Inspection of "Merge branch 'release/3.1.5.8'" - nilsteampassnet/TeamPass - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( b727b7...6bf24f )

by Nils

created 2025-11-30 17:06 UTC

Status

Switch Indentation +171 added lines, -171 removed lines patch added patch discarded remove patch

@@ -91,215 +91,215 @@
 block discarded – undo
 switch ($post_type) {
 //##########################################################
 //CASE for creating a DB backup
-case 'perform_fix_pf_items-step1':
-    // Check KEY
-    if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
-        echo prepareExchangedData(
-            array(
-                'error' => true,
-                'message' => $lang->get('key_is_not_correct'),
-            ),
-            'encode'
-        );
-        break;
-    }
-    // Is admin?
-    if ((int) $session->get('user-admin') !== 1) {
-        echo prepareExchangedData(
-            array(
-                'error' => true,
-                'message' => $lang->get('error_not_allowed_to'),
-            ),
-            'encode'
-        );
-        break;
-    }
+    case 'perform_fix_pf_items-step1':
+        // Check KEY
+        if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
+            echo prepareExchangedData(
+                array(
+                    'error' => true,
+                    'message' => $lang->get('key_is_not_correct'),
+                ),
+                'encode'
+            );
+            break;
+        }
+        // Is admin?
+        if ((int) $session->get('user-admin') !== 1) {
+            echo prepareExchangedData(
+                array(
+                    'error' => true,
+                    'message' => $lang->get('error_not_allowed_to'),
+                ),
+                'encode'
+            );
+            break;
+        }
 
-    // decrypt and retrieve data in JSON format
-    $dataReceived = prepareExchangedData(
-        $post_data,
-        'decode'
-    );
+        // decrypt and retrieve data in JSON format
+        $dataReceived = prepareExchangedData(
+            $post_data,
+            'decode'
+        );
 
-    $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
+        $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
 
-    // Get user info
-    $userInfo = DB::queryFirstRow(
-        'SELECT private_key, public_key, psk, encrypted_psk
+        // Get user info
+        $userInfo = DB::queryFirstRow(
+            'SELECT private_key, public_key, psk, encrypted_psk
         FROM teampass_users
         WHERE id = %i',
-        $userId
-    );
+            $userId
+        );
 
-    // Get user's private folders
-    $userPFRoot = DB::queryFirstRow(
-        'SELECT id
+        // Get user's private folders
+        $userPFRoot = DB::queryFirstRow(
+            'SELECT id
         FROM teampass_nested_tree
         WHERE title = %i',
-        $userId
-    );
-    if (DB::count() === 0) {
-        echo prepareExchangedData(
-            array(
-                'error' => true,
-                'message' => 'User has no personal folders',
-            ),
-            'encode'
-        );
-        break;
-    }
-    $personalFolders = [];
-    $tree = new NestedTree(prefixTable('nested_tree'), 'id', 'parent_id', 'title');
-    $tree->rebuild();
-    $folders = $tree->getDescendants($userPFRoot['id'], true);
-    foreach ($folders as $folder) {
-        array_push($personalFolders, $folder->id);
-    }
-
-    //Show done
-    echo prepareExchangedData(
-        array(
-            'error' => false,
-            'message' => 'Personal Folders found: ',
-            'personalFolders' => json_encode($personalFolders),
-        ),
-        'encode'
-    );
-    break;
-
-case 'perform_fix_pf_items-step2':
-    // Check KEY
-    if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
-        echo prepareExchangedData(
-            array(
-                'error' => true,
-                'message' => $lang->get('key_is_not_correct'),
-            ),
-            'encode'
+            $userId
         );
-        break;
-    }
-    // Is admin?
-    if ((int) $session->get('user-admin') !== 1) {
+        if (DB::count() === 0) {
+            echo prepareExchangedData(
+                array(
+                    'error' => true,
+                    'message' => 'User has no personal folders',
+                ),
+                'encode'
+            );
+            break;
+        }
+        $personalFolders = [];
+        $tree = new NestedTree(prefixTable('nested_tree'), 'id', 'parent_id', 'title');
+        $tree->rebuild();
+        $folders = $tree->getDescendants($userPFRoot['id'], true);
+        foreach ($folders as $folder) {
+            array_push($personalFolders, $folder->id);
+        }
+
+        //Show done
         echo prepareExchangedData(
             array(
-                'error' => true,
-                'message' => $lang->get('error_not_allowed_to'),
+                'error' => false,
+                'message' => 'Personal Folders found: ',
+                'personalFolders' => json_encode($personalFolders),
             ),
             'encode'
         );
         break;
-    }
 
-    // decrypt and retrieve data in JSON format
-    $dataReceived = prepareExchangedData(
-        $post_data,
-        'decode'
-    );
+    case 'perform_fix_pf_items-step2':
+        // Check KEY
+        if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
+            echo prepareExchangedData(
+                array(
+                    'error' => true,
+                    'message' => $lang->get('key_is_not_correct'),
+                ),
+                'encode'
+            );
+            break;
+        }
+        // Is admin?
+        if ((int) $session->get('user-admin') !== 1) {
+            echo prepareExchangedData(
+                array(
+                    'error' => true,
+                    'message' => $lang->get('error_not_allowed_to'),
+                ),
+                'encode'
+            );
+            break;
+        }
 
-    $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
-    $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
+        // decrypt and retrieve data in JSON format
+        $dataReceived = prepareExchangedData(
+            $post_data,
+            'decode'
+        );
+
+        $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
+        $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
 
-    // Delete all private items with sharekeys
-    $pfiSharekeys = DB::queryFirstColumn(
-        'select s.increment_id
+        // Delete all private items with sharekeys
+        $pfiSharekeys = DB::queryFirstColumn(
+            'select s.increment_id
         from teampass_sharekeys_items as s
         INNER JOIN teampass_items AS i ON (i.id = s.object_id)
         WHERE s.user_id = %i AND i.perso = 1 AND i.id_tree IN %ls',
-        $userId,
-        $personalFolders
-    );
-    $pfiSharekeysCount = DB::count();
-    if ($pfiSharekeysCount > 0) {
-        DB::delete(
-            "teampass_sharekeys_items",
-            "increment_id IN %ls",
-            $pfiSharekeys
+            $userId,
+            $personalFolders
         );
-    }
+        $pfiSharekeysCount = DB::count();
+        if ($pfiSharekeysCount > 0) {
+            DB::delete(
+                "teampass_sharekeys_items",
+                "increment_id IN %ls",
+                $pfiSharekeys
+            );
+        }
 
     
-    //Show done
-    echo prepareExchangedData(
-        array(
-            'error' => false,
-            'message' => '<br>Number of Sharekeys for private items DELETED: ',
-            'nbDeleted' => $pfiSharekeysCount,
-            'personalFolders' => json_encode($personalFolders),
-        ),
-        'encode'
-    );
-    break;
-
-case 'perform_fix_pf_items-step3':
-    // Check KEY
-    if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
-        echo prepareExchangedData(
-            array(
-                'error' => true,
-                'message' => $lang->get('key_is_not_correct'),
-            ),
-            'encode'
-        );
-        break;
-    }
-    // Is admin?
-    if ((int) $session->get('user-admin') !== 1) {
+        //Show done
         echo prepareExchangedData(
             array(
-                'error' => true,
-                'message' => $lang->get('error_not_allowed_to'),
+                'error' => false,
+                'message' => '<br>Number of Sharekeys for private items DELETED: ',
+                'nbDeleted' => $pfiSharekeysCount,
+                'personalFolders' => json_encode($personalFolders),
             ),
             'encode'
         );
         break;
-    }
 
-    // decrypt and retrieve data in JSON format
-    $dataReceived = prepareExchangedData(
-        $post_data,
-        'decode'
-    );
+    case 'perform_fix_pf_items-step3':
+        // Check KEY
+        if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
+            echo prepareExchangedData(
+                array(
+                    'error' => true,
+                    'message' => $lang->get('key_is_not_correct'),
+                ),
+                'encode'
+            );
+            break;
+        }
+        // Is admin?
+        if ((int) $session->get('user-admin') !== 1) {
+            echo prepareExchangedData(
+                array(
+                    'error' => true,
+                    'message' => $lang->get('error_not_allowed_to'),
+                ),
+                'encode'
+            );
+            break;
+        }
+
+        // decrypt and retrieve data in JSON format
+        $dataReceived = prepareExchangedData(
+            $post_data,
+            'decode'
+        );
 
-    $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
-    $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
+        $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
+        $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
 
-    // Update from items_old to items all the private itemsitems that have been converted to teampass_aes
-    // Get all key back
-    $items = DB::query(
-        "SELECT id
+        // Update from items_old to items all the private itemsitems that have been converted to teampass_aes
+        // Get all key back
+        $items = DB::query(
+            "SELECT id
         FROM teampass_items
         WHERE id_tree IN %ls AND encryption_type = %s",
-        $personalFolders,
-        "teampass_aes"
-    );
-    //DB::debugMode(false);
-    $nbItems = DB::count();
-    foreach ($items as $item) {
-        $defusePwd = DB::queryFirstField("SELECT pw FROM teampass_items_old WHERE id = %i", $item['id']);
-        DB::update(
-            "teampass_items",
-            ['pw' => $defusePwd, "encryption_type" => "defuse"],
-            "id = %i",
-            $item['id']
+            $personalFolders,
+            "teampass_aes"
         );
-    }
+        //DB::debugMode(false);
+        $nbItems = DB::count();
+        foreach ($items as $item) {
+            $defusePwd = DB::queryFirstField("SELECT pw FROM teampass_items_old WHERE id = %i", $item['id']);
+            DB::update(
+                "teampass_items",
+                ['pw' => $defusePwd, "encryption_type" => "defuse"],
+                "id = %i",
+                $item['id']
+            );
+        }
 
     
-    //Show done
-    echo prepareExchangedData(
-        array(
-            'error' => false,
-            'message' => '<br>Number of items reseted to Defuse: ',
-            'nbItems' => $nbItems,
-            'personalFolders' => json_encode($personalFolders),
-        ),
-        'encode'
-    );
-    break;
-
-    /* TOOL #2 - Fixing items master keys */
-    /*
+        //Show done
+        echo prepareExchangedData(
+            array(
+                'error' => false,
+                'message' => '<br>Number of items reseted to Defuse: ',
+                'nbItems' => $nbItems,
+                'personalFolders' => json_encode($personalFolders),
+            ),
+            'encode'
+        );
+        break;
+
+        /* TOOL #2 - Fixing items master keys */
+        /*
     * STEP 1 - Check if we have the correct pwd for TP_USER
     */
     case 'perform_fix_items_master_keys-step1':

Please login to merge, or discard this patch.

sources/admin.queries.php 1 patch

Switch Indentation +246 added lines, -246 removed lines patch added patch discarded remove patch

@@ -2904,8 +2904,8 @@  discard block
 block discarded – undo
 // LIVE ACTIVITY ENDPOINT
 // ========================================
 
-case 'get_live_activity':
-    /**
+    case 'get_live_activity':
+        /**
      * Get recent activity (last 5 minutes, max 10 entries)
      * 
      * @return array [{
@@ -2919,25 +2919,25 @@  discard block
 block discarded – undo
      * }]
      */
     
-    $timestamp5min = time() - 300; // 5 minutes ago
+        $timestamp5min = time() - 300; // 5 minutes ago
     
-    $activities = DB::query(
-        'SELECT l.date, l.id_user, u.login, l.action, l.raison, l.id_item, i.label 
+        $activities = DB::query(
+            'SELECT l.date, l.id_user, u.login, l.action, l.raison, l.id_item, i.label 
         FROM ' . prefixTable('log_items') . ' AS l
         LEFT JOIN ' . prefixTable('users') . ' AS u ON l.id_user = u.id
         LEFT JOIN ' . prefixTable('items') . ' AS i ON l.id_item = i.id
         WHERE l.date > %i
         ORDER BY l.date DESC
         LIMIT 10',
-        $timestamp5min
-    );
+            $timestamp5min
+        );
     
-    $activityList = array();
+        $activityList = array();
     
-    foreach ($activities as $activity) {
-        // Translate action to readable text
-        $actionText = '';
-        switch ($activity['action']) {
+        foreach ($activities as $activity) {
+            // Translate action to readable text
+            $actionText = '';
+            switch ($activity['action']) {
             case 'at_shown':
                 $actionText = $lang->get('action_accessed');
                 break;
@@ -2961,7 +2961,7 @@  discard block
 block discarded – undo
                 break;
             default:
                 $actionText = $activity['action'];
-        }
+            }
         
         $activityList[] = array(
             'timestamp' => (int) $activity['date'],
@@ -2987,8 +2987,8 @@  discard block
 block discarded – undo
 // SYSTEM STATUS ENDPOINT
 // ========================================
 
-case 'get_system_status':
-    /**
+    case 'get_system_status':
+        /**
      * Get system status (tasks queue)
      * 
      * @return array {
@@ -2997,49 +2997,49 @@  discard block
 block discarded – undo
      * }
      */
         
-    // Tasks queue count
-    $tasksQueue = DB::queryFirstField(
-        'SELECT COUNT(*) FROM ' . prefixTable('background_tasks') . ' 
+        // Tasks queue count
+        $tasksQueue = DB::queryFirstField(
+            'SELECT COUNT(*) FROM ' . prefixTable('background_tasks') . ' 
         WHERE finished_at IS NULL OR finished_at = 0'
-    );
+        );
     
-    // Last cron execution
-    $lastCronLog = DB::queryFirstRow(
-        'SELECT created_at FROM ' . prefixTable('background_tasks_logs') . ' 
+        // Last cron execution
+        $lastCronLog = DB::queryFirstRow(
+            'SELECT created_at FROM ' . prefixTable('background_tasks_logs') . ' 
         ORDER BY created_at DESC 
         LIMIT 1'
-    );
+        );
     
-    $lastCronText = $lang->get('never');
-    if ($lastCronLog && isset($lastCronLog['created_at'])) {
-        $timeDiff = time() - (int) $lastCronLog['created_at'];
-        if ($timeDiff < 60) {
-            $lastCronText = $timeDiff . 's ' . $lang->get('ago');
-        } elseif ($timeDiff < 3600) {
-            $lastCronText = floor($timeDiff / 60) . 'm ' . $lang->get('ago');
-        } elseif ($timeDiff < 86400) {
-            $lastCronText = floor($timeDiff / 3600) . 'h ' . $lang->get('ago');
-        } else {
-            $lastCronText = floor($timeDiff / 86400) . 'd ' . $lang->get('ago');
+        $lastCronText = $lang->get('never');
+        if ($lastCronLog && isset($lastCronLog['created_at'])) {
+            $timeDiff = time() - (int) $lastCronLog['created_at'];
+            if ($timeDiff < 60) {
+                $lastCronText = $timeDiff . 's ' . $lang->get('ago');
+            } elseif ($timeDiff < 3600) {
+                $lastCronText = floor($timeDiff / 60) . 'm ' . $lang->get('ago');
+            } elseif ($timeDiff < 86400) {
+                $lastCronText = floor($timeDiff / 3600) . 'h ' . $lang->get('ago');
+            } else {
+                $lastCronText = floor($timeDiff / 86400) . 'd ' . $lang->get('ago');
+            }
         }
-    }
     
-    echo prepareExchangedData(
-        array(
-            'error' => false,
-            'tasks_queue' => (int) $tasksQueue,
-            'last_cron' => $lastCronText,
-        ),
-        'encode'
-    );
-    break;
+        echo prepareExchangedData(
+            array(
+                'error' => false,
+                'tasks_queue' => (int) $tasksQueue,
+                'last_cron' => $lastCronText,
+            ),
+            'encode'
+        );
+        break;
 
-// ========================================
-// SYSTEM HEALTH ENDPOINT
-// ========================================
+    // ========================================
+    // SYSTEM HEALTH ENDPOINT
+    // ========================================
 
-case 'get_system_health':
-    /**
+    case 'get_system_health':
+        /**
      * Get system health checks
      * 
      * @return array {
@@ -3051,97 +3051,97 @@  discard block
 block discarded – undo
      * }
      */
     
-    // Encryption check
-    $encryptionStatus = 'success';
-    $encryptionText = $lang->get('health_status_ok');
+        // Encryption check
+        $encryptionStatus = 'success';
+        $encryptionText = $lang->get('health_status_ok');
     
-    // Check if secure file exists
-    if (isset($SETTINGS['securepath']) && isset($SETTINGS['securefile']) && !file_exists($SETTINGS['securepath'] . DIRECTORY_SEPARATOR . $SETTINGS['securefile'])) {
-        $encryptionStatus = 'danger';
-        $encryptionText = $lang->get('health_secure_file_missing');
-    }
+        // Check if secure file exists
+        if (isset($SETTINGS['securepath']) && isset($SETTINGS['securefile']) && !file_exists($SETTINGS['securepath'] . DIRECTORY_SEPARATOR . $SETTINGS['securefile'])) {
+            $encryptionStatus = 'danger';
+            $encryptionText = $lang->get('health_secure_file_missing');
+        }
     
-    // Active sessions count
-    $sessionsCount = DB::queryFirstField(
-        'SELECT COUNT(*) FROM ' . prefixTable('users') . ' 
+        // Active sessions count
+        $sessionsCount = DB::queryFirstField(
+            'SELECT COUNT(*) FROM ' . prefixTable('users') . ' 
         WHERE session_end > %i',
-        time()
-    );
+            time()
+        );
     
-    // Is cron installed
-    DB::query(
-        'SELECT valeur
+        // Is cron installed
+        DB::query(
+            'SELECT valeur
         FROM ' . prefixTable('misc') . '
         WHERE type = %s AND intitule = %s and valeur >= %d',
-        'admin',
-        'last_cron_exec',
-        time() - 600 // max 10 minutes
-    );
+            'admin',
+            'last_cron_exec',
+            time() - 600 // max 10 minutes
+        );
 
-    if (DB::count() === 0) {
-        $cronStatus = 'danger';
-        $cronText = $lang->get('error');
-    } else {
-        // Cron check (last execution should be < 2 minutes ago)
-        $lastCron = DB::queryFirstField(
-            'SELECT created_at FROM ' . prefixTable('background_tasks_logs') . ' 
+        if (DB::count() === 0) {
+            $cronStatus = 'danger';
+            $cronText = $lang->get('error');
+        } else {
+            // Cron check (last execution should be < 2 minutes ago)
+            $lastCron = DB::queryFirstField(
+                'SELECT created_at FROM ' . prefixTable('background_tasks_logs') . ' 
             ORDER BY created_at DESC 
             LIMIT 1'
-        );
+            );
         
-        $cronStatus = 'success';
-        $cronText = $lang->get('health_status_ok');
+            $cronStatus = 'success';
+            $cronText = $lang->get('health_status_ok');
         
-        if (!$lastCron || (time() - (int) $lastCron) > 120) {
-            $cronStatus = 'warning';
-            $cronText = $lang->get('health_cron_delayed');
+            if (!$lastCron || (time() - (int) $lastCron) > 120) {
+                $cronStatus = 'warning';
+                $cronText = $lang->get('health_cron_delayed');
+            }
         }
-    }
     
-    // Unknown files count
-    $unknownFilesData = DB::queryFirstField(
-        'SELECT valeur FROM ' . prefixTable('misc') . ' 
+        // Unknown files count
+        $unknownFilesData = DB::queryFirstField(
+            'SELECT valeur FROM ' . prefixTable('misc') . ' 
         WHERE type = %s AND intitule = %s',
-        'admin',
-        'unknown_files'
-    );
+            'admin',
+            'unknown_files'
+        );
     
-    $unknownFilesCount = 0;
-    if ($unknownFilesData) {
-        $unknownFiles = json_decode($unknownFilesData, true);
-        if (is_array($unknownFiles)) {
-            $unknownFilesCount = count($unknownFiles);
+        $unknownFilesCount = 0;
+        if ($unknownFilesData) {
+            $unknownFiles = json_decode($unknownFilesData, true);
+            if (is_array($unknownFiles)) {
+                $unknownFilesCount = count($unknownFiles);
+            }
         }
-    }
     
-    echo prepareExchangedData(
-        array(
-            'error' => false,
-            'encryption' => array(
-                'status' => $encryptionStatus,
-                'text' => $encryptionText,
-            ),
-            'sessions' => array(
-                'count' => (int) $sessionsCount,
-            ),
-            'cron' => array(
-                'status' => $cronStatus,
-                'text' => $cronText,
-            ),
-            'unknown_files' => array(
-                'count' => $unknownFilesCount,
+        echo prepareExchangedData(
+            array(
+                'error' => false,
+                'encryption' => array(
+                    'status' => $encryptionStatus,
+                    'text' => $encryptionText,
+                ),
+                'sessions' => array(
+                    'count' => (int) $sessionsCount,
+                ),
+                'cron' => array(
+                    'status' => $cronStatus,
+                    'text' => $cronText,
+                ),
+                'unknown_files' => array(
+                    'count' => $unknownFilesCount,
+                ),
             ),
-        ),
-        'encode'
-    );
-    break;
+            'encode'
+        );
+        break;
 
-// ========================================
-// QUICK ACTIONS - CLEAN OLD LOGS
-// ========================================
+    // ========================================
+    // QUICK ACTIONS - CLEAN OLD LOGS
+    // ========================================
 
-case 'clean_old_logs':
-    /**
+    case 'clean_old_logs':
+        /**
      * Clean logs older than 90 days
      * 
      * @return array {
@@ -3151,54 +3151,54 @@  discard block
 block discarded – undo
      * }
      */
     
-    $threshold = time() - (90 * 86400); // 90 days ago
+        $threshold = time() - (90 * 86400); // 90 days ago
     
-    // Delete old log_items entries
-    DB::delete(
-        prefixTable('log_items'),
-        'date < %i',
-        $threshold
-    );
+        // Delete old log_items entries
+        DB::delete(
+            prefixTable('log_items'),
+            'date < %i',
+            $threshold
+        );
     
-    $deletedItems = DB::affectedRows();
+        $deletedItems = DB::affectedRows();
     
-    // Delete old log_system entries
-    DB::delete(
-        prefixTable('log_system'),
-        'date < %i',
-        $threshold
-    );
+        // Delete old log_system entries
+        DB::delete(
+            prefixTable('log_system'),
+            'date < %i',
+            $threshold
+        );
     
-    $deletedSystem = DB::affectedRows();
+        $deletedSystem = DB::affectedRows();
     
-    $totalDeleted = $deletedItems + $deletedSystem;
+        $totalDeleted = $deletedItems + $deletedSystem;
     
-    // Log the action
-    logEvents(
-        $SETTINGS,
-        'admin_action',
-        'clean_old_logs',
-        (string) $session->get('user-id'),
-        $session->get('user-login'),
-        'Cleaned ' . $totalDeleted . ' old log entries'
-    );
+        // Log the action
+        logEvents(
+            $SETTINGS,
+            'admin_action',
+            'clean_old_logs',
+            (string) $session->get('user-id'),
+            $session->get('user-login'),
+            'Cleaned ' . $totalDeleted . ' old log entries'
+        );
     
-    echo prepareExchangedData(
-        array(
-            'error' => false,
-            'message' => $lang->get('admin_logs_cleaned_success'),
-            'deleted_count' => $totalDeleted,
-        ),
-        'encode'
-    );
-    break;
+        echo prepareExchangedData(
+            array(
+                'error' => false,
+                'message' => $lang->get('admin_logs_cleaned_success'),
+                'deleted_count' => $totalDeleted,
+            ),
+            'encode'
+        );
+        break;
 
-// ========================================
-// QUICK ACTIONS - TEST ENCRYPTION (KEPT FOR COMPATIBILITY)
-// ========================================
+    // ========================================
+    // QUICK ACTIONS - TEST ENCRYPTION (KEPT FOR COMPATIBILITY)
+    // ========================================
 
-case 'test_encryption':
-    /**
+    case 'test_encryption':
+        /**
      * Test encryption system integrity
      * 
      * @return array {
@@ -3207,117 +3207,117 @@  discard block
 block discarded – undo
      * }
      */
     
-    try {
-        // Test string
-        $testString = 'TeamPass Encryption Test ' . time();
+        try {
+            // Test string
+            $testString = 'TeamPass Encryption Test ' . time();
         
-        // Get encryption key
-        $key = file_get_contents($SETTINGS['securepath'] . DIRECTORY_SEPARATOR . $SETTINGS['securefile']);
+            // Get encryption key
+            $key = file_get_contents($SETTINGS['securepath'] . DIRECTORY_SEPARATOR . $SETTINGS['securefile']);
         
-        if ($key === false) {
-            throw new Exception($lang->get('admin_encryption_key_not_found'));
-        }
+            if ($key === false) {
+                throw new Exception($lang->get('admin_encryption_key_not_found'));
+            }
         
-        // Use Defuse encryption (TeamPass's current encryption method)
-        require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/EnvironmentIsBrokenException.php';
-        require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/BadFormatException.php';
-        require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/WrongKeyOrModifiedCiphertextException.php';
-        require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Crypto.php';
-        require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Key.php';
+            // Use Defuse encryption (TeamPass's current encryption method)
+            require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/EnvironmentIsBrokenException.php';
+            require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/BadFormatException.php';
+            require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/WrongKeyOrModifiedCiphertextException.php';
+            require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Crypto.php';
+            require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Key.php';
         
-        $encryptionKey = \Defuse\Crypto\Key::loadFromAsciiSafeString($key);
+            $encryptionKey = \Defuse\Crypto\Key::loadFromAsciiSafeString($key);
         
-        // Encrypt test string
-        $encrypted = \Defuse\Crypto\Crypto::encrypt($testString, $encryptionKey);
+            // Encrypt test string
+            $encrypted = \Defuse\Crypto\Crypto::encrypt($testString, $encryptionKey);
         
-        // Decrypt test string
-        $decrypted = \Defuse\Crypto\Crypto::decrypt($encrypted, $encryptionKey);
+            // Decrypt test string
+            $decrypted = \Defuse\Crypto\Crypto::decrypt($encrypted, $encryptionKey);
         
-        // Verify
-        if ($decrypted !== $testString) {
-            throw new Exception($lang->get('admin_encryption_test_failed'));
-        }
+            // Verify
+            if ($decrypted !== $testString) {
+                throw new Exception($lang->get('admin_encryption_test_failed'));
+            }
         
-        // Log the test
-        logEvents(
-            $SETTINGS,
-            'admin_action',
-            'test_encryption',
-            (string) $session->get('user-id'),
-            $session->get('user-login'),
-            'Encryption test successful'
-        );
+            // Log the test
+            logEvents(
+                $SETTINGS,
+                'admin_action',
+                'test_encryption',
+                (string) $session->get('user-id'),
+                $session->get('user-login'),
+                'Encryption test successful'
+            );
         
-        echo prepareExchangedData(
-            array(
-                'error' => false,
-                'message' => $lang->get('admin_encryption_test_success'),
-            ),
-            'encode'
-        );
+            echo prepareExchangedData(
+                array(
+                    'error' => false,
+                    'message' => $lang->get('admin_encryption_test_success'),
+                ),
+                'encode'
+            );
         
-    } catch (Exception $e) {
-        echo prepareExchangedData(
-            array(
-                'error' => true,
-                'message' => $e->getMessage(),
-            ),
-            'encode'
-        );
-    }
-    break;
+        } catch (Exception $e) {
+            echo prepareExchangedData(
+                array(
+                    'error' => true,
+                    'message' => $e->getMessage(),
+                ),
+                'encode'
+            );
+        }
+        break;
 
-// ========================================
-// QUICK ACTIONS - EXPORT STATISTICS
-// ========================================
+    // ========================================
+    // QUICK ACTIONS - EXPORT STATISTICS
+    // ========================================
 
-case 'export_statistics':
-    /**
+    case 'export_statistics':
+        /**
      * Export statistics as CSV file
      * 
      * @return void (file download)
      */
     
-    // Set headers for CSV download
-    header('Content-Type: text/csv; charset=utf-8');
-    header('Content-Disposition: attachment; filename="teampass_statistics_' . date('Y-m-d_H-i-s') . '.csv"');
+        // Set headers for CSV download
+        header('Content-Type: text/csv; charset=utf-8');
+        header('Content-Disposition: attachment; filename="teampass_statistics_' . date('Y-m-d_H-i-s') . '.csv"');
     
-    // Create output stream
-    $output = fopen('php://output', 'w');
+        // Create output stream
+        $output = fopen('php://output', 'w');
     
-    // Write CSV headers
-    fputcsv($output, array(
-        $lang->get('admin_export_metric'),
-        $lang->get('admin_export_value'),
-    ));
+        // Write CSV headers
+        fputcsv($output, array(
+            $lang->get('admin_export_metric'),
+            $lang->get('admin_export_value'),
+        ));
     
-    // Gather statistics
-    $stats = array(
-        $lang->get('active_users') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('users') . ' WHERE disabled = 0'),
-        $lang->get('total_items') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('items') . ' WHERE inactif = 0'),
-        $lang->get('total_folders') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('nested_tree')),
-        $lang->get('logs_24h') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('log_items') . ' WHERE date > ' . (time() - 86400)),
-    );
+        // Gather statistics
+        $stats = array(
+            $lang->get('active_users') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('users') . ' WHERE disabled = 0'),
+            $lang->get('total_items') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('items') . ' WHERE inactif = 0'),
+            $lang->get('total_folders') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('nested_tree')),
+            $lang->get('logs_24h') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('log_items') . ' WHERE date > ' . (time() - 86400)),
+        );
     
-    // Write statistics
-    foreach ($stats as $metric => $value) {
-        fputcsv($output, array($metric, $value));
-    }
+        // Write statistics
+        foreach ($stats as $metric => $value) {
+            fputcsv($output, array($metric, $value));
+        }
     
-    fclose($output);
+        fclose($output);
     
-    // Log the export
-    logEvents(
-        $SETTINGS,
-        'admin_action',
-        'export_statistics',
-        (string) $session->get('user-id'),
-        $session->get('user-login'),
-        'Statistics exported'
-    );
+        // Log the export
+        logEvents(
+            $SETTINGS,
+            'admin_action',
+            'export_statistics',
+            (string) $session->get('user-id'),
+            $session->get('user-login'),
+            'Statistics exported'
+        );
     
-    exit;
-    break;
+        exit;
+        break;
     
 }
 

Please login to merge, or discard this patch.

		@@ -91,215 +91,215 @@
		block discarded – undo
91	91	switch ($post_type) {
92	92	//##########################################################
93	93	//CASE for creating a DB backup
94		-case 'perform_fix_pf_items-step1':
95		- // Check KEY
96		- if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
97		- echo prepareExchangedData(
98		- array(
99		- 'error' => true,
100		- 'message' => $lang->get('key_is_not_correct'),
101		- ),
102		- 'encode'
103		- );
104		- break;
105		- }
106		- // Is admin?
107		- if ((int) $session->get('user-admin') !== 1) {
108		- echo prepareExchangedData(
109		- array(
110		- 'error' => true,
111		- 'message' => $lang->get('error_not_allowed_to'),
112		- ),
113		- 'encode'
114		- );
115		- break;
116		- }
	94	+ case 'perform_fix_pf_items-step1':
	95	+ // Check KEY
	96	+ if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
	97	+ echo prepareExchangedData(
	98	+ array(
	99	+ 'error' => true,
	100	+ 'message' => $lang->get('key_is_not_correct'),
	101	+ ),
	102	+ 'encode'
	103	+ );
	104	+ break;
	105	+ }
	106	+ // Is admin?
	107	+ if ((int) $session->get('user-admin') !== 1) {
	108	+ echo prepareExchangedData(
	109	+ array(
	110	+ 'error' => true,
	111	+ 'message' => $lang->get('error_not_allowed_to'),
	112	+ ),
	113	+ 'encode'
	114	+ );
	115	+ break;
	116	+ }
117	117
118		- // decrypt and retrieve data in JSON format
119		- $dataReceived = prepareExchangedData(
120		- $post_data,
121		- 'decode'
122		- );
	118	+ // decrypt and retrieve data in JSON format
	119	+ $dataReceived = prepareExchangedData(
	120	+ $post_data,
	121	+ 'decode'
	122	+ );
123	123
124		- $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
	124	+ $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
125	125
126		- // Get user info
127		- $userInfo = DB::queryFirstRow(
128		- 'SELECT private_key, public_key, psk, encrypted_psk
	126	+ // Get user info
	127	+ $userInfo = DB::queryFirstRow(
	128	+ 'SELECT private_key, public_key, psk, encrypted_psk
129	129	FROM teampass_users
130	130	WHERE id = %i',
131		- $userId
132		- );
	131	+ $userId
	132	+ );
133	133
134		- // Get user's private folders
135		- $userPFRoot = DB::queryFirstRow(
136		- 'SELECT id
	134	+ // Get user's private folders
	135	+ $userPFRoot = DB::queryFirstRow(
	136	+ 'SELECT id
137	137	FROM teampass_nested_tree
138	138	WHERE title = %i',
139		- $userId
140		- );
141		- if (DB::count() === 0) {
142		- echo prepareExchangedData(
143		- array(
144		- 'error' => true,
145		- 'message' => 'User has no personal folders',
146		- ),
147		- 'encode'
148		- );
149		- break;
150		- }
151		- $personalFolders = [];
152		- $tree = new NestedTree(prefixTable('nested_tree'), 'id', 'parent_id', 'title');
153		- $tree->rebuild();
154		- $folders = $tree->getDescendants($userPFRoot['id'], true);
155		- foreach ($folders as $folder) {
156		- array_push($personalFolders, $folder->id);
157		- }
158		-
159		- //Show done
160		- echo prepareExchangedData(
161		- array(
162		- 'error' => false,
163		- 'message' => 'Personal Folders found: ',
164		- 'personalFolders' => json_encode($personalFolders),
165		- ),
166		- 'encode'
167		- );
168		- break;
169		-
170		-case 'perform_fix_pf_items-step2':
171		- // Check KEY
172		- if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
173		- echo prepareExchangedData(
174		- array(
175		- 'error' => true,
176		- 'message' => $lang->get('key_is_not_correct'),
177		- ),
178		- 'encode'
	139	+ $userId
179	140	);
180		- break;
181		- }
182		- // Is admin?
183		- if ((int) $session->get('user-admin') !== 1) {
	141	+ if (DB::count() === 0) {
	142	+ echo prepareExchangedData(
	143	+ array(
	144	+ 'error' => true,
	145	+ 'message' => 'User has no personal folders',
	146	+ ),
	147	+ 'encode'
	148	+ );
	149	+ break;
	150	+ }
	151	+ $personalFolders = [];
	152	+ $tree = new NestedTree(prefixTable('nested_tree'), 'id', 'parent_id', 'title');
	153	+ $tree->rebuild();
	154	+ $folders = $tree->getDescendants($userPFRoot['id'], true);
	155	+ foreach ($folders as $folder) {
	156	+ array_push($personalFolders, $folder->id);
	157	+ }
	158	+
	159	+ //Show done
184	160	echo prepareExchangedData(
185	161	array(
186		- 'error' => true,
187		- 'message' => $lang->get('error_not_allowed_to'),
	162	+ 'error' => false,
	163	+ 'message' => 'Personal Folders found: ',
	164	+ 'personalFolders' => json_encode($personalFolders),
188	165	),
189	166	'encode'
190	167	);
191	168	break;
192		- }
193	169
194		- // decrypt and retrieve data in JSON format
195		- $dataReceived = prepareExchangedData(
196		- $post_data,
197		- 'decode'
198		- );
	170	+ case 'perform_fix_pf_items-step2':
	171	+ // Check KEY
	172	+ if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
	173	+ echo prepareExchangedData(
	174	+ array(
	175	+ 'error' => true,
	176	+ 'message' => $lang->get('key_is_not_correct'),
	177	+ ),
	178	+ 'encode'
	179	+ );
	180	+ break;
	181	+ }
	182	+ // Is admin?
	183	+ if ((int) $session->get('user-admin') !== 1) {
	184	+ echo prepareExchangedData(
	185	+ array(
	186	+ 'error' => true,
	187	+ 'message' => $lang->get('error_not_allowed_to'),
	188	+ ),
	189	+ 'encode'
	190	+ );
	191	+ break;
	192	+ }
199	193
200		- $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
201		- $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
	194	+ // decrypt and retrieve data in JSON format
	195	+ $dataReceived = prepareExchangedData(
	196	+ $post_data,
	197	+ 'decode'
	198	+ );
	199	+
	200	+ $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
	201	+ $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
202	202
203		- // Delete all private items with sharekeys
204		- $pfiSharekeys = DB::queryFirstColumn(
205		- 'select s.increment_id
	203	+ // Delete all private items with sharekeys
	204	+ $pfiSharekeys = DB::queryFirstColumn(
	205	+ 'select s.increment_id
206	206	from teampass_sharekeys_items as s
207	207	INNER JOIN teampass_items AS i ON (i.id = s.object_id)
208	208	WHERE s.user_id = %i AND i.perso = 1 AND i.id_tree IN %ls',
209		- $userId,
210		- $personalFolders
211		- );
212		- $pfiSharekeysCount = DB::count();
213		- if ($pfiSharekeysCount > 0) {
214		- DB::delete(
215		- "teampass_sharekeys_items",
216		- "increment_id IN %ls",
217		- $pfiSharekeys
	209	+ $userId,
	210	+ $personalFolders
218	211	);
219		- }
	212	+ $pfiSharekeysCount = DB::count();
	213	+ if ($pfiSharekeysCount > 0) {
	214	+ DB::delete(
	215	+ "teampass_sharekeys_items",
	216	+ "increment_id IN %ls",
	217	+ $pfiSharekeys
	218	+ );
	219	+ }
220	220
221	221
222		- //Show done
223		- echo prepareExchangedData(
224		- array(
225		- 'error' => false,
226		- 'message' => '<br>Number of Sharekeys for private items DELETED: ',
227		- 'nbDeleted' => $pfiSharekeysCount,
228		- 'personalFolders' => json_encode($personalFolders),
229		- ),
230		- 'encode'
231		- );
232		- break;
233		-
234		-case 'perform_fix_pf_items-step3':
235		- // Check KEY
236		- if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
237		- echo prepareExchangedData(
238		- array(
239		- 'error' => true,
240		- 'message' => $lang->get('key_is_not_correct'),
241		- ),
242		- 'encode'
243		- );
244		- break;
245		- }
246		- // Is admin?
247		- if ((int) $session->get('user-admin') !== 1) {
	222	+ //Show done
248	223	echo prepareExchangedData(
249	224	array(
250		- 'error' => true,
251		- 'message' => $lang->get('error_not_allowed_to'),
	225	+ 'error' => false,
	226	+ 'message' => '<br>Number of Sharekeys for private items DELETED: ',
	227	+ 'nbDeleted' => $pfiSharekeysCount,
	228	+ 'personalFolders' => json_encode($personalFolders),
252	229	),
253	230	'encode'
254	231	);
255	232	break;
256		- }
257	233
258		- // decrypt and retrieve data in JSON format
259		- $dataReceived = prepareExchangedData(
260		- $post_data,
261		- 'decode'
262		- );
	234	+ case 'perform_fix_pf_items-step3':
	235	+ // Check KEY
	236	+ if (!hash_equals((string) $session->get('key'), (string) $post_key)) {
	237	+ echo prepareExchangedData(
	238	+ array(
	239	+ 'error' => true,
	240	+ 'message' => $lang->get('key_is_not_correct'),
	241	+ ),
	242	+ 'encode'
	243	+ );
	244	+ break;
	245	+ }
	246	+ // Is admin?
	247	+ if ((int) $session->get('user-admin') !== 1) {
	248	+ echo prepareExchangedData(
	249	+ array(
	250	+ 'error' => true,
	251	+ 'message' => $lang->get('error_not_allowed_to'),
	252	+ ),
	253	+ 'encode'
	254	+ );
	255	+ break;
	256	+ }
	257	+
	258	+ // decrypt and retrieve data in JSON format
	259	+ $dataReceived = prepareExchangedData(
	260	+ $post_data,
	261	+ 'decode'
	262	+ );
263	263
264		- $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
265		- $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
	264	+ $userId = filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT);
	265	+ $personalFolders = filter_var($dataReceived['personalFolders'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
266	266
267		- // Update from items_old to items all the private itemsitems that have been converted to teampass_aes
268		- // Get all key back
269		- $items = DB::query(
270		- "SELECT id
	267	+ // Update from items_old to items all the private itemsitems that have been converted to teampass_aes
	268	+ // Get all key back
	269	+ $items = DB::query(
	270	+ "SELECT id
271	271	FROM teampass_items
272	272	WHERE id_tree IN %ls AND encryption_type = %s",
273		- $personalFolders,
274		- "teampass_aes"
275		- );
276		- //DB::debugMode(false);
277		- $nbItems = DB::count();
278		- foreach ($items as $item) {
279		- $defusePwd = DB::queryFirstField("SELECT pw FROM teampass_items_old WHERE id = %i", $item['id']);
280		- DB::update(
281		- "teampass_items",
282		- ['pw' => $defusePwd, "encryption_type" => "defuse"],
283		- "id = %i",
284		- $item['id']
	273	+ $personalFolders,
	274	+ "teampass_aes"
285	275	);
286		- }
	276	+ //DB::debugMode(false);
	277	+ $nbItems = DB::count();
	278	+ foreach ($items as $item) {
	279	+ $defusePwd = DB::queryFirstField("SELECT pw FROM teampass_items_old WHERE id = %i", $item['id']);
	280	+ DB::update(
	281	+ "teampass_items",
	282	+ ['pw' => $defusePwd, "encryption_type" => "defuse"],
	283	+ "id = %i",
	284	+ $item['id']
	285	+ );
	286	+ }
287	287
288	288
289		- //Show done
290		- echo prepareExchangedData(
291		- array(
292		- 'error' => false,
293		- 'message' => '<br>Number of items reseted to Defuse: ',
294		- 'nbItems' => $nbItems,
295		- 'personalFolders' => json_encode($personalFolders),
296		- ),
297		- 'encode'
298		- );
299		- break;
300		-
301		- /* TOOL #2 - Fixing items master keys */
302		- /*
	289	+ //Show done
	290	+ echo prepareExchangedData(
	291	+ array(
	292	+ 'error' => false,
	293	+ 'message' => '<br>Number of items reseted to Defuse: ',
	294	+ 'nbItems' => $nbItems,
	295	+ 'personalFolders' => json_encode($personalFolders),
	296	+ ),
	297	+ 'encode'
	298	+ );
	299	+ break;
	300	+
	301	+ /* TOOL #2 - Fixing items master keys */
	302	+ /*
303	303	* STEP 1 - Check if we have the correct pwd for TP_USER
304	304	*/
305	305	case 'perform_fix_items_master_keys-step1':

		@@ -2904,8 +2904,8 @@ discard block
		block discarded – undo
2904	2904	// LIVE ACTIVITY ENDPOINT
2905	2905	// ========================================
2906	2906
2907		-case 'get_live_activity':
2908		- /**
	2907	+ case 'get_live_activity':
	2908	+ /**
2909	2909	* Get recent activity (last 5 minutes, max 10 entries)
2910	2910	*
2911	2911	* @return array [{
		@@ -2919,25 +2919,25 @@ discard block
		block discarded – undo
2919	2919	* }]
2920	2920	*/
2921	2921
2922		- $timestamp5min = time() - 300; // 5 minutes ago
	2922	+ $timestamp5min = time() - 300; // 5 minutes ago
2923	2923
2924		- $activities = DB::query(
2925		- 'SELECT l.date, l.id_user, u.login, l.action, l.raison, l.id_item, i.label
	2924	+ $activities = DB::query(
	2925	+ 'SELECT l.date, l.id_user, u.login, l.action, l.raison, l.id_item, i.label
2926	2926	FROM ' . prefixTable('log_items') . ' AS l
2927	2927	LEFT JOIN ' . prefixTable('users') . ' AS u ON l.id_user = u.id
2928	2928	LEFT JOIN ' . prefixTable('items') . ' AS i ON l.id_item = i.id
2929	2929	WHERE l.date > %i
2930	2930	ORDER BY l.date DESC
2931	2931	LIMIT 10',
2932		- $timestamp5min
2933		- );
	2932	+ $timestamp5min
	2933	+ );
2934	2934
2935		- $activityList = array();
	2935	+ $activityList = array();
2936	2936
2937		- foreach ($activities as $activity) {
2938		- // Translate action to readable text
2939		- $actionText = '';
2940		- switch ($activity['action']) {
	2937	+ foreach ($activities as $activity) {
	2938	+ // Translate action to readable text
	2939	+ $actionText = '';
	2940	+ switch ($activity['action']) {
2941	2941	case 'at_shown':
2942	2942	$actionText = $lang->get('action_accessed');
2943	2943	break;
		@@ -2961,7 +2961,7 @@ discard block
		block discarded – undo
2961	2961	break;
2962	2962	default:
2963	2963	$actionText = $activity['action'];
2964		- }
	2964	+ }
2965	2965
2966	2966	$activityList[] = array(
2967	2967	'timestamp' => (int) $activity['date'],
		@@ -2987,8 +2987,8 @@ discard block
		block discarded – undo
2987	2987	// SYSTEM STATUS ENDPOINT
2988	2988	// ========================================
2989	2989
2990		-case 'get_system_status':
2991		- /**
	2990	+ case 'get_system_status':
	2991	+ /**
2992	2992	* Get system status (tasks queue)
2993	2993	*
2994	2994	* @return array {
		@@ -2997,49 +2997,49 @@ discard block
		block discarded – undo
2997	2997	* }
2998	2998	*/
2999	2999
3000		- // Tasks queue count
3001		- $tasksQueue = DB::queryFirstField(
3002		- 'SELECT COUNT(*) FROM ' . prefixTable('background_tasks') . '
	3000	+ // Tasks queue count
	3001	+ $tasksQueue = DB::queryFirstField(
	3002	+ 'SELECT COUNT(*) FROM ' . prefixTable('background_tasks') . '
3003	3003	WHERE finished_at IS NULL OR finished_at = 0'
3004		- );
	3004	+ );
3005	3005
3006		- // Last cron execution
3007		- $lastCronLog = DB::queryFirstRow(
3008		- 'SELECT created_at FROM ' . prefixTable('background_tasks_logs') . '
	3006	+ // Last cron execution
	3007	+ $lastCronLog = DB::queryFirstRow(
	3008	+ 'SELECT created_at FROM ' . prefixTable('background_tasks_logs') . '
3009	3009	ORDER BY created_at DESC
3010	3010	LIMIT 1'
3011		- );
	3011	+ );
3012	3012
3013		- $lastCronText = $lang->get('never');
3014		- if ($lastCronLog && isset($lastCronLog['created_at'])) {
3015		- $timeDiff = time() - (int) $lastCronLog['created_at'];
3016		- if ($timeDiff < 60) {
3017		- $lastCronText = $timeDiff . 's ' . $lang->get('ago');
3018		- } elseif ($timeDiff < 3600) {
3019		- $lastCronText = floor($timeDiff / 60) . 'm ' . $lang->get('ago');
3020		- } elseif ($timeDiff < 86400) {
3021		- $lastCronText = floor($timeDiff / 3600) . 'h ' . $lang->get('ago');
3022		- } else {
3023		- $lastCronText = floor($timeDiff / 86400) . 'd ' . $lang->get('ago');
	3013	+ $lastCronText = $lang->get('never');
	3014	+ if ($lastCronLog && isset($lastCronLog['created_at'])) {
	3015	+ $timeDiff = time() - (int) $lastCronLog['created_at'];
	3016	+ if ($timeDiff < 60) {
	3017	+ $lastCronText = $timeDiff . 's ' . $lang->get('ago');
	3018	+ } elseif ($timeDiff < 3600) {
	3019	+ $lastCronText = floor($timeDiff / 60) . 'm ' . $lang->get('ago');
	3020	+ } elseif ($timeDiff < 86400) {
	3021	+ $lastCronText = floor($timeDiff / 3600) . 'h ' . $lang->get('ago');
	3022	+ } else {
	3023	+ $lastCronText = floor($timeDiff / 86400) . 'd ' . $lang->get('ago');
	3024	+ }
3024	3025	}
3025		- }
3026	3026
3027		- echo prepareExchangedData(
3028		- array(
3029		- 'error' => false,
3030		- 'tasks_queue' => (int) $tasksQueue,
3031		- 'last_cron' => $lastCronText,
3032		- ),
3033		- 'encode'
3034		- );
3035		- break;
	3027	+ echo prepareExchangedData(
	3028	+ array(
	3029	+ 'error' => false,
	3030	+ 'tasks_queue' => (int) $tasksQueue,
	3031	+ 'last_cron' => $lastCronText,
	3032	+ ),
	3033	+ 'encode'
	3034	+ );
	3035	+ break;
3036	3036
3037		-// ========================================
3038		-// SYSTEM HEALTH ENDPOINT
3039		-// ========================================
	3037	+ // ========================================
	3038	+ // SYSTEM HEALTH ENDPOINT
	3039	+ // ========================================
3040	3040
3041		-case 'get_system_health':
3042		- /**
	3041	+ case 'get_system_health':
	3042	+ /**
3043	3043	* Get system health checks
3044	3044	*
3045	3045	* @return array {
		@@ -3051,97 +3051,97 @@ discard block
		block discarded – undo
3051	3051	* }
3052	3052	*/
3053	3053
3054		- // Encryption check
3055		- $encryptionStatus = 'success';
3056		- $encryptionText = $lang->get('health_status_ok');
	3054	+ // Encryption check
	3055	+ $encryptionStatus = 'success';
	3056	+ $encryptionText = $lang->get('health_status_ok');
3057	3057
3058		- // Check if secure file exists
3059		- if (isset($SETTINGS['securepath']) && isset($SETTINGS['securefile']) && !file_exists($SETTINGS['securepath'] . DIRECTORY_SEPARATOR . $SETTINGS['securefile'])) {
3060		- $encryptionStatus = 'danger';
3061		- $encryptionText = $lang->get('health_secure_file_missing');
3062		- }
	3058	+ // Check if secure file exists
	3059	+ if (isset($SETTINGS['securepath']) && isset($SETTINGS['securefile']) && !file_exists($SETTINGS['securepath'] . DIRECTORY_SEPARATOR . $SETTINGS['securefile'])) {
	3060	+ $encryptionStatus = 'danger';
	3061	+ $encryptionText = $lang->get('health_secure_file_missing');
	3062	+ }
3063	3063
3064		- // Active sessions count
3065		- $sessionsCount = DB::queryFirstField(
3066		- 'SELECT COUNT(*) FROM ' . prefixTable('users') . '
	3064	+ // Active sessions count
	3065	+ $sessionsCount = DB::queryFirstField(
	3066	+ 'SELECT COUNT(*) FROM ' . prefixTable('users') . '
3067	3067	WHERE session_end > %i',
3068		- time()
3069		- );
	3068	+ time()
	3069	+ );
3070	3070
3071		- // Is cron installed
3072		- DB::query(
3073		- 'SELECT valeur
	3071	+ // Is cron installed
	3072	+ DB::query(
	3073	+ 'SELECT valeur
3074	3074	FROM ' . prefixTable('misc') . '
3075	3075	WHERE type = %s AND intitule = %s and valeur >= %d',
3076		- 'admin',
3077		- 'last_cron_exec',
3078		- time() - 600 // max 10 minutes
3079		- );
	3076	+ 'admin',
	3077	+ 'last_cron_exec',
	3078	+ time() - 600 // max 10 minutes
	3079	+ );
3080	3080
3081		- if (DB::count() === 0) {
3082		- $cronStatus = 'danger';
3083		- $cronText = $lang->get('error');
3084		- } else {
3085		- // Cron check (last execution should be < 2 minutes ago)
3086		- $lastCron = DB::queryFirstField(
3087		- 'SELECT created_at FROM ' . prefixTable('background_tasks_logs') . '
	3081	+ if (DB::count() === 0) {
	3082	+ $cronStatus = 'danger';
	3083	+ $cronText = $lang->get('error');
	3084	+ } else {
	3085	+ // Cron check (last execution should be < 2 minutes ago)
	3086	+ $lastCron = DB::queryFirstField(
	3087	+ 'SELECT created_at FROM ' . prefixTable('background_tasks_logs') . '
3088	3088	ORDER BY created_at DESC
3089	3089	LIMIT 1'
3090		- );
	3090	+ );
3091	3091
3092		- $cronStatus = 'success';
3093		- $cronText = $lang->get('health_status_ok');
	3092	+ $cronStatus = 'success';
	3093	+ $cronText = $lang->get('health_status_ok');
3094	3094
3095		- if (!$lastCron \|\| (time() - (int) $lastCron) > 120) {
3096		- $cronStatus = 'warning';
3097		- $cronText = $lang->get('health_cron_delayed');
	3095	+ if (!$lastCron \|\| (time() - (int) $lastCron) > 120) {
	3096	+ $cronStatus = 'warning';
	3097	+ $cronText = $lang->get('health_cron_delayed');
	3098	+ }
3098	3099	}
3099		- }
3100	3100
3101		- // Unknown files count
3102		- $unknownFilesData = DB::queryFirstField(
3103		- 'SELECT valeur FROM ' . prefixTable('misc') . '
	3101	+ // Unknown files count
	3102	+ $unknownFilesData = DB::queryFirstField(
	3103	+ 'SELECT valeur FROM ' . prefixTable('misc') . '
3104	3104	WHERE type = %s AND intitule = %s',
3105		- 'admin',
3106		- 'unknown_files'
3107		- );
	3105	+ 'admin',
	3106	+ 'unknown_files'
	3107	+ );
3108	3108
3109		- $unknownFilesCount = 0;
3110		- if ($unknownFilesData) {
3111		- $unknownFiles = json_decode($unknownFilesData, true);
3112		- if (is_array($unknownFiles)) {
3113		- $unknownFilesCount = count($unknownFiles);
	3109	+ $unknownFilesCount = 0;
	3110	+ if ($unknownFilesData) {
	3111	+ $unknownFiles = json_decode($unknownFilesData, true);
	3112	+ if (is_array($unknownFiles)) {
	3113	+ $unknownFilesCount = count($unknownFiles);
	3114	+ }
3114	3115	}
3115		- }
3116	3116
3117		- echo prepareExchangedData(
3118		- array(
3119		- 'error' => false,
3120		- 'encryption' => array(
3121		- 'status' => $encryptionStatus,
3122		- 'text' => $encryptionText,
3123		- ),
3124		- 'sessions' => array(
3125		- 'count' => (int) $sessionsCount,
3126		- ),
3127		- 'cron' => array(
3128		- 'status' => $cronStatus,
3129		- 'text' => $cronText,
3130		- ),
3131		- 'unknown_files' => array(
3132		- 'count' => $unknownFilesCount,
	3117	+ echo prepareExchangedData(
	3118	+ array(
	3119	+ 'error' => false,
	3120	+ 'encryption' => array(
	3121	+ 'status' => $encryptionStatus,
	3122	+ 'text' => $encryptionText,
	3123	+ ),
	3124	+ 'sessions' => array(
	3125	+ 'count' => (int) $sessionsCount,
	3126	+ ),
	3127	+ 'cron' => array(
	3128	+ 'status' => $cronStatus,
	3129	+ 'text' => $cronText,
	3130	+ ),
	3131	+ 'unknown_files' => array(
	3132	+ 'count' => $unknownFilesCount,
	3133	+ ),
3133	3134	),
3134		- ),
3135		- 'encode'
3136		- );
3137		- break;
	3135	+ 'encode'
	3136	+ );
	3137	+ break;
3138	3138
3139		-// ========================================
3140		-// QUICK ACTIONS - CLEAN OLD LOGS
3141		-// ========================================
	3139	+ // ========================================
	3140	+ // QUICK ACTIONS - CLEAN OLD LOGS
	3141	+ // ========================================
3142	3142
3143		-case 'clean_old_logs':
3144		- /**
	3143	+ case 'clean_old_logs':
	3144	+ /**
3145	3145	* Clean logs older than 90 days
3146	3146	*
3147	3147	* @return array {
		@@ -3151,54 +3151,54 @@ discard block
		block discarded – undo
3151	3151	* }
3152	3152	*/
3153	3153
3154		- $threshold = time() - (90 * 86400); // 90 days ago
	3154	+ $threshold = time() - (90 * 86400); // 90 days ago
3155	3155
3156		- // Delete old log_items entries
3157		- DB::delete(
3158		- prefixTable('log_items'),
3159		- 'date < %i',
3160		- $threshold
3161		- );
	3156	+ // Delete old log_items entries
	3157	+ DB::delete(
	3158	+ prefixTable('log_items'),
	3159	+ 'date < %i',
	3160	+ $threshold
	3161	+ );
3162	3162
3163		- $deletedItems = DB::affectedRows();
	3163	+ $deletedItems = DB::affectedRows();
3164	3164
3165		- // Delete old log_system entries
3166		- DB::delete(
3167		- prefixTable('log_system'),
3168		- 'date < %i',
3169		- $threshold
3170		- );
	3165	+ // Delete old log_system entries
	3166	+ DB::delete(
	3167	+ prefixTable('log_system'),
	3168	+ 'date < %i',
	3169	+ $threshold
	3170	+ );
3171	3171
3172		- $deletedSystem = DB::affectedRows();
	3172	+ $deletedSystem = DB::affectedRows();
3173	3173
3174		- $totalDeleted = $deletedItems + $deletedSystem;
	3174	+ $totalDeleted = $deletedItems + $deletedSystem;
3175	3175
3176		- // Log the action
3177		- logEvents(
3178		- $SETTINGS,
3179		- 'admin_action',
3180		- 'clean_old_logs',
3181		- (string) $session->get('user-id'),
3182		- $session->get('user-login'),
3183		- 'Cleaned ' . $totalDeleted . ' old log entries'
3184		- );
	3176	+ // Log the action
	3177	+ logEvents(
	3178	+ $SETTINGS,
	3179	+ 'admin_action',
	3180	+ 'clean_old_logs',
	3181	+ (string) $session->get('user-id'),
	3182	+ $session->get('user-login'),
	3183	+ 'Cleaned ' . $totalDeleted . ' old log entries'
	3184	+ );
3185	3185
3186		- echo prepareExchangedData(
3187		- array(
3188		- 'error' => false,
3189		- 'message' => $lang->get('admin_logs_cleaned_success'),
3190		- 'deleted_count' => $totalDeleted,
3191		- ),
3192		- 'encode'
3193		- );
3194		- break;
	3186	+ echo prepareExchangedData(
	3187	+ array(
	3188	+ 'error' => false,
	3189	+ 'message' => $lang->get('admin_logs_cleaned_success'),
	3190	+ 'deleted_count' => $totalDeleted,
	3191	+ ),
	3192	+ 'encode'
	3193	+ );
	3194	+ break;
3195	3195
3196		-// ========================================
3197		-// QUICK ACTIONS - TEST ENCRYPTION (KEPT FOR COMPATIBILITY)
3198		-// ========================================
	3196	+ // ========================================
	3197	+ // QUICK ACTIONS - TEST ENCRYPTION (KEPT FOR COMPATIBILITY)
	3198	+ // ========================================
3199	3199
3200		-case 'test_encryption':
3201		- /**
	3200	+ case 'test_encryption':
	3201	+ /**
3202	3202	* Test encryption system integrity
3203	3203	*
3204	3204	* @return array {
		@@ -3207,117 +3207,117 @@ discard block
		block discarded – undo
3207	3207	* }
3208	3208	*/
3209	3209
3210		- try {
3211		- // Test string
3212		- $testString = 'TeamPass Encryption Test ' . time();
	3210	+ try {
	3211	+ // Test string
	3212	+ $testString = 'TeamPass Encryption Test ' . time();
3213	3213
3214		- // Get encryption key
3215		- $key = file_get_contents($SETTINGS['securepath'] . DIRECTORY_SEPARATOR . $SETTINGS['securefile']);
	3214	+ // Get encryption key
	3215	+ $key = file_get_contents($SETTINGS['securepath'] . DIRECTORY_SEPARATOR . $SETTINGS['securefile']);
3216	3216
3217		- if ($key === false) {
3218		- throw new Exception($lang->get('admin_encryption_key_not_found'));
3219		- }
	3217	+ if ($key === false) {
	3218	+ throw new Exception($lang->get('admin_encryption_key_not_found'));
	3219	+ }
3220	3220
3221		- // Use Defuse encryption (TeamPass's current encryption method)
3222		- require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/EnvironmentIsBrokenException.php';
3223		- require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/BadFormatException.php';
3224		- require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/WrongKeyOrModifiedCiphertextException.php';
3225		- require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Crypto.php';
3226		- require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Key.php';
	3221	+ // Use Defuse encryption (TeamPass's current encryption method)
	3222	+ require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/EnvironmentIsBrokenException.php';
	3223	+ require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/BadFormatException.php';
	3224	+ require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Exception/WrongKeyOrModifiedCiphertextException.php';
	3225	+ require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Crypto.php';
	3226	+ require_once $SETTINGS['cpassman_dir'] . '/vendor/defuse/php-encryption/src/Key.php';
3227	3227
3228		- $encryptionKey = \Defuse\Crypto\Key::loadFromAsciiSafeString($key);
	3228	+ $encryptionKey = \Defuse\Crypto\Key::loadFromAsciiSafeString($key);
3229	3229
3230		- // Encrypt test string
3231		- $encrypted = \Defuse\Crypto\Crypto::encrypt($testString, $encryptionKey);
	3230	+ // Encrypt test string
	3231	+ $encrypted = \Defuse\Crypto\Crypto::encrypt($testString, $encryptionKey);
3232	3232
3233		- // Decrypt test string
3234		- $decrypted = \Defuse\Crypto\Crypto::decrypt($encrypted, $encryptionKey);
	3233	+ // Decrypt test string
	3234	+ $decrypted = \Defuse\Crypto\Crypto::decrypt($encrypted, $encryptionKey);
3235	3235
3236		- // Verify
3237		- if ($decrypted !== $testString) {
3238		- throw new Exception($lang->get('admin_encryption_test_failed'));
3239		- }
	3236	+ // Verify
	3237	+ if ($decrypted !== $testString) {
	3238	+ throw new Exception($lang->get('admin_encryption_test_failed'));
	3239	+ }
3240	3240
3241		- // Log the test
3242		- logEvents(
3243		- $SETTINGS,
3244		- 'admin_action',
3245		- 'test_encryption',
3246		- (string) $session->get('user-id'),
3247		- $session->get('user-login'),
3248		- 'Encryption test successful'
3249		- );
	3241	+ // Log the test
	3242	+ logEvents(
	3243	+ $SETTINGS,
	3244	+ 'admin_action',
	3245	+ 'test_encryption',
	3246	+ (string) $session->get('user-id'),
	3247	+ $session->get('user-login'),
	3248	+ 'Encryption test successful'
	3249	+ );
3250	3250
3251		- echo prepareExchangedData(
3252		- array(
3253		- 'error' => false,
3254		- 'message' => $lang->get('admin_encryption_test_success'),
3255		- ),
3256		- 'encode'
3257		- );
	3251	+ echo prepareExchangedData(
	3252	+ array(
	3253	+ 'error' => false,
	3254	+ 'message' => $lang->get('admin_encryption_test_success'),
	3255	+ ),
	3256	+ 'encode'
	3257	+ );
3258	3258
3259		- } catch (Exception $e) {
3260		- echo prepareExchangedData(
3261		- array(
3262		- 'error' => true,
3263		- 'message' => $e->getMessage(),
3264		- ),
3265		- 'encode'
3266		- );
3267		- }
3268		- break;
	3259	+ } catch (Exception $e) {
	3260	+ echo prepareExchangedData(
	3261	+ array(
	3262	+ 'error' => true,
	3263	+ 'message' => $e->getMessage(),
	3264	+ ),
	3265	+ 'encode'
	3266	+ );
	3267	+ }
	3268	+ break;
3269	3269
3270		-// ========================================
3271		-// QUICK ACTIONS - EXPORT STATISTICS
3272		-// ========================================
	3270	+ // ========================================
	3271	+ // QUICK ACTIONS - EXPORT STATISTICS
	3272	+ // ========================================
3273	3273
3274		-case 'export_statistics':
3275		- /**
	3274	+ case 'export_statistics':
	3275	+ /**
3276	3276	* Export statistics as CSV file
3277	3277	*
3278	3278	* @return void (file download)
3279	3279	*/
3280	3280
3281		- // Set headers for CSV download
3282		- header('Content-Type: text/csv; charset=utf-8');
3283		- header('Content-Disposition: attachment; filename="teampass_statistics_' . date('Y-m-d_H-i-s') . '.csv"');
	3281	+ // Set headers for CSV download
	3282	+ header('Content-Type: text/csv; charset=utf-8');
	3283	+ header('Content-Disposition: attachment; filename="teampass_statistics_' . date('Y-m-d_H-i-s') . '.csv"');
3284	3284
3285		- // Create output stream
3286		- $output = fopen('php://output', 'w');
	3285	+ // Create output stream
	3286	+ $output = fopen('php://output', 'w');
3287	3287
3288		- // Write CSV headers
3289		- fputcsv($output, array(
3290		- $lang->get('admin_export_metric'),
3291		- $lang->get('admin_export_value'),
3292		- ));
	3288	+ // Write CSV headers
	3289	+ fputcsv($output, array(
	3290	+ $lang->get('admin_export_metric'),
	3291	+ $lang->get('admin_export_value'),
	3292	+ ));
3293	3293
3294		- // Gather statistics
3295		- $stats = array(
3296		- $lang->get('active_users') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('users') . ' WHERE disabled = 0'),
3297		- $lang->get('total_items') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('items') . ' WHERE inactif = 0'),
3298		- $lang->get('total_folders') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('nested_tree')),
3299		- $lang->get('logs_24h') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('log_items') . ' WHERE date > ' . (time() - 86400)),
3300		- );
	3294	+ // Gather statistics
	3295	+ $stats = array(
	3296	+ $lang->get('active_users') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('users') . ' WHERE disabled = 0'),
	3297	+ $lang->get('total_items') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('items') . ' WHERE inactif = 0'),
	3298	+ $lang->get('total_folders') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('nested_tree')),
	3299	+ $lang->get('logs_24h') => DB::queryFirstField('SELECT COUNT(*) FROM ' . prefixTable('log_items') . ' WHERE date > ' . (time() - 86400)),
	3300	+ );
3301	3301
3302		- // Write statistics
3303		- foreach ($stats as $metric => $value) {
3304		- fputcsv($output, array($metric, $value));
3305		- }
	3302	+ // Write statistics
	3303	+ foreach ($stats as $metric => $value) {
	3304	+ fputcsv($output, array($metric, $value));
	3305	+ }
3306	3306
3307		- fclose($output);
	3307	+ fclose($output);
3308	3308
3309		- // Log the export
3310		- logEvents(
3311		- $SETTINGS,
3312		- 'admin_action',
3313		- 'export_statistics',
3314		- (string) $session->get('user-id'),
3315		- $session->get('user-login'),
3316		- 'Statistics exported'
3317		- );
	3309	+ // Log the export
	3310	+ logEvents(
	3311	+ $SETTINGS,
	3312	+ 'admin_action',
	3313	+ 'export_statistics',
	3314	+ (string) $session->get('user-id'),
	3315	+ $session->get('user-login'),
	3316	+ 'Statistics exported'
	3317	+ );
3318	3318
3319		- exit;
3320		- break;
	3319	+ exit;
	3320	+ break;
3321	3321
3322	3322	}
3323	3323

nilsteampassnet / TeamPass

Push — master ( b727b7...6bf24f )

Status

Category

Switch Indentation +171 added lines, -171 removed lines patch added patch discarded remove patch

Switch Indentation +246 added lines, -246 removed lines patch added patch discarded remove patch