Inspection of "3.0.0.10" - nilsteampassnet/TeamPass - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — teampass_3.0 ( 4c0075...5e4b29 )

by Nils

created 2022-01-26 19:36 UTC

Status

Spacing +6 added lines, -6 removed lines patch added patch discarded remove patch

@@ -37,12 +37,12 @@  discard block
 block discarded – undo
 }
 
 // Do checks
-require_once $SETTINGS['cpassman_dir'] . '/includes/config/include.php';
-require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php';
+require_once $SETTINGS['cpassman_dir'].'/includes/config/include.php';
+require_once $SETTINGS['cpassman_dir'].'/sources/checks.php';
 if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'items', $SETTINGS) === false) {
     // Not allowed page
     $_SESSION['error']['code'] = ERR_NOT_ALLOWED;
-    include $SETTINGS['cpassman_dir'] . '/error.php';
+    include $SETTINGS['cpassman_dir'].'/error.php';
     exit;
 }
 
@@ -55,14 +55,14 @@  discard block
 block discarded – undo
     date_default_timezone_set('UTC');
 }
 
-require_once $SETTINGS['cpassman_dir'] . '/includes/language/' . $_SESSION['user_language'] . '.php';
-require_once $SETTINGS['cpassman_dir'] . '/includes/config/settings.php';
+require_once $SETTINGS['cpassman_dir'].'/includes/language/'.$_SESSION['user_language'].'.php';
+require_once $SETTINGS['cpassman_dir'].'/includes/config/settings.php';
 header('Content-type: text/html; charset=utf-8');
 header('Cache-Control: no-cache, must-revalidate');
 require_once 'main.functions.php';
 
 // Connect to mysql server
-require_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Database/Meekrodb/db.class.php';
+require_once $SETTINGS['cpassman_dir'].'/includes/libraries/Database/Meekrodb/db.class.php';
 mysqli_connect(DB_HOST, DB_USER, defuseReturnDecrypted(DB_PASSWD, $SETTINGS), DB_NAME, (int) DB_PORT, null);
 
 // Protect POST

Please login to merge, or discard this patch.

sources/logs.datatables.php 1 patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -28,7 +28,7 @@
 block discarded – undo
 require_once 'SecureHandler.php';
 session_name('teampass_session');
 session_start();
-if (! isset($_SESSION['CPM']) || $_SESSION['CPM'] === false || ! isset($_SESSION['key']) || empty($_SESSION['key'])) {
+if (!isset($_SESSION['CPM']) || $_SESSION['CPM'] === false || !isset($_SESSION['key']) || empty($_SESSION['key'])) {
     die('Hacking attempt...');
 }
 

Please login to merge, or discard this patch.

sources/users.datatable.php 1 patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -28,7 +28,7 @@
 block discarded – undo
 require_once 'SecureHandler.php';
 session_name('teampass_session');
 session_start();
-if (! isset($_SESSION['CPM']) || $_SESSION['CPM'] === false || ! isset($_SESSION['key']) || empty($_SESSION['key'])) {
+if (!isset($_SESSION['CPM']) || $_SESSION['CPM'] === false || !isset($_SESSION['key']) || empty($_SESSION['key'])) {
     die('Hacking attempt...');
 }
 

Please login to merge, or discard this patch.

sources/downloadFile.php 1 patch

Spacing +8 added lines, -8 removed lines patch added patch discarded remove patch

@@ -51,7 +51,7 @@  discard block
 block discarded – undo
 }
 
 // Include files
-require_once $SETTINGS['cpassman_dir'] . '/includes/libraries/protect/SuperGlobal/SuperGlobal.php';
+require_once $SETTINGS['cpassman_dir'].'/includes/libraries/protect/SuperGlobal/SuperGlobal.php';
 $superGlobal = new protect\SuperGlobal\SuperGlobal();
 // Prepare GET variables
 $get_filename = $superGlobal->get('name', 'GET');
@@ -59,17 +59,17 @@  discard block
 block discarded – undo
 $get_pathIsFiles = $superGlobal->get('pathIsFiles', 'GET');
 
 // prepare Encryption class calls
-header('Content-disposition: attachment; filename=' . rawurldecode(basename($get_filename)));
+header('Content-disposition: attachment; filename='.rawurldecode(basename($get_filename)));
 header('Content-Type: application/octet-stream');
 header('Cache-Control: must-revalidate, no-cache, no-store');
 header('Expires: 0');
 if (isset($_GET['pathIsFiles']) && (int) $get_pathIsFiles === 1) {
-    readfile($SETTINGS['path_to_files_folder'] . '/' . basename($get_filename));
+    readfile($SETTINGS['path_to_files_folder'].'/'.basename($get_filename));
 } else {
     include_once 'main.functions.php';
-    require_once $SETTINGS['cpassman_dir'] . '/includes/config/settings.php';
+    require_once $SETTINGS['cpassman_dir'].'/includes/config/settings.php';
     // connect to the server
-    include_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Database/Meekrodb/db.class.php';
+    include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Database/Meekrodb/db.class.php';
     if (defined('DB_PASSWD_CLEAR') === false) {
         define('DB_PASSWD_CLEAR', defuseReturnDecrypted(DB_PASSWD, $SETTINGS));
     }
@@ -83,8 +83,8 @@  discard block
 block discarded – undo
     $file_info = DB::queryfirstrow(
         'SELECT f.id AS id, f.file AS file, f.name AS name, f.status AS status, f.extension AS extension,
         s.share_key AS share_key
-        FROM ' . prefixTable('files') . ' AS f
-        INNER JOIN ' . prefixTable('sharekeys_files') . ' AS s ON (f.id = s.object_id)
+        FROM ' . prefixTable('files').' AS f
+        INNER JOIN ' . prefixTable('sharekeys_files').' AS s ON (f.id = s.object_id)
         WHERE s.user_id = %i AND s.object_id = %i',
         $_SESSION['user_id'],
         $get_fileid
@@ -103,7 +103,7 @@  discard block
 block discarded – undo
     header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
     header('Cache-Control: private', false);
     header('Content-Type: application/octet-stream');
-    header('Content-Disposition: attachment; filename="' . $filename . '.' . $file_info['extension'] . '";');
+    header('Content-Disposition: attachment; filename="'.$filename.'.'.$file_info['extension'].'";');
     header('Content-Transfer-Encoding: binary');
     // Stream the CSV data
     exit(base64_decode($fileContent));

Please login to merge, or discard this patch.

sources/backups.queries.php 1 patch

Spacing +32 added lines, -32 removed lines patch added patch discarded remove patch

@@ -37,23 +37,23 @@  discard block
 block discarded – undo
 }
 
 // Do checks
-require_once $SETTINGS['cpassman_dir'] . '/includes/config/include.php';
-require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php';
+require_once $SETTINGS['cpassman_dir'].'/includes/config/include.php';
+require_once $SETTINGS['cpassman_dir'].'/sources/checks.php';
 if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'options', $SETTINGS) === false) {
     // Not allowed page
     $_SESSION['error']['code'] = ERR_NOT_ALLOWED;
-    include $SETTINGS['cpassman_dir'] . '/error.php';
+    include $SETTINGS['cpassman_dir'].'/error.php';
     exit();
 }
 
-require_once $SETTINGS['cpassman_dir'] . '/includes/language/' . $_SESSION['user_language'] . '.php';
-require_once $SETTINGS['cpassman_dir'] . '/includes/config/settings.php';
+require_once $SETTINGS['cpassman_dir'].'/includes/language/'.$_SESSION['user_language'].'.php';
+require_once $SETTINGS['cpassman_dir'].'/includes/config/settings.php';
 header('Content-type: text/html; charset=utf-8');
 header('Cache-Control: no-cache, must-revalidate');
 require_once 'main.functions.php';
 
 // Connect to mysql server
-require_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Database/Meekrodb/db.class.php';
+require_once $SETTINGS['cpassman_dir'].'/includes/libraries/Database/Meekrodb/db.class.php';
 DB::$host = DB_HOST;
 DB::$user = DB_USER;
 DB::$password = DB_PASSWD_CLEAR;
@@ -103,21 +103,21 @@  discard block
 block discarded – undo
             // Prepare variables
             $post_key = filter_var($dataReceived['encryptionKey'], FILTER_SANITIZE_STRING);
 
-            require_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php';
+            require_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php';
             $return = '';
 
             //Get all tables
             $tables = array();
             $result = DB::query('SHOW TABLES');
             foreach ($result as $row) {
-                $tables[] = $row['Tables_in_' . DB_NAME];
+                $tables[] = $row['Tables_in_'.DB_NAME];
             }
 
             //cycle through
             foreach ($tables as $table) {
                 if (empty($pre) || substr_count($table, $pre) > 0) {
                     // Do query
-                    $result = DB::queryRaw('SELECT * FROM ' . $table);
+                    $result = DB::queryRaw('SELECT * FROM '.$table);
                     DB::queryRaw(
                         'SELECT *
                         FROM INFORMATION_SCHEMA.COLUMNS
@@ -129,19 +129,19 @@  discard block
 block discarded – undo
                     $numFields = DB::count();
 
                     // prepare a drop table
-                    $return .= 'DROP TABLE ' . $table . ';';
-                    $row2 = DB::queryfirstrow('SHOW CREATE TABLE ' . $table);
-                    $return .= "\n\n" . $row2['Create Table'] . ";\n\n";
+                    $return .= 'DROP TABLE '.$table.';';
+                    $row2 = DB::queryfirstrow('SHOW CREATE TABLE '.$table);
+                    $return .= "\n\n".$row2['Create Table'].";\n\n";
 
                     //prepare all fields and datas
                     for ($i = 0; $i < $numFields; ++$i) {
                         while ($row = $result->fetch_row()) {
-                            $return .= 'INSERT INTO ' . $table . ' VALUES(';
+                            $return .= 'INSERT INTO '.$table.' VALUES(';
                             for ($j = 0; $j < $numFields; ++$j) {
                                 $row[$j] = addslashes($row[$j]);
                                 $row[$j] = preg_replace("/\n/", '\\n', $row[$j]);
                                 if (isset($row[$j])) {
-                                    $return .= '"' . $row[$j] . '"';
+                                    $return .= '"'.$row[$j].'"';
                                 } else {
                                     $return .= 'NULL';
                                 }
@@ -161,8 +161,8 @@  discard block
 block discarded – undo
                 $token = GenerateCryptKey(20, false, true, true, false, true, $SETTINGS);
 
                 //save file
-                $filename = time() . '-' . $token . '.sql';
-                $handle = fopen($SETTINGS['path_to_files_folder'] . '/' . $filename, 'w+');
+                $filename = time().'-'.$token.'.sql';
+                $handle = fopen($SETTINGS['path_to_files_folder'].'/'.$filename, 'w+');
                 if ($handle !== false) {
                     //write file
                     fwrite($handle, $return);
@@ -174,17 +174,17 @@  discard block
 block discarded – undo
                     // Encrypt the file
                     prepareFileWithDefuse(
                         'encrypt',
-                        $SETTINGS['path_to_files_folder'] . '/' . $filename,
-                        $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $filename,
+                        $SETTINGS['path_to_files_folder'].'/'.$filename,
+                        $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$filename,
                         $SETTINGS,
                         $post_key
                     );
 
                     // Do clean
-                    unlink($SETTINGS['path_to_files_folder'] . '/' . $filename);
+                    unlink($SETTINGS['path_to_files_folder'].'/'.$filename);
                     rename(
-                        $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $filename,
-                        $SETTINGS['path_to_files_folder'] . '/' . $filename
+                        $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$filename,
+                        $SETTINGS['path_to_files_folder'].'/'.$filename
                     );
                 }
 
@@ -204,9 +204,9 @@  discard block
 block discarded – undo
                     array(
                         'error' => false,
                         'message' => '',
-                        'download' => 'sources/downloadFile.php?name=' . urlencode($filename) .
-                            '&sub=files&file=' . $filename . '&type=sql&key=' . $_SESSION['key'] . '&key_tmp=' .
-                            $_SESSION['key_tmp'] . '&pathIsFiles=1',
+                        'download' => 'sources/downloadFile.php?name='.urlencode($filename).
+                            '&sub=files&file='.$filename.'&type=sql&key='.$_SESSION['key'].'&key_tmp='.
+                            $_SESSION['key_tmp'].'&pathIsFiles=1',
                     ),
                     'encode'
                 );
@@ -252,12 +252,12 @@  discard block
 block discarded – undo
             $post_key = filter_var($dataReceived['encryptionKey'], FILTER_SANITIZE_STRING);
             $post_backupFile = filter_var($dataReceived['backupFile'], FILTER_SANITIZE_STRING);
 
-            include_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php';
+            include_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php';
 
             // Get filename from database
             $data = DB::queryFirstRow(
                 'SELECT valeur
-                FROM ' . prefixTable('misc') . '
+                FROM ' . prefixTable('misc').'
                 WHERE increment_id = %i',
                 $post_backupFile
             );
@@ -276,22 +276,22 @@  discard block
 block discarded – undo
                 // Decrypt the file
                 $ret = prepareFileWithDefuse(
                     'decrypt',
-                    $SETTINGS['path_to_files_folder'] . '/' . $post_backupFile,
-                    $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $post_backupFile,
+                    $SETTINGS['path_to_files_folder'].'/'.$post_backupFile,
+                    $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$post_backupFile,
                     $SETTINGS,
                     $post_key
                 );
 
                 if (empty($ret) === false) {
-                    echo '[{"result":"db_restore" , "message":"' . $ret . '"}]';
+                    echo '[{"result":"db_restore" , "message":"'.$ret.'"}]';
                     break;
                 }
 
                 // Do clean
-                fileDelete($SETTINGS['path_to_files_folder'] . '/' . $post_backupFile, $SETTINGS);
-                $post_backupFile = $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $post_backupFile;
+                fileDelete($SETTINGS['path_to_files_folder'].'/'.$post_backupFile, $SETTINGS);
+                $post_backupFile = $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$post_backupFile;
             } else {
-                $post_backupFile = $SETTINGS['path_to_files_folder'] . '/' . $post_backupFile;
+                $post_backupFile = $SETTINGS['path_to_files_folder'].'/'.$post_backupFile;
             }
 
             //read sql file

Please login to merge, or discard this patch.

pages/export.js.php 1 patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

@@ -43,11 +43,11 @@
 block discarded – undo
 }
 
 /* do checks */
-require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php';
+require_once $SETTINGS['cpassman_dir'].'/sources/checks.php';
 if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'profile', $SETTINGS) === false) {
     $_SESSION['error']['code'] = ERR_NOT_ALLOWED;
     //not allowed page
-    include $SETTINGS['cpassman_dir'] . '/error.php';
+    include $SETTINGS['cpassman_dir'].'/error.php';
     exit;
 }
 ?>

Please login to merge, or discard this patch.

pages/import.php 1 patch

Spacing +3 added lines, -3 removed lines patch added patch discarded remove patch

@@ -43,16 +43,16 @@
 block discarded – undo
 }
 
 /* do checks */
-require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php';
+require_once $SETTINGS['cpassman_dir'].'/sources/checks.php';
 if (checkUser($_SESSION['user_id'], $_SESSION['key'], curPage($SETTINGS), $SETTINGS) === false) {
     $_SESSION['error']['code'] = ERR_NOT_ALLOWED;
     //not allowed page
-    include $SETTINGS['cpassman_dir'] . '/error.php';
+    include $SETTINGS['cpassman_dir'].'/error.php';
     exit;
 }
 
 // Load
-require_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php';
+require_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php';
 
 ?>
 

Please login to merge, or discard this patch.

pages/utilities.renewal.js.php 1 patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

@@ -43,11 +43,11 @@
 block discarded – undo
 }
 
 /* do checks */
-require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php';
+require_once $SETTINGS['cpassman_dir'].'/sources/checks.php';
 if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'utilities.logs', $SETTINGS) === false) {
     $_SESSION['error']['code'] = ERR_NOT_ALLOWED;
     //not allowed page
-    include $SETTINGS['cpassman_dir'] . '/error.php';
+    include $SETTINGS['cpassman_dir'].'/error.php';
     exit;
 }
 ?>

Please login to merge, or discard this patch.

pages/utilities.logs.js.php 1 patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

@@ -43,11 +43,11 @@
 block discarded – undo
 }
 
 /* do checks */
-require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php';
+require_once $SETTINGS['cpassman_dir'].'/sources/checks.php';
 if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'utilities.logs', $SETTINGS) === false) {
     $_SESSION['error']['code'] = ERR_NOT_ALLOWED;
     //not allowed page
-    include $SETTINGS['cpassman_dir'] . '/error.php';
+    include $SETTINGS['cpassman_dir'].'/error.php';
     exit;
 }
 ?>

Please login to merge, or discard this patch.

		@@ -37,23 +37,23 @@ discard block
		block discarded – undo
37	37	}
38	38
39	39	// Do checks
40		-require_once $SETTINGS['cpassman_dir'] . '/includes/config/include.php';
41		-require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php';
	40	+require_once $SETTINGS['cpassman_dir'].'/includes/config/include.php';
	41	+require_once $SETTINGS['cpassman_dir'].'/sources/checks.php';
42	42	if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'options', $SETTINGS) === false) {
43	43	// Not allowed page
44	44	$_SESSION['error']['code'] = ERR_NOT_ALLOWED;
45		- include $SETTINGS['cpassman_dir'] . '/error.php';
	45	+ include $SETTINGS['cpassman_dir'].'/error.php';
46	46	exit();
47	47	}
48	48
49		-require_once $SETTINGS['cpassman_dir'] . '/includes/language/' . $_SESSION['user_language'] . '.php';
50		-require_once $SETTINGS['cpassman_dir'] . '/includes/config/settings.php';
	49	+require_once $SETTINGS['cpassman_dir'].'/includes/language/'.$_SESSION['user_language'].'.php';
	50	+require_once $SETTINGS['cpassman_dir'].'/includes/config/settings.php';
51	51	header('Content-type: text/html; charset=utf-8');
52	52	header('Cache-Control: no-cache, must-revalidate');
53	53	require_once 'main.functions.php';
54	54
55	55	// Connect to mysql server
56		-require_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Database/Meekrodb/db.class.php';
	56	+require_once $SETTINGS['cpassman_dir'].'/includes/libraries/Database/Meekrodb/db.class.php';
57	57	DB::$host = DB_HOST;
58	58	DB::$user = DB_USER;
59	59	DB::$password = DB_PASSWD_CLEAR;
		@@ -103,21 +103,21 @@ discard block
		block discarded – undo
103	103	// Prepare variables
104	104	$post_key = filter_var($dataReceived['encryptionKey'], FILTER_SANITIZE_STRING);
105	105
106		- require_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php';
	106	+ require_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php';
107	107	$return = '';
108	108
109	109	//Get all tables
110	110	$tables = array();
111	111	$result = DB::query('SHOW TABLES');
112	112	foreach ($result as $row) {
113		- $tables[] = $row['Tables_in_' . DB_NAME];
	113	+ $tables[] = $row['Tables_in_'.DB_NAME];
114	114	}
115	115
116	116	//cycle through
117	117	foreach ($tables as $table) {
118	118	if (empty($pre) \|\| substr_count($table, $pre) > 0) {
119	119	// Do query
120		- $result = DB::queryRaw('SELECT * FROM ' . $table);
	120	+ $result = DB::queryRaw('SELECT * FROM '.$table);
121	121	DB::queryRaw(
122	122	'SELECT *
123	123	FROM INFORMATION_SCHEMA.COLUMNS
		@@ -129,19 +129,19 @@ discard block
		block discarded – undo
129	129	$numFields = DB::count();
130	130
131	131	// prepare a drop table
132		- $return .= 'DROP TABLE ' . $table . ';';
133		- $row2 = DB::queryfirstrow('SHOW CREATE TABLE ' . $table);
134		- $return .= "\n\n" . $row2['Create Table'] . ";\n\n";
	132	+ $return .= 'DROP TABLE '.$table.';';
	133	+ $row2 = DB::queryfirstrow('SHOW CREATE TABLE '.$table);
	134	+ $return .= "\n\n".$row2['Create Table'].";\n\n";
135	135
136	136	//prepare all fields and datas
137	137	for ($i = 0; $i < $numFields; ++$i) {
138	138	while ($row = $result->fetch_row()) {
139		- $return .= 'INSERT INTO ' . $table . ' VALUES(';
	139	+ $return .= 'INSERT INTO '.$table.' VALUES(';
140	140	for ($j = 0; $j < $numFields; ++$j) {
141	141	$row[$j] = addslashes($row[$j]);
142	142	$row[$j] = preg_replace("/\n/", '\\n', $row[$j]);
143	143	if (isset($row[$j])) {
144		- $return .= '"' . $row[$j] . '"';
	144	+ $return .= '"'.$row[$j].'"';
145	145	} else {
146	146	$return .= 'NULL';
147	147	}
		@@ -161,8 +161,8 @@ discard block
		block discarded – undo
161	161	$token = GenerateCryptKey(20, false, true, true, false, true, $SETTINGS);
162	162
163	163	//save file
164		- $filename = time() . '-' . $token . '.sql';
165		- $handle = fopen($SETTINGS['path_to_files_folder'] . '/' . $filename, 'w+');
	164	+ $filename = time().'-'.$token.'.sql';
	165	+ $handle = fopen($SETTINGS['path_to_files_folder'].'/'.$filename, 'w+');
166	166	if ($handle !== false) {
167	167	//write file
168	168	fwrite($handle, $return);
		@@ -174,17 +174,17 @@ discard block
		block discarded – undo
174	174	// Encrypt the file
175	175	prepareFileWithDefuse(
176	176	'encrypt',
177		- $SETTINGS['path_to_files_folder'] . '/' . $filename,
178		- $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $filename,
	177	+ $SETTINGS['path_to_files_folder'].'/'.$filename,
	178	+ $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$filename,
179	179	$SETTINGS,
180	180	$post_key
181	181	);
182	182
183	183	// Do clean
184		- unlink($SETTINGS['path_to_files_folder'] . '/' . $filename);
	184	+ unlink($SETTINGS['path_to_files_folder'].'/'.$filename);
185	185	rename(
186		- $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $filename,
187		- $SETTINGS['path_to_files_folder'] . '/' . $filename
	186	+ $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$filename,
	187	+ $SETTINGS['path_to_files_folder'].'/'.$filename
188	188	);
189	189	}
190	190
		@@ -204,9 +204,9 @@ discard block
		block discarded – undo
204	204	array(
205	205	'error' => false,
206	206	'message' => '',
207		- 'download' => 'sources/downloadFile.php?name=' . urlencode($filename) .
208		- '&sub=files&file=' . $filename . '&type=sql&key=' . $_SESSION['key'] . '&key_tmp=' .
209		- $_SESSION['key_tmp'] . '&pathIsFiles=1',
	207	+ 'download' => 'sources/downloadFile.php?name='.urlencode($filename).
	208	+ '&sub=files&file='.$filename.'&type=sql&key='.$_SESSION['key'].'&key_tmp='.
	209	+ $_SESSION['key_tmp'].'&pathIsFiles=1',
210	210	),
211	211	'encode'
212	212	);
		@@ -252,12 +252,12 @@ discard block
		block discarded – undo
252	252	$post_key = filter_var($dataReceived['encryptionKey'], FILTER_SANITIZE_STRING);
253	253	$post_backupFile = filter_var($dataReceived['backupFile'], FILTER_SANITIZE_STRING);
254	254
255		- include_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php';
	255	+ include_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php';
256	256
257	257	// Get filename from database
258	258	$data = DB::queryFirstRow(
259	259	'SELECT valeur
260		- FROM ' . prefixTable('misc') . '
	260	+ FROM ' . prefixTable('misc').'
261	261	WHERE increment_id = %i',
262	262	$post_backupFile
263	263	);
		@@ -276,22 +276,22 @@ discard block
		block discarded – undo
276	276	// Decrypt the file
277	277	$ret = prepareFileWithDefuse(
278	278	'decrypt',
279		- $SETTINGS['path_to_files_folder'] . '/' . $post_backupFile,
280		- $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $post_backupFile,
	279	+ $SETTINGS['path_to_files_folder'].'/'.$post_backupFile,
	280	+ $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$post_backupFile,
281	281	$SETTINGS,
282	282	$post_key
283	283	);
284	284
285	285	if (empty($ret) === false) {
286		- echo '[{"result":"db_restore" , "message":"' . $ret . '"}]';
	286	+ echo '[{"result":"db_restore" , "message":"'.$ret.'"}]';
287	287	break;
288	288	}
289	289
290	290	// Do clean
291		- fileDelete($SETTINGS['path_to_files_folder'] . '/' . $post_backupFile, $SETTINGS);
292		- $post_backupFile = $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $post_backupFile;
	291	+ fileDelete($SETTINGS['path_to_files_folder'].'/'.$post_backupFile, $SETTINGS);
	292	+ $post_backupFile = $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$post_backupFile;
293	293	} else {
294		- $post_backupFile = $SETTINGS['path_to_files_folder'] . '/' . $post_backupFile;
	294	+ $post_backupFile = $SETTINGS['path_to_files_folder'].'/'.$post_backupFile;
295	295	}
296	296
297	297	//read sql file

		@@ -43,16 +43,16 @@
		block discarded – undo
43	43	}
44	44
45	45	/* do checks */
46		-require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php';
	46	+require_once $SETTINGS['cpassman_dir'].'/sources/checks.php';
47	47	if (checkUser($_SESSION['user_id'], $_SESSION['key'], curPage($SETTINGS), $SETTINGS) === false) {
48	48	$_SESSION['error']['code'] = ERR_NOT_ALLOWED;
49	49	//not allowed page
50		- include $SETTINGS['cpassman_dir'] . '/error.php';
	50	+ include $SETTINGS['cpassman_dir'].'/error.php';
51	51	exit;
52	52	}
53	53
54	54	// Load
55		-require_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php';
	55	+require_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php';
56	56
57	57	?>
58	58

		@@ -37,12 +37,12 @@ discard block
		block discarded – undo
37	37	}
38	38
39	39	// Do checks
40		-require_once $SETTINGS['cpassman_dir'] . '/includes/config/include.php';
41		-require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php';
	40	+require_once $SETTINGS['cpassman_dir'].'/includes/config/include.php';
	41	+require_once $SETTINGS['cpassman_dir'].'/sources/checks.php';
42	42	if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'items', $SETTINGS) === false) {
43	43	// Not allowed page
44	44	$_SESSION['error']['code'] = ERR_NOT_ALLOWED;
45		- include $SETTINGS['cpassman_dir'] . '/error.php';
	45	+ include $SETTINGS['cpassman_dir'].'/error.php';
46	46	exit;
47	47	}
48	48
		@@ -55,14 +55,14 @@ discard block
		block discarded – undo
55	55	date_default_timezone_set('UTC');
56	56	}
57	57
58		-require_once $SETTINGS['cpassman_dir'] . '/includes/language/' . $_SESSION['user_language'] . '.php';
59		-require_once $SETTINGS['cpassman_dir'] . '/includes/config/settings.php';
	58	+require_once $SETTINGS['cpassman_dir'].'/includes/language/'.$_SESSION['user_language'].'.php';
	59	+require_once $SETTINGS['cpassman_dir'].'/includes/config/settings.php';
60	60	header('Content-type: text/html; charset=utf-8');
61	61	header('Cache-Control: no-cache, must-revalidate');
62	62	require_once 'main.functions.php';
63	63
64	64	// Connect to mysql server
65		-require_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Database/Meekrodb/db.class.php';
	65	+require_once $SETTINGS['cpassman_dir'].'/includes/libraries/Database/Meekrodb/db.class.php';
66	66	mysqli_connect(DB_HOST, DB_USER, defuseReturnDecrypted(DB_PASSWD, $SETTINGS), DB_NAME, (int) DB_PORT, null);
67	67
68	68	// Protect POST

		@@ -28,7 +28,7 @@
		block discarded – undo
28	28	require_once 'SecureHandler.php';
29	29	session_name('teampass_session');
30	30	session_start();
31		-if (! isset($_SESSION['CPM']) \|\| $_SESSION['CPM'] === false \|\| ! isset($_SESSION['key']) \|\| empty($_SESSION['key'])) {
	31	+if (!isset($_SESSION['CPM']) \|\| $_SESSION['CPM'] === false \|\| !isset($_SESSION['key']) \|\| empty($_SESSION['key'])) {
32	32	die('Hacking attempt...');
33	33	}
34	34

		@@ -51,7 +51,7 @@ discard block
		block discarded – undo
51	51	}
52	52
53	53	// Include files
54		-require_once $SETTINGS['cpassman_dir'] . '/includes/libraries/protect/SuperGlobal/SuperGlobal.php';
	54	+require_once $SETTINGS['cpassman_dir'].'/includes/libraries/protect/SuperGlobal/SuperGlobal.php';
55	55	$superGlobal = new protect\SuperGlobal\SuperGlobal();
56	56	// Prepare GET variables
57	57	$get_filename = $superGlobal->get('name', 'GET');
		@@ -59,17 +59,17 @@ discard block
		block discarded – undo
59	59	$get_pathIsFiles = $superGlobal->get('pathIsFiles', 'GET');
60	60
61	61	// prepare Encryption class calls
62		-header('Content-disposition: attachment; filename=' . rawurldecode(basename($get_filename)));
	62	+header('Content-disposition: attachment; filename='.rawurldecode(basename($get_filename)));
63	63	header('Content-Type: application/octet-stream');
64	64	header('Cache-Control: must-revalidate, no-cache, no-store');
65	65	header('Expires: 0');
66	66	if (isset($_GET['pathIsFiles']) && (int) $get_pathIsFiles === 1) {
67		- readfile($SETTINGS['path_to_files_folder'] . '/' . basename($get_filename));
	67	+ readfile($SETTINGS['path_to_files_folder'].'/'.basename($get_filename));
68	68	} else {
69	69	include_once 'main.functions.php';
70		- require_once $SETTINGS['cpassman_dir'] . '/includes/config/settings.php';
	70	+ require_once $SETTINGS['cpassman_dir'].'/includes/config/settings.php';
71	71	// connect to the server
72		- include_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Database/Meekrodb/db.class.php';
	72	+ include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Database/Meekrodb/db.class.php';
73	73	if (defined('DB_PASSWD_CLEAR') === false) {
74	74	define('DB_PASSWD_CLEAR', defuseReturnDecrypted(DB_PASSWD, $SETTINGS));
75	75	}
		@@ -83,8 +83,8 @@ discard block
		block discarded – undo
83	83	$file_info = DB::queryfirstrow(
84	84	'SELECT f.id AS id, f.file AS file, f.name AS name, f.status AS status, f.extension AS extension,
85	85	s.share_key AS share_key
86		- FROM ' . prefixTable('files') . ' AS f
87		- INNER JOIN ' . prefixTable('sharekeys_files') . ' AS s ON (f.id = s.object_id)
	86	+ FROM ' . prefixTable('files').' AS f
	87	+ INNER JOIN ' . prefixTable('sharekeys_files').' AS s ON (f.id = s.object_id)
88	88	WHERE s.user_id = %i AND s.object_id = %i',
89	89	$_SESSION['user_id'],
90	90	$get_fileid
		@@ -103,7 +103,7 @@ discard block
		block discarded – undo
103	103	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
104	104	header('Cache-Control: private', false);
105	105	header('Content-Type: application/octet-stream');
106		- header('Content-Disposition: attachment; filename="' . $filename . '.' . $file_info['extension'] . '";');
	106	+ header('Content-Disposition: attachment; filename="'.$filename.'.'.$file_info['extension'].'";');
107	107	header('Content-Transfer-Encoding: binary');
108	108	// Stream the CSV data
109	109	exit(base64_decode($fileContent));

		@@ -43,11 +43,11 @@
		block discarded – undo
43	43	}
44	44
45	45	/* do checks */
46		-require_once $SETTINGS['cpassman_dir'] . '/sources/checks.php';
	46	+require_once $SETTINGS['cpassman_dir'].'/sources/checks.php';
47	47	if (checkUser($_SESSION['user_id'], $_SESSION['key'], 'profile', $SETTINGS) === false) {
48	48	$_SESSION['error']['code'] = ERR_NOT_ALLOWED;
49	49	//not allowed page
50		- include $SETTINGS['cpassman_dir'] . '/error.php';
	50	+ include $SETTINGS['cpassman_dir'].'/error.php';
51	51	exit;
52	52	}
53	53	?>

nilsteampassnet / TeamPass

Push — teampass_3.0 ( 4c0075...5e4b29 )

Status

Category

Spacing +6 added lines, -6 removed lines patch added patch discarded remove patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Spacing +8 added lines, -8 removed lines patch added patch discarded remove patch

Spacing +32 added lines, -32 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

Spacing +3 added lines, -3 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch