nilsteampassnet /
TeamPass
@@ -48,7 +48,7 @@ discard block |
||
| 48 | 48 | $arrFolders = $folderModel->getFoldersInfo(explode(",", $userData['folders_list'])); |
| 49 | 49 | $responseData = json_encode($arrFolders); |
| 50 | 50 | } catch (Error $e) { |
| 51 | - $strErrorDesc = $e->getMessage() . ' Something went wrong! Please contact support.3'; |
|
| 51 | + $strErrorDesc = $e->getMessage().' Something went wrong! Please contact support.3'; |
|
| 52 | 52 | $strErrorHeader = 'HTTP/1.1 500 Internal Server Error'; |
| 53 | 53 | } |
| 54 | 54 | } |
@@ -121,7 +121,7 @@ discard block |
||
| 121 | 121 | |
| 122 | 122 | $responseData = json_encode($arrFolder); |
| 123 | 123 | } catch (Error $e) { |
| 124 | - $strErrorDesc = $e->getMessage() . ' Something went wrong! Please contact support.1'; |
|
| 124 | + $strErrorDesc = $e->getMessage().' Something went wrong! Please contact support.1'; |
|
| 125 | 125 | $strErrorHeader = 'HTTP/1.1 500 Internal Server Error'; |
| 126 | 126 | } |
| 127 | 127 | } |
@@ -74,7 +74,7 @@ discard block |
||
| 74 | 74 | // get count of Items in this folder |
| 75 | 75 | $get = DB::queryfirstrow( |
| 76 | 76 | 'SELECT count(*) as num_results |
| 77 | - FROM ' . prefixTable('items') . ' |
|
| 77 | + FROM ' . prefixTable('items').' |
|
| 78 | 78 | WHERE inactif = %i AND id_tree = %i', |
| 79 | 79 | 0, |
| 80 | 80 | $child->id |
@@ -83,14 +83,14 @@ discard block |
||
| 83 | 83 | $ret[$child->id]['id'] = $child->id; |
| 84 | 84 | |
| 85 | 85 | // get number of subfolders |
| 86 | - $nodeDescendants =$tree->getDescendants($child->id, false, false, true); |
|
| 86 | + $nodeDescendants = $tree->getDescendants($child->id, false, false, true); |
|
| 87 | 87 | $ret[$child->id]['subfoldersCount'] = count($nodeDescendants); |
| 88 | 88 | |
| 89 | 89 | // get items number in subfolders |
| 90 | 90 | if (count($nodeDescendants) > 0) { |
| 91 | 91 | $get = DB::queryfirstrow( |
| 92 | 92 | 'SELECT count(*) as num_results |
| 93 | - FROM ' . prefixTable('items') . ' |
|
| 93 | + FROM ' . prefixTable('items').' |
|
| 94 | 94 | WHERE inactif = %i AND id_tree IN (%l)', |
| 95 | 95 | 0, |
| 96 | 96 | implode(',', $nodeDescendants) |
@@ -138,7 +138,7 @@ discard block |
||
| 138 | 138 | // Get item key |
| 139 | 139 | $itemKey = DB::queryFirstRow( |
| 140 | 140 | 'SELECT share_key |
| 141 | - FROM ' . prefixTable('sharekeys_items') . ' |
|
| 141 | + FROM ' . prefixTable('sharekeys_items').' |
|
| 142 | 142 | WHERE user_id = %i AND object_id = %i', |
| 143 | 143 | TP_USER_ID, |
| 144 | 144 | $item['itemId'] |
@@ -71,7 +71,7 @@ discard block |
||
| 71 | 71 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('api') === false) { |
| 72 | 72 | // Not allowed page |
| 73 | 73 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 74 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 74 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 75 | 75 | exit; |
| 76 | 76 | } |
| 77 | 77 | |
@@ -158,7 +158,7 @@ discard block |
||
| 158 | 158 | <?php |
| 159 | 159 | $rowsKeys = DB::query( |
| 160 | 160 | 'SELECT * |
| 161 | - FROM ' . prefixTable('api') . ' |
|
| 161 | + FROM ' . prefixTable('api').' |
|
| 162 | 162 | WHERE type = %s |
| 163 | 163 | ORDER BY timestamp ASC', |
| 164 | 164 | 'key' |
@@ -181,15 +181,15 @@ discard block |
||
| 181 | 181 | <?php |
| 182 | 182 | foreach ($rowsKeys as $key) { |
| 183 | 183 | echo ' |
| 184 | - <tr data-id="' . $key['increment_id'] . '"> |
|
| 185 | - <td width="50px"><i class="fas fa-trash infotip pointer delete-api-key" title="' . $lang->get('del_button') . '"></i></td> |
|
| 186 | - <td><span class="edit-api-key pointer">' . $key['label'] . '</span></td> |
|
| 187 | - <td>' . $key['value']. '</td> |
|
| 188 | - <td><i class="fas '.((int) $key['enabled'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="enabled" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 189 | - <td><i class="fas '.((int) $key['allowed_to_create'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_create" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 190 | - <td><i class="fas '.((int) $key['allowed_to_read'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_read" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 191 | - <td><i class="fas '.((int) $key['allowed_to_update'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_update" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 192 | - <td><i class="fas '.((int) $key['allowed_to_delete'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_delete" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 184 | + <tr data-id="' . $key['increment_id'].'"> |
|
| 185 | + <td width="50px"><i class="fas fa-trash infotip pointer delete-api-key" title="' . $lang->get('del_button').'"></i></td> |
|
| 186 | + <td><span class="edit-api-key pointer">' . $key['label'].'</span></td> |
|
| 187 | + <td>' . $key['value'].'</td> |
|
| 188 | + <td><i class="fas '.((int) $key['enabled'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="enabled" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 189 | + <td><i class="fas '.((int) $key['allowed_to_create'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_create" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 190 | + <td><i class="fas '.((int) $key['allowed_to_read'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_read" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 191 | + <td><i class="fas '.((int) $key['allowed_to_update'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_update" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 192 | + <td><i class="fas '.((int) $key['allowed_to_delete'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_delete" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 193 | 193 | </tr>'; |
| 194 | 194 | } ?> |
| 195 | 195 | </tbody> |
@@ -224,7 +224,7 @@ discard block |
||
| 224 | 224 | <div class="col-12 mt-4" id="table-api-ip"> |
| 225 | 225 | <?php |
| 226 | 226 | $rowsIps = DB::query( |
| 227 | - 'SELECT increment_id, label, timestamp value FROM ' . prefixTable('api') . ' |
|
| 227 | + 'SELECT increment_id, label, timestamp value FROM '.prefixTable('api').' |
|
| 228 | 228 | WHERE type = %s |
| 229 | 229 | ORDER BY timestamp ASC', |
| 230 | 230 | 'ip' |
@@ -242,10 +242,10 @@ discard block |
||
| 242 | 242 | <?php |
| 243 | 243 | foreach ($rowsIps as $ip) { |
| 244 | 244 | echo ' |
| 245 | - <tr data-id="' . $ip['increment_id'] . '"> |
|
| 246 | - <td width="50px"><i class="fas fa-trash infotip pointer delete-api-ip" title="' . $lang->get('del_button') . '"></i></td> |
|
| 247 | - <td><span class="edit-api-ip pointer" data-field="label">' . $ip['label'] . '</span></td> |
|
| 248 | - <td><span class="edit-api-ip pointer" data-field="value">' . $ip['value'] . '</span></td> |
|
| 245 | + <tr data-id="' . $ip['increment_id'].'"> |
|
| 246 | + <td width="50px"><i class="fas fa-trash infotip pointer delete-api-ip" title="' . $lang->get('del_button').'"></i></td> |
|
| 247 | + <td><span class="edit-api-ip pointer" data-field="label">' . $ip['label'].'</span></td> |
|
| 248 | + <td><span class="edit-api-ip pointer" data-field="value">' . $ip['value'].'</span></td> |
|
| 249 | 249 | </tr>'; |
| 250 | 250 | } ?> |
| 251 | 251 | </tbody> |
@@ -281,8 +281,8 @@ discard block |
||
| 281 | 281 | <?php |
| 282 | 282 | $rowsKeys = DB::query( |
| 283 | 283 | 'SELECT a.*, u.name, u.lastname, u.login |
| 284 | - FROM ' . prefixTable('api') . ' AS a |
|
| 285 | - INNER JOIN ' . prefixTable('users') . ' AS u ON a.user_id = u.id |
|
| 284 | + FROM ' . prefixTable('api').' AS a |
|
| 285 | + INNER JOIN ' . prefixTable('users').' AS u ON a.user_id = u.id |
|
| 286 | 286 | WHERE a.type = %s |
| 287 | 287 | ORDER BY u.login ASC', |
| 288 | 288 | 'user' |
@@ -303,13 +303,13 @@ discard block |
||
| 303 | 303 | <?php |
| 304 | 304 | foreach ($rowsKeys as $key) { |
| 305 | 305 | echo ' |
| 306 | - <tr data-id="' . $key['increment_id'] . '"> |
|
| 307 | - <td>' . $key['name'] . ' ' . $key['lastname'] . ' (<i>'.$key['login'].'</i>)</td> |
|
| 308 | - <td><i class="fas '.((int) $key['enabled'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="enabled" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 309 | - <td><i class="fas '.((int) $key['allowed_to_create'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_create" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 310 | - <td><i class="fas '.((int) $key['allowed_to_read'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_read" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 311 | - <td><i class="fas '.((int) $key['allowed_to_update'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_update" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 312 | - <td><i class="fas '.((int) $key['allowed_to_delete'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_delete" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 306 | + <tr data-id="' . $key['increment_id'].'"> |
|
| 307 | + <td>' . $key['name'].' '.$key['lastname'].' (<i>'.$key['login'].'</i>)</td> |
|
| 308 | + <td><i class="fas '.((int) $key['enabled'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="enabled" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 309 | + <td><i class="fas '.((int) $key['allowed_to_create'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_create" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 310 | + <td><i class="fas '.((int) $key['allowed_to_read'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_read" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 311 | + <td><i class="fas '.((int) $key['allowed_to_update'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_update" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 312 | + <td><i class="fas '.((int) $key['allowed_to_delete'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="allowed_to_delete" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 313 | 313 | </tr>'; |
| 314 | 314 | } ?> |
| 315 | 315 | </tbody> |
@@ -91,210 +91,210 @@ |
||
| 91 | 91 | switch ($post_type) { |
| 92 | 92 | //########################################################## |
| 93 | 93 | //CASE for creating a DB backup |
| 94 | -case 'perform_fix_pf_items-step1': |
|
| 95 | - // Check KEY |
|
| 96 | - if ($post_key !== $session->get('key')) { |
|
| 97 | - echo prepareExchangedData( |
|
| 98 | - array( |
|
| 99 | - 'error' => true, |
|
| 100 | - 'message' => $lang->get('key_is_not_correct'), |
|
| 101 | - ), |
|
| 102 | - 'encode' |
|
| 103 | - ); |
|
| 104 | - break; |
|
| 105 | - } |
|
| 106 | - // Is admin? |
|
| 107 | - if ($session->get('user-admin') !== 1) { |
|
| 108 | - echo prepareExchangedData( |
|
| 109 | - array( |
|
| 110 | - 'error' => true, |
|
| 111 | - 'message' => $lang->get('error_not_allowed_to'), |
|
| 112 | - ), |
|
| 113 | - 'encode' |
|
| 114 | - ); |
|
| 115 | - break; |
|
| 116 | - } |
|
| 94 | + case 'perform_fix_pf_items-step1': |
|
| 95 | + // Check KEY |
|
| 96 | + if ($post_key !== $session->get('key')) { |
|
| 97 | + echo prepareExchangedData( |
|
| 98 | + array( |
|
| 99 | + 'error' => true, |
|
| 100 | + 'message' => $lang->get('key_is_not_correct'), |
|
| 101 | + ), |
|
| 102 | + 'encode' |
|
| 103 | + ); |
|
| 104 | + break; |
|
| 105 | + } |
|
| 106 | + // Is admin? |
|
| 107 | + if ($session->get('user-admin') !== 1) { |
|
| 108 | + echo prepareExchangedData( |
|
| 109 | + array( |
|
| 110 | + 'error' => true, |
|
| 111 | + 'message' => $lang->get('error_not_allowed_to'), |
|
| 112 | + ), |
|
| 113 | + 'encode' |
|
| 114 | + ); |
|
| 115 | + break; |
|
| 116 | + } |
|
| 117 | 117 | |
| 118 | - // decrypt and retrieve data in JSON format |
|
| 119 | - $dataReceived = prepareExchangedData( |
|
| 120 | - $post_data, |
|
| 121 | - 'decode' |
|
| 122 | - ); |
|
| 118 | + // decrypt and retrieve data in JSON format |
|
| 119 | + $dataReceived = prepareExchangedData( |
|
| 120 | + $post_data, |
|
| 121 | + 'decode' |
|
| 122 | + ); |
|
| 123 | 123 | |
| 124 | - $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT); |
|
| 124 | + $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT); |
|
| 125 | 125 | |
| 126 | - // Get user info |
|
| 127 | - $userInfo = DB::queryFirstRow( |
|
| 128 | - 'SELECT private_key, public_key, psk, encrypted_psk |
|
| 126 | + // Get user info |
|
| 127 | + $userInfo = DB::queryFirstRow( |
|
| 128 | + 'SELECT private_key, public_key, psk, encrypted_psk |
|
| 129 | 129 | FROM teampass_users |
| 130 | 130 | WHERE id = %i', |
| 131 | - $userId |
|
| 132 | - ); |
|
| 131 | + $userId |
|
| 132 | + ); |
|
| 133 | 133 | |
| 134 | - // Get user's private folders |
|
| 135 | - $userPFRoot = DB::queryFirstRow( |
|
| 136 | - 'SELECT id |
|
| 134 | + // Get user's private folders |
|
| 135 | + $userPFRoot = DB::queryFirstRow( |
|
| 136 | + 'SELECT id |
|
| 137 | 137 | FROM teampass_nested_tree |
| 138 | 138 | WHERE title = %i', |
| 139 | - $userId |
|
| 140 | - ); |
|
| 141 | - if (DB::count() === 0) { |
|
| 142 | - echo prepareExchangedData( |
|
| 143 | - array( |
|
| 144 | - 'error' => true, |
|
| 145 | - 'message' => 'User has no personal folders', |
|
| 146 | - ), |
|
| 147 | - 'encode' |
|
| 139 | + $userId |
|
| 148 | 140 | ); |
| 149 | - break; |
|
| 150 | - } |
|
| 151 | - $personalFolders = []; |
|
| 152 | - $tree = new NestedTree(prefixTable('nested_tree'), 'id', 'parent_id', 'title'); |
|
| 153 | - $tree->rebuild(); |
|
| 154 | - $folders = $tree->getDescendants($userPFRoot['id'], true); |
|
| 155 | - foreach ($folders as $folder) { |
|
| 156 | - array_push($personalFolders, $folder->id); |
|
| 157 | - } |
|
| 158 | - |
|
| 159 | - //Show done |
|
| 160 | - echo prepareExchangedData( |
|
| 161 | - array( |
|
| 162 | - 'error' => false, |
|
| 163 | - 'message' => 'Personal Folders found: ', |
|
| 164 | - 'personalFolders' => json_encode($personalFolders), |
|
| 165 | - ), |
|
| 166 | - 'encode' |
|
| 167 | - ); |
|
| 168 | - break; |
|
| 141 | + if (DB::count() === 0) { |
|
| 142 | + echo prepareExchangedData( |
|
| 143 | + array( |
|
| 144 | + 'error' => true, |
|
| 145 | + 'message' => 'User has no personal folders', |
|
| 146 | + ), |
|
| 147 | + 'encode' |
|
| 148 | + ); |
|
| 149 | + break; |
|
| 150 | + } |
|
| 151 | + $personalFolders = []; |
|
| 152 | + $tree = new NestedTree(prefixTable('nested_tree'), 'id', 'parent_id', 'title'); |
|
| 153 | + $tree->rebuild(); |
|
| 154 | + $folders = $tree->getDescendants($userPFRoot['id'], true); |
|
| 155 | + foreach ($folders as $folder) { |
|
| 156 | + array_push($personalFolders, $folder->id); |
|
| 157 | + } |
|
| 169 | 158 | |
| 170 | -case 'perform_fix_pf_items-step2': |
|
| 171 | - // Check KEY |
|
| 172 | - if ($post_key !== $session->get('key')) { |
|
| 159 | + //Show done |
|
| 173 | 160 | echo prepareExchangedData( |
| 174 | 161 | array( |
| 175 | - 'error' => true, |
|
| 176 | - 'message' => $lang->get('key_is_not_correct'), |
|
| 162 | + 'error' => false, |
|
| 163 | + 'message' => 'Personal Folders found: ', |
|
| 164 | + 'personalFolders' => json_encode($personalFolders), |
|
| 177 | 165 | ), |
| 178 | 166 | 'encode' |
| 179 | 167 | ); |
| 180 | 168 | break; |
| 181 | - } |
|
| 182 | - // Is admin? |
|
| 183 | - if ($session->get('user-admin') !== 1) { |
|
| 184 | - echo prepareExchangedData( |
|
| 185 | - array( |
|
| 186 | - 'error' => true, |
|
| 187 | - 'message' => $lang->get('error_not_allowed_to'), |
|
| 188 | - ), |
|
| 189 | - 'encode' |
|
| 190 | - ); |
|
| 191 | - break; |
|
| 192 | - } |
|
| 193 | 169 | |
| 194 | - // decrypt and retrieve data in JSON format |
|
| 195 | - $dataReceived = prepareExchangedData( |
|
| 196 | - $post_data, |
|
| 197 | - 'decode' |
|
| 198 | - ); |
|
| 170 | + case 'perform_fix_pf_items-step2': |
|
| 171 | + // Check KEY |
|
| 172 | + if ($post_key !== $session->get('key')) { |
|
| 173 | + echo prepareExchangedData( |
|
| 174 | + array( |
|
| 175 | + 'error' => true, |
|
| 176 | + 'message' => $lang->get('key_is_not_correct'), |
|
| 177 | + ), |
|
| 178 | + 'encode' |
|
| 179 | + ); |
|
| 180 | + break; |
|
| 181 | + } |
|
| 182 | + // Is admin? |
|
| 183 | + if ($session->get('user-admin') !== 1) { |
|
| 184 | + echo prepareExchangedData( |
|
| 185 | + array( |
|
| 186 | + 'error' => true, |
|
| 187 | + 'message' => $lang->get('error_not_allowed_to'), |
|
| 188 | + ), |
|
| 189 | + 'encode' |
|
| 190 | + ); |
|
| 191 | + break; |
|
| 192 | + } |
|
| 193 | + |
|
| 194 | + // decrypt and retrieve data in JSON format |
|
| 195 | + $dataReceived = prepareExchangedData( |
|
| 196 | + $post_data, |
|
| 197 | + 'decode' |
|
| 198 | + ); |
|
| 199 | 199 | |
| 200 | - $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT); |
|
| 201 | - $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS); |
|
| 200 | + $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT); |
|
| 201 | + $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS); |
|
| 202 | 202 | |
| 203 | - // Delete all private items with sharekeys |
|
| 204 | - $pfiSharekeys = DB::queryFirstColumn( |
|
| 205 | - 'select s.increment_id |
|
| 203 | + // Delete all private items with sharekeys |
|
| 204 | + $pfiSharekeys = DB::queryFirstColumn( |
|
| 205 | + 'select s.increment_id |
|
| 206 | 206 | from teampass_sharekeys_items as s |
| 207 | 207 | INNER JOIN teampass_items AS i ON (i.id = s.object_id) |
| 208 | 208 | WHERE s.user_id = %i AND i.perso = 1 AND i.id_tree IN %ls', |
| 209 | - $userId, |
|
| 210 | - $personalFolders |
|
| 211 | - ); |
|
| 212 | - $pfiSharekeysCount = DB::count(); |
|
| 213 | - if ($pfiSharekeysCount > 0) { |
|
| 214 | - DB::delete( |
|
| 215 | - "teampass_sharekeys_items", |
|
| 216 | - "increment_id IN %ls", |
|
| 217 | - $pfiSharekeys |
|
| 209 | + $userId, |
|
| 210 | + $personalFolders |
|
| 218 | 211 | ); |
| 219 | - } |
|
| 212 | + $pfiSharekeysCount = DB::count(); |
|
| 213 | + if ($pfiSharekeysCount > 0) { |
|
| 214 | + DB::delete( |
|
| 215 | + "teampass_sharekeys_items", |
|
| 216 | + "increment_id IN %ls", |
|
| 217 | + $pfiSharekeys |
|
| 218 | + ); |
|
| 219 | + } |
|
| 220 | 220 | |
| 221 | 221 | |
| 222 | - //Show done |
|
| 223 | - echo prepareExchangedData( |
|
| 224 | - array( |
|
| 225 | - 'error' => false, |
|
| 226 | - 'message' => '<br>Number of Sharekeys for private items DELETED: ', |
|
| 227 | - 'nbDeleted' => $pfiSharekeysCount, |
|
| 228 | - 'personalFolders' => json_encode($personalFolders), |
|
| 229 | - ), |
|
| 230 | - 'encode' |
|
| 231 | - ); |
|
| 232 | - break; |
|
| 233 | - |
|
| 234 | -case 'perform_fix_pf_items-step3': |
|
| 235 | - // Check KEY |
|
| 236 | - if ($post_key !== $session->get('key')) { |
|
| 222 | + //Show done |
|
| 237 | 223 | echo prepareExchangedData( |
| 238 | 224 | array( |
| 239 | - 'error' => true, |
|
| 240 | - 'message' => $lang->get('key_is_not_correct'), |
|
| 225 | + 'error' => false, |
|
| 226 | + 'message' => '<br>Number of Sharekeys for private items DELETED: ', |
|
| 227 | + 'nbDeleted' => $pfiSharekeysCount, |
|
| 228 | + 'personalFolders' => json_encode($personalFolders), |
|
| 241 | 229 | ), |
| 242 | 230 | 'encode' |
| 243 | 231 | ); |
| 244 | 232 | break; |
| 245 | - } |
|
| 246 | - // Is admin? |
|
| 247 | - if ($session->get('user-admin') !== 1) { |
|
| 248 | - echo prepareExchangedData( |
|
| 249 | - array( |
|
| 250 | - 'error' => true, |
|
| 251 | - 'message' => $lang->get('error_not_allowed_to'), |
|
| 252 | - ), |
|
| 253 | - 'encode' |
|
| 254 | - ); |
|
| 255 | - break; |
|
| 256 | - } |
|
| 257 | 233 | |
| 258 | - // decrypt and retrieve data in JSON format |
|
| 259 | - $dataReceived = prepareExchangedData( |
|
| 260 | - $post_data, |
|
| 261 | - 'decode' |
|
| 262 | - ); |
|
| 234 | + case 'perform_fix_pf_items-step3': |
|
| 235 | + // Check KEY |
|
| 236 | + if ($post_key !== $session->get('key')) { |
|
| 237 | + echo prepareExchangedData( |
|
| 238 | + array( |
|
| 239 | + 'error' => true, |
|
| 240 | + 'message' => $lang->get('key_is_not_correct'), |
|
| 241 | + ), |
|
| 242 | + 'encode' |
|
| 243 | + ); |
|
| 244 | + break; |
|
| 245 | + } |
|
| 246 | + // Is admin? |
|
| 247 | + if ($session->get('user-admin') !== 1) { |
|
| 248 | + echo prepareExchangedData( |
|
| 249 | + array( |
|
| 250 | + 'error' => true, |
|
| 251 | + 'message' => $lang->get('error_not_allowed_to'), |
|
| 252 | + ), |
|
| 253 | + 'encode' |
|
| 254 | + ); |
|
| 255 | + break; |
|
| 256 | + } |
|
| 263 | 257 | |
| 264 | - $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT); |
|
| 265 | - $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS); |
|
| 258 | + // decrypt and retrieve data in JSON format |
|
| 259 | + $dataReceived = prepareExchangedData( |
|
| 260 | + $post_data, |
|
| 261 | + 'decode' |
|
| 262 | + ); |
|
| 266 | 263 | |
| 267 | - // Update from items_old to items all the private itemsitems that have been converted to teampass_aes |
|
| 268 | - // Get all key back |
|
| 269 | - $items = DB::query( |
|
| 270 | - "SELECT id |
|
| 264 | + $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT); |
|
| 265 | + $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS); |
|
| 266 | + |
|
| 267 | + // Update from items_old to items all the private itemsitems that have been converted to teampass_aes |
|
| 268 | + // Get all key back |
|
| 269 | + $items = DB::query( |
|
| 270 | + "SELECT id |
|
| 271 | 271 | FROM teampass_items |
| 272 | 272 | WHERE id_tree IN %ls AND encryption_type = %s", |
| 273 | - $personalFolders, |
|
| 274 | - "teampass_aes" |
|
| 275 | - ); |
|
| 276 | - //DB::debugMode(false); |
|
| 277 | - $nbItems = DB::count(); |
|
| 278 | - foreach ($items as $item) { |
|
| 279 | - $defusePwd = DB::queryFirstField("SELECT pw FROM teampass_items_old WHERE id = %i", $item['id']); |
|
| 280 | - DB::update( |
|
| 281 | - "teampass_items", |
|
| 282 | - ['pw' => $defusePwd, "encryption_type" => "defuse"], |
|
| 283 | - "id = %i", |
|
| 284 | - $item['id'] |
|
| 273 | + $personalFolders, |
|
| 274 | + "teampass_aes" |
|
| 285 | 275 | ); |
| 286 | - } |
|
| 276 | + //DB::debugMode(false); |
|
| 277 | + $nbItems = DB::count(); |
|
| 278 | + foreach ($items as $item) { |
|
| 279 | + $defusePwd = DB::queryFirstField("SELECT pw FROM teampass_items_old WHERE id = %i", $item['id']); |
|
| 280 | + DB::update( |
|
| 281 | + "teampass_items", |
|
| 282 | + ['pw' => $defusePwd, "encryption_type" => "defuse"], |
|
| 283 | + "id = %i", |
|
| 284 | + $item['id'] |
|
| 285 | + ); |
|
| 286 | + } |
|
| 287 | 287 | |
| 288 | 288 | |
| 289 | - //Show done |
|
| 290 | - echo prepareExchangedData( |
|
| 291 | - array( |
|
| 292 | - 'error' => false, |
|
| 293 | - 'message' => '<br>Number of items reseted to Defuse: ', |
|
| 294 | - 'nbItems' => $nbItems, |
|
| 295 | - 'personalFolders' => json_encode($personalFolders), |
|
| 296 | - ), |
|
| 297 | - 'encode' |
|
| 298 | - ); |
|
| 299 | - break; |
|
| 289 | + //Show done |
|
| 290 | + echo prepareExchangedData( |
|
| 291 | + array( |
|
| 292 | + 'error' => false, |
|
| 293 | + 'message' => '<br>Number of items reseted to Defuse: ', |
|
| 294 | + 'nbItems' => $nbItems, |
|
| 295 | + 'personalFolders' => json_encode($personalFolders), |
|
| 296 | + ), |
|
| 297 | + 'encode' |
|
| 298 | + ); |
|
| 299 | + break; |
|
| 300 | 300 | } |
| 301 | 301 | \ No newline at end of file |
@@ -70,7 +70,7 @@ |
||
| 70 | 70 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('tools') === false) { |
| 71 | 71 | // Not allowed page |
| 72 | 72 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 73 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 73 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 74 | 74 | exit; |
| 75 | 75 | } |
| 76 | 76 | |
@@ -72,7 +72,7 @@ |
||
| 72 | 72 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('tools') === false) { |
| 73 | 73 | // Not allowed page |
| 74 | 74 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 75 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 75 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 76 | 76 | exit; |
| 77 | 77 | } |
| 78 | 78 | ?> |
@@ -69,7 +69,7 @@ discard block |
||
| 69 | 69 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('tools') === false) { |
| 70 | 70 | // Not allowed page |
| 71 | 71 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 72 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 72 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 73 | 73 | exit; |
| 74 | 74 | } |
| 75 | 75 | |
@@ -130,7 +130,7 @@ discard block |
||
| 130 | 130 | </div> |
| 131 | 131 | <?php |
| 132 | 132 | // Check if table exists |
| 133 | -$tableExists = DB::queryFirstField('SHOW TABLES LIKE %s', 'teampass_items_v2');; |
|
| 133 | +$tableExists = DB::queryFirstField('SHOW TABLES LIKE %s', 'teampass_items_v2'); ; |
|
| 134 | 134 | if (is_null($tableExists) === true) { |
| 135 | 135 | echo ' |
| 136 | 136 | <div class="alert alert-warning" role="warning"><i class="fas fa-lightbulb mr-2"></i>'.$lang->get('table_not_exists').'</div>'; |
@@ -73,7 +73,7 @@ discard block |
||
| 73 | 73 | ) { |
| 74 | 74 | // Not allowed page |
| 75 | 75 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 76 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 76 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 77 | 77 | exit; |
| 78 | 78 | } |
| 79 | 79 | |
@@ -92,12 +92,12 @@ discard block |
||
| 92 | 92 | if (null === $session->get('user-accessible_folders') |
| 93 | 93 | || empty($session->get('user-accessible_folders')) === true |
| 94 | 94 | ) { |
| 95 | - echo '{"sEcho": ' . $request->query->filter('sEcho', FILTER_SANITIZE_NUMBER_INT) . ' ,"iTotalRecords": "0", "iTotalDisplayRecords": "0", "aaData": [] }'; |
|
| 95 | + echo '{"sEcho": '.$request->query->filter('sEcho', FILTER_SANITIZE_NUMBER_INT).' ,"iTotalRecords": "0", "iTotalDisplayRecords": "0", "aaData": [] }'; |
|
| 96 | 96 | exit; |
| 97 | 97 | } |
| 98 | 98 | |
| 99 | 99 | //Columns name |
| 100 | -$aColumns = ['c.id', 'c.label', 'c.login', 'c.description', 'c.tags', 'c.id_tree', 'c.folder', 'c.login', 'c.url', 'ci.data'];// |
|
| 100 | +$aColumns = ['c.id', 'c.label', 'c.login', 'c.description', 'c.tags', 'c.id_tree', 'c.folder', 'c.login', 'c.url', 'ci.data']; // |
|
| 101 | 101 | $aSortTypes = ['ASC', 'DESC']; |
| 102 | 102 | //init SQL variables |
| 103 | 103 | $sOrder = $sLimit = $sWhere = ''; |
@@ -117,7 +117,7 @@ discard block |
||
| 117 | 117 | |
| 118 | 118 | //Get current user "personal folder" ID |
| 119 | 119 | $row = DB::query( |
| 120 | - 'SELECT id FROM ' . prefixTable('nested_tree') . ' WHERE title = %i', |
|
| 120 | + 'SELECT id FROM '.prefixTable('nested_tree').' WHERE title = %i', |
|
| 121 | 121 | intval($session->get('user-id')) |
| 122 | 122 | ); |
| 123 | 123 | //get list of personal folders |
@@ -126,20 +126,20 @@ discard block |
||
| 126 | 126 | $listPf = ''; |
| 127 | 127 | if (empty($row['id']) === false) { |
| 128 | 128 | $rows = DB::query( |
| 129 | - 'SELECT id FROM ' . prefixTable('nested_tree') . ' |
|
| 129 | + 'SELECT id FROM '.prefixTable('nested_tree').' |
|
| 130 | 130 | WHERE personal_folder = 1 AND NOT parent_id = %i AND NOT title = %i', |
| 131 | 131 | filter_var($row['id'], FILTER_SANITIZE_NUMBER_INT), |
| 132 | 132 | filter_var($session->get('user-id'), FILTER_SANITIZE_NUMBER_INT) |
| 133 | 133 | ); |
| 134 | 134 | foreach ($rows as $record) { |
| 135 | - if (! in_array($record['id'], $arrayPf)) { |
|
| 135 | + if (!in_array($record['id'], $arrayPf)) { |
|
| 136 | 136 | //build an array of personal folders ids |
| 137 | 137 | array_push($arrayPf, $record['id']); |
| 138 | 138 | //build also a string with those ids |
| 139 | 139 | if (empty($listPf)) { |
| 140 | 140 | $listPf = $record['id']; |
| 141 | 141 | } else { |
| 142 | - $listPf .= ', ' . $record['id']; |
|
| 142 | + $listPf .= ', '.$record['id']; |
|
| 143 | 143 | } |
| 144 | 144 | } |
| 145 | 145 | } |
@@ -149,7 +149,7 @@ discard block |
||
| 149 | 149 | //Paging |
| 150 | 150 | $sLimit = ''; |
| 151 | 151 | if (null !== $request->query->get('start') && $request->query->get('length') !== '-1') { |
| 152 | - $sLimit = 'LIMIT ' . $request->query->filter('start', null, FILTER_SANITIZE_NUMBER_INT) . ', ' . $request->query->filter('length', null, FILTER_SANITIZE_NUMBER_INT) . ''; |
|
| 152 | + $sLimit = 'LIMIT '.$request->query->filter('start', null, FILTER_SANITIZE_NUMBER_INT).', '.$request->query->filter('length', null, FILTER_SANITIZE_NUMBER_INT).''; |
|
| 153 | 153 | } |
| 154 | 154 | |
| 155 | 155 | //Ordering |
@@ -163,8 +163,8 @@ discard block |
||
| 163 | 163 | } |
| 164 | 164 | $sOrder = 'ORDER BY '; |
| 165 | 165 | if ($orderParam[0]['column'] >= 0) { |
| 166 | - $sOrder .= '' . $aColumns[filter_var($orderParam[0]['column'], FILTER_SANITIZE_NUMBER_INT)] . ' ' |
|
| 167 | - . filter_var($orderParam[0]['dir'], FILTER_SANITIZE_FULL_SPECIAL_CHARS) . ', '; |
|
| 166 | + $sOrder .= ''.$aColumns[filter_var($orderParam[0]['column'], FILTER_SANITIZE_NUMBER_INT)].' ' |
|
| 167 | + . filter_var($orderParam[0]['dir'], FILTER_SANITIZE_FULL_SPECIAL_CHARS).', '; |
|
| 168 | 168 | } |
| 169 | 169 | |
| 170 | 170 | $sOrder = substr_replace($sOrder, '', -2); |
@@ -172,7 +172,7 @@ discard block |
||
| 172 | 172 | $sOrder = ''; |
| 173 | 173 | } |
| 174 | 174 | } else { |
| 175 | - $sOrder = 'ORDER BY ' . $aColumns[1] . ' ASC'; |
|
| 175 | + $sOrder = 'ORDER BY '.$aColumns[1].' ASC'; |
|
| 176 | 176 | } |
| 177 | 177 | |
| 178 | 178 | // Define criteria |
@@ -196,9 +196,9 @@ discard block |
||
| 196 | 196 | if (empty($search_criteria) === false) { |
| 197 | 197 | $sWhere .= ' AND ('; |
| 198 | 198 | for ($i = 0; $i < count($aColumns); ++$i) { |
| 199 | - $sWhere .= $aColumns[$i] . ' LIKE %ss_' . $i . ' OR '; |
|
| 199 | + $sWhere .= $aColumns[$i].' LIKE %ss_'.$i.' OR '; |
|
| 200 | 200 | } |
| 201 | - $sWhere = substr_replace((string) $sWhere, '', -3) . ') '; |
|
| 201 | + $sWhere = substr_replace((string) $sWhere, '', -3).') '; |
|
| 202 | 202 | $crit = [ |
| 203 | 203 | 'idtree' => array_unique($folders), |
| 204 | 204 | '0' => $search_criteria, |
@@ -238,16 +238,16 @@ discard block |
||
| 238 | 238 | if (empty($sWhere) === false) { |
| 239 | 239 | $sWhere .= ' AND '; |
| 240 | 240 | } |
| 241 | - $sWhere = 'WHERE ' . $sWhere . 'c.id_tree NOT IN %ls_pf '; |
|
| 241 | + $sWhere = 'WHERE '.$sWhere.'c.id_tree NOT IN %ls_pf '; |
|
| 242 | 242 | } else { |
| 243 | - $sWhere = 'WHERE ' . $sWhere; |
|
| 243 | + $sWhere = 'WHERE '.$sWhere; |
|
| 244 | 244 | } |
| 245 | 245 | |
| 246 | 246 | // Do queries |
| 247 | 247 | DB::query( |
| 248 | 248 | "SELECT c.id |
| 249 | - FROM " . prefixTable('cache') . " AS c |
|
| 250 | - LEFT JOIN " . prefixTable('categories_items') . " AS ci ON (ci.item_id = c.id) |
|
| 249 | + FROM " . prefixTable('cache')." AS c |
|
| 250 | + LEFT JOIN " . prefixTable('categories_items')." AS ci ON (ci.item_id = c.id) |
|
| 251 | 251 | {$sWhere} |
| 252 | 252 | {$sOrder}", |
| 253 | 253 | $crit |
@@ -255,9 +255,9 @@ discard block |
||
| 255 | 255 | $iTotal = DB::count(); |
| 256 | 256 | $rows = DB::query( |
| 257 | 257 | "SELECT c.*, ci.data, i.item_key |
| 258 | - FROM " . prefixTable('cache') . " AS c |
|
| 259 | - LEFT JOIN " . prefixTable('categories_items') . " AS ci ON (ci.item_id = c.id) |
|
| 260 | - INNER JOIN " . prefixTable('items') . " AS i ON (i.id = c.id) |
|
| 258 | + FROM " . prefixTable('cache')." AS c |
|
| 259 | + LEFT JOIN " . prefixTable('categories_items')." AS ci ON (ci.item_id = c.id) |
|
| 260 | + INNER JOIN " . prefixTable('items')." AS i ON (i.id = c.id) |
|
| 261 | 261 | {$sWhere} |
| 262 | 262 | {$sOrder} |
| 263 | 263 | {$sLimit}", |
@@ -282,7 +282,7 @@ discard block |
||
| 282 | 282 | if (null === $request->query->get('type')) { |
| 283 | 283 | $sOutput = '{'; |
| 284 | 284 | if (null !== $request->query->get('draw')) { |
| 285 | - $sOutput .= '"draw": ' . $request->query->filter('draw', FILTER_SANITIZE_NUMBER_INT) . ', '; |
|
| 285 | + $sOutput .= '"draw": '.$request->query->filter('draw', FILTER_SANITIZE_NUMBER_INT).', '; |
|
| 286 | 286 | } |
| 287 | 287 | $sOutput .= '"data": ['; |
| 288 | 288 | $sOutputConst = ''; |
@@ -299,7 +299,7 @@ discard block |
||
| 299 | 299 | foreach (explode(';', $session->get('user-roles')) as $role) { |
| 300 | 300 | //db::debugmode(true); |
| 301 | 301 | $access = DB::queryFirstRow( |
| 302 | - 'SELECT type FROM ' . prefixTable('roles_values') . ' WHERE role_id = %i AND folder_id = %i', |
|
| 302 | + 'SELECT type FROM '.prefixTable('roles_values').' WHERE role_id = %i AND folder_id = %i', |
|
| 303 | 303 | $role, |
| 304 | 304 | $record['id_tree'] |
| 305 | 305 | ); |
@@ -319,7 +319,7 @@ discard block |
||
| 319 | 319 | } |
| 320 | 320 | $accessLevel = count($arrTmp) > 0 ? min($arrTmp) : $accessLevel; |
| 321 | 321 | if ($accessLevel === 0) { |
| 322 | - $checkbox = '<input type=\"checkbox\" value=\"0\" class=\"mass_op_cb\" data-id=\"' . $record['id'] . '\">'; |
|
| 322 | + $checkbox = '<input type=\"checkbox\" value=\"0\" class=\"mass_op_cb\" data-id=\"'.$record['id'].'\">'; |
|
| 323 | 323 | } |
| 324 | 324 | |
| 325 | 325 | if ((int) $accessLevel === 0) { |
@@ -359,22 +359,22 @@ discard block |
||
| 359 | 359 | if (empty($restrictedTo)) { |
| 360 | 360 | $restrictedTo = $session->get('user-id'); |
| 361 | 361 | } else { |
| 362 | - $restrictedTo .= ',' . $session->get('user-id'); |
|
| 362 | + $restrictedTo .= ','.$session->get('user-id'); |
|
| 363 | 363 | } |
| 364 | 364 | } |
| 365 | 365 | |
| 366 | 366 | //col1 |
| 367 | - $sOutputItem .= '"<i class=\"fa fa-external-link-alt infotip mr-2\" title=\"' . $lang->get('open_url_link') . '\" onClick=\"window.location.href='index.php?page=items&group=' . $record['id_tree'] . '&id=' . $record['id'] . ''\" style=\"cursor:pointer;\"></i>' . |
|
| 368 | - '<i class=\"fa fa-eye infotip mr-2 item-detail\" title=\"' . stripslashes($lang->get('see_item_title')) . '\" data-id=\"' . $record['id'] . '\" data-perso=\"' . $record['perso'] . '\" data-tree-id=\"' . $record['id_tree'] . '\" data-expired=\"' . $expired . '\" data-restricted-to=\"' . $restrictedTo . '\" data-rights=\"' . $right . '\" style=\"cursor:pointer;\"></i>' . $checkbox . '",' ; |
|
| 367 | + $sOutputItem .= '"<i class=\"fa fa-external-link-alt infotip mr-2\" title=\"'.$lang->get('open_url_link').'\" onClick=\"window.location.href='index.php?page=items&group='.$record['id_tree'].'&id='.$record['id'].''\" style=\"cursor:pointer;\"></i>'. |
|
| 368 | + '<i class=\"fa fa-eye infotip mr-2 item-detail\" title=\"'.stripslashes($lang->get('see_item_title')).'\" data-id=\"'.$record['id'].'\" data-perso=\"'.$record['perso'].'\" data-tree-id=\"'.$record['id_tree'].'\" data-expired=\"'.$expired.'\" data-restricted-to=\"'.$restrictedTo.'\" data-rights=\"'.$right.'\" style=\"cursor:pointer;\"></i>'.$checkbox.'",'; |
|
| 369 | 369 | //col2 |
| 370 | - $sOutputItem .= '"'.base64_encode('<span id=\"item_label-' . $record['id'] . '\">' . (str_replace("\\", "\", (string) $record['label'])) . '</span>').'", '; // replace backslash #3015 |
|
| 370 | + $sOutputItem .= '"'.base64_encode('<span id=\"item_label-'.$record['id'].'\">'.(str_replace("\\", "\", (string) $record['label'])).'</span>').'", '; // replace backslash #3015 |
|
| 371 | 371 | //col3 |
| 372 | - $sOutputItem .= '"' . base64_encode(str_replace('&', '&', htmlspecialchars(stripslashes((string) $record['login']), ENT_QUOTES))) . '", '; |
|
| 372 | + $sOutputItem .= '"'.base64_encode(str_replace('&', '&', htmlspecialchars(stripslashes((string) $record['login']), ENT_QUOTES))).'", '; |
|
| 373 | 373 | //col4 |
| 374 | 374 | //get restriction from ROles |
| 375 | 375 | $restrictedToRole = false; |
| 376 | 376 | $rTmp = DB::queryFirstColumn( |
| 377 | - 'SELECT role_id FROM ' . prefixTable('restriction_to_roles') . ' WHERE item_id = %i', |
|
| 377 | + 'SELECT role_id FROM '.prefixTable('restriction_to_roles').' WHERE item_id = %i', |
|
| 378 | 378 | $record['id'] |
| 379 | 379 | ); |
| 380 | 380 | // We considere here that if user has at least one group similar to the object ones |
@@ -392,14 +392,14 @@ discard block |
||
| 392 | 392 | } else { |
| 393 | 393 | $txt = str_replace(['\n', '<br />', '\\'], [' ', ' ', '', ' '], strip_tags($record['description'])); |
| 394 | 394 | if (strlen($txt) > 50) { |
| 395 | - $sOutputItem .= '"' . base64_encode(substr(stripslashes(preg_replace('~/<[\/]{0,1}[^>]*>\//|[ \t]/~', '', $txt)), 0, 50)) . '", '; |
|
| 395 | + $sOutputItem .= '"'.base64_encode(substr(stripslashes(preg_replace('~/<[\/]{0,1}[^>]*>\//|[ \t]/~', '', $txt)), 0, 50)).'", '; |
|
| 396 | 396 | } else { |
| 397 | - $sOutputItem .= '"' . base64_encode(stripslashes(preg_replace('~/<[^>]*>|[ \t]/~', '', $txt))) . '", '; |
|
| 397 | + $sOutputItem .= '"'.base64_encode(stripslashes(preg_replace('~/<[^>]*>|[ \t]/~', '', $txt))).'", '; |
|
| 398 | 398 | } |
| 399 | 399 | } |
| 400 | 400 | |
| 401 | 401 | //col5 - TAGS |
| 402 | - $sOutputItem .= '"' . base64_encode(htmlspecialchars(stripslashes((string) $record['tags']), ENT_QUOTES)) . '", '; |
|
| 402 | + $sOutputItem .= '"'.base64_encode(htmlspecialchars(stripslashes((string) $record['tags']), ENT_QUOTES)).'", '; |
|
| 403 | 403 | // col6 - URL |
| 404 | 404 | if ($record['url'] !== '0') { |
| 405 | 405 | $sOutputItem .= '"'.htmlspecialchars(filter_var($record['url'], FILTER_SANITIZE_URL)).'", '; |
@@ -408,7 +408,7 @@ discard block |
||
| 408 | 408 | } |
| 409 | 409 | |
| 410 | 410 | //col7 - Prepare the Treegrid |
| 411 | - $sOutputItem .= '"' . base64_encode(stripslashes((string) $record['folder'])) . '"'; |
|
| 411 | + $sOutputItem .= '"'.base64_encode(stripslashes((string) $record['folder'])).'"'; |
|
| 412 | 412 | //Finish the line |
| 413 | 413 | //$sOutputItem .= '], '; |
| 414 | 414 | if ($getItemInList === true) { |
@@ -417,17 +417,17 @@ discard block |
||
| 417 | 417 | --$iTotal; |
| 418 | 418 | } |
| 419 | 419 | } |
| 420 | - if (! empty($sOutputConst)) { |
|
| 420 | + if (!empty($sOutputConst)) { |
|
| 421 | 421 | $sOutput .= substr_replace($sOutputConst, '', -2); |
| 422 | 422 | } |
| 423 | 423 | $sOutput .= '], '; |
| 424 | - $sOutput .= '"recordsTotal": ' . $iTotal . ', '; |
|
| 425 | - $sOutput .= '"recordsFiltered": ' . $iTotal . ' }'; |
|
| 424 | + $sOutput .= '"recordsTotal": '.$iTotal.', '; |
|
| 425 | + $sOutput .= '"recordsFiltered": '.$iTotal.' }'; |
|
| 426 | 426 | // file deepcode ignore XSS: data is secured |
| 427 | 427 | echo ($sOutput); |
| 428 | 428 | } elseif (null !== $request->query->get('type') && ($request->query->get('type') === 'search_for_items' || $request->query->get('type') === 'search_for_items_with_tags')) { |
| 429 | 429 | include_once 'main.functions.php'; |
| 430 | - include_once $SETTINGS['cpassman_dir'] . '/includes/language/' . $session->get('user-language') . '.php'; |
|
| 430 | + include_once $SETTINGS['cpassman_dir'].'/includes/language/'.$session->get('user-language').'.php'; |
|
| 431 | 431 | |
| 432 | 432 | $arr_data = []; |
| 433 | 433 | foreach ($rows as $record) { |
@@ -436,7 +436,7 @@ discard block |
||
| 436 | 436 | $arr_data[$record['id']]['tree_id'] = (int) $record['id_tree']; |
| 437 | 437 | $arr_data[$record['id']]['label'] = (string) $record['label']; |
| 438 | 438 | $arr_data[$record['id']]['desc'] = (string) strip_tags(explode('<br>', $record['description'])[0]); |
| 439 | - $arr_data[$record['id']]['folder'] = (string)$record['folder']; |
|
| 439 | + $arr_data[$record['id']]['folder'] = (string) $record['folder']; |
|
| 440 | 440 | $arr_data[$record['id']]['login'] = (string) strtr($record['login'], '"', '"'); |
| 441 | 441 | $arr_data[$record['id']]['item_key'] = (string) $record['item_key']; |
| 442 | 442 | $arr_data[$record['id']]['link'] = (string) $record['url'] !== '0' && empty($record['url']) === false ? filter_var($record['url'], FILTER_SANITIZE_URL) : ''; |
@@ -449,7 +449,7 @@ discard block |
||
| 449 | 449 | |
| 450 | 450 | // Anyone can modify? |
| 451 | 451 | $tmp = DB::queryfirstrow( |
| 452 | - 'SELECT anyone_can_modify FROM ' . prefixTable('items') . ' WHERE id = %i', |
|
| 452 | + 'SELECT anyone_can_modify FROM '.prefixTable('items').' WHERE id = %i', |
|
| 453 | 453 | $record['id'] |
| 454 | 454 | ); |
| 455 | 455 | if (count($tmp) > 0) { |
@@ -480,7 +480,7 @@ discard block |
||
| 480 | 480 | // => récupérer un tableau contenant les roles associés à cet ID (a partir table restriction_to_roles) |
| 481 | 481 | $user_is_included_in_role = 0; |
| 482 | 482 | $roles = DB::query( |
| 483 | - 'SELECT role_id FROM ' . prefixTable('restriction_to_roles') . ' WHERE item_id=%i', |
|
| 483 | + 'SELECT role_id FROM '.prefixTable('restriction_to_roles').' WHERE item_id=%i', |
|
| 484 | 484 | $record['id'] |
| 485 | 485 | ); |
| 486 | 486 | if (count($roles) > 0) { |
@@ -503,7 +503,7 @@ discard block |
||
| 503 | 503 | if (empty($restrictedTo)) { |
| 504 | 504 | $restrictedTo = $session->get('user-id'); |
| 505 | 505 | } else { |
| 506 | - $restrictedTo .= ',' . $session->get('user-id'); |
|
| 506 | + $restrictedTo .= ','.$session->get('user-id'); |
|
| 507 | 507 | } |
| 508 | 508 | } |
| 509 | 509 | |
@@ -601,7 +601,7 @@ discard block |
||
| 601 | 601 | $arrTmp = []; |
| 602 | 602 | foreach (explode(';', $session->get('user-roles')) as $role) { |
| 603 | 603 | $access = DB::queryFirstRow( |
| 604 | - 'SELECT type FROM ' . prefixTable('roles_values') . ' WHERE role_id = %i AND folder_id = %i', |
|
| 604 | + 'SELECT type FROM '.prefixTable('roles_values').' WHERE role_id = %i AND folder_id = %i', |
|
| 605 | 605 | $role, |
| 606 | 606 | $record['id_tree'] |
| 607 | 607 | ); |
@@ -652,8 +652,8 @@ discard block |
||
| 652 | 652 | ) { |
| 653 | 653 | $data_item = DB::queryFirstRow( |
| 654 | 654 | 'SELECT i.pw AS pw, s.share_key AS share_key |
| 655 | - FROM ' . prefixTable('items') . ' AS i |
|
| 656 | - INNER JOIN ' . prefixTable('sharekeys_items') . ' AS s ON (s.object_id = i.id) |
|
| 655 | + FROM ' . prefixTable('items').' AS i |
|
| 656 | + INNER JOIN ' . prefixTable('sharekeys_items').' AS s ON (s.object_id = i.id) |
|
| 657 | 657 | WHERE i.id = %i AND s.user_id = %i', |
| 658 | 658 | $record['id'], |
| 659 | 659 | $session->get('user-id') |
@@ -72,7 +72,7 @@ discard block |
||
| 72 | 72 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('import') === false) { |
| 73 | 73 | // Not allowed page |
| 74 | 74 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 75 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 75 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 76 | 76 | exit; |
| 77 | 77 | } |
| 78 | 78 | ?> |
@@ -723,7 +723,7 @@ discard block |
||
| 723 | 723 | // Isolate first item |
| 724 | 724 | if (itemsList.length > 0) { |
| 725 | 725 | $('#import-feedback-progress-text') |
| 726 | - .html('<i class="fas fa-cog fa-spin ml-4 mr-2"></i><?php echo $lang->get('operation_progress');?> ('+((counter*100)/itemsNumber).toFixed(2)+'%) - <i id="item-title"></i>'); |
|
| 726 | + .html('<i class="fas fa-cog fa-spin ml-4 mr-2"></i><?php echo $lang->get('operation_progress'); ?> ('+((counter*100)/itemsNumber).toFixed(2)+'%) - <i id="item-title"></i>'); |
|
| 727 | 727 | |
| 728 | 728 | // XSS Filtering : |
| 729 | 729 | $('#import-feedback-progress-text').text(itemsList[0].Title); |
@@ -72,7 +72,7 @@ discard block |
||
| 72 | 72 | || (int) $session_user_admin === 1) { |
| 73 | 73 | // Not allowed page |
| 74 | 74 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 75 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 75 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 76 | 76 | exit; |
| 77 | 77 | } |
| 78 | 78 | |
@@ -125,12 +125,12 @@ discard block |
||
| 125 | 125 | if (empty($fav) === false) { |
| 126 | 126 | $data = DB::queryFirstRow( |
| 127 | 127 | 'SELECT i.label, i.description, i.id, i.id_tree, t.title |
| 128 | - FROM ' . prefixTable('items') . ' as i |
|
| 129 | - INNER JOIN ' . prefixTable('nested_tree') . ' as t ON (t.id = i.id_tree) |
|
| 128 | + FROM ' . prefixTable('items').' as i |
|
| 129 | + INNER JOIN ' . prefixTable('nested_tree').' as t ON (t.id = i.id_tree) |
|
| 130 | 130 | WHERE i.id = %i', |
| 131 | 131 | $fav |
| 132 | 132 | ); |
| 133 | - if (! empty($data['label'])) { |
|
| 133 | + if (!empty($data['label'])) { |
|
| 134 | 134 | ?> |
| 135 | 135 | <tr> |
| 136 | 136 | <td> |
