fix the backport

Signed-off-by: szaimen <szaimen@e.mail.de>

Fix suggestions by @artonage

Signed-off-by: Micke Nordin <kano@sunet.se>

Simpler version as proposed by @artonage

Co-authored-by: Louis <6653109+artonge@users.noreply.github.com>
Signed-off-by: Micke Nordin <kano@sunet.se>

Respect user settings in php.ini if they are big enough

In the admin guide:
* https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/big_file_upload_configuration.html

it is mentioned that you can tweek:
* max_input_time
* max_execution_time

in order to enable larger file uploads. However, the current codebase
will hard code these values to one hour, no matter what the user sets in
php.ini.

This patch will allow the user to set these settings in php.ini and they
will be respected, if and only if, they are set to something bigger than
3600 seconds.

Signed-off-by: Micke Nordin <kano@sunet.se>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

Merge pull request #33474 from nextcloud/dependabot/npm_and_yarn/stable23/css-vars-ponyfill-2.4.8

Bump css-vars-ponyfill from 2.4.7 to 2.4.8

Bumps [css-vars-ponyfill](https://github.com/jhildenbiddle/css-vars-ponyfill) from 2.4.7 to 2.4.8.
- [Release notes](https://github.com/jhildenbiddle/css-vars-ponyfill/releases)
- [Changelog](https://github.com/jhildenbiddle/css-vars-ponyfill/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhildenbiddle/css-vars-ponyfill/compare/v2.4.7...v2.4.8)

---
updated-dependencies:
- dependency-name: css-vars-ponyfill
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>

Merge pull request #33580 from nextcloud/backport/33538/stable23

[stable23] Unify initial and updated quota display

Show usage percenteage in the tooltip

The tooltip of the initial quota display showed the usage percenteage
and the total available space. However, the total available space was
redundant, as it was shown just below. The tooltip of the updated quota
display showed the usage percenteage, but based on the quota rather than
the total available space, so there was a mismatch between the tooltip
and the bar below. Now the tooltip of the initial and the updated quota
display both show just the usage percenteage based on the total
available space.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Use total available space rather than quota when updating the display

The initial quota display uses the total available space rather than the
quota. Moreover, the relative usage is based on the total space rather
than the quota. Due to this now the total available space is also used
when updating the quota display.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Merge pull request #33184 from nextcloud/dependabot/npm_and_yarn/stable23/moment-2.29.4

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

Merge pull request #33503 from nextcloud/release/23.0.8

23.0.8

Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

Bump moment from 2.29.3 to 2.29.4

Bumps [moment](https://github.com/moment/moment) from 2.29.3 to 2.29.4.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.29.3...2.29.4)

---
updated-dependencies:
- dependency-name: moment
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>

Merge pull request #33489 from nextcloud/backport/33485/stable23

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

Do not update passwords if nothing changed

Signed-off-by: Julius Härtl <jus@bitgrid.net>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

Merge pull request #33421 from nextcloud/release/23.0.8rc1

23.0.8rc1

Merge pull request #33443 from nextcloud/backport/33407/stable23

[stable23] Handle one time and large passwords

Merge pull request #33456 from nextcloud/backport/32852/stable23

[stable23] Revert "Revert "Remove inefficient fed share scanner""

fix external share scanner not propagating locking-opt-out

Signed-off-by: Robin Appelman <robin@icewind.nl>

Disable locking on federated shares

The old inneficiant code didn't do locking and adding locking is
creating issues

Signed-off-by: Carl Schwan <carl@carlschwan.eu>

Revert "Revert "Remove inefficient fed share scanner""

This reverts commit 6667007bf235b90a7dd105c881cf5802b2a3f83e.

Signed-off-by: Carl Schwan <carl@carlschwan.eu>

Merge pull request #33436 from nextcloud/dependabot/npm_and_yarn/stable23/nextcloud/moment-1.2.1

Bump @nextcloud/momemt to 1.2.1

Handle one time and large passwords

For passwords bigger than 250 characters, use a bigger key since the
performance impact is minor (around one second to encrypt the password).

For passwords bigger than 470 characters, give up earlier and throw
exeception recommanding admin to either enable the previously enabled
configuration or use smaller passwords.

This adds an option to disable storing passwords in the database. This
might be desirable when using single use token as passwords or very
large passwords.

Signed-off-by: Carl Schwan <carl@carlschwan.eu>

Bump @nextcloud/momemt to 1.2.1

Signed-off-by: Carl Schwan <carl@carlschwan.eu>

Merge pull request #33354 from nextcloud/backport/33031/stable23

[stable23] Improve local IP detection

Merge pull request #33392 from nextcloud/backport/33280/stable23

[stable23] handle AccessDenied error when checking if external s3 support versions

Merge pull request #32333 from nextcloud/dependabot/npm_and_yarn/stable23/clipboard-2.0.11

Bump clipboard from 2.0.10 to 2.0.11

Bumps [clipboard](https://github.com/zenorocha/clipboard.js) from 2.0.10 to 2.0.11.
- [Release notes](https://github.com/zenorocha/clipboard.js/releases)
- [Commits](https://github.com/zenorocha/clipboard.js/compare/v2.0.10...v2.0.11)

---
updated-dependencies:
- dependency-name: clipboard
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>

Merge pull request #33408 from nextcloud/backport/33090/stable23

[stable23] DAV custom props: catch Exception and rollback transaction in case

Merge pull request #33156 from nextcloud/backport/32997/stable23

[stable23] load dashboard widgets of enabled apps only

Merge pull request #33383 from nextcloud/backport/33378/stable23

[stable23] don't set `null` as a bundle path

Fix autoloader

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>

fix PHP 7.3 compat

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

Remove call to undefined function, fix typing

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>

Align copied file with our code style

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>

Copy IpUtils from Symfony to avoid new dependency on backport

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>

Merge pull request #33103 from nextcloud/enhancement/add-logging-lo-federation

[Stable23] Logging, updating status for general error in federation

Merge pull request #33095 from nextcloud/dependabot/composer/build/integration/stable23/sabre/dav-4.4.0

Update sabre/dav requirement from 4.3.1 to 4.4.0 in /build/integration

23.0.8rc1

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

catch any exception for transaction control

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

DAV custom props: catch Exception and rollback transaction in case

- before exceptions were not caught, a started transaction might not have
  been finished
- also resolve depractions and use IQueryBuilder

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

handle AccessDenied error when checking if external s3 support versions

Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>

Merge pull request #33366 from nextcloud/vincentdabot/npm_and_yarn/stable23/underscore-1.12.1

[stable23] Bump underscore from 1.12.0 to 1.12.1

avoid early DI of IAppManager

- might break install

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

load widgets only of enabled apps

- per design, all enabled apps have their registration run
- limitations, e.g. enabled by group, are not considered in that state,
  because we do not have a session (and might need apps?)
- before instantiation of widget it has to be checked whether the providing
  app is actually enabled for the logged in user.
- a public interface is being changed, but it is not meant to be
  implemented or used outside of the core handling. Therefore save to
  backport.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

don't set `null` as a bundle path

Signed-off-by: Robin Appelman <robin@icewind.nl>

Fix core tests by stubbing debounce

Signed-off-by: Vincent Petry <vincent@nextcloud.com>

Bump underscore from 1.12.0 to 1.12.1

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>

Merge pull request #33348 from nextcloud/dependabot/npm_and_yarn/stable23/dompurify-2.3.10

Bump dompurify from 2.3.8 to 2.3.10

Merge pull request #33351 from nextcloud/backport/33315/stable23

[stable23] Reset user status based on message ID only

Merge pull request #33365 from nextcloud/backport/33341/stable23

[stable23] Don't try to purge objects from the birthday calendar when it doesn't exist

Don't try to purge objects from the birthday calendar when it doesn't exist

Doesn't matter much as it's been recreated afterwards with (ensureCalendarExists).

Closes #29617

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

Use Symfony IpUtils to check for local IP ranges

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>

Check for local IPs nested in IPv6 as well

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>

Refactor local IP if and set strict to true for in_array

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>

Improve local IP detection

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>

Reset user status based on message ID only

Since some statuses (call) can occure with different status
(away and dnd) we need to reset only based on the message id.
But as it can not be set by the user this is still save and okay.

Signed-off-by: Joas Schilling <coding@schilljs.com>

Merge pull request #33344 from nextcloud/backport/33129/stable23

[stable23] Fix reading blob data as resource

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

Bump dompurify from 2.3.8 to 2.3.10

Bumps [dompurify](https://github.com/cure53/DOMPurify) from 2.3.8 to 2.3.10.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/2.3.8...2.3.10)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>

Fix reading blob data as resource

PostgreSQL returns data as resource when using IQueryBuilder::PARAM_LOB
(which is used for QBMapper).

Previously we just converted this resource using settype, which produced
things like "Resource id #14" instead of the actual resource data.

Now we read the stream correctly if the returned data is a resource

See context at #22472

Fixes #22439

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

Merge pull request #33253 from nextcloud/backport/32963/stable23

[stable23] also use nextcloud certificate bundle when downloading from s3

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

Merge pull request #33277 from nextcloud/backport/33270/stable23

[stable23] fix loading legacy app.php with multi app dir

fix loading legacy app.php with multi app dir

- requireAppFile() only appends /appinfo/app.php
- without the absolute path, require_once looks into include_path
- the first match in inlcude_path however migth be different from appPath
- fixed by providing the tested(!), full path to the app

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

Merge pull request #33257 from nextcloud/release/23.0.7

23.0.7

23.0.7

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

only use nextcloud bundle when explicitly enabled

Signed-off-by: Robin Appelman <robin@icewind.nl>

also use nextcloud certificate bundle when downloading from s3

Signed-off-by: Robin Appelman <robin@icewind.nl>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

Merge pull request #33150 from nextcloud/automated/noid/stable23-update-psalm-baseline

[stable23] Update psalm-baseline.xml

Update psalm baseline

Signed-off-by: GitHub <noreply@github.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>

[tx-robot] updated from transifex

Signed-off-by: Nextcloud bot <bot@nextcloud.com>