Commit Graph

1198 Commits

Author SHA1 Message Date
Brice Maron 9c2a6fb551 Add HEAD request management for files ajax/download.php 2012-05-24 22:48:10 +00:00
Frank Karlitschek 24318354f2 changed the default from Berlin to UTC.
Greetings form Berlin by the way ;-)
2012-05-24 00:49:21 +02:00
Robin Appelman 60fdc13ae6 enable running unit tests from cli 2012-05-22 20:22:53 +02:00
Florian Hülsmann d2e2a2b2c0 prevent apps from printing output from app.php 2012-05-22 13:10:42 +02:00
Robin Appelman cb23bae8d9 dont throw errors when apps dont have types configured 2012-05-20 18:52:03 +02:00
Robin Appelman f00b57f8be files app is always enabled 2012-05-20 18:52:03 +02:00
Frank Karlitschek c0db603d29 this is 5 pre alpha now 2012-05-19 18:21:33 +02:00
Frank Karlitschek 7e49a33d64 getStorage belongs to files not to apps. 2012-05-19 10:44:08 +02:00
Frank Karlitschek 08f7d4c552 document the public classes a bit more 2012-05-19 10:36:57 +02:00
Robin Appelman a2cc772aa5 dont run update scripts for apps that arent enabled 2012-05-19 02:00:46 +02:00
Robin Appelman b096fd9ed8 log upgrades 2012-05-19 01:55:20 +02:00
Robin Appelman df64b9b0e9 strict standards fixes for sqlite3 2012-05-19 01:39:41 +02:00
Michael Gapczynski 90cbc32c77 Fix redirect after login, prevent open redirects 2012-05-18 16:56:48 -04:00
Frank Karlitschek 16224e5e8b "fopen(" interferes with our own classes.
remove it for now and let´s fix this later
2012-05-18 18:22:37 +02:00
Frank Karlitschek 2d3c709163 Merge branch 'master' of gitorious.org:owncloud/owncloud 2012-05-18 15:56:15 +02:00
Frank Karlitschek db77dc91bc only try to install apps that are compatible with oC4 2012-05-18 15:54:36 +02:00
Frank Karlitschek 2e9115efe0 increase to RC2 2012-05-18 15:54:17 +02:00
Michiel de Jong a6ff909911 this code looks wrong to me but i'm putting it back while we find out what the right code should look like 2012-05-18 15:39:28 +02:00
Michiel de Jong 1a874b4c56 make redirect safe by restricting it to current host 2012-05-18 15:32:41 +02:00
Michiel de Jong 9b5e8a2c63 fix redirect to desired page after login 2012-05-18 15:11:01 +02:00
Robin Appelman 48505c5626 improve tar archive backend 2012-05-18 01:54:59 +02:00
Robin Appelman c1ba4deb72 when scanning a folder that is a mountpoint, use the root of the mount for checking if a folder is writable instead of the folder 2012-05-17 01:47:58 +02:00
Robin Appelman aac9629e88 add support for custom ports for mysql/pgsql by adding :portnumber to the database host 2012-05-17 01:06:22 +02:00
Robin Appelman 5fe7200a7f update documentation of oc_user::checkpassword 2012-05-17 00:57:43 +02:00
Robin Appelman 2c99924f7d make sure the group exists in the backend before adding a user to it 2012-05-17 00:47:43 +02:00
Sam Tuke 22dd155e4d Merge branch 'unstable' of gitorious.org:owncloud/owncloud into unstable 2012-05-16 18:30:35 +01:00
Sam Tuke 9acd1065b0 made initial testing version of expireAll for version control \ngave some old vars new camelcase names 2012-05-16 18:30:26 +01:00
Bart Visscher c645a7d0f8 Fix empty jsfiles and cssfiles in layout template 2012-05-16 18:53:46 +02:00
Bart Visscher ce1e4425c2 Combine and minimize core and default app js files 2012-05-16 18:53:46 +02:00
Bart Visscher f71fec8cdc Combine and minimize core and default app css files 2012-05-16 18:53:46 +02:00
Bart Visscher 2faae817f1 Template: Fix var name 2012-05-16 18:53:46 +02:00
Bart Visscher 6d20fe4012 Template: Make getFormFactorExtension function public 2012-05-16 18:53:46 +02:00
Bart Visscher b39f01fce6 Comment spelling fix 2012-05-16 18:52:40 +02:00
Bart Visscher 5d72681d10 Better place to check caching headers 2012-05-16 18:52:40 +02:00
Arthur Schiwon 01b366df80 avoid corrupt ZIP files on lighttpd, should fix oc-467 2012-05-15 11:57:24 +02:00
Thomas Mueller 583dce5276 removing executable bit - again 2012-05-15 00:52:00 +02:00
Robin Appelman 6779f28af4 cache app types during install or update 2012-05-14 22:49:31 +02:00
Thomas Mueller bda2dbec1f Prevent Clickjacking by adding additional headers:
header('X-Frame-Options: Sameorigin');
                header('X-XSS-Protection: 1; mode=block');
                header('X-Content-Type-Options: nosniff');

Thanks to Lukas Reschke for reporting this issue (and many more).
2012-05-14 15:34:28 +02:00
Robin Appelman e7c106d91e selective app loading for remote/public 2012-05-14 00:28:28 +02:00
Michael Gapczynski a332c39472 Check if path_info is empty as well, fixes bug oc-632. Thanks to die3lustigen2. 2012-05-13 15:26:30 -04:00
Robin Appelman 8d475debe0 additional logging when db upgrade fails 2012-05-13 21:21:39 +02:00
Robin Appelman 1a2ab2ef68 prevent user creation with empty password 2012-05-13 20:53:56 +02:00
Thomas Tanghus 3926e2d4f3 VCategories: Made a small check for categories that seems to resolv the problems in Calender. Also reverts the changes from 9e6221b229. 2012-05-13 15:07:07 +02:00
Thomas Tanghus 9e6221b229 VCategories: Suppress error messages stemming from import from file app. 2012-05-13 09:16:53 +02:00
Frank Karlitschek af77ce9a9b This is RC now 2012-05-13 05:11:10 +02:00
Robin Appelman 9eb91a111d update to jquery 1.7.2 2012-05-12 00:37:19 +02:00
Brice Maron 5b7c69f978 Change sqlite escaping of identifier to double quote. Fixing some issues 2012-05-11 19:45:53 +00:00
Bart Visscher 919681f3e6 Make processed css files cachable 2012-05-11 21:33:02 +02:00
Bart Visscher 97233b77cd Remove DOCUMENTROOT static var, and make SUBURI var private 2012-05-11 21:31:51 +02:00
Robin Appelman 847832ae77 also set remote/public paths on installing apps 2012-05-11 20:58:23 +02:00
Robin Appelman d12021e3c4 fix sqlite3 driver against updated MDB2 2012-05-11 20:56:02 +02:00
Robin Appelman cf3940425f don't do the initial scanning of the users home folder trough the update system 2012-05-11 20:49:19 +02:00
Robin Appelman 0622fa79ba add temporary filestorage backend for testing purposed 2012-05-11 20:33:56 +02:00
Robin Appelman b40f9670ae allow clearing hooks and fileproxies 2012-05-11 20:33:56 +02:00
Robin Appelman 736739bbbd load remote and public paths from info.xml during upgrade instead of setting them every time 2012-05-11 20:33:56 +02:00
Michiel de Jong c99d7dd94f the ',last' breaks all other rewrite rules and is also not there in the committed .htaccess, so removing it. anybody know why it was there? 2012-05-11 17:59:21 +02:00
Michiel de Jong 347ce2aafa match setup script to .htaccess from repo 2012-05-11 17:30:27 +02:00
Michiel de Jong 4462b26160 oops, typo in lib/setup.php 2012-05-11 17:09:10 +02:00
Michiel de Jong 2dff357a4e add new htaccess things into setup script too 2012-05-11 17:06:04 +02:00
Georg Ehrke 8f2217ca2e make default app choosable 2012-05-11 13:56:52 +02:00
Tom Needham 709b0a1ddc Check if app is enabled before exporting its data 2012-05-10 23:06:53 +00:00
Michael Gapczynski de95bf62a2 Prevent any null bytes related exploits, thanks to Lukas Reschke 2012-05-10 11:44:06 -04:00
Michael Gapczynski d9fbdae758 Prevent XSS exploit by checking if path-info is set, thanks to Lukas Reschke 2012-05-10 10:26:12 -04:00
Sam Tuke b055ebc1fc added documentation to OCP namespace 2012-05-10 14:19:17 +01:00
Bart Visscher c2230580c1 Remove unused OC static variable CONFIG_DATADIRECTORY_ROOT 2012-05-10 09:14:27 +02:00
Bart Visscher b022ccb863 Whitespace fixes 2012-05-10 09:14:26 +02:00
Bart Visscher e77ba0280a Implement default functions in OC_Group backend
Simplifies calling these functions, and makes code simpler

functions:
inGroup
getUserGroups
getGroups
usersInGroup
2012-05-10 09:14:26 +02:00
Bart Visscher ac2e0cd6e4 Implement default functions in OC_User backend
Simplifies calling these functions, and makes code simpler

functions:
deleteUser
getUsers
userExists
2012-05-10 09:14:26 +02:00
Bart Visscher a9d7c67bf2 The log message is not always shown in html
The log message can also be logged with syslog, here we don't want to have html-entities. Also the log messages through json are displayed as text not html.
2012-05-10 09:13:09 +02:00
Michael Gapczynski 798e6aa40b Merge commit 'refs/merge-requests/100' of git://gitorious.org/owncloud/owncloud into merge-requests/100 2012-05-09 17:50:14 -04:00
Robin Appelman 03f66c6351 also scan new folders when checking for updates
it might cause long load times but seems the best for now
2012-05-09 20:35:12 +02:00
Georg Ehrke bc60b8d87a fix bug in public api 2012-05-09 18:33:40 +02:00
Philipp Roggan bba434ca37 fixed typo in lib/public/util.php:106 (varname to ) 2012-05-09 15:17:40 +02:00
Michael Gapczynski 051442bc76 Sanitize redirect urls 2012-05-08 17:41:50 -04:00
Tom Needham 9c47346373 Protect admin from evil log messages 2012-05-08 19:41:31 +00:00
Georg Ehrke 52717d2a1b remove comments 2012-05-08 17:07:50 +02:00
Brice Maron 9921ca11b5 Add protection for non-authorized char in installation form 2012-05-07 22:12:30 +00:00
Frank Karlitschek 43978abd80 increase to 4 beta 2012-05-07 22:58:22 +02:00
Frank Karlitschek 10d291d6b3 Merge branch 'master' of gitorious.org:owncloud/owncloud 2012-05-07 22:56:34 +02:00
Frank Karlitschek 40b823bc8b some more docu fixes 2012-05-07 22:55:44 +02:00
Bart Visscher 4dbc2093c6 Create a function for linking to remote.php 2012-05-07 21:47:14 +02:00
Georg Ehrke 5b7cefb1e5 make ampache work with remote.php 2012-05-07 20:26:09 +02:00
Georg Ehrke d032345191 fix validation of getfile parameter - i hate this bloody merge conflicts 2012-05-07 13:23:55 +02:00
Thomas Tanghus cde60dba0f Fix typo. 2012-05-07 04:46:09 +02:00
Michael Gapczynski aa0c3ddcfe Fix updateFolder() in OC_FileCache 2012-05-06 20:11:10 -04:00
Michael Gapczynski e0db22cc07 Provide feedback when user creation fails 2012-05-06 18:04:48 -04:00
Frank Karlitschek 1945cd6946 ported the oc_template class 2012-05-06 23:00:36 +02:00
Frank Karlitschek 5d55c709dd some more documentation cleanups. much more is needed.
And greeting from the Atlanta airport. ;-)
2012-05-06 22:02:16 +02:00
Frank Karlitschek 2edf59c026 first part of documentation update. lot´s more to come 2012-05-06 21:46:39 +02:00
Daniel 35177e00c0 Merge commit 'refs/merge-requests/109' of git://gitorious.org/owncloud/owncloud into merge-requests/109 2012-05-06 16:13:13 +02:00
Jernej Virag e459309511 Fixed escaping of filename when determining MIME type 2012-04-25 10:33:52 +02:00
Bart Visscher f991948a71 Fix loading by apptype in webdav 2012-05-05 21:58:10 +02:00
Thomas Müller d46bea8867 fixing file headers with copy right 2012-05-05 18:13:40 +02:00
Robin Appelman c0e67fa24a fix opening encrypted files from the browser 2012-05-05 16:49:48 +02:00
Frank Karlitschek 9bcc5c11a8 porting the hooks and starting with the templates 2012-05-05 10:18:45 +02:00
Brice Maron 4a89eb77c1 Escape strings for DB and User creation at setup. Fix oc-124 2012-05-04 22:54:55 +00:00
Frank Karlitschek eab4a05d78 implement missing getusers call 2012-05-04 11:13:07 +02:00
Robin Appelman a22a79cddd fix filecache for postgresql 2012-05-03 23:17:03 +02:00
Robin Appelman 9e03ea4a28 ensure the files app is always loaded 2012-05-03 20:47:18 +02:00
Frank Karlitschek 97a8af7f25 ported oc_db 2012-05-03 13:06:08 +02:00
Frank Karlitschek 43caa3b3b9 ported oc_json 2012-05-03 12:23:29 +02:00
Frank Karlitschek 351740601a port oc_response 2012-05-03 10:46:27 +02:00
Robin Appelman e5ef3e1340 move archive library to core so we can properly depend on it 2012-05-02 23:48:23 +02:00
Michael Gapczynski 31d623f426 Fix log viewing bug 2012-05-02 15:26:42 -04:00
Frank Karlitschek 10bbbc8cd2 new checkAppEnabled call 2012-05-02 18:54:31 +02:00
Georg Ehrke da03d05700 create folder 'remote' for the remote services like caldav, carddav and webdav 2012-05-02 16:41:23 +02:00
Frank Karlitschek 82a61e2e1a port oc_preferences 2012-05-02 15:54:34 +02:00
Frank Karlitschek ff66600bc0 port appconfig 2012-05-02 14:11:29 +02:00
Frank Karlitschek 8e99475886 first part of the config stuff 2012-05-02 13:28:56 +02:00
Frank Karlitschek 8c7f854671 move all the files stuff into a files class 2012-05-02 12:54:31 +02:00
Arthur Schiwon 6750998984 files is not internal any more, part II 2012-05-02 11:26:22 +02:00
Arthur Schiwon d71600213a files is not internal any more 2012-05-02 11:14:11 +02:00
Arthur Schiwon c9eaffd336 send downloadfile piece by piece. saves RAM and is better suited for large files. 2012-05-02 11:02:13 +02:00
Frank Karlitschek 2fe646dcec ported the oc_app calls 2012-05-02 00:50:26 +02:00
Frank Karlitschek 93b63cf375 ported the rest of the OC_Helper calls 2012-05-02 00:20:45 +02:00
Frank Karlitschek e48f511606 port linkto and serverHost 2012-05-01 23:19:39 +02:00
Frank Karlitschek 31e32e3c10 ported checkLoggedIn and checkAdmin 2012-05-01 22:59:38 +02:00
Frank Karlitschek e2fb094693 some more porting 2012-05-01 21:07:08 +02:00
Frank Karlitschek d0554bef06 finish porting of the LOG calls or the apps to the public api 2012-05-01 17:38:27 +02:00
Marvin Thomas Rabe 7ded9cf520 Checks if config folder is writable on begin of the installation. 2012-05-01 16:35:46 +02:00
Arthur Schiwon d3ce2cacd6 OC_User: handle success properly 2012-05-01 14:40:56 +02:00
Arthur Schiwon 8a69116e94 OC_User: don't say password changed when it is not true 2012-05-01 13:40:01 +02:00
Frank Karlitschek 0195d5b439 some more work on the public API 2012-05-01 09:39:12 +02:00
Frank Karlitschek 04c6582af1 load the files app in a way that doesn´t break oC3 configurations 2012-04-30 13:58:48 +02:00
Frank Karlitschek e1268cd5f4 we require php 5.3 now. so please notify the user if an old version is in use 2012-04-30 13:28:31 +02:00
Frank Karlitschek f0701f75a9 tiny typo 2012-04-30 13:08:08 +02:00
Thomas Mueller 07f2e316e4 removing executable bit from various files 2012-04-30 12:05:57 +02:00
Frank Karlitschek c7e7767f58 don´t hardcode files app. we have no a standard info.xml in files 2012-04-29 21:27:02 +02:00
Robin Appelman 4d3ef9a824 improve rescanning folders 2012-04-29 16:11:17 +02:00
Robin Appelman e3adbcb7d5 remove non existing files from the cache when rescanning a folder 2012-04-29 15:09:47 +02:00
Robin Appelman 09a5c59cca only install shipped apps on setup that should be enabled by default 2012-04-29 14:38:56 +02:00
Georg Ehrke 3aedbc5f95 remove debug message 2012-04-27 22:22:58 +02:00
Georg Ehrke 06e9ac8591 fix parsing of app parameter and fix external app 2012-04-27 22:22:03 +02:00
Georg Ehrke 993d655aad Merge branch 'master' into movable_apps_2 2012-04-27 10:30:50 +02:00
Frank Karlitschek ee0cb68f5e some csrf fixes. needs testing 2012-04-27 01:18:21 +02:00
Frank Karlitschek 74b5e22a68 some more csrf fixes 2012-04-26 23:17:46 +02:00
Georg Ehrke 5483c1be42 hide fails 2012-04-26 21:58:43 +02:00
Georg Ehrke 5fda0e4b3b make *DAV work with movable apps 2012-04-26 21:56:29 +02:00
Georg Ehrke 2b10371bde fix merge conflicts 2012-04-26 18:08:49 +02:00
Georg Ehrke 40f95ffdf3 fix security check for the path of the requested file 2012-04-26 17:55:00 +02:00
Georg Ehrke ebcaa46482 fix loading of css files that are core related 2012-04-26 15:19:27 +02:00
Georg Ehrke 3f64eb25ab some fixes fore movable apps 2012-04-26 14:52:55 +02:00
Georg Ehrke d76552a009 Merge branch 'sabredav_1.6' 2012-04-25 10:39:31 +02:00
Georg Ehrke 476043ecb9 add a proper 404 2012-04-25 10:17:20 +02:00
Robin Appelman cc2bfd313d minor filecache improvements 2012-04-25 00:12:12 +02:00
Robin Appelman 9015c46e31 emit the correct hooks for file_put_contents and some readfile improvements 2012-04-25 00:12:12 +02:00
Robin Appelman 60b924c954 initial mount configuration work 2012-04-25 00:12:12 +02:00
Georg Ehrke f17eea506a fix merge conflicts 2012-04-24 21:59:56 +02:00
Georg Ehrke fb84d0aff8 fix php fail 2012-04-24 21:37:19 +02:00
Georg Ehrke 9b29bc96de remove debug message 2012-04-24 21:36:54 +02:00