Ralf Becker
|
af8f7b2c35
|
uncommited changes
|
2013-11-11 08:31:33 +00:00 |
|
Ralf Becker
|
d4d0c13876
|
static method can not use $this, there is no need to anyway
|
2013-11-11 08:28:03 +00:00 |
|
Ralf Becker
|
b1f5649451
|
fixed egw_min_php_version to 5.3
|
2013-11-11 08:27:10 +00:00 |
|
Ralf Becker
|
aeced1ddae
|
always check for read access too
|
2013-11-11 08:23:14 +00:00 |
|
Ralf Becker
|
e4ee379138
|
fix wrong sql produced by column_data_implode with param $use_key="VALUES" and numerical indexes in data
|
2013-11-11 08:21:54 +00:00 |
|
Ralf Becker
|
d7a1b12d96
|
normalize ./ away
|
2013-11-11 08:19:00 +00:00 |
|
Ralf Becker
|
12e8a3bbcd
|
iterator to run arbitrary callbacks on a select
|
2013-11-08 19:54:08 +00:00 |
|
Ralf Becker
|
1dd3ad5e0a
|
fixed ckeditor wont start with NOT expanded toolbar
|
2013-11-04 10:13:28 +00:00 |
|
Ralf Becker
|
b20bd49817
|
* CalDAV: fixed wrong http-status for delete in inbox and announce sync-report on inbox, so clients using it get events only once
|
2013-10-31 11:29:22 +00:00 |
|
Ralf Becker
|
e94502515d
|
* Admin/Preferences: changepassword hook was called twice
fixed by calling in now from API and not on every location in application code changing a password
|
2013-10-25 19:24:01 +00:00 |
|
Klaus Leithoff
|
892f90205a
|
work around ckeditor problem with default (kama) skin, by falling through to moonocolor
|
2013-10-24 14:42:40 +00:00 |
|
Ralf Becker
|
c8f1e75165
|
PSR-0 autoloading eg. for PEAR or Horde classes
|
2013-10-22 08:25:55 +00:00 |
|
Klaus Leithoff
|
210a145747
|
support additional moonocolor skin
|
2013-10-21 11:33:39 +00:00 |
|
Ralf Becker
|
d63cf889b4
|
silenced permanent error_log and fixed a typo
|
2013-10-18 14:31:46 +00:00 |
|
Klaus Leithoff
|
6e0448cb62
|
fix broken scayt and spellcheckerbuttons in config for ckeditor
|
2013-10-17 15:09:56 +00:00 |
|
Ralf Becker
|
6e76361736
|
open all sidebox admin link in admin vi admin.admin_ui.index loader
|
2013-10-15 16:53:43 +00:00 |
|
Ralf Becker
|
319a503c90
|
fixed broken install under PostgreSQL caused by PHP Fatal error: Call to a member function fetch() on a non-object
|
2013-10-15 11:42:28 +00:00 |
|
Ralf Becker
|
b0219a682f
|
reverted accidently commited phpgwapi changes
|
2013-10-15 09:36:23 +00:00 |
|
Ralf Becker
|
0ca55a1103
|
* SiteMgr: fixed not working anonymous user and using now a random password
|
2013-10-15 09:25:49 +00:00 |
|
Ralf Becker
|
38504680b7
|
setting CSP attributes needed by CKeditor now automatic when egw_ckeditor_config::get_ckeditor_config(_array) get called
|
2013-10-14 10:42:36 +00:00 |
|
Nathan Gray
|
bab4adf6d9
|
Update toolbar definitions to match new format
|
2013-10-10 11:55:29 +00:00 |
|
Klaus Leithoff
|
cce86e346e
|
silence permanent error log
|
2013-10-10 09:25:04 +00:00 |
|
Klaus Leithoff
|
77d28bad75
|
allow to set config via json_encoded string for purify wrapper
|
2013-10-10 09:23:55 +00:00 |
|
Ralf Becker
|
0bb8093426
|
fixed translations on client-side: server sends now currentapp and langRequire to client, which uses that to translate phrases, langRequire is only stored in egw object for matching app-name and window!
|
2013-10-07 17:00:03 +00:00 |
|
Ralf Becker
|
ffc506561a
|
* API: fixed not working session encryption, by switch back to previous MCrypt algorithm and mode
|
2013-10-07 07:22:50 +00:00 |
|
Ralf Becker
|
43e1bfcc12
|
switching on Content-Security-Policy: script-src 'self' 'unsafe-eval' for all templates, old non-et2 apps can call egw_framework::csp_script_src_attrs('unsafe-inline') to enable inline scripts in their scope, et2 does it for CK editor which does not support CSP currently and old etemplate does it for all apps using it
|
2013-10-05 13:33:28 +00:00 |
|
Ralf Becker
|
f8a0db06fc
|
completly remove preferences menu from sidebox and tiled preferences index in favoir of app-sensitive entries in top-menu
|
2013-10-03 09:23:18 +00:00 |
|
Ralf Becker
|
6f162f144e
|
add context sensitive link to ACL/grant access to top-menu, same is to be happen for cats and preferences itself and preferences in sidebox will be removed
|
2013-10-02 16:29:08 +00:00 |
|
Ralf Becker
|
7cf6500f92
|
docu update
|
2013-10-02 10:33:44 +00:00 |
|
Ralf Becker
|
53880e2063
|
to mitigate html download with CSP: no blacklisting just IE, only whitelist tested browsers and versions
|
2013-10-01 09:50:23 +00:00 |
|
Ralf Becker
|
bc9c486e03
|
some small fixes to get through a view more tests for managed attachments
|
2013-09-25 12:37:42 +00:00 |
|
Ralf Becker
|
d4c2ed3f65
|
stop CalDAVTester from creating one log per test-step
|
2013-09-25 07:46:02 +00:00 |
|
Ralf Becker
|
ba73deee9f
|
fixed typo in ATTACH property "FMTTYP(E)" and added xml error bodys for wrong managed-id parameter (more to follow)
|
2013-09-25 07:11:27 +00:00 |
|
Ralf Becker
|
86649cd1e1
|
full implementation of draft-murchison-webdav-prefer-05, incl. return=representation for 412 conflicts
|
2013-09-25 07:09:44 +00:00 |
|
Ralf Becker
|
0601d40bd3
|
fix Prefer header to use return=(minimal|representation) instead of older draft dash, enable add-member property, and add Location header to action=attachment-add
|
2013-09-24 12:29:17 +00:00 |
|
Klaus Leithoff
|
45326fa484
|
on async job write, make sure that possible next attribute in data is in sync with job[next]
|
2013-09-24 10:22:03 +00:00 |
|
Ralf Becker
|
edd4cc49ca
|
basic managed attachment support, tested with iCal from OS X mountain lion
|
2013-09-23 13:39:28 +00:00 |
|
Ralf Becker
|
1752f7defd
|
basic managed attachment support, tested with iCal from OS X mountain lion
|
2013-09-23 10:21:31 +00:00 |
|
Klaus Leithoff
|
5e425398fa
|
change convertHTMLToText behavior, regarding the replacing of CRLF or LF to single space; now removing them completely, when text to be processed is regarded to be html
|
2013-09-18 12:14:59 +00:00 |
|
Ralf Becker
|
b8341e48a1
|
mitigate risk of html downloads by using Content-Security-Policy header or Content-Disposition: attachment for IE
|
2013-09-12 18:49:07 +00:00 |
|
Ralf Becker
|
9523ba79c2
|
removed not used assignment
|
2013-09-12 08:31:10 +00:00 |
|
Ralf Becker
|
855c04cb2c
|
use secure and httponly cookies by default, secure cookies can be switched off in Admin >> site configuration, if required for sitemgr
|
2013-09-11 13:06:00 +00:00 |
|
Ralf Becker
|
eb06a2adee
|
setup uses now sessions too and password-hashes in header.inc.php use most secure hashing type
|
2013-09-11 11:35:20 +00:00 |
|
Ralf Becker
|
1590d02816
|
new egw_framework::message($msg, $msg_type="success") method and fixing nextmatch filter-change to return app-header
|
2013-09-05 11:53:25 +00:00 |
|
Ralf Becker
|
aaf0a7491d
|
silence warning be defining the constants
|
2013-09-02 13:40:40 +00:00 |
|
Klaus Leithoff
|
d5c2a03f51
|
revert changes introduced with r43681, as issue is fixed in bo_tracking and handling of GLOBALS[info][user][account_id]
|
2013-09-02 11:34:38 +00:00 |
|
Ralf Becker
|
3d20422177
|
not creating references to ['egw_info']['user'], as bo_tracking and other async service stuff has problems to change between different user enviroments
|
2013-09-02 10:43:16 +00:00 |
|
Klaus Leithoff
|
7744905ba8
|
try to resolve a use-session-stored-data related problem; make sure account_id and prefs are restored after send_notification
|
2013-08-30 12:57:51 +00:00 |
|
Klaus Leithoff
|
f5e00e4bad
|
add (and use) preg replace callback for mailto link to text transformation
|
2013-08-29 10:39:08 +00:00 |
|
Ralf Becker
|
a9a8e65ece
|
new parameter to be able to use get_user_applications() in admin and class-constants for ACL-rights, can be used instead EGW_ACL_* defines
|
2013-08-28 13:27:53 +00:00 |
|
Ralf Becker
|
aa8a848871
|
optional parameter for egw_framework::window_close() to specify an alert message, which get shown/alerted, before closing the window
|
2013-08-26 10:24:11 +00:00 |
|
Ralf Becker
|
46f81649eb
|
also fix calls to deprecated ajaxResponse class to use egw_json_response singleton, should be fixed in code for current apps
|
2013-08-25 15:14:19 +00:00 |
|
Ralf Becker
|
38798b872d
|
Force use of singleton: $response = egw_json_response::get(); not using it causes response being wrapped in an other response
|
2013-08-25 12:42:55 +00:00 |
|
Ralf Becker
|
b2ba685edd
|
remove inline javascript from idots and jerryr templates
|
2013-08-21 20:22:53 +00:00 |
|
Ralf Becker
|
73aa652c41
|
missing egw.js from last commit and egw_framework::window_focus() method
|
2013-08-20 13:25:36 +00:00 |
|
Ralf Becker
|
1c4f65120c
|
new egw_framework methods refresh_opener and window_close to call egw_refresh on opener or close popup window in a content security save way
|
2013-08-20 12:06:41 +00:00 |
|
Ralf Becker
|
ec6d873941
|
let PHP Warnings look exactly like original ones, but with a backtrace
|
2013-08-15 10:15:13 +00:00 |
|
Ralf Becker
|
c806da58ce
|
give a trace for PHP (User) Warnings
|
2013-08-14 08:09:51 +00:00 |
|
Klaus Leithoff
|
27149b237f
|
play around with catching the smtp error of smtp class, as it is the one that has the info about the error
|
2013-08-07 09:20:16 +00:00 |
|
Klaus Leithoff
|
a7be5a026e
|
move reset-call of smtp to phpmailer class, as it is the one that throws exceptions, and stops action
|
2013-08-07 08:34:00 +00:00 |
|
Ralf Becker
|
118657ddee
|
using etemplate_new::ajax_proecess_content to allow to have etemplate still extend etemplate_old, making etemplate_new autoloadable
|
2013-08-06 18:24:30 +00:00 |
|
Klaus Leithoff
|
54b2596ff8
|
send reset command after failure while failing when adding addresses
|
2013-08-06 13:51:39 +00:00 |
|
Ralf Becker
|
48fd2113f3
|
some long running operations, eg. merge-print, run into situation that DB closes our separate sqlfs connection, we try now to reconnect once
|
2013-08-05 14:59:31 +00:00 |
|
Ralf Becker
|
0f37c16cd8
|
using correct case: To, Cc and Bcc
|
2013-08-05 14:56:39 +00:00 |
|
Klaus Leithoff
|
d22f24666b
|
ClearAllRecipients should only clear recipients, not From, ReplyTo and such
|
2013-08-05 13:44:44 +00:00 |
|
Ralf Becker
|
243bb169a2
|
need to reimplement Clear methods from parent, to also clear our private addresses
|
2013-08-05 08:46:29 +00:00 |
|
Ralf Becker
|
6fe4085a11
|
fixed wrong condition only giving a location header if requests fails, not if it succeeds
|
2013-08-02 19:28:38 +00:00 |
|
Ralf Becker
|
207b7de248
|
instead of sending nothing, which gives a parse error on client-side, send a valid, empty response
|
2013-08-01 12:28:28 +00:00 |
|
Ralf Becker
|
6f39b0618d
|
using dhtmlxtree from sources instead of codebase directory, as does et2_widget_tree, to not double load it and causing 2. load to overwrite extensions from 1.
|
2013-08-01 11:19:14 +00:00 |
|
Ralf Becker
|
05765db6ca
|
* Admin/Filemanager: added filesystem check and repair for missing or broken required directories /, /apps and /home
|
2013-08-01 07:53:20 +00:00 |
|
Ralf Becker
|
8ce9969ece
|
we need to double encode (html::htmlspecialchars( , TRUE)), as otherwise we get invalid json, eg. for quotes, fixes not working display in filemanager for some directories containing directories with quotes in their name
|
2013-08-01 06:36:18 +00:00 |
|
Nathan Gray
|
afa7a73f0a
|
Fix chosen sizes using new width attribute for account multi-select
|
2013-07-26 15:08:17 +00:00 |
|
Ralf Becker
|
200a8860bf
|
* eTemplate/all apps: (silently) limit number of links shown to 1000 newest, to not run into memory_limit or max_execution_time and assuming noone will scroll further down anyway
|
2013-07-26 09:38:38 +00:00 |
|
Nathan Gray
|
f65680a7ae
|
Add CSS to better match egw. Fix chosen sizes using new width attribute. Not perfect, but at least never too small.
|
2013-07-25 20:28:32 +00:00 |
|
Ralf Becker
|
8e85c86f8b
|
* Async service/Backup: updating job to next scheduled time BEFORE running it, to copy with jobs running longer then async frequency of 5min, eg. backup
|
2013-07-25 13:11:07 +00:00 |
|
Ralf Becker
|
59c683c359
|
removed ancient "mark untranslated strings with *" site configuration, as it is unnecessary and breaks links-stream-wrapper and WebDAV
|
2013-07-25 12:18:08 +00:00 |
|
Ralf Becker
|
71676f982a
|
fixed not working special char detection
|
2013-07-25 07:21:35 +00:00 |
|
Ralf Becker
|
8ec5425c5a
|
disable minify-ing of javascript, until I find time to fix it, as it stalls testers (css still get minifyed, if debug minify is off in site config)
|
2013-07-24 07:42:27 +00:00 |
|
Ralf Becker
|
6e6b2b7b0a
|
reverted "no need for RegExp replace", as javascript only replace first occurence, if a string given
|
2013-07-23 14:41:53 +00:00 |
|
Ralf Becker
|
8242d40d1e
|
no need for RegExp replace
|
2013-07-23 11:49:16 +00:00 |
|
Ralf Becker
|
58949008f9
|
disable outer scrollbar, eg. if rendering time is swichted on
|
2013-07-23 11:33:23 +00:00 |
|
Klaus Leithoff
|
c4caefc9e9
|
suppress warning on searching for active members
|
2013-07-23 10:59:56 +00:00 |
|
Ralf Becker
|
16191d4db4
|
rendering quick-add menu on clientside and content-security safe, thought not yet in idots template, also removed not used inline javascript from idots
|
2013-07-22 19:20:13 +00:00 |
|
Ralf Becker
|
4ed52a2b16
|
get notifications-popup ready for content-security, install as object in app.notifications and use data-poll-intervall of script tag to pass poll frequency
|
2013-07-22 13:29:20 +00:00 |
|
Nathan Gray
|
67d6775f54
|
Use htmlspecialchars to escape data-attributes
|
2013-07-19 18:03:47 +00:00 |
|
Ralf Becker
|
5e3c0192d3
|
$extra parameter for framework->header()
|
2013-07-19 17:07:05 +00:00 |
|
Ralf Becker
|
33ac096fdf
|
enabled and enhanced dependency tests so they can be used to display full dependencies of one or more files
|
2013-07-19 15:24:55 +00:00 |
|
Ralf Becker
|
f55a668bdf
|
include user-data and common prefs like we already do it with eg. server config
|
2013-07-19 15:22:00 +00:00 |
|
Ralf Becker
|
d16c426fb6
|
first step towards content-security by passing parameters to egw.js script via data-attributes of script tag instead of using inline scripts in page
|
2013-07-19 08:45:26 +00:00 |
|
Ralf Becker
|
9af953e2b1
|
fixed accounts::search sometimes returning too many lines
|
2013-07-17 13:14:08 +00:00 |
|
Ralf Becker
|
792f1b26cc
|
replacing egw.LAB with egw_LAB, as egw object is shared by all iframes and popups, while LAB has to work on document
|
2013-07-17 12:47:21 +00:00 |
|
Ralf Becker
|
94926467d2
|
always check with "passwd_forbid_name" enabled, if setting of password failed
|
2013-07-16 14:57:06 +00:00 |
|
Ralf Becker
|
10436d5e41
|
fixed not being able to switch "forbid password to contain name" off again, after it has been switched on (caused by name "passwd_forbid_name")
|
2013-07-16 14:50:12 +00:00 |
|
Klaus Leithoff
|
2bdcd29582
|
pass acount_id to crackcheck, as it is required for crackcheck rule validation forbid_name
|
2013-07-16 10:42:31 +00:00 |
|
Ralf Becker
|
d48e8f4d84
|
* PostgreSQL: fix for SQL error eg. on update from 1.8.001 to 1.8.004 from 9.1 on
|
2013-07-16 06:47:54 +00:00 |
|
Ralf Becker
|
b54aef66e4
|
need to use own authentication method, to be able to auth user forced to change password and need to always recheck flag, if user are forced to change password, as otherwise he will be prompt again after changing it
|
2013-07-15 20:29:49 +00:00 |
|
Ralf Becker
|
526c938eec
|
* Active Directory: allow to do a forced password change in EGroupware and handle reset of that flag for Samba4 too
|
2013-07-15 20:01:01 +00:00 |
|
Ralf Becker
|
5f74357963
|
* WebDAV/CalDAV/CardDAV: fixed basic authentication via redirect-rule to use $_SERVER["REDIRECT_HTTP_AUTHORIZATION"] as it is used by newer Apache versions
|
2013-07-15 11:06:45 +00:00 |
|
Ralf Becker
|
e90a6e1d42
|
fixed again not working new account creation under AD agains Win2008r2
|
2013-07-15 08:10:03 +00:00 |
|
Ralf Becker
|
6898ee9cdb
|
* Admin/Preferences/Active Directory: more understandable password policy errors and using windows defaults only, if admin has not configured something else
|
2013-07-14 13:05:24 +00:00 |
|