nilsteampassnet /
TeamPass
@@ -47,7 +47,7 @@ discard block |
||
| 47 | 47 | $requestUri = $request->getRequestUri(); |
| 48 | 48 | |
| 49 | 49 | $uri = parse_url($requestUri, PHP_URL_PATH); |
| 50 | - $uri = explode( '/', $uri ); |
|
| 50 | + $uri = explode('/', $uri); |
|
| 51 | 51 | return $this->sanitizeUrl(array_slice($uri, ((int) array_search('index.php', $uri) + 1))); |
| 52 | 52 | } |
| 53 | 53 | |
@@ -74,7 +74,7 @@ discard block |
||
| 74 | 74 | { |
| 75 | 75 | $filters = []; |
| 76 | 76 | $array_size = count($array); |
| 77 | - for ($i=0; $i < $array_size; $i++) { |
|
| 77 | + for ($i = 0; $i < $array_size; $i++) { |
|
| 78 | 78 | array_push($filters, 'trim|escape'); |
| 79 | 79 | } |
| 80 | 80 | |
@@ -92,7 +92,7 @@ discard block |
||
| 92 | 92 | * @param mixed $data |
| 93 | 93 | * @param string $httpHeader |
| 94 | 94 | */ |
| 95 | - protected function sendOutput($data, $httpHeaders=array()): void |
|
| 95 | + protected function sendOutput($data, $httpHeaders = array()): void |
|
| 96 | 96 | { |
| 97 | 97 | header_remove('Set-Cookie'); |
| 98 | 98 | |
@@ -40,11 +40,11 @@ discard block |
||
| 40 | 40 | */ |
| 41 | 41 | private function getUserPrivateKey(array $userData): ?string |
| 42 | 42 | { |
| 43 | - include_once API_ROOT_PATH . '/inc/jwt_utils.php'; |
|
| 43 | + include_once API_ROOT_PATH.'/inc/jwt_utils.php'; |
|
| 44 | 44 | |
| 45 | 45 | // Verify session_key exists in JWT payload |
| 46 | 46 | if (!isset($userData['session_key']) || empty($userData['session_key'])) { |
| 47 | - error_log('getUserPrivateKey: Missing session_key in JWT token for user ID ' . $userData['id']); |
|
| 47 | + error_log('getUserPrivateKey: Missing session_key in JWT token for user ID '.$userData['id']); |
|
| 48 | 48 | return null; |
| 49 | 49 | } |
| 50 | 50 | |
@@ -88,7 +88,7 @@ discard block |
||
| 88 | 88 | // SQL where clause with folders list |
| 89 | 89 | if (isset($arrQueryStringParams['folders']) === true) { |
| 90 | 90 | // convert the folders to an array |
| 91 | - $arrQueryStringParams['folders'] = explode(',', str_replace( array('[',']') , '' , $arrQueryStringParams['folders'])); |
|
| 91 | + $arrQueryStringParams['folders'] = explode(',', str_replace(array('[', ']'), '', $arrQueryStringParams['folders'])); |
|
| 92 | 92 | |
| 93 | 93 | // ensure to only use the intersection |
| 94 | 94 | $foldersList = implode(',', array_intersect($arrQueryStringParams['folders'], $userData['folders_list'])); |
@@ -256,7 +256,7 @@ discard block |
||
| 256 | 256 | } else { |
| 257 | 257 | // Gérer le cas où les paramètres ne sont pas un tableau |
| 258 | 258 | $strErrorDesc = 'Data not consistent'; |
| 259 | - $strErrorHeader = 'Expected array, received ' . gettype($arrQueryStringParams); |
|
| 259 | + $strErrorHeader = 'Expected array, received '.gettype($arrQueryStringParams); |
|
| 260 | 260 | } |
| 261 | 261 | } |
| 262 | 262 | } else { |
@@ -307,10 +307,10 @@ discard block |
||
| 307 | 307 | // SQL where clause with item id |
| 308 | 308 | if (isset($arrQueryStringParams['id']) === true) { |
| 309 | 309 | // build sql where clause by ID |
| 310 | - $sqlExtra = ' WHERE i.id = '.$arrQueryStringParams['id'] . $sql_constraint; |
|
| 310 | + $sqlExtra = ' WHERE i.id = '.$arrQueryStringParams['id'].$sql_constraint; |
|
| 311 | 311 | } else if (isset($arrQueryStringParams['label']) === true) { |
| 312 | 312 | // build sql where clause by LABEL |
| 313 | - $sqlExtra = ' WHERE i.label '.(isset($arrQueryStringParams['like']) === true && (int) $arrQueryStringParams['like'] === 1 ? ' LIKE '.$arrQueryStringParams['label'] : ' = '.$arrQueryStringParams['label']) . $sql_constraint; |
|
| 313 | + $sqlExtra = ' WHERE i.label '.(isset($arrQueryStringParams['like']) === true && (int) $arrQueryStringParams['like'] === 1 ? ' LIKE '.$arrQueryStringParams['label'] : ' = '.$arrQueryStringParams['label']).$sql_constraint; |
|
| 314 | 314 | } else if (isset($arrQueryStringParams['description']) === true) { |
| 315 | 315 | // build sql where clause by LABEL |
| 316 | 316 | $sqlExtra = ' WHERE i.description '.(isset($arrQueryStringParams['like']) === true && (int) $arrQueryStringParams['like'] === 1 ? ' LIKE '.$arrQueryStringParams['description'] : ' = '.$arrQueryStringParams['description']).$sql_constraint; |
@@ -231,7 +231,7 @@ |
||
| 231 | 231 | $configManager = new ConfigManager(); |
| 232 | 232 | $SETTINGS = $configManager->getAllSettings(); |
| 233 | 233 | |
| 234 | - $payload = [ |
|
| 234 | + $payload = [ |
|
| 235 | 235 | 'username' => $login, |
| 236 | 236 | 'id' => $id, |
| 237 | 237 | 'exp' => (time() + $SETTINGS['api_token_duration'] + 600), |
@@ -49,7 +49,7 @@ discard block |
||
| 49 | 49 | public function getUserAuth(string $login, string $password, string $apikey): array |
| 50 | 50 | { |
| 51 | 51 | // Sanitize |
| 52 | - include_once API_ROOT_PATH . '/../sources/main.functions.php'; |
|
| 52 | + include_once API_ROOT_PATH.'/../sources/main.functions.php'; |
|
| 53 | 53 | $inputData = dataSanitizer( |
| 54 | 54 | [ |
| 55 | 55 | 'login' => isset($login) === true ? $login : '', |
@@ -74,8 +74,8 @@ discard block |
||
| 74 | 74 | // Check if user exists |
| 75 | 75 | $userInfo = DB::queryfirstrow( |
| 76 | 76 | "SELECT u.id, u.pw, u.login, u.admin, u.gestionnaire, u.can_manage_all_users, u.fonction_id, u.can_create_root_folder, u.public_key, u.private_key, u.personal_folder, u.fonction_id, u.groupes_visibles, u.groupes_interdits, a.value AS user_api_key, a.allowed_folders as user_api_allowed_folders, a.enabled, a.allowed_to_create, a.allowed_to_read, a.allowed_to_update, a.allowed_to_delete |
| 77 | - FROM " . prefixTable('users') . " AS u |
|
| 78 | - INNER JOIN " . prefixTable('api') . " AS a ON (a.user_id=u.id) |
|
| 77 | + FROM " . prefixTable('users')." AS u |
|
| 78 | + INNER JOIN " . prefixTable('api')." AS a ON (a.user_id=u.id) |
|
| 79 | 79 | WHERE login = %s", |
| 80 | 80 | $inputData['login'] |
| 81 | 81 | ); |
@@ -118,7 +118,7 @@ discard block |
||
| 118 | 118 | |
| 119 | 119 | // Encrypt the decrypted private key with the session key |
| 120 | 120 | // This allows us to store it securely in the database without exposing it |
| 121 | - require_once API_ROOT_PATH . '/inc/encryption_utils.php'; |
|
| 121 | + require_once API_ROOT_PATH.'/inc/encryption_utils.php'; |
|
| 122 | 122 | $encryptedPrivateKey = encrypt_with_session_key($privateKeyClear, $sessionKey); |
| 123 | 123 | |
| 124 | 124 | if ($encryptedPrivateKey === false) { |
@@ -285,7 +285,7 @@ discard block |
||
| 285 | 285 | if (count($userFunctionId) > 0) { |
| 286 | 286 | $rows = DB::query( |
| 287 | 287 | 'SELECT * |
| 288 | - FROM ' . prefixTable('roles_values') . ' |
|
| 288 | + FROM ' . prefixTable('roles_values').' |
|
| 289 | 289 | WHERE role_id IN %li AND type IN ("W", "ND", "NE", "NDNE", "R")', |
| 290 | 290 | $userFunctionId |
| 291 | 291 | ); |
@@ -311,7 +311,7 @@ discard block |
||
| 311 | 311 | $inc = 0; |
| 312 | 312 | $rows = DB::query( |
| 313 | 313 | 'SELECT id, id_tree |
| 314 | - FROM ' . prefixTable('items') . ' |
|
| 314 | + FROM ' . prefixTable('items').' |
|
| 315 | 315 | WHERE restricted_to LIKE %s'. |
| 316 | 316 | (count($userFunctionId) > 0 ? ' AND id_tree NOT IN %li' : ''), |
| 317 | 317 | $userInfo['id'], |
@@ -326,8 +326,8 @@ discard block |
||
| 326 | 326 | // Check for the users roles if some specific rights exist on items |
| 327 | 327 | $rows = DB::query( |
| 328 | 328 | 'SELECT i.id_tree, r.item_id |
| 329 | - FROM ' . prefixTable('items') . ' AS i |
|
| 330 | - INNER JOIN ' . prefixTable('restriction_to_roles') . ' AS r ON (r.item_id=i.id) |
|
| 329 | + FROM ' . prefixTable('items').' AS i |
|
| 330 | + INNER JOIN ' . prefixTable('restriction_to_roles').' AS r ON (r.item_id=i.id) |
|
| 331 | 331 | WHERE '.(count($userFunctionId) > 0 ? ' id_tree NOT IN %li AND ' : '').' i.id_tree != "" |
| 332 | 332 | ORDER BY i.id_tree ASC', |
| 333 | 333 | count($userFunctionId) > 0 ? $userFunctionId : DB::sqleval('0') |
@@ -343,7 +343,7 @@ discard block |
||
| 343 | 343 | // Add all personal folders |
| 344 | 344 | $rows = DB::queryFirstRow( |
| 345 | 345 | 'SELECT id |
| 346 | - FROM ' . prefixTable('nested_tree') . ' |
|
| 346 | + FROM ' . prefixTable('nested_tree').' |
|
| 347 | 347 | WHERE title = %i AND personal_folder = 1'. |
| 348 | 348 | (count($userFunctionId) > 0 ? ' AND id NOT IN %li' : ''), |
| 349 | 349 | $userInfo['id'], |
@@ -25,18 +25,18 @@ discard block |
||
| 25 | 25 | |
| 26 | 26 | use TeampassClasses\ConfigManager\ConfigManager; |
| 27 | 27 | |
| 28 | -define("API_ROOT_PATH", __DIR__ . "/.."); |
|
| 28 | +define("API_ROOT_PATH", __DIR__."/.."); |
|
| 29 | 29 | |
| 30 | 30 | // include main configuration file |
| 31 | -require API_ROOT_PATH . '/../sources/main.functions.php'; |
|
| 31 | +require API_ROOT_PATH.'/../sources/main.functions.php'; |
|
| 32 | 32 | |
| 33 | 33 | // include the base controller file |
| 34 | -require API_ROOT_PATH . "/Controller/Api/BaseController.php"; |
|
| 34 | +require API_ROOT_PATH."/Controller/Api/BaseController.php"; |
|
| 35 | 35 | |
| 36 | 36 | // include the use model file |
| 37 | -require API_ROOT_PATH . "/Model/UserModel.php"; |
|
| 38 | -require API_ROOT_PATH . "/Model/ItemModel.php"; |
|
| 39 | -require API_ROOT_PATH . "/Model/FolderModel.php"; |
|
| 37 | +require API_ROOT_PATH."/Model/UserModel.php"; |
|
| 38 | +require API_ROOT_PATH."/Model/ItemModel.php"; |
|
| 39 | +require API_ROOT_PATH."/Model/FolderModel.php"; |
|
| 40 | 40 | |
| 41 | 41 | /** |
| 42 | 42 | * Launch expected action for ITEM |
@@ -56,9 +56,9 @@ discard block |
||
| 56 | 56 | return; |
| 57 | 57 | } |
| 58 | 58 | // Perform the action |
| 59 | - require API_ROOT_PATH . "/Controller/Api/ItemController.php"; |
|
| 59 | + require API_ROOT_PATH."/Controller/Api/ItemController.php"; |
|
| 60 | 60 | $objFeedController = new ItemController(); |
| 61 | - $strMethodName = $actions[0] . 'Action'; |
|
| 61 | + $strMethodName = $actions[0].'Action'; |
|
| 62 | 62 | $objFeedController->{$strMethodName}($userData); |
| 63 | 63 | } |
| 64 | 64 | |
@@ -80,9 +80,9 @@ discard block |
||
| 80 | 80 | return; |
| 81 | 81 | } |
| 82 | 82 | // Perform the action |
| 83 | - require API_ROOT_PATH . "/Controller/Api/FolderController.php"; |
|
| 83 | + require API_ROOT_PATH."/Controller/Api/FolderController.php"; |
|
| 84 | 84 | $objFeedController = new FolderController(); |
| 85 | - $strMethodName = $actions[0] . 'Action'; |
|
| 85 | + $strMethodName = $actions[0].'Action'; |
|
| 86 | 86 | $objFeedController->{$strMethodName}($userData); |
| 87 | 87 | } |
| 88 | 88 | |
@@ -139,7 +139,7 @@ discard block |
||
| 139 | 139 | */ |
| 140 | 140 | function verifyAuth(): string |
| 141 | 141 | { |
| 142 | - include_once API_ROOT_PATH . '/inc/jwt_utils.php'; |
|
| 142 | + include_once API_ROOT_PATH.'/inc/jwt_utils.php'; |
|
| 143 | 143 | $bearer_token = get_bearer_token(); |
| 144 | 144 | |
| 145 | 145 | if (empty($bearer_token) === false && is_jwt_valid($bearer_token) === true) { |
@@ -169,7 +169,7 @@ discard block |
||
| 169 | 169 | */ |
| 170 | 170 | function getDataFromToken(): string |
| 171 | 171 | { |
| 172 | - include_once API_ROOT_PATH . '/inc/jwt_utils.php'; |
|
| 172 | + include_once API_ROOT_PATH.'/inc/jwt_utils.php'; |
|
| 173 | 173 | $bearer_token = get_bearer_token(); |
| 174 | 174 | |
| 175 | 175 | if (empty($bearer_token) === false) { |
@@ -148,34 +148,34 @@ discard block |
||
| 148 | 148 | */ |
| 149 | 149 | function get_user_keys(int $userId, string $keyTempo, string $sessionKey): ?array |
| 150 | 150 | { |
| 151 | - require_once API_ROOT_PATH . '/inc/encryption_utils.php'; |
|
| 151 | + require_once API_ROOT_PATH.'/inc/encryption_utils.php'; |
|
| 152 | 152 | |
| 153 | 153 | // Retrieve user's public key and encrypted private key from database |
| 154 | 154 | $userInfo = DB::queryfirstrow( |
| 155 | 155 | "SELECT u.public_key, u.key_tempo, a.encrypted_private_key |
| 156 | - FROM " . prefixTable('users') . " AS u |
|
| 157 | - INNER JOIN " . prefixTable('api') . " AS a ON (a.user_id = u.id) |
|
| 156 | + FROM " . prefixTable('users')." AS u |
|
| 157 | + INNER JOIN " . prefixTable('api')." AS a ON (a.user_id = u.id) |
|
| 158 | 158 | WHERE u.id = %i", |
| 159 | 159 | $userId |
| 160 | 160 | ); |
| 161 | 161 | |
| 162 | 162 | if (DB::count() === 0) { |
| 163 | 163 | // User not found or no API configuration |
| 164 | - error_log('[API] get_user_keys: User not found or no API config for user ID ' . $userId); |
|
| 164 | + error_log('[API] get_user_keys: User not found or no API config for user ID '.$userId); |
|
| 165 | 165 | return null; |
| 166 | 166 | } |
| 167 | 167 | |
| 168 | 168 | // Validate key_tempo matches (security check - ensures session is still valid) |
| 169 | 169 | if ($userInfo['key_tempo'] !== $keyTempo) { |
| 170 | 170 | // Session invalid or expired |
| 171 | - error_log('[API] get_user_keys: Invalid key_tempo for user ID ' . $userId); |
|
| 171 | + error_log('[API] get_user_keys: Invalid key_tempo for user ID '.$userId); |
|
| 172 | 172 | return null; |
| 173 | 173 | } |
| 174 | 174 | |
| 175 | 175 | // Check if encrypted private key exists |
| 176 | 176 | if (empty($userInfo['encrypted_private_key'])) { |
| 177 | 177 | // No encrypted key found - user needs to re-authenticate |
| 178 | - error_log('[API] get_user_keys: No encrypted private key found for user ID ' . $userId); |
|
| 178 | + error_log('[API] get_user_keys: No encrypted private key found for user ID '.$userId); |
|
| 179 | 179 | return null; |
| 180 | 180 | } |
| 181 | 181 | |
@@ -195,7 +195,7 @@ discard block |
||
| 195 | 195 | |
| 196 | 196 | if ($privateKeyDecrypted === false) { |
| 197 | 197 | // Decryption failed - wrong key or tampered data |
| 198 | - error_log('[API] get_user_keys: Failed to decrypt private key for user ID ' . $userId); |
|
| 198 | + error_log('[API] get_user_keys: Failed to decrypt private key for user ID '.$userId); |
|
| 199 | 199 | return null; |
| 200 | 200 | } |
| 201 | 201 | |
@@ -47,7 +47,7 @@ discard block |
||
| 47 | 47 | function encrypt_with_session_key(string $data, string $key) |
| 48 | 48 | { |
| 49 | 49 | if (strlen($key) !== 32) { |
| 50 | - error_log('[API] encrypt_with_session_key: Invalid key length. Expected 32 bytes, got ' . strlen($key)); |
|
| 50 | + error_log('[API] encrypt_with_session_key: Invalid key length. Expected 32 bytes, got '.strlen($key)); |
|
| 51 | 51 | return false; |
| 52 | 52 | } |
| 53 | 53 | |
@@ -74,10 +74,10 @@ discard block |
||
| 74 | 74 | |
| 75 | 75 | // Combine nonce + tag + ciphertext and encode in base64 |
| 76 | 76 | // Format: [12 bytes nonce][16 bytes tag][variable ciphertext] |
| 77 | - return base64_encode($nonce . $tag . $ciphertext); |
|
| 77 | + return base64_encode($nonce.$tag.$ciphertext); |
|
| 78 | 78 | |
| 79 | 79 | } catch (Exception $e) { |
| 80 | - error_log('[API] encrypt_with_session_key: Exception - ' . $e->getMessage()); |
|
| 80 | + error_log('[API] encrypt_with_session_key: Exception - '.$e->getMessage()); |
|
| 81 | 81 | return false; |
| 82 | 82 | } |
| 83 | 83 | } |
@@ -95,7 +95,7 @@ discard block |
||
| 95 | 95 | function decrypt_with_session_key(string $encryptedData, string $key) |
| 96 | 96 | { |
| 97 | 97 | if (strlen($key) !== 32) { |
| 98 | - error_log('[API] decrypt_with_session_key: Invalid key length. Expected 32 bytes, got ' . strlen($key)); |
|
| 98 | + error_log('[API] decrypt_with_session_key: Invalid key length. Expected 32 bytes, got '.strlen($key)); |
|
| 99 | 99 | return false; |
| 100 | 100 | } |
| 101 | 101 | |
@@ -136,7 +136,7 @@ discard block |
||
| 136 | 136 | return $plaintext; |
| 137 | 137 | |
| 138 | 138 | } catch (Exception $e) { |
| 139 | - error_log('[API] decrypt_with_session_key: Exception - ' . $e->getMessage()); |
|
| 139 | + error_log('[API] decrypt_with_session_key: Exception - '.$e->getMessage()); |
|
| 140 | 140 | return false; |
| 141 | 141 | } |
| 142 | 142 | } |
