diff --git a/apps/calendar/ajax/event/edit.form.php b/apps/calendar/ajax/event/edit.form.php
index 0193987889367e041c6506af367131d4fd225943..e5cf573c71830577fde0a750d23ce050599bee81 100644
--- a/apps/calendar/ajax/event/edit.form.php
+++ b/apps/calendar/ajax/event/edit.form.php
@@ -28,7 +28,7 @@ $dtstart = $vevent->DTSTART;
$dtend = OC_Calendar_Object::getDTEndFromVEvent($vevent);
switch($dtstart->getDateType()) {
case Sabre_VObject_Property_DateTime::UTC:
- $timeOffset = OC_Calendar_App::$tz*60;
+ $timeOffset = $_SESSION['timezone']*60;
$newDT = $dtstart->getDateTime();
$newDT->add(new DateInterval("PT" . $timeOffset . "M"));
$dtstart->setDateTime($newDT);
diff --git a/apps/calendar/js/calendar.js b/apps/calendar/js/calendar.js
index bc012a68c4b5994a8fa40ebef24fc8435c9dbe50..b05a33360a49c53d47188c3129bf9d5a7c276379 100644
--- a/apps/calendar/js/calendar.js
+++ b/apps/calendar/js/calendar.js
@@ -661,10 +661,12 @@ function ListView(element, calendar) {
if (delta) {
if (delta < 0){
addDays(t.start, -7);
+ addDays(t.end, -7);
if (!opt('weekends')) {
skipWeekend(t.start, delta < 0 ? -1 : 1);
}
}else{
+ addDays(t.start, 7);
addDays(t.end, 7);
if (!opt('weekends')) {
skipWeekend(t.end, delta < 0 ? -1 : 1);
diff --git a/apps/files_texteditor/css/style.css b/apps/files_texteditor/css/style.css
index d91a91d18d0ac3f93c8008964961fdc27bc62ca7..14a1c4a9bb9cfd56ebab17d6afad280c8179a366 100644
--- a/apps/files_texteditor/css/style.css
+++ b/apps/files_texteditor/css/style.css
@@ -1,22 +1,11 @@
#editor{
position: fixed;
display: block;
- top: 6.5em;
+ top: 6.8em;
left: 12.5em;
-}
-#editorwrapper{
- position: absolute;
- height: 0;
- width: 0;
- top: 41px;
- left: 160px;
- display: none;
+ z-index: 20;
}
#editor_save{
margin-left: 7px;
float: left;
}
-#saving_icon{
- margin-top: 3px;
- float: left;
-}
diff --git a/apps/gallery/lib/managers.php b/apps/gallery/lib/managers.php
index 9a2dbd3bae2d8e6fd4b8d97c52fdc2b7abaf23a4..da09c565cb94f940da2302b700b96a79432f27ed 100644
--- a/apps/gallery/lib/managers.php
+++ b/apps/gallery/lib/managers.php
@@ -88,7 +88,10 @@ class ThumbnailsManager {
}
public function delete($path) {
- unlink(\OCP\Config::getSystemValue('datadirectory').'/'.\OC_User::getUser()."/gallery".$path);
+ $thumbnail = \OCP\Config::getSystemValue('datadirectory').'/'.\OC_User::getUser()."/gallery".$path;
+ if (file_exists($thumbnail)) {
+ unlink($thumbnail);
+ }
}
private function __construct() {}
diff --git a/apps/gallery/lib/tiles.php b/apps/gallery/lib/tiles.php
index dcdf6aa1bfb44f601eb584ee8621818d031bac1f..53ea97ff05d4e857d1b968197f80bd4751ea0d8e 100644
--- a/apps/gallery/lib/tiles.php
+++ b/apps/gallery/lib/tiles.php
@@ -141,7 +141,7 @@ class TileStack extends TileBase {
}
public function get() {
- $r = '<div class="title gallery_div">'.htmlentities($this->stack_name).'</div>';
+ $r = '<div class="title gallery_div">'. \OCP\Util::sanitizeHTML($this->stack_name).'</div>';
for ($i = 0; $i < count($this->tiles_array); $i++) {
$top = rand(-5, 5);
$left = rand(-5, 5);
diff --git a/apps/gallery/templates/index.php b/apps/gallery/templates/index.php
index 1fdbea59575dc37fc799097183b5a347d61649f0..e30052fafa3017e3a94b1d5fdceddace5f29dbc2 100644
--- a/apps/gallery/templates/index.php
+++ b/apps/gallery/templates/index.php
@@ -14,7 +14,7 @@ div.visible { opacity: 0.8;}
</style>
<script type="text/javascript">
-var root = "<?php echo htmlentities($root); ?>";
+var root = "<?php echo $root; ?>";
function explode(element) {
$('div', element).each(function(index, elem) {
@@ -64,7 +64,7 @@ $(document).ready(function() {
for ($i = 0; $i < count($paths); $i++) {
$path .= urlencode($paths[$i]).'/';
$classess = 'crumb'.($i == count($paths)-1?' last':'');
- echo '<div class="'.$classess.'" style="background-image:url(\''.\OCP\image_path('core','breadcrumb.png').'\')"><a href="'.\OCP\Util::linkTo('gallery', 'index.php').'&root='.$path.'">'.$paths[$i].'</a></div>';
+ echo '<div class="'.$classess.'" style="background-image:url(\''.\OCP\image_path('core','breadcrumb.png').'\')"><a href="'.\OCP\Util::linkTo('gallery', 'index.php').'&root='.$path.'">'.\OCP\Util::sanitizeHTML($paths[$i]).'</a></div>';
}
}
diff --git a/apps/media/lib_collection.php b/apps/media/lib_collection.php
index a32a50534ed119d8a02fa620fa324fc6646e3988..598c08d32e24a3052efc7f772ed1a535ef57adf8 100644
--- a/apps/media/lib_collection.php
+++ b/apps/media/lib_collection.php
@@ -104,7 +104,7 @@ class OC_MEDIA_COLLECTION{
return self::$albumIdCache[$artistId][$albumId][$name];
}else{
$uid=$_SESSION['user_id'];
- $query=OCP\DB::prepare("SELECT song_id FROM *PREFIX*media_songs WHERE song_user=? AND song_name LIKE ? AND song_artist=? AND song_album=?");
+ $query=OCP\DB::prepare("SELECT song_id FROM *PREFIX*media_songs WHERE song_user=? AND lower(song_name) LIKE ? AND song_artist=? AND song_album=?");
$songs=$query->execute(array($uid,$name,$artistId,$albumId))->fetchAll();
if(is_array($songs) and isset($songs[0])){
self::$albumIdCache[$artistId][$albumId][$name]=$songs[0]['song_id'];
@@ -277,7 +277,7 @@ class OC_MEDIA_COLLECTION{
$query=self::$queries['addsong'];
}
$query->execute(array($name,$artist,$album,$path,$uid,$length,$track,$size));
- $songId=OCP\DB::insertid('*PREFIX*media_songs');
+ $songId=OCP\DB::insertid('*PREFIX*media_songs_song');
// self::setLastUpdated();
return self::getSongId($name,$artist,$album);
}
diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php
index f4f75500c013eec012a6c79ccaa4436808a58bc1..ffe6b3d2e936ce042e3d312de4ce3301e7a41b8d 100644
--- a/apps/user_ldap/lib_ldap.php
+++ b/apps/user_ldap/lib_ldap.php
@@ -449,7 +449,7 @@ class OC_LDAP {
if(isset($result[$attr]) && $result[$attr]['count'] > 0){
$values = array();
for($i=0;$i<$result[$attr]['count'];$i++) {
- $values[] = $result[$attr][$i];
+ $values[] = self::resemblesDN($attr) ? self::sanitizeDN($result[$attr][$i]) : $result[$attr][$i];
}
return $values;
}
@@ -521,7 +521,7 @@ class OC_LDAP {
$key = strtolower($key);
if(isset($item[$key])) {
if($key != 'dn'){
- $selection[$i][$key] = $item[$key][0];
+ $selection[$i][$key] = self::resemblesDN($key) ? self::sanitizeDN($item[$key][0]) : $item[$key][0];
} else {
$selection[$i][$key] = self::sanitizeDN($item[$key]);
}
@@ -534,7 +534,7 @@ class OC_LDAP {
$key = strtolower($attr[0]);
if(isset($item[$key])) {
- if($key == 'dn') {
+ if(self::resemblesDN($key)) {
$selection[] = self::sanitizeDN($item[$key]);
} else {
$selection[] = $item[$key];
@@ -549,6 +549,15 @@ class OC_LDAP {
return $findings;
}
+ static private function resemblesDN($attr) {
+ $resemblingAttributes = array(
+ 'dn',
+ 'uniquemember',
+ 'member'
+ );
+ return in_array($attr, $resemblingAttributes);
+ }
+
static private function sanitizeDN($dn) {
//OID sometimes gives back DNs with whitespace after the comma a la "uid=foo, cn=bar, dn=..." We need to tackle this!
$dn = preg_replace('/([^\\\]),(\s+)/','\1,',$dn);
diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php
index 9281aebe81d90b718d96e049d564cf5fe1c6f2f0..85b3d88973c7d4e2d528e6b63322e6f6e086c100 100644
--- a/apps/user_ldap/user_ldap.php
+++ b/apps/user_ldap/user_ldap.php
@@ -124,9 +124,19 @@ class OC_USER_LDAP extends OC_User_Backend {
* @return boolean
*/
public function userExists($uid){
- return in_array($uid, $this->getUsers());
- }
+ //getting dn, if false the user does not exist. If dn, he may be mapped only, requires more checking.
+ $dn = OC_LDAP::username2dn($uid);
+ if(!$dn) {
+ return false;
+ }
-}
+ //if user really still exists, we will be able to read his cn
+ $cn = OC_LDAP::readAttribute($dn, 'cn');
+ if(!$cn || empty($cn)) {
+ return false;
+ }
+
+ return true;
+ }
-?>
+}
\ No newline at end of file
diff --git a/lib/connector/sabre/auth.php b/lib/connector/sabre/auth.php
index 1c7a84f0f2a69c5b9a08c003a3d03b60a90483e6..ee68039162647beab589a2711f0de4767bd40e4e 100644
--- a/lib/connector/sabre/auth.php
+++ b/lib/connector/sabre/auth.php
@@ -33,7 +33,7 @@ class OC_Connector_Sabre_Auth extends Sabre_DAV_Auth_Backend_AbstractBasic {
protected function validateUserPass($username, $password){
OC_Util::setUpFS();//login hooks may need early access to the filesystem
if(OC_User::login($username,$password)){
- OC_Util::setUpFS();
+ OC_Util::setUpFS($username);
return true;
}
else{
diff --git a/lib/filecache.php b/lib/filecache.php
index da9baa020a2c5e28b9cb72452c8d1ea70e4262ed..a0ad2be4f770f595819e33b9d9665dd92445cfa8 100644
--- a/lib/filecache.php
+++ b/lib/filecache.php
@@ -86,7 +86,7 @@ class OC_FileCache{
}
$path=$root.$path;
$parent=self::getParentId($path);
- $id=self::getId($path,'');
+ $id=self::getFileId($path);
if(isset(OC_FileCache::$savedData[$path])){
$data=array_merge(OC_FileCache::$savedData[$path],$data);
unset(OC_FileCache::$savedData[$path]);
@@ -129,7 +129,12 @@ class OC_FileCache{
$queryParts=array();
foreach(array('size','mtime','ctime','mimetype','encrypted','versioned','writable') as $attribute){
if(isset($data[$attribute])){
- $arguments[]=$data[$attribute];
+ //Convert to int it args are false
+ if($data[$attribute] === false){
+ $arguments[] = 0;
+ }else{
+ $arguments[] = $data[$attribute];
+ }
$queryParts[]=$attribute.'=?';
}
}
@@ -262,7 +267,7 @@ class OC_FileCache{
}
$path=$root.$path;
$parent=self::getFileId($path);
- if($path==-1){
+ if($parent==-1){
return array();
}
$query=OC_DB::prepare('SELECT name,ctime,mtime,mimetype,size,encrypted,versioned,writable FROM *PREFIX*fscache WHERE parent=? AND (mimetype LIKE ? OR mimetype = ?)');
diff --git a/lib/installer.php b/lib/installer.php
index 4069f2ab7c641ec3c21df2b48189cc8866e9d86a..c5ca0883d76b0e8683e430992ea9a8a5c65f37b8 100644
--- a/lib/installer.php
+++ b/lib/installer.php
@@ -287,22 +287,23 @@ class OC_Installer{
* This function installs all apps found in the 'apps' directory that should be enabled by default;
*/
public static function installShippedApps(){
- $dir = opendir( OC::$APPSROOT."/apps" );
- while( false !== ( $filename = readdir( $dir ))){
- if( substr( $filename, 0, 1 ) != '.' and is_dir(OC::$APPSROOT."/apps/$filename") ){
- if( file_exists( OC::$APPSROOT."/apps/$filename/appinfo/app.php" )){
- if(!OC_Installer::isInstalled($filename)){
- $info=OC_App::getAppInfo($filename);
- $enabled = isset($info['default_enable']);
- if( $enabled ){
- OC_Installer::installShippedApp($filename);
- OC_Appconfig::setValue($filename,'enabled','yes');
+ if($dir = opendir( OC::$APPSROOT."/apps" )){
+ while( false !== ( $filename = readdir( $dir ))){
+ if( substr( $filename, 0, 1 ) != '.' and is_dir(OC::$APPSROOT."/apps/$filename") ){
+ if( file_exists( OC::$APPSROOT."/apps/$filename/appinfo/app.php" )){
+ if(!OC_Installer::isInstalled($filename)){
+ $info=OC_App::getAppInfo($filename);
+ $enabled = isset($info['default_enable']);
+ if( $enabled ){
+ OC_Installer::installShippedApp($filename);
+ OC_Appconfig::setValue($filename,'enabled','yes');
+ }
}
}
}
}
+ closedir( $dir );
}
- closedir( $dir );
}
/**
diff --git a/lib/util.php b/lib/util.php
index 5cd66ca12eee51db28a596bacfa5b7700d415d0a..d5d0d771a85aed0658ddda88fa746852ada9ca10 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -83,7 +83,7 @@ class OC_Util {
* @return array
*/
public static function getVersion(){
- return array(4,00,2);
+ return array(4,00,3);
}
/**
@@ -91,7 +91,7 @@ class OC_Util {
* @return string
*/
public static function getVersionString(){
- return '4.0.2';
+ return '4.0.3a';
}
/**
diff --git a/settings/js/log.js b/settings/js/log.js
index 6063c7d9a9fe8cb41834e832a1f8416b31c6f3ae..fe2e92f7a867f04fd08361d0f794432f4fd55ea0 100644
--- a/settings/js/log.js
+++ b/settings/js/log.js
@@ -39,7 +39,7 @@ OC.Log={
row.append(appTd);
var messageTd=$('<td/>');
- messageTd.text(entry.message);
+ messageTd.html(entry.message);
row.append(messageTd);
var timeTd=$('<td/>');
diff --git a/settings/templates/admin.php b/settings/templates/admin.php
index 9f839cf74916567dc83c1a744ec803f6ae88172e..f8c515369e6b5e8acecadbc252aec354f2310d13 100644
--- a/settings/templates/admin.php
+++ b/settings/templates/admin.php
@@ -42,7 +42,7 @@ if(!$_['htaccessworking']) {
<?php echo $entry->app;?>
</td>
<td>
- <?php echo htmlentities($entry->message);?>
+ <?php echo $entry->message;?>
</td>
<td>
<?php echo OC_Util::formatDate($entry->time);?>