nilsteampassnet /
TeamPass
@@ -85,8 +85,8 @@ |
||
| 85 | 85 | ); |
| 86 | 86 | if ($row['valeur'] === "true") { |
| 87 | 87 | /** |
| 88 | - * Permits to delete files and folders recursively |
|
| 89 | - */ |
|
| 88 | + * Permits to delete files and folders recursively |
|
| 89 | + */ |
|
| 90 | 90 | function delTree($dir) |
| 91 | 91 | { |
| 92 | 92 | $files = array_diff(scandir($dir), array('.', '..')); |
@@ -105,7 +105,7 @@ discard block |
||
| 105 | 105 | //load full tree |
| 106 | 106 | $tree->rebuild(); |
| 107 | 107 | $tree = $tree->getDescendants(); |
| 108 | - // Init post variable |
|
| 108 | + // Init post variable |
|
| 109 | 109 | $post_operation_id = filter_input(INPUT_POST, 'file', FILTER_SANITIZE_NUMBER_INT); |
| 110 | 110 | |
| 111 | 111 | // Get filename from database |
@@ -436,7 +436,7 @@ discard block |
||
| 436 | 436 | } |
| 437 | 437 | |
| 438 | 438 | /** |
| 439 | - ** Recursive function that will permit to read each level of XML nodes |
|
| 439 | + ** Recursive function that will permit to read each level of XML nodes |
|
| 440 | 440 | */ |
| 441 | 441 | function recursiveKeepassXML($xmlRoot, $xmlLevel = 0) |
| 442 | 442 | { |
@@ -586,7 +586,7 @@ discard block |
||
| 586 | 586 | |
| 587 | 587 | //recursive call |
| 588 | 588 | if ($history !== true) { |
| 589 | - recursiveKeepassXML($xmlChildren, $xmlLevel + 1); |
|
| 589 | + recursiveKeepassXML($xmlChildren, $xmlLevel + 1); |
|
| 590 | 590 | } |
| 591 | 591 | |
| 592 | 592 | // Force History to false |
@@ -2085,7 +2085,7 @@ discard block |
||
| 2085 | 2085 | $debug_ldap .= "LDAP connection : ".($ldapconn ? "Connected" : "Failed")."<br/>"; |
| 2086 | 2086 | |
| 2087 | 2087 | if ($ldapconn) { |
| 2088 | - $debug_ldap .= "DN : ".$dataReceived[0]['ldap_bind_dn']." -- ".$dataReceived[0]['ldap_bind_passwd']."<br/>"; |
|
| 2088 | + $debug_ldap .= "DN : ".$dataReceived[0]['ldap_bind_dn']." -- ".$dataReceived[0]['ldap_bind_passwd']."<br/>"; |
|
| 2089 | 2089 | ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); |
| 2090 | 2090 | ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0); |
| 2091 | 2091 | $ldapbind = ldap_bind($ldapconn, $dataReceived[0]['ldap_bind_dn'], $dataReceived[0]['ldap_bind_passwd']); |
@@ -2112,7 +2112,7 @@ discard block |
||
| 2112 | 2112 | ); |
| 2113 | 2113 | |
| 2114 | 2114 | $debug_ldap .= 'Search filter (group): '.$filter_group."<br/>". |
| 2115 | - 'Results : '.str_replace("\n","<br>", print_r(ldap_get_entries($ldapconn, $result_group), true))."<br/>"; |
|
| 2115 | + 'Results : '.str_replace("\n","<br>", print_r(ldap_get_entries($ldapconn, $result_group), true))."<br/>"; |
|
| 2116 | 2116 | |
| 2117 | 2117 | if ($result_group) { |
| 2118 | 2118 | $entries = ldap_get_entries($ldapconn, $result_group); |
@@ -2120,11 +2120,11 @@ discard block |
||
| 2120 | 2120 | if ($entries['count'] > 0) { |
| 2121 | 2121 | // Now check if group fits |
| 2122 | 2122 | for ($i=0; $i<$entries['count']; $i++) { |
| 2123 | - $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 2124 | - if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 2123 | + $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 2124 | + if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 2125 | 2125 | $GroupRestrictionEnabled = true; |
| 2126 | 2126 | break; |
| 2127 | - } |
|
| 2127 | + } |
|
| 2128 | 2128 | } |
| 2129 | 2129 | |
| 2130 | 2130 | } |
@@ -1635,7 +1635,7 @@ |
||
| 1635 | 1635 | rest_error('AUTH_NO_URL'); |
| 1636 | 1636 | } |
| 1637 | 1637 | } else { |
| 1638 | - rest_error('AUTH_NO_IDENTIFIER'); |
|
| 1638 | + rest_error('AUTH_NO_IDENTIFIER'); |
|
| 1639 | 1639 | } |
| 1640 | 1640 | } else { |
| 1641 | 1641 | rest_error('AUTH_NO_IDENTIFIER'); |
@@ -50,23 +50,23 @@ |
||
| 50 | 50 | Handle CASES |
| 51 | 51 | */ |
| 52 | 52 | switch (filter_input(INPUT_POST, 'type', FILTER_SANITIZE_STRING)) { |
| 53 | -case "checkSessionExists": |
|
| 54 | - // Case permit to check if SESSION is still valid |
|
| 55 | - session_start(); |
|
| 56 | - if (isset($_SESSION['CPM']) === true) { |
|
| 57 | - echo "1"; |
|
| 58 | - } else { |
|
| 59 | - // In case that no session is available |
|
| 60 | - // Force the page to be reloaded and attach the CSRFP info |
|
| 61 | - |
|
| 62 | - // Load CSRFP |
|
| 63 | - $csrfp_array = include '../includes/libraries/csrfp/libs/csrfp.config.php'; |
|
| 64 | - |
|
| 65 | - // Send back CSRFP info |
|
| 66 | - echo $csrfp_array['CSRFP_TOKEN'].";".filter_input(INPUT_POST, $csrfp_array['CSRFP_TOKEN'], FILTER_SANITIZE_STRING); |
|
| 67 | - } |
|
| 53 | + case "checkSessionExists": |
|
| 54 | + // Case permit to check if SESSION is still valid |
|
| 55 | + session_start(); |
|
| 56 | + if (isset($_SESSION['CPM']) === true) { |
|
| 57 | + echo "1"; |
|
| 58 | + } else { |
|
| 59 | + // In case that no session is available |
|
| 60 | + // Force the page to be reloaded and attach the CSRFP info |
|
| 61 | + |
|
| 62 | + // Load CSRFP |
|
| 63 | + $csrfp_array = include '../includes/libraries/csrfp/libs/csrfp.config.php'; |
|
| 64 | + |
|
| 65 | + // Send back CSRFP info |
|
| 66 | + echo $csrfp_array['CSRFP_TOKEN'].";".filter_input(INPUT_POST, $csrfp_array['CSRFP_TOKEN'], FILTER_SANITIZE_STRING); |
|
| 67 | + } |
|
| 68 | 68 | |
| 69 | - break; |
|
| 69 | + break; |
|
| 70 | 70 | } |
| 71 | 71 | |
| 72 | 72 | /** |
@@ -200,7 +200,7 @@ discard block |
||
| 200 | 200 | logEvents('user_mngt', 'at_user_pwd_changed', $_SESSION['user_id'], $_SESSION['login'], $_SESSION['user_id']); |
| 201 | 201 | echo '[ { "error" : "none" } ]'; |
| 202 | 202 | } else { |
| 203 | - echo '[ { "error" : "pwd_hash_not_correct" } ]'; |
|
| 203 | + echo '[ { "error" : "pwd_hash_not_correct" } ]'; |
|
| 204 | 204 | } |
| 205 | 205 | break; |
| 206 | 206 | |
@@ -1403,7 +1403,7 @@ discard block |
||
| 1403 | 1403 | |
| 1404 | 1404 | // Update session |
| 1405 | 1405 | if ($field === 'user_api_key') { |
| 1406 | - $_SESSION['user_settings']['api-key'] = $new_value; |
|
| 1406 | + $_SESSION['user_settings']['api-key'] = $new_value; |
|
| 1407 | 1407 | } |
| 1408 | 1408 | break; |
| 1409 | 1409 | } |
@@ -2191,12 +2191,12 @@ discard block |
||
| 2191 | 2191 | |
| 2192 | 2192 | // Check that user can access this folder |
| 2193 | 2193 | if (( |
| 2194 | - in_array($post_source_folder_id, $_SESSION['groupes_visibles']) === false || |
|
| 2194 | + in_array($post_source_folder_id, $_SESSION['groupes_visibles']) === false || |
|
| 2195 | 2195 | in_array($post_target_folder_id, $_SESSION['groupes_visibles']) === false) && |
| 2196 | 2196 | ( |
| 2197 | - $post_target_folder_id === '0' && |
|
| 2197 | + $post_target_folder_id === '0' && |
|
| 2198 | 2198 | isset($SETTINGS['can_create_root_folder']) === true && $SETTINGS['can_create_root_folder'] === '1' |
| 2199 | - ) |
|
| 2199 | + ) |
|
| 2200 | 2200 | ) { |
| 2201 | 2201 | $returnValues = '[{"error" : "'.addslashes($LANG['error_not_allowed_to']).'"}]'; |
| 2202 | 2202 | echo $returnValues; |
@@ -3201,7 +3201,7 @@ discard block |
||
| 3201 | 3201 | if ((isset($_SESSION['user_settings']['session_psk']) === false || empty($_SESSION['user_settings']['session_psk']) === true) |
| 3202 | 3202 | && ($dataSource['personal_folder'] === '1' || $dataDestination['personal_folder'] === '1') |
| 3203 | 3203 | ) { |
| 3204 | - echo '[{"error" : "ERR_PSK_REQUIRED"}]'; |
|
| 3204 | + echo '[{"error" : "ERR_PSK_REQUIRED"}]'; |
|
| 3205 | 3205 | break; |
| 3206 | 3206 | } |
| 3207 | 3207 | |
@@ -4340,19 +4340,19 @@ discard block |
||
| 4340 | 4340 | $ret = sendEmail( |
| 4341 | 4341 | $LANG['email_request_access_subject'], |
| 4342 | 4342 | str_replace( |
| 4343 | - array( |
|
| 4344 | - '#tp_item_author#', |
|
| 4345 | - '#tp_user#', |
|
| 4346 | - '#tp_item#', |
|
| 4347 | - '#tp_reason#' |
|
| 4348 | - ), |
|
| 4349 | - array( |
|
| 4350 | - " ".addslashes($dataAuthor['login']), |
|
| 4351 | - addslashes($_SESSION['login']), |
|
| 4352 | - $path, |
|
| 4353 | - nl2br(addslashes($emailText)) |
|
| 4354 | - ), |
|
| 4355 | - $LANG['email_request_access_mail'] |
|
| 4343 | + array( |
|
| 4344 | + '#tp_item_author#', |
|
| 4345 | + '#tp_user#', |
|
| 4346 | + '#tp_item#', |
|
| 4347 | + '#tp_reason#' |
|
| 4348 | + ), |
|
| 4349 | + array( |
|
| 4350 | + " ".addslashes($dataAuthor['login']), |
|
| 4351 | + addslashes($_SESSION['login']), |
|
| 4352 | + $path, |
|
| 4353 | + nl2br(addslashes($emailText)) |
|
| 4354 | + ), |
|
| 4355 | + $LANG['email_request_access_mail'] |
|
| 4356 | 4356 | ), |
| 4357 | 4357 | $dataAuthor['email'], |
| 4358 | 4358 | $LANG, |
@@ -4361,11 +4361,11 @@ discard block |
||
| 4361 | 4361 | |
| 4362 | 4362 | // Do log |
| 4363 | 4363 | logItems( |
| 4364 | - $item_id, |
|
| 4365 | - $dataItem['label'], |
|
| 4366 | - $_SESSION['user_id'], |
|
| 4367 | - 'at_access', |
|
| 4368 | - $_SESSION['login'] |
|
| 4364 | + $item_id, |
|
| 4365 | + $dataItem['label'], |
|
| 4366 | + $_SESSION['user_id'], |
|
| 4367 | + 'at_access', |
|
| 4368 | + $_SESSION['login'] |
|
| 4369 | 4369 | ); |
| 4370 | 4370 | |
| 4371 | 4371 | // Return |
@@ -206,8 +206,8 @@ |
||
| 206 | 206 | "INT(12) NOT NULL AUTO_INCREMENT, ADD PRIMARY KEY (`increment_id`)" |
| 207 | 207 | ); |
| 208 | 208 | if ($res === true) { |
| 209 | - // Change name of field |
|
| 210 | - mysqli_query($db_link, "ALTER TABLE `".$pre."misc` CHANGE `id` `increment_id` INT(12) NOT NULL AUTO_INCREMENT"); |
|
| 209 | + // Change name of field |
|
| 210 | + mysqli_query($db_link, "ALTER TABLE `".$pre."misc` CHANGE `id` `increment_id` INT(12) NOT NULL AUTO_INCREMENT"); |
|
| 211 | 211 | } elseif ($res === false) { |
| 212 | 212 | echo '[{"finish":"1", "msg":"", "error":"An error appears when adding increment_id user_ip to table misc! '.mysqli_error($db_link).'!"}]'; |
| 213 | 213 | mysqli_close($db_link); |
@@ -452,23 +452,23 @@ discard block |
||
| 452 | 452 | break; |
| 453 | 453 | |
| 454 | 454 | //CASE export in HTML format |
| 455 | - case "export_to_html_format": |
|
| 456 | - // step 1: |
|
| 457 | - // - prepare export file |
|
| 458 | - // - get full list of objects id to export |
|
| 459 | - include $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |
|
| 460 | - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php'; |
|
| 461 | - $idsList = array(); |
|
| 462 | - $objNumber = 0; |
|
| 463 | - |
|
| 464 | - foreach (explode(';', $post_ids) as $id) { |
|
| 465 | - if (in_array($id, $_SESSION['forbiden_pfs']) === false |
|
| 466 | - && in_array($id, $_SESSION['groupes_visibles']) === true |
|
| 467 | - && (in_array($id, $_SESSION['no_access_folders']) === false) |
|
| 468 | - ) { |
|
| 469 | - // count elements to display |
|
| 470 | - $result = DB::query( |
|
| 471 | - "SELECT i.id AS id, i.label AS label, i.restricted_to AS restricted_to, i.perso AS perso |
|
| 455 | + case "export_to_html_format": |
|
| 456 | + // step 1: |
|
| 457 | + // - prepare export file |
|
| 458 | + // - get full list of objects id to export |
|
| 459 | + include $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |
|
| 460 | + include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php'; |
|
| 461 | + $idsList = array(); |
|
| 462 | + $objNumber = 0; |
|
| 463 | + |
|
| 464 | + foreach (explode(';', $post_ids) as $id) { |
|
| 465 | + if (in_array($id, $_SESSION['forbiden_pfs']) === false |
|
| 466 | + && in_array($id, $_SESSION['groupes_visibles']) === true |
|
| 467 | + && (in_array($id, $_SESSION['no_access_folders']) === false) |
|
| 468 | + ) { |
|
| 469 | + // count elements to display |
|
| 470 | + $result = DB::query( |
|
| 471 | + "SELECT i.id AS id, i.label AS label, i.restricted_to AS restricted_to, i.perso AS perso |
|
| 472 | 472 | FROM ".prefix_table("items")." as i |
| 473 | 473 | INNER JOIN ".prefix_table("nested_tree")." as n ON (i.id_tree = n.id) |
| 474 | 474 | INNER JOIN ".prefix_table("log_items")." as l ON (i.id = l.id_item) |
@@ -476,41 +476,41 @@ discard block |
||
| 476 | 476 | AND i.id_tree= %i |
| 477 | 477 | AND (l.action = %s OR (l.action = %s AND l.raison LIKE %s)) |
| 478 | 478 | ORDER BY i.label ASC, l.date DESC", |
| 479 | - "0", |
|
| 480 | - $id, |
|
| 481 | - "at_creation", |
|
| 482 | - "at_modification", |
|
| 483 | - "at_pw :%" |
|
| 484 | - ); |
|
| 485 | - foreach ($result as $record) { |
|
| 486 | - $restricted_users_array = explode(';', $record['restricted_to']); |
|
| 487 | - if (((in_array($id, $_SESSION['personal_visible_groups']) === true |
|
| 488 | - && !($record['perso'] == 1 && $_SESSION['user_id'] == $record['restricted_to']) |
|
| 489 | - && empty($record['restricted_to']) === false) |
|
| 490 | - || |
|
| 491 | - (empty($record['restricted_to']) === false |
|
| 492 | - && in_array($_SESSION['user_id'], $restricted_users_array) === false) |
|
| 493 | - || |
|
| 494 | - (in_array($id, $_SESSION['groupes_visibles'])) |
|
| 495 | - ) && ( |
|
| 496 | - in_array($record['id'], $idsList) === false |
|
| 497 | - ) |
|
| 498 | - ) { |
|
| 499 | - array_push($idsList, $record['id']); |
|
| 500 | - $objNumber++; |
|
| 479 | + "0", |
|
| 480 | + $id, |
|
| 481 | + "at_creation", |
|
| 482 | + "at_modification", |
|
| 483 | + "at_pw :%" |
|
| 484 | + ); |
|
| 485 | + foreach ($result as $record) { |
|
| 486 | + $restricted_users_array = explode(';', $record['restricted_to']); |
|
| 487 | + if (((in_array($id, $_SESSION['personal_visible_groups']) === true |
|
| 488 | + && !($record['perso'] == 1 && $_SESSION['user_id'] == $record['restricted_to']) |
|
| 489 | + && empty($record['restricted_to']) === false) |
|
| 490 | + || |
|
| 491 | + (empty($record['restricted_to']) === false |
|
| 492 | + && in_array($_SESSION['user_id'], $restricted_users_array) === false) |
|
| 493 | + || |
|
| 494 | + (in_array($id, $_SESSION['groupes_visibles'])) |
|
| 495 | + ) && ( |
|
| 496 | + in_array($record['id'], $idsList) === false |
|
| 497 | + ) |
|
| 498 | + ) { |
|
| 499 | + array_push($idsList, $record['id']); |
|
| 500 | + $objNumber++; |
|
| 501 | + } |
|
| 501 | 502 | } |
| 502 | 503 | } |
| 503 | 504 | } |
| 504 | - } |
|
| 505 | 505 | |
| 506 | - // prepare export file |
|
| 507 | - //save the file |
|
| 508 | - $html_file = '/teampass_export_'.time().'_'.generateKey().'.html'; |
|
| 509 | - //print_r($full_listing); |
|
| 510 | - $outstream = fopen($SETTINGS['path_to_files_folder'].$html_file, "w"); |
|
| 511 | - fwrite( |
|
| 512 | - $outstream, |
|
| 513 | - '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
|
| 506 | + // prepare export file |
|
| 507 | + //save the file |
|
| 508 | + $html_file = '/teampass_export_'.time().'_'.generateKey().'.html'; |
|
| 509 | + //print_r($full_listing); |
|
| 510 | + $outstream = fopen($SETTINGS['path_to_files_folder'].$html_file, "w"); |
|
| 511 | + fwrite( |
|
| 512 | + $outstream, |
|
| 513 | + '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
|
| 514 | 514 | <head> |
| 515 | 515 | <meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> |
| 516 | 516 | <title>TeamPass Off-line mode</title> |
@@ -550,38 +550,38 @@ discard block |
||
| 550 | 550 | <th style="width:20%;">'.$LANG['url'].'</th> |
| 551 | 551 | </tr></thead> |
| 552 | 552 | <tbody id="itemsTable_tbody">' |
| 553 | - ); |
|
| 554 | - |
|
| 555 | - fclose($outstream); |
|
| 553 | + ); |
|
| 556 | 554 | |
| 557 | - // send back and continue |
|
| 558 | - echo '[{"loop":"true", "number":"'.$objNumber.'", "file":"'.$SETTINGS['path_to_files_folder'].$html_file.'" , "file_link":"'.$SETTINGS['url_to_files_folder'].$html_file.'"}]'; |
|
| 559 | - break; |
|
| 555 | + fclose($outstream); |
|
| 560 | 556 | |
| 561 | - //CASE export in HTML format - Iteration loop |
|
| 562 | - case "export_to_html_format_loop": |
|
| 563 | - // do checks ... if fails, return an error |
|
| 564 | - if (null === $post_idTree || null === $post_idsList) { |
|
| 565 | - echo '[{"error":"true"}]'; |
|
| 557 | + // send back and continue |
|
| 558 | + echo '[{"loop":"true", "number":"'.$objNumber.'", "file":"'.$SETTINGS['path_to_files_folder'].$html_file.'" , "file_link":"'.$SETTINGS['url_to_files_folder'].$html_file.'"}]'; |
|
| 566 | 559 | break; |
| 567 | - } |
|
| 568 | 560 | |
| 569 | - // exclude this folder if not allowed |
|
| 570 | - if (in_array($post_idTree, $_SESSION['forbiden_pfs']) === true |
|
| 571 | - || in_array($post_idTree, $_SESSION['groupes_visibles']) === false |
|
| 572 | - || (in_array($post_idTree, $_SESSION['no_access_folders']) === true) |
|
| 573 | - ) { |
|
| 574 | - echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]'; |
|
| 575 | - break; |
|
| 576 | - } |
|
| 561 | + //CASE export in HTML format - Iteration loop |
|
| 562 | + case "export_to_html_format_loop": |
|
| 563 | + // do checks ... if fails, return an error |
|
| 564 | + if (null === $post_idTree || null === $post_idsList) { |
|
| 565 | + echo '[{"error":"true"}]'; |
|
| 566 | + break; |
|
| 567 | + } |
|
| 577 | 568 | |
| 578 | - $full_listing = array(); |
|
| 579 | - $items_id_list = array(); |
|
| 580 | - include $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |
|
| 581 | - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php'; |
|
| 569 | + // exclude this folder if not allowed |
|
| 570 | + if (in_array($post_idTree, $_SESSION['forbiden_pfs']) === true |
|
| 571 | + || in_array($post_idTree, $_SESSION['groupes_visibles']) === false |
|
| 572 | + || (in_array($post_idTree, $_SESSION['no_access_folders']) === true) |
|
| 573 | + ) { |
|
| 574 | + echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]'; |
|
| 575 | + break; |
|
| 576 | + } |
|
| 577 | + |
|
| 578 | + $full_listing = array(); |
|
| 579 | + $items_id_list = array(); |
|
| 580 | + include $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |
|
| 581 | + include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/GibberishAES/GibberishAES.php'; |
|
| 582 | 582 | |
| 583 | - $rows = DB::query( |
|
| 584 | - "SELECT i.id as id, i.url as url, i.perso as perso, i.label as label, i.description as description, i.pw as pw, i.login as login, i.id_tree as id_tree, |
|
| 583 | + $rows = DB::query( |
|
| 584 | + "SELECT i.id as id, i.url as url, i.perso as perso, i.label as label, i.description as description, i.pw as pw, i.login as login, i.id_tree as id_tree, |
|
| 585 | 585 | l.date as date, i.pw_iv as pw_iv, |
| 586 | 586 | n.renewal_period as renewal_period |
| 587 | 587 | FROM ".prefix_table("items")." as i |
@@ -591,108 +591,108 @@ discard block |
||
| 591 | 591 | AND i.id_tree= %i |
| 592 | 592 | AND (l.action = %s OR (l.action = %s AND l.raison LIKE %s)) |
| 593 | 593 | ORDER BY i.label ASC, l.date DESC", |
| 594 | - "0", |
|
| 595 | - $post_idTree, |
|
| 596 | - "at_creation", |
|
| 597 | - "at_modification", |
|
| 598 | - "at_pw :%" |
|
| 599 | - ); |
|
| 600 | - |
|
| 601 | - foreach ($rows as $record) { |
|
| 602 | - //exclude all results except the first one returned by query |
|
| 603 | - if (empty($id_managed) || $id_managed != $record['id']) { |
|
| 604 | - // decrypt PW |
|
| 605 | - if (empty($post_salt_key) === false && null !== $post_salt_key) { |
|
| 606 | - $pw = cryption( |
|
| 607 | - $record['pw'], |
|
| 608 | - mysqli_escape_string($link, stripslashes($post_salt_key)), |
|
| 609 | - "decrypt" |
|
| 594 | + "0", |
|
| 595 | + $post_idTree, |
|
| 596 | + "at_creation", |
|
| 597 | + "at_modification", |
|
| 598 | + "at_pw :%" |
|
| 599 | + ); |
|
| 600 | + |
|
| 601 | + foreach ($rows as $record) { |
|
| 602 | + //exclude all results except the first one returned by query |
|
| 603 | + if (empty($id_managed) || $id_managed != $record['id']) { |
|
| 604 | + // decrypt PW |
|
| 605 | + if (empty($post_salt_key) === false && null !== $post_salt_key) { |
|
| 606 | + $pw = cryption( |
|
| 607 | + $record['pw'], |
|
| 608 | + mysqli_escape_string($link, stripslashes($post_salt_key)), |
|
| 609 | + "decrypt" |
|
| 610 | + ); |
|
| 611 | + } else { |
|
| 612 | + $pw = cryption( |
|
| 613 | + $record['pw'], |
|
| 614 | + "", |
|
| 615 | + "decrypt" |
|
| 616 | + ); |
|
| 617 | + } |
|
| 618 | + array_push( |
|
| 619 | + $full_listing, array( |
|
| 620 | + 'id_tree' => $record['id_tree'], |
|
| 621 | + 'id' => $record['id'], |
|
| 622 | + 'label' => $record['label'], |
|
| 623 | + 'description' => addslashes(str_replace(array(";", "<br />"), array("|", "\n\r"), mysqli_escape_string($link, stripslashes(utf8_decode($record['description']))))), |
|
| 624 | + 'pw' => $pw['string'], |
|
| 625 | + 'login' => $record['login'], |
|
| 626 | + 'url' => $record['url'], |
|
| 627 | + 'perso' => $record['perso'] |
|
| 628 | + ) |
|
| 610 | 629 | ); |
| 611 | - } else { |
|
| 612 | - $pw = cryption( |
|
| 613 | - $record['pw'], |
|
| 614 | - "", |
|
| 615 | - "decrypt" |
|
| 630 | + $i++; |
|
| 631 | + array_push($items_id_list, $record['id']); |
|
| 632 | + |
|
| 633 | + // log |
|
| 634 | + logItems( |
|
| 635 | + $record['id'], |
|
| 636 | + $record['l SeekableIteratorabel'], |
|
| 637 | + $_SESSION['user_id'], |
|
| 638 | + 'at_export', |
|
| 639 | + $_SESSION['login'], |
|
| 640 | + 'html' |
|
| 616 | 641 | ); |
| 617 | 642 | } |
| 618 | - array_push( |
|
| 619 | - $full_listing, array( |
|
| 620 | - 'id_tree' => $record['id_tree'], |
|
| 621 | - 'id' => $record['id'], |
|
| 622 | - 'label' => $record['label'], |
|
| 623 | - 'description' => addslashes(str_replace(array(";", "<br />"), array("|", "\n\r"), mysqli_escape_string($link, stripslashes(utf8_decode($record['description']))))), |
|
| 624 | - 'pw' => $pw['string'], |
|
| 625 | - 'login' => $record['login'], |
|
| 626 | - 'url' => $record['url'], |
|
| 627 | - 'perso' => $record['perso'] |
|
| 628 | - ) |
|
| 629 | - ); |
|
| 630 | - $i++; |
|
| 631 | - array_push($items_id_list, $record['id']); |
|
| 632 | - |
|
| 633 | - // log |
|
| 634 | - logItems( |
|
| 635 | - $record['id'], |
|
| 636 | - $record['l SeekableIteratorabel'], |
|
| 637 | - $_SESSION['user_id'], |
|
| 638 | - 'at_export', |
|
| 639 | - $_SESSION['login'], |
|
| 640 | - 'html' |
|
| 641 | - ); |
|
| 643 | + $id_managed = $record['id']; |
|
| 642 | 644 | } |
| 643 | - $id_managed = $record['id']; |
|
| 644 | - } |
|
| 645 | 645 | |
| 646 | - //save in export file |
|
| 647 | - $outstream = fopen($post_file.'.txt', "a"); |
|
| 646 | + //save in export file |
|
| 647 | + $outstream = fopen($post_file.'.txt', "a"); |
|
| 648 | 648 | |
| 649 | - $lineType = "line1"; |
|
| 650 | - $idTree = ""; |
|
| 651 | - foreach ($full_listing as $elem) { |
|
| 652 | - if ($lineType == "line0") { |
|
| 653 | - $lineType = "line1"; |
|
| 654 | - } else { |
|
| 655 | - $lineType = "line0"; |
|
| 656 | - } |
|
| 657 | - if (empty($elem['description'])) { |
|
| 658 | - $desc = ' '; |
|
| 659 | - } else { |
|
| 660 | - $desc = addslashes($elem['description']); |
|
| 661 | - } |
|
| 662 | - if (empty($elem['login'])) { |
|
| 663 | - $login = ' '; |
|
| 664 | - } else { |
|
| 665 | - $login = addslashes($elem['login']); |
|
| 666 | - } |
|
| 667 | - if (empty($elem['url'])) { |
|
| 668 | - $url = ' '; |
|
| 669 | - } else { |
|
| 670 | - $url = addslashes($elem['url']); |
|
| 671 | - } |
|
| 649 | + $lineType = "line1"; |
|
| 650 | + $idTree = ""; |
|
| 651 | + foreach ($full_listing as $elem) { |
|
| 652 | + if ($lineType == "line0") { |
|
| 653 | + $lineType = "line1"; |
|
| 654 | + } else { |
|
| 655 | + $lineType = "line0"; |
|
| 656 | + } |
|
| 657 | + if (empty($elem['description'])) { |
|
| 658 | + $desc = ' '; |
|
| 659 | + } else { |
|
| 660 | + $desc = addslashes($elem['description']); |
|
| 661 | + } |
|
| 662 | + if (empty($elem['login'])) { |
|
| 663 | + $login = ' '; |
|
| 664 | + } else { |
|
| 665 | + $login = addslashes($elem['login']); |
|
| 666 | + } |
|
| 667 | + if (empty($elem['url'])) { |
|
| 668 | + $url = ' '; |
|
| 669 | + } else { |
|
| 670 | + $url = addslashes($elem['url']); |
|
| 671 | + } |
|
| 672 | 672 | |
| 673 | - // Prepare tree |
|
| 674 | - if ($idTree != $elem['id_tree']) { |
|
| 675 | - $arbo = $tree->getPath($elem['id_tree'], true); |
|
| 676 | - foreach ($arbo as $folder) { |
|
| 677 | - $arboHtml_tmp = htmlspecialchars(stripslashes($folder->title), ENT_QUOTES); |
|
| 678 | - if (empty($arboHtml)) { |
|
| 679 | - $arboHtml = $arboHtml_tmp; |
|
| 680 | - } else { |
|
| 681 | - $arboHtml .= ' » '.$arboHtml_tmp; |
|
| 673 | + // Prepare tree |
|
| 674 | + if ($idTree != $elem['id_tree']) { |
|
| 675 | + $arbo = $tree->getPath($elem['id_tree'], true); |
|
| 676 | + foreach ($arbo as $folder) { |
|
| 677 | + $arboHtml_tmp = htmlspecialchars(stripslashes($folder->title), ENT_QUOTES); |
|
| 678 | + if (empty($arboHtml)) { |
|
| 679 | + $arboHtml = $arboHtml_tmp; |
|
| 680 | + } else { |
|
| 681 | + $arboHtml .= ' » '.$arboHtml_tmp; |
|
| 682 | + } |
|
| 682 | 683 | } |
| 684 | + fputs( |
|
| 685 | + $outstream, |
|
| 686 | + ' |
|
| 687 | + <tr class="path"><td colspan="5">'.$arboHtml.'</td></tr>' |
|
| 688 | + ); |
|
| 689 | + $idTree = $elem['id_tree']; |
|
| 683 | 690 | } |
| 691 | + |
|
| 692 | + $encPw = GibberishAES::enc($elem['pw'], $post_pdf_password); |
|
| 684 | 693 | fputs( |
| 685 | 694 | $outstream, |
| 686 | 695 | ' |
| 687 | - <tr class="path"><td colspan="5">'.$arboHtml.'</td></tr>' |
|
| 688 | - ); |
|
| 689 | - $idTree = $elem['id_tree']; |
|
| 690 | - } |
|
| 691 | - |
|
| 692 | - $encPw = GibberishAES::enc($elem['pw'], $post_pdf_password); |
|
| 693 | - fputs( |
|
| 694 | - $outstream, |
|
| 695 | - ' |
|
| 696 | 696 | <tr class="'.$lineType.'"> |
| 697 | 697 | <td>'.addslashes($elem['label']).'</td> |
| 698 | 698 | <td align="center"><span class="span_pw" id="span_'.$elem['id'].'"><a href="#" onclick="decryptme('.$elem['id'].', \''.$encPw.'\');return false;">Decrypt </a></span><input type="hidden" id="hide_'.$elem['id'].'" value="'.$encPw.'" /></td> |
@@ -700,16 +700,16 @@ discard block |
||
| 700 | 700 | <td align="center">'.$login.'</td> |
| 701 | 701 | <td align="center">'.$url.'</td> |
| 702 | 702 | </tr>' |
| 703 | - ); |
|
| 704 | - } |
|
| 703 | + ); |
|
| 704 | + } |
|
| 705 | 705 | |
| 706 | - fclose($outstream); |
|
| 706 | + fclose($outstream); |
|
| 707 | 707 | |
| 708 | - // send back and continue |
|
| 709 | - echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]'; |
|
| 710 | - break; |
|
| 708 | + // send back and continue |
|
| 709 | + echo '[{"loop":"true", "number":"'.$post_number.'", "cpt":"'.$post_cpt.'", "file":"'.$post_file.'", "idsList":"'.$post_idsList.'" , "file_link":"'.$post_file_link.'"}]'; |
|
| 710 | + break; |
|
| 711 | 711 | |
| 712 | - //CASE export in HTML format - Iteration loop |
|
| 712 | + //CASE export in HTML format - Iteration loop |
|
| 713 | 713 | case "export_to_html_format_finalize": |
| 714 | 714 | // Load includes |
| 715 | 715 | include $SETTINGS['cpassman_dir'].'/includes/config/include.php'; |
