wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7560 commits 157 branches 562 tags 714 MiB
Commit graph

203 commits

Author SHA1 Message Date
Frank Karlitschek
55f75c6d8e add a check and a warning if the ownClodu server is not able to establish http connections to the internet. The reason is that users complained that external filesystem support, the update checker, downloading of new apps or the nowledgebase don´t work and don´t know why. 2012-11-08 18:08:44 +01:00
Felix Moeller
1205749f8c Checkstyle: Fix the last two SpaceBeforeOpenBrace 2012-11-04 18:18:03 +01:00
Thomas Müller
8ac3849a95 Merge pull request #238 from fmms/checkstyle04 
Checkstyle fixes
 2012-11-04 08:59:45 -08:00
Lukas Reschke
8c4c74b23f Merge pull request #178 from owncloud/JustOneCSRFTokenPerSession 
Just one CSRF token per session
 2012-11-04 05:54:02 -08:00
Felix Moeller
30d7993e01 Checkstyle fixes: NoSpaceAfterComma 2012-11-04 11:10:46 +01:00
Felix Moeller
afadf93d31 Checkstyle: many fixes 2012-11-02 19:53:02 +01:00
Lukas Reschke
7a7f12a0c1 Create only one CSRF token per session 
Before, the CSRF token expired every hour. We had a script in place
which should refresh the token but this don't worked in every case.
(Laptop sleeping etc.)

With this commit, the token will only get once created for every
session so that the "Token expired" warning shouldn't appear.
 2012-10-31 18:37:59 +01:00
Lukas Reschke
ac784baef6 Generate only one CSRF token 2012-10-29 16:35:29 +01:00
Lukas Reschke
4d61eb3e4c Fix a typo 2012-10-29 16:33:39 +01:00
Felix Moeller
b7a02f0c93 NoSpaceAfterComma 
first in new branch
 2012-10-28 18:12:31 +01:00
Arthur Schiwon
be215a097a check if RUNTIME_NOAPPS is set before using it 2012-10-28 15:10:22 +01:00
Arthur Schiwon
b8a48b55a3 make sure all filesystem apps are loaded when setupFS is proceeded, to make sure the emmited setup-hook is received. Fixes #89 2012-10-28 13:48:08 +01:00
Arthur Schiwon
5b9ba2e033 remove whitespaces, no code change 2012-10-28 13:48:08 +01:00
Robin Appelman
ad720c4c17 possible fix for bombarding the server with the htaccess test during setup 2012-10-26 18:24:06 +02:00
Lukas Reschke
228a05a792 Check for iconv 2012-10-25 16:49:55 +02:00
Felix Moeller
e73b817a38 Checkstyle: NoSpaceAfterComma 2012-10-23 22:53:54 +02:00
Felix Moeller
2d61f03452 More Checkstyle cleanup 
This is for all LowerCaseConstant warnings
 2012-10-23 08:01:09 +02:00
Felix Moeller
03581ef463 Correct a first issue Checkstyle is complaining about ... 
This is BracketsNotRequired
 2012-10-22 21:40:33 +02:00
Lukas Reschke
65619af05b Disable enhancedauth by default 
Admins can still enable it via config.php
 2012-10-22 23:04:39 +02:00
Björn Schießle
d68b89cae4 add parameter to specify user for which OC_Filesystem should be initialized. 
(needed to share files via public links where no user is logged in)
 2012-10-22 14:55:53 +02:00
Björn Schießle
2499c24b8b load system wide configured mount points before accessing shared files 2012-10-18 17:15:30 +02:00
Björn Schießle
00ed2e87c9 check for mount points if file was shared from a different user 2012-10-18 17:15:30 +02:00
scambra
ec253f1354 Use strftime to format date with translated month names 2012-10-16 20:19:35 +02:00
Lukas Reschke
e299c241df Make enhanced auth configurable 2012-10-16 01:08:05 +02:00
Lukas Reschke
5c0407306c Set a standard value for enhanced auth time 2012-10-16 01:04:20 +02:00
Lukas Reschke
6f2e8788ca Make enhanced auth time configurable 2012-10-16 01:02:03 +02:00
Lukas Reschke
f4142bd2a8 Move isUserVerified to OC_Util 2012-10-16 00:47:38 +02:00
Lukas Reschke
1a187d1ca5 Fix PHP notice 2012-10-16 00:47:38 +02:00
Lukas Reschke
fa71e51e67 Use /dev/urandom instead of /dev/random 
The usage of /dev/urandom is enough secure
 2012-10-15 19:21:37 +02:00
Lukas Reschke
6e045b9ea1 Check if $_Post 2012-10-15 17:42:38 +02:00
Lukas Reschke
d33bec09fe Verify password page for users 2012-10-15 17:42:38 +02:00
Lukas Reschke
f08ff3b6e6 Correct formatting 2012-10-15 15:25:40 +03:00
Lukas Reschke
c930ac9f88 Merge pull request #30 from visit1985/logonpage 
extend logon page to display multiple error messages
 2012-10-15 03:52:11 -07:00
Bart Visscher
4af5b016cc Whitespace cleanup 2012-10-14 21:04:08 +02:00
Michael Göhler
7095b3a083 extend logon page to display multiple error messages 2012-10-14 19:57:24 +02:00
Lukas Reschke
2c427f050e Show a warning in the installer if no secure RNG is available 2012-10-14 17:18:30 +02:00
Lukas Reschke
d6c4b83f13 Fallback to /dev/random if openssl_random_pseudo_bytes not available 2012-10-14 16:14:45 +02:00
Björn Schießle
cb91e27ab3 check if directory already exist before executing mkdir 2012-10-12 16:31:03 +02:00
Bart Visscher
351f724193 whitespace fixes 2012-10-12 15:47:41 +02:00
Frank Karlitschek
fe5b4d2fba marks as 5.0 pre alpha 2012-10-10 15:35:19 +02:00
Frank Karlitschek
8e0676a66b 4.5 final 2012-10-09 16:02:01 +02:00
Frank Karlitschek
67a4aa7cf0 RC 3 2012-10-08 23:58:17 +02:00
Frank Karlitschek
5eaf95eedd check for SimpleXML which seems to bw non default on Free BSD 2012-10-06 17:37:38 +02:00
Frank Karlitschek
2d86258fc3 RC2 2012-10-03 12:39:48 +02:00
Frank Karlitschek
3fdebaa5dc automatically remove and prevent installation of apps with a require version less than the current one. We check now the first ad second part of the version number. 
Also increase the require tags of the core apps to 4.9 Please note that 4.9 is the internal versionnumber of the upcoming 4.5 release.
You have to pu a <require>4.9</require> into the info.xml of your app to make it as compatible with 4.5
 2012-10-02 12:10:45 +02:00
Robin Appelman
91d12a2f3d update the filecache by setting mtimes to 0 when the mount configuration has changed instead of clearing the cache 2012-09-30 16:12:16 +02:00
Lukas Reschke
ef57e9294b Fallback for systems without openssl 2012-09-29 16:44:02 +02:00
Lukas Reschke
578aa4e425 Removed sectoken 
This token is completly useless since an attacker can easily extract it
from the page.
 2012-09-29 15:18:38 +02:00
Lukas Reschke
bd804b74c4 mt_rand() is not secure from a security point of view and predictable. Let's use openssl_random_pseudo_bytes() instead. 
Before: 26 bits entropy
After: 72 bits entropy
 2012-09-29 15:03:09 +02:00
Bart Visscher
22d22d19c0 Do urlencoding in linkTo functions 2012-09-28 22:27:52 +02:00