wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4662 commits 157 branches 562 tags 714 MiB
Commit graph

1189 commits

Author SHA1 Message Date
Robin Appelman
a2cc772aa5 dont run update scripts for apps that arent enabled 2012-05-19 02:00:46 +02:00
Robin Appelman
b096fd9ed8 log upgrades 2012-05-19 01:55:20 +02:00
Robin Appelman
df64b9b0e9 strict standards fixes for sqlite3 2012-05-19 01:39:41 +02:00
Michael Gapczynski
90cbc32c77 Fix redirect after login, prevent open redirects 2012-05-18 16:56:48 -04:00
Frank Karlitschek
16224e5e8b "fopen(" interferes with our own classes. 
remove it for now and let´s fix this later
 2012-05-18 18:22:37 +02:00
Frank Karlitschek
2d3c709163 Merge branch 'master' of gitorious.org:owncloud/owncloud 2012-05-18 15:56:15 +02:00
Frank Karlitschek
db77dc91bc only try to install apps that are compatible with oC4 2012-05-18 15:54:36 +02:00
Frank Karlitschek
2e9115efe0 increase to RC2 2012-05-18 15:54:17 +02:00
Michiel de Jong
a6ff909911 this code looks wrong to me but i'm putting it back while we find out what the right code should look like 2012-05-18 15:39:28 +02:00
Michiel de Jong
1a874b4c56 make redirect safe by restricting it to current host 2012-05-18 15:32:41 +02:00
Michiel de Jong
9b5e8a2c63 fix redirect to desired page after login 2012-05-18 15:11:01 +02:00
Robin Appelman
48505c5626 improve tar archive backend 2012-05-18 01:54:59 +02:00
Robin Appelman
c1ba4deb72 when scanning a folder that is a mountpoint, use the root of the mount for checking if a folder is writable instead of the folder 2012-05-17 01:47:58 +02:00
Robin Appelman
aac9629e88 add support for custom ports for mysql/pgsql by adding :portnumber to the database host 2012-05-17 01:06:22 +02:00
Robin Appelman
5fe7200a7f update documentation of oc_user::checkpassword 2012-05-17 00:57:43 +02:00
Robin Appelman
2c99924f7d make sure the group exists in the backend before adding a user to it 2012-05-17 00:47:43 +02:00
Sam Tuke
22dd155e4d Merge branch 'unstable' of gitorious.org:owncloud/owncloud into unstable 2012-05-16 18:30:35 +01:00
Sam Tuke
9acd1065b0 made initial testing version of expireAll for version control \ngave some old vars new camelcase names 2012-05-16 18:30:26 +01:00
Bart Visscher
c645a7d0f8 Fix empty jsfiles and cssfiles in layout template 2012-05-16 18:53:46 +02:00
Bart Visscher
ce1e4425c2 Combine and minimize core and default app js files 2012-05-16 18:53:46 +02:00
Bart Visscher
f71fec8cdc Combine and minimize core and default app css files 2012-05-16 18:53:46 +02:00
Bart Visscher
2faae817f1 Template: Fix var name 2012-05-16 18:53:46 +02:00
Bart Visscher
6d20fe4012 Template: Make getFormFactorExtension function public 2012-05-16 18:53:46 +02:00
Bart Visscher
b39f01fce6 Comment spelling fix 2012-05-16 18:52:40 +02:00
Bart Visscher
5d72681d10 Better place to check caching headers 2012-05-16 18:52:40 +02:00
Arthur Schiwon
01b366df80 avoid corrupt ZIP files on lighttpd, should fix oc-467 2012-05-15 11:57:24 +02:00
Thomas Mueller
583dce5276 removing executable bit - again 2012-05-15 00:52:00 +02:00
Robin Appelman
6779f28af4 cache app types during install or update 2012-05-14 22:49:31 +02:00
Thomas Mueller
bda2dbec1f Prevent Clickjacking by adding additional headers: 
header('X-Frame-Options: Sameorigin');
                header('X-XSS-Protection: 1; mode=block');
                header('X-Content-Type-Options: nosniff');

Thanks to Lukas Reschke for reporting this issue (and many more).
 2012-05-14 15:34:28 +02:00
Robin Appelman
e7c106d91e selective app loading for remote/public 2012-05-14 00:28:28 +02:00
Michael Gapczynski
a332c39472 Check if path_info is empty as well, fixes bug oc-632. Thanks to die3lustigen2. 2012-05-13 15:26:30 -04:00
Robin Appelman
8d475debe0 additional logging when db upgrade fails 2012-05-13 21:21:39 +02:00
Robin Appelman
1a2ab2ef68 prevent user creation with empty password 2012-05-13 20:53:56 +02:00
Thomas Tanghus
3926e2d4f3 VCategories: Made a small check for categories that seems to resolv the problems in Calender. Also reverts the changes from 9e6221b229. 2012-05-13 15:07:07 +02:00
Thomas Tanghus
9e6221b229 VCategories: Suppress error messages stemming from import from file app. 2012-05-13 09:16:53 +02:00
Frank Karlitschek
af77ce9a9b This is RC now 2012-05-13 05:11:10 +02:00
Robin Appelman
9eb91a111d update to jquery 1.7.2 2012-05-12 00:37:19 +02:00
Brice Maron
5b7c69f978 Change sqlite escaping of identifier to double quote. Fixing some issues 2012-05-11 19:45:53 +00:00
Bart Visscher
919681f3e6 Make processed css files cachable 2012-05-11 21:33:02 +02:00
Bart Visscher
97233b77cd Remove DOCUMENTROOT static var, and make SUBURI var private 2012-05-11 21:31:51 +02:00
Robin Appelman
847832ae77 also set remote/public paths on installing apps 2012-05-11 20:58:23 +02:00
Robin Appelman
d12021e3c4 fix sqlite3 driver against updated MDB2 2012-05-11 20:56:02 +02:00
Robin Appelman
cf3940425f don't do the initial scanning of the users home folder trough the update system 2012-05-11 20:49:19 +02:00
Robin Appelman
0622fa79ba add temporary filestorage backend for testing purposed 2012-05-11 20:33:56 +02:00
Robin Appelman
b40f9670ae allow clearing hooks and fileproxies 2012-05-11 20:33:56 +02:00
Robin Appelman
736739bbbd load remote and public paths from info.xml during upgrade instead of setting them every time 2012-05-11 20:33:56 +02:00
Michiel de Jong
c99d7dd94f the ',last' breaks all other rewrite rules and is also not there in the committed .htaccess, so removing it. anybody know why it was there? 2012-05-11 17:59:21 +02:00
Michiel de Jong
347ce2aafa match setup script to .htaccess from repo 2012-05-11 17:30:27 +02:00
Michiel de Jong
4462b26160 oops, typo in lib/setup.php 2012-05-11 17:09:10 +02:00
Michiel de Jong
2dff357a4e add new htaccess things into setup script too 2012-05-11 17:06:04 +02:00
Georg Ehrke
8f2217ca2e make default app choosable 2012-05-11 13:56:52 +02:00
Tom Needham
709b0a1ddc Check if app is enabled before exporting its data 2012-05-10 23:06:53 +00:00
Michael Gapczynski
de95bf62a2 Prevent any null bytes related exploits, thanks to Lukas Reschke 2012-05-10 11:44:06 -04:00
Michael Gapczynski
d9fbdae758 Prevent XSS exploit by checking if path-info is set, thanks to Lukas Reschke 2012-05-10 10:26:12 -04:00
Sam Tuke
b055ebc1fc added documentation to OCP namespace 2012-05-10 14:19:17 +01:00
Bart Visscher
c2230580c1 Remove unused OC static variable CONFIG_DATADIRECTORY_ROOT 2012-05-10 09:14:27 +02:00
Bart Visscher
b022ccb863 Whitespace fixes 2012-05-10 09:14:26 +02:00
Bart Visscher
e77ba0280a Implement default functions in OC_Group backend 
Simplifies calling these functions, and makes code simpler

functions:
inGroup
getUserGroups
getGroups
usersInGroup
 2012-05-10 09:14:26 +02:00
Bart Visscher
ac2e0cd6e4 Implement default functions in OC_User backend 
Simplifies calling these functions, and makes code simpler

functions:
deleteUser
getUsers
userExists
 2012-05-10 09:14:26 +02:00
Bart Visscher
a9d7c67bf2 The log message is not always shown in html 
The log message can also be logged with syslog, here we don't want to have html-entities. Also the log messages through json are displayed as text not html.
 2012-05-10 09:13:09 +02:00
Michael Gapczynski
798e6aa40b Merge commit 'refs/merge-requests/100' of git://gitorious.org/owncloud/owncloud into merge-requests/100 2012-05-09 17:50:14 -04:00
Robin Appelman
03f66c6351 also scan new folders when checking for updates 
it might cause long load times but seems the best for now
 2012-05-09 20:35:12 +02:00
Georg Ehrke
bc60b8d87a fix bug in public api 2012-05-09 18:33:40 +02:00
Philipp Roggan
bba434ca37 fixed typo in lib/public/util.php:106 (varname to ) 2012-05-09 15:17:40 +02:00
Michael Gapczynski
051442bc76 Sanitize redirect urls 2012-05-08 17:41:50 -04:00
Tom Needham
9c47346373 Protect admin from evil log messages 2012-05-08 19:41:31 +00:00
Georg Ehrke
52717d2a1b remove comments 2012-05-08 17:07:50 +02:00
Brice Maron
9921ca11b5 Add protection for non-authorized char in installation form 2012-05-07 22:12:30 +00:00
Frank Karlitschek
43978abd80 increase to 4 beta 2012-05-07 22:58:22 +02:00
Frank Karlitschek
10d291d6b3 Merge branch 'master' of gitorious.org:owncloud/owncloud 2012-05-07 22:56:34 +02:00
Frank Karlitschek
40b823bc8b some more docu fixes 2012-05-07 22:55:44 +02:00
Bart Visscher
4dbc2093c6 Create a function for linking to remote.php 2012-05-07 21:47:14 +02:00
Georg Ehrke
5b7cefb1e5 make ampache work with remote.php 2012-05-07 20:26:09 +02:00
Georg Ehrke
d032345191 fix validation of getfile parameter - i hate this bloody merge conflicts 2012-05-07 13:23:55 +02:00
Thomas Tanghus
cde60dba0f Fix typo. 2012-05-07 04:46:09 +02:00
Michael Gapczynski
aa0c3ddcfe Fix updateFolder() in OC_FileCache 2012-05-06 20:11:10 -04:00
Michael Gapczynski
e0db22cc07 Provide feedback when user creation fails 2012-05-06 18:04:48 -04:00
Frank Karlitschek
1945cd6946 ported the oc_template class 2012-05-06 23:00:36 +02:00
Frank Karlitschek
5d55c709dd some more documentation cleanups. much more is needed. 
And greeting from the Atlanta airport. ;-)
 2012-05-06 22:02:16 +02:00
Frank Karlitschek
2edf59c026 first part of documentation update. lot´s more to come 2012-05-06 21:46:39 +02:00
Daniel
35177e00c0 Merge commit 'refs/merge-requests/109' of git://gitorious.org/owncloud/owncloud into merge-requests/109 2012-05-06 16:13:13 +02:00
Jernej Virag
e459309511 Fixed escaping of filename when determining MIME type 2012-04-25 10:33:52 +02:00
Bart Visscher
f991948a71 Fix loading by apptype in webdav 2012-05-05 21:58:10 +02:00
Thomas Müller
d46bea8867 fixing file headers with copy right 2012-05-05 18:13:40 +02:00
Robin Appelman
c0e67fa24a fix opening encrypted files from the browser 2012-05-05 16:49:48 +02:00
Frank Karlitschek
9bcc5c11a8 porting the hooks and starting with the templates 2012-05-05 10:18:45 +02:00
Brice Maron
4a89eb77c1 Escape strings for DB and User creation at setup. Fix oc-124 2012-05-04 22:54:55 +00:00
Frank Karlitschek
eab4a05d78 implement missing getusers call 2012-05-04 11:13:07 +02:00
Robin Appelman
a22a79cddd fix filecache for postgresql 2012-05-03 23:17:03 +02:00
Robin Appelman
9e03ea4a28 ensure the files app is always loaded 2012-05-03 20:47:18 +02:00
Frank Karlitschek
97a8af7f25 ported oc_db 2012-05-03 13:06:08 +02:00
Frank Karlitschek
43caa3b3b9 ported oc_json 2012-05-03 12:23:29 +02:00
Frank Karlitschek
351740601a port oc_response 2012-05-03 10:46:27 +02:00
Robin Appelman
e5ef3e1340 move archive library to core so we can properly depend on it 2012-05-02 23:48:23 +02:00
Michael Gapczynski
31d623f426 Fix log viewing bug 2012-05-02 15:26:42 -04:00
Frank Karlitschek
10bbbc8cd2 new checkAppEnabled call 2012-05-02 18:54:31 +02:00
Georg Ehrke
da03d05700 create folder 'remote' for the remote services like caldav, carddav and webdav 2012-05-02 16:41:23 +02:00
Frank Karlitschek
82a61e2e1a port oc_preferences 2012-05-02 15:54:34 +02:00
Frank Karlitschek
ff66600bc0 port appconfig 2012-05-02 14:11:29 +02:00
Frank Karlitschek
8e99475886 first part of the config stuff 2012-05-02 13:28:56 +02:00
Frank Karlitschek
8c7f854671 move all the files stuff into a files class 2012-05-02 12:54:31 +02:00
Arthur Schiwon
6750998984 files is not internal any more, part II 2012-05-02 11:26:22 +02:00
Arthur Schiwon
d71600213a files is not internal any more 2012-05-02 11:14:11 +02:00
Arthur Schiwon
c9eaffd336 send downloadfile piece by piece. saves RAM and is better suited for large files. 2012-05-02 11:02:13 +02:00
Frank Karlitschek
2fe646dcec ported the oc_app calls 2012-05-02 00:50:26 +02:00
Frank Karlitschek
93b63cf375 ported the rest of the OC_Helper calls 2012-05-02 00:20:45 +02:00
Frank Karlitschek
e48f511606 port linkto and serverHost 2012-05-01 23:19:39 +02:00
Frank Karlitschek
31e32e3c10 ported checkLoggedIn and checkAdmin 2012-05-01 22:59:38 +02:00
Frank Karlitschek
e2fb094693 some more porting 2012-05-01 21:07:08 +02:00
Frank Karlitschek
d0554bef06 finish porting of the LOG calls or the apps to the public api 2012-05-01 17:38:27 +02:00
Marvin Thomas Rabe
7ded9cf520 Checks if config folder is writable on begin of the installation. 2012-05-01 16:35:46 +02:00
Arthur Schiwon
d3ce2cacd6 OC_User: handle success properly 2012-05-01 14:40:56 +02:00
Arthur Schiwon
8a69116e94 OC_User: don't say password changed when it is not true 2012-05-01 13:40:01 +02:00
Frank Karlitschek
0195d5b439 some more work on the public API 2012-05-01 09:39:12 +02:00
Frank Karlitschek
04c6582af1 load the files app in a way that doesn´t break oC3 configurations 2012-04-30 13:58:48 +02:00
Frank Karlitschek
e1268cd5f4 we require php 5.3 now. so please notify the user if an old version is in use 2012-04-30 13:28:31 +02:00
Frank Karlitschek
f0701f75a9 tiny typo 2012-04-30 13:08:08 +02:00
Thomas Mueller
07f2e316e4 removing executable bit from various files 2012-04-30 12:05:57 +02:00
Frank Karlitschek
c7e7767f58 don´t hardcode files app. we have no a standard info.xml in files 2012-04-29 21:27:02 +02:00
Robin Appelman
4d3ef9a824 improve rescanning folders 2012-04-29 16:11:17 +02:00
Robin Appelman
e3adbcb7d5 remove non existing files from the cache when rescanning a folder 2012-04-29 15:09:47 +02:00
Robin Appelman
09a5c59cca only install shipped apps on setup that should be enabled by default 2012-04-29 14:38:56 +02:00
Georg Ehrke
3aedbc5f95 remove debug message 2012-04-27 22:22:58 +02:00
Georg Ehrke
06e9ac8591 fix parsing of app parameter and fix external app 2012-04-27 22:22:03 +02:00
Georg Ehrke
993d655aad Merge branch 'master' into movable_apps_2 2012-04-27 10:30:50 +02:00
Frank Karlitschek
ee0cb68f5e some csrf fixes. needs testing 2012-04-27 01:18:21 +02:00
Frank Karlitschek
74b5e22a68 some more csrf fixes 2012-04-26 23:17:46 +02:00
Georg Ehrke
5483c1be42 hide fails 2012-04-26 21:58:43 +02:00
Georg Ehrke
5fda0e4b3b make *DAV work with movable apps 2012-04-26 21:56:29 +02:00
Georg Ehrke
2b10371bde fix merge conflicts 2012-04-26 18:08:49 +02:00
Georg Ehrke
40f95ffdf3 fix security check for the path of the requested file 2012-04-26 17:55:00 +02:00
Georg Ehrke
ebcaa46482 fix loading of css files that are core related 2012-04-26 15:19:27 +02:00
Georg Ehrke
3f64eb25ab some fixes fore movable apps 2012-04-26 14:52:55 +02:00
Georg Ehrke
d76552a009 Merge branch 'sabredav_1.6' 2012-04-25 10:39:31 +02:00
Georg Ehrke
476043ecb9 add a proper 404 2012-04-25 10:17:20 +02:00
Robin Appelman
cc2bfd313d minor filecache improvements 2012-04-25 00:12:12 +02:00
Robin Appelman
9015c46e31 emit the correct hooks for file_put_contents and some readfile improvements 2012-04-25 00:12:12 +02:00
Robin Appelman
60b924c954 initial mount configuration work 2012-04-25 00:12:12 +02:00
Georg Ehrke
f17eea506a fix merge conflicts 2012-04-24 21:59:56 +02:00
Georg Ehrke
fb84d0aff8 fix php fail 2012-04-24 21:37:19 +02:00
Georg Ehrke
9b29bc96de remove debug message 2012-04-24 21:36:54 +02:00
Georg Ehrke
0b06eff3a0 another fix for linkto function 2012-04-24 20:17:00 +02:00
Georg Ehrke
29b9e27078 fix linkto function in OC_Helper 2012-04-24 20:14:42 +02:00
Thomas Tanghus
6848b069c9 OC_App::getStorage() failed if app dir didn't exist. 2012-04-24 01:44:07 +02:00
Georg Ehrke
95c220a246 remove debug code in lib base 2012-04-23 20:31:03 +02:00
Georg Ehrke
19109afa79 fix bug in lib base 2012-04-23 20:11:21 +02:00
Georg Ehrke
42a570788b Merge branch 'master' into movable_apps 2012-04-23 19:56:07 +02:00
Georg Ehrke
6d92ebca45 use native functions of php to parse the string into the Var 2012-04-23 17:09:28 +02:00
Georg Ehrke
9226cb7a6a rename var file to getfile to prevent fails in files app 2012-04-23 16:36:24 +02:00
Georg Ehrke
aaedb23f05 fix bug in lib/helper.php and fix file upload 2012-04-23 16:28:37 +02:00