Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>

Signed-off-by: Joas Schilling <coding@schilljs.com>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

* found while reviewing #7205
* allow to specify a special status code

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Just to avoid users from trying this with a to new (untested) php version

* Moved the check logic to 1 place
* All directly callable scripts just require this on top
* exit hard (-1) so we know scripts won't continue
* Return status 500 so no sync clients will try fancy stuff

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Single user mode basically disables WebDAV, OCS and cron execution. Since
we heavily rely on WebDAV and OCS also in the web UI it's basically useless.
An admin only sees a broken interface and can't even change any settings nor
sees any files. Also sharing is not possible.

As this is at least the case since Nextcloud 9 and we haven't received any
reports for this it seems that this feature is not used at all so I removed it.

The encryption commands now rely on the well tested maintenance mode.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Signed-off-by: Joas Schilling <coding@schilljs.com>

This reverts commit 854352d9.

* Initial web executor

* Fix PHPDoc

Fix broken integration test

OccControllerTests do not require database access - moch them all!

Kill unused sprintf

This reverts commit 6a1a4880.

`server` is completely wrong here and this will not work on master. With `getParam` it will work fine though.

Testplan:
- [ ] Without patch: Share a file and try to access `http://localhost/public.php?service=files&t=THESHAREDTOKEN` => Fails
- [ ] With patch: Try the same => Works

Master only.

This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.

This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.

Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.

Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969

To prevent unexpected behavior, public.php and the OCS API calls will
return 503 Service Unavailable when an upgrade is due.

The getfile routing code was absolutely legacy and not needed anymore. Additionally \OC::$REQUESTEDAPP was never set to the actually accessed application.

This commit removes the legacy routing code and ensures that $REQUESTEDAPP is always set so that other applications (e.g. the firewall or a two-factor authentication) can intercept the currently accessed app.

Testplan:
[x] Installation works
[x] Login with DB works
[x] Logout works
[x] Login with alternate backend works (tested with user_webdavauth)
[x] Other apps are accessible
[x] Redirect on login works (e.g. index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fapps%3Finstalled)
[x] Personal settings are accessible
[x] Admin settings are accessible
[x] Sharing files works
[x] DAV works
[x] OC::$REQUESTEDAPP contains the requested application and can be intercepted by other applications

This can be enabled by setting 'singleuser' to true in config.php

set incognito mode for public.php calls. Because in this case ownCloud should always work the same way as if no user is logged in