summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2012-02-19move stale file removal to it's own functionFlorian Pritz1-5/+9
This shouldn't be needed and it's also pretty slow. No need to run it with ever cronjob. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19file/cron: make accessible via CLI onlyFlorian Pritz1-1/+6
In production environments the cronjob might run quite some time and could be used to overload the server. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19file/cron: close dir handles after useFlorian Pritz1-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19file/cron: clean up stale filesFlorian Pritz1-0/+33
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19Implement CSP for direct file downloadsFlorian Pritz1-0/+3
With this header we tell the browser to ignore javascript, frames and objects which decreases the exploitability of simple html pastes if viewed raw ("<domain>/<id>", without a tailing slash) quite a lot. You can still upload arbitrary files containing javascript code, but the browser will refuse to execute it. References: https://wiki.mozilla.org/Security/CSP/Specification Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19encode special chars in some placesFlorian Pritz2-3/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-18check for apache modules in htaccess filesFlorian Pritz2-5/+10
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-14define $HOME if it's not defined alreadyFlorian Pritz2-0/+7
Some scripts might rely on it being defined. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-14install.php: rework perl dependency checkFlorian Pritz2-17/+15
It now displays all missing modules at once rather than requiring to be run again. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-14INSTALL: fix path to config filesFlorian Pritz1-2/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-14install.php: redirect perl errors to stdoutFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-14bump geshi to 1.0.8.10Florian Pritz207-497/+11171
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-01-25strip base64 decoded file of special charsFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-01-25allow client to overwrite filenameFlorian Pritz1-1/+12
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-20add Text::Markdown to install_helper.plFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18remove superfluous spaceFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18uplaod_from: fix feature description for binary filesFlorian Pritz1-1/+1
/ID/plain will work too. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18fix left over mime2extension call and commentsFlorian Pritz1-4/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18only calculate field lengths for cli clientsFlorian Pritz1-5/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18factorise mode detectionFlorian Pritz1-8/+36
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18improve readability of download()Florian Pritz1-13/+17
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18use the same date for if-modified-since everywhereFlorian Pritz1-2/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18remove parameter of client()Florian Pritz1-4/+4
Parameters of controller functions are treated as url parameter so file/client/0 would also disable the headers. The cli client has empty headers anyway so just check that. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18fix missing space on upload_historyFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18ignore is_installed fileFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18display more information on delete_formFlorian Pritz3-5/+51
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18add delete icon on upload_historyFlorian Pritz4-0/+76
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17install.php: lock after a successful runFlorian Pritz1-0/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17install.php: remove reference to db.sqlFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17mention install.php in INSTALLFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17use PATH in install.php; fix qrencode testFlorian Pritz1-6/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17use perl from PATH and copy markdown.pl to scripts/Florian Pritz3-6/+155
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17remove php code from upload_from.jsFlorian Pritz2-4/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17move JS of upload_form to separate fileFlorian Pritz3-65/+67
The code hardly changes so it should be cached by the browser. This won't work if it's inlined. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17use migrations; automatically set up the databaseFlorian Pritz5-55/+75
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17add short features description to upload_formFlorian Pritz2-1/+17
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17default.css: fix whitespacesFlorian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-28Merge commit 'v2.1.0'Florian Pritz64-496/+4293
Conflicts: user_guide/changelog.html user_guide/database/active_record.html user_guide/database/caching.html user_guide/database/call_function.html user_guide/database/configuration.html user_guide/database/connecting.html user_guide/database/examples.html user_guide/database/fields.html user_guide/database/forge.html user_guide/database/helpers.html user_guide/database/index.html user_guide/database/queries.html user_guide/database/results.html user_guide/database/table_data.html user_guide/database/transactions.html user_guide/database/utilities.html user_guide/doc_style/index.html user_guide/general/alternative_php.html user_guide/general/ancillary_classes.html user_guide/general/autoloader.html user_guide/general/caching.html user_guide/general/cli.html user_guide/general/common_functions.html user_guide/general/controllers.html user_guide/general/core_classes.html user_guide/general/creating_drivers.html user_guide/general/creating_libraries.html user_guide/general/credits.html user_guide/general/drivers.html user_guide/general/environments.html user_guide/general/errors.html user_guide/general/helpers.html user_guide/general/hooks.html user_guide/general/libraries.html user_guide/general/managing_apps.html user_guide/general/models.html user_guide/general/profiling.html user_guide/general/quick_reference.html user_guide/general/requirements.html user_guide/general/reserved_names.html user_guide/general/routing.html user_guide/general/security.html user_guide/general/styleguide.html user_guide/general/urls.html user_guide/general/views.html user_guide/helpers/array_helper.html user_guide/helpers/captcha_helper.html user_guide/helpers/cookie_helper.html user_guide/helpers/date_helper.html user_guide/helpers/directory_helper.html user_guide/helpers/download_helper.html user_guide/helpers/email_helper.html user_guide/helpers/file_helper.html user_guide/helpers/form_helper.html user_guide/helpers/html_helper.html user_guide/helpers/inflector_helper.html user_guide/helpers/language_helper.html user_guide/helpers/number_helper.html user_guide/helpers/path_helper.html user_guide/helpers/security_helper.html user_guide/helpers/smiley_helper.html user_guide/helpers/string_helper.html user_guide/helpers/text_helper.html user_guide/helpers/typography_helper.html user_guide/helpers/url_helper.html user_guide/helpers/xml_helper.html user_guide/images/appflowchart.gif user_guide/index.html user_guide/installation/downloads.html user_guide/installation/index.html user_guide/installation/troubleshooting.html user_guide/installation/upgrade_120.html user_guide/installation/upgrade_130.html user_guide/installation/upgrade_131.html user_guide/installation/upgrade_132.html user_guide/installation/upgrade_133.html user_guide/installation/upgrade_140.html user_guide/installation/upgrade_141.html user_guide/installation/upgrade_150.html user_guide/installation/upgrade_152.html user_guide/installation/upgrade_153.html user_guide/installation/upgrade_154.html user_guide/installation/upgrade_160.html user_guide/installation/upgrade_161.html user_guide/installation/upgrade_162.html user_guide/installation/upgrade_163.html user_guide/installation/upgrade_170.html user_guide/installation/upgrade_171.html user_guide/installation/upgrade_172.html user_guide/installation/upgrade_200.html user_guide/installation/upgrade_201.html user_guide/installation/upgrade_202.html user_guide/installation/upgrade_203.html user_guide/installation/upgrade_b11.html user_guide/installation/upgrading.html user_guide/libraries/benchmark.html user_guide/libraries/caching.html user_guide/libraries/calendar.html user_guide/libraries/cart.html user_guide/libraries/config.html user_guide/libraries/email.html user_guide/libraries/encryption.html user_guide/libraries/file_uploading.html user_guide/libraries/form_validation.html user_guide/libraries/ftp.html user_guide/libraries/image_lib.html user_guide/libraries/input.html user_guide/libraries/javascript.html user_guide/libraries/language.html user_guide/libraries/loader.html user_guide/libraries/output.html user_guide/libraries/pagination.html user_guide/libraries/parser.html user_guide/libraries/security.html user_guide/libraries/sessions.html user_guide/libraries/table.html user_guide/libraries/trackback.html user_guide/libraries/typography.html user_guide/libraries/unit_testing.html user_guide/libraries/uri.html user_guide/libraries/user_agent.html user_guide/libraries/xmlrpc.html user_guide/libraries/zip.html user_guide/license.html user_guide/nav/nav.js user_guide/overview/appflow.html user_guide/overview/at_a_glance.html user_guide/overview/cheatsheets.html user_guide/overview/features.html user_guide/overview/getting_started.html user_guide/overview/goals.html user_guide/overview/index.html user_guide/overview/mvc.html user_guide/toc.html Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-22Readded PDO drivers.Phil Sturgeon5-15/+565
2011-11-18remove unused TODOFlorian Pritz1-0/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-18add install.phpFlorian Pritz2-0/+66
For now this only checks if some dependencies are install. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-18use full path to perl executable when calling mimetypeFlorian Pritz1-1/+1
Everywhere else we already do it like that. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-18don't display "latest client" link if there is no clientFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-14Merge branch 'release/2.1.0'Pascal Kriete202-731/+5366
Conflicts: user_guide/helpers/url_helper.html
2011-11-14Changelogging and setting release date.Pascal Kriete1-2/+3
2011-11-14Tweaking the xss filter for IE <comment> tags, parameter injection, and ↵Pascal Kriete1-50/+41
weird html5 attributes.
2011-11-14Removing stray docblocksPascal Kriete1-12/+0
2011-11-13More changelog tweaking.Phil Sturgeon1-0/+3
2011-11-13Added TLS and SSL support to Email library. Fixes issue #171Radu Potop1-1/+19
2011-11-13Resolved issue 65 - made action on form_open_multipart helper function call ↵Ben Edmunds1-1/+1
optional