nilsteampassnet /
TeamPass
@@ -40,11 +40,11 @@ discard block |
||
| 40 | 40 | */ |
| 41 | 41 | private function getUserPrivateKey(array $userData): ?string |
| 42 | 42 | { |
| 43 | - include_once API_ROOT_PATH . '/inc/jwt_utils.php'; |
|
| 43 | + include_once API_ROOT_PATH.'/inc/jwt_utils.php'; |
|
| 44 | 44 | |
| 45 | 45 | // Verify session_key exists in JWT payload |
| 46 | 46 | if (!isset($userData['session_key']) || empty($userData['session_key'])) { |
| 47 | - error_log('getUserPrivateKey: Missing session_key in JWT token for user ID ' . $userData['id']); |
|
| 47 | + error_log('getUserPrivateKey: Missing session_key in JWT token for user ID '.$userData['id']); |
|
| 48 | 48 | return null; |
| 49 | 49 | } |
| 50 | 50 | |
@@ -88,7 +88,7 @@ discard block |
||
| 88 | 88 | // SQL where clause with folders list |
| 89 | 89 | if (isset($arrQueryStringParams['folders']) === true) { |
| 90 | 90 | // convert the folders to an array |
| 91 | - $arrQueryStringParams['folders'] = explode(',', str_replace( array('[',']') , '' , $arrQueryStringParams['folders'])); |
|
| 91 | + $arrQueryStringParams['folders'] = explode(',', str_replace(array('[', ']'), '', $arrQueryStringParams['folders'])); |
|
| 92 | 92 | |
| 93 | 93 | // ensure to only use the intersection |
| 94 | 94 | $foldersList = implode(',', array_intersect($arrQueryStringParams['folders'], $userData['folders_list'])); |
@@ -243,7 +243,7 @@ discard block |
||
| 243 | 243 | (string) $arrQueryStringParams['description'] ?? '', |
| 244 | 244 | (string) $arrQueryStringParams['login'], |
| 245 | 245 | (string) $arrQueryStringParams['email'] ?? '', |
| 246 | - (string) $arrQueryStringParams['url'] ?? '' , |
|
| 246 | + (string) $arrQueryStringParams['url'] ?? '', |
|
| 247 | 247 | (string) $arrQueryStringParams['tags'] ?? '', |
| 248 | 248 | (int) $arrQueryStringParams['anyone_can_modify'] ?? 0, |
| 249 | 249 | (string) $arrQueryStringParams['icon'] ?? '', |
@@ -257,7 +257,7 @@ discard block |
||
| 257 | 257 | } else { |
| 258 | 258 | // Gérer le cas où les paramètres ne sont pas un tableau |
| 259 | 259 | $strErrorDesc = 'Data not consistent'; |
| 260 | - $strErrorHeader = 'Expected array, received ' . gettype($arrQueryStringParams); |
|
| 260 | + $strErrorHeader = 'Expected array, received '.gettype($arrQueryStringParams); |
|
| 261 | 261 | } |
| 262 | 262 | } |
| 263 | 263 | } else { |
@@ -309,11 +309,11 @@ discard block |
||
| 309 | 309 | // SQL where clause with item id |
| 310 | 310 | if (isset($arrQueryStringParams['id']) === true) { |
| 311 | 311 | // build sql where clause by ID |
| 312 | - $sqlExtra = ' WHERE i.id = '.$arrQueryStringParams['id'] . $sql_constraint; |
|
| 312 | + $sqlExtra = ' WHERE i.id = '.$arrQueryStringParams['id'].$sql_constraint; |
|
| 313 | 313 | } else if (isset($arrQueryStringParams['label']) === true) { |
| 314 | 314 | // build sql where clause by LABEL |
| 315 | - $sqlExtra = ' WHERE i.label '.(isset($arrQueryStringParams['like']) === true && (int) $arrQueryStringParams['like'] === 1 ? ' LIKE "%'.$arrQueryStringParams['label'].'%"' : ' = '.$arrQueryStringParams['label']) . $sql_constraint; |
|
| 316 | - $sqlLimit = isset($arrQueryStringParams['limit']) === true && (int) $arrQueryStringParams['limit'] > 0 ? $arrQueryStringParams['limit'] : 50; // let's limit to 50 by default |
|
| 315 | + $sqlExtra = ' WHERE i.label '.(isset($arrQueryStringParams['like']) === true && (int) $arrQueryStringParams['like'] === 1 ? ' LIKE "%'.$arrQueryStringParams['label'].'%"' : ' = '.$arrQueryStringParams['label']).$sql_constraint; |
|
| 316 | + $sqlLimit = isset($arrQueryStringParams['limit']) === true && (int) $arrQueryStringParams['limit'] > 0 ? $arrQueryStringParams['limit'] : 50; // let's limit to 50 by default |
|
| 317 | 317 | } else if (isset($arrQueryStringParams['description']) === true) { |
| 318 | 318 | // build sql where clause by DESCRIPTION |
| 319 | 319 | $sqlExtra = ' WHERE i.description '.(isset($arrQueryStringParams['like']) === true && (int) $arrQueryStringParams['like'] === 1 ? ' LIKE '.$arrQueryStringParams['description'] : ' = '.$arrQueryStringParams['description']).$sql_constraint; |
@@ -396,9 +396,9 @@ discard block |
||
| 396 | 396 | }*/ |
| 397 | 397 | |
| 398 | 398 | // Build SQL constraint for accessible folders |
| 399 | - $sql_constraint = ' AND (i.id_tree IN (' . $userData['folders_list'] . ')'; |
|
| 399 | + $sql_constraint = ' AND (i.id_tree IN ('.$userData['folders_list'].')'; |
|
| 400 | 400 | if (!empty($userData['restricted_items_list'])) { |
| 401 | - $sql_constraint .= ' OR i.id IN (' . $userData['restricted_items_list'] . ')'; |
|
| 401 | + $sql_constraint .= ' OR i.id IN ('.$userData['restricted_items_list'].')'; |
|
| 402 | 402 | } |
| 403 | 403 | $sql_constraint .= ')'; |
| 404 | 404 | |
@@ -416,9 +416,9 @@ discard block |
||
| 416 | 416 | $rows = DB::query( |
| 417 | 417 | "SELECT i.id, i.label, i.login, i.url, i.id_tree, |
| 418 | 418 | CASE WHEN o.enabled = 1 THEN 1 ELSE 0 END AS has_otp |
| 419 | - FROM " . prefixTable('items') . " AS i |
|
| 420 | - LEFT JOIN " . prefixTable('items_otp') . " AS o ON (o.item_id = i.id) |
|
| 421 | - WHERE i.url LIKE %s" . $sql_constraint . " |
|
| 419 | + FROM " . prefixTable('items')." AS i |
|
| 420 | + LEFT JOIN " . prefixTable('items_otp')." AS o ON (o.item_id = i.id) |
|
| 421 | + WHERE i.url LIKE %s" . $sql_constraint." |
|
| 422 | 422 | AND i.deleted_at IS NULL |
| 423 | 423 | ORDER BY i.label ASC", |
| 424 | 424 | "%".$searchUrl."%" |
@@ -429,7 +429,7 @@ discard block |
||
| 429 | 429 | // Get user's sharekey for this item |
| 430 | 430 | $shareKey = DB::queryfirstrow( |
| 431 | 431 | 'SELECT share_key |
| 432 | - FROM ' . prefixTable('sharekeys_items') . ' |
|
| 432 | + FROM ' . prefixTable('sharekeys_items').' |
|
| 433 | 433 | WHERE user_id = %i AND object_id = %i', |
| 434 | 434 | $userData['id'], |
| 435 | 435 | $row['id'] |
@@ -462,7 +462,7 @@ discard block |
||
| 462 | 462 | } |
| 463 | 463 | } |
| 464 | 464 | } catch (Error $e) { |
| 465 | - $strErrorDesc = $e->getMessage() . '. Something went wrong! Please contact support.'; |
|
| 465 | + $strErrorDesc = $e->getMessage().'. Something went wrong! Please contact support.'; |
|
| 466 | 466 | $strErrorHeader = 'HTTP/1.1 500 Internal Server Error'; |
| 467 | 467 | } |
| 468 | 468 | } else { |
@@ -522,7 +522,7 @@ discard block |
||
| 522 | 522 | |
| 523 | 523 | // Load item basic info to check folder access |
| 524 | 524 | $itemInfo = DB::queryFirstRow( |
| 525 | - 'SELECT id_tree FROM ' . prefixTable('items') . ' WHERE id = %i', |
|
| 525 | + 'SELECT id_tree FROM '.prefixTable('items').' WHERE id = %i', |
|
| 526 | 526 | $itemId |
| 527 | 527 | ); |
| 528 | 528 | |
@@ -546,7 +546,7 @@ discard block |
||
| 546 | 546 | } else { |
| 547 | 547 | // Load OTP data |
| 548 | 548 | $otpData = DB::queryFirstRow( |
| 549 | - 'SELECT secret, enabled FROM ' . prefixTable('items_otp') . ' WHERE item_id = %i', |
|
| 549 | + 'SELECT secret, enabled FROM '.prefixTable('items_otp').' WHERE item_id = %i', |
|
| 550 | 550 | $itemId |
| 551 | 551 | ); |
| 552 | 552 | |
@@ -577,7 +577,7 @@ discard block |
||
| 577 | 577 | 'item_id' => $itemId |
| 578 | 578 | ]); |
| 579 | 579 | } catch (\RuntimeException $e) { |
| 580 | - $strErrorDesc = 'Failed to generate OTP code: ' . $e->getMessage(); |
|
| 580 | + $strErrorDesc = 'Failed to generate OTP code: '.$e->getMessage(); |
|
| 581 | 581 | $strErrorHeader = 'HTTP/1.1 500 Internal Server Error'; |
| 582 | 582 | } |
| 583 | 583 | } else { |
@@ -588,7 +588,7 @@ discard block |
||
| 588 | 588 | } |
| 589 | 589 | } |
| 590 | 590 | } catch (\Error $e) { |
| 591 | - $strErrorDesc = $e->getMessage() . '. Something went wrong! Please contact support.'; |
|
| 591 | + $strErrorDesc = $e->getMessage().'. Something went wrong! Please contact support.'; |
|
| 592 | 592 | $strErrorHeader = 'HTTP/1.1 500 Internal Server Error'; |
| 593 | 593 | } |
| 594 | 594 | } else { |
@@ -653,7 +653,7 @@ discard block |
||
| 653 | 653 | try { |
| 654 | 654 | // Load item info to check access rights |
| 655 | 655 | $itemInfo = DB::queryFirstRow( |
| 656 | - 'SELECT id, id_tree, label FROM ' . prefixTable('items') . ' WHERE id = %i', |
|
| 656 | + 'SELECT id, id_tree, label FROM '.prefixTable('items').' WHERE id = %i', |
|
| 657 | 657 | $itemId |
| 658 | 658 | ); |
| 659 | 659 | |
@@ -714,13 +714,13 @@ discard block |
||
| 714 | 714 | } |
| 715 | 715 | } |
| 716 | 716 | } catch (Error $e) { |
| 717 | - $strErrorDesc = $e->getMessage() . '. Something went wrong! Please contact support.'; |
|
| 717 | + $strErrorDesc = $e->getMessage().'. Something went wrong! Please contact support.'; |
|
| 718 | 718 | $strErrorHeader = 'HTTP/1.1 500 Internal Server Error'; |
| 719 | 719 | } |
| 720 | 720 | } |
| 721 | 721 | } else { |
| 722 | 722 | $strErrorDesc = 'Data not consistent'; |
| 723 | - $strErrorHeader = 'HTTP/1.1 400 Bad Request - Expected array, received ' . gettype($arrQueryStringParams); |
|
| 723 | + $strErrorHeader = 'HTTP/1.1 400 Bad Request - Expected array, received '.gettype($arrQueryStringParams); |
|
| 724 | 724 | } |
| 725 | 725 | } |
| 726 | 726 | } else { |
@@ -778,7 +778,7 @@ discard block |
||
| 778 | 778 | try { |
| 779 | 779 | // Load item info to check access rights |
| 780 | 780 | $itemInfo = DB::queryFirstRow( |
| 781 | - 'SELECT id, id_tree, label FROM ' . prefixTable('items') . ' WHERE id = %i', |
|
| 781 | + 'SELECT id, id_tree, label FROM '.prefixTable('items').' WHERE id = %i', |
|
| 782 | 782 | $itemId |
| 783 | 783 | ); |
| 784 | 784 | |
@@ -816,13 +816,13 @@ discard block |
||
| 816 | 816 | } |
| 817 | 817 | } |
| 818 | 818 | } catch (Error $e) { |
| 819 | - $strErrorDesc = $e->getMessage() . '. Something went wrong! Please contact support.'; |
|
| 819 | + $strErrorDesc = $e->getMessage().'. Something went wrong! Please contact support.'; |
|
| 820 | 820 | $strErrorHeader = 'HTTP/1.1 500 Internal Server Error'; |
| 821 | 821 | } |
| 822 | 822 | } |
| 823 | 823 | } else { |
| 824 | 824 | $strErrorDesc = 'Data not consistent'; |
| 825 | - $strErrorHeader = 'HTTP/1.1 400 Bad Request - Expected array, received ' . gettype($arrQueryStringParams); |
|
| 825 | + $strErrorHeader = 'HTTP/1.1 400 Bad Request - Expected array, received '.gettype($arrQueryStringParams); |
|
| 826 | 826 | } |
| 827 | 827 | } |
| 828 | 828 | } else { |
