Commit Graph

58 Commits

Author SHA1 Message Date
Ralf Becker
40c123009e * API fix webserver_url of just a domain eg. http://domain.com gives PHP Warning empty delimiter ... 2011-08-05 08:03:30 +00:00
Andreas Stöckel
49ece38c6c Don't send a location header if we currently handle an ajax response/request - use the corresponding json function instead. Doing this on the server side is neccessary as the location header is one of the few ones which is handled by the browser before any XMLHttpRequest event is fired (according to W3C specification) 2011-06-11 21:27:15 +00:00
Ralf Becker
574911d077 * Setup/API: new option to enforce ssl (without specifying a domain in Webserver-URL) 2011-05-31 13:33:26 +00:00
Ralf Becker
4039fdf415 * give everyone implicit rights for home app, as taking them away makes to many support problems 2011-03-30 07:54:29 +00:00
Andreas Stöckel
0d88ac8799 Reversed most changes made for egw-stylite #8295, commited changes proposed by Ingo Ratsdorf in egroupware.org #2834, probably fixes egroupware.org #2831 2011-02-04 14:28:12 +00:00
Andreas Stöckel
0f0e57f398 Got remote applications in the jdots template finally working as they should - this unfortunately required a lot of 'dirty' hacks, as egroupware had not been designed to do this. So e.g. there had to be a litte bit code added to the login page, which prevented it from redirecting to a page with a full framework rebuild. 2011-01-20 14:11:47 +00:00
Ralf Becker
a66cb42789 fixed not always working redirect after login: we have to use only path component, to cope with domains like http://egroupware.domain.com and /egroupware 2010-11-12 09:13:54 +00:00
Ralf Becker
65bd2f4e24 allow template to NOT support certain browser types / user agents 2010-10-28 16:24:58 +00:00
Ralf Becker
dce834b93b present a login page, if anon user has no right for an application, makes more sense then throwing an exception 2010-09-17 09:11:44 +00:00
Ralf Becker
e977610a4b Integrated (used) javascript methods:
- js->validate_file()
- js->set_on(Load|Unload|Resize)
into egw_framwork and made them static
(egw::__get('js') returns now the framework so all old code should
continue to work)
2010-06-09 15:30:53 +00:00
Ralf Becker
b5ade8635a do NOT redirect, but set top.location, as this works in framed template too 2010-06-07 06:54:07 +00:00
Ralf Becker
bec64ee336 allow specify value for template specific link handler and using a javascript link, instead a a-tag 2010-06-02 17:11:48 +00:00
Ralf Becker
472a420231 allow to package templates like applicatons in an own directory, cleand up index.php a bit 2010-06-02 09:20:55 +00:00
Ralf Becker
b9f98321f5 allow template to overwrite link and redirect_link methods 2010-06-01 21:38:00 +00:00
Ralf Becker
8ce9813e4d "only add \"your session could not be verified\", if a sessionid is given (cookie or on url)" 2010-05-11 16:19:26 +00:00
Ralf Becker
930f1052d5 supporting digest auth (see RFC 2617), which is more secure then basic auth on http (no cleartext password), it currently requires cleartext passwords in the database, to calculate the A1 hash! 2010-05-05 09:19:37 +00:00
Ralf Becker
7f3651e3f2 Do NOT store "System/Localtime" as server_timezone, as it is no valid timezone 2010-03-15 07:51:38 +00:00
Ralf Becker
0e405049b3 A few improvments with hooks:
- register_all_hooks deletes now hooks of no longer existing apps
- hooks get instanciated directly with egw object, to cache the hooks
  read from the DB (and not read it again on each request)
- hooks get now stored by location, so no need anymore too loop for each
  hooks::process() call to all apps to find applying hooks
- hooks::process($location,$order,$no_permission_check) no longer
  defaults automatically puts current app in $order, if $order is not
  given, without $order hooks are executed in application order!
2010-01-21 23:31:28 +00:00
Ralf Becker
6aa95316ba using a static var as cache, which is a reference to the session:
a) automatic shared between all instances of accounts class
b) no need to have a shutdown function storing it to the session
--> cleaner code
2009-12-07 17:56:31 +00:00
Ralf Becker
104e2464d5 moved one-time storage of server timezone and restore of it from egw_time to egw class, as in 1.6.003 now 2009-12-03 08:10:48 +00:00
Ralf Becker
bf6d7835ad setting server timezone as early as possible, to avoid warnings it's not set 2009-11-30 14:40:27 +00:00
Ralf Becker
4181ddaecf "throw assertion failed exception (with trace), if redirect fails because output already started" 2009-11-17 14:56:57 +00:00
Ralf Becker
610b629325 first step for real timezones in EGroupware 2009-10-06 06:45:28 +00:00
Ralf Becker
3ec3c205ee created a rpm post script to automatic install or update EGroupware:
- cleaned up exceptions in cli code (no need to log, as it goes direct to the user)
- regarding small rpm redirect header (< 200 bytes) as no header
- fixed wrong detected vars for cli install (eg. webserver_url)
- fixed egw_cache to not stall if system_charset is not yet in db
2009-05-30 20:15:31 +00:00
Ralf Becker
a1c7c87195 "- removed unneeded stripslashes while reading the configuration, as it \"eats\" the backslashed of windows pathes (eg. messes up the default cache path)
- replaced depricated fetchSingle() with fetchColumn()"
2009-04-28 19:32:29 +00:00
Ralf Becker
bf036043b2 - making all methods of translation class static
- caching the phrases in new egw_cache on Tree level
--> a good speed improvment on my devel system
- also added a global function
check_load_extension($extension,$throw=false)
2009-04-20 11:59:39 +00:00
Ralf Becker
a40b1c6bfb Reworked the categories class to query all cats from the database once
per session and then operate on that cache.
This deliminates ~25 database queries for each sitemgr page.

Test carefully before applying this to a production sytem!
2008-12-17 20:05:19 +00:00
Ralf Becker
ff16b360f0 "using exceptins (instead of depricated egw_db::hold_on_error attribute) to deal with not set up eGW" 2008-10-25 05:43:59 +00:00
Nathan Gray
01e04e6fc3 Make sure redirect gets sent, in case something fails in the shutdown 2008-10-24 18:39:30 +00:00
Klaus Leithoff
deb6edda9b behave more gracious if database tables are not existing, or outdated. Otherwise we chrashed completely with a invalid SQL Statement (Table
does not exist), without further info/adwise for the user/admin.
2008-10-23 08:31:51 +00:00
Ralf Becker
94da0682cd re-added session encryption:
- it now also encrypts the egw object and egw_info array, stored in the session
- it no longer encrypts every egw_session::appsession() call, but the
  whole array at once when the egw_session object gets destroyed
- mcrypt algo and mode are currently hardcoded to tripledes and ecb, as
  we dont have the database connection, when they are needed. You can
  add it as egw_info[server][mcrypt_{algo|mode}] in the header.inc.php
- fixed a bug, which let the session grow around 400k(!) each request
- if mcrypt or the selected algo/mode is not availible the session
  encryption is switched off automatic, but an error is logged
2008-10-08 18:38:30 +00:00
Ralf Becker
9d2016ebf6 - php5 static and protected for egw_framework
- new feature allowing apps to specify with index-page and icon to use
--> allows to install sitemgr-link icon without an extra application
(which was a symlink and got lost in every version upgrade)
2008-08-18 09:00:19 +00:00
Ralf Becker
907e24d227 Refractured session handling in eGW:
- DONT UPDATE ON A PROCUDTION SYSTEM (for the next few days)!
- eGW support from now on only php session handling
- custom session handlers (like the memcache one) can now be
  implemented as classes and dont need to change any other code
- the class get's autoloaded and the name need to be configured 
  eg. in the header.inc.php as $egw_info[server][session_handler]
- session restore is now enabled by default (it's way faster and
  works well with php5.1+)
- a db-bases session handler follows soon
2008-08-07 21:12:44 +00:00
Ralf Becker
b5c28fba48 1. NTLM Single Sign ON
NTLM SSO removes Windows users on a PC, which is a member of a Windows
domain and who are logged into that domain, from the need to explicitly log
into eGW.  They simply point IE to the eGW URL (eg. http://domain.com/egroupware/)
and start working. They can of cause explicitly log out and log in as an
other user.
For more information look at the README at
http://www.egroupware.org/viewvc/trunk/phpgwapi/ntml/README

2. different authentication for SyncML and/or GroupDAV
You can now use eg. an external auth provider for the login via the
WebGUI (eg. ADS) and the passwords stored in SQL for SyncML.
2008-07-16 09:29:13 +00:00
Ralf Becker
a5b58e57e8 "allow to use link, redirect, redirect_link, invalidate_session_cache static" 2008-04-20 19:31:51 +00:00
Ralf Becker
3d909d4776 fixed fatal error "Exception thrown without a stack frame in Unknown on line 0", if DB does not exist when calling the regular eGW url 2008-04-01 10:33:54 +00:00
Ralf Becker
ea3ae107d1 added minimal egw object (egw_minimal), which is shared between egw and setup 2008-03-22 09:29:29 +00:00
Ralf Becker
a02a89fbdb "stoped permanent error_log of loaded classes" 2008-03-21 21:02:00 +00:00
Ralf Becker
3bf9ad5efa dynamically autoloading sub-object of egw-object, moved __wakeup methods to concerned classes and other "modernsations" ;-) 2008-03-21 20:11:59 +00:00
Lars Kneschke
09f1287d6c using the singleton passtern to get a instance of the accounts class and call the setAccountId function to set the accountId 2008-02-08 11:20:50 +00:00
Ralf Becker
2a4eff2ca3 few slight modifications to better cater for the multi-domain administration 2008-01-09 02:01:08 +00:00
Ralf Becker
b0146349db moved __wakeup code to reconnect to ldap server to the accounts_ldap class own __wakeup method, fixing an error with editing accounts using php4-restore together with accounts in ldap 2007-12-20 19:38:26 +00:00
Ralf Becker
cae8bb40a8 added draft of an exception class for eGW, plus a global exception handler and replaced the fatal errors in the db-class plus the application rights check in the egw object with exceptions, modified the exceptions in admin_cmd* to use egw_excpetion*, instead just Exception 2007-12-06 08:00:41 +00:00
Ralf Becker
a06732a3e2 "- removed =& in the creation of the framework object because of problems with php4, php5 does not matter anyway" 2007-04-15 08:43:39 +00:00
Pim Snel
e464fc3304 - More information why people have no access to app. Users often think they did not log in
- Replace html with error msg in code with savant template
2007-03-29 21:01:11 +00:00
Ralf Becker
ddccca1c55 Removed old phpgw_info based themes, they have been depricated in 1.2 and are only used by some old contrib apps 2006-12-17 11:30:26 +00:00
Ralf Becker
a166bb0f57 reworked and refractured the way template sets work in eGW:
- virtual baseclass egw_framework in the API which each template extends
- replaces $api/footer.inc.php, $tpl/head.inc.php & $tpl/navbar.inc.php
- all existing phplib template sets just inherit the idots_framework, but can have own templates
- moved most html from navbar.inc.php into the navbar.tpl
--> idots & jerryr are reworked and working, all other template sets are disabled at the moment
--> The rework was done to add a selectbox to add all sorts of entries without the need to change to the app first. This is now implemented in the egw_framework class using the link-registry.
2006-12-10 23:44:18 +00:00
Ralf Becker
c8996cb302 autocreate_session_callback can now return (beside false or true&account-data) also a session-id (by calling session::create($account) itself). That allows to handle wrong account-data yourself and NOT get redirected to login.php 2006-04-06 18:32:22 +00:00
Ralf Becker
16e9475d0b fixed double navbar on access denied (eg. calling a app by url without run-rights for that app) 2005-11-27 23:11:25 +00:00
Ralf Becker
0f7354b09b check for the old table too, to not scare updating users ;-) 2005-11-05 13:15:33 +00:00