| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
PATH_INFO will be empty at this point and thus the logic in base.php did not catch this. Changing this to "getRawPathInfo" will ensure that the path info is properly read.
Fixes https://github.com/owncloud/core/issues/23199
|
| | |
|
| |\
| |
| | |
Composers PSR-4 autoloader in core
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This introduces the defacto standard PSR-4 autoloader from composer into
core. This will allow proper PSR-4 naming of our classes.
Since our original autoloader is still available we can slowly switch
over classes to PSR-4.
|
| |/ |
|
| | |
|
| |
|
|
| |
Probably nice for the people that contributed to 9.0 to see themselves in the AUTHORS file :)
|
| |
|
|
|
|
| |
If an app is getting enabled in the web UI, an ajax call is now made to
make sure the server still works. If it doesn't, it sends an emergency
app disabling call to disable the breaking app.
|
| |
|
|
| |
Currently the "SERVER_NAME" is passed to the template, which in some cases doesn't match the host returned by "getInsecureServerHost" (or is empty).
|
| |
|
|
| |
the dav app
|
| |
|
| |
Fixes https://github.com/owncloud/core/issues/21873
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
I do not really consider this necessary or a real security addition. Let's get rid of it thus, cleans up the code and makes the logic easier.
|
| |
|
|
| |
The native approach using the PHP calls will not work properly with the cryptowrapper and thus this code is effectively doing nothing at the moment.
|
| | |
|
| |
|
|
| |
There were code paths that nowadays call ISession::login directly thus bypassing the desired regeneration of the session ID. This moves the session regeneration deeper into the session handling and thus ensures that it is always called. Furthermore, I also added the session regeneration to the remember me cookie plus added some test case expectations for this.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
We were still using the lecagy class OC_Config all over the place. Which
was a wrapper around the new class OC\Config
|
| |
|
|
|
| |
Private deprecated function => removed
Replaced all instances with suggested replacement
|
| |
|
|
| |
Fixes https://github.com/owncloud/core/issues/20922
|
| | |
|
| | |
|
| |
|
|
|
| |
* now uses the proper URLGenerator interface
* add comment about DI problems
|
| | |
|
| |
|
|
|
| |
This reduces a lot of the autoloader magic and makes sure that we
generate full paths in the autoloader.
|
| | |
|
| |
|
|
|
|
|
|
| |
PHP will handle session cookies with an empty values as an E_WARNING error. ([php/#68063](https://bugs.php.net/bug.php?id=68063))
ownCloud sets the cookie to an empty value in case the session expires, it however after this starts a new session. Due to potential race conditions this can in unlikely cases lead to the fact that the session never gets restarted and the user is left with an empty cookie. PHP tries then to use the empty cookie which makes the instance not usable.
To work around any race condition we now tell PHP to explicitly delete the value which can be done by using `null` as value, PHP will then send a cookie with the value "deleted". Also theepiration has been set to -1.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
reduce calls of \OCP\Util::needUpgrade()
where \OCP\Util::needUpgrade() is called we can call as well
self::checkUpgrade and use the cached result
In line 877 the call way unnecessary anyway because of the first part of
the if statement
move caching to \OCP\Util::needUpgrade
renaming variable
fixing testNeedUpgradeCore()
cache result of checkUpgrade() in self::$needUpgrade
reduce calls of \OCP\Util::needUpgrade()
where \OCP\Util::needUpgrade() is called we can call as well
self::checkUpgrade and use the cached result
In line 877 the call way unnecessary anyway because of the first part of
the if statement
move caching to \OCP\Util::needUpgrade
renaming variable
fixing testNeedUpgradeCore()
fix typo in variable name
deleting tabs
|
| |\
| |
| | |
[jenkins] do not load unnecessary code in case of webdav
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
changing from "protected static" to "protected"
as suggested by @nickvergessen
https://github.com/owncloud/core/pull/19114#discussion_r39719851
moving initTemplate() into template constr.
reduce to move initTemplate only
cleanup spaces
|
| |\ \
| |/
|/| |
fix issue with version rollback and thumbnails
|
| | |
| |
| |
| |
| |
| |
| |
| | |
add random number using OC.parseQueryString and _.extend()
version rollback: add missing prefix to OC\Preview::post_delete
add test to assure that the rollback hook is called
|
| |/
|
|
| |
that I noticed while looking at some code.
|
| |\
| |
| | |
Remove get_temp_dir()
|
| | | |
|
| |/
|
|
|
|
| |
Given the fact that "/tests" is not shipped by default and this has broken some applications and frustrated quite some people we should add "/tests" to the default allowed autoloading set.
I do consider the security impact marginally since the /tests folder is not shipped within the release as well as usually has a hard requirement on being called by phpunit.
|
| |\
| |
| | |
Configurable temporary directory
|
| | |
| |
| |
| |
| |
| | |
fix for unit test
some fixes
|
| | | |
|
| |\ \
| | |
| | | |
reuse existing $systemConfig variable
|
| | | | |
|
