summaryrefslogtreecommitdiffstats
path: root/lib/private/legacy
Commit message (Collapse)AuthorAgeFilesLines
* [stable22] Remove iconv from dependencies and testsMichaIng2022-01-071-1/+0
| | | | | | which is not used anymore since: https://github.com/nextcloud/server/pull/29470 Signed-off-by: MichaIng <micha@dietpi.com>
* Avoid assignment in if clauseCôme Chilliet2021-12-141-8/+12
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix typing problems in OC_ImageCôme Chilliet2021-12-141-2/+10
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Avoid calling image* methods on booleanCôme Chilliet2021-12-141-14/+27
| | | | | | | This avoids fatal errors on PHP>=8, and warnings on older versions. Log should also be clearer. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix imagecreatetruecolor() errorszaimen2021-11-191-0/+4
| | | | Signed-off-by: szaimen <szaimen@e.mail.de>
* OC_Util::isNonUTF8Locale: fix lint errorNaoto Kobayashi2021-11-171-5/+5
| | | | Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
* OC_Util::isSetLocaleWorking: fix typoNaoto Kobayashi2021-11-171-1/+1
| | | | Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
* OC_Util: Add fallbacks to check if current locale is UTF8Naoto Kobayashi2021-11-171-2/+17
| | | | | | | | | Using escapeshellcmd to get current locale causes error if the function is disabled. Add fallbacks to prevent the error. Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
* Check whether setlocale works only after setlocaleNaoto Kobayashi2021-11-171-4/+5
| | | | Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
* Fix missing setlocale with php 8Naoto Kobayashi2021-11-171-2/+2
| | | | | | | | | When php version = 8, basename('§') does not bug even if LC_ALL is non-UTF-8 locale. This cause OC_Util::isSetLocaleWorking() to skip setlocale("C.UTF-8"). Fix it by using escapeshellcmd instead of basename. Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
* Fix resource usages in OC_ImageCôme Chilliet2021-11-021-17/+17
| | | | | | This makes sure using resource or GdImage (PHP>=8) behaves the same. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Merge pull request #29182 from nextcloud/backport/29028/stable21John Molakvoæ2021-10-191-3/+13
|\
| * add 'supported'-label to all supported apps, also if they are not downloaded yetBjoern Schiessle2021-10-121-3/+13
| | | | | | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* | Fix translated app detailsJoas Schilling2021-10-131-2/+3
|/ | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Don't further setup disabled users when logging in with apacheJoas Schilling2021-10-111-0/+5
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Fix path of file_get_contentsacsfer2021-10-041-1/+1
|
* Fix #20913: Check image resource before attempting to preserve alphaSimon Spannagel2021-08-181-6/+14
| | | | Signed-off-by: Simon Spannagel <simonspa@kth.se>
* Merge pull request #27107 from nextcloud/backport/27043/stable21John Molakvoæ2021-07-011-6/+15
|\
| * fix return value of getStorageInfo when 'quota_include_external_storage' is ↵Robin Appelman2021-05-251-6/+15
| | | | | | | | | | | | enabled Signed-off-by: Robin Appelman <robin@icewind.nl>
* | emit UserLoggedInEvent on apache authArthur Schiwon2021-06-011-0/+12
|/ | | | | | - post_login OC_Hook is barely used or listened to Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Don't break OCC if an app is breaking in it's Application classJoas Schilling2021-05-061-1/+9
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Skip template picker if none availableJohn Molakvoæ (skjnldsv)2021-01-281-3/+3
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Add templatedirectory config value to let admins have their custom templates ↵Julius Härtl2021-01-281-5/+7
| | | | | | by default Signed-off-by: Julius Härtl <jus@bitgrid.net>
* files: Create files from template APIJulius Härtl2021-01-281-0/+3
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Add support for webpRoeland Jago Douma2021-01-191-1/+8
| | | | | | | | | Including handling in OC_Image But also a preview provider Of course only works if your php actually supports webp Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Bump doctrine/dbal from 2.12.0 to 3.0.0Christoph Wurst2021-01-084-34/+30
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Replace patchwork/utf8 with symfony-polyfill-*Christoph Wurst2021-01-071-1/+7
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update license headersChristoph Wurst2020-12-302-0/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Merge pull request #22916 from J0WI/unifiy-links-to-php.netRoeland Jago Douma2020-12-222-4/+4
|\ | | | | Unify links to php.net
| * Unify links to php.netJ0WI2020-09-172-4/+4
| | | | | | | | | | | | Update all links to https://www.php.net/ Signed-off-by: J0WI <J0WI@users.noreply.github.com>
* | Update all license headers for Nextcloud 21Christoph Wurst2020-12-1614-15/+13
| | | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Do not include non-required scripts on the upgrade pageJulius Härtl2020-12-151-1/+1
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | Add sanitizers for JSON outputLukas Reschke2020-12-112-0/+3
| | | | | | | | | | | | | | Those functions set proper content-types that prevent rendering of data. Therefore it's safe to mark them as sanitizers. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | Merge pull request #24398 from nextcloud/fix/do-not-update-incompatible-appJoas Schilling2020-12-091-0/+9
|\ \ | | | | | | Do not update incompatible apps
| * | Do not update incompatible appsChristoph Wurst2020-12-041-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously there was no (platform) dependency check for an app that was installed before. So Nextcloud happily upgraded an app that now requires a php version newer than the current one. Which means in the lucky case you see a failing upgrade due to the language incompatibility, or in the unlucky case you see unexpected errors later in production. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | | GD imagesRoeland Jago Douma2020-12-071-2/+15
|/ / | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Fix the download of multiple files from the webUIRoeland Jago Douma2020-12-031-0/+1
| | | | | | | | | | | | needed a setupFS call Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Remove the deprecated update.phpChristoph Wurst2020-11-271-5/+0
| | | | | | | | | | | | | | | | * It was documented as deprecated. * The app code checker warned about it * It's been three years Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Fix typo in @deprecated PHPDoc tagMorris Jobke2020-11-241-2/+2
| | | | | | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* | Merge pull request #24269 from nextcloud/taint-specializeRoeland Jago Douma2020-11-221-0/+2
|\ \ | | | | | | Mark getAppPath as specialized taint
| * | Mark getAppPath as specialized taintLukas Reschke2020-11-211-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Should remove some false positives. https://psalm.dev/docs/security_analysis/avoiding_false_positives/ Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | | Mark cleanAppId as sanitizer for includeLukas Reschke2020-11-211-0/+1
|/ / | | | | | | | | | | Should remove a bunch of false positive code scanning results. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | Add Psalm Taint Flow AnalysisLukas Reschke2020-11-201-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds the Psalm Security Analysis, as described at https://psalm.dev/docs/security_analysis/ It also adds a plugin for adding input into AppFramework. The results can be viewed in the GitHub Security tab at https://github.com/nextcloud/server/security/code-scanning **Q&A:** Q: Why do you not use the shipped Psalm version? A: I do a lot of changes to the Psalm Taint behaviour. Using released versions is not gonna get us the results we want. Q: How do I improve false positives? A: https://psalm.dev/docs/security_analysis/avoiding_false_positives/ Q: How do I add custom sources? A: https://psalm.dev/docs/security_analysis/custom_taint_sources/ Q: We should run this on apps! A: Yes. Q: What will change in Psalm? A: Quite some of the PHP core functions are not yet marked to propagate the taint. This leads to results where the taint flow is lost. That's something that I am currently working on. Q: Why is the plugin MIT licensed? A: Because its the first of its kind (based on GitHub Code Search) and I want other people to copy it if they want to. Security is for all :) Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | Merge pull request #24112 from ↵Christoph Wurst2020-11-161-0/+3
|\ \ | | | | | | | | | | | | nextcloud/bugfix/24099/setup-fs-before-query-storage-in-settings Set up FS before querying storage info in settings
| * | Set up FS before querying storage info in settingsVincent Petry2020-11-131-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The personal info section of the personal settings is querying the storage quota information. For this it requires the FS to be setup which is not always guaranteed. This fixes an issue where refreshing the settings page would cause it to fail after Redis caches are full. It is likely that when Redis cache is populated, some code path is initializing the FS, so it works so far. But when the cache is populated, that code path is skipped so the FS is not guaranteed to be setup... Signed-off-by: Vincent Petry <vincent@nextcloud.com>
* | | Don't throw on SHOW VERSION queryJoas Schilling2020-11-161-1/+2
|/ / | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Merge pull request #23993 from nextcloud/bugfix/noid/close-cursorsMorris Jobke2020-11-102-0/+10
|\ \ | | | | | | Don't leave cursors open
| * | Don't leave cursors open when tests failJoas Schilling2020-11-092-0/+10
| | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | | Show the full trace of an exceptionChristoph Wurst2020-11-101-1/+1
|/ / | | | | | | | | | | | | | | Because often we catch the exception at some point and then the trace is misleading. What's really interesting is the trace of the *previous* exception. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Reduce the getAppPath and autoloader callsRoeland Jago Douma2020-11-071-3/+6
| | | | | | | | | | | | | | | | | | | | | | The getAppPath will always return the same data for the same appId. It is actually already cached. However we do some cleanup of the appId (again). Same for the autoloading it is actually already checked. This just removes the unneeded calls. Which can add up if you have a lot of incomming shares. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-17 01:25:14 +0000