nathangray
7163acfe1d
* Add action to share filemanager folder (readonly) with hidden upload folder
2020-03-24 20:34:04 -06:00
nathangray
6aec7858cc
* Api: If addressbook event column is disabled, disable next / last dates in edit dialog as well.
2020-03-24 09:42:10 -06:00
Hadi Nategh
3330bb6747
Use svg icon version for sidebox bullet points
2020-03-23 14:13:44 +01:00
Ralf Becker
e9c3533c93
avoid misconfiguration of user "anonymous" NOT flaged as such
2020-03-21 11:43:54 +01:00
nathangray
7631eb83aa
Fix some account changes were not saved
2020-03-20 10:31:46 -06:00
nathangray
a7593b2f83
Add some comment so we know what's going on
2020-03-19 10:41:45 -06:00
nathangray
4078154237
Remove permanent error_log
2020-03-09 15:29:51 -06:00
nathangray
173b695cf2
Api: Sharing listens to Vfs hooks to stay up-to-date with deleted or renamed files
2020-03-06 14:48:26 -07:00
Ralf Becker
4fe466f4f9
deals with some rows share_path have "vfs://default" prefix, some are just path
2020-03-06 15:08:34 +01:00
Ralf Becker
4c987e7dd8
fix all shares (not files) got deletes, if one was expired
2020-03-06 14:33:50 +01:00
nathangray
9b2e6b5012
Api: Fix Sharing missing temp file cleanup
2020-03-05 15:03:34 -07:00
nathangray
1fcd502d57
Api: Fix sharing lost session ID causing logout
2020-03-05 14:08:57 -07:00
nathangray
0df0777484
Revert "Api: Fix sharing lost session ID causing logout"
...
This reverts commit 07561bf01d
.
2020-03-05 14:07:24 -07:00
nathangray
07561bf01d
Api: Fix sharing lost session ID causing logout
2020-03-05 13:58:09 -07:00
Ralf Becker
7283d33a93
fold Apache error.log and ignored PHP syntax errors, plus remove some warnings
2020-03-05 11:53:26 +01:00
Ralf Becker
5154bc2f70
fix warnings, if headers are already sent, eg. in phpUnit/Travis
2020-03-05 10:23:29 +01:00
Ralf Becker
b448f9a021
adding phpUnit 8.x as dev-requirement and try staring Apache in Travis for CalDAV tests
2020-03-04 22:43:09 +01:00
Ralf Becker
e360932bdf
fix warning in tests
2020-03-04 22:31:30 +01:00
Ralf Becker
df263c22a3
some fixes for warnings during phpUnit about session+translation
2020-03-04 20:28:30 +01:00
Ralf Becker
c85f1f3d05
some fixes for warnings during phpUnit about caching
2020-03-04 20:27:10 +01:00
Ralf Becker
19a7894269
some pending changes
2020-03-04 20:19:08 +01:00
Ralf Becker
44d9fcc790
Revert "* CalDAV/OutlookSynchronizer: reject invitations when client deletes then without appropriate rights in his calendar"
...
This reverts commit 4c6e41d479
.
2020-03-04 19:16:50 +01:00
Ralf Becker
cbb1391c37
Revert "revert using files cache for cli change in order to fix failing install in Travis"
...
This reverts commit 1367463e6b
.
2020-03-04 19:15:43 +01:00
Ralf Becker
1367463e6b
revert using files cache for cli change in order to fix failing install in Travis
2020-03-04 19:08:42 +01:00
Ralf Becker
4c6e41d479
* CalDAV/OutlookSynchronizer: reject invitations when client deletes then without appropriate rights in his calendar
2020-03-04 16:58:38 +01:00
Ralf Becker
deb482aca3
suppress warning if session already active (trace logs the password)
2020-02-26 13:51:58 +01:00
Ralf Becker
4a14e0d36b
ignore exception, as it blocks session creation, if database is not writable
2020-02-19 15:39:29 +01:00
Hadi Nategh
12c2984acf
Fix default login logo url
2020-02-19 12:14:26 +01:00
Ralf Becker
42e62cb3eb
fix one error with sharing-links having passwords (no HTML tags in Headers!)
2020-02-14 13:43:50 +01:00
Ralf Becker
90c55e013d
try "PLAIN" first, in case IMAP wrongly reports some digest, it does not (correctly) implement
2020-02-05 10:58:34 +01:00
Ralf Becker
9cc0eaccd4
try "PLAIN" first, in case IMAP wrongly reports some digest, it does not (correctly) implement
2020-02-05 10:51:38 +01:00
Ralf Becker
abd6f7d669
allow to specify the root for lang-files
2020-02-01 17:50:56 +01:00
Hadi Nategh
faca76f6a9
Do not run restrict validation check for type taglist-account if free entries are allowed
2020-01-31 16:13:45 +01:00
Ralf Becker
1559b017d7
validate IP address in X-Forwarded-For header
2020-01-30 13:21:56 +01:00
Ralf Becker
39be6e0b89
* Sharing: temporary disable cleaning of deleted files, causing all shares to get deleted
2020-01-29 16:30:22 +01:00
Ralf Becker
b65b21fe9c
allow images and media in mail via http: and https:, but remove object tags (already forbiden via CSP)
2020-01-29 14:40:30 +01:00
Ralf Becker
cc8258cb3c
use random_bytes(32) which throws for not enought entropy
2020-01-29 11:12:21 +01:00
Ralf Becker
d95894d530
use etemplate-exec-id as CSRF token for ajax requests
2020-01-29 11:08:44 +01:00
nathangray
2045c08e54
* Api: Fix SQL error from doubled table name in group statement
...
"Unknown column 'egw_tracker.egw_tracker.tr_id' in 'group statement'"
2020-01-28 14:05:44 -07:00
Ralf Becker
ec31d93af2
do NOT load categories.php?app=phpgw for login page
...
It gives an error as no user is logged in, which is served as text/html, which then gives an error in browser, as it conflicts with X-Content-Type-Options: nosniff
2020-01-28 18:56:54 +01:00
Ralf Becker
57ab6f667c
adding CSP frame-ancestors 'self' policy to mitigate clickjacking
2020-01-28 18:19:40 +01:00
Ralf Becker
2ea9549dcf
stricter CSP policy for mail body
2020-01-28 17:45:36 +01:00
Ralf Becker
d8289ef29d
stricter CSP policy
2020-01-28 17:14:51 +01:00
Ralf Becker
e9c4d3f07e
complete push implementation for timesheet incl. ACL check
2020-01-24 13:31:56 +01:00
Ralf Becker
2bae92f066
ALL and SESSION constants for push
2020-01-23 16:05:32 +01:00
Ralf Becker
6e0936bd98
first take on pushing app-changes to all clients
2020-01-23 11:26:44 +01:00
nathangray
c88bf3c4a0
Fix typo
2020-01-15 08:14:04 -07:00
Ralf Becker
f7c653832f
add an iterator for objects with a get_rows method
2020-01-13 14:41:46 +01:00
Ralf Becker
257fa50a1f
fix PHP Warning: Use of undefined constant EGW_ACL_READ - assumed 'EGW_ACL_READ'
2020-01-09 14:41:07 +01:00
Ralf Becker
7b30bb7b0d
* Admin: optional session-action column in access-log and sessions
...
also no longer update access-log in session-class destructor, as it fails with skipping permanent logging for WebDAV and others
2019-12-14 13:09:22 +02:00