register cookies in $_REQUEST any more by default (there's now a php.ini
variable 'request_order' to controll that, but we want to work with a
default configuraltion):
- session restore was not working, as only $_REQUEST[sessionid] was
checked
- multi domain installs not working, as domain cookie was not checked
- encrypted session were not working, because kp3 cookie was not checked
--> there's now a static method egw_session::get_request($name), which
checks $_REQUEST[$name], $_COOKIE[$name] and for that Safari bug also
$_COOKIE[ucfirst($name)]
by the server)
--> overcome problem reported by krupka(at)depag.de on the german list:
password get's lost if contact get saved, because it had to remove the
account first to add the addressbook object classes
Timesheet-Einträge mit Uhrzeit 0:00, die in der Winterzeit gemacht wurden,
werden in einem Union-Query, der in der Sommerzeit stattfindet, dem falschen
Tag zugeordnet. Vermutlich stimmt dies nur für den PostgreSQL query und ist
Dir deshalb bisher nicht aufgefallen.
Der Patch:
Ändert den PostgreSQL-spezifischen Teil des queries so um, dass er
Zeitzoneninformationen berücksichtigt."
as it fixes several bugs reported on the user list:
- renaming to a name which differs only in case deletes file/directory
- same is true eg. for German umlauts or French accents"
limit on the number of cascaded folders in Filemanager
--> MySQL 5.0 has a nesting limit for subqueries
--> working around that by limiting the nesting level to 10"
trailing slashes added to all collections caused a rename to an empty filename
--> all training slashes get now removed prior to calling any backend functions"
using octal numbers with mysql leads to funny results:
select 384 & 0400 --> 384 not 256=0400
--> converted 0400, 040 and 04 to 256, 32 and 4 for mysql"
using a session for basic auth (not session aware) clients for WebDAV
and GroupDAV. The "sessionid" get's constructed from the basic auth
credentials and is not random (as the clients dont store them).
--> speeds up the use of *DAV
--> stops *DAV handlers to created numerious sessions
- fgetcsv only works correct, if setlocal is called with an existing and
correct local
- improved projectmanager method guess_local and moved it to
common::setlocal, which takes now the charset, lang and country of the
user into account
- csv-import also displays now the conversation done and reads usernames
in brackets
- added some missing fields
- all: false (default) =3D ignore files starting with a dot '.',
true =3D show all files (. and .. are always ignored!)
- exec: false (default) =3D do NOT allow to upload or modify scripts, =
true =3D allow it (if docroot is mounted, this allows to run scripts!)
--> deny_script method was added to egw_vfs and calls to it from
filemanager
Other fixes:
- missing write rights of the webserver were not removed from perms
(causing warnings to be displayed in the ui)
- rename was not working due to typos
--> should be backported for obvious reasons to 1.6
--> now you can find the error in the error_log and dont get only a blank page
(also optimized it so far, that we first try to autoload the class and use the diverse \"magic\" only if that fails)"
- change the processing of slowsync, to use the content_map instead of
trying to build a new one. This caused duplication issues on the
client if multiple similar records where stored, because only the first
one found in the server-db was matched, These duplicate entries at client
side had no entry at serverside, so deleting the wrong one
on the client (the content with a valid map entry) could cause
unwanted data loss at server side, because it is impossible for the
user to see what is a duplicate, and what is not.
see also:
http://www.nabble.com/again---syncml-duplication-issue-to20333619s3741.html
- reenabled UID from syncml clients, because it was partly used this caused
issues during SlowSync if the content was changed.
- infolog, calendar if a uid is found in the provided data, allway try to
find the corresponding content first using only the UID, instead of
using the content-id taken from content_map.
also fixed:
- a few fixes in ./notes
- creating an entry on the client that can not be imported,
(Example, Nokia E Series Appointment without a Title)
will no longer create an invalid content-map entry
However, at client side this is still counted in the Protocol as
Server-Add
manufacturer and the recogniced GroupDAV client as product name.
This way we are able to handle different GroupDAV clients, as we
allready do with different SyncML clients.
Also removed the no longer needed code enabling the use of the real UID,
as SyncML does no longer misuse the UID for it's GUID.
longer use GUIDs containing eGW's install_id, as the information is
irrellevant for SyncML and cause doublications of entries if the
install_id changes.
I plan to have a new rc4 Wednesday or Thursday containing these changes.
- adding the application ('syncml')
- replacing next_record()/f() with fetch()/fetchSingle() or looping over the result object
Thanks to Philip Herbert from Knauber for testing it"
- exceptions get now always logged to the error_log
- in the webgui it's now configurable, if the message contains a
stacktrace (incl. function arguments) - default no (security)
- command line interfaces get detected and contain no html anymore
- webdav and groupdav send the exceptions as basic auth realms to the
client
- webdav and groupdav login failures contain the reason as part of the
basic auth realm
- egw_vfs::download_url as not encoding + or ' ' in pathes
- HTTP_WebDAV_Server was urldecoding $_SERVER[PATH_INFO], which is
wrong, as it is NOT encoded
- HTTP_WebDAV_Server was NOT urlencoding the pathes in PROPFIND
responses, causing eg. cadaver not to be able to use dirs containing
+ or space
sqlfs stores files with fs_id < 100 directly under /sqlfs in the files
dir. They conflict with directories created for fs_id >= 1000.
--> fs_id < 100 are now in a directory /sqlfs/00
You need to run the 1.5.016 update or you will not find the content of
files with fs_id < 100 anymore!
reads of entries from the database: Applications can call
egw_link::set_cache($app,$id,$title,$file_access=null)
from their search or read method, to eliminate the need to query the
entries again, when the egw_link class, link widget or links stream wrapper
needs title or file_access values later.
This offloads the caching to the link class, and improves performance a
lot, specially for infolog.
The cache is stored in the session and modified or deleted items get
removed, when the link class get notified about that anyway.
- flag in session if it is encrypted to prevent calling the encryption more then once, which stalls the session-content
- egw_session::session_comit() method calls now encrypt() too, as it closes the session, before the destructor is called
- hack to fix PHP Fatal error: Cannot use string offset as an array, which happens sometime in felamimail under php5.2
- some more docu"