Passed
Push — development ( 8a50f9...cdd69c )
by Nils
04:41
created
sources/export.queries.php 1 patch
Switch Indentation   +172 added lines, -172 removed lines patch added patch discarded remove patch
@@ -452,24 +452,24 @@  discard block
 block discarded – undo
452 452
             break;
453 453
 
454 454
     //CASE export in HTML format
455
-    case "export_to_html_format":
456
-        // step 1:
457
-        // - prepare export file
458
-        // - get full list of objects id to export
459
-        include $SETTINGS['cpassman_dir'].'/includes/config/include.php';
460
-        include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php';
461
-        $idsList = array();
462
-        $objNumber = 0;
463
-
464
-        foreach (explode(';', $post_ids) as $id) {
465
-            if (in_array($id, $_SESSION['forbiden_pfs']) === false
466
-                && in_array($id, $_SESSION['groupes_visibles']) === true
467
-                && (in_array($id, $_SESSION['no_access_folders']) === false)
468
-            ) {
469
-                //echo $id." > ".in_array($id, $_SESSION['groupes_visibles'])." ;; ";
470
-                // count elements to display
471
-                $result = DB::query(
472
-                    "SELECT i.id AS id, i.label AS label, i.restricted_to AS restricted_to, i.perso AS perso
455
+        case "export_to_html_format":
456
+            // step 1:
457
+            // - prepare export file
458
+            // - get full list of objects id to export
459
+            include $SETTINGS['cpassman_dir'].'/includes/config/include.php';
460
+            include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php';
461
+            $idsList = array();
462
+            $objNumber = 0;
463
+
464
+            foreach (explode(';', $post_ids) as $id) {
465
+                if (in_array($id, $_SESSION['forbiden_pfs']) === false
466
+                    && in_array($id, $_SESSION['groupes_visibles']) === true
467
+                    && (in_array($id, $_SESSION['no_access_folders']) === false)
468
+                ) {
469
+                    //echo $id." > ".in_array($id, $_SESSION['groupes_visibles'])." ;; ";
470
+                    // count elements to display
471
+                    $result = DB::query(
472
+                        "SELECT i.id AS id, i.label AS label, i.restricted_to AS restricted_to, i.perso AS perso
473 473
                     FROM ".prefix_table("items")." as i
474 474
                     INNER JOIN ".prefix_table("nested_tree")." as n ON (i.id_tree = n.id)
475 475
                     INNER JOIN ".prefix_table("log_items")." as l ON (i.id = l.id_item)
@@ -477,41 +477,41 @@  discard block
 block discarded – undo
477 477
                     AND i.id_tree= %i
478 478
                     AND (l.action = %s OR (l.action = %s AND l.raison LIKE %s))
479 479
                     ORDER BY i.label ASC, l.date DESC",
480
-                    "0",
481
-                    $id,
482
-                    "at_creation",
483
-                    "at_modification",
484
-                    "at_pw :%"
485
-                );
486
-                foreach ($result as $record) {
487
-                    $restricted_users_array = explode(';', $record['restricted_to']);
488
-                    if (((in_array($id, $_SESSION['personal_visible_groups']) === true
489
-                        && !($record['perso'] == 1 && $_SESSION['user_id'] == $record['restricted_to'])
490
-                        && empty($record['restricted_to']) === false)
491
-                        ||
492
-                        (empty($record['restricted_to']) === false 
493
-                        && in_array($_SESSION['user_id'], $restricted_users_array) === false)
494
-                        ||
495
-                        (in_array($id, $_SESSION['groupes_visibles']))
496
-                        ) && (
497
-                        in_array($record['id'], $idsList) === false
498
-                        )
499
-                    ) {
500
-                        array_push($idsList, $record['id']);
501
-                        $objNumber++;
480
+                        "0",
481
+                        $id,
482
+                        "at_creation",
483
+                        "at_modification",
484
+                        "at_pw :%"
485
+                    );
486
+                    foreach ($result as $record) {
487
+                        $restricted_users_array = explode(';', $record['restricted_to']);
488
+                        if (((in_array($id, $_SESSION['personal_visible_groups']) === true
489
+                            && !($record['perso'] == 1 && $_SESSION['user_id'] == $record['restricted_to'])
490
+                            && empty($record['restricted_to']) === false)
491
+                            ||
492
+                            (empty($record['restricted_to']) === false 
493
+                            && in_array($_SESSION['user_id'], $restricted_users_array) === false)
494
+                            ||
495
+                            (in_array($id, $_SESSION['groupes_visibles']))
496
+                            ) && (
497
+                            in_array($record['id'], $idsList) === false
498
+                            )
499
+                        ) {
500
+                            array_push($idsList, $record['id']);
501
+                            $objNumber++;
502
+                        }
502 503
                     }
503 504
                 }
504 505
             }
505
-        }
506 506
 
507
-            // prepare export file
508
-            //save the file
509
-            $html_file = '/teampass_export_'.time().'_'.generateKey().'.html';
510
-            //print_r($full_listing);
511
-            $outstream = fopen($SETTINGS['path_to_files_folder'].$html_file, "w");
512
-            fwrite(
513
-                $outstream,
514
-                '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
507
+                // prepare export file
508
+                //save the file
509
+                $html_file = '/teampass_export_'.time().'_'.generateKey().'.html';
510
+                //print_r($full_listing);
511
+                $outstream = fopen($SETTINGS['path_to_files_folder'].$html_file, "w");
512
+                fwrite(
513
+                    $outstream,
514
+                    '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
515 515
     <head>
516 516
     <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
517 517
     <title>TeamPass Off-line mode</title>
@@ -551,38 +551,38 @@  discard block
 block discarded – undo
551 551
             <th style="width:20%;">'.$LANG['url'].'</th>
552 552
         </tr></thead>
553 553
         <tbody id="itemsTable_tbody">'
554
-            );
555
-
556
-        fclose($outstream);
554
+                );
557 555
 
558
-        // send back and continue
559
-        echo '[{"loop":"true", "number":"'.$objNumber.'", "file":"'.$SETTINGS['path_to_files_folder'].$html_file.'" , "file_link":"'.$SETTINGS['url_to_files_folder'].$html_file.'"}]';
560
-        break;
556
+            fclose($outstream);
561 557
 
562
-    //CASE export in HTML format - Iteration loop
563
-    case "export_to_html_format_loop":
564
-        // do checks ... if fails, return an error
565
-        if (null === $post_idTree || null === $post_idsList) {
566
-            echo '[{"error":"true"}]';
558
+            // send back and continue
559
+            echo '[{"loop":"true", "number":"'.$objNumber.'", "file":"'.$SETTINGS['path_to_files_folder'].$html_file.'" , "file_link":"'.$SETTINGS['url_to_files_folder'].$html_file.'"}]';
567 560
             break;
568
-        }
569 561
 
570
-        // exclude this folder if not allowed
571
-        if (in_array($post_idTree, $_SESSION['forbiden_pfs']) === true
572
-            || in_array($post_idTree, $_SESSION['groupes_visibles']) === false
573
-            || (in_array($post_idTree, $_SESSION['no_access_folders']) === true)
574
-        ) {
575
-            echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]';
576
-            break;
577
-        }
562
+        //CASE export in HTML format - Iteration loop
563
+        case "export_to_html_format_loop":
564
+            // do checks ... if fails, return an error
565
+            if (null === $post_idTree || null === $post_idsList) {
566
+                echo '[{"error":"true"}]';
567
+                break;
568
+            }
578 569
 
579
-        $full_listing = array();
580
-        $items_id_list = array();
581
-        include $SETTINGS['cpassman_dir'].'/includes/config/include.php';
582
-        include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php';
570
+            // exclude this folder if not allowed
571
+            if (in_array($post_idTree, $_SESSION['forbiden_pfs']) === true
572
+                || in_array($post_idTree, $_SESSION['groupes_visibles']) === false
573
+                || (in_array($post_idTree, $_SESSION['no_access_folders']) === true)
574
+            ) {
575
+                echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]';
576
+                break;
577
+            }
578
+
579
+            $full_listing = array();
580
+            $items_id_list = array();
581
+            include $SETTINGS['cpassman_dir'].'/includes/config/include.php';
582
+            include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php';
583 583
 
584
-        $rows = DB::query(
585
-            "SELECT i.id as id, i.url as url, i.perso as perso, i.label as label, i.description as description, i.pw as pw, i.login as login, i.id_tree as id_tree,
584
+            $rows = DB::query(
585
+                "SELECT i.id as id, i.url as url, i.perso as perso, i.label as label, i.description as description, i.pw as pw, i.login as login, i.id_tree as id_tree,
586 586
                 l.date as date, i.pw_iv as pw_iv,
587 587
                 n.renewal_period as renewal_period
588 588
             FROM ".prefix_table("items")." as i
@@ -592,108 +592,108 @@  discard block
 block discarded – undo
592 592
             AND i.id_tree= %i
593 593
             AND (l.action = %s OR (l.action = %s AND l.raison LIKE %s))
594 594
             ORDER BY i.label ASC, l.date DESC",
595
-            "0",
596
-            $post_idTree,
597
-            "at_creation",
598
-            "at_modification",
599
-            "at_pw :%"
600
-        );
601
-
602
-        foreach ($rows as $record) {
603
-            //exclude all results except the first one returned by query
604
-            if (empty($id_managed) || $id_managed != $record['id']) {
605
-                // decrypt PW
606
-                if (empty($post_salt_key) === false && null !== $post_salt_key) {
607
-                    $pw = cryption(
608
-                        $record['pw'],
609
-                        mysqli_escape_string($link, stripslashes($post_salt_key)),
610
-                        "decrypt"
595
+                "0",
596
+                $post_idTree,
597
+                "at_creation",
598
+                "at_modification",
599
+                "at_pw :%"
600
+            );
601
+
602
+            foreach ($rows as $record) {
603
+                //exclude all results except the first one returned by query
604
+                if (empty($id_managed) || $id_managed != $record['id']) {
605
+                    // decrypt PW
606
+                    if (empty($post_salt_key) === false && null !== $post_salt_key) {
607
+                        $pw = cryption(
608
+                            $record['pw'],
609
+                            mysqli_escape_string($link, stripslashes($post_salt_key)),
610
+                            "decrypt"
611
+                        );
612
+                    } else {
613
+                        $pw = cryption(
614
+                            $record['pw'],
615
+                            "",
616
+                            "decrypt"
617
+                        );
618
+                    }
619
+                    array_push(
620
+                        $full_listing, array(
621
+                            'id_tree' => $record['id_tree'],
622
+                            'id' => $record['id'],
623
+                            'label' => $record['label'],
624
+                            'description' => addslashes(str_replace(array(";", "<br />"), array("|", "\n\r"), mysqli_escape_string($link, stripslashes(utf8_decode($record['description']))))),
625
+                            'pw' => $pw['string'],
626
+                            'login' => $record['login'],
627
+                            'url' => $record['url'],
628
+                            'perso' => $record['perso']
629
+                        )
611 630
                     );
612
-                } else {
613
-                    $pw = cryption(
614
-                        $record['pw'],
615
-                        "",
616
-                        "decrypt"
631
+                    $i++;
632
+                    array_push($items_id_list, $record['id']);
633
+
634
+                    // log
635
+                    logItems(
636
+                        $record['id'],
637
+                        $record['l SeekableIteratorabel'],
638
+                        $_SESSION['user_id'],
639
+                        'at_export',
640
+                        $_SESSION['login'],
641
+                        'html'
617 642
                     );
618 643
                 }
619
-                array_push(
620
-                    $full_listing, array(
621
-                        'id_tree' => $record['id_tree'],
622
-                        'id' => $record['id'],
623
-                        'label' => $record['label'],
624
-                        'description' => addslashes(str_replace(array(";", "<br />"), array("|", "\n\r"), mysqli_escape_string($link, stripslashes(utf8_decode($record['description']))))),
625
-                        'pw' => $pw['string'],
626
-                        'login' => $record['login'],
627
-                        'url' => $record['url'],
628
-                        'perso' => $record['perso']
629
-                    )
630
-                );
631
-                $i++;
632
-                array_push($items_id_list, $record['id']);
633
-
634
-                // log
635
-                logItems(
636
-                    $record['id'],
637
-                    $record['l SeekableIteratorabel'],
638
-                    $_SESSION['user_id'],
639
-                    'at_export',
640
-                    $_SESSION['login'],
641
-                    'html'
642
-                );
644
+                $id_managed = $record['id'];
643 645
             }
644
-            $id_managed = $record['id'];
645
-        }
646 646
 
647
-        //save in export file
648
-        $outstream = fopen($post_file.'.txt', "a");
647
+            //save in export file
648
+            $outstream = fopen($post_file.'.txt', "a");
649 649
 
650
-        $lineType = "line1";
651
-        $idTree = "";
652
-        foreach ($full_listing as $elem) {
653
-            if ($lineType == "line0") {
654
-                $lineType = "line1";
655
-            } else {
656
-                $lineType = "line0";
657
-            }
658
-            if (empty($elem['description'])) {
659
-                $desc = '&nbsp;';
660
-            } else {
661
-                $desc = addslashes($elem['description']);
662
-            }
663
-            if (empty($elem['login'])) {
664
-                $login = '&nbsp;';
665
-            } else {
666
-                $login = addslashes($elem['login']);
667
-            }
668
-            if (empty($elem['url'])) {
669
-                $url = '&nbsp;';
670
-            } else {
671
-                $url = addslashes($elem['url']);
672
-            }
650
+            $lineType = "line1";
651
+            $idTree = "";
652
+            foreach ($full_listing as $elem) {
653
+                if ($lineType == "line0") {
654
+                    $lineType = "line1";
655
+                } else {
656
+                    $lineType = "line0";
657
+                }
658
+                if (empty($elem['description'])) {
659
+                    $desc = '&nbsp;';
660
+                } else {
661
+                    $desc = addslashes($elem['description']);
662
+                }
663
+                if (empty($elem['login'])) {
664
+                    $login = '&nbsp;';
665
+                } else {
666
+                    $login = addslashes($elem['login']);
667
+                }
668
+                if (empty($elem['url'])) {
669
+                    $url = '&nbsp;';
670
+                } else {
671
+                    $url = addslashes($elem['url']);
672
+                }
673 673
 
674
-            // Prepare tree
675
-            if ($idTree != $elem['id_tree']) {
676
-                $arbo = $tree->getPath($elem['id_tree'], true);
677
-                foreach ($arbo as $folder) {
678
-                    $arboHtml_tmp = htmlspecialchars(stripslashes($folder->title), ENT_QUOTES);
679
-                    if (empty($arboHtml)) {
680
-                        $arboHtml = $arboHtml_tmp;
681
-                    } else {
682
-                        $arboHtml .= ' » '.$arboHtml_tmp;
674
+                // Prepare tree
675
+                if ($idTree != $elem['id_tree']) {
676
+                    $arbo = $tree->getPath($elem['id_tree'], true);
677
+                    foreach ($arbo as $folder) {
678
+                        $arboHtml_tmp = htmlspecialchars(stripslashes($folder->title), ENT_QUOTES);
679
+                        if (empty($arboHtml)) {
680
+                            $arboHtml = $arboHtml_tmp;
681
+                        } else {
682
+                            $arboHtml .= ' » '.$arboHtml_tmp;
683
+                        }
683 684
                     }
685
+                    fputs(
686
+                        $outstream,
687
+                        '
688
+        <tr class="path"><td colspan="5">'.$arboHtml.'</td></tr>'
689
+                    );
690
+                    $idTree = $elem['id_tree'];
684 691
                 }
692
+
693
+                $encPw = GibberishAES::enc($elem['pw'], $post_pdf_password);
685 694
                 fputs(
686 695
                     $outstream,
687 696
                     '
688
-        <tr class="path"><td colspan="5">'.$arboHtml.'</td></tr>'
689
-                );
690
-                $idTree = $elem['id_tree'];
691
-            }
692
-
693
-            $encPw = GibberishAES::enc($elem['pw'], $post_pdf_password);
694
-            fputs(
695
-                $outstream,
696
-                '
697 697
         <tr class="'.$lineType.'">
698 698
             <td>'.addslashes($elem['label']).'</td>
699 699
             <td align="center"><span class="span_pw" id="span_'.$elem['id'].'"><a href="#" onclick="decryptme('.$elem['id'].', \''.$encPw.'\');return false;">Decrypt </a></span><input type="hidden" id="hide_'.$elem['id'].'" value="'.$encPw.'" /></td>
@@ -701,16 +701,16 @@  discard block
 block discarded – undo
701 701
             <td align="center">'.$login.'</td>
702 702
             <td align="center">'.$url.'</td>
703 703
             </tr>'
704
-            );
705
-        }
704
+                );
705
+            }
706 706
 
707
-        fclose($outstream);
707
+            fclose($outstream);
708 708
 
709
-        // send back and continue
710
-        echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]';
711
-        break;
709
+            // send back and continue
710
+            echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]';
711
+            break;
712 712
 
713
-            //CASE export in HTML format - Iteration loop
713
+                //CASE export in HTML format - Iteration loop
714 714
         case "export_to_html_format_finalize":
715 715
             // Load includes
716 716
             include $SETTINGS['cpassman_dir'].'/includes/config/include.php';
Please login to merge, or discard this patch.