nilsteampassnet /
TeamPass
@@ -38,7 +38,7 @@ |
||
| 38 | 38 | "error" => '', |
| 39 | 39 | ); |
| 40 | 40 | |
| 41 | - }catch (Exception $e) { |
|
| 41 | + } catch (Exception $e) { |
|
| 42 | 42 | return false; |
| 43 | 43 | } |
| 44 | 44 | } |
@@ -34,7 +34,7 @@ discard block |
||
| 34 | 34 | $ret = []; |
| 35 | 35 | |
| 36 | 36 | foreach ($rows as $row) { |
| 37 | - $isVisible = in_array((int) $row['id'], $foldersId); |
|
| 37 | + $isVisible = in_array((int) $row['id'], $foldersId); |
|
| 38 | 38 | $childrens = $this->getFoldersChildren($row['id'], $foldersId); |
| 39 | 39 | |
| 40 | 40 | if ($isVisible || count($childrens) > 0) { |
@@ -43,7 +43,7 @@ discard block |
||
| 43 | 43 | [ |
| 44 | 44 | 'id' => (int) $row['id'], |
| 45 | 45 | 'title' => $row['title'], |
| 46 | - 'isVisible' => $isVisible, |
|
| 46 | + 'isVisible' => $isVisible, |
|
| 47 | 47 | 'childrens' => $childrens |
| 48 | 48 | ] |
| 49 | 49 | ); |
@@ -63,7 +63,7 @@ discard block |
||
| 63 | 63 | |
| 64 | 64 | if ( count($childrens) > 0) { |
| 65 | 65 | foreach ($childrens as $children) { |
| 66 | - $isVisible = in_array((int) $children['id'], $foldersId); |
|
| 66 | + $isVisible = in_array((int) $children['id'], $foldersId); |
|
| 67 | 67 | $childs = $this->getFoldersChildren($children['id'], $foldersId); |
| 68 | 68 | |
| 69 | 69 | if (in_array((int) $children['id'], $foldersId) || count($childs) > 0) { |
@@ -72,7 +72,7 @@ discard block |
||
| 72 | 72 | [ |
| 73 | 73 | 'id' => (int) $children['id'], |
| 74 | 74 | 'title' => $children['title'], |
| 75 | - 'isVisible' => $isVisible, |
|
| 75 | + 'isVisible' => $isVisible, |
|
| 76 | 76 | 'childrens' => $childs |
| 77 | 77 | ] |
| 78 | 78 | ); |
@@ -2603,7 +2603,9 @@ |
||
| 2603 | 2603 | } |
| 2604 | 2604 | |
| 2605 | 2605 | foreach ($results as $adUser) { |
| 2606 | - if (isset($adUser[$SETTINGS['ldap_user_attribute']][0]) === false) continue; |
|
| 2606 | + if (isset($adUser[$SETTINGS['ldap_user_attribute']][0]) === false) { |
|
| 2607 | + continue; |
|
| 2608 | + } |
|
| 2607 | 2609 | // Build the list of all groups in AD |
| 2608 | 2610 | if (isset($adUser['memberof']) === true) { |
| 2609 | 2611 | foreach($adUser['memberof'] as $j => $adUserGroup) { |
@@ -2225,7 +2225,7 @@ discard block |
||
| 2225 | 2225 | * <tt>exec("find ".$path." -type d -exec chmod 755 {} \;");</tt> |
| 2226 | 2226 | * |
| 2227 | 2227 | * @author Jeppe Toustrup (tenzer at tenzer dot dk) |
| 2228 | - * |
|
| 2228 | + * |
|
| 2229 | 2229 | * @param string $path An either relative or absolute path to a file or directory which should be processed. |
| 2230 | 2230 | * @param int $filePerm The permissions any found files should get. |
| 2231 | 2231 | * @param int $dirPerm The permissions any found folder should get. |
@@ -3848,7 +3848,6 @@ discard block |
||
| 3848 | 3848 | * @param integer $processId |
| 3849 | 3849 | * @param integer $nbItemsToTreat |
| 3850 | 3850 | * @return void |
| 3851 | - |
|
| 3852 | 3851 | */ |
| 3853 | 3852 | function createUserTasks($processId, $nbItemsToTreat): void |
| 3854 | 3853 | { |
@@ -2366,7 +2366,9 @@ discard block |
||
| 2366 | 2366 | function encryptUserObjectKey(string $key, string $publicKey): string |
| 2367 | 2367 | { |
| 2368 | 2368 | // Empty password |
| 2369 | - if (empty($key)) return ''; |
|
| 2369 | + if (empty($key)) { |
|
| 2370 | + return ''; |
|
| 2371 | + } |
|
| 2370 | 2372 | |
| 2371 | 2373 | // Sanitize |
| 2372 | 2374 | $antiXss = new AntiXSS(); |
@@ -2515,7 +2517,9 @@ discard block |
||
| 2515 | 2517 | ]; |
| 2516 | 2518 | } |
| 2517 | 2519 | |
| 2518 | - if (WIP) error_log('DEBUG: File image url -> '.filter_var($safeFilePath, FILTER_SANITIZE_URL)); |
|
| 2520 | + if (WIP) { |
|
| 2521 | + error_log('DEBUG: File image url -> '.filter_var($safeFilePath, FILTER_SANITIZE_URL)); |
|
| 2522 | + } |
|
| 2519 | 2523 | |
| 2520 | 2524 | // Decrypt file content and return |
| 2521 | 2525 | return base64_encode($cipher->decrypt($ciphertext)); |
@@ -2650,7 +2654,9 @@ discard block |
||
| 2650 | 2654 | foreach ($users as $user) { |
| 2651 | 2655 | // Insert in DB the new object key for this item by user |
| 2652 | 2656 | if (count($objectKeyArray) === 0) { |
| 2653 | - if (WIP === true) error_log('TEAMPASS Debug - storeUsersShareKey case1 - ' . $object_name . ' - ' . $post_object_id . ' - ' . $user['id'] . ' - ' . $objectKey); |
|
| 2657 | + if (WIP === true) { |
|
| 2658 | + error_log('TEAMPASS Debug - storeUsersShareKey case1 - ' . $object_name . ' - ' . $post_object_id . ' - ' . $user['id'] . ' - ' . $objectKey); |
|
| 2659 | + } |
|
| 2654 | 2660 | DB::insert( |
| 2655 | 2661 | $object_name, |
| 2656 | 2662 | [ |
@@ -2664,7 +2670,9 @@ discard block |
||
| 2664 | 2670 | ); |
| 2665 | 2671 | } else { |
| 2666 | 2672 | foreach ($objectKeyArray as $object) { |
| 2667 | - if (WIP === true) error_log('TEAMPASS Debug - storeUsersShareKey case2 - ' . $object_name . ' - ' . $object['objectId'] . ' - ' . $user['id'] . ' - ' . $object['objectKey']); |
|
| 2673 | + if (WIP === true) { |
|
| 2674 | + error_log('TEAMPASS Debug - storeUsersShareKey case2 - ' . $object_name . ' - ' . $object['objectId'] . ' - ' . $user['id'] . ' - ' . $object['objectKey']); |
|
| 2675 | + } |
|
| 2668 | 2676 | DB::insert( |
| 2669 | 2677 | $object_name, |
| 2670 | 2678 | [ |
@@ -3990,7 +3998,9 @@ discard block |
||
| 3990 | 3998 | $taskName = [$taskName]; |
| 3991 | 3999 | } |
| 3992 | 4000 | foreach($taskName as $task) { |
| 3993 | - if (WIP === true) error_log('createTaskForItem - task: '.$task); |
|
| 4001 | + if (WIP === true) { |
|
| 4002 | + error_log('createTaskForItem - task: '.$task); |
|
| 4003 | + } |
|
| 3994 | 4004 | switch ($task) { |
| 3995 | 4005 | case 'item_password': |
| 3996 | 4006 | |
@@ -4421,19 +4431,22 @@ discard block |
||
| 4421 | 4431 | |
| 4422 | 4432 | // Organisation name (removed username@ and .tld) |
| 4423 | 4433 | $domain = explode('.', $emailParts[1]); |
| 4424 | - if (count($domain) > 1) |
|
| 4425 | - $forbiddenWords[] = $domain[0]; |
|
| 4434 | + if (count($domain) > 1) { |
|
| 4435 | + $forbiddenWords[] = $domain[0]; |
|
| 4436 | + } |
|
| 4426 | 4437 | } |
| 4427 | 4438 | } |
| 4428 | 4439 | |
| 4429 | 4440 | // Search forbidden words in password |
| 4430 | 4441 | foreach ($forbiddenWords as $word) { |
| 4431 | - if (empty($word)) |
|
| 4432 | - continue; |
|
| 4442 | + if (empty($word)) { |
|
| 4443 | + continue; |
|
| 4444 | + } |
|
| 4433 | 4445 | |
| 4434 | 4446 | // Stop if forbidden word found in password |
| 4435 | - if (stripos($password, $word) !== false) |
|
| 4436 | - return false; |
|
| 4447 | + if (stripos($password, $word) !== false) { |
|
| 4448 | + return false; |
|
| 4449 | + } |
|
| 4437 | 4450 | } |
| 4438 | 4451 | |
| 4439 | 4452 | // Get password complexity |
@@ -149,7 +149,9 @@ |
||
| 149 | 149 | } |
| 150 | 150 | $filePath = realpath($filePath); |
| 151 | 151 | |
| 152 | - if (WIP === true) error_log('downloadFile.php: filePath: ' . $filePath." - "); |
|
| 152 | + if (WIP === true) { |
|
| 153 | + error_log('downloadFile.php: filePath: ' . $filePath." - "); |
|
| 154 | + } |
|
| 153 | 155 | |
| 154 | 156 | if ($filePath && is_readable($filePath) && strpos($filePath, realpath($SETTINGS['path_to_upload_folder'])) === 0) { |
| 155 | 157 | header('Content-Description: File Transfer'); |
@@ -58,7 +58,9 @@ |
||
| 58 | 58 | $get['state'] = filter_var($_GET['state'], FILTER_SANITIZE_SPECIAL_CHARS); |
| 59 | 59 | $get['session_state'] = filter_var($_GET['session_state'], FILTER_SANITIZE_SPECIAL_CHARS); |
| 60 | 60 | |
| 61 | - if (WIP === true) error_log('---- OAUTH2 START ----'); |
|
| 61 | + if (WIP === true) { |
|
| 62 | + error_log('---- OAUTH2 START ----'); |
|
| 63 | + } |
|
| 62 | 64 | |
| 63 | 65 | // Création d'une instance du contrôleur |
| 64 | 66 | $OAuth2 = new OAuth2Controller($SETTINGS); |
@@ -239,7 +239,7 @@ |
||
| 239 | 239 | $configManager = new ConfigManager(); |
| 240 | 240 | $SETTINGS = $configManager->getAllSettings(); |
| 241 | 241 | |
| 242 | - $payload = [ |
|
| 242 | + $payload = [ |
|
| 243 | 243 | 'username' => $login, |
| 244 | 244 | 'id' => $id, |
| 245 | 245 | 'exp' => (time() + $SETTINGS['api_token_duration'] + 600), |
@@ -401,12 +401,13 @@ |
||
| 401 | 401 | <select class="form-control" id="profile-user-timezone"> |
| 402 | 402 | <?php foreach ($zones as $key => $zone): ?> |
| 403 | 403 | <option value="<?php echo $key; ?>"<?php |
| 404 | - if ($session->has('user-timezone')) |
|
| 405 | - if($session->get('user-timezone') === $key) |
|
| 404 | + if ($session->has('user-timezone')) { |
|
| 405 | + if($session->get('user-timezone') === $key) |
|
| 406 | 406 | echo ' selected'; |
| 407 | - elseif ($session->get('user-timezone') === 'not_defined') |
|
| 408 | - if (isset($SETTINGS['timezone']) && $SETTINGS['timezone'] === $key) |
|
| 407 | + } elseif ($session->get('user-timezone') === 'not_defined') { |
|
| 408 | + if (isset($SETTINGS['timezone']) && $SETTINGS['timezone'] === $key) |
|
| 409 | 409 | echo ' selected'; |
| 410 | + } |
|
| 410 | 411 | ?>><?php echo $zone; ?></option> |
| 411 | 412 | <?php endforeach; ?> |
| 412 | 413 | </select> |
@@ -37,45 +37,45 @@ discard block |
||
| 37 | 37 | * @return boolean |
| 38 | 38 | */ |
| 39 | 39 | function is_jwt_valid($jwt) { |
| 40 | - try { |
|
| 41 | - $decoded = (array) JWT::decode($jwt, new Key(DB_PASSWD, 'HS256')); |
|
| 40 | + try { |
|
| 41 | + $decoded = (array) JWT::decode($jwt, new Key(DB_PASSWD, 'HS256')); |
|
| 42 | 42 | |
| 43 | - // Check if expiration is reached |
|
| 44 | - if ($decoded['exp'] - time() < 0) { |
|
| 45 | - return false; |
|
| 46 | - } |
|
| 43 | + // Check if expiration is reached |
|
| 44 | + if ($decoded['exp'] - time() < 0) { |
|
| 45 | + return false; |
|
| 46 | + } |
|
| 47 | 47 | /* |
| 48 | 48 | $decoded1 = JWT::decode($jwt, new Key(DB_PASSWD, 'HS256'), $headers = new stdClass()); |
| 49 | 49 | print_r($headers); |
| 50 | 50 | */ |
| 51 | 51 | |
| 52 | - return true; |
|
| 53 | - } catch (InvalidArgumentException $e) { |
|
| 54 | - // provided key/key-array is empty or malformed. |
|
| 55 | - return false; |
|
| 56 | - } catch (DomainException $e) { |
|
| 57 | - // provided algorithm is unsupported OR |
|
| 58 | - // provided key is invalid OR |
|
| 59 | - // unknown error thrown in openSSL or libsodium OR |
|
| 60 | - // libsodium is required but not available. |
|
| 61 | - return false; |
|
| 62 | - } catch (SignatureInvalidException $e) { |
|
| 63 | - // provided JWT signature verification failed. |
|
| 64 | - return false; |
|
| 65 | - } catch (BeforeValidException $e) { |
|
| 66 | - // provided JWT is trying to be used before "nbf" claim OR |
|
| 67 | - // provided JWT is trying to be used before "iat" claim. |
|
| 68 | - return false; |
|
| 69 | - } catch (ExpiredException $e) { |
|
| 70 | - // provided JWT is trying to be used after "exp" claim. |
|
| 71 | - return false; |
|
| 72 | - } catch (UnexpectedValueException $e) { |
|
| 73 | - // provided JWT is malformed OR |
|
| 74 | - // provided JWT is missing an algorithm / using an unsupported algorithm OR |
|
| 75 | - // provided JWT algorithm does not match provided key OR |
|
| 76 | - // provided key ID in key/key-array is empty or invalid. |
|
| 77 | - return false; |
|
| 78 | - } |
|
| 52 | + return true; |
|
| 53 | + } catch (InvalidArgumentException $e) { |
|
| 54 | + // provided key/key-array is empty or malformed. |
|
| 55 | + return false; |
|
| 56 | + } catch (DomainException $e) { |
|
| 57 | + // provided algorithm is unsupported OR |
|
| 58 | + // provided key is invalid OR |
|
| 59 | + // unknown error thrown in openSSL or libsodium OR |
|
| 60 | + // libsodium is required but not available. |
|
| 61 | + return false; |
|
| 62 | + } catch (SignatureInvalidException $e) { |
|
| 63 | + // provided JWT signature verification failed. |
|
| 64 | + return false; |
|
| 65 | + } catch (BeforeValidException $e) { |
|
| 66 | + // provided JWT is trying to be used before "nbf" claim OR |
|
| 67 | + // provided JWT is trying to be used before "iat" claim. |
|
| 68 | + return false; |
|
| 69 | + } catch (ExpiredException $e) { |
|
| 70 | + // provided JWT is trying to be used after "exp" claim. |
|
| 71 | + return false; |
|
| 72 | + } catch (UnexpectedValueException $e) { |
|
| 73 | + // provided JWT is malformed OR |
|
| 74 | + // provided JWT is missing an algorithm / using an unsupported algorithm OR |
|
| 75 | + // provided JWT algorithm does not match provided key OR |
|
| 76 | + // provided key ID in key/key-array is empty or invalid. |
|
| 77 | + return false; |
|
| 78 | + } |
|
| 79 | 79 | } |
| 80 | 80 | |
| 81 | 81 | function base64url_encode($data) { |
@@ -84,24 +84,24 @@ discard block |
||
| 84 | 84 | |
| 85 | 85 | function get_authorization_header() |
| 86 | 86 | { |
| 87 | - $request = symfonyRequest::createFromGlobals(); |
|
| 88 | - $authorizationHeader = $request->headers->get('Authorization'); |
|
| 89 | - $headers = null; |
|
| 87 | + $request = symfonyRequest::createFromGlobals(); |
|
| 88 | + $authorizationHeader = $request->headers->get('Authorization'); |
|
| 89 | + $headers = null; |
|
| 90 | 90 | |
| 91 | - // Check if the authorization header is not empty |
|
| 92 | - if (!empty($authorizationHeader)) { |
|
| 93 | - $headers = trim($authorizationHeader); |
|
| 94 | - } else if (function_exists('apache_request_headers') === true) { |
|
| 95 | - $requestHeaders = (array) apache_request_headers(); |
|
| 96 | - // Server-side fix for bug in old Android versions (a nice side-effect of this fix means we don't care about capitalization for Authorization) |
|
| 97 | - $requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders)); |
|
| 98 | - //print_r($requestHeaders); |
|
| 99 | - if (isset($requestHeaders['Authorization']) === true) { |
|
| 100 | - $headers = trim($requestHeaders['Authorization']); |
|
| 101 | - } |
|
| 102 | - } |
|
| 91 | + // Check if the authorization header is not empty |
|
| 92 | + if (!empty($authorizationHeader)) { |
|
| 93 | + $headers = trim($authorizationHeader); |
|
| 94 | + } else if (function_exists('apache_request_headers') === true) { |
|
| 95 | + $requestHeaders = (array) apache_request_headers(); |
|
| 96 | + // Server-side fix for bug in old Android versions (a nice side-effect of this fix means we don't care about capitalization for Authorization) |
|
| 97 | + $requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders)); |
|
| 98 | + //print_r($requestHeaders); |
|
| 99 | + if (isset($requestHeaders['Authorization']) === true) { |
|
| 100 | + $headers = trim($requestHeaders['Authorization']); |
|
| 101 | + } |
|
| 102 | + } |
|
| 103 | 103 | |
| 104 | - return $headers; |
|
| 104 | + return $headers; |
|
| 105 | 105 | } |
| 106 | 106 | |
| 107 | 107 | function get_bearer_token() { |
@@ -118,8 +118,8 @@ discard block |
||
| 118 | 118 | |
| 119 | 119 | function get_bearer_data($jwt) { |
| 120 | 120 | // split the jwt |
| 121 | - $tokenParts = explode('.', $jwt); |
|
| 122 | - $payload = base64_decode($tokenParts[1]); |
|
| 121 | + $tokenParts = explode('.', $jwt); |
|
| 122 | + $payload = base64_decode($tokenParts[1]); |
|
| 123 | 123 | |
| 124 | 124 | // HEADER: Get the access token from the header |
| 125 | 125 | if (empty($payload) === false) { |
