Commit graph

2244 commits

Author SHA1 Message Date
Lukas Reschke
6eeb905871 Do only follow HTTP and HTTPS redirects
We do not want to follow redirects to other protocols since they might allow an adversary to bypass network restrictions. (i.e. a redirect to ftp:// might be used to access files of a FTP server which might be in a secure zone and not be reachable from the net but from the ownCloud server)

Get final redirect manually using get_headers()

Migrate to HTTPHelper class and add unit tests
2014-09-22 20:02:32 +02:00
Thomas Müller
21412559df remove post setup check 2014-09-22 19:43:55 +02:00
Bjoern Schiessle
9105e17307 unit tests for grouping of shares pointing to the same source 2014-09-22 17:54:47 +02:00
Bjoern Schiessle
89c3b650e6 group shares and combine permissions 2014-09-22 17:25:15 +02:00
Morris Jobke
9e8d2907e2 Merge pull request #11204 from owncloud/fix_oc_stream_seek
Fix oc stream seek
2014-09-22 16:25:07 +02:00
Clark Tomlinson
db72270acc fixing directory seperators 2014-09-22 10:13:46 -04:00
Lukas Reschke
ca3447fcde Add a configuration switch for enabled preview mimetypes 2014-09-22 16:09:08 +02:00
Thomas Müller
814114ab8e enhance formatDate function to accept an optional argument containing the time zone 2014-09-22 15:03:28 +02:00
Morris Jobke
831d34f084 Merge pull request #11210 from owncloud/issue/11209
Also match routes without trailing slash for files app
2014-09-22 14:04:20 +02:00
Vincent Petry
470c25eff4 WebDAV now throws 403 when deletion did not work
Assume a permission issue whenever a file could not be deleted.

This is because some storages are not able to return permissions, so a
permission denied situation can only be triggered during direct
deletion.
2014-09-22 13:15:17 +02:00
blizzz
b8a1340538 Merge pull request #9225 from voxsim/fix_displayNamesInGroup
fix in displayNamesInGroup
2014-09-22 12:13:15 +02:00
Jörn Friedrich Dreyer
f83689e1be in quota wrapper use === instead of ! for better readability and as in other wrappers 2014-09-22 11:35:42 +02:00
Jörn Friedrich Dreyer
561a7e47cd return boolean in Ciose::stream_seek 2014-09-22 11:33:55 +02:00
Joas Schilling
71bec60b92 Also match routes without trailing slash
Fix #11209
2014-09-22 11:22:33 +02:00
Jörn Friedrich Dreyer
b752cb98d8 return boolean in OC::stream_seek 2014-09-22 11:20:15 +02:00
Thomas Müller
8abf786af9 Merge pull request #10499 from owncloud/mkcol-headers-afterbind
Use afterBind to send fileId header for files and directories
2014-09-22 10:02:03 +02:00
Morris Jobke
154e848ce2 Merge pull request #11199 from owncloud/delete_bogus_previews
Delete bogus cached previews while updating
2014-09-21 22:48:21 +02:00
Georg Ehrke
071e4bfc06 make sure preview prop is instanceof OC_Image before using it in showPreview 2014-09-21 17:30:29 +02:00
Georg Ehrke
ab2554e013 delete old previews 2014-09-21 17:16:21 +02:00
Thomas Müller
7537d405e3 adding 'smallint unsigned' to type mapping for sqlite 2014-09-20 20:06:44 +02:00
Morris Jobke
463dd44d6d Merge pull request #11178 from owncloud/throw-error-on-preview-instead-in-the-contructor
Throw error in showPreview instead the constructor
2014-09-19 21:39:30 +02:00
Lukas Reschke
4c6bad7f71 Merge pull request #11158 from owncloud/fix_basic_auth
Move BasicAuth check to isLoggedIn
2014-09-19 13:39:13 +02:00
Lukas Reschke
6869d2e82a Throw error in showPreview instead the constructor
This function is also used in a way such as:

```
	$preview = new \OC\Preview(\OC_User::getUser(), 'files');
	$info = \OC\Files\Filesystem::getFileInfo($file);
	if (!$always and !$preview->isAvailable($info)) {
		\OC_Response::setStatus(404);
	} else {
		$preview->setFile($file);
		$preview->setMaxX($maxX);
		$preview->setMaxY($maxY);
		$preview->setScalingUp($scalingUp);
		$preview->setKeepAspect($keepAspect);
	}
```

Which won't work anymore since `setFile` is used instead of passing the file in the constructor. Fixes a regression in master.
2014-09-19 13:26:41 +02:00
Vincent Petry
437f8c3cd5 Merge pull request #11119 from owncloud/removeOldUpgradeRoutines
Remove old upgrade routines
2014-09-19 12:23:42 +02:00
Vincent Petry
f0186d99d2 Merge pull request #11163 from owncloud/check-for-updates-between-major-versions
Prevent updates between multiple major versions
2014-09-19 12:20:22 +02:00
Robin Appelman
33f7af9207 Merge pull request #10958 from owncloud/db-ilike
Introduce cross-db ILIKE
2014-09-19 12:07:56 +02:00
Lukas Reschke
a71af58535 Prevent updates between multiple major versions
Ref https://github.com/owncloud/core/issues/11078
2014-09-18 17:56:06 +02:00
voxsim
7a14f94ae5 1. remove sizeof($filteredUsers) > 0 as condition
2. use count instead of sizeof. Latter is an alias to first one, practically we stick to count everywhere. Having it consistent helps with readability.
3. move whitespace so we have $groupUsers[] = $filteredUser; instead of $groupUsers []= $filteredUser;
2014-09-18 17:50:19 +02:00
Lukas Reschke
d0d3b7457b Move BasicAuth check to "isLoggedIn()"
Ensures that Basic Auth works properly for APIs and removes the need for some even uglier lines of code.
2014-09-18 16:14:07 +02:00
Robin Appelman
a85f0ae2da Fix ILIKE without wildcards for oracle 2014-09-18 15:09:57 +02:00
Robin Appelman
c8dbdc29d0 Check for writable datadir during setup 2014-09-18 14:15:52 +02:00
Robin Appelman
23dd7cb51d Don't complain about non-writable datadirs before we're installed 2014-09-18 13:33:13 +02:00
Robin Appelman
6fa3280c2a Inject config into checkserver and cleanup tests 2014-09-18 13:33:13 +02:00
Lukas Reschke
d07d5915c9 Remove unused and overflowing function
Resolves https://github.com/owncloud/core/issues/10991 failure 4
2014-09-18 10:21:28 +02:00
Morris Jobke
c89c6ed21d Merge pull request #11143 from owncloud/improve-404
Make 404 page easier to understand
2014-09-18 09:10:16 +02:00
Lukas Reschke
8fc1a9f5a9 Make 404 page easier to understand
Fixes https://github.com/owncloud/core/issues/11133
2014-09-17 22:57:32 +02:00
Remco Brenninkmeijer
f930b356e6 Error needs to push body-id for new guest layout 2014-09-17 18:02:18 +02:00
Lukas Reschke
ef0a0f5f87 Merge pull request #9554 from owncloud/fix_preview_orientation
fix orientation in image-backend, not in preview system itself
2014-09-17 17:05:47 +02:00
Robin Appelman
0c03b2bdd5 Use ILIKE in cache search 2014-09-17 16:12:54 +02:00
Lukas Reschke
c88d517e88 Merge pull request #10622 from owncloud/recursive-delete-forbidden
Fix isDeletable
2014-09-17 15:36:41 +02:00
Robin Appelman
67b1ec1faf Implement ILIKE for sqlite 2014-09-17 13:47:55 +02:00
Robin Appelman
60587e9dcd Make sqlite LIKE case sensitive on default 2014-09-17 13:47:33 +02:00
Morris Jobke
c6eab9aaba fix error message template 2014-09-17 13:25:50 +02:00
Lukas Reschke
6d3757f864 Do not show exception to the end-user
Log the error instead of potentially leaking sensitive information
2014-09-17 13:17:52 +02:00
Morris Jobke
b644e8a5e7 Merge pull request #10932 from owncloud/issue/10926
Add a method to get the absolute url for a route
2014-09-17 13:05:26 +02:00
Lukas Reschke
33c0d2f743 Fix mapping of relative paths 2014-09-17 11:38:10 +02:00
Robin Appelman
2f22e67570 Also check if the file itself is updatable 2014-09-17 11:35:16 +02:00
Robin Appelman
d25a9a118f Check if a folder is deletable before we try to recursively delete it 2014-09-17 11:35:16 +02:00
Robin Appelman
ab79caf29b Check if the parent is writable to check if a file is deletable 2014-09-17 11:35:16 +02:00
Lukas Reschke
0d37e16499 Merge pull request #11092 from owncloud/conceal_sabredav_version
Conceal or display SabreDAV version number.
2014-09-17 10:35:50 +02:00
Lukas Reschke
2cfa07049f Remove old upgrade routines
We do not support updates from 6 to 8 directly, therefore we can remove those upgrade routines.
2014-09-16 20:27:52 +02:00
Lukas Reschke
368391e401 Merge pull request #11009 from owncloud/tobiasKaminsky-route
REST API for thumbnails
2014-09-16 19:31:51 +02:00
Lukas Reschke
4ebc11aa8d Merge pull request #11102 from owncloud/visit1985-issue_108
mysql setup: if dbuser exists try a different one (owncloud/core#108)
2014-09-16 18:54:37 +02:00
Lukas Reschke
d2743e6ad6 Merge pull request #7254 from owncloud/core-sortalgo
Fixed JS sort comparator to be consistent between JS and PHP
2014-09-16 17:29:03 +02:00
Thomas Müller
ba445e85b2 Merge pull request #11082 from owncloud/deduplicateDependencyCheck
Deduplicate dependency checks
2014-09-16 16:33:02 +02:00
Lukas Reschke
2f10b60c9e Merge pull request #10754 from cetra3/master
Refactor internal session handler to write directly to $_SESSION
2014-09-16 15:48:19 +02:00
Thomas Müller
ca35d86c5a adding ILIKE to AdapterSQLSrv 2014-09-16 15:44:21 +02:00
Robin Appelman
1771bfc2f2 Introduce cross-db ILIKE 2014-09-16 15:32:34 +02:00
tobiasKaminsky
e62d5b7e55 Route for thumbnail generation
Thumbnail generation

Removed Log

Added requested changes

Added requested changes.

- Fix code style
- Add exception if file does not exist
- Switch route styling

Replaces https://github.com/owncloud/core/pull/10805

Fix codestyle

Fix codestyle

Migrate to appframework

Fix typo
2014-09-16 15:00:58 +02:00
Lukas Reschke
261d07c95c Merge pull request #11084 from owncloud/no-migration-for-mssql-master
Disable database migrations for MSSQL - scripts have to be applied manua...
2014-09-16 14:00:24 +02:00
scolebrook
f31e4066de Conceal or display SabreDAV version number in browser and http response headers. 2014-09-16 13:25:44 +02:00
Lukas Reschke
5813cf32dc Deduplicate dependency checks
Some code that I also used for https://github.com/owncloud/administration/pull/11
2014-09-16 13:07:47 +02:00
Michael Göhler
e6609d0970 simplify mysql user creation flow
if dbuser exists try a different one, owncloud/core#108

changed outdated comment

corrected length calculation

changed indentation for else clauses
2014-09-16 11:53:54 +02:00
Morris Jobke
dd70d1b88c Merge pull request #11090 from owncloud/fix-undefined-class-and-phpdoc
Fix unexisting class and PHPDoc
2014-09-16 10:29:01 +02:00
Morris Jobke
af52ffc5d5 Merge pull request #10639 from owncloud/fix_naming_schema_preview_with_aspect
add y to with-aspect naming schema
2014-09-16 08:36:33 +02:00
Morris Jobke
245a0e2ad8 Merge pull request #10362 from owncloud/preserve_transparency_on_fileload
Preserve transparency when loading from a file
2014-09-16 08:33:56 +02:00
voxsim
1366133d2b add more logic in displayNamesInGroup for big user bases 2014-09-15 18:37:54 +02:00
Lukas Reschke
4f0f7e35ca Fix unexisting class and PHPDoc
You can't add int here as hint...
2014-09-15 17:08:56 +02:00
Morris Jobke
06eb3b62c6 Merge pull request #10109 from owncloud/issue_#9793_guestlayout
Step one, open guest layout for different styles.
2014-09-15 15:15:41 +02:00
Georg Ehrke
cf76933b76 add phpdoc 2014-09-15 15:10:03 +02:00
Georg Ehrke
3157d307f7 add y to with-aspect naming schema 2014-09-15 15:10:03 +02:00
Thomas Müller
d824d03fe1 Disable database migrations for MSSQL - scripts have to be applied manually 2014-09-15 15:00:32 +02:00
Lukas Reschke
07b14bcd4f Merge pull request #10960 from owncloud/use-intl-module-master
use intl's native normalizer_normalize() in case the module is available
2014-09-15 14:13:30 +02:00
Raghu Nayyar
1145529584 Merge pull request #11041 from owncloud/no-size-check-on-lock-master
content size checks are not valid for LOCK
2014-09-13 00:48:52 +05:30
Lukas Reschke
5ff999d69d Return false in case one of the values is null 2014-09-12 13:34:45 +02:00
Thomas Müller
27cd30aa94 content size checks are not valid for LOCK 2014-09-12 09:42:32 +02:00
Thomas Müller
4878f7a416 Merge pull request #11006 from owncloud/addCustomHex2BinImplementationBecauseSupporting53IsSomethingReallyReallyCoolAndWeAreObviouslySomeOfTheCoolGuys
Add custom hex2bin implementation for 5.3
2014-09-11 15:05:36 +02:00
Lukas Reschke
7d2c521b46 Step one, open guest layout for different styles.
Conflicts:
	core/templates/layout.guest.php

Step one, open guest layout for different styles.
2014-09-11 11:41:02 +02:00
Thomas Müller
59209e0f2b use intl's native normalizer_normalize() in case the module is available 2014-09-11 10:24:31 +02:00
Lukas Reschke
bfebbe47de Merge pull request #10962 from owncloud/repair_search_lucene
repair search lucene before installing
2014-09-11 10:09:43 +02:00
Lukas Reschke
1973275adc Add custom hex2bin implementation for 5.3
Fixes https://github.com/owncloud/core/issues/11004
2014-09-11 09:51:45 +02:00
kondou
18ef7bf1ed Preserve transparency when loading from a file
Fix #7148 - again :)
2014-09-10 23:49:21 +02:00
Thomas Müller
2a382a87d5 Merge pull request #10988 from owncloud/usetransactions-wrong-name
Fix method name useTransactions
2014-09-10 17:27:23 +02:00
Robin Appelman
fa2b385d33 Fix method name 2014-09-10 15:59:24 +02:00
Vincent Petry
70ebe86e60 Merge pull request #10929 from owncloud/issue/10514
Set overwritewebroot when installing owncloud to avoid problems
2014-09-10 15:07:57 +02:00
Jörn Friedrich Dreyer
8e2acb1482 repair search lucene before installing 2014-09-10 10:22:40 +02:00
Bernhard Posselt
ba698a4942 Merge pull request #10972 from ppaysant/routes-defaults
Allow default values for route parameters.
2014-09-09 23:40:46 +02:00
Lukas Reschke
c3d90b96c8 Merge pull request #10922 from owncloud/explicit-scan-transactions
Use bigger transactions when doing explicit file system scans
2014-09-09 23:32:32 +02:00
Patrick Paysant
cb5416b798 Allow default values for route parameters. 2014-09-09 23:00:29 +02:00
Bernhard Posselt
023e066971 more sugar for including lists of templates 2014-09-09 15:47:42 +02:00
Bernhard Posselt
d02f6c7ebe Merge pull request #10947 from owncloud/html-imports
add template functions for html imports
2014-09-09 14:07:46 +02:00
Jörn Friedrich Dreyer
3d4f77c8f1 Merge pull request #10949 from owncloud/allow_prefilling_login
allow prefilling login
2014-09-09 11:42:14 +02:00
Lukas Reschke
353155b516 Merge pull request #7323 from owncloud/Jonny007-MKD-master
Update adapter.php
2014-09-09 11:31:50 +02:00
Jörn Friedrich Dreyer
ed2414fd0d Merge pull request #10886 from owncloud/keep_fileid_on_move_in_objectstore
Keep fileid on move in objectstore, fixes #10848
2014-09-09 10:25:10 +02:00
VicDeo
efd485acda Merge pull request #10858 from owncloud/issue/10847
Use correct language package so the subject is correctly translated
2014-09-09 01:11:34 +03:00
Jörn Friedrich Dreyer
0aad7fa1b1 allow prefilling login 2014-09-08 21:44:13 +02:00
Bernhard Posselt
f685d03674 append .html since componets always use html files 2014-09-08 21:37:18 +02:00
Bernhard Posselt
4aff85cd0c add template functions for html imports 2014-09-08 21:19:44 +02:00
Lukas Reschke
70abce0482 Merge pull request #10739 from owncloud/eventsource-public
Add EventSource to the public API
2014-09-08 18:46:27 +02:00
Lukas Reschke
c79c894dbb Merge pull request #10755 from owncloud/shorter_sharing_links
Shorter sharing links
2014-09-08 17:26:20 +02:00
Lukas Reschke
2d847934ed Merge pull request #10938 from owncloud/useSecureMimetype
Use secure mimetype for content delivery
2014-09-08 17:13:54 +02:00
Lukas Reschke
5de404eb92 Merge pull request #10827 from oparoz/patch-2
Libreoffice config folder needs to be set
2014-09-08 16:41:26 +02:00
Lukas Reschke
fa718d2e2c Fix typo 2014-09-08 16:34:03 +02:00
Lukas Reschke
0cdfe4f8c2 Merge pull request #10911 from owncloud/template-funcs
Add template shortcut functions for style and script
2014-09-08 16:32:05 +02:00
Lukas Reschke
312ed18d15 Use secure mimetype for content delivery
Adds some hardening against potential CSP bypassed.
2014-09-08 15:57:39 +02:00
Joas Schilling
c5b5378558 Add a method to get the absolute url for a route
Fix #10926
2014-09-08 14:43:14 +02:00
Joas Schilling
249558966e Set overwritewebroot when installing owncloud to avoid problems
Fix #10514
2014-09-08 14:30:13 +02:00
Robin Appelman
644755df66 Use bigger transactions when doing explicit file system scans 2014-09-08 14:15:41 +02:00
Vincent Petry
637cff68ac Merge pull request #10862 from chli1/master
fix BadRequest error if CONTENT_LENGTH not set
2014-09-08 10:00:15 +02:00
cetra3
459ead69f6 Merge branch 'master' of https://github.com/owncloud/core 2014-09-08 15:05:49 +09:30
Bernhard Posselt
7e4d244200 add shortcut functions for style and script 2014-09-06 14:25:28 +02:00
Jörn Friedrich Dreyer
8488be4d03 Keep fileid on move in objectstore, fixes #10848 2014-09-05 13:25:59 +02:00
Robin Appelman
e29b7e9335 Remove explicit propagate calls 2014-09-05 11:53:24 +02:00
Robin Appelman
d0e83a71aa Update cache before post hooks 2014-09-05 11:53:24 +02:00
Robin Appelman
1d8a88dd1b Fix warning in homecache 2014-09-05 11:53:23 +02:00
Robin Appelman
850542c5d6 Refactor Cache\Updater to work outside of the users home 2014-09-05 11:53:23 +02:00
kondou
ecc9b42e41 Match \OC_Helper::linkToPublic() to new links and fit unittests 2014-09-04 20:44:50 +02:00
kondou
a10411d2bc Readd TOKEN_LENGTH 2014-09-04 19:09:26 +02:00
Jesus Macias Portela
523680cef2 Merge pull request #10840 from owncloud/issue_10674
Solve bug with touch always return true on /lib/private/files/view.php
2014-09-04 17:29:08 +02:00
kondou
226b203e20 Use base62 and remove configuration options for link length 2014-09-04 16:20:20 +02:00
kondou
c2d8eabd71 Change config.sample entry and use MediumSecurity 2014-09-04 15:52:23 +02:00
kondou
3bf725d7e0 Adapt token size to new generation and add an option for free length specification
Minimum size is 3 = 46656 tokens, maximum size is 64, which is what our DB allows.
2014-09-04 15:24:33 +02:00
kondou
2a4c51389c Use a route instead of s.php and convert tokens asap 2014-09-04 15:23:55 +02:00
kondou
0f2ad9862e Initial work on shorter links 2014-09-04 15:23:53 +02:00
Lukas Reschke
1a7df33233 Merge pull request #10818 from owncloud/enableappforgroupfix
Fix upgrade process when apps enabled for specific groups
2014-09-04 13:56:41 +02:00
chli1
712487c861 fix BadRequest error if CONTENT_LENGTH not set
If client does not send content length header on webdav upload (e.g. because the content comes from a stream and its length is not predictable) the put() method should not try to compare the content length value with the actually amount of received data, because this will always fail and results in a BadRequest exception. So the check will only be performed if $_SERVER['CONTENT_LENGTH'] is set.
2014-09-04 13:49:15 +02:00
Robin Appelman
fa3393674c Better phpdoc and method naming 2014-09-04 13:26:51 +02:00
Robin Appelman
8605e2e6a5 Explicitly cast id and validate type 2014-09-04 13:26:47 +02:00
Olivier Paroz
bbc2d7cf4f Typ in whichOpenOffice test 2014-09-04 12:54:20 +02:00
Joas Schilling
a0e8e88bc6 Use correct language package so the subject is correctly translated
Fix #10847
2014-09-04 11:23:23 +02:00
Lukas Reschke
8fec19a872 Merge pull request #10790 from cbhp/master
added missing User-Agents
2014-09-03 22:40:12 +02:00
Jesus Macias
91c8174013 Fix code with previous comments 2014-09-03 18:21:24 +02:00
Jesus Macias
883649b69c Reset changes on 3rdparty submodule 2014-09-03 18:20:09 +02:00
cbhp
c00450b2c7 always use a user-agent constant
Some providers block connections with missing user-agents. Also
user-agents are useful for analyzing requests. I've added a USER_AGENT
constant that is used in cURL and in file_get_contents.
2014-09-03 18:00:05 +02:00
Lukas Reschke
63a90a129b Use proper RNG generator
OC_Util::generateRandomBytes() only returns lowercase alphanumeric values.
We should use the new RNG which has a broader characterset.
2014-09-03 17:46:48 +02:00
Lukas Reschke
26f337d523 Only return lowercase letters and digits for backwards compatbility 2014-09-03 17:18:00 +02:00
Thomas Müller
954925eaa0 Merge pull request #10667 from pmjdebruijn/itunes-appid
defaults: add customizable defaultiTunesAppId
2014-09-03 16:26:20 +02:00
Olivier Paroz
eaab067716 env:UserInstallation was already there in master
My changes were made against stable7 and I merged them to the file in master, so this version is now the properly merged file for master.
I'm just adding `owncloud-<instanceid>` to the path where temp files are stored.
2014-09-03 16:08:40 +02:00
Lukas Reschke
373d1c5e9f Merge pull request #10642 from owncloud/securityutils
Add some security utilities
2014-09-03 15:28:42 +02:00
Clark Tomlinson
d64cacec43 Merge pull request #10826 from oparoz/master
Adding TIFF support to the files app
2014-09-03 09:14:35 -04:00
Clark Tomlinson
0400f7845c Merge pull request #10723 from owncloud/webdav-folder-size
adding new webdav property containing the folder size
2014-09-03 09:07:23 -04:00
Robin Appelman
65608d7c92 Use the public api to get event sources 2014-09-03 13:36:15 +02:00
Robin Appelman
dad53180bc Add event source to the public api 2014-09-03 13:36:15 +02:00
Robin Appelman
54c918fe48 Initialize an event source when we start using it, not in the constructor 2014-09-03 13:35:04 +02:00
Olivier Paroz
3bf155e138 This is not a PDF, there are no pages 2014-09-03 12:32:59 +02:00
Thomas Müller
6cdb1d89ae Merge pull request #10761 from canadaduane/fix_occ_upgrade
Ensure db connection before changing cache state
2014-09-03 11:27:16 +02:00
Thomas Müller
52dc31e13c Merge pull request #10725 from owncloud/sabredav-etag-master
adding OC-ETag header
2014-09-03 11:21:47 +02:00
Lukas Reschke
77c0adb520 Merge branch 'securityutils' of https://github.com/owncloud/core into securityutils 2014-09-03 11:04:49 +02:00
Lukas Reschke
50b430ee7c Add char consts, hash the specified password for the HMAC 2014-09-03 11:03:27 +02:00
Olivier Paroz
0c3c72aec0 Libreoffice config folder needs to be set
In order to avoid conflicts between multiple instances installed on one server, it's required to define a LibreOffice configuration folder per instance.

Just like with my PR for the documents app (https://github.com/owncloud/documents/pull/353), I propose to use /tmp/owncloud-instanceid
2014-09-03 03:12:35 +02:00
Olivier Paroz
b559b21dc3 Converts TIFF files to PNG 2014-09-02 22:56:39 +02:00
Olivier Paroz
1e600a0d36 Adding support for tiff files 2014-09-02 22:53:41 +02:00
Vincent Petry
e05b95636b Fix upgrade process when apps enabled for specific groups
Fix issue where the currently logged user was causing side-effects when
upgrading.
Now setting incognito mode (no user) on update to make sure the whole
apps list is taken into account with getEnabledApps() or isEnabled().
2014-09-02 17:16:14 +02:00
Robin Appelman
a9a37b5363 Don't automatically setup the filesystem the moment we load OC\Files\FileSystem 2014-09-02 16:15:42 +02:00
cbhp
969b41c1c9 added missing User-Agents
header "User-Agent" was missed
2014-08-31 19:44:06 +02:00
Morris Jobke
4024960a0e Merge pull request #10780 from owncloud/config-public
Extend public config interface
2014-08-31 15:54:35 +02:00
Lukas Reschke
8009df0b60 Merge pull request #10420 from owncloud/external-share-self-signed
Make external shares work with imported self signed certificates
2014-08-31 15:50:30 +02:00
Robin Appelman
0a1e5aebf1 Extend public config interface 2014-08-31 15:27:36 +02:00
Lukas Reschke
ae3425d2da Merge branch 'master' into securityutils
Conflicts:
	lib/private/util.php
2014-08-31 15:21:09 +02:00
Lukas Reschke
a197ef0f6c Merge pull request #10768 from owncloud/l10n-use-public
Use public api for getting l10n
2014-08-31 11:58:59 +02:00
Robin Appelman
bfa0c4b78a Explicitly set the timezones 2014-08-31 11:06:18 +02:00
Lukas Reschke
4efe6f6240 Add unit tests and fix rootcerts creation bug 2014-08-31 10:47:50 +02:00
Robin Appelman
e64aa330fd check for blacklisted file certificate filenames 2014-08-31 10:47:50 +02:00
Robin Appelman
79d896e830 Rename namespace 2014-08-31 10:47:50 +02:00
Robin Appelman
6044ad0e17 Cleanup certificate code 2014-08-31 10:47:50 +02:00
Robin Appelman
ba8416a04f move certificate classes to their own namespace 2014-08-31 10:47:50 +02:00
Robin Appelman
c158db7200 Add certificate class 2014-08-31 10:47:50 +02:00
Robin Appelman
c1b11571ea Move certificate management interface from files_external to core 2014-08-31 10:47:50 +02:00
Robin Appelman
4efdbff6df No need for this folder to be world accessible 2014-08-31 10:45:11 +02:00
Robin Appelman
dcc4f96d3e Verify names of certificates 2014-08-31 10:45:11 +02:00
Robin Appelman
ecdbf00628 Move certificate management code to core 2014-08-31 10:45:10 +02:00
Robin Appelman
d0266c0bf8 Use public api for getting l10n 2014-08-31 10:08:22 +02:00
Morris Jobke
06e6f10ce4 Add optional user ID parameter for getUseFolder 2014-08-31 09:49:19 +02:00
Duane Johnson
ccf440495e Ensure db connection before changing cache state
When trying to upgrade from 7.0.0 to 7.0.2, the manual upgrade path
(e.g. ` sudo -u www-data /usr/bin/php5 ./occ upgrade`) exits with the
following fatal error:

```
/var/www/owncloud# php occ upgrade
PHP Fatal error:  Call to a member function
  disableQueryStatementCaching() on a non-object in
  /var/www/owncloud/lib/private/db.php on line 423
```

This is caused by the self::$connection static variable having not
been initialized at the point of call. Adding a self::connect() fixes
the issue.

See https://forum.owncloud.org/viewtopic.php?f=29&t=23398&p=68556#p68556
2014-08-30 15:46:56 -06:00
cetra3
6b24aa5224 Refactor internal session to write directly to $_SESSION 2014-08-30 08:48:13 +00:00
Robin Appelman
0b88355368 Merge pull request #10721 from owncloud/kill-rand
Kill insecure random number generation
2014-08-29 19:48:00 +02:00
Morris Jobke
3a4b71ffb4 Merge pull request #10734 from owncloud/fix-10268
retrieve local users, groups and group members in a sorted way
2014-08-29 19:35:32 +02:00
Lukas Reschke
35276def1c Merge pull request #10614 from owncloud/remove-ee-hack
Remove different URL for EE
2014-08-29 18:23:15 +02:00
Jörn Friedrich Dreyer
10382ef2f0 allow empty hostname and dots in service name for oracle autosetup 2014-08-29 17:09:17 +02:00
Robin Appelman
3de69ff81b Don't register the call when rendering error pages 2014-08-29 15:44:39 +02:00
Robin Appelman
dd7b8e4555 Remove insecure fallback random number generation 2014-08-29 15:44:09 +02:00
Arthur Schiwon
0bb460c9b5 retrieve local users, groups and group members in a sorted way 2014-08-29 15:17:37 +02:00
Thomas Müller
96a931929e adding OC-ETag header 2014-08-29 12:09:33 +02:00
Thomas Müller
647120fb36 adding new webdav property containing the folder size 2014-08-29 11:39:02 +02:00
Jörn Friedrich Dreyer
f551917a3c kill OC::$session
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession

restore order os OC::$session and OC::$CLI

remove unneded initialization of dummy session

write back session when $useCustomSession is true

log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
voxsim
a49610e18a change logic in displayNamesInGroup and add some unit tests 2014-08-28 13:51:48 +02:00
Arthur Schiwon
aeb9cfc6c9 make sure class file is loaded once 2014-08-28 12:34:29 +02:00
Lukas Reschke
9ab62ad5b7 Escape error messages 2014-08-27 17:01:51 +02:00
Clark Tomlinson
cb0da1178b Merge pull request #10653 from owncloud/x-forwarded-for
Add support for getting the real client IP behind proxies
2014-08-27 10:32:34 -04:00
Pascal de Bruijn
49da0a7943 defaults: add customizable defaultiTunesAppId 2014-08-27 14:07:39 +02:00
Björn Schießle
c35d60f6d8 Merge pull request #9915 from suraia/unsharefromself-source
Allow specifying the item source in unshareFromSelf().
2014-08-27 10:31:35 +02:00
Lukas Reschke
3329e0f2b2 Use DI 2014-08-27 00:49:53 +02:00
Lukas Reschke
d26a9c3c58 Add some security utilities
This adds some security utilities to core including:
- A library for basic crypto operations (e.g. to encrypt passwords)
- A better library for cryptographic actions which allows you to specify the charset
- A library for secure string comparisions

Remove .htaccess

Remove .htaccess

Fix typo

Add public API

Use timing constant comparision

Remove CBC constant

Adjust code

Remove confusing $this
2014-08-27 00:18:04 +02:00
Lukas Reschke
7acdd018a1 Add support for getting the real client IP behind proxies
Fixes https://github.com/owncloud/core/issues/10624

Fix copy paste fail

Add unittest for comma separated headers

Revert 3rdparty
2014-08-27 00:05:04 +02:00
Thomas Müller
2e8026a7b5 Merge pull request #10619 from owncloud/issue/6722
Add a test to break the slugifyPath() with folder and file afterwards
2014-08-26 10:33:18 +02:00
Lukas Reschke
ca7e4c8c67 Add isAppstoreEnabled instead of hijacking the URL 2014-08-26 10:20:51 +02:00
Clark Tomlinson
6523c575f3 Merge pull request #10623 from owncloud/not-a-valid-resource-log-entries
Do not try to close the same resource multiple times
2014-08-25 12:52:06 -04:00
Vincent Petry
c86824fa09 Merge pull request #10023 from owncloud/tmp-file-created-status
Log unsuccessful temp file creation and return false
2014-08-25 17:24:46 +02:00
Joas Schilling
989da69cff Do not try to close the same resource multiple times 2014-08-25 15:31:43 +02:00
Joas Schilling
1846aebfff Use md5() of the original name instead of uniqid() for slugifying
Previously we used uniqid() here.
However this means that the behaviour is not reproducable, so
when uploading files into a "empty" folder, the folders name is
different.

If there would be a md5() hash collition, the deduplicate check
will spot this and append an index later, so this should not be
a problem.

Fix #6722
2014-08-25 15:06:12 +02:00
Joas Schilling
b861e1d696 Fix code layout before fixing the function 2014-08-25 15:06:10 +02:00
Jörn Friedrich Dreyer
ebf7758d10 Merge pull request #10595 from owncloud/swift-stream
Stream downloads from Swift object stores without downloading it first
2014-08-25 11:26:39 +02:00
Lukas Reschke
4bc72cc4e0 Remove different URL for EE
This can now be achieved by setting `appstoreenabled` to `false` in config.php
2014-08-24 20:22:15 +02:00
Clark Tomlinson
2ad0d3f1be Throw exception if file cannot be accessed via http
Format file

Removing calls to deprecated classes and using internal method to get via http

Missed a character

Fix inverted logic
2014-08-22 19:41:30 -04:00
Thomas Müller
a77d468d35 Merge pull request #10584 from owncloud/simple-wizard-trusted-domains
Add a trusted domain wizard
2014-08-22 17:12:17 +02:00
Lukas Reschke
88c3a4a31a Expose setSystemValue 2014-08-22 15:53:23 +02:00
Thomas Müller
0e8916b147 Merge pull request #7539 from owncloud/repair-legacystorageid
Added repair script to upgrade the legacy home storage ids
2014-08-22 14:22:39 +02:00
Robin Appelman
191a82e768 Stream downloads from Swift object stores without downloading it first 2014-08-22 14:11:36 +02:00
Thomas Müller
b8b2ef8748 no statement caching for Oracle 2014-08-22 12:06:36 +02:00
Robin Appelman
63570df75f Add files as string to tar archives 2014-08-21 08:49:57 +02:00
Robin Appelman
88c32861bc reformat 2014-08-21 08:49:57 +02:00
Vincent Petry
8f201c7383 Explicily close the statement cursors
Fixes the issue that makes SQLite freeze on later tests.
2014-08-20 23:49:15 +02:00
Lukas Reschke
92c80dd946 Merge pull request #10518 from owncloud/fix_storage_const_autoload
Fix storage const autoload
2014-08-20 23:23:42 +02:00
Vincent Petry
068f9d10f1 Added repair step for legacy storages 2014-08-20 23:14:05 +02:00
Vincent Petry
36c88e2830 Merge pull request #10422 from owncloud/dav-disablerangerequestwhennotsupported
Return whole file if range request cannot be granted due to encryption
2014-08-20 18:14:09 +02:00
Morris Jobke
9a5e745a64 fix typo 2014-08-19 16:45:22 +02:00
Morris Jobke
b3b3354809 move to public namespace 2014-08-19 14:05:08 +02:00
Stephan Peijnik
5d7deefd95 Use tabs for indentation.
Signed-off-by: Stephan Peijnik <speijnik@anexia-it.com>
2014-08-19 13:55:43 +02:00
Stephan Peijnik
2df52e54d7 Fix STORAGE_* constants usage by moving those constants into \OC\Files\Filesystem.
As constants not defined within a class cannot be automatically found by the
autoloader moving those constants into a class makes them accessible to
code which uses them.

Signed-off-by: Stephan Peijnik <speijnik@anexia-it.com>
2014-08-19 13:55:35 +02:00
Robin Appelman
fdfc5c67f8 Merge pull request #9866 from owncloud/app-upgrade
Don't do app upgrades in the background
2014-08-19 13:33:38 +02:00
Thomas Müller
1c23f54d42 Merge pull request #10341 from owncloud/issue/9928
[Issue/9928] Problems with filemtime in MappedLocal Storage
2014-08-19 10:10:09 +02:00
Vincent Petry
ec274ad40b Use afterBind to send fileId header for files and directories
afterBind is called for both files and directories and is now used to
send the OC-FileId headers.
2014-08-18 18:40:58 +02:00
helix84
722a119e46 fix typo in util.php 2014-08-18 15:59:36 +02:00
Robin Appelman
ab590ce9a0 fix undefined variable 2014-08-18 15:30:46 +02:00
Thomas Müller
62e06cb0ba Merge pull request #10472 from owncloud/fix_undefined_index_ocsid
check if array index ocsid is set before accessing it
2014-08-18 10:43:21 +02:00
Thomas Müller
c933848c55 Merge pull request #10156 from owncloud/issue/9968
Check return of fopen() before using it
2014-08-18 10:35:04 +02:00
Frank Karlitschek
ddeb301ad6 Merge pull request #10456 from kroimon/skeleton_dir_config
Make skeleton directory configurable.
2014-08-17 20:01:02 -04:00
Georg Ehrke
7347174636 check if array index ocsid is set before accessing it 2014-08-17 22:26:14 +02:00
Lukas Reschke
a2677c14c8 Remove X-Mailer header from mails 2014-08-17 18:55:13 +02:00
Stefan Rado
ccc46be740 Make skeleton directory configurable. 2014-08-16 01:07:42 +02:00
Lukas Reschke
a822a31ce3 Merge pull request #10442 from owncloud/move-failed-logins
Move authentication failed logging to checkPassword
2014-08-15 16:50:28 +02:00
Lukas Reschke
98fc56831d Merge pull request #9275 from NormalRa/master
Add .apk mimetype.
2014-08-15 14:41:53 +02:00
Lukas Reschke
a82cd1ff67 Fix unit test 2014-08-15 14:15:27 +02:00
Lukas Reschke
5bb4772858 Move authentication failed logging to checkPassword
Fixes https://github.com/owncloud/core/issues/10366
2014-08-15 12:13:00 +02:00
Jörn Friedrich Dreyer
799fb46927 add missing @deprecated annotation to legacy classes 2014-08-14 22:18:12 +02:00
Thomas Müller
c1102b1671 Merge pull request #10417 from owncloud/update_deprecation_doc
update deprecation docs
2014-08-14 17:54:23 +02:00
Björn Schießle
64c3fe670c Merge pull request #10399 from owncloud/fix_setSendMailStatus
[sharing] fix mail notification
2014-08-14 17:45:39 +02:00
Joas Schilling
4d32e3548b Ensure that filename is prefixed with a slash 2014-08-14 16:48:30 +02:00
Clark Tomlinson
4502eaf9f8 Merge pull request #10414 from owncloud/relax-code-checker
in order to prevent false-positives on the code checker - exec and eval ...
2014-08-14 09:35:20 -04:00
Vincent Petry
cc8c1d8e07 Return whole file if range request cannot be granted due to encryption
Whenenver range headers are set and encryption is enabled, it is not
possible to automatically fseek() to the proper position.

To avoid returning corrupt/invalid data or causing a decryption error,
the range headers are stripped so that the SabreDAV code in httpGet()
returns the whole file.
2014-08-14 15:18:49 +02:00
Jörn Friedrich Dreyer
fd798fd982 update deprecation docs 2014-08-14 12:22:34 +02:00
Morris Jobke
987a0565fb Merge pull request #10395 from owncloud/close-filehandle-lib-files
Close open file handles in files library
2014-08-14 10:57:54 +02:00
Thomas Müller
a4932dc5e2 in order to prevent false-positives on the code checker - exec and eval will not longer be grepped for 2014-08-14 10:48:42 +02:00
Thomas Müller
6d94fc846d Merge pull request #10394 from owncloud/close-filehandle-lib-image
Close file handle if exception occurs in image class
2014-08-13 22:41:33 +02:00
Robin Appelman
bba59bf815 Cast file id's to int so we can compare them properly 2014-08-13 19:18:34 +02:00
Bjoern Schiessle
d9f35d8c15 we need the recipient as a additional parameter to know for which share the notification was send 2014-08-13 17:02:51 +02:00
Morris Jobke
c6bf51c457 Close open file handles in files library
ref #10392
2014-08-13 15:48:32 +02:00
Morris Jobke
f61658945f Close file handle if exception occurs in image class
ref #10392
2014-08-13 15:19:58 +02:00
Robin Appelman
174805f5e3 Merge pull request #9762 from owncloud/owner-public
Return the proper owner for home storages
2014-08-12 14:29:17 +02:00
Normal Ra
1633ec5c87 APK mimetype icon to be a generic package icon. 2014-08-12 14:10:49 +02:00