Lukas Reschke
3d2600b039
Add Phan plugin to check for SQL injections
...
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.
As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.
The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Joas Schilling
da6dd4898a
Move sync client to the firstrunwizard app
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-04 10:54:13 +02:00
Arthur Schiwon
005ef115fb
move admin templates to the right place
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-27 12:25:37 +02:00
Arthur Schiwon
d881a3c37b
adapt to force language changes
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 13:15:08 +02:00
Arthur Schiwon
7817811d13
do not offer additional settings when there is no content
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:38:05 +02:00
Arthur Schiwon
07cf046216
take over changes from #5166 and follow #5267
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:37:42 +02:00
Arthur Schiwon
d7a2290ce1
take over changes from #5084
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:37:42 +02:00
Robin Appelman
6e314ddabe
fix getting sections
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-06-23 12:37:42 +02:00
Arthur Schiwon
28fd18de43
add missing pieces to Settings Manager and fix and extend its unit tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:37:41 +02:00
Arthur Schiwon
3dca4de8b3
add Additional (+ Fallback) section for Personal settings
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:38 +02:00
Arthur Schiwon
7f48b6f14f
Adopt DB and Manager to personal settings structure
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:38 +02:00
Arthur Schiwon
d56e86cfde
sync clients have their own place
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:38 +02:00
Arthur Schiwon
8c076e0bda
take over app passwords
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:38 +02:00
Arthur Schiwon
489ac4391b
convert Sessions section
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:38 +02:00
Arthur Schiwon
8bd887b2c6
add storage info, fix URL generation
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:38 +02:00
Arthur Schiwon
9e924d74c9
fix displaying groups in personal info
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:38 +02:00
Arthur Schiwon
045f652ef2
completing PersonalInfo
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:37 +02:00
Arthur Schiwon
039ee7e3aa
brief, incomplete personal info settings implementation
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:37 +02:00
Arthur Schiwon
b68fdb473d
Extend interfaces
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:37 +02:00
Marius Blüm
f26764c790
Rename “Server settings” to “Basic settings”
...
* fixes #4587
Signed-off-by: Marius Blüm <marius@lineone.io>
2017-04-29 17:13:21 +02:00
Morris Jobke
c54a59d51e
Remove unused use statements
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-22 19:23:31 -05:00
Joas Schilling
a5b4308a51
Don't put the SMTP password into the HTML code
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 15:44:20 +02:00
Lukas Reschke
e0227cb458
Merge pull request #2095 from nextcloud/bruteforcesetttings
...
Introduce bruteforce settings
2017-04-04 11:57:43 +02:00
Bjoern Schiessle
b85b6f2439
feature endorse password for share links
...
works like "enforce password protection", but let the
user optionally remove the password protection after the
password is set. by Timo Benk
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:57:52 +02:00
Morris Jobke
ed00bab80b
Fixed layout of bruteforcesettings
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-02 21:19:30 +02:00
Roeland Jago Douma
dca555b7f3
Adds security section to the admin page
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-02 21:13:09 +02:00
Joas Schilling
75b81c3e01
Always suggest the overwrite.cli.url
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-17 13:40:58 +01:00
Joas Schilling
c3985aba70
Add the icon for the default sections
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-19 10:42:21 +01:00
Robin Appelman
4c6ffeda3e
phpdoc
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-02 15:36:54 +01:00
Robin Appelman
c4358ff9fd
split db logic from settings manager
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-12-28 18:59:24 +01:00
Robin Appelman
c694bd3455
remove old logging section
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-21 13:46:31 +01:00
Roeland Jago Douma
0200f34dd1
Move social buttons to bottom on admin page
...
For #2134
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-16 10:48:31 +01:00
Morris Jobke
0741346385
Show a hint for system based cron user name
...
* makes it easier to setup cron job
* gives hints for PHP documentation
* disables the cron setting if requirements not met
* fixes #1989
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-11-03 10:38:00 +01:00
Bjoern Schiessle
f556c58c22
remove 'send mail notification' option from sharing, replaced by send-by-mail feature
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-02 18:30:38 +01:00
Morris Jobke
6bb95de1c5
Adding a optional disclaimer to the anonymous upload page
2016-09-08 18:44:27 +02:00
Joas Schilling
43ff2f05fd
Correctly remove admin sections and settings
2016-09-06 14:37:09 +02:00
Arthur Schiwon
056c1ab035
fix wrong var name
2016-08-22 11:24:48 +02:00
Arthur Schiwon
7972fa5527
enlist only registered sections that also have settings registered to
2016-08-22 08:29:49 +02:00
Arthur Schiwon
f76b64d3d7
add missing encryption modules to settings
2016-08-16 18:11:59 +02:00
Arthur Schiwon
58530ab42f
fix missing parameters in sharing settings page
2016-08-16 17:59:21 +02:00
Arthur Schiwon
208e551216
check registered sections and settings after an app got updated to garbage collect orphaned classes
2016-08-16 00:56:17 +02:00
Arthur Schiwon
9edca39b49
attempt to remove section and settings entries when an app got disabled
2016-08-16 00:56:17 +02:00
Lukas Reschke
8a7a0f3287
Add unit tests
2016-08-15 16:25:34 +02:00
Arthur Schiwon
158d78e1ab
move mail settings and file handling to additional ones, thus files_external gets its own section
2016-08-13 01:02:25 +02:00
Arthur Schiwon
b99ecb3c23
move systemstags to sharign section, drop collaboration section
2016-08-13 00:33:09 +02:00
Arthur Schiwon
7a2b96c7e6
change casing in section display names
2016-08-13 00:06:10 +02:00
Arthur Schiwon
9aa6b99a56
added some missed diagnosis output
2016-08-12 16:52:20 +02:00
Arthur Schiwon
3dfdc8e311
adjust systemtags app
2016-08-11 19:05:06 +02:00
Arthur Schiwon
36c1b7eb31
adjust Theming app
2016-08-11 17:29:58 +02:00
Arthur Schiwon
14ddf9d923
rename IAdmin to ISettings, the interface is not bound to a specific settings scope
2016-08-11 14:48:21 +02:00