nilsteampassnet /
TeamPass
@@ -58,16 +58,16 @@ discard block |
||
| 58 | 58 | { |
| 59 | 59 | // Load AntiXSS |
| 60 | 60 | $antiXss = new AntiXSS(); |
| 61 | - if (! headers_sent()) { //If headers not sent yet... then do php redirect |
|
| 62 | - header('Location: ' . $antiXss->xss_clean($url)); |
|
| 61 | + if (!headers_sent()) { //If headers not sent yet... then do php redirect |
|
| 62 | + header('Location: '.$antiXss->xss_clean($url)); |
|
| 63 | 63 | } |
| 64 | 64 | |
| 65 | 65 | //If headers are sent... do java redirect... if java disabled, do html redirect. |
| 66 | 66 | echo '<script type="text/javascript">'; |
| 67 | - echo 'window.location.href="' . $antiXss->xss_clean($url) . '";'; |
|
| 67 | + echo 'window.location.href="'.$antiXss->xss_clean($url).'";'; |
|
| 68 | 68 | echo '</script>'; |
| 69 | 69 | echo '<noscript>'; |
| 70 | - echo '<meta http-equiv="refresh" content="0;url=' . $antiXss->xss_clean($url) . '" />'; |
|
| 70 | + echo '<meta http-equiv="refresh" content="0;url='.$antiXss->xss_clean($url).'" />'; |
|
| 71 | 71 | echo '</noscript>'; |
| 72 | 72 | } |
| 73 | 73 | |
@@ -93,7 +93,7 @@ discard block |
||
| 93 | 93 | && isset($SETTINGS['enable_sts']) === true |
| 94 | 94 | && (int) $SETTINGS['enable_sts'] === 1 |
| 95 | 95 | ) { |
| 96 | - teampassRedirect('https://' . $server['http_host'] . $server['request_uri']); |
|
| 96 | + teampassRedirect('https://'.$server['http_host'].$server['request_uri']); |
|
| 97 | 97 | } |
| 98 | 98 | |
| 99 | 99 | // Load pwComplexity |
@@ -114,11 +114,11 @@ discard block |
||
| 114 | 114 | // LOAD CPASSMAN SETTINGS |
| 115 | 115 | if ( |
| 116 | 116 | isset($SETTINGS['cpassman_dir']) === true |
| 117 | - && is_dir($SETTINGS['cpassman_dir'] . '/install') === true |
|
| 117 | + && is_dir($SETTINGS['cpassman_dir'].'/install') === true |
|
| 118 | 118 | ) { |
| 119 | 119 | // Should we delete folder INSTALL? |
| 120 | 120 | $row = DB::queryFirstRow( |
| 121 | - 'SELECT valeur FROM ' . prefixTable('misc') . ' WHERE type=%s AND intitule=%s', |
|
| 121 | + 'SELECT valeur FROM '.prefixTable('misc').' WHERE type=%s AND intitule=%s', |
|
| 122 | 122 | 'install', |
| 123 | 123 | 'clear_install_folder' |
| 124 | 124 | ); |
@@ -136,11 +136,11 @@ discard block |
||
| 136 | 136 | if ($directories !== false) { |
| 137 | 137 | $files = array_diff($directories, ['.', '..']); |
| 138 | 138 | foreach ($files as $file) { |
| 139 | - if (is_dir($dir . '/' . $file)) { |
|
| 140 | - delTree($dir . '/' . $file); |
|
| 139 | + if (is_dir($dir.'/'.$file)) { |
|
| 140 | + delTree($dir.'/'.$file); |
|
| 141 | 141 | } else { |
| 142 | 142 | try { |
| 143 | - unlink($dir . '/' . $file); |
|
| 143 | + unlink($dir.'/'.$file); |
|
| 144 | 144 | } catch (Exception $e) { |
| 145 | 145 | // do nothing... php will ignore and continue |
| 146 | 146 | } |
@@ -154,13 +154,13 @@ discard block |
||
| 154 | 154 | return false; |
| 155 | 155 | } |
| 156 | 156 | |
| 157 | - if (is_dir($SETTINGS['cpassman_dir'] . '/install')) { |
|
| 157 | + if (is_dir($SETTINGS['cpassman_dir'].'/install')) { |
|
| 158 | 158 | // Set the permissions on the install directory and delete |
| 159 | 159 | // is server Windows or Linux? |
| 160 | 160 | if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') { |
| 161 | - recursiveChmod($SETTINGS['cpassman_dir'] . '/install', 0755, 0440); |
|
| 161 | + recursiveChmod($SETTINGS['cpassman_dir'].'/install', 0755, 0440); |
|
| 162 | 162 | } |
| 163 | - delTree($SETTINGS['cpassman_dir'] . '/install'); |
|
| 163 | + delTree($SETTINGS['cpassman_dir'].'/install'); |
|
| 164 | 164 | } |
| 165 | 165 | |
| 166 | 166 | // Delete temporary install table |
@@ -178,10 +178,10 @@ discard block |
||
| 178 | 178 | // Load Languages stuff |
| 179 | 179 | if (isset($languagesList) === false) { |
| 180 | 180 | $languagesList = []; |
| 181 | - $rows = DB::query('SELECT * FROM ' . prefixTable('languages') . ' GROUP BY name, label, code, flag, id ORDER BY name ASC'); |
|
| 181 | + $rows = DB::query('SELECT * FROM '.prefixTable('languages').' GROUP BY name, label, code, flag, id ORDER BY name ASC'); |
|
| 182 | 182 | foreach ($rows as $record) { |
| 183 | 183 | array_push($languagesList, $record['name']); |
| 184 | - if ($session->get('user-language') === $record['name'] ) { |
|
| 184 | + if ($session->get('user-language') === $record['name']) { |
|
| 185 | 185 | $session->set('user-language_flag', $record['flag']); |
| 186 | 186 | $session->set('user-language_code', $record['code']); |
| 187 | 187 | //$session->set('user-language_label', $record['label']); |
@@ -238,7 +238,7 @@ discard block |
||
| 238 | 238 | // CHECK IF SESSION EXISTS AND IF SESSION IS VALID |
| 239 | 239 | if (empty($session->get('user-session_duration')) === false) { |
| 240 | 240 | $dataSession = DB::queryFirstRow( |
| 241 | - 'SELECT key_tempo FROM ' . prefixTable('users') . ' WHERE id=%i', |
|
| 241 | + 'SELECT key_tempo FROM '.prefixTable('users').' WHERE id=%i', |
|
| 242 | 242 | $session->get('user-id') |
| 243 | 243 | ); |
| 244 | 244 | } else { |
@@ -293,7 +293,7 @@ discard block |
||
| 293 | 293 | && ($session->has('user-admin') && $session->get('user-admin') && null !== $session->get('user-admin') && $session->get('user-admin') === 1) |
| 294 | 294 | ) { |
| 295 | 295 | $row = DB::queryFirstRow( |
| 296 | - 'SELECT valeur FROM ' . prefixTable('misc') . ' WHERE type=%s_type AND intitule=%s_intitule', |
|
| 296 | + 'SELECT valeur FROM '.prefixTable('misc').' WHERE type=%s_type AND intitule=%s_intitule', |
|
| 297 | 297 | [ |
| 298 | 298 | 'type' => 'admin', |
| 299 | 299 | 'intitule' => 'teampass_version', |
@@ -334,7 +334,7 @@ discard block |
||
| 334 | 334 | |
| 335 | 335 | syslog( |
| 336 | 336 | LOG_WARNING, |
| 337 | - 'Unlog user: ' . date('Y/m/d H:i:s') . " {$server['remote_addr']} ({$server['http_user_agent']})" |
|
| 337 | + 'Unlog user: '.date('Y/m/d H:i:s')." {$server['remote_addr']} ({$server['http_user_agent']})" |
|
| 338 | 338 | ); |
| 339 | 339 | // erase session table |
| 340 | 340 | $session->invalidate(); |
@@ -388,7 +388,7 @@ discard block |
||
| 388 | 388 | if ($session->has('user-timezone') && null !== $session->get('user-id') && empty($session->get('user-id')) === false) { |
| 389 | 389 | // query on user |
| 390 | 390 | $data = DB::queryFirstRow( |
| 391 | - 'SELECT login, admin, gestionnaire, can_manage_all_users, groupes_visibles, groupes_interdits, fonction_id, last_connexion, roles_from_ad_groups, auth_type, last_pw_change FROM ' . prefixTable('users') . ' WHERE id=%i', |
|
| 391 | + 'SELECT login, admin, gestionnaire, can_manage_all_users, groupes_visibles, groupes_interdits, fonction_id, last_connexion, roles_from_ad_groups, auth_type, last_pw_change FROM '.prefixTable('users').' WHERE id=%i', |
|
| 392 | 392 | $session->get('user-id') |
| 393 | 393 | ); |
| 394 | 394 | //Check if user has been deleted or unlogged |
@@ -435,7 +435,7 @@ discard block |
||
| 435 | 435 | $data['groupes_visibles'], |
| 436 | 436 | $data['groupes_interdits'], |
| 437 | 437 | $data['admin'], |
| 438 | - is_null($data['roles_from_ad_groups']) === true ? $data['fonction_id'] : (empty($data['roles_from_ad_groups']) === true ? $data['fonction_id'] : $data['fonction_id'] . ';' . $data['roles_from_ad_groups']), |
|
| 438 | + is_null($data['roles_from_ad_groups']) === true ? $data['fonction_id'] : (empty($data['roles_from_ad_groups']) === true ? $data['fonction_id'] : $data['fonction_id'].';'.$data['roles_from_ad_groups']), |
|
| 439 | 439 | $SETTINGS |
| 440 | 440 | ); |
| 441 | 441 | if ($session->has('user-can_create_root_folder') && (int) $session->get('user-can_create_root_folder') && null !== $session->get('user-can_create_root_folder') && (int) $session->get('user-can_create_root_folder') === 1) { |
@@ -470,7 +470,7 @@ discard block |
||
| 470 | 470 | $session->set('system-item_fields', []); |
| 471 | 471 | $rows = DB::query( |
| 472 | 472 | 'SELECT * |
| 473 | - FROM ' . prefixTable('categories') . ' |
|
| 473 | + FROM ' . prefixTable('categories').' |
|
| 474 | 474 | WHERE level=%i', |
| 475 | 475 | '0' |
| 476 | 476 | ); |
@@ -479,7 +479,7 @@ discard block |
||
| 479 | 479 | // get each field |
| 480 | 480 | $rows2 = DB::query( |
| 481 | 481 | 'SELECT * |
| 482 | - FROM ' . prefixTable('categories') . ' |
|
| 482 | + FROM ' . prefixTable('categories').' |
|
| 483 | 483 | WHERE parent_id=%i |
| 484 | 484 | ORDER BY `order` ASC', |
| 485 | 485 | $record['id'] |
@@ -566,5 +566,5 @@ discard block |
||
| 566 | 566 | } |
| 567 | 567 | |
| 568 | 568 | /* CHECK NUMBER OF USER ONLINE */ |
| 569 | -DB::query('SELECT * FROM ' . prefixTable('users') . ' WHERE timestamp>=%i', time() - 600); |
|
| 569 | +DB::query('SELECT * FROM '.prefixTable('users').' WHERE timestamp>=%i', time() - 600); |
|
| 570 | 570 | $session->set('system-nb_users_online', DB::count()); |
@@ -72,37 +72,37 @@ |
||
| 72 | 72 | { |
| 73 | 73 | // Delete all item keys for which no user exist |
| 74 | 74 | DB::query( |
| 75 | - 'DELETE k.* FROM ' . prefixTable('sharekeys_items') . ' k |
|
| 76 | - LEFT JOIN ' . prefixTable('users') . ' u ON k.user_id = u.id |
|
| 75 | + 'DELETE k.* FROM '.prefixTable('sharekeys_items').' k |
|
| 76 | + LEFT JOIN ' . prefixTable('users').' u ON k.user_id = u.id |
|
| 77 | 77 | WHERE u.id IS NULL OR u.deleted_at IS NOT NULL' |
| 78 | 78 | ); |
| 79 | 79 | |
| 80 | 80 | // Delete all files keys for which no item exist |
| 81 | 81 | DB::query( |
| 82 | - 'DELETE k.* FROM ' . prefixTable('sharekeys_files') . ' k |
|
| 83 | - LEFT JOIN ' . prefixTable('items') . ' i ON k.object_id = i.id |
|
| 82 | + 'DELETE k.* FROM '.prefixTable('sharekeys_files').' k |
|
| 83 | + LEFT JOIN ' . prefixTable('items').' i ON k.object_id = i.id |
|
| 84 | 84 | WHERE i.id IS NULL' |
| 85 | 85 | ); |
| 86 | 86 | |
| 87 | 87 | // Delete all fields keys for which no item exist |
| 88 | 88 | DB::query( |
| 89 | - 'DELETE k.* FROM ' . prefixTable('sharekeys_fields') . ' k |
|
| 90 | - LEFT JOIN ' . prefixTable('categories_items') . ' c ON k.object_id = c.id |
|
| 91 | - LEFT JOIN ' . prefixTable('items') . ' i ON c.item_id = i.id |
|
| 89 | + 'DELETE k.* FROM '.prefixTable('sharekeys_fields').' k |
|
| 90 | + LEFT JOIN ' . prefixTable('categories_items').' c ON k.object_id = c.id |
|
| 91 | + LEFT JOIN ' . prefixTable('items').' i ON c.item_id = i.id |
|
| 92 | 92 | WHERE c.id IS NULL OR i.id IS NULL' |
| 93 | 93 | ); |
| 94 | 94 | |
| 95 | 95 | // Delete all item logs for which no user exist |
| 96 | 96 | DB::query( |
| 97 | - 'DELETE l.* FROM ' . prefixTable('log_items') . ' l |
|
| 98 | - LEFT JOIN ' . prefixTable('items') . ' i ON l.id_item = i.id |
|
| 97 | + 'DELETE l.* FROM '.prefixTable('log_items').' l |
|
| 98 | + LEFT JOIN ' . prefixTable('items').' i ON l.id_item = i.id |
|
| 99 | 99 | WHERE i.id IS NULL' |
| 100 | 100 | ); |
| 101 | 101 | |
| 102 | 102 | // Delete all system logs for which no user exist |
| 103 | 103 | DB::query( |
| 104 | - 'DELETE l.* FROM ' . prefixTable('log_system') . ' l |
|
| 105 | - LEFT JOIN ' . prefixTable('users') . ' u ON l.qui = u.id |
|
| 104 | + 'DELETE l.* FROM '.prefixTable('log_system').' l |
|
| 105 | + LEFT JOIN ' . prefixTable('users').' u ON l.qui = u.id |
|
| 106 | 106 | WHERE u.id IS NULL OR u.deleted_at IS NOT NULL' |
| 107 | 107 | ); |
| 108 | 108 | |
@@ -73,7 +73,7 @@ discard block |
||
| 73 | 73 | { |
| 74 | 74 | global $SETTINGS; |
| 75 | 75 | // Load expected files |
| 76 | - require_once __DIR__. '/../sources/main.functions.php'; |
|
| 76 | + require_once __DIR__.'/../sources/main.functions.php'; |
|
| 77 | 77 | $SETTINGS = $SETTINGS ?? []; |
| 78 | 78 | |
| 79 | 79 | // $SETTINGS is set then read folder |
@@ -83,7 +83,7 @@ discard block |
||
| 83 | 83 | //delete file FILES |
| 84 | 84 | while (false !== ($f = readdir($dir))) { |
| 85 | 85 | if ($f !== '.' && $f !== '..' && $f !== '.htaccess') { |
| 86 | - $filePath = $SETTINGS['path_to_files_folder'] . '/' . $f; |
|
| 86 | + $filePath = $SETTINGS['path_to_files_folder'].'/'.$f; |
|
| 87 | 87 | if (file_exists($filePath) && ((time() - filectime($filePath)) > 604800)) { |
| 88 | 88 | fileDelete($filePath, $SETTINGS); |
| 89 | 89 | } |
@@ -104,7 +104,7 @@ discard block |
||
| 104 | 104 | while (false !== ($f = readdir($dir))) { |
| 105 | 105 | if ($f !== '.' && $f !== '..') { |
| 106 | 106 | if (strpos($f, '_delete.') > 0) { |
| 107 | - fileDelete($SETTINGS['path_to_upload_folder'] . '/' . $f, $SETTINGS); |
|
| 107 | + fileDelete($SETTINGS['path_to_upload_folder'].'/'.$f, $SETTINGS); |
|
| 108 | 108 | } |
| 109 | 109 | } |
| 110 | 110 | } |
@@ -77,7 +77,7 @@ discard block |
||
| 77 | 77 | ) { |
| 78 | 78 | // Not allowed page |
| 79 | 79 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 80 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 80 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 81 | 81 | exit; |
| 82 | 82 | } |
| 83 | 83 | |
@@ -128,7 +128,7 @@ discard block |
||
| 128 | 128 | if (isset($order['column']) && preg_match('#^(asc|desc)$#i', $order['dir'])) { |
| 129 | 129 | $columnIndex = filter_var($order['column'], FILTER_SANITIZE_NUMBER_INT); |
| 130 | 130 | $dir = filter_var($order['dir'], FILTER_SANITIZE_FULL_SPECIAL_CHARS); |
| 131 | - $sOrder .= $aColumns[$columnIndex] . ' ' . $dir . ', '; |
|
| 131 | + $sOrder .= $aColumns[$columnIndex].' '.$dir.', '; |
|
| 132 | 132 | } |
| 133 | 133 | |
| 134 | 134 | $sOrder = substr_replace($sOrder, '', -2); |
@@ -152,15 +152,15 @@ discard block |
||
| 152 | 152 | |
| 153 | 153 | if ($letter !== '' && $letter !== 'None') { |
| 154 | 154 | $sWhere .= ' AND ('; |
| 155 | - $sWhere .= $aColumns[1] . " LIKE '" . $letter . "%' OR "; |
|
| 156 | - $sWhere .= $aColumns[2] . " LIKE '" . $letter . "%' OR "; |
|
| 157 | - $sWhere .= $aColumns[3] . " LIKE '" . $letter . "%' "; |
|
| 155 | + $sWhere .= $aColumns[1]." LIKE '".$letter."%' OR "; |
|
| 156 | + $sWhere .= $aColumns[2]." LIKE '".$letter."%' OR "; |
|
| 157 | + $sWhere .= $aColumns[3]." LIKE '".$letter."%' "; |
|
| 158 | 158 | $sWhere .= ')'; |
| 159 | 159 | } elseif ($searchValue !== '') { |
| 160 | 160 | $sWhere .= ' AND ('; |
| 161 | - $sWhere .= $aColumns[1] . " LIKE '" . $searchValue . "%' OR "; |
|
| 162 | - $sWhere .= $aColumns[2] . " LIKE '" . $searchValue . "%' OR "; |
|
| 163 | - $sWhere .= $aColumns[3] . " LIKE '" . $searchValue . "%' "; |
|
| 161 | + $sWhere .= $aColumns[1]." LIKE '".$searchValue."%' OR "; |
|
| 162 | + $sWhere .= $aColumns[2]." LIKE '".$searchValue."%' OR "; |
|
| 163 | + $sWhere .= $aColumns[3]." LIKE '".$searchValue."%' "; |
|
| 164 | 164 | $sWhere .= ')'; |
| 165 | 165 | } |
| 166 | 166 | |
@@ -246,7 +246,7 @@ discard block |
||
| 246 | 246 | // Check for existing lock |
| 247 | 247 | $unlock_at = DB::queryFirstField( |
| 248 | 248 | 'SELECT MAX(unlock_at) |
| 249 | - FROM ' . prefixTable('auth_failures') . ' |
|
| 249 | + FROM ' . prefixTable('auth_failures').' |
|
| 250 | 250 | WHERE unlock_at > %s AND source = %s AND value = %s', |
| 251 | 251 | date('Y-m-d H:i:s', time()), |
| 252 | 252 | 'login', |
@@ -255,33 +255,31 @@ discard block |
||
| 255 | 255 | |
| 256 | 256 | // Get some infos about user |
| 257 | 257 | $userDisplayInfos = |
| 258 | - (isset($userDate['date']) ? '<i class=\"fas fa-calendar-day infotip text-info ml-2\" title=\"'.$lang->get('creation_date').': '.date($SETTINGS['date_format'] . ' ' . $SETTINGS['time_format'], (int) $userDate['date']).'\"></i>' : '') |
|
| 258 | + (isset($userDate['date']) ? '<i class=\"fas fa-calendar-day infotip text-info ml-2\" title=\"'.$lang->get('creation_date').': '.date($SETTINGS['date_format'].' '.$SETTINGS['time_format'], (int) $userDate['date']).'\"></i>' : '') |
|
| 259 | 259 | . |
| 260 | 260 | ((int) $record['last_connexion'] > 0 ? '<i class=\"far fa-clock infotip text-info ml-2\" title=\"'.$lang->get('index_last_seen').": ". |
| 261 | - date($SETTINGS['date_format'] . ' ' . $SETTINGS['time_format'], (int) $record['last_connexion']).'\"></i>' : '') |
|
| 261 | + date($SETTINGS['date_format'].' '.$SETTINGS['time_format'], (int) $record['last_connexion']).'\"></i>' : '') |
|
| 262 | 262 | . |
| 263 | 263 | ((int) $record['user_ip'] > 0 ? '<i class=\"fas fa-street-view infotip text-info ml-1\" title=\"'.$lang->get('ip').": ".($record['user_ip']).'\"></i>' : '') |
| 264 | 264 | . |
| 265 | 265 | (($record['auth_type'] === 'ldap' || $record['auth_type'] === 'oauth2') ? '<i class=\"far fa-address-book infotip text-warning ml-1\" title=\"'.$lang->get('managed_through_ad').'\"></i>' : '') |
| 266 | 266 | . |
| 267 | 267 | ((in_array($record['id'], [OTV_USER_ID, TP_USER_ID, SSH_USER_ID, API_USER_ID]) === false && (int) $record['admin'] !== 1 && ((int) $SETTINGS['duo'] === 1 || (int) $SETTINGS['google_authentication'] === 1)) ? |
| 268 | - ((int) $record['mfa_enabled'] === 1 ? '' : '<i class=\"fa-solid fa-fingerprint infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('mfa_disabled_for_user').'\"></i>') : |
|
| 269 | - '' |
|
| 268 | + ((int) $record['mfa_enabled'] === 1 ? '' : '<i class=\"fa-solid fa-fingerprint infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('mfa_disabled_for_user').'\"></i>') : '' |
|
| 270 | 269 | ) |
| 271 | 270 | . |
| 272 | 271 | (($unlock_at) ? '<i class=\"fas fa-solid text-red fa-lock infotip text-info ml-1\" title=\"'.$lang->get('bruteforce_unlock_at').$unlock_at.'\"></i>' : ''); |
| 273 | 272 | if ($request->query->filter('display_warnings', '', FILTER_VALIDATE_BOOLEAN) === true) { |
| 274 | 273 | $userDisplayInfos .= '<br>'. |
| 275 | 274 | ((in_array($record['id'], [OTV_USER_ID, TP_USER_ID, SSH_USER_ID, API_USER_ID]) === false && (int) $record['admin'] !== 1 && is_null($record['keys_recovery_time']) === true) ? |
| 276 | - '<i class=\"fa-solid fa-download infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('recovery_keys_not_downloaded').'\"></i>' : |
|
| 277 | - '' |
|
| 275 | + '<i class=\"fa-solid fa-download infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('recovery_keys_not_downloaded').'\"></i>' : '' |
|
| 278 | 276 | ). |
| 279 | 277 | ((in_array($record['id'], [OTV_USER_ID, TP_USER_ID, SSH_USER_ID, API_USER_ID]) === false && (int) $record['pw_passwordlib'] === 1) ? '<i class=\"fa-solid fa-person-walking-luggage infotip ml-1\" style=\"color:Tomato\" title=\"Old password encryption. Shall login to initialize.\"></i>' : ''); |
| 280 | 278 | } |
| 281 | 279 | |
| 282 | 280 | $sOutput .= '["<span data-id=\"'.$record['id'].'\" data-fullname=\"'. |
| 283 | - (empty($record['name']) === false ? htmlentities($record['name'], ENT_QUOTES|ENT_SUBSTITUTE|ENT_DISALLOWED) : '').' '. |
|
| 284 | - (empty($record['lastname']) === false ? htmlentities($record['lastname'], ENT_QUOTES|ENT_SUBSTITUTE|ENT_DISALLOWED) : ''). |
|
| 281 | + (empty($record['name']) === false ? htmlentities($record['name'], ENT_QUOTES | ENT_SUBSTITUTE | ENT_DISALLOWED) : '').' '. |
|
| 282 | + (empty($record['lastname']) === false ? htmlentities($record['lastname'], ENT_QUOTES | ENT_SUBSTITUTE | ENT_DISALLOWED) : ''). |
|
| 285 | 283 | '\" data-auth-type=\"'.$record['auth_type'].'\" data-special=\"'.$record['special'].'\" data-mfa-enabled=\"'.$record['mfa_enabled'].'\" data-otp-provided=\"'.(isset($record['otp_provided']) === true ? $record['otp_provided'] : '').'\"></span>", '; |
| 286 | 284 | //col2 |
| 287 | 285 | $sOutput .= '"'. |
@@ -71,7 +71,7 @@ discard block |
||
| 71 | 71 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('oauth') === false) { |
| 72 | 72 | // Not allowed page |
| 73 | 73 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 74 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 74 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 75 | 75 | exit; |
| 76 | 76 | } |
| 77 | 77 | ?> |
@@ -226,7 +226,7 @@ discard block |
||
| 226 | 226 | if (data[i].selected_role === 1) { |
| 227 | 227 | selected_role = data[i].id; |
| 228 | 228 | } |
| 229 | - html_admin_by += '<option value="' + data[i].id + '"><?php echo $lang->get('managers_of') . ' '; ?>' + data[i].title + '</option>'; |
|
| 229 | + html_admin_by += '<option value="' + data[i].id + '"><?php echo $lang->get('managers_of').' '; ?>' + data[i].title + '</option>'; |
|
| 230 | 230 | html_roles += '<option value="' + data[i].id + '">' + data[i].title + '</option>'; |
| 231 | 231 | } |
| 232 | 232 | $('#oauth_new_user_is_administrated_by') |
@@ -255,7 +255,7 @@ discard block |
||
| 255 | 255 | }).fail(function(error) { |
| 256 | 256 | toastr.remove(); |
| 257 | 257 | toastr.error( |
| 258 | - '<?php echo $lang->get('server_answer_error') . '<br />' . $lang->get('server_returned_data') . ':<br />'; ?>' + error, |
|
| 258 | + '<?php echo $lang->get('server_answer_error').'<br />'.$lang->get('server_returned_data').':<br />'; ?>' + error, |
|
| 259 | 259 | '', { |
| 260 | 260 | closeButton: true, |
| 261 | 261 | positionClass: 'toast-bottom-right' |
@@ -91,7 +91,7 @@ discard block |
||
| 91 | 91 | |
| 92 | 92 | $parentComplexity = $this->checkComplexityLevel($parentFolderData, $complexity, $parent_id); |
| 93 | 93 | if (isset($parentComplexity['error']) && $parentComplexity['error'] === true) { |
| 94 | - return $this->errorResponse($this->lang->get('error_folder_complexity_lower_than_top_folder') . " [<b>{$this->settings['TP_PW_COMPLEXITY'][$parentComplexity['valeur']][1]}</b>]"); |
|
| 94 | + return $this->errorResponse($this->lang->get('error_folder_complexity_lower_than_top_folder')." [<b>{$this->settings['TP_PW_COMPLEXITY'][$parentComplexity['valeur']][1]}</b>]"); |
|
| 95 | 95 | } |
| 96 | 96 | |
| 97 | 97 | return $this->createFolder($params, array_merge($parentFolderData, $parentComplexity), $options); |
@@ -144,7 +144,7 @@ discard block |
||
| 144 | 144 | ) { |
| 145 | 145 | DB::query( |
| 146 | 146 | 'SELECT * |
| 147 | - FROM ' . prefixTable('nested_tree') . ' |
|
| 147 | + FROM ' . prefixTable('nested_tree').' |
|
| 148 | 148 | WHERE title = %s AND personal_folder = 0', |
| 149 | 149 | $title |
| 150 | 150 | ); |
@@ -168,7 +168,7 @@ discard block |
||
| 168 | 168 | //check if parent folder is personal |
| 169 | 169 | $data = DB::queryFirstRow( |
| 170 | 170 | 'SELECT personal_folder, bloquer_creation, bloquer_modification |
| 171 | - FROM ' . prefixTable('nested_tree') . ' |
|
| 171 | + FROM ' . prefixTable('nested_tree').' |
|
| 172 | 172 | WHERE id = %i', |
| 173 | 173 | $parent_id |
| 174 | 174 | ); |
@@ -207,7 +207,7 @@ discard block |
||
| 207 | 207 | // get complexity level for this folder |
| 208 | 208 | $data = DB::queryFirstRow( |
| 209 | 209 | 'SELECT valeur |
| 210 | - FROM ' . prefixTable('misc') . ' |
|
| 210 | + FROM ' . prefixTable('misc').' |
|
| 211 | 211 | WHERE intitule = %i AND type = %s', |
| 212 | 212 | $parent_id, |
| 213 | 213 | 'complex' |
@@ -278,11 +278,11 @@ discard block |
||
| 278 | 278 | */ |
| 279 | 279 | private function canCreateFolder($isPersonal, $user_is_admin, $user_is_manager, $user_can_manage_all_users, $user_can_create_root_folder) |
| 280 | 280 | { |
| 281 | - return (int)$isPersonal === 1 || |
|
| 282 | - (int)$user_is_admin === 1 || |
|
| 283 | - ((int)$user_is_manager === 1 || (int)$user_can_manage_all_users === 1) || |
|
| 281 | + return (int) $isPersonal === 1 || |
|
| 282 | + (int) $user_is_admin === 1 || |
|
| 283 | + ((int) $user_is_manager === 1 || (int) $user_can_manage_all_users === 1) || |
|
| 284 | 284 | ($this->settings['enable_user_can_create_folders'] ?? false) || |
| 285 | - ((int)$user_can_create_root_folder === 1); |
|
| 285 | + ((int) $user_can_create_root_folder === 1); |
|
| 286 | 286 | } |
| 287 | 287 | |
| 288 | 288 | /** |
@@ -362,7 +362,7 @@ discard block |
||
| 362 | 362 | $path = ''; |
| 363 | 363 | $tree_path = $tree->getPath(0, false); |
| 364 | 364 | foreach ($tree_path as $fld) { |
| 365 | - $path .= empty($path) ? $fld->title : '/' . $fld->title; |
|
| 365 | + $path .= empty($path) ? $fld->title : '/'.$fld->title; |
|
| 366 | 366 | } |
| 367 | 367 | |
| 368 | 368 | $new_json = [ |
@@ -378,7 +378,7 @@ discard block |
||
| 378 | 378 | |
| 379 | 379 | $cache_tree = DB::queryFirstRow( |
| 380 | 380 | 'SELECT increment_id, folders, visible_folders |
| 381 | - FROM ' . prefixTable('cache_tree') . ' |
|
| 381 | + FROM ' . prefixTable('cache_tree').' |
|
| 382 | 382 | WHERE user_id = %i', |
| 383 | 383 | (int) $user_id |
| 384 | 384 | ); |
@@ -419,7 +419,7 @@ discard block |
||
| 419 | 419 | private function manageFolderPermissions($parent_id, $newId, $user_roles, $access_rights, $user_is_admin) |
| 420 | 420 | { |
| 421 | 421 | if ($parent_id !== 0 && $this->settings['subfolder_rights_as_parent'] ?? false) { |
| 422 | - $rows = DB::query('SELECT role_id, type FROM ' . prefixTable('roles_values') . ' WHERE folder_id = %i', $parent_id); |
|
| 422 | + $rows = DB::query('SELECT role_id, type FROM '.prefixTable('roles_values').' WHERE folder_id = %i', $parent_id); |
|
| 423 | 423 | foreach ($rows as $record) { |
| 424 | 424 | DB::insert(prefixTable('roles_values'), [ |
| 425 | 425 | 'role_id' => $record['role_id'], |
@@ -427,7 +427,7 @@ discard block |
||
| 427 | 427 | 'type' => $record['type'], |
| 428 | 428 | ]); |
| 429 | 429 | } |
| 430 | - } elseif ((int)$user_is_admin !== 1) { |
|
| 430 | + } elseif ((int) $user_is_admin !== 1) { |
|
| 431 | 431 | foreach (array_unique(explode(';', $user_roles)) as $role) { |
| 432 | 432 | if (!empty($role)) { |
| 433 | 433 | DB::insert(prefixTable('roles_values'), [ |
@@ -445,7 +445,7 @@ discard block |
||
| 445 | 445 | */ |
| 446 | 446 | private function copyCustomFieldsCategories($parent_id, $newId) |
| 447 | 447 | { |
| 448 | - $rows = DB::query('SELECT id_category FROM ' . prefixTable('categories_folders') . ' WHERE id_folder = %i', $parent_id); |
|
| 448 | + $rows = DB::query('SELECT id_category FROM '.prefixTable('categories_folders').' WHERE id_folder = %i', $parent_id); |
|
| 449 | 449 | foreach ($rows as $record) { |
| 450 | 450 | DB::insert(prefixTable('categories_folders'), [ |
| 451 | 451 | 'id_category' => $record['id_category'], |
@@ -470,7 +470,7 @@ discard block |
||
| 470 | 470 | // Search for existing job |
| 471 | 471 | $count = DB::queryFirstRow( |
| 472 | 472 | 'SELECT COUNT(*) AS count |
| 473 | - FROM ' . prefixTable('background_tasks') . ' |
|
| 473 | + FROM ' . prefixTable('background_tasks').' |
|
| 474 | 474 | WHERE is_in_progress = %i AND process_type = %s AND arguments = %s', |
| 475 | 475 | 0, |
| 476 | 476 | 'user_build_cache_tree', |
@@ -504,7 +504,7 @@ discard block |
||
| 504 | 504 | return [ |
| 505 | 505 | 'error' => true, |
| 506 | 506 | 'message' => $message, |
| 507 | - 'newId' => '' . $newIdSuffix, |
|
| 507 | + 'newId' => ''.$newIdSuffix, |
|
| 508 | 508 | ]; |
| 509 | 509 | } |
| 510 | 510 | } |
@@ -79,7 +79,7 @@ discard block |
||
| 79 | 79 | ) { |
| 80 | 80 | // Not allowed page |
| 81 | 81 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 82 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 82 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 83 | 83 | exit; |
| 84 | 84 | } |
| 85 | 85 | |
@@ -167,7 +167,7 @@ discard block |
||
| 167 | 167 | ); |
| 168 | 168 | |
| 169 | 169 | // Initialisation |
| 170 | - $file = $SETTINGS['path_to_files_folder'] . '/' . $data['valeur']; |
|
| 170 | + $file = $SETTINGS['path_to_files_folder'].'/'.$data['valeur']; |
|
| 171 | 171 | $importation_possible = true; |
| 172 | 172 | $valuesToImport = []; |
| 173 | 173 | $items_number = 0; |
@@ -224,26 +224,26 @@ discard block |
||
| 224 | 224 | 'ISO-8859-1', |
| 225 | 225 | 'ISO-8859-15', |
| 226 | 226 | 'Windows-1252', |
| 227 | - 'Windows-1251', // Cyrillique |
|
| 228 | - 'CP1251', // Cyrillique alternatif |
|
| 229 | - 'KOI8-R', // Cyrillique russe |
|
| 230 | - 'Shift_JIS', // Japonais |
|
| 231 | - 'EUC-JP', // Japonais |
|
| 232 | - 'ISO-2022-JP', // Japonais |
|
| 233 | - 'TIS-620', // ThaĂŻ |
|
| 234 | - 'Windows-874', // ThaĂŻ Windows |
|
| 235 | - 'Big5', // Chinois traditionnel |
|
| 236 | - 'GB2312', // Chinois simplifié |
|
| 237 | - 'GBK', // Chinois simplifié étendu |
|
| 238 | - 'EUC-KR', // Coréen |
|
| 239 | - 'ISO-8859-2', // Europe centrale |
|
| 240 | - 'ISO-8859-5', // Cyrillique ISO |
|
| 241 | - 'ISO-8859-7', // Grec |
|
| 242 | - 'Windows-1250', // Europe centrale |
|
| 243 | - 'Windows-1253', // Grec |
|
| 244 | - 'Windows-1254', // Turc |
|
| 245 | - 'Windows-1255', // HĂ©breu |
|
| 246 | - 'Windows-1256', // Arabe |
|
| 227 | + 'Windows-1251', // Cyrillique |
|
| 228 | + 'CP1251', // Cyrillique alternatif |
|
| 229 | + 'KOI8-R', // Cyrillique russe |
|
| 230 | + 'Shift_JIS', // Japonais |
|
| 231 | + 'EUC-JP', // Japonais |
|
| 232 | + 'ISO-2022-JP', // Japonais |
|
| 233 | + 'TIS-620', // ThaĂŻ |
|
| 234 | + 'Windows-874', // ThaĂŻ Windows |
|
| 235 | + 'Big5', // Chinois traditionnel |
|
| 236 | + 'GB2312', // Chinois simplifié |
|
| 237 | + 'GBK', // Chinois simplifié étendu |
|
| 238 | + 'EUC-KR', // Coréen |
|
| 239 | + 'ISO-8859-2', // Europe centrale |
|
| 240 | + 'ISO-8859-5', // Cyrillique ISO |
|
| 241 | + 'ISO-8859-7', // Grec |
|
| 242 | + 'Windows-1250', // Europe centrale |
|
| 243 | + 'Windows-1253', // Grec |
|
| 244 | + 'Windows-1254', // Turc |
|
| 245 | + 'Windows-1255', // HĂ©breu |
|
| 246 | + 'Windows-1256', // Arabe |
|
| 247 | 247 | ]; |
| 248 | 248 | |
| 249 | 249 | // Get the list of encodings supported by the system |
@@ -286,7 +286,7 @@ discard block |
||
| 286 | 286 | |
| 287 | 287 | // Get the data and ensure columns are correctly mapped |
| 288 | 288 | $interpreter = new Interpreter(); |
| 289 | - $interpreter->addObserver(function (array $row) use (&$valuesToImport, $header) { |
|
| 289 | + $interpreter->addObserver(function(array $row) use (&$valuesToImport, $header) { |
|
| 290 | 290 | $rowData = array_combine($header, $row); |
| 291 | 291 | |
| 292 | 292 | if ($rowData !== false) { |
@@ -339,7 +339,7 @@ discard block |
||
| 339 | 339 | // Handle multiple lignes description |
| 340 | 340 | if (strpos($comments, '<br>') !== false || strpos($label, '<br>') !== false) { |
| 341 | 341 | $continue_on_next_line = true; |
| 342 | - $comment .= " " . $label . " " . $comments; |
|
| 342 | + $comment .= " ".$label." ".$comments; |
|
| 343 | 343 | } else { |
| 344 | 344 | // Insert previous line if changing line |
| 345 | 345 | if (!empty($label)) { |
@@ -348,7 +348,7 @@ discard block |
||
| 348 | 348 | // Insert in batch |
| 349 | 349 | $batchInsert[] = array( |
| 350 | 350 | 'label' => $label, |
| 351 | - 'description' => $comment . $comments, |
|
| 351 | + 'description' => $comment.$comments, |
|
| 352 | 352 | 'pwd' => $pwd, |
| 353 | 353 | 'url' => $url, |
| 354 | 354 | 'folder' => ((int) $session->get('user-admin') === 1 || (int) $session->get('user-manager') === 1 || (int) $session->get('user-can_manage_all_users') === 1) ? $folder : '', |
@@ -379,7 +379,7 @@ discard block |
||
| 379 | 379 | // Insert in batch |
| 380 | 380 | $batchInsert[] = array( |
| 381 | 381 | 'label' => $label, |
| 382 | - 'description' => $comment . $comments, |
|
| 382 | + 'description' => $comment.$comments, |
|
| 383 | 383 | 'pwd' => $pwd, |
| 384 | 384 | 'url' => $url, |
| 385 | 385 | 'folder' => ((int) $session->get('user-admin') === 1 || (int) $session->get('user-manager') === 1 || (int) $session->get('user-can_manage_all_users') === 1) ? $folder : '', |
@@ -403,10 +403,10 @@ discard block |
||
| 403 | 403 | $values = []; |
| 404 | 404 | |
| 405 | 405 | foreach ($batchInsert as $data) { |
| 406 | - $values[] = "('" . implode("','", array_map('addslashes', $data)) . "')"; |
|
| 406 | + $values[] = "('".implode("','", array_map('addslashes', $data))."')"; |
|
| 407 | 407 | } |
| 408 | 408 | |
| 409 | - $sql = "INSERT INTO `$tableName` (`label`, `description`, `pwd`, `url`, `folder`, `login`, `operation_id`) VALUES " . implode(',', $values); |
|
| 409 | + $sql = "INSERT INTO `$tableName` (`label`, `description`, `pwd`, `url`, `folder`, `login`, `operation_id`) VALUES ".implode(',', $values); |
|
| 410 | 410 | |
| 411 | 411 | DB::query($sql); |
| 412 | 412 | } |
@@ -489,7 +489,7 @@ discard block |
||
| 489 | 489 | $parentId = $dataReceived['folderId']; // Strating with provided folder |
| 490 | 490 | |
| 491 | 491 | foreach ($parts as $part) { |
| 492 | - $currentPath = trim($currentPath . "/" . $part, "/"); |
|
| 492 | + $currentPath = trim($currentPath."/".$part, "/"); |
|
| 493 | 493 | $currentFolder = $part; |
| 494 | 494 | |
| 495 | 495 | // Check if this folder has already been created |
@@ -550,7 +550,7 @@ discard block |
||
| 550 | 550 | // Get ID of existing folder |
| 551 | 551 | $ret = DB::queryFirstRow( |
| 552 | 552 | 'SELECT * |
| 553 | - FROM ' . prefixTable('nested_tree') . ' |
|
| 553 | + FROM ' . prefixTable('nested_tree').' |
|
| 554 | 554 | WHERE title = %s', |
| 555 | 555 | $currentFolder |
| 556 | 556 | ); |
@@ -760,9 +760,9 @@ discard block |
||
| 760 | 760 | ]; |
| 761 | 761 | |
| 762 | 762 | error_log( |
| 763 | - 'SQL Error during import | increment_id: ' . $item['increment_id'] . |
|
| 764 | - ' | Message: ' . $e->getMessage() . |
|
| 765 | - ' | StackTrace: ' . $e->getTraceAsString() |
|
| 763 | + 'SQL Error during import | increment_id: '.$item['increment_id']. |
|
| 764 | + ' | Message: '.$e->getMessage(). |
|
| 765 | + ' | StackTrace: '.$e->getTraceAsString() |
|
| 766 | 766 | ); |
| 767 | 767 | } |
| 768 | 768 | } |
@@ -1071,7 +1071,7 @@ discard block |
||
| 1071 | 1071 | ]; |
| 1072 | 1072 | $startPathLevel = 1; |
| 1073 | 1073 | |
| 1074 | - foreach($post_folders as $folder) { |
|
| 1074 | + foreach ($post_folders as $folder) { |
|
| 1075 | 1075 | // get parent id |
| 1076 | 1076 | if (!isset($arrFolders[$folder['parentFolderId']])) { |
| 1077 | 1077 | // If parent folder is not in the array, it means it is the destination folder |
@@ -1147,7 +1147,7 @@ discard block |
||
| 1147 | 1147 | DB::startTransaction(); |
| 1148 | 1148 | |
| 1149 | 1149 | // Import all items |
| 1150 | - foreach($post_items as $item) { |
|
| 1150 | + foreach ($post_items as $item) { |
|
| 1151 | 1151 | // get info about this folder |
| 1152 | 1152 | $destinationFolderMore = DB::queryFirstRow( |
| 1153 | 1153 | 'SELECT title FROM '.prefixTable('nested_tree').' WHERE id = %i', |
@@ -1178,7 +1178,7 @@ discard block |
||
| 1178 | 1178 | 'pw' => $cryptedStuff['encrypted'], |
| 1179 | 1179 | 'pw_iv' => '', |
| 1180 | 1180 | 'url' => substr($item['URL'], 0, 500), |
| 1181 | - 'id_tree' => isset($post_folders[$item['parentFolderId']]['id']) ? (int)$post_folders[$item['parentFolderId']]['id'] : 0, |
|
| 1181 | + 'id_tree' => isset($post_folders[$item['parentFolderId']]['id']) ? (int) $post_folders[$item['parentFolderId']]['id'] : 0, |
|
| 1182 | 1182 | 'login' => substr($item['UserName'], 0, 500), |
| 1183 | 1183 | 'anyone_can_modify' => $$inputData['editAll'], |
| 1184 | 1184 | 'encryption_type' => 'teampass_aes', |
@@ -1313,7 +1313,7 @@ discard block |
||
| 1313 | 1313 | |
| 1314 | 1314 | //For each role to which the user depends on, add the folder just created. |
| 1315 | 1315 | // (if not personal, otherwise, add to user-personal_folders) |
| 1316 | - if ( $isPersonalFolder ) { |
|
| 1316 | + if ($isPersonalFolder) { |
|
| 1317 | 1317 | SessionManager::addRemoveFromSessionArray('user-personal_folders', [$id], 'add'); |
| 1318 | 1318 | } else { |
| 1319 | 1319 | foreach ($session->get('system-array_roles') as $role) { |
@@ -1384,7 +1384,7 @@ discard block |
||
| 1384 | 1384 | ]; |
| 1385 | 1385 | } |
| 1386 | 1386 | |
| 1387 | -spl_autoload_register(function ($class) { |
|
| 1387 | +spl_autoload_register(function($class) { |
|
| 1388 | 1388 | $prefix = 'League\\Csv\\'; |
| 1389 | 1389 | $base_dir = __DIR__.'/src/'; |
| 1390 | 1390 | $len = strlen($prefix); |
@@ -74,7 +74,7 @@ discard block |
||
| 74 | 74 | ) { |
| 75 | 75 | // Not allowed page |
| 76 | 76 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 77 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 77 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 78 | 78 | exit; |
| 79 | 79 | } |
| 80 | 80 | |
@@ -107,7 +107,7 @@ discard block |
||
| 107 | 107 | $post_isNewItem = $request->request->filter('isNewItem', null, FILTER_SANITIZE_NUMBER_INT); |
| 108 | 108 | $post_randomId = $request->request->filter('randomId', null, FILTER_SANITIZE_NUMBER_INT); |
| 109 | 109 | $post_isPersonal = $request->request->filter('isPersonal', null, FILTER_SANITIZE_NUMBER_INT); |
| 110 | -$post_fileSize= $request->request->filter('file_size', null, FILTER_SANITIZE_NUMBER_INT); |
|
| 110 | +$post_fileSize = $request->request->filter('file_size', null, FILTER_SANITIZE_NUMBER_INT); |
|
| 111 | 111 | $chunk = $request->request->filter('chunk', 0, FILTER_SANITIZE_NUMBER_INT); |
| 112 | 112 | $chunks = $request->request->filter('chunks', 0, FILTER_SANITIZE_NUMBER_INT); |
| 113 | 113 | $fileName = $request->request->filter('name', '', FILTER_SANITIZE_FULL_SPECIAL_CHARS); |
@@ -122,10 +122,10 @@ discard block |
||
| 122 | 122 | $unit = strtoupper(substr(trim($POST_MAX_SIZE), -1)); // Assurez-vous de bien gérer les espaces éventuels |
| 123 | 123 | $units = ['G' => 1073741824, 'M' => 1048576, 'K' => 1024]; |
| 124 | 124 | $multiplier = $units[$unit] ?? 1; // Vérifie si l'unité est dans le tableau, sinon 1 |
| 125 | - $maxSize = (int)$POST_MAX_SIZE * $multiplier; |
|
| 125 | + $maxSize = (int) $POST_MAX_SIZE * $multiplier; |
|
| 126 | 126 | |
| 127 | 127 | // CHeck if the POST is too big |
| 128 | - if (!empty($_SERVER['CONTENT_LENGTH']) && (int)$_SERVER['CONTENT_LENGTH'] > $maxSize && $maxSize > 0) { |
|
| 128 | + if (!empty($_SERVER['CONTENT_LENGTH']) && (int) $_SERVER['CONTENT_LENGTH'] > $maxSize && $maxSize > 0) { |
|
| 129 | 129 | handleAttachmentError('POST exceeded maximum allowed size.', 111, 413); |
| 130 | 130 | } |
| 131 | 131 | |
@@ -134,7 +134,7 @@ discard block |
||
| 134 | 134 | handleAttachmentError('File exceeds the maximum allowed size', 120, 413); |
| 135 | 135 | die(); |
| 136 | 136 | } |
| 137 | - if (WIP === true) error_log('POST_MAX_SIZE: ' . $POST_MAX_SIZE." - CONTENT_LENGTH: ".$_SERVER['CONTENT_LENGTH']." - UNIT: ".$unit." - MAX: ".$maxSize." - MULTIPLIER: ".$multiplier." - FILE_SIZE: ".$post_fileSize); |
|
| 137 | + if (WIP === true) error_log('POST_MAX_SIZE: '.$POST_MAX_SIZE." - CONTENT_LENGTH: ".$_SERVER['CONTENT_LENGTH']." - UNIT: ".$unit." - MAX: ".$maxSize." - MULTIPLIER: ".$multiplier." - FILE_SIZE: ".$post_fileSize); |
|
| 138 | 138 | |
| 139 | 139 | // delete expired tokens |
| 140 | 140 | DB::delete(prefixTable('tokens'), 'end_timestamp < %i', time()); |
@@ -185,7 +185,7 @@ discard block |
||
| 185 | 185 | // check if token is expired |
| 186 | 186 | $data = DB::queryFirstRow( |
| 187 | 187 | 'SELECT end_timestamp |
| 188 | - FROM ' . prefixTable('tokens') . ' |
|
| 188 | + FROM ' . prefixTable('tokens').' |
|
| 189 | 189 | WHERE user_id = %i AND token = %s', |
| 190 | 190 | $session->get('user-id'), |
| 191 | 191 | $post_user_token |
@@ -218,7 +218,7 @@ discard block |
||
| 218 | 218 | |
| 219 | 219 | // HTTP headers for no cache etc |
| 220 | 220 | header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); |
| 221 | -header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); |
|
| 221 | +header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT'); |
|
| 222 | 222 | header('Cache-Control: no-store, no-cache, must-revalidate'); |
| 223 | 223 | header('Cache-Control: post-check=0, pre-check=0', false); |
| 224 | 224 | |
@@ -256,7 +256,7 @@ discard block |
||
| 256 | 256 | // Validate file name (for our purposes we'll just remove invalid characters) |
| 257 | 257 | $file_name = preg_replace('[^A-Za-z0-9]', '', strtolower(basename($_FILES['file']['name']))); |
| 258 | 258 | if (strlen($file_name) == 0 || strlen($file_name) > $MAX_FILENAME_LENGTH) { |
| 259 | - handleAttachmentError('Invalid file name: ' . $file_name . '.', 114); |
|
| 259 | + handleAttachmentError('Invalid file name: '.$file_name.'.', 114); |
|
| 260 | 260 | } |
| 261 | 261 | |
| 262 | 262 | // Validate file extension |
@@ -269,8 +269,8 @@ discard block |
||
| 269 | 269 | $ext, |
| 270 | 270 | explode( |
| 271 | 271 | ',', |
| 272 | - $SETTINGS['upload_docext'] . ',' . $SETTINGS['upload_imagesext'] . |
|
| 273 | - ',' . $SETTINGS['upload_pkgext'] . ',' . $SETTINGS['upload_otherext'] |
|
| 272 | + $SETTINGS['upload_docext'].','.$SETTINGS['upload_imagesext']. |
|
| 273 | + ','.$SETTINGS['upload_pkgext'].','.$SETTINGS['upload_otherext'] |
|
| 274 | 274 | ) |
| 275 | 275 | ) === false |
| 276 | 276 | ) { |
@@ -283,24 +283,24 @@ discard block |
||
| 283 | 283 | |
| 284 | 284 | // Clean the fileName for security reasons |
| 285 | 285 | $fileInfo = pathinfo($fileName); |
| 286 | -$fileName = base64_encode($fileInfo['filename']) . '.' . $fileInfo['extension']; |
|
| 286 | +$fileName = base64_encode($fileInfo['filename']).'.'.$fileInfo['extension']; |
|
| 287 | 287 | $fileFullSize = 0; |
| 288 | 288 | |
| 289 | 289 | // Make sure the fileName is unique but only if chunking is disabled |
| 290 | -if ($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName)) { |
|
| 290 | +if ($chunks < 2 && file_exists($targetDir.DIRECTORY_SEPARATOR.$fileName)) { |
|
| 291 | 291 | $ext = strrpos($fileName, '.'); |
| 292 | 292 | $fileNameA = substr($fileName, 0, $ext); |
| 293 | 293 | $fileNameB = substr($fileName, $ext); |
| 294 | 294 | |
| 295 | 295 | $count = 1; |
| 296 | - while (file_exists($targetDir . DIRECTORY_SEPARATOR . $fileNameA . '_' . $count . $fileNameB)) { |
|
| 296 | + while (file_exists($targetDir.DIRECTORY_SEPARATOR.$fileNameA.'_'.$count.$fileNameB)) { |
|
| 297 | 297 | ++$count; |
| 298 | 298 | } |
| 299 | 299 | |
| 300 | - $fileName = $fileNameA . '_' . $count . $fileNameB; |
|
| 300 | + $fileName = $fileNameA.'_'.$count.$fileNameB; |
|
| 301 | 301 | } |
| 302 | 302 | |
| 303 | -$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName; |
|
| 303 | +$filePath = $targetDir.DIRECTORY_SEPARATOR.$fileName; |
|
| 304 | 304 | |
| 305 | 305 | // Create target dir |
| 306 | 306 | if (file_exists($targetDir) === false) { |
@@ -314,7 +314,7 @@ discard block |
||
| 314 | 314 | // Remove old temp files |
| 315 | 315 | if ($cleanupTargetDir && is_dir($targetDir) && ($dir = opendir($targetDir))) { |
| 316 | 316 | while (($file = readdir($dir)) !== false) { |
| 317 | - $tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file; |
|
| 317 | + $tmpfilePath = $targetDir.DIRECTORY_SEPARATOR.$file; |
|
| 318 | 318 | |
| 319 | 319 | // Remove temp file if it is older than the max age and is not the current file |
| 320 | 320 | if ( |
@@ -416,7 +416,7 @@ discard block |
||
| 416 | 416 | prefixTable('files'), |
| 417 | 417 | array( |
| 418 | 418 | 'id_item' => $post_itemId, |
| 419 | - 'name' => 'b64:' . $fileName, // add "b64:" prefix to indicate that the file name is base64 encoded |
|
| 419 | + 'name' => 'b64:'.$fileName, // add "b64:" prefix to indicate that the file name is base64 encoded |
|
| 420 | 420 | 'size' => $post_fileSize, |
| 421 | 421 | 'extension' => $fileInfo['extension'], |
| 422 | 422 | 'type' => $_FILES['file']['type'], |
@@ -433,8 +433,8 @@ discard block |
||
| 433 | 433 | // This is a public object |
| 434 | 434 | $users = DB::query( |
| 435 | 435 | 'SELECT id, public_key |
| 436 | - FROM ' . prefixTable('users') . ' |
|
| 437 | - WHERE id NOT IN ("' . OTV_USER_ID . '","' . SSH_USER_ID . '","' . API_USER_ID . '") |
|
| 436 | + FROM ' . prefixTable('users').' |
|
| 437 | + WHERE id NOT IN ("' . OTV_USER_ID.'","'.SSH_USER_ID.'","'.API_USER_ID.'") |
|
| 438 | 438 | AND public_key != ""' |
| 439 | 439 | ); |
| 440 | 440 | foreach ($users as $user) { |
@@ -468,14 +468,14 @@ discard block |
||
| 468 | 468 | 'date' => time(), |
| 469 | 469 | 'id_user' => $session->get('user-id'), |
| 470 | 470 | 'action' => 'at_modification', |
| 471 | - 'raison' => 'at_add_file : ' . $fileName . ':' . $newID, |
|
| 471 | + 'raison' => 'at_add_file : '.$fileName.':'.$newID, |
|
| 472 | 472 | ) |
| 473 | 473 | ); |
| 474 | 474 | } |
| 475 | 475 | } |
| 476 | 476 | |
| 477 | 477 | // Return JSON-RPC response |
| 478 | -die('{"jsonrpc" : "2.0", "result" : null, "id" : "' . $newID . '"}'); |
|
| 478 | +die('{"jsonrpc" : "2.0", "result" : null, "id" : "'.$newID.'"}'); |
|
| 479 | 479 | |
| 480 | 480 | /** |
| 481 | 481 | * Handle errors and kill script. |
@@ -76,7 +76,7 @@ discard block |
||
| 76 | 76 | ) { |
| 77 | 77 | // Not allowed page |
| 78 | 78 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 79 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 79 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 80 | 80 | exit; |
| 81 | 81 | } |
| 82 | 82 | |
@@ -130,7 +130,7 @@ discard block |
||
| 130 | 130 | } else { |
| 131 | 131 | // check if token is expired |
| 132 | 132 | $data = DB::queryFirstRow( |
| 133 | - 'SELECT end_timestamp FROM ' . prefixTable('tokens') . ' WHERE user_id = %i AND token = %s', |
|
| 133 | + 'SELECT end_timestamp FROM '.prefixTable('tokens').' WHERE user_id = %i AND token = %s', |
|
| 134 | 134 | $session->get('user-id'), |
| 135 | 135 | $post_user_token |
| 136 | 136 | ); |
@@ -154,7 +154,7 @@ discard block |
||
| 154 | 154 | |
| 155 | 155 | // HTTP headers for no cache etc |
| 156 | 156 | header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); |
| 157 | -header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); |
|
| 157 | +header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT'); |
|
| 158 | 158 | header('Cache-Control: no-store, no-cache, must-revalidate'); |
| 159 | 159 | header('Cache-Control: post-check=0, pre-check=0', false); |
| 160 | 160 | |
@@ -166,7 +166,7 @@ discard block |
||
| 166 | 166 | } |
| 167 | 167 | |
| 168 | 168 | // Set directory used to store file |
| 169 | - $targetDir = realpath($SETTINGS['cpassman_dir'] . '/includes/avatars'); |
|
| 169 | + $targetDir = realpath($SETTINGS['cpassman_dir'].'/includes/avatars'); |
|
| 170 | 170 | } else { |
| 171 | 171 | $targetDir = realpath($SETTINGS['path_to_files_folder']); |
| 172 | 172 | } |
@@ -219,7 +219,7 @@ discard block |
||
| 219 | 219 | $file_name = preg_replace('/[^a-zA-Z0-9-_\.]/', '', strtolower(basename($file->getClientOriginalName()))); |
| 220 | 220 | |
| 221 | 221 | if (strlen($file_name) == 0 || strlen($file_name) > $MAX_FILENAME_LENGTH) { |
| 222 | - error_log('Invalid file name: ' . $file_name . '.'); |
|
| 222 | + error_log('Invalid file name: '.$file_name.'.'); |
|
| 223 | 223 | echo handleUploadError('Invalid file name provided.'); |
| 224 | 224 | return false; |
| 225 | 225 | } |
@@ -233,13 +233,13 @@ discard block |
||
| 233 | 233 | $ext = strtolower($ext); |
| 234 | 234 | } else { |
| 235 | 235 | // Case where the file extension is not a string |
| 236 | - error_log('Invalid file name: ' . $file_name . '.'); |
|
| 236 | + error_log('Invalid file name: '.$file_name.'.'); |
|
| 237 | 237 | echo handleUploadError('Invalid file extension.'); |
| 238 | 238 | return false; |
| 239 | 239 | } |
| 240 | 240 | } else { |
| 241 | 241 | // Case where the file name is not a string |
| 242 | - error_log('Invalid file name: ' . $file_name . '.'); |
|
| 242 | + error_log('Invalid file name: '.$file_name.'.'); |
|
| 243 | 243 | echo handleUploadError('Invalid file.'); |
| 244 | 244 | return false; |
| 245 | 245 | } |
@@ -247,8 +247,8 @@ discard block |
||
| 247 | 247 | // Validate against a list of allowed extensions |
| 248 | 248 | $allowed_extensions = explode( |
| 249 | 249 | ',', |
| 250 | - $SETTINGS['upload_docext'] . ',' . $SETTINGS['upload_imagesext'] . |
|
| 251 | - ',' . $SETTINGS['upload_pkgext'] . ',' . $SETTINGS['upload_otherext'] |
|
| 250 | + $SETTINGS['upload_docext'].','.$SETTINGS['upload_imagesext']. |
|
| 251 | + ','.$SETTINGS['upload_pkgext'].','.$SETTINGS['upload_otherext'] |
|
| 252 | 252 | ); |
| 253 | 253 | |
| 254 | 254 | // Check if we should enforce extensions |
@@ -271,25 +271,25 @@ discard block |
||
| 271 | 271 | |
| 272 | 272 | // is destination folder writable |
| 273 | 273 | if (is_writable($SETTINGS['path_to_files_folder']) === false) { |
| 274 | - echo handleUploadError('Not enough permissions on folder ' . $SETTINGS['path_to_files_folder'] . '.'); |
|
| 274 | + echo handleUploadError('Not enough permissions on folder '.$SETTINGS['path_to_files_folder'].'.'); |
|
| 275 | 275 | return false; |
| 276 | 276 | } |
| 277 | 277 | |
| 278 | 278 | // Make sure the fileName is unique but only if chunking is disabled |
| 279 | -if ($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName)) { |
|
| 279 | +if ($chunks < 2 && file_exists($targetDir.DIRECTORY_SEPARATOR.$fileName)) { |
|
| 280 | 280 | // $ext is guaranteed to be a string due to prior checks |
| 281 | 281 | $fileNameA = substr($fileName, 0, strlen(/** @scrutinizer ignore-type */$ext)); |
| 282 | 282 | $fileNameB = substr($fileName, strlen(/** @scrutinizer ignore-type */$ext)); |
| 283 | 283 | |
| 284 | 284 | $count = 1; |
| 285 | - while (file_exists($targetDir . DIRECTORY_SEPARATOR . $fileNameA . '_' . $count . $fileNameB)) { |
|
| 285 | + while (file_exists($targetDir.DIRECTORY_SEPARATOR.$fileNameA.'_'.$count.$fileNameB)) { |
|
| 286 | 286 | ++$count; |
| 287 | 287 | } |
| 288 | 288 | |
| 289 | - $fileName = $fileNameA . '_' . $count . $fileNameB; |
|
| 289 | + $fileName = $fileNameA.'_'.$count.$fileNameB; |
|
| 290 | 290 | } |
| 291 | 291 | |
| 292 | -$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName; |
|
| 292 | +$filePath = $targetDir.DIRECTORY_SEPARATOR.$fileName; |
|
| 293 | 293 | |
| 294 | 294 | // Create target dir |
| 295 | 295 | if (!file_exists($targetDir)) { |
@@ -303,7 +303,7 @@ discard block |
||
| 303 | 303 | // Remove old temp files |
| 304 | 304 | if ($cleanupTargetDir && is_dir($targetDir) && ($dir = opendir($targetDir))) { |
| 305 | 305 | while (($fileClean = readdir($dir)) !== false) { |
| 306 | - $tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $fileClean; |
|
| 306 | + $tmpfilePath = $targetDir.DIRECTORY_SEPARATOR.$fileClean; |
|
| 307 | 307 | |
| 308 | 308 | // Remove temp file if it is older than the max age and is not the current file |
| 309 | 309 | if ( |
@@ -317,7 +317,7 @@ discard block |
||
| 317 | 317 | |
| 318 | 318 | closedir($dir); |
| 319 | 319 | } else { |
| 320 | - echo handleUploadError('Not enough permissions on folder ' . $SETTINGS['path_to_files_folder'] . '.'); |
|
| 320 | + echo handleUploadError('Not enough permissions on folder '.$SETTINGS['path_to_files_folder'].'.'); |
|
| 321 | 321 | return false; |
| 322 | 322 | } |
| 323 | 323 | |
@@ -353,7 +353,7 @@ discard block |
||
| 353 | 353 | |
| 354 | 354 | // Safe destination folder |
| 355 | 355 | $uploadDir = realpath($SETTINGS['path_to_upload_folder']); |
| 356 | - $destinationPath = $uploadDir . DIRECTORY_SEPARATOR . $fileName; |
|
| 356 | + $destinationPath = $uploadDir.DIRECTORY_SEPARATOR.$fileName; |
|
| 357 | 357 | |
| 358 | 358 | if (move_uploaded_file($tmpFilePath, $destinationPath)) { |
| 359 | 359 | // Open the moved file in read mode |
@@ -394,7 +394,7 @@ discard block |
||
| 394 | 394 | return false; |
| 395 | 395 | } |
| 396 | 396 | } else { |
| 397 | - echo handleUploadError('Failed to move uploaded file to ' . $SETTINGS['path_to_files_folder'] . '.'); |
|
| 397 | + echo handleUploadError('Failed to move uploaded file to '.$SETTINGS['path_to_files_folder'].'.'); |
|
| 398 | 398 | return false; |
| 399 | 399 | } |
| 400 | 400 | } else { |
@@ -410,14 +410,14 @@ discard block |
||
| 410 | 410 | fwrite($out, $buff); |
| 411 | 411 | } |
| 412 | 412 | } else { |
| 413 | - echo handleUploadError('Failed to open input stream ' . $SETTINGS['path_to_files_folder'] . '.'); |
|
| 413 | + echo handleUploadError('Failed to open input stream '.$SETTINGS['path_to_files_folder'].'.'); |
|
| 414 | 414 | return false; |
| 415 | 415 | } |
| 416 | 416 | |
| 417 | 417 | fclose($in); |
| 418 | 418 | fclose($out); |
| 419 | 419 | } else { |
| 420 | - echo handleUploadError('Failed to open output stream ' . $SETTINGS['path_to_files_folder'] . '.'); |
|
| 420 | + echo handleUploadError('Failed to open output stream '.$SETTINGS['path_to_files_folder'].'.'); |
|
| 421 | 421 | return false; |
| 422 | 422 | } |
| 423 | 423 | } |
@@ -450,7 +450,7 @@ discard block |
||
| 450 | 450 | ) { |
| 451 | 451 | rename( |
| 452 | 452 | $filePath, |
| 453 | - $targetDir . DIRECTORY_SEPARATOR . $newFileName |
|
| 453 | + $targetDir.DIRECTORY_SEPARATOR.$newFileName |
|
| 454 | 454 | ); |
| 455 | 455 | |
| 456 | 456 | // Add in DB |
@@ -479,7 +479,7 @@ discard block |
||
| 479 | 479 | ) { |
| 480 | 480 | rename( |
| 481 | 481 | $filePath, |
| 482 | - $targetDir . DIRECTORY_SEPARATOR . $newFileName |
|
| 482 | + $targetDir.DIRECTORY_SEPARATOR.$newFileName |
|
| 483 | 483 | ); |
| 484 | 484 | |
| 485 | 485 | // Add in DB |
@@ -512,13 +512,13 @@ discard block |
||
| 512 | 512 | // rename the file |
| 513 | 513 | rename( |
| 514 | 514 | $filePath, |
| 515 | - $targetDir . DIRECTORY_SEPARATOR . $newFileName . '.' . $ext |
|
| 515 | + $targetDir.DIRECTORY_SEPARATOR.$newFileName.'.'.$ext |
|
| 516 | 516 | ); |
| 517 | 517 | |
| 518 | 518 | // make thumbnail |
| 519 | 519 | $ret = makeThumbnail( |
| 520 | - $targetDir . DIRECTORY_SEPARATOR . $newFileName . '.' . $ext, |
|
| 521 | - $targetDir . DIRECTORY_SEPARATOR . $newFileName . '_thumb' . '.' . $ext, |
|
| 520 | + $targetDir.DIRECTORY_SEPARATOR.$newFileName.'.'.$ext, |
|
| 521 | + $targetDir.DIRECTORY_SEPARATOR.$newFileName.'_thumb'.'.'.$ext, |
|
| 522 | 522 | 40 |
| 523 | 523 | ); |
| 524 | 524 | |
@@ -530,21 +530,21 @@ discard block |
||
| 530 | 530 | } |
| 531 | 531 | |
| 532 | 532 | // get current avatar and delete it |
| 533 | - $data = DB::queryFirstRow('SELECT avatar, avatar_thumb FROM ' . prefixTable('users') . ' WHERE id=%i', $session->get('user-id')); |
|
| 534 | - fileDelete($targetDir . DIRECTORY_SEPARATOR . $data['avatar'], $SETTINGS); |
|
| 535 | - fileDelete($targetDir . DIRECTORY_SEPARATOR . $data['avatar_thumb'], $SETTINGS); |
|
| 533 | + $data = DB::queryFirstRow('SELECT avatar, avatar_thumb FROM '.prefixTable('users').' WHERE id=%i', $session->get('user-id')); |
|
| 534 | + fileDelete($targetDir.DIRECTORY_SEPARATOR.$data['avatar'], $SETTINGS); |
|
| 535 | + fileDelete($targetDir.DIRECTORY_SEPARATOR.$data['avatar_thumb'], $SETTINGS); |
|
| 536 | 536 | |
| 537 | 537 | // store in DB the new avatar |
| 538 | 538 | DB::query( |
| 539 | - 'UPDATE ' . prefixTable('users') . " |
|
| 540 | - SET avatar='" . $newFileName . '.' . $ext . "', avatar_thumb='" . $newFileName . '_thumb' . '.' . $ext . "' |
|
| 539 | + 'UPDATE '.prefixTable('users')." |
|
| 540 | + SET avatar='" . $newFileName.'.'.$ext."', avatar_thumb='".$newFileName.'_thumb'.'.'.$ext."' |
|
| 541 | 541 | WHERE id=%i", |
| 542 | 542 | $session->get('user-id') |
| 543 | 543 | ); |
| 544 | 544 | |
| 545 | 545 | // store in session |
| 546 | - $session->set('user-avatar', $newFileName . '.' . $ext); |
|
| 547 | - $session->set('user-avatar_thumb', $newFileName . '_thumb' . '.' . $ext); |
|
| 546 | + $session->set('user-avatar', $newFileName.'.'.$ext); |
|
| 547 | + $session->set('user-avatar_thumb', $newFileName.'_thumb'.'.'.$ext); |
|
| 548 | 548 | |
| 549 | 549 | // return info |
| 550 | 550 | echo prepareExchangedData( |
@@ -563,7 +563,7 @@ discard block |
||
| 563 | 563 | ) { |
| 564 | 564 | rename( |
| 565 | 565 | $filePath, |
| 566 | - $targetDir . DIRECTORY_SEPARATOR . $newFileName |
|
| 566 | + $targetDir.DIRECTORY_SEPARATOR.$newFileName |
|
| 567 | 567 | ); |
| 568 | 568 | |
| 569 | 569 | // Add in DB |
