nilsteampassnet /
TeamPass
@@ -76,7 +76,7 @@ discard block |
||
| 76 | 76 | ) { |
| 77 | 77 | // Not allowed page |
| 78 | 78 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 79 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 79 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 80 | 80 | exit; |
| 81 | 81 | } |
| 82 | 82 | |
@@ -100,19 +100,19 @@ discard block |
||
| 100 | 100 | $get_filename = str_replace(array("\r", "\n"), '', $get_filename); |
| 101 | 101 | |
| 102 | 102 | // prepare Encryption class calls |
| 103 | -header('Content-disposition: attachment; filename=' . rawurldecode(basename($get_filename))); |
|
| 103 | +header('Content-disposition: attachment; filename='.rawurldecode(basename($get_filename))); |
|
| 104 | 104 | header('Content-Type: application/octet-stream'); |
| 105 | 105 | header('Cache-Control: must-revalidate, no-cache, no-store'); |
| 106 | 106 | header('Expires: 0'); |
| 107 | 107 | if (null !== $request->query->get('pathIsFiles') && (int) $get_pathIsFiles === 1) { |
| 108 | - readfile($SETTINGS['path_to_files_folder'] . '/' . basename($get_filename)); |
|
| 108 | + readfile($SETTINGS['path_to_files_folder'].'/'.basename($get_filename)); |
|
| 109 | 109 | } else { |
| 110 | 110 | // get file key |
| 111 | 111 | $file_info = DB::queryfirstrow( |
| 112 | 112 | 'SELECT f.id AS id, f.file AS file, f.name AS name, f.status AS status, f.extension AS extension, |
| 113 | 113 | s.share_key AS share_key |
| 114 | - FROM ' . prefixTable('files') . ' AS f |
|
| 115 | - INNER JOIN ' . prefixTable('sharekeys_files') . ' AS s ON (f.id = s.object_id) |
|
| 114 | + FROM ' . prefixTable('files').' AS f |
|
| 115 | + INNER JOIN ' . prefixTable('sharekeys_files').' AS s ON (f.id = s.object_id) |
|
| 116 | 116 | WHERE s.user_id = %i AND s.object_id = %i', |
| 117 | 117 | $session->get('user-id'), |
| 118 | 118 | $get_fileid |
@@ -131,7 +131,7 @@ discard block |
||
| 131 | 131 | // if not encrypted |
| 132 | 132 | $file_info = DB::queryfirstrow( |
| 133 | 133 | 'SELECT f.id AS id, f.file AS file, f.name AS name, f.status AS status, f.extension AS extension |
| 134 | - FROM ' . prefixTable('files') . ' AS f |
|
| 134 | + FROM ' . prefixTable('files').' AS f |
|
| 135 | 135 | WHERE f.id = %i', |
| 136 | 136 | $get_fileid |
| 137 | 137 | ); |
@@ -141,25 +141,25 @@ discard block |
||
| 141 | 141 | // Set the filename of the download |
| 142 | 142 | $filename = basename($file_info['name'], '.'.$file_info['extension']); |
| 143 | 143 | $filename = isBase64($filename) === true ? base64_decode($filename) : $filename; |
| 144 | - $filename = $filename . '.' . $file_info['extension']; |
|
| 144 | + $filename = $filename.'.'.$file_info['extension']; |
|
| 145 | 145 | // Get the full path to the file to be downloaded |
| 146 | - if (file_exists($SETTINGS['path_to_upload_folder'] . '/' .TP_FILE_PREFIX . $file_info['file'])) { |
|
| 147 | - $filePath = $SETTINGS['path_to_upload_folder'] . '/' . TP_FILE_PREFIX . $file_info['file']; |
|
| 146 | + if (file_exists($SETTINGS['path_to_upload_folder'].'/'.TP_FILE_PREFIX.$file_info['file'])) { |
|
| 147 | + $filePath = $SETTINGS['path_to_upload_folder'].'/'.TP_FILE_PREFIX.$file_info['file']; |
|
| 148 | 148 | } else { |
| 149 | - $filePath = $SETTINGS['path_to_upload_folder'] . '/' . TP_FILE_PREFIX . base64_decode($file_info['file']); |
|
| 149 | + $filePath = $SETTINGS['path_to_upload_folder'].'/'.TP_FILE_PREFIX.base64_decode($file_info['file']); |
|
| 150 | 150 | } |
| 151 | 151 | $filePath = realpath($filePath); |
| 152 | 152 | |
| 153 | - if (WIP === true) error_log('downloadFile.php: filePath: ' . $filePath." - "); |
|
| 153 | + if (WIP === true) error_log('downloadFile.php: filePath: '.$filePath." - "); |
|
| 154 | 154 | |
| 155 | 155 | if ($filePath && is_readable($filePath) && strpos($filePath, realpath($SETTINGS['path_to_upload_folder'])) === 0) { |
| 156 | 156 | header('Content-Description: File Transfer'); |
| 157 | 157 | header('Content-Type: application/octet-stream'); |
| 158 | - header('Content-Disposition: attachment; filename="' . basename($filename) . '"'); |
|
| 158 | + header('Content-Disposition: attachment; filename="'.basename($filename).'"'); |
|
| 159 | 159 | header('Expires: 0'); |
| 160 | 160 | header('Cache-Control: must-revalidate'); |
| 161 | 161 | header('Pragma: public'); |
| 162 | - header('Content-Length: ' . filesize($filePath)); |
|
| 162 | + header('Content-Length: '.filesize($filePath)); |
|
| 163 | 163 | flush(); // Clear system output buffer |
| 164 | 164 | if (empty($fileContent) === true) { |
| 165 | 165 | // deepcode ignore PT: File and path are secured directly inside the function decryptFile() |
@@ -123,7 +123,7 @@ discard block |
||
| 123 | 123 | * @param array $SETTINGS |
| 124 | 124 | * @return bool|string |
| 125 | 125 | */ |
| 126 | - function handleAuthAttempts($post_data, $SETTINGS): bool|string |
|
| 126 | + function handleAuthAttempts($post_data, $SETTINGS): bool | string |
|
| 127 | 127 | { |
| 128 | 128 | $session = SessionManager::getSession(); |
| 129 | 129 | $lang = new Language($session->get('user-language') ?? 'english'); |
@@ -297,7 +297,7 @@ discard block |
||
| 297 | 297 | $sessionPwdAttempts = $session->get('pwd_attempts'); |
| 298 | 298 | $sessionUrl = $session->get('user-initial_url'); |
| 299 | 299 | $server = []; |
| 300 | - $server['PHP_AUTH_USER'] = $request->getUser(); |
|
| 300 | + $server['PHP_AUTH_USER'] = $request->getUser(); |
|
| 301 | 301 | $server['PHP_AUTH_PW'] = $request->getPassword(); |
| 302 | 302 | |
| 303 | 303 | // decrypt and retreive data in JSON format |
@@ -312,18 +312,18 @@ discard block |
||
| 312 | 312 | } |
| 313 | 313 | |
| 314 | 314 | // Check if Duo auth is in progress and pass the pw and login back to the standard login process |
| 315 | - if( |
|
| 315 | + if ( |
|
| 316 | 316 | isKeyExistingAndEqual('duo', 1, $SETTINGS) === true |
| 317 | 317 | && $dataReceived['user_2fa_selection'] === 'duo' |
| 318 | 318 | && $session->get('user-duo_status') === 'IN_PROGRESS' |
| 319 | 319 | && !empty($dataReceived['duo_state']) |
| 320 | - ){ |
|
| 320 | + ) { |
|
| 321 | 321 | $key = hash('sha256', $dataReceived['duo_state']); |
| 322 | 322 | $iv = substr(hash('sha256', $dataReceived['duo_state']), 0, 16); |
| 323 | 323 | $duo_data_dec = openssl_decrypt(base64_decode($session->get('user-duo_data')), 'AES-256-CBC', $key, 0, $iv); |
| 324 | 324 | // Clear the data from the Duo process to continue clean with the standard login process |
| 325 | - $session->set('user-duo_data',''); |
|
| 326 | - if($duo_data_dec === false){ |
|
| 325 | + $session->set('user-duo_data', ''); |
|
| 326 | + if ($duo_data_dec === false) { |
|
| 327 | 327 | echo prepareExchangedData( |
| 328 | 328 | [ |
| 329 | 329 | 'error' => true, |
@@ -338,7 +338,7 @@ discard block |
||
| 338 | 338 | $dataReceived['login'] = $duo_data['duo_login']; |
| 339 | 339 | } |
| 340 | 340 | |
| 341 | - if(isset($dataReceived['pw']) === false || isset($dataReceived['login']) === false) { |
|
| 341 | + if (isset($dataReceived['pw']) === false || isset($dataReceived['login']) === false) { |
|
| 342 | 342 | echo json_encode([ |
| 343 | 343 | 'data' => prepareExchangedData( |
| 344 | 344 | [ |
@@ -647,7 +647,7 @@ discard block |
||
| 647 | 647 | } |
| 648 | 648 | // Append with roles from AD groups |
| 649 | 649 | if (is_null($userInfo['roles_from_ad_groups']) === false) { |
| 650 | - $userInfo['fonction_id'] = empty($userInfo['fonction_id']) === true ? $userInfo['roles_from_ad_groups'] : $userInfo['fonction_id']. ';' . $userInfo['roles_from_ad_groups']; |
|
| 650 | + $userInfo['fonction_id'] = empty($userInfo['fonction_id']) === true ? $userInfo['roles_from_ad_groups'] : $userInfo['fonction_id'].';'.$userInfo['roles_from_ad_groups']; |
|
| 651 | 651 | } |
| 652 | 652 | // store |
| 653 | 653 | $session->set('user-roles', $userInfo['fonction_id']); |
@@ -659,7 +659,7 @@ discard block |
||
| 659 | 659 | if (count($session->get('user-roles_array')) > 0) { |
| 660 | 660 | $rolesList = DB::query( |
| 661 | 661 | 'SELECT id, title, complexity |
| 662 | - FROM ' . prefixTable('roles_title') . ' |
|
| 662 | + FROM ' . prefixTable('roles_title').' |
|
| 663 | 663 | WHERE id IN %li', |
| 664 | 664 | $session->get('user-roles_array') |
| 665 | 665 | ); |
@@ -705,7 +705,7 @@ discard block |
||
| 705 | 705 | if ($adjustPermissions) { |
| 706 | 706 | $session->set('user-admin', (int) $userInfo['admin']); |
| 707 | 707 | $session->set('user-manager', (int) $userInfo['gestionnaire']); |
| 708 | - $session->set('user-can_manage_all_users',(int) $userInfo['can_manage_all_users']); |
|
| 708 | + $session->set('user-can_manage_all_users', (int) $userInfo['can_manage_all_users']); |
|
| 709 | 709 | $session->set('user-read_only', (int) $userInfo['read_only']); |
| 710 | 710 | DB::update( |
| 711 | 711 | prefixTable('users'), |
@@ -777,10 +777,10 @@ discard block |
||
| 777 | 777 | $session->set('user-latest_items_tab', []); |
| 778 | 778 | $session->set('user-nb_roles', 0); |
| 779 | 779 | foreach ($session->get('user-latest_items') as $item) { |
| 780 | - if (! empty($item)) { |
|
| 780 | + if (!empty($item)) { |
|
| 781 | 781 | $dataLastItems = DB::queryFirstRow( |
| 782 | 782 | 'SELECT id,label,id_tree |
| 783 | - FROM ' . prefixTable('items') . ' |
|
| 783 | + FROM ' . prefixTable('items').' |
|
| 784 | 784 | WHERE id=%i', |
| 785 | 785 | $item |
| 786 | 786 | ); |
@@ -789,7 +789,7 @@ discard block |
||
| 789 | 789 | [ |
| 790 | 790 | 'id' => $item, |
| 791 | 791 | 'label' => $dataLastItems['label'], |
| 792 | - 'url' => 'index.php?page=items&group=' . $dataLastItems['id_tree'] . '&id=' . $item, |
|
| 792 | + 'url' => 'index.php?page=items&group='.$dataLastItems['id_tree'].'&id='.$item, |
|
| 793 | 793 | ], |
| 794 | 794 | 'add' |
| 795 | 795 | ); |
@@ -799,7 +799,7 @@ discard block |
||
| 799 | 799 | // Get cahce tree info |
| 800 | 800 | $cacheTreeData = DB::queryFirstRow( |
| 801 | 801 | 'SELECT visible_folders |
| 802 | - FROM ' . prefixTable('cache_tree') . ' |
|
| 802 | + FROM ' . prefixTable('cache_tree').' |
|
| 803 | 803 | WHERE user_id=%i', |
| 804 | 804 | (int) $session->get('user-id') |
| 805 | 805 | ); |
@@ -831,7 +831,7 @@ discard block |
||
| 831 | 831 | && (int) $sessionAdmin !== 1 |
| 832 | 832 | ) { |
| 833 | 833 | // get all Admin users |
| 834 | - $val = DB::queryfirstrow('SELECT email FROM ' . prefixTable('users') . " WHERE admin = %i and email != ''", 1); |
|
| 834 | + $val = DB::queryfirstrow('SELECT email FROM '.prefixTable('users')." WHERE admin = %i and email != ''", 1); |
|
| 835 | 835 | if (DB::count() > 0) { |
| 836 | 836 | // Add email to table |
| 837 | 837 | prepareSendingEmail( |
@@ -843,7 +843,7 @@ discard block |
||
| 843 | 843 | '#tp_time#', |
| 844 | 844 | ], |
| 845 | 845 | [ |
| 846 | - ' ' . $session->get('user-login') . ' (IP: ' . getClientIpServer() . ')', |
|
| 846 | + ' '.$session->get('user-login').' (IP: '.getClientIpServer().')', |
|
| 847 | 847 | date($SETTINGS['date_format'], (int) $session->get('user-last_connection')), |
| 848 | 848 | date($SETTINGS['time_format'], (int) $session->get('user-last_connection')), |
| 849 | 849 | ], |
@@ -991,7 +991,7 @@ discard block |
||
| 991 | 991 | { |
| 992 | 992 | $rows = DB::query( |
| 993 | 993 | 'SELECT date |
| 994 | - FROM ' . prefixTable('log_system') . " |
|
| 994 | + FROM ' . prefixTable('log_system')." |
|
| 995 | 995 | WHERE field_1 = %s |
| 996 | 996 | AND type = 'failed_auth' |
| 997 | 997 | AND label = 'password_is_not_correct' |
@@ -1005,7 +1005,7 @@ discard block |
||
| 1005 | 1005 | foreach ($rows as $record) { |
| 1006 | 1006 | array_push( |
| 1007 | 1007 | $arrAttempts, |
| 1008 | - date($SETTINGS['date_format'] . ' ' . $SETTINGS['time_format'], (int) $record['date']) |
|
| 1008 | + date($SETTINGS['date_format'].' '.$SETTINGS['time_format'], (int) $record['date']) |
|
| 1009 | 1009 | ); |
| 1010 | 1010 | } |
| 1011 | 1011 | } |
@@ -1059,7 +1059,7 @@ discard block |
||
| 1059 | 1059 | $ldapConnection |
| 1060 | 1060 | ) : bool |
| 1061 | 1061 | { |
| 1062 | - include_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php'; |
|
| 1062 | + include_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php'; |
|
| 1063 | 1063 | |
| 1064 | 1064 | if ((int) $userInfoDisabled === 1) { |
| 1065 | 1065 | return false; |
@@ -1268,7 +1268,7 @@ discard block |
||
| 1268 | 1268 | $openLdapExtra = new OpenLdapExtra(); |
| 1269 | 1269 | break; |
| 1270 | 1270 | default: |
| 1271 | - throw new Exception("Unsupported LDAP type: " . $SETTINGS['ldap_type']); |
|
| 1271 | + throw new Exception("Unsupported LDAP type: ".$SETTINGS['ldap_type']); |
|
| 1272 | 1272 | } |
| 1273 | 1273 | } catch (Exception $e) { |
| 1274 | 1274 | return [ |
@@ -1281,7 +1281,7 @@ discard block |
||
| 1281 | 1281 | // 2- Get user info from AD |
| 1282 | 1282 | // We want to isolate attribute ldap_user_attribute or mostly samAccountName |
| 1283 | 1283 | $userADInfos = $ldapConnection->query() |
| 1284 | - ->where((isset($SETTINGS['ldap_user_attribute']) ===true && empty($SETTINGS['ldap_user_attribute']) === false) ? $SETTINGS['ldap_user_attribute'] : 'samaccountname', '=', $username) |
|
| 1284 | + ->where((isset($SETTINGS['ldap_user_attribute']) === true && empty($SETTINGS['ldap_user_attribute']) === false) ? $SETTINGS['ldap_user_attribute'] : 'samaccountname', '=', $username) |
|
| 1285 | 1285 | ->firstOrFail(); |
| 1286 | 1286 | |
| 1287 | 1287 | // Is user enabled? Only ActiveDirectory |
@@ -1299,7 +1299,7 @@ discard block |
||
| 1299 | 1299 | // For OpenLDAP and others, we use attribute dn |
| 1300 | 1300 | $userAuthAttempt = $ldapConnection->auth()->attempt( |
| 1301 | 1301 | $SETTINGS['ldap_type'] === 'ActiveDirectory' ? |
| 1302 | - $userADInfos['userprincipalname'][0] : // refering to https://ldaprecord.com/docs/core/v2/authentication#basic-authentication |
|
| 1302 | + $userADInfos['userprincipalname'][0] : // refering to https://ldaprecord.com/docs/core/v2/authentication#basic-authentication |
|
| 1303 | 1303 | $userADInfos['dn'], |
| 1304 | 1304 | $passwordClear |
| 1305 | 1305 | ); |
@@ -1382,7 +1382,7 @@ discard block |
||
| 1382 | 1382 | // error |
| 1383 | 1383 | return [ |
| 1384 | 1384 | 'error' => true, |
| 1385 | - 'message' => "Error: Unsupported LDAP type: " . $SETTINGS['ldap_type'], |
|
| 1385 | + 'message' => "Error: Unsupported LDAP type: ".$SETTINGS['ldap_type'], |
|
| 1386 | 1386 | ]; |
| 1387 | 1387 | } |
| 1388 | 1388 | |
@@ -1417,12 +1417,12 @@ discard block |
||
| 1417 | 1417 | if (isset($SETTINGS['enable_ad_users_with_ad_groups']) === true && (int) $SETTINGS['enable_ad_users_with_ad_groups'] === 1) { |
| 1418 | 1418 | // Get user groups from AD |
| 1419 | 1419 | $user_ad_groups = []; |
| 1420 | - foreach($groups as $group) { |
|
| 1420 | + foreach ($groups as $group) { |
|
| 1421 | 1421 | //print_r($group); |
| 1422 | 1422 | // get relation role id for AD group |
| 1423 | 1423 | $role = DB::queryFirstRow( |
| 1424 | 1424 | 'SELECT lgr.role_id |
| 1425 | - FROM ' . prefixTable('ldap_groups_roles') . ' AS lgr |
|
| 1425 | + FROM ' . prefixTable('ldap_groups_roles').' AS lgr |
|
| 1426 | 1426 | WHERE lgr.ldap_group_id = %s', |
| 1427 | 1427 | $group |
| 1428 | 1428 | ); |
@@ -1516,7 +1516,7 @@ discard block |
||
| 1516 | 1516 | $userInfo['id'] |
| 1517 | 1517 | ); |
| 1518 | 1518 | } |
| 1519 | - if (WIP === true) error_log("finalizeAuthentication - hashedPassword: " . $hashedPassword. " | ".$passwordManager->verifyPassword($userInfo['pw'], $passwordClear)." || ".$passwordClear); |
|
| 1519 | + if (WIP === true) error_log("finalizeAuthentication - hashedPassword: ".$hashedPassword." | ".$passwordManager->verifyPassword($userInfo['pw'], $passwordClear)." || ".$passwordClear); |
|
| 1520 | 1520 | } |
| 1521 | 1521 | |
| 1522 | 1522 | /** |
@@ -1568,7 +1568,7 @@ discard block |
||
| 1568 | 1568 | } |
| 1569 | 1569 | |
| 1570 | 1570 | // Now check yubico validity |
| 1571 | - include_once $SETTINGS['cpassman_dir'] . '/includes/libraries/Authentication/Yubico/Yubico.php'; |
|
| 1571 | + include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Authentication/Yubico/Yubico.php'; |
|
| 1572 | 1572 | $yubi = new Auth_Yubico($yubico_user_id, $yubico_user_key); |
| 1573 | 1573 | $auth = $yubi->verify($yubico_key); |
| 1574 | 1574 | //, null, null, null, 60 |
@@ -1627,7 +1627,7 @@ discard block |
||
| 1627 | 1627 | // Check if exists in DB |
| 1628 | 1628 | $groupData = DB::queryFirstRow( |
| 1629 | 1629 | 'SELECT id |
| 1630 | - FROM ' . prefixTable('roles_title') . ' |
|
| 1630 | + FROM ' . prefixTable('roles_title').' |
|
| 1631 | 1631 | WHERE title = %s', |
| 1632 | 1632 | $group["displayName"] |
| 1633 | 1633 | ); |
@@ -1756,7 +1756,7 @@ discard block |
||
| 1756 | 1756 | |
| 1757 | 1757 | // generate new QR |
| 1758 | 1758 | $new_2fa_qr = $tfa->getQRCodeImageAsDataUri( |
| 1759 | - 'Teampass - ' . $username, |
|
| 1759 | + 'Teampass - '.$username, |
|
| 1760 | 1760 | $userInfo['ga'] |
| 1761 | 1761 | ); |
| 1762 | 1762 | // clear temporary code from DB |
@@ -1769,7 +1769,7 @@ discard block |
||
| 1769 | 1769 | $userInfo['id'] |
| 1770 | 1770 | ); |
| 1771 | 1771 | $firstTime = [ |
| 1772 | - 'value' => '<img src="' . $new_2fa_qr . '">', |
|
| 1772 | + 'value' => '<img src="'.$new_2fa_qr.'">', |
|
| 1773 | 1773 | 'user_admin' => isset($sessionAdmin) ? (int) $sessionAdmin : '', |
| 1774 | 1774 | 'initial_url' => isset($sessionUrl) === true ? $sessionUrl : '', |
| 1775 | 1775 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
@@ -1925,7 +1925,7 @@ discard block |
||
| 1925 | 1925 | }*/ |
| 1926 | 1926 | return [ |
| 1927 | 1927 | 'error' => true, |
| 1928 | - 'message' => $duo_error . $lang->get('duo_error_check_config'), |
|
| 1928 | + 'message' => $duo_error.$lang->get('duo_error_check_config'), |
|
| 1929 | 1929 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1930 | 1930 | 'debug_message' => $e->getMessage(), |
| 1931 | 1931 | 'proceedIdentification' => false, |
@@ -1941,7 +1941,7 @@ discard block |
||
| 1941 | 1941 | } catch (DuoException $e) { |
| 1942 | 1942 | return [ |
| 1943 | 1943 | 'error' => true, |
| 1944 | - 'message' => $duo_error . $lang->get('duo_error_url'), |
|
| 1944 | + 'message' => $duo_error.$lang->get('duo_error_url'), |
|
| 1945 | 1945 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1946 | 1946 | 'debug_message' => $e->getMessage(), |
| 1947 | 1947 | 'proceedIdentification' => false, |
@@ -1949,7 +1949,7 @@ discard block |
||
| 1949 | 1949 | } |
| 1950 | 1950 | |
| 1951 | 1951 | // Somethimes Duo return success but fail to return a URL, double check if the URL has been created |
| 1952 | - if (!empty($duo_redirect_url) && isset($duo_redirect_url) && filter_var($duo_redirect_url,FILTER_SANITIZE_URL)) { |
|
| 1952 | + if (!empty($duo_redirect_url) && isset($duo_redirect_url) && filter_var($duo_redirect_url, FILTER_SANITIZE_URL)) { |
|
| 1953 | 1953 | // Since Duo Universal requires a redirect, let's store some info when the user get's back after completing the Duo prompt |
| 1954 | 1954 | $key = hash('sha256', $duo_state); |
| 1955 | 1955 | $iv = substr(hash('sha256', $duo_state), 0, 16); |
@@ -1977,7 +1977,7 @@ discard block |
||
| 1977 | 1977 | } else { |
| 1978 | 1978 | return [ |
| 1979 | 1979 | 'error' => true, |
| 1980 | - 'message' => $duo_error . $lang->get('duo_error_url'), |
|
| 1980 | + 'message' => $duo_error.$lang->get('duo_error_url'), |
|
| 1981 | 1981 | 'pwd_attempts' => (int) $sessionPwdAttempts, |
| 1982 | 1982 | 'proceedIdentification' => false, |
| 1983 | 1983 | ]; |
@@ -1998,8 +1998,8 @@ discard block |
||
| 1998 | 1998 | // return the response (which should be the user name) |
| 1999 | 1999 | if ($decoded_token['preferred_username'] === $username) { |
| 2000 | 2000 | $session->set('user-duo_status', 'COMPLET'); |
| 2001 | - $session->set('user-duo_state',''); |
|
| 2002 | - $session->set('user-duo_data',''); |
|
| 2001 | + $session->set('user-duo_state', ''); |
|
| 2002 | + $session->set('user-duo_data', ''); |
|
| 2003 | 2003 | $session->set('user-login', $username); |
| 2004 | 2004 | |
| 2005 | 2005 | return [ |
@@ -2010,9 +2010,9 @@ discard block |
||
| 2010 | 2010 | ]; |
| 2011 | 2011 | } else { |
| 2012 | 2012 | // Something wrong, username from the original Duo request is different than the one received now |
| 2013 | - $session->set('user-duo_status',''); |
|
| 2014 | - $session->set('user-duo_state',''); |
|
| 2015 | - $session->set('user-duo_data',''); |
|
| 2013 | + $session->set('user-duo_status', ''); |
|
| 2014 | + $session->set('user-duo_state', ''); |
|
| 2015 | + $session->set('user-duo_data', ''); |
|
| 2016 | 2016 | |
| 2017 | 2017 | return [ |
| 2018 | 2018 | 'error' => true, |
@@ -2023,9 +2023,9 @@ discard block |
||
| 2023 | 2023 | } |
| 2024 | 2024 | } |
| 2025 | 2025 | // If we are here something wrong |
| 2026 | - $session->set('user-duo_status',''); |
|
| 2027 | - $session->set('user-duo_state',''); |
|
| 2028 | - $session->set('user-duo_data',''); |
|
| 2026 | + $session->set('user-duo_status', ''); |
|
| 2027 | + $session->set('user-duo_state', ''); |
|
| 2028 | + $session->set('user-duo_data', ''); |
|
| 2029 | 2029 | return [ |
| 2030 | 2030 | 'error' => true, |
| 2031 | 2031 | 'message' => $lang->get('duo_login_mismatch'), |
@@ -2141,8 +2141,8 @@ discard block |
||
| 2141 | 2141 | // Get user info from DB |
| 2142 | 2142 | $data = DB::queryFirstRow( |
| 2143 | 2143 | 'SELECT u.*, a.value AS api_key |
| 2144 | - FROM ' . prefixTable('users') . ' AS u |
|
| 2145 | - LEFT JOIN ' . prefixTable('api') . ' AS a ON (u.id = a.user_id) |
|
| 2144 | + FROM ' . prefixTable('users').' AS u |
|
| 2145 | + LEFT JOIN ' . prefixTable('api').' AS a ON (u.id = a.user_id) |
|
| 2146 | 2146 | WHERE login = %s AND deleted_at IS NULL', |
| 2147 | 2147 | $login |
| 2148 | 2148 | ); |
@@ -2578,15 +2578,15 @@ discard block |
||
| 2578 | 2578 | |
| 2579 | 2579 | if ($ret['error'] !== false) { |
| 2580 | 2580 | logEvents($SETTINGS, 'failed_auth', 'bad_duo_mfa', '', stripslashes($username), stripslashes($username)); |
| 2581 | - $session->set('user-duo_status',''); |
|
| 2582 | - $session->set('user-duo_state',''); |
|
| 2583 | - $session->set('user-duo_data',''); |
|
| 2581 | + $session->set('user-duo_status', ''); |
|
| 2582 | + $session->set('user-duo_state', ''); |
|
| 2583 | + $session->set('user-duo_data', ''); |
|
| 2584 | 2584 | return [ |
| 2585 | 2585 | 'error' => true, |
| 2586 | 2586 | 'mfaData' => $ret, |
| 2587 | 2587 | 'mfaQRCodeInfos' => false, |
| 2588 | 2588 | ]; |
| 2589 | - } else if ($ret['duo_url_ready'] === true){ |
|
| 2589 | + } else if ($ret['duo_url_ready'] === true) { |
|
| 2590 | 2590 | return [ |
| 2591 | 2591 | 'error' => false, |
| 2592 | 2592 | 'mfaData' => $ret, |
@@ -48,7 +48,7 @@ discard block |
||
| 48 | 48 | $postType = $request->query->get('post_type', ''); |
| 49 | 49 | $postType = filter_var($postType, FILTER_SANITIZE_SPECIAL_CHARS); |
| 50 | 50 | $get['post_type'] = $postType; |
| 51 | -if (isset($SETTINGS['duo']) === true && (int) $SETTINGS['duo'] === 1 && $get['post_type'] === 'duo' ) { |
|
| 51 | +if (isset($SETTINGS['duo']) === true && (int) $SETTINGS['duo'] === 1 && $get['post_type'] === 'duo') { |
|
| 52 | 52 | $get['duo_state'] = $request->query->get('state'); |
| 53 | 53 | $get['duo_code'] = $request->query->get('duo_code'); |
| 54 | 54 | } |
@@ -78,7 +78,7 @@ discard block |
||
| 78 | 78 | exit; |
| 79 | 79 | } else { |
| 80 | 80 | // Gérer les erreurs |
| 81 | - echo 'Erreur lors de la récupération des informations utilisateur : ' . $userInfo['message']; |
|
| 81 | + echo 'Erreur lors de la récupération des informations utilisateur : '.$userInfo['message']; |
|
| 82 | 82 | }; |
| 83 | 83 | } |
| 84 | 84 | |
@@ -99,8 +99,7 @@ discard block |
||
| 99 | 99 | <div class="login-box"> |
| 100 | 100 | <div class="login-logo"><div style="margin:30px;">', |
| 101 | 101 | isset($SETTINGS['custom_logo']) === true && empty($SETTINGS['custom_logo']) === false ? |
| 102 | - '<img src="' . (string) $SETTINGS['custom_logo'] . '" alt="" style="text-align:center; max-width:100px;" />' : |
|
| 103 | - '<img src="includes/images/teampass-logo2-login.png" alt="Teampass Logo">', |
|
| 102 | + '<img src="'.(string) $SETTINGS['custom_logo'].'" alt="" style="text-align:center; max-width:100px;" />' : '<img src="includes/images/teampass-logo2-login.png" alt="Teampass Logo">', |
|
| 104 | 103 | ' |
| 105 | 104 | </div> |
| 106 | 105 | <div style="font-weight:bold;"> |
@@ -120,14 +119,14 @@ discard block |
||
| 120 | 119 | |
| 121 | 120 | <div class="card-body login-card-body1"> |
| 122 | 121 | <div class="input-group has-feedback mb-2"> |
| 123 | - <div class="input-group-prepend infotip" title="' . $lang->get('login') . '"> |
|
| 122 | + <div class="input-group-prepend infotip" title="' . $lang->get('login').'"> |
|
| 124 | 123 | <span class="input-group-text"><i class="fa-solid fa-user fa-fw"></i></span> |
| 125 | 124 | </div>'; |
| 126 | 125 | if ( |
| 127 | 126 | isset($SETTINGS['enable_http_request_login']) === true |
| 128 | 127 | && (int) $SETTINGS['enable_http_request_login'] === 1 |
| 129 | 128 | && $request->getUser() !== null |
| 130 | - && ! (isset($SETTINGS['maintenance_mode']) === true |
|
| 129 | + && !(isset($SETTINGS['maintenance_mode']) === true |
|
| 131 | 130 | && (int) $SETTINGS['maintenance_mode'] === 1) |
| 132 | 131 | ) { |
| 133 | 132 | if (strpos($request->getUser(), '@') !== false) { |
@@ -141,42 +140,42 @@ discard block |
||
| 141 | 140 | <input type="text" id="login" class="form-control" placeholder="', filter_var($username, FILTER_SANITIZE_FULL_SPECIAL_CHARS), '" readonly>'; |
| 142 | 141 | } else { |
| 143 | 142 | echo ' |
| 144 | - <input type="text" id="login" class="form-control" placeholder="' . $lang->get('index_login') . '" value="'.(null !== $session->get('user-login') && empty($session->get('user-login')) === false ? filter_var($session->get('user-login'), FILTER_SANITIZE_FULL_SPECIAL_CHARS) : '').'">'; |
|
| 143 | + <input type="text" id="login" class="form-control" placeholder="' . $lang->get('index_login').'" value="'.(null !== $session->get('user-login') && empty($session->get('user-login')) === false ? filter_var($session->get('user-login'), FILTER_SANITIZE_FULL_SPECIAL_CHARS) : '').'">'; |
|
| 145 | 144 | } |
| 146 | 145 | |
| 147 | 146 | echo ' |
| 148 | 147 | </div>'; |
| 149 | -if (! (isset($SETTINGS['enable_http_request_login']) === true |
|
| 148 | +if (!(isset($SETTINGS['enable_http_request_login']) === true |
|
| 150 | 149 | && (int) $SETTINGS['enable_http_request_login'] === 1 |
| 151 | 150 | && $request->getUser() !== null |
| 152 | - && ! (isset($SETTINGS['maintenance_mode']) === true |
|
| 151 | + && !(isset($SETTINGS['maintenance_mode']) === true |
|
| 153 | 152 | && (int) $SETTINGS['maintenance_mode'] === 1))) { |
| 154 | 153 | echo ' |
| 155 | 154 | <div class="input-group has-feedback mb-2"> |
| 156 | - <div class="input-group-prepend infotip" title="' . $lang->get('password') . '"> |
|
| 155 | + <div class="input-group-prepend infotip" title="' . $lang->get('password').'"> |
|
| 157 | 156 | <span class="input-group-text"><i class="fa-solid fa-lock fa-fw"></i></span> |
| 158 | 157 | </div> |
| 159 | - <input type="password" id="pw" class="form-control submit-button" placeholder="' . $lang->get('index_password') . '"> |
|
| 158 | + <input type="password" id="pw" class="form-control submit-button" placeholder="' . $lang->get('index_password').'"> |
|
| 160 | 159 | </div>'; |
| 161 | 160 | } |
| 162 | 161 | |
| 163 | 162 | echo ' |
| 164 | 163 | <div class="input-group has-feedback mb-2"> |
| 165 | - <div class="input-group-prepend infotip" title="' . $lang->get('session_expiration_in_minutes') . '"> |
|
| 164 | + <div class="input-group-prepend infotip" title="' . $lang->get('session_expiration_in_minutes').'"> |
|
| 166 | 165 | <span class="input-group-text"><i class="fa-solid fa-clock fa-fw"></i></span> |
| 167 | 166 | </div> |
| 168 | 167 | <input type="text" id="session_duration" class="form-control submit-button" |
| 169 | - placeholder="' . $lang->get('index_session_duration') .' (' . $lang->get('minutes') . ')" |
|
| 168 | + placeholder="' . $lang->get('index_session_duration').' ('.$lang->get('minutes').')" |
|
| 170 | 169 | value="', isset($SETTINGS['default_session_expiration_time']) === true ? $SETTINGS['default_session_expiration_time'] : '', '"> |
| 171 | 170 | </div>'; |
| 172 | 171 | // 2FA auth selector |
| 173 | 172 | $mfaHtmlPart = ' |
| 174 | - <input type="hidden" id="2fa_user_selection" value="'.htmlspecialchars((isset($get['post_type']) === true && $get['post_type'] === 'duo') ? 'duo' : ''). '"> |
|
| 175 | - <input type="hidden" id="duo_code" value="'.htmlspecialchars(isset($get['duo_code']) === true && is_null($get['duo_code']) === false ? $get['duo_code'] : ''). '"> |
|
| 176 | - <input type="hidden" id="duo_state" value="'.htmlspecialchars(isset($get['duo_state']) === true && is_null($get['duo_state']) === false ? $get['duo_state'] : ''). '"> |
|
| 173 | + <input type="hidden" id="2fa_user_selection" value="'.htmlspecialchars((isset($get['post_type']) === true && $get['post_type'] === 'duo') ? 'duo' : '').'"> |
|
| 174 | + <input type="hidden" id="duo_code" value="'.htmlspecialchars(isset($get['duo_code']) === true && is_null($get['duo_code']) === false ? $get['duo_code'] : '').'"> |
|
| 175 | + <input type="hidden" id="duo_state" value="'.htmlspecialchars(isset($get['duo_state']) === true && is_null($get['duo_state']) === false ? $get['duo_state'] : '').'"> |
|
| 177 | 176 | <div class="row mb-3 hidden" id="2fa_methods_selector"> |
| 178 | 177 | <div class="col-12"> |
| 179 | - <h8 class="login-box-msg">' . $lang->get('2fa_authentication_selector') . '</h8> |
|
| 178 | + <h8 class="login-box-msg">' . $lang->get('2fa_authentication_selector').'</h8> |
|
| 180 | 179 | <div class="2fa-methods text-center mt-2">'. |
| 181 | 180 | (isset($SETTINGS['google_authentication']) === true && (int) $SETTINGS['google_authentication'] === 1 ? |
| 182 | 181 | ' |
@@ -209,14 +208,14 @@ discard block |
||
| 209 | 208 | echo ' |
| 210 | 209 | <div id="div-2fa-google" class="mb-3 div-2fa-method hidden"> |
| 211 | 210 | <div class="input-group has-feedback mb-2"> |
| 212 | - <div class="input-group-prepend infotip" title="' . $lang->get('mfa_unique_code') . '"> |
|
| 211 | + <div class="input-group-prepend infotip" title="' . $lang->get('mfa_unique_code').'"> |
|
| 213 | 212 | <span class="input-group-text"><i class="fa-solid fa-key fa-fw"></i></span> |
| 214 | 213 | </div> |
| 215 | - <input type="text" id="ga_code" class="form-control submit-button" placeholder="' . $lang->get('ga_identification_code') . '" /> |
|
| 214 | + <input type="text" id="ga_code" class="form-control submit-button" placeholder="' . $lang->get('ga_identification_code').'" /> |
|
| 216 | 215 | <span class="input-group-append"> |
| 217 | 216 | <button type="button" class="btn btn-info btn-flat" onclick="send_user_new_temporary_ga_code()"> |
| 218 | 217 | <i class="fa-solid fa-envelope form-control-feedback pointer infotip" |
| 219 | - title="' . $lang->get('i_need_to_generate_new_ga_code') . '"></i> |
|
| 218 | + title="' . $lang->get('i_need_to_generate_new_ga_code').'"></i> |
|
| 220 | 219 | </button> |
| 221 | 220 | </span> |
| 222 | 221 | </div> |
@@ -234,7 +233,7 @@ discard block |
||
| 234 | 233 | <script> |
| 235 | 234 | var seconds = 1; |
| 236 | 235 | function updateLogonButton(timeToGo){ |
| 237 | - document.getElementById("but_identify_user").value = "' . $lang->get('duration_login_attempt') . ' " + timeToGo; |
|
| 236 | + document.getElementById("but_identify_user").value = "' . $lang->get('duration_login_attempt').' " + timeToGo; |
|
| 238 | 237 | } |
| 239 | 238 | $( window ).on( "load", function() { |
| 240 | 239 | updateLogonButton(seconds); |
@@ -243,7 +242,7 @@ discard block |
||
| 243 | 242 | if (seconds >= 0) { |
| 244 | 243 | updateLogonButton(seconds); |
| 245 | 244 | } else if(seconds === 0) { |
| 246 | - launchIdentify("", "' . $nextUrl . '"); |
|
| 245 | + launchIdentify("", "' . $nextUrl.'"); |
|
| 247 | 246 | } |
| 248 | 247 | updateLogonButton(seconds); |
| 249 | 248 | }, |
@@ -264,15 +263,15 @@ discard block |
||
| 264 | 263 | <div class="col-8"> |
| 265 | 264 | <div id="yubiko-new-key" class="alert alert-info hidden"> |
| 266 | 265 | <p> |
| 267 | - <input type="text" size="10" id="yubico_user_id" class="form-control" placeholder="' . $lang->get('yubico_user_id') . '"> |
|
| 266 | + <input type="text" size="10" id="yubico_user_id" class="form-control" placeholder="' . $lang->get('yubico_user_id').'"> |
|
| 268 | 267 | </p> |
| 269 | 268 | <p> |
| 270 | - <input type="text" size="10" id="yubico_user_key" class="form-control" placeholder="' . $lang->get('yubico_user_key') . '"> |
|
| 269 | + <input type="text" size="10" id="yubico_user_key" class="form-control" placeholder="' . $lang->get('yubico_user_key').'"> |
|
| 271 | 270 | </p> |
| 272 | 271 | </div> |
| 273 | - <input autocomplete="off" type="text" id="yubico_key" class="form-control submit-button" placeholder="' . $lang->get('press_your_yubico_key') . '"> |
|
| 272 | + <input autocomplete="off" type="text" id="yubico_key" class="form-control submit-button" placeholder="' . $lang->get('press_your_yubico_key').'"> |
|
| 274 | 273 | <div class="row"> |
| 275 | - <span class="ml-2 mt-1 font-weight-light small pointer" id="register-yubiko-key">' . $lang->get('register_new_yubiko_key') . '</span> |
|
| 274 | + <span class="ml-2 mt-1 font-weight-light small pointer" id="register-yubiko-key">' . $lang->get('register_new_yubiko_key').'</span> |
|
| 276 | 275 | </div> |
| 277 | 276 | </div> |
| 278 | 277 | </div>'; |
@@ -281,22 +280,22 @@ discard block |
||
| 281 | 280 | echo ' |
| 282 | 281 | <div class="row mt-5"> |
| 283 | 282 | <div class="col-12"> |
| 284 | - <button id="but_identify_user" class="btn btn-primary btn-block">' . $lang->get('log_in') . '</button> |
|
| 283 | + <button id="but_identify_user" class="btn btn-primary btn-block">' . $lang->get('log_in').'</button> |
|
| 285 | 284 | |
| 286 | 285 | <!-- In case of upgrade, the user has to provide his One Time Code --> |
| 287 | 286 | <div class="card-body user-one-time-code-card-body hidden"> |
| 288 | - <h5 class="login-box-msg">' . $lang->get('provide_personal_one_time_code') . '</h5> |
|
| 287 | + <h5 class="login-box-msg">' . $lang->get('provide_personal_one_time_code').'</h5> |
|
| 289 | 288 | |
| 290 | 289 | <div class="input-group has-feedback mb-2 mt-4"> |
| 291 | 290 | <div class="input-group-prepend"> |
| 292 | 291 | <span class="input-group-text"><i class="fa-solid fa-unlock-alt"></i></span> |
| 293 | 292 | </div> |
| 294 | - <input type="password" id="user-one-time-code" class="form-control" placeholder="' . $lang->get('one_time_code') . '"> |
|
| 293 | + <input type="password" id="user-one-time-code" class="form-control" placeholder="' . $lang->get('one_time_code').'"> |
|
| 295 | 294 | </div> |
| 296 | 295 | |
| 297 | 296 | <div class="row mb-3"> |
| 298 | 297 | <div class="col-12"> |
| 299 | - <button id="but_confirm_otc" class="btn btn-primary btn-block">' . $lang->get('confirm') . '</button> |
|
| 298 | + <button id="but_confirm_otc" class="btn btn-primary btn-block">' . $lang->get('confirm').'</button> |
|
| 300 | 299 | </div> |
| 301 | 300 | </div> |
| 302 | 301 | </div> |
@@ -311,7 +310,7 @@ discard block |
||
| 311 | 310 | <hr class="mt-3 mb-3"/> |
| 312 | 311 | <div class="row mb-2"> |
| 313 | 312 | <div class="col-12"> |
| 314 | - <button id="but_login_with_oauth2" class="btn btn-primary btn-block">' . $SETTINGS['oauth2_client_appname'] . '</button> |
|
| 313 | + <button id="but_login_with_oauth2" class="btn btn-primary btn-block">' . $SETTINGS['oauth2_client_appname'].'</button> |
|
| 315 | 314 | </div> |
| 316 | 315 | </div>'; |
| 317 | 316 | } |
@@ -324,10 +323,10 @@ discard block |
||
| 324 | 323 | // In case of password change |
| 325 | 324 | echo ' |
| 326 | 325 | <div class="card-body confirm-password-card-body hidden"> |
| 327 | - <h5 class="login-box-msg">' . $lang->get('new_password_required') . '</h5> |
|
| 326 | + <h5 class="login-box-msg">' . $lang->get('new_password_required').'</h5> |
|
| 328 | 327 | |
| 329 | 328 | <div class="alert alert-info"> |
| 330 | - <div class="text-center"><i class="icon fa fa-info"></i>' . $lang->get('password_strength') . ' |
|
| 329 | + <div class="text-center"><i class="icon fa fa-info"></i>' . $lang->get('password_strength').' |
|
| 331 | 330 | <span id="confirm-password-level" class="ml-2 font-weight-bold"></span></div> |
| 332 | 331 | </div> |
| 333 | 332 | |
@@ -337,20 +336,20 @@ discard block |
||
| 337 | 336 | <div class="input-group-prepend"> |
| 338 | 337 | <span class="input-group-text"><i class="fas fa-key"></i></span> |
| 339 | 338 | </div> |
| 340 | - <input type="password" id="current-user-password" class="form-control" placeholder="' . $lang->get('current_password') . '"> |
|
| 339 | + <input type="password" id="current-user-password" class="form-control" placeholder="' . $lang->get('current_password').'"> |
|
| 341 | 340 | </div> |
| 342 | 341 | </div> |
| 343 | 342 | <div class="input-group has-feedback mb-2 mt-4"> |
| 344 | 343 | <div class="input-group-prepend"> |
| 345 | 344 | <span class="input-group-text"><i class="fas fa-key"></i></span> |
| 346 | 345 | </div> |
| 347 | - <input type="password" id="new-user-password" class="form-control" placeholder="' . $lang->get('index_new_pw') . '"> |
|
| 346 | + <input type="password" id="new-user-password" class="form-control" placeholder="' . $lang->get('index_new_pw').'"> |
|
| 348 | 347 | </div> |
| 349 | 348 | <div class="input-group has-feedback mb-2"> |
| 350 | 349 | <div class="input-group-prepend"> |
| 351 | 350 | <span class="input-group-text"><i class="fas fa-key"></i></span> |
| 352 | 351 | </div> |
| 353 | - <input type="password" id="new-user-password-confirm" class="form-control" placeholder="' . $lang->get('index_change_pw_confirmation') . '"> |
|
| 352 | + <input type="password" id="new-user-password-confirm" class="form-control" placeholder="' . $lang->get('index_change_pw_confirmation').'"> |
|
| 354 | 353 | </div> |
| 355 | 354 | <div class="row mb-3"> |
| 356 | 355 | <div class="col-md-12 offset-sm-4 text-center"> |
@@ -361,7 +360,7 @@ discard block |
||
| 361 | 360 | </div> |
| 362 | 361 | <div class="row mb-3"> |
| 363 | 362 | <div class="col-12"> |
| 364 | - <button id="but_confirm_new_password" class="btn btn-primary btn-block">' . $lang->get('confirm') . '</button> |
|
| 363 | + <button id="but_confirm_new_password" class="btn btn-primary btn-block">' . $lang->get('confirm').'</button> |
|
| 365 | 364 | </div> |
| 366 | 365 | </div> |
| 367 | 366 | </div> |
@@ -369,20 +368,20 @@ discard block |
||
| 369 | 368 | |
| 370 | 369 | <div class="card-body hidden" id="card-user-treat-psk"> |
| 371 | 370 | <div class="alert alert-info"> |
| 372 | - <div class="text-center"><i class="icon fa fa-info"></i>' . $lang->get('user_has_psk_info') . '</div> |
|
| 371 | + <div class="text-center"><i class="icon fa fa-info"></i>' . $lang->get('user_has_psk_info').'</div> |
|
| 373 | 372 | </div> |
| 374 | 373 | <div class="input-group has-feedback mb-2"> |
| 375 | 374 | <div class="input-group-prepend"> |
| 376 | 375 | <span class="input-group-text"><i class="fas fa-key"></i></span> |
| 377 | 376 | </div> |
| 378 | - <input type="password" id="user-old-defuse-psk" class="form-control" placeholder="' . $lang->get('home_personal_saltkey') . '"> |
|
| 377 | + <input type="password" id="user-old-defuse-psk" class="form-control" placeholder="' . $lang->get('home_personal_saltkey').'"> |
|
| 379 | 378 | </div> |
| 380 | 379 | <div class="row mb-3 mt-4"> |
| 381 | 380 | <div class="col-12"> |
| 382 | - <button id="but_confirm_defuse_psk" class="btn btn-primary btn-block">' . $lang->get('launch') . '</button> |
|
| 381 | + <button id="but_confirm_defuse_psk" class="btn btn-primary btn-block">' . $lang->get('launch').'</button> |
|
| 383 | 382 | </div> |
| 384 | 383 | <div class="col-12 mt-3"> |
| 385 | - <button id="but_confirm_forgot_defuse_psk" class="btn btn-danger btn-block text-bold">' . $lang->get('i_cannot_remember') . '</button> |
|
| 384 | + <button id="but_confirm_forgot_defuse_psk" class="btn btn-danger btn-block text-bold">' . $lang->get('i_cannot_remember').'</button> |
|
| 386 | 385 | </div> |
| 387 | 386 | </div> |
| 388 | 387 | </div> |
@@ -71,7 +71,7 @@ |
||
| 71 | 71 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('oauth') === false) { |
| 72 | 72 | // Not allowed page |
| 73 | 73 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 74 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 74 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 75 | 75 | exit; |
| 76 | 76 | } |
| 77 | 77 | |
@@ -77,7 +77,7 @@ discard block |
||
| 77 | 77 | ) { |
| 78 | 78 | // Not allowed page |
| 79 | 79 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 80 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 80 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 81 | 81 | exit; |
| 82 | 82 | } |
| 83 | 83 | |
@@ -138,21 +138,21 @@ discard block |
||
| 138 | 138 | // Prepare variables |
| 139 | 139 | $post_key = filter_var($dataReceived['encryptionKey'], FILTER_SANITIZE_FULL_SPECIAL_CHARS); |
| 140 | 140 | |
| 141 | - require_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php'; |
|
| 141 | + require_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php'; |
|
| 142 | 142 | $return = ''; |
| 143 | 143 | |
| 144 | 144 | //Get all tables |
| 145 | 145 | $tables = array(); |
| 146 | 146 | $result = DB::query('SHOW TABLES'); |
| 147 | 147 | foreach ($result as $row) { |
| 148 | - $tables[] = $row['Tables_in_' . DB_NAME]; |
|
| 148 | + $tables[] = $row['Tables_in_'.DB_NAME]; |
|
| 149 | 149 | } |
| 150 | 150 | |
| 151 | 151 | //cycle through |
| 152 | 152 | foreach ($tables as $table) { |
| 153 | 153 | if (empty($pre) || substr_count($table, $pre) > 0) { |
| 154 | 154 | // Do query |
| 155 | - $result = DB::queryRaw('SELECT * FROM ' . $table); |
|
| 155 | + $result = DB::queryRaw('SELECT * FROM '.$table); |
|
| 156 | 156 | DB::queryRaw( |
| 157 | 157 | 'SELECT * |
| 158 | 158 | FROM INFORMATION_SCHEMA.COLUMNS |
@@ -164,17 +164,17 @@ discard block |
||
| 164 | 164 | $numFields = DB::count(); |
| 165 | 165 | |
| 166 | 166 | // prepare a drop table |
| 167 | - $return .= 'DROP TABLE ' . $table . ';'; |
|
| 168 | - $row2 = DB::queryfirstrow('SHOW CREATE TABLE ' . $table); |
|
| 169 | - $return .= "\n\n" . $row2['Create Table'] . ";\n\n"; |
|
| 167 | + $return .= 'DROP TABLE '.$table.';'; |
|
| 168 | + $row2 = DB::queryfirstrow('SHOW CREATE TABLE '.$table); |
|
| 169 | + $return .= "\n\n".$row2['Create Table'].";\n\n"; |
|
| 170 | 170 | |
| 171 | 171 | //prepare all fields and datas |
| 172 | 172 | for ($i = 0; $i < $numFields; ++$i) { |
| 173 | 173 | while ($row = $result->fetch_row()) { |
| 174 | - $return .= 'INSERT INTO ' . $table . ' VALUES('; |
|
| 174 | + $return .= 'INSERT INTO '.$table.' VALUES('; |
|
| 175 | 175 | for ($j = 0; $j < $numFields; ++$j) { |
| 176 | 176 | // Gestion des valeurs NULL |
| 177 | - $value = $row[$j] === null ? 'NULL' : '"' . addslashes(preg_replace("/\n/", '\\n', $row[$j])) . '"'; |
|
| 177 | + $value = $row[$j] === null ? 'NULL' : '"'.addslashes(preg_replace("/\n/", '\\n', $row[$j])).'"'; |
|
| 178 | 178 | $return .= $value; |
| 179 | 179 | if ($j < ($numFields - 1)) { |
| 180 | 180 | $return .= ','; |
@@ -192,8 +192,8 @@ discard block |
||
| 192 | 192 | $token = GenerateCryptKey(20, false, true, true, false, true); |
| 193 | 193 | |
| 194 | 194 | //save file |
| 195 | - $filename = time() . '-' . $token . '.sql'; |
|
| 196 | - $handle = fopen($SETTINGS['path_to_files_folder'] . '/' . $filename, 'w+'); |
|
| 195 | + $filename = time().'-'.$token.'.sql'; |
|
| 196 | + $handle = fopen($SETTINGS['path_to_files_folder'].'/'.$filename, 'w+'); |
|
| 197 | 197 | if ($handle !== false) { |
| 198 | 198 | //write file |
| 199 | 199 | fwrite($handle, $return); |
@@ -205,17 +205,17 @@ discard block |
||
| 205 | 205 | // Encrypt the file |
| 206 | 206 | prepareFileWithDefuse( |
| 207 | 207 | 'encrypt', |
| 208 | - $SETTINGS['path_to_files_folder'] . '/' . $filename, |
|
| 209 | - $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $filename, |
|
| 208 | + $SETTINGS['path_to_files_folder'].'/'.$filename, |
|
| 209 | + $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$filename, |
|
| 210 | 210 | $SETTINGS, |
| 211 | 211 | $post_key |
| 212 | 212 | ); |
| 213 | 213 | |
| 214 | 214 | // Do clean |
| 215 | - unlink($SETTINGS['path_to_files_folder'] . '/' . $filename); |
|
| 215 | + unlink($SETTINGS['path_to_files_folder'].'/'.$filename); |
|
| 216 | 216 | rename( |
| 217 | - $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $filename, |
|
| 218 | - $SETTINGS['path_to_files_folder'] . '/' . $filename |
|
| 217 | + $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$filename, |
|
| 218 | + $SETTINGS['path_to_files_folder'].'/'.$filename |
|
| 219 | 219 | ); |
| 220 | 220 | } |
| 221 | 221 | |
@@ -235,9 +235,9 @@ discard block |
||
| 235 | 235 | array( |
| 236 | 236 | 'error' => false, |
| 237 | 237 | 'message' => '', |
| 238 | - 'download' => 'sources/downloadFile.php?name=' . urlencode($filename) . |
|
| 239 | - '&sub=files&file=' . $filename . '&type=sql&key=' . $session->get('key') . '&key_tmp=' . |
|
| 240 | - $session->get('user-key_tmp') . '&pathIsFiles=1', |
|
| 238 | + 'download' => 'sources/downloadFile.php?name='.urlencode($filename). |
|
| 239 | + '&sub=files&file='.$filename.'&type=sql&key='.$session->get('key').'&key_tmp='. |
|
| 240 | + $session->get('user-key_tmp').'&pathIsFiles=1', |
|
| 241 | 241 | ), |
| 242 | 242 | 'encode' |
| 243 | 243 | ); |
@@ -292,13 +292,13 @@ discard block |
||
| 292 | 292 | |
| 293 | 293 | if (WIP === true) error_log('DEBUG: Offset -> '.$post_offset.' | File -> '.$post_clearFilename.' | key -> '.$post_key); |
| 294 | 294 | |
| 295 | - include_once $SETTINGS['cpassman_dir'] . '/sources/main.functions.php'; |
|
| 295 | + include_once $SETTINGS['cpassman_dir'].'/sources/main.functions.php'; |
|
| 296 | 296 | |
| 297 | 297 | if (empty($post_clearFilename) === true) { |
| 298 | 298 | // Get filename from database |
| 299 | 299 | $data = DB::queryFirstRow( |
| 300 | 300 | 'SELECT valeur |
| 301 | - FROM ' . prefixTable('misc') . ' |
|
| 301 | + FROM ' . prefixTable('misc').' |
|
| 302 | 302 | WHERE increment_id = %i', |
| 303 | 303 | $post_backupFile |
| 304 | 304 | ); |
@@ -317,8 +317,8 @@ discard block |
||
| 317 | 317 | // Decrypt the file |
| 318 | 318 | $ret = prepareFileWithDefuse( |
| 319 | 319 | 'decrypt', |
| 320 | - $SETTINGS['path_to_files_folder'] . '/' . $post_backupFile, |
|
| 321 | - $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $post_backupFile, |
|
| 320 | + $SETTINGS['path_to_files_folder'].'/'.$post_backupFile, |
|
| 321 | + $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$post_backupFile, |
|
| 322 | 322 | $SETTINGS, |
| 323 | 323 | $post_key |
| 324 | 324 | ); |
@@ -335,10 +335,10 @@ discard block |
||
| 335 | 335 | } |
| 336 | 336 | |
| 337 | 337 | // Do clean |
| 338 | - fileDelete($SETTINGS['path_to_files_folder'] . '/' . $post_backupFile, $SETTINGS); |
|
| 339 | - $post_backupFile = $SETTINGS['path_to_files_folder'] . '/defuse_temp_' . $post_backupFile; |
|
| 338 | + fileDelete($SETTINGS['path_to_files_folder'].'/'.$post_backupFile, $SETTINGS); |
|
| 339 | + $post_backupFile = $SETTINGS['path_to_files_folder'].'/defuse_temp_'.$post_backupFile; |
|
| 340 | 340 | } else { |
| 341 | - $post_backupFile = $SETTINGS['path_to_files_folder'] . '/' . $post_backupFile; |
|
| 341 | + $post_backupFile = $SETTINGS['path_to_files_folder'].'/'.$post_backupFile; |
|
| 342 | 342 | } |
| 343 | 343 | } else { |
| 344 | 344 | $post_backupFile = $post_clearFilename; |
@@ -70,7 +70,7 @@ discard block |
||
| 70 | 70 | $emailService = new EmailService(); |
| 71 | 71 | $rows = DB::query( |
| 72 | 72 | 'SELECT * |
| 73 | - FROM ' . prefixTable('background_tasks') . ' |
|
| 73 | + FROM ' . prefixTable('background_tasks').' |
|
| 74 | 74 | WHERE is_in_progress = %i AND process_type = %s |
| 75 | 75 | ORDER BY increment_id ASC LIMIT 0,10', |
| 76 | 76 | 0, |
@@ -138,7 +138,7 @@ discard block |
||
| 138 | 138 | |
| 139 | 139 | //if ((int) $SETTINGS['enable_backlog_mail'] === 1) { |
| 140 | 140 | $row = DB::queryFirstRow( |
| 141 | - 'SELECT valeur FROM ' . prefixTable('misc') . ' WHERE type = %s AND intitule = %s', |
|
| 141 | + 'SELECT valeur FROM '.prefixTable('misc').' WHERE type = %s AND intitule = %s', |
|
| 142 | 142 | 'cron', |
| 143 | 143 | 'sending_emails' |
| 144 | 144 | ); |
@@ -146,7 +146,7 @@ discard block |
||
| 146 | 146 | if ((int) (time() - $row['valeur']) >= 300 || (int) $row['valeur'] === 0) { |
| 147 | 147 | $rows = DB::query( |
| 148 | 148 | 'SELECT * |
| 149 | - FROM ' . prefixTable('emails') . |
|
| 149 | + FROM ' . prefixTable('emails'). |
|
| 150 | 150 | ' WHERE status != %s', |
| 151 | 151 | 'sent' |
| 152 | 152 | ); |
@@ -86,7 +86,7 @@ discard block |
||
| 86 | 86 | |
| 87 | 87 | $parentComplexity = $this->checkComplexityLevel($parentFolderData, $complexity, $parent_id); |
| 88 | 88 | if (isset($parentComplexity ['error']) && $parentComplexity['error'] === true) { |
| 89 | - return $this->errorResponse($this->lang->get('error_folder_complexity_lower_than_top_folder') . " [<b>{$this->settings['TP_PW_COMPLEXITY'][$parentComplexity['valeur']][1]}</b>]"); |
|
| 89 | + return $this->errorResponse($this->lang->get('error_folder_complexity_lower_than_top_folder')." [<b>{$this->settings['TP_PW_COMPLEXITY'][$parentComplexity['valeur']][1]}</b>]"); |
|
| 90 | 90 | } |
| 91 | 91 | |
| 92 | 92 | return $this->createFolder($params, array_merge($parentFolderData, $parentComplexity)); |
@@ -135,7 +135,7 @@ discard block |
||
| 135 | 135 | ) { |
| 136 | 136 | DB::query( |
| 137 | 137 | 'SELECT * |
| 138 | - FROM ' . prefixTable('nested_tree') . ' |
|
| 138 | + FROM ' . prefixTable('nested_tree').' |
|
| 139 | 139 | WHERE title = %s AND personal_folder = 0', |
| 140 | 140 | $title |
| 141 | 141 | ); |
@@ -159,7 +159,7 @@ discard block |
||
| 159 | 159 | //check if parent folder is personal |
| 160 | 160 | $data = DB::queryfirstrow( |
| 161 | 161 | 'SELECT personal_folder, bloquer_creation, bloquer_modification |
| 162 | - FROM ' . prefixTable('nested_tree') . ' |
|
| 162 | + FROM ' . prefixTable('nested_tree').' |
|
| 163 | 163 | WHERE id = %i', |
| 164 | 164 | $parent_id |
| 165 | 165 | ); |
@@ -198,7 +198,7 @@ discard block |
||
| 198 | 198 | // get complexity level for this folder |
| 199 | 199 | $data = DB::queryfirstrow( |
| 200 | 200 | 'SELECT valeur |
| 201 | - FROM ' . prefixTable('misc') . ' |
|
| 201 | + FROM ' . prefixTable('misc').' |
|
| 202 | 202 | WHERE intitule = %i AND type = %s', |
| 203 | 203 | $parent_id, |
| 204 | 204 | 'complex' |
@@ -249,11 +249,11 @@ discard block |
||
| 249 | 249 | */ |
| 250 | 250 | private function canCreateFolder($isPersonal, $user_is_admin, $user_is_manager, $user_can_manage_all_users, $user_can_create_root_folder) |
| 251 | 251 | { |
| 252 | - return (int)$isPersonal === 1 || |
|
| 253 | - (int)$user_is_admin === 1 || |
|
| 254 | - ((int)$user_is_manager === 1 || (int)$user_can_manage_all_users === 1) || |
|
| 252 | + return (int) $isPersonal === 1 || |
|
| 253 | + (int) $user_is_admin === 1 || |
|
| 254 | + ((int) $user_is_manager === 1 || (int) $user_can_manage_all_users === 1) || |
|
| 255 | 255 | ($this->settings['enable_user_can_create_folders'] ?? false) || |
| 256 | - ((int)$user_can_create_root_folder === 1); |
|
| 256 | + ((int) $user_can_create_root_folder === 1); |
|
| 257 | 257 | } |
| 258 | 258 | |
| 259 | 259 | /** |
@@ -332,7 +332,7 @@ discard block |
||
| 332 | 332 | $path = ''; |
| 333 | 333 | $tree_path = $tree->getPath(0, false); |
| 334 | 334 | foreach ($tree_path as $fld) { |
| 335 | - $path .= empty($path) ? $fld->title : '/' . $fld->title; |
|
| 335 | + $path .= empty($path) ? $fld->title : '/'.$fld->title; |
|
| 336 | 336 | } |
| 337 | 337 | |
| 338 | 338 | $new_json = [ |
@@ -346,7 +346,7 @@ discard block |
||
| 346 | 346 | "is_visible_active" => 0, |
| 347 | 347 | ]; |
| 348 | 348 | |
| 349 | - $cache_tree = DB::queryFirstRow('SELECT increment_id, folders, visible_folders FROM ' . prefixTable('cache_tree') . ' WHERE user_id = %i', (int)$user_id); |
|
| 349 | + $cache_tree = DB::queryFirstRow('SELECT increment_id, folders, visible_folders FROM '.prefixTable('cache_tree').' WHERE user_id = %i', (int) $user_id); |
|
| 350 | 350 | |
| 351 | 351 | if (empty($cache_tree)) { |
| 352 | 352 | DB::insert(prefixTable('cache_tree'), [ |
@@ -366,7 +366,7 @@ discard block |
||
| 366 | 366 | 'folders' => json_encode($folders), |
| 367 | 367 | 'visible_folders' => json_encode($visible_folders), |
| 368 | 368 | 'timestamp' => time(), |
| 369 | - ], 'increment_id = %i', (int)$cache_tree['increment_id']); |
|
| 369 | + ], 'increment_id = %i', (int) $cache_tree['increment_id']); |
|
| 370 | 370 | } |
| 371 | 371 | } |
| 372 | 372 | |
@@ -376,7 +376,7 @@ discard block |
||
| 376 | 376 | private function manageFolderPermissions($parent_id, $newId, $user_roles, $access_rights, $user_is_admin) |
| 377 | 377 | { |
| 378 | 378 | if ($this->settings['subfolder_rights_as_parent'] ?? false) { |
| 379 | - $rows = DB::query('SELECT role_id, type FROM ' . prefixTable('roles_values') . ' WHERE folder_id = %i', $parent_id); |
|
| 379 | + $rows = DB::query('SELECT role_id, type FROM '.prefixTable('roles_values').' WHERE folder_id = %i', $parent_id); |
|
| 380 | 380 | foreach ($rows as $record) { |
| 381 | 381 | DB::insert(prefixTable('roles_values'), [ |
| 382 | 382 | 'role_id' => $record['role_id'], |
@@ -384,7 +384,7 @@ discard block |
||
| 384 | 384 | 'type' => $record['type'], |
| 385 | 385 | ]); |
| 386 | 386 | } |
| 387 | - } elseif ((int)$user_is_admin !== 1) { |
|
| 387 | + } elseif ((int) $user_is_admin !== 1) { |
|
| 388 | 388 | foreach (array_unique(explode(';', $user_roles)) as $role) { |
| 389 | 389 | if (!empty($role)) { |
| 390 | 390 | DB::insert(prefixTable('roles_values'), [ |
@@ -402,7 +402,7 @@ discard block |
||
| 402 | 402 | */ |
| 403 | 403 | private function copyCustomFieldsCategories($parent_id, $newId) |
| 404 | 404 | { |
| 405 | - $rows = DB::query('SELECT id_category FROM ' . prefixTable('categories_folders') . ' WHERE id_folder = %i', $parent_id); |
|
| 405 | + $rows = DB::query('SELECT id_category FROM '.prefixTable('categories_folders').' WHERE id_folder = %i', $parent_id); |
|
| 406 | 406 | foreach ($rows as $record) { |
| 407 | 407 | DB::insert(prefixTable('categories_folders'), [ |
| 408 | 408 | 'id_category' => $record['id_category'], |
@@ -430,7 +430,7 @@ discard block |
||
| 430 | 430 | return [ |
| 431 | 431 | 'error' => true, |
| 432 | 432 | 'message' => $message, |
| 433 | - 'newId' => '' . $newIdSuffix, |
|
| 433 | + 'newId' => ''.$newIdSuffix, |
|
| 434 | 434 | ]; |
| 435 | 435 | } |
| 436 | 436 | } |
| 437 | 437 | \ No newline at end of file |
@@ -32,7 +32,7 @@ |
||
| 32 | 32 | use TeampassClasses\OAuth2Controller\OAuth2Controller; |
| 33 | 33 | |
| 34 | 34 | session_start(); |
| 35 | -require_once __DIR__. '/../../includes/config/include.php'; |
|
| 35 | +require_once __DIR__.'/../../includes/config/include.php'; |
|
| 36 | 36 | require_once __DIR__.'/../../sources/main.functions.php'; |
| 37 | 37 | |
| 38 | 38 | // init |
@@ -1,7 +1,7 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | use TeampassClasses\OAuth2Controller\OAuth2Controller; |
| 3 | 3 | session_start(); |
| 4 | -require_once __DIR__. '/../includes/config/include.php'; |
|
| 4 | +require_once __DIR__.'/../includes/config/include.php'; |
|
| 5 | 5 | require_once __DIR__.'/../sources/main.functions.php'; |
| 6 | 6 | |
| 7 | 7 | // init |
