Commit graph

93 commits

Author SHA1 Message Date
Lukas Reschke
75e45ac786 Merge pull request #11019 from owncloud/do-not-show-exception-to-enduser
Do not show exception to the end-user - use a proper error page instead
2014-09-23 18:36:40 +02:00
Thomas Müller
814114ab8e enhance formatDate function to accept an optional argument containing the time zone 2014-09-22 15:03:28 +02:00
Lukas Reschke
6d3757f864 Do not show exception to the end-user
Log the error instead of potentially leaking sensitive information
2014-09-17 13:17:52 +02:00
Lukas Reschke
d2743e6ad6 Merge pull request #7254 from owncloud/core-sortalgo
Fixed JS sort comparator to be consistent between JS and PHP
2014-09-16 17:29:03 +02:00
Lukas Reschke
ae3425d2da Merge branch 'master' into securityutils
Conflicts:
	lib/private/util.php
2014-08-31 15:21:09 +02:00
Robin Appelman
d0266c0bf8 Use public api for getting l10n 2014-08-31 10:08:22 +02:00
Lukas Reschke
d26a9c3c58 Add some security utilities
This adds some security utilities to core including:
- A library for basic crypto operations (e.g. to encrypt passwords)
- A better library for cryptographic actions which allows you to specify the charset
- A library for secure string comparisions

Remove .htaccess

Remove .htaccess

Fix typo

Add public API

Use timing constant comparision

Remove CBC constant

Adjust code

Remove confusing $this
2014-08-27 00:18:04 +02:00
Vincent Petry
173059f6d0 Fixed file list sorting
Now using a natural sort algorithm that is more consistent between JS
and PHP (although not perfect in some corner cases)

- added OC.Util.naturalSortComparator that uses the same algo that was
  used for the user list
- changed user list and files list to use OC.Util.naturalSortComparator
- removed toLowerCase() and changed the comparator to use
  String.localeCompare()
- added unit tests
- added OC_NaturalSort that is used by OCP\Util::naturalSortCompare()
2014-08-11 13:28:53 +02:00
Bjoern Schiessle
ecc1f92bb6 add OCS api call to set expire date for link shares 2014-07-25 13:38:18 +02:00
Joas Schilling
01878153e0 Add language parameter to public API for getL10N()
Fix #9756
2014-07-21 14:50:34 +02:00
Vincent Petry
799205488c Prevent loadApps on upgrade
Moved OC::needUpgrade() to OCP\Util::needUpgrade() to make it accessible
form the router.
Moved maintenance + upgrade check to the router.
2014-06-18 11:10:07 +02:00
Bjoern Schiessle
12338e0ef0 allow admin to disable sharing for specific groups of users 2014-05-22 10:43:44 +02:00
Morris Jobke
dc36d30953 Remove all occurences of @brief and @returns from PHPDoc
* test case added to avoid adding them later
2014-05-19 17:50:53 +02:00
Bjoern Schiessle
b6e14af861 allow admin to enforce passwords for public link shares 2014-05-16 17:41:09 +02:00
Robin McCorkell
87b548ed91 Fix all PHPDoc types and variable names, in /lib 2014-05-13 19:08:14 +01:00
Robin McCorkell
b5bc37d2e4 Fix @return array PHPDocs, in /lib 2014-05-13 19:08:14 +01:00
Robin McCorkell
b653ad164b Replace @returns with @return, in /lib 2014-05-13 19:08:14 +01:00
Vincent Petry
4a493c8835 Some expected Sabre exceptions are now logged with DEBUG level 2014-05-07 11:43:50 +02:00
Lukas Reschke
e88731a477 Some more PHPDoc fixes 2014-04-21 15:44:54 +02:00
Thomas Müller
3eb5898f7b use \OC_Mail::validateAddress() to validate the email address - fixes #7862 2014-03-24 15:35:07 +01:00
Lukas Reschke
2c561c9c50 Merge pull request #7794 from owncloud/extstorage-obfuscatepasswords
Obfuscate passwords in ext storage config
2014-03-20 16:31:12 +01:00
Thomas Tanghus
51fe3b8ccd Fix 'Undefined variable: message' in OCP\Util::logException 2014-03-20 10:23:40 +01:00
Vincent Petry
80180bea32 Added IV for ext storage password encryption 2014-03-19 11:42:22 +01:00
Vincent Petry
797e0a614c Added extra checks for invalid file chars in newfile.php and newfolder.php
- added PHP utility function to check for file name validity
- fixes issue where a user can create a file called ".." from the files UI
- added extra checks to make sure newfile.php and newfolder.php also
  check for invalid characters
2014-02-18 17:54:32 +01:00
icewind1991
2a7509ee50 Merge pull request #6748 from owncloud/fileinfo
Add a FileInfo class which holds all info of a file ...
2014-02-14 15:16:39 +01:00
Robin Appelman
1e79369338 merge master into storagestatistics-reuse 2014-02-05 13:36:55 +01:00
Pellaeon Lin
099b71c712 Merge branch 'master' into pr-exceed_upload_limit_msg
Conflicts:
	apps/files/templates/index.php
	apps/files_sharing/templates/public.php
2014-01-30 22:50:20 +08:00
Robin Appelman
4e2b52a376 merge master into fileinfo 2014-01-29 16:33:27 +01:00
Thomas Müller
ab9ddda8f2 Merge pull request #6907 from owncloud/webdav-logexceptions
Added exception logger plugin for sabre connector
2014-01-27 07:48:40 -08:00
Robin Appelman
3c1ab66eda Reuse the calculated free_space in buildFileStorageStatistics 2014-01-27 15:56:57 +01:00
Vincent Petry
11ef12a106 Added exception logger plugin for sabre connector
Whenever an exception occurs in the sabre connector code or code called
by it, it will be logged.

This plugin approach is needed because Sabre already catches exceptions
to return them to the client in the XML response, so they don't appear
logged in the web server log.

This will make it much easier to debug syncing issues.
2014-01-27 11:40:17 +01:00
Jens-Christian Fischer
0f6c607171 added function documentation 2014-01-24 14:22:42 +01:00
Jens-Christian Fischer
506393090b Add 'mail_from_address' configuration
In environments where there are rules for the email addresses, the "from
address" that owncloud uses has to be configurable.

This patch adds a new configuration variable 'mail_from_address'.
If it is configured, owncloud will use this as the sender of *all*
emails. (OwnCloud uses 'sharing-noreply' and 'password-noreply' by
default). By using the 'mail_from_address' configuration, only this
email address will be used.
2014-01-24 14:04:37 +01:00
Robin Appelman
617acbd6f9 Add a FileInfo class which holds all info of a file and return that from getFileInfo, getDirectoryContent and search 2014-01-13 14:28:49 +01:00
Vincent Petry
2a1d6d3106 Do not use L10n when logging exceptions
In some specific situations, the L10N bundle isn't loadable yet (for
example when there is an issue with the app_config table). In such case,
we still want to be able to log the real exception.

This fixes errors that say "OC_L10N_String::__toString must not throw
exceptions"
2013-12-16 15:11:13 +01:00
Pellaeon Lin
fc607e6bce Separate PHP upload limit and free space 2013-12-08 22:59:46 +08:00
Morris Jobke
ef592981ea unify license headers for public API files 2013-11-03 13:51:39 +01:00
Morris Jobke
0dbe90cc9a fix documentation stuff 2013-10-31 19:00:53 +01:00
Vincent Petry
c4dee281e6 Added $app parameter to logException 2013-10-23 13:58:42 +02:00
Vincent Petry
42c58220de Moved logException to OCP\Util class 2013-10-23 10:48:27 +02:00
Bjoern Schiessle
53bb89824d check if some encrypted files are left after the app was disabled and warn the user 2013-08-12 17:25:27 +02:00
Robin Appelman
d509a0c403 return result from getL10N 2013-07-22 15:52:02 +02:00
Bart Visscher
9bf12da750 Merge pull request #3880 from owncloud/code-checker
Add classes replaced by the public api to the code checker
2013-07-21 11:19:20 -07:00
Bart Visscher
a22940d3cd Add OC_L10N to public api 2013-07-19 11:40:11 +02:00
Victor Dubiniuk
5a3fce12a4 Implement encodePath 2013-07-09 17:46:11 +03:00
itheiss
568c256aff Fix #2499
The mail domain can now be configured in config.php and get´s used in function getDefaultEmailAddress.

e.g. 'mail_domain' => 'example.com'
2013-03-22 10:07:06 +01:00
Thomas Mueller
6019cdd5bd adding test case for getDefaultEmailAddress() + fixing #1844 again 2013-03-04 21:10:18 +01:00
Thomas Mueller
6c304fa5c0 validate the generated email address and fall back to localhost.localdomain in case it is not valid
fixes #1844
2013-03-01 22:24:19 +01:00
Bart Visscher
ffae6f4b84 Style-fix: Breakup long lines 2013-02-14 08:38:37 +01:00
Bart Visscher
ed1dc3e064 Fix files router download links 2013-02-08 22:05:13 +01:00