Commit Graph

141 Commits

Author SHA1 Message Date
Bart Visscher 79f9d61ec8 Allow apps to load before login, needed for user_openid 2012-06-18 15:40:48 +02:00
Bjoern Schiessle 0074062b53 fixed xss vulnerability 2012-06-15 16:16:00 +02:00
Bjoern Schiessle 3ddaedee3b fixed xss vulnerability 2012-06-15 15:51:06 +02:00
Thomas Tanghus f589df7366 Redirect HTTP Auth requests to REQUEST_URI. Partial fix for http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-874 2012-06-13 18:31:36 +02:00
Thomas Tanghus 4f6978c30f Redirect HTTP Auth requests to REQUEST_URI. Partial fix for http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-874 2012-06-11 15:22:58 +02:00
Robin Appelman ba1dec64c1 load all apps when loging in, needed for apps listening to login hooks 2012-06-09 15:58:30 +02:00
Robin Appelman ec55eaef5b dont load apps when displaying the login page
and only load authentication apps during login
2012-06-09 15:28:57 +02:00
Frank Karlitschek a945fa10a6 update copyright 2012-05-26 19:14:24 +02:00
Michael Gapczynski 90cbc32c77 Fix redirect after login, prevent open redirects 2012-05-18 16:56:48 -04:00
Michiel de Jong 1a874b4c56 make redirect safe by restricting it to current host 2012-05-18 15:32:41 +02:00
Michiel de Jong 9b5e8a2c63 fix redirect to desired page after login 2012-05-18 15:11:01 +02:00
Georg Ehrke b35c6b57a9 allow loading of css files even if a user isn't logged in 2012-05-17 21:56:33 +02:00
Georg Ehrke 232788396d some changes for login 2012-05-11 16:43:45 +02:00
Michael Gapczynski 051442bc76 Sanitize redirect urls 2012-05-08 17:41:50 -04:00
Bart Visscher 4dbc2093c6 Create a function for linking to remote.php 2012-05-07 21:47:14 +02:00
Georg Ehrke e33b12a375 fix path of webdav 2012-05-07 12:07:39 +02:00
Frank Karlitschek d2b0de614e fix an XSS bug 2012-05-06 23:06:38 +02:00
Georg Ehrke da03d05700 create folder 'remote' for the remote services like caldav, carddav and webdav 2012-05-02 16:41:23 +02:00
Georg Ehrke 657d02371c fix login 2012-04-27 14:55:26 +02:00
Georg Ehrke 993d655aad Merge branch 'master' into movable_apps_2 2012-04-27 10:30:50 +02:00
Frank Karlitschek 74b5e22a68 some more csrf fixes 2012-04-26 23:17:46 +02:00
Georg Ehrke 3f64eb25ab some fixes fore movable apps 2012-04-26 14:52:55 +02:00
Georg Ehrke 2e85313701 optimize code 2012-04-19 22:26:36 +02:00
Georg Ehrke 85019887df add loading of files 2012-04-19 16:44:49 +02:00
Georg Ehrke 3e0e6e35f4 open app thru index.php 2012-04-18 08:20:51 +02:00
Arthur Schiwon 30d524b426 load apps before logout so that logout-hook works 2012-02-20 11:21:46 +01:00
Bart Visscher f47444e1f7 Use separate function to make absolute urls 2012-02-17 22:07:14 +01:00
Thomas Tanghus f3e8776dc6 Merge git://gitorious.org/owncloud/owncloud into tanghus_remote_backup 2011-12-16 17:43:06 +01:00
Robin Appelman a862fec9a3 make remember login token also dependent on password to protect against some brute force attacks on this token 2011-12-14 13:26:34 +01:00
Thomas Olsen 21d613cbc6 Added export.php for contacts app. Works the same way as the one in the calendar app, except there is no UI for it.
Fixed indentation in /index.php
2011-12-01 02:02:45 +01:00
Robin Appelman b0127e3918 use OC_Log instead of error_log 2011-10-16 21:42:24 +02:00
Robin Appelman 9a5af50f32 Merge commit 'refs/merge-requests/59' of git://gitorious.org/owncloud/owncloud 2011-10-14 20:34:36 +02:00
Patrick Stricker 2cc5f5e19e made work with http authentication kind of sso login 2011-10-13 10:04:39 +02:00
Thomas Schmidt e710bcb6d3 add owncloud autosetup option 2011-10-10 11:48:58 +02:00
Marvin Thomas Rabe 4bcb6f5346 remeber cookie bug fixed 2011-10-04 19:41:00 +02:00
Marvin Thomas Rabe 33f24a42b8 redirect url fixed 2011-10-04 19:27:57 +02:00
Marvin Thomas Rabe 6d8985ceb2 added infield labels. readded fade in of login button. updated label on install page. 2011-10-03 14:41:55 +02:00
Marvin Thomas Rabe 481a37fcf3 Show database only in advanced 2011-10-03 13:32:16 +02:00
Marvin Thomas Rabe c943f48547 fixed link to password recovery. removed duplicated and unused code out of index.php. 2011-10-01 11:08:49 +02:00
Bart Visscher 21a88613a1 Merge branch 'lostpassword'
Conflicts:
	core/templates/login.php
	index.php
	lib/util.php
2011-09-30 23:48:20 +02:00
Marvin Thomas Rabe ccfa2dd24c Error when only oc_remember_login cookie set fixed.
Filled username field when oc_username is set repaired.
Problems with "advanced settings" button in installation wizard fixed.
CSS improved - login and installation now looks more clean.
Request password link removed (email feature not implemented yet).
Database radio button bugs removed.
It is possible to have an empty database password, now ownCloud will support this "security issue".
Ignore Mac OS X ".DSstore" files.
Fade in/out of login button and remember checkbox removed due to some display errors.
2011-09-30 18:25:34 +02:00
Frank Karlitschek bf3248bee9 remove warning by check cookie before accessing it. 2011-09-27 15:31:30 +02:00
Bart Visscher 950d4e1da4 Move lostpassword code to own app 2011-09-26 21:17:26 +02:00
Bart Visscher aae6881494 Move display of login page to function in OC_Util 2011-09-26 21:17:17 +02:00
Robin Appelman 3bccebacbc prevent people from triggering the setup manually 2011-09-24 19:06:08 +02:00
Florian Pritz 8648e3c43c only call error_log() if DEBUG is true
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-24 18:41:47 +02:00
Bart Visscher e990ef3542 Move some common code to OC_Util
Created the following function:
 - checkLoggedIn
 - checkAdminUser
 - redirectToDefaultPage
2011-09-18 21:31:56 +02:00
Bart Visscher 8966ed5a00 Cleanup lib/base.php 2011-09-18 20:57:05 +02:00
Bart Visscher 82c7598861 Remove global vars and use the OC static version.
Removed global vars are DOCUMENTROOT, SERVERROOT, SUBURI, WEBROOT and CONFIG_DATADIRECTORY
2011-09-18 19:37:54 +02:00
Bartek Przybylski 94696ea7de remember changed not to store password in cookie 2011-09-18 15:05:53 +02:00
Bartek Przybylski 68e7666293 Changed behaviour of remember checkbox 2011-09-18 09:15:30 +02:00
Michael Gapczynski 1c955606a1 Initial work on resetting forgotten passwords. It works, but still need to email a token to allow reset 2011-08-29 14:37:18 -04:00
Serge Martin 7c254dd94d Exit after call to setup 2011-08-07 15:39:01 +02:00
Robin Appelman 01cecc8388 redirect index.php to files/webdav.php for webdav (PROPFIND) requests 2011-08-04 20:06:33 +02:00
Jakob Sack bafd684eb6 Renaming classes :-) 2011-07-29 21:36:03 +02:00
Jakob Sack 2f807a3c7f Delete requires in applications where possible 2011-07-27 19:25:49 +02:00
Robin Appelman 9d1c5c855b fix warning if no username is set in the cookie 2011-07-22 00:47:20 +02:00
Bartek Przybylski c5776fdae4 remember login added 2011-07-20 15:04:14 +02:00
Kamil Domanski 0603391405 fixed page reload after logout 2011-06-20 21:09:34 +02:00
Jakob Sack b31a8ac985 More l10n-stuff 2011-06-19 23:33:34 +02:00
François Kubler 13ddf8100f New installer.
* Forms have been revamped (CSS + javascript),
* Process has been improved : errors are displayed on the form page,
* Some changes in the index.php page so that everything related to installation is in lib/setup.php
* Also added a small function in OC_HELPER class to set input values.

All these should improve the installation process in terms of ergonomics.
Well, I do hope so.
2011-05-17 22:34:31 +02:00
Jakob Sack 6b83e5ccfe renamed installer.php to setup.php 2011-05-06 22:50:18 +02:00
Robin Appelman a977ba31ce create .htaccess files during installation for apache users 2011-04-18 14:12:53 +02:00
Robin Appelman fde08b2389 installer now works when using mysql 2011-04-17 11:10:03 +02:00
Robin Appelman 3263b80ea9 first-run wizzard wip 2011-04-17 00:45:05 +02:00
Robin Appelman 5409b34b06 check if an item in an array exists before we use it 2011-04-16 21:17:57 +02:00
Frank Karlitschek 26974d0465 fixing other peoples bad coding style ;-) 2011-04-16 20:52:12 +02:00
Robin Appelman c5f9c5b8a3 fix infinite redirect error that happend in rare cases 2011-04-16 19:22:26 +02:00
Robin Appelman 1495ec0f31 show server configuration errors on seperate page 2011-04-16 15:49:55 +02:00
Jakob Sack b5f913a3fc Merge branch 'refactoring' of git://anongit.kde.org/owncloud into refactoring 2011-04-16 14:59:27 +02:00
Jakob Sack 4c74029489 First sketch of a user administration 2011-04-16 14:59:10 +02:00
Robin Appelman 50035f5a92 redirect to owncloud root after logout 2011-04-16 13:24:26 +02:00
Jakob Sack 8465f76e7e Use OC_CONFIG where possible 2011-04-16 12:18:42 +02:00
Robin Appelman 232654cb60 get rid of the oc_require and friends 2011-04-16 10:12:53 +02:00
Jakob Sack 132695ceb1 Start of the refactoring. Commit is quite big because I forgot to use git right from the beginning. Sorry. 2011-03-01 23:20:16 +01:00
Jonathan Riddell d294c2f6bd Fix licencing, make headers refer to intended AGPL, include copy of AGPL 2011-02-09 14:50:27 +00:00
Martin T. H. Sandsmark 64d4d57615 fix permissions, start to implement private data api 2010-07-16 11:36:03 +02:00
Thibaut GRIDEL 19ab1292fb simple fixes 2010-05-02 11:24:46 +02:00
Robin 38bdf4083a same fixes, this time hopefully without merge conflict 2010-04-19 19:46:42 +02:00
Frank Karlitschek 7adbbfe05c add Open Collaboration API support. You can now connect your ownCloud with the KDE Social Desktop and push notifications to your Social News Plasmoid. This requires KDE trunk or KDE SV 4.5 2010-04-14 16:58:52 +02:00
Frank Karlitschek c69eab18d2 Merge commit 'refs/merge-requests/18' of git://gitorious.org/owncloud/owncloud
merge

Conflicts:
	index.php
2010-04-12 15:50:39 +02:00
Robin 4a1d9370fc small visual changes 2010-04-12 14:49:10 +02:00
Robin 48341b0826 visual changes 2010-04-12 14:31:22 +02:00
Frank Karlitschek 2a75c0d044 merge Adityas improvements 2010-03-29 16:21:00 +02:00
Robin f16f1e508f added option to load js files from php 2010-03-28 13:07:13 +02:00
root 6d57de7b32 cleanup autoconfiguration wizard, add settings page, make it run from subdirectories, huge cleanup 2010-03-16 08:48:36 +01:00
Robin 35b9aabd01 do not asume owncloud is installed in the root of the webserver 2010-03-15 15:41:53 +01:00
Frank Karlitschek d12bd67ebf Merge commit 'refs/merge-requests/3' of git://gitorious.org/owncloud/owncloud 2010-03-14 22:01:38 +01:00
CharlyCoste c921e5422d <br /> is not a valid strict xhtml1.0 tag. Not semantic. Replacing it by CSS instructions on semantic tags. 2010-03-14 02:03:29 +01:00
Aaron Reichman a98a83802b Changed spelling of lisener to listener 2010-03-13 13:34:46 -08:00
Frank Karlitschek 16f3bd4e23 commiting ownCloud 1.0 beta 1 2010-03-10 13:03:40 +01:00