Commit Graph

2192 Commits

Author SHA1 Message Date
Bjoern Schiessle 4bc88ef59d prevent xss attacks by manipulating image file names 2012-06-04 18:11:17 +02:00
Bjoern Schiessle d5566d0267 prevent xss attacks by manipulating text file names 2012-06-04 18:11:08 +02:00
Bjoern Schiessle c8f670dfab Don't allow user to delete, rename and re-share the "Shared" directory 2012-06-04 14:00:35 +02:00
Arthur Schiwon 8983c6dd6b commited a bit too much before 2012-06-04 13:27:55 +02:00
Thomas Tanghus d657263403 Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-04 13:13:53 +02:00
Thomas Tanghus 74ac2ac63a Contacts: When editing photo on a newly created contact the name in the contact list was cleared. 2012-06-04 13:13:43 +02:00
Arthur Schiwon b48228ae3d LDAP: link to documentation on settings page 2012-06-04 13:04:18 +02:00
Arthur Schiwon 34464b1f8b LDAP group backend: Set configured true when it is... fixe oc-887 2012-06-01 16:02:04 +02:00
Arthur Schiwon 86279bc192 LDAP group backend: If a group filter is not configured, do not do anything. Fixes oc-867 2012-06-01 14:05:08 +02:00
Frank Karlitschek e44f9ab46e correctly detect https 2012-06-01 11:47:14 +02:00
Frank Karlitschek 8ed13e627e don´t do warnings.
Not sure if this start_session call is really needed here.
2012-06-01 11:08:40 +02:00
Frank Karlitschek 670022cc8a fix the breadcrumb 2012-05-31 21:43:07 +02:00
Frank Karlitschek c3ccdbaa79 more fixes 2012-05-31 21:14:46 +02:00
Frank Karlitschek d56966f14f someone broke this completely. Hope it works again. Please check your apache error log and turn php notices on if you work on ajax call 2012-05-31 20:45:39 +02:00
Frank Karlitschek 739c5488a5 Merge branch 'stable4' of gitorious.org:owncloud/owncloud into stable4 2012-05-31 20:17:30 +02:00
Frank Karlitschek 5d425a9f79 use our own serverHost call so that ownCloud works with reverse proxy servers 2012-05-31 20:16:44 +02:00
Georg Ehrke 0059535140 fix potential XSS 2012-05-31 20:03:15 +02:00
Arthur Schiwon 7ec3e37199 LDAP: make queries compatible also with PostgreSQL 2012-05-31 13:06:27 +02:00
Arthur Schiwon 449b9b92f0 LDAP: fix wrong value for input type 2012-05-30 22:37:00 +02:00
Arthur Schiwon 93849916bb LDAP: support for 'member' as group-member-association 2012-05-30 22:36:48 +02:00
Frank Karlitschek 4dc7ed139b don´t hardcode /tmp 2012-05-30 14:18:47 +02:00
Thomas Tanghus 6515c5c1e7 Contacts: NOTE wasn't saved properly. 2012-05-29 16:45:52 +02:00
Georg Ehrke 1c1ed52867 fix status
of timezone detection
2012-05-29 13:14:36 +02:00
Brice Maron d1f0261b5d Correct typo in last_insert_id for calendar and pg fix #oc-731 2012-05-28 20:57:52 +00:00
Thomas Tanghus cf113409ad Contacts: Fix XSS. 2012-05-28 14:41:48 +02:00
Thomas Tanghus 53da328aa1 Contacts: Double check XSS. 2012-05-28 12:56:56 +02:00
Thomas Tanghus 8bd6d862b8 Please don't tell me I did that :-P 2012-05-28 12:52:18 +02:00
Georg Ehrke 5b7ef90d3a add urlencode for caldav link 2012-05-28 10:50:10 +02:00
Robin Appelman 3db5fb891c allow longer paths for gallery 2012-05-26 21:54:49 +02:00
Georg Ehrke 1645f77aad fix share for users with a point within their name 2012-05-26 15:41:32 +02:00
Brice Maron 2774ff1ad8 Add HEAD request management for files ajax/download.php 2012-05-25 11:19:38 +02:00
Michael Gapczynski d8ca4f78cf Fix private link sharing via email, fix for bug oc-750 2012-05-23 19:36:39 -04:00
Brice Maron 20e9903396 Correct small style problem with task app fix #oc-689 2012-05-23 22:36:36 +00:00
Frank Karlitschek 647888eea2 add a ldap encryption warning 2012-05-22 12:35:28 +02:00
Thomas Tanghus 54a3717005 Contacts: Backport XSS fix. 2012-05-21 21:49:35 +02:00
Frank Karlitschek d7c09d8bb5 add a warning 2012-05-20 10:59:37 +02:00
Michael Gapczynski 5a48ade933 Make sure sharing and versions dropdowns come down in the same location for all files 2012-05-19 11:24:23 -04:00
Georg Ehrke d4072c82dd some fixes for contacts, gallery and openid 2012-05-19 15:22:21 +02:00
Georg Ehrke 07fa8da278 fix for calendar 2012-05-19 15:05:58 +02:00
Frank Karlitschek 7e49a33d64 getStorage belongs to files not to apps. 2012-05-19 10:44:08 +02:00
Michael Gapczynski 35bd601215 Fix check for when to store a new version of a file 2012-05-18 22:27:43 -04:00
Michael Gapczynski f750da1802 Fix revert link on history page of file versions 2012-05-18 22:07:48 -04:00
Michael Gapczynski 89f5701d1a Fix versioning of shared files 2012-05-18 22:07:48 -04:00
Michael Gapczynski ea7456a06a Forgot to actually call remove on the history dropdown 2012-05-18 10:53:58 -04:00
Michael Gapczynski fcb4d2aaee Remove the history dropdown before creating a new one 2012-05-18 10:42:49 -04:00
Michael Gapczynski 122d1efecf Don't show the select form in the history dropdown if a file has no other versions 2012-05-18 10:39:43 -04:00
Arthur Schiwon c1bb8139a0 LDAP: we're 0.2 now 2012-05-18 18:00:30 +02:00
Arthur Schiwon bae954a797 LDAP: only check once for name conflicts on update. Set a value on install as well 2012-05-18 18:00:30 +02:00
Thomas Tanghus 7922338050 Contacts: Added MS opacity mumbo-jumbo that I can't test myself to file form fields. 2012-05-18 17:39:19 +02:00
Arthur Schiwon e606213fa0 make upload work with IE again 2012-05-18 17:07:00 +02:00