server

Author	SHA1	Message	Date
Lukas Reschke	ba4f12baa0	Implement brute force protection Class Throttler implements the bruteforce protection for security actions in Nextcloud. It is working by logging invalid login attempts to the database and slowing down all login attempts from the same subnet. The max delay is 30 seconds and the starting delay are 200 milliseconds. (after the first failed login)	2016-07-20 22:08:56 +02:00
Roeland Jago Douma	e42f2f2650	AppFramework do not get default response The OCSResponse differs from other responses in that it defaults to XML. However we fell back to json by default. This makes sure that if nothing is set we don't pass anything. Which defaults then to the controllers default (which is often 'json') but in the case of the OCSResponse 'xml'.	2016-07-20 22:05:43 +02:00
Lukas Reschke	020a2a6958	Merge pull request #476 from nextcloud/port-same-site-cookies [master] Port Same-Site Cookies to master	2016-07-20 21:35:02 +02:00
Lukas Reschke	a17ba2f488	Merge pull request #466 from nextcloud/escape-special-characters Escape special characters (#25429)	2016-07-20 21:24:19 +02:00
Roeland Jago Douma	ea47974a08	Add OCSMiddleware to catch OCS exceptions * OCSException * OCSBadRequestException * OCSForbiddenException * OCSNotFoundException	2016-07-20 20:03:49 +02:00
Lukas Reschke	a299fa38a9	[master] Port Same-Site Cookies to master Fixes https://github.com/nextcloud/server/issues/50	2016-07-20 18:37:57 +02:00
Morris Jobke	e9c85e02ac	Merge pull request #462 from nextcloud/master-explode [master] Use explode() instead of split()	2016-07-20 18:31:11 +02:00
Björn Schießle	7cdf6402ff	Merge pull request #472 from nextcloud/show-app-name-in-errormsg Show app name in error message if app could not be loaded. (#25441)	2016-07-20 18:20:49 +02:00
Morris Jobke	1264e9644f	Merge pull request #402 from nextcloud/smb-notifications smb update notifications	2016-07-20 16:19:21 +02:00
Klaas Freitag	99316ec02c	Show app name in error message if app could not be loaded. (#25441 )	2016-07-20 15:16:16 +02:00
Aaron Wood	7c0de08cc4	Escape special characters (#25429 ) * Escape LIKE parameter * Escape LIKE parameter * Escape LIKE parameter * Escape LIKE parameter * Escape LIKE parameter * Use correct method in the AbstractMapping class * Change the getNamesBySearch method so that input can be properly escaped while still supporting matches * Don't escape hardcoded wildcard	2016-07-20 14:46:47 +02:00
Lukas Reschke	4f90447150	[master] Use explode() instead of split() Sync from https://github.com/owncloud/core/pull/25488	2016-07-20 14:36:39 +02:00
Björn Schießle	8735a05d93	Merge pull request #441 from nextcloud/fix-maintenance-mode Fix maintenance mode	2016-07-19 16:59:24 +02:00
Roeland Douma	13a25535d2	Merge pull request #400 from nextcloud/ocs_appframework OCS routes use AppFramework	2016-07-19 12:21:14 +02:00
Morris Jobke	544c3c1565	Merge pull request #436 from nextcloud/public-regex-to-match-our-clients Copy the regexes to the public interface	2016-07-19 11:35:10 +02:00
Joas Schilling	80168613be	Fix maintenance mode When the server is in maintenance mode, apps are not loaded. That means apps/theming/ is not in the allowed paths. So we need to check without autoloading, whether the class exists.	2016-07-19 09:54:42 +02:00
Björn Schießle	ea470f8777	Merge pull request #405 from nextcloud/theming-fixes Theming fixes	2016-07-18 15:59:47 +02:00
Joas Schilling	b1d652e8b0	Copy the regexes to the public interface	2016-07-18 15:11:44 +02:00
Joas Schilling	9781312648	Prevent syntax error when creating user or changing password	2016-07-18 11:44:10 +02:00
Roeland Jago Douma	0bda09236e	Add route tests	2016-07-18 11:09:49 +02:00
Roeland Jago Douma	94cd83ca00	Make the router handle OCS AppFramework Routes	2016-07-18 11:09:04 +02:00
Roeland Jago Douma	1ff4b7f63d	Allow registering of OCS routes with the appframework	2016-07-18 11:09:04 +02:00
Morris Jobke	5157c5a9c4	Merge pull request #418 from nextcloud/remove_asset_pipeline Remove asset pipelin	2016-07-18 09:44:35 +02:00
Roeland Jago Douma	72464f1ce4	Remove asset pipelin Fixes #215 The asset pipeline has shown to do more harm than good. Some apps fail hard with it. Also it makes sure that you download a huge file on each unvisited page.	2016-07-15 20:14:11 +02:00
Joas Schilling	2c988ecbf4	Use the themed Defaults everywhere	2016-07-15 09:17:30 +02:00
Robin Appelman	29eeeb2273	Save the files external mount id in the mount cache table	2016-07-13 16:34:08 +02:00
Robin Appelman	e5d7612a19	dont check for pgsql extension during setup	2016-07-12 14:38:24 +02:00
Robin Appelman	7ffda5d10f	use pdo for postgres setup	2016-07-12 14:38:24 +02:00
Robin Appelman	8a79d314cf	Remove duplicate database connect logic in mysql setup	2016-07-12 14:38:24 +02:00
Bjoern Schiessle	7c64e1973f	add test for needsRebundling() check	2016-07-11 15:51:48 +02:00
Lukas Reschke	0c1cf5f7eb	Merge pull request #347 from nextcloud/drop-windows-foo Remove unneeded checks if it runs on a Windows machine	2016-07-11 13:16:03 +02:00
Joas Schilling	103417fd9c	Merge pull request #350 from nextcloud/fix-check-certificate-bundles fix check if the certificate bundle needs to be updated	2016-07-11 11:04:49 +02:00
Bjoern Schiessle	49cad153af	always check the mtime of the system bundle and additionally the user specific certificate bundle if a user is given	2016-07-08 18:24:37 +02:00
Morris Jobke	c2d88a08b7	Remove unneeded checks if it runs on a Windows machine * the setup check is still there	2016-07-08 15:55:17 +02:00
Morris Jobke	390a996297	Sanitize more config options and stack traces	2016-07-08 14:13:16 +02:00
Lukas Reschke	c8ba8f637e	Merge pull request #314 from jernst/master Allow wildcard * to be used in trusted domains	2016-07-07 19:34:11 +02:00
Morris Jobke	2791b8f00d	Revert "occ web executor (#24957 )" This reverts commit `854352d9a0`.	2016-07-07 12:14:45 +02:00
Morris Jobke	ba16fd0d33	Merge branch 'master' into sync-master	2016-07-07 11:29:46 +02:00
Johannes Ernst	66a134e69e	Disallow certain malformed domain names even if they match the trusted domain expression Stricter checking for valid domain names	2016-07-06 23:51:04 +00:00
Johannes Ernst	2b4ceae620	Trusted domain wildcard checking made shorter, supporting multiple * Added test cases	2016-07-06 23:38:30 +00:00
Vincent Petry	dc21a38a85	Use named parameter instead of direct value for system tags search param (#25380 )	2016-07-06 22:39:34 +02:00
Thomas Pulzer	0638937ada	Changed the input option for database-port to required when parameter was provided. Added casting database port to int for input sanitation in pgsql and oci connections.	2016-07-06 11:31:28 +02:00
Thomas Pulzer	d367318088	Added occ install option for database-port. Extended the database setup to store the database port. Changed the PostgreSQL connection error message for clarification.	2016-07-06 09:58:38 +02:00
Johannes Ernst	3516b58be6	Duh, no 'next' in PHP. Use === instead of == for extra paranoia.	2016-07-06 04:51:49 +00:00
Johannes Ernst	b1867dc8d1	Allow wildcard * to be used in trusted domains, to support setups where no reliable DNS entry is available (e.g. mDNS) or for simple-to-setup aliasing (e.g. *.example.com)	2016-07-05 18:49:18 +00:00
Thomas Müller	d2d99a91a0	fix swift primary object store test (#25281 ) * Wait for socket to be open * Fix call on null * Allow DB access for MountProviderTest Makes unit tests pass when using object store, since their FS access is actually oc_filecache DB access. It is currently not possible to mock or bypass the logic from "SharedMount::verifyMountPoint()" triggered by this test.	2016-07-05 08:54:51 +02:00
Thomas Pulzer	bca4f42e14	Merge branch 'master' of https://github.com/nextcloud/server	2016-07-04 12:06:52 +02:00
Thomas Pulzer	90b7f74da7	Changed name of default logfile from owncloud.log to nextcloud.log.	2016-07-04 11:50:32 +02:00
Lukas Reschke	dc5fea504b	[master] Use paramterized parameter for \OC\SystemTag\SystemTagManager $nameSearchPattern was passed in and directly appended to the SQL query. Luckily the code path isn't reached anywhere in Nextcloud or the included apps.	2016-07-03 16:54:41 +02:00
Hendrik Leppelsack	11be3d6276	remove png references in core	2016-07-01 16:36:37 +02:00
Lukas Reschke	179a355b2c	Merge remote-tracking branch 'upstream/master' into master-sync-upstream	2016-07-01 11:36:35 +02:00
Thomas Müller	b55ab6d22a	Various database migration fixes (#25209 ) * String columns with a length higher then 4000 are converted into a CLOB columns automagically - we have to respect this when migrating * Adding schema migration tests to prevent unnecessary and non-sense migration steps Fix Oracle autoincrement and unsigned handling * Fix sqlite integer type for autoincrement * Use lower case table names - fixes pg * Fix postgres with default -1 - this only affect pg 9.4 servers - 9.5 seems to work fine	2016-06-29 14:54:41 +02:00
Morris Jobke	b6397ef73a	Merge pull request #236 from nextcloud/master-sync-upstream [Master] sync upstream	2016-06-28 09:02:03 +02:00
Robin Appelman	2a72eff9ee	Fix getting the certificate bundle for dav external storage (#25274 ) * Fix getting the certificate bundle for dav external storages * Log the original exception in dav external storage	2016-06-27 22:26:43 +02:00
Christoph Wurst	1710de8afb	Login hooks (#25260 ) * fix login hooks * adjust user session tests * fix login return value of successful token logins * trigger preLogin hook earlier; extract method 'loginWithPassword' * call postLogin hook earlier; add PHPDoc	2016-06-27 22:16:22 +02:00
Robin Appelman	88ef163276	handle unavailable fed shares while testing for availability (#25277 ) * More explicit http status codes * handle unavailable fed shares while testing for availability	2016-06-27 21:34:28 +02:00
Lukas Reschke	e0445856b9	Merge pull request #59 from nextcloud/theming-app Theming app	2016-06-27 21:14:40 +02:00
Lukas Reschke	6670d37658	Merge remote-tracking branch 'upstream/master' into master-sync-upstream	2016-06-27 18:23:00 +02:00
Bjoern Schiessle	2a990a0db5	verify user password on change	2016-06-27 14:08:11 +02:00
Bjoern Schiessle	d4989c8037	remove old hook, no longer needed	2016-06-27 14:05:27 +02:00
Bjoern Schiessle	630e4b1b46	check password for link shares	2016-06-27 14:05:27 +02:00
Vincent Petry	199c8e304c	Merge pull request #25250 from owncloud/linkshare-includedeletewithuploadperms Add explicit delete permission to link shares	2016-06-27 12:14:05 +02:00
Vincent Petry	7269611722	Merge pull request #25258 from owncloud/integritycheck-whennotinstalled Make code integrity check work when OC is not installed yet	2016-06-27 11:58:35 +02:00
Lukas Reschke	89e889c832	Check if server is installed AppManager has a dependency on Nc being installed	2016-06-27 10:26:23 +02:00
Lukas Reschke	27b699bdbc	Migrate logic to dynamic controller Also adds support for having custom login backgrounds	2016-06-27 10:26:23 +02:00
Bjoern Schiessle	10f6ca20bc	write theme settings to database	2016-06-27 10:26:22 +02:00
Lukas Reschke	7a9d60d87e	Merge remote-tracking branch 'upstream/master' into master-upstream-sync	2016-06-26 12:55:05 +02:00
Christoph Wurst	89198e62e8	check login name when authenticating with client token	2016-06-24 13:57:09 +02:00
Vincent Petry	e677ad56fd	Make code integrity check work when OC is not installed yet	2016-06-24 10:24:41 +02:00
Vincent Petry	0ad065cb8d	Repair step to adjust link share delete permissions	2016-06-24 09:48:48 +02:00
Vincent Petry	955635c7aa	Add explicit delete permission to link shares Link shares always allowed deletion, however internally the permissions were stored as 7 which lacked delete permissions. This created an inconsistency in the Webdav permissions. This fix makes sure we include delete permissions in the share permissions, which now become 15. In case a client is still passing 7 for legacy reasons, it gets converted automatically to 15.	2016-06-24 09:48:48 +02:00
Vincent Petry	3db5de95bd	Merge pull request #25172 from owncloud/token-login-validation Token login validation	2016-06-22 13:58:56 +02:00
VicDeo	854352d9a0	occ web executor (#24957 ) * Initial web executor * Fix PHPDoc Fix broken integration test OccControllerTests do not require database access - moch them all! Kill unused sprintf	2016-06-22 13:12:36 +02:00
Vincent Petry	c49ff83f18	Merge pull request #25208 from owncloud/uploadfolder-firemkdirhooksforparents Fire hooks for mkdir for folder upload	2016-06-22 10:21:00 +02:00
karakayasemi	c8b7a059b4	Fire hooks for mkdir for folder upload fromTmpFile function, usual mkdir call is only working for file's parent directory. Does not care upper parent folders. I added a recursive function that creates parent non-existing folders with usual mkdir.	2016-06-21 17:10:52 +02:00
Christoph Wurst	7f22aeb5d6	redirect to new login route (#25099 ) * redirect to new login route * encode anchor in url and restore it client-side	2016-06-21 16:14:51 +02:00
Lukas Reschke	097cba8b38	Merge pull request #185 from nextcloud/fix-permission-issue Show error message if config file is not readable	2016-06-21 12:14:24 +02:00
Morris Jobke	191a6c65d9	Show error message if config file is not readable * when the config file is not writable there is a error message shown * same happens now if the config file is not readable * fixes #180	2016-06-21 11:25:38 +02:00
Lukas Reschke	2b493e2f9d	Merge remote-tracking branch 'upstream/master' into master-sync-upstream	2016-06-21 11:18:22 +02:00
Christoph Wurst	b805908dca	update session token password on user password change	2016-06-21 10:24:25 +02:00
Vincent Petry	88b9f5a357	Merge pull request #25162 from owncloud/password-login-forbidden-hint Password login forbidden hint	2016-06-20 17:05:20 +02:00
Morris Jobke	e95c15e53a	fix more strings	2016-06-20 13:14:24 +02:00
Thomas Müller	2951a70fcb	Update ExcludeFileByNameFilterIterator.php (#25184 ) Gentoo & derivatives use a tool named webapp-config which places two files in a webapp-config manager web application: 1: .webapp tag with more detailed info on the configuration done by webapp-config 2: .webapp-appname with the list of files installed by the tool to be able to later only delete stuff that was installed (in case of upgrade) and updated configurations.	2016-06-20 12:02:23 +02:00
Christoph Wurst	56199eba37	fix unit test warning/errors	2016-06-20 10:41:23 +02:00
Vincent Petry	e2b0a0f18f	Merge pull request #25174 from owncloud/tokenmapper-close-cursor close cursor after loading a token	2016-06-20 09:54:15 +02:00
Vincent Petry	01041045da	Merge pull request #25168 from owncloud/capped-user-cache Capped cache for user config	2016-06-20 09:53:58 +02:00
Christoph Wurst	9d74ff02a4	fix nitpick	2016-06-20 09:13:47 +02:00
Florian Preinstorfer	f6e9322f1e	Remove obsolete contacts_cards_properties table The table contacts_cards_properties was part of the contacts app until ownCloud 8.2. It got replaced with cards_properties (part of dav). See also: ownCloud/core #21889	2016-06-19 15:40:37 +02:00
Florian Preinstorfer	217144dd95	Drop obsolete tables: gallery_albums and gallery_photos Commit `34a21a63ce` renamed gallery_albums to pictures_images_cache and removed gallery_photos entirely.	2016-06-19 14:01:42 +02:00
Christoph Wurst	b0f2878f6e	close cursor after loading a token	2016-06-17 16:13:28 +02:00
Christoph Wurst	1889df5c7c	dont create a session token for clients, validate the app password instead	2016-06-17 15:42:28 +02:00
Christoph Wurst	0c0a216f42	store last check timestamp in token instead of session	2016-06-17 15:42:28 +02:00
Christoph Wurst	c4149c59c2	use token last_activity instead of session value	2016-06-17 15:42:28 +02:00
Jörn Friedrich Dreyer	66560b8ed9	Capped cache for user config	2016-06-17 12:58:55 +02:00
Vincent Petry	73e284e1e1	Use getLazyRootFolder from RemoveRootShares repair step This prevents the command registration to setup the FS too early when FS-related apps might need upgrading.	2016-06-17 11:09:12 +02:00
Christoph Wurst	82b50d126c	add PasswordLoginForbiddenException	2016-06-17 11:02:07 +02:00
Vincent Petry	82beee57e4	Merge pull request #25132 from owncloud/2fa-load-apps-before-query load 2FA provider apps before querying classes	2016-06-16 17:04:19 +02:00
Jörn Friedrich Dreyer	592ac6f7da	emit correct signal when disabling an app	2016-06-16 14:17:06 +02:00
Christoph Wurst	a40d64ff7f	load 2FA provider apps before querying classes	2016-06-16 10:12:16 +02:00
Vincent Petry	9c328de4ab	Merge pull request #24415 from owncloud/optimize_sharingdisabled_for_user Optimize isSharingDisabledForUser	2016-06-16 09:27:48 +02:00
Vincent Petry	1251df3e17	Merge pull request #25075 from owncloud/fix_23265 Remove shares of the root folder	2016-06-16 09:27:06 +02:00
Vincent Petry	5de6432441	Merge pull request #25056 from owncloud/fs-usermountcache-capped Capped cache for cache info in UserMountCache	2016-06-15 13:01:28 +02:00
Vincent Petry	05967a6904	Merge pull request #25093 from owncloud/issue-12816-clean-tags-from-deleted-users Clean up tags of deleted users	2016-06-15 12:20:29 +02:00
Vincent Petry	f163eedfa2	Merge pull request #25102 from owncloud/preview-delete-performance Preview delete performance	2016-06-15 11:58:50 +02:00
Vincent Petry	3e9353dd69	Merge pull request #25082 from owncloud/fix-sessionless-clients Fix sessionless clients	2016-06-15 10:45:55 +02:00
Robin Appelman	01d9ad6b14	optimized size propagation on deletes	2016-06-14 17:17:43 +02:00
Robin Appelman	dfcaeeabb3	propagator batching when removing thumbnails	2016-06-14 17:17:29 +02:00
Robin Appelman	1fddd62c1c	remvoe duplicate rmdir	2016-06-14 17:06:24 +02:00
Joas Schilling	123bf78ca8	Clean up tags of deleted users	2016-06-14 12:38:09 +02:00
Roeland Jago Douma	28d070730d	Fix case with no user	2016-06-14 11:34:41 +02:00
Vincent Petry	ce676c4eb6	Merge pull request #25076 from owncloud/mount-cache-invalid handle invalid storages in LazyStorageMountInfo	2016-06-14 10:52:21 +02:00
Roeland Jago Douma	ae3d0d96fe	Optimize isSharingDisabledForuser	2016-06-14 10:17:06 +02:00
Arthur Schiwon	ae02685e6f	Merge branch 'master' of https://github.com/owncloud/core into downstream-160614	2016-06-14 01:06:25 +02:00
Christoph Wurst	465807490d	create session token only for clients that support cookies	2016-06-13 19:44:05 +02:00
Christoph Wurst	331d88bcab	create session token on all APIs	2016-06-13 15:38:34 +02:00
Vincent Petry	86d7241be2	Capped cache for cache info in UserMountCache	2016-06-13 15:08:12 +02:00
Roeland Jago Douma	64471b5d4a	Remove shares of the root folder Fixes #23265 (A possibly costly) repair job to remove cyclic shares.	2016-06-13 15:07:41 +02:00
Bjoern Schiessle	5f2bc3a96d	emit correct signal if a app get's disabled	2016-06-13 13:36:23 +02:00
Robin Appelman	338cd4033a	handle invalid storages in LazyStorageMountInfo	2016-06-13 13:31:45 +02:00
Christoph Wurst	5daa9a5417	fail hard if 2fa provider can not be loaded (#25061 )	2016-06-13 12:46:45 +02:00
Arthur Schiwon	42c66efea5	Merge branch 'master' of https://github.com/owncloud/core into downstream-160611	2016-06-11 15:34:43 +02:00
Lukas Reschke	842cc2a788	Merge pull request #19 from nextcloud/files-drop add "hide file list" option	2016-06-10 18:29:09 +02:00
Vincent Petry	52a0c939ab	Merge pull request #24863 from owncloud/propagator-batching Propagator batching for the file scanner	2016-06-10 17:45:52 +02:00
Vincent Petry	21de838b85	Merge pull request #24898 from owncloud/avatar_repair Repair job to fix permissions for avatars	2016-06-10 17:02:11 +02:00
Vincent Petry	ffb2838dd8	Merge pull request #25055 from owncloud/enc-cappedcache-getaccesslist Use capped cache for encryption's user access list	2016-06-10 15:35:39 +02:00
Jörn Friedrich Dreyer	c14198b874	fetchall appconfig entries (#23835 )	2016-06-10 15:20:22 +02:00
Jörn Friedrich Dreyer	c668588e17	map oracle driver options to params (#23938 )	2016-06-10 14:07:31 +02:00
Vincent Petry	77caa0e913	Use capped cache for encryption's user access list	2016-06-10 13:02:41 +02:00
Roeland Jago Douma	28d9ad2817	Empty string is null on oracle	2016-06-10 12:44:49 +02:00
Roeland Jago Douma	1b66db72d9	Repair job to fix permissions for avatars Fixes #22978 On some older installations the permissions for the userRoot and the avatars are not correct. This breaks since we now use the Node API in the avatar code. This repair job makes sure that the permissions are set correctly. * Unit tests added	2016-06-10 12:44:49 +02:00
Vincent Petry	a0d8702a1c	Merge pull request #25051 from owncloud/2fa-raw-php-files Check 2FA state for raw php files too	2016-06-10 11:56:21 +02:00
Vincent Petry	d81dac24aa	Merge pull request #25025 from owncloud/clear_old_calendar_shares Add repair step to clean old calendar shares	2016-06-10 10:42:04 +02:00
Christoph Wurst	7b3dc806eb	Check 2FA state for raw php files too	2016-06-10 09:52:52 +02:00
Arthur Schiwon	a636e4ff28	Downstream 2016-06-09 Merge branch 'master' of https://github.com/owncloud/core into downstream-160609	2016-06-09 18:45:12 +02:00
blizzz	51fd2602a7	Revert "Downstream 2016-06-08"	2016-06-09 17:41:57 +02:00
Vincent Petry	6ba18934e6	Merge pull request #25000 from owncloud/fix-email-login-dav Allow login by email address via webdav as well	2016-06-09 16:28:06 +02:00
Roeland Jago Douma	7d51fd0310	Add repair step to clean old calendar/contact shares fixes #21889	2016-06-09 15:48:45 +02:00
Bjoern Schiessle	bb54ab0db8	add hide file list option	2016-06-09 15:15:17 +02:00
Robin Appelman	49db29727c	make sure $data['mtime'] is always a timestamp	2016-06-09 14:00:02 +02:00
Robin Appelman	7970ff2099	don't update storage mtime if we can't get the modified date	2016-06-09 14:00:01 +02:00
Robin Appelman	ea6921da3b	Ignore forbidden files while scanning	2016-06-09 14:00:01 +02:00
Robin Appelman	bee918693a	dissalow symlinks in local storages that point outside the datadir	2016-06-09 14:00:01 +02:00
Joas Schilling	4f27c2c433	Allow to decrypt user '0' files only	2016-06-09 14:00:00 +02:00
Christoph Wurst	60e15e934c	do not generate device token if 2FA is enable for user	2016-06-09 14:00:00 +02:00
Joas Schilling	0041d89dc2	Do not allow to store boolean configs, they behave unexpected on postgres	2016-06-09 13:59:58 +02:00
Robin Appelman	18f7cede51	Fix warnings when trying to get mtime of non existing files	2016-06-09 13:59:58 +02:00
Robin Appelman	f4831f4074	return success when deleting ghost files	2016-06-09 13:59:58 +02:00
Robin Appelman	67c2c85b05	allow deleting "ghost files" trough the View and Node api	2016-06-09 13:59:58 +02:00
Thomas Müller	f20c617154	Allow login by email address via webdav as well - fixes #24791	2016-06-09 12:08:49 +02:00
Vincent Petry	90c1ec1c49	Merge pull request #25014 from owncloud/admin-datadircheck-fix Use temporary htaccesstest.txt for data dir security check	2016-06-09 11:58:28 +02:00
Vincent Petry	826e276a79	Merge pull request #24973 from owncloud/token-password-session-token When creating a session token, make sure it's the login password and …	2016-06-09 11:58:04 +02:00
Vincent Petry	aca4ea12c1	Merge pull request #24826 from owncloud/cors-client-login use client login method on CORS routes	2016-06-09 10:31:14 +02:00
Vincent Petry	0e3737ffe1	Merge pull request #25028 from owncloud/scanner-user-not-setup skip scanning for a user when the user is not setup yet	2016-06-09 10:29:46 +02:00
Jan-Christoph Borchardt	81145ee57c	THIS IS NEXTCLOUD! adjusting the design	2016-06-08 17:02:18 +02:00
Joas Schilling	e49307014c	Do not log token or challenge with exception stacktrace (#25026 ) * Make the filtering better readable * Add some more methods to the sensitive list	2016-06-08 16:32:58 +02:00
Christoph Wurst	9997c431c3	use client login method on CORS routes	2016-06-08 15:18:53 +02:00
Christoph Wurst	46e26f6b49	catch sessionnotavailable exception if memory session is used	2016-06-08 15:03:15 +02:00
Robin Appelman	808438efc0	skip scanning for a user when the user is not setup yet	2016-06-08 14:19:42 +02:00
Christoph Wurst	ec929f07f2	When creating a session token, make sure it's the login password and not a device token	2016-06-08 13:31:55 +02:00
Vincent Petry	8d0948977e	Merge pull request #24899 from owncloud/local-storage-symlinks dissalow symlinks in local storages that point outside the datadir	2016-06-08 10:19:24 +02:00
Vincent Petry	ed92f4c427	Merge pull request #24983 from owncloud/issue-23776-do-not-allow-boolean-user-config Do not allow to store boolean configs, they behave unexpected on postgres	2016-06-08 10:14:08 +02:00
Vincent Petry	12683b786d	Merge pull request #24991 from owncloud/2fa-do-not-generate-token do not generate device token if 2FA is enable for user	2016-06-08 10:13:04 +02:00
Vincent Petry	b7935dcebd	Merge pull request #24998 from owncloud/issue-24994-allow-decrypting-user-0-only Allow to decrypt user '0' files only	2016-06-08 10:12:28 +02:00
Vincent Petry	fb087a0261	Use temporary htaccesstest.txt for data dir security check	2016-06-07 18:36:13 +02:00
Robin Appelman	2cf7ad8c55	make sure $data['mtime'] is always a timestamp	2016-06-07 17:09:24 +02:00
Robin Appelman	6822689e38	don't update storage mtime if we can't get the modified date	2016-06-07 15:04:24 +02:00
Robin Appelman	73547f29be	Ignore forbidden files while scanning	2016-06-07 14:01:55 +02:00
Robin Appelman	7b1b723e5b	dissalow symlinks in local storages that point outside the datadir	2016-06-07 14:01:53 +02:00
Vincent Petry	bf917d7063	Merge pull request #24813 from owncloud/delete-ghost-files allow deleting "ghost files" trough the View and Node api	2016-06-07 09:34:16 +02:00
Joas Schilling	d4ba982131	Allow to decrypt user '0' files only	2016-06-07 09:13:11 +02:00
Christoph Wurst	8f7a4aaa4d	do not generate device token if 2FA is enable for user	2016-06-07 09:09:51 +02:00
Lukas Reschke	deef15a3c7	Remove "Help" link from personal sidebar At the moment we want to hide the help link from the personal sidebar as it contains the original ownCloud documentation. Once we have our own documentation with our proper branding and so on we can reenable this.	2016-06-06 18:40:15 +02:00
Joas Schilling	7d31ae9909	Fix second check for quota size (#24989 )	2016-06-06 13:47:53 +02:00
Joas Schilling	911fd3ead4	Do not allow to store boolean configs, they behave unexpected on postgres	2016-06-06 12:38:20 +02:00
Robin Appelman	6bc8305edd	Fix warnings when trying to get mtime of non existing files	2016-06-03 13:35:27 +02:00
Robin Appelman	14f96f86e7	return success when deleting ghost files	2016-06-03 13:34:54 +02:00
Robin Appelman	63408fa6ef	allow deleting "ghost files" trough the View and Node api	2016-06-03 13:30:59 +02:00
Georg Ehrke	89a10fdb2d	normalize path in getInternalPath	2016-06-02 19:11:35 +02:00
Robin Appelman	fce19d22d9	fix mtime propagation on sqlite	2016-06-02 15:43:43 +02:00
Vincent Petry	1ab7ee5e23	Merge pull request #24940 from owncloud/fix-normalizedcachekey-keepunicode Add keepUnicode value in the cache key of normalizedPathCache	2016-06-02 15:18:13 +02:00
Robin Appelman	cc67ad4dda	use propagator batching in the scanner	2016-06-02 15:07:50 +02:00
Robin Appelman	9fb44e34af	add propagator batching	2016-06-02 15:07:47 +02:00
Vincent Petry	53398b5146	Merge pull request #24936 from owncloud/2fa-block-ocs block OCS if 2FA challenge needs to be solved first	2016-06-02 14:55:34 +02:00
Vincent Petry	f37d519d0d	Merge pull request #24946 from owncloud/issue-24943-duplicate-downgrade-unsupported-message Do not show the hint when it's the same as the message	2016-06-02 10:40:53 +02:00
Vincent Petry	6b1422929d	Merge pull request #24947 from owncloud/2fa-remember-redirect-url remember redirect_url when solving the 2FA challenge	2016-06-02 10:40:32 +02:00
Joas Schilling	1d2cdfb9fd	Fix URL for client downloads	2016-06-01 16:58:57 +02:00
Christoph Wurst	5e71d23ded	remember redirect_url when solving the 2FA challenge	2016-06-01 14:43:47 +02:00
Vincent Petry	5ad8fa7675	Add keepUnicode value in the cache key of normalizedPathCache	2016-06-01 14:28:59 +02:00
Joas Schilling	13892417c4	Do not show the hint when it's the same as the message	2016-06-01 13:34:57 +02:00
Christoph Wurst	3ec6f4e165	block OCS if 2FA challenge needs to be solved first	2016-06-01 11:19:49 +02:00
Vincent Petry	7b4459d28d	Merge pull request #24912 from owncloud/session-tokens-apache-auth Create session tokens for apache auth users	2016-06-01 10:56:10 +02:00
Christoph Wurst	c58d8159d7	Create session tokens for apache auth users	2016-05-31 17:07:49 +02:00
Vincent Petry	2b111b217c	Merge pull request #24851 from owncloud/ldap-static-method-log Hack to prevent infinite loop with LDAP + logging	2016-05-31 13:52:52 +02:00
Vincent Petry	c0a19ecd2d	Merge pull request #24907 from owncloud/properly-check-for-mbstring Properly check for mbstring extension	2016-05-31 13:51:17 +02:00
Vincent Petry	5bb06723b0	Hack to prevent infinite loop with LDAP + logging Forward port of `a50619200c` to 9.1/master	2016-05-31 11:38:41 +02:00
Vincent Petry	59ed464ee6	Merge pull request #24769 from owncloud/issue-24752-no-ui-message-when-integrity-disabled Only show message in the UI when the checker is enabled	2016-05-31 10:36:16 +02:00
Vincent Petry	a441220f24	Merge pull request #24628 from owncloud/decryptall-checkifneedsprocessing [decrypt_all] Check if file needs to decrypted or not for speed up large oc setups.	2016-05-31 10:12:03 +02:00
Vincent Petry	3361cdf0cc	Merge pull request #16688 from owncloud/tests-dockerapachewebdav Add morrisjobke/webdav docker container for external storage tests	2016-05-31 09:55:06 +02:00
Lukas Reschke	a23df94af1	Properly check for mbstring extension mb_detect_encoding is in the fallback we ship in the polyfill library, mb_strcut is not. Thus this lead to a false positive and ownCloud would just break.	2016-05-31 08:12:36 +02:00
Torben Dannhauer	718f0757e4	Fix for #23066 (#24689 )	2016-05-31 06:53:28 +02:00
Vincent Petry	5d7f37d570	Check whether remote DAV server accepted the mtime on touch ownCloud as remote DAV always accepts the mtime on touch, but other servers like Apache's DAV server doesn't. The latter doesn't give any visible hint in its response to detect this case, so this fix does a subsequent PROPFIND to check whether the mtime was actually set. Since a touch() operation seldom happens (only on uploads), the minor performance loss should hopefully be acceptable.	2016-05-30 16:10:30 +02:00
Vincent Petry	6f346b4b1f	Fix webdav destination header when overwriting folders The trailing slash is needed when talking to Apache's mod_dav server	2016-05-30 16:10:30 +02:00
Vincent Petry	1423cf1d9d	Use isEncrpyted() instead	2016-05-30 14:49:27 +02:00
Christian Jürges	fd4f9091fd	Respect oc coding style guide.	2016-05-30 14:49:27 +02:00
Christian Jürges	b996c1f43f	Check if file needs to decrypted or not for speed up large oc setups.	2016-05-30 14:49:27 +02:00
Robin Appelman	d717b583d2	trigger size calculation after scanning (#24875 )	2016-05-30 11:14:31 +02:00
Lukas Reschke	aba539703c	Update license headers	2016-05-26 19:57:24 +02:00
Joas Schilling	db2e9df5f0	Move Job to a better class name	2016-05-25 16:06:06 +02:00
Joas Schilling	b72706b450	Move background job to PSR-4	2016-05-25 14:59:59 +02:00
Vincent Petry	b5f455f5ac	Merge pull request #24812 from owncloud/fkammer-enhancement-cache-folder-gc-ttl Make chunk cache ttl configurable	2016-05-25 11:07:31 +02:00
Vincent Petry	c36cf30ade	Merge pull request #24444 from owncloud/update-notifications-for-core-and-apps Update notifications for core and apps	2016-05-25 09:13:10 +02:00
Christoph Wurst	a922957f76	add default token auth config on install, upgrade and add it to sample config	2016-05-24 18:02:52 +02:00
Christoph Wurst	28ce7dd262	do not allow client password logins if token auth is enforced or 2FA is enabled	2016-05-24 17:54:02 +02:00
Vincent Petry	d3fb5d618e	Merge pull request #24748 from owncloud/login-explicitly Log in explicitly, save login name when generating browser/device tokens	2016-05-24 17:51:49 +02:00
Vincent Petry	51b0036d8f	Changed labels of chunk TTL to mention chunks	2016-05-24 15:18:56 +02:00
Vincent Petry	e7110c7678	Merge pull request #24760 from owncloud/objectstore_multibucket Objectstore multibucket	2016-05-24 15:15:59 +02:00
Vincent Petry	c9b26d065b	Move cache chunk TTL value to FileChunking class This makes it less generic and only used for actual file chunking	2016-05-24 14:58:27 +02:00
Frederik Kammer	299520b322	Add config value for cache gc ttl	2016-05-24 14:55:26 +02:00
Christoph Wurst	ad10485cec	when generating browser/device token, save the login name for later password checks	2016-05-24 11:49:15 +02:00
Joas Schilling	aac990eddf	Add a background job that generates notifications when an update is available	2016-05-24 11:26:51 +02:00
Vincent Petry	ee1f4602f3	Merge pull request #24787 from owncloud/fix-update-issue-on-master Add the background jobs after the table was updated	2016-05-24 10:14:00 +02:00
Vincent Petry	1d1cb79321	Merge pull request #23395 from owncloud/mysql-check-speedup Speedup schema cloning for MySQL	2016-05-24 10:00:38 +02:00
Christoph Wurst	4128b853e5	login explicitly	2016-05-24 09:48:02 +02:00
Roeland Jago Douma	abe338f433	Store user bucket in preferences	2016-05-23 21:57:41 +02:00
Vincent Petry	adcf942901	Merge pull request #24750 from owncloud/lenz1111-share_download_range_requests_support Http Range requests support in downloads	2016-05-23 21:01:26 +02:00
Vincent Petry	5a8af2f0be	Merge pull request #24729 from owncloud/try-token-login-first try token login first	2016-05-23 20:50:57 +02:00
Vincent Petry	4f6670d759	Merge pull request #24658 from owncloud/invalidate-disabled-user-session invalidate user session if the user was disabled	2016-05-23 20:50:25 +02:00
Vincent Petry	87fa86a69a	Merge pull request #24559 from owncloud/2fa two factor auth	2016-05-23 20:50:03 +02:00
Roeland Jago Douma	e03e4921a0	Fix Name	2016-05-23 20:42:08 +02:00
Roeland Jago Douma	5e2316d05d	Allow multibucket in objectstore	2016-05-23 20:42:08 +02:00
Victor Dubiniuk	01aedbe506	Speedup schema cloning for MySQL	2016-05-23 20:52:40 +03:00
Vincent Petry	aa56d42fa8	Merge pull request #24777 from owncloud/scanner-dont-propagate dont needlessly triger the propgator in the scanner	2016-05-23 19:05:20 +02:00
Joas Schilling	78da57466f	Add the background jobs after the table was updated	2016-05-23 17:58:46 +02:00
Vincent Petry	524479fa09	Merge pull request #24699 from owncloud/background-scan-recursion Only recurse into incomplete folders during background scans	2016-05-23 17:44:02 +02:00
Piotr Filiciak	6577bbe887	Code style and doc fix	2016-05-23 15:17:00 +02:00
Robin Appelman	eca57be336	Only recurse into incomplete folders during background scans	2016-05-23 14:40:35 +02:00
Vincent Petry	21df2eb5a1	Merge pull request #24695 from owncloud/background-scan-propagate Trigger propagation from the background scanner	2016-05-23 14:32:28 +02:00
Vincent Petry	68c5df798c	Merge pull request #24765 from owncloud/boolean-installed-config Make sure we evaluate installed everywhere as a boolean	2016-05-23 14:32:10 +02:00
Vincent Petry	57525a02f8	Merge pull request #24703 from owncloud/personal-settings-auth-tokens Personal settings auth tokens	2016-05-23 14:17:01 +02:00
Robin Appelman	f3979e5459	dont needlessly triger the propgator in the scanner	2016-05-23 13:53:05 +02:00
Vincent Petry	bd87f67473	Merge pull request #24349 from owncloud/nfd-storagewrapper Add wrapper for NFD encoding workaround	2016-05-23 13:45:33 +02:00
Vincent Petry	862d8f43e5	Merge pull request #24766 from owncloud/mmccarn-patch-2 Update imagePath to prefer theme, then app, then core images	2016-05-23 11:46:03 +02:00
Joas Schilling	c2cac0940d	Only show message in the UI when the checker is enabled	2016-05-23 11:29:40 +02:00
Christoph Wurst	847bbc51b6	add OCC command to enable/disable 2FA for a user	2016-05-23 11:21:13 +02:00
Christoph Wurst	dfb4d426c2	Add two factor auth to core	2016-05-23 11:21:10 +02:00
Christoph Wurst	c20cdc2213	invalidate user session if the user is disabled	2016-05-23 10:32:16 +02:00
mmccarn	1bc5eb111b	Update imagePath to prefer theme, then app, then core images imagePath updated so that image searches follow this priority: 1) /themes/$theme/apps/$app/img 2) /themes/$theme/$app/img 3) /themes/$theme/core/img 4) $appPath/img 5) /$app/img 6) /core/img For each folder: - if the specified file exists, use it. - otherwise, if $basename.svg does NOT exist, try $basename.png (This might better be "if filename was an svg, try the png"...)	2016-05-23 10:24:04 +02:00
Joas Schilling	7f1b8f22d4	Make sure that installed is a boolean	2016-05-23 10:09:22 +02:00
Vincent Petry	5ba1add03c	Merge pull request #24603 from owncloud/federated_reshare flat federated re-share	2016-05-23 09:52:13 +02:00
Vincent Petry	c78bb2ab34	Merge pull request #24356 from owncloud/scanner-recursion-memory Free up folder content from memory before recursing in the file scanner	2016-05-23 09:51:52 +02:00
Christoph Wurst	74277c25be	add button to invalidate browser sessions/device tokens	2016-05-23 09:11:12 +02:00
Christoph Wurst	6495534bcd	add button to add new device tokens	2016-05-23 09:11:12 +02:00
Christoph Wurst	12431aa399	list user's auth tokens on the personal settings page	2016-05-23 09:11:12 +02:00
Vincent Petry	8646802850	Merge pull request #24696 from owncloud/lock-jobs-while-executing Lock jobs while executing them, to allow multiple executors to run in…	2016-05-21 19:08:15 +02:00
Joas Schilling	d0a2fa0506	Lock jobs while executing them, to allow multiple executors to run in parallel	2016-05-21 01:59:25 +02:00
Joas Schilling	7e3ce83526	Add a method to lock a table	2016-05-21 01:59:03 +02:00
Björn Schießle	7b25839bd5	use share initiator as fall back to access the file in case of federated re-shares the owner can be a remote user. Therefore we can't always use to owner to access the local file	2016-05-20 21:15:15 +02:00
Piotr Filiciak	9999e05660	Http Range requests support in downloads Http range requests support is required for video preview	2016-05-20 18:16:44 +02:00
Vincent Petry	8fbb63d316	Some tweaks for systemtagmanager	2016-05-20 17:56:02 +02:00
Vincent Petry	88740f035d	Act on effective system tag canAssign permission Whenever the server returns true for the can-assign Webdav property of a system tag, it means the current user is allowed to assign, regardless of the value of user-assignable. This commit brings the proper logic to the web UI to make it possible for users to assign when they have the permission.	2016-05-20 17:56:02 +02:00
Vincent Petry	b5eb3d9e5a	Add system tag assignability check with groups Whenever a user is not an admin, a tag is visible but not user-assignable, check whether the user is a member of the allowed groups.	2016-05-20 17:56:02 +02:00
Vincent Petry	3cd65fe25d	Add systemtag_group table and get/set methods Added systemtag to group mapping table. Added methods in ISystemTagManager to get/set the group mappings.	2016-05-20 17:56:02 +02:00
Vincent Petry	09b3883d9c	Updated canUser* functions in SystemTagManager to accept objects	2016-05-20 17:56:02 +02:00
Vincent Petry	8343cfb64b	Add interface methods for permission check Instead of checking for admin perm, use interface method canUserAssignTag and canUserSeeTag to check for permissions. Allows for more flexible implementation.	2016-05-20 17:56:02 +02:00
Christoph Wurst	11dc97da43	try token login first	2016-05-20 10:52:39 +02:00
Vincent Petry	bac8e13324	Remove unneeded unsets in encoding wrapper	2016-05-20 09:33:59 +02:00
Vincent Petry	e8d082208d	Fixes for encoding wrapper Improved label Fixed rename/copy/moveFromStorage/copyFromStorage and added tests Improved findPathToUse algo	2016-05-20 09:33:59 +02:00
Vincent Petry	f8b2b95408	Scanner must normalize new children names for cache diff Since new children from the storage might contain NFD entries, these must be normalized to NFC to be properly diff'ed with the cache contents which is always NFC. This fixes an issue where NFD entries would disappear from the cache after rescannng for children.	2016-05-20 09:33:59 +02:00
Vincent Petry	db4c7fe743	Add encoding wrapper as opt-in mount option The encoding wrapper is now only applied when the mount option is set, disabled by default.	2016-05-20 09:33:59 +02:00
Vincent Petry	63bbbf29f4	Add wrapper for NFD encoding workaround	2016-05-20 09:33:59 +02:00
Vincent Petry	65eae43ab1	Merge pull request #24721 from owncloud/public_psr4 Move \OCP to PSR-4	2016-05-19 15:53:03 +02:00
Vincent Petry	f42cdec4c4	Merge pull request #24725 from owncloud/ocs-provider-psr4 Move OCS Provider to PSR-4 namespace	2016-05-19 15:36:19 +02:00
Vincent Petry	3b3940df6b	Merge pull request #24660 from owncloud/no-token-login-for-disabled-users don't allow token login for disabled users	2016-05-19 15:32:09 +02:00
Joas Schilling	20f229eed9	Move OCS Provider to PSR-4 namespace	2016-05-19 11:10:32 +02:00
Roeland Jago Douma	893204ef4a	Fix broken exception naming	2016-05-19 10:05:53 +02:00
Christoph Wurst	f824f3e5f3	don't allow token login for disabled users	2016-05-18 21:10:37 +02:00
Christoph Wurst	0626578739	add method to query all user auth tokens	2016-05-18 18:25:37 +02:00
Vincent Petry	01f44d83b2	Merge pull request #24691 from owncloud/fixchunkttl Allow chunk GC mtime tolerance for unfinished part chunks	2016-05-18 18:19:08 +02:00
Robin Appelman	e6386652df	Trigger propagation from the background scanner	2016-05-18 14:31:43 +02:00
Vincent Petry	e0af5263fb	Allow chunk GC mtime tolerance for unfinished part chunks Whenever part chunks are written, every fwrite in the write loop will reset the mtime to the current mtime. Only at the end will the touch() operation set the mtime to now + ttl, in the future. However the GC code is expecting that every chunk with mtime < now are old and must be deleted. This causes the GC to sometimes delete part chunks in which the write loop is slow. To fix this, a tolerance value is added in the GC code to allow for more time before a part chunk gets deleted.	2016-05-18 13:39:37 +02:00
Christoph Wurst	98b465a8b9	a single token provider suffices	2016-05-18 09:20:48 +02:00
Robin Appelman	de5b7609f9	use mount providers to setup home storages (#24567 )	2016-05-17 21:40:55 +02:00
Roeland Douma	5c9103287f	Group fixup (#24621 ) * Move used OC_Group_xx to \OC\Group * Add (deprecated) legacy wrapper in legacy, OC_Group_xx * Replace deprecated use of OC_Group_xx with \OC\Group\xx	2016-05-17 16:06:44 +02:00
Jörn Friedrich Dreyer	ca8d2e2f2e	Merge pull request #24370 from owncloud/iclientservice-dicontainer add IClientService to DI container	2016-05-17 09:33:54 +02:00
Jörn Friedrich Dreyer	5e03e9a843	Merge pull request #24083 from owncloud/fix-race-condition Read only once	2016-05-17 09:03:57 +02:00
Vincent Petry	3db709d568	Merge pull request #24600 from owncloud/http-client-lazy-config only configure the http client once we start using it	2016-05-13 16:10:24 +02:00
Vincent Petry	6938904b07	Merge pull request #24614 from owncloud/token-validation-log don't spam the log file with failed token validation entries	2016-05-13 16:09:49 +02:00
Christoph Wurst	ed01305e29	don't spam the log file with failed token validation entries	2016-05-13 09:53:50 +02:00
Roeland Jago Douma	05cc0dd478	Move \OC\Template to PSR-4	2016-05-13 08:54:07 +02:00
Roeland Jago Douma	eb79b83831	Move functions.php to legacy This file should really be properly namespaced etc!	2016-05-13 08:54:07 +02:00
Robin Appelman	ea0f09a7ed	only configure the http client once we start using it	2016-05-12 13:29:45 +02:00
Morris Jobke	9b3eefbf95	Merge pull request #24563 from owncloud/redis-factory factor out redis configuration into it's own factory	2016-05-12 13:15:12 +02:00
Roeland Douma	9b05f37fad	lib/private/ocs to PSR-4 (#24558 ) * Move OC_OCS_XX to legacy * Move \OC\OCS to PSR-4 * OC_OCS_xx to \OC\OCS\xx * Moved OC_OCS_xx to proper namespace * OC_OCS_xx is still there for legacy reasons as a wrapper * No calls to OC_OCS_xx in \OC\OCS\	2016-05-12 09:43:53 +02:00
Lukas Reschke	52add798d4	Do not automatically try to enable index.php-less URLs (#24539 ) The current logic for mod_rewrite relies on the fact that people have properly configured ownCloud, basically it reads from the `overwrite.cli.ur l` entry and then derives the `RewriteBase` from it. This usually works. However, since the ownCloud packages seem to install themselves at `/owncloud` (because subfolders are cool or so…) _a lot_ of people have just created a new Virtual Host for it or have simply symlinked the path etc. This means that `overwrite.cli.url` is wrong, which fails hard if it is used as RewriteBase since Apache does not know where it should serve files from. In the end the ownCloud instance will not be accessible anymore and users will be frustrated. Also some shared hosters like 1&1 (because using shared hosters is so awesome… ;-)) have somewhat dubious Apache configurations or use versions of mod_rewrite from the mediveal age. (because updating is money or so…) Anyhow. This makes this explicitly an opt-in configuration flag. If `htaccess.RewriteBase` is set then it will configure index.php-less URLs, if admins set that after installation and don't want to wait until the next ownCloud version they can run `occ maintenance:update:htaccess`. For ownCloud 9.0 we also have to add a repair step to make sure that instances that already have a RewriteBase configured continue to use it by copying it into the config file. That way all existing URLs stay valid. That one is not in this PR since this is unneccessary in master. Effectively this reduces another risk of breakage when updating from ownCloud 8 to ownCloud 9. Fixes https://github.com/owncloud/core/issues/24525, https://github.com/owncloud/core/issues/24426 and probably some more.	2016-05-12 09:43:26 +02:00
Jörn Friedrich Dreyer	e03f9e8103	allow configuration of memcached options (#23729 ) * allow configuration of memcache options Use production values for memcached as explained in http://apprize.info/php/scaling/15.html The current implementiation uses ascii based serialization. This PR should reduce traffic to the memcached server. cc @MorrisJobke @FelixBoehm * add config sample * merge config options, throw hint on config error * fix typo * fix config sample	2016-05-11 19:38:00 +02:00
Thomas Müller	8729415880	Merge pull request #24531 from owncloud/psr4-loading-for-install-and-commands Correctly register PSR-4 autoloading before install.php and loading commands	2016-05-11 13:53:16 +02:00
Christoph Wurst	0486d750aa	use the UID for creating the session token, not the login name	2016-05-11 13:36:46 +02:00
Christoph Wurst	69dafd727d	delete the token in case an exception is thrown when decrypting the password	2016-05-11 13:36:46 +02:00
Christoph Wurst	af707fba41	use the query builder instead of raw sql statements	2016-05-11 13:36:46 +02:00
Christoph Wurst	46bdf6ea2b	fix PHPDoc and other minor issues	2016-05-11 13:36:46 +02:00

... 4 5 6 7 8 ...

6241 commits