nilsteampassnet /
TeamPass
@@ -85,8 +85,8 @@ |
||
| 85 | 85 | ); |
| 86 | 86 | if ($row['valeur'] === "true") { |
| 87 | 87 | /** |
| 88 | - * Permits to delete files and folders recursively |
|
| 89 | - */ |
|
| 88 | + * Permits to delete files and folders recursively |
|
| 89 | + */ |
|
| 90 | 90 | function delTree($dir) |
| 91 | 91 | { |
| 92 | 92 | $files = array_diff(scandir($dir), array('.', '..')); |
@@ -18,15 +18,15 @@ discard block |
||
| 18 | 18 | |
| 19 | 19 | // Load config if $SETTINGS not defined |
| 20 | 20 | if (!isset($SETTINGS['cpassman_dir']) || empty($SETTINGS['cpassman_dir'])) { |
| 21 | - if (file_exists('../includes/config/tp.config.php')) { |
|
| 22 | - require_once '../includes/config/tp.config.php'; |
|
| 23 | - } elseif (file_exists('./includes/config/tp.config.php')) { |
|
| 24 | - require_once './includes/config/tp.config.php'; |
|
| 25 | - } elseif (file_exists('../../includes/config/tp.config.php')) { |
|
| 26 | - require_once '../../includes/config/tp.config.php'; |
|
| 27 | - } else { |
|
| 28 | - throw new Exception("Error file '/includes/config/tp.config.php' not exists", 1); |
|
| 29 | - } |
|
| 21 | + if (file_exists('../includes/config/tp.config.php')) { |
|
| 22 | + require_once '../includes/config/tp.config.php'; |
|
| 23 | + } elseif (file_exists('./includes/config/tp.config.php')) { |
|
| 24 | + require_once './includes/config/tp.config.php'; |
|
| 25 | + } elseif (file_exists('../../includes/config/tp.config.php')) { |
|
| 26 | + require_once '../../includes/config/tp.config.php'; |
|
| 27 | + } else { |
|
| 28 | + throw new Exception("Error file '/includes/config/tp.config.php' not exists", 1); |
|
| 29 | + } |
|
| 30 | 30 | } |
| 31 | 31 | |
| 32 | 32 | // load phpCrypt |
@@ -1430,7 +1430,7 @@ discard block |
||
| 1430 | 1430 | // Can we use PHP7 random_int function? |
| 1431 | 1431 | if (version_compare(phpversion(), '7.0', '>=')) { |
| 1432 | 1432 | require_once $SETTINGS['cpassman_dir'].'/includes/libraries/PasswordGenerator/RandomGenerator/Php7RandomGenerator.php'; |
| 1433 | - $generator->setRandomGenerator(new PasswordGenerator\RandomGenerator\Php7RandomGenerator()); |
|
| 1433 | + $generator->setRandomGenerator(new PasswordGenerator\RandomGenerator\Php7RandomGenerator()); |
|
| 1434 | 1434 | } |
| 1435 | 1435 | |
| 1436 | 1436 | // init |
@@ -700,20 +700,20 @@ |
||
| 700 | 700 | && $SETTINGS['maintenance_mode'] === '1') |
| 701 | 701 | ) { |
| 702 | 702 | if (strpos($_SERVER['PHP_AUTH_USER'], '@') !== false) { |
| 703 | - $username = explode("@", $_SERVER['PHP_AUTH_USER'])[0]; |
|
| 704 | - } elseif (strpos($_SERVER['PHP_AUTH_USER'], '\\') !== false) { |
|
| 705 | - $username = explode("\\", $_SERVER['PHP_AUTH_USER'])[1]; |
|
| 706 | - } else { |
|
| 707 | - $username = $_SERVER['PHP_AUTH_USER']; |
|
| 708 | - } |
|
| 709 | - echo ' |
|
| 703 | + $username = explode("@", $_SERVER['PHP_AUTH_USER'])[0]; |
|
| 704 | + } elseif (strpos($_SERVER['PHP_AUTH_USER'], '\\') !== false) { |
|
| 705 | + $username = explode("\\", $_SERVER['PHP_AUTH_USER'])[1]; |
|
| 706 | + } else { |
|
| 707 | + $username = $_SERVER['PHP_AUTH_USER']; |
|
| 708 | + } |
|
| 709 | + echo ' |
|
| 710 | 710 | <div style="margin-bottom:3px;"> |
| 711 | 711 | <label for="login" class="form_label">', isset($SETTINGS['custom_login_text']) && !empty($SETTINGS['custom_login_text']) ? (string) $SETTINGS['custom_login_text'] : $LANG['index_login'], '</label> |
| 712 | 712 | <input type="text" size="10" id="login" name="login" class="input_text text ui-widget-content ui-corner-all" value="' , $username , '" readonly /> |
| 713 | 713 | <span id="login_check_wait" style="display:none; float:right;"><i class="fa fa-cog fa-spin fa-1x"></i></span> |
| 714 | 714 | </div>'; |
| 715 | - } else { |
|
| 716 | - echo ' |
|
| 715 | + } else { |
|
| 716 | + echo ' |
|
| 717 | 717 | <div style="margin-bottom:3px;"> |
| 718 | 718 | <label for="login" class="form_label">', isset($SETTINGS['custom_login_text']) && !empty($SETTINGS['custom_login_text']) ? (string) $SETTINGS['custom_login_text'] : $LANG['index_login'], '</label> |
| 719 | 719 | <input type="text" size="10" id="login" name="login" class="input_text text ui-widget-content ui-corner-all" value="', empty($post_login) === false ? $post_login : '', '" /> |
@@ -105,7 +105,7 @@ discard block |
||
| 105 | 105 | //load full tree |
| 106 | 106 | $tree->rebuild(); |
| 107 | 107 | $tree = $tree->getDescendants(); |
| 108 | - // Init post variable |
|
| 108 | + // Init post variable |
|
| 109 | 109 | $post_operation_id = filter_input(INPUT_POST, 'file', FILTER_SANITIZE_NUMBER_INT); |
| 110 | 110 | |
| 111 | 111 | // Get filename from database |
@@ -436,7 +436,7 @@ discard block |
||
| 436 | 436 | } |
| 437 | 437 | |
| 438 | 438 | /** |
| 439 | - ** Recursive function that will permit to read each level of XML nodes |
|
| 439 | + ** Recursive function that will permit to read each level of XML nodes |
|
| 440 | 440 | */ |
| 441 | 441 | function recursiveKeepassXML($xmlRoot, $xmlLevel = 0) |
| 442 | 442 | { |
@@ -586,7 +586,7 @@ discard block |
||
| 586 | 586 | |
| 587 | 587 | //recursive call |
| 588 | 588 | if ($history !== true) { |
| 589 | - recursiveKeepassXML($xmlChildren, $xmlLevel + 1); |
|
| 589 | + recursiveKeepassXML($xmlChildren, $xmlLevel + 1); |
|
| 590 | 590 | } |
| 591 | 591 | |
| 592 | 592 | // Force History to false |
@@ -978,9 +978,9 @@ discard block |
||
| 978 | 978 | |
| 979 | 979 | // Get all allowed folders |
| 980 | 980 | $array_all_visible_folders = array_merge( |
| 981 | - $_SESSION['groupes_visibles'], |
|
| 982 | - $_SESSION['read_only_folders'], |
|
| 983 | - $_SESSION['personal_visible_groups'] |
|
| 981 | + $_SESSION['groupes_visibles'], |
|
| 982 | + $_SESSION['read_only_folders'], |
|
| 983 | + $_SESSION['personal_visible_groups'] |
|
| 984 | 984 | ); |
| 985 | 985 | |
| 986 | 986 | // get list of all folders |
@@ -993,7 +993,7 @@ discard block |
||
| 993 | 993 | // Can user access this subfolder? |
| 994 | 994 | |
| 995 | 995 | if (in_array($node->id, $array_all_visible_folders) === false) { |
| 996 | - continue; |
|
| 996 | + continue; |
|
| 997 | 997 | } |
| 998 | 998 | |
| 999 | 999 | // get info about current node |
@@ -2085,7 +2085,7 @@ discard block |
||
| 2085 | 2085 | $debug_ldap .= "LDAP connection : ".($ldapconn ? "Connected" : "Failed")."<br/>"; |
| 2086 | 2086 | |
| 2087 | 2087 | if ($ldapconn) { |
| 2088 | - $debug_ldap .= "DN : ".$dataReceived[0]['ldap_bind_dn']." -- ".$dataReceived[0]['ldap_bind_passwd']."<br/>"; |
|
| 2088 | + $debug_ldap .= "DN : ".$dataReceived[0]['ldap_bind_dn']." -- ".$dataReceived[0]['ldap_bind_passwd']."<br/>"; |
|
| 2089 | 2089 | ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); |
| 2090 | 2090 | ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0); |
| 2091 | 2091 | $ldapbind = ldap_bind($ldapconn, $dataReceived[0]['ldap_bind_dn'], $dataReceived[0]['ldap_bind_passwd']); |
@@ -2112,7 +2112,7 @@ discard block |
||
| 2112 | 2112 | ); |
| 2113 | 2113 | |
| 2114 | 2114 | $debug_ldap .= 'Search filter (group): '.$filter_group."<br/>". |
| 2115 | - 'Results : '.str_replace("\n","<br>", print_r(ldap_get_entries($ldapconn, $result_group), true))."<br/>"; |
|
| 2115 | + 'Results : '.str_replace("\n","<br>", print_r(ldap_get_entries($ldapconn, $result_group), true))."<br/>"; |
|
| 2116 | 2116 | |
| 2117 | 2117 | if ($result_group) { |
| 2118 | 2118 | $entries = ldap_get_entries($ldapconn, $result_group); |
@@ -2120,11 +2120,11 @@ discard block |
||
| 2120 | 2120 | if ($entries['count'] > 0) { |
| 2121 | 2121 | // Now check if group fits |
| 2122 | 2122 | for ($i=0; $i<$entries['count']; $i++) { |
| 2123 | - $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 2124 | - if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 2123 | + $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 2124 | + if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 2125 | 2125 | $GroupRestrictionEnabled = true; |
| 2126 | 2126 | break; |
| 2127 | - } |
|
| 2127 | + } |
|
| 2128 | 2128 | } |
| 2129 | 2129 | |
| 2130 | 2130 | } |
@@ -1635,7 +1635,7 @@ |
||
| 1635 | 1635 | rest_error('AUTH_NO_URL'); |
| 1636 | 1636 | } |
| 1637 | 1637 | } else { |
| 1638 | - rest_error('AUTH_NO_IDENTIFIER'); |
|
| 1638 | + rest_error('AUTH_NO_IDENTIFIER'); |
|
| 1639 | 1639 | } |
| 1640 | 1640 | } else { |
| 1641 | 1641 | rest_error('AUTH_NO_IDENTIFIER'); |
@@ -446,10 +446,10 @@ discard block |
||
| 446 | 446 | if (($SETTINGS['ldap_bind_dn'] === "" && $SETTINGS['ldap_bind_passwd'] === "") || $ldapbind === true) { |
| 447 | 447 | $filter = "(&(".$SETTINGS['ldap_user_attribute']."=".$username.")(objectClass=".$SETTINGS['ldap_object_class']."))"; |
| 448 | 448 | $result = ldap_search( |
| 449 | - $ldapconn, |
|
| 450 | - $SETTINGS['ldap_search_base'], |
|
| 451 | - $filter, |
|
| 452 | - array('dn', 'mail', 'givenname', 'sn') |
|
| 449 | + $ldapconn, |
|
| 450 | + $SETTINGS['ldap_search_base'], |
|
| 451 | + $filter, |
|
| 452 | + array('dn', 'mail', 'givenname', 'sn') |
|
| 453 | 453 | ); |
| 454 | 454 | if ($debugLdap == 1) { |
| 455 | 455 | fputs( |
@@ -496,11 +496,11 @@ discard block |
||
| 496 | 496 | if ($entries['count'] > 0) { |
| 497 | 497 | // Now check if group fits |
| 498 | 498 | for ($i=0; $i<$entries['count']; $i++) { |
| 499 | - $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 500 | - if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 499 | + $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 500 | + if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 501 | 501 | $GroupRestrictionEnabled = true; |
| 502 | 502 | break; |
| 503 | - } |
|
| 503 | + } |
|
| 504 | 504 | } |
| 505 | 505 | |
| 506 | 506 | } |
@@ -50,23 +50,23 @@ |
||
| 50 | 50 | Handle CASES |
| 51 | 51 | */ |
| 52 | 52 | switch (filter_input(INPUT_POST, 'type', FILTER_SANITIZE_STRING)) { |
| 53 | -case "checkSessionExists": |
|
| 54 | - // Case permit to check if SESSION is still valid |
|
| 55 | - session_start(); |
|
| 56 | - if (isset($_SESSION['CPM']) === true) { |
|
| 57 | - echo "1"; |
|
| 58 | - } else { |
|
| 59 | - // In case that no session is available |
|
| 60 | - // Force the page to be reloaded and attach the CSRFP info |
|
| 61 | - |
|
| 62 | - // Load CSRFP |
|
| 63 | - $csrfp_array = include '../includes/libraries/csrfp/libs/csrfp.config.php'; |
|
| 64 | - |
|
| 65 | - // Send back CSRFP info |
|
| 66 | - echo $csrfp_array['CSRFP_TOKEN'].";".filter_input(INPUT_POST, $csrfp_array['CSRFP_TOKEN'], FILTER_SANITIZE_STRING); |
|
| 67 | - } |
|
| 53 | + case "checkSessionExists": |
|
| 54 | + // Case permit to check if SESSION is still valid |
|
| 55 | + session_start(); |
|
| 56 | + if (isset($_SESSION['CPM']) === true) { |
|
| 57 | + echo "1"; |
|
| 58 | + } else { |
|
| 59 | + // In case that no session is available |
|
| 60 | + // Force the page to be reloaded and attach the CSRFP info |
|
| 61 | + |
|
| 62 | + // Load CSRFP |
|
| 63 | + $csrfp_array = include '../includes/libraries/csrfp/libs/csrfp.config.php'; |
|
| 64 | + |
|
| 65 | + // Send back CSRFP info |
|
| 66 | + echo $csrfp_array['CSRFP_TOKEN'].";".filter_input(INPUT_POST, $csrfp_array['CSRFP_TOKEN'], FILTER_SANITIZE_STRING); |
|
| 67 | + } |
|
| 68 | 68 | |
| 69 | - break; |
|
| 69 | + break; |
|
| 70 | 70 | } |
| 71 | 71 | |
| 72 | 72 | /** |
