Merge branch 'master' into subadmin

13 files changed, 220 insertions, 79 deletions

diff --git a/lib/app.php b/lib/app.php
index a9feff1620a..4c2c43ec26b 100755
--- a/lib/app.php
+++ b/lib/app.php
@@ -36,6 +36,7 @@ class OC_App{
 	static private $appInfo = array();
 	static private $appTypes = array();
 	static private $loadedApps = array();
+	static private $checkedApps = array();
 
 	/**
 	 * @brief loads all apps
@@ -349,9 +350,13 @@ class OC_App{
 
 
 	protected static function findAppInDirectories($appid) {
+		static $app_dir = array();
+		if (isset($app_dir[$appid])) {
+			return $app_dir[$appid];
+		}
 		foreach(OC::$APPSROOTS as $dir) {
 			if(file_exists($dir['path'].'/'.$appid)) {
-				return $dir;
+				return $app_dir[$appid]=$dir;
 			}
 		}
 	}
@@ -530,6 +535,10 @@ class OC_App{
 	 * check if the app need updating and update when needed
 	 */
 	public static function checkUpgrade($app) {
+		if (in_array($app, self::$checkedApps)) {
+			return;
+		}
+		self::$checkedApps[] = $app;
 		$versions = self::getAppVersions();
 		$currentVersion=OC_App::getAppVersion($app);
 		if ($currentVersion) {
@@ -564,7 +573,7 @@ class OC_App{
 	}
 
 	/**
-	 * get the installed version of all papps
+	 * get the installed version of all apps
 	 */
 	public static function getAppVersions(){
 		static $versions;
diff --git a/lib/base.php b/lib/base.php
index c2b0bbef780..fe69ad70c0f 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -330,21 +330,6 @@ class OC{
 
 		self::checkInstalled();
 		self::checkSSL();
-
-		// CSRF protection
-		if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer='';
-		$refererhost=parse_url($referer);
-		if(isset($refererhost['host'])) $refererhost=$refererhost['host']; else $refererhost='';
-		$server=OC_Helper::serverHost();
-		$serverhost=explode(':',$server);
-		$serverhost=$serverhost['0'];
-		if(!self::$CLI){
-			if(($_SERVER['REQUEST_METHOD']=='POST') and ($refererhost<>$serverhost)) {
-				$url = OC_Helper::serverProtocol().'://'.$server.OC::$WEBROOT.'/index.php';
-				header("Location: $url");
-				exit();
-			}
-		}
 		self::initSession();
 		self::initTemplateEngine();
 		self::checkUpgrade();
diff --git a/lib/db.php b/lib/db.php
index 9e6835adc6f..2a06d72ea32 100644
--- a/lib/db.php
+++ b/lib/db.php
@@ -128,6 +128,14 @@ class OC_DB {
 					}else{
 						$dsn='pgsql:dbname='.$name.';host='.$host;
 					}
+					/**
+					* Ugly fix for pg connections pbm when password use spaces
+					*/
+					$e_user = addslashes($user);
+					$e_password = addslashes($pass);
+					$pass = $user = null;
+					$dsn .= ";user='$e_user';password='$e_password'";
+					/** END OF FIX***/
 					break;
 			}
 			try{
@@ -528,7 +536,7 @@ class OC_DB {
 	 	self::removeDBStructure( OC::$SERVERROOT . '/db_structure.xml' );
 	 	
 	 	foreach($apps as $app){
-	 		$path = self::getAppPath($app).'/appinfo/database.xml';
+	 		$path = OC_App::getAppPath($app).'/appinfo/database.xml';
 	 		if(file_exists($path)){
 	 			self::removeDBStructure( $path );	
 	 		}
diff --git a/lib/files.php b/lib/files.php
index 469c3a15b8e..d5bebb7e549 100644
--- a/lib/files.php
+++ b/lib/files.php
@@ -167,10 +167,12 @@ class OC_Files {
 	* @param file $target
 	*/
 	public static function move($sourceDir,$source,$targetDir,$target){
-		if(OC_User::isLoggedIn() && ($sourceDir != '' || $source != 'Shared')){
+		if(OC_User::isLoggedIn() && ($sourceDir != '' || $source != 'Shared') && !OC_Filesystem::file_exists($targetDir.'/'.$target)){
 			$targetFile=self::normalizePath($targetDir.'/'.$target);
 			$sourceFile=self::normalizePath($sourceDir.'/'.$source);
 			return OC_Filesystem::rename($sourceFile,$targetFile);
+		} else {
+			return false;
 		}
 	}
 
diff --git a/lib/filesystem.php b/lib/filesystem.php
index 0ab3bd69acd..65318fa3ab6 100644
--- a/lib/filesystem.php
+++ b/lib/filesystem.php
@@ -153,6 +153,7 @@ class OC_Filesystem{
 		if($path[0]!=='/'){
 			$path='/'.$path;
 		}
+		$path=str_replace('//', '/',$path);
 		$foundMountPoint='';
 		foreach(OC_Filesystem::$mounts as $mountpoint=>$storage){
 			if($mountpoint==$path){
diff --git a/lib/filesystemview.php b/lib/filesystemview.php
index 99e08c50e75..448663bb081 100644
--- a/lib/filesystemview.php
+++ b/lib/filesystemview.php
@@ -276,7 +276,7 @@ class OC_FilesystemView {
 				}else{
 					$source=$this->fopen($path1,'r');
 					$target=$this->fopen($path2,'w');
-					$count=OC_Helper::streamCopy($data,$target);
+					$count=OC_Helper::streamCopy($source,$target);
 					$storage1=$this->getStorage($path1);
 					$storage1->unlink($this->getInternalPath($path1));
 					$result=$count>0;
@@ -314,7 +314,7 @@ class OC_FilesystemView {
 				}else{
 					$source=$this->fopen($path1,'r');
 					$target=$this->fopen($path2,'w');
-					$count=OC_Helper::streamCopy($data,$target);
+					$result=OC_Helper::streamCopy($source,$target);
 				}
         OC_Hook::emit( OC_Filesystem::CLASSNAME, OC_Filesystem::signal_post_copy, array( OC_Filesystem::signal_param_oldpath => $path1 , OC_Filesystem::signal_param_newpath=>$path2));
 				if(!$exists){
diff --git a/lib/helper.php b/lib/helper.php
index 6ab55f27618..0d18098a4e7 100644
--- a/lib/helper.php
+++ b/lib/helper.php
@@ -38,21 +38,18 @@ class OC_Helper {
 	 */
 	public static function linkTo( $app, $file ){
 		if( $app != '' ){
-			$app .= '/';
+			$app_path = OC_App::getAppPath($app);
 			// Check if the app is in the app folder
-			if( file_exists( OC_App::getAppPath($app).'/'.$file )){
-				if(substr($file, -3) == 'php' || substr($file, -3) == 'css'){	
-					if(substr($app, -1, 1) == '/'){
-						$app = substr($app, 0, strlen($app) - 1);
-					}
+			if( $app_path && file_exists( $app_path.'/'.$file )){
+				if(substr($file, -3) == 'php' || substr($file, -3) == 'css'){
 					$urlLinkTo =  OC::$WEBROOT . '/?app=' . $app;
 					$urlLinkTo .= ($file!='index.php')?'&getfile=' . urlencode($file):'';
 				}else{
-					$urlLinkTo =  OC_App::getAppWebPath($app) . $file;
+					$urlLinkTo =  OC_App::getAppWebPath($app) . '/' . $file;
 				}
 			}
 			else{
-				$urlLinkTo =  OC::$WEBROOT . '/' . $app . $file;
+				$urlLinkTo =  OC::$WEBROOT . '/' . $app . '/' . $file;
 			}
 		}
 		else{
@@ -382,7 +379,7 @@ class OC_Helper {
 			//trim the character set from the end of the response
 			$mimeType=substr($reply,0,strrpos($reply,' '));
 
-			//trim ; 
+			//trim ;
 			if (strpos($mimeType, ';') !== false) {
 				$mimeType = strstr($mimeType, ';', true);
 			}
@@ -589,11 +586,11 @@ class OC_Helper {
 
 		return $newpath;
 	}
-	
+
 	/*
 	 * checks if $sub is a subdirectory of $parent
-	 * 
-	 * @param $sub 
+	 *
+	 * @param $sub
 	 * @param $parent
 	 * @return bool
 	 */
@@ -623,4 +620,68 @@ class OC_Helper {
 		exit;*/
 		return false;
 	}
+
+	/**
+	* @brief Returns an array with all keys from input lowercased or uppercased. Numbered indices are left as is.
+	*
+	* @param $input The array to work on
+	* @param $case Either MB_CASE_UPPER or MB_CASE_LOWER (default)
+	* @param $encoding The encoding parameter is the character encoding. Defaults to UTF-8
+	* @return array
+	*
+	* Returns an array with all keys from input lowercased or uppercased. Numbered indices are left as is.
+	* based on http://www.php.net/manual/en/function.array-change-key-case.php#107715
+	*
+	*/
+	public static function mb_array_change_key_case($input, $case = MB_CASE_LOWER, $encoding = 'UTF-8'){
+		$case = ($case != MB_CASE_UPPER) ? MB_CASE_LOWER : MB_CASE_UPPER;
+		$ret = array();
+		foreach ($input as $k => $v) {
+			$ret[mb_convert_case($k, $case, $encoding)] = $v;
+		}
+		return $ret;
+	}
+
+	/**
+	* @brief replaces a copy of string delimited by the start and (optionally) length parameters with the string given in replacement.
+	*
+	* @param $input The input string. .Opposite to the PHP build-in function does not accept an array.
+	* @param $replacement The replacement string.
+	* @param $start If start is positive, the replacing will begin at the start'th offset into string. If start is negative, the replacing will begin at the start'th character from the end of string.
+	* @param $length Length of the part to be replaced
+	* @param $encoding The encoding parameter is the character encoding. Defaults to UTF-8
+	* @return string
+	*
+	*/
+	public static function mb_substr_replace($string, $replacement, $start, $length = null, $encoding = 'UTF-8') {
+		$start = intval($start);
+		$length = intval($length);
+		$string = mb_substr($string, 0, $start, $encoding) .
+		          $replacement .
+		          mb_substr($string, $start+$length, mb_strlen($string, 'UTF-8')-$start, $encoding);
+
+		return $string;
+	}
+
+	/**
+	* @brief Replace all occurrences of the search string with the replacement string
+	*
+	* @param $search The value being searched for, otherwise known as the needle. String.
+	* @param $replace The replacement string.
+	* @param $subject The string or array being searched and replaced on, otherwise known as the haystack.
+	* @param $encoding The encoding parameter is the character encoding. Defaults to UTF-8
+	* @param $count If passed, this will be set to the number of replacements performed.
+	* @return string
+	*
+	*/
+	public static function mb_str_replace($search, $replace, $subject, $encoding = 'UTF-8', &$count = null) {
+		$offset = -1;
+		$length = mb_strlen($search, 'UTF-8');
+		while(($i = mb_strrpos($subject, $search, $offset, 'UTF-8'))) {
+			$subject = OC_Helper::mb_substr_replace($subject, $replace, $i, $length);
+			$offset = $i - mb_strlen($subject, 'UTF-8') - 1;
+			$count++;
+		}
+		return $subject;
+	}
 }
diff --git a/lib/json.php b/lib/json.php
index 4eab4fce9f6..c49b831c12b 100644
--- a/lib/json.php
+++ b/lib/json.php
@@ -94,12 +94,12 @@ class OC_JSON{
 	* Encode and print $data in json format
 	*/
 	public static function encodedPrint($data,$setContentType=true){
-		if(!isset($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '') {
+			// Disable mimesniffing, don't move this to setContentTypeHeader!
+			header( 'X-Content-Type-Options: nosniff' );
 			if($setContentType){
 				self::setContentTypeHeader();
 			}
 			array_walk_recursive($data, array('OC_JSON', 'to_string'));
 			echo json_encode($data);
-		}
 	}
 }
diff --git a/lib/l10n.php b/lib/l10n.php
index 4acbc5dcebc..de8514573d3 100644
--- a/lib/l10n.php
+++ b/lib/l10n.php
@@ -113,13 +113,13 @@ class OC_L10N{
 			$i18ndir = self::findI18nDir($app);
 			// Localization is in /l10n, Texts are in $i18ndir
 			// (Just no need to define date/time format etc. twice)
-			if(file_exists($i18ndir.$lang.'.php')){
+			if((OC_Helper::issubdirectory($i18ndir.$lang.'.php', OC_App::getAppPath($app).'/l10n/') || OC_Helper::issubdirectory($i18ndir.$lang.'.php', OC::$SERVERROOT.'/core/l10n/') || OC_Helper::issubdirectory($i18ndir.$lang.'.php', OC::$SERVERROOT.'/settings')) && file_exists($i18ndir.$lang.'.php')) {
 				// Include the file, save the data from $CONFIG
-				include($i18ndir.$lang.'.php');
+				include(strip_tags($i18ndir).strip_tags($lang).'.php');
 				if(isset($TRANSLATIONS) && is_array($TRANSLATIONS)){
 					$this->translations = $TRANSLATIONS;
 				}
-			}
+			} 
 
 			if(file_exists(OC::$SERVERROOT.'/core/l10n/l10n-'.$lang.'.php')){
 				// Include the file, save the data from $CONFIG
diff --git a/lib/migrate.php b/lib/migrate.php
index f26b4b25673..f788a637d3c 100644
--- a/lib/migrate.php
+++ b/lib/migrate.php
@@ -64,7 +64,7 @@ class OC_Migrate{
 		$apps = OC_App::getAllApps();
 
 		foreach($apps as $app){
-			$path = self::getAppPath($app) . '/appinfo/migrate.php';
+			$path = OC_App::getAppPath($app) . '/appinfo/migrate.php';
 			if( file_exists( $path ) ){
 				include( $path );
 			}
@@ -278,7 +278,7 @@ class OC_Migrate{
 						return json_encode( array( 'success' => false ) );
 					}
 					// Done
-					return json_encode( 'success' => true );
+					return json_encode( array( 'success' => true ) );
 					*/
 			break;
 		}
@@ -398,7 +398,7 @@ class OC_Migrate{
 			if( OC_App::isEnabled( $provider->getID() ) ){
 				$success = true;
 				// Does this app use the database?
-				if( file_exists( self::getAppPath($provider->getID()).'/appinfo/database.xml' ) ){
+				if( file_exists( OC_App::getAppPath($provider->getID()).'/appinfo/database.xml' ) ){
 					// Create some app tables
 					$tables = self::createAppTables( $provider->getID() );
 					if( is_array( $tables ) ){
@@ -443,21 +443,10 @@ class OC_Migrate{
 						'ocversion' => OC_Util::getVersion(),
 						'exporttime' => time(),
 						'exportedby' => OC_User::getUser(),
-						'exporttype' => self::$exporttype
+						'exporttype' => self::$exporttype,
+						'exporteduser' => self::$uid
 					);
-		// Add hash if user export
-		if( self::$exporttype == 'user' ){
-			$query = OC_DB::prepare( "SELECT password FROM *PREFIX*users WHERE uid = ?" );
-			$result = $query->execute( array( self::$uid ) );
-			$row = $result->fetchRow();
-			$hash = $row ? $row['password'] : false;
-			if( !$hash ){
-				OC_Log::write( 'migration', 'Failed to get the users password hash', OC_log::ERROR);
-				return false;
-			}
-			$info['hash'] = $hash;
-			$info['exporteduser'] = self::$uid;
-		}
+
 		if( !is_array( $array ) ){
 			OC_Log::write( 'migration', 'Supplied $array was not an array in getExportInfo()', OC_Log::ERROR );
 		}
@@ -539,7 +528,7 @@ class OC_Migrate{
 		}
 
 		// There is a database.xml file
-		$content = file_get_contents(self::getAppPath($appid) . '/appinfo/database.xml' );
+		$content = file_get_contents(OC_App::getAppPath($appid) . '/appinfo/database.xml' );
 
 		$file2 = 'static://db_scheme';
 		// TODO get the relative path to migration.db from the data dir
diff --git a/lib/public/util.php b/lib/public/util.php
index c611d59a533..41121091544 100644
--- a/lib/public/util.php
+++ b/lib/public/util.php
@@ -26,7 +26,7 @@
  *
  */
 
-// use OCP namespace for all classes that are considered public. 
+// use OCP namespace for all classes that are considered public.
 // This means that they should be used by apps instead of the internal ownCloud classes
 namespace OCP;
 
@@ -54,7 +54,7 @@ class Util {
 
 
 	/**
-	 * @brief send an email 
+	 * @brief send an email
 	 * @param string $toaddress
 	 * @param string $toname
 	 * @param string $subject
@@ -264,17 +264,61 @@ class Util {
 	public static function callCheck(){
 		return(\OC_Util::callCheck());
 	}
-	
-	/**

-	 * @brief Used to sanitize HTML

-	 *

-	 * This function is used to sanitize HTML and should be applied on any string or array of strings before displaying it on a web page.

-	 *

-	 * @param string or array of strings

-	 * @return array with sanitized strings or a single sinitized string, depends on the input parameter.

-	 */

-	public static function sanitizeHTML( $value ){

-		return(\OC_Util::sanitizeHTML($value));

+
+	/**
+	 * @brief Used to sanitize HTML
+	 *
+	 * This function is used to sanitize HTML and should be applied on any string or array of strings before displaying it on a web page.
+	 *
+	 * @param string or array of strings
+	 * @return array with sanitized strings or a single sinitized string, depends on the input parameter.
+	 */
+	public static function sanitizeHTML( $value ){
+		return(\OC_Util::sanitizeHTML($value));
+	}
+
+	/**
+	* @brief Returns an array with all keys from input lowercased or uppercased. Numbered indices are left as is.
+	*
+	* @param $input The array to work on
+	* @param $case Either MB_CASE_UPPER or MB_CASE_LOWER (default)
+	* @param $encoding The encoding parameter is the character encoding. Defaults to UTF-8
+	* @return array
+	*
+	*
+	*/
+	public static function mb_array_change_key_case($input, $case = MB_CASE_LOWER, $encoding = 'UTF-8'){
+		return(\OC_Helper::mb_array_change_key_case($input, $case, $encoding));
+	}
+
+	/**
+	* @brief replaces a copy of string delimited by the start and (optionally) length parameters with the string given in replacement.
+	*
+	* @param $input The input string. .Opposite to the PHP build-in function does not accept an array.
+	* @param $replacement The replacement string.
+	* @param $start If start is positive, the replacing will begin at the start'th offset into string. If start is negative, the replacing will begin at the start'th character from the end of string.
+	* @param $length Length of the part to be replaced
+	* @param $encoding The encoding parameter is the character encoding. Defaults to UTF-8
+	* @return string
+	*
+	*/
+	public static function mb_substr_replace($string, $replacement, $start, $length = null, $encoding = 'UTF-8') {
+		return(\OC_Helper::mb_substr_replace($string, $replacement, $start, $length, $encoding));
+	}
+
+	/**
+	* @brief Replace all occurrences of the search string with the replacement string
+	*
+	* @param $search The value being searched for, otherwise known as the needle. String.
+	* @param $replace The replacement string.
+	* @param $subject The string or array being searched and replaced on, otherwise known as the haystack.
+	* @param $encoding The encoding parameter is the character encoding. Defaults to UTF-8
+	* @param $count If passed, this will be set to the number of replacements performed.
+	* @return string
+	*
+	*/
+	public static function mb_str_replace($search, $replace, $subject, $encoding = 'UTF-8', &$count = null) {
+		return(\OC_Helper::mb_str_replace($search, $replace, $subject, $encoding, $count));
 	}
 }
 
diff --git a/lib/setup.php b/lib/setup.php
index 5f1fb1525ec..bad0f5301c7 100644
--- a/lib/setup.php
+++ b/lib/setup.php
@@ -150,23 +150,28 @@ class OC_Setup {
 				$dbpass = $options['dbpass'];
 				$dbname = $options['dbname'];
 				$dbhost = $options['dbhost'];
-				$dbtableprefix = $options['dbtableprefix'];
+				$dbtableprefix = isset($options['dbtableprefix']) ? $options['dbtableprefix'] : 'oc_';
 				OC_CONFIG::setValue('dbname', $dbname);
 				OC_CONFIG::setValue('dbhost', $dbhost);
 				OC_CONFIG::setValue('dbtableprefix', $dbtableprefix);
 
+				$e_host = addslashes($dbhost);
+				$e_user = addslashes($dbuser);
+				$e_password = addslashes($dbpass);
 				//check if the database user has admin right
-				$connection_string = "host=$dbhost dbname=postgres user=$dbuser password=$dbpass";
+				$connection_string = "host='$e_host' dbname=postgres user='$e_user' password='$e_password'";
 				$connection = @pg_connect($connection_string);
 				if(!$connection) {
 					$error[] = array(
 						'error' => 'PostgreSQL username and/or password not valid',
 						'hint' => 'You need to enter either an existing account or the administrator.'
 					);
+					return $error;
 				}
 				else {
+					$e_user = pg_escape_string($dbuser);
 					//check for roles creation rights in postgresql
-					$query="SELECT 1 FROM pg_roles WHERE rolcreaterole=TRUE AND rolname='$dbuser'";
+					$query="SELECT 1 FROM pg_roles WHERE rolcreaterole=TRUE AND rolname='$e_user'";
 					$result = pg_query($connection, $query);
 					if($result and pg_num_rows($result) > 0) {
 						//use the admin login data for the new database user
@@ -198,7 +203,13 @@ class OC_Setup {
 					// connect to the ownCloud database (dbname=$dbname) an check if it needs to be filled
 					$dbuser = OC_CONFIG::getValue('dbuser');
 					$dbpass = OC_CONFIG::getValue('dbpassword');
-					$connection_string = "host=$dbhost dbname=$dbname user=$dbuser password=$dbpass";
+
+					$e_host = addslashes($dbhost);
+					$e_dbname = addslashes($dbname);
+					$e_user = addslashes($dbuser);
+					$e_password = addslashes($dbpass);
+
+					$connection_string = "host='$e_host' dbname='$e_dbname' user='$e_user' password='$e_password'";
 					$connection = @pg_connect($connection_string);
 					if(!$connection) {
 						$error[] = array(
@@ -284,13 +295,23 @@ class OC_Setup {
 		//we cant use OC_BD functions here because we need to connect as the administrative user.
 		$e_name = pg_escape_string($name);
 		$e_user = pg_escape_string($user);
-		$query = "CREATE DATABASE \"$e_name\" OWNER \"$e_user\"";
+		$query = "select datname from pg_database where datname = '$e_name'";
 		$result = pg_query($connection, $query);
 		if(!$result) {
 			$entry='DB Error: "'.pg_last_error($connection).'"<br />';
 			$entry.='Offending command was: '.$query.'<br />';
 			echo($entry);
 		}
+		if(! pg_fetch_row($result)) {
+			//The database does not exists... let's create it
+			$query = "CREATE DATABASE \"$e_name\" OWNER \"$e_user\"";
+			$result = pg_query($connection, $query);
+			if(!$result) {
+				$entry='DB Error: "'.pg_last_error($connection).'"<br />';
+				$entry.='Offending command was: '.$query.'<br />';
+				echo($entry);
+			}
+		}
 		$query = "REVOKE ALL PRIVILEGES ON DATABASE \"$e_name\" FROM PUBLIC";
 		$result = pg_query($connection, $query);		
 	}
@@ -298,13 +319,33 @@ class OC_Setup {
 	private static function pg_createDBUser($name,$password,$connection) {
 		$e_name = pg_escape_string($name);
 		$e_password = pg_escape_string($password);
-		$query = "CREATE USER \"$e_name\" CREATEDB PASSWORD '$e_password';";
+		$query = "select * from pg_roles where rolname='$e_name';";
 		$result = pg_query($connection, $query);
 		if(!$result) {
 			$entry='DB Error: "'.pg_last_error($connection).'"<br />';
 			$entry.='Offending command was: '.$query.'<br />';
 			echo($entry);
 		}
+
+		if(! pg_fetch_row($result)) {
+			//user does not exists let's create it :)
+			$query = "CREATE USER \"$e_name\" CREATEDB PASSWORD '$e_password';";
+			$result = pg_query($connection, $query);
+			if(!$result) {
+				$entry='DB Error: "'.pg_last_error($connection).'"<br />';
+				$entry.='Offending command was: '.$query.'<br />';
+				echo($entry);
+			}
+		}
+		else { // change password of the existing role
+			$query = "ALTER ROLE \"$e_name\" WITH PASSWORD '$e_password';";
+			$result = pg_query($connection, $query);
+			if(!$result) {
+				$entry='DB Error: "'.pg_last_error($connection).'"<br />';
+				$entry.='Offending command was: '.$query.'<br />';
+				echo($entry);
+			}
+		}
 	}
 
 	/**
diff --git a/lib/util.php b/lib/util.php
index 0d9f4129442..2a7b8a922f9 100755
--- a/lib/util.php
+++ b/lib/util.php
@@ -324,16 +324,17 @@ class OC_Util {
 	* Redirect to the user default page
 	*/
 	public static function redirectToDefaultPage(){
-		OC_Log::write('core','redirectToDefaultPage',OC_Log::DEBUG);
 		if(isset($_REQUEST['redirect_url']) && (substr($_REQUEST['redirect_url'], 0, strlen(OC::$WEBROOT)) == OC::$WEBROOT || $_REQUEST['redirect_url'][0] == '/')) {
-			header( 'Location: '.$_REQUEST['redirect_url']);
+			$location = $_REQUEST['redirect_url'];
 		}
 		else if (isset(OC::$REQUESTEDAPP) && !empty(OC::$REQUESTEDAPP)) {
-			header( 'Location: '.OC::$WEBROOT.'/?app='.OC::$REQUESTEDAPP );
+			$location = OC::$WEBROOT.'/?app='.OC::$REQUESTEDAPP;
 		}
 		else {
-			header( 'Location: '.OC::$WEBROOT.'/'.OC_Appconfig::getValue('core', 'defaultpage', '?app=files'));
+			$location = OC::$WEBROOT.'/'.OC_Appconfig::getValue('core', 'defaultpage', '?app=files');
 		}
+		OC_Log::write('core', 'redirectToDefaultPage: '.$location, OC_Log::DEBUG);
+		header( 'Location: '.$location );
 		exit();
 	}