4.5.2

Merge pull request #335 from owncloud/sharing_folder_sync_stable45
Sharing folder sync stable45
2012-11-13 22:06:13 +01:00 · 2012-11-13 07:28:03 -08:00 · 2012-11-13 16:04:27 +01:00 · 2012-11-13 15:32:38 +01:00 · 2012-11-12 12:21:42 -08:00 · 2012-11-12 07:49:06 -08:00
87 changed files with 1516 additions and 929 deletions
@@ -19,4 +19,8 @@ RewriteRule ^apps/contacts/carddav.php remote.php/carddav/ [QSA,L]
 RewriteRule ^apps/([^/]*)/(.*\.(css|php))$ index.php?app=$1&getfile=$2 [QSA,L]
 RewriteRule ^remote/(.*) remote.php [QSA,L]
 </IfModule>
+<IfModule mod_mime.c>
+AddType image/svg+xml svg svgz
+AddEncoding gzip svgz
+</IfModule>
 Options -Indexes
@@ -363,6 +363,7 @@ class MDB2_Driver_Manager_pgsql extends MDB2_Driver_Manager_Common
            return MDB2_OK;
        }

+        $unquoted_name = $name;
        $name = $db->quoteIdentifier($name, true);

        if (!empty($changes['remove']) && is_array($changes['remove'])) {
@@ -398,6 +399,7 @@ class MDB2_Driver_Manager_pgsql extends MDB2_Driver_Manager_Common

        if (!empty($changes['change']) && is_array($changes['change'])) {
            foreach ($changes['change'] as $field_name => $field) {
+                $unquoted_field_name = $field_name;
                $field_name = $db->quoteIdentifier($field_name, true);
                if (!empty($field['definition']['type'])) {
                    $server_info = $db->getServerVersion();
@@ -419,7 +421,14 @@ class MDB2_Driver_Manager_pgsql extends MDB2_Driver_Manager_Common
                        return $result;
                    }
                }
-                if (array_key_exists('default', $field['definition'])) {
+                if (array_key_exists('autoincrement', $field['definition'])) {
+                    $query = "ALTER $field_name SET DEFAULT nextval(".$db->quote($unquoted_name.'_'.$unquoted_field_name.'_seq', 'text').")";
+                    $result = $db->exec("ALTER TABLE $name $query");
+                    if (PEAR::isError($result)) {
+                        return $result;
+                    }
+                }
+                elseif (array_key_exists('default', $field['definition'])) {
                    $query = "ALTER $field_name SET DEFAULT ".$db->quote($field['definition']['default'], $field['definition']['type']);
                    $result = $db->exec("ALTER TABLE $name $query");
                    if (PEAR::isError($result)) {
@@ -1,11 +1,11 @@
 /*
- * FullCalendar v1.5.3 Stylesheet
+ * FullCalendar v1.5.4 Stylesheet
 *
 * Copyright (c) 2011 Adam Shaw
 * Dual licensed under the MIT and GPL licenses, located in
 * MIT-LICENSE.txt and GPL-LICENSE.txt respectively.
 *
- * Date: Mon Feb 6 22:40:40 2012 -0800
+ * Date: Tue Sep 4 23:38:33 2012 -0700
 *
 */

@@ -1,5 +1,5 @@
 /*
- * FullCalendar v1.5.3 Print Stylesheet
+ * FullCalendar v1.5.4 Print Stylesheet
 *
 * Include this stylesheet on your page to get a more printer-friendly calendar.
 * When including this stylesheet, use the media='print' attribute of the <link> tag.
@@ -9,7 +9,7 @@
 * Dual licensed under the MIT and GPL licenses, located in
 * MIT-LICENSE.txt and GPL-LICENSE.txt respectively.
 *
- * Date: Mon Feb 6 22:40:40 2012 -0800
+ * Date: Tue Sep 4 23:38:33 2012 -0700
 *
 */
 
@@ -1,6 +1,6 @@
 /**
 * @preserve
- * FullCalendar v1.5.3
+ * FullCalendar v1.5.4
 * http://arshaw.com/fullcalendar/
 *
 * Use fullcalendar.css for basic styling.
@@ -11,7 +11,7 @@
 * Dual licensed under the MIT and GPL licenses, located in
 * MIT-LICENSE.txt and GPL-LICENSE.txt respectively.
 *
- * Date: Mon Feb 6 22:40:40 2012 -0800
+ * Date: Tue Sep 4 23:38:33 2012 -0700
 *
 */
 
@@ -111,7 +111,7 @@ var rtlDefaults = {



-var fc = $.fullCalendar = { version: "1.5.3" };
+var fc = $.fullCalendar = { version: "1.5.4" };
 var fcViews = fc.views = {};


@@ -1658,7 +1658,7 @@ function sliceSegs(events, visEventEnds, start, end) {
 				msLength: segEnd - segStart
 			});
 		}
-	} 
+	}
 	return segs.sort(segCmp);
 }

@@ -1742,29 +1742,26 @@ function setOuterHeight(element, height, includeMargins) {
 }


-// TODO: curCSS has been deprecated (jQuery 1.4.3 - 10/16/2010)
-
-
 function hsides(element, includeMargins) {
 	return hpadding(element) + hborders(element) + (includeMargins ? hmargins(element) : 0);
 }


 function hpadding(element) {
-	return (parseFloat($.curCSS(element[0], 'paddingLeft', true)) || 0) +
-	       (parseFloat($.curCSS(element[0], 'paddingRight', true)) || 0);
+	return (parseFloat($.css(element[0], 'paddingLeft', true)) || 0) +
+	       (parseFloat($.css(element[0], 'paddingRight', true)) || 0);
 }


 function hmargins(element) {
-	return (parseFloat($.curCSS(element[0], 'marginLeft', true)) || 0) +
-	       (parseFloat($.curCSS(element[0], 'marginRight', true)) || 0);
+	return (parseFloat($.css(element[0], 'marginLeft', true)) || 0) +
+	       (parseFloat($.css(element[0], 'marginRight', true)) || 0);
 }


 function hborders(element) {
-	return (parseFloat($.curCSS(element[0], 'borderLeftWidth', true)) || 0) +
-	       (parseFloat($.curCSS(element[0], 'borderRightWidth', true)) || 0);
+	return (parseFloat($.css(element[0], 'borderLeftWidth', true)) || 0) +
+	       (parseFloat($.css(element[0], 'borderRightWidth', true)) || 0);
 }


@@ -1774,20 +1771,20 @@ function vsides(element, includeMargins) {


 function vpadding(element) {
-	return (parseFloat($.curCSS(element[0], 'paddingTop', true)) || 0) +
-	       (parseFloat($.curCSS(element[0], 'paddingBottom', true)) || 0);
+	return (parseFloat($.css(element[0], 'paddingTop', true)) || 0) +
+	       (parseFloat($.css(element[0], 'paddingBottom', true)) || 0);
 }


 function vmargins(element) {
-	return (parseFloat($.curCSS(element[0], 'marginTop', true)) || 0) +
-	       (parseFloat($.curCSS(element[0], 'marginBottom', true)) || 0);
+	return (parseFloat($.css(element[0], 'marginTop', true)) || 0) +
+	       (parseFloat($.css(element[0], 'marginBottom', true)) || 0);
 }


 function vborders(element) {
-	return (parseFloat($.curCSS(element[0], 'borderTopWidth', true)) || 0) +
-	       (parseFloat($.curCSS(element[0], 'borderBottomWidth', true)) || 0);
+	return (parseFloat($.css(element[0], 'borderTopWidth', true)) || 0) +
+	       (parseFloat($.css(element[0], 'borderBottomWidth', true)) || 0);
 }


@@ -1956,7 +1953,6 @@ function firstDefined() {
 }


-
 fcViews.month = MonthView;

 function MonthView(element, calendar) {
@@ -4662,7 +4658,7 @@ function DayEventRenderer() {
 					"</span>";
 			}
 			html +=
-				"<span class='fc-event-title'>" + event.title + "</span>" +
+				"<span class='fc-event-title'>" + htmlEscape(event.title) + "</span>" +
 				"</div>";
 			if (seg.isEnd && isEventResizable(event)) {
 				html +=
@@ -1,6 +1,6 @@
 /*

- FullCalendar v1.5.3
+ FullCalendar v1.5.4
 http://arshaw.com/fullcalendar/

 Use fullcalendar.css for basic styling.
@@ -11,7 +11,7 @@
 Dual licensed under the MIT and GPL licenses, located in
 MIT-LICENSE.txt and GPL-LICENSE.txt respectively.

- Date: Mon Feb 6 22:40:40 2012 -0800
+ Date: Tue Sep 4 23:38:33 2012 -0700

 */
 (function(m,ma){function wb(a){m.extend(true,Ya,a)}function Yb(a,b,e){function d(k){if(E){u();q();na();S(k)}else f()}function f(){B=b.theme?"ui":"fc";a.addClass("fc");b.isRTL&&a.addClass("fc-rtl");b.theme&&a.addClass("ui-widget");E=m("<div class='fc-content' style='position:relative'/>").prependTo(a);C=new Zb(X,b);(P=C.render())&&a.prepend(P);y(b.defaultView);m(window).resize(oa);t()||g()}function g(){setTimeout(function(){!n.start&&t()&&S()},0)}function l(){m(window).unbind("resize",oa);C.destroy();
@@ -39,10 +39,10 @@ a[12])*1E3);lb(e,b)}else{e.setUTCFullYear(a[1],a[3]?a[3]-1:0,a[5]||1);e.setUTCHo
 10):0)}}function Oa(a,b,e){return ib(a,null,b,e)}function ib(a,b,e,d){d=d||Ya;var f=a,g=b,l,j=e.length,t,y,S,Q="";for(l=0;l<j;l++){t=e.charAt(l);if(t=="'")for(y=l+1;y<j;y++){if(e.charAt(y)=="'"){if(f){Q+=y==l+1?"'":e.substring(l+1,y);l=y}break}}else if(t=="(")for(y=l+1;y<j;y++){if(e.charAt(y)==")"){l=Oa(f,e.substring(l+1,y),d);if(parseInt(l.replace(/\D/,""),10))Q+=l;l=y;break}}else if(t=="[")for(y=l+1;y<j;y++){if(e.charAt(y)=="]"){t=e.substring(l+1,y);l=Oa(f,t,d);if(l!=Oa(g,t,d))Q+=l;l=y;break}}else if(t==
 "{"){f=b;g=a}else if(t=="}"){f=a;g=b}else{for(y=j;y>l;y--)if(S=dc[e.substring(l,y)]){if(f)Q+=S(f,d);l=y-1;break}if(y==l)if(f)Q+=t}}return Q}function Ua(a){return a.end?ec(a.end,a.allDay):ba(N(a.start),1)}function ec(a,b){a=N(a);return b||a.getHours()||a.getMinutes()?ba(a,1):Ka(a)}function fc(a,b){return(b.msLength-a.msLength)*100+(a.event.start-b.event.start)}function Cb(a,b){return a.end>b.start&&a.start<b.end}function nb(a,b,e,d){var f=[],g,l=a.length,j,t,y,S,Q;for(g=0;g<l;g++){j=a[g];t=j.start;
 y=b[g];if(y>e&&t<d){if(t<e){t=N(e);S=false}else{t=t;S=true}if(y>d){y=N(d);Q=false}else{y=y;Q=true}f.push({event:j,start:t,end:y,isStart:S,isEnd:Q,msLength:y-t})}}return f.sort(fc)}function ob(a){var b=[],e,d=a.length,f,g,l,j;for(e=0;e<d;e++){f=a[e];for(g=0;;){l=false;if(b[g])for(j=0;j<b[g].length;j++)if(Cb(b[g][j],f)){l=true;break}if(l)g++;else break}if(b[g])b[g].push(f);else b[g]=[f]}return b}function Db(a,b,e){a.unbind("mouseover").mouseover(function(d){for(var f=d.target,g;f!=this;){g=f;f=f.parentNode}if((f=
-g._fci)!==ma){g._fci=ma;g=b[f];e(g.event,g.element,g);m(d.target).trigger(d)}d.stopPropagation()})}function Va(a,b,e){for(var d=0,f;d<a.length;d++){f=m(a[d]);f.width(Math.max(0,b-pb(f,e)))}}function Eb(a,b,e){for(var d=0,f;d<a.length;d++){f=m(a[d]);f.height(Math.max(0,b-Sa(f,e)))}}function pb(a,b){return gc(a)+hc(a)+(b?ic(a):0)}function gc(a){return(parseFloat(m.curCSS(a[0],"paddingLeft",true))||0)+(parseFloat(m.curCSS(a[0],"paddingRight",true))||0)}function ic(a){return(parseFloat(m.curCSS(a[0],
-"marginLeft",true))||0)+(parseFloat(m.curCSS(a[0],"marginRight",true))||0)}function hc(a){return(parseFloat(m.curCSS(a[0],"borderLeftWidth",true))||0)+(parseFloat(m.curCSS(a[0],"borderRightWidth",true))||0)}function Sa(a,b){return jc(a)+kc(a)+(b?Fb(a):0)}function jc(a){return(parseFloat(m.curCSS(a[0],"paddingTop",true))||0)+(parseFloat(m.curCSS(a[0],"paddingBottom",true))||0)}function Fb(a){return(parseFloat(m.curCSS(a[0],"marginTop",true))||0)+(parseFloat(m.curCSS(a[0],"marginBottom",true))||0)}
-function kc(a){return(parseFloat(m.curCSS(a[0],"borderTopWidth",true))||0)+(parseFloat(m.curCSS(a[0],"borderBottomWidth",true))||0)}function Za(a,b){b=typeof b=="number"?b+"px":b;a.each(function(e,d){d.style.cssText+=";min-height:"+b+";_height:"+b})}function xb(){}function Gb(a,b){return a-b}function Hb(a){return Math.max.apply(Math,a)}function Pa(a){return(a<10?"0":"")+a}function jb(a,b){if(a[b]!==ma)return a[b];b=b.split(/(?=[A-Z])/);for(var e=b.length-1,d;e>=0;e--){d=a[b[e].toLowerCase()];if(d!==
-ma)return d}return a[""]}function Qa(a){return a.replace(/&/g,"&amp;").replace(/</g,"&lt;").replace(/>/g,"&gt;").replace(/'/g,"&#039;").replace(/"/g,"&quot;").replace(/\n/g,"<br />")}function Ib(a){return a.id+"/"+a.className+"/"+a.style.cssText.replace(/(^|;)\s*(top|left|width|height)\s*:[^;]*/ig,"")}function qb(a){a.attr("unselectable","on").css("MozUserSelect","none").bind("selectstart.ui",function(){return false})}function ab(a){a.children().removeClass("fc-first fc-last").filter(":first-child").addClass("fc-first").end().filter(":last-child").addClass("fc-last")}
+g._fci)!==ma){g._fci=ma;g=b[f];e(g.event,g.element,g);m(d.target).trigger(d)}d.stopPropagation()})}function Va(a,b,e){for(var d=0,f;d<a.length;d++){f=m(a[d]);f.width(Math.max(0,b-pb(f,e)))}}function Eb(a,b,e){for(var d=0,f;d<a.length;d++){f=m(a[d]);f.height(Math.max(0,b-Sa(f,e)))}}function pb(a,b){return gc(a)+hc(a)+(b?ic(a):0)}function gc(a){return(parseFloat(m.css(a[0],"paddingLeft",true))||0)+(parseFloat(m.css(a[0],"paddingRight",true))||0)}function ic(a){return(parseFloat(m.css(a[0],"marginLeft",
+true))||0)+(parseFloat(m.css(a[0],"marginRight",true))||0)}function hc(a){return(parseFloat(m.css(a[0],"borderLeftWidth",true))||0)+(parseFloat(m.css(a[0],"borderRightWidth",true))||0)}function Sa(a,b){return jc(a)+kc(a)+(b?Fb(a):0)}function jc(a){return(parseFloat(m.css(a[0],"paddingTop",true))||0)+(parseFloat(m.css(a[0],"paddingBottom",true))||0)}function Fb(a){return(parseFloat(m.css(a[0],"marginTop",true))||0)+(parseFloat(m.css(a[0],"marginBottom",true))||0)}function kc(a){return(parseFloat(m.css(a[0],
+"borderTopWidth",true))||0)+(parseFloat(m.css(a[0],"borderBottomWidth",true))||0)}function Za(a,b){b=typeof b=="number"?b+"px":b;a.each(function(e,d){d.style.cssText+=";min-height:"+b+";_height:"+b})}function xb(){}function Gb(a,b){return a-b}function Hb(a){return Math.max.apply(Math,a)}function Pa(a){return(a<10?"0":"")+a}function jb(a,b){if(a[b]!==ma)return a[b];b=b.split(/(?=[A-Z])/);for(var e=b.length-1,d;e>=0;e--){d=a[b[e].toLowerCase()];if(d!==ma)return d}return a[""]}function Qa(a){return a.replace(/&/g,
+"&amp;").replace(/</g,"&lt;").replace(/>/g,"&gt;").replace(/'/g,"&#039;").replace(/"/g,"&quot;").replace(/\n/g,"<br />")}function Ib(a){return a.id+"/"+a.className+"/"+a.style.cssText.replace(/(^|;)\s*(top|left|width|height)\s*:[^;]*/ig,"")}function qb(a){a.attr("unselectable","on").css("MozUserSelect","none").bind("selectstart.ui",function(){return false})}function ab(a){a.children().removeClass("fc-first fc-last").filter(":first-child").addClass("fc-first").end().filter(":last-child").addClass("fc-last")}
 function rb(a,b){a.each(function(e,d){d.className=d.className.replace(/^fc-\w*/,"fc-"+lc[b.getDay()])})}function Jb(a,b){var e=a.source||{},d=a.color,f=e.color,g=b("eventColor"),l=a.backgroundColor||d||e.backgroundColor||f||b("eventBackgroundColor")||g;d=a.borderColor||d||e.borderColor||f||b("eventBorderColor")||g;a=a.textColor||e.textColor||b("eventTextColor");b=[];l&&b.push("background-color:"+l);d&&b.push("border-color:"+d);a&&b.push("color:"+a);return b.join(";")}function $a(a,b,e){if(m.isFunction(a))a=
 [a];if(a){var d,f;for(d=0;d<a.length;d++)f=a[d].apply(b,e)||f;return f}}function Ta(){for(var a=0;a<arguments.length;a++)if(arguments[a]!==ma)return arguments[a]}function mc(a,b){function e(j,t){if(t){hb(j,t);j.setDate(1)}j=N(j,true);j.setDate(1);t=hb(N(j),1);var y=N(j),S=N(t),Q=f("firstDay"),q=f("weekends")?0:1;if(q){Fa(y);Fa(S,-1,true)}ba(y,-((y.getDay()-Math.max(Q,q)+7)%7));ba(S,(7-S.getDay()+Math.max(Q,q))%7);Q=Math.round((S-y)/(Ab*7));if(f("weekMode")=="fixed"){ba(S,(6-Q)*7);Q=6}d.title=l(j,
 f("titleFormat"));d.start=j;d.end=t;d.visStart=y;d.visEnd=S;g(6,Q,q?5:7,true)}var d=this;d.render=e;sb.call(d,a,b,"month");var f=d.opt,g=d.renderBasic,l=b.formatDate}function nc(a,b){function e(j,t){t&&ba(j,t*7);j=ba(N(j),-((j.getDay()-f("firstDay")+7)%7));t=ba(N(j),7);var y=N(j),S=N(t),Q=f("weekends");if(!Q){Fa(y);Fa(S,-1,true)}d.title=l(y,ba(N(S),-1),f("titleFormat"));d.start=j;d.end=t;d.visStart=y;d.visEnd=S;g(1,1,Q?7:5,false)}var d=this;d.render=e;sb.call(d,a,b,"basicWeek");var f=d.opt,g=d.renderBasic,
@@ -106,7 +106,7 @@ t,y=-1,S=-1;for(t=0;t<l;t++)if(g>=e[t][0]&&g<e[t][1]){y=t;break}for(t=0;t<j;t++)
 g=l=null;a.build();b(t);d=y||"mousemove";m(document).bind(d,b)};e.stop=function(){m(document).unbind(d,b);return l}}function xc(a){if(a.pageX===ma){a.pageX=a.originalEvent.pageX;a.pageY=a.originalEvent.pageY}}function Pb(a){function b(l){return d[l]=d[l]||a(l)}var e=this,d={},f={},g={};e.left=function(l){return f[l]=f[l]===ma?b(l).position().left:f[l]};e.right=function(l){return g[l]=g[l]===ma?e.left(l)+b(l).width():g[l]};e.clear=function(){d={};f={};g={}}}var Ya={defaultView:"month",aspectRatio:1.35,
 header:{left:"title",center:"",right:"today prev,next"},weekends:true,allDayDefault:true,ignoreTimezone:true,lazyFetching:true,startParam:"start",endParam:"end",titleFormat:{month:"MMMM yyyy",week:"MMM d[ yyyy]{ '&#8212;'[ MMM] d yyyy}",day:"dddd, MMM d, yyyy"},columnFormat:{month:"ddd",week:"ddd M/d",day:"dddd M/d"},timeFormat:{"":"h(:mm)t"},isRTL:false,firstDay:0,monthNames:["January","February","March","April","May","June","July","August","September","October","November","December"],monthNamesShort:["Jan",
 "Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"],dayNames:["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],dayNamesShort:["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],buttonText:{prev:"&nbsp;&#9668;&nbsp;",next:"&nbsp;&#9658;&nbsp;",prevYear:"&nbsp;&lt;&lt;&nbsp;",nextYear:"&nbsp;&gt;&gt;&nbsp;",today:"today",month:"month",week:"week",day:"day"},theme:false,buttonIcons:{prev:"circle-triangle-w",next:"circle-triangle-e"},unselectAuto:true,dropAccept:"*"},yc=
-{header:{left:"next,prev today",center:"",right:"title"},buttonText:{prev:"&nbsp;&#9658;&nbsp;",next:"&nbsp;&#9668;&nbsp;",prevYear:"&nbsp;&gt;&gt;&nbsp;",nextYear:"&nbsp;&lt;&lt;&nbsp;"},buttonIcons:{prev:"circle-triangle-e",next:"circle-triangle-w"}},Aa=m.fullCalendar={version:"1.5.3"},Ja=Aa.views={};m.fn.fullCalendar=function(a){if(typeof a=="string"){var b=Array.prototype.slice.call(arguments,1),e;this.each(function(){var f=m.data(this,"fullCalendar");if(f&&m.isFunction(f[a])){f=f[a].apply(f,
+{header:{left:"next,prev today",center:"",right:"title"},buttonText:{prev:"&nbsp;&#9658;&nbsp;",next:"&nbsp;&#9668;&nbsp;",prevYear:"&nbsp;&gt;&gt;&nbsp;",nextYear:"&nbsp;&lt;&lt;&nbsp;"},buttonIcons:{prev:"circle-triangle-e",next:"circle-triangle-w"}},Aa=m.fullCalendar={version:"1.5.4"},Ja=Aa.views={};m.fn.fullCalendar=function(a){if(typeof a=="string"){var b=Array.prototype.slice.call(arguments,1),e;this.each(function(){var f=m.data(this,"fullCalendar");if(f&&m.isFunction(f[a])){f=f[a].apply(f,
 b);if(e===ma)e=f;a=="destroy"&&m.removeData(this,"fullCalendar")}});if(e!==ma)return e;return this}var d=a.eventSources||[];delete a.eventSources;if(a.events){d.push(a.events);delete a.events}a=m.extend(true,{},Ya,a.isRTL||a.isRTL===ma&&Ya.isRTL?yc:{},a);this.each(function(f,g){f=m(g);g=new Yb(f,a,d);f.data("fullCalendar",g);g.render()});return this};Aa.sourceNormalizers=[];Aa.sourceFetchers=[];var ac={dataType:"json",cache:false},bc=1;Aa.addDays=ba;Aa.cloneDate=N;Aa.parseDate=kb;Aa.parseISO8601=
 Bb;Aa.parseTime=mb;Aa.formatDate=Oa;Aa.formatDates=ib;var lc=["sun","mon","tue","wed","thu","fri","sat"],Ab=864E5,cc=36E5,wc=6E4,dc={s:function(a){return a.getSeconds()},ss:function(a){return Pa(a.getSeconds())},m:function(a){return a.getMinutes()},mm:function(a){return Pa(a.getMinutes())},h:function(a){return a.getHours()%12||12},hh:function(a){return Pa(a.getHours()%12||12)},H:function(a){return a.getHours()},HH:function(a){return Pa(a.getHours())},d:function(a){return a.getDate()},dd:function(a){return Pa(a.getDate())},
 ddd:function(a,b){return b.dayNamesShort[a.getDay()]},dddd:function(a,b){return b.dayNames[a.getDay()]},M:function(a){return a.getMonth()+1},MM:function(a){return Pa(a.getMonth()+1)},MMM:function(a,b){return b.monthNamesShort[a.getMonth()]},MMMM:function(a,b){return b.monthNames[a.getMonth()]},yy:function(a){return(a.getFullYear()+"").substring(2)},yyyy:function(a){return a.getFullYear()},t:function(a){return a.getHours()<12?"a":"p"},tt:function(a){return a.getHours()<12?"am":"pm"},T:function(a){return a.getHours()<
@@ -1,11 +1,11 @@
 /*
- * FullCalendar v1.5.3 Google Calendar Plugin
+ * FullCalendar v1.5.4 Google Calendar Plugin
 *
 * Copyright (c) 2011 Adam Shaw
 * Dual licensed under the MIT and GPL licenses, located in
 * MIT-LICENSE.txt and GPL-LICENSE.txt respectively.
 *
- * Date: Mon Feb 6 22:40:40 2012 -0800
+ * Date: Tue Sep 4 23:38:33 2012 -0700
 *
 */
 
@@ -2000,7 +2000,7 @@ class CF_Object
 //         }

 		//use OC's mimetype detection for files
-		if(is_file($handle)){
+		if(@is_file($handle)){
 			$this->content_type=OC_Helper::getMimeType($handle);
 		}else{
 			$this->content_type=OC_Helper::getStringMimeType($handle);
@@ -2537,7 +2537,7 @@ class CF_Object
            }
            $md5 = hash_final($ctx, false);
            rewind($data);
-        } elseif ((string)is_file($data)) {
+        } elseif ((string)@is_file($data)) {
            $md5 = md5_file($data);
        } else {
            $md5 = md5($data);
@@ -229,6 +229,8 @@ class smb {
 	}

 	function addstatcache ($url, $info) {
+		$url = str_replace('//', '/', $url);
+		$url = rtrim($url, '/');
 		global $__smb_cache;
 		$is_file = (strpos ($info['attr'],'D') === FALSE);
 		$s = ($is_file) ? stat ('/etc/passwd') : stat ('/tmp');
@@ -238,11 +240,15 @@ class smb {
 	}

 	function getstatcache ($url) {
+		$url = str_replace('//', '/', $url);
+		$url = rtrim($url, '/');
 		global $__smb_cache;
 		return isset ($__smb_cache['stat'][$url]) ? $__smb_cache['stat'][$url] : FALSE;
 	}

 	function clearstatcache ($url='') {
+		$url = str_replace('//', '/', $url);
+		$url = rtrim($url, '/');
 		global $__smb_cache;
 		if ($url == '') $__smb_cache['stat'] = array (); else unset ($__smb_cache['stat'][$url]);
 	}
@@ -358,16 +364,22 @@ class smb_stream_wrapper extends smb {
 	# cache

 	function adddircache ($url, $content) {
+		$url = str_replace('//', '/', $url);
+		$url = rtrim($url, '/');
 		global $__smb_cache;
 		return $__smb_cache['dir'][$url] = $content;
 	}

 	function getdircache ($url) {
+		$url = str_replace('//', '/', $url);
+		$url = rtrim($url, '/');
 		global $__smb_cache;
 		return isset ($__smb_cache['dir'][$url]) ? $__smb_cache['dir'][$url] : FALSE;
 	}

 	function cleardircache ($url='') {
+		$url = str_replace('//', '/', $url);
+		$url = rtrim($url, '/');
 		global $__smb_cache;
 		if ($url == ''){
 			$__smb_cache['dir'] = array ();
@@ -32,7 +32,7 @@ $htaccessWorking=(getenv('htaccessWorking')=='true');
 $upload_max_filesize = OCP\Util::computerFileSize(ini_get('upload_max_filesize'));
 $post_max_size = OCP\Util::computerFileSize(ini_get('post_max_size'));
 $maxUploadFilesize = OCP\Util::humanFileSize(min($upload_max_filesize, $post_max_size));
-if($_POST) {
+if($_POST && OC_Util::isCallRegistered()) {
 	if(isset($_POST['maxUploadSize'])) {
 		if(($setMaxSize = OC_Files::setUploadLimit(OCP\Util::computerFileSize($_POST['maxUploadSize']))) !== false) {
 			$maxUploadFilesize = OCP\Util::humanFileSize($setMaxSize);
@@ -9,7 +9,7 @@ OCP\JSON::callCheck();
 // Get data
 $dir = stripslashes($_GET["dir"]);
 $file = stripslashes($_GET["file"]);
-$target = stripslashes($_GET["target"]);
+$target = stripslashes(urldecode($_GET["target"]));


 if(OC_Files::move($dir, $file, $target, $file)) {
@@ -20,8 +20,8 @@
 * The final URL will look like http://.../remote.php/filesync/oc_chunked/path/to/file
 */

-// only need filesystem apps
-$RUNTIME_APPTYPES=array('filesystem','authentication');
+// load needed apps
+$RUNTIME_APPTYPES=array('filesystem','authentication','logging');
 OC_App::loadApps($RUNTIME_APPTYPES);
 if(!OC_User::isLoggedIn()) {
        if(!isset($_SERVER['PHP_AUTH_USER'])) {
@@ -22,8 +22,8 @@
 * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
 *
 */
-// only need filesystem apps
-$RUNTIME_APPTYPES=array('filesystem','authentication');
+// load needed apps
+$RUNTIME_APPTYPES=array('filesystem','authentication','logging');
 OC_App::loadApps($RUNTIME_APPTYPES);

 // Backends
@@ -5,10 +5,10 @@ $installedVersion=OCP\Config::getAppValue('files', 'installed_version');
 if (version_compare($installedVersion, '1.1.6', '<')) {
 	$query = OC_DB::prepare( "SELECT `propertyname`, `propertypath`, `userid` FROM `*PREFIX*properties`" );
 	$result = $query->execute();
+	$updateQuery = OC_DB::prepare('UPDATE `*PREFIX*properties` SET `propertyname` = ? WHERE `userid` = ? AND `propertypath` = ?');
 	while( $row = $result->fetchRow()){
 		if ( $row["propertyname"][0] != '{' ) {
-			$query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertyname` = ? WHERE `userid` = ? AND `propertypath` = ?' );
-			$query->execute( array( '{DAV:}' + $row["propertyname"], $row["userid"], $row["propertypath"] ));
+			$updateQuery->execute(array('{DAV:}' + $row["propertyname"], $row["userid"], $row["propertypath"]));
 		}
 	}
 }
@@ -36,7 +36,7 @@ if(!isset($_SESSION['timezone'])) {
 }
 OCP\App::setActiveNavigationEntry( 'files_index' );
 // Load the files
-$dir = isset( $_GET['dir'] ) ? stripslashes($_GET['dir']) : '';
+$dir = isset( $_GET['dir'] ) ? urldecode(stripslashes($_GET['dir'])) : '';
 // Redirect if directory does not exist
 if(!OC_Filesystem::is_dir($dir.'/')) {
 	header('Location: '.$_SERVER['SCRIPT_NAME'].'');
@@ -15,9 +15,9 @@ var FileList={
 			extension=false;
 		}
 		html+='<td class="filename" style="background-image:url('+img+')"><input type="checkbox" />';
-		html+='<a class="name" href="download.php?file='+$('#dir').val().replace(/</, '&lt;').replace(/>/, '&gt;')+'/'+name+'"><span class="nametext">'+basename;
+		html+='<a class="name" href="download.php?file='+$('#dir').val().replace(/</, '&lt;').replace(/>/, '&gt;')+'/'+escapeHTML(name)+'"><span class="nametext">'+escapeHTML(basename);
 		if(extension){
-			html+='<span class="extension">'+extension+'</span>';
+			html+='<span class="extension">'+escapeHTML(extension)+'</span>';
 		}
 		html+='</span></a></td>';
 		if(size!='Pending'){
@@ -189,9 +189,9 @@ var FileList={
 	checkName:function(oldName, newName, isNewFile) {
 		if (isNewFile || $('tr').filterAttr('data-file', newName).length > 0) {
 			if (isNewFile) {
-				$('#notification').html(newName+' '+t('files', 'already exists')+'<span class="replace">'+t('files', 'replace')+'</span><span class="suggest">'+t('files', 'suggest name')+'</span><span class="cancel">'+t('files', 'cancel')+'</span>');
+				$('#notification').html(escapeHTML(newName)+' '+t('files', 'already exists')+'<span class="replace">'+t('files', 'replace')+'</span><span class="suggest">'+t('files', 'suggest name')+'</span><span class="cancel">'+t('files', 'cancel')+'</span>');
 			} else {
-				$('#notification').html(newName+' '+t('files', 'already exists')+'<span class="replace">'+t('files', 'replace')+'</span><span class="cancel">'+t('files', 'cancel')+'</span>');
+				$('#notification').html(escapeHTML(newName)+' '+t('files', 'already exists')+'<span class="replace">'+t('files', 'replace')+'</span><span class="cancel">'+t('files', 'cancel')+'</span>');
 			}
 			$('#notification').data('oldName', oldName);
 			$('#notification').data('newName', newName);
@@ -272,9 +272,9 @@ var FileList={
 		} else {
 			// NOTE: Temporary fix to change the text to unshared for files in root of Shared folder
 			if ($('#dir').val() == '/Shared') {
-				$('#notification').html(t('files', 'unshared')+' '+files+'<span class="undo">'+t('files', 'undo')+'</span>');
+				$('#notification').html(t('files', 'unshared')+' '+ escapeHTML(files) +'<span class="undo">'+t('files', 'undo')+'</span>');
 			} else {
-				$('#notification').html(t('files', 'deleted')+' '+files+'<span class="undo">'+t('files', 'undo')+'</span>');
+				$('#notification').html(t('files', 'deleted')+' '+ escapeHTML(files)+'<span class="undo">'+t('files', 'undo')+'</span>');
 			}
 			$('#notification').fadeIn();
 		}
@@ -373,4 +373,7 @@ $(document).ready(function(){
 			FileList.lastAction();
 		}
 	});
+	$(window).unload(function (){
+		$(window).trigger('beforeunload');
+	});
 });
@@ -11,6 +11,7 @@
 			<input name="maxZipInputSize" id="maxZipInputSize" style="width:180px;" value='<?php echo $_['maxZipInputSize'] ?>' title="<?php echo $l->t( '0 is unlimited' ); ?>"<?php if (!$_['allowZipDownload']) echo ' disabled="disabled"'; ?> />
 			<label for="maxZipInputSize"><?php echo $l->t( 'Maximum input size for ZIP files' ); ?> </label><br />

+		<input type="hidden" value="<?php echo $_['requesttoken']; ?>" name="requesttoken" />
 		<input type="submit" name="submitFilesAdminSettings" id="submitFilesAdminSettings" value="<?php echo $l->t( 'Save' ); ?>"/>
 	</fieldset>
 </form>
@@ -14,6 +14,8 @@
 			<div class="file_upload_wrapper svg">
 				<form data-upload-id='1' id="data-upload-form" class="file_upload_form" action="<?php echo OCP\Util::linkTo('files', 'ajax/upload.php'); ?>" method="post" enctype="multipart/form-data" target="file_upload_target_1">
 					<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $_['uploadMaxFilesize'] ?>" id="max_upload">
+					<!-- Send the requesttoken, this is needed for older IE versions because they don't send the CSRF token via HTTP header in this case -->
+					<input type="hidden" name="requesttoken" value="<?php echo $_['requesttoken'] ?>" id="requesttoken">
 					<input type="hidden" class="max_human_file_size" value="(max <?php echo $_['uploadMaxHumanFilesize']; ?>)">
 					<input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir">
 					<input class="file_upload_start" type="file" name='files[]'/>
@@ -1,3 +1,12 @@
+		<script type="text/javascript">
+		<?php if ( array_key_exists('publicListView', $_) && $_['publicListView'] == true ) {
+			echo "var publicListView = true;";
+		} else {
+			echo "var publicListView = false;";
+		}
+		?>
+		</script>
+		
 		<?php foreach($_['files'] as $file):
 			$simple_file_size = OCP\simple_file_size($file['size']);
 			$simple_size_color = intval(200-$file['size']/(1024*1024)*2); // the bigger the file, the darker the shade of grey; megabytes*2
@@ -109,10 +109,10 @@ class OC_Mount_Config {
 		return $personal;
 	}

-	/**
-	 * Add directory for mount point to the filesystem
-	 * @param OC_Fileview instance $view
-	 * @param string path to mount point
+	/**
+	 * Add directory for mount point to the filesystem
+	 * @param OC_Fileview instance $view
+	 * @param string path to mount point
 	 */
 	private static function addMountPointDirectory($view, $path) {
 		$dir = '';
@@ -285,9 +285,17 @@ class OC_Mount_Config {
 	public static function getCertificates() {
 		$view = \OCP\Files::getStorage('files_external');
 		$path=\OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").'uploads/';
-		if (!is_dir($path)) mkdir($path);
+		\OCP\Util::writeLog('files_external', 'checking path '.$path, \OCP\Util::INFO);
+		if(!is_dir($path)) {
+			//path might not exist (e.g. non-standard OC_User::getHome() value)
+			//in this case create full path using 3rd (recursive=true) parameter.
+			mkdir($path, 0777, true);
+		}
 		$result = array();
 		$handle = opendir($path);
+		if (!$handle) {
+			return array();
+		}
 		while (false !== ($file = readdir($handle))) {
 			if($file != '.' && $file != '..') $result[] = $file;
 		}
@@ -19,7 +19,15 @@ class OC_FileStorage_FTP extends OC_FileStorage_StreamWrapper{
 		$this->host=$params['host'];
 		$this->user=$params['user'];
 		$this->password=$params['password'];
-		$this->secure=isset($params['secure'])?(bool)$params['secure']:false;
+		if(isset($params['secure'])){
+			if(is_string($params['secure'])){
+				$this->secure = ($params['secure'] === 'true');
+			}else{
+				$this->secure = (bool)$params['secure'];
+			}
+		}else{
+			$this->secure = false;
+		}
 		$this->root=isset($params['root'])?$params['root']:'/';
 		if(!$this->root || $this->root[0]!='/') {
 			$this->root='/'.$this->root;
@@ -59,7 +59,7 @@ class OC_FileStorage_SMB extends OC_FileStorage_StreamWrapper{
 	}

 	public function filetype($path) {
-		return (bool)@$this->opendir($path);//using opendir causes the same amount of requests and caches the content of the folder in one go
+		return (bool)@$this->opendir($path) ? 'dir' : 'file';//using opendir causes the same amount of requests and caches the content of the folder in one go
 	}

 	/**
@@ -39,7 +39,7 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
 	 * @return string
 	 */
 	private function getContainerName($path) {
-		$path=trim($this->root.$path,'/');
+		$path=trim(trim($this->root,'/')."/".$path,'/.');
 		return str_replace('/','\\',$path);
 	}

@@ -70,11 +70,11 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
 	 * @return CF_Container
 	 */
 	private function createContainer($path) {
-		if($path=='' or $path=='/') {
+		if($path=='' or $path=='/' or $path=='.') {
 			return $this->conn->create_container($this->getContainerName($path));
 		}
 		$parent=dirname($path);
-		if($parent=='' or $parent=='/') {
+		if($parent=='' or $parent=='/' or $parent=='.') {
 			$parentContainer=$this->rootContainer;
 		}else{
 			if(!$this->containerExists($parent)) {
@@ -100,6 +100,9 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
 		if(is_null($container)) {
 			return null;
 		}else{
+			if ($path=="/" or $path=='') {
+				return null;
+			}
 			try{
 				$obj=$container->get_object(basename($path));
 				$this->objects[$path]=$obj;
@@ -135,7 +138,7 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
 	private function createObject($path) {
 		$container=$this->getContainer(dirname($path));
 		if(!is_null($container)) {
-			$container=$this->createContainer($path);
+			$container=$this->createContainer(dirname($path));
 		}
 		return $container->create_object(basename($path));
 	}
@@ -268,7 +271,15 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
 		$this->host=$params['host'];
 		$this->user=$params['user'];
 		$this->root=isset($params['root'])?$params['root']:'/';
-		$this->secure=isset($params['secure'])?(bool)$params['secure']:true;
+		if(isset($params['secure'])){
+			if(is_string($params['secure'])){
+				$this->secure = ($params['secure'] === 'true');
+			}else{
+				$this->secure = (bool)$params['secure'];
+			}
+		}else{
+			$this->secure = false;
+		}
 		if(!$this->root || $this->root[0]!='/') {
 			$this->root='/'.$this->root;
 		}
@@ -277,7 +288,7 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{

 		$this->conn = new CF_Connection($this->auth);

-		if(!$this->containerExists($this->root)) {
+		if(!$this->containerExists('/')) {
 			$this->rootContainer=$this->createContainer('/');
 		}else{
 			$this->rootContainer=$this->getContainer('/');
@@ -391,6 +402,9 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
 	}

 	public function unlink($path) {
+		if($this->containerExists($path)) {
+			return $this->rmdir($path);
+		}
 		if($this->objectExists($path)) {
 			$container=$this->getContainer(dirname($path));
 			$container->delete_object(basename($path));
@@ -401,13 +415,13 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
 	}

 	public function fopen($path,$mode) {
-		$obj=$this->getObject($path);
-		if(is_null($obj)) {
-			return false;
-		}
 		switch($mode) {
 			case 'r':
 			case 'rb':
+				$obj=$this->getObject($path);
+				if (is_null($obj)) {
+					return false;
+				}
 				$fp = fopen('php://temp', 'r+');
 				$obj->stream($fp);

@@ -440,7 +454,7 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
 	}

 	public function free_space($path) {
-		return 0;
+		return 1024*1024*1024*8;
 	}

 	public function touch($path,$mtime=null) {
@@ -481,7 +495,17 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
 	}

 	public function stat($path) {
+		$container=$this->getContainer($path);
+		if (!is_null($container)) {
+			return array(
+				'mtime'=>-1,
+				'size'=>$container->bytes_used,
+				'ctime'=>-1
+			);
+		}
+
 		$obj=$this->getObject($path);
+
 		if(is_null($obj)) {
 			return false;
 		}
@@ -505,7 +529,7 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
 			$obj->save_to_filename($tmpFile);
 			return $tmpFile;
 		}else{
-			return false;
+			return OCP\Files::tmpFile();
 		}
 	}

@@ -27,7 +27,15 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{
 		$this->host=$host;
 		$this->user=$params['user'];
 		$this->password=$params['password'];
-		$this->secure=(isset($params['secure']) && $params['secure'] == 'true')?true:false;
+		if(isset($params['secure'])){
+			if(is_string($params['secure'])){
+				$this->secure = ($params['secure'] === 'true');
+			}else{
+				$this->secure = (bool)$params['secure'];
+			}
+		}else{
+			$this->secure = false;
+		}
 		$this->root=isset($params['root'])?$params['root']:'/';
 		if(!$this->root || $this->root[0]!='/') {
 			$this->root='/'.$this->root;
@@ -131,6 +139,9 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{
 		switch($mode) {
 			case 'r':
 			case 'rb':
+				if(!$this->file_exists($path)) {
+					return false;
+				}
 				//straight up curl instead of sabredav here, sabredav put's the entire get result in memory
 				$curl = curl_init();
 				$fp = fopen('php://temp', 'r+');
@@ -1,43 +1,42 @@
 <?php

 /**
-* ownCloud
-*
-* @author Michael Gapczynski
-* @copyright 2012 Michael Gapczynski mtgap@owncloud.com
-*
-* This library is free software; you can redistribute it and/or
-* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
-* License as published by the Free Software Foundation; either
-* version 3 of the License, or any later version.
-*
-* This library is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
-*
-* You should have received a copy of the GNU Affero General Public
-* License along with this library.  If not, see <http://www.gnu.org/licenses/>.
-*/
+ * ownCloud
+ *
+ * @author Michael Gapczynski
+ * @copyright 2012 Michael Gapczynski mtgap@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ */

-$config = include('apps/files_external/tests/config.php');
-if (!is_array($config) or !isset($config['amazons3']) or !$config['amazons3']['run']) {
-	abstract class Test_Filestorage_AmazonS3 extends Test_FileStorage{}
-	return;
-} else {
-	class Test_Filestorage_AmazonS3 extends Test_FileStorage {
+class Test_Filestorage_AmazonS3 extends Test_FileStorage {

-		private $config;
-		private $id;
+	private $config;
+	private $id;

-		public function setUp() {
-			$id = uniqid();
-			$this->config = include('apps/files_external/tests/config.php');
-			$this->config['amazons3']['bucket'] = $id; // Make sure we have a new empty bucket to work in
-			$this->instance = new OC_Filestorage_AmazonS3($this->config['amazons3']);
+	public function setUp() {
+		$id = uniqid();
+		$this->config = include('files_external/tests/config.php');
+		if (!is_array($this->config) or !isset($this->config['amazons3']) or !$this->config['amazons3']['run']) {
+			$this->markTestSkipped('AmazonS3 backend not configured');
 		}
+		$this->config['amazons3']['bucket'] = $id; // Make sure we have a new empty bucket to work in
+		$this->instance = new OC_Filestorage_AmazonS3($this->config['amazons3']);
+	}

-		public function tearDown() {
+	public function tearDown() {
+		if ($this->instance) {
 			$s3 = new AmazonS3(array('key' => $this->config['amazons3']['key'], 'secret' => $this->config['amazons3']['secret']));
 			if ($s3->delete_all_objects($this->id)) {
 				$s3->delete_bucket($this->id);
@@ -26,7 +26,7 @@ return array(
 		'run'=>false,
 		'user'=>'test:tester',
 		'token'=>'testing',
-		'host'=>'localhost:8080/auth',
+		'host'=>'localhost.local:8080/auth',
 		'root'=>'/',
 	),
 	'smb'=>array(
@@ -6,22 +6,21 @@
 * See the COPYING-README file.
 */

-$config=include('files_external/tests/config.php');
-if(!is_array($config) or !isset($config['dropbox']) or !$config['dropbox']['run']) {
-	abstract class Test_Filestorage_Dropbox extends Test_FileStorage{}
-	return;
-}else{
-	class Test_Filestorage_Dropbox extends Test_FileStorage {
-		private $config;
+class Test_Filestorage_Dropbox extends Test_FileStorage {
+	private $config;

-		public function setUp() {
-			$id=uniqid();
-			$this->config=include('files_external/tests/config.php');
-			$this->config['dropbox']['root'].='/'.$id;//make sure we have an new empty folder to work in
-			$this->instance=new OC_Filestorage_Dropbox($this->config['dropbox']);
+	public function setUp() {
+		$id = uniqid();
+		$this->config = include('files_external/tests/config.php');
+		if (!is_array($this->config) or !isset($this->config['dropbox']) or !$this->config['dropbox']['run']) {
+			$this->markTestSkipped('Dropbox backend not configured');
 		}
+		$this->config['dropbox']['root'] .= '/' . $id; //make sure we have an new empty folder to work in
+		$this->instance = new OC_Filestorage_Dropbox($this->config['dropbox']);
+	}

-		public function tearDown() {
+	public function tearDown() {
+		if ($this->instance) {
 			$this->instance->unlink('/');
 		}
 	}
@@ -6,23 +6,40 @@
 * See the COPYING-README file.
 */

-$config=include('apps/files_external/tests/config.php');
-if(!is_array($config) or !isset($config['ftp']) or !$config['ftp']['run']) {
-	abstract class Test_Filestorage_FTP extends Test_FileStorage{}
-	return;
-}else{
-	class Test_Filestorage_FTP extends Test_FileStorage {
-		private $config;
+class Test_Filestorage_FTP extends Test_FileStorage {
+	private $config;

-		public function setUp() {
-			$id=uniqid();
-			$this->config=include('apps/files_external/tests/config.php');
-			$this->config['ftp']['root'].='/'.$id;//make sure we have an new empty folder to work in
-			$this->instance=new OC_Filestorage_FTP($this->config['ftp']);
+	public function setUp() {
+		$id = uniqid();
+		$this->config = include('files_external/tests/config.php');
+		if (!is_array($this->config) or !isset($this->config['ftp']) or !$this->config['ftp']['run']) {
+			$this->markTestSkipped('FTP backend not configured');
 		}
+		$this->config['ftp']['root'] .= '/' . $id; //make sure we have an new empty folder to work in
+		$this->instance = new OC_Filestorage_FTP($this->config['ftp']);
+	}

-		public function tearDown() {
+	public function tearDown() {
+		if ($this->instance) {
 			OCP\Files::rmdirr($this->instance->constructUrl(''));
 		}
 	}
+
+	public function testConstructUrl(){
+		$config = array ( 'host' => 'localhost', 'user' => 'ftp', 'password' => 'ftp', 'root' => '/', 'secure' => false );
+		$instance = new OC_Filestorage_FTP($config);
+		$this->assertEqual('ftp://ftp:ftp@localhost/', $instance->constructUrl(''));
+
+		$config['secure'] = true;
+		$instance = new OC_Filestorage_FTP($config);
+		$this->assertEqual('ftps://ftp:ftp@localhost/', $instance->constructUrl(''));
+
+		$config['secure'] = 'false';
+		$instance = new OC_Filestorage_FTP($config);
+		$this->assertEqual('ftp://ftp:ftp@localhost/', $instance->constructUrl(''));
+
+		$config['secure'] = 'true';
+		$instance = new OC_Filestorage_FTP($config);
+		$this->assertEqual('ftps://ftp:ftp@localhost/', $instance->constructUrl(''));
+	}
 }
@@ -1,42 +1,41 @@
 <?php

 /**
-* ownCloud
-*
-* @author Michael Gapczynski
-* @copyright 2012 Michael Gapczynski mtgap@owncloud.com
-*
-* This library is free software; you can redistribute it and/or
-* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
-* License as published by the Free Software Foundation; either
-* version 3 of the License, or any later version.
-*
-* This library is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
-*
-* You should have received a copy of the GNU Affero General Public
-* License along with this library.  If not, see <http://www.gnu.org/licenses/>.
-*/
+ * ownCloud
+ *
+ * @author Michael Gapczynski
+ * @copyright 2012 Michael Gapczynski mtgap@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ */

-$config=include('apps/files_external/tests/config.php');
-if(!is_array($config) or !isset($config['google']) or !$config['google']['run']) {
-	abstract class Test_Filestorage_Google extends Test_FileStorage{}
-	return;
-}else{
-	class Test_Filestorage_Google extends Test_FileStorage {
+class Test_Filestorage_Google extends Test_FileStorage {

-		private $config;
+	private $config;

-		public function setUp() {
-			$id=uniqid();
-			$this->config=include('apps/files_external/tests/config.php');
-			$this->config['google']['root'].='/'.$id;//make sure we have an new empty folder to work in
-			$this->instance=new OC_Filestorage_Google($this->config['google']);
+	public function setUp() {
+		$id = uniqid();
+		$this->config = include('files_external/tests/config.php');
+		if (!is_array($this->config) or !isset($this->config['google']) or !$this->config['google']['run']) {
+			$this->markTestSkipped('Google backend not configured');
 		}
+		$this->config['google']['root'] .= '/' . $id; //make sure we have an new empty folder to work in
+		$this->instance = new OC_Filestorage_Google($this->config['google']);
+	}

-		public function tearDown() {
+	public function tearDown() {
+		if ($this->instance) {
 			$this->instance->rmdir('/');
 		}
 	}
@@ -6,23 +6,21 @@
 * See the COPYING-README file.
 */

-$config=include('apps/files_external/tests/config.php');
+class Test_Filestorage_SMB extends Test_FileStorage {
+	private $config;

-if(!is_array($config) or !isset($config['smb']) or !$config['smb']['run']) {
-	abstract class Test_Filestorage_SMB extends Test_FileStorage{}
-	return;
-}else{
-	class Test_Filestorage_SMB extends Test_FileStorage {
-		private $config;
-
-		public function setUp() {
-			$id=uniqid();
-			$this->config=include('apps/files_external/tests/config.php');
-			$this->config['smb']['root'].=$id;//make sure we have an new empty folder to work in
-			$this->instance=new OC_Filestorage_SMB($this->config['smb']);
+	public function setUp() {
+		$id = uniqid();
+		$this->config = include('files_external/tests/config.php');
+		if (!is_array($this->config) or !isset($this->config['smb']) or !$this->config['smb']['run']) {
+			$this->markTestSkipped('Samba backend not configured');
 		}
+		$this->config['smb']['root'] .= $id; //make sure we have an new empty folder to work in
+		$this->instance = new OC_Filestorage_SMB($this->config['smb']);
+	}

-		public function tearDown() {
+	public function tearDown() {
+		if ($this->instance) {
 			OCP\Files::rmdirr($this->instance->constructUrl(''));
 		}
 	}
@@ -6,25 +6,23 @@
 * See the COPYING-README file.
 */

-$config=include('apps/files_external/tests/config.php');
-if(!is_array($config) or !isset($config['swift']) or !$config['swift']['run']) {
-	abstract class Test_Filestorage_SWIFT extends Test_FileStorage{}
-	return;
-}else{
-	class Test_Filestorage_SWIFT extends Test_FileStorage {
-		private $config;
+class Test_Filestorage_SWIFT extends Test_FileStorage {
+	private $config;

-		public function setUp() {
-			$id=uniqid();
-			$this->config=include('apps/files_external/tests/config.php');
-			$this->config['swift']['root'].='/'.$id;//make sure we have an new empty folder to work in
-			$this->instance=new OC_Filestorage_SWIFT($this->config['swift']);
+	public function setUp() {
+		$id = uniqid();
+		$this->config = include('files_external/tests/config.php');
+		if (!is_array($this->config) or !isset($this->config['swift']) or !$this->config['swift']['run']) {
+			$this->markTestSkipped('OpenStack SWIFT backend not configured');
 		}
+		$this->config['swift']['root'] .= '/' . $id; //make sure we have an new empty folder to work in
+		$this->instance = new OC_Filestorage_SWIFT($this->config['swift']);
+	}


-		public function tearDown() {
-		    $this->instance->rmdir('');
+	public function tearDown() {
+		if ($this->instance) {
+			$this->instance->rmdir('');
 		}
-
 	}
 }
@@ -6,22 +6,21 @@
 * See the COPYING-README file.
 */

-$config=include('apps/files_external/tests/config.php');
-if(!is_array($config) or !isset($config['webdav']) or !$config['webdav']['run']) {
-	abstract class Test_Filestorage_DAV extends Test_FileStorage{}
-	return;
-}else{
-	class Test_Filestorage_DAV extends Test_FileStorage {
-		private $config;
+class Test_Filestorage_DAV extends Test_FileStorage {
+	private $config;

-		public function setUp() {
-			$id=uniqid();
-			$this->config=include('apps/files_external/tests/config.php');
-			$this->config['webdav']['root'].='/'.$id;//make sure we have an new empty folder to work in
-			$this->instance=new OC_Filestorage_DAV($this->config['webdav']);
+	public function setUp() {
+		$id = uniqid();
+		$this->config = include('files_external/tests/config.php');
+		if (!is_array($this->config) or !isset($this->config['webdav']) or !$this->config['webdav']['run']) {
+			$this->markTestSkipped('WebDAV backend not configured');
 		}
+		$this->config['webdav']['root'] .= '/' . $id; //make sure we have an new empty folder to work in
+		$this->instance = new OC_Filestorage_DAV($this->config['webdav']);
+	}

-		public function tearDown() {
+	public function tearDown() {
+		if ($this->instance) {
 			$this->instance->rmdir('/');
 		}
 	}
@@ -3,6 +3,7 @@
 OC::$CLASSPATH['OC_Share_Backend_File'] = "apps/files_sharing/lib/share/file.php";
 OC::$CLASSPATH['OC_Share_Backend_Folder'] = 'apps/files_sharing/lib/share/folder.php';
 OC::$CLASSPATH['OC_Filestorage_Shared'] = "apps/files_sharing/lib/sharedstorage.php";
+OC::$CLASSPATH['OC_Files_Sharing_Util'] = "apps/files_sharing/lib/util.php";
 OCP\Util::connectHook('OC_Filesystem', 'setup', 'OC_Filestorage_Shared', 'setup');
 OCP\Share::registerBackend('file', 'OC_Share_Backend_File');
 OCP\Share::registerBackend('folder', 'OC_Share_Backend_Folder', 'file');
@@ -55,6 +55,7 @@ if (version_compare($installedVersion, '0.3', '<')) {
 			OC_Util::tearDownFS();
 		}
 	}
+	OC_User::setUserId(null);
 	if ($update_error) {
 		OCP\Util::writeLog('files_sharing', 'There were some problems upgrading the sharing of files', OCP\Util::ERROR);
 	}
@@ -1,6 +1,6 @@
 $(document).ready(function() {

-	if (typeof OC.Share !== 'undefined' && typeof FileActions !== 'undefined') {
+	if (typeof OC.Share !== 'undefined' && typeof FileActions !== 'undefined'  && !publicListView) {
 		OC.Share.loadIcons('file');
 		FileActions.register('all', 'Share', OC.PERMISSION_READ, function(filename) {
 			// Return the correct sharing icon
@@ -46,7 +46,7 @@ $(document).ready(function() {
 			var appendTo = $(tr).find('td.filename');
 			// Check if drop down is already visible for a different file
 			if (OC.Share.droppedDown) {
-				if (item != $('#dropdown').data('item')) {
+				if ($(tr).data('id') != $('#dropdown').attr('data-item-source')) {
 					OC.Share.hideDropDown(function () {
 						$(tr).addClass('mouseOver');
 						OC.Share.showDropDown(itemType, $(tr).data('id'), appendTo, true, possiblePermissions);
@@ -112,8 +112,14 @@ class OC_Filestorage_Shared extends OC_Filestorage_Common {
 		if ($path == '' || $path == '/' || !$this->isCreatable(dirname($path))) {
 			return false;
 		} else if ($source = $this->getSourcePath($path)) {
+			$parts = explode('/', $source, 4);
+			$user =  $parts[1];
+			$intPath = '/'.$parts[3];
 			$storage = OC_Filesystem::getStorage($source);
-			return $storage->mkdir($this->getInternalPath($source));
+			if( ($storage->mkdir($this->getInternalPath($source))) ) {
+				OC_FileCache::put($intPath ,array('user'=>$user), '/'.$user.'/files');
+				return true;
+			}
 		}
 		return false;
 	}
@@ -296,10 +302,15 @@ class OC_Filestorage_Shared extends OC_Filestorage_Common {
 					'target' => $this->sharedFolder.$path,
 					'source' => $source,
 				);
-			OCP\Util::emitHook('OC_Filestorage_Shared', 'file_put_contents', $info);
+			OCP\Util::emitHook('OC_Filestorage_Shared', 'file_put_contents', $info);
+			$parts = explode('/', $source, 4);
+			$user =  $parts[1];
+			$intPath = '/'.$parts[3];
 			$storage = OC_Filesystem::getStorage($source);
-			$result = $storage->file_put_contents($this->getInternalPath($source), $data);
-			return $result;
+			if( ( $result = $storage->file_put_contents($this->getInternalPath($source), $data) ) ) {
+				OC_FileCache::put($intPath ,array('user'=>$user), '/'.$user.'/files');
+				return $result;
+			}	
 		}
 		return false;
 	}
@@ -368,17 +379,18 @@ class OC_Filestorage_Shared extends OC_Filestorage_Common {

 	public function fopen($path, $mode) {
 		if ($source = $this->getSourcePath($path)) {
+			$write = false;
 			switch ($mode) {
+				case 'w':
+				case 'wb':
+				case 'w+':
+				case 'wb+': $write = true;
 				case 'r+':
 				case 'rb+':
-				case 'w+':
-				case 'wb+':
 				case 'x+':
 				case 'xb+':
 				case 'a+':
 				case 'ab+':
-				case 'w':
-				case 'wb':
 				case 'x':
 				case 'xb':
 				case 'a':
@@ -394,6 +406,14 @@ class OC_Filestorage_Shared extends OC_Filestorage_Common {
 			);
 			OCP\Util::emitHook('OC_Filestorage_Shared', 'fopen', $info);
 			$storage = OC_Filesystem::getStorage($source);
+			
+			$parts = explode('/', $source, 4);
+			$user =  $parts[1];
+			$intPath = '/'.$parts[3];
+
+			if ( $write && $storage->touch($this->getInternalPath($source)) ) {
+				OC_FileCache::put($intPath ,array('user'=>$user), '/'.$user.'/files');
+			}
 			return $storage->fopen($this->getInternalPath($source), $mode);
 		}
 		return false;
@@ -0,0 +1,79 @@
+<?php
+/**
+ * ownCloud
+ *
+ * @author Bjoern Schiessle
+ * @copyright 2012 Bjoern Schiessle schiessle@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+
+class OC_Files_Sharing_Util {
+
+	private static $files = array();
+
+	/**
+	 * @brief Get the source file path and the permissions granted for a shared file
+	 * @param string Shared target file path
+	 * @return Returns array with the keys path and permissions or false if not found
+	 */
+	private static function getFile($target) {
+		$target = '/'.$target;
+		$target = rtrim($target, '/');
+		if (isset(self::$files[$target])) {
+			return self::$files[$target];
+		} else {
+			$pos = strpos($target, '/', 1);
+			// Get shared folder name
+			if ($pos !== false) {
+				$folder = substr($target, 0, $pos);
+				if (isset(self::$files[$folder])) {
+					$file = self::$files[$folder];
+				} else {
+					$file = OCP\Share::getItemSharedWith('folder', $folder, OC_Share_Backend_File::FORMAT_SHARED_STORAGE);
+				}
+				if ($file) {
+					self::$files[$target]['path'] = $file['path'].substr($target, strlen($folder));
+					self::$files[$target]['permissions'] = $file['permissions'];
+					return self::$files[$target];
+				}
+			} else {
+				$file = OCP\Share::getItemSharedWith('file', $target, OC_Share_Backend_File::FORMAT_SHARED_STORAGE);
+				if ($file) {
+					self::$files[$target] = $file;
+					return self::$files[$target];
+				}
+			}
+			OCP\Util::writeLog('files_sharing', 'File source not found for: '.$target, OCP\Util::ERROR);
+			return false;
+		}
+	}
+
+	/**
+	 * @brief Get the source file path for a shared file
+	 * @param string Shared target file path
+	 * @return Returns source file path or false if not found
+	 */
+	public static function getSourcePath($target) {
+		$file = self::getFile($target);
+		if (isset($file['path'])) {
+			$uid = substr($file['path'], 1, strpos($file['path'], '/', 1) - 1);
+			OC_Filesystem::mount('OC_Filestorage_Local', array('datadir' => OC_User::getHome($uid)), $uid);
+			return $file['path'];
+		}
+		return false;
+	}
+}
@@ -21,20 +21,43 @@ if (isset($_GET['token'])) {
 }
 // Enf of backward compatibility

+function getID($path) {
+	// use the share table from the db to find the item source if the file was reshared because shared files are not stored in the file cache.
+	if (substr(OC_Filesystem::getMountPoint($path), -7, 6) == "Shared") {
+		$path_parts = explode('/', $path, 5);
+		$user = $path_parts[1];
+		$intPath = '/'.$path_parts[4];
+		$query = \OC_DB::prepare('SELECT item_source FROM *PREFIX*share WHERE uid_owner = ? AND file_target = ? ');
+		$result = $query->execute(array($user, $intPath));
+		$row = $result->fetchRow();
+		$fileSource = $row['item_source'];
+	} else {
+		$fileSource = OC_Filecache::getId($path, '');
+	}
+	
+	return $fileSource;
+}
+
 if (isset($_GET['file']) || isset($_GET['dir'])) {
 	if (isset($_GET['dir'])) {
 		$type = 'folder';
 		$path = $_GET['dir'];
+		if(strlen($path)>1 and substr($path,-1,1)==='/') {
+			$path=substr($path,0,-1);
+		}
 		$baseDir = $path;
 		$dir = $baseDir;
 	} else {
 		$type = 'file';
 		$path = $_GET['file'];
+		if(strlen($path)>1 and substr($path,-1,1)==='/') {
+			$path=substr($path,0,-1);
+		}
 	}
 	$uidOwner = substr($path, 1, strpos($path, '/', 1) - 1);
 	if (OCP\User::userExists($uidOwner)) {
 		OC_Util::setupFS($uidOwner);
-		$fileSource = OC_Filecache::getId($path, '');
+		$fileSource = getID($path);
 		if ($fileSource != -1 && ($linkItem = OCP\Share::getItemSharedWithByLink($type, $fileSource, $uidOwner))) {
 			// TODO Fix in the getItems
 			if (!isset($linkItem['item_type']) || $linkItem['item_type'] != $type) {
@@ -45,6 +68,11 @@ if (isset($_GET['file']) || isset($_GET['dir'])) {
 			}
 			if (isset($linkItem['share_with'])) {
 				// Check password
+				if (isset($_GET['file'])) {
+					$url = OCP\Util::linkToPublic('files').'&file='.urlencode($_GET['file']);
+				} else {
+					$url = OCP\Util::linkToPublic('files').'&dir='.urlencode($_GET['dir']);
+				}
 				if (isset($_POST['password'])) {
 					$password = $_POST['password'];
 					$storedHash = $linkItem['share_with'];
@@ -52,7 +80,7 @@ if (isset($_GET['file']) || isset($_GET['dir'])) {
 					$hasher = new PasswordHash(8, $forcePortable);
 					if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''), $storedHash))) {
 						$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
-						$tmpl->assign('URL', OCP\Util::linkToPublic('files').'&file='.$_GET['file']);
+						$tmpl->assign('URL', $url);
 						$tmpl->assign('error', true);
 						$tmpl->printPage();
 						exit();
@@ -64,7 +92,7 @@ if (isset($_GET['file']) || isset($_GET['dir'])) {
 				} else if (!isset($_SESSION['public_link_authenticated']) || $_SESSION['public_link_authenticated'] !== $linkItem['id']) {
 					// Prompt for password
 					$tmpl = new OCP\Template('files_sharing', 'authenticate', 'guest');
-					$tmpl->assign('URL', OCP\Util::linkToPublic('files').'&file='.$_GET['file']);
+					$tmpl->assign('URL', $url);
 					$tmpl->printPage();
 					exit();
 				}
@@ -138,11 +166,12 @@ if (isset($_GET['file']) || isset($_GET['dir'])) {
 					}
 					$list = new OCP\Template('files', 'part.list', '');
 					$list->assign('files', $files, false);
-					$list->assign('baseURL', OCP\Util::linkToPublic('files').'&dir='.$_GET['dir'].'&path=', false);
-					$list->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path=', false);
+					$list->assign('publicListView', true);
+					$list->assign('baseURL', OCP\Util::linkToPublic('files').'&dir='.urlencode($_GET['dir']).'&path=', false);
+					$list->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.urlencode($_GET['dir']).'&path=', false);
 					$breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', '' );
 					$breadcrumbNav->assign('breadcrumb', $breadcrumb, false);
-					$breadcrumbNav->assign('baseURL', OCP\Util::linkToPublic('files').'&dir='.$_GET['dir'].'&path=', false);
+					$breadcrumbNav->assign('baseURL', OCP\Util::linkToPublic('files').'&dir='.urlencode($_GET['dir']).'&path=', false);
 					$folder = new OCP\Template('files', 'index', '');
 					$folder->assign('fileList', $list->fetchPage(), false);
 					$folder->assign('breadcrumb', $breadcrumbNav->fetchPage(), false);
@@ -164,7 +193,7 @@ if (isset($_GET['file']) || isset($_GET['dir'])) {
 					} else {
 						$getPath = '';
 					}
-					$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath);
+					$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.urlencode($_GET['dir']).'&path='.urlencode($getPath));
 				} else {
 					// Show file preview if viewer is available
 					$tmpl->assign('uidOwner', $uidOwner);
@@ -172,14 +201,14 @@ if (isset($_GET['file']) || isset($_GET['dir'])) {
 					$tmpl->assign('filename', basename($path));
 					$tmpl->assign('mimetype', OC_Filesystem::getMimeType($path));
 					if ($type == 'file') {
-						$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&file='.$_GET['file'].'&download');
+						$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&file='.urlencode($_GET['file']).'&download');
 					} else {
 						if (isset($_GET['path'])) {
 							$getPath = $_GET['path'];
 						} else {
 							$getPath = '';
 						}
-						$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.$_GET['dir'].'&path='.$getPath);
+						$tmpl->assign('downloadURL', OCP\Util::linkToPublic('files').'&download&dir='.urlencode($_GET['dir']).'&path='.urlencode($getPath));
 					}
 				}
 				$tmpl->printPage();
@@ -21,11 +21,11 @@ $(document).ready(function(){
 			}
 			,function(filename){
 				// Action to perform when clicked
-				if (scanFiles.scanning || !$('#dropdown').hasClass('drop-versions')){return;}//workaround to prevent additional http request block scanning feedback
+				if (scanFiles.scanning){return;}//workaround to prevent additional http request block scanning feedback

 				var file = $('#dir').val()+'/'+filename;
 				// Check if drop down is already visible for a different file
-				if (($('#dropdown').length > 0)) {
+				if (($('#dropdown').length > 0) && $('#dropdown').hasClass('drop-versions') ) {
 					if (file != $('#dropdown').data('file')) {
 						$('#dropdown').hide('blind', function() {
 							$('#dropdown').remove();
@@ -45,7 +45,7 @@ function createVersionsDropdown(filename, files) {

 	var historyUrl = OC.linkTo('files_versions', 'history.php') + '?path='+encodeURIComponent( $( '#dir' ).val() ).replace( /%2F/g, '/' )+'/'+encodeURIComponent( filename );

-	var html = '<div id="dropdown" class="drop drop-versions" data-file="'+files+'">';
+	var html = '<div id="dropdown" class="drop drop-versions" data-file="'+escapeHTML(files)+'">';
 	html += '<div id="private">';
 	html += '<select data-placeholder="Saved versions" id="found_versions" class="chzen-select" style="width:16em;">';
 	html += '<option value=""></option>';
@@ -73,7 +73,6 @@ function createVersionsDropdown(filename, files) {
 				$.each( versions, function(index, row ) {
 					addVersion( row );
 				});
-				$('#found_versions').chosen();
 			} else {
 				$('#found_versions').hide();
 				$('#makelink').hide();
@@ -64,7 +64,7 @@ class Hooks {
 		$abs_newpath = \OCP\Config::getSystemValue('datadirectory').$versions_fileview->getAbsolutePath('').$params['newpath'].'.v';
 		if(Storage::isversioned($rel_oldpath)) {
 			$info=pathinfo($abs_newpath);
-			if(!file_exists($info['dirname'])) mkdir($info['dirname'],0700,true);
+			if(!file_exists($info['dirname'])) mkdir($info['dirname'],0750,true);
 			$versions = Storage::getVersions($rel_oldpath);
 			foreach ($versions as $v) {
 				rename($abs_oldpath.$v['version'], $abs_newpath.$v['version']);
@@ -1,279 +1,278 @@
-<?php
-/**
- * Copyright (c) 2012 Frank Karlitschek <frank@owncloud.org>
- * This file is licensed under the Affero General Public License version 3 or
- * later.
- * See the COPYING-README file.
- */
-
-/**
- * Versions
- *
- * A class to handle the versioning of files.
- */
-
-namespace OCA_Versions;
-
-class Storage {
-
-
-	// config.php configuration:
-	//   - files_versions
-	//   - files_versionsfolder
-	//   - files_versionsblacklist
-	//   - files_versionsmaxfilesize
-	//   - files_versionsinterval
-	//   - files_versionmaxversions
-	//
-	// todo:
-	//   - finish porting to OC_FilesystemView to enable network transparency
-	//   - add transparent compression. first test if it´s worth it.
-
-	const DEFAULTENABLED=true;
-	const DEFAULTBLACKLIST='avi mp3 mpg mp4 ctmp';
-	const DEFAULTMAXFILESIZE=1048576; // 10MB
-	const DEFAULTMININTERVAL=60; // 1 min
-	const DEFAULTMAXVERSIONS=50;
-
-	private static function getUidAndFilename($filename)
-	{
-		if (\OCP\App::isEnabled('files_sharing')
-		    && substr($filename, 0, 7) == '/Shared'
-		    && $source = \OCP\Share::getItemSharedWith('file',
-					substr($filename, 7),
-					\OC_Share_Backend_File::FORMAT_SHARED_STORAGE)) {
-			$filename = $source['path'];
-			$pos = strpos($filename, '/files', 1);
-			$uid = substr($filename, 1, $pos - 1);
-			$filename = substr($filename, $pos + 6);
-		} else {
-			$uid = \OCP\User::getUser();
-		}
-		return array($uid, $filename);
-	}
-
-	/**
-	 * store a new version of a file.
-	 */
-	public function store($filename) {
-		if(\OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED)=='true') {
-			list($uid, $filename) = self::getUidAndFilename($filename);
-			$files_view = new \OC_FilesystemView('/'.$uid.'/files');
-			$users_view = new \OC_FilesystemView('/'.$uid);
-
-			//check if source file already exist as version to avoid recursions.
-			// todo does this check work?
-			if ($users_view->file_exists($filename)) {
-				return false;
-			}
-
-			// check if filename is a directory
-			if($files_view->is_dir($filename)) {
-				return false;
-			}
-
-			// check filetype blacklist
-			$blacklist=explode(' ',\OCP\Config::getSystemValue('files_versionsblacklist', Storage::DEFAULTBLACKLIST));
-			foreach($blacklist as $bl) {
-				$parts=explode('.', $filename);
-				$ext=end($parts);
-				if(strtolower($ext)==$bl) {
-					return false;
-				}
-			}
-			// we should have a source file to work with
-			if (!$files_view->file_exists($filename)) {
-				return false;
-			}
-
-			// check filesize
-			if($files_view->filesize($filename)>\OCP\Config::getSystemValue('files_versionsmaxfilesize', Storage::DEFAULTMAXFILESIZE)) {
-				return false;
-			}
-
-
-			// check mininterval if the file is being modified by the owner (all shared files should be versioned despite mininterval)
-			if ($uid == \OCP\User::getUser()) {
-				$versions_fileview = new \OC_FilesystemView('/'.$uid.'/files_versions');
-				$versionsFolderName=\OCP\Config::getSystemValue('datadirectory'). $versions_fileview->getAbsolutePath('');
-				$matches=glob($versionsFolderName.'/'.$filename.'.v*');
-				sort($matches);
-				$parts=explode('.v',end($matches));
-				if((end($parts)+Storage::DEFAULTMININTERVAL)>time()) {
-					return false;
-				}
-			}
-
-
-			// create all parent folders
-			$dirname = dirname($filename);
-			if(!$users_view->file_exists('/files_versions/'.$dirname)) {
-				$users_view->mkdir('/files_versions/'.$dirname,0700,true);
-			}
-
-			// store a new version of a file
-			$users_view->copy('files'.$filename, 'files_versions'.$filename.'.v'.time());
-
-			// expire old revisions if necessary
-			Storage::expire($filename);
-		}
-	}
-
-
-	/**
-	 * rollback to an old version of a file.
-	 */
-	public static function rollback($filename,$revision) {
-
-		if(\OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED)=='true') {
-			list($uid, $filename) = self::getUidAndFilename($filename);
-			$users_view = new \OC_FilesystemView('/'.$uid);
-
-			// rollback
-			if( @$users_view->copy('files_versions'.$filename.'.v'.$revision, 'files'.$filename) ) {
-
-				return true;
-
-			}else{
-
-				return false;
-
-			}
-
-		}
-
-	}
-
-	/**
-	 * check if old versions of a file exist.
-	 */
-	public static function isversioned($filename) {
-		if(\OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED)=='true') {
-			list($uid, $filename) = self::getUidAndFilename($filename);
-			$versions_fileview = new \OC_FilesystemView('/'.$uid.'/files_versions');
-
-			$versionsFolderName=\OCP\Config::getSystemValue('datadirectory'). $versions_fileview->getAbsolutePath('');
-
-			// check for old versions
-			$matches=glob($versionsFolderName.$filename.'.v*');
-			if(count($matches)>0) {
-				return true;
-			}else{
-				return false;
-			}
-		}else{
-			return(false);
-		}
-	}
-
-
-
-	/**
-	 * @brief get a list of all available versions of a file in descending chronological order
-	 * @param $filename file to find versions of, relative to the user files dir
-	 * @param $count number of versions to return
-	 * @returns array
-	 */
-	public static function getVersions( $filename, $count = 0 ) {
-
-		if( \OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED)=='true' ) {
-			list($uid, $filename) = self::getUidAndFilename($filename);
-			$versions_fileview = new \OC_FilesystemView('/'.$uid.'/files_versions');
-
-			$versionsFolderName = \OCP\Config::getSystemValue('datadirectory'). $versions_fileview->getAbsolutePath('');
-			$versions = array();
-
-			// fetch for old versions
-			$matches = glob( $versionsFolderName.'/'.$filename.'.v*' );
-
-			sort( $matches );
-
-			$i = 0;
-
-			$files_view = new \OC_FilesystemView('/'.$uid.'/files');
-			$local_file = $files_view->getLocalFile($filename);
-			foreach( $matches as $ma ) {
-
-				$i++;
-				$versions[$i]['cur'] = 0;
-				$parts = explode( '.v', $ma );
-				$versions[$i]['version'] = ( end( $parts ) );
-
-				// if file with modified date exists, flag it in array as currently enabled version
-				( \md5_file( $ma ) == \md5_file( $local_file ) ? $versions[$i]['fileMatch'] = 1 : $versions[$i]['fileMatch'] = 0 );
-
-			}
-
-			$versions = array_reverse( $versions );
-
-			foreach( $versions as $key => $value ) {
-
-				// flag the first matched file in array (which will have latest modification date) as current version
-				if ( $value['fileMatch'] ) {
-
-					$value['cur'] = 1;
-					break;
-
-				}
-
-			}
-
-			$versions = array_reverse( $versions );
-
-			// only show the newest commits
-			if( $count != 0 and ( count( $versions )>$count ) ) {
-
-				$versions = array_slice( $versions, count( $versions ) - $count );
-
-			}
-
-			return( $versions );
-
-
-		} else {
-
-			// if versioning isn't enabled then return an empty array
-			return( array() );
-
-		}
-
-	}
-
-	/**
-	 * @brief Erase a file's versions which exceed the set quota
-	 */
-	public static function expire($filename) {
-		if(\OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED)=='true') {
-			list($uid, $filename) = self::getUidAndFilename($filename);
-			$versions_fileview = new \OC_FilesystemView('/'.$uid.'/files_versions');
-
-			$versionsFolderName=\OCP\Config::getSystemValue('datadirectory'). $versions_fileview->getAbsolutePath('');
-
-			// check for old versions
-			$matches = glob( $versionsFolderName.'/'.$filename.'.v*' );
-
-			if( count( $matches ) > \OCP\Config::getSystemValue( 'files_versionmaxversions', Storage::DEFAULTMAXVERSIONS ) ) {
-
-				$numberToDelete = count($matches) - \OCP\Config::getSystemValue( 'files_versionmaxversions', Storage::DEFAULTMAXVERSIONS );
-
-				// delete old versions of a file
-				$deleteItems = array_slice( $matches, 0, $numberToDelete );
-
-				foreach( $deleteItems as $de ) {
-
-					unlink( $versionsFolderName.'/'.$filename.'.v'.$de );
-
-				}
-			}
-		}
-	}
-
-	/**
-	 * @brief Erase all old versions of all user files
-	 * @return true/false
-	 */
-	public function expireAll() {
-		$view = \OCP\Files::getStorage('files_versions');
-		return $view->deleteAll('', true);
-	}
-}
+<?php
+/**
+ * Copyright (c) 2012 Frank Karlitschek <frank@owncloud.org>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+/**
+ * Versions
+ *
+ * A class to handle the versioning of files.
+ */
+
+namespace OCA_Versions;
+
+class Storage {
+
+
+	// config.php configuration:
+	//   - files_versions
+	//   - files_versionsfolder
+	//   - files_versionsblacklist
+	//   - files_versionsmaxfilesize
+	//   - files_versionsinterval
+	//   - files_versionmaxversions
+	//
+	// todo:
+	//   - finish porting to OC_FilesystemView to enable network transparency
+	//   - add transparent compression. first test if it´s worth it.
+
+	const DEFAULTENABLED=true;
+	const DEFAULTBLACKLIST='avi mp3 mpg mp4 ctmp';
+	const DEFAULTMAXFILESIZE=1048576; // 10MB
+	const DEFAULTMININTERVAL=60; // 1 min
+	const DEFAULTMAXVERSIONS=50;
+
+	private static function getUidAndFilename($filename)
+	{
+		if (\OCP\App::isEnabled('files_sharing')
+		    && substr($filename, 0, 7) == '/Shared'
+		    && $source = \OCP\Share::getItemSharedWith('file',
+					substr($filename, 7),
+					\OC_Share_Backend_File::FORMAT_SHARED_STORAGE)) {
+			$filename = $source['path'];
+			$pos = strpos($filename, '/files', 1);
+			$uid = substr($filename, 1, $pos - 1);
+			$filename = substr($filename, $pos + 6);
+		} else {
+			$uid = \OCP\User::getUser();
+		}
+		return array($uid, $filename);
+	}
+
+	/**
+	 * store a new version of a file.
+	 */
+	public function store($filename) {
+		if(\OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED)=='true') {
+			list($uid, $filename) = self::getUidAndFilename($filename);
+			$files_view = new \OC_FilesystemView('/'.\OCP\User::getUser() .'/files');
+			$users_view = new \OC_FilesystemView('/'.\OCP\User::getUser());
+
+			//check if source file already exist as version to avoid recursions.
+			// todo does this check work?
+			if ($users_view->file_exists($filename)) {
+				return false;
+			}
+
+			// check if filename is a directory
+			if($files_view->is_dir($filename)) {
+				return false;
+			}
+
+			// check filetype blacklist
+			$blacklist=explode(' ',\OCP\Config::getSystemValue('files_versionsblacklist', Storage::DEFAULTBLACKLIST));
+			foreach($blacklist as $bl) {
+				$parts=explode('.', $filename);
+				$ext=end($parts);
+				if(strtolower($ext)==$bl) {
+					return false;
+				}
+			}
+			// we should have a source file to work with
+			if (!$files_view->file_exists($filename)) {
+				return false;
+			}
+
+			// check filesize
+			if($files_view->filesize($filename)>\OCP\Config::getSystemValue('files_versionsmaxfilesize', Storage::DEFAULTMAXFILESIZE)) {
+				return false;
+			}
+
+
+			// check mininterval if the file is being modified by the owner (all shared files should be versioned despite mininterval)
+			if ($uid == \OCP\User::getUser()) {
+				$versions_fileview = new \OC_FilesystemView('/'.\OCP\User::getUser().'/files_versions');
+				$versionsName=\OCP\Config::getSystemValue('datadirectory').$versions_fileview->getAbsolutePath($filename);
+				$versionsFolderName=\OCP\Config::getSystemValue('datadirectory').$versions_fileview->getAbsolutePath('');
+				$matches=glob($versionsName.'.v*');
+				sort($matches);
+				$parts=explode('.v',end($matches));
+				if((end($parts)+Storage::DEFAULTMININTERVAL)>time()) {
+					return false;
+				}
+			}
+
+
+			// create all parent folders
+			$info=pathinfo($filename);
+			if(!file_exists($versionsFolderName.'/'.$info['dirname'])) {
+				mkdir($versionsFolderName.'/'.$info['dirname'],0750,true);
+			}
+
+			// store a new version of a file
+			$users_view->copy('files'.$filename, 'files_versions'.$filename.'.v'.time());
+
+			// expire old revisions if necessary
+			Storage::expire($filename);
+		}
+	}
+
+
+	/**
+	 * rollback to an old version of a file.
+	 */
+	public static function rollback($filename,$revision) {
+
+		if(\OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED)=='true') {
+			list($uid, $filename) = self::getUidAndFilename($filename);
+			$users_view = new \OC_FilesystemView('/'.\OCP\User::getUser());
+
+			// rollback
+			if( @$users_view->copy('files_versions'.$filename.'.v'.$revision, 'files'.$filename) ) {
+
+				return true;
+
+			}else{
+
+				return false;
+
+			}
+
+		}
+
+	}
+
+	/**
+	 * check if old versions of a file exist.
+	 */
+	public static function isversioned($filename) {
+		if(\OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED)=='true') {
+			list($uid, $filename) = self::getUidAndFilename($filename);
+			$versions_fileview = new \OC_FilesystemView('/'.\OCP\User::getUser().'/files_versions');
+
+			$versionsName=\OCP\Config::getSystemValue('datadirectory').$versions_fileview->getAbsolutePath($filename);
+
+			// check for old versions
+			$matches=glob($versionsName.'.v*');
+			if(count($matches)>0) {
+				return true;
+			}else{
+				return false;
+			}
+		}else{
+			return(false);
+		}
+	}
+
+
+
+	/**
+	 * @brief get a list of all available versions of a file in descending chronological order
+	 * @param $filename file to find versions of, relative to the user files dir
+	 * @param $count number of versions to return
+	 * @returns array
+	 */
+	public static function getVersions( $filename, $count = 0 ) {
+		if( \OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED)=='true' ) {
+			list($uid, $filename) = self::getUidAndFilename($filename);
+			$versions_fileview = new \OC_FilesystemView('/'.\OCP\User::getUser().'/files_versions');
+
+			$versionsName = \OCP\Config::getSystemValue('datadirectory').$versions_fileview->getAbsolutePath($filename);
+			$versions = array();
+			// fetch for old versions
+			$matches = glob( $versionsName.'.v*' );
+
+			sort( $matches );
+
+			$i = 0;
+
+			$files_view = new \OC_FilesystemView('/'.\OCP\User::getUser().'/files');
+			$local_file = $files_view->getLocalFile($filename);
+			foreach( $matches as $ma ) {
+
+				$i++;
+				$versions[$i]['cur'] = 0;
+				$parts = explode( '.v', $ma );
+				$versions[$i]['version'] = ( end( $parts ) );
+
+				// if file with modified date exists, flag it in array as currently enabled version
+				( \md5_file( $ma ) == \md5_file( $local_file ) ? $versions[$i]['fileMatch'] = 1 : $versions[$i]['fileMatch'] = 0 );
+
+			}
+
+			$versions = array_reverse( $versions );
+
+			foreach( $versions as $key => $value ) {
+
+				// flag the first matched file in array (which will have latest modification date) as current version
+				if ( $value['fileMatch'] ) {
+
+					$value['cur'] = 1;
+					break;
+
+				}
+
+			}
+
+			$versions = array_reverse( $versions );
+
+			// only show the newest commits
+			if( $count != 0 and ( count( $versions )>$count ) ) {
+
+				$versions = array_slice( $versions, count( $versions ) - $count );
+
+			}
+
+			return( $versions );
+
+
+		} else {
+
+			// if versioning isn't enabled then return an empty array
+			return( array() );
+
+		}
+
+	}
+
+	/**
+	 * @brief Erase a file's versions which exceed the set quota
+	 */
+	public static function expire($filename) {
+		if(\OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED)=='true') {
+			list($uid, $filename) = self::getUidAndFilename($filename);
+			$versions_fileview = new \OC_FilesystemView('/'.$uid.'/files_versions');
+
+			$versionsName=\OCP\Config::getSystemValue('datadirectory').$versions_fileview->getAbsolutePath($filename);
+
+			// check for old versions
+			$matches = glob( $versionsName.'.v*' );
+
+			if( count( $matches ) > \OCP\Config::getSystemValue( 'files_versionmaxversions', Storage::DEFAULTMAXVERSIONS ) ) {
+
+				$numberToDelete = count($matches) - \OCP\Config::getSystemValue( 'files_versionmaxversions', Storage::DEFAULTMAXVERSIONS );
+
+				// delete old versions of a file
+				$deleteItems = array_slice( $matches, 0, $numberToDelete );
+
+				foreach( $deleteItems as $de ) {
+
+					unlink( $versionsName.'.v'.$de );
+
+				}
+			}
+		}
+	}
+
+	/**
+	 * @brief Erase all old versions of all user files
+	 * @return true/false
+	 */
+	public function expireAll() {
+		$view = \OCP\Files::getStorage('files_versions');
+		return $view->deleteAll('', true);
+	}
+}
@@ -130,7 +130,7 @@
   </field>

   <index>
-    <name>ldap_group_members</name>
+    <name>ldap_group_members_index</name>
    <unique>true</unique>
    <field>
     <name>owncloudname</name>
@@ -34,7 +34,7 @@ $groupBE = new \OCA\user_ldap\GROUP_LDAP();
 $groupBE->setConnector($connector);

 foreach($objects as $object) {
-	$fetchDNSql = 'SELECT `ldap_dn`, `owncloud_name` FROM `*PREFIX*ldap_'.$object.'_mapping` WHERE `directory_uuid` = ""';
+	$fetchDNSql = 'SELECT `ldap_dn`, `owncloud_name` FROM `*PREFIX*ldap_'.$object.'_mapping` WHERE `directory_uuid` = \'\'';
 	$updateSql = 'UPDATE `*PREFIX*ldap_'.$object.'_mapping` SET `ldap_DN` = ?, `directory_uuid` = ? WHERE `ldap_dn` = ?';

 	$query = OCP\DB::prepare($fetchDNSql);
@@ -28,10 +28,11 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {

 	public function setConnector(lib\Connection &$connection) {
 		parent::setConnector($connection);
-		if(empty($this->connection->ldapGroupFilter) || empty($this->connection->ldapGroupMemberAssocAttr)) {
-			$this->enabled = false;
+		$filter = $this->connection->ldapGroupFilter;
+		$gassoc = $this->connection->ldapGroupMemberAssocAttr;
+		if(!empty($filter) && !empty($gassoc)) {
+			$this->enabled = true;
 		}
-		$this->enabled = true;
 	}

 	/**
@@ -96,12 +97,13 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
 		if(!$this->enabled) {
 			return array();
 		}
-		if($this->connection->isCached('getUserGroups'.$uid)) {
-			return $this->connection->getFromCache('getUserGroups'.$uid);
+		$cacheKey = 'getUserGroups'.$uid;
+		if($this->connection->isCached($cacheKey)) {
+			return $this->connection->getFromCache($cacheKey);
 		}
 		$userDN = $this->username2dn($uid);
 		if(!$userDN) {
-			$this->connection->writeToCache('getUserGroups'.$uid, array());
+			$this->connection->writeToCache($cacheKey, array());
 			return array();
 		}

@@ -124,7 +126,7 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
 		));
 		$groups = $this->fetchListOfGroups($filter, array($this->connection->ldapGroupDisplayName,'dn'));
 		$groups = array_unique($this->ownCloudGroupNames($groups), SORT_LOCALE_STRING);
-		$this->connection->writeToCache('getUserGroups'.$uid, $groups);
+		$this->connection->writeToCache($cacheKey, $groups);

 		return $groups;
 	}
@@ -38,9 +38,11 @@ abstract class Access {
 	 * @brief reads a given attribute for an LDAP record identified by a DN
 	 * @param $dn the record in question
 	 * @param $attr the attribute that shall be retrieved
-	 * @returns the values in an array on success, false otherwise
+	 *        if empty, just check the record's existence
+	 * @returns an array of values on success or an empty
+	 *          array if $attr is empty, false otherwise
 	 *
-	 * Reads an attribute from an LDAP entry
+	 * Reads an attribute from an LDAP entry or check if entry exists
 	 */
 	public function readAttribute($dn, $attr) {
 		if(!$this->checkConnection()) {
@@ -55,10 +57,14 @@ abstract class Access {
 		}
 		$rr = @ldap_read($cr, $dn, 'objectClass=*', array($attr));
 		if(!is_resource($rr)) {
-			\OCP\Util::writeLog('user_ldap', 'readAttribute '.$attr.' failed for DN '.$dn, \OCP\Util::DEBUG);
+			\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN '.$dn, \OCP\Util::DEBUG);
 			//in case an error occurs , e.g. object does not exist
 			return false;
 		}
+		if (empty($attr)) {
+			\OCP\Util::writeLog('user_ldap', 'readAttribute: '.$dn.' found', \OCP\Util::DEBUG);
+			return array();
+		}
 		$er = ldap_first_entry($cr, $rr);
 		//LDAP attributes are not case sensitive
 		$result = \OCP\Util::mb_array_change_key_case(ldap_get_attributes($cr, $er), MB_CASE_LOWER, 'UTF-8');
@@ -67,7 +73,13 @@ abstract class Access {
 		if(isset($result[$attr]) && $result[$attr]['count'] > 0) {
 			$values = array();
 			for($i=0;$i<$result[$attr]['count'];$i++) {
-				$values[] = $this->resemblesDN($attr) ? $this->sanitizeDN($result[$attr][$i]) : $result[$attr][$i];
+				if($this->resemblesDN($attr)) {
+					$values[] = $this->sanitizeDN($result[$attr][$i]);
+				} elseif(strtolower($attr) == 'objectguid') {
+					$values[] = $this->convertObjectGUID2Str($result[$attr][$i]);
+				} else {
+					$values[] = $result[$attr][$i];
+				}
 			}
 			return $values;
 		}
@@ -339,7 +351,8 @@ abstract class Access {
 		$ownCloudNames = array();

 		foreach($ldapObjects as $ldapObject) {
-			$ocname = $this->dn2ocname($ldapObject['dn'], $ldapObject[$nameAttribute], $isUsers);
+			$nameByLDAP = isset($ldapObject[$nameAttribute]) ? $ldapObject[$nameAttribute] : null;
+			$ocname = $this->dn2ocname($ldapObject['dn'], $nameByLDAP, $isUsers);
 			if($ocname) {
 				$ownCloudNames[] = $ocname;
 			}
@@ -503,6 +516,12 @@ abstract class Access {
 		$link_resource = $this->connection->getConnectionResource();
 		if(is_resource($link_resource)) {
 			$sr = ldap_search($link_resource, $base, $filter, $attr);
+			if(!is_resource($sr)) {
+				$errmsg  = '('.ldap_errno($link_resource).') ' . ldap_error($link_resource);
+				$errmsg .= ', search filter: ' . $filter;
+				\OCP\Util::writeLog('user_ldap', 'Search: no result resource, LDAP error message: ' . $errmsg, \OCP\Util::ERROR);
+				return array();
+			}
 			$findings = ldap_get_entries($link_resource, $sr );

 			// if we're here, probably no connection resource is returned.
@@ -679,4 +698,32 @@ abstract class Access {
 		}
 		return $uuid;
 	}
+
+	/**
+	 * @brief converts a binary ObjectGUID into a string representation
+	 * @param $oguid the ObjectGUID in it's binary form as retrieved from AD
+	 * @returns String
+	 *
+	 * converts a binary ObjectGUID into a string representation
+	 * http://www.php.net/manual/en/function.ldap-get-values-len.php#73198
+	 */
+	private function convertObjectGUID2Str($oguid) {
+		$hex_guid = bin2hex($oguid);
+		$hex_guid_to_guid_str = '';
+		for($k = 1; $k <= 4; ++$k) {
+			$hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
+		}
+		$hex_guid_to_guid_str .= '-';
+		for($k = 1; $k <= 2; ++$k) {
+			$hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
+		}
+		$hex_guid_to_guid_str .= '-';
+		for($k = 1; $k <= 2; ++$k) {
+			$hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
+		}
+		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
+		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
+
+		return strtoupper($hex_guid_to_guid_str);
+	}
 }
@@ -84,7 +84,7 @@ class Connection {
 			\OCP\Util::writeLog('user_ldap', 'Set config ldapUuidAttribute to  '.$value, \OCP\Util::DEBUG);
 			$this->config[$name] = $value;
 			if(!empty($this->configID)) {
-				\OCP\Config::getAppValue($this->configID, 'ldap_uuid_attribute', $value);
+				\OCP\Config::setAppValue($this->configID, 'ldap_uuid_attribute', $value);
 			}
 			$changed = true;
 		}
@@ -26,16 +26,12 @@ OCP\Util::addscript('user_ldap', 'settings');
 OCP\Util::addstyle('user_ldap', 'settings');

 if ($_POST) {
+	$clearCache = false;
 	foreach($params as $param) {
 		if(isset($_POST[$param])) {
+			$clearCache = true;
 			if('ldap_agent_password' == $param) {
 				OCP\Config::setAppValue('user_ldap', $param, base64_encode($_POST[$param]));
-			} elseif('ldap_cache_ttl' == $param) {
-				if(OCP\Config::getAppValue('user_ldap', $param,'') != $_POST[$param]) {
-					$ldap = new \OCA\user_ldap\lib\Connection('user_ldap');
-					$ldap->clearCache();
-					OCP\Config::setAppValue('user_ldap', $param, $_POST[$param]);
-				}
 			} elseif('home_folder_naming_rule' == $param) {
 				$value = empty($_POST[$param]) ? 'opt:username' : 'attr:'.$_POST[$param];
 				OCP\Config::setAppValue('user_ldap', $param, $value);
@@ -54,6 +50,10 @@ if ($_POST) {
 			OCP\Config::setAppValue('user_ldap', $param, 0);
 		}
 	}
+	if($clearCache) {
+		$ldap = new \OCA\user_ldap\lib\Connection('user_ldap');
+		$ldap->clearCache();
+	}
 }

 // fill template
@@ -29,11 +29,13 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {

 	private function updateQuota($dn) {
 		$quota = null;
-		if(!empty($this->connection->ldapQuotaDefault)) {
-			$quota = $this->connection->ldapQuotaDefault;
+		$quotaDefault = $this->connection->ldapQuotaDefault;
+		$quotaAttribute = $this->connection->ldapQuotaAttribute;
+		if(!empty($quotaDefault)) {
+			$quota = $quotaDefault;
 		}
-		if(!empty($this->connection->ldapQuotaAttribute)) {
-			$aQuota = $this->readAttribute($dn, $this->connection->ldapQuotaAttribute);
+		if(!empty($quotaAttribute)) {
+			$aQuota = $this->readAttribute($dn, $quotaAttribute);

 			if($aQuota && (count($aQuota) > 0)) {
 				$quota = $aQuota[0];
@@ -46,8 +48,9 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {

 	private function updateEmail($dn) {
 		$email = null;
-		if(!empty($this->connection->ldapEmailAttribute)) {
-			$aEmail = $this->readAttribute($dn, $this->connection->ldapEmailAttribute);
+		$emailAttribute = $this->connection->ldapEmailAttribute;
+		if(!empty($emailAttribute)) {
+			$aEmail = $this->readAttribute($dn, $emailAttribute);
 			if($aEmail && (count($aEmail) > 0)) {
 				$email = $aEmail[0];
 			}
@@ -138,9 +141,8 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
 			return false;
 		}

-		//if user really still exists, we will be able to read his objectclass
-		$objcs = $this->readAttribute($dn, 'objectclass');
-		if(!$objcs || empty($objcs)) {
+		//check if user really still exists by reading its entry
+		if(!is_array($this->readAttribute($dn, ''))) {
 			$this->connection->writeToCache('userExists'.$uid, false);
 			return false;
 		}
@@ -23,7 +23,7 @@

 require_once 'apps/user_webdavauth/user_webdavauth.php';

-OC_APP::registerAdmin('user_webdavauth','settings');
+OC_APP::registerAdmin('user_webdavauth', 'settings');

 OC_User::registerBackend("WEBDAVAUTH");
 OC_User::useBackend( "WEBDAVAUTH" );
@@ -2,10 +2,12 @@
 <info>
 	<id>user_webdavauth</id>
 	<name>WebDAV user backend</name>
-	<description>Authenticate Users by a WebDAV call</description>
-	<version>1.0</version>
+	<description>Authenticate users by a WebDAV call. You can use any WebDAV server, ownCloud server or other webserver to authenticate. It should return http 200 for right credentials and http 401 for wrong ones.</description>
 	<licence>AGPL</licence>
 	<author>Frank Karlitschek</author>
 	<require>4.9</require>
 	<shipped>true</shipped>
+	<types>
+		<authentication/>
+	</types>
 </info>
@@ -0,0 +1 @@
+1.1.0.0
@@ -21,7 +21,6 @@
 *
 */

-print_r($_POST);
 if($_POST) {

 		if(isset($_POST['webdav_url'])) {
@@ -1,7 +1,7 @@
 <form id="webdavauth" action="#" method="post">
 	<fieldset class="personalblock">
 		<legend><strong>WebDAV Authentication</strong></legend>
-		<p><label for="webdav_url"><?php echo $l->t('webdav_url');?><input type="text" id="webdav_url" name="webdav_url" value="<?php echo $_['webdav_url']; ?>"></label>
+		<p><label for="webdav_url"><?php echo $l->t('WebDAV URL: http://');?><input type="text" id="webdav_url" name="webdav_url" value="<?php echo $_['webdav_url']; ?>"></label>
 		<input type="submit" value="Save" />
 	</fieldset>
 </form>
@@ -30,37 +30,36 @@ class OC_USER_WEBDAVAUTH extends OC_User_Backend {

 	public function createUser() {
 		// Can't create user
-		OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to create users from web frontend using WebDAV user backend',3);
+		OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to create users from web frontend using WebDAV user backend', 3);
 		return false;
 	}

-	public function deleteUser() {
+	public function deleteUser($uid) {
 		// Can't delete user
-		OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to delete users from web frontend using WebDAV user backend',3);
+		OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to delete users from web frontend using WebDAV user backend', 3);
 		return false;
 	}

 	public function setPassword ( $uid, $password ) {
 		// We can't change user password
-		OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to change password for users from web frontend using WebDAV user backend',3);
+		OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to change password for users from web frontend using WebDAV user backend', 3);
 		return false;
 	}

 	public function checkPassword( $uid, $password ) {
-
 		$url= 'http://'.urlencode($uid).':'.urlencode($password).'@'.$this->webdavauth_url;
 		$headers = get_headers($url);
 		if($headers==false) {
-			OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to connect to WebDAV Url: "'.$this->webdavauth_url.'" ' ,3);
+			OC_Log::write('OC_USER_WEBDAVAUTH', 'Not possible to connect to WebDAV Url: "'.$this->webdavauth_url.'" ', 3);
 			return false;

 		}
 		$returncode= substr($headers[0], 9, 3);

 		if($returncode=='401') {
-			return false;
+			return(false);
 		}else{
-			return true;
+			return($uid);
 		}

 	}
@@ -68,14 +67,15 @@ class OC_USER_WEBDAVAUTH extends OC_User_Backend {
 	/*
 	* we don´t know if a user exists without the password. so we have to return false all the time
 	*/
-	public function userExists( $uid ) {
-		return false;
+	public function userExists( $uid ){
+		return true;
 	}

+
 	/*
 	* we don´t know the users so all we can do it return an empty array here
 	*/
-	public function getUsers() {
+	public function getUsers($search = '', $limit = 10, $offset = 0) {
 		$returnArray = array();

 		return $returnArray;
@@ -30,6 +30,15 @@ function t(app,text){
 }
 t.cache={};

+/*
+* Sanitizes a HTML string
+* @param string
+* @return Sanitized string
+*/
+function escapeHTML(s) {
+		return s.toString().split('&').join('&amp;').split('<').join('&lt;').split('"').join('&quot;');
+}
+
 /**
 * Get the path to download a file
 * @param file The filename
@@ -619,7 +628,7 @@ $.fn.filterAttr = function(attr_name, attr_value) {
 function humanFileSize(size) {
 	var humanList = ['B', 'kB', 'MB', 'GB', 'TB'];
 	// Calculate Log with base 1024: size = 1024 ** order
-	var order = Math.floor(Math.log(size) / Math.log(1024));
+	var order = size?Math.floor(Math.log(size) / Math.log(1024)):0;
 	// Stay in range of the byte sizes that are defined
 	order = Math.min(humanList.length - 1, order);
 	var readableFormat = humanList[order];
@@ -66,51 +66,54 @@ var OCdialogs = {
 	/**
 	* prompt user for input with custom form
 	* fields should be passed in following format: [{text:'prompt text', name:'return name', type:'input type', value: 'dafault value'},...]
-	* @param fields to display 
+	* select example 	var fields=[{text:'Test', name:'test', type:'select', options:[{text:'hallo',value:1},{text:'hallo1',value:2}] }];
+	* @param fields to display
 	* @param title dialog title
 	* @param callback which will be triggered when user press OK (user answers will be passed to callback in following format: [{name:'return name', value: 'user value'},...])
 	*/
 	form:function(fields, title, callback, modal) {
 		var content = '<table>';
-		for (var a in fields) {
-			content += '<tr><td>'+fields[a].text+'</td><td>';
-			var type=fields[a].type;
+		$.each(fields, function(index, val){
+			content += '<tr><td>'+val.text+'</td><td>';
+			var type=val.type;
+
 			if (type == 'text' || type == 'checkbox' || type == 'password') {
-				content += '<input type="'+type+'" name="'+fields[a].name+'"';
+				content += '<input type="'+type+'" name="'+val.name+'"';
 				if (type == 'checkbox') {
-					if (fields[a].value != undefined && fields[a].value == true) {
+					if (val.value != undefined && val.value == true) {
 						content += ' checked="checked">';
 					} else {
 						content += '>';
 					}
-				} else if (type == 'text' || type == 'password' && fields[a].value) {
-					content += ' value="'+fields[a].value+'">';
+				} else if (type == 'text' || type == 'password' && val.value) {
+					content += ' value="'+val.value+'">';
 				}
 			} else if (type == 'select') {
-				content += '<select name="'+fields[a].name+'"';
-				if (fields[a].value != undefined) {
-					content += ' value="'+fields[a].value+'"';
+				content += '<select name="'+val.name+'"';
+				if (val.value != undefined) {
+					content += ' value="'+val.value+'"';
 				}
 				content += '>';
-				for (var o in fields[a].options) {
-					content += '<option value="'+fields[a].options[o].value+'">'+fields[a].options[o].text+'</option>';
-				}
+				$.each(val.options, function(index, valo){
+					content += '<option value="'+valo.value+'">'+valo.text+'</option>';
+				});
 				content += '</select>';
 			}
 			content += '</td></tr>';
-		}
+
+		});
 		content += '</table>';
 		OCdialogs.message(content, title, OCdialogs.FORM_DIALOG, OCdialogs.OK_CANCEL_BUTTONS, callback, modal);
 	},
 	filepicker:function(title, callback, multiselect, mimetype_filter, modal) {
 		var c_name = 'oc-dialog-'+OCdialogs.dialogs_counter+'-content';
 		var c_id = '#'+c_name;
-		var d = '<div id="'+c_name+'" title="'+title+'"><select id="dirtree"><option value="0">'+OC.currentUser+'</option></select><div id="filelist"></div><div class="filepicker_loader"><img src="'+OC.filePath('gallery','img','loading.gif')+'"></div></div>';
+		var d = '<div id="'+c_name+'" title="'+title+'"><select id="dirtree"><option value="0">'+OC.currentUser+'</option></select><div id="filelist"></div><div class="filepicker_loader"><img src="'+OC.filePath('core','img','loading.gif')+'"></div></div>';
 		if (!modal) modal = false; // Huh..
 		if (!multiselect) multiselect = false;
 		$('body').append(d);
 		$(c_id + ' #dirtree').focus(function() {
-			var t = $(this); 
+			var t = $(this);
 			t.data('oldval',  t.val())
 		}).change({dcid: c_id}, OC.dialogs.handleTreeListSelect);
 		$(c_id).ready(function(){
@@ -120,7 +123,7 @@ var OCdialogs = {
 		}).data('multiselect', multiselect).data('mimetype',mimetype_filter);
 		// build buttons
 		var b = [{
-			text: t('core', 'Choose'), 
+			text: t('core', 'Choose'),
 			click: function(){
 				if (callback != undefined) {
 					var p;
@@ -140,7 +143,7 @@ var OCdialogs = {
 			}
 		},
 		{
-			text: t('core', 'Cancel'), 
+			text: t('core', 'Cancel'),
 			click: function(){$(c_id).dialog('close'); }}
 		];
 		$(c_id).dialog({width: ((4*$('body').width())/9), height: 400, modal: modal, buttons: b});
@@ -215,9 +218,10 @@ var OCdialogs = {
 	fillFilePicker:function(r, dialog_content_id) {
 		var entry_template = '<div onclick="javascript:OC.dialogs.handlePickerClick(this, \'*ENTRYNAME*\',\''+dialog_content_id+'\')" data="*ENTRYTYPE*"><img src="*MIMETYPEICON*" style="margin-right:1em;"><span id="filename">*NAME*</span><div style="float:right;margin-right:1em;">*LASTMODDATE*</div></div>';
 		var names = '';
-		for (var a in r.data) {
-			names += entry_template.replace('*LASTMODDATE*', OC.mtime2date(r.data[a].mtime)).replace('*NAME*', r.data[a].name).replace('*MIMETYPEICON*', r.data[a].mimetype_icon).replace('*ENTRYNAME*', r.data[a].name).replace('*ENTRYTYPE*', r.data[a].type);
-		}
+		$.each(r.data, function(index, a) {
+			names += entry_template.replace('*LASTMODDATE*', OC.mtime2date(a.mtime)).replace('*NAME*', a.name).replace('*MIMETYPEICON*', a.mimetype_icon).replace('*ENTRYNAME*', a.name).replace('*ENTRYTYPE*', a.type);
+		});
+
 		$(dialog_content_id + ' #filelist').html(names);
 		$(dialog_content_id + ' .filepicker_loader').css('visibility', 'hidden');
 	},
@@ -231,10 +235,10 @@ var OCdialogs = {
 		}
 		var skip_first = true;
 		var path = '';
-		$(this).children().each(function(i, element) { 
+		$(this).children().each(function(i, element) {
 			if (skip_first) {
-				skip_first = false; 
-				return; 
+				skip_first = false;
+				return;
 			}
 			path += '/'+$(element).text();
 		});
@@ -313,7 +313,7 @@ OC.Share={
 			var file = $('#dir').val() + '/' + filename;
 		}
 		file = '/'+OC.currentUser+'/files'+file;
-		var link = parent.location.protocol+'//'+location.host+OC.linkTo('', 'public.php')+'?service=files&'+type+'='+file;
+		var link = parent.location.protocol+'//'+location.host+OC.linkTo('', 'public.php')+'?service=files&'+type+'='+encodeURIComponent(file);
 		$('#linkText').val(link);
 		$('#linkText').show('blind');
 		$('#showPassword').show();
@@ -475,15 +475,14 @@ $(document).ready(function() {
 		$('#linkPass').toggle('blind');
 	});

-	$('#linkPassText').live('keyup', function(event) {
-		if (event.keyCode == 13) {
-			var itemType = $('#dropdown').data('item-type');
-			var itemSource = $('#dropdown').data('item-source');
-			OC.Share.share(itemType, itemSource, OC.Share.SHARE_TYPE_LINK, $(this).val(), OC.PERMISSION_READ, function() {
-				$('#linkPassText').val('');
-				$('#linkPassText').attr('placeholder', t('core', 'Password protected'));
-			});
-		}
+	$('#linkPassText').live('focusout', function(event) {
+		var itemType = $('#dropdown').data('item-type');
+		var itemSource = $('#dropdown').data('item-source');
+		OC.Share.share(itemType, itemSource, OC.Share.SHARE_TYPE_LINK, $(this).val(), OC.PERMISSION_READ, function() {
+			$('#linkPassText').val('');
+			$('#linkPassText').attr('placeholder', t('core', 'Password protected'));
+		});
+		$('#linkPassText').attr('placeholder', t('core', 'Password protected'));
 	});

 	$('#expirationCheckbox').live('click', function() {
@@ -13,8 +13,8 @@ require_once '../../lib/base.php';
 // Someone lost their password:
 if (isset($_POST['user'])) {
 	if (OC_User::userExists($_POST['user'])) {
-		$token = hash("sha256", $_POST['user'].OC_Util::generate_random_bytes(10));
-		OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token);
+		$token = hash("sha256", OC_Util::generate_random_bytes(30).OC_Config::getValue('passwordsalt', ''));
+		OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash("sha256", $token)); // Hash the token again to prevent timing attacks
 		$email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
 		if (!empty($email)) {
 			$link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php', array('user' => $_POST['user'], 'token' => $token));
@@ -10,7 +10,7 @@ $RUNTIME_NOAPPS = TRUE; //no apps
 require_once '../../lib/base.php';

 // Someone wants to reset their password:
-if(isset($_GET['token']) && isset($_GET['user']) && OC_Preferences::getValue($_GET['user'], 'owncloud', 'lostpassword') === $_GET['token']) {
+if(isset($_GET['token']) && isset($_GET['user']) && OC_Preferences::getValue($_GET['user'], 'owncloud', 'lostpassword') === hash("sha256", $_GET['token'])) {
 	if (isset($_POST['password'])) {
 		if (OC_User::setPassword($_GET['user'], $_POST['password'])) {
 			OC_Preferences::deleteKey($_GET['user'], 'owncloud', 'lostpassword');
@@ -3,7 +3,6 @@
 <input type='hidden' id='hasPostgreSQL' value='<?php echo $_['hasPostgreSQL'] ?>'></input>
 <input type='hidden' id='hasOracle' value='<?php echo $_['hasOracle'] ?>'></input>
 <form action="index.php" method="post">
-
 <input type="hidden" name="install" value="true" />
 	<?php if(count($_['errors']) > 0): ?>
 	<ul class="errors">
@@ -19,7 +18,20 @@
 		<?php endforeach; ?>
 	</ul>
 	<?php endif; ?>
-
+	<?php if(!$_['secureRNG']): ?>
+	<fieldset style="color: #B94A48; background-color: #F2DEDE; border-color: #EED3D7;">
+		<legend><strong><?php echo $l->t('Security Warning');?></strong></legend>
+		<span><?php echo $l->t('No secure random number generator is available, please enable the PHP OpenSSL extension.');?></span>		
+		<br/>
+		<span><?php echo $l->t('Without a secure random number generator an attacker may be able to predict password reset tokens and take over your account.');?></span>		
+	</fieldset>
+	<?php endif; ?>
+	<?php if(!$_['htaccessWorking']): ?>
+	<fieldset style="color: #B94A48; background-color: #F2DEDE; border-color: #EED3D7;">
+		<legend><strong><?php echo $l->t('Security Warning');?></strong></legend>
+		<span><?php echo $l->t('Your data directory and your files are probably accessible from the internet. The .htaccess file that ownCloud provides is not working. We strongly suggest that you configure your webserver in a way that the data directory is no longer accessible or you move the data directory outside the webserver document root.');?></span>		
+	</fieldset>
+	<?php endif; ?>
 	<fieldset>
 		<legend><?php echo $l->t( 'Create an <strong>admin account</strong>' ); ?></legend>
 		<p class="infield">
@@ -99,7 +111,7 @@
 			</p>
 			<p class="infield">
 				<label for="dbname" class="infield"><?php echo $l->t( 'Database name' ); ?></label>
-				<input type="text" name="dbname" id="dbname" value="<?php print OC_Helper::init_var('dbname'); ?>" autocomplete="off" />
+				<input type="text" name="dbname" id="dbname" value="<?php print OC_Helper::init_var('dbname'); ?>" autocomplete="off" pattern="[0-9a-zA-Z$_]+" />
 			</p>
 		</div>
 		<?php endif; ?>
@@ -6,7 +6,7 @@
 * See the COPYING-README file.
 */

-require_once 'Archive/Tar.php';
+require_once '3rdparty/Archive/Tar.php';

 class OC_Archive_TAR extends OC_Archive{
 	const PLAIN=0;
@@ -193,6 +193,7 @@ class OC{
 	public static function checkSSL() {
 		// redirect to https site if configured
 		if( OC_Config::getValue( "forcessl", false )) {
+			header('Strict-Transport-Security: max-age=31536000');
 			ini_set("session.cookie_secure", "on");
 			if(OC_Request::serverProtocol()<>'https' and !OC::$CLI) {
 				$url = "https://". OC_Request::serverHost() . $_SERVER['REQUEST_URI'];
@@ -281,7 +282,7 @@ class OC{
 		ini_set('arg_separator.output', '&amp;');

 		// try to switch magic quotes off.
-		if(function_exists('set_magic_quotes_runtime')) {
+		if(get_magic_quotes_gpc()) {
 			@set_magic_quotes_runtime(false);
 		}

@@ -37,7 +37,7 @@ class OC_Connector_Sabre_Auth extends Sabre_DAV_Auth_Backend_AbstractBasic {
 		} else {
 			OC_Util::setUpFS();//login hooks may need early access to the filesystem
 			if(OC_User::login($username, $password)) {
-				OC_Util::setUpFS($username);
+				OC_Util::setUpFS(OC_User::getUser());
 				return true;
 			}
 			else{
@@ -117,16 +117,20 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa
 	 */
 	public function getChildren() {

+		$source = $this->getFileSource($this->path);
+		$path = $source['path'];
+		$user = $source['user'];
+		
 		$folder_content = OC_Files::getDirectoryContent($this->path);
 		$paths = array();
 		foreach($folder_content as $info) {
-			$paths[] = $this->path.'/'.$info['name'];
+			$paths[] = $path.'/'.$info['name'];
 		}
 		$properties = array_fill_keys($paths, array());
 		if(count($paths)>0) {
 			$placeholders = join(',', array_fill(0, count($paths), '?'));
 			$query = OC_DB::prepare( 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ?' . ' AND `propertypath` IN ('.$placeholders.')' );
-			array_unshift($paths, OC_User::getUser()); // prepend userid
+			array_unshift($paths, $user); // prepend userid
 			$result = $query->execute( $paths );
 			while($row = $result->fetchRow()) {
 				$propertypath = $row['propertypath'];
@@ -139,7 +143,7 @@ class OC_Connector_Sabre_Directory extends OC_Connector_Sabre_Node implements Sa
 		$nodes = array();
 		foreach($folder_content as $info) {
 			$node = $this->getChild($info['name'], $info);
-			$node->setPropertyCache($properties[$this->path.'/'.$info['name']]);
+			$node->setPropertyCache($properties[$path.'/'.$info['name']]);
 			$nodes[] = $node;
 		}
 		return $nodes;
@@ -25,6 +25,13 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
 	const GETETAG_PROPERTYNAME = '{DAV:}getetag';
 	const LASTMODIFIED_PROPERTYNAME = '{DAV:}lastmodified';

+	/**
+	 * Allow configuring the method used to generate Etags
+	 *
+	 * @var array(class_name, function_name)
+	*/
+	public static $ETagFunction = null;
+
 	/**
 	 * The path to the current node
 	 *
@@ -141,13 +148,16 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
 	 * @return bool|array
 	 */
 	public function updateProperties($properties) {
+		// get source path of shared files
+		$source = self::getFileSource($this->path);
+
 		$existing = $this->getProperties(array());
 		foreach($properties as $propertyName => $propertyValue) {
 			// If it was null, we need to delete the property
 			if (is_null($propertyValue)) {
 				if(array_key_exists( $propertyName, $existing )) {
 					$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?' );
-					$query->execute( array( OC_User::getUser(), $this->path, $propertyName ));
+					$query->execute( array( $source['user'], $source['path'], $propertyName ));
 				}
 			}
 			else {
@@ -156,10 +166,10 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
 				} else {
 					if(!array_key_exists( $propertyName, $existing )) {
 						$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*properties` (`userid`,`propertypath`,`propertyname`,`propertyvalue`) VALUES(?,?,?,?)' );
-						$query->execute( array( OC_User::getUser(), $this->path, $propertyName,$propertyValue ));
+						$query->execute( array( $source['user'], $source['path'], $propertyName, $propertyValue ));
 					} else {
 						$query = OC_DB::prepare( 'UPDATE `*PREFIX*properties` SET `propertyvalue` = ? WHERE `userid` = ? AND `propertypath` = ? AND `propertyname` = ?' );
-						$query->execute( array( $propertyValue,OC_User::getUser(), $this->path, $propertyName ));
+						$query->execute( array( $propertyValue, $source['user'], $source['path'], $propertyName ));
 					}
 				}
 			}
@@ -178,19 +188,22 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
 	 * If the array is empty, all properties should be returned
 	 *
 	 * @param array $properties
-	 * @return void
+	 * @return array
 	 */
 	public function getProperties($properties) {
-		if (is_null($this->property_cache)) {
+		
+		$source = self::getFileSource($this->path);
+		
+		if (is_null($this->property_cache) || empty($this->property_cache)) {
 			$query = OC_DB::prepare( 'SELECT * FROM `*PREFIX*properties` WHERE `userid` = ? AND `propertypath` = ?' );
-			$result = $query->execute( array( OC_User::getUser(), $this->path ));
+			$result = $query->execute( array( $source['user'], $source['path'] ));

 			$this->property_cache = array();
 			while( $row = $result->fetchRow()) {
 				$this->property_cache[$row['propertyname']] = $row['propertyvalue'];
 			}
 		}
-
+		
 		// if the array was empty, we need to return everything
 		if(count($properties) == 0) {
 			return $this->property_cache;
@@ -209,7 +222,12 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
 	 * @return string|null Returns null if the ETag can not effectively be determined
 	 */
 	static protected function createETag($path) {
-		return uniqid('', true);
+		if(self::$ETagFunction) {
+			$hash = call_user_func(self::$ETagFunction, $path);
+			return $hash;
+		}else{
+			return uniqid('', true);
+		}
 	}

 	/**
@@ -222,9 +240,12 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
 		if (empty($tag)) {
 			return null;
 		}
+		
+		$source = self::getFileSource($path);
+			
 		$etag = '"'.$tag.'"';
 		$query = OC_DB::prepare( 'INSERT INTO `*PREFIX*properties` (`userid`,`propertypath`,`propertyname`,`propertyvalue`) VALUES(?,?,?,?)' );
-		$query->execute( array( OC_User::getUser(), $path, self::GETETAG_PROPERTYNAME, $etag ));
+		$query->execute( array( $source['user'], $source['path'], self::GETETAG_PROPERTYNAME, $etag ));
 		return $etag;
 	}

@@ -234,6 +255,9 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
 	 */
 	static public function removeETagPropertyForPath($path) {
 		// remove tags from this and parent paths
+		$source = self::getFileSource($path);
+		$path = $source['path'];
+		
 		$paths = array();
 		while ($path != '/' && $path != '.' && $path != '' && $path != '\\') {
 			$paths[] = $path;
@@ -249,7 +273,26 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
 			.' AND `propertyname` = ?'
 			.' AND `propertypath` IN ('.$path_placeholders.')'
 			);
-		$vals = array( OC_User::getUser(), self::GETETAG_PROPERTYNAME );
+		$vals = array( $source['user'], self::GETETAG_PROPERTYNAME );
 		$query->execute(array_merge( $vals, $paths ));
+		
+		//remove etag for all Shared folders
+		$query = OC_DB::prepare( 'DELETE FROM `*PREFIX*properties`'
+				.' WHERE `propertypath` = "/Shared"'
+		);
+		$query->execute(array());
+		
+	}
+	
+	protected static function getFileSource($path) {
+		if ( OC_App::isEnabled('files_sharing') &&  !strncmp($path, '/Shared/', 8)) {
+			$source = OC_Files_Sharing_Util::getSourcePath(str_replace('/Shared/', '', $path));
+			$parts = explode('/', $source, 4);
+			$user =  $parts[1];
+			$path = '/'.$parts[3];
+		} else {
+			$user = OC_User::getUser();
+		}
+		return(array('user' => $user, 'path' => $path));
 	}
 }
@@ -65,7 +65,7 @@ class OC_FileCache{
 		if($root===false) {
 			$root=OC_Filesystem::getRoot();
 		}
-		$fullpath=$root.$path;
+		$fullpath=OC_Filesystem::normalizePath($root.'/'.$path);
 		$parent=self::getParentId($fullpath);
 		$id=self::getId($fullpath,'');
 		if(isset(OC_FileCache_Cached::$savedData[$fullpath])) {
@@ -79,8 +79,8 @@ class OC_FileCache{

 		// add parent directory to the file cache if it does not exist yet.
 		if ($parent == -1 && $fullpath != $root) {
-			$parentDir = substr(dirname($path), 0, strrpos(dirname($path), DIRECTORY_SEPARATOR));
-			self::scanFile($parentDir);
+			$parentDir = dirname(OC_Filesystem::normalizePath($path));
+			self::scanFile($parentDir, $root);
 			$parent = self::getParentId($fullpath);
 		}

@@ -94,15 +94,19 @@ class OC_FileCache{
 		if(!isset($data['versioned'])) {
 			$data['versioned']=false;
 		}
+		if(!isset($data['user'])) {
+			$data['user']=OC_User::getUser();
+		}
+		
+		
 		$mimePart=dirname($data['mimetype']);
 		$data['size']=(int)$data['size'];
 		$data['ctime']=(int)$data['mtime'];
 		$data['writable']=(int)$data['writable'];
 		$data['encrypted']=(int)$data['encrypted'];
 		$data['versioned']=(int)$data['versioned'];
-		$user=OC_User::getUser();
 		$query=OC_DB::prepare('INSERT INTO `*PREFIX*fscache`(`parent`, `name`, `path`, `path_hash`, `size`, `mtime`, `ctime`, `mimetype`, `mimepart`,`user`,`writable`,`encrypted`,`versioned`) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?)');
-		$result=$query->execute(array($parent,basename($fullpath),$fullpath,md5($fullpath),$data['size'],$data['mtime'],$data['ctime'],$data['mimetype'],$mimePart,$user,$data['writable'],$data['encrypted'],$data['versioned']));
+		$result=$query->execute(array($parent,basename($fullpath),$fullpath,md5($fullpath),$data['size'],$data['mtime'],$data['ctime'],$data['mimetype'],$mimePart,$data['user'],$data['writable'],$data['encrypted'],$data['versioned']));
 		if(OC_DB::isError($result)) {
 			OC_Log::write('files','error while writing file('.$fullpath.') to cache',OC_Log::ERROR);
 		}
@@ -203,7 +207,7 @@ class OC_FileCache{

 		OC_Cache::remove('fileid/'.$root.$path);
 	}
-
+	
 	/**
 	 * return array of filenames matching the querty
 	 * @param string $query
@@ -496,11 +500,11 @@ class OC_FileCache{
 	 */
 	public static function triggerUpdate($user=''){
 		if($user) {
-			$query=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `mtime`=0 WHERE `user`=? AND `mimetype`="httpd/unix-directory"');
-			$query->execute(array($user));
+			$query=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `mtime`=0 WHERE `user`=? AND `mimetype`= ?  ');
+			$query->execute(array($user,'httpd/unix-directory'));
 		}else{
-			$query=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `mtime`=0 AND `mimetype`="httpd/unix-directory"');
-			$query->execute();
+			$query=OC_DB::prepare('UPDATE `*PREFIX*fscache` SET `mtime`=0 AND `mimetype`= ? ');
+			$query->execute(array('httpd/unix-directory'));
 		}
 	}
 }
@@ -509,3 +513,4 @@ class OC_FileCache{
 OC_Hook::connect('OC_Filesystem','post_write','OC_FileCache_Update','fileSystemWatcherWrite');
 OC_Hook::connect('OC_Filesystem','post_delete','OC_FileCache_Update','fileSystemWatcherDelete');
 OC_Hook::connect('OC_Filesystem','post_rename','OC_FileCache_Update','fileSystemWatcherRename');
+OC_Hook::connect('OC_User','post_deleteUser','OC_FileCache_Update','deleteFromUser');
@@ -174,7 +174,9 @@ class OC_FileCache_Update{
 		}else{
 			$size=OC_FileCache::scanFile($path, $root);
 		}
-		OC_FileCache::increaseSize(dirname($path), $size-$cachedSize, $root);
+		if($path !== '' and $path !== '/'){
+			OC_FileCache::increaseSize(dirname($path), $size-$cachedSize, $root);
+		}
 	}

 	/**
@@ -214,4 +216,12 @@ class OC_FileCache_Update{
 		OC_FileCache::increaseSize(dirname($newPath), $oldSize, $root);
 		OC_FileCache::move($oldPath, $newPath);
 	}
+
+	/**
+	 * delete files owned by user from the cache
+	 * @param string $parameters$parameters["uid"])
+	 */
+	public static function deleteFromUser($parameters) {
+		OC_FileCache::clear($parameters["uid"]);
+	}
 }
@@ -0,0 +1,37 @@
+<?php
+/**
+ * ownCloud
+ *
+ * @author Bjoern Schiessle
+ * @copyright 2012 Bjoern Schiessle <schiessle@owncloud.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+/**
+ * check if standard file operations
+ */
+ 
+class OC_FileProxy_FileOperations extends OC_FileProxy{
+	static $rootView;
+
+	public function premkdir($path) {
+		if(!self::$rootView){
+			self::$rootView = new OC_FilesystemView('');
+		}
+		return !self::$rootView->file_exists($path);
+	}
+	
+}
@@ -42,16 +42,20 @@ class OC_Files {
 	 * - versioned
 	 */
 	public static function getFileInfo($path) {
+		$path = OC_Filesystem::normalizePath($path);
 		if (($path == '/Shared' || substr($path, 0, 8) == '/Shared/') && OC_App::isEnabled('files_sharing')) {
 			if ($path == '/Shared') {
 				list($info) = OCP\Share::getItemsSharedWith('file', OC_Share_Backend_File::FORMAT_FILE_APP_ROOT);
-			}else{
-				$info['size'] = OC_Filesystem::filesize($path);
-				$info['mtime'] = OC_Filesystem::filemtime($path);
-				$info['ctime'] = OC_Filesystem::filectime($path);
-				$info['mimetype'] = OC_Filesystem::getMimeType($path);
-				$info['encrypted'] = false;
-				$info['versioned'] = false;
+			} else {
+				$info = array();
+				if (OC_Filesystem::file_exists($path)) {
+					$info['size'] = OC_Filesystem::filesize($path);
+					$info['mtime'] = OC_Filesystem::filemtime($path);
+					$info['ctime'] = OC_Filesystem::filectime($path);
+					$info['mimetype'] = OC_Filesystem::getMimeType($path);
+					$info['encrypted'] = false;
+					$info['versioned'] = false;
+				}
 			}
 		} else {
 			$info = OC_FileCache::get($path);
@@ -46,6 +46,7 @@
 class OC_Filesystem{
 	static private $storages=array();
 	static private $mounts=array();
+	static private $loadedUsers=array();
 	public static $loaded=false;
 	/**
 	 * @var OC_Filestorage $defaultInstance
@@ -178,72 +179,92 @@ class OC_Filesystem{
 		$internalPath=substr($path,strlen($mountPoint));
 		return $internalPath;
 	}
+	
+	static private function mountPointsLoaded($user) {
+		return in_array($user, self::$loadedUsers);
+	}
+	
 	/**
 	* get the storage object for a path
 	* @param string path
 	* @return OC_Filestorage
 	*/
 	static public function getStorage($path) {
+		$user = ltrim(substr($path, 0, strpos($path, '/', 1)), '/');
+		// check mount points if file was shared from a different user
+		if ($user != OC_User::getUser() && !self::mountPointsLoaded($user)) {
+			OC_Util::loadUserMountPoints($user);
+			self::loadSystemMountPoints($user);
+			self::$loadedUsers[] = $user;
+		}
+
 		$mountpoint=self::getMountPoint($path);
 		if($mountpoint) {
 			if(!isset(OC_Filesystem::$storages[$mountpoint])) {
 				$mount=OC_Filesystem::$mounts[$mountpoint];
-				OC_Filesystem::$storages[$mountpoint]=OC_Filesystem::createStorage($mount['class'],$mount['arguments']);
+				OC_Filesystem::$storages[$mountpoint]=OC_Filesystem::createStorage($mount['class'], $mount['arguments']);
 			}
 			return OC_Filesystem::$storages[$mountpoint];
 		}
 	}

-	static public function init($root) {
+	static private function loadSystemMountPoints($user) {
+		if(is_file(OC::$SERVERROOT.'/config/mount.php')) {
+			$mountConfig=include OC::$SERVERROOT.'/config/mount.php';
+			if(isset($mountConfig['global'])) {
+				foreach($mountConfig['global'] as $mountPoint=>$options) {
+					self::mount($options['class'], $options['options'], $mountPoint);
+				}
+			}
+		
+			if(isset($mountConfig['group'])) {
+				foreach($mountConfig['group'] as $group=>$mounts) {
+					if(OC_Group::inGroup($user, $group)) {
+						foreach($mounts as $mountPoint=>$options) {
+							$mountPoint=self::setUserVars($mountPoint, $user);
+							foreach($options as &$option) {
+								$option=self::setUserVars($option, $user);
+							}
+							self::mount($options['class'], $options['options'], $mountPoint);
+						}
+					}
+				}
+			}
+		
+			if(isset($mountConfig['user'])) {
+				foreach($mountConfig['user'] as $mountUser=>$mounts) {
+					if($user==='all' or strtolower($mountUser)===strtolower($user)) {
+						foreach($mounts as $mountPoint=>$options) {
+							$mountPoint=self::setUserVars($mountPoint, $user);
+							foreach($options as &$option) {
+								$option=self::setUserVars($option, $user);
+							}
+							self::mount($options['class'], $options['options'], $mountPoint);
+						}
+					}
+				}
+			}
+		
+			$mtime=filemtime(OC::$SERVERROOT.'/config/mount.php');
+			$previousMTime=OC_Appconfig::getValue('files', 'mountconfigmtime', 0);
+			if($mtime>$previousMTime) {//mount config has changed, filecache needs to be updated
+				OC_FileCache::triggerUpdate();
+				OC_Appconfig::setValue('files', 'mountconfigmtime', $mtime);
+			}
+		}		
+	}
+	
+	static public function init($root, $user = '') {
 		if(self::$defaultInstance) {
 			return false;
 		}
 		self::$defaultInstance=new OC_FilesystemView($root);

 		//load custom mount config
-		if(is_file(OC::$SERVERROOT.'/config/mount.php')) {
-			$mountConfig=include(OC::$SERVERROOT.'/config/mount.php');
-			if(isset($mountConfig['global'])) {
-				foreach($mountConfig['global'] as $mountPoint=>$options) {
-					self::mount($options['class'],$options['options'],$mountPoint);
-				}
-			}
-
-			if(isset($mountConfig['group'])) {
-				foreach($mountConfig['group'] as $group=>$mounts) {
-					if(OC_Group::inGroup(OC_User::getUser(),$group)) {
-						foreach($mounts as $mountPoint=>$options) {
-							$mountPoint=self::setUserVars($mountPoint);
-							foreach($options as &$option) {
-								$option=self::setUserVars($option);
-							}
-							self::mount($options['class'],$options['options'],$mountPoint);
-						}
-					}
-				}
-			}
-
-			if(isset($mountConfig['user'])) {
-				foreach($mountConfig['user'] as $user=>$mounts) {
-					if($user==='all' or strtolower($user)===strtolower(OC_User::getUser())) {
-						foreach($mounts as $mountPoint=>$options) {
-							$mountPoint=self::setUserVars($mountPoint);
-							foreach($options as &$option) {
-								$option=self::setUserVars($option);
-							}
-							self::mount($options['class'],$options['options'],$mountPoint);
-						}
-					}
-				}
-			}
-
-			$mtime=filemtime(OC::$SERVERROOT.'/config/mount.php');
-			$previousMTime=OC_Appconfig::getValue('files','mountconfigmtime',0);
-			if($mtime>$previousMTime) {//mount config has changed, filecache needs to be updated
-				OC_FileCache::triggerUpdate();
-				OC_Appconfig::setValue('files','mountconfigmtime',$mtime);
-			}
+		if (!isset($user)) {
+			$user = OC_User::getUser();
 		}
+		self::loadSystemMountPoints($user);

 		self::$loaded=true;
 	}
@@ -253,8 +274,12 @@ class OC_Filesystem{
 	 * @param string intput
 	 * @return string
 	 */
-	private static function setUserVars($input) {
-		return str_replace('$user',OC_User::getUser(),$input);
+	private static function setUserVars($input, $user) {
+		if (isset($user)) {
+			return str_replace('$user', $user,$input);
+		} else {
+			return str_replace('$user',OC_User::getUser(),$input);
+		}
 	}

 	/**
@@ -371,12 +396,16 @@ class OC_Filesystem{
 	 * @return bool
 	 */
 	static public function isValidPath($path) {
+		$path = self::normalizePath($path);
 		if(!$path || $path[0]!=='/') {
 			$path='/'.$path;
 		}
 		if(strstr($path,'/../') || strrchr($path, '/') === '/..' ) {
 			return false;
 		}
+		if(self::isFileBlacklisted($path)){
+			return false;
+		}
 		return true;
 	}

@@ -386,20 +415,22 @@ class OC_Filesystem{
 	 * @param array $data from hook
 	 */
 	static public function isBlacklisted($data) {
-		$blacklist = array('.htaccess');
 		if (isset($data['path'])) {
 			$path = $data['path'];
 		} else if (isset($data['newpath'])) {
 			$path = $data['newpath'];
 		}
 		if (isset($path)) {
-			$filename = strtolower(basename($path));
-			if (in_array($filename, $blacklist)) {
-				$data['run'] = false;
-			}
+			$data['run'] = !self::isFileBlacklisted($path);
 		}
 	}

+	static public function isFileBlacklisted($path){
+		$blacklist = array('.htaccess');
+		$filename = strtolower(basename($path));
+		return in_array($filename, $blacklist);
+	}
+
 	/**
 	 * following functions are equivilent to their php buildin equivilents for arguments/return values.
 	 */
@@ -531,7 +562,7 @@ class OC_Filesystem{
 		if ($root) { // reduce path to the required part of it (no 'username/files')
 			$fakeRootView = new OC_FilesystemView($root);
 			$count = 1;
-			$path=str_replace(OC_App::getStorage("files")->getAbsolutePath($path), "", $fakeRootView->getAbsolutePath($path), $count);
+			$path=str_replace(OC_App::getStorage("files")->getAbsolutePath(), "", $fakeRootView->getAbsolutePath($path), $count);
 		}

 		$path = self::normalizePath($path);
@@ -47,11 +47,8 @@ class OC_FilesystemView {
 		$this->fakeRoot=$root;
 	}

-	public function getAbsolutePath($path) {
-		if(!$path) {
-			$path='/';
-		}
-		if($path[0]!=='/') {
+	public function getAbsolutePath($path = '/') {
+		if(!$path || $path[0]!=='/') {
 			$path='/'.$path;
 		}
 		return $this->fakeRoot.$path;
@@ -251,6 +248,9 @@ class OC_FilesystemView {
 		return $this->basicOperation('filemtime', $path);
 	}
 	public function touch($path, $mtime=null) {
+		if(!is_null($mtime) and !is_numeric($mtime)){
+			$mtime = strtotime($mtime);
+		}
 		return $this->basicOperation('touch', $path, array('write'), $mtime);
 	}
 	public function file_get_contents($path) {
@@ -65,15 +65,8 @@ class OC_Group {
 	 *
 	 * Tries to create a new group. If the group name already exists, false will
 	 * be returned. Basic checking of Group name
-	 *
-	 * Allowed characters in the username are: "a-z", "A-Z", "0-9" and "_.@-"
 	 */
 	public static function createGroup( $gid ) {
-		// Check the name for bad characters
-		// Allowed are: "a-z", "A-Z", "0-9" and "_.@-"
-		if( preg_match( '/[^a-zA-Z0-9 _\.@\-]/', $gid )) {
-			return false;
-		}
 		// No empty group names!
 		if( !$gid ) {
 			return false;
@@ -100,6 +100,17 @@ class OC_Helper {
 		return OC_Request::serverProtocol(). '://'  . OC_Request::serverHost() . $url;
 	}

+	/**
+	 * @brief Creates an url for remote use
+	 * @param string $service id
+	 * @return string the url
+	 *
+	 * Returns a url to the given service.
+	 */
+	public static function linkToRemoteBase( $service ) {
+		return self::linkTo( '', 'remote.php') . '/' . $service;
+	}
+
 	/**
 	 * @brief Creates an absolute url for remote use
 	 * @param string $service id
@@ -108,7 +119,7 @@ class OC_Helper {
 	 * Returns a absolute url to the given service.
 	 */
 	public static function linkToRemote( $service, $add_slash = true ) {
-		return self::linkToAbsolute( '', 'remote.php') . '/' . $service . (($add_slash && $service[strlen($service)-1]!='/')?'/':'');
+		return self::makeURLAbsolute(self::linkToRemoteBase($service)) . (($add_slash && $service[strlen($service)-1]!='/')?'/':'');
 	}

 	/**
@@ -294,7 +305,7 @@ class OC_Helper {
 					self::copyr("$src/$file", "$dest/$file");
 				}
 			}
-		}elseif(file_exists($src)) {
+		}elseif(file_exists($src) && !OC_Filesystem::isFileBlacklisted($src)) {
 			copy($src, $dest);
 		}
 	}
@@ -200,7 +200,7 @@ class OC_Migrate{
 		$scan = scandir( $extractpath );
 		// Check for export_info.json
 		if( !in_array( 'export_info.json', $scan ) ) {
-			OC_Log::write( 'migration', 'Invalid import file, export_info.json note found', OC_Log::ERROR );
+			OC_Log::write( 'migration', 'Invalid import file, export_info.json not found', OC_Log::ERROR );
 			return json_encode( array( 'success' => false ) );
 		}
 		$json = json_decode( file_get_contents( $extractpath . 'export_info.json' ) );
@@ -235,12 +235,19 @@ class OC_Migrate{
 					return json_encode( array( 'success' => false ) );
 				}
 				// Copy data
-				if( !self::copy_r( $extractpath . $json->exporteduser, $datadir . '/' . self::$uid ) ) {
-					return json_encode( array( 'success' => false ) );
+				$userfolder = $extractpath . $json->exporteduser;
+				$newuserfolder = $datadir . '/' . self::$uid;
+				foreach(scandir($userfolder) as $file){
+					if($file !== '.' && $file !== '..' && is_dir($file)){
+						// Then copy the folder over
+						OC_Helper::copyr($userfolder.'/'.$file, $newuserfolder.'/'.$file);
+					}
 				}
 				// Import user app data
-				if( !$appsimported = self::importAppData( $extractpath . $json->exporteduser . '/migration.db', $json, self::$uid ) ) {
-					return json_encode( array( 'success' => false ) );
+				if(file_exists($extractpath . $json->exporteduser . '/migration.db')){
+					if( !$appsimported = self::importAppData( $extractpath . $json->exporteduser . '/migration.db', $json, self::$uid ) ) {
+						return json_encode( array( 'success' => false ) );
+					}
 				}
 				// All done!
 				if( !self::unlink_r( $extractpath ) ) {
@@ -304,37 +311,6 @@ class OC_Migrate{
 		return true;
 	}

-	/**
-	* @brief copies recursively
-	* @param $path string path to source folder
-	* @param $dest string path to destination
-	* @return bool
-	*/
-	private static function copy_r( $path, $dest ) {
-		if( is_dir($path) ) {
-			@mkdir( $dest );
-			$objects = scandir( $path );
-			if( sizeof( $objects ) > 0 ) {
-				foreach( $objects as $file ) {
-					if( $file == "." || $file == ".." || $file == ".htaccess")
-					continue;
-					// go on
-					if( is_dir( $path . '/' . $file ) ) {
-						self::copy_r( $path  .'/' . $file, $dest . '/' . $file );
-					} else {
-						copy( $path . '/' . $file, $dest . '/' . $file );
-					}
-				}
-			}
-			return true;
-		}
-		elseif( is_file( $path ) ) {
-			return copy( $path, $dest );
-		} else {
-			return false;
-		}
-	}
-
 	/**
 	* @brief tries to extract the import zip
 	* @param $path string path to the zip
@@ -94,4 +94,5 @@ return array(
 	'sgf' => 'application/sgf',
 	'cdr' => 'application/coreldraw',
 	'impress' => 'text/impress',
+	'ai' => 'application/illustrator',
 );
@@ -58,6 +58,7 @@ class Share {
 	private static $shareTypeGroupUserUnique = 2;
 	private static $backends = array();
 	private static $backendTypes = array();
+	private static $isResharingAllowed;

 	/**
 	* @brief Register a sharing backend class that implements OCP\Share_Backend for an item type
@@ -326,6 +327,22 @@ class Share {
 		return false;
 	}

+	/**
+	* @brief Unshare an item from all users, groups, and remove all links
+	* @param string Item type
+	* @param string Item source
+	* @return Returns true on success or false on failure
+	*/
+	public static function unshareAll($itemType, $itemSource) {
+		if ($shares = self::getItemShared($itemType, $itemSource)) {
+			foreach ($shares as $share) {
+				self::delete($share['id']);
+			}
+			return true;
+		}
+		return false;
+	}
+
 	/**
 	* @brief Unshare an item shared with the current user
 	* @param string Item type
@@ -466,6 +483,24 @@ class Share {
 		throw new \Exception($message);
 	}

+	/**
+	* @brief Check if resharing is allowed
+	* @return Returns true if allowed or false
+	*
+	* Resharing is allowed by default if not configured
+	*
+	*/
+	private static function isResharingAllowed() {
+		if (!isset(self::$isResharingAllowed)) {
+			if (\OC_Appconfig::getValue('core', 'shareapi_allow_resharing', 'yes') == 'yes') {
+				self::$isResharingAllowed = true;
+			} else {
+				self::$isResharingAllowed = false;
+			}
+		}
+		return self::$isResharingAllowed;
+	}
+
 	/**
 	* @brief Get a list of collection item types for the specified item type
 	* @param string Item type
@@ -710,6 +745,10 @@ class Share {
 					continue;
 				}
 			}
+			// Check if resharing is allowed, if not remove share permission
+			if (isset($row['permissions']) && !self::isResharingAllowed()) {
+				$row['permissions'] &= ~self::PERMISSION_SHARE;
+			}
 			$items[$row['id']] = $row;
 		}
 		if (!empty($items)) {
@@ -828,7 +867,7 @@ class Share {
 				throw new \Exception($message);
 			}
 			// Check if share permissions is granted
-			if ((int)$checkReshare['permissions'] & self::PERMISSION_SHARE) {
+			if (self::isResharingAllowed() && (int)$checkReshare['permissions'] & self::PERMISSION_SHARE) {
 				if (~(int)$checkReshare['permissions'] & $permissions) {
 					$message = 'Sharing '.$itemSource.' failed, because the permissions exceed permissions granted to '.$uidOwner;
 					\OC_Log::write('OCP\Share', $message, \OC_Log::ERROR);
@@ -5,12 +5,19 @@ $hasMySQL = is_callable('mysql_connect');
 $hasPostgreSQL = is_callable('pg_connect');
 $hasOracle = is_callable('oci_connect');
 $datadir = OC_Config::getValue('datadirectory', OC::$SERVERROOT.'/data');
+
+// Test if  .htaccess is working
+$content = "deny from all";
+file_put_contents(OC::$SERVERROOT.'/data/.htaccess', $content);
+
 $opts = array(
 	'hasSQLite' => $hasSQLite,
 	'hasMySQL' => $hasMySQL,
 	'hasPostgreSQL' => $hasPostgreSQL,
 	'hasOracle' => $hasOracle,
 	'directory' => $datadir,
+	'secureRNG' => OC_Util::secureRNG_available(),
+	'htaccessWorking' => OC_Util::ishtaccessworking(),
 	'errors' => array(),
 );

@@ -63,6 +70,9 @@ class OC_Setup {
 			if(empty($options['dbname'])) {
 				$error[] = "$dbprettyname enter the database name.";
 			}
+			if(substr_count($options['dbname'], '.') >= 1){
+				$error[] = "$dbprettyname you may not use dots in the database name";
+			}
 			if($dbtype != 'oci' && empty($options['dbhost'])) {
 				$error[] = "$dbprettyname set the database host.";
 			}
@@ -567,6 +577,10 @@ class OC_Setup {
 		$content.= "RewriteRule ^apps/([^/]*)/(.*\.(css|php))$ index.php?app=$1&getfile=$2 [QSA,L]\n";
 		$content.= "RewriteRule ^remote/(.*) remote.php [QSA,L]\n";
 		$content.= "</IfModule>\n";
+		$content.= "<IfModule mod_mime.c>\n";
+		$content.= "AddType image/svg+xml svg svgz\n";
+		$content.= "AddEncoding gzip svgz\n";
+		$content.= "</IfModule>\n";
 		$content.= "Options -Indexes\n";
 		@file_put_contents(OC::$SERVERROOT.'/.htaccess', $content); //supress errors in case we don't have permissions for it

@@ -159,9 +159,11 @@ class OC_Template{
 		$this->vars['requestlifespan'] = OC_Util::$callLifespan;
 		$parts = explode('/', $app); // fix translation when app is something like core/lostpassword
 		$this->l10n = OC_L10N::get($parts[0]);
-                header('X-Frame-Options: Sameorigin');
-                header('X-XSS-Protection: 1; mode=block');
-                header('X-Content-Type-Options: nosniff');
+
+		// Some headers to enhance security
+		header('X-Frame-Options: Sameorigin');
+		header('X-XSS-Protection: 1; mode=block');
+		header('X-Content-Type-Options: nosniff');

 		$this->findTemplate($name);
 	}
@@ -50,7 +50,7 @@ class OC_TemplateLayout extends OC_Template {
 		$jsfiles = self::findJavascriptFiles(OC_Util::$scripts);
 		$this->assign('jsfiles', array(), false);
 		if (!empty(OC_Util::$core_scripts)) {
-			$this->append( 'jsfiles', OC_Helper::linkToRemote('core.js', false));
+			$this->append( 'jsfiles', OC_Helper::linkToRemoteBase('core.js', false));
 		}
 		foreach($jsfiles as $info) {
 			$root = $info[0];
@@ -63,7 +63,7 @@ class OC_TemplateLayout extends OC_Template {
 		$cssfiles = self::findStylesheetFiles(OC_Util::$styles);
 		$this->assign('cssfiles', array());
 		if (!empty(OC_Util::$core_styles)) {
-			$this->append( 'cssfiles', OC_Helper::linkToRemote('core.css', false));
+			$this->append( 'cssfiles', OC_Helper::linkToRemoteBase('core.css', false));
 		}
 		foreach($cssfiles as $info) {
 			$root = $info[0];
@@ -210,6 +210,10 @@ class OC_User {
 			}
 			// Delete the user's keys in preferences
 			OC_Preferences::deleteUser($uid);
+
+			// Delete user files in /data/
+			OC_Helper::rmdirr(OC_Config::getValue( "datadirectory", OC::$SERVERROOT."/data" ) . '/'.$uid.'/');
+
 			// Emit and exit
 			OC_Hook::emit( "OC_User", "post_deleteUser", array( "uid" => $uid ));
 			return true;
@@ -363,8 +367,7 @@ class OC_User {
 	 * @param $password The password
 	 * @returns string
 	 *
-	 * Check if the password is correct without logging in the user
-	 * returns the user id or false
+	 * returns the path to the users home directory
 	 */
 	public static function getHome($uid) {
 		foreach(self::$_usedBackends as $backend) {
@@ -473,7 +476,7 @@ class OC_User {
 	public static function setMagicInCookie($username, $token) {
 		$secure_cookie = OC_Config::getValue("forcessl", false);
 		setcookie("oc_username", $username, time()+60*60*24*15, '', '', $secure_cookie);
-		setcookie("oc_token", $token, time()+60*60*24*15, '', '', $secure_cookie);
+		setcookie("oc_token", $token, time()+60*60*24*15, '', '', $secure_cookie, true);
 		setcookie("oc_remember_login", true, time()+60*60*24*15, '', '', $secure_cookie);
 	}

@@ -24,6 +24,11 @@ class OC_Util {
 			$user = OC_User::getUser();
 		}

+		// load all filesystem apps before, so no setup-hook gets lost
+		if(!isset($RUNTIME_NOAPPS) || !$RUNTIME_NOAPPS) {
+			OC_App::loadApps(array('filesystem'));
+		}
+
 		// the filesystem will finish when $user is not empty,
 		// mark fs setup here to avoid doing the setup from loading
 		// OC_Filesystem
@@ -47,25 +52,13 @@ class OC_Util {
 			}
 			//jail the user into his "home" directory
 			OC_Filesystem::mount('OC_Filestorage_Local', array('datadir' => $user_root), $user);
-			OC_Filesystem::init($user_dir);
+			OC_Filesystem::init($user_dir, $user);
 			$quotaProxy=new OC_FileProxy_Quota();
+			$fileOperationProxy = new OC_FileProxy_FileOperations();
 			OC_FileProxy::register($quotaProxy);
+			OC_FileProxy::register($fileOperationProxy);
 			// Load personal mount config
-			if (is_file($user_root.'/mount.php')) {
-				$mountConfig = include($user_root.'/mount.php');
-				if (isset($mountConfig['user'][$user])) {
-					foreach ($mountConfig['user'][$user] as $mountPoint => $options) {
-						OC_Filesystem::mount($options['class'], $options['options'], $mountPoint);
-					}
-				}
-
-				$mtime=filemtime($user_root.'/mount.php');
-				$previousMTime=OC_Preferences::getValue($user,'files','mountconfigmtime',0);
-				if($mtime>$previousMTime) {//mount config has changed, filecache needs to be updated
-					OC_FileCache::triggerUpdate($user);
-					OC_Preferences::setValue($user,'files','mountconfigmtime',$mtime);
-				}
-			}
+			self::loadUserMountPoints($user);
 			OC_Hook::emit('OC_Filesystem', 'setup', array('user' => $user, 'user_dir' => $user_dir));
 		}
 	}
@@ -74,6 +67,27 @@ class OC_Util {
 		OC_Filesystem::tearDown();
 		self::$fsSetup=false;
 	}
+	
+	public static function loadUserMountPoints($user) {
+		$user_dir = '/'.$user.'/files';
+		$user_root = OC_User::getHome($user);
+		$userdirectory = $user_root . '/files';
+		if (is_file($user_root.'/mount.php')) {
+			$mountConfig = include($user_root.'/mount.php');
+			if (isset($mountConfig['user'][$user])) {
+				foreach ($mountConfig['user'][$user] as $mountPoint => $options) {
+					OC_Filesystem::mount($options['class'], $options['options'], $mountPoint);
+				}
+			}
+		
+			$mtime=filemtime($user_root.'/mount.php');
+			$previousMTime=OC_Preferences::getValue($user,'files','mountconfigmtime',0);
+			if($mtime>$previousMTime) {//mount config has changed, filecache needs to be updated
+				OC_FileCache::triggerUpdate($user);
+				OC_Preferences::setValue($user,'files','mountconfigmtime',$mtime);
+			}
+		}		
+	}

 	/**
 	 * get the current installed version of ownCloud
@@ -81,7 +95,7 @@ class OC_Util {
 	 */
 	public static function getVersion() {
 		// hint: We only can count up. So the internal version number of ownCloud 4.5 will be 4.90.0. This is not visible to the user
-		return array(4,90,00);
+		return array(4,90,3);
 	}

 	/**
@@ -89,7 +103,7 @@ class OC_Util {
 	 * @return string
 	 */
 	public static function getVersionString() {
-		return '4.5';
+		return '4.5.2';
 	}

 	/**
@@ -287,7 +301,10 @@ class OC_Util {
 			$errors[]=array('error'=>'PHP module zlib is not installed.<br/>','hint'=>'Please ask your server administrator to install the module.');
 			$web_server_restart= false;
 		}
-
+		if(!function_exists('iconv')) {
+			$errors[]=array('error'=>'PHP module iconv is not installed.<br/>','hint'=>'Please ask your server administrator to install the module.');
+			$web_server_restart= false;
+		}
 		if(!function_exists('simplexml_load_string')) {
 			$errors[]=array('error'=>'PHP module SimpleXML is not installed.<br/>','hint'=>'Please ask your server administrator to install the module.');
 			$web_server_restart= false;
@@ -532,6 +549,11 @@ class OC_Util {

 		// creating a test file
 		$testfile = OC_Config::getValue( "datadirectory", OC::$SERVERROOT."/data" ).'/'.$filename;
+
+		if(file_exists($testfile)){// already running this test, possible recursive call
+			return false;
+		}
+
 		$fp = @fopen($testfile, 'w');
 		@fwrite($fp, $testcontent);
 		@fclose($fp);
@@ -554,12 +576,14 @@ class OC_Util {
 	}

 	/*
-	* @brief Generates random bytes with "openssl_random_pseudo_bytes" with a fallback for systems without openssl
-	* Inspired by gorgo on php.net
-	* @param Int with the length of the random
-	* @return String with the random bytes
+	* @brief Generates a cryptographical secure pseudorandom string
+	* @param Int with the length of the random string
+	* @return String
+	* Please also update secureRNG_available if you change something here
 	*/
 	public static function generate_random_bytes($length = 30) {
+
+		// Try to use openssl_random_pseudo_bytes
 		if(function_exists('openssl_random_pseudo_bytes')) { 
 			$pseudo_byte = bin2hex(openssl_random_pseudo_bytes($length, $strong));
 			if($strong == TRUE) {
@@ -567,9 +591,16 @@ class OC_Util {
 			}
 		}

-		// fallback to mt_rand() 
+		// Try to use /dev/urandom
+		$fp = @file_get_contents('/dev/urandom', false, null, 0, $length);
+		if ($fp !== FALSE) {
+			$string = substr(bin2hex($fp), 0, $length);  
+			return $string;
+		}
+
+		// Fallback to mt_rand() 
 		$characters = '0123456789';
-		$characters .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; 
+		$characters .= 'abcdefghijklmnopqrstuvwxyz'; 
 		$charactersLength = strlen($characters)-1;
 		$pseudo_byte = "";

@@ -579,4 +610,27 @@ class OC_Util {
 		}        
 		return $pseudo_byte;
 	}
+	
+	/*
+	* @brief Checks if a secure random number generator is available
+	* @return bool 
+	*/
+	public static function secureRNG_available() {
+
+		// Check openssl_random_pseudo_bytes
+		if(function_exists('openssl_random_pseudo_bytes')) { 
+			openssl_random_pseudo_bytes(1, $strong);
+			if($strong == TRUE) {
+				return true;
+			}
+		}
+
+		// Check /dev/urandom
+		$fp = @file_get_contents('/dev/urandom', false, null, 0, 1);
+		if ($fp !== FALSE) {
+			return true;
+		}
+
+		return false;
+	}	
 }
@@ -8,6 +8,11 @@ OCP\JSON::callCheck();

 $username = $_POST["username"];

+// A user shouldn't be able to delete his own account
+if(OC_User::getUser() === $username) {
+	exit;
+}
+
 if(!OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
 	$l = OC_L10N::get('core');
 	OC_JSON::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
@@ -20,4 +25,4 @@ if( OC_User::deleteUser( $username )) {
 }
 else{
 	OC_JSON::error(array("data" => array( "message" => $l->t("Unable to delete user") )));
-}
+}
@@ -16,7 +16,10 @@ var UserList={
 	 * finishDelete() completes the process. This allows for 'undo'.
 	 */
 	do_delete:function( uid ) {
-		
+		if (typeof UserList.deleteUid !== 'undefined') {
+			//Already a user in the undo queue
+			UserList.finishDelete(null);
+		}
 		UserList.deleteUid = uid;
 		
 		// Set undo flag
@@ -79,7 +82,7 @@ var UserList={
 			subadminSelect.data('subadmin', subadmin);
 			tr.find('td.subadmins').empty();
 		}
-		var allGroups = String($('#content table').data('groups')).split(', ');
+		var allGroups = String($('#content table').attr('data-groups')).split(', ');
 		$.each(allGroups, function(i, group) {
 			groupsSelect.append($('<option value="'+group+'">'+group+'</option>'));
 			if (typeof subadminSelect !== 'undefined' && group != 'admin') {
@@ -93,7 +96,14 @@ var UserList={
 			UserList.applyMultiplySelect(subadminSelect);
 		}
 		if (tr.find('td.remove img').length == 0 && OC.currentUser != username) {
-			tr.find('td.remove').append($('<img alt="Delete" title="'+t('settings','Delete')+'" class="svg action" src="'+OC.imagePath('core','actions/delete')+'"/>'));
+			var rm_img = $('<img>', {
+				class: 'svg action',
+				src: OC.imagePath('core','actions/delete'),
+				alt: t('settings','Delete'),
+				title: t('settings','Delete')
+			});
+			var rm_link = $('<a>', { class: 'action delete', href: '#'}).append(rm_img);
+			tr.find('td.remove').append(rm_link);
 		} else if (OC.currentUser == username) {
 			tr.find('td.remove a').remove();
 		}
@@ -113,7 +123,7 @@ var UserList={
 		if (sort) {
 			username = username.toLowerCase();
 			$('tbody tr').each(function() {
-				if (username < $(this).data('uid').toLowerCase()) {
+				if (username < $(this).attr('data-uid').toLowerCase()) {
 					$(tr).insertBefore($(this));
 					added = true;
 					return false;
@@ -148,7 +158,7 @@ var UserList={

 	applyMultiplySelect:function(element) {
 		var checked=[];
-		var user=element.data('username');
+		var user=element.attr('data-username');
 		if($(element).attr('class') == 'groupsselect'){
 			if(element.data('userGroups')){
 				checked=String(element.data('userGroups')).split(', ');
@@ -18,12 +18,7 @@ OC_App::setActiveNavigationEntry( 'personal' );
 // calculate the disc space
 $rootInfo=OC_FileCache::get('');
 $sharedInfo=OC_FileCache::get('/Shared');
-if (!isset($sharedInfo['size'])) {
-	$sharedSize = 0;
-} else {
-	$sharedSize = $sharedInfo['size'];
-}
-$used=$rootInfo['size']-$sharedSize;
+$used=$rootInfo['size'];
 if($used<0) $used=0;
 $free=OC_Filesystem::free_space();
 $total=$free+$used;
@@ -1,24 +1,24 @@
 <?php
 /**
-* ownCloud
-*
-* @author Robin Appelman
-* @copyright 2012 Robin Appelman icewind@owncloud.com
-*
-* This library is free software; you can redistribute it and/or
-* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
-* License as published by the Free Software Foundation; either
-* version 3 of the License, or any later version.
-*
-* This library is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
-*
-* You should have received a copy of the GNU Affero General Public
-* License along with this library.  If not, see <http://www.gnu.org/licenses/>.
-*
-*/
+ * ownCloud
+ *
+ * @author Robin Appelman
+ * @copyright 2012 Robin Appelman icewind@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */

 abstract class Test_FileStorage extends UnitTestCase {
 	/**
@@ -30,195 +30,205 @@ abstract class Test_FileStorage extends UnitTestCase {
 	 * the root folder of the storage should always exist, be readable and be recognized as a directory
 	 */
 	public function testRoot() {
-		$this->assertTrue($this->instance->file_exists('/'),'Root folder does not exist');
-		$this->assertTrue($this->instance->isReadable('/'),'Root folder is not readable');
-		$this->assertTrue($this->instance->is_dir('/'),'Root folder is not a directory');
-		$this->assertFalse($this->instance->is_file('/'),'Root folder is a file');
-		$this->assertEqual('dir',$this->instance->filetype('/'));
-		
+		$this->assertTrue($this->instance->file_exists('/'), 'Root folder does not exist');
+		$this->assertTrue($this->instance->isReadable('/'), 'Root folder is not readable');
+		$this->assertTrue($this->instance->is_dir('/'), 'Root folder is not a directory');
+		$this->assertFalse($this->instance->is_file('/'), 'Root folder is a file');
+		$this->assertEqual('dir', $this->instance->filetype('/'));
+
 		//without this, any further testing would be useless, not an acutal requirement for filestorage though
-		$this->assertTrue($this->instance->isUpdatable('/'),'Root folder is not writable');
+		$this->assertTrue($this->instance->isUpdatable('/'), 'Root folder is not writable');
 	}
-	
+
 	public function testDirectories() {
 		$this->assertFalse($this->instance->file_exists('/folder'));
-		
+
 		$this->assertTrue($this->instance->mkdir('/folder'));
-		
+
 		$this->assertTrue($this->instance->file_exists('/folder'));
 		$this->assertTrue($this->instance->is_dir('/folder'));
 		$this->assertFalse($this->instance->is_file('/folder'));
-		$this->assertEqual('dir',$this->instance->filetype('/folder'));
-		$this->assertEqual(0,$this->instance->filesize('/folder'));
+		$this->assertEqual('dir', $this->instance->filetype('/folder'));
+		$this->assertEqual(0, $this->instance->filesize('/folder'));
 		$this->assertTrue($this->instance->isReadable('/folder'));
 		$this->assertTrue($this->instance->isUpdatable('/folder'));
-		
-		$dh=$this->instance->opendir('/');
-		$content=array();
-		while($file=readdir($dh)) {
-			if($file!='.' and $file!='..') {
-				$content[]=$file;
-			}
-		}
-		$this->assertEqual(array('folder'),$content);
-		
-		$this->assertFalse($this->instance->mkdir('/folder'));//cant create existing folders
-		$this->assertTrue($this->instance->rmdir('/folder'));
-		
-		$this->assertFalse($this->instance->file_exists('/folder'));
-		
-		$this->assertFalse($this->instance->rmdir('/folder'));//cant remove non existing folders

-		$dh=$this->instance->opendir('/');
-		$content=array();
-		while($file=readdir($dh)) {
-			if($file!='.' and $file!='..') {
-				$content[]=$file;
+		$dh = $this->instance->opendir('/');
+		$content = array();
+		while ($file = readdir($dh)) {
+			if ($file != '.' and $file != '..') {
+				$content[] = $file;
 			}
 		}
-		$this->assertEqual(array(),$content);
+		$this->assertEqual(array('folder'), $content);
+
+		$this->assertFalse($this->instance->mkdir('/folder')); //cant create existing folders
+		$this->assertTrue($this->instance->rmdir('/folder'));
+
+		$this->assertFalse($this->instance->file_exists('/folder'));
+
+		$this->assertFalse($this->instance->rmdir('/folder')); //cant remove non existing folders
+
+		$dh = $this->instance->opendir('/');
+		$content = array();
+		while ($file = readdir($dh)) {
+			if ($file != '.' and $file != '..') {
+				$content[] = $file;
+			}
+		}
+		$this->assertEqual(array(), $content);
 	}

 	/**
 	 * test the various uses of file_get_contents and file_put_contents
 	 */
 	public function testGetPutContents() {
-		$sourceFile=OC::$SERVERROOT.'/tests/data/lorem.txt';
-		$sourceText=file_get_contents($sourceFile);
-		
+		$sourceFile = OC::$SERVERROOT . '/tests/data/lorem.txt';
+		$sourceText = file_get_contents($sourceFile);
+
 		//fill a file with string data
-		$this->instance->file_put_contents('/lorem.txt',$sourceText);
+		$this->instance->file_put_contents('/lorem.txt', $sourceText);
 		$this->assertFalse($this->instance->is_dir('/lorem.txt'));
-		$this->assertEqual($sourceText,$this->instance->file_get_contents('/lorem.txt'),'data returned from file_get_contents is not equal to the source data');
+		$this->assertEqual($sourceText, $this->instance->file_get_contents('/lorem.txt'), 'data returned from file_get_contents is not equal to the source data');

 		//empty the file
-		$this->instance->file_put_contents('/lorem.txt','');
-		$this->assertEqual('',$this->instance->file_get_contents('/lorem.txt'),'file not emptied');
+		$this->instance->file_put_contents('/lorem.txt', '');
+		$this->assertEqual('', $this->instance->file_get_contents('/lorem.txt'), 'file not emptied');
 	}
-	
+
 	/**
 	 * test various known mimetypes
 	 */
 	public function testMimeType() {
-		$this->assertEqual('httpd/unix-directory',$this->instance->getMimeType('/'));
-		$this->assertEqual(false,$this->instance->getMimeType('/non/existing/file'));
-		
-		$textFile=OC::$SERVERROOT.'/tests/data/lorem.txt';
-		$this->instance->file_put_contents('/lorem.txt',file_get_contents($textFile,'r'));
-		$this->assertEqual('text/plain',$this->instance->getMimeType('/lorem.txt'));
-		
-		$pngFile=OC::$SERVERROOT.'/tests/data/logo-wide.png';
-		$this->instance->file_put_contents('/logo-wide.png',file_get_contents($pngFile,'r'));
-		$this->assertEqual('image/png',$this->instance->getMimeType('/logo-wide.png'));
-		
-		$svgFile=OC::$SERVERROOT.'/tests/data/logo-wide.svg';
-		$this->instance->file_put_contents('/logo-wide.svg',file_get_contents($svgFile,'r'));
-		$this->assertEqual('image/svg+xml',$this->instance->getMimeType('/logo-wide.svg'));
+		$this->assertEqual('httpd/unix-directory', $this->instance->getMimeType('/'));
+		$this->assertEqual(false, $this->instance->getMimeType('/non/existing/file'));
+
+		$textFile = OC::$SERVERROOT . '/tests/data/lorem.txt';
+		$this->instance->file_put_contents('/lorem.txt', file_get_contents($textFile, 'r'));
+		$this->assertEqual('text/plain', $this->instance->getMimeType('/lorem.txt'));
+
+		$pngFile = OC::$SERVERROOT . '/tests/data/logo-wide.png';
+		$this->instance->file_put_contents('/logo-wide.png', file_get_contents($pngFile, 'r'));
+		$this->assertEqual('image/png', $this->instance->getMimeType('/logo-wide.png'));
+
+		$svgFile = OC::$SERVERROOT . '/tests/data/logo-wide.svg';
+		$this->instance->file_put_contents('/logo-wide.svg', file_get_contents($svgFile, 'r'));
+		$this->assertEqual('image/svg+xml', $this->instance->getMimeType('/logo-wide.svg'));
 	}
-	
+
 	public function testCopyAndMove() {
-		$textFile=OC::$SERVERROOT.'/tests/data/lorem.txt';
-		$this->instance->file_put_contents('/source.txt',file_get_contents($textFile));
-		$this->instance->copy('/source.txt','/target.txt');
+		$textFile = OC::$SERVERROOT . '/tests/data/lorem.txt';
+		$this->instance->file_put_contents('/source.txt', file_get_contents($textFile));
+		$this->instance->copy('/source.txt', '/target.txt');
 		$this->assertTrue($this->instance->file_exists('/target.txt'));
-		$this->assertEqual($this->instance->file_get_contents('/source.txt'),$this->instance->file_get_contents('/target.txt'));
-		
-		$this->instance->rename('/source.txt','/target2.txt');
+		$this->assertEqual($this->instance->file_get_contents('/source.txt'), $this->instance->file_get_contents('/target.txt'));
+
+		$this->instance->rename('/source.txt', '/target2.txt');
 		$this->assertTrue($this->instance->file_exists('/target2.txt'));
 		$this->assertFalse($this->instance->file_exists('/source.txt'));
-		$this->assertEqual(file_get_contents($textFile),$this->instance->file_get_contents('/target.txt'));
+		$this->assertEqual(file_get_contents($textFile), $this->instance->file_get_contents('/target.txt'));
 	}
-	
+
 	public function testLocal() {
-		$textFile=OC::$SERVERROOT.'/tests/data/lorem.txt';
-		$this->instance->file_put_contents('/lorem.txt',file_get_contents($textFile));
-		$localFile=$this->instance->getLocalFile('/lorem.txt');
+		$textFile = OC::$SERVERROOT . '/tests/data/lorem.txt';
+		$this->instance->file_put_contents('/lorem.txt', file_get_contents($textFile));
+		$localFile = $this->instance->getLocalFile('/lorem.txt');
 		$this->assertTrue(file_exists($localFile));
-		$this->assertEqual(file_get_contents($localFile),file_get_contents($textFile));
-		
+		$this->assertEqual(file_get_contents($localFile), file_get_contents($textFile));
+
 		$this->instance->mkdir('/folder');
-		$this->instance->file_put_contents('/folder/lorem.txt',file_get_contents($textFile));
-		$this->instance->file_put_contents('/folder/bar.txt','asd');
+		$this->instance->file_put_contents('/folder/lorem.txt', file_get_contents($textFile));
+		$this->instance->file_put_contents('/folder/bar.txt', 'asd');
 		$this->instance->mkdir('/folder/recursive');
-		$this->instance->file_put_contents('/folder/recursive/file.txt','foo');
-		$localFolder=$this->instance->getLocalFolder('/folder');
+		$this->instance->file_put_contents('/folder/recursive/file.txt', 'foo');
+		$localFolder = $this->instance->getLocalFolder('/folder');

 		$this->assertTrue(is_dir($localFolder));
-		$this->assertTrue(file_exists($localFolder.'/lorem.txt'));
-		$this->assertEqual(file_get_contents($localFolder.'/lorem.txt'),file_get_contents($textFile));
-		$this->assertEqual(file_get_contents($localFolder.'/bar.txt'),'asd');
-		$this->assertEqual(file_get_contents($localFolder.'/recursive/file.txt'),'foo');
+		$this->assertTrue(file_exists($localFolder . '/lorem.txt'));
+		$this->assertEqual(file_get_contents($localFolder . '/lorem.txt'), file_get_contents($textFile));
+		$this->assertEqual(file_get_contents($localFolder . '/bar.txt'), 'asd');
+		$this->assertEqual(file_get_contents($localFolder . '/recursive/file.txt'), 'foo');
 	}

 	public function testStat() {
-		$textFile=OC::$SERVERROOT.'/tests/data/lorem.txt';
-		$ctimeStart=time();
-		$this->instance->file_put_contents('/lorem.txt',file_get_contents($textFile));
+		$textFile = OC::$SERVERROOT . '/tests/data/lorem.txt';
+		$ctimeStart = time();
+		$this->instance->file_put_contents('/lorem.txt', file_get_contents($textFile));
 		$this->assertTrue($this->instance->isReadable('/lorem.txt'));
-		$ctimeEnd=time();
-		$cTime=$this->instance->filectime('/lorem.txt');
-		$mTime=$this->instance->filemtime('/lorem.txt');
-		if($cTime!=-1) {//not everything can support ctime
-			$this->assertTrue(($ctimeStart-1)<=$cTime);
-			$this->assertTrue($cTime<=($ctimeEnd+1));
-		}
-		$this->assertTrue($this->instance->hasUpdated('/lorem.txt',$ctimeStart-1));
-		$this->assertTrue($this->instance->hasUpdated('/',$ctimeStart-1));
-		
-		$this->assertTrue(($ctimeStart-1)<=$mTime);
-		$this->assertTrue($mTime<=($ctimeEnd+1));
-		$this->assertEqual(filesize($textFile),$this->instance->filesize('/lorem.txt'));
-		
-		$stat=$this->instance->stat('/lorem.txt');
-		//only size, mtime and ctime are requered in the result
-		$this->assertEqual($stat['size'],$this->instance->filesize('/lorem.txt'));
-		$this->assertEqual($stat['mtime'],$mTime);
-		$this->assertEqual($stat['ctime'],$cTime);
-		
-		$mtimeStart=time();
+		$ctimeEnd = time();
+		$mTime = $this->instance->filemtime('/lorem.txt');
+		$this->assertTrue($this->instance->hasUpdated('/lorem.txt', $ctimeStart - 1));
+		$this->assertTrue($this->instance->hasUpdated('/', $ctimeStart - 1));
+
+		$this->assertTrue(($ctimeStart - 1) <= $mTime);
+		$this->assertTrue($mTime <= ($ctimeEnd + 1));
+		$this->assertEqual(filesize($textFile), $this->instance->filesize('/lorem.txt'));
+
+		$stat = $this->instance->stat('/lorem.txt');
+		//only size and mtime are requered in the result
+		$this->assertEqual($stat['size'], $this->instance->filesize('/lorem.txt'));
+		$this->assertEqual($stat['mtime'], $mTime);
+
+		$mtimeStart = time();
 		$supportsTouch = $this->instance->touch('/lorem.txt');
-		$mtimeEnd=time();
-		if($supportsTouch !== false){
-			$originalCTime=$cTime;
-			$cTime=$this->instance->filectime('/lorem.txt');
-			$mTime=$this->instance->filemtime('/lorem.txt');
-			$this->assertTrue(($mtimeStart-1)<=$mTime);
-			$this->assertTrue($mTime<=($mtimeEnd+1));
-			$this->assertEqual($cTime,$originalCTime);
+		$mtimeEnd = time();
+		if ($supportsTouch !== false) {
+			$mTime = $this->instance->filemtime('/lorem.txt');
+			$this->assertTrue(($mtimeStart - 1) <= $mTime);
+			$this->assertTrue($mTime <= ($mtimeEnd + 1));

-			$this->assertTrue($this->instance->hasUpdated('/lorem.txt',$mtimeStart-1));
+			$this->assertTrue($this->instance->hasUpdated('/lorem.txt', $mtimeStart - 1));

-			if($this->instance->touch('/lorem.txt',100)!==false) {
-				$mTime=$this->instance->filemtime('/lorem.txt');
-				$this->assertEqual($mTime,100);
+			if ($this->instance->touch('/lorem.txt', 100) !== false) {
+				$mTime = $this->instance->filemtime('/lorem.txt');
+				$this->assertEqual($mTime, 100);
 			}
 		}

-		$mtimeStart=time();
-		$fh=$this->instance->fopen('/lorem.txt','a');
-		fwrite($fh,' ');
+		$mtimeStart = time();
+		$fh = $this->instance->fopen('/lorem.txt', 'a');
+		fwrite($fh, ' ');
 		fclose($fh);
 		clearstatcache();
-		$mtimeEnd=time();
-		$originalCTime=$cTime;
-		$mTime=$this->instance->filemtime('/lorem.txt');
-		$this->assertTrue(($mtimeStart-1)<=$mTime);
-		$this->assertTrue($mTime<=($mtimeEnd+1));
+		$mtimeEnd = time();
+		$mTime = $this->instance->filemtime('/lorem.txt');
+		$this->assertTrue(($mtimeStart - 1) <= $mTime);
+		$this->assertTrue($mTime <= ($mtimeEnd + 1));

 		$this->instance->unlink('/lorem.txt');
-		$this->assertTrue($this->instance->hasUpdated('/',$mtimeStart-1));
+		$this->assertTrue($this->instance->hasUpdated('/', $mtimeStart - 1));
 	}

 	public function testSearch() {
-		$textFile=OC::$SERVERROOT.'/tests/data/lorem.txt';
-		$this->instance->file_put_contents('/lorem.txt',file_get_contents($textFile,'r'));
-		$pngFile=OC::$SERVERROOT.'/tests/data/logo-wide.png';
-		$this->instance->file_put_contents('/logo-wide.png',file_get_contents($pngFile,'r'));
-		$svgFile=OC::$SERVERROOT.'/tests/data/logo-wide.svg';
-		$this->instance->file_put_contents('/logo-wide.svg',file_get_contents($svgFile,'r'));
-		$result=$this->instance->search('logo');
-		$this->assertEqual(2,count($result));
-		$this->assertNotIdentical(false,array_search('/logo-wide.svg',$result));
-		$this->assertNotIdentical(false,array_search('/logo-wide.png',$result));
+		$textFile = OC::$SERVERROOT . '/tests/data/lorem.txt';
+		$this->instance->file_put_contents('/lorem.txt', file_get_contents($textFile, 'r'));
+		$pngFile = OC::$SERVERROOT . '/tests/data/logo-wide.png';
+		$this->instance->file_put_contents('/logo-wide.png', file_get_contents($pngFile, 'r'));
+		$svgFile = OC::$SERVERROOT . '/tests/data/logo-wide.svg';
+		$this->instance->file_put_contents('/logo-wide.svg', file_get_contents($svgFile, 'r'));
+		$result = $this->instance->search('logo');
+		$this->assertEqual(2, count($result));
+		$this->assertNotIdentical(false, array_search('/logo-wide.svg', $result));
+		$this->assertNotIdentical(false, array_search('/logo-wide.png', $result));
+	}
+
+	public function testFOpen() {
+		$textFile = OC::$SERVERROOT . '/tests/data/lorem.txt';
+
+		$fh = @$this->instance->fopen('foo', 'r');
+		if ($fh) {
+			fclose($fh);
+		}
+		$this->assertFalse($fh);
+		$this->assertFalse($this->instance->file_exists('foo'));
+
+		$fh = $this->instance->fopen('foo', 'w');
+		fwrite($fh, file_get_contents($textFile));
+		fclose($fh);
+		$this->assertTrue($this->instance->file_exists('foo'));
+
+		$fh = $this->instance->fopen('foo', 'r');
+		$content = stream_get_contents($fh);
+		$this->assertEqual(file_get_contents($textFile), $content);
 	}
 }
@@ -72,6 +72,41 @@ class Test_Filesystem extends UnitTestCase {
 		}
 	}

+	public function testBlacklist() {
+		OC_Hook::clear('OC_Filesystem');
+		OC_Hook::connect('OC_Filesystem', 'write', 'OC_Filesystem', 'isBlacklisted');
+		OC_Hook::connect('OC_Filesystem', 'rename', 'OC_Filesystem', 'isBlacklisted');
+
+		$run = true;
+		OC_Hook::emit(
+			OC_Filesystem::CLASSNAME,
+			OC_Filesystem::signal_write,
+			array(
+				OC_Filesystem::signal_param_path => '/test/.htaccess',
+				OC_Filesystem::signal_param_run => &$run
+			)
+		);
+		$this->assertFalse($run);
+
+		if (OC_Filesystem::getView()) {
+			$user = OC_User::getUser();
+		} else {
+			$user = uniqid();
+			OC_Filesystem::init('/' . $user . '/files');
+		}
+
+		OC_Filesystem::mount('OC_Filestorage_Temporary', array(), '/');
+
+		$rootView = new OC_FilesystemView('');
+		$rootView->mkdir('/' . $user);
+		$rootView->mkdir('/' . $user . '/files');
+
+		$this->assertFalse($rootView->file_put_contents('/.htaccess', 'foo'));
+		$this->assertFalse(OC_Filesystem::file_put_contents('/.htaccess', 'foo'));
+		$fh = fopen(__FILE__, 'r');
+		$this->assertFalse(OC_Filesystem::file_put_contents('/.htaccess', $fh));
+	}
+
 	public function testHooks() {
 		if(OC_Filesystem::getView()){
 			$user = OC_User::getUser();
@@ -264,6 +264,8 @@ class Test_Share extends UnitTestCase {
 		} catch (Exception $exception) {
 			$this->assertEqual($exception->getMessage(), $message);
 		}
+		$policy = OC_Appconfig::getValue('core', 'shareapi_share_policy', 'global');
+		OC_Appconfig::setValue('core', 'shareapi_share_policy', 'groups_only');
 		$message = 'Sharing test.txt failed, because '.$this->user1.' is not a member of the group '.$this->group2;
 		try {
 			OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group2, OCP\Share::PERMISSION_READ);
@@ -271,6 +273,7 @@ class Test_Share extends UnitTestCase {
 		} catch (Exception $exception) {
 			$this->assertEqual($exception->getMessage(), $message);
 		}
+		OC_Appconfig::setValue('core', 'shareapi_share_policy', $policy);
 		
 		// Valid share
 		$this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_GROUP, $this->group1, OCP\Share::PERMISSION_READ));
Author	SHA1	Message	Date
Frank Karlitschek	bcb9cf3c06	4.5.2	2012-11-13 22:06:13 +01:00
Björn Schießle	55d8057b7f	Merge pull request #335 from owncloud/sharing_folder_sync_stable45 Sharing folder sync stable45	2012-11-13 07:28:03 -08:00
Björn Schießle	5e19854d47	always calll fopen	2012-11-13 16:04:27 +01:00
Björn Schießle	781b579074	create correct file cache entries for new files/folder created in shared folders	2012-11-13 15:32:38 +01:00
Lukas Reschke	77c07615f8	Merge pull request #321 from eMerzh/fix_multiple_del_user2 Fix deleting multiple user w-o reloading V2	2012-11-12 12:21:42 -08:00
Thomas Müller	743d01d4a6	Merge pull request #344 from owncloud/ldap_fix_objectguid Ldap fix reatrieval of objectguid (AD), more error checking	2012-11-12 07:49:06 -08:00
Thomas Müller	12cd67b8d9	Merge pull request #349 from owncloud/check_resharing_allowed Check resharing setting	2012-11-11 07:20:46 -08:00
Michael Gapczynski	6641af720d	Check if resharing is allowed by the admin, fixes issue #341	2012-11-10 00:31:52 -05:00
Arthur Schiwon	2d110f25f7	LDAP: check if search was successful (fixes a PHP warning), provide meaningful log output	2012-11-09 22:53:56 +01:00
Björn Schießle	39b6bb8a18	make function static	2012-11-09 13:13:11 +01:00
Thomas Mueller	7270be85a4	Revert "l10n support for user_webdavauth" This reverts commit `560d87e26a`.	2012-11-09 10:01:54 +01:00
Thomas Mueller	560d87e26a	l10n support for user_webdavauth	2012-11-09 09:54:11 +01:00
Arthur Schiwon	b3245ac327	LDAP: convert binary objectGUID-value to string before storing in DB	2012-11-08 23:01:28 +01:00
blizzz	a1a44a3582	Merge pull request #293 from owncloud/backport_ldap_improved_obj_existance_check Backport: ldap improved obj existance check	2012-11-08 12:34:38 -08:00
Lukas Reschke	da5c30efa2	Merge pull request #298 from eMerzh/fix_add_del_user2 Fix delete link when new user is added v2	2012-11-08 12:13:42 -08:00
Georg Ehrke	1ffcd33817	fix file delete in opera - fixes #188	2012-11-08 17:59:13 +01:00
Björn Schießle	9e0a6d86ba	make getFileSource static	2012-11-08 15:23:09 +01:00
Björn Schießle	501bb0afd6	if file gets modified, always remove etag for all shared folder to make sure that the sync client checks the shared folder for changes	2012-11-08 15:18:49 +01:00
Björn Schießle	5f7d053c3a	some more checks if file is a shared file	2012-11-08 15:18:35 +01:00
Björn Schießle	56c8976bac	introduce util.php for file sharing which provides functionallity which is also needed in other places, e.g. the webdav server	2012-11-08 15:18:24 +01:00
Björn Schießle	72d6c3246f	find correct source file and owner of shared files	2012-11-08 15:18:10 +01:00
Björn Schießle	166edb2cc1	start implementing a solution to fix broken etags for shared files	2012-11-08 15:17:53 +01:00
Frank Karlitschek	8b31081c52	backport fix for the user_webdavauth fix to stable45. approved master fix here: `6fba4ba87d`	2012-11-08 13:53:12 +01:00
Tom Needham	4619c662cc	Migration: Allow for no app data cases; handle file copying better	2012-11-08 11:39:30 +00:00
Tom Needham	e8a0ceacaf	Migration: On import of user accounts only import folders in home dir, use OC_Helper::copyr Check files when copying recursivley Remove obsolete method Dont count '.' and '..' as directories when importing.	2012-11-08 11:39:21 +00:00
Brice Maron	4802f21a9e	Fix deleting multiple user w-o reloading V2	2012-11-07 23:34:38 +00:00
Michael Gapczynski	9c88857364	Return empty array if file does not exist inside Shared folder, fixes issue #91	2012-11-07 17:15:09 -05:00
Robin Appelman	b71cc08ce1	normalize filepaths in OC_Files::getFileInfo	2012-11-07 22:51:45 +01:00
Robin Appelman	0741598f58	Revert "fix blocking drag & drop upload of folders" Fixes #150 This reverts commit `5b2f3c7f72`.	2012-11-07 22:00:37 +01:00
icewind1991	e29b0d099f	Merge pull request #297 from eMerzh/fix_useradd_287 Use attr instead of data to prevent a type convertion fix #287	2012-11-07 12:43:42 -08:00
Lukas Reschke	3fde72ea5c	Merge pull request #313 from owncloud/backport_fix_ldap_typo_set_not_get_value LDAP: fix typo in config value handling.	2012-11-07 08:44:31 -08:00
Brice Maron	d022b89063	Correct more data vs attr to fix #189	2012-11-07 16:43:19 +00:00
Daniel Molkentin	5b8155a578	Merge pull request #315 from owncloud/missing_path check if $path is a empty string	2012-11-07 08:21:58 -08:00
Björn Schießle	b7a50a4f6f	check if $path is a empty string	2012-11-07 17:15:13 +01:00
Robin Appelman	a606131a6a	Allow changing the way etags are generated	2012-11-07 17:03:59 +01:00
Daniel Molkentin	6b413b0d0f	Merge pull request #312 from owncloud/missing_path getAbsolutePath() always needs a parameter, added empty path as parameter to get the root path	2012-11-07 07:48:33 -08:00
Arthur Schiwon	693c535a94	LDAP: fix typo in config value handling.	2012-11-07 16:40:49 +01:00
Björn Schießle	a25cf8ba83	make root the default parameter for getAbsolutePath()	2012-11-07 16:39:56 +01:00
Björn Schießle	a15a99b304	getAbsolutePath() always needs a parameter, added empty path as parameter to get the root path	2012-11-07 16:23:57 +01:00
Björn Schießle	6e8f970999	urlencode file/dir to allow special characters in filename/path (issue #95 )	2012-11-07 14:57:17 +01:00
Robin Appelman	bbe0cf376f	fix user specific mount configuration	2012-11-07 14:10:06 +01:00
Thomas Müller	f660247b47	Merge pull request #292 from eMerzh/fix_quoting_fs Quick Fix quoting problem in fs mount. give Big DB error at least in PG	2012-11-07 03:47:30 -08:00
Brice Maron	1d2d2cf261	Fix delete link when new user is added	2012-11-06 22:02:46 +00:00
Brice Maron	50d5ca71d0	Use attr instead of data to prevent a type convertion fix #287	2012-11-06 20:32:24 +00:00
Brice Maron	189e8ab1e0	Fix quoting problem in fs mount. give Big DB error at least in PG	2012-11-06 18:40:45 +00:00
Lukas Reschke	dbbbfd4b2b	Merge pull request #284 from owncloud/backport_improve_files_update Backport: Improve performance of files update (on larger setups)	2012-11-06 08:03:44 -08:00
Lukas Reschke	ece4a843c0	Merge pull request #285 from owncloud/backport_fix_fe_mkdir_warning Backport: Fix mkdir and opendir warnings when path does not exist	2012-11-06 07:48:37 -08:00
Lorenzo M. Catucci	d62f138153	Return an empty array on succesful existence check	2012-11-06 16:43:53 +01:00
Lorenzo M. Catucci	7fc1276ac7	Return true or false from readAttribute if $attr is empty This way, readAttribute can act as an existence checker.	2012-11-06 16:43:36 +01:00
Arthur Schiwon	ba2bba0f66	Fix mkdir and opendir warnings when path does not exist	2012-11-06 13:21:52 +01:00
Arthur Schiwon	ab7561b2b6	prepare SQL query only once, that's what prepared statements are for. Should improve upgrade time with larger setups	2012-11-06 13:17:21 +01:00
Thomas Müller	3740ce2854	Merge pull request #283 from butonic/stable45 backport NAN undefined fix for total file size to stable45	2012-11-06 04:02:36 -08:00
Jörn Friedrich Dreyer	bfd53c5bd7	backport NAN undefined fix for total file size	2012-11-06 12:40:22 +01:00
Robin Appelman	9691d56713	support string values ('true' and 'false') for configuring the secure parameter on external storage backends fixes #78	2012-11-05 16:46:47 +01:00
Frank Karlitschek	92829e8f94	Merge branch 'stable45' of https://github.com/owncloud/core into stable45	2012-11-05 15:19:31 +01:00
Frank Karlitschek	c518f35e83	backport the approved fix from master to stable45	2012-11-05 15:18:20 +01:00
blizzz	3e57a44829	Merge pull request #254 from owncloud/ldap-stable45 Backport fix for #194 (LDAP: clear the cache not only when TTL changes, but with every settings update) to stable45	2012-11-05 05:48:34 -08:00
Arthur Schiwon	5cf1fd8aa9	code style	2012-11-05 14:34:08 +01:00
Arthur Schiwon	c64f579518	LDAP: clear the cache not only when TTL changes, but with every settings update. Fixes #194	2012-11-05 14:33:57 +01:00
Lukas Reschke	054c168b32	Remove uneeded debug output	2012-11-04 14:29:20 +01:00
Robin Appelman	f599267459	check for filename blacklist in OC_Filesystem::isValidPath	2012-11-03 00:25:33 +01:00
Robin Appelman	3cd416b667	fix OC_Filesystem::isValidPath when using \ instead of / in paths	2012-11-02 19:57:25 +01:00
Lukas Reschke	3139636906	Add CSRF check	2012-11-02 00:25:48 +01:00
Thomas Tanghus	0d349e331e	Merge branch 'stable45' of github.com:owncloud/core into stable45	2012-11-01 00:31:44 +01:00
Thomas Tanghus	51968cfd53	Backport pull request #112 .	2012-11-01 00:30:33 +01:00
Thomas Müller	21488bdd7e	Merge pull request #171 from owncloud/load_logging_apps load logging apps for webdav connections	2012-10-31 16:05:04 -07:00
Björn Schießle	3945f9cdb1	adapted comments to the code changes	2012-10-31 15:45:47 +01:00
Björn Schießle	de1b95c8e7	load logging apps for webdav connections	2012-10-31 14:12:09 +01:00
Lukas Reschke	725e733178	Backport of pull request #155 Send the requesttoken as form value Fixes #98	2012-10-31 13:00:13 +01:00
Robin Appelman	d226ed697e	add svg mimetype to default htaccess	2012-10-28 16:04:52 +01:00
Arthur Schiwon	77b57fbbfe	check if RUNTIME_NOAPPS is set before using it	2012-10-28 15:11:45 +01:00
Björn Schießle	0dc3ffd29a	added some visual feedback is password was set	2012-10-28 15:04:55 +01:00
Björn Schießle	10e45481be	set password if user leaves password field (issue #57 )	2012-10-28 15:04:41 +01:00
Georg Ehrke	bfb8436ca2	deny the usage of dots in database name	2012-10-28 14:13:34 +01:00
Arthur Schiwon	edf3503779	make sure all filesystem apps are loaded when setupFS is proceeded, to make sure the emmited setup-hook is received. Fixes #89	2012-10-28 13:49:33 +01:00
Björn Schießle	a98cfbe868	don't call $('#found_versions').chosen(); after opening the history drop-down since no version is selected at the beginning	2012-10-27 15:26:28 +02:00
Björn Schießle	12ea922389	fix broken paths in versions app	2012-10-27 15:25:41 +02:00
Björn Schießle	db6fc916cf	fix function documentation	2012-10-27 15:23:35 +02:00
Robin Appelman	46e9bf5678	possible fix for bombarding the server with the htaccess test during setup	2012-10-26 18:17:43 +02:00
Brice Maron	c6177d2629	Fix migration problems for postgresql with MDB2 fix owncloud/apps#21 Ref of MDB2 bug is 19676	2012-10-26 15:54:16 +00:00
Lukas Reschke	0399a88eb6	Check for iconv	2012-10-25 16:53:13 +02:00
Lukas Reschke	8f715e12a9	Allow any characters in the groupname Fixes #82	2012-10-25 11:55:54 +02:00
Arthur Schiwon	4b39ce5134	LDAP: fix again proper check if groups are enabled	2012-10-24 18:24:06 +02:00
Frank Karlitschek	53ae74200a	let´s do a 4.5.1a	2012-10-24 18:20:34 +02:00
Lukas Reschke	9f570345a5	urlencode	2012-10-24 18:12:50 +02:00
Lukas Reschke	5d866295d8	Revert "Fix urlencoding in the breadcrumb" This reverts commit `552aee93fa`.	2012-10-24 18:07:40 +02:00
Björn Schießle	9eae10b94a	normalize path	2012-10-24 17:23:36 +02:00
Björn Schießle	ca58aa1644	urldecode target directory	2012-10-24 15:38:00 +02:00
Björn Schießle	3b9c10dcf6	Shared files are not stored in the file cache. Therefore we need to use the share table from the db to find the item source if the public link re-shares a already shared file.	2012-10-24 12:48:58 +02:00
Arthur Schiwon	28e0fa7d1d	LDAP: properly check if Groups-feature is enabled	2012-10-24 00:22:04 +02:00
Frank Karlitschek	3833f2315a	4.5.1	2012-10-23 23:01:33 +02:00
Lukas Reschke	e65c3ef9c9	Urlencode the share URL Fixes #63	2012-10-23 17:58:05 +02:00
Lukas Reschke	552aee93fa	Fix urlencoding in the breadcrumb	2012-10-23 17:57:55 +02:00
Robin Appelman	1791fbdc49	use strtotime on non-nummeric times in oc_filesystem::touch	2012-10-23 16:34:58 +02:00
Arthur Schiwon	c2e3999f76	Files: urldecode urlencoded dir names, fixes oc-2111	2012-10-23 13:49:19 +02:00
Arthur Schiwon	677cec6e1c	get effective username after webdav login, fixes oc-2108	2012-10-23 13:37:22 +02:00
Arthur Schiwon	7435064cd3	LDAP: fix db update for Postgres	2012-10-23 00:19:47 +02:00
Arthur Schiwon	0c57d94467	LDAP: fix cache save and check, fixes oc-2118	2012-10-22 23:50:25 +02:00
Björn Schießle	366aeb7228	add parameter to specify user for which OC_Filesystem should be initialized. (needed to share files via public links where no user is logged in)	2012-10-22 14:52:59 +02:00
Björn Schießle	296884b24a	fix copy&paste error from previous commit	2012-10-22 13:53:55 +02:00
Björn Schießle	2e5ce9f4ec	don't call OC_Filesystem::normalizePath() but simply remove trailing slashes. (OC_Filesystem::normalizePath() triggers some strange side effects)	2012-10-22 11:48:30 +02:00
Arthur Schiwon	cc67ae9dbb	unset UserID after Update	2012-10-18 18:46:47 +02:00
Björn Schießle	71d33fa065	check if mount point was already loaded to avoid redundant read operations	2012-10-18 17:31:58 +02:00
Björn Schießle	db3b0b63da	typo from previous commit fixed	2012-10-18 17:13:05 +02:00
Björn Schießle	5433932bd4	load system wide configured mount points before accessing shared files	2012-10-18 17:09:31 +02:00
Björn Schießle	f5c6a22f17	check for mount points if file was shared from a different user	2012-10-18 16:38:36 +02:00
Bart Visscher	f47c64cec6	core.js and core.css don't need to be absolute	2012-10-17 10:52:35 +02:00
Michael Gapczynski	7feb0f737b	Fix unshareAll() Conflicts: lib/public/share.php	2012-10-16 22:35:48 +02:00
Lukas Reschke	5271c1a9ad	Delete user files in /data/ after deleting a user	2012-10-16 22:07:26 +02:00
scambra	ef3e5899c6	delete fscache on deleting user	2012-10-16 22:07:13 +02:00
Michael Gapczynski	badd2908b7	Add unshareAll() function to Share API	2012-10-16 21:53:54 +02:00
Lukas Reschke	3f3b92a149	Use `get_magic_quotes_gpc()` to determine if magic_quotes is enabled set_magic_quotes_runtime gives a PHP warning	2012-10-16 19:45:12 +02:00
Lukas Reschke	c3646f5554	"deny from all" instead directory	2012-10-16 15:57:15 +02:00
Lukas Reschke	a97d73d616	Show a warning in the installer if .htaccess is not working	2012-10-16 15:56:56 +02:00
Lukas Reschke	50684a5a34	Set oc_token to httponly	2012-10-16 13:58:00 +02:00
Björn Schießle	f06467b95b	normalize path to avoid problems with trailing slashes, double-slashes, etc.	2012-10-16 12:46:39 +02:00
Lukas Reschke	9faae4b71c	Use /dev/urandom instead of /dev/random The usage of /dev/urandom is enough secure	2012-10-15 19:22:49 +02:00
Arthur Schiwon	e49d5a5f9a	LDAP: fix retrieval of Quota and Email	2012-10-15 18:46:42 +02:00
Arthur Schiwon	ed10a5de5b	make files_versions use OC_User::getHome, fixes 'PHP Warning: Missing argument 1 for OC_FilesystemView::getAbsolutePath' with custom user home dirs	2012-10-15 18:11:22 +02:00
Arthur Schiwon	e8b84145e8	LDAP: check if index is set, fix Notices	2012-10-15 17:16:47 +02:00
Lukas Reschke	38f8734014	Show a warning in the installer if no secure RNG is available	2012-10-14 17:21:52 +02:00
Lukas Reschke	a10564e214	Fallback to /dev/random if openssl_random_pseudo_bytes not available	2012-10-14 16:15:54 +02:00
Lukas Reschke	ecef3b6b98	Doublehash the token to prevent timing attacks	2012-10-14 12:13:29 +02:00
Robin Appelman	e65ea6a8b7	don't increase the size of the users home folder twice	2012-10-13 14:32:58 +02:00
Robin Appelman	7139de2a6e	the Shared folder is no longer in the cache	2012-10-13 14:32:23 +02:00
Lukas Reschke	b5403de5e5	Fix the require path	2012-10-13 01:13:06 +02:00
Michael Gapczynski	0966f1358b	Manually change appconfig value for share policy so tests work correctly	2012-10-12 21:05:00 +02:00
Björn Schießle	a0ac64cbd6	remove unneeded variable	2012-10-12 17:40:57 +02:00
Björn Schießle	b03b6dfb99	check if directory already exist before executing mkdir	2012-10-12 17:40:45 +02:00
Björn Schießle	c11f9833ac	fix bug #1977 : remove etags from database after version rollback so that the client can detect the changes	2012-10-12 17:39:56 +02:00
Robin Appelman	9ee34ef6b3	fix blocking drag & drop upload of folders	2012-10-12 15:30:48 +02:00
Robin Appelman	df7e519159	don't throw errors if certificate folder doesn't exist	2012-10-12 14:53:29 +02:00
Lukas Reschke	5e60812ad4	Update fullcalendar to 1.5.4	2012-10-12 14:34:01 +02:00
Lukas Reschke	1263604703	Sanitize user input	2012-10-12 14:08:06 +02:00
Lukas Reschke	5904db580f	Sanitize user input	2012-10-12 14:04:09 +02:00
Lukas Reschke	1960067926	escapeHTML function	2012-10-12 14:04:09 +02:00
Lukas Reschke	33bd9ecd9d	Sanitize user input	2012-10-12 14:04:09 +02:00
Robin Appelman	7f7c1fcccf	fix storage test case	2012-10-11 22:39:20 +02:00
Robin Appelman	34fdd0e839	supress some warning in cloudfiles library	2012-10-11 22:24:31 +02:00
Robin Appelman	9de4eccd99	remove ctime tests for filestorage, ctime will be removed from the storage api in the future	2012-10-11 22:24:26 +02:00
Robin Appelman	a0847dc852	normalize paths for dir and statcache in smb stream wrapper	2012-10-11 22:24:13 +02:00
Robin Appelman	87a3145ba1	fix filetype for smb storage backend	2012-10-11 22:24:07 +02:00
Robin Appelman	85e236d798	fix webdav storage backend when trying to open a non existing file for reading	2012-10-11 22:24:01 +02:00
Robin Appelman	cb4c3d7a9e	skip the files_external test cases the correct way	2012-10-11 22:23:54 +02:00
Robin Appelman	e55fc87ad3	some test cases for fopen of storage backends	2012-10-11 22:23:30 +02:00
Robin Appelman	5398dea0df	code style	2012-10-11 22:23:19 +02:00
Benjamin Liles	e0eb6bbd28	Various bug fixes for swift	2012-10-11 22:22:08 +02:00
Björn Schießle	822b323f8e	add *.ai files to the mimetypes list	2012-10-11 16:15:05 +02:00
Björn Schießle	c1f645cd5f	generate correct link for shared files and shared directories	2012-10-11 13:47:02 +02:00
Björn Schießle	f1d9359acf	don't show the share action in the file view for publically shared files.	2012-10-11 10:23:39 +02:00
Björn Schießle	550e774db2	fix missing dir creation for file versions (OC_Filesystemview::mkdir doesn't work here because it doesn't create directories recursively)	2012-10-11 10:22:55 +02:00
Björn Schießle	e23b06ec8c	extract the right parent directory from the path add parent directory to the file cache if it does not exist yet.	2012-10-11 10:21:23 +02:00
Lukas Reschke	4f8b8a8a59	Correct indentation	2012-10-10 19:11:09 +02:00
Lukas Reschke	c06d71e662	Send a HSTS HTTP header to enforce SSL	2012-10-10 18:56:29 +02:00
Lukas Reschke	cce43652f0	Disallow users to delete their own accounts	2012-10-10 18:07:05 +02:00
Björn Schießle	9f0a4c8edb	only check if #dropdown hasClass drop-versions if a drop down is open. Otherwise it will never open the history drop-down	2012-10-10 13:49:43 +02:00
Michael Gapczynski	f571cfbf71	Fix closing the sharing dropdown by clicking on the share button	2012-10-09 12:42:49 -04:00