Commit Graph

2379 Commits

Author SHA1 Message Date
Bjoern Schiessle 85ac75b4f4 xss vulnerability fixed 2012-06-25 12:38:11 +02:00
Bjoern Schiessle 0083dbb3ce Only delete existing thumbnails (bug #1100) 2012-06-25 10:11:06 +02:00
Brice Maron 6da926f1c3 Resolve scanning issue case comparison of songs 2012-06-24 15:58:51 +00:00
Brice Maron 5b908209de Correct seq name in media songs fix oc-589 2012-06-24 15:12:05 +00:00
Georg Ehrke a12557ca4d another fix for oc-1044 2012-06-24 09:42:14 +02:00
Tom Needham 1c0e72cd5a Text editor: Waste less space for line numbers 2012-06-23 14:43:52 +00:00
Tom Needham b591c83008 Text Editor: fix editor positioning 2012-06-22 16:20:09 +00:00
Bjoern Schiessle b6c862b32f use sanitizeHTML() function
Conflicts:

	apps/gallery/lib/tiles.php
2012-06-22 14:03:05 +02:00
Arthur Schiwon e5171da300 remove unnecessary closing PHP tag 2012-06-22 12:50:49 +02:00
Arthur Schiwon 0d9534eb4b LDAP: cheaper userExists() implementation 2012-06-22 12:43:09 +02:00
Bjoern Schiessle 65c14e21ce date don't change correctly in the view list (bug #973) fixed 2012-06-22 11:32:57 +02:00
Thomas Tanghus d72b85684f Only search for VEVENTs. 2012-06-21 20:53:50 +02:00
Bart Visscher 9045557258 Tasks: Add delete action 2012-06-21 20:18:12 +02:00
Bart Visscher d75b5cfdd2 Tasks: Use list label for ordering by list 2012-06-21 20:18:08 +02:00
Bart Visscher dda56c5e3d Tasks: Fix position of the summary input 2012-06-21 20:17:49 +02:00
Robin Appelman 46ad51cbe2 dont change the encryption key during the test case 2012-06-21 18:53:52 +02:00
Robin Appelman bd8b921de4 only use 1 fsview when initializing encryption 2012-06-21 18:36:16 +02:00
Robin Appelman da9107fe69 fix saved file size for uploaded files 2012-06-21 18:07:56 +02:00
Robin Appelman 7b4cb44af8 truncate decrypted files based on size 2012-06-21 17:51:54 +02:00
Georg Ehrke 096f5598b4 fix calendar 2012-06-21 16:23:13 +02:00
Georg Ehrke 288c5e7581 fix a PHP Notice 2012-06-21 15:20:53 +02:00
Bjoern Schiessle 3b4d2a971a check if user is allowed to edit bookmarks 2012-06-21 12:29:50 +02:00
Georg Ehrke 37ed3b5bd2 make edit event form work with DateTime Property UTC 2012-06-21 11:35:58 +02:00
Robin Appelman e43d02fadb fix encrypted flags not being saved correctly 2012-06-20 20:18:42 +02:00
Robin Appelman 9ba467d629 fix encryption for binary files 2012-06-20 20:18:42 +02:00
Robin Appelman 0f2600e9ea add binary test case for encryption 2012-06-20 20:18:41 +02:00
Robin Appelman e3f1507374 use absolute path for file proxies 2012-06-20 20:18:41 +02:00
Arthur Schiwon d0dbc8beab make bookmarks bookmarklet work again, kudos to Victor Dubiniuk 2012-06-20 20:04:41 +02:00
Bjoern Schiessle 5cc75ad818 Merge branch 'stable4' of gitorious.org:owncloud/owncloud into stable4 2012-06-20 17:08:48 +02:00
Bjoern Schiessle 8e427d80d3 use sanitizeHTML() function 2012-06-20 17:00:55 +02:00
Bjoern Schiessle 0e61b5457b use new sanitizeHTML() function 2012-06-20 17:00:33 +02:00
Arthur Schiwon a7f0811829 bookmarks: make read later-button draggable again, fixes oc-944 2012-06-20 16:31:22 +02:00
Arthur Schiwon 0289f442a8 forgotten $, incorrect subtract 2012-06-20 12:41:30 +02:00
Bart Visscher 311c2bc0d3 Calendar: Write-close session to enable parallel events.php requests 2012-06-19 23:18:26 +02:00
Bart Visscher c260db0e9a Tasks: Fix resizing of the content part 2012-06-19 23:17:14 +02:00
Bart Visscher 0d43d6402d Tasks: Use POST for ajax calls that change data 2012-06-19 23:17:00 +02:00
Bart Visscher cff1b6e699 Don't use substr to get first char of string 2012-06-19 23:16:17 +02:00
Arthur Schiwon 244920aeb0 LDAP: only map users within the User Base Tree 2012-06-19 01:15:58 +02:00
Thomas Tanghus d8048414aa Removed erroneous value attributes. Partial fix for oc-1029. 2012-06-18 00:39:38 +02:00
Tom Needham 8d67ca09b5 user_migrate: remove old code 2012-06-17 12:07:16 +00:00
Thomas Tanghus 33ab91710f PDF Viewer: Double encode link. 2012-06-16 19:49:57 +02:00
Thomas Tanghus 707660b35f files_imageviewer: Double encode paths. Fixes oc-1016. 2012-06-16 18:57:51 +02:00
Georg Ehrke fc632b5795 fix merge conflicts 2012-06-16 09:48:07 +02:00
Georg Ehrke cbe5449f47 remove a closing php tag in calendar 2012-06-16 09:40:32 +02:00
Michael Gapczynski ec3033a5dd Check for '\' as well when searching for parent folders, because Windows returns '\' for dirname() 2012-06-15 19:34:25 -04:00
Tom Needham c1744d2eb6 Move user import to personal settings. Fix user migration between servers. 2012-06-15 23:17:31 +00:00
Thomas Tanghus 5c6a7172ca Files: Double encode download links. Fix for oc-1016. 2012-06-15 15:58:10 +02:00
Bjoern Schiessle f9c34942e1 applied merge request #128: fixed some sorting and display issues with gallery app.
This also fix bug #872 for the new gallery
2012-06-15 10:46:29 +02:00
Arthur Schiwon b025ff8de3 reverting 8c7fa15aaf, differs between OC3 and 4 2012-06-14 18:33:00 +02:00
Thomas Tanghus 3b58c7a407 Remove debug statements. 2012-06-14 18:03:50 +02:00
Thomas Tanghus b6ee4c458b Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-14 18:00:45 +02:00
Thomas Tanghus 5b1a14f9ea Contacts: Implement CSRF prevention. 2012-06-14 18:00:13 +02:00
Bjoern Schiessle 60bd2562d8 fixed bug #996: first picture in folder is repeated in the last position behaving like a directory 2012-06-14 15:16:13 +02:00
Bjoern Schiessle df4737f52a prevent xss attacks also if some javascript ends up in the alt-tag 2012-06-14 14:19:12 +02:00
Bjoern Schiessle cd759aee00 fixed xss vulnerability in un-packed version of jquery.fancybox and repack it 2012-06-14 13:45:33 +02:00
Bjoern Schiessle 544f97f034 debugging output removed 2012-06-14 13:19:11 +02:00
Bjoern Schiessle 4a47fa255d xss vulnerability fixed for fancybox image viewer 2012-06-14 13:18:59 +02:00
Georg Ehrke f9af0ef703 fix another ui bug of calendar 2012-06-13 22:21:23 +02:00
Georg Ehrke 92a11011b1 another ui fix 2012-06-13 22:15:12 +02:00
Georg Ehrke 4ff11308a3 fix a ui bug for calendar sharing 2012-06-13 22:13:24 +02:00
Georg Ehrke e543ec6eb6 show username of the body who shares in the summary 2012-06-13 22:07:30 +02:00
Thomas Tanghus 3e339f3d66 Remove check for encryption. 2012-06-13 19:04:47 +02:00
Michael Gapczynski 7868b25dcc Fix incorrect creation of filesystem for user@group in data folder during shares 2012-06-12 21:34:35 -04:00
Georg Ehrke 48116cf9ab increase version of calendar app to force db upgrade 2012-06-12 19:54:07 +02:00
Georg Ehrke d54fc6dfd4 increase possible size of uri in database - fix oc-140 2012-06-12 19:54:07 +02:00
Bjoern Schiessle 635a2f8ec9 Label the delete operation "unshare" for files in the "Shared" folder to reduce
confusion about the operation.
2012-06-12 16:32:00 +02:00
Bjoern Schiessle ef6b6ac230 block slashes only for new files and new folders but not for file upload from url (bug #964) 2012-06-12 14:16:09 +02:00
Thomas Tanghus cee9d400c0 Contacts: Final (for now) fix to encoding probs on import. 2012-06-12 12:33:37 +02:00
Arthur Schiwon b70226b493 Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-12 11:57:36 +02:00
Bjoern Schiessle 4501407283 committed patch (bug #967) to add missing translations for file actions 2012-06-12 11:41:13 +02:00
Thomas Tanghus 210b71502b Fix copy/paste error. 2012-06-11 22:18:14 +02:00
Thomas Tanghus e0a5e3e992 Fix js for missing address fields. 2012-06-11 22:15:56 +02:00
Thomas Tanghus c75a7966de Contacts: Fix encoding errors, import errors, developer headache, paint cute kittens and pink clouds ;-) 2012-06-11 22:15:31 +02:00
Arthur Schiwon 266c5238c9 LDAP: offer config option for Group Display Name attribute 2012-06-11 16:50:54 +02:00
Thomas Tanghus 74eece2620 Contacts: Fix NOTE also on add, not just save. 2012-06-11 12:56:41 +02:00
Arthur Schiwon c110308c1e Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-11 12:14:10 +02:00
Arthur Schiwon 7f5e8e39c4 ldap: check array for emptiness, not nullness 2012-06-11 12:13:55 +02:00
Lukas Reschke 6da717b644 Merge branch 'stable4' of gitorious.org:owncloud/owncloud into stable4
Backport for sanitized user data.
2012-06-11 11:57:36 +02:00
Lukas Reschke d294373f47 Sanitzing user input 2012-06-11 11:56:54 +02:00
Lukas Reschke f8337c9d72 Using POST instead of GET. 2012-06-11 11:56:11 +02:00
Lukas Reschke cc653a8a40 Sanitize user input 2012-06-11 11:54:45 +02:00
Lukas Reschke 8f09299e24 Sanitizing user input 2012-06-11 11:54:03 +02:00
Bart Visscher f2216dc9d2 Gallery: Fix database creation on update, also only from version less then 0.5 2012-06-11 11:20:51 +02:00
Thomas Tanghus c898a8a6c9 Contacts: 11th hour fix for invalid VCARD from CardDAV. 2012-06-10 20:54:52 +02:00
Thomas Tanghus cdac0eae46 Merge branch 'stable4' of git://gitorious.org/owncloud/owncloud into stable4 2012-06-10 20:47:35 +02:00
Frank Karlitschek 6a44d02898 XSS-- 2012-06-10 19:54:04 +02:00
Bartek Przybylski 3970be3d7f fix variable name and undefined index notice 2012-06-10 17:25:19 +02:00
Bartek Przybylski 31d48d4ba4 adding missing file 2012-06-10 13:20:49 +02:00
Bartek Przybylski de6b683b50 fix first time image loading error 2012-06-10 13:19:22 +02:00
Bartek Przybylski 2dca0926b0 gallery: removing search provider for now 2012-06-10 13:19:17 +02:00
Bartek Przybylski 7ee722e0da removing app access check, fix title for links in tiles 2012-06-10 13:18:55 +02:00
Bartek Przybylski e073cd756c tabs for spaces, fix array key name 2012-06-10 13:18:47 +02:00
Bartek Przybylski f6c07094c2 hide share button until sharing wont be fixed 2012-06-10 13:18:41 +02:00
Bartek Przybylski 1853a83874 adding navigation bar to gallery 2012-06-10 13:18:36 +02:00
Bartek Przybylski fe64e625ff remove old code 2012-06-10 13:18:30 +02:00
Bartek Przybylski f0f9269161 adding missing file 2012-06-10 13:18:17 +02:00
Bartek Przybylski 6682c60866 pictures: update script and removal some all stuff 2012-06-10 13:17:23 +02:00
Bartek Przybylski 9c1cc15c8d adding title when fancybox is displayed 2012-06-10 13:16:19 +02:00
Bartek Przybylski c932f93a40 replace spaces with tabs, use const and linkTo instead of static path 2012-06-10 13:16:12 +02:00
Bartek Przybylski 276aefba81 hack for file download 2012-06-10 13:16:06 +02:00