nilsteampassnet /
TeamPass
@@ -499,8 +499,7 @@ discard block |
||
| 499 | 499 | $post_masked = filter_var($dataReceived['masked'], FILTER_SANITIZE_STRING); |
| 500 | 500 | $post_encrypted = filter_var($dataReceived['encrypted'], FILTER_SANITIZE_STRING); |
| 501 | 501 | $post_roles = filter_var_array($dataReceived['roles'], FILTER_SANITIZE_STRING); |
| 502 | - $post_fieldId = isset($dataReceived['fieldId']) === false ? '' : |
|
| 503 | - filter_var($dataReceived['fieldId'], FILTER_SANITIZE_NUMBER_INT); |
|
| 502 | + $post_fieldId = isset($dataReceived['fieldId']) === false ? '' : filter_var($dataReceived['fieldId'], FILTER_SANITIZE_NUMBER_INT); |
|
| 504 | 503 | |
| 505 | 504 | if (empty($post_fieldId) === false) { |
| 506 | 505 | // UPDATE FIELD |
@@ -515,7 +514,7 @@ discard block |
||
| 515 | 514 | 'encrypted_data' => $post_encrypted, |
| 516 | 515 | 'is_mandatory' => $post_mandatory, |
| 517 | 516 | 'masked' => $post_masked, |
| 518 | - 'role_visibility' => is_null($post_roles) === true || count($post_roles) ===0 ? '' : implode(',', $post_roles), |
|
| 517 | + 'role_visibility' => is_null($post_roles) === true || count($post_roles) === 0 ? '' : implode(',', $post_roles), |
|
| 519 | 518 | 'order' => calculateOrder($post_fieldId, $post_order), |
| 520 | 519 | ), |
| 521 | 520 | 'id = %i', |
@@ -37,12 +37,12 @@ discard block |
||
| 37 | 37 | } |
| 38 | 38 | |
| 39 | 39 | // Do checks |
| 40 | -require_once $SETTINGS['cpassman_dir'] . '/includes/config/include.php'; |
|
| 41 | -require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php'; |
|
| 40 | +require_once $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |
|
| 41 | +require_once $SETTINGS['cpassman_dir'].'/sources/checks.php'; |
|
| 42 | 42 | if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'items', $SETTINGS) === false) { |
| 43 | 43 | // Not allowed page |
| 44 | 44 | $_SESSION['error']['code'] = ERR_NOT_ALLOWED; |
| 45 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 45 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 46 | 46 | exit; |
| 47 | 47 | } |
| 48 | 48 | |
@@ -55,14 +55,14 @@ discard block |
||
| 55 | 55 | date_default_timezone_set('UTC'); |
| 56 | 56 | } |
| 57 | 57 | |
| 58 | -require_once $SETTINGS['cpassman_dir'] . '/includes/language/' . $_SESSION['user_language'] . '.php'; |
|
| 59 | -require_once $SETTINGS['cpassman_dir'] . '/includes/config/settings.php'; |
|
| 58 | +require_once $SETTINGS['cpassman_dir'].'/includes/language/'.$_SESSION['user_language'].'.php'; |
|
| 59 | +require_once $SETTINGS['cpassman_dir'].'/includes/config/settings.php'; |
|
| 60 | 60 | header('Content-type: text/html; charset=utf-8'); |
| 61 | 61 | header('Cache-Control: no-cache, must-revalidate'); |
| 62 | 62 | require_once 'main.functions.php'; |
| 63 | 63 | |
| 64 | 64 | // Connect to mysql server |
| 65 | -require_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Database/Meekrodb/db.class.php'; |
|
| 65 | +require_once $SETTINGS['cpassman_dir'].'/includes/libraries/Database/Meekrodb/db.class.php'; |
|
| 66 | 66 | mysqli_connect(DB_HOST, DB_USER, defuseReturnDecrypted(DB_PASSWD, $SETTINGS), DB_NAME, (int) DB_PORT, null); |
| 67 | 67 | |
| 68 | 68 | // Protect POST |
@@ -28,7 +28,7 @@ |
||
| 28 | 28 | require_once 'SecureHandler.php'; |
| 29 | 29 | session_name('teampass_session'); |
| 30 | 30 | session_start(); |
| 31 | -if (! isset($_SESSION['CPM']) || $_SESSION['CPM'] === false || ! isset($_SESSION['key']) || empty($_SESSION['key'])) { |
|
| 31 | +if (!isset($_SESSION['CPM']) || $_SESSION['CPM'] === false || !isset($_SESSION['key']) || empty($_SESSION['key'])) { |
|
| 32 | 32 | die('Hacking attempt...'); |
| 33 | 33 | } |
| 34 | 34 | |
@@ -28,7 +28,7 @@ |
||
| 28 | 28 | require_once 'SecureHandler.php'; |
| 29 | 29 | session_name('teampass_session'); |
| 30 | 30 | session_start(); |
| 31 | -if (! isset($_SESSION['CPM']) || $_SESSION['CPM'] === false || ! isset($_SESSION['key']) || empty($_SESSION['key'])) { |
|
| 31 | +if (!isset($_SESSION['CPM']) || $_SESSION['CPM'] === false || !isset($_SESSION['key']) || empty($_SESSION['key'])) { |
|
| 32 | 32 | die('Hacking attempt...'); |
| 33 | 33 | } |
| 34 | 34 | |
@@ -51,7 +51,7 @@ discard block |
||
| 51 | 51 | } |
| 52 | 52 | |
| 53 | 53 | // Include files |
| 54 | -require_once $SETTINGS['cpassman_dir'] . '/includes/libraries/protect/SuperGlobal/SuperGlobal.php'; |
|
| 54 | +require_once $SETTINGS['cpassman_dir'].'/includes/libraries/protect/SuperGlobal/SuperGlobal.php'; |
|
| 55 | 55 | $superGlobal = new protect\SuperGlobal\SuperGlobal(); |
| 56 | 56 | // Prepare GET variables |
| 57 | 57 | $get_filename = $superGlobal->get('name', 'GET'); |
@@ -59,17 +59,17 @@ discard block |
||
| 59 | 59 | $get_pathIsFiles = $superGlobal->get('pathIsFiles', 'GET'); |
| 60 | 60 | |
| 61 | 61 | // prepare Encryption class calls |
| 62 | -header('Content-disposition: attachment; filename=' . rawurldecode(basename($get_filename))); |
|
| 62 | +header('Content-disposition: attachment; filename='.rawurldecode(basename($get_filename))); |
|
| 63 | 63 | header('Content-Type: application/octet-stream'); |
| 64 | 64 | header('Cache-Control: must-revalidate, no-cache, no-store'); |
| 65 | 65 | header('Expires: 0'); |
| 66 | 66 | if (isset($_GET['pathIsFiles']) && (int) $get_pathIsFiles === 1) { |
| 67 | - readfile($SETTINGS['path_to_files_folder'] . '/' . basename($get_filename)); |
|
| 67 | + readfile($SETTINGS['path_to_files_folder'].'/'.basename($get_filename)); |
|
| 68 | 68 | } else { |
| 69 | 69 | include_once 'main.functions.php'; |
| 70 | - require_once $SETTINGS['cpassman_dir'] . '/includes/config/settings.php'; |
|
| 70 | + require_once $SETTINGS['cpassman_dir'].'/includes/config/settings.php'; |
|
| 71 | 71 | // connect to the server |
| 72 | - include_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Database/Meekrodb/db.class.php'; |
|
| 72 | + include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Database/Meekrodb/db.class.php'; |
|
| 73 | 73 | if (defined('DB_PASSWD_CLEAR') === false) { |
| 74 | 74 | define('DB_PASSWD_CLEAR', defuseReturnDecrypted(DB_PASSWD, $SETTINGS)); |
| 75 | 75 | } |
@@ -83,8 +83,8 @@ discard block |
||
| 83 | 83 | $file_info = DB::queryfirstrow( |
| 84 | 84 | 'SELECT f.id AS id, f.file AS file, f.name AS name, f.status AS status, f.extension AS extension, |
| 85 | 85 | s.share_key AS share_key |
| 86 | - FROM ' . prefixTable('files') . ' AS f |
|
| 87 | - INNER JOIN ' . prefixTable('sharekeys_files') . ' AS s ON (f.id = s.object_id) |
|
| 86 | + FROM ' . prefixTable('files').' AS f |
|
| 87 | + INNER JOIN ' . prefixTable('sharekeys_files').' AS s ON (f.id = s.object_id) |
|
| 88 | 88 | WHERE s.user_id = %i AND s.object_id = %i', |
| 89 | 89 | $_SESSION['user_id'], |
| 90 | 90 | $get_fileid |
@@ -103,7 +103,7 @@ discard block |
||
| 103 | 103 | header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); |
| 104 | 104 | header('Cache-Control: private', false); |
| 105 | 105 | header('Content-Type: application/octet-stream'); |
| 106 | - header('Content-Disposition: attachment; filename="' . $filename . '.' . $file_info['extension'] . '";'); |
|
| 106 | + header('Content-Disposition: attachment; filename="'.$filename.'.'.$file_info['extension'].'";'); |
|
| 107 | 107 | header('Content-Transfer-Encoding: binary'); |
| 108 | 108 | // Stream the CSV data |
| 109 | 109 | exit(base64_decode($fileContent)); |
@@ -37,23 +37,23 @@ discard block |
||
| 37 | 37 | } |
| 38 | 38 | |
| 39 | 39 | // Do checks |
| 40 | -require_once $SETTINGS['cpassman_dir'] . '/includes/config/include.php'; |
|
| 41 | -require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php'; |
|
| 40 | +require_once $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |
|
| 41 | +require_once $SETTINGS['cpassman_dir'].'/sources/checks.php'; |
|
| 42 | 42 | if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'options', $SETTINGS) === false) { |
| 43 | 43 | // Not allowed page |
| 44 | 44 | $_SESSION['error']['code'] = ERR_NOT_ALLOWED; |
| 45 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 45 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 46 | 46 | exit(); |
| 47 | 47 | } |
| 48 | 48 | |
| 49 | -require_once $SETTINGS['cpassman_dir'] . '/includes/language/' . $_SESSION['user_language'] . '.php'; |
|
| 50 | -require_once $SETTINGS['cpassman_dir'] . '/includes/config/settings.php'; |
|
| 49 | +require_once $SETTINGS['cpassman_dir'].'/includes/language/'.$_SESSION['user_language'].'.php'; |
|
| 50 | +require_once $SETTINGS['cpassman_dir'].'/includes/config/settings.php'; |
|
| 51 | 51 | header('Content-type: text/html; charset=utf-8'); |
| 52 | 52 | header('Cache-Control: no-cache, must-revalidate'); |
| 53 | 53 | require_once 'main.functions.php'; |
| 54 | 54 | |
| 55 | 55 | // Connect to mysql server |
| 56 | -require_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Database/Meekrodb/db.class.php'; |
|
| 56 | +require_once $SETTINGS['cpassman_dir'].'/includes/libraries/Database/Meekrodb/db.class.php'; |
|
| 57 | 57 | DB::$host = DB_HOST; |
| 58 | 58 | DB::$user = DB_USER; |
| 59 | 59 | DB::$password = DB_PASSWD_CLEAR; |
@@ -103,21 +103,21 @@ discard block |
||
| 103 | 103 | // Prepare variables |
| 104 | 104 | $post_key = filter_var($dataReceived['encryptionKey'], FILTER_SANITIZE_STRING); |
| 105 | 105 | |
| 106 | - require_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php'; |
|
| 106 | + require_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php'; |
|
| 107 | 107 | $return = ''; |
| 108 | 108 | |
| 109 | 109 | //Get all tables |
| 110 | 110 | $tables = array(); |
| 111 | 111 | $result = DB::query('SHOW TABLES'); |
| 112 | 112 | foreach ($result as $row) { |
| 113 | - $tables[] = $row['Tables_in_' . DB_NAME]; |
|
| 113 | + $tables[] = $row['Tables_in_'.DB_NAME]; |
|
| 114 | 114 | } |
| 115 | 115 | |
| 116 | 116 | //cycle through |
| 117 | 117 | foreach ($tables as $table) { |
| 118 | 118 | if (empty($pre) || substr_count($table, $pre) > 0) { |
| 119 | 119 | // Do query |
| 120 | - $result = DB::queryRaw('SELECT * FROM ' . $table); |
|
| 120 | + $result = DB::queryRaw('SELECT * FROM '.$table); |
|
| 121 | 121 | DB::queryRaw( |
| 122 | 122 | 'SELECT * |
| 123 | 123 | FROM INFORMATION_SCHEMA.COLUMNS |
@@ -129,19 +129,19 @@ discard block |
||
| 129 | 129 | $numFields = DB::count(); |
| 130 | 130 | |
| 131 | 131 | // prepare a drop table |
| 132 | - $return .= 'DROP TABLE ' . $table . ';'; |
|
| 133 | - $row2 = DB::queryfirstrow('SHOW CREATE TABLE ' . $table); |
|
| 134 | - $return .= "\n\n" . $row2['Create Table'] . ";\n\n"; |
|
| 132 | + $return .= 'DROP TABLE '.$table.';'; |
|
| 133 | + $row2 = DB::queryfirstrow('SHOW CREATE TABLE '.$table); |
|
| 134 | + $return .= "\n\n".$row2['Create Table'].";\n\n"; |
|
| 135 | 135 | |
| 136 | 136 | //prepare all fields and datas |
| 137 | 137 | for ($i = 0; $i < $numFields; ++$i) { |
| 138 | 138 | while ($row = $result->fetch_row()) { |
| 139 | - $return .= 'INSERT INTO ' . $table . ' VALUES('; |
|
| 139 | + $return .= 'INSERT INTO '.$table.' VALUES('; |
|
| 140 | 140 | for ($j = 0; $j < $numFields; ++$j) { |
| 141 | 141 | $row[$j] = addslashes($row[$j]); |
| 142 | 142 | $row[$j] = preg_replace("/\n/", '\\n', $row[$j]); |
| 143 | 143 | if (isset($row[$j])) { |
| 144 | - $return .= '"' . $row[$j] . '"'; |
|
| 144 | + $return .= '"'.$row[$j].'"'; |
|
| 145 | 145 | } else { |
| 146 | 146 | $return .= 'NULL'; |
| 147 | 147 | } |
@@ -161,8 +161,8 @@ discard block |
||
| 161 | 161 | $token = GenerateCryptKey(20, false, true, true, false, true, $SETTINGS); |
| 162 | 162 | |
| 163 | 163 | //save file |
| 164 | - $filename = time() . '-' . $token . '.sql'; |
|
| 165 | - $handle = fopen($SETTINGS['path_to_files_folder'] . '/' . $filename, 'w+'); |
|
| 164 | + $filename = time().'-'.$token.'.sql'; |
|
| 165 | + $handle = fopen($SETTINGS['path_to_files_folder'].'/'.$filename, 'w+'); |
|
| 166 | 166 | if ($handle !== false) { |
| 167 | 167 | //write file |
| 168 | 168 | fwrite($handle, $return); |
@@ -174,17 +174,17 @@ discard block |
||
| 174 | 174 | // Encrypt the file |
| 175 | 175 | prepareFileWithDefuse( |
| 176 | 176 | 'encrypt', |
| 177 | - $SETTINGS['path_to_files_folder'] . '/' . $filename, |
|
| 178 | - $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $filename, |
|
| 177 | + $SETTINGS['path_to_files_folder'].'/'.$filename, |
|
| 178 | + $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$filename, |
|
| 179 | 179 | $SETTINGS, |
| 180 | 180 | $post_key |
| 181 | 181 | ); |
| 182 | 182 | |
| 183 | 183 | // Do clean |
| 184 | - unlink($SETTINGS['path_to_files_folder'] . '/' . $filename); |
|
| 184 | + unlink($SETTINGS['path_to_files_folder'].'/'.$filename); |
|
| 185 | 185 | rename( |
| 186 | - $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $filename, |
|
| 187 | - $SETTINGS['path_to_files_folder'] . '/' . $filename |
|
| 186 | + $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$filename, |
|
| 187 | + $SETTINGS['path_to_files_folder'].'/'.$filename |
|
| 188 | 188 | ); |
| 189 | 189 | } |
| 190 | 190 | |
@@ -204,9 +204,9 @@ discard block |
||
| 204 | 204 | array( |
| 205 | 205 | 'error' => false, |
| 206 | 206 | 'message' => '', |
| 207 | - 'download' => 'sources/downloadFile.php?name=' . urlencode($filename) . |
|
| 208 | - '&sub=files&file=' . $filename . '&type=sql&key=' . $_SESSION['key'] . '&key_tmp=' . |
|
| 209 | - $_SESSION['key_tmp'] . '&pathIsFiles=1', |
|
| 207 | + 'download' => 'sources/downloadFile.php?name='.urlencode($filename). |
|
| 208 | + '&sub=files&file='.$filename.'&type=sql&key='.$_SESSION['key'].'&key_tmp='. |
|
| 209 | + $_SESSION['key_tmp'].'&pathIsFiles=1', |
|
| 210 | 210 | ), |
| 211 | 211 | 'encode' |
| 212 | 212 | ); |
@@ -252,12 +252,12 @@ discard block |
||
| 252 | 252 | $post_key = filter_var($dataReceived['encryptionKey'], FILTER_SANITIZE_STRING); |
| 253 | 253 | $post_backupFile = filter_var($dataReceived['backupFile'], FILTER_SANITIZE_STRING); |
| 254 | 254 | |
| 255 | - include_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php'; |
|
| 255 | + include_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php'; |
|
| 256 | 256 | |
| 257 | 257 | // Get filename from database |
| 258 | 258 | $data = DB::queryFirstRow( |
| 259 | 259 | 'SELECT valeur |
| 260 | - FROM ' . prefixTable('misc') . ' |
|
| 260 | + FROM ' . prefixTable('misc').' |
|
| 261 | 261 | WHERE increment_id = %i', |
| 262 | 262 | $post_backupFile |
| 263 | 263 | ); |
@@ -276,22 +276,22 @@ discard block |
||
| 276 | 276 | // Decrypt the file |
| 277 | 277 | $ret = prepareFileWithDefuse( |
| 278 | 278 | 'decrypt', |
| 279 | - $SETTINGS['path_to_files_folder'] . '/' . $post_backupFile, |
|
| 280 | - $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $post_backupFile, |
|
| 279 | + $SETTINGS['path_to_files_folder'].'/'.$post_backupFile, |
|
| 280 | + $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$post_backupFile, |
|
| 281 | 281 | $SETTINGS, |
| 282 | 282 | $post_key |
| 283 | 283 | ); |
| 284 | 284 | |
| 285 | 285 | if (empty($ret) === false) { |
| 286 | - echo '[{"result":"db_restore" , "message":"' . $ret . '"}]'; |
|
| 286 | + echo '[{"result":"db_restore" , "message":"'.$ret.'"}]'; |
|
| 287 | 287 | break; |
| 288 | 288 | } |
| 289 | 289 | |
| 290 | 290 | // Do clean |
| 291 | - fileDelete($SETTINGS['path_to_files_folder'] . '/' . $post_backupFile, $SETTINGS); |
|
| 292 | - $post_backupFile = $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $post_backupFile; |
|
| 291 | + fileDelete($SETTINGS['path_to_files_folder'].'/'.$post_backupFile, $SETTINGS); |
|
| 292 | + $post_backupFile = $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$post_backupFile; |
|
| 293 | 293 | } else { |
| 294 | - $post_backupFile = $SETTINGS['path_to_files_folder'] . '/' . $post_backupFile; |
|
| 294 | + $post_backupFile = $SETTINGS['path_to_files_folder'].'/'.$post_backupFile; |
|
| 295 | 295 | } |
| 296 | 296 | |
| 297 | 297 | //read sql file |
@@ -43,11 +43,11 @@ |
||
| 43 | 43 | } |
| 44 | 44 | |
| 45 | 45 | /* do checks */ |
| 46 | -require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php'; |
|
| 46 | +require_once $SETTINGS['cpassman_dir'].'/sources/checks.php'; |
|
| 47 | 47 | if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'profile', $SETTINGS) === false) { |
| 48 | 48 | $_SESSION['error']['code'] = ERR_NOT_ALLOWED; |
| 49 | 49 | //not allowed page |
| 50 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 50 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 51 | 51 | exit; |
| 52 | 52 | } |
| 53 | 53 | ?> |
@@ -43,16 +43,16 @@ |
||
| 43 | 43 | } |
| 44 | 44 | |
| 45 | 45 | /* do checks */ |
| 46 | -require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php'; |
|
| 46 | +require_once $SETTINGS['cpassman_dir'].'/sources/checks.php'; |
|
| 47 | 47 | if (checkUser($_SESSION['user_id'], $_SESSION['key'], curPage($SETTINGS), $SETTINGS) === false) { |
| 48 | 48 | $_SESSION['error']['code'] = ERR_NOT_ALLOWED; |
| 49 | 49 | //not allowed page |
| 50 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 50 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 51 | 51 | exit; |
| 52 | 52 | } |
| 53 | 53 | |
| 54 | 54 | // Load |
| 55 | -require_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php'; |
|
| 55 | +require_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php'; |
|
| 56 | 56 | |
| 57 | 57 | ?> |
| 58 | 58 | |
@@ -43,11 +43,11 @@ |
||
| 43 | 43 | } |
| 44 | 44 | |
| 45 | 45 | /* do checks */ |
| 46 | -require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php'; |
|
| 46 | +require_once $SETTINGS['cpassman_dir'].'/sources/checks.php'; |
|
| 47 | 47 | if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'utilities.logs', $SETTINGS) === false) { |
| 48 | 48 | $_SESSION['error']['code'] = ERR_NOT_ALLOWED; |
| 49 | 49 | //not allowed page |
| 50 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 50 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 51 | 51 | exit; |
| 52 | 52 | } |
| 53 | 53 | ?> |
