Ralf Becker
c81884e622
for PHP 7.0+ prefer new 2. unserialize parameter ["allowed_classes"=>false] for our php_safe_unserialize over our regular expression solution giving some false positives
2016-03-27 08:41:04 +00:00
Ralf Becker
3453021a6d
allow api as app like home for everyone, and implement calling of namespaced class-names from EGroupware namespace in index.php and json.php
2016-03-19 15:24:36 +00:00
Ralf Becker
1ab66dd811
move exceptions to new api structure, thought to catch an exception by its deprecated name, new exceptions have to extend deprecated ones
2016-02-28 13:43:06 +00:00
Ralf Becker
b5aeadf265
remove Exception from function signature of egw_exception_handler and _egw_log_exception, as php 7 throws Error not inherited from Exception, but Throwable does not exist in php < 7.0
2016-02-14 17:54:14 +00:00
Ralf Becker
688cc2a76d
fix XSS tests to not fail something starting like a forbidden html tag, eg. "<mathias@stylite.de>"
2015-12-14 09:29:52 +00:00
Ralf Becker
da4ffc2a0c
* Mail/Wiki/Sitemgr: reworked XSS tests to allow eg. font-names containing "script" and other patterns forbidden by previous test, also added new html5 specific tests
2015-10-16 19:01:56 +00:00
Ralf Becker
1971186597
special handling for $_POST[json_data] in _check_script_tag, to decend into its decoded content, fixing json direct might break json syntax
2015-10-12 13:26:34 +00:00
Ralf Becker
8577b7e1fe
fix "PHP Notice: Use of undefined constant EGW_SERVER_ROOT", caused eg. by calendar/gradient.php
2015-02-03 13:17:32 +00:00
Ralf Becker
3f0d279704
move autoloader on top of file, as it is no longer a function (__autoload) and therefore it need to be executed before all other code to be available, eg. for html::purify() in _check_script_tag()
2015-01-27 08:55:11 +00:00
Ralf Becker
70b603ac77
moving VFS API classes into a namespaced PSR4 autoloadable structure:
...
- PSR4 autoloader exists beside our old autloader to support old as well as new structure until everything is ported over
- moved ported API stuff from phpgwapi to new api directory (idea is phpgwapi become a compatibility layer for old code, while we only port selected stuff to new api directory)
- namespaces use prefix "EGroupware", then (first letter capitalised) app-name or "Api", sub-system names like "Vfs" or for apps "Ui", "Bo, "So" and at least class name starting with a capital letter and without understores eg. "StreamWrapper" plus just ".php"
- examples:
+ egw_vfs in phpgwapi/inc/class.egw_vfs.inc.php --> EGroupware\Api\Vfs in api/src/Vfs.php
+ sqlfs_stream_wrapper in phpgwapi/inc/class.sqlfs_stream_wrapper.inc.php --> EGroupware\Api\Vfs\Sqlfs\StreamWrapper in api/src/Vfs/Sqlfs/StreamWrapper.php
+ sqlfs_utils in phpgwapi/inc/class.sqlfs_utils.inc.php --> EGroupware\Api\Vfs\Sqlfs\Utils in api/src/Vfs/Sqlfs/Utils.php
- api directory is no a new svn module but exists (like home) as sub-directory under base egroupware module
2015-01-26 09:15:07 +00:00
Ralf Becker
3c4cb54f34
* Setup: allow to use Composer ( https://getcomposer.org/ ) to manager requirements (instead of PEAR)
2015-01-18 12:05:09 +00:00
Ralf Becker
13af54802f
* Mail: fix for Horde_Imap_Client-2.26.0 requiring Horde_Mail-2.5.1 requring Horde_Idna-1.0.1 which stalls our autoloader by calling spl_autoload_register
2015-01-09 10:46:38 +00:00
Ralf Becker
e7f4bb0848
move defining of (deprecated) SEP constant to common functions, as there are cases where it gets used before defined
2014-12-13 09:53:18 +00:00
Nathan Gray
da610b8e9a
Support autoload of classes for applications with underscore in their name
2014-12-02 22:31:07 +00:00
Ralf Becker
3e559d2fda
replacing PHPMailer with Horde_Mime_Mail and Horde_Mail_Transport_Smtphorde to overcome memory limit when sending mails
2014-11-24 23:38:37 +00:00
Ralf Becker
e2d6d75607
fix async jobs with scalar data (strings, int) got quoted over and over again
2014-10-17 13:51:28 +00:00
Ralf Becker
424b4c451c
fix redirects in a popup and new egw_exception_redirect to be used in hooks/callbacks like for addressbook.edit to redirect to a different location
2014-10-15 14:55:08 +00:00
Klaus Leithoff
dc472cdb11
handle problems in email display and processing for further use after commit rev48461
2014-09-05 12:20:49 +00:00
Ralf Becker
be405e847c
allow all php serialized values, to fix integer timestamps in async table
2014-07-22 11:11:28 +00:00
Ralf Becker
f11f9937ac
make detection of serialized values more robust, to allow string like eg. "a:hello"
2014-07-13 09:38:55 +00:00
Klaus Leithoff
772ebe6a41
improve (failsafe for non matching vartype personal (array instead of expected string)) imap_rfc822_write_address own fallback function
2014-07-11 11:34:11 +00:00
Ralf Becker
cced2ceffc
* API: storing category extra data now json-encoded
2014-06-27 08:21:01 +00:00
Ralf Becker
d6a5c93e01
new php_safe_unserialize function refusing to unserialize objects and using it for config, preferences and DB-backups
2014-06-26 17:38:29 +00:00
Ralf Becker
c3b7018916
logging for exceptions now also request-method and user-agent
2014-05-16 09:09:38 +00:00
Ralf Becker
f2030c4746
added an implementation of imap_mime_header_decode() using Horde_Mime::decode() with which mail app now seems to work without PHP imap extension
2014-04-19 09:22:59 +00:00
Ralf Becker
54dc648b18
an implementation of imap_rfc822_parse_adrlist and imap_rfc822_write_address, to obsolete imap extension
2014-04-18 12:51:17 +00:00
Ralf Becker
6b7b6fac58
returning false and logging error in ExecMethod, not returning an error-message
2014-04-17 15:07:02 +00:00
Ralf Becker
28a819926c
fixed fatal error class Horde_String not found when trying to save a new compose with attached vCard as draft
...
caused be previous include include of phpgwapi/inc/horde/Horde/String.php via use of vCard and old Horde code uses just String instead of Horde_String as class-name
2014-04-01 10:37:36 +00:00
Klaus Leithoff
f495345550
add some more examples for imap_rfc822_parse_adrlist
2014-03-28 09:48:09 +00:00
Klaus Leithoff
5547753502
first step for a workaround when there is no imap extension available; ToDo: implement imap_rfc822_parse_adrlist (used quite often)
2014-03-27 14:03:06 +00:00
Ralf Becker
1f0dd46118
as we use now etemplate_new for eTemplate2 and etemplate for old eTemplate class, there is no need to switch etemplate class between new and old
2014-03-23 08:41:31 +00:00
Ralf Becker
899c04abb5
using correct bit not just any overload setting
2014-02-07 14:02:48 +00:00
Ralf Becker
327123a588
preparing to use egroupware with mbstring.func_overload=0 by using mb_(strlen|substr) where necessary and providing an implementation for mb_*, if mbstring is not available
2014-02-03 19:57:50 +00:00
Klaus Leithoff
50279607a6
only try replacement loading of classes, if there is a replacement available; if defaultimap, load emailadmin_oldimap
2013-12-05 09:23:58 +00:00
Ralf Becker
c8f1e75165
PSR-0 autoloading eg. for PEAR or Horde classes
2013-10-22 08:25:55 +00:00
Ralf Becker
b0219a682f
reverted accidently commited phpgwapi changes
2013-10-15 09:36:23 +00:00
Ralf Becker
0ca55a1103
* SiteMgr: fixed not working anonymous user and using now a random password
2013-10-15 09:25:49 +00:00
Ralf Becker
ec6d873941
let PHP Warnings look exactly like original ones, but with a backtrace
2013-08-15 10:15:13 +00:00
Ralf Becker
c806da58ce
give a trace for PHP (User) Warnings
2013-08-14 08:09:51 +00:00
Ralf Becker
118657ddee
using etemplate_new::ajax_proecess_content to allow to have etemplate still extend etemplate_old, making etemplate_new autoloadable
2013-08-06 18:24:30 +00:00
Ralf Becker
c44be3ee6d
handle not available AD or LDAP connection with an exception, caught and just displayed within setup, so one can change ip or credentials
2013-06-23 09:58:08 +00:00
Ralf Becker
a29b69edae
using HTTP status 500 for exceptions, to ease detection of errors with externals tools
2013-03-29 09:44:03 +00:00
Ralf Becker
93710e09e1
* Setup/API: improved diagnostics about db connection problem and not installed EGroupware
...
- removed deprecated egw_db->Halt_On_Error handling in favor of just exceptions
- added a couple of exceptions extending egw_exception_db to be able to detect different problem areas
- fixed setup to use / catch exceptions
- new egw_exception_db_setup displays link to setup below exception message, to cope with no longer allowed html in exception messages
2013-03-05 10:50:43 +00:00
Ralf Becker
59e60c523b
error-handler to throw recoverable errors (eg. catchable fatal error from type hinting) as ErrorException
2013-02-25 14:36:44 +00:00
Ralf Becker
b747f99fc6
removed menuaction check completly, as only missuse was setting currentapp from it, which get now checked
...
improved _check_script_tag and added a lot of tests, thought not all tests really apply here, so low count of ~50% are not as bad
2012-03-27 08:29:52 +00:00
Ralf Becker
a6fe9b04bc
fix to get menuaction proxys (eg. used when creating a link) working again
2012-03-26 11:12:41 +00:00
Ralf Becker
a4727231c5
allow dash in app-name like in "sitemgr-site"
2012-03-26 08:05:11 +00:00
Ralf Becker
650da27fac
Upps, forgot argument
2012-03-26 07:23:52 +00:00
Ralf Becker
ef9734c402
propper encoding of exception messages, checking of $_GET[menuaction] and $GLOBALS[egw_info][flags][currentapp]
2012-03-26 07:18:00 +00:00
Ralf Becker
15d318847d
change max class-name lenght in __autoload to 64, as there are classes with more then 40 chars: projectmanager_wizard_export_elements_csv
2011-11-16 18:46:13 +00:00