5483c1be42 hide fails 2012-04-26 21:58:43 +02:00
Georg Ehrke 5fda0e4b3b make *DAV work with movable apps 2012-04-26 21:56:29 +02:00
Georg Ehrke 2b10371bde fix merge conflicts 2012-04-26 18:08:49 +02:00
Georg Ehrke 40f95ffdf3 fix security check for the path of the requested file 2012-04-26 17:55:00 +02:00
Georg Ehrke 3f64eb25ab some fixes fore movable apps 2012-04-26 14:52:55 +02:00
Georg Ehrke 476043ecb9 add a proper 404 2012-04-25 10:17:20 +02:00
Georg Ehrke fb84d0aff8 fix php fail 2012-04-24 21:37:19 +02:00
Georg Ehrke 9b29bc96de remove debug message 2012-04-24 21:36:54 +02:00
Georg Ehrke 95c220a246 remove debug code in lib base 2012-04-23 20:31:03 +02:00
Georg Ehrke 19109afa79 fix bug in lib base 2012-04-23 20:11:21 +02:00
Georg Ehrke 42a570788b Merge branch 'master' into movable_apps 2012-04-23 19:56:07 +02:00
Georg Ehrke 6d92ebca45 use native functions of php to parse the string into the Var 2012-04-23 17:09:28 +02:00
Georg Ehrke 9226cb7a6a rename var file to getfile to prevent fails in files app 2012-04-23 16:36:24 +02:00
Frank Karlitschek f5c9fe9ece first step to an public api of ownCloud for the apps. In the future they shouldn´t call internall classes, functions or session variables because this will change and break in upcoming versions. Apps should only call this public interface that we will kepp stable over different releases. The namespace is OCP for ownCloud public. This is just the first step. more coming soon 2012-04-23 15:50:30 +02:00
Georg Ehrke 99a473bd62 support file calls with parameter 2012-04-20 22:33:30 +02:00
Georg Ehrke 2e85313701 optimize code 2012-04-19 22:26:36 +02:00
Georg Ehrke 909282c81e remove parameters in file var before call require once 2012-04-19 22:25:21 +02:00
Georg Ehrke 85019887df add loading of files 2012-04-19 16:44:49 +02:00
Georg Ehrke 3e0e6e35f4 open app thru index.php 2012-04-18 08:20:51 +02:00
Robin Appelman 1d8fdf52d5 allow multiply group backends 2012-04-13 01:59:05 +02:00
Grundik 7e7de25710 UTF8 locale by default 2012-04-12 17:54:20 +02:00
Tom Needham acdce2b1e0 Check blacklist before saving to filesystem 2012-04-03 22:31:34 +00:00
Frank Karlitschek b758725bf7 Try to configure php to enable big file uploads.
This doesn´t work always depending on the webserver and php configuration.
Let´s try to overwrite some defaults anyways
2012-04-01 17:02:32 +02:00
Bart Visscher 3300d6ea53 checkUpgrade has to be after template initialization
The error path of checkUpgrade uses the template
2012-03-30 23:41:54 +02:00
Bart Visscher a7438189f3 Move more from base init to separate functions 2012-03-30 23:41:53 +02:00
Robin Appelman 523fdda399 add the option to only load apps of a specific type 2012-03-30 14:39:07 +02:00
Robin Appelman 109d806617 make sure we can load OC_Config when we need it 2012-03-23 18:55:26 +01:00
Bart Visscher 3d8a09b147 Split the init function in lib/base.php a bit 2012-03-19 21:56:55 +01:00
Jakob Sack 90e2962c91 Remove the link between the principals table and the sabre principals connector. 2012-03-02 20:37:49 +01:00
Robin Appelman 48fe85d9bd add streamwrapper that provides a callback on stream close 2012-03-02 18:42:57 +01:00
Bart Visscher d1dcd7893c Search: Change provider registration to class name, for lazy loading of search providers 2012-03-01 22:59:35 +01:00
Bart Visscher 3d3190309f Simplify stripping the last part off WEBROOT and SERVERROOT for 3rdparty and app dir 2012-03-01 22:59:35 +01:00
Bart Visscher 5dcd9e20d0 Small cleanups 2012-03-01 21:00:23 +01:00
Robin Appelman 6ecbaf0041 load streamwrappers earlier 2012-03-01 18:44:33 +01:00
Frank Karlitschek 0b4607321f Merge branch 'master' of gitorious.org:owncloud/owncloud 2012-03-01 15:21:12 +01:00
Frank Karlitschek d29a02a65a undo the change of the webroot detection. seams to be buggy 2012-03-01 15:19:44 +01:00
Bartek Przybylski 2754cac21f dialogs library for apps 2012-02-28 23:02:30 +01:00
Frank Karlitschek 0a9b0ee382 change the detection of the webroot. it is simpler now and also works for app directories outside the owncloud folder. works for me and hopefully for everybody else too 2012-02-28 18:21:23 +01:00
Robin Appelman a829ce69c5 make sure the streamwrappers are registered early 2012-02-28 17:25:15 +01:00
Robin Appelman 77b51f03e3 add temporary file managment 2012-02-28 11:16:19 +01:00
Frank Karlitschek ab96fa67c8 first part of the abstraction work of the apps folder. more to come 2012-02-26 18:26:41 +01:00
Robin Appelman d4d09b06f8 merge master into encryption 2012-02-26 14:21:06 +01:00
Robin Appelman 6c501f90bb hopefully a fix for webroot detection 2012-02-26 04:09:48 +01:00
Robin Appelman ea8f71a19c Merge branch 'master' into encryption 2012-02-25 16:36:58 +01:00
Robin Appelman 8b93a9a237 add javascript bindings for OC_AppConfig 2012-02-25 16:35:40 +01:00
Frank Karlitschek a62e109e8c make the location of the 3rdparty folder flexible.
It´s automatically search in the owncloud folder and in the parent folder.
override with an option in config.php is also possible
2012-02-23 15:37:38 +01:00
Robin Appelman 2e05bd69f5 add javascript bindings for OC_AppConfig 2012-02-22 22:20:11 +01:00
Robin Appelman 325858e9e2 add stream wrapper for in-memory files and dont use global variables for the fakedir stream wrapper 2012-02-21 20:48:48 +01:00
Robin Appelman e53e7990c4 improve get_temp_dir() implementation 2012-02-21 20:48:48 +01:00
Bart Visscher 1fa05894d5 Move config.php writable test to update path
This should make it possible to use owncloud with a read-only config.php
2012-02-17 22:10:03 +01:00