Commit graph

296 commits

Author SHA1 Message Date
Thomas Müller
1fd1b355e4 Fix namespace of OC_Setup -> \OC\Setup 2015-02-23 16:44:40 +01:00
Vincent Petry
4290e1990e Merge pull request #13829 from owncloud/appmanager-list
Better caching for enabled apps
2015-02-23 16:03:32 +01:00
Thomas Müller
df3c73de72 Merge pull request #14403 from owncloud/update-license-headers
Update license headers
2015-02-23 13:53:16 +01:00
Jenkins for ownCloud
6a1a4880f0 Updating license headers 2015-02-23 12:13:59 +01:00
Lukas Reschke
43641d917b Use "off" and "off" instead of true booleans
Apparently a boolean in php.ini is according to the documentation "on" or "off"…

Fixes itself.
2015-02-23 09:40:15 +01:00
Lukas Reschke
2f0f38761d Add helper to check for ini values in OC_Util::checkServer
This allows to check for specific values in the PHP.ini that ownCloud requires for full compatibility.

`mbstring.func_overload`: https://github.com/owncloud/core/issues/14372
`output_buffering`: http://doc.owncloud.org/server/8.0/admin_manual/configuration/big_file_upload_configuration.html#configuring-php

Fixes https://github.com/owncloud/core/issues/14372 and https://github.com/owncloud/core/issues/14412
2015-02-21 12:12:34 +01:00
Robin Appelman
5542fafd36 allow overwriting the appmanager in oc_util by subclassing 2015-02-18 14:24:50 +01:00
Lukas Reschke
886bda5f81 Refactor OC_Request into TrustedDomainHelper and IRequest
This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.

This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.

Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.

Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969
2015-02-16 22:13:00 +01:00
Thomas Müller
fc7f279d90 catch any whitespaces which might get written to the output buffer while loading a theme 2015-02-12 16:42:17 +01:00
Yann VERRY
1fcea6f1bd in some case charset can be in lower case.
Add strtoupper() in UTF-8 check to avoid error message
2015-02-11 11:59:33 +01:00
Morris Jobke
11283c57d9 Merge pull request #11056 from AdamWill/9885-opcode
add function to invalidate one opcache file, use it if possible #9885
2015-02-10 17:21:15 +01:00
Lukas Reschke
2bd1c17345 Don't encode url unecessary twice
The URL was previously encoded twice which leads to getting redirected to a 404 page when the password has been entered incorrect at least once.

Testplan:

- [ ] Opening `http://localhost/core/index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fadmin` redirects to the admin page when providing the correct credentials
- [ ] Opening `http://localhost/core/index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fadmin` redirects to the admin page when providing the invalid credentials and then providing valid ones.
- [ ] Logging in as admin then going to the admin page and clearing the cookies and refreshing will show the login and when repeating the above test steps you're redirected correctly.

Fixes https://github.com/owncloud/core/issues/9804
2015-02-02 15:09:59 +01:00
Lukas Reschke
30a5758a95 Don't check for always_populate_raw_post_data on HHVM
HHVM seems to have problems with this at the moment (even setting those values in the php.ini of HHVM doesn't have helped much) and thus the unit test execution failed.

So it's better if we disable this check for now for HHVM.
2015-01-23 13:54:34 +01:00
Morris Jobke
7e4afa3f25 Merge pull request #13593 from owncloud/add-check-for-raw-post-data
Add check for `HTTP_RAW_POST_DATA` setting for >= 5.6
2015-01-22 23:59:52 +01:00
Morris Jobke
254a1fa12a Merge pull request #13314 from owncloud/login-hook-logout
Return false if the login is canceled in a hook
2015-01-22 23:34:19 +01:00
Morris Jobke
55c28608c9 translate error messages 2015-01-22 14:52:47 +01:00
Robin Appelman
8a9acc5083 Allow custom error messages for the login page 2015-01-22 14:13:02 +01:00
Lukas Reschke
bb80cf4eca Add check for HTTP_RAW_POST_DATA setting for >= 5.6
PHP 5.6 otherwise throws notices for perfectly valid code which results in broken endpoints.

Fixes https://github.com/owncloud/core/issues/13592
2015-01-22 13:50:38 +01:00
Bernhard Posselt
6737dd111d ignore core 2015-01-14 15:27:37 +01:00
Bernhard Posselt
4ec4914bb4 move check into addTranslation method 2015-01-14 14:57:56 +01:00
Bernhard Posselt
1cce1f0e6b dont load core scritps 2015-01-14 14:43:11 +01:00
Bernhard Posselt
d6f1ff7993 only load translsations for apps 2015-01-14 13:48:21 +01:00
Bernhard Posselt
8cb60b2366 make translation lookup faster (O(n) -> O(1)) 2015-01-14 13:39:29 +01:00
Bernhard Posselt
717e3acd9b autoload app's js translations 2015-01-14 13:34:52 +01:00
Bjoern Schiessle
89f17ef6fe adapt decrypt all and restore/delete key backups to the new folder structure for encryption key introduced with OC8 2015-01-13 12:45:33 +01:00
Lukas Reschke
e80ece9a2b Verify whether value is already normalized
Apparently `normalizer_normalize` is not verifying itself whether the string needs to be converted or not. Or does it at least not very performantly.

This simple change leads to a 4% performance gain on the processing of normalizeUnicode. Since this method is called quite often (i.e. for every file path) this has actually a measurable impact. For examples searches are now 200ms faster on my machine. Still not perfect but way to go.

Part of https://github.com/owncloud/core/issues/13221
2015-01-10 12:12:40 +01:00
Thomas Müller
296a852063 check for working htaccess will result in a dead lock because the server is blocking the request to itself - fixes #13153 2015-01-08 09:13:18 +01:00
Thomas Müller
aec79b0c0e Merge pull request #13043 from owncloud/check-for-hash
Check for hash
2014-12-28 14:12:57 +01:00
Lukas Reschke
222e4a0762 Check for hash
See https://github.com/owncloud/core/pull/13042
2014-12-28 13:23:34 +01:00
Frank Karlitschek
4a40e5699c remove Edition 2014-12-25 11:36:41 +01:00
Frank Karlitschek
3dea2b95c6 Automatically detect the edition based on the enterprise_key app. 2014-12-25 09:48:15 +01:00
Thomas Müller
775f6a1354 make sure styles and scripts are only loaded once 2014-12-16 18:26:43 +01:00
Joas Schilling
4d232e536e Deprecate Util::formatDate()
Make DateTimeFormatter a service and adjust tests that have been inaccurate
2014-12-10 11:58:56 +01:00
Lukas Reschke
ddcf2b84ec Remove checks for safe mode and magic quotes
Both are removed from 5.4.0

Safe Mode: http://php.net/manual/en/features.safe-mode.php
> This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.

Magic Quotes: http://php.net/manual/en/security.magicquotes.php
> This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.
2014-12-05 19:14:47 +01:00
Lukas Reschke
1b0bc2e099 PHP 5.4 is now required for master
🍻
2014-12-04 10:46:38 +01:00
Joas Schilling
2c39aec8cb Replace deprecated constant with new class constant 2014-11-25 16:30:21 +01:00
Lukas Reschke
9a1673c79d Check for XMLWriter class
This is not installed by default in all cases and will break the DAV features of ownCloud. Lot's of reports such as https://github.com/owncloud/ios-issues/issues/167#issuecomment-63798507
2014-11-20 13:13:14 +01:00
Adam Williamson
8b2b0aae31 deleteFromOpcodeCache: make parameter mandatory, document parameter
Both pointed out in submission review by @bantu, thanks.
2014-11-06 18:05:20 -08:00
Adam Williamson
3b4823d89c add function to invalidate one opcache file, use it if possible #9885
Issue #9885 appears to be triggered by ownCloud invalidating the entire
PHP opcache. Testing indicates it can be avoided by only invalidating the
single file that was written from the opcache, instead of clearing the
whole thing. In general it is more efficient to invalidate only the single
file that was changed, rather than the whole cache.

This adds a deleteFromOpcodeCache() function which invalidates a single
file from the opcache if possible, returning true if the underlying
function returns true (which may mean 'success', or 'file does not exist',
or 'file exists but is not in opcache', all of which are OK to treat as
good for our purposes). It also changes writeData() in config.php to try
using deleteFromOpcodeCache() and only fall back on clearOpcodeCache() if
that fails.
2014-11-06 17:58:58 -08:00
Morris Jobke
d763b32048 ability to add bower resources
* add addVendorScript & addVendorStyle
* refactoring of addScript and addStyle
* add shortcuts vendorScript and vendorStyle
2014-11-03 20:54:40 +01:00
Vincent Petry
bed81ea854 Merge pull request #11080 from owncloud/addheader-text-2
Fix the addHeader tag attributes text methods to not ignore the text parameter
2014-10-30 18:13:46 +01:00
Thomas Müller
a589d61b78 in case a translation javascript is not found we no longer bail out
remove translation.php
2014-10-29 10:09:12 +01:00
Vincent Petry
ec1a73fab9 Added OC.L10N namespace with translation functions
Added addTranslations and fixed de.js file

Fixed de.js to use OC.L10N.register() and use to correct expected
format.

Added JS unit tests for OC.L10N class

Include translations JS script for all apps
2014-10-29 10:09:12 +01:00
Lukas Reschke
510d0b2cf3 Fix the "addHeader($tag, $attributes, $text)" methods to not ignore the $text parameter
Also support closing tags with no text content given

Conflicts:
	lib/private/template.php
2014-10-28 11:15:58 +01:00
Lukas Reschke
d6380a5395 Merge pull request #11786 from owncloud/MakeSupportedDBsConfigurable
Make supported DBs configurable within config.php
2014-10-27 22:24:16 +01:00
Lukas Reschke
233c49f4b9 Make supported DBs configurable within config.php
This commit will make the supported DBs for installation configurable within config.php. By default the following databases are tested: "sqlite", "mysql", "pgsql". The reason behind this is that there might be instances where we want to prevent SQLite to be used by mistake.

To test this play around with the new configuration parameter "supportedDatabases".
2014-10-27 21:39:34 +01:00
Lukas Reschke
b3a04840b5 Add type hinting to functions
It's only reasonable to have proper type hinting here which might even help us to catch bugs.
2014-10-24 14:13:40 +02:00
Lukas Reschke
2d2a4741ce Make files non executable
There is not much sense in having these files marked executable, we should avoid that.
2014-10-24 11:14:51 +02:00
Robin Appelman
1e69f5e7ac Log some basic events 2014-10-20 13:38:38 +02:00
Jörn Friedrich Dreyer
9b0f0df7f5 make skeleton compatible with objectstore
suspend encryption proxy when copying skeleton
2014-10-20 11:28:36 +02:00
Jörn Friedrich Dreyer
c27fd94ec8 in cli mode return true for isHtaccessWorking 2014-10-15 16:59:28 +02:00
Lukas Reschke
e762ff2bbd Merge pull request #11356 from owncloud/redirect-only-to-the-same-domain
Redirect only to absolute URL
2014-10-01 12:47:43 +02:00
Lukas Reschke
41374986d3 Remove dead code 2014-09-29 17:20:29 +02:00
Lukas Reschke
6e7365fc17 Redirect only to absolute URL
We do not want to redirect to other domains using the "?redirect_url=" feature. Please notice, that the ownCloud project does not consider open redirectors as security issue.
2014-09-29 17:07:43 +02:00
Vincent Petry
9fc23e1967 Merge pull request #10934 from owncloud/datadir-write-setup
Don't complain about non-writable datadirs before we're installed
2014-09-25 14:32:32 +02:00
Vincent Petry
89e02e89d4 Merge pull request #7051 from owncloud/postsetupajaxcheck
Moved WebDAV check to client side JS
2014-09-23 16:55:16 +02:00
Thomas Müller
c587a4aaa2 Merge pull request #11222 from owncloud/store-users-timezone-master
send browsers timezone back tp the server on login
2014-09-23 13:45:21 +02:00
Thomas Müller
42fe0b9e08 Merge pull request #11241 from owncloud/use-lower-case
Use only lower-case letters
2014-09-23 12:16:58 +02:00
Vincent Petry
e65ceb08fc Moved WebDAV and internet checks to client side JS
- Added setup checks in JavaScript
- Moved isWebDAVWorking to JS using SetupChecks
- Moved internet connection checks to an ajax call that goes through the
  server
2014-09-23 11:16:14 +02:00
Lukas Reschke
1565d82b81 Use only lower-case letters
Fixes https://github.com/owncloud/core/issues/11239
2014-09-22 21:29:03 +02:00
Lukas Reschke
6eeb905871 Do only follow HTTP and HTTPS redirects
We do not want to follow redirects to other protocols since they might allow an adversary to bypass network restrictions. (i.e. a redirect to ftp:// might be used to access files of a FTP server which might be in a secure zone and not be reachable from the net but from the ownCloud server)

Get final redirect manually using get_headers()

Migrate to HTTPHelper class and add unit tests
2014-09-22 20:02:32 +02:00
Thomas Müller
814114ab8e enhance formatDate function to accept an optional argument containing the time zone 2014-09-22 15:03:28 +02:00
Robin Appelman
23dd7cb51d Don't complain about non-writable datadirs before we're installed 2014-09-18 13:33:13 +02:00
Robin Appelman
6fa3280c2a Inject config into checkserver and cleanup tests 2014-09-18 13:33:13 +02:00
Lukas Reschke
5813cf32dc Deduplicate dependency checks
Some code that I also used for https://github.com/owncloud/administration/pull/11
2014-09-16 13:07:47 +02:00
Thomas Müller
59209e0f2b use intl's native normalizer_normalize() in case the module is available 2014-09-11 10:24:31 +02:00
Jörn Friedrich Dreyer
0aad7fa1b1 allow prefilling login 2014-09-08 21:44:13 +02:00
Lukas Reschke
1a7df33233 Merge pull request #10818 from owncloud/enableappforgroupfix
Fix upgrade process when apps enabled for specific groups
2014-09-04 13:56:41 +02:00
Lukas Reschke
8fec19a872 Merge pull request #10790 from cbhp/master
added missing User-Agents
2014-09-03 22:40:12 +02:00
cbhp
c00450b2c7 always use a user-agent constant
Some providers block connections with missing user-agents. Also
user-agents are useful for analyzing requests. I've added a USER_AGENT
constant that is used in cURL and in file_get_contents.
2014-09-03 18:00:05 +02:00
Lukas Reschke
63a90a129b Use proper RNG generator
OC_Util::generateRandomBytes() only returns lowercase alphanumeric values.
We should use the new RNG which has a broader characterset.
2014-09-03 17:46:48 +02:00
Lukas Reschke
26f337d523 Only return lowercase letters and digits for backwards compatbility 2014-09-03 17:18:00 +02:00
Vincent Petry
e05b95636b Fix upgrade process when apps enabled for specific groups
Fix issue where the currently logged user was causing side-effects when
upgrading.
Now setting incognito mode (no user) on update to make sure the whole
apps list is taken into account with getEnabledApps() or isEnabled().
2014-09-02 17:16:14 +02:00
cbhp
969b41c1c9 added missing User-Agents
header "User-Agent" was missed
2014-08-31 19:44:06 +02:00
Lukas Reschke
ae3425d2da Merge branch 'master' into securityutils
Conflicts:
	lib/private/util.php
2014-08-31 15:21:09 +02:00
Robin Appelman
d0266c0bf8 Use public api for getting l10n 2014-08-31 10:08:22 +02:00
Robin Appelman
dd7b8e4555 Remove insecure fallback random number generation 2014-08-29 15:44:09 +02:00
Jörn Friedrich Dreyer
f551917a3c kill OC::$session
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession

restore order os OC::$session and OC::$CLI

remove unneded initialization of dummy session

write back session when $useCustomSession is true

log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
Lukas Reschke
d26a9c3c58 Add some security utilities
This adds some security utilities to core including:
- A library for basic crypto operations (e.g. to encrypt passwords)
- A better library for cryptographic actions which allows you to specify the charset
- A library for secure string comparisions

Remove .htaccess

Remove .htaccess

Fix typo

Add public API

Use timing constant comparision

Remove CBC constant

Adjust code

Remove confusing $this
2014-08-27 00:18:04 +02:00
Clark Tomlinson
2ad0d3f1be Throw exception if file cannot be accessed via http
Format file

Removing calls to deprecated classes and using internal method to get via http

Missed a character

Fix inverted logic
2014-08-22 19:41:30 -04:00
Morris Jobke
9a5e745a64 fix typo 2014-08-19 16:45:22 +02:00
Morris Jobke
b3b3354809 move to public namespace 2014-08-19 14:05:08 +02:00
Stephan Peijnik
2df52e54d7 Fix STORAGE_* constants usage by moving those constants into \OC\Files\Filesystem.
As constants not defined within a class cannot be automatically found by the
autoloader moving those constants into a class makes them accessible to
code which uses them.

Signed-off-by: Stephan Peijnik <speijnik@anexia-it.com>
2014-08-19 13:55:35 +02:00
Robin Appelman
fdfc5c67f8 Merge pull request #9866 from owncloud/app-upgrade
Don't do app upgrades in the background
2014-08-19 13:33:38 +02:00
helix84
722a119e46 fix typo in util.php 2014-08-18 15:59:36 +02:00
Stefan Rado
ccc46be740 Make skeleton directory configurable. 2014-08-16 01:07:42 +02:00
Thomas Müller
3e493501da Merge pull request #9890 from owncloud/check-php-charset-master
setting and checking default_charset in php.ini to be UTF-8
2014-08-11 22:11:11 +02:00
Robin Appelman
43d790239d Extend OC_Util::needUpgrade to also catch app upgrades 2014-08-04 13:41:04 +02:00
Björn Schießle
c53b56e313 Merge pull request #9798 from owncloud/ocs_share_api_add_expire_date
[share api] add OCS api call to set expire date for link shares
2014-07-28 17:28:32 +02:00
Lukas Reschke
260729fd7d Verify whether the URL is valid
Required for https://github.com/owncloud/mail/pull/100#issuecomment-50266017

@karlitschek Backport for stable6 and stable7 requested.
2014-07-27 16:46:32 +02:00
Bjoern Schiessle
ecc1f92bb6 add OCS api call to set expire date for link shares 2014-07-25 13:38:18 +02:00
Thomas Müller
07dc0b2fdf setting and checking default_charset in php.ini to be UTF-8 2014-07-25 09:53:25 +02:00
Vincent Petry
2fec6cbd5b Remove forgotten debug log 2014-07-03 12:26:17 +02:00
Vincent Petry
3e78f41d00 Use getAbsoluteUrl for redirection URL
Also separate the function into getDefaultPageUrl() and
redirectToDefaultPage() to make it testable.
2014-07-01 16:02:38 +02:00
Vincent Petry
c005515ebd Support for multiple default apps
If a default app isn't visible for the user, try the next one.
Else fallback to the "files" app.
2014-07-01 15:42:26 +02:00
Vincent Petry
894d69184a Add bak defaultapp setting 2014-07-01 14:28:45 +02:00
Volkan Gezer
ae68a773c0 more strings to translate in utils also some fixes in defaults 2014-06-28 13:29:24 +02:00
Vincent Petry
fd8b5680dd Merge pull request #8383 from owncloud/object_storage
Object storage
2014-06-27 16:53:03 +02:00
Jörn Friedrich Dreyer
5cae863408 change architecture from inheritance to composition 2014-06-18 12:53:20 +02:00
Jörn Friedrich Dreyer
4e65889f54 only use one config option 'objectstore' for root and home storage configuration 2014-06-18 12:53:20 +02:00
Jörn Friedrich Dreyer
7493ff0624 fix unit test by always initializing the root of the storage in the constructor 2014-06-18 12:53:20 +02:00
Jörn Friedrich Dreyer
10de4a7b90 move creation of / and users 'files' from storage constructor to setupFS / mount initialization 2014-06-18 12:53:20 +02:00
Jörn Friedrich Dreyer
85ccfad37c change 'object_storage' config param to 'root_storage'
copy skeleton only for local filesystems
2014-06-18 12:53:19 +02:00
Jörn Friedrich Dreyer
2bf7e5c02f make objectstore setup more robust, don't pass user to object store mounted as root 2014-06-18 12:53:19 +02:00
Jörn Friedrich Dreyer
3c66a8c8ed allow configuring objectstore as home and root storage 2014-06-18 12:53:19 +02:00
Vincent Petry
799205488c Prevent loadApps on upgrade
Moved OC::needUpgrade() to OCP\Util::needUpgrade() to make it accessible
form the router.
Moved maintenance + upgrade check to the router.
2014-06-18 11:10:07 +02:00
Lukas Reschke
ac7fb1b23e Remove legacy routing code
The getfile routing code was absolutely legacy and not needed anymore. Additionally \OC::$REQUESTEDAPP was never set to the actually accessed application.

This commit removes the legacy routing code and ensures that $REQUESTEDAPP is always set so that other applications (e.g. the firewall or a two-factor authentication) can intercept the currently accessed app.

Testplan:
[x] Installation works
[x] Login with DB works
[x] Logout works
[x] Login with alternate backend works (tested with user_webdavauth)
[x] Other apps are accessible
[x] Redirect on login works (e.g. index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fapps%3Finstalled)
[x] Personal settings are accessible
[x] Admin settings are accessible
[x] Sharing files works
[x] DAV works
[x] OC::$REQUESTEDAPP contains the requested application and can be intercepted by other applications
2014-06-05 11:45:45 +02:00
Jörn Friedrich Dreyer
f1bf06f8cf Merge pull request #8884 from owncloud/move-flock-to-app
remove file locking - code will continue to live in it's own app
2014-06-05 10:54:24 +02:00
Thomas Müller
ec7225da66 remove file locking - code will continue to live in it's own app 2014-06-04 20:11:54 +02:00
Thomas Müller
76e04027bc Upgrade SabreDAV to 1.8.10
Updating SabreDAV namespaces
2014-06-04 12:22:23 +02:00
Bjoern Schiessle
ab6680e9ab name the storage wrapper to make sure that we don't apply the wrapper multiple times 2014-06-04 07:55:46 +02:00
ringmaster
5365ae416e flock changes. Work in progress. 2014-06-04 07:55:44 +02:00
Thomas Müller
555b9cc245 Merge pull request #7614 from owncloud/test_annotations_working
Check if ReflectionMethod::getDocComment is working
2014-05-30 22:17:30 +02:00
Robin Appelman
99d46af0b4 Use instanceOfStorage instead of instanceof 2014-05-29 13:52:58 +02:00
Bjoern Schiessle
12338e0ef0 allow admin to disable sharing for specific groups of users 2014-05-22 10:43:44 +02:00
Thomas Müller
06af8e09da adding annotation check to checkServer() 2014-05-19 21:51:35 +02:00
Thomas Müller
30f1ec2521 Merge branch 'master' into test_annotations_working
Conflicts:
	lib/private/util.php
2014-05-19 21:42:30 +02:00
Morris Jobke
dc36d30953 Remove all occurences of @brief and @returns from PHPDoc
* test case added to avoid adding them later
2014-05-19 17:50:53 +02:00
Bjoern Schiessle
b6e14af861 allow admin to enforce passwords for public link shares 2014-05-16 17:41:09 +02:00
Robin McCorkell
f7e777f7d2 Fix various code errors detected by Scrutinizer
Fixed:
- An error with a misplaced bracket in lib/private/util.php
- An error with an incorrect function being called in lib/public/contacts.php
2014-05-13 19:09:14 +01:00
Robin McCorkell
87b548ed91 Fix all PHPDoc types and variable names, in /lib 2014-05-13 19:08:14 +01:00
Robin McCorkell
b5bc37d2e4 Fix @return array PHPDocs, in /lib 2014-05-13 19:08:14 +01:00
Bjoern Schiessle
a9ac11718e backup the encryption key after the encryption was disabled so that the user
can restore them if needed
2014-05-13 12:35:25 +02:00
Thomas Tanghus
287c8981bc Check if ReflectionMethod::getDocComment is working 2014-05-09 22:44:55 +02:00
Lukas Reschke
5cfc9d973d Fix PHP Doc and use readable variable name 2014-05-04 13:02:58 +02:00
Lukas Reschke
d091cca636 Fix typo 2014-05-04 12:53:06 +02:00
Lukas Reschke
e88731a477 Some more PHPDoc fixes 2014-04-21 15:44:54 +02:00
kondou
d98ae4f9b2 Fix a wrong WebDAV Warning with self-signed-certs
Occuring in the admin interface
2014-04-13 05:24:29 +02:00
Lukas Reschke
77ecfdd1a4 Only encode dangerous dangerous characters
There is no need to encode all characters into HTML entities, only potential dangerous characters as &, ", ', < and > should get encoded.

This may fix issues like https://github.com/owncloud/calendar/pull/394
2014-04-11 19:42:15 +02:00
Thomas Tanghus
7278f2f567 Sub-dir was prepended twice 2014-03-29 20:40:49 +01:00
Thomas Tanghus
c14107550d Use UrlGenerator in OC\Util::redirectToDefaultPage(). Fix #7936 2014-03-28 18:05:48 +01:00
Thomas Müller
2d592ddc8f Fix CURLOPT_FOLLOWLOCATION bug with open_basedir or safe_mode restriction enabled.
Squashed commit of the following:

commit eaf4f43f687db59137a0b00bc0e12ed4eb0d0943
Merge: 1e9c5be 1e7d7bd
Author: Thomas Müller <thomas.mueller@tmit.eu>
Date:   Fri Mar 28 11:49:04 2014 +0100

    Merge branch 'master' of https://github.com/kev300/core into kev300-master

commit 1e7d7bdd8b5c7f301501cb822cdf2ef0ad3f2872
Author: kev300 <admin@gadeco.de>
Date:   Tue Dec 17 14:11:42 2013 +0100

    Update util.php

commit 3f0723f054a27a506be7f26932ccb54fff6f2be9
Author: kev300 <admin@gadeco.de>
Date:   Tue Dec 17 14:09:15 2013 +0100

    Update util.php

commit 512176abdcfbe5b2b060b91033abc9608912d1f8
Author: kev300 <admin@gadeco.de>
Date:   Tue Dec 17 14:02:04 2013 +0100

    Update util.php

commit 6cbefd080188d287024e0b047b88dd4525d6c2c1
Author: kev300 <admin@gadeco.de>
Date:   Mon Dec 16 16:44:46 2013 +0100

    Update util.php

    Fix CURLOPT_FOLLOWLOCATION bug with open_basedir or safe_mode restriction enabled.
2014-03-28 12:09:29 +01:00
Thomas Müller
5fa8f7cf12 Merge pull request #7107 from owncloud/load-apps-proper-master
Load apps proper master
2014-03-28 10:33:55 +01:00
Thomas Müller
743ca4581d Merge pull request #7748 from owncloud/postgresversionwarning
Added PostgreSQL version warning on upgrade
2014-03-25 23:17:18 +01:00
Thomas Müller
6bfeb342db fixing code style 2014-03-25 23:17:00 +01:00
Vincent Petry
a25b86a30e Log exception when PostgreSQL version check failed 2014-03-24 11:54:44 +01:00
Thomas Müller
6ff96b34ad Merge branch 'master' into load-apps-proper-master
Conflicts:
	apps/files/ajax/rawlist.php
	cron.php
	ocs/v1.php
2014-03-21 14:05:08 +01:00
Vincent Petry
6de9033d86 Added warning for Mac OS on setup page 2014-03-20 12:57:55 +01:00
Vincent Petry
36c0f08ec0 Merge pull request #7732 from owncloud/datafolderexistence
Added .ocdata file to check for data folder validity
2014-03-20 11:31:28 +01:00
Vincent Petry
3cd09f2b09 Added PostgreSQL version warning on upgrade 2014-03-17 18:58:00 +01:00
Robin Appelman
166dfbf58b use a non-recursive chmod on the datadir 2014-03-17 12:53:55 +01:00
Vincent Petry
3c46dcd7dd Added .ocdata file to check for data folder validity
In environments where the data folder is mount from another partition,
it is important to check that the data folder we see is actually the
real one. If the mount failed for some reasons, this fix will make
ownCloud temporarily unavailable instead of causing unpredictable
behavior.
2014-03-14 15:36:35 +01:00
Thomas Müller
f19276f7bc Merge branch 'master' into no-css-js-delivery-via-php
Conflicts:
	config/config.sample.php
2014-02-21 09:51:51 +01:00
Thomas Müller
ec45a3c0e2 Merge pull request #6962 from owncloud/quota-space-root
Allow passing a root folder to get the used space from in the quota wrapper
2014-02-20 16:47:59 +01:00
Thomas Müller
fbea02bebb kill $coreStyles and $coreScripts 2014-02-20 14:18:01 +01:00
Lukas Reschke
719f1111b6 Merge pull request #6714 from owncloud/files-newfileinvalidcharsfix
Added extra checks for invalid file chars in newfile.php and newfolder.php
2014-02-20 11:53:58 +01:00
Scrutinizer Auto-Fixer
adaee6a5a1 Scrutinizer Auto-Fixes
This patch was automatically generated as part of the following inspection:
https://scrutinizer-ci.com/g/owncloud/core/inspections/cdfecc4e-a37e-4233-8025-f0d7252a8720

Enabled analysis tools:
 - PHP Analyzer
 - JSHint
 - PHP Copy/Paste Detector
 - PHP PDepend
2014-02-19 09:31:54 +01:00
Thomas Müller
c6f4f85e27 Merge branch 'master' into scrutinizer_documentation_patches
Conflicts:
	lib/private/migration/content.php
2014-02-18 18:31:33 +01:00
Vincent Petry
797e0a614c Added extra checks for invalid file chars in newfile.php and newfolder.php
- added PHP utility function to check for file name validity
- fixes issue where a user can create a file called ".." from the files UI
- added extra checks to make sure newfile.php and newfolder.php also
  check for invalid characters
2014-02-18 17:54:32 +01:00
Robin Appelman
181bbd4325 Remove usage of legacy OC_Appconfig 2014-02-13 16:28:49 +01:00