775f6a1354
make sure styles and scripts are only loaded once
2014-12-16 18:26:43 +01:00
4d232e536e
Deprecate Util::formatDate()
...
Make DateTimeFormatter a service and adjust tests that have been inaccurate
2014-12-10 11:58:56 +01:00
ddcf2b84ec
Remove checks for safe mode and magic quotes
...
Both are removed from 5.4.0
Safe Mode: http://php.net/manual/en/features.safe-mode.php
> This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.
Magic Quotes: http://php.net/manual/en/security.magicquotes.php
> This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.
2014-12-05 19:14:47 +01:00
1b0bc2e099
PHP 5.4 is now required for master
...
🍻
2014-12-04 10:46:38 +01:00
2c39aec8cb
Replace deprecated constant with new class constant
2014-11-25 16:30:21 +01:00
9a1673c79d
Check for XMLWriter class
...
This is not installed by default in all cases and will break the DAV features of ownCloud. Lot's of reports such as https://github.com/owncloud/ios-issues/issues/167#issuecomment-63798507
2014-11-20 13:13:14 +01:00
8b2b0aae31
deleteFromOpcodeCache: make parameter mandatory, document parameter
...
Both pointed out in submission review by @bantu, thanks.
2014-11-06 18:05:20 -08:00
3b4823d89c
add function to invalidate one opcache file, use it if possible #9885
...
Issue #9885 appears to be triggered by ownCloud invalidating the entire
PHP opcache. Testing indicates it can be avoided by only invalidating the
single file that was written from the opcache, instead of clearing the
whole thing. In general it is more efficient to invalidate only the single
file that was changed, rather than the whole cache.
This adds a deleteFromOpcodeCache() function which invalidates a single
file from the opcache if possible, returning true if the underlying
function returns true (which may mean 'success', or 'file does not exist',
or 'file exists but is not in opcache', all of which are OK to treat as
good for our purposes). It also changes writeData() in config.php to try
using deleteFromOpcodeCache() and only fall back on clearOpcodeCache() if
that fails.
2014-11-06 17:58:58 -08:00
d763b32048
ability to add bower resources
...
* add addVendorScript & addVendorStyle
* refactoring of addScript and addStyle
* add shortcuts vendorScript and vendorStyle
2014-11-03 20:54:40 +01:00
bed81ea854
Merge pull request #11080 from owncloud/addheader-text-2
...
Fix the addHeader tag attributes text methods to not ignore the text parameter
2014-10-30 18:13:46 +01:00
a589d61b78
in case a translation javascript is not found we no longer bail out
...
remove translation.php
2014-10-29 10:09:12 +01:00
ec1a73fab9
Added OC.L10N namespace with translation functions
...
Added addTranslations and fixed de.js file
Fixed de.js to use OC.L10N.register() and use to correct expected
format.
Added JS unit tests for OC.L10N class
Include translations JS script for all apps
2014-10-29 10:09:12 +01:00
510d0b2cf3
Fix the "addHeader($tag, $attributes, $text)" methods to not ignore the $text parameter
...
Also support closing tags with no text content given
Conflicts:
lib/private/template.php
2014-10-28 11:15:58 +01:00
d6380a5395
Merge pull request #11786 from owncloud/MakeSupportedDBsConfigurable
...
Make supported DBs configurable within config.php
2014-10-27 22:24:16 +01:00
233c49f4b9
Make supported DBs configurable within config.php
...
This commit will make the supported DBs for installation configurable within config.php. By default the following databases are tested: "sqlite", "mysql", "pgsql". The reason behind this is that there might be instances where we want to prevent SQLite to be used by mistake.
To test this play around with the new configuration parameter "supportedDatabases".
2014-10-27 21:39:34 +01:00
b3a04840b5
Add type hinting to functions
...
It's only reasonable to have proper type hinting here which might even help us to catch bugs.
2014-10-24 14:13:40 +02:00
2d2a4741ce
Make files non executable
...
There is not much sense in having these files marked executable, we should avoid that.
2014-10-24 11:14:51 +02:00
1e69f5e7ac
Log some basic events
2014-10-20 13:38:38 +02:00
9b0f0df7f5
make skeleton compatible with objectstore
...
suspend encryption proxy when copying skeleton
2014-10-20 11:28:36 +02:00
c27fd94ec8
in cli mode return true for isHtaccessWorking
2014-10-15 16:59:28 +02:00
e762ff2bbd
Merge pull request #11356 from owncloud/redirect-only-to-the-same-domain
...
Redirect only to absolute URL
2014-10-01 12:47:43 +02:00
41374986d3
Remove dead code
2014-09-29 17:20:29 +02:00
6e7365fc17
Redirect only to absolute URL
...
We do not want to redirect to other domains using the "?redirect_url=" feature. Please notice, that the ownCloud project does not consider open redirectors as security issue.
2014-09-29 17:07:43 +02:00
9fc23e1967
Merge pull request #10934 from owncloud/datadir-write-setup
...
Don't complain about non-writable datadirs before we're installed
2014-09-25 14:32:32 +02:00
89e02e89d4
Merge pull request #7051 from owncloud/postsetupajaxcheck
...
Moved WebDAV check to client side JS
2014-09-23 16:55:16 +02:00
c587a4aaa2
Merge pull request #11222 from owncloud/store-users-timezone-master
...
send browsers timezone back tp the server on login
2014-09-23 13:45:21 +02:00
42fe0b9e08
Merge pull request #11241 from owncloud/use-lower-case
...
Use only lower-case letters
2014-09-23 12:16:58 +02:00
e65ceb08fc
Moved WebDAV and internet checks to client side JS
...
- Added setup checks in JavaScript
- Moved isWebDAVWorking to JS using SetupChecks
- Moved internet connection checks to an ajax call that goes through the
server
2014-09-23 11:16:14 +02:00
1565d82b81
Use only lower-case letters
...
Fixes https://github.com/owncloud/core/issues/11239
2014-09-22 21:29:03 +02:00
6eeb905871
Do only follow HTTP and HTTPS redirects
...
We do not want to follow redirects to other protocols since they might allow an adversary to bypass network restrictions. (i.e. a redirect to ftp:// might be used to access files of a FTP server which might be in a secure zone and not be reachable from the net but from the ownCloud server)
Get final redirect manually using get_headers()
Migrate to HTTPHelper class and add unit tests
2014-09-22 20:02:32 +02:00
814114ab8e
enhance formatDate function to accept an optional argument containing the time zone
2014-09-22 15:03:28 +02:00
23dd7cb51d
Don't complain about non-writable datadirs before we're installed
2014-09-18 13:33:13 +02:00
6fa3280c2a
Inject config into checkserver and cleanup tests
2014-09-18 13:33:13 +02:00
5813cf32dc
Deduplicate dependency checks
...
Some code that I also used for https://github.com/owncloud/administration/pull/11
2014-09-16 13:07:47 +02:00
59209e0f2b
use intl's native normalizer_normalize() in case the module is available
2014-09-11 10:24:31 +02:00
0aad7fa1b1
allow prefilling login
2014-09-08 21:44:13 +02:00
1a7df33233
Merge pull request #10818 from owncloud/enableappforgroupfix
...
Fix upgrade process when apps enabled for specific groups
2014-09-04 13:56:41 +02:00
8fec19a872
Merge pull request #10790 from cbhp/master
...
added missing User-Agents
2014-09-03 22:40:12 +02:00
c00450b2c7
always use a user-agent constant
...
Some providers block connections with missing user-agents. Also
user-agents are useful for analyzing requests. I've added a USER_AGENT
constant that is used in cURL and in file_get_contents.
2014-09-03 18:00:05 +02:00
63a90a129b
Use proper RNG generator
...
OC_Util::generateRandomBytes() only returns lowercase alphanumeric values.
We should use the new RNG which has a broader characterset.
2014-09-03 17:46:48 +02:00
26f337d523
Only return lowercase letters and digits for backwards compatbility
2014-09-03 17:18:00 +02:00
e05b95636b
Fix upgrade process when apps enabled for specific groups
...
Fix issue where the currently logged user was causing side-effects when
upgrading.
Now setting incognito mode (no user) on update to make sure the whole
apps list is taken into account with getEnabledApps() or isEnabled().
2014-09-02 17:16:14 +02:00
969b41c1c9
added missing User-Agents
...
header "User-Agent" was missed
2014-08-31 19:44:06 +02:00
ae3425d2da
Merge branch 'master' into securityutils
...
Conflicts:
lib/private/util.php
2014-08-31 15:21:09 +02:00
d0266c0bf8
Use public api for getting l10n
2014-08-31 10:08:22 +02:00
dd7b8e4555
Remove insecure fallback random number generation
2014-08-29 15:44:09 +02:00
f551917a3c
kill OC::$session
...
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession
restore order os OC::$session and OC::$CLI
remove unneded initialization of dummy session
write back session when $useCustomSession is true
log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
d26a9c3c58
Add some security utilities
...
This adds some security utilities to core including:
- A library for basic crypto operations (e.g. to encrypt passwords)
- A better library for cryptographic actions which allows you to specify the charset
- A library for secure string comparisions
Remove .htaccess
Remove .htaccess
Fix typo
Add public API
Use timing constant comparision
Remove CBC constant
Adjust code
Remove confusing $this
2014-08-27 00:18:04 +02:00
2ad0d3f1be
Throw exception if file cannot be accessed via http
...
Format file
Removing calls to deprecated classes and using internal method to get via http
Missed a character
Fix inverted logic
2014-08-22 19:41:30 -04:00
9a5e745a64
fix typo
2014-08-19 16:45:22 +02:00
b3b3354809
move to public namespace
2014-08-19 14:05:08 +02:00
2df52e54d7
Fix STORAGE_* constants usage by moving those constants into \OC\Files\Filesystem.
...
As constants not defined within a class cannot be automatically found by the
autoloader moving those constants into a class makes them accessible to
code which uses them.
Signed-off-by: Stephan Peijnik <speijnik@anexia-it.com>
2014-08-19 13:55:35 +02:00
fdfc5c67f8
Merge pull request #9866 from owncloud/app-upgrade
...
Don't do app upgrades in the background
2014-08-19 13:33:38 +02:00
722a119e46
fix typo in util.php
2014-08-18 15:59:36 +02:00
ccc46be740
Make skeleton directory configurable.
2014-08-16 01:07:42 +02:00
3e493501da
Merge pull request #9890 from owncloud/check-php-charset-master
...
setting and checking default_charset in php.ini to be UTF-8
2014-08-11 22:11:11 +02:00
43d790239d
Extend OC_Util::needUpgrade to also catch app upgrades
2014-08-04 13:41:04 +02:00
c53b56e313
Merge pull request #9798 from owncloud/ocs_share_api_add_expire_date
...
[share api] add OCS api call to set expire date for link shares
2014-07-28 17:28:32 +02:00
260729fd7d
Verify whether the URL is valid
...
Required for https://github.com/owncloud/mail/pull/100#issuecomment-50266017
@karlitschek Backport for stable6 and stable7 requested.
2014-07-27 16:46:32 +02:00
ecc1f92bb6
add OCS api call to set expire date for link shares
2014-07-25 13:38:18 +02:00
07dc0b2fdf
setting and checking default_charset in php.ini to be UTF-8
2014-07-25 09:53:25 +02:00
2fec6cbd5b
Remove forgotten debug log
2014-07-03 12:26:17 +02:00
3e78f41d00
Use getAbsoluteUrl for redirection URL
...
Also separate the function into getDefaultPageUrl() and
redirectToDefaultPage() to make it testable.
2014-07-01 16:02:38 +02:00
c005515ebd
Support for multiple default apps
...
If a default app isn't visible for the user, try the next one.
Else fallback to the "files" app.
2014-07-01 15:42:26 +02:00
894d69184a
Add bak defaultapp setting
2014-07-01 14:28:45 +02:00
ae68a773c0
more strings to translate in utils also some fixes in defaults
2014-06-28 13:29:24 +02:00
fd8b5680dd
Merge pull request #8383 from owncloud/object_storage
...
Object storage
2014-06-27 16:53:03 +02:00
5cae863408
change architecture from inheritance to composition
2014-06-18 12:53:20 +02:00
4e65889f54
only use one config option 'objectstore' for root and home storage configuration
2014-06-18 12:53:20 +02:00
7493ff0624
fix unit test by always initializing the root of the storage in the constructor
2014-06-18 12:53:20 +02:00
10de4a7b90
move creation of / and users 'files' from storage constructor to setupFS / mount initialization
2014-06-18 12:53:20 +02:00
85ccfad37c
change 'object_storage' config param to 'root_storage'
...
copy skeleton only for local filesystems
2014-06-18 12:53:19 +02:00
2bf7e5c02f
make objectstore setup more robust, don't pass user to object store mounted as root
2014-06-18 12:53:19 +02:00
3c66a8c8ed
allow configuring objectstore as home and root storage
2014-06-18 12:53:19 +02:00
799205488c
Prevent loadApps on upgrade
...
Moved OC::needUpgrade() to OCP\Util::needUpgrade() to make it accessible
form the router.
Moved maintenance + upgrade check to the router.
2014-06-18 11:10:07 +02:00
ac7fb1b23e
Remove legacy routing code
...
The getfile routing code was absolutely legacy and not needed anymore. Additionally \OC::$REQUESTEDAPP was never set to the actually accessed application.
This commit removes the legacy routing code and ensures that $REQUESTEDAPP is always set so that other applications (e.g. the firewall or a two-factor authentication) can intercept the currently accessed app.
Testplan:
[x] Installation works
[x] Login with DB works
[x] Logout works
[x] Login with alternate backend works (tested with user_webdavauth)
[x] Other apps are accessible
[x] Redirect on login works (e.g. index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fapps%3Finstalled)
[x] Personal settings are accessible
[x] Admin settings are accessible
[x] Sharing files works
[x] DAV works
[x] OC::$REQUESTEDAPP contains the requested application and can be intercepted by other applications
2014-06-05 11:45:45 +02:00
f1bf06f8cf
Merge pull request #8884 from owncloud/move-flock-to-app
...
remove file locking - code will continue to live in it's own app
2014-06-05 10:54:24 +02:00
ec7225da66
remove file locking - code will continue to live in it's own app
2014-06-04 20:11:54 +02:00
76e04027bc
Upgrade SabreDAV to 1.8.10
...
Updating SabreDAV namespaces
2014-06-04 12:22:23 +02:00
ab6680e9ab
name the storage wrapper to make sure that we don't apply the wrapper multiple times
2014-06-04 07:55:46 +02:00
5365ae416e
flock changes. Work in progress.
2014-06-04 07:55:44 +02:00
555b9cc245
Merge pull request #7614 from owncloud/test_annotations_working
...
Check if ReflectionMethod::getDocComment is working
2014-05-30 22:17:30 +02:00
99d46af0b4
Use instanceOfStorage instead of instanceof
2014-05-29 13:52:58 +02:00
12338e0ef0
allow admin to disable sharing for specific groups of users
2014-05-22 10:43:44 +02:00
06af8e09da
adding annotation check to checkServer()
2014-05-19 21:51:35 +02:00
30f1ec2521
Merge branch 'master' into test_annotations_working
...
Conflicts:
lib/private/util.php
2014-05-19 21:42:30 +02:00
dc36d30953
Remove all occurences of @brief and @returns from PHPDoc
...
* test case added to avoid adding them later
2014-05-19 17:50:53 +02:00
b6e14af861
allow admin to enforce passwords for public link shares
2014-05-16 17:41:09 +02:00
f7e777f7d2
Fix various code errors detected by Scrutinizer
...
Fixed:
- An error with a misplaced bracket in lib/private/util.php
- An error with an incorrect function being called in lib/public/contacts.php
2014-05-13 19:09:14 +01:00
87b548ed91
Fix all PHPDoc types and variable names, in /lib
2014-05-13 19:08:14 +01:00
b5bc37d2e4
Fix @return array PHPDocs, in /lib
2014-05-13 19:08:14 +01:00
a9ac11718e
backup the encryption key after the encryption was disabled so that the user
...
can restore them if needed
2014-05-13 12:35:25 +02:00
287c8981bc
Check if ReflectionMethod::getDocComment is working
2014-05-09 22:44:55 +02:00
5cfc9d973d
Fix PHP Doc and use readable variable name
2014-05-04 13:02:58 +02:00
d091cca636
Fix typo
2014-05-04 12:53:06 +02:00
e88731a477
Some more PHPDoc fixes
2014-04-21 15:44:54 +02:00
d98ae4f9b2
Fix a wrong WebDAV Warning with self-signed-certs
...
Occuring in the admin interface
2014-04-13 05:24:29 +02:00
77ecfdd1a4
Only encode dangerous dangerous characters
...
There is no need to encode all characters into HTML entities, only potential dangerous characters as &, ", ', < and > should get encoded.
This may fix issues like https://github.com/owncloud/calendar/pull/394
2014-04-11 19:42:15 +02:00
7278f2f567
Sub-dir was prepended twice
2014-03-29 20:40:49 +01:00
c14107550d
Use UrlGenerator in OC\Util::redirectToDefaultPage(). Fix #7936
2014-03-28 18:05:48 +01:00
Thomas Müller
Joas Schilling
Lukas Reschke
Adam Williamson
Morris Jobke
Vincent Petry
Robin Appelman
Jörn Friedrich Dreyer
cbhp
Clark Tomlinson
Stephan Peijnik
helix84
Stefan Rado
Björn Schießle
Lukas Reschke
Volkan Gezer
Lukas Reschke
ringmaster
Robin McCorkell
Thomas Tanghus
kondou