Commit Graph

115 Commits

Author SHA1 Message Date
Ralf Becker
b747f99fc6 removed menuaction check completly, as only missuse was setting currentapp from it, which get now checked
improved _check_script_tag and added a lot of tests, thought not all tests really apply here, so low count of ~50% are not as bad
2012-03-27 08:29:52 +00:00
Ralf Becker
a6fe9b04bc fix to get menuaction proxys (eg. used when creating a link) working again 2012-03-26 11:12:41 +00:00
Ralf Becker
a4727231c5 allow dash in app-name like in "sitemgr-site" 2012-03-26 08:05:11 +00:00
Ralf Becker
650da27fac Upps, forgot argument 2012-03-26 07:23:52 +00:00
Ralf Becker
ef9734c402 propper encoding of exception messages, checking of $_GET[menuaction] and $GLOBALS[egw_info][flags][currentapp] 2012-03-26 07:18:00 +00:00
Ralf Becker
15d318847d change max class-name lenght in __autoload to 64, as there are classes with more then 40 chars: projectmanager_wizard_export_elements_csv 2011-11-16 18:46:13 +00:00
Ralf Becker
988123bb73 fixing warnings generated by php 5.3.8 is_a($obj) trying to autoload huge strings 2011-11-15 12:22:47 +00:00
Ralf Becker
457e79454d * Setup: making SSHA (salted sha1) hashes the default password hash for SQL and LDAP
- fixing not working ssha hashes if mb_string.func_overload > 0 set
2011-05-04 07:52:45 +00:00
Ralf Becker
9d8ee08a50 * exceptions get now logged to Apache error_log again 2010-11-04 11:33:03 +00:00
Andreas Stöckel
0c243b49a3 - Updated JS and PHP egw_json code
- Added array_stripslashes() to common_functions.inc.php
- Added json handler (json.php)
2010-06-01 14:20:55 +00:00
Ralf Becker
901288dde9 "adding line numbers to call-tree" 2010-04-21 15:42:19 +00:00
Ralf Becker
0406f55d97 "adding line numbers to call-tree" 2010-04-21 15:37:14 +00:00
Jörg Lehrke
8165ec94e8 Handle multi-line error messages gracefully 2010-03-15 09:53:25 +00:00
Ralf Becker
5073a8b24e completly reworked admin >> global categories, in preparation for group specific global cats 2010-01-30 23:57:03 +00:00
Ralf Becker
8b2fe41fe0 refractored our exception handler a bit, to allow using part of it from ajax too. Ajax logs now the exception to the error_log and only shows a trace to the user if enabled in the config, like the rest of EGroupware 2010-01-14 23:50:06 +00:00
Ralf Becker
80774a3468 avoid warning in php5.3, if argument is an array 2009-11-30 14:39:38 +00:00
Klaus Leithoff
e3d06b2219 if we encounter potential malicious script, we run it through html::purify. we test that again against potential malicious code, and drop the content only if we fail the test against the cleaned content as well. we set egw_unset_vars at any case with the original content, in case the application in question makes use of it. 2009-11-24 11:28:49 +00:00
Klaus Leithoff
c5453aa3f9 make sure there is a wordboundary after script, while testing for malicious code (as text like < blabla description blabla > triggered the expunge of the text 2009-11-02 11:36:00 +00:00
Ralf Becker
756ecd2b18 "updated function_backtrace to show if class method is called static (::) or not (->)" 2009-10-12 09:44:36 +00:00
Ralf Becker
bcfe710de2 Fixed typo happend --> happened, as reported by David Rankin 2009-08-25 08:31:37 +00:00
Ralf Becker
cdd5103888 fixing a few more PHP5.3 problems, caused by PHP5.3 behavior to NOT
register cookies in $_REQUEST any more by default (there's now a php.ini
variable 'request_order' to controll that, but we want to work with a
default configuraltion):
- session restore was not working, as only $_REQUEST[sessionid] was checked
- multi domain installs not working, as domain cookie was not checked
- encrypted session were not working, because kp3 cookie was not checked
--> there's now a static method egw_session::get_request($name), which
checks $_REQUEST[$name], $_COOKIE[$name] and for that Safari bug also
$_COOKIE[ucfirst($name)]
2009-08-22 19:32:28 +00:00
Ralf Becker
232252475f patch fixing many depricated functions (eg. posix regular expressions) and features, which fill up the error_log under php5.3 (and will no longer be available under php6).
Patch is mostly created by script in egroupware/doc/fix_depricated.php in separate commit.
I do NOT advice to apply this patch to a production system (it's commited to trunk!), as the automatic modified regular expressions have a good change to break something ...
2009-06-08 16:21:14 +00:00
Ralf Becker
3ec3c205ee created a rpm post script to automatic install or update EGroupware:
- cleaned up exceptions in cli code (no need to log, as it goes direct to the user)
- regarding small rpm redirect header (< 200 bytes) as no header
- fixed wrong detected vars for cli install (eg. webserver_url)
- fixed egw_cache to not stall if system_charset is not yet in db
2009-05-30 20:15:31 +00:00
Ralf Becker
6d72b2b297 - fixed in some cases not working setup-cli (domain not detected)
- make update a separat setup-cmd-object
- fixed handling of egw_exception_wrong_userinput, to not include a
  trace (which is unneeded for regular input-validation)
2009-05-25 06:39:38 +00:00
Ralf Becker
9e202e10f6 "fix for bug #2070" 2009-05-06 10:13:43 +00:00
Ralf Becker
7f976bd883 "fix for newly introduced bug reported on the lists:
Fatal error: Class 'notifications' not found in
  /home/domain/public_html/egw/etemplate/inc/class.bo_tracking.inc.php
--> reverts an older commit fixing a problem between the (depracated and no longer working) browser app and the browser class in the API"
2009-04-29 09:50:25 +00:00
Ralf Becker
eec6596e94 "__autoload()
- fix for error_reporting E_ALL
- disabling search over all apps: classes should either conform to new naming schema or use explicit includes"
2009-04-28 16:18:34 +00:00
Ralf Becker
3da8703202 "fix for bug #2049: PHP Extention error since last SVC update..." 2009-04-21 05:20:04 +00:00
Ralf Becker
bf036043b2 - making all methods of translation class static
- caching the phrases in new egw_cache on Tree level
--> a good speed improvment on my devel system
- also added a global function
check_load_extension($extension,$throw=false)
2009-04-20 11:59:39 +00:00
Ralf Becker
a6836fb367 "some more info for error_log on Exceptions: Instance, User & URL causing the exception" 2009-04-03 13:29:47 +00:00
Ralf Becker
923c98f079 "imporved array2string to give a type-specific output (eg. TRUE or FALSE for boolean)" 2009-04-01 09:32:35 +00:00
Ralf Becker
efb3189b49 "fixed CreateObject to not suppress the error, if it cant find a class file or there are eg. syntax errors in it
--> now you can find the error in the error_log and dont get only a blank page
(also optimized it so far, that we first try to autoload the class and use the diverse \"magic\" only if that fails)"
2009-03-13 12:47:53 +00:00
Ralf Becker
fa73ad5339 Improved exception handling:
- exceptions get now always logged to the error_log
- in the webgui it's now configurable, if the message contains a
  stacktrace (incl. function arguments) - default no (security)
- command line interfaces get detected and contain no html anymore
- webdav and groupdav send the exceptions as basic auth realms to the
  client
- webdav and groupdav login failures contain the reason as part of the
  basic auth realm
2008-10-26 12:13:01 +00:00
Ralf Becker
4694b6e917 "prevent fatal error if only egw_minimal is instanciated in $GLOBALS[egw], eg. setup" 2008-10-26 07:34:21 +00:00
Ralf Becker
d60d8376e1 - classnames according to new naming schema
- file_access method
- updated version and dependencies for 1.6
2008-10-07 17:57:50 +00:00
Ralf Becker
9bca7a7689 moved phpgw compatibility stuff into common_functions.inc.php 2008-10-07 15:50:53 +00:00
Ralf Becker
fa1996a0c9 uiinfolog --> infolog_ui 2008-10-07 12:56:18 +00:00
Ralf Becker
c3e40ade99 added an array of replacement names to ease the transition to the new class naming scheme: app_class 2008-10-07 08:51:14 +00:00
Ralf Becker
cebdeab490 "fixed notice in cron call: Undefined index: egw_unset_vars" 2008-09-29 06:55:25 +00:00
Ralf Becker
1fcb14b03c "- test if $GLOBALS[HTTP_(GET|POST)_VARS] is set to prevent warning
- removed php4 clone function, as we require now php5.1+"
2008-08-16 05:58:33 +00:00
Ralf Becker
b40382df80 exception handler for xajax and ability to use static methods as ajax callbacks eg. filemanager_ui::ajax_check_something 2008-07-27 12:48:39 +00:00
Ralf Becker
5477c71045 "silenced autoloaded class ..." 2008-07-15 06:48:59 +00:00
Ralf Becker
9008414fff "- array2string() to format arrays (or objects) as string, eg. for error_log()
- allow apps to specify their own autoload handler, only tried after the standard one does not find the class"
2008-05-17 07:34:16 +00:00
Ralf Becker
3a5b24dfda "fixed bug reported by matsie(at)terra.es: fatal error on ical export in calendar:
was cased by browser/inc/class.browser.inc.php having top priority in autoloading, which was never intended"
2008-05-06 05:57:21 +00:00
Ralf Becker
a3a7503c0f "new static hook methods (class::method) are navitvly supported from php5.2.3+ on, so we need to add some compatibility for our required php5.1
"
2008-04-27 11:55:11 +00:00
Ralf Becker
4ecce4f5ae allow all php callables (eg. "class::method" for static calls) for ExecMethod, ExecMethod2 and as methodstring for hooks 2008-04-25 18:54:06 +00:00
Ralf Becker
40f32b5d74 "function_backtrace:
- dont output first function param for unserialize()
- limit output of function param to 64 chars"
2008-04-18 14:59:59 +00:00
Ralf Becker
7e22bf1347 "New method try_lang(), usefull for exception handlers or early stages of the initialisation of the egw object,
as calling lang would try to load the translations, evtl. cause more errors, eg. because there's no db-connection."
2008-04-01 10:47:50 +00:00
Ralf Becker
3d909d4776 fixed fatal error "Exception thrown without a stack frame in Unknown on line 0", if DB does not exist when calling the regular eGW url 2008-04-01 10:33:54 +00:00
Ralf Becker
3bf9ad5efa dynamically autoloading sub-object of egw-object, moved __wakeup methods to concerned classes and other "modernsations" ;-) 2008-03-21 20:11:59 +00:00