nilsteampassnet /
TeamPass
@@ -309,7 +309,7 @@ |
||
| 309 | 309 | BeforeUpload: function (up, file) { |
| 310 | 310 | $("#import_status_ajax_loader").show(); |
| 311 | 311 | up.settings.multipart_params = { |
| 312 | - "PHPSESSID":"<?php echo $_SESSION['user_id'];?>", |
|
| 312 | + "PHPSESSID":"<?php echo $_SESSION['user_id']; ?>", |
|
| 313 | 313 | "type_upload":"import_items_from_keypass", |
| 314 | 314 | "user_token": $("#import_user_token").val() |
| 315 | 315 | }; |
@@ -125,16 +125,16 @@ discard block |
||
| 125 | 125 | $superGlobal = new protect\SuperGlobal\SuperGlobal(); |
| 126 | 126 | |
| 127 | 127 | // Prepare superGlobal variables |
| 128 | - $session_forbiden_pfs = $superGlobal->get("forbiden_pfs", "SESSION"); |
|
| 129 | - $session_groupes_visibles = $superGlobal->get("groupes_visibles", "SESSION"); |
|
| 130 | - $session_list_restricted_folders_for_items = $superGlobal->get("list_restricted_folders_for_items", "SESSION"); |
|
| 131 | - $session_user_id = $superGlobal->get("user_id", "SESSION"); |
|
| 132 | - $session_login = $superGlobal->get("login", "SESSION"); |
|
| 133 | - $session_no_access_folders = $superGlobal->get("no_access_folders", "SESSION"); |
|
| 134 | - $session_list_folders_limited = $superGlobal->get("list_folders_limited", "SESSION"); |
|
| 135 | - $session_read_only_folders = $superGlobal->get("read_only_folders", "SESSION"); |
|
| 136 | - $session_personal_folders = $superGlobal->get("personal_folders", "SESSION"); |
|
| 137 | - $session_personal_visible_groups = $superGlobal->get("personal_visible_groups", "SESSION"); |
|
| 128 | + $session_forbiden_pfs = $superGlobal->get("forbiden_pfs", "SESSION"); |
|
| 129 | + $session_groupes_visibles = $superGlobal->get("groupes_visibles", "SESSION"); |
|
| 130 | + $session_list_restricted_folders_for_items = $superGlobal->get("list_restricted_folders_for_items", "SESSION"); |
|
| 131 | + $session_user_id = $superGlobal->get("user_id", "SESSION"); |
|
| 132 | + $session_login = $superGlobal->get("login", "SESSION"); |
|
| 133 | + $session_no_access_folders = $superGlobal->get("no_access_folders", "SESSION"); |
|
| 134 | + $session_list_folders_limited = $superGlobal->get("list_folders_limited", "SESSION"); |
|
| 135 | + $session_read_only_folders = $superGlobal->get("read_only_folders", "SESSION"); |
|
| 136 | + $session_personal_folders = $superGlobal->get("personal_folders", "SESSION"); |
|
| 137 | + $session_personal_visible_groups = $superGlobal->get("personal_visible_groups", "SESSION"); |
|
| 138 | 138 | |
| 139 | 139 | // Be sure that user can only see folders he/she is allowed to |
| 140 | 140 | if (!in_array($nodeId, $session_forbiden_pfs) |
@@ -296,15 +296,15 @@ discard block |
||
| 296 | 296 | $superGlobal = new protect\SuperGlobal\SuperGlobal(); |
| 297 | 297 | |
| 298 | 298 | // Prepare superGlobal variables |
| 299 | - $session_forbiden_pfs = $superGlobal->get("forbiden_pfs", "SESSION"); |
|
| 300 | - $session_groupes_visibles = $superGlobal->get("groupes_visibles", "SESSION"); |
|
| 301 | - $session_list_restricted_folders_for_items = $superGlobal->get("list_restricted_folders_for_items", "SESSION"); |
|
| 302 | - $session_user_id = $superGlobal->get("user_id", "SESSION"); |
|
| 303 | - $session_login = $superGlobal->get("login", "SESSION"); |
|
| 304 | - $session_user_read_only = $superGlobal->get("user_read_only", "SESSION"); |
|
| 305 | - $session_no_access_folders = $superGlobal->get("no_access_folders", "SESSION"); |
|
| 306 | - $session_list_folders_limited = $superGlobal->get("list_folders_limited", "SESSION"); |
|
| 307 | - $session_read_only_folders = $superGlobal->get("read_only_folders", "SESSION"); |
|
| 299 | + $session_forbiden_pfs = $superGlobal->get("forbiden_pfs", "SESSION"); |
|
| 300 | + $session_groupes_visibles = $superGlobal->get("groupes_visibles", "SESSION"); |
|
| 301 | + $session_list_restricted_folders_for_items = $superGlobal->get("list_restricted_folders_for_items", "SESSION"); |
|
| 302 | + $session_user_id = $superGlobal->get("user_id", "SESSION"); |
|
| 303 | + $session_login = $superGlobal->get("login", "SESSION"); |
|
| 304 | + $session_user_read_only = $superGlobal->get("user_read_only", "SESSION"); |
|
| 305 | + $session_no_access_folders = $superGlobal->get("no_access_folders", "SESSION"); |
|
| 306 | + $session_list_folders_limited = $superGlobal->get("list_folders_limited", "SESSION"); |
|
| 307 | + $session_read_only_folders = $superGlobal->get("read_only_folders", "SESSION"); |
|
| 308 | 308 | |
| 309 | 309 | // Be sure that user can only see folders he/she is allowed to |
| 310 | 310 | if (in_array($completTree[$nodeId]->id, $session_forbiden_pfs) === false |
@@ -711,7 +711,7 @@ |
||
| 711 | 711 | utf8_encode( |
| 712 | 712 | "<?php |
| 713 | 713 | global \$SETTINGS; |
| 714 | -\$SETTINGS = array (" . $config_text . " |
|
| 714 | +\$SETTINGS = array (" . $config_text." |
|
| 715 | 715 | );" |
| 716 | 716 | ) |
| 717 | 717 | ); |
@@ -764,7 +764,7 @@ discard block |
||
| 764 | 764 | $objects = explode(",", $post_object); |
| 765 | 765 | |
| 766 | 766 | // Allowed values for $_POST['object'] : "items,logs,files,categories" |
| 767 | - if (in_array($objects[0], array("items","logs","files","categories")) === false) { |
|
| 767 | + if (in_array($objects[0], array("items", "logs", "files", "categories")) === false) { |
|
| 768 | 768 | echo '[{"nextAction":"" , "error":"Input `'.$objects[0].'` is not allowed" , "nbOfItems":""}]'; |
| 769 | 769 | break; |
| 770 | 770 | } |
@@ -1329,7 +1329,7 @@ discard block |
||
| 1329 | 1329 | foreach ($rows as $record) { |
| 1330 | 1330 | if (is_file($SETTINGS['path_to_upload_folder'].'/'.$record['file'])) { |
| 1331 | 1331 | $addFile = 0; |
| 1332 | - if ($post_option== "decrypt" && $record['status'] === 'encrypted') { |
|
| 1332 | + if ($post_option == "decrypt" && $record['status'] === 'encrypted') { |
|
| 1333 | 1333 | $addFile = 1; |
| 1334 | 1334 | } elseif ($post_option == "encrypt" && $record['status'] === 'clear') { |
| 1335 | 1335 | $addFile = 1; |
@@ -632,7 +632,7 @@ |
||
| 632 | 632 | $json[$inc]['nlevel'] = mb_convert_encoding($folder->nlevel, mb_detect_encoding($folder->nlevel), 'UTF-8'); |
| 633 | 633 | $json[$inc]['personal'] = mb_convert_encoding($folder->personal_folder, mb_detect_encoding($folder->personal_folder), 'UTF-8'); |
| 634 | 634 | |
| 635 | - $inc ++; |
|
| 635 | + $inc++; |
|
| 636 | 636 | } |
| 637 | 637 | } |
| 638 | 638 | } |
@@ -3125,7 +3125,7 @@ |
||
| 3125 | 3125 | if ((isset($_SESSION['user_settings']['session_psk']) === false || empty($_SESSION['user_settings']['session_psk']) === true) |
| 3126 | 3126 | && ($dataSource['personal_folder'] === '1' || $dataDestination['personal_folder'] === '1') |
| 3127 | 3127 | ) { |
| 3128 | - echo '[{"error" : "ERR_PSK_REQUIRED"}]'; |
|
| 3128 | + echo '[{"error" : "ERR_PSK_REQUIRED"}]'; |
|
| 3129 | 3129 | break; |
| 3130 | 3130 | } |
| 3131 | 3131 | |
@@ -886,7 +886,7 @@ |
||
| 886 | 886 | /*FOLDER */ |
| 887 | 887 | if ($data['id_tree'] != $dataReceived['categorie']) { |
| 888 | 888 | // Get name of folders |
| 889 | - $dataTmp = DB::query("SELECT title FROM ".prefix_table("nested_tree")." WHERE id IN %li", array($data['id_tree'],$dataReceived['categorie'])); |
|
| 889 | + $dataTmp = DB::query("SELECT title FROM ".prefix_table("nested_tree")." WHERE id IN %li", array($data['id_tree'], $dataReceived['categorie'])); |
|
| 890 | 890 | |
| 891 | 891 | logItems($dataReceived['id'], $label, $_SESSION['user_id'], 'at_modification', $_SESSION['login'], 'at_category : '.$dataTmp[0]['title'].' => '.$dataTmp[1]['title']); |
| 892 | 892 | // ask for page reloading |
@@ -27,12 +27,12 @@ discard block |
||
| 27 | 27 | private static function signVals($key, $vals, $prefix, $expire, $time = null) |
| 28 | 28 | { |
| 29 | 29 | $exp = ($time ? $time : time()) + $expire; |
| 30 | - $val = $vals . '|' . $exp; |
|
| 30 | + $val = $vals.'|'.$exp; |
|
| 31 | 31 | $b64 = base64_encode($val); |
| 32 | - $cookie = $prefix . '|' . $b64; |
|
| 32 | + $cookie = $prefix.'|'.$b64; |
|
| 33 | 33 | |
| 34 | 34 | $sig = hash_hmac("sha1", $cookie, $key); |
| 35 | - return $cookie . '|' . $sig; |
|
| 35 | + return $cookie.'|'.$sig; |
|
| 36 | 36 | } |
| 37 | 37 | |
| 38 | 38 | private static function parseVals($key, $val, $prefix, $ikey, $time = null) |
@@ -45,7 +45,7 @@ discard block |
||
| 45 | 45 | } |
| 46 | 46 | list($u_prefix, $u_b64, $u_sig) = $parts; |
| 47 | 47 | |
| 48 | - $sig = hash_hmac("sha1", $u_prefix . '|' . $u_b64, $key); |
|
| 48 | + $sig = hash_hmac("sha1", $u_prefix.'|'.$u_b64, $key); |
|
| 49 | 49 | if (hash_hmac("sha1", $sig, $key) !== hash_hmac("sha1", $u_sig, $key)) { |
| 50 | 50 | return null; |
| 51 | 51 | } |
@@ -88,12 +88,12 @@ discard block |
||
| 88 | 88 | return self::ERR_AKEY; |
| 89 | 89 | } |
| 90 | 90 | |
| 91 | - $vals = $username . '|' . $ikey; |
|
| 91 | + $vals = $username.'|'.$ikey; |
|
| 92 | 92 | |
| 93 | 93 | $duo_sig = self::signVals($skey, $vals, self::DUO_PREFIX, self::DUO_EXPIRE, $time); |
| 94 | 94 | $app_sig = self::signVals($akey, $vals, self::APP_PREFIX, self::APP_EXPIRE, $time); |
| 95 | 95 | |
| 96 | - return $duo_sig . ':' . $app_sig; |
|
| 96 | + return $duo_sig.':'.$app_sig; |
|
| 97 | 97 | } |
| 98 | 98 | |
| 99 | 99 | public static function verifyResponse($ikey, $skey, $akey, $sig_response, $time = null) |
@@ -91,33 +91,33 @@ discard block |
||
| 91 | 91 | require_once $SETTINGS['cpassman_dir'].'/sources/core.php'; |
| 92 | 92 | |
| 93 | 93 | // Prepare POST variables |
| 94 | -$post_language = filter_input(INPUT_POST, 'language', FILTER_SANITIZE_STRING); |
|
| 95 | -$post_sig_response = filter_input(INPUT_POST, 'sig_response', FILTER_SANITIZE_STRING); |
|
| 96 | -$post_duo_login = filter_input(INPUT_POST, 'duo_login', FILTER_SANITIZE_STRING); |
|
| 97 | -$post_duo_data = filter_input(INPUT_POST, 'duo_data', FILTER_SANITIZE_STRING); |
|
| 98 | -$post_login = filter_input(INPUT_POST, 'login', FILTER_SANITIZE_STRING); |
|
| 99 | -$post_pw = filter_input(INPUT_POST, 'pw', FILTER_SANITIZE_STRING); |
|
| 94 | +$post_language = filter_input(INPUT_POST, 'language', FILTER_SANITIZE_STRING); |
|
| 95 | +$post_sig_response = filter_input(INPUT_POST, 'sig_response', FILTER_SANITIZE_STRING); |
|
| 96 | +$post_duo_login = filter_input(INPUT_POST, 'duo_login', FILTER_SANITIZE_STRING); |
|
| 97 | +$post_duo_data = filter_input(INPUT_POST, 'duo_data', FILTER_SANITIZE_STRING); |
|
| 98 | +$post_login = filter_input(INPUT_POST, 'login', FILTER_SANITIZE_STRING); |
|
| 99 | +$post_pw = filter_input(INPUT_POST, 'pw', FILTER_SANITIZE_STRING); |
|
| 100 | 100 | |
| 101 | 101 | // Prepare superGlobal variables |
| 102 | -$session_user_language = $superGlobal->get("user_language", "SESSION"); |
|
| 103 | -$session_user_id = $superGlobal->get("user_id", "SESSION"); |
|
| 104 | -$session_user_flag = $superGlobal->get("user_language_flag", "SESSION"); |
|
| 105 | -$session_user_admin = $superGlobal->get("user_admin", "SESSION"); |
|
| 106 | -$session_user_avatar_thumb = $superGlobal->get("user_avatar_thumb", "SESSION"); |
|
| 107 | -$session_name = $superGlobal->get("name", "SESSION"); |
|
| 108 | -$session_lastname = $superGlobal->get("lastname", "SESSION"); |
|
| 109 | -$session_user_manager = $superGlobal->get("user_manager", "SESSION"); |
|
| 110 | -$session_user_read_only = $superGlobal->get("user_read_only", "SESSION"); |
|
| 111 | -$session_is_admin = $superGlobal->get("is_admin", "SESSION"); |
|
| 112 | -$session_login = $superGlobal->get("login", "SESSION"); |
|
| 113 | -$session_validite_pw = $superGlobal->get("validite_pw", "SESSION"); |
|
| 114 | -$session_nb_folders = $superGlobal->get("nb_folders", "SESSION"); |
|
| 115 | -$session_nb_roles = $superGlobal->get("nb_roles", "SESSION"); |
|
| 116 | -$session_autoriser = $superGlobal->get("autoriser", "SESSION"); |
|
| 117 | -$session_hide_maintenance = $superGlobal->get("hide_maintenance", "SESSION"); |
|
| 118 | -$session_initial_url = $superGlobal->get("initial_url", "SESSION"); |
|
| 119 | -$server_request_uri = $superGlobal->get("REQUEST_URI", "SERVER"); |
|
| 120 | -$session_nb_users_online = $superGlobal->get("nb_users_online", "SESSION"); |
|
| 102 | +$session_user_language = $superGlobal->get("user_language", "SESSION"); |
|
| 103 | +$session_user_id = $superGlobal->get("user_id", "SESSION"); |
|
| 104 | +$session_user_flag = $superGlobal->get("user_language_flag", "SESSION"); |
|
| 105 | +$session_user_admin = $superGlobal->get("user_admin", "SESSION"); |
|
| 106 | +$session_user_avatar_thumb = $superGlobal->get("user_avatar_thumb", "SESSION"); |
|
| 107 | +$session_name = $superGlobal->get("name", "SESSION"); |
|
| 108 | +$session_lastname = $superGlobal->get("lastname", "SESSION"); |
|
| 109 | +$session_user_manager = $superGlobal->get("user_manager", "SESSION"); |
|
| 110 | +$session_user_read_only = $superGlobal->get("user_read_only", "SESSION"); |
|
| 111 | +$session_is_admin = $superGlobal->get("is_admin", "SESSION"); |
|
| 112 | +$session_login = $superGlobal->get("login", "SESSION"); |
|
| 113 | +$session_validite_pw = $superGlobal->get("validite_pw", "SESSION"); |
|
| 114 | +$session_nb_folders = $superGlobal->get("nb_folders", "SESSION"); |
|
| 115 | +$session_nb_roles = $superGlobal->get("nb_roles", "SESSION"); |
|
| 116 | +$session_autoriser = $superGlobal->get("autoriser", "SESSION"); |
|
| 117 | +$session_hide_maintenance = $superGlobal->get("hide_maintenance", "SESSION"); |
|
| 118 | +$session_initial_url = $superGlobal->get("initial_url", "SESSION"); |
|
| 119 | +$server_request_uri = $superGlobal->get("REQUEST_URI", "SERVER"); |
|
| 120 | +$session_nb_users_online = $superGlobal->get("nb_users_online", "SESSION"); |
|
| 121 | 121 | |
| 122 | 122 | |
| 123 | 123 | /* DEFINE WHAT LANGUAGE TO USE */ |
@@ -237,9 +237,7 @@ discard block |
||
| 237 | 237 | <div style="float:right; margin:-10px 5px 0 0; color:#FFF;">' |
| 238 | 238 | .$LANG['index_welcome'].' <b>'.$session_name.' '.$session_lastname |
| 239 | 239 | .' ['.$session_login.']</b> - ' |
| 240 | - , $session_user_admin === '1' ? $LANG['god'] : |
|
| 241 | - ($session_user_manager === '1' ? $LANG['gestionnaire'] : |
|
| 242 | - ($session_user_read_only === '1' ? $LANG['read_only_account'] : $LANG['user']) |
|
| 240 | + , $session_user_admin === '1' ? $LANG['god'] : ($session_user_manager === '1' ? $LANG['gestionnaire'] : ($session_user_read_only === '1' ? $LANG['read_only_account'] : $LANG['user']) |
|
| 243 | 241 | ), ' '.strtolower($LANG['index_login']).'</div>'; |
| 244 | 242 | |
| 245 | 243 | echo ' |
@@ -227,15 +227,15 @@ |
||
| 227 | 227 | } |
| 228 | 228 | $tmp = mysqli_num_rows(mysqli_query($dbTmp, "SELECT * FROM `_install` WHERE `key` = 'url_path'")); |
| 229 | 229 | if (intval($tmp) === 0) { |
| 230 | - mysqli_query($dbTmp, "INSERT INTO `_install` (`key`, `value`) VALUES ('url_path', '". empty($session_url_path) ? $db['url_path'] : $session_url_path. "');"); |
|
| 230 | + mysqli_query($dbTmp, "INSERT INTO `_install` (`key`, `value`) VALUES ('url_path', '".empty($session_url_path) ? $db['url_path'] : $session_url_path."');"); |
|
| 231 | 231 | } else { |
| 232 | 232 | mysqli_query($dbTmp, "UPDATE `_install` SET `value` = '", empty($session_url_path) ? $db['url_path'] : $session_url_path, "' WHERE `key` = 'url_path';"); |
| 233 | 233 | } |
| 234 | 234 | $tmp = mysqli_num_rows(mysqli_query($dbTmp, "SELECT * FROM `_install` WHERE `key` = 'abspath'")); |
| 235 | 235 | if (intval($tmp) === 0) { |
| 236 | - mysqli_query($dbTmp, "INSERT INTO `_install` (`key`, `value`) VALUES ('abspath', '". empty($session_abspath) ? $db['abspath'] : $session_abspath. "');"); |
|
| 236 | + mysqli_query($dbTmp, "INSERT INTO `_install` (`key`, `value`) VALUES ('abspath', '".empty($session_abspath) ? $db['abspath'] : $session_abspath."');"); |
|
| 237 | 237 | } else { |
| 238 | - mysqli_query($dbTmp, "UPDATE `_install` SET `value` = '". empty($session_abspath) ? $db['abspath'] : $session_abspath. "' WHERE `key` = 'abspath';"); |
|
| 238 | + mysqli_query($dbTmp, "UPDATE `_install` SET `value` = '".empty($session_abspath) ? $db['abspath'] : $session_abspath."' WHERE `key` = 'abspath';"); |
|
| 239 | 239 | } |
| 240 | 240 | |
| 241 | 241 | echo '[{"error" : "", "result" : "Connection is successful", "multiple" : ""}]'; |
