Commit Graph

2094 Commits

Author SHA1 Message Date
Lukas Reschke 38f8734014 Show a warning in the installer if no secure RNG is available 2012-10-14 17:21:52 +02:00
Lukas Reschke a10564e214 Fallback to /dev/random if openssl_random_pseudo_bytes not available 2012-10-14 16:15:54 +02:00
Robin Appelman e65ea6a8b7 don't increase the size of the users home folder twice 2012-10-13 14:32:58 +02:00
Lukas Reschke b5403de5e5 Fix the require path 2012-10-13 01:13:06 +02:00
Björn Schießle a0ac64cbd6 remove unneeded variable 2012-10-12 17:40:57 +02:00
Björn Schießle b03b6dfb99 check if directory already exist before executing mkdir 2012-10-12 17:40:45 +02:00
Björn Schießle c11f9833ac fix bug #1977: remove etags from database after version rollback so that the client can detect the changes 2012-10-12 17:39:56 +02:00
Björn Schießle 822b323f8e add *.ai files to the mimetypes list 2012-10-11 16:15:05 +02:00
Björn Schießle e23b06ec8c extract the right parent directory from the path
add parent directory to the file cache if it does not exist yet.
2012-10-11 10:21:23 +02:00
Lukas Reschke 4f8b8a8a59 Correct indentation 2012-10-10 19:11:09 +02:00
Lukas Reschke c06d71e662 Send a HSTS HTTP header to enforce SSL 2012-10-10 18:56:29 +02:00
Frank Karlitschek 8e0676a66b 4.5 final 2012-10-09 16:02:01 +02:00
Björn Schießle 2bd4035076 $CONFIG_DBTYPE was never assigned but used in this function 2012-10-09 11:17:10 +02:00
Björn Schießle 003241e847 fix for bug #1942: Allow user to share with every group if "allow users to share with anyone" is set 2012-10-09 10:36:24 +02:00
Frank Karlitschek 67a4aa7cf0 RC 3 2012-10-08 23:58:17 +02:00
Robin Appelman 035d83fe91 don't use the workaround for shared files on the /Shared folder 2012-10-08 23:37:50 +02:00
Michael Gapczynski 025d308929 Actually fix shared webdav access 2012-10-08 17:21:52 -04:00
Michael Gapczynski 33d1906f23 Fix getting file info for subfolders in shared folders 2012-10-08 16:05:57 -04:00
Jörn Friedrich Dreyer dc116b994d reenable hack to use CURRENT_TIMESTAMP for postgresql when creating the database, fixes oc-1852
TODO for OC5: use CURRENT_TIMESTAMP for all databases. mysql supports it as a default for DATETIME since 5.6.5 [1]
as a fallback we could use <default>0000-01-01 00:00:00</default> everywhere
[1] http://bugs.mysql.com/bug.php?id=27645
http://dev.mysql.com/doc/refman/5.0/en/timestamp-initialization.html
http://www.postgresql.org/docs/8.1/static/functions-datetime.html
http://www.sqlite.org/lang_createtable.html
http://docs.oracle.com/cd/B19306_01/server.102/b14200/functions037.htm
2012-10-08 17:24:15 +02:00
Frank Karlitschek b296328c61 put all the calls into one function and use tabs instead of spaces. Thanks to danimo for bugging me :-) 2012-10-08 15:58:50 +02:00
Frank Karlitschek c701bed2e3 fix a lot of small layout bugs and make the apps page overall prettier plus add ratings finally 2012-10-08 15:49:48 +02:00
Arthur Schiwon 3affeb5bd7 destroy invalid sessions 2012-10-08 13:36:11 +02:00
Björn Schießle 8357754ff1 added "uid_owner" to select statement 2012-10-08 13:22:08 +02:00
Frank Karlitschek e9f04bedd4 add a sane socket timeout so that the interface stays responsive with a slow or not working internet connection 2012-10-08 12:00:29 +02:00
Frank Karlitschek b7a5cc2fda use socket timeout of 10 sec to stay responsive even with a slow internet connection or a not working server 2012-10-08 11:53:00 +02:00
Michael Gapczynski 5f462ec6f7 Fix - "Correct checking item source for share from same owner when generating item target" 2012-10-06 18:13:11 -04:00
Frank Karlitschek 5eaf95eedd check for SimpleXML which seems to bw non default on Free BSD 2012-10-06 17:37:38 +02:00
Robin Appelman 5d196f14db set folder size to 0 when scanning the filesystem 2012-10-05 22:35:51 +02:00
Jörn Friedrich Dreyer ee6d96b7a8 really fix checkstyle on archive tar 2012-10-05 12:54:18 +02:00
Jörn Friedrich Dreyer b5f11195af fix checkstyle on archive zip/tar 2012-10-05 12:42:11 +02:00
Jörn Friedrich Dreyer 00b34a09ea cache tar archive headers 2012-10-05 12:29:36 +02:00
Björn Schießle f493e97f5d always generate access token, also for forms shown to anonymous users (e.g. public shares) 2012-10-05 10:32:38 +02:00
Jenkins for ownCloud 5c042d88ad [tx-robot] updated from transifex 2012-10-04 02:07:35 +02:00
Frank Karlitschek 2d86258fc3 RC2 2012-10-03 12:39:48 +02:00
Michael Gapczynski 68c8faf39c Correct checking item source for share from same owner when generating item target 2012-10-02 16:37:39 -04:00
Björn Schießle 431d92e7b2 we are sharing the same file again if item_source of the already shared file and the newly shared file is the same. Therefore we can use the same target name 2012-10-02 21:37:10 +02:00
Björn Schießle db954f5aba remove unnecessary code and add missing items to select statement 2012-10-02 18:59:20 +02:00
Björn Schießle 3e3038cafc merge all possible conflicts into on array 2012-10-02 13:10:46 +02:00
Frank Karlitschek 3fdebaa5dc automatically remove and prevent installation of apps with a require version less than the current one. We check now the first ad second part of the version number.
Also increase the require tags of the core apps to 4.9 Please note that 4.9 is the internal versionnumber of the upcoming 4.5 release.
You have to pu a <require>4.9</require> into the info.xml of your app to make it as compatible with 4.5
2012-10-02 12:10:45 +02:00
Arthur Schiwon 783c02eda9 fix create folder and upload file issue on win, fixes oc-1747, solution follows suggestion from bug tracker 2012-10-02 11:45:47 +02:00
Björn Schießle c6c0fcc7c8 We can't rely on the assumption that if the matching target is from the same owner that the share type will be different.
Files in different folders can have the same name. Therefore also a unique name has to be generated if the matching
target it from the same user. Also for folders and files with the same name a unique target name has to be generated

If matching target is from the same owner, use the same target. The share type will be different so this isn't the sa
2012-10-02 11:41:26 +02:00
Arthur Schiwon 68fa2b10da Search: fix Notice and thus broken search with activiated error reporting 2012-10-01 19:11:26 +02:00
Robin Appelman 91d12a2f3d update the filecache by setting mtimes to 0 when the mount configuration has changed instead of clearing the cache 2012-09-30 16:12:16 +02:00
Robin Appelman 113c339c41 fix updating the filecache for when contents of a folder has changed 2012-09-30 16:11:01 +02:00
Robin Appelman 258782584e fix mimetype detection using the 'file' command in some edge cases 2012-09-30 03:58:58 +02:00
Robin Appelman f8eebcbb01 reload the current url when login in instead of always redirecting to the default app (oc-1873) 2012-09-30 03:47:37 +02:00
Lukas Reschke e8afb3d312 Fix a typo 2012-09-30 00:08:20 +03:00
Lukas Reschke ef57e9294b Fallback for systems without openssl 2012-09-29 16:44:02 +02:00
Lukas Reschke 992c2c9d4b mt_rand() is not secure from a cryptographic point of view, let's use openssl_random_pseudo_bytes() here 2012-09-29 15:41:13 +02:00
Lukas Reschke 578aa4e425 Removed sectoken
This token is completly useless since an attacker can easily extract it
from the page.
2012-09-29 15:18:38 +02:00
Lukas Reschke bd804b74c4 mt_rand() is not secure from a security point of view and predictable. Let's use openssl_random_pseudo_bytes() instead.
Before: 26 bits entropy
After: 72 bits entropy
2012-09-29 15:03:09 +02:00
Jenkins for ownCloud dc66e94ee3 [tx-robot] updated from transifex 2012-09-29 02:04:55 +02:00
Bart Visscher 22d22d19c0 Do urlencoding in linkTo functions 2012-09-28 22:27:52 +02:00
Bart Visscher fed34aecfa Fix syntax error in removeETagHook 2012-09-28 21:30:06 +02:00
Bart Visscher 24bb7d16b7 urlencode filename in search result, fixes problems with & in name 2012-09-28 21:18:20 +02:00
Bart Visscher 366ae6661d Simplify generating file search results 2012-09-28 21:18:20 +02:00
Lukas Reschke cfc9839812 Merge pull request #19 from arkascha/master
Reimplementation of CSRF protection strategy
2012-09-28 10:54:11 -07:00
Christian Reiner 71454b1bca Fix to preserve backward compatibility for apps creating static links containing the request token (currently the contacts app and maybe some 3rd party implementations) 2012-09-28 18:57:20 +02:00
Björn Schießle 35357f3afb etag has to be removed after version rollback to enable the sync client to detect the changes (bug #1829) 2012-09-28 18:50:36 +02:00
Björn Schießle f8f73e2675 move back to "lastmodified" property since "getlastmodified" is protected by webdav 2012-09-28 18:50:36 +02:00
Christian Reiner 4dbd4c35c5 Merge branch 'master' of git://github.com/owncloud/core 2012-09-28 13:31:01 +02:00
Christian Reiner 743826bbf3 Reimplementation of CSRF protection including autorefresh 2012-09-28 13:30:44 +02:00
Jenkins for ownCloud 5144d26088 [tx-robot] updated from transifex 2012-09-28 02:06:03 +02:00
Robin Appelman e8df2eeefc some more sane column sizes for appconfig and preferences 2012-09-27 22:49:01 +02:00
Frank Karlitschek cf14ad2f7d RC 1 2012-09-27 04:10:19 +02:00
Björn Schießle a7292e897a The mtime in the file cache has to be updated after version rollback (copy from outside of the regular files root) (fixes bug #1720) 2012-09-26 17:03:54 +02:00
Björn Schießle 50d7cfbbe7 prepare server for move of property name "lastmodified" to "getlastmodified" according to RFC4918.
Depreciated const can be removed after sync client update and release
2012-09-26 13:06:43 +02:00
Björn Schießle fcd70246db Merge branch 'master' of github.com:owncloud/core 2012-09-26 10:50:06 +02:00
Björn Schießle c3c6e52104 - take webdav namespace for properties into account
- change update routine to add the namesapce to all stored properties
2012-09-26 10:48:30 +02:00
Michael Gapczynski b4e40b1c21 Fix unsetting share expiration date 2012-09-26 00:09:35 -04:00
Michael Gapczynski f967bfc956 Properly format the share expiration time for the database, fixes bug oc-1779 2012-09-25 23:54:46 -04:00
Bart Visscher 737a6730db Add OC_Files::searchByMime function
Include shared files in result
2012-09-25 21:15:01 +02:00
Lukas Reschke c4fc291fa7 Passwords containing a ":" don't work with this explode
Thanks to mETz
2012-09-25 19:57:40 +02:00
Arthur Schiwon a8ff1505d6 backwards compat to older xcache versions, don't fail when trying to clear cache by prefix 2012-09-25 11:47:53 +02:00
Jenkins for ownCloud e5487376da [tx-robot] updated from transifex 2012-09-25 02:05:18 +02:00
Bart Visscher a80e0403a1 Fix getting individual shared file information 2012-09-24 21:12:32 +02:00
Jörn Friedrich Dreyer 1e2074b4eb use file instead of dir in search provider file fix result urls 2012-09-24 19:24:20 +02:00
Jenkins for ownCloud ecb90d72f3 [tx-robot] updated from transifex 2012-09-24 02:04:10 +02:00
Robin Appelman 4131b205d4 fix some more phpdoc 2012-09-23 02:40:03 +02:00
Robin Appelman f71f731f1c fix phpdoc and handle some edges cases better in oc_db 2012-09-23 02:40:03 +02:00
Lukas Reschke 80aa44565b Sanitize user input 2012-09-22 10:51:03 +02:00
Jenkins for ownCloud 01160d0fb4 [tx-robot] updated from transifex 2012-09-22 01:18:31 +02:00
Thomas Müller ac69974d73 Merge pull request #17 from scambra/4.5-l10n-fixes
Fix some untranslated strings
2012-09-21 16:09:30 -07:00
Bart Visscher 40a1899bd9 Catch exceptions when updating an app 2012-09-21 23:32:52 +02:00
Bart Visscher 4f4498e0d6 Fix undefined user var, use getUser 2012-09-21 21:29:37 +02:00
Bart Visscher 8820cd934a Forgot to return the fileinfo 2012-09-21 21:28:53 +02:00
Bart Visscher b6dc6c5bb9 Don't use OC_FileCache directly, but use the functions in OC_Files
This adds getFileInfo to OC_Files to also get fileinfo from shared files
2012-09-21 13:31:12 +02:00
scambra e48811017d fix translation for core/lostpassword 2012-09-21 11:54:47 +02:00
Jörn Friedrich Dreyer 59a00f95c3 use AL32UTF8 charset to connect to oracle, fixes file name encoding problems 2012-09-20 21:07:54 +02:00
Jörn Friedrich Dreyer a4082a526f escape user column in OC_FileCache::clear 2012-09-20 21:06:46 +02:00
Jenkins for ownCloud 7c42e88676 [tx-robot] updated from transifex 2012-09-20 02:09:31 +02:00
Robin Appelman 74ec2765b3 db indexes for appconfig and preferences 2012-09-20 01:36:52 +02:00
Brice Maron 86c3761615 Catch unreadable app folder error 2012-09-19 19:26:57 +00:00
Frank Karlitschek fe7288b65a beta 4 2012-09-19 16:32:40 +02:00
Arthur Schiwon 93d0defe9a set configuvalue in table appconfig back to clob. Likely to break LDAP settings, probably responsible for some bugs with it. Might also cause damage in other apps. That's why it was once already set to clob 2012-09-19 12:55:07 +02:00
Jenkins for ownCloud b0e645fe13 [tx-robot] updated from transifex 2012-09-19 02:07:26 +02:00
Bart Visscher 703aff6c35 Run proxies and emit signals when finising chunked upload
Otherwise the file cache and the quota isn't checked
2012-09-18 20:23:17 +02:00
Tom Needham 30188847a3 Only try to delete migration.db if it was created. 2012-09-18 16:25:34 +00:00
Tom Needham be76a55ef0 Allow exporting of users from any user backend, fixed oc-1645 2012-09-18 16:24:39 +00:00
Sam Tuke 9df403f051 Added failsafes for retrieving remote apps on settings->apps page, in case categories or app data are not found 2012-09-18 16:55:03 +01:00