nilsteampassnet /
TeamPass
@@ -72,7 +72,7 @@ discard block |
||
| 72 | 72 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('users') === false) { |
| 73 | 73 | // Not allowed page |
| 74 | 74 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 75 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 75 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 76 | 76 | exit; |
| 77 | 77 | } |
| 78 | 78 | ?> |
@@ -325,8 +325,8 @@ discard block |
||
| 325 | 325 | if (store.get('teampassApplication').formUserAction === "add_new_user") { |
| 326 | 326 | var data = { |
| 327 | 327 | 'receipt': $('#form-email').val(), |
| 328 | - 'subject': 'TEAMPASS - <?php echo $lang->get('temporary_encryption_code');?>', |
|
| 329 | - 'body': '<?php echo $lang->get('email_body_new_user');?>', |
|
| 328 | + 'subject': 'TEAMPASS - <?php echo $lang->get('temporary_encryption_code'); ?>', |
|
| 329 | + 'body': '<?php echo $lang->get('email_body_new_user'); ?>', |
|
| 330 | 330 | 'pre_replace' : { |
| 331 | 331 | '#code#' : store.get('teampassUser').admin_new_user_temporary_encryption_code, |
| 332 | 332 | '#login#' : store.get('teampassUser').admin_new_user_login, |
@@ -336,8 +336,8 @@ discard block |
||
| 336 | 336 | } else { |
| 337 | 337 | var data = { |
| 338 | 338 | 'receipt': $('#form-email').val(), |
| 339 | - 'subject': 'TEAMPASS - <?php echo $lang->get('temporary_encryption_code');?>', |
|
| 340 | - 'body': '<?php echo $lang->get('email_body_temporary_encryption_code');?>', |
|
| 339 | + 'subject': 'TEAMPASS - <?php echo $lang->get('temporary_encryption_code'); ?>', |
|
| 340 | + 'body': '<?php echo $lang->get('email_body_temporary_encryption_code'); ?>', |
|
| 341 | 341 | 'pre_replace' : { |
| 342 | 342 | '#enc_code#' : store.get('teampassUser').admin_new_user_temporary_encryption_code, |
| 343 | 343 | } |
@@ -532,14 +532,14 @@ discard block |
||
| 532 | 532 | } |
| 533 | 533 | // Inform user |
| 534 | 534 | $("#warningModalBody").html('<b><?php echo $lang->get('encryption_keys'); ?> - ' + |
| 535 | - stepText + '</b> [' + start + ' - ' + (parseInt(start) + <?php echo NUMBER_ITEMS_IN_BATCH;?>) + ']<span id="warningModalBody_extra">' + $nbItemsToConvert + '</span> ' + |
|
| 535 | + stepText + '</b> [' + start + ' - ' + (parseInt(start) + <?php echo NUMBER_ITEMS_IN_BATCH; ?>) + ']<span id="warningModalBody_extra">' + $nbItemsToConvert + '</span> ' + |
|
| 536 | 536 | '... <?php echo $lang->get('please_wait'); ?><i class="fa-solid fa-spinner fa-pulse ml-3 text-primary"></i>'); |
| 537 | 537 | |
| 538 | 538 | // If expected, show the OPT to the admin |
| 539 | 539 | if (constVisibleOTP === true) { |
| 540 | 540 | toastr.info( |
| 541 | - '<?php echo $lang->get('show_encryption_code_to_admin');?> <div><input class="form-control form-item-control flex-nowrap" value="' + userTemporaryCode + '" readonly></div>' |
|
| 542 | - + '<br /><button type="button" class="btn clear"><?php echo $lang->get('close');?></button>', |
|
| 541 | + '<?php echo $lang->get('show_encryption_code_to_admin'); ?> <div><input class="form-control form-item-control flex-nowrap" value="' + userTemporaryCode + '" readonly></div>' |
|
| 542 | + + '<br /><button type="button" class="btn clear"><?php echo $lang->get('close'); ?></button>', |
|
| 543 | 543 | '<?php echo $lang->get('information'); ?>', |
| 544 | 544 | { |
| 545 | 545 | extendedTimeOut: 0, |
@@ -558,7 +558,7 @@ discard block |
||
| 558 | 558 | var data = { |
| 559 | 559 | action: step, |
| 560 | 560 | start: start, |
| 561 | - length: <?php echo NUMBER_ITEMS_IN_BATCH;?>, |
|
| 561 | + length: <?php echo NUMBER_ITEMS_IN_BATCH; ?>, |
|
| 562 | 562 | user_id: userId, |
| 563 | 563 | } |
| 564 | 564 | if (debugJavascript === true) { |
@@ -1395,7 +1395,7 @@ discard block |
||
| 1395 | 1395 | } else { |
| 1396 | 1396 | // Show icon or not |
| 1397 | 1397 | if ($('#user-disabled').prop('checked') === true) { |
| 1398 | - $('#user-login-'+userID).before('<i class="fa-solid fa-user-slash infotip text-danger mr-2" title="<?php echo $lang->get('account_is_locked');?>" id="user-disable-'+userID+'"></i>'); |
|
| 1398 | + $('#user-login-'+userID).before('<i class="fa-solid fa-user-slash infotip text-danger mr-2" title="<?php echo $lang->get('account_is_locked'); ?>" id="user-disable-'+userID+'"></i>'); |
|
| 1399 | 1399 | } else { |
| 1400 | 1400 | $('#user-disable-'+userID).remove(); |
| 1401 | 1401 | } |
@@ -69,7 +69,7 @@ discard block |
||
| 69 | 69 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('users') === false) { |
| 70 | 70 | // Not allowed page |
| 71 | 71 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 72 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 72 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 73 | 73 | exit; |
| 74 | 74 | } |
| 75 | 75 | |
@@ -92,24 +92,24 @@ discard block |
||
| 92 | 92 | // If administrator then all roles are shown |
| 93 | 93 | // else only the Roles the users is associated to. |
| 94 | 94 | if ((int) $session->get('user-admin') === 1) { |
| 95 | - $optionsManagedBy .= '<option value="0">' . $lang->get('administrators_only') . '</option>'; |
|
| 95 | + $optionsManagedBy .= '<option value="0">'.$lang->get('administrators_only').'</option>'; |
|
| 96 | 96 | } |
| 97 | 97 | |
| 98 | 98 | $rows = DB::query( |
| 99 | 99 | 'SELECT id, title, creator_id |
| 100 | - FROM ' . prefixTable('roles_title') . ' |
|
| 100 | + FROM ' . prefixTable('roles_title').' |
|
| 101 | 101 | ORDER BY title ASC' |
| 102 | 102 | ); |
| 103 | 103 | foreach ($rows as $record) { |
| 104 | 104 | if ((int) $session->get('user-admin') === 1 || in_array($record['id'], $session->get('user-roles_array')) === true) { |
| 105 | - $optionsManagedBy .= '<option value="' . $record['id'] . '">' . $lang->get('managers_of') . ' ' . addslashes($record['title']) . '</option>'; |
|
| 105 | + $optionsManagedBy .= '<option value="'.$record['id'].'">'.$lang->get('managers_of').' '.addslashes($record['title']).'</option>'; |
|
| 106 | 106 | } |
| 107 | 107 | if ( |
| 108 | 108 | (int) $session->get('user-admin') === 1 |
| 109 | 109 | || (((int) $session->get('user-manager') === 1 || (int) $session->get('user-can_manage_all_users') === 1) |
| 110 | 110 | && (in_array($record['id'], $userRoles) === true) || (int) $record['creator_id'] === (int) $session->get('user-id')) |
| 111 | 111 | ) { |
| 112 | - $optionsRoles .= '<option value="' . $record['id'] . '">' . addslashes($record['title']) . '</option>'; |
|
| 112 | + $optionsRoles .= '<option value="'.$record['id'].'">'.addslashes($record['title']).'</option>'; |
|
| 113 | 113 | } |
| 114 | 114 | } |
| 115 | 115 | |
@@ -124,7 +124,7 @@ discard block |
||
| 124 | 124 | for ($y = 1; $y < $t->nlevel; ++$y) { |
| 125 | 125 | $ident .= ' '; |
| 126 | 126 | } |
| 127 | - $foldersList .= '<option value="' . $t->id . '">' . $ident . htmlspecialchars($t->title, ENT_COMPAT, 'UTF-8') . '</option>'; |
|
| 127 | + $foldersList .= '<option value="'.$t->id.'">'.$ident.htmlspecialchars($t->title, ENT_COMPAT, 'UTF-8').'</option>'; |
|
| 128 | 128 | } |
| 129 | 129 | } |
| 130 | 130 | |
@@ -161,13 +161,13 @@ discard block |
||
| 161 | 161 | </button><?php |
| 162 | 162 | echo isset($SETTINGS['ldap_mode']) === true && (int) $SETTINGS['ldap_mode'] === 1 && (int) $session->get('user-admin') === 1 ? |
| 163 | 163 | '<button type="button" class="btn btn-primary btn-sm tp-action mr-2" data-action="ldap-sync"> |
| 164 | - <i class="fa-solid fa-address-card mr-2"></i>' . $lang->get('ldap_synchronization') . ' |
|
| 164 | + <i class="fa-solid fa-address-card mr-2"></i>' . $lang->get('ldap_synchronization').' |
|
| 165 | 165 | </button>' : ''; |
| 166 | 166 | ?> |
| 167 | 167 | </button><?php |
| 168 | 168 | echo isset($SETTINGS['oauth2_enabled']) === true && (int) $SETTINGS['oauth2_enabled'] === 1 && (int) $session->get('user-admin') === 1 ? |
| 169 | 169 | '<button type="button" class="btn btn-primary btn-sm tp-action mr-2" data-action="oauth2-sync"> |
| 170 | - <i class="fa-solid fa-plug mr-2"></i>' . $lang->get('oauth2_synchronization') . ' |
|
| 170 | + <i class="fa-solid fa-plug mr-2"></i>' . $lang->get('oauth2_synchronization').' |
|
| 171 | 171 | </button>' : ''; |
| 172 | 172 | ?> |
| 173 | 173 | </h3> |
@@ -175,7 +175,7 @@ discard block |
||
| 175 | 175 | |
| 176 | 176 | <!-- /.card-header --> |
| 177 | 177 | <div class="card-body form" id="users-list"> |
| 178 | - <label><input type="checkbox" id="warnings_display" class="tp-action pointer" data-action="refresh"><span class="ml-2 pointer"><?php echo $lang->get('display_warning_icons');?></span></label> |
|
| 178 | + <label><input type="checkbox" id="warnings_display" class="tp-action pointer" data-action="refresh"><span class="ml-2 pointer"><?php echo $lang->get('display_warning_icons'); ?></span></label> |
|
| 179 | 179 | <table id="table-users" class="table table-striped nowrap table-responsive-sm"> |
| 180 | 180 | <thead> |
| 181 | 181 | <tr> |
@@ -239,7 +239,7 @@ discard block |
||
| 239 | 239 | <?php |
| 240 | 240 | foreach (TP_PW_COMPLEXITY as $entry) { |
| 241 | 241 | echo ' |
| 242 | - <option value="' . $entry[0] . '">' . addslashes($entry[1]) . '</option>'; |
|
| 242 | + <option value="' . $entry[0].'">'.addslashes($entry[1]).'</option>'; |
|
| 243 | 243 | } |
| 244 | 244 | ?> |
| 245 | 245 | </select> |
@@ -316,7 +316,7 @@ discard block |
||
| 316 | 316 | <?php |
| 317 | 317 | foreach (TP_PW_COMPLEXITY as $entry) { |
| 318 | 318 | echo ' |
| 319 | - <option value="' . $entry[0] . '">' . addslashes($entry[1]) . '</option>'; |
|
| 319 | + <option value="' . $entry[0].'">'.addslashes($entry[1]).'</option>'; |
|
| 320 | 320 | } |
| 321 | 321 | ?> |
| 322 | 322 | </select> |
@@ -28,8 +28,8 @@ |
||
| 28 | 28 | * @see https://www.teampass.net |
| 29 | 29 | */ |
| 30 | 30 | |
| 31 | - // TO REMOVE |
|
| 32 | - // - selected_items_to_be_imported |
|
| 31 | + // TO REMOVE |
|
| 32 | + // - selected_items_to_be_imported |
|
| 33 | 33 | |
| 34 | 34 | return array( |
| 35 | 35 | 'oauth2_synchronization' => 'OAuth2 synchronization', |
@@ -74,7 +74,7 @@ discard block |
||
| 74 | 74 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('profile') === false) { |
| 75 | 75 | // Not allowed page |
| 76 | 76 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 77 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 77 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 78 | 78 | exit; |
| 79 | 79 | } |
| 80 | 80 | |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | |
| 146 | 146 | // Get info about user to modify |
| 147 | 147 | $targetUserInfos = DB::queryFirstRow( |
| 148 | - 'SELECT admin, gestionnaire, can_manage_all_users, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 148 | + 'SELECT admin, gestionnaire, can_manage_all_users, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 149 | 149 | WHERE id = %i', |
| 150 | 150 | (int) $dataReceived['user_id'] |
| 151 | 151 | ); |
@@ -277,7 +277,7 @@ discard block |
||
| 277 | 277 | // Check if user already exists |
| 278 | 278 | $data = DB::query( |
| 279 | 279 | 'SELECT id, fonction_id, groupes_interdits, groupes_visibles |
| 280 | - FROM ' . prefixTable('users') . ' |
|
| 280 | + FROM ' . prefixTable('users').' |
|
| 281 | 281 | WHERE login = %s |
| 282 | 282 | AND deleted_at IS NULL', |
| 283 | 283 | $login |
@@ -496,7 +496,7 @@ discard block |
||
| 496 | 496 | |
| 497 | 497 | // Get info about user to delete |
| 498 | 498 | $data_user = DB::queryFirstRow( |
| 499 | - 'SELECT login, admin, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 499 | + 'SELECT login, admin, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 500 | 500 | WHERE id = %i', |
| 501 | 501 | $post_id |
| 502 | 502 | ); |
@@ -530,7 +530,7 @@ discard block |
||
| 530 | 530 | ); |
| 531 | 531 | // delete personal folder and subfolders |
| 532 | 532 | $data = DB::queryFirstRow( |
| 533 | - 'SELECT id FROM ' . prefixTable('nested_tree') . ' |
|
| 533 | + 'SELECT id FROM '.prefixTable('nested_tree').' |
|
| 534 | 534 | WHERE title = %s AND personal_folder = %i', |
| 535 | 535 | $post_id, |
| 536 | 536 | '1' |
@@ -543,7 +543,7 @@ discard block |
||
| 543 | 543 | DB::delete(prefixTable('nested_tree'), 'id = %i AND personal_folder = %i', $folder->id, '1'); |
| 544 | 544 | // delete items & logs |
| 545 | 545 | $items = DB::query( |
| 546 | - 'SELECT id FROM ' . prefixTable('items') . ' |
|
| 546 | + 'SELECT id FROM '.prefixTable('items').' |
|
| 547 | 547 | WHERE id_tree=%i AND perso = %i', |
| 548 | 548 | $folder->id, |
| 549 | 549 | '1' |
@@ -567,7 +567,7 @@ discard block |
||
| 567 | 567 | // Delete any process related to user |
| 568 | 568 | $processes = DB::query( |
| 569 | 569 | 'SELECT increment_id |
| 570 | - FROM ' . prefixTable('background_tasks') . ' |
|
| 570 | + FROM ' . prefixTable('background_tasks').' |
|
| 571 | 571 | WHERE JSON_EXTRACT(arguments, "$.new_user_id") = %i', |
| 572 | 572 | $post_id |
| 573 | 573 | ); |
@@ -620,7 +620,7 @@ discard block |
||
| 620 | 620 | $return = array(); |
| 621 | 621 | // Check if folder exists |
| 622 | 622 | $data = DB::query( |
| 623 | - 'SELECT * FROM ' . prefixTable('nested_tree') . ' |
|
| 623 | + 'SELECT * FROM '.prefixTable('nested_tree').' |
|
| 624 | 624 | WHERE title = %s AND parent_id = %i', |
| 625 | 625 | filter_input(INPUT_POST, 'domain', FILTER_SANITIZE_FULL_SPECIAL_CHARS), |
| 626 | 626 | '0' |
@@ -633,7 +633,7 @@ discard block |
||
| 633 | 633 | } |
| 634 | 634 | // Check if role exists |
| 635 | 635 | $data = DB::query( |
| 636 | - 'SELECT * FROM ' . prefixTable('roles_title') . ' |
|
| 636 | + 'SELECT * FROM '.prefixTable('roles_title').' |
|
| 637 | 637 | WHERE title = %s', |
| 638 | 638 | filter_input(INPUT_POST, 'domain', FILTER_SANITIZE_FULL_SPECIAL_CHARS) |
| 639 | 639 | ); |
@@ -662,7 +662,7 @@ discard block |
||
| 662 | 662 | // Get info about user to delete |
| 663 | 663 | $data_user = DB::queryFirstRow( |
| 664 | 664 | 'SELECT admin, isAdministratedByRole, gestionnaire |
| 665 | - FROM ' . prefixTable('users') . ' |
|
| 665 | + FROM ' . prefixTable('users').' |
|
| 666 | 666 | WHERE id = %i', |
| 667 | 667 | $post_user_id |
| 668 | 668 | ); |
@@ -718,7 +718,7 @@ discard block |
||
| 718 | 718 | // Get info about user |
| 719 | 719 | $rowUser = DB::queryFirstRow( |
| 720 | 720 | 'SELECT * |
| 721 | - FROM ' . prefixTable('users') . ' |
|
| 721 | + FROM ' . prefixTable('users').' |
|
| 722 | 722 | WHERE id = %i', |
| 723 | 723 | $post_id |
| 724 | 724 | ); |
@@ -743,7 +743,7 @@ discard block |
||
| 743 | 743 | $selected = ''; |
| 744 | 744 | $users_functions = array_filter(array_unique(explode(';', empty($rowUser['fonction_id'].';'.$rowUser['roles_from_ad_groups']) === true ? '' : $rowUser['fonction_id'].';'.$rowUser['roles_from_ad_groups']))); |
| 745 | 745 | |
| 746 | - $rows = DB::query('SELECT id,title,creator_id FROM ' . prefixTable('roles_title')); |
|
| 746 | + $rows = DB::query('SELECT id,title,creator_id FROM '.prefixTable('roles_title')); |
|
| 747 | 747 | foreach ($rows as $record) { |
| 748 | 748 | if ( |
| 749 | 749 | (int) $session->get('user-admin') === 1 |
@@ -778,7 +778,7 @@ discard block |
||
| 778 | 778 | $rolesList = array(); |
| 779 | 779 | $managedBy = array(); |
| 780 | 780 | $selected = ''; |
| 781 | - $rows = DB::query('SELECT id,title FROM ' . prefixTable('roles_title') . ' ORDER BY title ASC'); |
|
| 781 | + $rows = DB::query('SELECT id,title FROM '.prefixTable('roles_title').' ORDER BY title ASC'); |
|
| 782 | 782 | foreach ($rows as $reccord) { |
| 783 | 783 | $rolesList[$reccord['id']] = array('id' => $reccord['id'], 'title' => $reccord['title']); |
| 784 | 784 | } |
@@ -809,7 +809,7 @@ discard block |
||
| 809 | 809 | array_push( |
| 810 | 810 | $managedBy, |
| 811 | 811 | array( |
| 812 | - 'title' => $lang->get('managers_of') . ' ' . $fonction['title'], |
|
| 812 | + 'title' => $lang->get('managers_of').' '.$fonction['title'], |
|
| 813 | 813 | 'id' => $fonction['id'], |
| 814 | 814 | 'selected' => $selected, |
| 815 | 815 | ) |
@@ -891,9 +891,9 @@ discard block |
||
| 891 | 891 | |
| 892 | 892 | // get USER STATUS |
| 893 | 893 | if ($rowUser['disabled'] == 1) { |
| 894 | - $arrData['info'] = $lang->get('user_info_locked') . '<br><input type="checkbox" value="unlock" name="1" class="chk"> <label for="1">' . $lang->get('user_info_unlock_question') . '</label><br><input type="checkbox" value="delete" id="account_delete" class="chk mr-2" name="2" onclick="confirmDeletion()">label for="2">' . $lang->get('user_info_delete_question') . '</label>'; |
|
| 894 | + $arrData['info'] = $lang->get('user_info_locked').'<br><input type="checkbox" value="unlock" name="1" class="chk"> <label for="1">'.$lang->get('user_info_unlock_question').'</label><br><input type="checkbox" value="delete" id="account_delete" class="chk mr-2" name="2" onclick="confirmDeletion()">label for="2">'.$lang->get('user_info_delete_question').'</label>'; |
|
| 895 | 895 | } else { |
| 896 | - $arrData['info'] = $lang->get('user_info_active') . '<br><input type="checkbox" value="lock" class="chk"> ' . $lang->get('user_info_lock_question'); |
|
| 896 | + $arrData['info'] = $lang->get('user_info_active').'<br><input type="checkbox" value="lock" class="chk"> '.$lang->get('user_info_lock_question'); |
|
| 897 | 897 | } |
| 898 | 898 | |
| 899 | 899 | $arrData['error'] = false; |
@@ -980,7 +980,7 @@ discard block |
||
| 980 | 980 | |
| 981 | 981 | // Get info about user to modify |
| 982 | 982 | $data_user = DB::queryFirstRow( |
| 983 | - 'SELECT admin, gestionnaire, can_manage_all_users, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 983 | + 'SELECT admin, gestionnaire, can_manage_all_users, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 984 | 984 | WHERE id = %i', |
| 985 | 985 | $post_id |
| 986 | 986 | ); |
@@ -991,7 +991,7 @@ discard block |
||
| 991 | 991 | // count number of admins |
| 992 | 992 | $users = DB::query( |
| 993 | 993 | 'SELECT id |
| 994 | - FROM ' . prefixTable('users') . ' |
|
| 994 | + FROM ' . prefixTable('users').' |
|
| 995 | 995 | WHERE admin = 1 AND email != "" AND pw != "" AND id != %i', |
| 996 | 996 | $post_id |
| 997 | 997 | ); |
@@ -1014,7 +1014,7 @@ discard block |
||
| 1014 | 1014 | // Exclude roles from AD - PR #3635 |
| 1015 | 1015 | $adRoles = DB::query( |
| 1016 | 1016 | 'SELECT roles_from_ad_groups |
| 1017 | - FROM ' . prefixTable('users') . ' |
|
| 1017 | + FROM ' . prefixTable('users').' |
|
| 1018 | 1018 | WHERE id = %i', |
| 1019 | 1019 | $post_id |
| 1020 | 1020 | )[0]['roles_from_ad_groups']; |
@@ -1118,7 +1118,7 @@ discard block |
||
| 1118 | 1118 | ); |
| 1119 | 1119 | // delete personal folder and subfolders |
| 1120 | 1120 | $data = DB::queryFirstRow( |
| 1121 | - 'SELECT id FROM ' . prefixTable('nested_tree') . ' |
|
| 1121 | + 'SELECT id FROM '.prefixTable('nested_tree').' |
|
| 1122 | 1122 | WHERE title = %s AND personal_folder = %i', |
| 1123 | 1123 | $post_id, |
| 1124 | 1124 | '1' |
@@ -1131,7 +1131,7 @@ discard block |
||
| 1131 | 1131 | DB::delete(prefixTable('nested_tree'), 'id = %i AND personal_folder = %i', $folder->id, '1'); |
| 1132 | 1132 | // delete items & logs |
| 1133 | 1133 | $items = DB::query( |
| 1134 | - 'SELECT id FROM ' . prefixTable('items') . ' |
|
| 1134 | + 'SELECT id FROM '.prefixTable('items').' |
|
| 1135 | 1135 | WHERE id_tree=%i AND perso = %i', |
| 1136 | 1136 | $folder->id, |
| 1137 | 1137 | '1' |
@@ -1152,7 +1152,7 @@ discard block |
||
| 1152 | 1152 | } else { |
| 1153 | 1153 | // Get old data about user |
| 1154 | 1154 | $oldData = DB::queryFirstRow( |
| 1155 | - 'SELECT * FROM ' . prefixTable('users') . ' |
|
| 1155 | + 'SELECT * FROM '.prefixTable('users').' |
|
| 1156 | 1156 | WHERE id = %i', |
| 1157 | 1157 | $post_id |
| 1158 | 1158 | ); |
@@ -1189,7 +1189,7 @@ discard block |
||
| 1189 | 1189 | |
| 1190 | 1190 | // update LOG |
| 1191 | 1191 | if ($oldData['email'] !== $post_email) { |
| 1192 | - logEvents($SETTINGS, 'user_mngt', 'at_user_email_changed:' . $oldData['email'], (string) $session->get('user-id'), $session->get('user-login'), $post_id); |
|
| 1192 | + logEvents($SETTINGS, 'user_mngt', 'at_user_email_changed:'.$oldData['email'], (string) $session->get('user-id'), $session->get('user-login'), $post_id); |
|
| 1193 | 1193 | } |
| 1194 | 1194 | } |
| 1195 | 1195 | echo prepareExchangedData( |
@@ -1237,7 +1237,7 @@ discard block |
||
| 1237 | 1237 | } |
| 1238 | 1238 | |
| 1239 | 1239 | DB::queryFirstRow( |
| 1240 | - 'SELECT * FROM ' . prefixTable('users') . ' |
|
| 1240 | + 'SELECT * FROM '.prefixTable('users').' |
|
| 1241 | 1241 | WHERE login = %s |
| 1242 | 1242 | AND deleted_at IS NULL', |
| 1243 | 1243 | filter_input(INPUT_POST, 'login', FILTER_SANITIZE_FULL_SPECIAL_CHARS) |
@@ -1289,7 +1289,7 @@ discard block |
||
| 1289 | 1289 | // get User info |
| 1290 | 1290 | $rowUser = DB::queryFirstRow( |
| 1291 | 1291 | 'SELECT login, name, lastname, email, disabled, fonction_id, groupes_interdits, groupes_visibles, isAdministratedByRole, avatar_thumb, roles_from_ad_groups |
| 1292 | - FROM ' . prefixTable('users') . ' |
|
| 1292 | + FROM ' . prefixTable('users').' |
|
| 1293 | 1293 | WHERE id = %i', |
| 1294 | 1294 | $post_id |
| 1295 | 1295 | ); |
@@ -1299,7 +1299,7 @@ discard block |
||
| 1299 | 1299 | $html = ''; |
| 1300 | 1300 | |
| 1301 | 1301 | if (isset($SETTINGS['ldap_mode']) === true && (int) $SETTINGS['ldap_mode'] === 1 && isset($SETTINGS['enable_ad_users_with_ad_groups']) === true && (int) $SETTINGS['enable_ad_users_with_ad_groups'] === 1) { |
| 1302 | - $rowUser['fonction_id'] = empty($rowUser['fonction_id']) === true ? $rowUser['roles_from_ad_groups'] : $rowUser['fonction_id']. ';' . $rowUser['roles_from_ad_groups']; |
|
| 1302 | + $rowUser['fonction_id'] = empty($rowUser['fonction_id']) === true ? $rowUser['roles_from_ad_groups'] : $rowUser['fonction_id'].';'.$rowUser['roles_from_ad_groups']; |
|
| 1303 | 1303 | } |
| 1304 | 1304 | $arrData['functions'] = array_filter(explode(';', $rowUser['fonction_id'])); |
| 1305 | 1305 | $arrData['allowed_folders'] = array_filter(explode(';', $rowUser['groupes_visibles'])); |
@@ -1310,7 +1310,7 @@ discard block |
||
| 1310 | 1310 | // refine folders based upon roles |
| 1311 | 1311 | $rows = DB::query( |
| 1312 | 1312 | 'SELECT folder_id, type |
| 1313 | - FROM ' . prefixTable('roles_values') . ' |
|
| 1313 | + FROM ' . prefixTable('roles_values').' |
|
| 1314 | 1314 | WHERE role_id IN %ls |
| 1315 | 1315 | ORDER BY folder_id ASC', |
| 1316 | 1316 | $arrData['functions'] |
@@ -1333,7 +1333,7 @@ discard block |
||
| 1333 | 1333 | } |
| 1334 | 1334 | |
| 1335 | 1335 | // add allowed folders |
| 1336 | - foreach($arrData['allowed_folders'] as $Fld) { |
|
| 1336 | + foreach ($arrData['allowed_folders'] as $Fld) { |
|
| 1337 | 1337 | array_push($arrFolders, array('id' => $Fld, 'type' => 'W', 'special' => true)); |
| 1338 | 1338 | } |
| 1339 | 1339 | |
@@ -1344,7 +1344,7 @@ discard block |
||
| 1344 | 1344 | // get folder name |
| 1345 | 1345 | $row = DB::queryFirstRow( |
| 1346 | 1346 | 'SELECT title, nlevel, id |
| 1347 | - FROM ' . prefixTable('nested_tree') . ' |
|
| 1347 | + FROM ' . prefixTable('nested_tree').' |
|
| 1348 | 1348 | WHERE id = %i', |
| 1349 | 1349 | $fld['id'] |
| 1350 | 1350 | ); |
@@ -1357,38 +1357,38 @@ discard block |
||
| 1357 | 1357 | |
| 1358 | 1358 | // manage right icon |
| 1359 | 1359 | if ($fld['type'] == 'W') { |
| 1360 | - $label = '<i class="fas fa-indent infotip text-success mr-2" title="' . $lang->get('write') . '"></i>' . |
|
| 1361 | - '<i class="fas fa-edit infotip text-success mr-2" title="' . $lang->get('edit') . '"></i>' . |
|
| 1362 | - '<i class="fas fa-eraser infotip text-success" title="' . $lang->get('delete') . '"></i>'; |
|
| 1360 | + $label = '<i class="fas fa-indent infotip text-success mr-2" title="'.$lang->get('write').'"></i>'. |
|
| 1361 | + '<i class="fas fa-edit infotip text-success mr-2" title="'.$lang->get('edit').'"></i>'. |
|
| 1362 | + '<i class="fas fa-eraser infotip text-success" title="'.$lang->get('delete').'"></i>'; |
|
| 1363 | 1363 | } elseif ($fld['type'] == 'ND') { |
| 1364 | - $label = '<i class="fas fa-indent infotip text-warning mr-2" title="' . $lang->get('write') . '"></i>' . |
|
| 1365 | - '<i class="fas fa-edit infotip text-success mr-2" title="' . $lang->get('edit') . '"></i>' . |
|
| 1366 | - '<i class="fas fa-eraser infotip text-danger" title="' . $lang->get('no_delete') . '"></i>'; |
|
| 1364 | + $label = '<i class="fas fa-indent infotip text-warning mr-2" title="'.$lang->get('write').'"></i>'. |
|
| 1365 | + '<i class="fas fa-edit infotip text-success mr-2" title="'.$lang->get('edit').'"></i>'. |
|
| 1366 | + '<i class="fas fa-eraser infotip text-danger" title="'.$lang->get('no_delete').'"></i>'; |
|
| 1367 | 1367 | } elseif ($fld['type'] == 'NE') { |
| 1368 | - $label = '<i class="fas fa-indent infotip text-warning mr-2" title="' . $lang->get('write') . '"></i>' . |
|
| 1369 | - '<i class="fas fa-edit infotip text-danger mr-2" title="' . $lang->get('no_edit') . '"></i>' . |
|
| 1370 | - '<i class="fas fa-eraser infotip text-success" title="' . $lang->get('delete') . '"></i>'; |
|
| 1368 | + $label = '<i class="fas fa-indent infotip text-warning mr-2" title="'.$lang->get('write').'"></i>'. |
|
| 1369 | + '<i class="fas fa-edit infotip text-danger mr-2" title="'.$lang->get('no_edit').'"></i>'. |
|
| 1370 | + '<i class="fas fa-eraser infotip text-success" title="'.$lang->get('delete').'"></i>'; |
|
| 1371 | 1371 | } elseif ($fld['type'] == 'NDNE') { |
| 1372 | - $label = '<i class="fas fa-indent infotip text-warning mr-2" title="' . $lang->get('write') . '"></i>' . |
|
| 1373 | - '<i class="fas fa-edit infotip text-danger mr-2" title="' . $lang->get('no_edit') . '"></i>' . |
|
| 1374 | - '<i class="fas fa-eraser infotip text-danger" title="' . $lang->get('no_delete') . '"></i>'; |
|
| 1372 | + $label = '<i class="fas fa-indent infotip text-warning mr-2" title="'.$lang->get('write').'"></i>'. |
|
| 1373 | + '<i class="fas fa-edit infotip text-danger mr-2" title="'.$lang->get('no_edit').'"></i>'. |
|
| 1374 | + '<i class="fas fa-eraser infotip text-danger" title="'.$lang->get('no_delete').'"></i>'; |
|
| 1375 | 1375 | } elseif ($fld['type'] == '') { |
| 1376 | - $label = '<i class="fas fa-eye-slash infotip text-danger mr-2" title="' . $lang->get('no_access') . '"></i>'; |
|
| 1376 | + $label = '<i class="fas fa-eye-slash infotip text-danger mr-2" title="'.$lang->get('no_access').'"></i>'; |
|
| 1377 | 1377 | } else { |
| 1378 | - $label = '<i class="fas fa-eye infotip text-info mr-2" title="' . $lang->get('read') . '"></i>'; |
|
| 1378 | + $label = '<i class="fas fa-eye infotip text-info mr-2" title="'.$lang->get('read').'"></i>'; |
|
| 1379 | 1379 | } |
| 1380 | 1380 | |
| 1381 | - $html .= '<tr><td>' . $ident . $row['title'] . |
|
| 1382 | - ' <small class="text-info">[' . $row['id'] . ']</small>'. |
|
| 1383 | - ($fld['special'] === true ? '<i class="fas fa-user-tag infotip text-primary ml-5" title="' . $lang->get('user_specific_right') . '"></i>' : ''). |
|
| 1384 | - '</td><td>' . $label . '</td></tr>'; |
|
| 1381 | + $html .= '<tr><td>'.$ident.$row['title']. |
|
| 1382 | + ' <small class="text-info">['.$row['id'].']</small>'. |
|
| 1383 | + ($fld['special'] === true ? '<i class="fas fa-user-tag infotip text-primary ml-5" title="'.$lang->get('user_specific_right').'"></i>' : ''). |
|
| 1384 | + '</td><td>'.$label.'</td></tr>'; |
|
| 1385 | 1385 | break; |
| 1386 | 1386 | } |
| 1387 | 1387 | } |
| 1388 | 1388 | } |
| 1389 | 1389 | |
| 1390 | - $html_full = '<table id="table-folders" class="table table-bordered table-striped dt-responsive nowrap" style="width:100%"><tbody>' . |
|
| 1391 | - $html . '</tbody></table>'; |
|
| 1390 | + $html_full = '<table id="table-folders" class="table table-bordered table-striped dt-responsive nowrap" style="width:100%"><tbody>'. |
|
| 1391 | + $html.'</tbody></table>'; |
|
| 1392 | 1392 | } else { |
| 1393 | 1393 | $html_full = ''; |
| 1394 | 1394 | } |
@@ -1434,7 +1434,7 @@ discard block |
||
| 1434 | 1434 | if ((int) $session->get('user-admin') === 0 && (int) $session->get('user-can_manage_all_users') === 0) { |
| 1435 | 1435 | $rows = DB::query( |
| 1436 | 1436 | 'SELECT * |
| 1437 | - FROM ' . prefixTable('users') . ' |
|
| 1437 | + FROM ' . prefixTable('users').' |
|
| 1438 | 1438 | WHERE admin = %i AND isAdministratedByRole IN %ls', |
| 1439 | 1439 | '0', |
| 1440 | 1440 | array_filter($session->get('user-roles_array')) |
@@ -1442,7 +1442,7 @@ discard block |
||
| 1442 | 1442 | } else { |
| 1443 | 1443 | $rows = DB::query( |
| 1444 | 1444 | 'SELECT * |
| 1445 | - FROM ' . prefixTable('users') . ' |
|
| 1445 | + FROM ' . prefixTable('users').' |
|
| 1446 | 1446 | WHERE admin = %i', |
| 1447 | 1447 | '0' |
| 1448 | 1448 | ); |
@@ -1454,7 +1454,7 @@ discard block |
||
| 1454 | 1454 | $groupIds = []; |
| 1455 | 1455 | foreach (explode(';', $record['fonction_id']) as $group) { |
| 1456 | 1456 | $tmp = DB::queryFirstRow( |
| 1457 | - 'SELECT id, title FROM ' . prefixTable('roles_title') . ' |
|
| 1457 | + 'SELECT id, title FROM '.prefixTable('roles_title').' |
|
| 1458 | 1458 | WHERE id = %i', |
| 1459 | 1459 | $group |
| 1460 | 1460 | ); |
@@ -1466,7 +1466,7 @@ discard block |
||
| 1466 | 1466 | |
| 1467 | 1467 | // Get managed_by |
| 1468 | 1468 | $managedBy = DB::queryFirstRow( |
| 1469 | - 'SELECT id, title FROM ' . prefixTable('roles_title') . ' |
|
| 1469 | + 'SELECT id, title FROM '.prefixTable('roles_title').' |
|
| 1470 | 1470 | WHERE id = %i', |
| 1471 | 1471 | $record['isAdministratedByRole'] |
| 1472 | 1472 | ); |
@@ -1476,7 +1476,7 @@ discard block |
||
| 1476 | 1476 | $foldersAllowedIds = []; |
| 1477 | 1477 | foreach (explode(';', $record['groupes_visibles']) as $role) { |
| 1478 | 1478 | $tmp = DB::queryFirstRow( |
| 1479 | - 'SELECT id, title FROM ' . prefixTable('nested_tree') . ' |
|
| 1479 | + 'SELECT id, title FROM '.prefixTable('nested_tree').' |
|
| 1480 | 1480 | WHERE id = %i', |
| 1481 | 1481 | $role |
| 1482 | 1482 | ); |
@@ -1489,7 +1489,7 @@ discard block |
||
| 1489 | 1489 | $foldersForbiddenIds = []; |
| 1490 | 1490 | foreach (explode(';', $record['groupes_interdits']) as $role) { |
| 1491 | 1491 | $tmp = DB::queryFirstRow( |
| 1492 | - 'SELECT id, title FROM ' . prefixTable('nested_tree') . ' |
|
| 1492 | + 'SELECT id, title FROM '.prefixTable('nested_tree').' |
|
| 1493 | 1493 | WHERE id = %i', |
| 1494 | 1494 | $role |
| 1495 | 1495 | ); |
@@ -1507,7 +1507,7 @@ discard block |
||
| 1507 | 1507 | 'login' => $record['login'], |
| 1508 | 1508 | 'groups' => implode(', ', $groups), |
| 1509 | 1509 | 'groupIds' => $groupIds, |
| 1510 | - 'managedBy' => $managedBy=== null ? $lang->get('administrator') : $managedBy['title'], |
|
| 1510 | + 'managedBy' => $managedBy === null ? $lang->get('administrator') : $managedBy['title'], |
|
| 1511 | 1511 | 'managedById' => $managedBy === null ? 0 : $managedBy['id'], |
| 1512 | 1512 | 'foldersAllowed' => implode(', ', $foldersAllowed), |
| 1513 | 1513 | 'foldersAllowedIds' => $foldersAllowedIds, |
@@ -1608,7 +1608,7 @@ discard block |
||
| 1608 | 1608 | |
| 1609 | 1609 | // Get info about user |
| 1610 | 1610 | $data_user = DB::queryFirstRow( |
| 1611 | - 'SELECT admin, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 1611 | + 'SELECT admin, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 1612 | 1612 | WHERE id = %i', |
| 1613 | 1613 | $inputData['source_id'] |
| 1614 | 1614 | ); |
@@ -1835,14 +1835,14 @@ discard block |
||
| 1835 | 1835 | if (empty($post_context) === false && $post_context === 'add_one_role_to_user') { |
| 1836 | 1836 | $data_user = DB::queryFirstRow( |
| 1837 | 1837 | 'SELECT fonction_id, public_key |
| 1838 | - FROM ' . prefixTable('users') . ' |
|
| 1838 | + FROM ' . prefixTable('users').' |
|
| 1839 | 1839 | WHERE id = %i', |
| 1840 | 1840 | $post_user_id |
| 1841 | 1841 | ); |
| 1842 | 1842 | |
| 1843 | 1843 | if ($data_user) { |
| 1844 | 1844 | // Ensure array is unique |
| 1845 | - $post_new_value = str_replace(',', ';', $data_user['fonction_id']) . ';' . $post_new_value; |
|
| 1845 | + $post_new_value = str_replace(',', ';', $data_user['fonction_id']).';'.$post_new_value; |
|
| 1846 | 1846 | $post_new_value = implode(';', array_unique(explode(';', $post_new_value))); |
| 1847 | 1847 | } else { |
| 1848 | 1848 | // User not found |
@@ -1858,14 +1858,14 @@ discard block |
||
| 1858 | 1858 | } |
| 1859 | 1859 | |
| 1860 | 1860 | // Manage specific case of api key |
| 1861 | - if($post_field === 'user_api_key') { |
|
| 1861 | + if ($post_field === 'user_api_key') { |
|
| 1862 | 1862 | $encrypted_key = encryptUserObjectKey(base64_encode($post_new_value), $session->get('user-public_key')); |
| 1863 | 1863 | $session->set('user-api_key', $post_new_value); |
| 1864 | 1864 | |
| 1865 | 1865 | // test if user has an api key |
| 1866 | 1866 | $data_user = DB::queryFirstRow( |
| 1867 | 1867 | 'SELECT value |
| 1868 | - FROM ' . prefixTable('api') . ' |
|
| 1868 | + FROM ' . prefixTable('api').' |
|
| 1869 | 1869 | WHERE user_id = %i', |
| 1870 | 1870 | $post_user_id |
| 1871 | 1871 | ); |
@@ -1985,7 +1985,7 @@ discard block |
||
| 1985 | 1985 | } catch (\LdapRecord\Auth\BindException $e) { |
| 1986 | 1986 | $error = $e->getDetailedError(); |
| 1987 | 1987 | if ($error && defined('LOG_TO_SERVER') && LOG_TO_SERVER === true) { |
| 1988 | - error_log('TEAMPASS Error - LDAP - '.$error->getErrorCode()." - ".$error->getErrorMessage(). " - ".$error->getDiagnosticMessage()); |
|
| 1988 | + error_log('TEAMPASS Error - LDAP - '.$error->getErrorCode()." - ".$error->getErrorMessage()." - ".$error->getDiagnosticMessage()); |
|
| 1989 | 1989 | } |
| 1990 | 1990 | // deepcode ignore ServerLeak: No important data is sent and it is encrypted before sending |
| 1991 | 1991 | echo prepareExchangedData( |
@@ -2015,7 +2015,7 @@ discard block |
||
| 2015 | 2015 | } catch (\LdapRecord\Auth\BindException $e) { |
| 2016 | 2016 | $error = $e->getDetailedError(); |
| 2017 | 2017 | if ($error && defined('LOG_TO_SERVER') && LOG_TO_SERVER === true) { |
| 2018 | - error_log('TEAMPASS Error - LDAP - '.$error->getErrorCode()." - ".$error->getErrorMessage(). " - ".$error->getDiagnosticMessage()); |
|
| 2018 | + error_log('TEAMPASS Error - LDAP - '.$error->getErrorCode()." - ".$error->getErrorMessage()." - ".$error->getDiagnosticMessage()); |
|
| 2019 | 2019 | } |
| 2020 | 2020 | // deepcode ignore ServerLeak: No important data is sent and it is encrypted before sending |
| 2021 | 2021 | echo prepareExchangedData( |
@@ -2032,7 +2032,7 @@ discard block |
||
| 2032 | 2032 | if (isset($adUser[$SETTINGS['ldap_user_attribute']][0]) === false) continue; |
| 2033 | 2033 | // Build the list of all groups in AD |
| 2034 | 2034 | if (isset($adUser['memberof']) === true) { |
| 2035 | - foreach($adUser['memberof'] as $j => $adUserGroup) { |
|
| 2035 | + foreach ($adUser['memberof'] as $j => $adUserGroup) { |
|
| 2036 | 2036 | if (empty($adUserGroup) === false && $j !== "count") { |
| 2037 | 2037 | $adGroup = substr($adUserGroup, 3, strpos($adUserGroup, ',') - 3); |
| 2038 | 2038 | if (in_array($adGroup, $adRoles) === false && empty($adGroup) === false) { |
@@ -2048,7 +2048,7 @@ discard block |
||
| 2048 | 2048 | // Get his ID |
| 2049 | 2049 | $userInfo = DB::queryFirstRow( |
| 2050 | 2050 | 'SELECT id, login, fonction_id, auth_type |
| 2051 | - FROM ' . prefixTable('users') . ' |
|
| 2051 | + FROM ' . prefixTable('users').' |
|
| 2052 | 2052 | WHERE login = %s', |
| 2053 | 2053 | $userLogin |
| 2054 | 2054 | ); |
@@ -2084,7 +2084,7 @@ discard block |
||
| 2084 | 2084 | |
| 2085 | 2085 | // Get all groups in Teampass |
| 2086 | 2086 | $teampassRoles = array(); |
| 2087 | - $rows = DB::query('SELECT id,title FROM ' . prefixTable('roles_title')); |
|
| 2087 | + $rows = DB::query('SELECT id,title FROM '.prefixTable('roles_title')); |
|
| 2088 | 2088 | foreach ($rows as $record) { |
| 2089 | 2089 | array_push( |
| 2090 | 2090 | $teampassRoles, |
@@ -2149,7 +2149,7 @@ discard block |
||
| 2149 | 2149 | // Check if user already exists |
| 2150 | 2150 | $data = DB::query( |
| 2151 | 2151 | 'SELECT id, fonction_id, groupes_interdits, groupes_visibles |
| 2152 | - FROM ' . prefixTable('users') . ' |
|
| 2152 | + FROM ' . prefixTable('users').' |
|
| 2153 | 2153 | WHERE login = %s', |
| 2154 | 2154 | $post_login |
| 2155 | 2155 | ); |
@@ -2326,7 +2326,7 @@ discard block |
||
| 2326 | 2326 | // Check if user already exists |
| 2327 | 2327 | DB::query( |
| 2328 | 2328 | 'SELECT id |
| 2329 | - FROM ' . prefixTable('users') . ' |
|
| 2329 | + FROM ' . prefixTable('users').' |
|
| 2330 | 2330 | WHERE id = %i', |
| 2331 | 2331 | $post_id |
| 2332 | 2332 | ); |
@@ -2388,7 +2388,7 @@ discard block |
||
| 2388 | 2388 | // Get all groups in Teampass |
| 2389 | 2389 | $teampassRoles = array(); |
| 2390 | 2390 | $titleToIdMap = []; |
| 2391 | - $rows = DB::query('SELECT id,title FROM ' . prefixTable('roles_title')); |
|
| 2391 | + $rows = DB::query('SELECT id,title FROM '.prefixTable('roles_title')); |
|
| 2392 | 2392 | foreach ($rows as $record) { |
| 2393 | 2393 | array_push( |
| 2394 | 2394 | $teampassRoles, |
@@ -2431,7 +2431,7 @@ discard block |
||
| 2431 | 2431 | // Get his ID |
| 2432 | 2432 | $userInfo = DB::queryFirstRow( |
| 2433 | 2433 | 'SELECT id, login, fonction_id, auth_type |
| 2434 | - FROM ' . prefixTable('users') . ' |
|
| 2434 | + FROM ' . prefixTable('users').' |
|
| 2435 | 2435 | WHERE login = %s', |
| 2436 | 2436 | $userLogin |
| 2437 | 2437 | ); |
@@ -2538,7 +2538,7 @@ discard block |
||
| 2538 | 2538 | // Check if user already exists |
| 2539 | 2539 | DB::query( |
| 2540 | 2540 | 'SELECT id |
| 2541 | - FROM ' . prefixTable('users') . ' |
|
| 2541 | + FROM ' . prefixTable('users').' |
|
| 2542 | 2542 | WHERE id = %i', |
| 2543 | 2543 | $post_id |
| 2544 | 2544 | ); |
@@ -2605,7 +2605,7 @@ discard block |
||
| 2605 | 2605 | // Search TP_USER in db |
| 2606 | 2606 | $userTP = DB::queryFirstRow( |
| 2607 | 2607 | 'SELECT pw |
| 2608 | - FROM ' . prefixTable('users') . ' |
|
| 2608 | + FROM ' . prefixTable('users').' |
|
| 2609 | 2609 | WHERE id = %i', |
| 2610 | 2610 | TP_USER_ID |
| 2611 | 2611 | ); |
@@ -2627,8 +2627,8 @@ discard block |
||
| 2627 | 2627 | 'process_type' => 'create_user_keys', |
| 2628 | 2628 | 'arguments' => json_encode([ |
| 2629 | 2629 | 'new_user_id' => (int) $post_user_id, |
| 2630 | - 'new_user_pwd' => empty($post_user_pwd) === true ? '' : cryption($post_user_pwd, '','encrypt', $SETTINGS)['string'], |
|
| 2631 | - 'new_user_code' => cryption($post_user_code, '','encrypt', $SETTINGS)['string'], |
|
| 2630 | + 'new_user_pwd' => empty($post_user_pwd) === true ? '' : cryption($post_user_pwd, '', 'encrypt', $SETTINGS)['string'], |
|
| 2631 | + 'new_user_code' => cryption($post_user_code, '', 'encrypt', $SETTINGS)['string'], |
|
| 2632 | 2632 | 'owner_id' => (int) TP_USER_ID, |
| 2633 | 2633 | 'creator_pwd' => $userTP['pw'], |
| 2634 | 2634 | 'email_body' => $lang->get('email_body_user_config_5'), |
@@ -2717,8 +2717,8 @@ discard block |
||
| 2717 | 2717 | // get user info |
| 2718 | 2718 | $processesProgress = DB::query( |
| 2719 | 2719 | 'SELECT u.ongoing_process_id, pt.task, pt.updated_at, pt.finished_at, pt.is_in_progress |
| 2720 | - FROM ' . prefixTable('users') . ' AS u |
|
| 2721 | - INNER JOIN ' . prefixTable('background_subtasks') . ' AS pt ON (pt.task_id = u.ongoing_process_id) |
|
| 2720 | + FROM ' . prefixTable('users').' AS u |
|
| 2721 | + INNER JOIN ' . prefixTable('background_subtasks').' AS pt ON (pt.task_id = u.ongoing_process_id) |
|
| 2722 | 2722 | WHERE u.id = %i', |
| 2723 | 2723 | $user_id |
| 2724 | 2724 | ); |
@@ -2726,9 +2726,9 @@ discard block |
||
| 2726 | 2726 | //print_r($processesProgress); |
| 2727 | 2727 | $finished_steps = 0; |
| 2728 | 2728 | $nb_steps = count($processesProgress); |
| 2729 | - foreach($processesProgress as $process) { |
|
| 2729 | + foreach ($processesProgress as $process) { |
|
| 2730 | 2730 | if ((int) $process['is_in_progress'] === -1) { |
| 2731 | - $finished_steps ++; |
|
| 2731 | + $finished_steps++; |
|
| 2732 | 2732 | } |
| 2733 | 2733 | } |
| 2734 | 2734 | |
@@ -2737,7 +2737,7 @@ discard block |
||
| 2737 | 2737 | 'error' => false, |
| 2738 | 2738 | 'message' => '', |
| 2739 | 2739 | 'user_id' => $user_id, |
| 2740 | - 'status' => $finished_steps === $nb_steps ? 'finished' : number_format($finished_steps/$nb_steps*100, 0).'%', |
|
| 2740 | + 'status' => $finished_steps === $nb_steps ? 'finished' : number_format($finished_steps / $nb_steps * 100, 0).'%', |
|
| 2741 | 2741 | 'debug' => $finished_steps.",".$nb_steps, |
| 2742 | 2742 | ), |
| 2743 | 2743 | 'encode' |
@@ -2827,7 +2827,7 @@ discard block |
||
| 2827 | 2827 | |
| 2828 | 2828 | // Get info about user |
| 2829 | 2829 | $data_user = DB::queryFirstRow( |
| 2830 | - 'SELECT admin, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 2830 | + 'SELECT admin, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 2831 | 2831 | WHERE id = %i', |
| 2832 | 2832 | $value[1] |
| 2833 | 2833 | ); |
@@ -2861,7 +2861,7 @@ discard block |
||
| 2861 | 2861 | logEvents( |
| 2862 | 2862 | $SETTINGS, |
| 2863 | 2863 | 'user_mngt', |
| 2864 | - 'at_user_new_' . $value[0] . ':' . $value[1], |
|
| 2864 | + 'at_user_new_'.$value[0].':'.$value[1], |
|
| 2865 | 2865 | (string) $session->get('user-id'), |
| 2866 | 2866 | $session->get('user-login'), |
| 2867 | 2867 | filter_input(INPUT_POST, 'id', FILTER_SANITIZE_FULL_SPECIAL_CHARS) |
@@ -2895,7 +2895,7 @@ discard block |
||
| 2895 | 2895 | |
| 2896 | 2896 | // Get info about user |
| 2897 | 2897 | $data_user = DB::queryFirstRow( |
| 2898 | - 'SELECT admin, isAdministratedByRole FROM ' . prefixTable('users') . ' |
|
| 2898 | + 'SELECT admin, isAdministratedByRole FROM '.prefixTable('users').' |
|
| 2899 | 2899 | WHERE id = %i', |
| 2900 | 2900 | $id[1] |
| 2901 | 2901 | ); |
@@ -2314,7 +2314,9 @@ discard block |
||
| 2314 | 2314 | $session = SessionManager::getSession(); |
| 2315 | 2315 | $lang = new Language($session->get('user-language') ?? 'english'); |
| 2316 | 2316 | |
| 2317 | - if (WIP === true) error_log("--- USER OAUTH2 NOT EXISTS IN TEAMPASS ---"); |
|
| 2317 | + if (WIP === true) { |
|
| 2318 | + error_log("--- USER OAUTH2 NOT EXISTS IN TEAMPASS ---"); |
|
| 2319 | + } |
|
| 2318 | 2320 | |
| 2319 | 2321 | return [ |
| 2320 | 2322 | 'error' => true, |
@@ -2348,7 +2350,9 @@ discard block |
||
| 2348 | 2350 | } |
| 2349 | 2351 | |
| 2350 | 2352 | // Oauth2 user already exists and authenticated |
| 2351 | - if (WIP === true) error_log("--- USER AUTHENTICATED ---"); |
|
| 2353 | + if (WIP === true) { |
|
| 2354 | + error_log("--- USER AUTHENTICATED ---"); |
|
| 2355 | + } |
|
| 2352 | 2356 | $userInfo['has_been_created'] = 0; |
| 2353 | 2357 | |
| 2354 | 2358 | $passwordManager = new PasswordManager(); |
@@ -2563,8 +2567,9 @@ discard block |
||
| 2563 | 2567 | ); |
| 2564 | 2568 | |
| 2565 | 2569 | // No valid email address for user |
| 2566 | - if (!$userInfos || !filter_var($userInfos['email'], FILTER_VALIDATE_EMAIL)) |
|
| 2567 | - return; |
|
| 2570 | + if (!$userInfos || !filter_var($userInfos['email'], FILTER_VALIDATE_EMAIL)) { |
|
| 2571 | + return; |
|
| 2572 | + } |
|
| 2568 | 2573 | |
| 2569 | 2574 | $unlock_url = $SETTINGS['cpassman_url'].'/self-unlock.php?login='.$value.'&otp='.$unlock_code; |
| 2570 | 2575 | |
@@ -77,7 +77,7 @@ discard block |
||
| 77 | 77 | ) { |
| 78 | 78 | // Not allowed page |
| 79 | 79 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 80 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 80 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 81 | 81 | exit; |
| 82 | 82 | } |
| 83 | 83 | |
@@ -128,7 +128,7 @@ discard block |
||
| 128 | 128 | if (isset($order['column']) && preg_match('#^(asc|desc)$#i', $order['dir'])) { |
| 129 | 129 | $columnIndex = filter_var($order['column'], FILTER_SANITIZE_NUMBER_INT); |
| 130 | 130 | $dir = filter_var($order['dir'], FILTER_SANITIZE_FULL_SPECIAL_CHARS); |
| 131 | - $sOrder .= $aColumns[$columnIndex] . ' ' . $dir . ', '; |
|
| 131 | + $sOrder .= $aColumns[$columnIndex].' '.$dir.', '; |
|
| 132 | 132 | } |
| 133 | 133 | |
| 134 | 134 | $sOrder = substr_replace($sOrder, '', -2); |
@@ -152,15 +152,15 @@ discard block |
||
| 152 | 152 | |
| 153 | 153 | if ($letter !== '' && $letter !== 'None') { |
| 154 | 154 | $sWhere .= ' AND ('; |
| 155 | - $sWhere .= $aColumns[1] . " LIKE '" . $letter . "%' OR "; |
|
| 156 | - $sWhere .= $aColumns[2] . " LIKE '" . $letter . "%' OR "; |
|
| 157 | - $sWhere .= $aColumns[3] . " LIKE '" . $letter . "%' "; |
|
| 155 | + $sWhere .= $aColumns[1]." LIKE '".$letter."%' OR "; |
|
| 156 | + $sWhere .= $aColumns[2]." LIKE '".$letter."%' OR "; |
|
| 157 | + $sWhere .= $aColumns[3]." LIKE '".$letter."%' "; |
|
| 158 | 158 | $sWhere .= ')'; |
| 159 | 159 | } elseif ($searchValue !== '') { |
| 160 | 160 | $sWhere .= ' AND ('; |
| 161 | - $sWhere .= $aColumns[1] . " LIKE '" . $searchValue . "%' OR "; |
|
| 162 | - $sWhere .= $aColumns[2] . " LIKE '" . $searchValue . "%' OR "; |
|
| 163 | - $sWhere .= $aColumns[3] . " LIKE '" . $searchValue . "%' "; |
|
| 161 | + $sWhere .= $aColumns[1]." LIKE '".$searchValue."%' OR "; |
|
| 162 | + $sWhere .= $aColumns[2]." LIKE '".$searchValue."%' OR "; |
|
| 163 | + $sWhere .= $aColumns[3]." LIKE '".$searchValue."%' "; |
|
| 164 | 164 | $sWhere .= ')'; |
| 165 | 165 | } |
| 166 | 166 | |
@@ -246,7 +246,7 @@ discard block |
||
| 246 | 246 | // Check for existing lock |
| 247 | 247 | $unlock_at = DB::queryFirstField( |
| 248 | 248 | 'SELECT MAX(unlock_at) |
| 249 | - FROM ' . prefixTable('auth_failures') . ' |
|
| 249 | + FROM ' . prefixTable('auth_failures').' |
|
| 250 | 250 | WHERE unlock_at > %s AND source = %s AND value = %s', |
| 251 | 251 | date('Y-m-d H:i:s', time()), |
| 252 | 252 | 'login', |
@@ -255,33 +255,31 @@ discard block |
||
| 255 | 255 | |
| 256 | 256 | // Get some infos about user |
| 257 | 257 | $userDisplayInfos = |
| 258 | - (isset($userDate['date']) ? '<i class=\"fas fa-calendar-day infotip text-info ml-2\" title=\"'.$lang->get('creation_date').': '.date($SETTINGS['date_format'] . ' ' . $SETTINGS['time_format'], (int) $userDate['date']).'\"></i>' : '') |
|
| 258 | + (isset($userDate['date']) ? '<i class=\"fas fa-calendar-day infotip text-info ml-2\" title=\"'.$lang->get('creation_date').': '.date($SETTINGS['date_format'].' '.$SETTINGS['time_format'], (int) $userDate['date']).'\"></i>' : '') |
|
| 259 | 259 | . |
| 260 | 260 | ((int) $record['last_connexion'] > 0 ? '<i class=\"far fa-clock infotip text-info ml-2\" title=\"'.$lang->get('index_last_seen').": ". |
| 261 | - date($SETTINGS['date_format'] . ' ' . $SETTINGS['time_format'], (int) $record['last_connexion']).'\"></i>' : '') |
|
| 261 | + date($SETTINGS['date_format'].' '.$SETTINGS['time_format'], (int) $record['last_connexion']).'\"></i>' : '') |
|
| 262 | 262 | . |
| 263 | 263 | ((int) $record['user_ip'] > 0 ? '<i class=\"fas fa-street-view infotip text-info ml-1\" title=\"'.$lang->get('ip').": ".($record['user_ip']).'\"></i>' : '') |
| 264 | 264 | . |
| 265 | 265 | (($record['auth_type'] === 'ldap' || $record['auth_type'] === 'oauth2') ? '<i class=\"far fa-address-book infotip text-warning ml-1\" title=\"'.$lang->get('managed_through_ad').'\"></i>' : '') |
| 266 | 266 | . |
| 267 | 267 | ((in_array($record['id'], [OTV_USER_ID, TP_USER_ID, SSH_USER_ID, API_USER_ID]) === false && (int) $record['admin'] !== 1 && ((int) $SETTINGS['duo'] === 1 || (int) $SETTINGS['google_authentication'] === 1)) ? |
| 268 | - ((int) $record['mfa_enabled'] === 1 ? '' : '<i class=\"fa-solid fa-fingerprint infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('mfa_disabled_for_user').'\"></i>') : |
|
| 269 | - '' |
|
| 268 | + ((int) $record['mfa_enabled'] === 1 ? '' : '<i class=\"fa-solid fa-fingerprint infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('mfa_disabled_for_user').'\"></i>') : '' |
|
| 270 | 269 | ) |
| 271 | 270 | . |
| 272 | 271 | (($unlock_at) ? '<i class=\"fas fa-solid text-red fa-lock infotip text-info ml-1\" title=\"'.$lang->get('bruteforce_unlock_at').$unlock_at.'\"></i>' : ''); |
| 273 | 272 | if ($request->query->filter('display_warnings', '', FILTER_VALIDATE_BOOLEAN) === true) { |
| 274 | 273 | $userDisplayInfos .= '<br>'. |
| 275 | 274 | ((in_array($record['id'], [OTV_USER_ID, TP_USER_ID, SSH_USER_ID, API_USER_ID]) === false && (int) $record['admin'] !== 1 && is_null($record['keys_recovery_time']) === true) ? |
| 276 | - '<i class=\"fa-solid fa-download infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('recovery_keys_not_downloaded').'\"></i>' : |
|
| 277 | - '' |
|
| 275 | + '<i class=\"fa-solid fa-download infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('recovery_keys_not_downloaded').'\"></i>' : '' |
|
| 278 | 276 | ). |
| 279 | 277 | ((in_array($record['id'], [OTV_USER_ID, TP_USER_ID, SSH_USER_ID, API_USER_ID]) === false && (int) $record['pw_passwordlib'] === 1) ? '<i class=\"fa-solid fa-person-walking-luggage infotip ml-1\" style=\"color:Tomato\" title=\"Old password encryption. Shall login to initialize.\"></i>' : ''); |
| 280 | 278 | } |
| 281 | 279 | |
| 282 | 280 | $sOutput .= '["<span data-id=\"'.$record['id'].'\" data-fullname=\"'. |
| 283 | - (empty($record['name']) === false ? htmlentities($record['name'], ENT_QUOTES|ENT_SUBSTITUTE|ENT_DISALLOWED) : '').' '. |
|
| 284 | - (empty($record['lastname']) === false ? htmlentities($record['lastname'], ENT_QUOTES|ENT_SUBSTITUTE|ENT_DISALLOWED) : ''). |
|
| 281 | + (empty($record['name']) === false ? htmlentities($record['name'], ENT_QUOTES | ENT_SUBSTITUTE | ENT_DISALLOWED) : '').' '. |
|
| 282 | + (empty($record['lastname']) === false ? htmlentities($record['lastname'], ENT_QUOTES | ENT_SUBSTITUTE | ENT_DISALLOWED) : ''). |
|
| 285 | 283 | '\" data-auth-type=\"'.$record['auth_type'].'\" data-special=\"'.$record['special'].'\" data-mfa-enabled=\"'.$record['mfa_enabled'].'\" data-otp-provided=\"'.(isset($record['otp_provided']) === true ? $record['otp_provided'] : '').'\"></span>", '; |
| 286 | 284 | //col2 |
| 287 | 285 | $sOutput .= '"'. |
