Commit Graph

44 Commits

Author SHA1 Message Date
ralf
0386a463ec fix returning unsanitized user-input 2023-06-16 09:38:32 +02:00
ralf
15a4ff3c99 do NOT show absolute path of error, but the one relative to our root 2023-03-08 14:27:00 +01:00
ralf
9dd62ad9a0 always add exception code to the logged exception 2023-02-19 08:40:55 +01:00
ralf
bbf9d62c5a fixing unhandled "MySQL server has gone away" in PHP 8.1 2023-02-18 09:01:22 +01:00
ralf
352e05d8e8 catch exception in _try_lang to NOT generate a Fatal error by throwing another exception in the handler 2022-10-25 14:31:28 +02:00
Ralf Becker
69782e833e fix PHP 8.0 error forwarding mail as attachment (calling count on null) 2021-10-14 09:39:01 +02:00
Ralf Becker
fe5a0b8567 fix PHP 8.0 error when converting an InfoLog into a ticket
Cannot access offset of type string on string
Also add line and file to our non-json exception handler, for easier identifying the problems
2021-10-14 08:05:22 +02:00
Ralf Becker
59794cc3a4 output line and file of exception as trace not always contain it 2021-10-09 08:43:32 +02:00
Ralf Becker
a04cbc0ab4 an other chunk of PHP 8.0 Warnings fixed 2021-10-08 15:43:48 +02:00
Ralf Becker
1747a2236a fixing a ton of PHP Warnings slowing us down in PHP 8.0 2021-10-04 18:50:51 +02:00
Ralf Becker
547f28fe3d report and log enabling push (and other IMAP errors)
don't switch regular reload handling off in that case
2021-05-25 17:47:25 +02:00
Ralf Becker
7135243d06 nicer implementation of CreateObject and some small fixes 2021-04-02 10:47:52 +02:00
Ralf Becker
fed41622c2 fixing all sorts of PHP 8 errors and PHPStorm errors 2021-03-31 17:50:01 +02:00
Ralf Becker
79040d1524 disable warnings under PHP 8 for now, as the hide fatal errors and log errors in xet files 2021-03-31 11:30:34 +02:00
Ralf Becker
868135775c PHP 8 fixes 2021-03-29 16:47:19 +02:00
Ralf Becker
ffc048d472 fix PHP 8.0 Fatal error unknown function get_magic_quotes_gpc 2021-03-21 18:27:09 +01:00
Ralf Becker
b448f9a021 adding phpUnit 8.x as dev-requirement and try staring Apache in Travis for CalDAV tests 2020-03-04 22:43:09 +01:00
Ralf Becker
7cd4169768 * all apps: fixing serveral cases of wrong Url when proxying and terminating TLS on the proxy 2019-11-15 13:54:34 +01:00
nathangray
c0757e5e58 Api - fix typo preventing translation of exception headlines 2019-09-09 14:22:15 -06:00
Ralf Becker
2be5537276 fix case to EGroupware 2019-07-04 11:59:38 +02:00
Ralf Becker
92c22ff529 fix PHP Warning: Use of undefined constant REQUEST_URI 2019-01-08 09:51:43 +01:00
Ralf Becker
b3079c3df6 to long http header cause Nginx to reject the response with 502
upstream sent too big header while reading response header from upstream
2018-12-06 10:56:22 +01:00
Ralf Becker
719b2ff834 also log if _check_script_tag was able to disarm XSS automatic 2017-11-07 12:23:11 +01:00
Ralf Becker
12dbfca137 check cookies for XSS attempts 2017-10-27 16:52:34 +02:00
nathangray
b8f8a014fa Move all tests under api/src into api/tests 2017-10-23 10:14:14 +02:00
nathangray
24de1dff3b Move PHPUnit tests from test to tests subdirectory 2017-10-23 09:51:28 +02:00
nathangray
cd49f6568d Replace the lost boolean cast 2017-10-17 16:48:35 +02:00
nathangray
6fad74c710 Fix test had no assertions 2017-10-17 13:29:17 +02:00
Ralf Becker
191d6aec45 support PHPunit 6.0+ and older 5.7 for PHP 5.6 2017-08-18 11:45:10 +02:00
Ralf Becker
bb5a845600 our error_handler did not allow to supporess just warnings
eg. by using: error_reporting(error_reporting()&~E_WARNING);
2017-03-13 16:41:12 +01:00
Hadi Nategh
3209484d31 Cover more events on XSS regexp and avoid confusion between legitimate words with beginning of "on" and on[Events] 2017-03-06 19:12:56 +01:00
nathangray
bbdd1e77c9 Skip failing false positive for PHP < 7 2017-02-08 12:32:07 -07:00
nathangray
342230ef08 Fix typo in function name 2017-02-08 12:32:07 -07:00
nathangray
d83a929254 Get tests to not fail if DB is missing - we skip the ones that need a DB 2017-02-07 16:02:06 -07:00
nathangray
eeecc2eecd Add PHPUnit tests for security, based on Ralf's previous command line tests 2017-02-07 12:28:35 -07:00
Ralf Becker
7ce511cfc1 fix json_php_unserialize to return false for not serialized content, as unserialize does and in contray to json_decode which returns null in that case
--> fixes SiteMgr no longer shows html blocks containing unserialized content
2017-01-31 11:16:51 +01:00
Ralf Becker
16689ebc27 fix use of old egw class in favor of new Api\Egw 2016-11-02 09:38:37 +01:00
Ralf Becker
1088278b37 no need to call accounts class, if we have no id 2016-08-24 19:43:37 +02:00
Ralf Becker
7455cae476 * API/ProjectManager: fixed some errors caused by no longer sharing instanciated objects not designed to be shared 2016-07-12 11:37:05 +02:00
Ralf Becker
eed6b18e3d * Mail/Api: replace decrecated Mcrypt PHP extension with OpenSSL, use AES128 with pbkdf2 streching of passwords
only new passwords get currently stored via AES, old onces are not yet automatic converted
2016-06-19 14:49:50 +02:00
Ralf Becker
bca20a9534 silence "Declaration of $class::$method should be compatible with $parent::$method" warning 2016-06-09 09:24:33 +02:00
Ralf Becker
834cc466f5 to allow installing api or EGroupware without phpgwapi, old exceptions which we have to extend in order allow old apps to catch exceptions thrown from new api, have to reside in api/inc and get autoloaded 2016-05-02 16:57:50 +00:00
Ralf Becker
cea5c69b7f move CreateObject and ExecMethod into new api 2016-05-02 14:41:48 +00:00
Ralf Becker
8315cbfee0 move egw and applications class to api including (common_)functions.inc.php 2016-04-26 14:38:08 +00:00