nilsteampassnet /
TeamPass
@@ -28,8 +28,8 @@ |
||
| 28 | 28 | * @see https://www.teampass.net |
| 29 | 29 | */ |
| 30 | 30 | |
| 31 | - // TO REMOVE |
|
| 32 | - // - selected_items_to_be_imported |
|
| 31 | + // TO REMOVE |
|
| 32 | + // - selected_items_to_be_imported |
|
| 33 | 33 | |
| 34 | 34 | return array( |
| 35 | 35 | 'error_user_deleted_exists' => 'User has been deleted', |
@@ -147,7 +147,7 @@ discard block |
||
| 147 | 147 | $sessionPwdAttempts = $session->get('pwd_attempts'); |
| 148 | 148 | $sessionUrl = $session->get('user-initial_url'); |
| 149 | 149 | $server = []; |
| 150 | - $server['PHP_AUTH_USER'] = $request->getUser(); |
|
| 150 | + $server['PHP_AUTH_USER'] = $request->getUser(); |
|
| 151 | 151 | $server['PHP_AUTH_PW'] = $request->getPassword(); |
| 152 | 152 | |
| 153 | 153 | // decrypt and retreive data in JSON format |
@@ -167,18 +167,18 @@ discard block |
||
| 167 | 167 | } |
| 168 | 168 | |
| 169 | 169 | // Check if Duo auth is in progress and pass the pw and login back to the standard login process |
| 170 | - if( |
|
| 170 | + if ( |
|
| 171 | 171 | isKeyExistingAndEqual('duo', 1, $SETTINGS) === true |
| 172 | 172 | && $dataReceived['user_2fa_selection'] === 'duo' |
| 173 | 173 | && $session->get('user-duo_status') === 'IN_PROGRESS' |
| 174 | 174 | && !empty($dataReceived['duo_state']) |
| 175 | - ){ |
|
| 175 | + ) { |
|
| 176 | 176 | $key = hash('sha256', $dataReceived['duo_state']); |
| 177 | 177 | $iv = substr(hash('sha256', $dataReceived['duo_state']), 0, 16); |
| 178 | 178 | $duo_data_dec = openssl_decrypt(base64_decode($session->get('user-duo_data')), 'AES-256-CBC', $key, 0, $iv); |
| 179 | 179 | // Clear the data from the Duo process to continue clean with the standard login process |
| 180 | - $session->set('user-duo_data',''); |
|
| 181 | - if($duo_data_dec === false) { |
|
| 180 | + $session->set('user-duo_data', ''); |
|
| 181 | + if ($duo_data_dec === false) { |
|
| 182 | 182 | // Add failed authentication log |
| 183 | 183 | addFailedAuthentication(filter_var($dataReceived['login'], FILTER_SANITIZE_FULL_SPECIAL_CHARS), getClientIpServer()); |
| 184 | 184 | |
@@ -196,7 +196,7 @@ discard block |
||
| 196 | 196 | $dataReceived['login'] = $duo_data['duo_login']; |
| 197 | 197 | } |
| 198 | 198 | |
| 199 | - if(isset($dataReceived['pw']) === false || isset($dataReceived['login']) === false) { |
|
| 199 | + if (isset($dataReceived['pw']) === false || isset($dataReceived['login']) === false) { |
|
| 200 | 200 | echo json_encode([ |
| 201 | 201 | 'data' => prepareExchangedData( |
| 202 | 202 | [ |
@@ -559,7 +559,7 @@ discard block |
||
| 559 | 559 | } |
| 560 | 560 | // Append with roles from AD groups |
| 561 | 561 | if (is_null($userInfo['roles_from_ad_groups']) === false) { |
| 562 | - $userInfo['fonction_id'] = empty($userInfo['fonction_id']) === true ? $userInfo['roles_from_ad_groups'] : $userInfo['fonction_id']. ';' . $userInfo['roles_from_ad_groups']; |
|
| 562 | + $userInfo['fonction_id'] = empty($userInfo['fonction_id']) === true ? $userInfo['roles_from_ad_groups'] : $userInfo['fonction_id'].';'.$userInfo['roles_from_ad_groups']; |
|
| 563 | 563 | } |
| 564 | 564 | // store |
| 565 | 565 | $session->set('user-roles', $userInfo['fonction_id']); |
@@ -571,7 +571,7 @@ discard block |
||
| 571 | 571 | if (count($session->get('user-roles_array')) > 0) { |
| 572 | 572 | $rolesList = DB::query( |
| 573 | 573 | 'SELECT id, title, complexity |
| 574 | - FROM ' . prefixTable('roles_title') . ' |
|
| 574 | + FROM ' . prefixTable('roles_title').' |
|
| 575 | 575 | WHERE id IN %li', |
| 576 | 576 | $session->get('user-roles_array') |
| 577 | 577 | ); |
@@ -617,7 +617,7 @@ discard block |
||
| 617 | 617 | if ($adjustPermissions) { |
| 618 | 618 | $session->set('user-admin', (int) $userInfo['admin']); |
| 619 | 619 | $session->set('user-manager', (int) $userInfo['gestionnaire']); |
| 620 | - $session->set('user-can_manage_all_users',(int) $userInfo['can_manage_all_users']); |
|
| 620 | + $session->set('user-can_manage_all_users', (int) $userInfo['can_manage_all_users']); |
|
| 621 | 621 | $session->set('user-read_only', (int) $userInfo['read_only']); |
| 622 | 622 | DB::update( |
| 623 | 623 | prefixTable('users'), |
@@ -689,10 +689,10 @@ discard block |
||
| 689 | 689 | // Get last seen items |
| 690 | 690 | $session->set('user-nb_roles', 0); |
| 691 | 691 | foreach ($session->get('user-latest_items') as $item) { |
| 692 | - if (! empty($item)) { |
|
| 692 | + if (!empty($item)) { |
|
| 693 | 693 | $dataLastItems = DB::queryFirstRow( |
| 694 | 694 | 'SELECT id,label,id_tree |
| 695 | - FROM ' . prefixTable('items') . ' |
|
| 695 | + FROM ' . prefixTable('items').' |
|
| 696 | 696 | WHERE id=%i', |
| 697 | 697 | $item |
| 698 | 698 | ); |
@@ -702,7 +702,7 @@ discard block |
||
| 702 | 702 | // Get cahce tree info |
| 703 | 703 | $cacheTreeData = DB::queryFirstRow( |
| 704 | 704 | 'SELECT visible_folders |
| 705 | - FROM ' . prefixTable('cache_tree') . ' |
|
| 705 | + FROM ' . prefixTable('cache_tree').' |
|
| 706 | 706 | WHERE user_id=%i', |
| 707 | 707 | (int) $session->get('user-id') |
| 708 | 708 | ); |
@@ -734,7 +734,7 @@ discard block |
||
| 734 | 734 | && (int) $sessionAdmin !== 1 |
| 735 | 735 | ) { |
| 736 | 736 | // get all Admin users |
| 737 | - $val = DB::queryFirstRow('SELECT email FROM ' . prefixTable('users') . " WHERE admin = %i and email != ''", 1); |
|
| 737 | + $val = DB::queryFirstRow('SELECT email FROM '.prefixTable('users')." WHERE admin = %i and email != ''", 1); |
|
| 738 | 738 | if (DB::count() > 0) { |
| 739 | 739 | // Add email to table |
| 740 | 740 | prepareSendingEmail( |
@@ -746,7 +746,7 @@ discard block |
||
| 746 | 746 | '#tp_time#', |
| 747 | 747 | ], |
| 748 | 748 | [ |
| 749 | - ' ' . $session->get('user-login') . ' (IP: ' . getClientIpServer() . ')', |
|
| 749 | + ' '.$session->get('user-login').' (IP: '.getClientIpServer().')', |
|
| 750 | 750 | date($SETTINGS['date_format'], (int) $session->get('user-last_connection')), |
| 751 | 751 | date($SETTINGS['time_format'], (int) $session->get('user-last_connection')), |
| 752 | 752 | ], |
@@ -858,7 +858,7 @@ discard block |
||
| 858 | 858 | { |
| 859 | 859 | $rows = DB::query( |
| 860 | 860 | 'SELECT date |
| 861 | - FROM ' . prefixTable('log_system') . " |
|
| 861 | + FROM ' . prefixTable('log_system')." |
|
| 862 | 862 | WHERE field_1 = %s |
| 863 | 863 | AND type = 'failed_auth' |
| 864 | 864 | AND label = 'password_is_not_correct' |
@@ -872,7 +872,7 @@ discard block |
||
| 872 | 872 | foreach ($rows as $record) { |
| 873 | 873 | array_push( |
| 874 | 874 | $arrAttempts, |
| 875 | - date($SETTINGS['date_format'] . ' ' . $SETTINGS['time_format'], (int) $record['date']) |
|
| 875 | + date($SETTINGS['date_format'].' '.$SETTINGS['time_format'], (int) $record['date']) |
|
| 876 | 876 | ); |
| 877 | 877 | } |
| 878 | 878 | } |
@@ -907,7 +907,7 @@ discard block |
||
| 907 | 907 | $ldapConnection |
| 908 | 908 | ) : bool |
| 909 | 909 | { |
| 910 | - include_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php'; |
|
| 910 | + include_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php'; |
|
| 911 | 911 | |
| 912 | 912 | if ((int) $userInfoDisabled === 1) { |
| 913 | 913 | return false; |
@@ -995,7 +995,7 @@ discard block |
||
| 995 | 995 | // If user has seed but no backup, create it on first successful login |
| 996 | 996 | if (!empty($userInfo['user_derivation_seed']) && empty($userInfo['private_key_backup'])) { |
| 997 | 997 | if (defined('LOG_TO_SERVER') && LOG_TO_SERVER === true) { |
| 998 | - error_log('TEAMPASS Transparent Recovery - Creating backup for user ' . ($userInfo['login'] ?? 'unknown')); |
|
| 998 | + error_log('TEAMPASS Transparent Recovery - Creating backup for user '.($userInfo['login'] ?? 'unknown')); |
|
| 999 | 999 | } |
| 1000 | 1000 | |
| 1001 | 1001 | $derivedKey = deriveBackupKey($userInfo['user_derivation_seed'], $userInfo['public_key'], $SETTINGS); |
@@ -1165,7 +1165,7 @@ discard block |
||
| 1165 | 1165 | } catch (Exception $e) { |
| 1166 | 1166 | return [ |
| 1167 | 1167 | 'error' => true, |
| 1168 | - 'message' => "Error: " . $e->getMessage(), |
|
| 1168 | + 'message' => "Error: ".$e->getMessage(), |
|
| 1169 | 1169 | ]; |
| 1170 | 1170 | } |
| 1171 | 1171 | } |
@@ -1196,7 +1196,7 @@ discard block |
||
| 1196 | 1196 | 'type' => 'OpenLDAP' |
| 1197 | 1197 | ]; |
| 1198 | 1198 | default: |
| 1199 | - throw new Exception("Unsupported LDAP type: " . $SETTINGS['ldap_type']); |
|
| 1199 | + throw new Exception("Unsupported LDAP type: ".$SETTINGS['ldap_type']); |
|
| 1200 | 1200 | } |
| 1201 | 1201 | } |
| 1202 | 1202 | |
@@ -1333,7 +1333,7 @@ discard block |
||
| 1333 | 1333 | ); |
| 1334 | 1334 | } |
| 1335 | 1335 | |
| 1336 | - throw new Exception("Unsupported LDAP type: " . $ldapHandler['type']); |
|
| 1336 | + throw new Exception("Unsupported LDAP type: ".$ldapHandler['type']); |
|
| 1337 | 1337 | } |
| 1338 | 1338 | |
| 1339 | 1339 | /** |
@@ -1350,12 +1350,12 @@ discard block |
||
| 1350 | 1350 | if (isset($SETTINGS['enable_ad_users_with_ad_groups']) === true && (int) $SETTINGS['enable_ad_users_with_ad_groups'] === 1) { |
| 1351 | 1351 | // Get user groups from AD |
| 1352 | 1352 | $user_ad_groups = []; |
| 1353 | - foreach($groups as $group) { |
|
| 1353 | + foreach ($groups as $group) { |
|
| 1354 | 1354 | //print_r($group); |
| 1355 | 1355 | // get relation role id for AD group |
| 1356 | 1356 | $role = DB::queryFirstRow( |
| 1357 | 1357 | 'SELECT lgr.role_id |
| 1358 | - FROM ' . prefixTable('ldap_groups_roles') . ' AS lgr |
|
| 1358 | + FROM ' . prefixTable('ldap_groups_roles').' AS lgr |
|
| 1359 | 1359 | WHERE lgr.ldap_group_id = %s', |
| 1360 | 1360 | $group |
| 1361 | 1361 | ); |
@@ -1418,7 +1418,7 @@ discard block |
||
| 1418 | 1418 | $passwordManager = new PasswordManager(); |
| 1419 | 1419 | |
| 1420 | 1420 | // Migrate password if needed |
| 1421 | - $result = $passwordManager->migratePassword( |
|
| 1421 | + $result = $passwordManager->migratePassword( |
|
| 1422 | 1422 | $userInfo['pw'], |
| 1423 | 1423 | $passwordClear, |
| 1424 | 1424 | (int) $userInfo['id'] |
@@ -1492,7 +1492,7 @@ discard block |
||
| 1492 | 1492 | // Check if exists in DB |
| 1493 | 1493 | $groupData = DB::queryFirstRow( |
| 1494 | 1494 | 'SELECT id |
| 1495 | - FROM ' . prefixTable('roles_title') . ' |
|
| 1495 | + FROM ' . prefixTable('roles_title').' |
|
| 1496 | 1496 | WHERE title = %s', |
| 1497 | 1497 | $group["displayName"] |
| 1498 | 1498 | ); |
@@ -1641,7 +1641,7 @@ discard block |
||
| 1641 | 1641 | |
| 1642 | 1642 | // generate new QR |
| 1643 | 1643 | $new_2fa_qr = $tfa->getQRCodeImageAsDataUri( |
| 1644 | - 'Teampass - ' . $username, |
|
| 1644 | + 'Teampass - '.$username, |
|
| 1645 | 1645 | $userInfo['ga'] |
| 1646 | 1646 | ); |
| 1647 | 1647 | // clear temporary code from DB |
@@ -1654,7 +1654,7 @@ discard block |
||
| 1654 | 1654 | $userInfo['id'] |
| 1655 | 1655 | ); |
| 1656 | 1656 | $firstTime = [ |
| 1657 | - 'value' => '<img src="' . $new_2fa_qr . '">', |
|
| 1657 | + 'value' => '<img src="'.$new_2fa_qr.'">', |
|
| 1658 | 1658 | 'user_admin' => isset($sessionAdmin) ? (int) $sessionAdmin : '', |
| 1659 | 1659 | 'initial_url' => isset($sessionUrl) === true ? $sessionUrl : '', |
| 1660 | 1660 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
@@ -1810,7 +1810,7 @@ discard block |
||
| 1810 | 1810 | }*/ |
| 1811 | 1811 | return [ |
| 1812 | 1812 | 'error' => true, |
| 1813 | - 'message' => $duo_error . $lang->get('duo_error_check_config'), |
|
| 1813 | + 'message' => $duo_error.$lang->get('duo_error_check_config'), |
|
| 1814 | 1814 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1815 | 1815 | 'debug_message' => $e->getMessage(), |
| 1816 | 1816 | 'proceedIdentification' => false, |
@@ -1826,7 +1826,7 @@ discard block |
||
| 1826 | 1826 | } catch (DuoException $e) { |
| 1827 | 1827 | return [ |
| 1828 | 1828 | 'error' => true, |
| 1829 | - 'message' => $duo_error . $lang->get('duo_error_url'), |
|
| 1829 | + 'message' => $duo_error.$lang->get('duo_error_url'), |
|
| 1830 | 1830 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1831 | 1831 | 'debug_message' => $e->getMessage(), |
| 1832 | 1832 | 'proceedIdentification' => false, |
@@ -1834,7 +1834,7 @@ discard block |
||
| 1834 | 1834 | } |
| 1835 | 1835 | |
| 1836 | 1836 | // Somethimes Duo return success but fail to return a URL, double check if the URL has been created |
| 1837 | - if (!empty($duo_redirect_url) && filter_var($duo_redirect_url,FILTER_SANITIZE_URL)) { |
|
| 1837 | + if (!empty($duo_redirect_url) && filter_var($duo_redirect_url, FILTER_SANITIZE_URL)) { |
|
| 1838 | 1838 | // Since Duo Universal requires a redirect, let's store some info when the user get's back after completing the Duo prompt |
| 1839 | 1839 | $key = hash('sha256', $duo_state); |
| 1840 | 1840 | $iv = substr(hash('sha256', $duo_state), 0, 16); |
@@ -1862,7 +1862,7 @@ discard block |
||
| 1862 | 1862 | } else { |
| 1863 | 1863 | return [ |
| 1864 | 1864 | 'error' => true, |
| 1865 | - 'message' => $duo_error . $lang->get('duo_error_url'), |
|
| 1865 | + 'message' => $duo_error.$lang->get('duo_error_url'), |
|
| 1866 | 1866 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1867 | 1867 | 'proceedIdentification' => false, |
| 1868 | 1868 | ]; |
@@ -1883,8 +1883,8 @@ discard block |
||
| 1883 | 1883 | // return the response (which should be the user name) |
| 1884 | 1884 | if ($decoded_token['preferred_username'] === $username) { |
| 1885 | 1885 | $session->set('user-duo_status', 'COMPLET'); |
| 1886 | - $session->set('user-duo_state',''); |
|
| 1887 | - $session->set('user-duo_data',''); |
|
| 1886 | + $session->set('user-duo_state', ''); |
|
| 1887 | + $session->set('user-duo_data', ''); |
|
| 1888 | 1888 | $session->set('user-login', $username); |
| 1889 | 1889 | |
| 1890 | 1890 | return [ |
@@ -1895,9 +1895,9 @@ discard block |
||
| 1895 | 1895 | ]; |
| 1896 | 1896 | } else { |
| 1897 | 1897 | // Something wrong, username from the original Duo request is different than the one received now |
| 1898 | - $session->set('user-duo_status',''); |
|
| 1899 | - $session->set('user-duo_state',''); |
|
| 1900 | - $session->set('user-duo_data',''); |
|
| 1898 | + $session->set('user-duo_status', ''); |
|
| 1899 | + $session->set('user-duo_state', ''); |
|
| 1900 | + $session->set('user-duo_data', ''); |
|
| 1901 | 1901 | |
| 1902 | 1902 | return [ |
| 1903 | 1903 | 'error' => true, |
@@ -1908,9 +1908,9 @@ discard block |
||
| 1908 | 1908 | } |
| 1909 | 1909 | } |
| 1910 | 1910 | // If we are here something wrong |
| 1911 | - $session->set('user-duo_status',''); |
|
| 1912 | - $session->set('user-duo_state',''); |
|
| 1913 | - $session->set('user-duo_data',''); |
|
| 1911 | + $session->set('user-duo_status', ''); |
|
| 1912 | + $session->set('user-duo_state', ''); |
|
| 1913 | + $session->set('user-duo_data', ''); |
|
| 1914 | 1914 | return [ |
| 1915 | 1915 | 'error' => true, |
| 1916 | 1916 | 'message' => $lang->get('duo_login_mismatch'), |
@@ -2029,7 +2029,7 @@ discard block |
||
| 2029 | 2029 | // Check for existing lock |
| 2030 | 2030 | $unlock_at = DB::queryFirstField( |
| 2031 | 2031 | 'SELECT MAX(unlock_at) |
| 2032 | - FROM ' . prefixTable('auth_failures') . ' |
|
| 2032 | + FROM ' . prefixTable('auth_failures').' |
|
| 2033 | 2033 | WHERE unlock_at > %s |
| 2034 | 2034 | AND ((source = %s AND value = %s) OR (source = %s AND value = %s))', |
| 2035 | 2035 | date('Y-m-d H:i:s', time()), |
@@ -2051,8 +2051,8 @@ discard block |
||
| 2051 | 2051 | // Get user info from DB |
| 2052 | 2052 | $data = DB::queryFirstRow( |
| 2053 | 2053 | 'SELECT u.*, a.value AS api_key |
| 2054 | - FROM ' . prefixTable('users') . ' AS u |
|
| 2055 | - LEFT JOIN ' . prefixTable('api') . ' AS a ON (u.id = a.user_id) |
|
| 2054 | + FROM ' . prefixTable('users').' AS u |
|
| 2055 | + LEFT JOIN ' . prefixTable('api').' AS a ON (u.id = a.user_id) |
|
| 2056 | 2056 | WHERE login = %s AND deleted_at IS NULL', |
| 2057 | 2057 | $login |
| 2058 | 2058 | ); |
@@ -2071,9 +2071,9 @@ discard block |
||
| 2071 | 2071 | // Check if similar login deleted exists |
| 2072 | 2072 | DB::queryFirstRow( |
| 2073 | 2073 | 'SELECT id, login |
| 2074 | - FROM ' . prefixTable('users') . ' |
|
| 2074 | + FROM ' . prefixTable('users').' |
|
| 2075 | 2075 | WHERE login LIKE %s AND deleted_at IS NOT NULL', |
| 2076 | - $login . '_deleted_%' |
|
| 2076 | + $login.'_deleted_%' |
|
| 2077 | 2077 | ); |
| 2078 | 2078 | |
| 2079 | 2079 | if (DB::count() > 0) { |
@@ -2183,7 +2183,7 @@ discard block |
||
| 2183 | 2183 | 'array' => [ |
| 2184 | 2184 | 'value' => 'bruteforce_wait', |
| 2185 | 2185 | 'error' => true, |
| 2186 | - 'message' => $lang->get('bruteforce_wait') . (string) $e->getMessage(), |
|
| 2186 | + 'message' => $lang->get('bruteforce_wait').(string) $e->getMessage(), |
|
| 2187 | 2187 | ] |
| 2188 | 2188 | ]; |
| 2189 | 2189 | } |
@@ -2288,7 +2288,7 @@ discard block |
||
| 2288 | 2288 | // Clean previous failed attempts |
| 2289 | 2289 | $failedTasks = DB::query( |
| 2290 | 2290 | 'SELECT increment_id |
| 2291 | - FROM ' . prefixTable('background_tasks') . ' |
|
| 2291 | + FROM ' . prefixTable('background_tasks').' |
|
| 2292 | 2292 | WHERE process_type = %s |
| 2293 | 2293 | AND JSON_EXTRACT(arguments, "$.new_user_id") = %i |
| 2294 | 2294 | AND status = %s', |
@@ -2405,7 +2405,7 @@ discard block |
||
| 2405 | 2405 | $userKeys['public_key'] |
| 2406 | 2406 | ); |
| 2407 | 2407 | }*/ |
| 2408 | - error_log('Switch user ' . $username . ' auth_type to oauth2'); |
|
| 2408 | + error_log('Switch user '.$username.' auth_type to oauth2'); |
|
| 2409 | 2409 | // Update user in database: |
| 2410 | 2410 | DB::update( |
| 2411 | 2411 | prefixTable('users'), |
@@ -2629,12 +2629,12 @@ discard block |
||
| 2629 | 2629 | { |
| 2630 | 2630 | // Find the latest "create_user_keys" task for the given user_id |
| 2631 | 2631 | $latestTask = DB::queryFirstRow( |
| 2632 | - 'SELECT arguments, status FROM ' . prefixTable('background_tasks') . ' |
|
| 2632 | + 'SELECT arguments, status FROM '.prefixTable('background_tasks').' |
|
| 2633 | 2633 | WHERE process_type = %s |
| 2634 | 2634 | AND arguments LIKE %s |
| 2635 | 2635 | ORDER BY increment_id DESC |
| 2636 | 2636 | LIMIT 1', |
| 2637 | - 'create_user_keys', '%"new_user_id":' . $userId . '%' |
|
| 2637 | + 'create_user_keys', '%"new_user_id":'.$userId.'%' |
|
| 2638 | 2638 | ); |
| 2639 | 2639 | |
| 2640 | 2640 | // If a failed task is found, return an error message |
@@ -2846,15 +2846,15 @@ discard block |
||
| 2846 | 2846 | |
| 2847 | 2847 | if ($ret['error'] !== false) { |
| 2848 | 2848 | logEvents($SETTINGS, 'failed_auth', 'bad_duo_mfa', '', stripslashes($username), stripslashes($username)); |
| 2849 | - $session->set('user-duo_status',''); |
|
| 2850 | - $session->set('user-duo_state',''); |
|
| 2851 | - $session->set('user-duo_data',''); |
|
| 2849 | + $session->set('user-duo_status', ''); |
|
| 2850 | + $session->set('user-duo_state', ''); |
|
| 2851 | + $session->set('user-duo_data', ''); |
|
| 2852 | 2852 | return [ |
| 2853 | 2853 | 'error' => true, |
| 2854 | 2854 | 'mfaData' => $ret, |
| 2855 | 2855 | 'mfaQRCodeInfos' => false, |
| 2856 | 2856 | ]; |
| 2857 | - } else if ($ret['duo_url_ready'] === true){ |
|
| 2857 | + } else if ($ret['duo_url_ready'] === true) { |
|
| 2858 | 2858 | return [ |
| 2859 | 2859 | 'error' => false, |
| 2860 | 2860 | 'mfaData' => $ret, |
@@ -2918,7 +2918,7 @@ discard block |
||
| 2918 | 2918 | // Count failed attempts from this source |
| 2919 | 2919 | $count = DB::queryFirstField( |
| 2920 | 2920 | 'SELECT COUNT(*) |
| 2921 | - FROM ' . prefixTable('auth_failures') . ' |
|
| 2921 | + FROM ' . prefixTable('auth_failures').' |
|
| 2922 | 2922 | WHERE source = %s AND value = %s', |
| 2923 | 2923 | $source, |
| 2924 | 2924 | $value |
@@ -74,7 +74,7 @@ discard block |
||
| 74 | 74 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('profile') === false) { |
| 75 | 75 | // Not allowed page |
| 76 | 76 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 77 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 77 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 78 | 78 | exit; |
| 79 | 79 | } |
| 80 | 80 | |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | |
| 146 | 146 | // Get info about user to modify |
| 147 | 147 | $targetUserInfos = DB::queryFirstRow( |
| 148 | - 'SELECT admin, gestionnaire, can_manage_all_users, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 148 | + 'SELECT admin, gestionnaire, can_manage_all_users, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 149 | 149 | WHERE id = %i', |
| 150 | 150 | (int) $dataReceived['user_id'] |
| 151 | 151 | ); |
@@ -277,7 +277,7 @@ discard block |
||
| 277 | 277 | // Check if user already exists (active user) |
| 278 | 278 | $data = DB::query( |
| 279 | 279 | 'SELECT id, fonction_id, groupes_interdits, groupes_visibles |
| 280 | - FROM ' . prefixTable('users') . ' |
|
| 280 | + FROM ' . prefixTable('users').' |
|
| 281 | 281 | WHERE login = %s |
| 282 | 282 | AND deleted_at IS NULL', |
| 283 | 283 | $login |
@@ -286,10 +286,10 @@ discard block |
||
| 286 | 286 | // Check if a soft-deleted user with this login exists |
| 287 | 287 | $deletedUser = DB::queryFirstRow( |
| 288 | 288 | 'SELECT id, login, deleted_at |
| 289 | - FROM ' . prefixTable('users') . ' |
|
| 289 | + FROM ' . prefixTable('users').' |
|
| 290 | 290 | WHERE login LIKE %s |
| 291 | 291 | AND deleted_at IS NOT NULL', |
| 292 | - $login . '_deleted_%' |
|
| 292 | + $login.'_deleted_%' |
|
| 293 | 293 | ); |
| 294 | 294 | |
| 295 | 295 | if (DB::count() === 0 && empty($deletedUser) === true) { |
@@ -469,7 +469,7 @@ discard block |
||
| 469 | 469 | // Check if it's a soft-deleted user |
| 470 | 470 | $errorMessage = $lang->get('error_user_exists'); |
| 471 | 471 | if (empty($deletedUser) === false) { |
| 472 | - $errorMessage = 'A deleted user with this login already exists (ID: ' . $deletedUser['id'] . '). Please restore the user instead of creating a new one.'; |
|
| 472 | + $errorMessage = 'A deleted user with this login already exists (ID: '.$deletedUser['id'].'). Please restore the user instead of creating a new one.'; |
|
| 473 | 473 | } |
| 474 | 474 | |
| 475 | 475 | echo prepareExchangedData( |
@@ -508,7 +508,7 @@ discard block |
||
| 508 | 508 | } |
| 509 | 509 | |
| 510 | 510 | // Prepare variables |
| 511 | - $userId = filter_var($dataReceived['user_id'], FILTER_SANITIZE_NUMBER_INT); |
|
| 511 | + $userId = filter_var($dataReceived['user_id'], FILTER_SANITIZE_NUMBER_INT); |
|
| 512 | 512 | |
| 513 | 513 | if (empty($userId)) { |
| 514 | 514 | echo prepareExchangedData( |
@@ -523,7 +523,7 @@ discard block |
||
| 523 | 523 | |
| 524 | 524 | // Get info about user to delete |
| 525 | 525 | $data_user = DB::queryFirstRow( |
| 526 | - 'SELECT login, admin, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 526 | + 'SELECT login, admin, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 527 | 527 | WHERE id = %i', |
| 528 | 528 | $userId |
| 529 | 529 | ); |
@@ -540,7 +540,7 @@ discard block |
||
| 540 | 540 | || ((int) $session->get('user-can_manage_all_users') === 1 && (int) $data_user['admin'] !== 1) |
| 541 | 541 | ) { |
| 542 | 542 | $timestamp = time(); |
| 543 | - $deletedSuffix = '_deleted_' . $timestamp; |
|
| 543 | + $deletedSuffix = '_deleted_'.$timestamp; |
|
| 544 | 544 | |
| 545 | 545 | // delete user in database |
| 546 | 546 | DB::update( |
@@ -678,7 +678,7 @@ discard block |
||
| 678 | 678 | echo prepareExchangedData( |
| 679 | 679 | [ |
| 680 | 680 | 'error' => true, |
| 681 | - 'message' => $lang->get('error') . ': ' . $e->getMessage(), |
|
| 681 | + 'message' => $lang->get('error').': '.$e->getMessage(), |
|
| 682 | 682 | ], |
| 683 | 683 | 'encode' |
| 684 | 684 | ); |
@@ -692,7 +692,7 @@ discard block |
||
| 692 | 692 | $return = array(); |
| 693 | 693 | // Check if folder exists |
| 694 | 694 | $data = DB::query( |
| 695 | - 'SELECT * FROM ' . prefixTable('nested_tree') . ' |
|
| 695 | + 'SELECT * FROM '.prefixTable('nested_tree').' |
|
| 696 | 696 | WHERE title = %s AND parent_id = %i', |
| 697 | 697 | filter_input(INPUT_POST, 'domain', FILTER_SANITIZE_FULL_SPECIAL_CHARS), |
| 698 | 698 | '0' |
@@ -705,7 +705,7 @@ discard block |
||
| 705 | 705 | } |
| 706 | 706 | // Check if role exists |
| 707 | 707 | $data = DB::query( |
| 708 | - 'SELECT * FROM ' . prefixTable('roles_title') . ' |
|
| 708 | + 'SELECT * FROM '.prefixTable('roles_title').' |
|
| 709 | 709 | WHERE title = %s', |
| 710 | 710 | filter_input(INPUT_POST, 'domain', FILTER_SANITIZE_FULL_SPECIAL_CHARS) |
| 711 | 711 | ); |
@@ -734,7 +734,7 @@ discard block |
||
| 734 | 734 | // Get info about user to delete |
| 735 | 735 | $data_user = DB::queryFirstRow( |
| 736 | 736 | 'SELECT admin, isAdministratedByRole, gestionnaire |
| 737 | - FROM ' . prefixTable('users') . ' |
|
| 737 | + FROM ' . prefixTable('users').' |
|
| 738 | 738 | WHERE id = %i', |
| 739 | 739 | $post_user_id |
| 740 | 740 | ); |
@@ -790,7 +790,7 @@ discard block |
||
| 790 | 790 | // Get info about user |
| 791 | 791 | $rowUser = DB::queryFirstRow( |
| 792 | 792 | 'SELECT * |
| 793 | - FROM ' . prefixTable('users') . ' |
|
| 793 | + FROM ' . prefixTable('users').' |
|
| 794 | 794 | WHERE id = %i', |
| 795 | 795 | $post_id |
| 796 | 796 | ); |
@@ -818,7 +818,7 @@ discard block |
||
| 818 | 818 | $session->set('user-roles_array', explode(';', $session->get('user-roles'))); |
| 819 | 819 | $rows = DB::query(' |
| 820 | 820 | SELECT id,title,creator_id |
| 821 | - FROM ' . prefixTable('roles_title') .' |
|
| 821 | + FROM ' . prefixTable('roles_title').' |
|
| 822 | 822 | WHERE id IN %li', |
| 823 | 823 | $session->get('user-roles_array') |
| 824 | 824 | ); |
@@ -856,7 +856,7 @@ discard block |
||
| 856 | 856 | $rolesList = array(); |
| 857 | 857 | $managedBy = array(); |
| 858 | 858 | $selected = ''; |
| 859 | - $rows = DB::query('SELECT id,title FROM ' . prefixTable('roles_title') . ' ORDER BY title ASC'); |
|
| 859 | + $rows = DB::query('SELECT id,title FROM '.prefixTable('roles_title').' ORDER BY title ASC'); |
|
| 860 | 860 | foreach ($rows as $reccord) { |
| 861 | 861 | $rolesList[$reccord['id']] = array('id' => $reccord['id'], 'title' => $reccord['title']); |
| 862 | 862 | } |
@@ -887,7 +887,7 @@ discard block |
||
| 887 | 887 | array_push( |
| 888 | 888 | $managedBy, |
| 889 | 889 | array( |
| 890 | - 'title' => $lang->get('managers_of') . ' ' . $fonction['title'], |
|
| 890 | + 'title' => $lang->get('managers_of').' '.$fonction['title'], |
|
| 891 | 891 | 'id' => $fonction['id'], |
| 892 | 892 | 'selected' => $selected, |
| 893 | 893 | ) |
@@ -969,9 +969,9 @@ discard block |
||
| 969 | 969 | |
| 970 | 970 | // get USER STATUS |
| 971 | 971 | if ($rowUser['disabled'] == 1) { |
| 972 | - $arrData['info'] = $lang->get('user_info_locked') . '<br><input type="checkbox" value="unlock" name="1" class="chk"> <label for="1">' . $lang->get('user_info_unlock_question') . '</label><br><input type="checkbox" value="delete" id="account_delete" class="chk mr-2" name="2" onclick="confirmDeletion()">label for="2">' . $lang->get('user_info_delete_question') . '</label>'; |
|
| 972 | + $arrData['info'] = $lang->get('user_info_locked').'<br><input type="checkbox" value="unlock" name="1" class="chk"> <label for="1">'.$lang->get('user_info_unlock_question').'</label><br><input type="checkbox" value="delete" id="account_delete" class="chk mr-2" name="2" onclick="confirmDeletion()">label for="2">'.$lang->get('user_info_delete_question').'</label>'; |
|
| 973 | 973 | } else { |
| 974 | - $arrData['info'] = $lang->get('user_info_active') . '<br><input type="checkbox" value="lock" class="chk"> ' . $lang->get('user_info_lock_question'); |
|
| 974 | + $arrData['info'] = $lang->get('user_info_active').'<br><input type="checkbox" value="lock" class="chk"> '.$lang->get('user_info_lock_question'); |
|
| 975 | 975 | } |
| 976 | 976 | |
| 977 | 977 | $arrData['error'] = false; |
@@ -1058,7 +1058,7 @@ discard block |
||
| 1058 | 1058 | |
| 1059 | 1059 | // Get info about user to modify |
| 1060 | 1060 | $data_user = DB::queryFirstRow( |
| 1061 | - 'SELECT admin, gestionnaire, can_manage_all_users, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 1061 | + 'SELECT admin, gestionnaire, can_manage_all_users, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 1062 | 1062 | WHERE id = %i', |
| 1063 | 1063 | $post_id |
| 1064 | 1064 | ); |
@@ -1069,7 +1069,7 @@ discard block |
||
| 1069 | 1069 | // count number of admins |
| 1070 | 1070 | $users = DB::query( |
| 1071 | 1071 | 'SELECT id |
| 1072 | - FROM ' . prefixTable('users') . ' |
|
| 1072 | + FROM ' . prefixTable('users').' |
|
| 1073 | 1073 | WHERE admin = 1 AND email != "" AND pw != "" AND id != %i', |
| 1074 | 1074 | $post_id |
| 1075 | 1075 | ); |
@@ -1092,7 +1092,7 @@ discard block |
||
| 1092 | 1092 | // Exclude roles from AD - PR #3635 |
| 1093 | 1093 | $adRoles = DB::query( |
| 1094 | 1094 | 'SELECT roles_from_ad_groups |
| 1095 | - FROM ' . prefixTable('users') . ' |
|
| 1095 | + FROM ' . prefixTable('users').' |
|
| 1096 | 1096 | WHERE id = %i', |
| 1097 | 1097 | $post_id |
| 1098 | 1098 | )[0]['roles_from_ad_groups']; |
@@ -1194,7 +1194,7 @@ discard block |
||
| 1194 | 1194 | ); |
| 1195 | 1195 | // delete personal folder and subfolders |
| 1196 | 1196 | $data = DB::queryFirstRow( |
| 1197 | - 'SELECT id FROM ' . prefixTable('nested_tree') . ' |
|
| 1197 | + 'SELECT id FROM '.prefixTable('nested_tree').' |
|
| 1198 | 1198 | WHERE title = %s AND personal_folder = %i', |
| 1199 | 1199 | $post_id, |
| 1200 | 1200 | '1' |
@@ -1207,7 +1207,7 @@ discard block |
||
| 1207 | 1207 | DB::delete(prefixTable('nested_tree'), 'id = %i AND personal_folder = %i', $folder->id, '1'); |
| 1208 | 1208 | // delete items & logs |
| 1209 | 1209 | $items = DB::query( |
| 1210 | - 'SELECT id FROM ' . prefixTable('items') . ' |
|
| 1210 | + 'SELECT id FROM '.prefixTable('items').' |
|
| 1211 | 1211 | WHERE id_tree=%i AND perso = %i', |
| 1212 | 1212 | $folder->id, |
| 1213 | 1213 | '1' |
@@ -1228,7 +1228,7 @@ discard block |
||
| 1228 | 1228 | } else { |
| 1229 | 1229 | // Get old data about user |
| 1230 | 1230 | $oldData = DB::queryFirstRow( |
| 1231 | - 'SELECT * FROM ' . prefixTable('users') . ' |
|
| 1231 | + 'SELECT * FROM '.prefixTable('users').' |
|
| 1232 | 1232 | WHERE id = %i', |
| 1233 | 1233 | $post_id |
| 1234 | 1234 | ); |
@@ -1265,7 +1265,7 @@ discard block |
||
| 1265 | 1265 | |
| 1266 | 1266 | // update LOG |
| 1267 | 1267 | if ($oldData['email'] !== $post_email) { |
| 1268 | - logEvents($SETTINGS, 'user_mngt', 'at_user_email_changed:' . $oldData['email'], (string) $session->get('user-id'), $session->get('user-login'), $post_id); |
|
| 1268 | + logEvents($SETTINGS, 'user_mngt', 'at_user_email_changed:'.$oldData['email'], (string) $session->get('user-id'), $session->get('user-login'), $post_id); |
|
| 1269 | 1269 | } |
| 1270 | 1270 | } |
| 1271 | 1271 | echo prepareExchangedData( |
@@ -1313,7 +1313,7 @@ discard block |
||
| 1313 | 1313 | } |
| 1314 | 1314 | |
| 1315 | 1315 | DB::queryFirstRow( |
| 1316 | - 'SELECT * FROM ' . prefixTable('users') . ' |
|
| 1316 | + 'SELECT * FROM '.prefixTable('users').' |
|
| 1317 | 1317 | WHERE login = %s |
| 1318 | 1318 | AND deleted_at IS NULL', |
| 1319 | 1319 | filter_input(INPUT_POST, 'login', FILTER_SANITIZE_FULL_SPECIAL_CHARS) |
@@ -1365,7 +1365,7 @@ discard block |
||
| 1365 | 1365 | // get User info |
| 1366 | 1366 | $rowUser = DB::queryFirstRow( |
| 1367 | 1367 | 'SELECT id, login, name, lastname, email, disabled, fonction_id, groupes_interdits, groupes_visibles, isAdministratedByRole, avatar_thumb, roles_from_ad_groups |
| 1368 | - FROM ' . prefixTable('users') . ' |
|
| 1368 | + FROM ' . prefixTable('users').' |
|
| 1369 | 1369 | WHERE id = %i', |
| 1370 | 1370 | $post_id |
| 1371 | 1371 | ); |
@@ -1376,7 +1376,7 @@ discard block |
||
| 1376 | 1376 | $html = ''; |
| 1377 | 1377 | |
| 1378 | 1378 | if (isset($SETTINGS['ldap_mode']) === true && (int) $SETTINGS['ldap_mode'] === 1 && isset($SETTINGS['enable_ad_users_with_ad_groups']) === true && (int) $SETTINGS['enable_ad_users_with_ad_groups'] === 1) { |
| 1379 | - $rowUser['fonction_id'] = empty($rowUser['fonction_id']) === true ? $rowUser['roles_from_ad_groups'] : $rowUser['fonction_id']. ';' . $rowUser['roles_from_ad_groups']; |
|
| 1379 | + $rowUser['fonction_id'] = empty($rowUser['fonction_id']) === true ? $rowUser['roles_from_ad_groups'] : $rowUser['fonction_id'].';'.$rowUser['roles_from_ad_groups']; |
|
| 1380 | 1380 | } |
| 1381 | 1381 | $arrData['functions'] = array_filter(explode(';', $rowUser['fonction_id'])); |
| 1382 | 1382 | $arrData['allowed_folders'] = array_filter(explode(';', $rowUser['groupes_visibles'])); |
@@ -1387,8 +1387,8 @@ discard block |
||
| 1387 | 1387 | // refine folders based upon roles |
| 1388 | 1388 | $rows = DB::query( |
| 1389 | 1389 | 'SELECT rv.folder_id, rv.type |
| 1390 | - FROM ' . prefixTable('roles_values') . ' as rv |
|
| 1391 | - INNER JOIN ' . prefixTable('nested_tree') . ' as nt ON rv.folder_id = nt.id |
|
| 1390 | + FROM ' . prefixTable('roles_values').' as rv |
|
| 1391 | + INNER JOIN ' . prefixTable('nested_tree').' as nt ON rv.folder_id = nt.id |
|
| 1392 | 1392 | WHERE rv.role_id IN %ls AND nt.personal_folder = 0 |
| 1393 | 1393 | ORDER BY rv.folder_id ASC', |
| 1394 | 1394 | $arrData['functions'] |
@@ -1411,7 +1411,7 @@ discard block |
||
| 1411 | 1411 | } |
| 1412 | 1412 | |
| 1413 | 1413 | // add allowed folders |
| 1414 | - foreach($arrData['allowed_folders'] as $Fld) { |
|
| 1414 | + foreach ($arrData['allowed_folders'] as $Fld) { |
|
| 1415 | 1415 | array_push($arrFolders, array('id' => $Fld, 'type' => 'W', 'special' => true)); |
| 1416 | 1416 | } |
| 1417 | 1417 | |
@@ -1426,7 +1426,7 @@ discard block |
||
| 1426 | 1426 | // get folder name |
| 1427 | 1427 | $row = DB::queryFirstRow( |
| 1428 | 1428 | 'SELECT title, nlevel, id |
| 1429 | - FROM ' . prefixTable('nested_tree') . ' |
|
| 1429 | + FROM ' . prefixTable('nested_tree').' |
|
| 1430 | 1430 | WHERE id = %i', |
| 1431 | 1431 | $fld['id'] |
| 1432 | 1432 | ); |
@@ -1444,8 +1444,8 @@ discard block |
||
| 1444 | 1444 | } |
| 1445 | 1445 | } |
| 1446 | 1446 | |
| 1447 | - $html_full = '<table id="table-folders" class="table table-bordered table-striped dt-responsive nowrap" style="width:100%"><tbody>' . |
|
| 1448 | - $html . '</tbody></table>'; |
|
| 1447 | + $html_full = '<table id="table-folders" class="table table-bordered table-striped dt-responsive nowrap" style="width:100%"><tbody>'. |
|
| 1448 | + $html.'</tbody></table>'; |
|
| 1449 | 1449 | } else { |
| 1450 | 1450 | $html_full = ''; |
| 1451 | 1451 | } |
@@ -1495,7 +1495,7 @@ discard block |
||
| 1495 | 1495 | if ((int) $session->get('user-admin') === 0 && (int) $session->get('user-can_manage_all_users') === 0) { |
| 1496 | 1496 | $rows = DB::query( |
| 1497 | 1497 | 'SELECT * |
| 1498 | - FROM ' . prefixTable('users') . ' |
|
| 1498 | + FROM ' . prefixTable('users').' |
|
| 1499 | 1499 | WHERE admin = %i AND isAdministratedByRole IN %ls AND deleted_at IS NULL and disabled = %i', |
| 1500 | 1500 | 0, |
| 1501 | 1501 | array_filter($session->get('user-roles_array')), |
@@ -1504,7 +1504,7 @@ discard block |
||
| 1504 | 1504 | } else { |
| 1505 | 1505 | $rows = DB::query( |
| 1506 | 1506 | 'SELECT * |
| 1507 | - FROM ' . prefixTable('users') . ' |
|
| 1507 | + FROM ' . prefixTable('users').' |
|
| 1508 | 1508 | WHERE admin = %i AND deleted_at IS NULL and disabled = %i', |
| 1509 | 1509 | 0, |
| 1510 | 1510 | 0 |
@@ -1517,7 +1517,7 @@ discard block |
||
| 1517 | 1517 | $groupIds = []; |
| 1518 | 1518 | foreach (explode(';', $record['fonction_id']) as $group) { |
| 1519 | 1519 | $tmp = DB::queryFirstRow( |
| 1520 | - 'SELECT id, title FROM ' . prefixTable('roles_title') . ' |
|
| 1520 | + 'SELECT id, title FROM '.prefixTable('roles_title').' |
|
| 1521 | 1521 | WHERE id = %i', |
| 1522 | 1522 | $group |
| 1523 | 1523 | ); |
@@ -1529,7 +1529,7 @@ discard block |
||
| 1529 | 1529 | |
| 1530 | 1530 | // Get managed_by |
| 1531 | 1531 | $managedBy = DB::queryFirstRow( |
| 1532 | - 'SELECT id, title FROM ' . prefixTable('roles_title') . ' |
|
| 1532 | + 'SELECT id, title FROM '.prefixTable('roles_title').' |
|
| 1533 | 1533 | WHERE id = %i', |
| 1534 | 1534 | $record['isAdministratedByRole'] |
| 1535 | 1535 | ); |
@@ -1539,7 +1539,7 @@ discard block |
||
| 1539 | 1539 | $foldersAllowedIds = []; |
| 1540 | 1540 | foreach (explode(';', $record['groupes_visibles']) as $role) { |
| 1541 | 1541 | $tmp = DB::queryFirstRow( |
| 1542 | - 'SELECT id, title FROM ' . prefixTable('nested_tree') . ' |
|
| 1542 | + 'SELECT id, title FROM '.prefixTable('nested_tree').' |
|
| 1543 | 1543 | WHERE id = %i', |
| 1544 | 1544 | $role |
| 1545 | 1545 | ); |
@@ -1552,7 +1552,7 @@ discard block |
||
| 1552 | 1552 | $foldersForbiddenIds = []; |
| 1553 | 1553 | foreach (explode(';', $record['groupes_interdits']) as $role) { |
| 1554 | 1554 | $tmp = DB::queryFirstRow( |
| 1555 | - 'SELECT id, title FROM ' . prefixTable('nested_tree') . ' |
|
| 1555 | + 'SELECT id, title FROM '.prefixTable('nested_tree').' |
|
| 1556 | 1556 | WHERE id = %i', |
| 1557 | 1557 | $role |
| 1558 | 1558 | ); |
@@ -1570,7 +1570,7 @@ discard block |
||
| 1570 | 1570 | 'login' => $record['login'], |
| 1571 | 1571 | 'groups' => implode(', ', $groups), |
| 1572 | 1572 | 'groupIds' => $groupIds, |
| 1573 | - 'managedBy' => $managedBy=== null ? $lang->get('administrator') : $managedBy['title'], |
|
| 1573 | + 'managedBy' => $managedBy === null ? $lang->get('administrator') : $managedBy['title'], |
|
| 1574 | 1574 | 'managedById' => $managedBy === null ? 0 : $managedBy['id'], |
| 1575 | 1575 | 'foldersAllowed' => implode(', ', $foldersAllowed), |
| 1576 | 1576 | 'foldersAllowedIds' => $foldersAllowedIds, |
@@ -1671,7 +1671,7 @@ discard block |
||
| 1671 | 1671 | |
| 1672 | 1672 | // Get info about user |
| 1673 | 1673 | $data_user = DB::queryFirstRow( |
| 1674 | - 'SELECT admin, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 1674 | + 'SELECT admin, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 1675 | 1675 | WHERE id = %i', |
| 1676 | 1676 | $inputData['source_id'] |
| 1677 | 1677 | ); |
@@ -1903,14 +1903,14 @@ discard block |
||
| 1903 | 1903 | if (empty($post_context) === false && $post_context === 'add_one_role_to_user') { |
| 1904 | 1904 | $data_user = DB::queryFirstRow( |
| 1905 | 1905 | 'SELECT fonction_id, public_key |
| 1906 | - FROM ' . prefixTable('users') . ' |
|
| 1906 | + FROM ' . prefixTable('users').' |
|
| 1907 | 1907 | WHERE id = %i', |
| 1908 | 1908 | $post_user_id |
| 1909 | 1909 | ); |
| 1910 | 1910 | |
| 1911 | 1911 | if ($data_user) { |
| 1912 | 1912 | // Ensure array is unique |
| 1913 | - $post_new_value = str_replace(',', ';', $data_user['fonction_id']) . ';' . $post_new_value; |
|
| 1913 | + $post_new_value = str_replace(',', ';', $data_user['fonction_id']).';'.$post_new_value; |
|
| 1914 | 1914 | $post_new_value = implode(';', array_unique(explode(';', $post_new_value))); |
| 1915 | 1915 | } else { |
| 1916 | 1916 | // User not found |
@@ -1926,14 +1926,14 @@ discard block |
||
| 1926 | 1926 | } |
| 1927 | 1927 | |
| 1928 | 1928 | // Manage specific case of api key |
| 1929 | - if($post_field === 'user_api_key') { |
|
| 1929 | + if ($post_field === 'user_api_key') { |
|
| 1930 | 1930 | $encrypted_key = encryptUserObjectKey(base64_encode($post_new_value), $session->get('user-public_key')); |
| 1931 | 1931 | $session->set('user-api_key', $post_new_value); |
| 1932 | 1932 | |
| 1933 | 1933 | // test if user has an api key |
| 1934 | 1934 | $data_user = DB::queryFirstRow( |
| 1935 | 1935 | 'SELECT value |
| 1936 | - FROM ' . prefixTable('api') . ' |
|
| 1936 | + FROM ' . prefixTable('api').' |
|
| 1937 | 1937 | WHERE user_id = %i', |
| 1938 | 1938 | $post_user_id |
| 1939 | 1939 | ); |
@@ -2053,7 +2053,7 @@ discard block |
||
| 2053 | 2053 | } catch (\LdapRecord\Auth\BindException $e) { |
| 2054 | 2054 | $error = $e->getDetailedError(); |
| 2055 | 2055 | if ($error && defined('LOG_TO_SERVER') && LOG_TO_SERVER === true) { |
| 2056 | - error_log('TEAMPASS Error - LDAP - '.$error->getErrorCode()." - ".$error->getErrorMessage(). " - ".$error->getDiagnosticMessage()); |
|
| 2056 | + error_log('TEAMPASS Error - LDAP - '.$error->getErrorCode()." - ".$error->getErrorMessage()." - ".$error->getDiagnosticMessage()); |
|
| 2057 | 2057 | } |
| 2058 | 2058 | // deepcode ignore ServerLeak: No important data is sent and it is encrypted before sending |
| 2059 | 2059 | echo prepareExchangedData( |
@@ -2083,7 +2083,7 @@ discard block |
||
| 2083 | 2083 | } catch (\LdapRecord\Auth\BindException $e) { |
| 2084 | 2084 | $error = $e->getDetailedError(); |
| 2085 | 2085 | if ($error && defined('LOG_TO_SERVER') && LOG_TO_SERVER === true) { |
| 2086 | - error_log('TEAMPASS Error - LDAP - '.$error->getErrorCode()." - ".$error->getErrorMessage(). " - ".$error->getDiagnosticMessage()); |
|
| 2086 | + error_log('TEAMPASS Error - LDAP - '.$error->getErrorCode()." - ".$error->getErrorMessage()." - ".$error->getDiagnosticMessage()); |
|
| 2087 | 2087 | } |
| 2088 | 2088 | // deepcode ignore ServerLeak: No important data is sent and it is encrypted before sending |
| 2089 | 2089 | echo prepareExchangedData( |
@@ -2100,7 +2100,7 @@ discard block |
||
| 2100 | 2100 | if (isset($adUser[$SETTINGS['ldap_user_attribute']][0]) === false) continue; |
| 2101 | 2101 | // Build the list of all groups in AD |
| 2102 | 2102 | if (isset($adUser['memberof']) === true) { |
| 2103 | - foreach($adUser['memberof'] as $j => $adUserGroup) { |
|
| 2103 | + foreach ($adUser['memberof'] as $j => $adUserGroup) { |
|
| 2104 | 2104 | if (empty($adUserGroup) === false && $j !== "count") { |
| 2105 | 2105 | $adGroup = substr($adUserGroup, 3, strpos($adUserGroup, ',') - 3); |
| 2106 | 2106 | if (in_array($adGroup, $adRoles) === false && empty($adGroup) === false) { |
@@ -2116,7 +2116,7 @@ discard block |
||
| 2116 | 2116 | // Get his ID |
| 2117 | 2117 | $userInfo = DB::queryFirstRow( |
| 2118 | 2118 | 'SELECT id, login, fonction_id, auth_type |
| 2119 | - FROM ' . prefixTable('users') . ' |
|
| 2119 | + FROM ' . prefixTable('users').' |
|
| 2120 | 2120 | WHERE login = %s', |
| 2121 | 2121 | $userLogin |
| 2122 | 2122 | ); |
@@ -2152,7 +2152,7 @@ discard block |
||
| 2152 | 2152 | |
| 2153 | 2153 | // Get all groups in Teampass |
| 2154 | 2154 | $teampassRoles = array(); |
| 2155 | - $rows = DB::query('SELECT id,title FROM ' . prefixTable('roles_title')); |
|
| 2155 | + $rows = DB::query('SELECT id,title FROM '.prefixTable('roles_title')); |
|
| 2156 | 2156 | foreach ($rows as $record) { |
| 2157 | 2157 | array_push( |
| 2158 | 2158 | $teampassRoles, |
@@ -2217,7 +2217,7 @@ discard block |
||
| 2217 | 2217 | // Check if user already exists |
| 2218 | 2218 | $data = DB::query( |
| 2219 | 2219 | 'SELECT id, fonction_id, groupes_interdits, groupes_visibles |
| 2220 | - FROM ' . prefixTable('users') . ' |
|
| 2220 | + FROM ' . prefixTable('users').' |
|
| 2221 | 2221 | WHERE login = %s', |
| 2222 | 2222 | $post_login |
| 2223 | 2223 | ); |
@@ -2412,7 +2412,7 @@ discard block |
||
| 2412 | 2412 | // Check if user already exists |
| 2413 | 2413 | DB::query( |
| 2414 | 2414 | 'SELECT id |
| 2415 | - FROM ' . prefixTable('users') . ' |
|
| 2415 | + FROM ' . prefixTable('users').' |
|
| 2416 | 2416 | WHERE id = %i', |
| 2417 | 2417 | $post_id |
| 2418 | 2418 | ); |
@@ -2474,7 +2474,7 @@ discard block |
||
| 2474 | 2474 | // Get all groups in Teampass |
| 2475 | 2475 | $teampassRoles = array(); |
| 2476 | 2476 | $titleToIdMap = []; |
| 2477 | - $rows = DB::query('SELECT id,title FROM ' . prefixTable('roles_title')); |
|
| 2477 | + $rows = DB::query('SELECT id,title FROM '.prefixTable('roles_title')); |
|
| 2478 | 2478 | foreach ($rows as $record) { |
| 2479 | 2479 | array_push( |
| 2480 | 2480 | $teampassRoles, |
@@ -2520,7 +2520,7 @@ discard block |
||
| 2520 | 2520 | // Get his ID |
| 2521 | 2521 | $userInfo = DB::queryFirstRow( |
| 2522 | 2522 | 'SELECT id, login, fonction_id, auth_type |
| 2523 | - FROM ' . prefixTable('users') . ' |
|
| 2523 | + FROM ' . prefixTable('users').' |
|
| 2524 | 2524 | WHERE login = %s', |
| 2525 | 2525 | $userLogin |
| 2526 | 2526 | ); |
@@ -2627,7 +2627,7 @@ discard block |
||
| 2627 | 2627 | // Check if user already exists |
| 2628 | 2628 | DB::query( |
| 2629 | 2629 | 'SELECT id |
| 2630 | - FROM ' . prefixTable('users') . ' |
|
| 2630 | + FROM ' . prefixTable('users').' |
|
| 2631 | 2631 | WHERE id = %i', |
| 2632 | 2632 | $post_id |
| 2633 | 2633 | ); |
@@ -2693,7 +2693,7 @@ discard block |
||
| 2693 | 2693 | // Search TP_USER in db |
| 2694 | 2694 | $userTP = DB::queryFirstRow( |
| 2695 | 2695 | 'SELECT pw |
| 2696 | - FROM ' . prefixTable('users') . ' |
|
| 2696 | + FROM ' . prefixTable('users').' |
|
| 2697 | 2697 | WHERE id = %i', |
| 2698 | 2698 | TP_USER_ID |
| 2699 | 2699 | ); |
@@ -2716,7 +2716,7 @@ discard block |
||
| 2716 | 2716 | 'arguments' => json_encode([ |
| 2717 | 2717 | 'new_user_id' => (int) $post_user_id, |
| 2718 | 2718 | 'new_user_pwd' => '', |
| 2719 | - 'new_user_code' => cryption($post_user_code, '','encrypt', $SETTINGS)['string'], |
|
| 2719 | + 'new_user_code' => cryption($post_user_code, '', 'encrypt', $SETTINGS)['string'], |
|
| 2720 | 2720 | 'owner_id' => (int) TP_USER_ID, |
| 2721 | 2721 | 'creator_pwd' => $userTP['pw'], |
| 2722 | 2722 | 'email_body' => $lang->get('email_body_user_config_5'), |
@@ -2823,17 +2823,17 @@ discard block |
||
| 2823 | 2823 | // get user info |
| 2824 | 2824 | $processesProgress = DB::query( |
| 2825 | 2825 | 'SELECT u.ongoing_process_id, pt.task, pt.updated_at, pt.finished_at, pt.is_in_progress |
| 2826 | - FROM ' . prefixTable('users') . ' AS u |
|
| 2827 | - INNER JOIN ' . prefixTable('background_subtasks') . ' AS pt ON (pt.task_id = u.ongoing_process_id) |
|
| 2826 | + FROM ' . prefixTable('users').' AS u |
|
| 2827 | + INNER JOIN ' . prefixTable('background_subtasks').' AS pt ON (pt.task_id = u.ongoing_process_id) |
|
| 2828 | 2828 | WHERE u.id = %i', |
| 2829 | 2829 | $user_id |
| 2830 | 2830 | ); |
| 2831 | 2831 | |
| 2832 | 2832 | $finished_steps = 0; |
| 2833 | 2833 | $nb_steps = count($processesProgress); |
| 2834 | - foreach($processesProgress as $process) { |
|
| 2834 | + foreach ($processesProgress as $process) { |
|
| 2835 | 2835 | if ((int) $process['is_in_progress'] === -1) { |
| 2836 | - $finished_steps ++; |
|
| 2836 | + $finished_steps++; |
|
| 2837 | 2837 | } |
| 2838 | 2838 | } |
| 2839 | 2839 | |
@@ -2842,7 +2842,7 @@ discard block |
||
| 2842 | 2842 | 'error' => false, |
| 2843 | 2843 | 'message' => '', |
| 2844 | 2844 | 'user_id' => $user_id, |
| 2845 | - 'status' => $finished_steps === $nb_steps ? 'finished' : number_format($finished_steps/$nb_steps*100, 0).'%', |
|
| 2845 | + 'status' => $finished_steps === $nb_steps ? 'finished' : number_format($finished_steps / $nb_steps * 100, 0).'%', |
|
| 2846 | 2846 | 'debug' => $finished_steps.",".$nb_steps, |
| 2847 | 2847 | ), |
| 2848 | 2848 | 'encode' |
@@ -3010,13 +3010,13 @@ discard block |
||
| 3010 | 3010 | |
| 3011 | 3011 | // Prepare variables |
| 3012 | 3012 | $daysRetention = filter_var($dataReceived['days_retention'], FILTER_SANITIZE_NUMBER_INT); |
| 3013 | - $daysRetention = empty($daysRetention) ? 90 : (int)$daysRetention; |
|
| 3013 | + $daysRetention = empty($daysRetention) ? 90 : (int) $daysRetention; |
|
| 3014 | 3014 | $cutoffTimestamp = time() - ($daysRetention * 86400); |
| 3015 | 3015 | |
| 3016 | 3016 | try { |
| 3017 | 3017 | // Get list of users to delete |
| 3018 | 3018 | $users = DB::query( |
| 3019 | - "SELECT id FROM " . prefixTable("users") . " |
|
| 3019 | + "SELECT id FROM ".prefixTable("users")." |
|
| 3020 | 3020 | WHERE deleted_at IS NOT NULL |
| 3021 | 3021 | AND deleted_at > 0 |
| 3022 | 3022 | AND deleted_at < %i |
@@ -3040,7 +3040,7 @@ discard block |
||
| 3040 | 3040 | echo prepareExchangedData( |
| 3041 | 3041 | [ |
| 3042 | 3042 | 'error' => true, |
| 3043 | - 'message' => $lang->get('error') . ': ' . $e->getMessage(), |
|
| 3043 | + 'message' => $lang->get('error').': '.$e->getMessage(), |
|
| 3044 | 3044 | ], |
| 3045 | 3045 | 'encode' |
| 3046 | 3046 | ); |
@@ -3094,10 +3094,10 @@ discard block |
||
| 3094 | 3094 | |
| 3095 | 3095 | $purgedCount = 0; |
| 3096 | 3096 | $errors = []; |
| 3097 | - $cutoffTimestamp = time() - ((int)$daysRetention * 86400); |
|
| 3097 | + $cutoffTimestamp = time() - ((int) $daysRetention * 86400); |
|
| 3098 | 3098 | |
| 3099 | 3099 | foreach ($userIds as $userId) { |
| 3100 | - $userId = (int)$userId; |
|
| 3100 | + $userId = (int) $userId; |
|
| 3101 | 3101 | |
| 3102 | 3102 | try { |
| 3103 | 3103 | $result = purgeDeletedUserById($userId); |
@@ -3105,7 +3105,7 @@ discard block |
||
| 3105 | 3105 | |
| 3106 | 3106 | } catch (Exception $e) { |
| 3107 | 3107 | DB::rollback(); |
| 3108 | - $errors[] = "User ID $userId: " . $e->getMessage(); |
|
| 3108 | + $errors[] = "User ID $userId: ".$e->getMessage(); |
|
| 3109 | 3109 | } |
| 3110 | 3110 | } |
| 3111 | 3111 | |
@@ -3115,7 +3115,7 @@ discard block |
||
| 3115 | 3115 | 'purged_count' => $purgedCount, |
| 3116 | 3116 | 'total_in_batch' => count($userIds), |
| 3117 | 3117 | 'errors' => $errors, |
| 3118 | - 'message' => $purgedCount . ' user(s) purged in this batch' |
|
| 3118 | + 'message' => $purgedCount.' user(s) purged in this batch' |
|
| 3119 | 3119 | ], |
| 3120 | 3120 | 'encode' |
| 3121 | 3121 | ); |
@@ -3149,7 +3149,7 @@ discard block |
||
| 3149 | 3149 | |
| 3150 | 3150 | // Get info about user |
| 3151 | 3151 | $data_user = DB::queryFirstRow( |
| 3152 | - 'SELECT login FROM ' . prefixTable('users') . ' WHERE id = %i', |
|
| 3152 | + 'SELECT login FROM '.prefixTable('users').' WHERE id = %i', |
|
| 3153 | 3153 | $userId |
| 3154 | 3154 | ); |
| 3155 | 3155 | |
@@ -3162,12 +3162,12 @@ discard block |
||
| 3162 | 3162 | } |
| 3163 | 3163 | |
| 3164 | 3164 | // Remove user suffix "_deleted_timestamp" |
| 3165 | - $deletedSuffix = '_deleted_' . substr($data_user['login'], strrpos($data_user['login'], '_deleted_') + 9); |
|
| 3165 | + $deletedSuffix = '_deleted_'.substr($data_user['login'], strrpos($data_user['login'], '_deleted_') + 9); |
|
| 3166 | 3166 | $originalLogin = str_replace($deletedSuffix, '', $data_user['login']); |
| 3167 | 3167 | |
| 3168 | 3168 | // Check if an active user with the original login already exists |
| 3169 | 3169 | $existingUser = DB::queryFirstRow( |
| 3170 | - 'SELECT id FROM ' . prefixTable('users') . ' |
|
| 3170 | + 'SELECT id FROM '.prefixTable('users').' |
|
| 3171 | 3171 | WHERE login = %s AND deleted_at IS NULL AND id != %i', |
| 3172 | 3172 | $originalLogin, |
| 3173 | 3173 | $userId |
@@ -3177,7 +3177,7 @@ discard block |
||
| 3177 | 3177 | echo prepareExchangedData( |
| 3178 | 3178 | array( |
| 3179 | 3179 | 'error' => true, |
| 3180 | - 'message' => 'Cannot restore user: an active user with login "' . $originalLogin . '" already exists (ID: ' . $existingUser['id'] . ')' |
|
| 3180 | + 'message' => 'Cannot restore user: an active user with login "'.$originalLogin.'" already exists (ID: '.$existingUser['id'].')' |
|
| 3181 | 3181 | ), |
| 3182 | 3182 | 'encode' |
| 3183 | 3183 | ); |
@@ -3210,7 +3210,7 @@ discard block |
||
| 3210 | 3210 | |
| 3211 | 3211 | // Get info about user |
| 3212 | 3212 | $data_user = DB::queryFirstRow( |
| 3213 | - 'SELECT admin, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 3213 | + 'SELECT admin, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 3214 | 3214 | WHERE id = %i', |
| 3215 | 3215 | $value[1] |
| 3216 | 3216 | ); |
@@ -3244,7 +3244,7 @@ discard block |
||
| 3244 | 3244 | logEvents( |
| 3245 | 3245 | $SETTINGS, |
| 3246 | 3246 | 'user_mngt', |
| 3247 | - 'at_user_new_' . $value[0] . ':' . $value[1], |
|
| 3247 | + 'at_user_new_'.$value[0].':'.$value[1], |
|
| 3248 | 3248 | (string) $session->get('user-id'), |
| 3249 | 3249 | $session->get('user-login'), |
| 3250 | 3250 | filter_input(INPUT_POST, 'id', FILTER_SANITIZE_FULL_SPECIAL_CHARS) |
@@ -3279,7 +3279,7 @@ discard block |
||
| 3279 | 3279 | |
| 3280 | 3280 | // Get info about user |
| 3281 | 3281 | $data_user = DB::queryFirstRow( |
| 3282 | - 'SELECT admin, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 3282 | + 'SELECT admin, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 3283 | 3283 | WHERE id = %i', |
| 3284 | 3284 | $id[1] |
| 3285 | 3285 | ); |
@@ -3318,7 +3318,7 @@ discard block |
||
| 3318 | 3318 | $users = DB::query( |
| 3319 | 3319 | "SELECT id, login, email, deleted_at, |
| 3320 | 3320 | DATEDIFF(NOW(), FROM_UNIXTIME(deleted_at)) as days_since_deletion |
| 3321 | - FROM " . prefixTable("users") . " |
|
| 3321 | + FROM " . prefixTable("users")." |
|
| 3322 | 3322 | WHERE deleted_at IS NOT NULL |
| 3323 | 3323 | AND deleted_at > 0 |
| 3324 | 3324 | ORDER BY deleted_at DESC" |
@@ -3344,7 +3344,7 @@ discard block |
||
| 3344 | 3344 | |
| 3345 | 3345 | // Vérifier que l'utilisateur est bien marqué deleted |
| 3346 | 3346 | $user = DB::queryFirstRow( |
| 3347 | - "SELECT id, login, deleted_at FROM " . prefixTable("users") . " |
|
| 3347 | + "SELECT id, login, deleted_at FROM ".prefixTable("users")." |
|
| 3348 | 3348 | WHERE id = %i |
| 3349 | 3349 | AND deleted_at IS NOT NULL |
| 3350 | 3350 | AND deleted_at > 0", |
@@ -3384,7 +3384,7 @@ discard block |
||
| 3384 | 3384 | |
| 3385 | 3385 | // delete personal folder and subfolders |
| 3386 | 3386 | $data = DB::queryFirstRow( |
| 3387 | - 'SELECT id FROM ' . prefixTable('nested_tree') . ' |
|
| 3387 | + 'SELECT id FROM '.prefixTable('nested_tree').' |
|
| 3388 | 3388 | WHERE title = %s AND personal_folder = %i', |
| 3389 | 3389 | $userId, |
| 3390 | 3390 | '1' |
@@ -3406,7 +3406,7 @@ discard block |
||
| 3406 | 3406 | DB::delete(prefixTable('nested_tree'), 'id = %i AND personal_folder = %i', $folder->id, '1'); |
| 3407 | 3407 | // delete items & logs |
| 3408 | 3408 | $items = DB::query( |
| 3409 | - 'SELECT id FROM ' . prefixTable('items') . ' |
|
| 3409 | + 'SELECT id FROM '.prefixTable('items').' |
|
| 3410 | 3410 | WHERE id_tree=%i AND perso = %i', |
| 3411 | 3411 | $folder->id, |
| 3412 | 3412 | '1' |
@@ -3436,7 +3436,7 @@ discard block |
||
| 3436 | 3436 | // Delete any process related to user |
| 3437 | 3437 | $processes = DB::query( |
| 3438 | 3438 | 'SELECT increment_id |
| 3439 | - FROM ' . prefixTable('background_tasks') . ' |
|
| 3439 | + FROM ' . prefixTable('background_tasks').' |
|
| 3440 | 3440 | WHERE JSON_EXTRACT(arguments, "$.new_user_id") = %i', |
| 3441 | 3441 | $userId |
| 3442 | 3442 | ); |
