Commit graph

320 commits

Author SHA1 Message Date
Lukas Reschke
e25a0303f4 Streamline CSRF and login check
Let's make this consistent with other pieces of the code to make it easier to auditable.
2015-01-20 12:24:13 +01:00
Lukas Reschke
003fc183a2 Remove stripslashes() from newfolder.php 2015-01-19 14:12:36 +01:00
Lukas Reschke
96cd7c017a Check for existence of $_GET keys
`$dir` may for example very well not get passed at well.
2015-01-14 14:16:18 +01:00
Lukas Reschke
3ff3f641d6 Get rid of stripslashes()
This conversions are actually totally unneeded and probably left-overs from ages where the safe_mode was still a valid thing.
2015-01-13 17:43:36 +01:00
Morris Jobke
2a03568623 Merge pull request #13279 from owncloud/upload-original-name
Send the proper original name for uploaded files
2015-01-12 17:48:12 +01:00
Robin Appelman
6daedaf344 Send the proper original name for uploaded files 2015-01-12 15:30:47 +01:00
Lukas Reschke
f65cf498f4 Check for existence of $_GET keys
Otherwise PHP errors are thrown in the error log.
2015-01-09 17:46:14 +01:00
Lukas Reschke
199276bcbb Verify existence of $_GET key
Otherwise when the file without any specified mimetype was accessed the error log was flooded with entries such as "Undefined index: mime", there can be multiple issues found about this in the forum and our bugtracker.

To test this access `/index.php/apps/files/ajax/mimeicon.php` with and without `$_GET['mime']`.

Fixes itself.
2015-01-09 02:31:59 +01:00
Robin Appelman
64e3ebae74 Add error handling to getstoragestats.php 2015-01-06 15:56:06 +01:00
Vincent Petry
4b1b93507d Only populate tags in main file list
Moved populateTags to be done on the main file list.
This prevents the public file list to go through the same code and cause
an error when there is no user.
2014-12-18 15:36:18 +01:00
Morris Jobke
e969fe6b12 Merge pull request #12698 from owncloud/handle_readonly_shared_files
Handle readonly shared files
2014-12-12 08:34:28 +01:00
Jörn Friedrich Dreyer
c615b3527f show readonly message in file conflict dialog, make it always selected 2014-12-11 16:32:27 +01:00
Victor Dubiniuk
adc7135429 Skip headers that can not be split 2014-12-08 23:43:43 +03:00
Robin Appelman
4321d7522e Check if files are deletable before trying to delete them 2014-11-26 12:14:35 +01:00
Morris Jobke
c5fa8f1bdc Merge pull request #12421 from owncloud/issue/6101-remove-namespace-permission-constants
Issue/6101 remove namespace permission constants
2014-11-26 08:31:23 +01:00
Joas Schilling
2c39aec8cb Replace deprecated constant with new class constant 2014-11-25 16:30:21 +01:00
Bjoern Schiessle
1d33503487 we no longer need to keep the session open for encryption 2014-11-25 13:37:11 +01:00
Lukas Reschke
3efac5a4f2 Prevent division by zero
Potentially fixes https://github.com/owncloud/core/issues/11742
2014-10-24 00:10:22 +02:00
Jörn Friedrich Dreyer
18e3856092 log exceptions when listing files 2014-10-08 18:49:43 +02:00
Lukas Reschke
6eeb905871 Do only follow HTTP and HTTPS redirects
We do not want to follow redirects to other protocols since they might allow an adversary to bypass network restrictions. (i.e. a redirect to ftp:// might be used to access files of a FTP server which might be in a secure zone and not be reachable from the net but from the ownCloud server)

Get final redirect manually using get_headers()

Migrate to HTTPHelper class and add unit tests
2014-09-22 20:02:32 +02:00
Lukas Reschke
c3d90b96c8 Merge pull request #10922 from owncloud/explicit-scan-transactions
Use bigger transactions when doing explicit file system scans
2014-09-09 23:32:32 +02:00
Lukas Reschke
70abce0482 Merge pull request #10739 from owncloud/eventsource-public
Add EventSource to the public API
2014-09-08 18:46:27 +02:00
Robin Appelman
644755df66 Use bigger transactions when doing explicit file system scans 2014-09-08 14:15:41 +02:00
Vincent Petry
e43c9b84c4 Catch exceptions when moving files
When moving files on storages that don't expose permissions, the storage
itself might throw an exception when the permission is denied.

This fix ensures that exceptions are caught and forwarded to the client
instead of just hanging.
2014-09-05 14:54:06 +02:00
Robin Appelman
fa3393674c Better phpdoc and method naming 2014-09-04 13:26:51 +02:00
Robin Appelman
65608d7c92 Use the public api to get event sources 2014-09-03 13:36:15 +02:00
Robin Appelman
d0266c0bf8 Use public api for getting l10n 2014-08-31 10:08:22 +02:00
Jörn Friedrich Dreyer
f551917a3c kill OC::$session
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession

restore order os OC::$session and OC::$CLI

remove unneded initialization of dummy session

write back session when $useCustomSession is true

log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
Bjoern Schiessle
043cd1d02b set incognitoMode to true, getUser should always return false during public upload 2014-08-18 16:39:25 +02:00
Björn Schießle
27d94e9273 Merge pull request #10295 from owncloud/file_actions_error_handling
file actions improved error handling
2014-08-14 11:44:50 +02:00
Bjoern Schiessle
5b75b15292 no error if we try to delete a file which no longer exists 2014-08-11 12:03:08 +02:00
Bjoern Schiessle
5bbecdb9ee no special action for folder named 'Shared' needed 2014-08-11 12:03:08 +02:00
Jörn Friedrich Dreyer
c24957565c check quota when trying to download a file via new -> web 2014-08-08 14:35:33 +02:00
Robin Appelman
8339618ead More error catching in list.php 2014-07-01 14:58:17 +02:00
Robin Appelman
4526bc0ba6 Handle StorageNotAvailableException in ajax/list.php 2014-06-30 16:12:12 +02:00
Joas Schilling
c98b7fe7fc Merge if statements 2014-06-23 18:10:08 +02:00
Vincent Petry
909e505c2e Remove warning when deleting all entries
When deleting all entries, only "allfiles" is defined but not "file" or
"files", which caused a PHP warning to be logged.
2014-06-23 15:57:45 +02:00
Vincent Petry
9ef7410abe Fixed uploading by drag and drop into folder 2014-06-19 16:14:10 +02:00
Thomas Müller
201cc59fe0 php upload errors are written to log 2014-05-22 12:20:27 +02:00
Vincent Petry
688f6162da Add sorting to files list, trashbin and public files 2014-04-28 17:42:04 +02:00
Thomas Müller
6d373e97c3 remove unused exit() 2014-04-07 23:02:49 +02:00
Thomas Müller
3587c88fe9 Merge branch 'master' of https://github.com/lukepolo/core-1 into lukepolo-master
Conflicts:
	apps/files/js/file-upload.js
2014-04-07 22:28:16 +02:00
Vincent Petry
7c9537f33a Fixed dirInfo check for non existing dir in files ajax call 2014-04-03 17:04:13 +02:00
Vincent Petry
0be9de5df5 Files, trashbin, public apps use ajax/JSON for the file list
Files app:

- removed file list template, now rendering list from JSON response
- FileList.addFile/addDir is now FileList.add() and takes a JS map with all required
  arguments instead of having a long number of function arguments
- added unit tests for many FileList operations
- fixed newfile.php, newfolder.php and rename.php to return the file's
  full JSON on success
- removed obsolete/unused undo code
- removed download_url / loading options, now using
  Files.getDownloadUrl() for that
- server side now uses Helper::getFileInfo() to prepare file JSON response
- previews are now client-side only

Breadcrumbs are now JS only:

- Added BreadCrumb class to handle breadcrumb rendering and events
- Added unit test for BreadCrumb class
- Moved all relevant JS functions to the BreadCrumb class

Public page now uses ajax to load the file list:

- Added Helper class in sharing app to make it easier to authenticate
  and retrieve the file's real path
- Added ajax/list.php to retrieve the file list
- Fixed FileActions and FileList to work with the ajax list

Core:

- Fixed file picker dialog to use the same list format as files app
2014-04-02 15:33:47 +02:00
Thomas Müller
5fa8f7cf12 Merge pull request #7107 from owncloud/load-apps-proper-master
Load apps proper master
2014-03-28 10:33:55 +01:00
Vincent Petry
e72b2e6e3b Fix public upload to not close session when encryption is on
The encryption app needs to create keys when uploading files, so the
session needs to be kept open in such case.
2014-03-24 17:34:37 +01:00
Thomas Müller
6ff96b34ad Merge branch 'master' into load-apps-proper-master
Conflicts:
	apps/files/ajax/rawlist.php
	cron.php
	ocs/v1.php
2014-03-21 14:05:08 +01:00
Thomas Müller
8a81df0f2c Merge pull request #7651 from owncloud/close-session-faster-master
Close session faster
2014-03-20 11:07:21 +01:00
Robin Appelman
214357ca68 Improve sorting performance of large lists of files 2014-03-19 13:53:59 +01:00
Thomas Müller
c216c4777b Merge branch 'master' into close-session-faster-master
Conflicts:
	apps/files/ajax/upgrade.php
2014-03-19 11:44:21 +01:00
Thomas Müller
6b9ae27b90 drop file cache migration OC5 -> OC6 2014-03-18 17:14:38 +01:00
Thomas Müller
58c216d0e8 close the session on all file operations 2014-03-10 14:39:27 +01:00
Vincent Petry
5671aac5ca Fixed log warning when deleting a single file 2014-03-07 15:03:35 +01:00
Bjoern Schiessle
2e73c957e5 don't allow to create a file or folder named 'Shared' in the root folder, also exclude all combinations of lower and upper case letters 2014-03-05 13:16:25 +01:00
Robin Appelman
7c92e2e3ad Update rawlist to work with new fileinfo object 2014-02-27 14:04:19 +01:00
Lukas Reschke
719f1111b6 Merge pull request #6714 from owncloud/files-newfileinvalidcharsfix
Added extra checks for invalid file chars in newfile.php and newfolder.php
2014-02-20 11:53:58 +01:00
Luke Policinski
b01492fecd Feature Added : Ability to drag and drop in Chrome 2014-02-19 21:28:32 +00:00
Luke Policinski
79a6d89bcc Feature Added : Ability to drag and drop in Chrome 2014-02-19 21:23:39 +00:00
Vincent Petry
952584e9c7 Merge pull request #7195 from owncloud/files-selectall
Do not send file list for select all on Download/delete
2014-02-19 14:33:24 +01:00
Vincent Petry
797e0a614c Added extra checks for invalid file chars in newfile.php and newfolder.php
- added PHP utility function to check for file name validity
- fixes issue where a user can create a file called ".." from the files UI
- added extra checks to make sure newfile.php and newfolder.php also
  check for invalid characters
2014-02-18 17:54:32 +01:00
Robin Appelman
d18b9f6ea4 use a FileInfo object of the directory when generting the filelist 2014-02-18 15:39:35 +01:00
Vincent Petry
d5397d813c Do not send file list for select all on Download/delete
- When all files are selected, do not send the whole file list
- Download will trigger download for the parent folder, also works
  with root
- Delete will send "allfiles" to the server that will find the file
  list or the passed directory by itself
2014-02-13 20:28:52 +01:00
Joas Schilling
9619459e37 Send correct path on file upload when using public app
Fix issue #7152
2014-02-12 15:49:09 +01:00
Joas Schilling
af7366cd30 Only add files to file list when uploading to current directory
Fix Issue #6683
2014-02-07 13:06:50 +01:00
Thomas Müller
21207c6a73 remove superfluous $RUNTIME_APPTYPES 2014-02-06 09:50:11 +01:00
Vincent Petry
58c7042e70 Added error message for when target folder was removed
Whent trying to upload/rename/create files in a folder that was removed
or rename, the correct error message is now shown.

In the case of upload of multiple files, the upload is cancelled.

This situation can happen if the target folder was renamed or removed
from another browser window or client.
2014-01-29 12:46:11 +01:00
Thomas Müller
23a4d0d44e OC_Util::setupFS($user) will create a data dir for the given string - no matter if the user really exists - OCP\JSON::checkUserExists($owner); introduces a ready to use check which will bail out with an JSON error 2014-01-21 11:32:30 +01:00
Vincent Petry
335b2f40a6 Fixed download file from URL error messages
- L10N now converted to string to make them work with json_encode
- Added specific error message when server doesn't allow fopen on URLs
- Fixed client side to correctly show error message in a notification
- Added OCP\JSON::encode() method to encode JSON with support for the
  OC_L10N_String values
2013-12-12 10:38:12 +01:00
Vincent Petry
008c3b80d6 Files app backend now normalizes paths before rendering templates
Before rendering breadcrumbs or the file list, the paths are now
normalized. This prevents the UI to show "." breadcrumbs in case the
path contains sections with "/./"

Fixes #5848
2013-11-14 13:24:05 +01:00
Vincent Petry
31181e4348 Fixed storage stats to be based on current directory
Previously, the storage statistics were always for the root dir.
This means that the upload button would always show the limit for the
root dir, even when uploading to a shared dir or external storage.

This fix adds a "dir" argument to getstoragestats.php.
2013-11-06 10:55:19 +01:00
Vincent Petry
35dd568f8f Added missing comma to make the next diff cleaner 2013-10-31 15:12:26 +01:00
Vincent Petry
e62ca4ea4f Append file etag to preview URLs
Fixes #5534
2013-10-28 14:14:55 +01:00
Andreas Fischer
eb2d66d1a0 Fix double not in newfile/newfolder language. 2013-10-27 11:53:14 +01:00
Jörn Friedrich Dreyer
4991a7bd06 fix translations 2013-10-23 17:02:41 +02:00
Jörn Friedrich Dreyer
a9735c8a6f cleanup array value assignment 2013-10-23 11:01:05 +02:00
Jörn Friedrich Dreyer
af7ec3169b cleanup precondition checking when creating new files / folders
- use i18n
- use trim when checking for empty file / folder name
- use more verbose error descriptions
2013-10-23 10:59:01 +02:00
Jörn Friedrich Dreyer
bc0faa1c4e use correct filename in error result json 2013-10-23 10:59:01 +02:00
Thomas Müller
bf46e0c317 fixing undefined variable $newname 2013-10-22 22:38:48 +02:00
Jörn Friedrich Dreyer
45e6d96702 prevent user from creating or renaming sth. to an existing filename
- show tooltip when violating naming constraints while typing
- when target filename exists on server fallback to dialog to interrupt the users flow because something unexpected went wrong
- fixes #5062
- also fixes some whitespace and codestyle issues in files js
- uses css selector over filterAttr in touched js files
2013-10-22 18:11:03 +02:00
Vincent Petry
9cfb438ff7 Fixed upload permissions distinction between public and logged in upload
Fixes #5370
2013-10-17 10:46:55 +02:00
Vincent Petry
09b084dfed Fixed file permissions after public upload
Fixes #5328
2013-10-14 17:28:53 +02:00
Thomas Müller
7c6ed6ab33 catch exceptions while uploading and pass on the error message 2013-10-08 15:03:24 +02:00
kondou
feb7028a78 Remove require in rawlist.php
Thanks @tanghus for pointing out the unneccessity of it.
2013-10-02 12:45:30 +02:00
kondou
013e9c27d2 Fix require in apps/files/ajax/rawlist.php 2013-10-02 12:21:52 +02:00
Thomas Müller
db39fede97 Merge branch 'master' into appframework-master
Conflicts:
	apps/files/lib/helper.php
	apps/files_trashbin/lib/helper.php
2013-09-25 09:52:12 +02:00
Jörn Friedrich Dreyer
4b3e56bcf9 remove unneccessary lib in namespace 2013-09-20 16:46:33 +02:00
Jörn Friedrich Dreyer
9e39118b52 namespaces use upcasefirst parts
when _ is left in namespace and files are named after their classes the autoloader will also find classes in the lib folder of an app
its magic!
2013-09-20 16:37:07 +02:00
Jörn Friedrich Dreyer
7e0631b3b8 Merge branch 'master' into fix_3728_with_file_exists_dialog
Conflicts:
	apps/files/js/filelist.js
2013-09-19 17:00:54 +02:00
Thomas Müller
43a96621ea adding comma to get cleaner diffs in the future 2013-09-18 23:42:36 +02:00
Thomas Müller
370ed814f7 add permissions of the file to the json response 2013-09-18 11:22:29 +02:00
Jörn Friedrich Dreyer
b59ce403d8 Merge branch 'master' into fix_3728_with_file_exists_dialog
Conflicts:
	apps/files/css/files.css
	apps/files/js/file-upload.js
	apps/files/js/filelist.js
	apps/files/js/files.js
	apps/files_sharing/js/public.js
	core/js/jquery.ocdialog.js
	core/js/oc-dialogs.js
2013-09-17 19:10:46 +02:00
Thomas Müller
9b420e8660 use \OC::$server->getPreviewManager() instead of \OCP\Preview 2013-09-17 13:33:47 +02:00
Thomas Müller
db7e1dd877 Merge pull request #4853 from owncloud/external-shared_mimetype-icons
Use external and shared icons in OC.Dialogs.filepicker()
2013-09-15 02:42:14 -07:00
kondou
c117e719da Use external and shared icons in OC.Dialogs.filepicker() 2013-09-14 14:35:23 +02:00
Vincent Petry
364e7991a4 Fixed ajax support to also update the current dir permissions 2013-09-13 19:59:15 +02:00
Vincent Petry
1304b511e9 Ajax calls for "files" and "files_trashbin" apps
Frontend:
- The files app list now uses ajax calls to refresh the list.
- Added support the browser back button (history API).
- Added mask + spinner while loading file list

Backend:
- Added utility function in core JS for parsing query strings.
- Moved file list + breadcrumb template data code to helper
  functions
- Fixed some file paths in trashbin app to be similar to the files app
2013-09-13 19:59:14 +02:00
Jan-Christoph Borchardt
c7ca86799b Merge pull request #4816 from owncloud/fixing-723-master
Fixing 723 master
2013-09-12 07:48:00 -07:00
Thomas Müller
9d661eab23 adding calls to \OCA\files\lib\Helper::determineIcon($i) in files, trashbin and sharing 2013-09-12 00:40:35 +02:00
kondou
4d62f747fa Clean up rawlist.php and fix non-array request 2013-09-12 00:21:01 +02:00
kondou
83d3df4111 Split some lines, use ===, avoid unnecessary operation 2013-09-11 12:12:40 +02:00