@@ -452,24 +452,24 @@ discard block |
||
452 | 452 | break; |
453 | 453 | |
454 | 454 | //CASE export in HTML format |
455 | - case "export_to_html_format": |
|
456 | - // step 1: |
|
457 | - // - prepare export file |
|
458 | - // - get full list of objects id to export |
|
459 | - include $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |
|
460 | - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php'; |
|
461 | - $idsList = array(); |
|
462 | - $objNumber = 0; |
|
463 | - |
|
464 | - foreach (explode(';', $post_ids) as $id) { |
|
465 | - if (in_array($id, $_SESSION['forbiden_pfs']) === false |
|
466 | - && in_array($id, $_SESSION['groupes_visibles']) === true |
|
467 | - && (in_array($id, $_SESSION['no_access_folders']) === false) |
|
468 | - ) { |
|
469 | - //echo $id." > ".in_array($id, $_SESSION['groupes_visibles'])." ;; "; |
|
470 | - // count elements to display |
|
471 | - $result = DB::query( |
|
472 | - "SELECT i.id AS id, i.label AS label, i.restricted_to AS restricted_to, i.perso AS perso |
|
455 | + case "export_to_html_format": |
|
456 | + // step 1: |
|
457 | + // - prepare export file |
|
458 | + // - get full list of objects id to export |
|
459 | + include $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |
|
460 | + include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php'; |
|
461 | + $idsList = array(); |
|
462 | + $objNumber = 0; |
|
463 | + |
|
464 | + foreach (explode(';', $post_ids) as $id) { |
|
465 | + if (in_array($id, $_SESSION['forbiden_pfs']) === false |
|
466 | + && in_array($id, $_SESSION['groupes_visibles']) === true |
|
467 | + && (in_array($id, $_SESSION['no_access_folders']) === false) |
|
468 | + ) { |
|
469 | + //echo $id." > ".in_array($id, $_SESSION['groupes_visibles'])." ;; "; |
|
470 | + // count elements to display |
|
471 | + $result = DB::query( |
|
472 | + "SELECT i.id AS id, i.label AS label, i.restricted_to AS restricted_to, i.perso AS perso |
|
473 | 473 | FROM ".prefix_table("items")." as i |
474 | 474 | INNER JOIN ".prefix_table("nested_tree")." as n ON (i.id_tree = n.id) |
475 | 475 | INNER JOIN ".prefix_table("log_items")." as l ON (i.id = l.id_item) |
@@ -477,41 +477,41 @@ discard block |
||
477 | 477 | AND i.id_tree= %i |
478 | 478 | AND (l.action = %s OR (l.action = %s AND l.raison LIKE %s)) |
479 | 479 | ORDER BY i.label ASC, l.date DESC", |
480 | - "0", |
|
481 | - $id, |
|
482 | - "at_creation", |
|
483 | - "at_modification", |
|
484 | - "at_pw :%" |
|
485 | - ); |
|
486 | - foreach ($result as $record) { |
|
487 | - $restricted_users_array = explode(';', $record['restricted_to']); |
|
488 | - if (((in_array($id, $_SESSION['personal_visible_groups']) === true |
|
489 | - && !($record['perso'] == 1 && $_SESSION['user_id'] == $record['restricted_to']) |
|
490 | - && empty($record['restricted_to']) === false) |
|
491 | - || |
|
492 | - (empty($record['restricted_to']) === false |
|
493 | - && in_array($_SESSION['user_id'], $restricted_users_array) === false) |
|
494 | - || |
|
495 | - (in_array($id, $_SESSION['groupes_visibles'])) |
|
496 | - ) && ( |
|
497 | - in_array($record['id'], $idsList) === false |
|
498 | - ) |
|
499 | - ) { |
|
500 | - array_push($idsList, $record['id']); |
|
501 | - $objNumber++; |
|
480 | + "0", |
|
481 | + $id, |
|
482 | + "at_creation", |
|
483 | + "at_modification", |
|
484 | + "at_pw :%" |
|
485 | + ); |
|
486 | + foreach ($result as $record) { |
|
487 | + $restricted_users_array = explode(';', $record['restricted_to']); |
|
488 | + if (((in_array($id, $_SESSION['personal_visible_groups']) === true |
|
489 | + && !($record['perso'] == 1 && $_SESSION['user_id'] == $record['restricted_to']) |
|
490 | + && empty($record['restricted_to']) === false) |
|
491 | + || |
|
492 | + (empty($record['restricted_to']) === false |
|
493 | + && in_array($_SESSION['user_id'], $restricted_users_array) === false) |
|
494 | + || |
|
495 | + (in_array($id, $_SESSION['groupes_visibles'])) |
|
496 | + ) && ( |
|
497 | + in_array($record['id'], $idsList) === false |
|
498 | + ) |
|
499 | + ) { |
|
500 | + array_push($idsList, $record['id']); |
|
501 | + $objNumber++; |
|
502 | + } |
|
502 | 503 | } |
503 | 504 | } |
504 | 505 | } |
505 | - } |
|
506 | 506 | |
507 | - // prepare export file |
|
508 | - //save the file |
|
509 | - $html_file = '/teampass_export_'.time().'_'.generateKey().'.html'; |
|
510 | - //print_r($full_listing); |
|
511 | - $outstream = fopen($SETTINGS['path_to_files_folder'].$html_file, "w"); |
|
512 | - fwrite( |
|
513 | - $outstream, |
|
514 | - '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
|
507 | + // prepare export file |
|
508 | + //save the file |
|
509 | + $html_file = '/teampass_export_'.time().'_'.generateKey().'.html'; |
|
510 | + //print_r($full_listing); |
|
511 | + $outstream = fopen($SETTINGS['path_to_files_folder'].$html_file, "w"); |
|
512 | + fwrite( |
|
513 | + $outstream, |
|
514 | + '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
|
515 | 515 | <head> |
516 | 516 | <meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> |
517 | 517 | <title>TeamPass Off-line mode</title> |
@@ -551,38 +551,38 @@ discard block |
||
551 | 551 | <th style="width:20%;">'.$LANG['url'].'</th> |
552 | 552 | </tr></thead> |
553 | 553 | <tbody id="itemsTable_tbody">' |
554 | - ); |
|
555 | - |
|
556 | - fclose($outstream); |
|
554 | + ); |
|
557 | 555 | |
558 | - // send back and continue |
|
559 | - echo '[{"loop":"true", "number":"'.$objNumber.'", "file":"'.$SETTINGS['path_to_files_folder'].$html_file.'" , "file_link":"'.$SETTINGS['url_to_files_folder'].$html_file.'"}]'; |
|
560 | - break; |
|
556 | + fclose($outstream); |
|
561 | 557 | |
562 | - //CASE export in HTML format - Iteration loop |
|
563 | - case "export_to_html_format_loop": |
|
564 | - // do checks ... if fails, return an error |
|
565 | - if (null === $post_idTree || null === $post_idsList) { |
|
566 | - echo '[{"error":"true"}]'; |
|
558 | + // send back and continue |
|
559 | + echo '[{"loop":"true", "number":"'.$objNumber.'", "file":"'.$SETTINGS['path_to_files_folder'].$html_file.'" , "file_link":"'.$SETTINGS['url_to_files_folder'].$html_file.'"}]'; |
|
567 | 560 | break; |
568 | - } |
|
569 | 561 | |
570 | - // exclude this folder if not allowed |
|
571 | - if (in_array($post_idTree, $_SESSION['forbiden_pfs']) === true |
|
572 | - || in_array($post_idTree, $_SESSION['groupes_visibles']) === false |
|
573 | - || (in_array($post_idTree, $_SESSION['no_access_folders']) === true) |
|
574 | - ) { |
|
575 | - echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]'; |
|
576 | - break; |
|
577 | - } |
|
562 | + //CASE export in HTML format - Iteration loop |
|
563 | + case "export_to_html_format_loop": |
|
564 | + // do checks ... if fails, return an error |
|
565 | + if (null === $post_idTree || null === $post_idsList) { |
|
566 | + echo '[{"error":"true"}]'; |
|
567 | + break; |
|
568 | + } |
|
578 | 569 | |
579 | - $full_listing = array(); |
|
580 | - $items_id_list = array(); |
|
581 | - include $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |
|
582 | - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php'; |
|
570 | + // exclude this folder if not allowed |
|
571 | + if (in_array($post_idTree, $_SESSION['forbiden_pfs']) === true |
|
572 | + || in_array($post_idTree, $_SESSION['groupes_visibles']) === false |
|
573 | + || (in_array($post_idTree, $_SESSION['no_access_folders']) === true) |
|
574 | + ) { |
|
575 | + echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]'; |
|
576 | + break; |
|
577 | + } |
|
578 | + |
|
579 | + $full_listing = array(); |
|
580 | + $items_id_list = array(); |
|
581 | + include $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |
|
582 | + include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php'; |
|
583 | 583 | |
584 | - $rows = DB::query( |
|
585 | - "SELECT i.id as id, i.url as url, i.perso as perso, i.label as label, i.description as description, i.pw as pw, i.login as login, i.id_tree as id_tree, |
|
584 | + $rows = DB::query( |
|
585 | + "SELECT i.id as id, i.url as url, i.perso as perso, i.label as label, i.description as description, i.pw as pw, i.login as login, i.id_tree as id_tree, |
|
586 | 586 | l.date as date, i.pw_iv as pw_iv, |
587 | 587 | n.renewal_period as renewal_period |
588 | 588 | FROM ".prefix_table("items")." as i |
@@ -592,108 +592,108 @@ discard block |
||
592 | 592 | AND i.id_tree= %i |
593 | 593 | AND (l.action = %s OR (l.action = %s AND l.raison LIKE %s)) |
594 | 594 | ORDER BY i.label ASC, l.date DESC", |
595 | - "0", |
|
596 | - $post_idTree, |
|
597 | - "at_creation", |
|
598 | - "at_modification", |
|
599 | - "at_pw :%" |
|
600 | - ); |
|
601 | - |
|
602 | - foreach ($rows as $record) { |
|
603 | - //exclude all results except the first one returned by query |
|
604 | - if (empty($id_managed) || $id_managed != $record['id']) { |
|
605 | - // decrypt PW |
|
606 | - if (empty($post_salt_key) === false && null !== $post_salt_key) { |
|
607 | - $pw = cryption( |
|
608 | - $record['pw'], |
|
609 | - mysqli_escape_string($link, stripslashes($post_salt_key)), |
|
610 | - "decrypt" |
|
595 | + "0", |
|
596 | + $post_idTree, |
|
597 | + "at_creation", |
|
598 | + "at_modification", |
|
599 | + "at_pw :%" |
|
600 | + ); |
|
601 | + |
|
602 | + foreach ($rows as $record) { |
|
603 | + //exclude all results except the first one returned by query |
|
604 | + if (empty($id_managed) || $id_managed != $record['id']) { |
|
605 | + // decrypt PW |
|
606 | + if (empty($post_salt_key) === false && null !== $post_salt_key) { |
|
607 | + $pw = cryption( |
|
608 | + $record['pw'], |
|
609 | + mysqli_escape_string($link, stripslashes($post_salt_key)), |
|
610 | + "decrypt" |
|
611 | + ); |
|
612 | + } else { |
|
613 | + $pw = cryption( |
|
614 | + $record['pw'], |
|
615 | + "", |
|
616 | + "decrypt" |
|
617 | + ); |
|
618 | + } |
|
619 | + array_push( |
|
620 | + $full_listing, array( |
|
621 | + 'id_tree' => $record['id_tree'], |
|
622 | + 'id' => $record['id'], |
|
623 | + 'label' => $record['label'], |
|
624 | + 'description' => addslashes(str_replace(array(";", "<br />"), array("|", "\n\r"), mysqli_escape_string($link, stripslashes(utf8_decode($record['description']))))), |
|
625 | + 'pw' => $pw['string'], |
|
626 | + 'login' => $record['login'], |
|
627 | + 'url' => $record['url'], |
|
628 | + 'perso' => $record['perso'] |
|
629 | + ) |
|
611 | 630 | ); |
612 | - } else { |
|
613 | - $pw = cryption( |
|
614 | - $record['pw'], |
|
615 | - "", |
|
616 | - "decrypt" |
|
631 | + $i++; |
|
632 | + array_push($items_id_list, $record['id']); |
|
633 | + |
|
634 | + // log |
|
635 | + logItems( |
|
636 | + $record['id'], |
|
637 | + $record['l SeekableIteratorabel'], |
|
638 | + $_SESSION['user_id'], |
|
639 | + 'at_export', |
|
640 | + $_SESSION['login'], |
|
641 | + 'html' |
|
617 | 642 | ); |
618 | 643 | } |
619 | - array_push( |
|
620 | - $full_listing, array( |
|
621 | - 'id_tree' => $record['id_tree'], |
|
622 | - 'id' => $record['id'], |
|
623 | - 'label' => $record['label'], |
|
624 | - 'description' => addslashes(str_replace(array(";", "<br />"), array("|", "\n\r"), mysqli_escape_string($link, stripslashes(utf8_decode($record['description']))))), |
|
625 | - 'pw' => $pw['string'], |
|
626 | - 'login' => $record['login'], |
|
627 | - 'url' => $record['url'], |
|
628 | - 'perso' => $record['perso'] |
|
629 | - ) |
|
630 | - ); |
|
631 | - $i++; |
|
632 | - array_push($items_id_list, $record['id']); |
|
633 | - |
|
634 | - // log |
|
635 | - logItems( |
|
636 | - $record['id'], |
|
637 | - $record['l SeekableIteratorabel'], |
|
638 | - $_SESSION['user_id'], |
|
639 | - 'at_export', |
|
640 | - $_SESSION['login'], |
|
641 | - 'html' |
|
642 | - ); |
|
644 | + $id_managed = $record['id']; |
|
643 | 645 | } |
644 | - $id_managed = $record['id']; |
|
645 | - } |
|
646 | 646 | |
647 | - //save in export file |
|
648 | - $outstream = fopen($post_file.'.txt', "a"); |
|
647 | + //save in export file |
|
648 | + $outstream = fopen($post_file.'.txt', "a"); |
|
649 | 649 | |
650 | - $lineType = "line1"; |
|
651 | - $idTree = ""; |
|
652 | - foreach ($full_listing as $elem) { |
|
653 | - if ($lineType == "line0") { |
|
654 | - $lineType = "line1"; |
|
655 | - } else { |
|
656 | - $lineType = "line0"; |
|
657 | - } |
|
658 | - if (empty($elem['description'])) { |
|
659 | - $desc = ' '; |
|
660 | - } else { |
|
661 | - $desc = addslashes($elem['description']); |
|
662 | - } |
|
663 | - if (empty($elem['login'])) { |
|
664 | - $login = ' '; |
|
665 | - } else { |
|
666 | - $login = addslashes($elem['login']); |
|
667 | - } |
|
668 | - if (empty($elem['url'])) { |
|
669 | - $url = ' '; |
|
670 | - } else { |
|
671 | - $url = addslashes($elem['url']); |
|
672 | - } |
|
650 | + $lineType = "line1"; |
|
651 | + $idTree = ""; |
|
652 | + foreach ($full_listing as $elem) { |
|
653 | + if ($lineType == "line0") { |
|
654 | + $lineType = "line1"; |
|
655 | + } else { |
|
656 | + $lineType = "line0"; |
|
657 | + } |
|
658 | + if (empty($elem['description'])) { |
|
659 | + $desc = ' '; |
|
660 | + } else { |
|
661 | + $desc = addslashes($elem['description']); |
|
662 | + } |
|
663 | + if (empty($elem['login'])) { |
|
664 | + $login = ' '; |
|
665 | + } else { |
|
666 | + $login = addslashes($elem['login']); |
|
667 | + } |
|
668 | + if (empty($elem['url'])) { |
|
669 | + $url = ' '; |
|
670 | + } else { |
|
671 | + $url = addslashes($elem['url']); |
|
672 | + } |
|
673 | 673 | |
674 | - // Prepare tree |
|
675 | - if ($idTree != $elem['id_tree']) { |
|
676 | - $arbo = $tree->getPath($elem['id_tree'], true); |
|
677 | - foreach ($arbo as $folder) { |
|
678 | - $arboHtml_tmp = htmlspecialchars(stripslashes($folder->title), ENT_QUOTES); |
|
679 | - if (empty($arboHtml)) { |
|
680 | - $arboHtml = $arboHtml_tmp; |
|
681 | - } else { |
|
682 | - $arboHtml .= ' » '.$arboHtml_tmp; |
|
674 | + // Prepare tree |
|
675 | + if ($idTree != $elem['id_tree']) { |
|
676 | + $arbo = $tree->getPath($elem['id_tree'], true); |
|
677 | + foreach ($arbo as $folder) { |
|
678 | + $arboHtml_tmp = htmlspecialchars(stripslashes($folder->title), ENT_QUOTES); |
|
679 | + if (empty($arboHtml)) { |
|
680 | + $arboHtml = $arboHtml_tmp; |
|
681 | + } else { |
|
682 | + $arboHtml .= ' » '.$arboHtml_tmp; |
|
683 | + } |
|
683 | 684 | } |
685 | + fputs( |
|
686 | + $outstream, |
|
687 | + ' |
|
688 | + <tr class="path"><td colspan="5">'.$arboHtml.'</td></tr>' |
|
689 | + ); |
|
690 | + $idTree = $elem['id_tree']; |
|
684 | 691 | } |
692 | + |
|
693 | + $encPw = GibberishAES::enc($elem['pw'], $post_pdf_password); |
|
685 | 694 | fputs( |
686 | 695 | $outstream, |
687 | 696 | ' |
688 | - <tr class="path"><td colspan="5">'.$arboHtml.'</td></tr>' |
|
689 | - ); |
|
690 | - $idTree = $elem['id_tree']; |
|
691 | - } |
|
692 | - |
|
693 | - $encPw = GibberishAES::enc($elem['pw'], $post_pdf_password); |
|
694 | - fputs( |
|
695 | - $outstream, |
|
696 | - ' |
|
697 | 697 | <tr class="'.$lineType.'"> |
698 | 698 | <td>'.addslashes($elem['label']).'</td> |
699 | 699 | <td align="center"><span class="span_pw" id="span_'.$elem['id'].'"><a href="#" onclick="decryptme('.$elem['id'].', \''.$encPw.'\');return false;">Decrypt </a></span><input type="hidden" id="hide_'.$elem['id'].'" value="'.$encPw.'" /></td> |
@@ -701,16 +701,16 @@ discard block |
||
701 | 701 | <td align="center">'.$login.'</td> |
702 | 702 | <td align="center">'.$url.'</td> |
703 | 703 | </tr>' |
704 | - ); |
|
705 | - } |
|
704 | + ); |
|
705 | + } |
|
706 | 706 | |
707 | - fclose($outstream); |
|
707 | + fclose($outstream); |
|
708 | 708 | |
709 | - // send back and continue |
|
710 | - echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]'; |
|
711 | - break; |
|
709 | + // send back and continue |
|
710 | + echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]'; |
|
711 | + break; |
|
712 | 712 | |
713 | - //CASE export in HTML format - Iteration loop |
|
713 | + //CASE export in HTML format - Iteration loop |
|
714 | 714 | case "export_to_html_format_finalize": |
715 | 715 | // Load includes |
716 | 716 | include $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |