Commit Graph

4911 Commits

Author SHA1 Message Date
Ralf Becker
e94502515d * Admin/Preferences: changepassword hook was called twice
fixed by calling in now from API and not on every location in application code changing a password
2013-10-25 19:24:01 +00:00
Klaus Leithoff
892f90205a work around ckeditor problem with default (kama) skin, by falling through to moonocolor 2013-10-24 14:42:40 +00:00
Ralf Becker
c8f1e75165 PSR-0 autoloading eg. for PEAR or Horde classes 2013-10-22 08:25:55 +00:00
Klaus Leithoff
210a145747 support additional moonocolor skin 2013-10-21 11:33:39 +00:00
Ralf Becker
d63cf889b4 silenced permanent error_log and fixed a typo 2013-10-18 14:31:46 +00:00
Klaus Leithoff
6e0448cb62 fix broken scayt and spellcheckerbuttons in config for ckeditor 2013-10-17 15:09:56 +00:00
Ralf Becker
6e76361736 open all sidebox admin link in admin vi admin.admin_ui.index loader 2013-10-15 16:53:43 +00:00
Ralf Becker
319a503c90 fixed broken install under PostgreSQL caused by PHP Fatal error: Call to a member function fetch() on a non-object 2013-10-15 11:42:28 +00:00
Ralf Becker
b0219a682f reverted accidently commited phpgwapi changes 2013-10-15 09:36:23 +00:00
Ralf Becker
0ca55a1103 * SiteMgr: fixed not working anonymous user and using now a random password 2013-10-15 09:25:49 +00:00
Ralf Becker
38504680b7 setting CSP attributes needed by CKeditor now automatic when egw_ckeditor_config::get_ckeditor_config(_array) get called 2013-10-14 10:42:36 +00:00
Nathan Gray
bab4adf6d9 Update toolbar definitions to match new format 2013-10-10 11:55:29 +00:00
Klaus Leithoff
cce86e346e silence permanent error log 2013-10-10 09:25:04 +00:00
Klaus Leithoff
77d28bad75 allow to set config via json_encoded string for purify wrapper 2013-10-10 09:23:55 +00:00
Ralf Becker
0bb8093426 fixed translations on client-side: server sends now currentapp and langRequire to client, which uses that to translate phrases, langRequire is only stored in egw object for matching app-name and window! 2013-10-07 17:00:03 +00:00
Ralf Becker
ffc506561a * API: fixed not working session encryption, by switch back to previous MCrypt algorithm and mode 2013-10-07 07:22:50 +00:00
Ralf Becker
43e1bfcc12 switching on Content-Security-Policy: script-src 'self' 'unsafe-eval' for all templates, old non-et2 apps can call egw_framework::csp_script_src_attrs('unsafe-inline') to enable inline scripts in their scope, et2 does it for CK editor which does not support CSP currently and old etemplate does it for all apps using it 2013-10-05 13:33:28 +00:00
Ralf Becker
f8a0db06fc completly remove preferences menu from sidebox and tiled preferences index in favoir of app-sensitive entries in top-menu 2013-10-03 09:23:18 +00:00
Ralf Becker
6f162f144e add context sensitive link to ACL/grant access to top-menu, same is to be happen for cats and preferences itself and preferences in sidebox will be removed 2013-10-02 16:29:08 +00:00
Ralf Becker
7cf6500f92 docu update 2013-10-02 10:33:44 +00:00
Ralf Becker
53880e2063 to mitigate html download with CSP: no blacklisting just IE, only whitelist tested browsers and versions 2013-10-01 09:50:23 +00:00
Ralf Becker
bc9c486e03 some small fixes to get through a view more tests for managed attachments 2013-09-25 12:37:42 +00:00
Ralf Becker
d4c2ed3f65 stop CalDAVTester from creating one log per test-step 2013-09-25 07:46:02 +00:00
Ralf Becker
ba73deee9f fixed typo in ATTACH property "FMTTYP(E)" and added xml error bodys for wrong managed-id parameter (more to follow) 2013-09-25 07:11:27 +00:00
Ralf Becker
86649cd1e1 full implementation of draft-murchison-webdav-prefer-05, incl. return=representation for 412 conflicts 2013-09-25 07:09:44 +00:00
Ralf Becker
0601d40bd3 fix Prefer header to use return=(minimal|representation) instead of older draft dash, enable add-member property, and add Location header to action=attachment-add 2013-09-24 12:29:17 +00:00
Klaus Leithoff
45326fa484 on async job write, make sure that possible next attribute in data is in sync with job[next] 2013-09-24 10:22:03 +00:00
Ralf Becker
edd4cc49ca basic managed attachment support, tested with iCal from OS X mountain lion 2013-09-23 13:39:28 +00:00
Ralf Becker
1752f7defd basic managed attachment support, tested with iCal from OS X mountain lion 2013-09-23 10:21:31 +00:00
Klaus Leithoff
5e425398fa change convertHTMLToText behavior, regarding the replacing of CRLF or LF to single space; now removing them completely, when text to be processed is regarded to be html 2013-09-18 12:14:59 +00:00
Ralf Becker
b8341e48a1 mitigate risk of html downloads by using Content-Security-Policy header or Content-Disposition: attachment for IE 2013-09-12 18:49:07 +00:00
Ralf Becker
9523ba79c2 removed not used assignment 2013-09-12 08:31:10 +00:00
Ralf Becker
855c04cb2c use secure and httponly cookies by default, secure cookies can be switched off in Admin >> site configuration, if required for sitemgr 2013-09-11 13:06:00 +00:00
Ralf Becker
eb06a2adee setup uses now sessions too and password-hashes in header.inc.php use most secure hashing type 2013-09-11 11:35:20 +00:00
Ralf Becker
1590d02816 new egw_framework::message($msg, $msg_type="success") method and fixing nextmatch filter-change to return app-header 2013-09-05 11:53:25 +00:00
Ralf Becker
aaf0a7491d silence warning be defining the constants 2013-09-02 13:40:40 +00:00
Klaus Leithoff
d5c2a03f51 revert changes introduced with r43681, as issue is fixed in bo_tracking and handling of GLOBALS[info][user][account_id] 2013-09-02 11:34:38 +00:00
Ralf Becker
3d20422177 not creating references to ['egw_info']['user'], as bo_tracking and other async service stuff has problems to change between different user enviroments 2013-09-02 10:43:16 +00:00
Klaus Leithoff
7744905ba8 try to resolve a use-session-stored-data related problem; make sure account_id and prefs are restored after send_notification 2013-08-30 12:57:51 +00:00
Klaus Leithoff
f5e00e4bad add (and use) preg replace callback for mailto link to text transformation 2013-08-29 10:39:08 +00:00
Ralf Becker
a9a8e65ece new parameter to be able to use get_user_applications() in admin and class-constants for ACL-rights, can be used instead EGW_ACL_* defines 2013-08-28 13:27:53 +00:00
Ralf Becker
aa8a848871 optional parameter for egw_framework::window_close() to specify an alert message, which get shown/alerted, before closing the window 2013-08-26 10:24:11 +00:00
Ralf Becker
46f81649eb also fix calls to deprecated ajaxResponse class to use egw_json_response singleton, should be fixed in code for current apps 2013-08-25 15:14:19 +00:00
Ralf Becker
38798b872d Force use of singleton: $response = egw_json_response::get(); not using it causes response being wrapped in an other response 2013-08-25 12:42:55 +00:00
Ralf Becker
b2ba685edd remove inline javascript from idots and jerryr templates 2013-08-21 20:22:53 +00:00
Ralf Becker
73aa652c41 missing egw.js from last commit and egw_framework::window_focus() method 2013-08-20 13:25:36 +00:00
Ralf Becker
1c4f65120c new egw_framework methods refresh_opener and window_close to call egw_refresh on opener or close popup window in a content security save way 2013-08-20 12:06:41 +00:00
Ralf Becker
ec6d873941 let PHP Warnings look exactly like original ones, but with a backtrace 2013-08-15 10:15:13 +00:00
Ralf Becker
c806da58ce give a trace for PHP (User) Warnings 2013-08-14 08:09:51 +00:00
Klaus Leithoff
27149b237f play around with catching the smtp error of smtp class, as it is the one that has the info about the error 2013-08-07 09:20:16 +00:00