nilsteampassnet /
TeamPass
@@ -67,7 +67,7 @@ discard block |
||
| 67 | 67 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('profile') === false) { |
| 68 | 68 | // Not allowed page |
| 69 | 69 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 70 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 70 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 71 | 71 | exit; |
| 72 | 72 | } |
| 73 | 73 | |
@@ -99,25 +99,25 @@ discard block |
||
| 99 | 99 | // prepare list of timezones |
| 100 | 100 | $zones = timezone_list(); |
| 101 | 101 | // prepare list of languages |
| 102 | -$languages = DB::query('SELECT label, name FROM ' . prefixTable('languages') . ' ORDER BY label ASC'); |
|
| 102 | +$languages = DB::query('SELECT label, name FROM '.prefixTable('languages').' ORDER BY label ASC'); |
|
| 103 | 103 | // Do some stats |
| 104 | -DB::query('SELECT id_item FROM ' . prefixTable('log_items') . ' WHERE action = "at_creation" AND id_user = "' . $session->get('user-id') . '"'); |
|
| 104 | +DB::query('SELECT id_item FROM '.prefixTable('log_items').' WHERE action = "at_creation" AND id_user = "'.$session->get('user-id').'"'); |
|
| 105 | 105 | $userItemsNumber = DB::count(); |
| 106 | -DB::query('SELECT id_item FROM ' . prefixTable('log_items') . ' WHERE action = "at_modification" AND id_user = "' . $session->get('user-id') . '"'); |
|
| 106 | +DB::query('SELECT id_item FROM '.prefixTable('log_items').' WHERE action = "at_modification" AND id_user = "'.$session->get('user-id').'"'); |
|
| 107 | 107 | $userModificationNumber = DB::count(); |
| 108 | -DB::query('SELECT id_item FROM ' . prefixTable('log_items') . ' WHERE action = "at_shown" AND id_user = "' . $session->get('user-id') . '"'); |
|
| 108 | +DB::query('SELECT id_item FROM '.prefixTable('log_items').' WHERE action = "at_shown" AND id_user = "'.$session->get('user-id').'"'); |
|
| 109 | 109 | $userSeenItemsNumber = DB::count(); |
| 110 | -DB::query('SELECT id_item FROM ' . prefixTable('log_items') . ' WHERE action = "at_password_shown" AND id_user = "' . $session->get('user-id') . '"'); |
|
| 110 | +DB::query('SELECT id_item FROM '.prefixTable('log_items').' WHERE action = "at_password_shown" AND id_user = "'.$session->get('user-id').'"'); |
|
| 111 | 111 | $userSeenPasswordsNumber = DB::count(); |
| 112 | 112 | $userInfo = DB::queryFirstRow( |
| 113 | 113 | 'SELECT avatar, last_pw_change |
| 114 | - FROM ' . prefixTable('users') . ' |
|
| 115 | - WHERE id = "' . $session->get('user-id') . '"' |
|
| 114 | + FROM ' . prefixTable('users').' |
|
| 115 | + WHERE id = "' . $session->get('user-id').'"' |
|
| 116 | 116 | ); |
| 117 | 117 | if (empty($userInfo['avatar']) === true) { |
| 118 | - $avatar = $SETTINGS['cpassman_url'] . '/includes/images/photo.jpg'; |
|
| 118 | + $avatar = $SETTINGS['cpassman_url'].'/includes/images/photo.jpg'; |
|
| 119 | 119 | } else { |
| 120 | - $avatar = $SETTINGS['cpassman_url'] . '/includes/avatars/' . $userInfo['avatar']; |
|
| 120 | + $avatar = $SETTINGS['cpassman_url'].'/includes/avatars/'.$userInfo['avatar']; |
|
| 121 | 121 | } |
| 122 | 122 | |
| 123 | 123 | // Get Groups name |
@@ -125,8 +125,8 @@ discard block |
||
| 125 | 125 | foreach ($session->get('user-roles_array') as $role) { |
| 126 | 126 | $tmp = DB::queryFirstRow( |
| 127 | 127 | 'SELECT title |
| 128 | - FROM ' . prefixTable('roles_title') . ' |
|
| 129 | - WHERE id = "' . $role . '"' |
|
| 128 | + FROM ' . prefixTable('roles_title').' |
|
| 129 | + WHERE id = "' . $role.'"' |
|
| 130 | 130 | ); |
| 131 | 131 | if ($tmp !== null) { |
| 132 | 132 | array_push($userParOfGroups, $tmp['title']); |
@@ -170,7 +170,7 @@ discard block |
||
| 170 | 170 | <h3 id="profile-username" class="text-center"> |
| 171 | 171 | <?php |
| 172 | 172 | if (null !== $session->get('user-name') && empty($session->get('user-name')) === false) { |
| 173 | - echo $session->get('user-name') . ' ' . $session->get('user-lastname'); |
|
| 173 | + echo $session->get('user-name').' '.$session->get('user-lastname'); |
|
| 174 | 174 | } else { |
| 175 | 175 | echo $session->get('user-login'); |
| 176 | 176 | } |
@@ -238,7 +238,7 @@ discard block |
||
| 238 | 238 | } else { |
| 239 | 239 | echo date('d/m/Y', (int) $session->get('user-last_connection')); |
| 240 | 240 | } |
| 241 | - echo ' ' . $lang->get('at') . ' '; |
|
| 241 | + echo ' '.$lang->get('at').' '; |
|
| 242 | 242 | if (isset($SETTINGS['time_format']) === true) { |
| 243 | 243 | echo date($SETTINGS['time_format'], (int) $session->get('user-last_connection')); |
| 244 | 244 | } else { |
@@ -248,7 +248,7 @@ discard block |
||
| 248 | 248 | </a> |
| 249 | 249 | </li> |
| 250 | 250 | <?php |
| 251 | - if (null !== $session->get('user-last_pw_change') && ! empty($session->get('user-last_pw_change') === true)) { |
|
| 251 | + if (null !== $session->get('user-last_pw_change') && !empty($session->get('user-last_pw_change') === true)) { |
|
| 252 | 252 | // Handle last password change string |
| 253 | 253 | if ($session->has('user-last_pw_change') && null !== $session->get('user-last_pw_change')) { |
| 254 | 254 | if (isset($SETTINGS['date_format']) === true) { |
@@ -268,12 +268,12 @@ discard block |
||
| 268 | 268 | ) { |
| 269 | 269 | $numDaysBeforePwExpiration = ''; |
| 270 | 270 | } else { |
| 271 | - $numDaysBeforePwExpiration = $LANG['index_pw_expiration'] . ' ' . $session->get('user-num_days_before_exp') . ' ' . $LANG['days'] . '.'; |
|
| 271 | + $numDaysBeforePwExpiration = $LANG['index_pw_expiration'].' '.$session->get('user-num_days_before_exp').' '.$LANG['days'].'.'; |
|
| 272 | 272 | } |
| 273 | 273 | echo ' |
| 274 | 274 | <li class="list-group-item"> |
| 275 | - <b><i class="fas fa-calendar-alt fa-fw fa-lg mr-2"></i>' . $lang->get('index_last_pw_change') . '</b> |
|
| 276 | - <a class="float-right">' . $last_pw_change . ' ' . $numDaysBeforePwExpiration . '</a> |
|
| 275 | + <b><i class="fas fa-calendar-alt fa-fw fa-lg mr-2"></i>' . $lang->get('index_last_pw_change').'</b> |
|
| 276 | + <a class="float-right">' . $last_pw_change.' '.$numDaysBeforePwExpiration.'</a> |
|
| 277 | 277 | </li>'; |
| 278 | 278 | } |
| 279 | 279 | ?> |
@@ -293,7 +293,7 @@ discard block |
||
| 293 | 293 | if (isset($SETTINGS['api']) === true && (int) $SETTINGS['api'] === 1) { |
| 294 | 294 | echo ' |
| 295 | 295 | <li class="list-group-item"> |
| 296 | - <b><i class="fas fa-paper-plane fa-fw fa-lg mr-2"></i>' . $lang->get('user_profile_api_key') . '</b> |
|
| 296 | + <b><i class="fas fa-paper-plane fa-fw fa-lg mr-2"></i>' . $lang->get('user_profile_api_key').'</b> |
|
| 297 | 297 | <button class="btn btn-sm btn-primary float-right" id="copy-api-key"><i class="fa-regular fa-copy pointer"></i></button> |
| 298 | 298 | <a class="float-right mr-2" id="profile-user-api-token">', |
| 299 | 299 | null !== $session->get('user-api_key') ? $session->get('user-api_key') : '', |
@@ -323,12 +323,12 @@ discard block |
||
| 323 | 323 | <?php |
| 324 | 324 | $rows = DB::query( |
| 325 | 325 | 'SELECT label AS labelAction, date, null |
| 326 | - FROM ' . prefixTable('log_system') . ' |
|
| 326 | + FROM ' . prefixTable('log_system').' |
|
| 327 | 327 | WHERE qui = %i |
| 328 | 328 | UNION |
| 329 | 329 | SELECT l.action, l.date, i.label AS itemLabel |
| 330 | - FROM ' . prefixTable('log_items') . ' AS l |
|
| 331 | - INNER JOIN ' . prefixTable('items') . ' AS i ON (l.id_item = i.id) |
|
| 330 | + FROM ' . prefixTable('log_items').' AS l |
|
| 331 | + INNER JOIN ' . prefixTable('items').' AS i ON (l.id_item = i.id) |
|
| 332 | 332 | WHERE l.id_user = %i AND l.action IN ("at_access") |
| 333 | 333 | ORDER BY date DESC |
| 334 | 334 | LIMIT 0, 40', |
@@ -342,9 +342,9 @@ discard block |
||
| 342 | 342 | $text = $lang->get($record['labelAction']); |
| 343 | 343 | } |
| 344 | 344 | if (empty($record['NULL']) === false) { |
| 345 | - $text .= ' ' . $lang->get('for') . ' <span class="font-weight-light">' . addslashes($record['NULL']) . '</span>'; |
|
| 345 | + $text .= ' '.$lang->get('for').' <span class="font-weight-light">'.addslashes($record['NULL']).'</span>'; |
|
| 346 | 346 | } |
| 347 | - echo '<li class="list-group-item">' . date($SETTINGS['date_format'] . ' ' . $SETTINGS['time_format'], (int) $record['date']) . ' - ' . $text . '</li>'; |
|
| 347 | + echo '<li class="list-group-item">'.date($SETTINGS['date_format'].' '.$SETTINGS['time_format'], (int) $record['date']).' - '.$text.'</li>'; |
|
| 348 | 348 | } |
| 349 | 349 | ?> |
| 350 | 350 | </ul> |
@@ -376,13 +376,13 @@ discard block |
||
| 376 | 376 | </div> |
| 377 | 377 | |
| 378 | 378 | <div class="form-group"> |
| 379 | - <label class="col-sm-10 control-label"><?php echo $lang->get('timezone_selection');?></label> |
|
| 379 | + <label class="col-sm-10 control-label"><?php echo $lang->get('timezone_selection'); ?></label> |
|
| 380 | 380 | <div class="col-sm-10"> |
| 381 | 381 | <select class="form-control" id="profile-user-timezone"> |
| 382 | 382 | <?php foreach ($zones as $key => $zone): ?> |
| 383 | 383 | <option value="<?php echo $key; ?>"<?php |
| 384 | 384 | if ($session->has('user-timezone')) |
| 385 | - if($session->get('user-timezone') === $key) |
|
| 385 | + if ($session->get('user-timezone') === $key) |
|
| 386 | 386 | echo ' selected'; |
| 387 | 387 | elseif ($session->get('user-timezone') === 'not_defined') |
| 388 | 388 | if (isset($SETTINGS['timezone']) && $SETTINGS['timezone'] === $key) |
@@ -398,10 +398,10 @@ discard block |
||
| 398 | 398 | <select class="form-control" id="profile-user-language"> |
| 399 | 399 | <?php |
| 400 | 400 | foreach ($languages as $language) { |
| 401 | - echo '<option value="' . $language['name'] . '"', |
|
| 401 | + echo '<option value="'.$language['name'].'"', |
|
| 402 | 402 | strtolower($session->get('user-language')) === strtolower($language['name']) ? |
| 403 | 403 | ' selected="selected"' : '', |
| 404 | - '>' . $language['label'] . '</option>'; |
|
| 404 | + '>'.$language['label'].'</option>'; |
|
| 405 | 405 | } |
| 406 | 406 | ?> |
| 407 | 407 | </select> |
@@ -413,11 +413,11 @@ discard block |
||
| 413 | 413 | <div class="col-sm-10"> |
| 414 | 414 | <select class="form-control" id="profile-user-treeloadstrategy"> |
| 415 | 415 | |
| 416 | - <option value="sequential" <?php echo $session->has('user-tree_load_strategy') && $session->get('user-tree_load_strategy') && null !== $session->get('user-tree_load_strategy') && $session->get('user-tree_load_strategy') === 'sequential' ? ' selected' : '';?>> |
|
| 416 | + <option value="sequential" <?php echo $session->has('user-tree_load_strategy') && $session->get('user-tree_load_strategy') && null !== $session->get('user-tree_load_strategy') && $session->get('user-tree_load_strategy') === 'sequential' ? ' selected' : ''; ?>> |
|
| 417 | 417 | <?php echo $lang->get('sequential'); ?> |
| 418 | 418 | </option> |
| 419 | 419 | |
| 420 | - <option value="full" <?php echo $session->has('user-tree_load_strategy') && $session->get('user-tree_load_strategy') && null !== $session->get('user-tree_load_strategy') && $session->get('user-tree_load_strategy') === 'full' ? ' selected' : '';?>> |
|
| 420 | + <option value="full" <?php echo $session->has('user-tree_load_strategy') && $session->get('user-tree_load_strategy') && null !== $session->get('user-tree_load_strategy') && $session->get('user-tree_load_strategy') === 'full' ? ' selected' : ''; ?>> |
|
| 421 | 421 | <?php echo $lang->get('full'); ?> |
| 422 | 422 | </option> |
| 423 | 423 | </select> |
@@ -429,11 +429,11 @@ discard block |
||
| 429 | 429 | <div class="col-sm-10"> |
| 430 | 430 | <select class="form-control" id="profile-user-split_view_mode"> |
| 431 | 431 | |
| 432 | - <option value="0" <?php echo $session->has('user-split_view_mode') && $session->get('user-split_view_mode') && null !== $session->get('user-split_view_mode') && $session->get('user-split_view_mode') === 0 ? 'selected' : '';?>> |
|
| 432 | + <option value="0" <?php echo $session->has('user-split_view_mode') && $session->get('user-split_view_mode') && null !== $session->get('user-split_view_mode') && $session->get('user-split_view_mode') === 0 ? 'selected' : ''; ?>> |
|
| 433 | 433 | <?php echo $lang->get('no'); ?> |
| 434 | 434 | </option> |
| 435 | 435 | |
| 436 | - <option value="1" <?php echo $session->has('user-split_view_mode') && $session->get('user-split_view_mode') && null !== $session->get('user-split_view_mode') && (int) $session->get('user-split_view_mode') === 1 ? 'selected' : '';?>> |
|
| 436 | + <option value="1" <?php echo $session->has('user-split_view_mode') && $session->get('user-split_view_mode') && null !== $session->get('user-split_view_mode') && (int) $session->get('user-split_view_mode') === 1 ? 'selected' : ''; ?>> |
|
| 437 | 437 | <?php echo $lang->get('yes'); ?> |
| 438 | 438 | </option> |
| 439 | 439 | </select> |
@@ -468,7 +468,7 @@ discard block |
||
| 468 | 468 | <button type="button" class="btn btn-warning float-right ml-2" id="profile-avatar-file"><?php echo $lang->get('upload_new_avatar'); ?></button> |
| 469 | 469 | <?php |
| 470 | 470 | if (isset($SETTINGS['api']) === true && (int) $SETTINGS['api'] === 1) { |
| 471 | - echo '<button type="button" class="btn btn-warning float-right" id="profile-button-api_token">' . $lang->get('generate_api_token') . '</button>'; |
|
| 471 | + echo '<button type="button" class="btn btn-warning float-right" id="profile-button-api_token">'.$lang->get('generate_api_token').'</button>'; |
|
| 472 | 472 | } |
| 473 | 473 | ?> |
| 474 | 474 | <div id="profile-avatar-file-container" class="hidden"></div> |
@@ -147,7 +147,7 @@ discard block |
||
| 147 | 147 | $sessionPwdAttempts = $session->get('pwd_attempts'); |
| 148 | 148 | $sessionUrl = $session->get('user-initial_url'); |
| 149 | 149 | $server = []; |
| 150 | - $server['PHP_AUTH_USER'] = $request->getUser(); |
|
| 150 | + $server['PHP_AUTH_USER'] = $request->getUser(); |
|
| 151 | 151 | $server['PHP_AUTH_PW'] = $request->getPassword(); |
| 152 | 152 | |
| 153 | 153 | // decrypt and retreive data in JSON format |
@@ -162,18 +162,18 @@ discard block |
||
| 162 | 162 | } |
| 163 | 163 | |
| 164 | 164 | // Check if Duo auth is in progress and pass the pw and login back to the standard login process |
| 165 | - if( |
|
| 165 | + if ( |
|
| 166 | 166 | isKeyExistingAndEqual('duo', 1, $SETTINGS) === true |
| 167 | 167 | && $dataReceived['user_2fa_selection'] === 'duo' |
| 168 | 168 | && $session->get('user-duo_status') === 'IN_PROGRESS' |
| 169 | 169 | && !empty($dataReceived['duo_state']) |
| 170 | - ){ |
|
| 170 | + ) { |
|
| 171 | 171 | $key = hash('sha256', $dataReceived['duo_state']); |
| 172 | 172 | $iv = substr(hash('sha256', $dataReceived['duo_state']), 0, 16); |
| 173 | 173 | $duo_data_dec = openssl_decrypt(base64_decode($session->get('user-duo_data')), 'AES-256-CBC', $key, 0, $iv); |
| 174 | 174 | // Clear the data from the Duo process to continue clean with the standard login process |
| 175 | - $session->set('user-duo_data',''); |
|
| 176 | - if($duo_data_dec === false) { |
|
| 175 | + $session->set('user-duo_data', ''); |
|
| 176 | + if ($duo_data_dec === false) { |
|
| 177 | 177 | // Add failed authentication log |
| 178 | 178 | addFailedAuthentication($username, getClientIpServer()); |
| 179 | 179 | |
@@ -191,7 +191,7 @@ discard block |
||
| 191 | 191 | $dataReceived['login'] = $duo_data['duo_login']; |
| 192 | 192 | } |
| 193 | 193 | |
| 194 | - if(isset($dataReceived['pw']) === false || isset($dataReceived['login']) === false) { |
|
| 194 | + if (isset($dataReceived['pw']) === false || isset($dataReceived['login']) === false) { |
|
| 195 | 195 | echo json_encode([ |
| 196 | 196 | 'data' => prepareExchangedData( |
| 197 | 197 | [ |
@@ -538,7 +538,7 @@ discard block |
||
| 538 | 538 | } |
| 539 | 539 | // Append with roles from AD groups |
| 540 | 540 | if (is_null($userInfo['roles_from_ad_groups']) === false) { |
| 541 | - $userInfo['fonction_id'] = empty($userInfo['fonction_id']) === true ? $userInfo['roles_from_ad_groups'] : $userInfo['fonction_id']. ';' . $userInfo['roles_from_ad_groups']; |
|
| 541 | + $userInfo['fonction_id'] = empty($userInfo['fonction_id']) === true ? $userInfo['roles_from_ad_groups'] : $userInfo['fonction_id'].';'.$userInfo['roles_from_ad_groups']; |
|
| 542 | 542 | } |
| 543 | 543 | // store |
| 544 | 544 | $session->set('user-roles', $userInfo['fonction_id']); |
@@ -550,7 +550,7 @@ discard block |
||
| 550 | 550 | if (count($session->get('user-roles_array')) > 0) { |
| 551 | 551 | $rolesList = DB::query( |
| 552 | 552 | 'SELECT id, title, complexity |
| 553 | - FROM ' . prefixTable('roles_title') . ' |
|
| 553 | + FROM ' . prefixTable('roles_title').' |
|
| 554 | 554 | WHERE id IN %li', |
| 555 | 555 | $session->get('user-roles_array') |
| 556 | 556 | ); |
@@ -596,7 +596,7 @@ discard block |
||
| 596 | 596 | if ($adjustPermissions) { |
| 597 | 597 | $session->set('user-admin', (int) $userInfo['admin']); |
| 598 | 598 | $session->set('user-manager', (int) $userInfo['gestionnaire']); |
| 599 | - $session->set('user-can_manage_all_users',(int) $userInfo['can_manage_all_users']); |
|
| 599 | + $session->set('user-can_manage_all_users', (int) $userInfo['can_manage_all_users']); |
|
| 600 | 600 | $session->set('user-read_only', (int) $userInfo['read_only']); |
| 601 | 601 | DB::update( |
| 602 | 602 | prefixTable('users'), |
@@ -667,10 +667,10 @@ discard block |
||
| 667 | 667 | $session->set('user-latest_items_tab', []); |
| 668 | 668 | $session->set('user-nb_roles', 0); |
| 669 | 669 | foreach ($session->get('user-latest_items') as $item) { |
| 670 | - if (! empty($item)) { |
|
| 670 | + if (!empty($item)) { |
|
| 671 | 671 | $dataLastItems = DB::queryFirstRow( |
| 672 | 672 | 'SELECT id,label,id_tree |
| 673 | - FROM ' . prefixTable('items') . ' |
|
| 673 | + FROM ' . prefixTable('items').' |
|
| 674 | 674 | WHERE id=%i', |
| 675 | 675 | $item |
| 676 | 676 | ); |
@@ -679,7 +679,7 @@ discard block |
||
| 679 | 679 | [ |
| 680 | 680 | 'id' => $item, |
| 681 | 681 | 'label' => $dataLastItems['label'], |
| 682 | - 'url' => 'index.php?page=items&group=' . $dataLastItems['id_tree'] . '&id=' . $item, |
|
| 682 | + 'url' => 'index.php?page=items&group='.$dataLastItems['id_tree'].'&id='.$item, |
|
| 683 | 683 | ], |
| 684 | 684 | 'add' |
| 685 | 685 | ); |
@@ -689,7 +689,7 @@ discard block |
||
| 689 | 689 | // Get cahce tree info |
| 690 | 690 | $cacheTreeData = DB::queryFirstRow( |
| 691 | 691 | 'SELECT visible_folders |
| 692 | - FROM ' . prefixTable('cache_tree') . ' |
|
| 692 | + FROM ' . prefixTable('cache_tree').' |
|
| 693 | 693 | WHERE user_id=%i', |
| 694 | 694 | (int) $session->get('user-id') |
| 695 | 695 | ); |
@@ -721,7 +721,7 @@ discard block |
||
| 721 | 721 | && (int) $sessionAdmin !== 1 |
| 722 | 722 | ) { |
| 723 | 723 | // get all Admin users |
| 724 | - $val = DB::queryfirstrow('SELECT email FROM ' . prefixTable('users') . " WHERE admin = %i and email != ''", 1); |
|
| 724 | + $val = DB::queryfirstrow('SELECT email FROM '.prefixTable('users')." WHERE admin = %i and email != ''", 1); |
|
| 725 | 725 | if (DB::count() > 0) { |
| 726 | 726 | // Add email to table |
| 727 | 727 | prepareSendingEmail( |
@@ -733,7 +733,7 @@ discard block |
||
| 733 | 733 | '#tp_time#', |
| 734 | 734 | ], |
| 735 | 735 | [ |
| 736 | - ' ' . $session->get('user-login') . ' (IP: ' . getClientIpServer() . ')', |
|
| 736 | + ' '.$session->get('user-login').' (IP: '.getClientIpServer().')', |
|
| 737 | 737 | date($SETTINGS['date_format'], (int) $session->get('user-last_connection')), |
| 738 | 738 | date($SETTINGS['time_format'], (int) $session->get('user-last_connection')), |
| 739 | 739 | ], |
@@ -844,7 +844,7 @@ discard block |
||
| 844 | 844 | { |
| 845 | 845 | $rows = DB::query( |
| 846 | 846 | 'SELECT date |
| 847 | - FROM ' . prefixTable('log_system') . " |
|
| 847 | + FROM ' . prefixTable('log_system')." |
|
| 848 | 848 | WHERE field_1 = %s |
| 849 | 849 | AND type = 'failed_auth' |
| 850 | 850 | AND label = 'password_is_not_correct' |
@@ -858,7 +858,7 @@ discard block |
||
| 858 | 858 | foreach ($rows as $record) { |
| 859 | 859 | array_push( |
| 860 | 860 | $arrAttempts, |
| 861 | - date($SETTINGS['date_format'] . ' ' . $SETTINGS['time_format'], (int) $record['date']) |
|
| 861 | + date($SETTINGS['date_format'].' '.$SETTINGS['time_format'], (int) $record['date']) |
|
| 862 | 862 | ); |
| 863 | 863 | } |
| 864 | 864 | } |
@@ -893,7 +893,7 @@ discard block |
||
| 893 | 893 | $ldapConnection |
| 894 | 894 | ) : bool |
| 895 | 895 | { |
| 896 | - include_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php'; |
|
| 896 | + include_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php'; |
|
| 897 | 897 | |
| 898 | 898 | if ((int) $userInfoDisabled === 1) { |
| 899 | 899 | return false; |
@@ -1064,7 +1064,7 @@ discard block |
||
| 1064 | 1064 | $openLdapExtra = new OpenLdapExtra(); |
| 1065 | 1065 | break; |
| 1066 | 1066 | default: |
| 1067 | - throw new Exception("Unsupported LDAP type: " . $SETTINGS['ldap_type']); |
|
| 1067 | + throw new Exception("Unsupported LDAP type: ".$SETTINGS['ldap_type']); |
|
| 1068 | 1068 | } |
| 1069 | 1069 | } catch (Exception $e) { |
| 1070 | 1070 | return [ |
@@ -1077,7 +1077,7 @@ discard block |
||
| 1077 | 1077 | // 2- Get user info from AD |
| 1078 | 1078 | // We want to isolate attribute ldap_user_attribute or mostly samAccountName |
| 1079 | 1079 | $userADInfos = $ldapConnection->query() |
| 1080 | - ->where((isset($SETTINGS['ldap_user_attribute']) ===true && empty($SETTINGS['ldap_user_attribute']) === false) ? $SETTINGS['ldap_user_attribute'] : 'samaccountname', '=', $username) |
|
| 1080 | + ->where((isset($SETTINGS['ldap_user_attribute']) === true && empty($SETTINGS['ldap_user_attribute']) === false) ? $SETTINGS['ldap_user_attribute'] : 'samaccountname', '=', $username) |
|
| 1081 | 1081 | ->firstOrFail(); |
| 1082 | 1082 | |
| 1083 | 1083 | // Is user enabled? Only ActiveDirectory |
@@ -1095,7 +1095,7 @@ discard block |
||
| 1095 | 1095 | // For OpenLDAP and others, we use attribute dn |
| 1096 | 1096 | $userAuthAttempt = $ldapConnection->auth()->attempt( |
| 1097 | 1097 | $SETTINGS['ldap_type'] === 'ActiveDirectory' ? |
| 1098 | - $userADInfos['userprincipalname'][0] : // refering to https://ldaprecord.com/docs/core/v2/authentication#basic-authentication |
|
| 1098 | + $userADInfos['userprincipalname'][0] : // refering to https://ldaprecord.com/docs/core/v2/authentication#basic-authentication |
|
| 1099 | 1099 | $userADInfos['dn'], |
| 1100 | 1100 | $passwordClear |
| 1101 | 1101 | ); |
@@ -1178,7 +1178,7 @@ discard block |
||
| 1178 | 1178 | // error |
| 1179 | 1179 | return [ |
| 1180 | 1180 | 'error' => true, |
| 1181 | - 'message' => "Error: Unsupported LDAP type: " . $SETTINGS['ldap_type'], |
|
| 1181 | + 'message' => "Error: Unsupported LDAP type: ".$SETTINGS['ldap_type'], |
|
| 1182 | 1182 | ]; |
| 1183 | 1183 | } |
| 1184 | 1184 | |
@@ -1213,12 +1213,12 @@ discard block |
||
| 1213 | 1213 | if (isset($SETTINGS['enable_ad_users_with_ad_groups']) === true && (int) $SETTINGS['enable_ad_users_with_ad_groups'] === 1) { |
| 1214 | 1214 | // Get user groups from AD |
| 1215 | 1215 | $user_ad_groups = []; |
| 1216 | - foreach($groups as $group) { |
|
| 1216 | + foreach ($groups as $group) { |
|
| 1217 | 1217 | //print_r($group); |
| 1218 | 1218 | // get relation role id for AD group |
| 1219 | 1219 | $role = DB::queryFirstRow( |
| 1220 | 1220 | 'SELECT lgr.role_id |
| 1221 | - FROM ' . prefixTable('ldap_groups_roles') . ' AS lgr |
|
| 1221 | + FROM ' . prefixTable('ldap_groups_roles').' AS lgr |
|
| 1222 | 1222 | WHERE lgr.ldap_group_id = %s', |
| 1223 | 1223 | $group |
| 1224 | 1224 | ); |
@@ -1363,7 +1363,7 @@ discard block |
||
| 1363 | 1363 | } |
| 1364 | 1364 | |
| 1365 | 1365 | // Now check yubico validity |
| 1366 | - include_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Authentication/Yubico/Yubico.php'; |
|
| 1366 | + include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Authentication/Yubico/Yubico.php'; |
|
| 1367 | 1367 | $yubi = new Auth_Yubico($yubico_user_id, $yubico_user_key); |
| 1368 | 1368 | $auth = $yubi->verify($yubico_key); |
| 1369 | 1369 | //, null, null, null, 60 |
@@ -1422,7 +1422,7 @@ discard block |
||
| 1422 | 1422 | // Check if exists in DB |
| 1423 | 1423 | $groupData = DB::queryFirstRow( |
| 1424 | 1424 | 'SELECT id |
| 1425 | - FROM ' . prefixTable('roles_title') . ' |
|
| 1425 | + FROM ' . prefixTable('roles_title').' |
|
| 1426 | 1426 | WHERE title = %s', |
| 1427 | 1427 | $group["displayName"] |
| 1428 | 1428 | ); |
@@ -1551,7 +1551,7 @@ discard block |
||
| 1551 | 1551 | |
| 1552 | 1552 | // generate new QR |
| 1553 | 1553 | $new_2fa_qr = $tfa->getQRCodeImageAsDataUri( |
| 1554 | - 'Teampass - ' . $username, |
|
| 1554 | + 'Teampass - '.$username, |
|
| 1555 | 1555 | $userInfo['ga'] |
| 1556 | 1556 | ); |
| 1557 | 1557 | // clear temporary code from DB |
@@ -1564,7 +1564,7 @@ discard block |
||
| 1564 | 1564 | $userInfo['id'] |
| 1565 | 1565 | ); |
| 1566 | 1566 | $firstTime = [ |
| 1567 | - 'value' => '<img src="' . $new_2fa_qr . '">', |
|
| 1567 | + 'value' => '<img src="'.$new_2fa_qr.'">', |
|
| 1568 | 1568 | 'user_admin' => isset($sessionAdmin) ? (int) $sessionAdmin : '', |
| 1569 | 1569 | 'initial_url' => isset($sessionUrl) === true ? $sessionUrl : '', |
| 1570 | 1570 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
@@ -1720,7 +1720,7 @@ discard block |
||
| 1720 | 1720 | }*/ |
| 1721 | 1721 | return [ |
| 1722 | 1722 | 'error' => true, |
| 1723 | - 'message' => $duo_error . $lang->get('duo_error_check_config'), |
|
| 1723 | + 'message' => $duo_error.$lang->get('duo_error_check_config'), |
|
| 1724 | 1724 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1725 | 1725 | 'debug_message' => $e->getMessage(), |
| 1726 | 1726 | 'proceedIdentification' => false, |
@@ -1736,7 +1736,7 @@ discard block |
||
| 1736 | 1736 | } catch (DuoException $e) { |
| 1737 | 1737 | return [ |
| 1738 | 1738 | 'error' => true, |
| 1739 | - 'message' => $duo_error . $lang->get('duo_error_url'), |
|
| 1739 | + 'message' => $duo_error.$lang->get('duo_error_url'), |
|
| 1740 | 1740 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1741 | 1741 | 'debug_message' => $e->getMessage(), |
| 1742 | 1742 | 'proceedIdentification' => false, |
@@ -1744,7 +1744,7 @@ discard block |
||
| 1744 | 1744 | } |
| 1745 | 1745 | |
| 1746 | 1746 | // Somethimes Duo return success but fail to return a URL, double check if the URL has been created |
| 1747 | - if (!empty($duo_redirect_url) && isset($duo_redirect_url) && filter_var($duo_redirect_url,FILTER_SANITIZE_URL)) { |
|
| 1747 | + if (!empty($duo_redirect_url) && isset($duo_redirect_url) && filter_var($duo_redirect_url, FILTER_SANITIZE_URL)) { |
|
| 1748 | 1748 | // Since Duo Universal requires a redirect, let's store some info when the user get's back after completing the Duo prompt |
| 1749 | 1749 | $key = hash('sha256', $duo_state); |
| 1750 | 1750 | $iv = substr(hash('sha256', $duo_state), 0, 16); |
@@ -1772,7 +1772,7 @@ discard block |
||
| 1772 | 1772 | } else { |
| 1773 | 1773 | return [ |
| 1774 | 1774 | 'error' => true, |
| 1775 | - 'message' => $duo_error . $lang->get('duo_error_url'), |
|
| 1775 | + 'message' => $duo_error.$lang->get('duo_error_url'), |
|
| 1776 | 1776 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1777 | 1777 | 'proceedIdentification' => false, |
| 1778 | 1778 | ]; |
@@ -1793,8 +1793,8 @@ discard block |
||
| 1793 | 1793 | // return the response (which should be the user name) |
| 1794 | 1794 | if ($decoded_token['preferred_username'] === $username) { |
| 1795 | 1795 | $session->set('user-duo_status', 'COMPLET'); |
| 1796 | - $session->set('user-duo_state',''); |
|
| 1797 | - $session->set('user-duo_data',''); |
|
| 1796 | + $session->set('user-duo_state', ''); |
|
| 1797 | + $session->set('user-duo_data', ''); |
|
| 1798 | 1798 | $session->set('user-login', $username); |
| 1799 | 1799 | |
| 1800 | 1800 | return [ |
@@ -1805,9 +1805,9 @@ discard block |
||
| 1805 | 1805 | ]; |
| 1806 | 1806 | } else { |
| 1807 | 1807 | // Something wrong, username from the original Duo request is different than the one received now |
| 1808 | - $session->set('user-duo_status',''); |
|
| 1809 | - $session->set('user-duo_state',''); |
|
| 1810 | - $session->set('user-duo_data',''); |
|
| 1808 | + $session->set('user-duo_status', ''); |
|
| 1809 | + $session->set('user-duo_state', ''); |
|
| 1810 | + $session->set('user-duo_data', ''); |
|
| 1811 | 1811 | |
| 1812 | 1812 | return [ |
| 1813 | 1813 | 'error' => true, |
@@ -1818,9 +1818,9 @@ discard block |
||
| 1818 | 1818 | } |
| 1819 | 1819 | } |
| 1820 | 1820 | // If we are here something wrong |
| 1821 | - $session->set('user-duo_status',''); |
|
| 1822 | - $session->set('user-duo_state',''); |
|
| 1823 | - $session->set('user-duo_data',''); |
|
| 1821 | + $session->set('user-duo_status', ''); |
|
| 1822 | + $session->set('user-duo_state', ''); |
|
| 1823 | + $session->set('user-duo_data', ''); |
|
| 1824 | 1824 | return [ |
| 1825 | 1825 | 'error' => true, |
| 1826 | 1826 | 'message' => $lang->get('duo_login_mismatch'), |
@@ -1932,7 +1932,7 @@ discard block |
||
| 1932 | 1932 | // Check for existing lock |
| 1933 | 1933 | $unlock_at = DB::queryFirstField( |
| 1934 | 1934 | 'SELECT MAX(unlock_at) |
| 1935 | - FROM ' . prefixTable('auth_failures') . ' |
|
| 1935 | + FROM ' . prefixTable('auth_failures').' |
|
| 1936 | 1936 | WHERE unlock_at > %s |
| 1937 | 1937 | AND ((source = %s AND value = %s) OR (source = %s AND value = %s))', |
| 1938 | 1938 | date('Y-m-d H:i:s', time()), |
@@ -1954,8 +1954,8 @@ discard block |
||
| 1954 | 1954 | // Get user info from DB |
| 1955 | 1955 | $data = DB::queryFirstRow( |
| 1956 | 1956 | 'SELECT u.*, a.value AS api_key |
| 1957 | - FROM ' . prefixTable('users') . ' AS u |
|
| 1958 | - LEFT JOIN ' . prefixTable('api') . ' AS a ON (u.id = a.user_id) |
|
| 1957 | + FROM ' . prefixTable('users').' AS u |
|
| 1958 | + LEFT JOIN ' . prefixTable('api').' AS a ON (u.id = a.user_id) |
|
| 1959 | 1959 | WHERE login = %s AND deleted_at IS NULL', |
| 1960 | 1960 | $login |
| 1961 | 1961 | ); |
@@ -2080,7 +2080,7 @@ discard block |
||
| 2080 | 2080 | 'array' => [ |
| 2081 | 2081 | 'value' => 'bruteforce_wait', |
| 2082 | 2082 | 'error' => true, |
| 2083 | - 'message' => $lang->get('bruteforce_wait') . (string) $e->getMessage(), |
|
| 2083 | + 'message' => $lang->get('bruteforce_wait').(string) $e->getMessage(), |
|
| 2084 | 2084 | ] |
| 2085 | 2085 | ]; |
| 2086 | 2086 | } |
@@ -2491,15 +2491,15 @@ discard block |
||
| 2491 | 2491 | |
| 2492 | 2492 | if ($ret['error'] !== false) { |
| 2493 | 2493 | logEvents($SETTINGS, 'failed_auth', 'bad_duo_mfa', '', stripslashes($username), stripslashes($username)); |
| 2494 | - $session->set('user-duo_status',''); |
|
| 2495 | - $session->set('user-duo_state',''); |
|
| 2496 | - $session->set('user-duo_data',''); |
|
| 2494 | + $session->set('user-duo_status', ''); |
|
| 2495 | + $session->set('user-duo_state', ''); |
|
| 2496 | + $session->set('user-duo_data', ''); |
|
| 2497 | 2497 | return [ |
| 2498 | 2498 | 'error' => true, |
| 2499 | 2499 | 'mfaData' => $ret, |
| 2500 | 2500 | 'mfaQRCodeInfos' => false, |
| 2501 | 2501 | ]; |
| 2502 | - } else if ($ret['duo_url_ready'] === true){ |
|
| 2502 | + } else if ($ret['duo_url_ready'] === true) { |
|
| 2503 | 2503 | return [ |
| 2504 | 2504 | 'error' => false, |
| 2505 | 2505 | 'mfaData' => $ret, |
@@ -2563,7 +2563,7 @@ discard block |
||
| 2563 | 2563 | // Count failed attempts from this source |
| 2564 | 2564 | $count = DB::queryFirstField( |
| 2565 | 2565 | 'SELECT COUNT(*) |
| 2566 | - FROM ' . prefixTable('auth_failures') . ' |
|
| 2566 | + FROM ' . prefixTable('auth_failures').' |
|
| 2567 | 2567 | WHERE source = %s AND value = %s', |
| 2568 | 2568 | $source, |
| 2569 | 2569 | $value |
