31688 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Hadi Nategh	6e101adfc7	Disable delete action in context menu based on user rights not based on being anonymous	2017-11-07 13:10:12 +01:00
Ralf Becker	928d98aefb	never invalidate session in sharing, as we cant regenerate it (and we dont need to)	2017-11-07 13:04:29 +01:00
Ralf Becker	4a569952fe	Changelog for 16.1.20171106	2017-11-06 15:15:29 +00:00
Ralf Becker	fe783719cb	deny sharing owner rights (chmod, chgrp, set eACL) and disable eACL tab	2017-11-06 15:30:36 +01:00
Ralf Becker	5454d89dfc	remove /usr/bin from open_basedir, as it is no longer necessary	2017-11-05 09:37:04 +01:00
Ralf Becker	d90aea1cb2	remove system call used for PHP < 5.3.1	2017-11-05 09:26:56 +01:00
Ralf Becker	a660bf6d8e	change packager	2017-11-05 09:22:25 +01:00
Ralf Becker	80c42dbd7e	pending translations from our translation server	2017-11-04 09:54:52 +01:00
Ralf Becker	22ba35ed0b	* Filemanager/Sharing: deny rename, move and mkdir on readonly shares	2017-11-04 08:48:51 +01:00
Hadi Nategh	54e5a78817	Override the globalEval to mitigate potential execution of script tag	2017-11-04 08:42:57 +01:00
nathangray	3ae7fc77b6	Calendar - fix some bugs in readonly mode: ... - missing participant widget would fail - read-only end date would cause error	2017-11-03 14:41:48 -06:00
nathangray	3eb609f619	Etemplate - Make sure to not return an empty string, it will fail when queried	2017-11-03 14:41:41 -06:00
nathangray	4651d638d3	Disable mkdir action if no edit permission	2017-11-03 09:58:57 -06:00
nathangray	7339aac6bd	Disable copy / paste for readonly shares	2017-11-03 09:24:54 -06:00
nathangray	7baaf538e5	Less restrictions on anonymous user, use permissions instead	2017-11-03 09:24:01 -06:00
nathangray	c392ad6685	Restrict anonymous user, fix noEdit class not set on all rows	2017-11-03 09:23:57 -06:00
Ralf Becker	dce80837da	store CalDAV/CardDAV log in user spezific log directories	2017-10-30 15:02:04 +01:00
Ralf Becker	e2df5b5aa1	check cookies for XSS attempts	2017-10-27 16:58:30 +02:00
Ralf Becker	78f1206304	add token to deny access	2017-10-27 16:55:50 +02:00
Ralf Becker	8df69af387	do not allow path traversal and htmlencode displayed path	2017-10-27 16:55:24 +02:00
Ralf Becker	cc0ae860bd	always send X-Content-Type-Options: nosniff ... It does not harm and stops unpredictable results from browsers changing our content-types (FF 50+ now also supports nosniff)	2017-10-27 16:54:51 +02:00
nathangray	7d8eb16212	Addressbook - better handling of missing contact type when importing. ... If it's missing and there's only the normal type, it'll quietly use that.	2017-10-25 18:27:11 +02:00
nathangray	a067d8ed37	Timestamp widget fixes: ... - Remove new line before timestamp - Fix focus not going to where it should	2017-10-23 15:33:00 +02:00
nathangray	8e92ac387b	Resources - change category admin to just user accounts, no groups	2017-10-13 09:52:32 -06:00
Nathan Gray	efe11c5f85	Merge pull request #21 from ballessay/fix-csv-import-spaces ... Trim components of multiselect fields	2017-10-13 08:49:12 -06:00
nathangray	a00a8c18ab	Calendar - fix missing history log entry when changing status via context menu	2017-10-11 15:19:51 -06:00
Ralf Becker	4b5176204c	show a default preference of 0 (was hidden before, but used!)	2017-10-10 18:50:21 +02:00
nathangray	e6fac03320	Etemplate - Ignore all hidden nodes when re-calculating size, fixes nm resizing issue with other hidden nodes after it	2017-10-10 09:46:41 -06:00
Hadi Nategh	bb3a54e6a9	Add timestamper js file into minifying	2017-10-10 13:01:56 +02:00
Ralf Becker	c479ce03bf	quiten permanent error_log when updating alarms	2017-10-09 17:00:19 +02:00
Ralf Becker	129f56df5d	tel: links use no URL encoding according to rfc3966 section-5.1.4	2017-10-09 11:43:40 +02:00
Hadi Nategh	8dff1a154e	Rmove fields for none private cutomfields when name refers to a single custom field	2017-10-09 09:39:34 +02:00
nathangray	8eca71d461	Calendar - fix a few more missed ajax=true that were causing problems loading	2017-10-05 11:22:11 -06:00
nathangray	02a93ddd30	Fix bug preventing etemplates in iframes from being unloaded	2017-10-05 11:19:20 -06:00
nathangray	d9bc278efd	* Calendar - fix bug where private events for multiple users in week view only showed for one user	2017-10-05 10:29:42 -06:00
nathangray	6ce1fd8142	Calendar - avoid errors from holidays if no country set	2017-10-04 09:27:46 -06:00
Hadi Nategh	77cd21c46b	Check and ask for the notification permission if nothing yet set	2017-10-04 15:57:46 +02:00
Hadi Nategh	77c1d67240	Add a method to egw.notification to check API availability	2017-10-04 15:57:22 +02:00
Hadi Nategh	d054aa90f5	Implement browser notification API for notifications	2017-10-04 15:54:31 +02:00
Ralf Becker	fd1d118d66	use already translated phrase "weekview"	2017-10-04 09:17:56 +02:00
nathangray	7e0086a54e	Addressbook - make sure import target addressbook is valid, if not use personal addressbook.	2017-10-03 08:44:59 -06:00
nathangray	165dec8334	* Import/Export - Automatically remove import conditions from definition if there is no field selected	2017-10-03 08:44:50 -06:00
Hadi Nategh	db562cbd7e	Check if the given options are type of array or object before proceeding of translation. Fix bug "cannot assign to read only property '0' of string" in tracker site configuration.	2017-10-02 16:19:02 +02:00
Hadi Nategh	22a9eac389	* Mail: Fix bug all fields in compose dialog always stay opened (happens in FF ESR)	2017-09-28 18:49:08 +02:00
nathangray	0468887d6a	Fix timestamp button for CKEditor	2017-09-28 10:42:28 -06:00
nathangray	01438f60eb	Add timestamp button widget, use it in infolog	2017-09-28 10:42:04 -06:00
nathangray	7ccc730fa9	Addressbook - Merging contacts now keeps all distribution lists, and it works now	2017-09-28 10:40:24 -06:00
nathangray	37f45855a9	* Addressbook - Merging contacts now keeps all distribution lists	2017-09-28 10:40:16 -06:00
nathangray	5774524360	Calendar - make sure notification links open properly (missing an ajax=true)	2017-09-28 10:39:28 -06:00
nathangray	d590ad1fc1	Admin - Add a group list	2017-09-27 10:21:25 -06:00