Thomas Müller
b2dd5cb616
save excluded groups in json format - fixes #10983
2015-10-01 15:37:55 +02:00
Thomas Müller
68bf4440d3
Merge pull request #19293 from owncloud/individual-it-move_initTemplate
...
[jenkins] do not load unnecessary code in case of webdav
2015-09-25 13:49:51 +02:00
Individual IT Services
db84791bb0
Todo for myself to eliminate double code
...
This will be in a new PR
2015-09-25 15:43:12 +05:45
Individual IT Services
2e42f99d00
add $prepend option to addStyle() & addVendorStyle()
2015-09-25 15:41:55 +05:45
Individual IT Services
bf1cb20e90
do not load unnecessary code in case of webdav
...
changing from "protected static" to "protected"
as suggested by @nickvergessen
https://github.com/owncloud/core/pull/19114#discussion_r39719851
moving initTemplate() into template constr.
reduce to move initTemplate only
cleanup spaces
2015-09-23 11:57:10 +02:00
Martin
491250320a
Replaces if ($file === '.' || $file === '..') by if(\OC\Files\Filesystem::isIgnoredDir($file)). Eases to find where this operation is used.
2015-09-22 17:53:15 +02:00
Morris Jobke
c4c9c5ffad
Merge pull request #18684 from owncloud/explicit-upgrade-version
...
Explicit upgrade version + prevent downgrades
2015-09-09 11:08:55 +02:00
Lukas Reschke
a03422c55a
Cache generated result
...
Saves 50ms
2015-09-08 21:28:15 +02:00
Bjoern Schiessle
37513f9411
don't read certificates if ownCloud is not installed
2015-08-30 19:00:03 +02:00
Vincent Petry
d5b0b55eef
Throw exception on downgrade attempt
2015-08-30 18:07:22 +02:00
Lukas Reschke
8313a3fcb3
Add mitigation against BREACH
...
While BREACH requires the following three factors to be effectively exploitable we should add another mitigation:
1. Application must support HTTP compression
2. Response most reflect user-controlled input
3. Response should contain sensitive data
Especially part 2 is with ownCloud not really given since user-input is usually only echoed if a CSRF token has been passed.
To reduce the risk even further it is however sensible to encrypt the CSRF token with a shared secret. Since this will change on every request an attack such as BREACH is not feasible anymore against the CSRF token at least.
2015-08-14 01:31:32 +02:00
Vincent Petry
b3a1aef934
Merge pull request #13641 from owncloud/cache-storage-status
...
Store storage availability in database
2015-08-07 17:31:03 +02:00
Thomas Müller
c3cac887f5
- more injection
...
- less static calls
- use params on sql queries
- handle sql exception on database and user creation gracefully
2015-07-30 00:04:30 +02:00
Andreas Böhler
3a0d42ecf3
Add hook 'pre_displayLoginPage'
2015-07-28 13:00:18 +02:00
Andreas Böhler
3645308d0b
Add possibility for alternative logins to force redirection of login page
2015-07-28 10:31:49 +02:00
Robin McCorkell
df19cabb44
Store storage availability in database
...
Storage status is saved in the database. Failed storages are rechecked every
10 minutes, while working storages are rechecked every request.
Using the files_external app will recheck all external storages when the
settings page is viewed, or whenever an external storage is saved.
2015-07-20 16:27:26 +01:00
Morris Jobke
d52e197b0d
Merge pull request #16965 from owncloud/getUserFolder-in-IRootFolder
...
Add getUserFolder to IRootFolder
2015-07-09 14:29:47 +02:00
Thomas Müller
1385b1ec48
Remove OC_Appconfig
2015-07-03 18:00:16 +02:00
Thomas Müller
d3ac73c0c9
Remove OC_Log
2015-07-03 18:00:16 +02:00
Vincent Petry
cc373ab89a
Merge pull request #15470 from rullzer/files_sharing_getUrlContent
...
Move away from private static function OC_Util::getUrlContent
2015-07-03 17:47:46 +02:00
Morris Jobke
3e97ca3b96
Add getUserFolder to IRootFolder
...
* untangle DI of user specific folders
* allows to autodetect the dependency
2015-07-03 11:11:58 +02:00
Morris Jobke
f63915d0c8
update license headers and authors
2015-06-25 14:13:49 +02:00
Victor Dubiniuk
4239054383
Add type hint for OC_Channel
2015-05-27 18:03:11 +03:00
Thomas Müller
3babcd0344
Merge pull request #16339 from owncloud/master-override-channel
...
Allow change update channel via public API
2015-05-26 11:42:41 +02:00
Vincent Petry
7386257676
Merge pull request #16075 from owncloud/skeleton-copy-delay
...
wait with copying the skeleton untill login and setupfs are done
2015-05-20 13:52:08 +02:00
Christian Hoffmann
35207ae363
Clean-up of orthography, grammar
...
* Changed "instead to" to "instead of".
* Changed "setup" to "set up" (past participle).
2015-05-19 21:15:22 +02:00
Robin Appelman
077d41a9ce
wait with copying the skeleton untill login and setupfs are done
2015-05-18 12:11:31 +02:00
Roeland Jago Douma
9866066d3e
Depreatace OC_Util::getUrlContent
...
It is just a wrapper and the other functions are deprecated already
2015-05-18 11:03:48 +02:00
Victor Dubiniuk
af814ba270
Allow change update channel via public API
2015-05-13 20:29:33 +03:00
Lukas Reschke
cbfdbf96d2
Mute XCache error when trying to clear the opcode cache
...
From https://github.com/owncloud/core/issues/16287 :
> This is caused by XCache at 8e59d4c64b/lib/private/util.php (L1276)
where we are trying to reset the opcode cache with `XC_TYPE_PHP`.
> I suspect that while XCache is installed its opcode component is not used. Unfortunately, the XCache API is not really properly documented and thus I don't know what API we would have to call to check whether the `XC_TYPE_PHP` cache is populated. In fact, there is an [open XCache bug](http://xcache.lighttpd.net/ticket/176 ) since 7 years that discusses this problem and is likely to never get fixed since XCache is abandonware.
Fixes https://github.com/owncloud/core/issues/16287
2015-05-12 19:22:39 +02:00
Lukas Reschke
11310355ed
Don't depend on always_populate_raw_post_data
2015-05-05 12:36:15 +02:00
Lukas Reschke
7c5558327d
Check `mbstring.func_overload` only if the mb module is installed.
...
Fixes https://github.com/owncloud/core/issues/14670
2015-05-04 17:13:25 +02:00
Lukas Reschke
64393b4c03
Remove PHP 5.4 warning in checkSetup
...
This is catched in index.php as older PHP versions will never execute the code path until there due to 5.4 syntax changes.
2015-05-04 17:11:17 +02:00
Lukas Reschke
4b9e034968
Remove hard-dependency on disabled output_buffering
...
This removes the hard-dependency on output buffering as requested at https://github.com/owncloud/core/issues/16013 since a lot of distributions such as Debian and Ubuntu decided to use `4096` instead of the PHP recommended and documented default value of `off`.
However, we still should encourage disabling this setting for improved performance and reliability thus the setting switches in `.user.ini` and `.htaccess` are remaining there. It is very likely that we in other cases also should disable the output buffering but aren't doing it everywhere and thus causing memory problems.
Fixes https://github.com/owncloud/core/issues/16013
2015-05-04 14:15:15 +02:00
Lukas Reschke
0abce86b31
Disallow Windows Server in Server Check
...
Will prevent users from use ownCloud on Windows Server 🙈
2015-04-09 15:56:37 +02:00
Thomas Müller
bf809ac85a
Removing left overs from old encryption app
2015-04-07 13:30:29 +02:00
Robin Appelman
f585994c4b
setup mount manager before wrappers
2015-04-02 13:28:36 +02:00
Robin Appelman
3cb53b7756
setup storage wrappers before setting up the filesystem
2015-04-01 17:12:06 +02:00
Lukas Reschke
65202d2a18
Add check for activated local memcache
...
Also used the opportunity to refactor it into an AppFramework controller so that we can unit test it.
Fixes https://github.com/owncloud/core/issues/14956
2015-03-28 13:59:22 +01:00
Robin McCorkell
1511a42da7
Check for relative datadirectory path
2015-03-27 23:29:46 +00:00
Jenkins for ownCloud
b585d87d9d
Update license headers
2015-03-26 11:44:36 +01:00
Lukas Reschke
5f044ebf1b
Add wrapper for Guzzle
2015-03-25 16:04:41 +01:00
Robin Appelman
73874ca27f
Merge pull request #14704 from owncloud/storage-wrapper-mount
...
pass mountpoint to storage wrapper callback
2015-03-19 16:20:38 +01:00
Robin Appelman
8f9ddef435
kill fileoperations proxy
...
check is now handled by storage backends
2015-03-18 15:04:28 +01:00
Lukas Reschke
00f5025ff1
Add cURL as hard-dependency
...
It is required by other functionalities such as S2S anyways and ownCloud will fail hard at a lot of places without it.
2015-03-12 18:39:54 +01:00
Robin Appelman
7adda88786
Copy mount options to the storage
2015-03-11 15:06:48 +01:00
Thomas Müller
6c1a1234f8
Properly handle available databases at runtime and respect setup checks in command line as well
2015-03-11 09:27:12 +01:00
Thomas Müller
81fa9550a0
No need to restart the web server in cli mode
2015-03-11 09:27:12 +01:00
Lukas Reschke
6dc59019af
Merge pull request #14346 from owncloud/storage-based-path-validation
...
adding storage specific filename verification
2015-03-10 11:02:47 +01:00
Thomas Müller
e28d314b53
deprecate isValidFileName()
2015-03-09 10:38:38 +01:00
Morris Jobke
d550143ba0
proper filename for "require version.php"
2015-03-09 08:03:28 +01:00
Joas Schilling
ed4c05c7b5
Use findLanguage() instead of creating the object first
2015-03-03 16:47:31 +01:00
Lukas Reschke
4100610390
Disable some server checks when running on HHVM
...
Ref https://github.com/owncloud/core/issues/10837#issuecomment-76516839
2015-02-28 10:08:41 +01:00
Lukas Reschke
b58455241b
Add notice about Travis Checks
...
Maybe it helps in the future so we won't forget it again 🙈
2015-02-27 10:23:20 +01:00
Thomas Müller
f72f9e0159
Merge pull request #14530 from owncloud/revert-14403
...
Revert "Updating license headers"
2015-02-27 00:39:29 -08:00
Morris Jobke
18d43f7469
Merge pull request #14474 from owncloud/move-utf-8-check-to-setup
...
Move UTF-8 check to setup
2015-02-26 16:00:31 +01:00
Morris Jobke
06aef4e8b1
Revert "Updating license headers"
...
This reverts commit 6a1a4880f0
.
2015-02-26 11:37:37 +01:00
Lukas Reschke
de44a2b2ab
Remove unused and deprecated Code
...
Function is not used anymore anywhere in the code base: https://github.com/search?q=user%3Aowncloud+secureRNGAvailable&type=Code&utf8=%E2%9C%93
2015-02-25 12:11:14 +01:00
Lukas Reschke
06cf93e6ee
Move UTF-8 check to setup
...
Nobody reads the warnings anyways and so we should enforce it at installation time... Also allows us to get rid of some duplicated code.
To test change the `default_charset` to something other than `utf-8` or `UTF-8`, both should work fine with that change here. An error should then get shown.
We already set those default charsets in the shipped .user.ini and .htaccess
2015-02-24 23:51:36 +01:00
Thomas Müller
1fd1b355e4
Fix namespace of OC_Setup -> \OC\Setup
2015-02-23 16:44:40 +01:00
Vincent Petry
4290e1990e
Merge pull request #13829 from owncloud/appmanager-list
...
Better caching for enabled apps
2015-02-23 16:03:32 +01:00
Thomas Müller
df3c73de72
Merge pull request #14403 from owncloud/update-license-headers
...
Update license headers
2015-02-23 13:53:16 +01:00
Jenkins for ownCloud
6a1a4880f0
Updating license headers
2015-02-23 12:13:59 +01:00
Lukas Reschke
43641d917b
Use "off" and "off" instead of true booleans
...
Apparently a boolean in php.ini is according to the documentation "on" or "off"…
Fixes itself.
2015-02-23 09:40:15 +01:00
Lukas Reschke
2f0f38761d
Add helper to check for `ini` values in `OC_Util::checkServer`
...
This allows to check for specific values in the PHP.ini that ownCloud requires for full compatibility.
`mbstring.func_overload`: https://github.com/owncloud/core/issues/14372
`output_buffering`: http://doc.owncloud.org/server/8.0/admin_manual/configuration/big_file_upload_configuration.html#configuring-php
Fixes https://github.com/owncloud/core/issues/14372 and https://github.com/owncloud/core/issues/14412
2015-02-21 12:12:34 +01:00
Robin Appelman
5542fafd36
allow overwriting the appmanager in oc_util by subclassing
2015-02-18 14:24:50 +01:00
Lukas Reschke
886bda5f81
Refactor OC_Request into TrustedDomainHelper and IRequest
...
This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.
This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.
Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.
Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969
2015-02-16 22:13:00 +01:00
Thomas Müller
fc7f279d90
catch any whitespaces which might get written to the output buffer while loading a theme
2015-02-12 16:42:17 +01:00
Yann VERRY
1fcea6f1bd
in some case charset can be in lower case.
...
Add strtoupper() in UTF-8 check to avoid error message
2015-02-11 11:59:33 +01:00
Morris Jobke
11283c57d9
Merge pull request #11056 from AdamWill/9885-opcode
...
add function to invalidate one opcache file, use it if possible #9885
2015-02-10 17:21:15 +01:00
Lukas Reschke
2bd1c17345
Don't encode url unecessary twice
...
The URL was previously encoded twice which leads to getting redirected to a 404 page when the password has been entered incorrect at least once.
Testplan:
- [ ] Opening `http://localhost/core/index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fadmin ` redirects to the admin page when providing the correct credentials
- [ ] Opening `http://localhost/core/index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fadmin ` redirects to the admin page when providing the invalid credentials and then providing valid ones.
- [ ] Logging in as admin then going to the admin page and clearing the cookies and refreshing will show the login and when repeating the above test steps you're redirected correctly.
Fixes https://github.com/owncloud/core/issues/9804
2015-02-02 15:09:59 +01:00
Lukas Reschke
30a5758a95
Don't check for `always_populate_raw_post_data` on HHVM
...
HHVM seems to have problems with this at the moment (even setting those values in the php.ini of HHVM doesn't have helped much) and thus the unit test execution failed.
So it's better if we disable this check for now for HHVM.
2015-01-23 13:54:34 +01:00
Morris Jobke
7e4afa3f25
Merge pull request #13593 from owncloud/add-check-for-raw-post-data
...
Add check for `HTTP_RAW_POST_DATA` setting for >= 5.6
2015-01-22 23:59:52 +01:00
Morris Jobke
254a1fa12a
Merge pull request #13314 from owncloud/login-hook-logout
...
Return false if the login is canceled in a hook
2015-01-22 23:34:19 +01:00
Morris Jobke
55c28608c9
translate error messages
2015-01-22 14:52:47 +01:00
Robin Appelman
8a9acc5083
Allow custom error messages for the login page
2015-01-22 14:13:02 +01:00
Lukas Reschke
bb80cf4eca
Add check for `HTTP_RAW_POST_DATA` setting for >= 5.6
...
PHP 5.6 otherwise throws notices for perfectly valid code which results in broken endpoints.
Fixes https://github.com/owncloud/core/issues/13592
2015-01-22 13:50:38 +01:00
Bernhard Posselt
6737dd111d
ignore core
2015-01-14 15:27:37 +01:00
Bernhard Posselt
4ec4914bb4
move check into addTranslation method
2015-01-14 14:57:56 +01:00
Bernhard Posselt
1cce1f0e6b
dont load core scritps
2015-01-14 14:43:11 +01:00
Bernhard Posselt
d6f1ff7993
only load translsations for apps
2015-01-14 13:48:21 +01:00
Bernhard Posselt
8cb60b2366
make translation lookup faster (O(n) -> O(1))
2015-01-14 13:39:29 +01:00
Bernhard Posselt
717e3acd9b
autoload app's js translations
2015-01-14 13:34:52 +01:00
Bjoern Schiessle
89f17ef6fe
adapt decrypt all and restore/delete key backups to the new folder structure for encryption key introduced with OC8
2015-01-13 12:45:33 +01:00
Lukas Reschke
e80ece9a2b
Verify whether value is already normalized
...
Apparently `normalizer_normalize` is not verifying itself whether the string needs to be converted or not. Or does it at least not very performantly.
This simple change leads to a 4% performance gain on the processing of normalizeUnicode. Since this method is called quite often (i.e. for every file path) this has actually a measurable impact. For examples searches are now 200ms faster on my machine. Still not perfect but way to go.
Part of https://github.com/owncloud/core/issues/13221
2015-01-10 12:12:40 +01:00
Thomas Müller
296a852063
check for working htaccess will result in a dead lock because the server is blocking the request to itself - fixes #13153
2015-01-08 09:13:18 +01:00
Thomas Müller
aec79b0c0e
Merge pull request #13043 from owncloud/check-for-hash
...
Check for hash
2014-12-28 14:12:57 +01:00
Lukas Reschke
222e4a0762
Check for hash
...
See https://github.com/owncloud/core/pull/13042
2014-12-28 13:23:34 +01:00
Frank Karlitschek
4a40e5699c
remove Edition
2014-12-25 11:36:41 +01:00
Frank Karlitschek
3dea2b95c6
Automatically detect the edition based on the enterprise_key app.
2014-12-25 09:48:15 +01:00
Thomas Müller
775f6a1354
make sure styles and scripts are only loaded once
2014-12-16 18:26:43 +01:00
Joas Schilling
4d232e536e
Deprecate Util::formatDate()
...
Make DateTimeFormatter a service and adjust tests that have been inaccurate
2014-12-10 11:58:56 +01:00
Lukas Reschke
ddcf2b84ec
Remove checks for safe mode and magic quotes
...
Both are removed from 5.4.0
Safe Mode: http://php.net/manual/en/features.safe-mode.php
> This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.
Magic Quotes: http://php.net/manual/en/security.magicquotes.php
> This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.
2014-12-05 19:14:47 +01:00
Lukas Reschke
1b0bc2e099
PHP 5.4 is now required for master
...
🍻
2014-12-04 10:46:38 +01:00
Joas Schilling
2c39aec8cb
Replace deprecated constant with new class constant
2014-11-25 16:30:21 +01:00
Lukas Reschke
9a1673c79d
Check for XMLWriter class
...
This is not installed by default in all cases and will break the DAV features of ownCloud. Lot's of reports such as https://github.com/owncloud/ios-issues/issues/167#issuecomment-63798507
2014-11-20 13:13:14 +01:00
Adam Williamson
8b2b0aae31
deleteFromOpcodeCache: make parameter mandatory, document parameter
...
Both pointed out in submission review by @bantu, thanks.
2014-11-06 18:05:20 -08:00
Adam Williamson
3b4823d89c
add function to invalidate one opcache file, use it if possible #9885
...
Issue #9885 appears to be triggered by ownCloud invalidating the entire
PHP opcache. Testing indicates it can be avoided by only invalidating the
single file that was written from the opcache, instead of clearing the
whole thing. In general it is more efficient to invalidate only the single
file that was changed, rather than the whole cache.
This adds a deleteFromOpcodeCache() function which invalidates a single
file from the opcache if possible, returning true if the underlying
function returns true (which may mean 'success', or 'file does not exist',
or 'file exists but is not in opcache', all of which are OK to treat as
good for our purposes). It also changes writeData() in config.php to try
using deleteFromOpcodeCache() and only fall back on clearOpcodeCache() if
that fails.
2014-11-06 17:58:58 -08:00
Morris Jobke
d763b32048
ability to add bower resources
...
* add addVendorScript & addVendorStyle
* refactoring of addScript and addStyle
* add shortcuts vendorScript and vendorStyle
2014-11-03 20:54:40 +01:00
Vincent Petry
bed81ea854
Merge pull request #11080 from owncloud/addheader-text-2
...
Fix the addHeader tag attributes text methods to not ignore the text parameter
2014-10-30 18:13:46 +01:00