Commit Graph

662 Commits

Author SHA1 Message Date
Ralf Becker
23ac04df8d allow to switch whole database readonly, via setting "db_readonly" => true in header.inc.php 2017-03-09 12:08:00 +01:00
nathangray
78c5f31ff5 * Addressbook - When viewing a user account's calendar or next/previous dates, use the account calendar over the contact calendar 2017-03-08 09:53:52 -07:00
Ralf Becker
1c80a22413 added (commented out) code to enable IMAP log for a single user 2017-03-08 10:33:00 +01:00
nathangray
0f83206907 * All apps - Add special search case for #<int> to only match the ID, not search the whole entry 2017-03-07 12:24:42 -07:00
nathangray
5926c5e7be Allow docm and xlsm merge templates 2017-03-07 12:08:01 -07:00
Hadi Nategh
3209484d31 Cover more events on XSS regexp and avoid confusion between legitimate words with beginning of "on" and on[Events] 2017-03-06 19:12:56 +01:00
Ralf Becker
acfcd24983 fix not updated logout time on new farm 2017-03-01 13:36:42 +01:00
Ralf Becker
832276f969 give quota-limit from SMTP/SQL precedence over (cached) quota from Dovecot 2017-02-28 18:39:55 +01:00
Ralf Becker
c9822e3023 Merge pull request #8 from filkaris/mail_account_bug
If Mail Account has empty password, it's still regarded as imap
2017-02-28 14:04:19 +01:00
A Sigalas
11b2eff8c5 Host always needed, not imap if username & pass missing 2017-02-28 12:55:04 +00:00
A Sigalas
b4e29edaea If Mail Account has empty password, it's still regarded as imap 2017-02-28 12:40:14 +00:00
Ralf Becker
282c0bc90f method to disable a hook for the current request 2017-02-28 13:27:48 +01:00
Ralf Becker
80cb358d88 fix use of old accounts_sql class, only existing if old phpgwapi is installed 2017-02-28 10:14:38 +01:00
Ralf Becker
38b0dd0dd0 fix PHP Deprecated: Non-static method EGroupware\Api\Vfs\Sqlfs\StreamWrapper::url_stat() should not be called statically 2017-02-27 20:39:46 +01:00
Ralf Becker
d6590cbf64 fix PHP Fatal, if debug is enabled 2017-02-27 17:31:08 +01:00
nathangray
6dd3f4838f Keep any notification errors 2017-02-27 08:10:48 -07:00
Hadi Nategh
738a1acd0e Revert Htmlawed option comment back into value 1 2017-02-27 13:33:24 +01:00
Ralf Becker
f55d36cc50 improve waterfall by releasing session 2017-02-25 15:18:21 +01:00
Hadi Nategh
8f24e0dfec * Mail: fix memory exhaustion caused by e-mails with long string set on DATE field 2017-02-23 15:44:23 +01:00
nathangray
4d0419f5b4 Allow <p> tag to enable HTML parsing as well as <br> and <span>, fixes using p for line breaks and no other formatting resulted in unparsed HTML when merging. 2017-02-17 08:56:37 -07:00
Hadi Nategh
eed277fc9e WIP of modern login page:
- Do not break account's recovery link into second line
2017-02-10 16:33:29 +01:00
Hadi Nategh
1d69265b9c WIP of modern login page:
- Fix logo size
- Implement customizable background image
- Set different logo for login
2017-02-10 15:55:30 +01:00
Hadi Nategh
508d0aa920 Try to match placeholder NENVLF with its described example 2017-02-10 10:41:43 +01:00
Hadi Nategh
83a6595d26 Handle NELF placeholder for mimetype text/html 2017-02-09 15:03:09 +01:00
nathangray
bbdd1e77c9 Skip failing false positive for PHP < 7 2017-02-08 12:32:07 -07:00
nathangray
342230ef08 Fix typo in function name 2017-02-08 12:32:07 -07:00
nathangray
d83a929254 Get tests to not fail if DB is missing - we skip the ones that need a DB 2017-02-07 16:02:06 -07:00
nathangray
eeecc2eecd Add PHPUnit tests for security, based on Ralf's previous command line tests 2017-02-07 12:28:35 -07:00
nathangray
888c9028cb Define idx_data outside of the loop, since it's used later
(Thanks Scrutinizer)
2017-02-07 09:42:10 -07:00
nathangray
1338add5fb Add PHPUnit tests for Schema, based on Ralf's previous command line tests 2017-02-07 09:19:30 -07:00
nathangray
16f649322f Add some sanity checks on egw session / GLOBALS before we start testing, makes it easier to figure out where things went wrong. 2017-02-07 09:19:30 -07:00
nathangray
b2ec0e9aa6 Move IncludeMgr tests into their own test class,
originals left there since they look useful.
2017-02-07 09:19:30 -07:00
nathangray
e0c7ddd0cb Make stored usertime protected instead of private 2017-02-06 13:27:30 -07:00
nathangray
4d6ba96115 Move commented-out DateTime tests into their own class 2017-02-06 13:08:05 -07:00
nathangray
502caf4703 Split application specific test stuff and the Egw session stuff 2017-02-06 13:08:05 -07:00
Ralf Becker
2b45b52477 fix warning about static use of Accounts::is_(active|expried) by making it static and throw a WrongParameterException, if is_expired is called with no parameter 2017-02-06 10:38:01 +01:00
Ralf Becker
250cbb5704 * Addressbook: only add groups as distribution lists, if accounts addressbook is not hidden 2017-02-06 09:21:50 +01:00
Hadi Nategh
ce9a36ddf9 WIP of smime sing and encrypt message 2017-02-03 12:33:49 +01:00
nathangray
efe0d62df7 Add method to mock the tracking object to ease reuse 2017-02-02 08:45:58 -07:00
Ralf Becker
ba8b1c403e use cryptographically secure random_int available in PHP 7+ when generating default passwords 2017-02-02 15:45:32 +01:00
Ralf Becker
be32282214 maintain an maintenance_release version in api/setup/setup.inc.php, also move update-checker images to api 2017-02-02 10:38:13 +01:00
Ralf Becker
70c0a26307 * Mail/Admin: fix setting ACL or vaction notice from Admin app, if IMAP auth uses email address from account 2017-01-31 18:01:49 +01:00
nathangray
71ffd661ac Make sure to always call typeOptions() with a string
(to satisfy Scrutenizer)
2017-01-31 08:41:22 -07:00
Ralf Becker
7ce511cfc1 fix json_php_unserialize to return false for not serialized content, as unserialize does and in contray to json_decode which returns null in that case
--> fixes SiteMgr no longer shows html blocks containing unserialized content
2017-01-31 11:16:51 +01:00
Ralf Becker
5bf8630620 allow to additionally use just a name for which content array contains a path to upload pictures 2017-01-31 10:16:16 +01:00
nathangray
4edc398286 Fix a missed change of Stylite -> EGroupware 2017-01-30 09:27:33 -07:00
nathangray
76cc4d6f5c Fix a missed change of Stylite -> EGroupware 2017-01-30 09:18:33 -07:00
Ralf Becker
388bffc48b * All apps: fix random failure in drag-n-drop or pasting images into CKEditor eg. mail compose 2017-01-27 17:38:08 +01:00
Ralf Becker
7f8b81f45b * Admin: fix bulk password reset to pick only passwords having required strength 2017-01-27 14:27:58 +01:00
Hadi Nategh
2d8b8fc5dc WIP of SMIME support: First attempt to decrypt a smime encrypted message 2017-01-26 17:45:07 +01:00
Hadi Nategh
572ae1d77e WIP of SMIME support: Add method to extract certificate's info from pkcs12 2017-01-25 18:04:54 +01:00
Hadi Nategh
efbb02b1b7 WIP of SMIME support: implement smime type storage 2017-01-25 18:03:35 +01:00
Ralf Becker
75a83fa35c allow to store (user specific) s/mime private keys in mail account 2017-01-25 11:40:05 +01:00
Ralf Becker
45114cd2b8 fix PHP fatal on call to Api\Html::progressbar caused by no longer existing static property $netscape4 2017-01-24 10:59:52 +01:00
Hadi Nategh
2b99050d99 W.I.P of SMIME support for mail application:
- Add a method for extracting public-key from a certificate
2017-01-23 16:19:46 +01:00
Ralf Becker
da58ef5769 * Filemanager/PostgreSQL: shared files were not cleaned up after expiring of 100 days not accessed under PostgreSQL 2017-01-23 15:23:11 +01:00
Ralf Becker
f8a3bd8e34 fix typo causing filtering by group-distribution-list to fail 2017-01-23 11:27:44 +01:00
Ralf Becker
bb7fb1abf8 * Addressbook/Mail: allow to use groups as (readonly) distribution lists 2017-01-23 11:17:02 +01:00
nathangray
74c48e0592 Custom fields can be at the start of the content 2017-01-19 10:53:53 -07:00
nathangray
6ed24454f9 Allow expansion of custom fields when merging to include fields from other apps
eg: {{#other_app/#addressbook_cf/n_fn}}
2017-01-19 10:53:53 -07:00
Hadi Nategh
a3562129b0 W.I.P of SMIME support for mail application:
- Resolve smime p7b attachment and translate it to PEM format
- Assign a button to show the message is signed plus handler for showing the certificate
- Fix Smime class to only use php openssl extension
2017-01-19 18:52:44 +01:00
nathangray
845a1ec3e7 Added a checkbox for 'save as infolog' when merging multiple contacts into an email document. 2017-01-19 09:36:38 -07:00
Hadi Nategh
e992b9991d W.I.P of SMIME support for mail application 2017-01-18 19:03:29 +01:00
nathangray
f8be81e17f Clear instance singleton on destruct
Allows for unit testing
2017-01-11 15:46:12 -07:00
nathangray
5e13b8dfda - Some nicer messages when things go wrong
- Reset account backend after test
2017-01-11 15:41:53 -07:00
Hadi Nategh
1eff570926 Consider whitespaces when trying to translate <, >, <= and >= signs in HTML:
- Fix some mails get cut off after switching to plain-text mode
2017-01-09 16:57:30 +01:00
nathangray
775ef84867 Fix namespace 2017-01-06 11:21:38 -07:00
nathangray
b439bb2b5c - Re-initialize Config on each start, since it doesn't happen normally
- Better error message for if login fails
2017-01-06 10:39:16 -07:00
nathangray
f8b57077fb A start on some automatic testing for apps
- use 'phpunit -c doc/phpunit.xml' to run tests
 - extend api/src/test/AppTest.php to write application tests
2017-01-06 10:39:16 -07:00
Hadi Nategh
c7089cadd9 Revert unintentional changes to mrconfig and ContentSecurityPolicy from commitacdf079fb180490d8659fad0f4c20dd74ea78503 2017-01-05 15:04:53 +01:00
Hadi Nategh
acdf079fb1 * Etemplate: Fix error "Etemplate\Api\Auth not found" happening while to login 2017-01-05 14:59:20 +01:00
Ralf Becker
dc84982a55 * CalDAV/CardDAV: send unchange REALM for "bad login or password" to allow storing credentials 2017-01-04 10:18:34 +11:00
Hadi Nategh
2d1bb1ecc3 Another patch to previous commit in order to cover empty space 2016-12-12 10:20:46 +01:00
Hadi Nategh
760bd4106f * Mail: Fix accounts selectbox in compose dialog does not include email addresses. Additionally, let local accounts without '@' get explicitly displayed in accounts selectbox. 2016-12-12 09:35:52 +01:00
Ralf Becker
d4a64babbd fix PHP 5.4 Fatal error: Can't use function return value in write context 2016-12-08 16:22:54 +01:00
Hadi Nategh
23aea3864c Keep allowExternalIMGs preference intact and use an explicit preference for allowed domains 2016-12-02 10:09:56 +01:00
Hadi Nategh
6ed3b92298 Work in progress of mail external image handler:
- Fix styling
- Add handler for mobile and display
2016-11-24 14:35:54 +01:00
Hadi Nategh
5fb70c77ab Work in progress of mail external image handler 2016-11-23 18:52:43 +01:00
Ralf Becker
6d472b1592 use openssl_random_pseudo_bytes, if available, to generate etemplate_exec_id, as it is used for CSRF protection too 2016-11-17 11:09:30 +01:00
nathangray
a15aa412e2 Attempt to fix redirects to invalid /index.php 2016-11-16 09:20:03 -07:00
Ralf Becker
6a31d2462a fix identities from aliases or imap-user without @ shown with empty label, if name is empty 2016-11-14 13:43:05 +01:00
Ralf Becker
b38542439a if webserver_url does not match eg. because of proxying, fix it 2016-11-14 13:43:05 +01:00
Klaus Leithoff
e9155a000b * Mail/Z-Push: handle charset-problem on sending mails with added EGW-Signature 2016-11-10 12:50:51 +00:00
nathangray
8ecc188fd7 Customfields required bugs
- Load attributes from modifications array, were previously ignored
- Remove double required check, actual field widget should handle it
2016-11-07 09:22:33 -07:00
Ralf Becker
c20ee5575d allow to use Api\Contacts::search() without Acl check 2016-11-07 09:26:14 +01:00
Ralf Becker
2d35e890fd remove permantent error_log on restore of egw_cal_dates 2016-11-02 14:28:34 +01:00
Ralf Becker
16689ebc27 fix use of old egw class in favor of new Api\Egw 2016-11-02 09:38:37 +01:00
Ralf Becker
225bc0bbc2 fix searching for "group" reveals groups normally hidden by forced account-selection pref "groupmembers" or "none" 2016-10-31 18:46:59 +01:00
Ralf Becker
8040fa49ec remove Exception type, to not get a Type error when PHP 7+ throws an Error 2016-10-31 18:29:32 +01:00
Ralf Becker
dbae12260b fix setting alias and forwards, allow to add/remove from existing ones 2016-10-31 15:41:52 +01:00
Ralf Becker
74e2c62b48 * Admin/Mail: allow to limit users to only create identities for aliases 2016-10-28 14:27:59 +02:00
Ralf Becker
a23ab6a9fb * Addressbook/LDAP: fix error if egroupware-epl-compat (old API) not installed 2016-10-27 10:51:47 +02:00
nathangray
648b6fd759 If searching for an account and you include 'Group ' (or translation) in the search string, it will search just groups instead of all accounts. 2016-10-24 09:21:57 -06:00
Ralf Becker
e989d079d6 removing server-side validation of non-ascii in local part of email, because \x80-\xff gives and invalid utf-8 compilation error in preg_match with /u modifier 2016-10-20 15:21:40 +02:00
Ralf Becker
ab79e193ec * Mail: show validation error if local part (before @) of email-address contains non-ascii chars 2016-10-20 12:29:56 +02:00
Ralf Becker
ad059b81e7 add missing traversable-test mentioned by Scrutinizer 2016-10-20 10:17:20 +02:00
Ralf Becker
2fbafeaa27 add missing false-test mentioned by Scrutinizer 2016-10-20 09:50:57 +02:00
Ralf Becker
c2d1fe6d50 only check vfs for templates, if /etemplates is mounted 2016-10-19 16:44:04 +02:00
Ralf Becker
ae712ff8a1 * Filemanager: break infinit recursion stalling eg. login by introducing max. sub-directory depth of 100
Detects infinit recursion caused eg. by fs_dir pointing to a child-directory.
No idea how to efficently test for that, without scanning all parents of all filesystme nodes.
2016-10-19 15:52:02 +02:00
Klaus Leithoff
7588c9a493 rework of fix for problem regarding send with bcc when using esync 2016-10-19 10:01:38 +00:00
Klaus Leithoff
c47d8a26c3 * Mail: fix problem regarding send with bcc when using esync 2016-10-18 13:59:32 +00:00
Ralf Becker
a81442373c fix typo 2016-10-13 17:58:27 +02:00
Ralf Becker
30cf772c4d move ADOdb row_lock and rollback_lock methods to Db class, use Db::$tablealiases and use them for backup, also added a "backup_(starts|finished)" hook for apps 2016-10-13 17:54:58 +02:00
Ralf Becker
6e1429d833 change to just "Powered by EGroupware <version>" 2016-10-08 14:46:25 +02:00
Hadi Nategh
c3fb98f3c1 Try to correct ckeditor references point to vendor directory 2016-10-07 12:15:03 +02:00
Ralf Becker
315ceed672 error_log if calendar can not send notifications 2016-10-06 19:09:40 +02:00
Hadi Nategh
57349e6386 Remove spellchecker lang from preferences 2016-10-06 18:30:37 +02:00
nathangray
fa8f53e6d4 Fix VFS ajax uploads did not work if path needed expansion 2016-10-05 16:13:31 -06:00
Hadi Nategh
69ce664000 Fix some of content in mails with specific html formats get removed by HtmLawed's balance 2016-10-05 17:13:07 +02:00
Hadi Nategh
93f3826259 Update HTMLawed into version 1.1.22 2016-10-05 16:18:06 +02:00
Ralf Becker
fc086c56cd fix dbb0796 allow to specify a subdirectory in attach_file as part of $file[name] parameter
(subdir was created, but file was copied to main dir)
2016-10-04 16:47:24 +02:00
Ralf Becker
dbb07961f6 allow to specify a subdirectory in attach_file as part of $file[name] parameter 2016-10-04 10:49:55 +02:00
nathangray
3da08fa7a1 Make sure category data is an array before looking inside it, avoids warning if it is not 2016-10-03 09:58:59 -06:00
Ralf Becker
adaeabe592 fix wrong namespaced Exception: \DateTime throws \Exception 2016-09-28 11:17:19 +02:00
Ralf Becker
76c83eb2a9 allow to specify multiple cat_id's 2016-09-26 14:35:52 +02:00
Ralf Becker
e467b48fea allow to import without acl-check and setting modifier 2016-09-26 11:40:02 +02:00
Ralf Becker
d99a283929 fix old class names in docu 2016-09-26 09:27:52 +02:00
Hadi Nategh
83de4986c8 Fix inline images of compose do not get stored as links into integrated applications like infolog, tracker or calendar 2016-09-21 15:52:50 +02:00
nathangray
c2bd221ae0 Silence debug error log 2016-09-13 08:07:52 -06:00
Ralf Becker
9b09267e0b * Calendar/CalDAV: update or removal of (managed) attachments via CalDAV failed 2016-09-13 15:55:55 +02:00
Ralf Becker
4bf26a6c52 Vfs::rename() is supposted to be static, quitens warning that it is used static 2016-09-13 13:53:05 +02:00
Ralf Becker
e82ce99537 fix SQL error happening in sync-colletion in TB caused by Db->Type == 'mysqli' and Db->group_connect returning false 2016-09-12 23:22:56 +02:00
nathangray
7afd7e420b Better version of optgroup fix to still allow additional data (title, color) in option entries 2016-09-12 10:42:12 -06:00
nathangray
dee0caa875 Fix validation of select values in an optgroup always failed 2016-09-12 08:40:48 -06:00
nathangray
4dcb415f44 Try to fix redirects from AJAX calls to static methods 2016-09-09 10:27:33 -06:00
Hadi Nategh
aff9f0eba8 Fix Ctrl+A in context menu does not get translated 2016-09-09 12:54:52 +02:00
Hadi Nategh
ea30baf1a3 Fix syntax issue caught by Travis which happens only for php versions older than 5.6 2016-09-08 10:10:49 +02:00
Hadi Nategh
cc278e0d17 WIP of letter avatar generator:
- Use hash system to pick always the same color for given user
2016-09-05 12:50:04 +02:00
Ralf Becker
4a25a4a1d3 * App apps: async notifications were not using SMTP only account, but personal one with unavailable session password 2016-09-02 18:12:04 +02:00
Hadi Nategh
c3583dbb3c WIP of letter avatar generator 2016-09-02 17:33:55 +02:00
Ralf Becker
d4ce9fce91 enhance filesystem check to also check fs_id of required nodes /, /home, /apps 2016-08-31 19:03:48 +02:00
Hadi Nategh
d8761441b1 * Mail: Fix pdf attachments do not get downloaded in mobile template 2016-08-31 12:10:26 +02:00
Ralf Becker
4b614c91ed * Filemanager: fix missing symlink overlay on mime-icon 2016-08-29 19:42:49 +02:00
Ralf Becker
4cd0d35ff7 possible fix for deactivated / or /apps 2016-08-29 17:14:48 +02:00
Ralf Becker
ef5b160fdd fix for PHP Warning: Illegal string offset 'to_id' in api/src/Etemplate/Widget/Link.php on line 327 2016-08-29 13:50:13 +02:00
Ralf Becker
026fd08125 Sqlfs::mkdir is no longer static, fixing some left over static calls 2016-08-29 13:42:57 +02:00
Ralf Becker
a6189bf9b9 Sqlfs::mkdir is no longer static, fixing some left over static calls 2016-08-29 12:56:35 +02:00
Ralf Becker
c474df28fb fix Scrutinizer bug: Api\Etemplate\Exception does not exist (missing \Exception) and remove old non-static stuff from Api\Etemplate\Widget::setElementAttribute(), as $this is allways unset for methods declared static 2016-08-28 12:51:19 +02:00
Ralf Becker
54bfaeb988 fix Scrutinizer docu bug: Api\Etemplate\Request\Files::__construct($id) $id is not array but string|null 2016-08-28 12:51:19 +02:00
Ralf Becker
8d2d4ef3dd fix Scrutinizer docu bug: Api\Etemplate\Request\Files::__construct($id) $id is not array but string|null 2016-08-28 12:51:19 +02:00
Ralf Becker
4e15b70373 fix Scrutinizer docu bug: Egw::setup() need to support null for $domain_names parameter 2016-08-28 12:51:19 +02:00
Ralf Becker
4dbd49d285 fix Scrutinizer docu bug: Api\Db has no more support for Halt_On_Error attribute 2016-08-28 12:51:19 +02:00
Ralf Becker
bcec596fff fix Scrutinizer docu bug: get_backend returns Sql|Ldap|Ads|Univention backend 2016-08-28 12:51:19 +02:00
Ralf Becker
056e0f97d2 fix Scrutinizer bug: replace new ldap (wrong namespace) with Api\Ldap::factory() 2016-08-28 12:51:19 +02:00
Ralf Becker
6c6f9eae7a fix Scrutinizer bug: non-existing Api\Api\Db\Exception\InvalidSql and delete_list accepts array of list-ids, while check_list does not 2016-08-28 12:51:19 +02:00
Ralf Becker
52ca45a228 fix Scrutinizer bug: remove non-static usage as it gives a PHP Fatal anyway, since Config::save_value() is declared static 2016-08-28 12:51:19 +02:00
Ralf Becker
9082a799e2 fix Scrutinizer docu bug 2016-08-28 12:51:19 +02:00
Ralf Becker
9f073b4c4c fix Scrutinizer bug: get_path only allows array as parameter (calendar&infolog allow int / just the id too) 2016-08-28 12:51:19 +02:00
Ralf Becker
6903ab0f12 fix Scrutinizer bug: missing required parameters 2016-08-28 12:51:19 +02:00
Ralf Becker
2ec05f8936 fix Scrutinizer docu bug 2016-08-28 12:51:19 +02:00