Commit Graph

3387 Commits

Author SHA1 Message Date
Ralf Becker
1eb956fdf5 "- do not send session data for clients doing no sessions to memcached
- use 10min session lifetime for GroupDAV as for anonymous sessions"
2008-11-25 19:36:02 +00:00
Ralf Becker
6f442ea296 "check if we really need to convert the charset, as it's not perfect and can do some damage" 2008-11-23 13:08:06 +00:00
Ralf Becker
0123dc5d89 "dont log failed login attempts for the anon user, as it is a simple dos to sitemgr" 2008-11-22 08:14:59 +00:00
Ralf Becker
92c5157b90 add grant host to db creation 2008-11-18 19:58:11 +00:00
Ralf Becker
8dcc91a390 typos and missing file 2008-11-16 15:36:37 +00:00
Ralf Becker
1baa158195 Big SyncML patch from Philip Herbert <pherbert(at)knauber.de>:
- change the processing of slowsync, to use the content_map instead of
  trying to build a new one. This caused duplication issues on the
  client if multiple similar records where stored, because only the first
  one found in the server-db was matched, These duplicate entries at client
  side had no entry at serverside, so deleting the wrong one
  on the client (the content with a valid map entry) could cause
  unwanted data loss at server side, because it is impossible for the
  user to see what is a duplicate, and what is not.

see also: 
http://www.nabble.com/again---syncml-duplication-issue-to20333619s3741.html

- reenabled UID from syncml clients, because it was partly used this caused
  issues during SlowSync if the content was changed. 

- infolog, calendar if a uid is found in the provided data, allway try to
  find the corresponding content first   using only the UID, instead of
  using the content-id taken from content_map.

also fixed:

- a few fixes in ./notes
- creating an entry on the client that can not be imported,
  (Example, Nokia E Series Appointment without a Title)
  will no longer create an invalid content-map entry
  However, at client side this is still counted in the Protocol as
  Server-Add
2008-11-16 10:42:29 +00:00
Ralf Becker
fde8fc7b27 CAS (Central Authentication Service) login for eGroupware 2008-11-15 10:54:39 +00:00
Ralf Becker
04502ddc97 "fixed displayname property to contain just the basename of the file/dir, as davfs displays this (funny names if there's a full path) as pointed out by Hans Jürgen on the devel list" 2008-11-15 07:46:59 +00:00
Ralf Becker
ee623e72d3 "made some permanent error_logs configurable" 2008-11-15 07:40:25 +00:00
Ralf Becker
505fe07669 "function to analyse memory usage in the session" 2008-11-13 16:57:16 +00:00
Ralf Becker
59aa84f761 "switch logging to 2 (only errors) again" 2008-11-13 06:35:18 +00:00
Ralf Becker
f0a4de499b "fix for boolean options" 2008-11-12 18:40:10 +00:00
Ralf Becker
a658d7c8ed Store config_user&_passwd of domain as hash, to be able to use them
inside eGW (without having them in cleartext available)
2008-11-09 16:15:42 +00:00
Ralf Becker
9d9bd270a2 "- fix for bug #1817: file in a searchable directory was always readable
- changed chgrp and chmod, to allow admins to modify files/dirs owned by root"
2008-11-09 16:10:36 +00:00
Ralf Becker
43f860ba8f Reworked GroupDAV and iCal/vCard handler to set 'GroupDAV' as product
manufacturer and the recogniced GroupDAV client as product name.
This way we are able to handle different GroupDAV clients, as we
allready do with different SyncML clients.
Also removed the no longer needed code enabling the use of the real UID, 
as SyncML does no longer misuse the UID for it's GUID.
2008-11-03 09:36:20 +00:00
Ralf Becker
71edd1c938 Big patch from Philip Herbert (Knauber) modifying the SyncML code to no
longer use GUIDs containing eGW's install_id, as the information is
irrellevant for SyncML and cause doublications of entries if the
install_id changes.
I plan to have a new rc4 Wednesday or Thursday containing these changes.
2008-11-03 07:44:02 +00:00
Ralf Becker
9f3d5f4b4c "longtext need to be handled like text" 2008-11-02 09:46:42 +00:00
Ralf Becker
9689e1b822 "fix fatal error in SyncML, reported by Philip Herbert from Knauber" 2008-10-30 06:51:14 +00:00
Ralf Becker
e3efd9ce22 "removed unneccesary cloning of the db object by
- adding the application ('syncml')
- replacing next_record()/f() with fetch()/fetchSingle() or looping over the result object
Thanks to Philip Herbert from Knauber for testing it"
2008-10-29 07:41:02 +00:00
Ralf Becker
ba5d176520 "fix for bug #1796: Various config values not stored
now only unset or empty strings are not stored, but 0 is"
2008-10-27 15:11:15 +00:00
Ralf Becker
814eb013f1 Allow HTTP basic auth user to contain a domain to switch instances, as
it's done in the webgui login (for WebDAV or GroupDAV)
2008-10-26 12:18:57 +00:00
Ralf Becker
fa73ad5339 Improved exception handling:
- exceptions get now always logged to the error_log
- in the webgui it's now configurable, if the message contains a
  stacktrace (incl. function arguments) - default no (security)
- command line interfaces get detected and contain no html anymore
- webdav and groupdav send the exceptions as basic auth realms to the
  client
- webdav and groupdav login failures contain the reason as part of the
  basic auth realm
2008-10-26 12:13:01 +00:00
Ralf Becker
6764a6ec24 "removed html tag from exception message, as they should work independent of the web gui" 2008-10-26 11:05:30 +00:00
Ralf Becker
59b4f49e58 fixed errors in creating the home dirs of standard groups in sqlfs during setup 2008-10-26 07:37:37 +00:00
Ralf Becker
4694b6e917 "prevent fatal error if only egw_minimal is instanciated in $GLOBALS[egw], eg. setup" 2008-10-26 07:34:21 +00:00
Ralf Becker
5cf8a56f02 "fixed problem with title cache causing:
- infolog to display wrong contacts in the list
- double reads of contacts"
2008-10-25 09:06:11 +00:00
Ralf Becker
ff16b360f0 "using exceptins (instead of depricated egw_db::hold_on_error attribute) to deal with not set up eGW" 2008-10-25 05:43:59 +00:00
Ralf Becker
9ba17c163c "documentations update on how to use exceptions instead of depricated hald_on_error attribute" 2008-10-25 05:36:25 +00:00
Nathan Gray
01e04e6fc3 Make sure redirect gets sent, in case something fails in the shutdown 2008-10-24 18:39:30 +00:00
Klaus Leithoff
deb6edda9b behave more gracious if database tables are not existing, or outdated. Otherwise we chrashed completely with a invalid SQL Statement (Table
does not exist), without further info/adwise for the user/admin.
2008-10-23 08:31:51 +00:00
Klaus Leithoff
859e1206e4 preparation to use senderinformation specified with the smtpusername if set (appended to the username in the orm of:
smtpusername;mailadress@thatisownedbysmtpusername.com)
2008-10-21 11:57:52 +00:00
Ralf Becker
e54f9ee079 Fixed encoding problems in WebDAV and vfs:
- egw_vfs::download_url as not encoding + or ' ' in pathes
- HTTP_WebDAV_Server was urldecoding $_SERVER[PATH_INFO], which is
  wrong, as it is NOT encoded
- HTTP_WebDAV_Server was NOT urlencoding the pathes in PROPFIND
  responses, causing eg. cadaver not to be able to use dirs containing
  + or space
2008-10-21 11:57:26 +00:00
Ralf Becker
375c328453 Fixed bug pointed out by lluis <lluis.faja-at-gmail.com>:
sqlfs stores files with fs_id < 100 directly under /sqlfs in the files
dir. They conflict with directories created for fs_id >= 1000.
--> fs_id < 100 are now in a directory /sqlfs/00
You need to run the 1.5.016 update or you will not find the content of
files with fs_id < 100 anymore!
2008-10-21 07:08:12 +00:00
Ralf Becker
44c3c3f75a "removed permanent error_log() in set_cache" 2008-10-20 14:52:01 +00:00
Ralf Becker
c635c11f32 "fixed not working file upload after my commit from sunday: vfs & stream-wrapper use posix rights, egw_link::file_access uses EGW_ACL_{EDIT|READ}!" 2008-10-20 14:51:19 +00:00
Ralf Becker
25b3c3a1f8 Improved cache handling in egw_link class, to cope with excessive multiple
reads of entries from the database: Applications can call

egw_link::set_cache($app,$id,$title,$file_access=null)

from their search or read method, to eliminate the need to query the
entries again, when the egw_link class, link widget or links stream wrapper
needs title or file_access values later.
This offloads the caching to the link class, and improves performance a
lot, specially for infolog.
The cache is stored in the session and modified or deleted items get
removed, when the link class get notified about that anyway.
2008-10-19 11:28:21 +00:00
Ralf Becker
abc26d61ee "fixed error introduced with postgres fix from this morning, sorry ;-)
"
2008-10-15 10:02:30 +00:00
Ralf Becker
303699d341 "fix for postgres problem reported by peter goerzen
"
2008-10-15 06:00:38 +00:00
Ralf Becker
2e66d3b093 "use a default for the host in resolve_url, as we otherwise get an invalid url (scheme:///path/to/something)!
"
2008-10-14 14:57:35 +00:00
Ralf Becker
60b85adcbc "reworked _get_css debug message:
- was given if no css function as defined (correct use)
- explain a bit more what's wrong"
2008-10-13 18:23:02 +00:00
Ralf Becker
868c532beb "link registry parameter with an extra options to egw_vfs::find, to eg. remove some files from the list of attachments" 2008-10-10 17:02:43 +00:00
Ralf Becker
9b4e06c998 "fixed stream open mode 'rb' was treated as a write mode: now 'b'=binary is ignored, as all operations are binary" 2008-10-10 17:00:03 +00:00
Ralf Becker
5322acf455 "fixed type causing sitemgr reloads to fail: PHP Fatal error: The script tried to execute a method or access a property of an incomplete object." 2008-10-10 13:11:37 +00:00
Klaus Leithoff
900ee97db1 adding error_log info about _get_css -> deprecated functionality related to the setting of the GLOBALS Array on CreateObject in
phpgwapi/inc/common_functions.inc.php which is no longer supported.
2008-10-10 09:19:21 +00:00
Ralf Becker
71063707a4 "found and fixed the real cause, appsession got called after session was commited (and therefore encrypted), these calles get now silently ignored" 2008-10-09 12:24:41 +00:00
Ralf Becker
8edc407e4d "quitent error_log from commit_session" 2008-10-09 12:12:48 +00:00
Ralf Becker
d9c93f845d "hopefully last fix for session encryption:
- flag in session if it is encrypted to prevent calling the encryption more then once, which stalls the session-content
- egw_session::session_comit() method calls now encrypt() too, as it closes the session, before the destructor is called
- hack to fix PHP Fatal error: Cannot use string offset as an array, which happens sometime in felamimail under php5.2
- some more docu"
2008-10-09 11:55:09 +00:00
Ralf Becker
d7f5835422 "fixed problem with lost password in session, when using session encryption" 2008-10-09 09:54:24 +00:00
Ralf Becker
2349c28fa8 phpgw --> egw 2008-10-08 18:40:01 +00:00
Ralf Becker
94da0682cd re-added session encryption:
- it now also encrypts the egw object and egw_info array, stored in the session
- it no longer encrypts every egw_session::appsession() call, but the
  whole array at once when the egw_session object gets destroyed
- mcrypt algo and mode are currently hardcoded to tripledes and ecb, as
  we dont have the database connection, when they are needed. You can
  add it as egw_info[server][mcrypt_{algo|mode}] in the header.inc.php
- fixed a bug, which let the session grow around 400k(!) each request
- if mcrypt or the selected algo/mode is not availible the session
  encryption is switched off automatic, but an error is logged
2008-10-08 18:38:30 +00:00