upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-25 10:49:21 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9
39827 commits 979 branches 1211 tags 8.7 GiB
Commit graph

16367 commits

Author SHA1 Message Date
Morris Jobke
3d9fd4d0d1 Merge pull request #5817 from nextcloud/add-basic-sql-injection-checker 
Add Phan plugin to check for SQL injections
 2017-07-21 09:25:24 +02:00
Nextcloud bot
964d5338dc
[tx-robot] updated from transifex 2017-07-21 00:08:06 +00:00
Lukas Reschke
3d2600b039
Add Phan plugin to check for SQL injections 
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-07-20 22:48:13 +02:00
Björn Schießle
c0e9b374f1 Merge pull request #5629 from nextcloud/add-recovery-key-on-public-upload 
Add recovery key on public upload
 2017-07-20 14:07:57 +02:00
Bjoern Schiessle
473824fa06
make sure that we always have a owner 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-07-20 11:40:17 +02:00
Bjoern Schiessle
20a6b22db6
Add recovery key on public upload 
In order to decide if a recovery key needs to be added we always
need to check the files owner settings and not the settings of
the currently logged in user.

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-07-20 11:40:14 +02:00
Joas Schilling
0b3266531b
Fix copy and paste error on activity descriptions 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-07-20 09:31:14 +02:00
Nextcloud bot
26c42d3d30
[tx-robot] updated from transifex 2017-07-20 00:08:04 +00:00
Joas Schilling
3ff3c338c9 Merge pull request #5734 from nextcloud/only-readable-chars-in-share-tokens 
Only use readable chars in Share Tokens
 2017-07-19 16:40:18 +02:00
Roeland Jago Douma
d5e3428af5 Merge pull request #5776 from nextcloud/install-phan 
Run phan over code base
 2017-07-19 13:45:31 +02:00
Lukas Reschke
d8ec399454
Run phan over code base 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-07-19 10:28:11 +02:00
Morris Jobke
e48ca730fe Add Android and iOS URLs to theming app 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-07-19 10:20:47 +02:00
Roeland Jago Douma
e2298e0a71
Allow overwriting of IOS theming values 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-07-19 08:22:45 +02:00
Nextcloud bot
0ee83ac56b
[tx-robot] updated from transifex 2017-07-19 00:08:22 +00:00
Joas Schilling
984933e586
Only use readable chars in Share Tokens 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-07-18 15:44:34 +02:00
Roeland Jago Douma
1ac6eae7d5 Merge pull request #5739 from nextcloud/comradekingu-patch-4 
Spelling: Bigversal and LDAP
 2017-07-18 09:09:46 +02:00
Morris Jobke
58f72309cc Merge pull request #5736 from smueller18/patch-2 
do not show hyphen in og:title if slogan does not exist
 2017-07-18 09:04:47 +02:00
Roeland Jago Douma
4b1f258198 Merge pull request #5735 from nextcloud/comradekingu-patch-1 
Spelling: Shortening and binding
 2017-07-18 08:52:09 +02:00
Morris Jobke
99555faffd Merge pull request #5737 from nextcloud/comradekingu-patch-2 
Spelling: command-line, Consider narrowing
 2017-07-18 08:49:48 +02:00
Morris Jobke
7642492cfe Merge pull request #5741 from nextcloud/comradekingu-patch-6 
Spelling: sent, an invitation, - successful
 2017-07-18 08:49:06 +02:00
Morris Jobke
79cf7d610f Merge pull request #5740 from nextcloud/comradekingu-patch-5 
Spelling: log out, : Bigversal
 2017-07-18 08:48:08 +02:00
Nextcloud bot
b1b843e572
[tx-robot] updated from transifex 2017-07-18 00:08:02 +00:00
Roeland Jago Douma
1956ea0e13 Merge pull request #5743 from nextcloud/comradekingu-patch-7 
Spelling: - your
 2017-07-17 14:42:13 +02:00
Nextcloud bot
125767265d
[tx-robot] updated from transifex 2017-07-17 00:08:02 +00:00
Allan Nordhøy
1d24c82e38 - your 
This avoids it being «"access to your "the cloud"» or similar. Italicizing %s might be a middleground here.
 2017-07-15 11:39:50 +02:00
Nextcloud bot
a23cdd04bb
[tx-robot] updated from transifex 2017-07-15 00:08:54 +00:00
Allan Nordhøy
de6b7668c1 sent, an invitation, - successful 2017-07-14 17:28:57 +02:00
Allan Nordhøy
6ab8b90e94 log out, : Bigversal 2017-07-14 17:02:48 +02:00
Allan Nordhøy
ddc804aa32 : Bigversal and LDAP 2017-07-14 15:46:05 +02:00
Allan Nordhøy
4b8c1eaa91 command-line, Consider narrowing 2017-07-14 15:32:47 +02:00
Stephan Müller
7cf3dc4e29 do not show hyphen in og:title if slogan does not exist 2017-07-14 15:26:44 +02:00
Allan Nordhøy
66cbf90853 Spelling: Shortening and binding 2017-07-14 15:24:55 +02:00
Nextcloud bot
3865c77279
[tx-robot] updated from transifex 2017-07-14 00:08:37 +00:00
Joas Schilling
e335121d5e Merge pull request #5070 from nextcloud/theming-vs-themes 
Prefer custom theme over the theming app
 2017-07-13 13:41:31 +02:00
Nextcloud bot
261513b04a
[tx-robot] updated from transifex 2017-07-13 00:08:31 +00:00
Roeland Jago Douma
86a496d94a Merge pull request #5567 from nextcloud/public-capabilities 
Public capabilities API
 2017-07-12 13:04:54 +02:00
Roeland Jago Douma
08d3cb9107 Merge pull request #5685 from nextcloud/jail-propagator 
Fix propagating changes within jail wrapper
 2017-07-12 12:14:51 +02:00
Julius Härtl
ce5ad7e7f4
Prefer custom theme over theming app 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2017-07-12 11:42:15 +02:00
Nextcloud bot
13295c2d1d
[tx-robot] updated from transifex 2017-07-12 00:08:43 +00:00
Morris Jobke
9e2d1caba2 Merge pull request #5681 from nextcloud/upstream-fix-circles 
upstream fix circles
 2017-07-11 18:03:06 +02:00
Robin Appelman
dfe662ad42
Fix propagating changes within jail wrapper 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-07-11 17:55:04 +02:00
Morris Jobke
4153e1de79 Merge pull request #5672 from nextcloud/upload-hidden-filelist 
properly block file upload to non-active filelist
 2017-07-11 15:15:49 +02:00
Robin Appelman
e1d6ca3c53
fix test 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-07-11 14:03:11 +02:00
Maxence Lange
6e7be6acfd upstream 
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
 2017-07-11 13:21:24 +02:00
Morris Jobke
7df7d0ff3b Merge pull request #5656 from nextcloud/fix-unselecting-items-on-multi-select-dropdowns 
Fix unselecting items on multi select dropdowns
 2017-07-10 23:39:43 +02:00
Morris Jobke
22693aec47 Merge pull request #5669 from nextcloud/fix-remote-share-activity-emails 
Fix remote share activity emails
 2017-07-10 16:16:54 +02:00
Robin Appelman
12c9b1efb0
properly block file upload to non-active filelist 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-07-10 14:32:10 +02:00
Roger Szabo
0ebec6f9a4 Rectify variable $uid->$user 
Signed-off-by: Roger Szabo <roger.szabo@web.de>
 2017-07-10 18:46:39 +08:00
Joas Schilling
33cb45d4a3
Fix owner cloud id in unshare activity 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-07-10 12:20:56 +02:00
Joas Schilling
b69ddfba8b
Fix activity emails for accept/decline of remote shares 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-07-10 12:10:36 +02:00