Frank Karlitschek
|
d3bb01b598
|
more reliable host detection for reverse proxy scenarios
|
2012-06-05 12:53:48 +02:00 |
Bjoern Schiessle
|
44260a552c
|
xss vulnerability fixed
|
2012-06-05 10:49:36 +02:00 |
Bjoern Schiessle
|
e817504569
|
xss vulnerability fixed
|
2012-06-05 10:49:26 +02:00 |
Arthur Schiwon
|
ae2bcf968d
|
Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4
|
2012-06-04 21:33:02 +02:00 |
Arthur Schiwon
|
454f81fb15
|
load authentication apps before checking wether user exists. fixes oc-910
|
2012-06-04 21:31:35 +02:00 |
Arthur Schiwon
|
773f3cf973
|
make it possible to load apps seperately. needed to fix oc-910 without breaking oc-863
|
2012-06-04 21:30:58 +02:00 |
Tom Needham
|
daa4d2cd84
|
Validate email on save
|
2012-06-04 18:44:55 +00:00 |
Robin Appelman
|
b117a1e3ec
|
update file paths in filecache when the parent is renamed
|
2012-06-04 18:12:25 +02:00 |
Bjoern Schiessle
|
4bc88ef59d
|
prevent xss attacks by manipulating image file names
|
2012-06-04 18:11:17 +02:00 |
Bjoern Schiessle
|
d5566d0267
|
prevent xss attacks by manipulating text file names
|
2012-06-04 18:11:08 +02:00 |
Bjoern Schiessle
|
ca64a4080f
|
don't allow user to delete Shared dir via webdav and sync client (bug #774)
|
2012-06-04 18:08:51 +02:00 |
Bjoern Schiessle
|
7fbe306990
|
no move (rename) operation for "Shared" directory
|
2012-06-04 14:00:35 +02:00 |
Bjoern Schiessle
|
c8f670dfab
|
Don't allow user to delete, rename and re-share the "Shared" directory
|
2012-06-04 14:00:35 +02:00 |
Arthur Schiwon
|
8983c6dd6b
|
commited a bit too much before
|
2012-06-04 13:27:55 +02:00 |
Thomas Tanghus
|
d657263403
|
Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4
|
2012-06-04 13:13:53 +02:00 |
Thomas Tanghus
|
74ac2ac63a
|
Contacts: When editing photo on a newly created contact the name in the contact list was cleared.
|
2012-06-04 13:13:43 +02:00 |
Arthur Schiwon
|
8554525ebe
|
Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4
|
2012-06-04 13:04:37 +02:00 |
Arthur Schiwon
|
b48228ae3d
|
LDAP: link to documentation on settings page
|
2012-06-04 13:04:18 +02:00 |
Frank Karlitschek
|
64fe06710a
|
add deprecated warning
|
2012-06-04 12:49:33 +02:00 |
Frank Karlitschek
|
300f6894e0
|
4.0.1
|
2012-06-03 21:06:07 +02:00 |
Michael Gapczynski
|
0145c65bf3
|
Verify user exists when checking if logged in, fix for bug oc-863
|
2012-06-02 20:09:44 -04:00 |
Michael Gapczynski
|
4db5481ad5
|
Improve efficiency of retrieving log file entries
|
2012-06-01 14:42:14 -04:00 |
Frank Karlitschek
|
52b3305892
|
add a pdo check
|
2012-06-01 20:01:23 +02:00 |
Frank Karlitschek
|
3ef944521e
|
add check if apps folder is writable. needed to install 3rd party apps
|
2012-06-01 19:52:45 +02:00 |
Frank Karlitschek
|
60b8e172d5
|
prevent a division by zero problem
|
2012-06-01 16:49:14 +02:00 |
Frank Karlitschek
|
2c97f4788b
|
Merge branch 'stable4' of gitorious.org:owncloud/owncloud into stable4
|
2012-06-01 16:34:52 +02:00 |
Frank Karlitschek
|
aa9824d35b
|
fix proper error reporting
|
2012-06-01 16:33:24 +02:00 |
Arthur Schiwon
|
34464b1f8b
|
LDAP group backend: Set configured true when it is... fixe oc-887
|
2012-06-01 16:02:04 +02:00 |
Frank Karlitschek
|
aa88ec81c7
|
sort users and groups. fixes oc-779
|
2012-06-01 14:21:24 +02:00 |
Arthur Schiwon
|
86279bc192
|
LDAP group backend: If a group filter is not configured, do not do anything. Fixes oc-867
|
2012-06-01 14:05:08 +02:00 |
Frank Karlitschek
|
0468f53f73
|
switch magic quotes off.
they are evil and deprecated
|
2012-06-01 12:42:50 +02:00 |
Frank Karlitschek
|
1b34bda76b
|
fix oc-874
|
2012-06-01 12:16:04 +02:00 |
Frank Karlitschek
|
e44f9ab46e
|
correctly detect https
|
2012-06-01 11:47:14 +02:00 |
Frank Karlitschek
|
8ed13e627e
|
don´t do warnings.
Not sure if this start_session call is really needed here.
|
2012-06-01 11:08:40 +02:00 |
Frank Karlitschek
|
0d2d613f59
|
added a serverProtocol function that correctly returns the used protocol even if the ssl connection is terminated at a reverse_proxy or at a load balancer
|
2012-06-01 11:06:49 +02:00 |
Frank Karlitschek
|
670022cc8a
|
fix the breadcrumb
|
2012-05-31 21:43:07 +02:00 |
Frank Karlitschek
|
3a6341c880
|
fix oc-780
|
2012-05-31 21:27:46 +02:00 |
Frank Karlitschek
|
c3ccdbaa79
|
more fixes
|
2012-05-31 21:14:46 +02:00 |
Frank Karlitschek
|
d56966f14f
|
someone broke this completely. Hope it works again. Please check your apache error log and turn php notices on if you work on ajax call
|
2012-05-31 20:45:39 +02:00 |
Frank Karlitschek
|
739c5488a5
|
Merge branch 'stable4' of gitorious.org:owncloud/owncloud into stable4
|
2012-05-31 20:17:30 +02:00 |
Frank Karlitschek
|
5d425a9f79
|
use our own serverHost call so that ownCloud works with reverse proxy servers
|
2012-05-31 20:16:44 +02:00 |
Georg Ehrke
|
0059535140
|
fix potential XSS
|
2012-05-31 20:03:15 +02:00 |
Arthur Schiwon
|
7ec3e37199
|
LDAP: make queries compatible also with PostgreSQL
|
2012-05-31 13:06:27 +02:00 |
Robin Appelman
|
f4577bf00c
|
fix for pgsql database migration
|
2012-05-31 00:01:03 +02:00 |
Arthur Schiwon
|
449b9b92f0
|
LDAP: fix wrong value for input type
|
2012-05-30 22:37:00 +02:00 |
Arthur Schiwon
|
93849916bb
|
LDAP: support for 'member' as group-member-association
|
2012-05-30 22:36:48 +02:00 |
Frank Karlitschek
|
4dc7ed139b
|
don´t hardcode /tmp
|
2012-05-30 14:18:47 +02:00 |
Frank Karlitschek
|
c1f7d320e8
|
mark as 4.0.1 pre
|
2012-05-29 22:18:07 +02:00 |
Michael Gapczynski
|
1d983c28aa
|
Restrict requested app to apps directory
|
2012-05-29 12:35:52 -04:00 |
Thomas Tanghus
|
6515c5c1e7
|
Contacts: NOTE wasn't saved properly.
|
2012-05-29 16:45:52 +02:00 |