nilsteampassnet /
TeamPass
@@ -72,7 +72,7 @@ discard block |
||
| 72 | 72 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('users') === false) { |
| 73 | 73 | // Not allowed page |
| 74 | 74 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 75 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 75 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 76 | 76 | exit; |
| 77 | 77 | } |
| 78 | 78 | ?> |
@@ -325,8 +325,8 @@ discard block |
||
| 325 | 325 | if (store.get('teampassApplication').formUserAction === "add_new_user") { |
| 326 | 326 | var data = { |
| 327 | 327 | 'receipt': $('#form-email').val(), |
| 328 | - 'subject': 'TEAMPASS - <?php echo $lang->get('temporary_encryption_code');?>', |
|
| 329 | - 'body': '<?php echo $lang->get('email_body_new_user');?>', |
|
| 328 | + 'subject': 'TEAMPASS - <?php echo $lang->get('temporary_encryption_code'); ?>', |
|
| 329 | + 'body': '<?php echo $lang->get('email_body_new_user'); ?>', |
|
| 330 | 330 | 'pre_replace' : { |
| 331 | 331 | '#code#' : store.get('teampassUser').admin_new_user_temporary_encryption_code, |
| 332 | 332 | '#login#' : store.get('teampassUser').admin_new_user_login, |
@@ -336,8 +336,8 @@ discard block |
||
| 336 | 336 | } else { |
| 337 | 337 | var data = { |
| 338 | 338 | 'receipt': $('#form-email').val(), |
| 339 | - 'subject': 'TEAMPASS - <?php echo $lang->get('temporary_encryption_code');?>', |
|
| 340 | - 'body': '<?php echo $lang->get('email_body_temporary_encryption_code');?>', |
|
| 339 | + 'subject': 'TEAMPASS - <?php echo $lang->get('temporary_encryption_code'); ?>', |
|
| 340 | + 'body': '<?php echo $lang->get('email_body_temporary_encryption_code'); ?>', |
|
| 341 | 341 | 'pre_replace' : { |
| 342 | 342 | '#enc_code#' : store.get('teampassUser').admin_new_user_temporary_encryption_code, |
| 343 | 343 | } |
@@ -532,14 +532,14 @@ discard block |
||
| 532 | 532 | } |
| 533 | 533 | // Inform user |
| 534 | 534 | $("#warningModalBody").html('<b><?php echo $lang->get('encryption_keys'); ?> - ' + |
| 535 | - stepText + '</b> [' + start + ' - ' + (parseInt(start) + <?php echo NUMBER_ITEMS_IN_BATCH;?>) + ']<span id="warningModalBody_extra">' + $nbItemsToConvert + '</span> ' + |
|
| 535 | + stepText + '</b> [' + start + ' - ' + (parseInt(start) + <?php echo NUMBER_ITEMS_IN_BATCH; ?>) + ']<span id="warningModalBody_extra">' + $nbItemsToConvert + '</span> ' + |
|
| 536 | 536 | '... <?php echo $lang->get('please_wait'); ?><i class="fa-solid fa-spinner fa-pulse ml-3 text-primary"></i>'); |
| 537 | 537 | |
| 538 | 538 | // If expected, show the OPT to the admin |
| 539 | 539 | if (constVisibleOTP === true) { |
| 540 | 540 | toastr.info( |
| 541 | - '<?php echo $lang->get('show_encryption_code_to_admin');?> <div><input class="form-control form-item-control flex-nowrap" value="' + userTemporaryCode + '" readonly></div>' |
|
| 542 | - + '<br /><button type="button" class="btn clear"><?php echo $lang->get('close');?></button>', |
|
| 541 | + '<?php echo $lang->get('show_encryption_code_to_admin'); ?> <div><input class="form-control form-item-control flex-nowrap" value="' + userTemporaryCode + '" readonly></div>' |
|
| 542 | + + '<br /><button type="button" class="btn clear"><?php echo $lang->get('close'); ?></button>', |
|
| 543 | 543 | '<?php echo $lang->get('information'); ?>', |
| 544 | 544 | { |
| 545 | 545 | extendedTimeOut: 0, |
@@ -558,7 +558,7 @@ discard block |
||
| 558 | 558 | var data = { |
| 559 | 559 | action: step, |
| 560 | 560 | start: start, |
| 561 | - length: <?php echo NUMBER_ITEMS_IN_BATCH;?>, |
|
| 561 | + length: <?php echo NUMBER_ITEMS_IN_BATCH; ?>, |
|
| 562 | 562 | user_id: userId, |
| 563 | 563 | } |
| 564 | 564 | if (debugJavascript === true) { |
@@ -1395,7 +1395,7 @@ discard block |
||
| 1395 | 1395 | } else { |
| 1396 | 1396 | // Show icon or not |
| 1397 | 1397 | if ($('#user-disabled').prop('checked') === true) { |
| 1398 | - $('#user-login-'+userID).before('<i class="fa-solid fa-user-slash infotip text-danger mr-2" title="<?php echo $lang->get('account_is_locked');?>" id="user-disable-'+userID+'"></i>'); |
|
| 1398 | + $('#user-login-'+userID).before('<i class="fa-solid fa-user-slash infotip text-danger mr-2" title="<?php echo $lang->get('account_is_locked'); ?>" id="user-disable-'+userID+'"></i>'); |
|
| 1399 | 1399 | } else { |
| 1400 | 1400 | $('#user-disable-'+userID).remove(); |
| 1401 | 1401 | } |
@@ -69,7 +69,7 @@ discard block |
||
| 69 | 69 | if ($checkUserAccess->checkSession() === false || $checkUserAccess->userAccessPage('users') === false) { |
| 70 | 70 | // Not allowed page |
| 71 | 71 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 72 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 72 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 73 | 73 | exit; |
| 74 | 74 | } |
| 75 | 75 | |
@@ -92,24 +92,24 @@ discard block |
||
| 92 | 92 | // If administrator then all roles are shown |
| 93 | 93 | // else only the Roles the users is associated to. |
| 94 | 94 | if ((int) $session->get('user-admin') === 1) { |
| 95 | - $optionsManagedBy .= '<option value="0">' . $lang->get('administrators_only') . '</option>'; |
|
| 95 | + $optionsManagedBy .= '<option value="0">'.$lang->get('administrators_only').'</option>'; |
|
| 96 | 96 | } |
| 97 | 97 | |
| 98 | 98 | $rows = DB::query( |
| 99 | 99 | 'SELECT id, title, creator_id |
| 100 | - FROM ' . prefixTable('roles_title') . ' |
|
| 100 | + FROM ' . prefixTable('roles_title').' |
|
| 101 | 101 | ORDER BY title ASC' |
| 102 | 102 | ); |
| 103 | 103 | foreach ($rows as $record) { |
| 104 | 104 | if ((int) $session->get('user-admin') === 1 || in_array($record['id'], $session->get('user-roles_array')) === true) { |
| 105 | - $optionsManagedBy .= '<option value="' . $record['id'] . '">' . $lang->get('managers_of') . ' ' . addslashes($record['title']) . '</option>'; |
|
| 105 | + $optionsManagedBy .= '<option value="'.$record['id'].'">'.$lang->get('managers_of').' '.addslashes($record['title']).'</option>'; |
|
| 106 | 106 | } |
| 107 | 107 | if ( |
| 108 | 108 | (int) $session->get('user-admin') === 1 |
| 109 | 109 | || (((int) $session->get('user-manager') === 1 || (int) $session->get('user-can_manage_all_users') === 1) |
| 110 | 110 | && (in_array($record['id'], $userRoles) === true) || (int) $record['creator_id'] === (int) $session->get('user-id')) |
| 111 | 111 | ) { |
| 112 | - $optionsRoles .= '<option value="' . $record['id'] . '">' . addslashes($record['title']) . '</option>'; |
|
| 112 | + $optionsRoles .= '<option value="'.$record['id'].'">'.addslashes($record['title']).'</option>'; |
|
| 113 | 113 | } |
| 114 | 114 | } |
| 115 | 115 | |
@@ -124,7 +124,7 @@ discard block |
||
| 124 | 124 | for ($y = 1; $y < $t->nlevel; ++$y) { |
| 125 | 125 | $ident .= ' '; |
| 126 | 126 | } |
| 127 | - $foldersList .= '<option value="' . $t->id . '">' . $ident . htmlspecialchars($t->title, ENT_COMPAT, 'UTF-8') . '</option>'; |
|
| 127 | + $foldersList .= '<option value="'.$t->id.'">'.$ident.htmlspecialchars($t->title, ENT_COMPAT, 'UTF-8').'</option>'; |
|
| 128 | 128 | } |
| 129 | 129 | } |
| 130 | 130 | |
@@ -161,13 +161,13 @@ discard block |
||
| 161 | 161 | </button><?php |
| 162 | 162 | echo isset($SETTINGS['ldap_mode']) === true && (int) $SETTINGS['ldap_mode'] === 1 && (int) $session->get('user-admin') === 1 ? |
| 163 | 163 | '<button type="button" class="btn btn-primary btn-sm tp-action mr-2" data-action="ldap-sync"> |
| 164 | - <i class="fa-solid fa-address-card mr-2"></i>' . $lang->get('ldap_synchronization') . ' |
|
| 164 | + <i class="fa-solid fa-address-card mr-2"></i>' . $lang->get('ldap_synchronization').' |
|
| 165 | 165 | </button>' : ''; |
| 166 | 166 | ?> |
| 167 | 167 | </button><?php |
| 168 | 168 | echo isset($SETTINGS['oauth2_enabled']) === true && (int) $SETTINGS['oauth2_enabled'] === 1 && (int) $session->get('user-admin') === 1 ? |
| 169 | 169 | '<button type="button" class="btn btn-primary btn-sm tp-action mr-2" data-action="oauth2-sync"> |
| 170 | - <i class="fa-solid fa-plug mr-2"></i>' . $lang->get('oauth2_synchronization') . ' |
|
| 170 | + <i class="fa-solid fa-plug mr-2"></i>' . $lang->get('oauth2_synchronization').' |
|
| 171 | 171 | </button>' : ''; |
| 172 | 172 | ?> |
| 173 | 173 | </h3> |
@@ -175,7 +175,7 @@ discard block |
||
| 175 | 175 | |
| 176 | 176 | <!-- /.card-header --> |
| 177 | 177 | <div class="card-body form" id="users-list"> |
| 178 | - <label><input type="checkbox" id="warnings_display" class="tp-action pointer" data-action="refresh"><span class="ml-2 pointer"><?php echo $lang->get('display_warning_icons');?></span></label> |
|
| 178 | + <label><input type="checkbox" id="warnings_display" class="tp-action pointer" data-action="refresh"><span class="ml-2 pointer"><?php echo $lang->get('display_warning_icons'); ?></span></label> |
|
| 179 | 179 | <table id="table-users" class="table table-striped nowrap table-responsive-sm"> |
| 180 | 180 | <thead> |
| 181 | 181 | <tr> |
@@ -239,7 +239,7 @@ discard block |
||
| 239 | 239 | <?php |
| 240 | 240 | foreach (TP_PW_COMPLEXITY as $entry) { |
| 241 | 241 | echo ' |
| 242 | - <option value="' . $entry[0] . '">' . addslashes($entry[1]) . '</option>'; |
|
| 242 | + <option value="' . $entry[0].'">'.addslashes($entry[1]).'</option>'; |
|
| 243 | 243 | } |
| 244 | 244 | ?> |
| 245 | 245 | </select> |
@@ -316,7 +316,7 @@ discard block |
||
| 316 | 316 | <?php |
| 317 | 317 | foreach (TP_PW_COMPLEXITY as $entry) { |
| 318 | 318 | echo ' |
| 319 | - <option value="' . $entry[0] . '">' . addslashes($entry[1]) . '</option>'; |
|
| 319 | + <option value="' . $entry[0].'">'.addslashes($entry[1]).'</option>'; |
|
| 320 | 320 | } |
| 321 | 321 | ?> |
| 322 | 322 | </select> |
@@ -28,8 +28,8 @@ |
||
| 28 | 28 | * @see https://www.teampass.net |
| 29 | 29 | */ |
| 30 | 30 | |
| 31 | - // TO REMOVE |
|
| 32 | - // - selected_items_to_be_imported |
|
| 31 | + // TO REMOVE |
|
| 32 | + // - selected_items_to_be_imported |
|
| 33 | 33 | |
| 34 | 34 | return array( |
| 35 | 35 | 'oauth2_synchronization' => 'OAuth2 synchronization', |
@@ -77,7 +77,7 @@ discard block |
||
| 77 | 77 | ) { |
| 78 | 78 | // Not allowed page |
| 79 | 79 | $session->set('system-error_code', ERR_NOT_ALLOWED); |
| 80 | - include $SETTINGS['cpassman_dir'] . '/error.php'; |
|
| 80 | + include $SETTINGS['cpassman_dir'].'/error.php'; |
|
| 81 | 81 | exit; |
| 82 | 82 | } |
| 83 | 83 | |
@@ -128,7 +128,7 @@ discard block |
||
| 128 | 128 | if (isset($order['column']) && preg_match('#^(asc|desc)$#i', $order['dir'])) { |
| 129 | 129 | $columnIndex = filter_var($order['column'], FILTER_SANITIZE_NUMBER_INT); |
| 130 | 130 | $dir = filter_var($order['dir'], FILTER_SANITIZE_FULL_SPECIAL_CHARS); |
| 131 | - $sOrder .= $aColumns[$columnIndex] . ' ' . $dir . ', '; |
|
| 131 | + $sOrder .= $aColumns[$columnIndex].' '.$dir.', '; |
|
| 132 | 132 | } |
| 133 | 133 | |
| 134 | 134 | $sOrder = substr_replace($sOrder, '', -2); |
@@ -152,15 +152,15 @@ discard block |
||
| 152 | 152 | |
| 153 | 153 | if ($letter !== '' && $letter !== 'None') { |
| 154 | 154 | $sWhere .= ' AND ('; |
| 155 | - $sWhere .= $aColumns[1] . " LIKE '" . $letter . "%' OR "; |
|
| 156 | - $sWhere .= $aColumns[2] . " LIKE '" . $letter . "%' OR "; |
|
| 157 | - $sWhere .= $aColumns[3] . " LIKE '" . $letter . "%' "; |
|
| 155 | + $sWhere .= $aColumns[1]." LIKE '".$letter."%' OR "; |
|
| 156 | + $sWhere .= $aColumns[2]." LIKE '".$letter."%' OR "; |
|
| 157 | + $sWhere .= $aColumns[3]." LIKE '".$letter."%' "; |
|
| 158 | 158 | $sWhere .= ')'; |
| 159 | 159 | } elseif ($searchValue !== '') { |
| 160 | 160 | $sWhere .= ' AND ('; |
| 161 | - $sWhere .= $aColumns[1] . " LIKE '" . $searchValue . "%' OR "; |
|
| 162 | - $sWhere .= $aColumns[2] . " LIKE '" . $searchValue . "%' OR "; |
|
| 163 | - $sWhere .= $aColumns[3] . " LIKE '" . $searchValue . "%' "; |
|
| 161 | + $sWhere .= $aColumns[1]." LIKE '".$searchValue."%' OR "; |
|
| 162 | + $sWhere .= $aColumns[2]." LIKE '".$searchValue."%' OR "; |
|
| 163 | + $sWhere .= $aColumns[3]." LIKE '".$searchValue."%' "; |
|
| 164 | 164 | $sWhere .= ')'; |
| 165 | 165 | } |
| 166 | 166 | |
@@ -246,7 +246,7 @@ discard block |
||
| 246 | 246 | // Check for existing lock |
| 247 | 247 | $unlock_at = DB::queryFirstField( |
| 248 | 248 | 'SELECT MAX(unlock_at) |
| 249 | - FROM ' . prefixTable('auth_failures') . ' |
|
| 249 | + FROM ' . prefixTable('auth_failures').' |
|
| 250 | 250 | WHERE unlock_at > %s AND source = %s AND value = %s', |
| 251 | 251 | date('Y-m-d H:i:s', time()), |
| 252 | 252 | 'login', |
@@ -255,33 +255,31 @@ discard block |
||
| 255 | 255 | |
| 256 | 256 | // Get some infos about user |
| 257 | 257 | $userDisplayInfos = |
| 258 | - (isset($userDate['date']) ? '<i class=\"fas fa-calendar-day infotip text-info ml-2\" title=\"'.$lang->get('creation_date').': '.date($SETTINGS['date_format'] . ' ' . $SETTINGS['time_format'], (int) $userDate['date']).'\"></i>' : '') |
|
| 258 | + (isset($userDate['date']) ? '<i class=\"fas fa-calendar-day infotip text-info ml-2\" title=\"'.$lang->get('creation_date').': '.date($SETTINGS['date_format'].' '.$SETTINGS['time_format'], (int) $userDate['date']).'\"></i>' : '') |
|
| 259 | 259 | . |
| 260 | 260 | ((int) $record['last_connexion'] > 0 ? '<i class=\"far fa-clock infotip text-info ml-2\" title=\"'.$lang->get('index_last_seen').": ". |
| 261 | - date($SETTINGS['date_format'] . ' ' . $SETTINGS['time_format'], (int) $record['last_connexion']).'\"></i>' : '') |
|
| 261 | + date($SETTINGS['date_format'].' '.$SETTINGS['time_format'], (int) $record['last_connexion']).'\"></i>' : '') |
|
| 262 | 262 | . |
| 263 | 263 | ((int) $record['user_ip'] > 0 ? '<i class=\"fas fa-street-view infotip text-info ml-1\" title=\"'.$lang->get('ip').": ".($record['user_ip']).'\"></i>' : '') |
| 264 | 264 | . |
| 265 | 265 | (($record['auth_type'] === 'ldap' || $record['auth_type'] === 'oauth2') ? '<i class=\"far fa-address-book infotip text-warning ml-1\" title=\"'.$lang->get('managed_through_ad').'\"></i>' : '') |
| 266 | 266 | . |
| 267 | 267 | ((in_array($record['id'], [OTV_USER_ID, TP_USER_ID, SSH_USER_ID, API_USER_ID]) === false && (int) $record['admin'] !== 1 && ((int) $SETTINGS['duo'] === 1 || (int) $SETTINGS['google_authentication'] === 1)) ? |
| 268 | - ((int) $record['mfa_enabled'] === 1 ? '' : '<i class=\"fa-solid fa-fingerprint infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('mfa_disabled_for_user').'\"></i>') : |
|
| 269 | - '' |
|
| 268 | + ((int) $record['mfa_enabled'] === 1 ? '' : '<i class=\"fa-solid fa-fingerprint infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('mfa_disabled_for_user').'\"></i>') : '' |
|
| 270 | 269 | ) |
| 271 | 270 | . |
| 272 | 271 | (($unlock_at) ? '<i class=\"fas fa-solid text-red fa-lock infotip text-info ml-1\" title=\"'.$lang->get('bruteforce_unlock_at').$unlock_at.'\"></i>' : ''); |
| 273 | 272 | if ($request->query->filter('display_warnings', '', FILTER_VALIDATE_BOOLEAN) === true) { |
| 274 | 273 | $userDisplayInfos .= '<br>'. |
| 275 | 274 | ((in_array($record['id'], [OTV_USER_ID, TP_USER_ID, SSH_USER_ID, API_USER_ID]) === false && (int) $record['admin'] !== 1 && is_null($record['keys_recovery_time']) === true) ? |
| 276 | - '<i class=\"fa-solid fa-download infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('recovery_keys_not_downloaded').'\"></i>' : |
|
| 277 | - '' |
|
| 275 | + '<i class=\"fa-solid fa-download infotip ml-1\" style=\"color:Tomato\" title=\"'.$lang->get('recovery_keys_not_downloaded').'\"></i>' : '' |
|
| 278 | 276 | ). |
| 279 | 277 | ((in_array($record['id'], [OTV_USER_ID, TP_USER_ID, SSH_USER_ID, API_USER_ID]) === false && (int) $record['pw_passwordlib'] === 1) ? '<i class=\"fa-solid fa-person-walking-luggage infotip ml-1\" style=\"color:Tomato\" title=\"Old password encryption. Shall login to initialize.\"></i>' : ''); |
| 280 | 278 | } |
| 281 | 279 | |
| 282 | 280 | $sOutput .= '["<span data-id=\"'.$record['id'].'\" data-fullname=\"'. |
| 283 | - (empty($record['name']) === false ? htmlentities($record['name'], ENT_QUOTES|ENT_SUBSTITUTE|ENT_DISALLOWED) : '').' '. |
|
| 284 | - (empty($record['lastname']) === false ? htmlentities($record['lastname'], ENT_QUOTES|ENT_SUBSTITUTE|ENT_DISALLOWED) : ''). |
|
| 281 | + (empty($record['name']) === false ? htmlentities($record['name'], ENT_QUOTES | ENT_SUBSTITUTE | ENT_DISALLOWED) : '').' '. |
|
| 282 | + (empty($record['lastname']) === false ? htmlentities($record['lastname'], ENT_QUOTES | ENT_SUBSTITUTE | ENT_DISALLOWED) : ''). |
|
| 285 | 283 | '\" data-auth-type=\"'.$record['auth_type'].'\" data-special=\"'.$record['special'].'\" data-mfa-enabled=\"'.$record['mfa_enabled'].'\" data-otp-provided=\"'.(isset($record['otp_provided']) === true ? $record['otp_provided'] : '').'\"></span>", '; |
| 286 | 284 | //col2 |
| 287 | 285 | $sOutput .= '"'. |
