Inspection of "by default, hide expired and revoked certificates..." - GEANT/CAT - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — release_2_0 ( fa3352...eda638 )

by Stefan

created 2019-07-10 13:59 UTC

Status

Spacing +52 added lines, -52 removed lines patch added patch discarded remove patch

@@ -20,8 +20,8 @@  discard block
 block discarded – undo
 /*
  * Class autoloader invocation, should be included prior to any other code at the entry points to the application
  */
-require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php";
-require_once dirname(dirname(dirname(__FILE__))) . "/core/phpqrcode.php";
+require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php";
+require_once dirname(dirname(dirname(__FILE__)))."/core/phpqrcode.php";
 const QRCODE_PIXELS_PER_SYMBOL = 12;
 
 $auth = new \web\lib\admin\Authentication();
@@ -55,7 +55,7 @@  discard block
 block discarded – undo
     $fed = new \core\Federation($inst->federation);
     $allowSb = $fed->getAttributes("fed:silverbullet");
     if (count($allowSb) == 0) {
-        throw new Exception("We were told to create a new SB profile, but this " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_federation'] . " does not allow SB at all!");
+        throw new Exception("We were told to create a new SB profile, but this ".CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_federation']." does not allow SB at all!");
     }
     // okay, new SB profiles are allowed. 
     // but is there a support:email attribute on inst level?
@@ -66,7 +66,7 @@  discard block
 block discarded – undo
     // Create one.
     $newProfile = $inst->newProfile(core\AbstractProfile::PROFILETYPE_SILVERBULLET);
     // and modify the REQUEST_URI to add the new profile ID
-    $_SERVER['REQUEST_URI'] = $_SERVER['REQUEST_URI'] . "&profile_id=" . $newProfile->identifier;
+    $_SERVER['REQUEST_URI'] = $_SERVER['REQUEST_URI']."&profile_id=".$newProfile->identifier;
     $_GET['profile_id'] = $newProfile->identifier;
     $profile = $newProfile;
 } else {
@@ -91,7 +91,7 @@  discard block
 block discarded – undo
 if (isset($_POST['command'])) {
     switch ($_POST['command']) {
         case \web\lib\common\FormElements::BUTTON_CLOSE:
-            header("Location: overview_idp.php?inst_id=" . $inst->identifier);
+            header("Location: overview_idp.php?inst_id=".$inst->identifier);
             break;
         case \web\lib\common\FormElements::BUTTON_TERMSOFUSE:
             if (isset($_POST['agreement']) && $_POST['agreement'] == 'true') {
@@ -134,7 +134,7 @@  discard block
 block discarded – undo
                         break;
                     }
                     $properName = $validator->User($elements[0]);
-                    $properDate = new DateTime($elements[1] . " 00:00:00");
+                    $properDate = new DateTime($elements[1]." 00:00:00");
                     $numberOfActivations = $elements[2] ?? 1;
                     $number = $validator->integer($numberOfActivations);
                     if ($number === FALSE) { // invalid input received, default to sane
@@ -227,18 +227,18 @@  discard block
 block discarded – undo
                     // warn and ask for confirmation unless already confirmed
                     if (!isset($_POST['insecureconfirm']) || $_POST['insecureconfirm'] != "CONFIRM") {
                         echo $deco->pageheader(_("Insecure mail domain!"), "ADMIN-IDP-USERS");
-                        echo "<p>" . sprintf(_("The mail domain of the mail address <strong>%s</strong> is not secure: some or all of the mail servers are not accepting encrypted connections (no consistent support for STARTTLS)."), $properEmail) . "</p>";
-                        echo "<p>" . _("The invitation would need to be sent in cleartext across the internet, and can possibly be read and abused by anyone in transit.") . "</p>";
-                        echo "<p>" . _("Do you want the system to send this mail anyway?") . "</p>";
+                        echo "<p>".sprintf(_("The mail domain of the mail address <strong>%s</strong> is not secure: some or all of the mail servers are not accepting encrypted connections (no consistent support for STARTTLS)."), $properEmail)."</p>";
+                        echo "<p>"._("The invitation would need to be sent in cleartext across the internet, and can possibly be read and abused by anyone in transit.")."</p>";
+                        echo "<p>"._("Do you want the system to send this mail anyway?")."</p>";
                         echo $formtext;
-                        echo "<button type='submit' class='delete'>" . _("DO NOT SEND") . "</button>";
+                        echo "<button type='submit' class='delete'>"._("DO NOT SEND")."</button>";
                         echo "</form>";
                         echo $formtext;
-                        echo "<input type='hidden' name='command' value='" . \web\lib\common\FormElements::BUTTON_SENDINVITATIONMAILBYCAT . "'</>";
+                        echo "<input type='hidden' name='command' value='".\web\lib\common\FormElements::BUTTON_SENDINVITATIONMAILBYCAT."'</>";
                         echo "<input type='hidden' name='address' value='$properEmail'</>";
-                        echo "<input type='hidden' name='token' value='" . $invitationObject->invitationTokenString . "'</>";
+                        echo "<input type='hidden' name='token' value='".$invitationObject->invitationTokenString."'</>";
                         echo "<input type='hidden' name='insecureconfirm' value='CONFIRM'/>";
-                        echo "<button type='submit'>" . _("Send anyway.") . "</button>";
+                        echo "<button type='submit'>"._("Send anyway.")."</button>";
                         echo "</form>";
                         echo $deco->footer();
                         exit;
@@ -348,19 +348,19 @@  discard block
 block discarded – undo
         case "NOSTIPULATION":
             break;
         case "EMAIL-SENT":
-            echo $boundaryPre . $uiElements->boxOkay(_("The e-mail was sent successfully."), _("E-mail OK."), FALSE) . $boundaryPost;
+            echo $boundaryPre.$uiElements->boxOkay(_("The e-mail was sent successfully."), _("E-mail OK."), FALSE).$boundaryPost;
             break;
         case "EMAIL-NOTSENT":
-            echo $boundaryPre . $uiElements->boxError(_("The e-mail was NOT sent."), _("E-mail not OK."), FALSE) . $boundaryPost;
+            echo $boundaryPre.$uiElements->boxError(_("The e-mail was NOT sent."), _("E-mail not OK."), FALSE).$boundaryPost;
             break;
         case "SMS-SENT":
-            echo $boundaryPre . $uiElements->boxOkay(_("The SMS was sent successfully."), _("SMS OK."), FALSE) . $boundaryPost;
+            echo $boundaryPre.$uiElements->boxOkay(_("The SMS was sent successfully."), _("SMS OK."), FALSE).$boundaryPost;
             break;
         case "SMS-NOTSENT":
-            echo $boundaryPre . $uiElements->boxOkay(_("The SMS was NOT sent."), _("SMS not OK."), FALSE) . $boundaryPost;
+            echo $boundaryPre.$uiElements->boxOkay(_("The SMS was NOT sent."), _("SMS not OK."), FALSE).$boundaryPost;
             break;
         case "SMS-FRAGMENT":
-            echo $boundaryPre . $uiElements->boxWarning(_("Only a fragment of the SMS was sent. You should re-send it."), _("SMS Fragment."), FALSE) . $boundaryPost;
+            echo $boundaryPre.$uiElements->boxWarning(_("Only a fragment of the SMS was sent. You should re-send it."), _("SMS Fragment."), FALSE).$boundaryPost;
             break;
     }
     ?>
@@ -428,23 +428,23 @@  discard block
 block discarded – undo
                                 $display = empty(devices\Devices::listDevices()[$oneCert->device]['display']) ? $oneCert->device : devices\Devices::listDevices()[$oneCert->device]['display'];
 
                                 $bufferText = "<div class='sb-certificate-summary ca-summary' $style>
-                                    <div class='sb-certificate-details'>" . _("Device:") . " " . $display .
-                                        "<br>" . _("Serial Number:") . "&nbsp;" . dechex($oneCert->serial) .
-                                        "<br>" . _("CN:") . "&nbsp;" . explode('@', $oneCert->username)[0] . "@…" .
-                                        "<br>" . _("Expiry:") . "&nbsp;" . $oneCert->expiry .
-                                        "<br>" . _("Issued:") . "&nbsp;" . $oneCert->issued .
-                                        "</div>" .
+                                    <div class='sb-certificate-details'>"._("Device:")." ".$display.
+                                        "<br>"._("Serial Number:")."&nbsp;".dechex($oneCert->serial).
+                                        "<br>"._("CN:")."&nbsp;".explode('@', $oneCert->username)[0]."@…".
+                                        "<br>"._("Expiry:")."&nbsp;".$oneCert->expiry.
+                                        "<br>"._("Issued:")."&nbsp;".$oneCert->issued.
+                                        "</div>".
                                         "<div style='text-align:right;padding-top: 5px; $buttonStyle'>";
 
                                 if ($buttonText == "") {
                                     $bufferText .= $formtext
-                                            . "<input type='hidden' name='certSerial' value='" . $oneCert->serial . "'/>"
-                                            . "<input type='hidden' name='certAlgo' value='" . $oneCert->ca_type . "'/>"
+                                            . "<input type='hidden' name='certSerial' value='".$oneCert->serial."'/>"
+                                            . "<input type='hidden' name='certAlgo' value='".$oneCert->ca_type."'/>"
                                             . "<button type='submit' "
                                             . "name='command' "
-                                            . "value='" . \web\lib\common\FormElements::BUTTON_REVOKECREDENTIAL . "' "
+                                            . "value='".\web\lib\common\FormElements::BUTTON_REVOKECREDENTIAL."' "
                                             . "class='delete' "
-                                            . "onclick='return confirm(\"" . sprintf(_("The device in question will stop functioning with %s. The revocation cannot be undone. Are you sure you want to do this?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) . "\")'>"
+                                            . "onclick='return confirm(\"".sprintf(_("The device in question will stop functioning with %s. The revocation cannot be undone. Are you sure you want to do this?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'])."\")'>"
                                             . _("Revoke")
                                             . "</button>"
                                             . "</form>";
@@ -469,13 +469,13 @@  discard block
 block discarded – undo
                             }
                             // wrap the revoked and expired certs in a div that is hidden by default
                             if ($textRevokedCerts !== "") {
-                                $textRevokedCerts = "<span style='text-decoration: underline;' id='$oneUserId-revoked-heading' onclick='document.getElementById(\"$oneUserId-revoked-certs\").style.display = \"block\"; document.getElementById(\"$oneUserId-revoked-heading\").style.display = \"none\";'>" . sprintf(ngettext("(show %d revoked certificate)", "(show %d revoked certificates)", $countRevoked), $countRevoked) . "</span><div id='$oneUserId-revoked-certs' style='display:none;'>" . $textRevokedCerts . "</div>";
+                                $textRevokedCerts = "<span style='text-decoration: underline;' id='$oneUserId-revoked-heading' onclick='document.getElementById(\"$oneUserId-revoked-certs\").style.display = \"block\"; document.getElementById(\"$oneUserId-revoked-heading\").style.display = \"none\";'>".sprintf(ngettext("(show %d revoked certificate)", "(show %d revoked certificates)", $countRevoked), $countRevoked)."</span><div id='$oneUserId-revoked-certs' style='display:none;'>".$textRevokedCerts."</div>";
                             }
                             if ($textExpiredCerts !== "") {
-                                $textExpiredCerts = "<span style='text-decoration: underline;' id='$oneUserId-expired-heading' onclick='document.getElementById(\"$oneUserId-expired-certs\").style.display = \"block\"; document.getElementById(\"$oneUserId-expired-heading\").style.display = \"none\";'>" . sprintf(ngettext("(show %d expired certificate)", "(show %d expired certificates)", $countExpired), $countExpired) . "</span><div id='$oneUserId-expired-certs' style='display:none;'>" . $textExpiredCerts . "</div>";
+                                $textExpiredCerts = "<span style='text-decoration: underline;' id='$oneUserId-expired-heading' onclick='document.getElementById(\"$oneUserId-expired-certs\").style.display = \"block\"; document.getElementById(\"$oneUserId-expired-heading\").style.display = \"none\";'>".sprintf(ngettext("(show %d expired certificate)", "(show %d expired certificates)", $countExpired), $countExpired)."</span><div id='$oneUserId-expired-certs' style='display:none;'>".$textExpiredCerts."</div>";
                             }
                             // and push out the HTML
-                            echo $textActiveCerts . "<br/>" . $textExpiredCerts . " " . $textRevokedCerts;
+                            echo $textActiveCerts."<br/>".$textExpiredCerts." ".$textRevokedCerts;
                             ?>
                         </td>
 
@@ -490,38 +490,38 @@  discard block
 block discarded – undo
                                     $tokenHtmlBuffer .= "<tr class='sb-certificate-row'><td></td>";
                                     $jsEncodedBody = str_replace('\n', '%0D%0A', str_replace('"', '', json_encode($invitationObject->invitationMailBody())));
                                     $tokenHtmlBuffer .= "<td>";
-                                    $tokenHtmlBuffer .= sprintf(_("The invitation token %s is ready for sending! Choose how to send it:"), "<input type='text' readonly='readonly' style='background-color:lightgrey;' size='60' value='" . $invitationObject->link() . "' name='token' class='identifiedtokenarea-" . $invitationObject->identifier . "'>(…)<br/>");
+                                    $tokenHtmlBuffer .= sprintf(_("The invitation token %s is ready for sending! Choose how to send it:"), "<input type='text' readonly='readonly' style='background-color:lightgrey;' size='60' value='".$invitationObject->link()."' name='token' class='identifiedtokenarea-".$invitationObject->identifier."'>(…)<br/>");
                                     $tokenHtmlBuffer .= "<table>
-                                    <tr><td style='vertical-align:bottom;'>" . _("E-Mail:") . "</td><td>
+                                    <tr><td style='vertical-align:bottom;'>" . _("E-Mail:")."</td><td>
                                     $formtext
-                                <input type='hidden' value='" . $invitationObject->invitationTokenString . "' name='token'><br/>
+                                <input type='hidden' value='".$invitationObject->invitationTokenString."' name='token'><br/>
                                 <input type='text' name='address' id='address-$invitationObject->identifier'/>
-                                <button type='button' onclick='window.location=\"mailto:\"+document.getElementById(\"address-$invitationObject->identifier\").value+\"?subject=" . $invitationObject->invitationMailSubject() . "&amp;body=$jsEncodedBody\"; return false;'>" . _("Local mail client") . "</button>
-                                <button type='submit' name='command' onclick='document.getElementById(\"spin\").style.display =\"block\"' value='" . \web\lib\common\FormElements::BUTTON_SENDINVITATIONMAILBYCAT . "'>" . _("Send with CAT") . "</button>
+                                <button type='button' onclick='window.location=\"mailto:\"+document.getElementById(\"address-$invitationObject->identifier\").value+\"?subject=".$invitationObject->invitationMailSubject()."&amp;body=$jsEncodedBody\"; return false;'>"._("Local mail client")."</button>
+                                <button type='submit' name='command' onclick='document.getElementById(\"spin\").style.display =\"block\"' value='" . \web\lib\common\FormElements::BUTTON_SENDINVITATIONMAILBYCAT."'>"._("Send with CAT")."</button>
                                     </form>
                                     </td></tr>
-                                    <tr><td style='vertical-align:bottom;'>" . _("SMS:") . "</td><td>
+                                    <tr><td style='vertical-align:bottom;'>" . _("SMS:")."</td><td>
                                     $formtext
-                                    <input type='hidden' value='" . $invitationObject->invitationTokenString . "' name='token'><br/>
+                                    <input type='hidden' value='".$invitationObject->invitationTokenString."' name='token'><br/>
                                     <input type='text' name='smsnumber' />
-				<button type='submit' name='command' value='" . \web\lib\common\FormElements::BUTTON_SENDINVITATIONSMS . "'>" . _("Send in SMS...") . "</button>
+				<button type='submit' name='command' value='" . \web\lib\common\FormElements::BUTTON_SENDINVITATIONSMS."'>"._("Send in SMS...")."</button>
                                     </form>
 				</td></tr>
-                                    <tr><td style='vertical-align:bottom;'>" . _("Manual:") . "</td><td>
-				<button type='button' class='clipboardButton' onclick='clipboardCopy(" . $invitationObject->identifier . ");'>" . _("Copy to Clipboard") . "</button>
+                                    <tr><td style='vertical-align:bottom;'>" . _("Manual:")."</td><td>
+				<button type='button' class='clipboardButton' onclick='clipboardCopy(" . $invitationObject->identifier.");'>"._("Copy to Clipboard")."</button>
                                     <form style='display:inline-block;' method='post' action='inc/displayQRcode.inc.php' onsubmit='popupQRWindow(this); return false;' accept-charset='UTF-8'>
-                                    <input type='hidden' value='" . $invitationObject->invitationTokenString . "' name='token'><br/>
-                                      <button type='submit'>" . _("Display QR code") . "</button>
+                                    <input type='hidden' value='" . $invitationObject->invitationTokenString."' name='token'><br/>
+                                      <button type='submit'>" . _("Display QR code")."</button>
                                   </form>
                                         </td></tr>
                                         
                                 </table>
                                 </td>";
-                                    $tokenHtmlBuffer .= "<td>" . _("Expiry Date:") . " " . $invitationObject->expiry . " UTC<br>" . _("Activations remaining:") . " " . sprintf(_("%d of %d"), $invitationObject->activationsRemaining, $invitationObject->activationsTotal) . "</td>";
+                                    $tokenHtmlBuffer .= "<td>"._("Expiry Date:")." ".$invitationObject->expiry." UTC<br>"._("Activations remaining:")." ".sprintf(_("%d of %d"), $invitationObject->activationsRemaining, $invitationObject->activationsTotal)."</td>";
                                     $tokenHtmlBuffer .= "<td>"
                                             . $formtext
-                                            . "<input type='hidden' name='invitationtoken' value='" . $invitationObject->invitationTokenString . "'/>"
-                                            . "<button type='submit' name='command' value='" . \web\lib\common\FormElements::BUTTON_REVOKEINVITATION . "' class='delete'>" . _("Revoke") . "</button></form>"
+                                            . "<input type='hidden' name='invitationtoken' value='".$invitationObject->invitationTokenString."'/>"
+                                            . "<button type='submit' name='command' value='".\web\lib\common\FormElements::BUTTON_REVOKEINVITATION."' class='delete'>"._("Revoke")."</button></form>"
                                             . "</td></tr>";
                                     break;
                                 case core\SilverbulletInvitation::SB_TOKENSTATUS_EXPIRED:
@@ -551,13 +551,13 @@  discard block
 block discarded – undo
                                 <?php
                                 if ($hasOnePendingInvite || count($validCerts) > 0) {
                                     $deletionText = sprintf(_("All of the currently active devices will stop functioning with %s. This cannot be undone. While the user can be re-activated later, they will then need to be re-provisioned with new invitation tokens. Are you sure you want to do this?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']);
-                                    echo $formtext . "
+                                    echo $formtext."
                                     <input type='hidden' name='userid' value='$oneUserId'/>
                                     <button type='submit' "
                                     . "name='command' "
-                                    . "value='" . \web\lib\common\FormElements::BUTTON_DEACTIVATEUSER . "' "
+                                    . "value='".\web\lib\common\FormElements::BUTTON_DEACTIVATEUSER."' "
                                     . "class='delete' "
-                                    . ( count($validCerts) > 0 ? "onclick='return confirm(\"" . $deletionText . "\")' " : "" )
+                                    . (count($validCerts) > 0 ? "onclick='return confirm(\"".$deletionText."\")' " : "")
                                     . ">"
                                     . _("Deactivate User")
                                     . "</button>
@@ -596,13 +596,13 @@  discard block
 block discarded – undo
                                     . ' If all accounts shown as active above are indeed still valid, please check the box below and push "Save".'
                                     . ' If any of the accounts are stale, please deactivate them by pushing the corresponding button before doing this.'), CONFIG_CONFASSISTANT['SILVERBULLET']['gracetime'] ?? core\ProfileSilverbullet::SB_ACKNOWLEDGEMENT_REQUIRED_DAYS);
 
-                    echo $formtext . "<div style='padding-bottom: 20px;'>"
+                    echo $formtext."<div style='padding-bottom: 20px;'>"
                     . "
                     <p>$acknowledgeText</p>
                     <input type='checkbox' name='acknowledge' value='true'>
-                    <label>" . sprintf(_("I have verified that all configured users are still eligible for %s."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) . "</label>
+                    <label>".sprintf(_("I have verified that all configured users are still eligible for %s."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'])."</label>
                 </div>
-                <button type='submit' name='command' value='" . \web\lib\common\FormElements::BUTTON_ACKUSERELIGIBILITY . "'>" . _("Save") . "</button></form>";
+                <button type='submit' name='command' value='" . \web\lib\common\FormElements::BUTTON_ACKUSERELIGIBILITY."'>"._("Save")."</button></form>";
                 }
                 ?>
             </div>

Please login to merge, or discard this patch.

		@@ -20,8 +20,8 @@ discard block
		block discarded – undo
20	20	/*
21	21	* Class autoloader invocation, should be included prior to any other code at the entry points to the application
22	22	*/
23		-require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php";
24		-require_once dirname(dirname(dirname(__FILE__))) . "/core/phpqrcode.php";
	23	+require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php";
	24	+require_once dirname(dirname(dirname(__FILE__)))."/core/phpqrcode.php";
25	25	const QRCODE_PIXELS_PER_SYMBOL = 12;
26	26
27	27	$auth = new \web\lib\admin\Authentication();
		@@ -55,7 +55,7 @@ discard block
		block discarded – undo
55	55	$fed = new \core\Federation($inst->federation);
56	56	$allowSb = $fed->getAttributes("fed:silverbullet");
57	57	if (count($allowSb) == 0) {
58		- throw new Exception("We were told to create a new SB profile, but this " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_federation'] . " does not allow SB at all!");
	58	+ throw new Exception("We were told to create a new SB profile, but this ".CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_federation']." does not allow SB at all!");
59	59	}
60	60	// okay, new SB profiles are allowed.
61	61	// but is there a support:email attribute on inst level?
		@@ -66,7 +66,7 @@ discard block
		block discarded – undo
66	66	// Create one.
67	67	$newProfile = $inst->newProfile(core\AbstractProfile::PROFILETYPE_SILVERBULLET);
68	68	// and modify the REQUEST_URI to add the new profile ID
69		- $_SERVER['REQUEST_URI'] = $_SERVER['REQUEST_URI'] . "&profile_id=" . $newProfile->identifier;
	69	+ $_SERVER['REQUEST_URI'] = $_SERVER['REQUEST_URI']."&profile_id=".$newProfile->identifier;
70	70	$_GET['profile_id'] = $newProfile->identifier;
71	71	$profile = $newProfile;
72	72	} else {
		@@ -91,7 +91,7 @@ discard block
		block discarded – undo
91	91	if (isset($_POST['command'])) {
92	92	switch ($_POST['command']) {
93	93	case \web\lib\common\FormElements::BUTTON_CLOSE:
94		- header("Location: overview_idp.php?inst_id=" . $inst->identifier);
	94	+ header("Location: overview_idp.php?inst_id=".$inst->identifier);
95	95	break;
96	96	case \web\lib\common\FormElements::BUTTON_TERMSOFUSE:
97	97	if (isset($_POST['agreement']) && $_POST['agreement'] == 'true') {
		@@ -134,7 +134,7 @@ discard block
		block discarded – undo
134	134	break;
135	135	}
136	136	$properName = $validator->User($elements[0]);
137		- $properDate = new DateTime($elements[1] . " 00:00:00");
	137	+ $properDate = new DateTime($elements[1]." 00:00:00");
138	138	$numberOfActivations = $elements[2] ?? 1;
139	139	$number = $validator->integer($numberOfActivations);
140	140	if ($number === FALSE) { // invalid input received, default to sane
		@@ -227,18 +227,18 @@ discard block
		block discarded – undo
227	227	// warn and ask for confirmation unless already confirmed
228	228	if (!isset($_POST['insecureconfirm']) \|\| $_POST['insecureconfirm'] != "CONFIRM") {
229	229	echo $deco->pageheader(_("Insecure mail domain!"), "ADMIN-IDP-USERS");
230		- echo "<p>" . sprintf(_("The mail domain of the mail address <strong>%s</strong> is not secure: some or all of the mail servers are not accepting encrypted connections (no consistent support for STARTTLS)."), $properEmail) . "</p>";
231		- echo "<p>" . _("The invitation would need to be sent in cleartext across the internet, and can possibly be read and abused by anyone in transit.") . "</p>";
232		- echo "<p>" . _("Do you want the system to send this mail anyway?") . "</p>";
	230	+ echo "<p>".sprintf(_("The mail domain of the mail address <strong>%s</strong> is not secure: some or all of the mail servers are not accepting encrypted connections (no consistent support for STARTTLS)."), $properEmail)."</p>";
	231	+ echo "<p>"._("The invitation would need to be sent in cleartext across the internet, and can possibly be read and abused by anyone in transit.")."</p>";
	232	+ echo "<p>"._("Do you want the system to send this mail anyway?")."</p>";
233	233	echo $formtext;
234		- echo "<button type='submit' class='delete'>" . _("DO NOT SEND") . "</button>";
	234	+ echo "<button type='submit' class='delete'>"._("DO NOT SEND")."</button>";
235	235	echo "</form>";
236	236	echo $formtext;
237		- echo "<input type='hidden' name='command' value='" . \web\lib\common\FormElements::BUTTON_SENDINVITATIONMAILBYCAT . "'</>";
	237	+ echo "<input type='hidden' name='command' value='".\web\lib\common\FormElements::BUTTON_SENDINVITATIONMAILBYCAT."'</>";
238	238	echo "<input type='hidden' name='address' value='$properEmail'</>";
239		- echo "<input type='hidden' name='token' value='" . $invitationObject->invitationTokenString . "'</>";
	239	+ echo "<input type='hidden' name='token' value='".$invitationObject->invitationTokenString."'</>";
240	240	echo "<input type='hidden' name='insecureconfirm' value='CONFIRM'/>";
241		- echo "<button type='submit'>" . _("Send anyway.") . "</button>";
	241	+ echo "<button type='submit'>"._("Send anyway.")."</button>";
242	242	echo "</form>";
243	243	echo $deco->footer();
244	244	exit;
		@@ -348,19 +348,19 @@ discard block
		block discarded – undo
348	348	case "NOSTIPULATION":
349	349	break;
350	350	case "EMAIL-SENT":
351		- echo $boundaryPre . $uiElements->boxOkay(_("The e-mail was sent successfully."), _("E-mail OK."), FALSE) . $boundaryPost;
	351	+ echo $boundaryPre.$uiElements->boxOkay(_("The e-mail was sent successfully."), _("E-mail OK."), FALSE).$boundaryPost;
352	352	break;
353	353	case "EMAIL-NOTSENT":
354		- echo $boundaryPre . $uiElements->boxError(_("The e-mail was NOT sent."), _("E-mail not OK."), FALSE) . $boundaryPost;
	354	+ echo $boundaryPre.$uiElements->boxError(_("The e-mail was NOT sent."), _("E-mail not OK."), FALSE).$boundaryPost;
355	355	break;
356	356	case "SMS-SENT":
357		- echo $boundaryPre . $uiElements->boxOkay(_("The SMS was sent successfully."), _("SMS OK."), FALSE) . $boundaryPost;
	357	+ echo $boundaryPre.$uiElements->boxOkay(_("The SMS was sent successfully."), _("SMS OK."), FALSE).$boundaryPost;
358	358	break;
359	359	case "SMS-NOTSENT":
360		- echo $boundaryPre . $uiElements->boxOkay(_("The SMS was NOT sent."), _("SMS not OK."), FALSE) . $boundaryPost;
	360	+ echo $boundaryPre.$uiElements->boxOkay(_("The SMS was NOT sent."), _("SMS not OK."), FALSE).$boundaryPost;
361	361	break;
362	362	case "SMS-FRAGMENT":
363		- echo $boundaryPre . $uiElements->boxWarning(_("Only a fragment of the SMS was sent. You should re-send it."), _("SMS Fragment."), FALSE) . $boundaryPost;
	363	+ echo $boundaryPre.$uiElements->boxWarning(_("Only a fragment of the SMS was sent. You should re-send it."), _("SMS Fragment."), FALSE).$boundaryPost;
364	364	break;
365	365	}
366	366	?>
		@@ -428,23 +428,23 @@ discard block
		block discarded – undo
428	428	$display = empty(devices\Devices::listDevices()[$oneCert->device]['display']) ? $oneCert->device : devices\Devices::listDevices()[$oneCert->device]['display'];
429	429
430	430	$bufferText = "<div class='sb-certificate-summary ca-summary' $style>
431		- <div class='sb-certificate-details'>" . _("Device:") . " " . $display .
432		- "<br>" . _("Serial Number:") . " " . dechex($oneCert->serial) .
433		- "<br>" . _("CN:") . " " . explode('@', $oneCert->username)[0] . "@…" .
434		- "<br>" . _("Expiry:") . " " . $oneCert->expiry .
435		- "<br>" . _("Issued:") . " " . $oneCert->issued .
436		- "</div>" .
	431	+ <div class='sb-certificate-details'>"._("Device:")." ".$display.
	432	+ "<br>"._("Serial Number:")." ".dechex($oneCert->serial).
	433	+ "<br>"._("CN:")." ".explode('@', $oneCert->username)[0]."@…".
	434	+ "<br>"._("Expiry:")." ".$oneCert->expiry.
	435	+ "<br>"._("Issued:")." ".$oneCert->issued.
	436	+ "</div>".
437	437	"<div style='text-align:right;padding-top: 5px; $buttonStyle'>";
438	438
439	439	if ($buttonText == "") {
440	440	$bufferText .= $formtext
441		- . "<input type='hidden' name='certSerial' value='" . $oneCert->serial . "'/>"
442		- . "<input type='hidden' name='certAlgo' value='" . $oneCert->ca_type . "'/>"
	441	+ . "<input type='hidden' name='certSerial' value='".$oneCert->serial."'/>"
	442	+ . "<input type='hidden' name='certAlgo' value='".$oneCert->ca_type."'/>"
443	443	. "<button type='submit' "
444	444	. "name='command' "
445		- . "value='" . \web\lib\common\FormElements::BUTTON_REVOKECREDENTIAL . "' "
	445	+ . "value='".\web\lib\common\FormElements::BUTTON_REVOKECREDENTIAL."' "
446	446	. "class='delete' "
447		- . "onclick='return confirm(\"" . sprintf(_("The device in question will stop functioning with %s. The revocation cannot be undone. Are you sure you want to do this?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) . "\")'>"
	447	+ . "onclick='return confirm(\"".sprintf(_("The device in question will stop functioning with %s. The revocation cannot be undone. Are you sure you want to do this?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'])."\")'>"
448	448	. _("Revoke")
449	449	. "</button>"
450	450	. "</form>";
		@@ -469,13 +469,13 @@ discard block
		block discarded – undo
469	469	}
470	470	// wrap the revoked and expired certs in a div that is hidden by default
471	471	if ($textRevokedCerts !== "") {
472		- $textRevokedCerts = "<span style='text-decoration: underline;' id='$oneUserId-revoked-heading' onclick='document.getElementById(\"$oneUserId-revoked-certs\").style.display = \"block\"; document.getElementById(\"$oneUserId-revoked-heading\").style.display = \"none\";'>" . sprintf(ngettext("(show %d revoked certificate)", "(show %d revoked certificates)", $countRevoked), $countRevoked) . "</span><div id='$oneUserId-revoked-certs' style='display:none;'>" . $textRevokedCerts . "</div>";
	472	+ $textRevokedCerts = "<span style='text-decoration: underline;' id='$oneUserId-revoked-heading' onclick='document.getElementById(\"$oneUserId-revoked-certs\").style.display = \"block\"; document.getElementById(\"$oneUserId-revoked-heading\").style.display = \"none\";'>".sprintf(ngettext("(show %d revoked certificate)", "(show %d revoked certificates)", $countRevoked), $countRevoked)."</span><div id='$oneUserId-revoked-certs' style='display:none;'>".$textRevokedCerts."</div>";
473	473	}
474	474	if ($textExpiredCerts !== "") {
475		- $textExpiredCerts = "<span style='text-decoration: underline;' id='$oneUserId-expired-heading' onclick='document.getElementById(\"$oneUserId-expired-certs\").style.display = \"block\"; document.getElementById(\"$oneUserId-expired-heading\").style.display = \"none\";'>" . sprintf(ngettext("(show %d expired certificate)", "(show %d expired certificates)", $countExpired), $countExpired) . "</span><div id='$oneUserId-expired-certs' style='display:none;'>" . $textExpiredCerts . "</div>";
	475	+ $textExpiredCerts = "<span style='text-decoration: underline;' id='$oneUserId-expired-heading' onclick='document.getElementById(\"$oneUserId-expired-certs\").style.display = \"block\"; document.getElementById(\"$oneUserId-expired-heading\").style.display = \"none\";'>".sprintf(ngettext("(show %d expired certificate)", "(show %d expired certificates)", $countExpired), $countExpired)."</span><div id='$oneUserId-expired-certs' style='display:none;'>".$textExpiredCerts."</div>";
476	476	}
477	477	// and push out the HTML
478		- echo $textActiveCerts . "<br/>" . $textExpiredCerts . " " . $textRevokedCerts;
	478	+ echo $textActiveCerts."<br/>".$textExpiredCerts." ".$textRevokedCerts;
479	479	?>
480	480	</td>
481	481
		@@ -490,38 +490,38 @@ discard block
		block discarded – undo
490	490	$tokenHtmlBuffer .= "<tr class='sb-certificate-row'><td></td>";
491	491	$jsEncodedBody = str_replace('\n', '%0D%0A', str_replace('"', '', json_encode($invitationObject->invitationMailBody())));
492	492	$tokenHtmlBuffer .= "<td>";
493		- $tokenHtmlBuffer .= sprintf(_("The invitation token %s is ready for sending! Choose how to send it:"), "<input type='text' readonly='readonly' style='background-color:lightgrey;' size='60' value='" . $invitationObject->link() . "' name='token' class='identifiedtokenarea-" . $invitationObject->identifier . "'>(…)<br/>");
	493	+ $tokenHtmlBuffer .= sprintf(_("The invitation token %s is ready for sending! Choose how to send it:"), "<input type='text' readonly='readonly' style='background-color:lightgrey;' size='60' value='".$invitationObject->link()."' name='token' class='identifiedtokenarea-".$invitationObject->identifier."'>(…)<br/>");
494	494	$tokenHtmlBuffer .= "<table>
495		- <tr><td style='vertical-align:bottom;'>" . _("E-Mail:") . "</td><td>
	495	+ <tr><td style='vertical-align:bottom;'>" . _("E-Mail:")."</td><td>
496	496	$formtext
497		- <input type='hidden' value='" . $invitationObject->invitationTokenString . "' name='token'><br/>
	497	+ <input type='hidden' value='".$invitationObject->invitationTokenString."' name='token'><br/>
498	498	<input type='text' name='address' id='address-$invitationObject->identifier'/>
499		- <button type='button' onclick='window.location=\"mailto:\"+document.getElementById(\"address-$invitationObject->identifier\").value+\"?subject=" . $invitationObject->invitationMailSubject() . "&body=$jsEncodedBody\"; return false;'>" . _("Local mail client") . "</button>
500		- <button type='submit' name='command' onclick='document.getElementById(\"spin\").style.display =\"block\"' value='" . \web\lib\common\FormElements::BUTTON_SENDINVITATIONMAILBYCAT . "'>" . _("Send with CAT") . "</button>
	499	+ <button type='button' onclick='window.location=\"mailto:\"+document.getElementById(\"address-$invitationObject->identifier\").value+\"?subject=".$invitationObject->invitationMailSubject()."&body=$jsEncodedBody\"; return false;'>"._("Local mail client")."</button>
	500	+ <button type='submit' name='command' onclick='document.getElementById(\"spin\").style.display =\"block\"' value='" . \web\lib\common\FormElements::BUTTON_SENDINVITATIONMAILBYCAT."'>"._("Send with CAT")."</button>
501	501	</form>
502	502	</td></tr>
503		- <tr><td style='vertical-align:bottom;'>" . _("SMS:") . "</td><td>
	503	+ <tr><td style='vertical-align:bottom;'>" . _("SMS:")."</td><td>
504	504	$formtext
505		- <input type='hidden' value='" . $invitationObject->invitationTokenString . "' name='token'><br/>
	505	+ <input type='hidden' value='".$invitationObject->invitationTokenString."' name='token'><br/>
506	506	<input type='text' name='smsnumber' />
507		- <button type='submit' name='command' value='" . \web\lib\common\FormElements::BUTTON_SENDINVITATIONSMS . "'>" . _("Send in SMS...") . "</button>
	507	+ <button type='submit' name='command' value='" . \web\lib\common\FormElements::BUTTON_SENDINVITATIONSMS."'>"._("Send in SMS...")."</button>
508	508	</form>
509	509	</td></tr>
510		- <tr><td style='vertical-align:bottom;'>" . _("Manual:") . "</td><td>
511		- <button type='button' class='clipboardButton' onclick='clipboardCopy(" . $invitationObject->identifier . ");'>" . _("Copy to Clipboard") . "</button>
	510	+ <tr><td style='vertical-align:bottom;'>" . _("Manual:")."</td><td>
	511	+ <button type='button' class='clipboardButton' onclick='clipboardCopy(" . $invitationObject->identifier.");'>"._("Copy to Clipboard")."</button>
512	512	<form style='display:inline-block;' method='post' action='inc/displayQRcode.inc.php' onsubmit='popupQRWindow(this); return false;' accept-charset='UTF-8'>
513		- <input type='hidden' value='" . $invitationObject->invitationTokenString . "' name='token'><br/>
514		- <button type='submit'>" . _("Display QR code") . "</button>
	513	+ <input type='hidden' value='" . $invitationObject->invitationTokenString."' name='token'><br/>
	514	+ <button type='submit'>" . _("Display QR code")."</button>
515	515	</form>
516	516	</td></tr>
517	517
518	518	</table>
519	519	</td>";
520		- $tokenHtmlBuffer .= "<td>" . _("Expiry Date:") . " " . $invitationObject->expiry . " UTC<br>" . _("Activations remaining:") . " " . sprintf(_("%d of %d"), $invitationObject->activationsRemaining, $invitationObject->activationsTotal) . "</td>";
	520	+ $tokenHtmlBuffer .= "<td>"._("Expiry Date:")." ".$invitationObject->expiry." UTC<br>"._("Activations remaining:")." ".sprintf(_("%d of %d"), $invitationObject->activationsRemaining, $invitationObject->activationsTotal)."</td>";
521	521	$tokenHtmlBuffer .= "<td>"
522	522	. $formtext
523		- . "<input type='hidden' name='invitationtoken' value='" . $invitationObject->invitationTokenString . "'/>"
524		- . "<button type='submit' name='command' value='" . \web\lib\common\FormElements::BUTTON_REVOKEINVITATION . "' class='delete'>" . _("Revoke") . "</button></form>"
	523	+ . "<input type='hidden' name='invitationtoken' value='".$invitationObject->invitationTokenString."'/>"
	524	+ . "<button type='submit' name='command' value='".\web\lib\common\FormElements::BUTTON_REVOKEINVITATION."' class='delete'>"._("Revoke")."</button></form>"
525	525	. "</td></tr>";
526	526	break;
527	527	case core\SilverbulletInvitation::SB_TOKENSTATUS_EXPIRED:
		@@ -551,13 +551,13 @@ discard block
		block discarded – undo
551	551	<?php
552	552	if ($hasOnePendingInvite \|\| count($validCerts) > 0) {
553	553	$deletionText = sprintf(_("All of the currently active devices will stop functioning with %s. This cannot be undone. While the user can be re-activated later, they will then need to be re-provisioned with new invitation tokens. Are you sure you want to do this?"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']);
554		- echo $formtext . "
	554	+ echo $formtext."
555	555	<input type='hidden' name='userid' value='$oneUserId'/>
556	556	<button type='submit' "
557	557	. "name='command' "
558		- . "value='" . \web\lib\common\FormElements::BUTTON_DEACTIVATEUSER . "' "
	558	+ . "value='".\web\lib\common\FormElements::BUTTON_DEACTIVATEUSER."' "
559	559	. "class='delete' "
560		- . ( count($validCerts) > 0 ? "onclick='return confirm(\"" . $deletionText . "\")' " : "" )
	560	+ . (count($validCerts) > 0 ? "onclick='return confirm(\"".$deletionText."\")' " : "")
561	561	. ">"
562	562	. _("Deactivate User")
563	563	. "</button>
		@@ -596,13 +596,13 @@ discard block
		block discarded – undo
596	596	. ' If all accounts shown as active above are indeed still valid, please check the box below and push "Save".'
597	597	. ' If any of the accounts are stale, please deactivate them by pushing the corresponding button before doing this.'), CONFIG_CONFASSISTANT['SILVERBULLET']['gracetime'] ?? core\ProfileSilverbullet::SB_ACKNOWLEDGEMENT_REQUIRED_DAYS);
598	598
599		- echo $formtext . "<div style='padding-bottom: 20px;'>"
	599	+ echo $formtext."<div style='padding-bottom: 20px;'>"
600	600	. "
601	601	<p>$acknowledgeText</p>
602	602	<input type='checkbox' name='acknowledge' value='true'>
603		- <label>" . sprintf(_("I have verified that all configured users are still eligible for %s."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) . "</label>
	603	+ <label>".sprintf(_("I have verified that all configured users are still eligible for %s."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'])."</label>
604	604	</div>
605		- <button type='submit' name='command' value='" . \web\lib\common\FormElements::BUTTON_ACKUSERELIGIBILITY . "'>" . _("Save") . "</button></form>";
	605	+ <button type='submit' name='command' value='" . \web\lib\common\FormElements::BUTTON_ACKUSERELIGIBILITY."'>"._("Save")."</button></form>";
606	606	}
607	607	?>
608	608	</div>

GEANT / CAT

Push — release_2_0 ( fa3352...eda638 )

Status

Category

Spacing +52 added lines, -52 removed lines patch added patch discarded remove patch