nilsteampassnet /
TeamPass
@@ -71,7 +71,7 @@ discard block |
||
| 71 | 71 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('api') === false) { |
| 72 | 72 | // Not allowed page |
| 73 | 73 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 74 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 74 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 75 | 75 | exit; |
| 76 | 76 | } |
| 77 | 77 | |
@@ -158,7 +158,7 @@ discard block |
||
| 158 | 158 | <?php |
| 159 | 159 | $rowsKeys = DB::query( |
| 160 | 160 | 'SELECT increment_id, label, timestamp, user_id, value, read_only, allowed_folders |
| 161 | - FROM ' . prefixTable('api') . ' |
|
| 161 | + FROM ' . prefixTable('api').' |
|
| 162 | 162 | WHERE type = %s |
| 163 | 163 | ORDER BY timestamp ASC', |
| 164 | 164 | 'key' |
@@ -177,11 +177,11 @@ discard block |
||
| 177 | 177 | <?php |
| 178 | 178 | foreach ($rowsKeys as $key) { |
| 179 | 179 | echo ' |
| 180 | - <tr data-id="' . $key['increment_id'] . '"> |
|
| 181 | - <td width="50px"><i class="fas fa-trash infotip pointer delete-api-key" title="' . $lang->get('del_button') . '"></i></td> |
|
| 182 | - <td><span class="edit-api-key pointer">' . $key['label'] . '</span></td> |
|
| 183 | - <td>' . $key['value']. '</td> |
|
| 184 | - <td><i class="fas '.((int) $key['read_only'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off text-danger').' mr-1 text-center pointer api-clickme-action" data-field="read_only" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 180 | + <tr data-id="' . $key['increment_id'].'"> |
|
| 181 | + <td width="50px"><i class="fas fa-trash infotip pointer delete-api-key" title="' . $lang->get('del_button').'"></i></td> |
|
| 182 | + <td><span class="edit-api-key pointer">' . $key['label'].'</span></td> |
|
| 183 | + <td>' . $key['value'].'</td> |
|
| 184 | + <td><i class="fas '.((int) $key['read_only'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off text-danger').' mr-1 text-center pointer api-clickme-action" data-field="read_only" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 185 | 185 | </tr>'; |
| 186 | 186 | } ?> |
| 187 | 187 | </tbody> |
@@ -216,7 +216,7 @@ discard block |
||
| 216 | 216 | <div class="col-12 mt-4" id="table-api-ip"> |
| 217 | 217 | <?php |
| 218 | 218 | $rowsIps = DB::query( |
| 219 | - 'SELECT increment_id, label, timestamp value FROM ' . prefixTable('api') . ' |
|
| 219 | + 'SELECT increment_id, label, timestamp value FROM '.prefixTable('api').' |
|
| 220 | 220 | WHERE type = %s |
| 221 | 221 | ORDER BY timestamp ASC', |
| 222 | 222 | 'ip' |
@@ -234,10 +234,10 @@ discard block |
||
| 234 | 234 | <?php |
| 235 | 235 | foreach ($rowsIps as $ip) { |
| 236 | 236 | echo ' |
| 237 | - <tr data-id="' . $ip['increment_id'] . '"> |
|
| 238 | - <td width="50px"><i class="fas fa-trash infotip pointer delete-api-ip" title="' . $lang->get('del_button') . '"></i></td> |
|
| 239 | - <td><span class="edit-api-ip pointer" data-field="label">' . $ip['label'] . '</span></td> |
|
| 240 | - <td><span class="edit-api-ip pointer" data-field="value">' . $ip['value'] . '</span></td> |
|
| 237 | + <tr data-id="' . $ip['increment_id'].'"> |
|
| 238 | + <td width="50px"><i class="fas fa-trash infotip pointer delete-api-ip" title="' . $lang->get('del_button').'"></i></td> |
|
| 239 | + <td><span class="edit-api-ip pointer" data-field="label">' . $ip['label'].'</span></td> |
|
| 240 | + <td><span class="edit-api-ip pointer" data-field="value">' . $ip['value'].'</span></td> |
|
| 241 | 241 | </tr>'; |
| 242 | 242 | } ?> |
| 243 | 243 | </tbody> |
@@ -273,8 +273,8 @@ discard block |
||
| 273 | 273 | <?php |
| 274 | 274 | $rowsKeys = DB::query( |
| 275 | 275 | 'SELECT a.increment_id, a.user_id, a.read_only, a.allowed_folders, u.name, u.lastname, u.login, a.enabled |
| 276 | - FROM ' . prefixTable('api') . ' AS a |
|
| 277 | - INNER JOIN ' . prefixTable('users') . ' AS u ON a.user_id = u.id |
|
| 276 | + FROM ' . prefixTable('api').' AS a |
|
| 277 | + INNER JOIN ' . prefixTable('users').' AS u ON a.user_id = u.id |
|
| 278 | 278 | WHERE a.type = %s |
| 279 | 279 | ORDER BY u.login ASC', |
| 280 | 280 | 'user' |
@@ -292,10 +292,10 @@ discard block |
||
| 292 | 292 | <?php |
| 293 | 293 | foreach ($rowsKeys as $key) { |
| 294 | 294 | echo ' |
| 295 | - <tr data-id="' . $key['increment_id'] . '"> |
|
| 296 | - <td>' . $key['name'] . ' ' . $key['lastname'] . ' (<i>'.$key['login'].'</i>)</td> |
|
| 297 | - <td><i class="fas '.((int) $key['enabled'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="enabled" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 298 | - <td><i class="fas '.((int) $key['read_only'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off text-danger').' mr-1 text-center pointer api-clickme-action" data-field="read_only" data-increment-id="' . $key['increment_id'] . '"></i></td> |
|
| 295 | + <tr data-id="' . $key['increment_id'].'"> |
|
| 296 | + <td>' . $key['name'].' '.$key['lastname'].' (<i>'.$key['login'].'</i>)</td> |
|
| 297 | + <td><i class="fas '.((int) $key['enabled'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off').' mr-1 text-center pointer api-clickme-action" data-field="enabled" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 298 | + <td><i class="fas '.((int) $key['read_only'] === 1 ? 'fa-toggle-on text-info' : 'fa-toggle-off text-danger').' mr-1 text-center pointer api-clickme-action" data-field="read_only" data-increment-id="'.$key['increment_id'].'"></i></td> |
|
| 299 | 299 | </tr>'; |
| 300 | 300 | } ?> |
| 301 | 301 | </tbody> |
@@ -85,7 +85,7 @@ discard block |
||
| 85 | 85 | |
| 86 | 86 | $parentComplexity = $this->checkComplexityLevel($parentFolderData, $complexity, $parent_id, $user_is_admin, $user_is_manager, $user_can_manage_all_users); |
| 87 | 87 | if (!$parentComplexity) { |
| 88 | - return $this->errorResponse($this->lang->get('error_folder_complexity_lower_than_top_folder') . " [<b>{$this->settings['TP_PW_COMPLEXITY'][$parentComplexity['valeur']][1]}</b>]"); |
|
| 88 | + return $this->errorResponse($this->lang->get('error_folder_complexity_lower_than_top_folder')." [<b>{$this->settings['TP_PW_COMPLEXITY'][$parentComplexity['valeur']][1]}</b>]"); |
|
| 89 | 89 | } |
| 90 | 90 | |
| 91 | 91 | return $this->createFolder($params, array_merge($parentFolderData, $parentComplexity)); |
@@ -134,7 +134,7 @@ discard block |
||
| 134 | 134 | ) { |
| 135 | 135 | DB::query( |
| 136 | 136 | 'SELECT * |
| 137 | - FROM ' . prefixTable('nested_tree') . ' |
|
| 137 | + FROM ' . prefixTable('nested_tree').' |
|
| 138 | 138 | WHERE title = %s', |
| 139 | 139 | $title |
| 140 | 140 | ); |
@@ -158,7 +158,7 @@ discard block |
||
| 158 | 158 | //check if parent folder is personal |
| 159 | 159 | $data = DB::queryfirstrow( |
| 160 | 160 | 'SELECT personal_folder, bloquer_creation, bloquer_modification |
| 161 | - FROM ' . prefixTable('nested_tree') . ' |
|
| 161 | + FROM ' . prefixTable('nested_tree').' |
|
| 162 | 162 | WHERE id = %i', |
| 163 | 163 | $parent_id |
| 164 | 164 | ); |
@@ -203,7 +203,7 @@ discard block |
||
| 203 | 203 | // get complexity level for this folder |
| 204 | 204 | $data = DB::queryfirstrow( |
| 205 | 205 | 'SELECT valeur |
| 206 | - FROM ' . prefixTable('misc') . ' |
|
| 206 | + FROM ' . prefixTable('misc').' |
|
| 207 | 207 | WHERE intitule = %i AND type = %s', |
| 208 | 208 | $parent_id, |
| 209 | 209 | 'complex' |
@@ -348,7 +348,7 @@ discard block |
||
| 348 | 348 | && (int) $SETTINGS['subfolder_rights_as_parent'] === 1 |
| 349 | 349 | ) { |
| 350 | 350 | //If it is a subfolder, then give access to it for all roles that allows the parent folder |
| 351 | - $rows = DB::query('SELECT role_id, type FROM ' . prefixTable('roles_values') . ' WHERE folder_id = %i', $parent_id); |
|
| 351 | + $rows = DB::query('SELECT role_id, type FROM '.prefixTable('roles_values').' WHERE folder_id = %i', $parent_id); |
|
| 352 | 352 | foreach ($rows as $record) { |
| 353 | 353 | //add access to this subfolder |
| 354 | 354 | DB::insert( |
@@ -378,7 +378,7 @@ discard block |
||
| 378 | 378 | } |
| 379 | 379 | |
| 380 | 380 | // if parent folder has Custom Fields Categories then add to this child one too |
| 381 | - $rows = DB::query('SELECT id_category FROM ' . prefixTable('categories_folders') . ' WHERE id_folder = %i', $parent_id); |
|
| 381 | + $rows = DB::query('SELECT id_category FROM '.prefixTable('categories_folders').' WHERE id_folder = %i', $parent_id); |
|
| 382 | 382 | foreach ($rows as $record) { |
| 383 | 383 | //add CF Category to this subfolder |
| 384 | 384 | DB::insert( |
@@ -391,7 +391,7 @@ discard block |
||
| 391 | 391 | } |
| 392 | 392 | |
| 393 | 393 | // clear cache cache for each user that have at least one similar role as the current user |
| 394 | - $usersWithSimilarRoles = empty($user_roles) === false ? getUsersWithRoles( |
|
| 394 | + $usersWithSimilarRoles = empty($user_roles) === false ? getUsersWithRoles( |
|
| 395 | 395 | explode(";", $user_roles) |
| 396 | 396 | ) : []; |
| 397 | 397 | foreach ($usersWithSimilarRoles as $user) { |
@@ -422,7 +422,7 @@ discard block |
||
| 422 | 422 | return [ |
| 423 | 423 | 'error' => true, |
| 424 | 424 | 'message' => $message, |
| 425 | - 'newId' => '' . $newIdSuffix, |
|
| 425 | + 'newId' => ''.$newIdSuffix, |
|
| 426 | 426 | ]; |
| 427 | 427 | } |
| 428 | 428 | } |
| 429 | 429 | \ No newline at end of file |
@@ -27,7 +27,7 @@ discard block |
||
| 27 | 27 | use Firebase\JWT\JWT; |
| 28 | 28 | use Firebase\JWT\Key; |
| 29 | 29 | |
| 30 | -require_once API_ROOT_PATH . "/Model/Database.php"; |
|
| 30 | +require_once API_ROOT_PATH."/Model/Database.php"; |
|
| 31 | 31 | |
| 32 | 32 | |
| 33 | 33 | class AuthModel extends Database |
@@ -45,7 +45,7 @@ discard block |
||
| 45 | 45 | public function getUserAuth(string $login, string $password, string $apikey): array |
| 46 | 46 | { |
| 47 | 47 | // Sanitize |
| 48 | - include_once API_ROOT_PATH . '/../sources/main.functions.php'; |
|
| 48 | + include_once API_ROOT_PATH.'/../sources/main.functions.php'; |
|
| 49 | 49 | $inputData = dataSanitizer( |
| 50 | 50 | [ |
| 51 | 51 | 'login' => isset($login) === true ? $login : '', |
@@ -65,7 +65,7 @@ discard block |
||
| 65 | 65 | // Check apikey |
| 66 | 66 | if (empty($inputData['password']) === true) { |
| 67 | 67 | // case where it is a generic key |
| 68 | - $apiInfo = $this->select("SELECT count(*) FROM " . prefixTable('api') . " WHERE value='".$inputData['apikey']."' AND label='".$inputData['login']."'"); |
|
| 68 | + $apiInfo = $this->select("SELECT count(*) FROM ".prefixTable('api')." WHERE value='".$inputData['apikey']."' AND label='".$inputData['login']."'"); |
|
| 69 | 69 | if ((int) $apiInfo[0]['count(*)'] === 0) { |
| 70 | 70 | return ["error" => "Login failed.", "info" => "apikey : Not valid"]; |
| 71 | 71 | } |
@@ -76,8 +76,8 @@ discard block |
||
| 76 | 76 | // Check if user exists |
| 77 | 77 | $userInfoRes = $this->select( |
| 78 | 78 | "SELECT u.id, u.pw, u.login, u.admin, u.gestionnaire, u.can_manage_all_users, u.fonction_id, u.can_create_root_folder, u.public_key, u.private_key, u.personal_folder, u.fonction_id, u.groupes_visibles, u.groupes_interdits, a.value AS user_api_key, a.read_only as user_api_read_only, a.allowed_folders as user_api_allowed_folders, a.enabled |
| 79 | - FROM " . prefixTable('users') . " AS u |
|
| 80 | - INNER JOIN " . prefixTable('api') . " AS a ON (a.user_id=u.id) |
|
| 79 | + FROM " . prefixTable('users')." AS u |
|
| 80 | + INNER JOIN " . prefixTable('api')." AS a ON (a.user_id=u.id) |
|
| 81 | 81 | WHERE login='".$inputData['login']."'"); |
| 82 | 82 | if (count($userInfoRes) === 0) { |
| 83 | 83 | return ["error" => "Login failed.", "info" => "apikey : Not valid"]; |
@@ -105,7 +105,7 @@ discard block |
||
| 105 | 105 | // Update user's key_tempo |
| 106 | 106 | $keyTempo = bin2hex(random_bytes(16)); |
| 107 | 107 | $this->update( |
| 108 | - "UPDATE " . prefixTable('users') . " |
|
| 108 | + "UPDATE ".prefixTable('users')." |
|
| 109 | 109 | SET key_tempo='".$keyTempo."' |
| 110 | 110 | WHERE id=".$userInfo['id'] |
| 111 | 111 | ); |
@@ -114,7 +114,7 @@ discard block |
||
| 114 | 114 | $ret = $this->buildUserFoldersList($userInfo); |
| 115 | 115 | |
| 116 | 116 | // Log user |
| 117 | - include API_ROOT_PATH . '/../includes/config/tp.config.php'; |
|
| 117 | + include API_ROOT_PATH.'/../includes/config/tp.config.php'; |
|
| 118 | 118 | logEvents($SETTINGS, 'api', 'user_connection', (string) $userInfo['id'], stripslashes($userInfo['login'])); |
| 119 | 119 | |
| 120 | 120 | // create JWT |
@@ -179,7 +179,7 @@ discard block |
||
| 179 | 179 | string $allowed_folders, |
| 180 | 180 | ): array |
| 181 | 181 | { |
| 182 | - include API_ROOT_PATH . '/../includes/config/tp.config.php'; |
|
| 182 | + include API_ROOT_PATH.'/../includes/config/tp.config.php'; |
|
| 183 | 183 | |
| 184 | 184 | $payload = [ |
| 185 | 185 | 'username' => $login, |
@@ -231,7 +231,7 @@ discard block |
||
| 231 | 231 | |
| 232 | 232 | // Get folders from the roles |
| 233 | 233 | if (empty($userFunctionId) === false) { |
| 234 | - $rows = $this->select("SELECT * FROM " . prefixTable('roles_values') . " WHERE role_id IN (".$userFunctionId.") AND type IN ('W', 'ND', 'NE', 'NDNE', 'R')"); |
|
| 234 | + $rows = $this->select("SELECT * FROM ".prefixTable('roles_values')." WHERE role_id IN (".$userFunctionId.") AND type IN ('W', 'ND', 'NE', 'NDNE', 'R')"); |
|
| 235 | 235 | foreach ($rows as $record) { |
| 236 | 236 | if ($record['type'] === 'R') { |
| 237 | 237 | array_push($readOnlyFolders, $record['folder_id']); |
@@ -252,7 +252,7 @@ discard block |
||
| 252 | 252 | |
| 253 | 253 | // Does this user is allowed to see other items |
| 254 | 254 | $inc = 0; |
| 255 | - $rows = $this->select("SELECT id, id_tree FROM " . prefixTable('items') . " WHERE restricted_to LIKE '".$userInfo['id']."'". |
|
| 255 | + $rows = $this->select("SELECT id, id_tree FROM ".prefixTable('items')." WHERE restricted_to LIKE '".$userInfo['id']."'". |
|
| 256 | 256 | (empty($userFunctionId) === false ? ' AND id_tree NOT IN ('.$userFunctionId.')' : '')); |
| 257 | 257 | foreach ($rows as $record) { |
| 258 | 258 | // Exclude restriction on item if folder is fully accessible |
@@ -262,8 +262,8 @@ discard block |
||
| 262 | 262 | |
| 263 | 263 | // Check for the users roles if some specific rights exist on items |
| 264 | 264 | $rows = $this->select("SELECT i.id_tree, r.item_id |
| 265 | - FROM " . prefixTable('items') . " as i |
|
| 266 | - INNER JOIN " . prefixTable('restriction_to_roles') . " as r ON (r.item_id=i.id) |
|
| 265 | + FROM " . prefixTable('items')." as i |
|
| 266 | + INNER JOIN " . prefixTable('restriction_to_roles')." as r ON (r.item_id=i.id) |
|
| 267 | 267 | WHERE ".(empty($userFunctionId) === false ? ' id_tree NOT IN ('.$userFunctionId.') AND ' : '')." i.id_tree != '' |
| 268 | 268 | ORDER BY i.id_tree ASC"); |
| 269 | 269 | foreach ($rows as $record) { |
@@ -277,7 +277,7 @@ discard block |
||
| 277 | 277 | // Add all personal folders |
| 278 | 278 | $rows = $this->select( |
| 279 | 279 | 'SELECT id |
| 280 | - FROM ' . prefixTable('nested_tree') . ' |
|
| 280 | + FROM ' . prefixTable('nested_tree').' |
|
| 281 | 281 | WHERE title = '.$userInfo['id'].' AND personal_folder = 1'. |
| 282 | 282 | (empty($userFunctionId) === false ? ' AND id NOT IN ('.$userFunctionId.')' : ''). |
| 283 | 283 | ' LIMIT 0,1' |
@@ -22,14 +22,14 @@ discard block |
||
| 22 | 22 | * |
| 23 | 23 | * @see https://www.teampass.net |
| 24 | 24 | */ |
| 25 | -require_once API_ROOT_PATH . "/Model/Database.php"; |
|
| 25 | +require_once API_ROOT_PATH."/Model/Database.php"; |
|
| 26 | 26 | use TeampassClasses\Language\Language; |
| 27 | 27 | |
| 28 | 28 | class FolderModel extends Database |
| 29 | 29 | { |
| 30 | 30 | public function getFoldersInfo(array $foldersId): array |
| 31 | 31 | { |
| 32 | - $rows = $this->select( "SELECT id, title FROM " . prefixTable('nested_tree') . " WHERE nlevel=1" ); |
|
| 32 | + $rows = $this->select("SELECT id, title FROM ".prefixTable('nested_tree')." WHERE nlevel=1"); |
|
| 33 | 33 | |
| 34 | 34 | $ret = []; |
| 35 | 35 | |
@@ -56,9 +56,9 @@ discard block |
||
| 56 | 56 | private function getFoldersChildren(int $parentId, array $foldersId): array |
| 57 | 57 | { |
| 58 | 58 | $ret = []; |
| 59 | - $childrens = $this->select('SELECT id, title FROM ' . prefixTable('nested_tree') . ' WHERE parent_id=' . $parentId); |
|
| 59 | + $childrens = $this->select('SELECT id, title FROM '.prefixTable('nested_tree').' WHERE parent_id='.$parentId); |
|
| 60 | 60 | |
| 61 | - if ( count($childrens) > 0) { |
|
| 61 | + if (count($childrens) > 0) { |
|
| 62 | 62 | foreach ($childrens as $children) { |
| 63 | 63 | $isVisible = in_array((int) $children['id'], $foldersId); |
| 64 | 64 | $childs = $this->getFoldersChildren($children['id'], $foldersId); |
@@ -119,7 +119,7 @@ discard block |
||
| 119 | 119 | 'error' => true, |
| 120 | 120 | 'error_header' => 'HTTP/1.1 422 Unprocessable Entity', |
| 121 | 121 | 'error_message' => 'Invalid parameters' |
| 122 | - ];} |
|
| 122 | + ]; } |
|
| 123 | 123 | |
| 124 | 124 | // Create folder |
| 125 | 125 | /* |
