63a90a129b
Use proper RNG generator
...
OC_Util::generateRandomBytes() only returns lowercase alphanumeric values.
We should use the new RNG which has a broader characterset.
2014-09-03 17:46:48 +02:00
3c618a0252
Also setup the filesystem when matching routes
2014-09-02 16:15:42 +02:00
a9a37b5363
Don't automatically setup the filesystem the moment we load OC\Files\FileSystem
2014-09-02 16:15:42 +02:00
d0266c0bf8
Use public api for getting l10n
2014-08-31 10:08:22 +02:00
f687794a4a
be correct in deprecation documentation
2014-08-29 10:22:21 +02:00
f551917a3c
kill OC::$session
...
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession
restore order os OC::$session and OC::$CLI
remove unneded initialization of dummy session
write back session when $useCustomSession is true
log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
f82b788ba5
add moment.js
2014-08-26 17:39:15 +02:00
97b536e3df
Add a trusted domain wizard
...
Adds a little button to the trusted domain warning, if an admin clicks on the warning he will be redirected to ownCloud and asked whether he want to trust this domain.
By far not the cleanest code, or clean at all, but does the job and I don't see a reason to make a lot of changes for this little improvement.
2014-08-21 22:22:35 +02:00
52d5429768
Merge pull request #10522 from owncloud/removeLoadAppScript
...
Remove loadAppScriptFile
2014-08-21 19:59:31 +02:00
ea2a45f19d
Remove loadAppScriptFile
2014-08-19 15:16:49 +02:00
fdb203ff1e
Merge pull request #10409 from owncloud/iShallNotCopyStuffWithoutThinking
...
Add a copied_sample_config switch
2014-08-19 11:03:57 +02:00
c33d1cacd4
Add a copied_sample_config switch
...
Hopefully this will stop people from copying the sample config. I'm so annoyed by all those wrong bug reports...
Add some explanation about this switch
Move check to init
2014-08-19 09:57:03 +02:00
a822a31ce3
Merge pull request #10442 from owncloud/move-failed-logins
...
Move authentication failed logging to checkPassword
2014-08-15 16:50:28 +02:00
5bb4772858
Move authentication failed logging to checkPassword
...
Fixes https://github.com/owncloud/core/issues/10366
2014-08-15 12:13:00 +02:00
a4a897d26d
Remove ability to trigger DEBUG mode via cookie
...
Users should not be able to enable debug mode on their own by setting a cookie. Using debug mode might leak too much information about the environment or have other unexpected behaviour.
We should backport this.
2014-08-15 11:21:56 +02:00
fd798fd982
update deprecation docs
2014-08-14 12:22:34 +02:00
54491e8c68
Merge pull request #10323 from gekmihesg/master
...
Load authentication backends before tryBasicAuth
2014-08-13 16:08:48 +02:00
578a57f0fb
Load authentication backends before tryBasicAuth
2014-08-10 13:29:32 +02:00
f2e20757f6
Fix checking of NULL or empty OC::$THIRDPARTYROOT/OC::$THIRDPARTYWEBROOT
...
Fixes #10065
2014-07-30 23:24:55 +02:00
521934ee0d
Merge pull request #10029 from owncloud/fix-thirdparty
...
Fix silent crash if 3rdparty dir is not available
2014-07-30 18:34:55 +02:00
eb9bd200fa
Replace exit with return
2014-07-30 14:03:31 +02:00
31e7fdb9bf
Fix silent crash if 3rdparty dir is not available
2014-07-30 14:03:31 +02:00
a8fbc709ce
Add registerAutoloaderCache().
2014-07-29 11:18:40 +02:00
9be8ac5867
Memcache\Factory: Remove static, use globalPrefix.
2014-07-29 11:14:36 +02:00
da391b8932
InstanceId is properly injected into factory. Remove comment.
2014-07-29 11:03:10 +02:00
a3411e3719
Merge pull request #9641 from owncloud/localuser-addressbook
...
ownCloud users are exported as address book
2014-07-28 12:18:56 +02:00
ec7a10f882
reorder if statements to remove negation, indentation correction
2014-07-25 19:39:29 +02:00
176ecbd311
ownCloud users are exported as address book
2014-07-24 17:35:02 +02:00
2594fb80aa
don't silently exit in cli-mode in case ownCloud in not yet installed
2014-07-24 13:45:06 +02:00
1c16d012ab
Remove uneeded `strip_tags`
...
This `strip_tags` seems to be completely unneeded and will cause problems with passwords containing stripped characters. (e.g. `<` or `>`)
Needs https://github.com/owncloud/core/pull/9735 to be merged first.
2014-07-19 10:17:24 +02:00
bfd59bddf4
Extract Auth Header logic into new function handleAuthHeaders().
2014-07-19 02:21:18 +02:00
fafed17c60
Deduplicate user/password extraction from alternative HTTP headers.
2014-07-19 02:06:37 +02:00
5d3e1bc023
Only calculate the WEBROOT from scriptName if it contains $SUBURI
...
If not we are most likely in CLI mode. However to be able to still
generate valid URLs, we need to use the overwrite webroot instead.
Fix #9490
2014-07-07 15:08:46 +02:00
3c45925e74
fix hook names
2014-07-03 13:52:58 +02:00
ae68a773c0
more strings to translate in utils also some fixes in defaults
2014-06-28 13:29:24 +02:00
a120d6e9a3
Bring back loadApps() in base.php
...
loadApps() had been deleted by mistake in
799205488c
2014-06-24 17:37:58 +02:00
799205488c
Prevent loadApps on upgrade
...
Moved OC::needUpgrade() to OCP\Util::needUpgrade() to make it accessible
form the router.
Moved maintenance + upgrade check to the router.
2014-06-18 11:10:07 +02:00
d4bdcb7a9b
Merge pull request #9047 from owncloud/fix_preload_fundamental_apps
...
Load fundamental apps, before any possible customizing app may follow
2014-06-18 07:29:04 +02:00
f2fc214ce0
Add deprecation notice to load* functions
...
This functions are deprecated and/or removed since ownCloud 7. Additionally a issubdirectory check has been added here to prevent developers to use this function in a potentially insecure way.
Port of https://github.com/owncloud/core/pull/9033
2014-06-16 20:33:04 +02:00
7b704eeb5e
Load fundamental apps, before any possible customizing app may follow
2014-06-16 13:12:21 +02:00
63c5c7bd21
set logger before registrate to an error handler
2014-06-09 10:02:23 +02:00
289accc31b
Merge pull request #8159 from owncloud/mobile-sidebar-swipe
...
Mobile sidebar swipe
2014-06-06 11:27:04 +02:00
9e56acbdc9
add snap.js script
2014-06-05 11:52:17 +02:00
7c4abce373
Move authentication to it's own call
2014-06-05 11:45:45 +02:00
ac7fb1b23e
Remove legacy routing code
...
The getfile routing code was absolutely legacy and not needed anymore. Additionally \OC::$REQUESTEDAPP was never set to the actually accessed application.
This commit removes the legacy routing code and ensures that $REQUESTEDAPP is always set so that other applications (e.g. the firewall or a two-factor authentication) can intercept the currently accessed app.
Testplan:
[x] Installation works
[x] Login with DB works
[x] Logout works
[x] Login with alternate backend works (tested with user_webdavauth)
[x] Other apps are accessible
[x] Redirect on login works (e.g. index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fapps%3Finstalled)
[x] Personal settings are accessible
[x] Admin settings are accessible
[x] Sharing files works
[x] DAV works
[x] OC::$REQUESTEDAPP contains the requested application and can be intercepted by other applications
2014-06-05 11:45:45 +02:00
1c20c72efe
Merge pull request #8620 from owncloud/design-navigation-two
...
Toggle app navigation not only on mobile, but on desktop as well
2014-06-05 10:53:22 +02:00
95fda3c17c
Do not load apps when upgrade is needed
...
This prevents routes like "core/js/oc.js" to automatically load apps and
trigger their update prematurely.
2014-06-04 18:52:52 +02:00
35308f5b09
hide navigation by default, not only on small screens, first step
2014-06-04 14:29:46 +02:00
ade6ed3797
Merge pull request #8701 from owncloud/slide-up-toggle
...
Create reusable data attribute for apps setting slideup
2014-06-04 11:31:04 +02:00
a244172219
Merge pull request #8853 from owncloud/design-typeface
...
Use Open Sans as typeface
2014-06-04 11:16:03 +02:00
6b2b903ea6
Merge pull request #8468 from owncloud/remove-infieldlabels
...
Remove infieldlabels
2014-06-04 09:28:20 +02:00
3a1994d001
Merge pull request #8686 from owncloud/session-early
...
Make the session available as early as possible
2014-06-03 19:23:30 +02:00
80627dfd2c
use Open Sans as typeface
2014-06-03 19:07:08 +02:00
cea7d4961e
move to updated version of placeholder
2014-06-03 16:18:06 +02:00
7177d3a496
first step of infield label removal, fix login screen
2014-06-03 15:28:59 +02:00
3e14affa9b
Add some comments
2014-06-03 10:57:18 +02:00
4e957c7b18
Merge pull request #8443 from owncloud/csrf-on-login-and-logout
...
Add CSRF check on login and logout
2014-06-02 11:27:20 +02:00
705242d390
Merge pull request #8727 from owncloud/upgrade-overview
...
Added update overview page
2014-05-29 21:28:47 +02:00
ce9d5df6df
Merge pull request #8681 from owncloud/logintimestamp
...
Record login timestamp per user. Required for new user managament.
2014-05-28 19:06:47 +02:00
f03a3d9d05
remove legacy OC_Filesystem being used in a hook callback
2014-05-28 00:13:54 +02:00
02f682b156
Now showing disabled apps as upgrade status line
...
- Added app id in update overview.
- Added status message for disabled app for CLI upgrade and web upgrade
2014-05-27 15:20:33 +02:00
146583a98d
Added update overview page
2014-05-27 14:53:08 +02:00
c2330e558e
rename to apps.js
2014-05-26 17:31:41 +02:00
c03e7fcfa9
Clarify comment
2014-05-24 10:24:42 +02:00
db1511a11d
add a slideup mechanism
2014-05-23 18:49:16 +02:00
8b56d52398
Make the session available as early as possible
2014-05-23 13:27:27 +02:00
2c89962919
clean up tryRememberLogin and save the timestamp of users last login
2014-05-21 18:03:37 +02:00
954d5b27ff
use custom logfile path if defined, otherwise use default of owncloud.log in data directory
2014-05-20 11:29:59 -04:00
f8cb8f4803
Merge branch 'master' into csrf-on-login-and-logout
...
Conflicts:
core/templates/login.php
2014-05-19 20:40:55 +02:00
dc36d30953
Remove all occurences of @brief and @returns from PHPDoc
...
* test case added to avoid adding them later
2014-05-19 17:50:53 +02:00
04e6c12fe2
Merge pull request #8557 from owncloud/custom_session_handling
...
Allow apps to create custom session handlers.
2014-05-19 15:58:30 +02:00
bd3bf4b507
Change parameter order of implode
2014-05-13 19:08:14 +01:00
75bc25f906
Allow apps to create custom session handlers.
2014-05-12 11:08:28 -04:00
3cd32dcb7c
adding X-Robots-Tag to all responses of ownCloud + move addSecurityHeaders() to OC_Response, which seems to be a more reasonable place
2014-05-12 15:14:01 +02:00
fd5b2d11d6
Rename issubdirectory to isSubDirectory
2014-05-11 15:50:59 +02:00
e1e1009ccc
Redirect to index if the logout link is accessed without valid session
...
This is needed to prevent "Token expired" messages while login if a session is expired
@see https://github.com/owncloud/core/pull/8443#issuecomment-42425583
2014-05-11 13:09:46 +02:00
73b914ddbc
Add CSRF check on login and logout
...
This is a minor issue and not worth a backport in my opinion as it could break more things than it's worth having it.
2014-05-04 13:56:21 +02:00
906061a07b
Merge pull request #8171 from owncloud/fix-import
...
be nice and use a relative import so people can use the class without fi...
2014-05-02 22:43:19 +02:00
7c0340c63c
Merge pull request #7852 from josh4trunks/basic_auth_fix
...
Fixes login / logout when HTTP Basic Headers are avilable.
2014-04-28 21:46:52 +02:00
6935364b33
add class Pimple to autloader
2014-04-28 20:57:44 +02:00
1d9ac38da6
Remove an added t by the github webeditor
...
Notice to myself: Stick to my IDE.
2014-04-27 16:41:09 +02:00
7a8bfeae6e
Grammatical fixes
2014-04-27 16:31:04 +02:00
b6612ef04a
Clarify the trusted_domain error page
2014-04-26 23:11:29 +02:00
ff0dab6e92
This adds one more missing untranslated text from lib/share
...
Also displays the untrusted domain warning in English
2014-04-24 01:42:18 +02:00
e88731a477
Some more PHPDoc fixes
2014-04-21 15:44:54 +02:00
c123dc7de4
Fix typo
...
Thanks @DeepDiver1975
2014-04-14 10:15:31 +02:00
387d46cb98
Typo + Line breaks
2014-04-13 12:54:26 +02:00
df67a04385
Move security headers to base.php
...
Some headers were currently only added to the templates but not to other components (e.g. SabreDAV / JSON / etc...)
The migration to base.php ensures that the headers are served to all requests passing base.php
2014-04-13 11:51:03 +02:00
647abe512b
reduce code duplication, fix parse error, prevent page reload on hitting enter while changing the display name - refs #8085
2014-04-07 14:04:16 +02:00
5b402aa846
Fixed Typo
2014-04-03 22:12:57 -07:00
a266144750
Don't always $cookie_path, only set it when needed
2014-04-03 22:12:57 -07:00
d1106f1749
cookie would be useless if value is not set
2014-04-03 22:12:57 -07:00
63df8354da
Don't to set the cookie it wasn't needed.
2014-04-03 22:12:57 -07:00
4ddf5d92f2
Fixes login / logout when HTTP Basic Headers are avilable.
2014-04-03 22:12:57 -07:00
d0012e729a
Merge pull request #7879 from owncloud/sharing_cleanup_public_api
...
sharing api cleanup, first step
2014-03-28 12:23:11 +01:00
5fa8f7cf12
Merge pull request #7107 from owncloud/load-apps-proper-master
...
Load apps proper master
2014-03-28 10:33:55 +01:00
b602662578
add a "helper" and a "hooks" class. Move constants needed by multiple classes
...
to a "constants" class
2014-03-25 17:47:24 +01:00
4c8a83e82f
Merge pull request #7714 from owncloud/phpunit-config
...
Allow setting the config dir to use as enviroment variable for phpunit
2014-03-24 13:01:37 +01:00
96e6cb3db4
all authentication apps are loaded at first - everything else relies on these apps
2014-03-21 15:00:25 +01:00
6ff96b34ad
Merge branch 'master' into load-apps-proper-master
...
Conflicts:
apps/files/ajax/rawlist.php
cron.php
ocs/v1.php
2014-03-21 14:05:08 +01:00
36c0f08ec0
Merge pull request #7732 from owncloud/datafolderexistence
...
Added .ocdata file to check for data folder validity
2014-03-20 11:31:28 +01:00
756bbe8786
Merge pull request #7649 from owncloud/routing-public
...
Move routing classes to an interface and expose it in the public api
2014-03-17 21:07:05 +01:00
b619ff6076
Return 503 when a config/data dir error exists
2014-03-14 21:05:15 +01:00
a8eb7a5092
Allow setting the config dir to use as enviroment variable for phpunit
2014-03-13 13:33:09 +01:00
8048868bd7
use preDelete instead of postDelete hook
2014-03-13 03:14:42 +01:00
26793e1f94
switch OC::getRouter usages to OC::$server->getRouter
2014-03-10 14:06:47 +01:00
8ab7d18a6a
Move the router classes to a namespace and expose it with a public interface
2014-03-10 14:04:58 +01:00
ba3f5fe53a
Merge pull request #7583 from owncloud/trusteddomainerrorpage
...
[master] Show warning page when accessing server from an untrusted domain
2014-03-07 10:37:16 +01:00
421cff00bd
Show warning page when accessing server from an untrusted domain
...
Added early check for the requested domain host and show a warning
page if the domain is not trusted.
2014-03-06 11:51:08 +01:00
32b29c9d73
Merge branch 'master' into fix-7307
...
Conflicts:
core/js/router.js
settings/js/admin.js
2014-03-06 00:15:08 +01:00
1291303c5a
Replace OC.Router.generate() with OC.generateUrl()
2014-03-02 22:30:24 +01:00
da19109f40
Config to disable basic_auth username chacking
...
This can be confusing and/or annoying
2014-02-26 18:06:13 +01:00
7f05c23231
Merge pull request #3760 from IMM0rtalis/remove_logout_redirect_slash
...
- removed slash-adding for logout-header-redirect
2014-02-26 16:05:09 +01:00
27ad69eea5
Merge branch 'master' into no-css-js-delivery-via-php
2014-02-21 14:01:24 +01:00
fbea02bebb
kill $coreStyles and $coreScripts
2014-02-20 14:18:01 +01:00
bf22ed7bdb
kill old minimizer code
2014-02-20 13:10:56 +01:00
3e2c56157b
reduce width of searchbox on mobile, fix overlap, fix #7282
2014-02-20 11:33:46 +01:00
2a6a9a8cef
polish documentation based on scrutinizer patches
2014-02-06 17:02:21 +01:00
79fc4f3126
Within OC:init() the minimum set of apps is loaded - which is filesystem, authentication and logging
2014-02-06 11:34:27 +01:00
0db5fead8e
remove some more global variable $RUNTIME_NOAPPS
2014-02-06 10:04:18 +01:00
afbe50d09c
remove global variable $RUNTIME_NOAPPS - it's just superfluous
2014-02-06 09:44:13 +01:00
3c80071807
Merge pull request #4795 from owncloud/setup
...
Move core setup code to controller class
2014-02-04 06:04:21 -08:00
cf5277b558
also load error handler if debugging is enabled
2014-02-03 12:08:28 +01:00
bca725dc32
Merge branch 'master' into setup
...
Conflicts:
core/setup.php
2014-01-31 16:43:12 +01:00
0a1708ba11
Merge pull request #6912 from owncloud/replace-webroot-in-css
...
Remove %webroot% from CSS
2014-01-27 04:11:15 -08:00
9fa788c452
Merge pull request #6736 from owncloud/tests-jsunittests
...
Added Javascript unit tests
2014-01-23 12:43:05 -08:00
25e9b7a742
add icons.css file, first step to get rid of %webroot%
2014-01-23 12:55:39 +01:00
164915a3f8
Move test config folder to tests/config
2014-01-20 13:41:52 +01:00
6b4c3df087
Load a separate config (if present) when running unit tests
2014-01-17 14:40:48 +01:00
350214c609
Added Javascript unit tests
...
- added karma utility to run jasmine unit tests
- added Sinon library (for stubs/mocks/fakeserver)
- added a few unit tests for core and files
- added autotest-js.sh script
2014-01-16 17:12:29 +01:00
c3829dfa61
rename user-id to loginname to stay consistent
2014-01-09 10:29:21 +01:00
e0bd7e145c
Remove @ in order to get proper error handling
2014-01-07 16:24:05 +01:00
214aecac78
require composer's autoload.php if present
2014-01-05 21:49:08 +01:00
4c45c6f418
dont try to register background jobs if we haven't upgraded yet
2013-12-13 17:15:18 +01:00
f26ba5846d
coding style
2013-12-13 16:58:16 +01:00
dcfda5c2a9
coding style
2013-12-13 16:58:09 +01:00
91d6a6dd7c
On webdav sesssions, loginname was compared to username which does not need to match necessarily
2013-12-13 16:58:03 +01:00
df1a404466
Fix webroot for update page
...
On the update page, config.js was missing which caused oc_webroot to not
be available. That would trigger the faulty oc_webroot fallback that
didn't take URLs like "/owncloud/index.php/files/apps" into account.
This fix adds config.js in the update page and also a fix for the
oc_webroot fallback, in case it is used elsewhere.
2013-12-13 12:56:48 +01:00
9c4bbf9ad7
Revert "Revert "Fix user's displayName being overwritten by (old) cookie""
...
This reverts commit eba35d28cd
2013-12-05 20:53:11 +01:00
eba35d28cd
Revert "Fix user's displayName being overwritten by (old) cookie"
...
This reverts commit 2a7380cc21
2013-12-05 16:12:46 +01:00
2a7380cc21
Fix user's displayName being overwritten by (old) cookie
2013-12-05 14:18:32 +01:00
9fbccc83e3
merge master into single-user-mode
2013-11-25 21:25:04 +01:00
71c1327691
Add "single user mode" which restricts access to users in the admin group
...
This can be enabled by setting 'singleuser' to true in config.php
2013-11-25 15:08:24 +01:00
317d421874
provide more cli friendly error messages
2013-11-25 13:04:23 +01:00
4a2f9636cf
Merge pull request #5773 from owncloud/fix-2152-master
...
Make working en_US.UTF-8 locale a hard requirement
2013-11-21 08:03:21 -08:00
49cd5dad24
add trash bin and file versions delete hooks in OC::registerPreviewHooks
2013-11-12 14:08:55 +01:00
a6d8854d2a
Make working en_US.UTF-8 locale a hard requirement
2013-11-08 14:30:08 +01:00
4f24d4ba01
display the exception instead of meaningless message
2013-11-04 21:55:55 +01:00
eb3c5070c0
replace template function link_to_docs() with \OC_Helper::linkToDocs()
2013-11-02 19:11:46 +01:00
06b42f9788
Merge pull request #5443 from owncloud/fix-autoloader-caching
...
Remove Autoloader Cache Hack. Do not use Cache on Install.
2013-11-01 05:35:34 -07:00
Lukas Reschke
Robin Appelman
Jörn Friedrich Dreyer
Georg Ehrke
blizzz
gekmihesg
marc0s
Morris Jobke
Victor Dubiniuk
Andreas Fischer
Thomas Müller
Lukas Reschke
Joas Schilling
Bjoern Schiessle
Volkan Gezer
Vincent Petry
Jan-Christoph Borchardt
Bernhard Posselt
Morris Jobke
Bernhard Posselt
scolebrook
Robin McCorkell
ringmaster
josh4trunks
icewind1991
kondou
Bart Visscher
Nico Kaiser