nilsteampassnet /
TeamPass
@@ -2085,7 +2085,7 @@ discard block |
||
| 2085 | 2085 | $debug_ldap .= "LDAP connection : ".($ldapconn ? "Connected" : "Failed")."<br/>"; |
| 2086 | 2086 | |
| 2087 | 2087 | if ($ldapconn) { |
| 2088 | - $debug_ldap .= "DN : ".$dataReceived[0]['ldap_bind_dn']." -- ".$dataReceived[0]['ldap_bind_passwd']."<br/>"; |
|
| 2088 | + $debug_ldap .= "DN : ".$dataReceived[0]['ldap_bind_dn']." -- ".$dataReceived[0]['ldap_bind_passwd']."<br/>"; |
|
| 2089 | 2089 | ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); |
| 2090 | 2090 | ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0); |
| 2091 | 2091 | $ldapbind = ldap_bind($ldapconn, $dataReceived[0]['ldap_bind_dn'], $dataReceived[0]['ldap_bind_passwd']); |
@@ -2112,7 +2112,7 @@ discard block |
||
| 2112 | 2112 | ); |
| 2113 | 2113 | |
| 2114 | 2114 | $debug_ldap .= 'Search filter (group): '.$filter_group."<br/>". |
| 2115 | - 'Results : '.str_replace("\n","<br>", print_r(ldap_get_entries($ldapconn, $result_group), true))."<br/>"; |
|
| 2115 | + 'Results : '.str_replace("\n","<br>", print_r(ldap_get_entries($ldapconn, $result_group), true))."<br/>"; |
|
| 2116 | 2116 | |
| 2117 | 2117 | if ($result_group) { |
| 2118 | 2118 | $entries = ldap_get_entries($ldapconn, $result_group); |
@@ -2120,11 +2120,11 @@ discard block |
||
| 2120 | 2120 | if ($entries['count'] > 0) { |
| 2121 | 2121 | // Now check if group fits |
| 2122 | 2122 | for ($i=0; $i<$entries['count']; $i++) { |
| 2123 | - $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 2124 | - if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 2123 | + $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 2124 | + if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 2125 | 2125 | $GroupRestrictionEnabled = true; |
| 2126 | 2126 | break; |
| 2127 | - } |
|
| 2127 | + } |
|
| 2128 | 2128 | } |
| 2129 | 2129 | |
| 2130 | 2130 | } |
@@ -740,7 +740,7 @@ discard block |
||
| 740 | 740 | $objects = explode(",", $post_object); |
| 741 | 741 | |
| 742 | 742 | // Allowed values for $_POST['object'] : "items,logs,files,categories" |
| 743 | - if (in_array($objects[0], array("items","logs","files","categories")) === false) { |
|
| 743 | + if (in_array($objects[0], array("items", "logs", "files", "categories")) === false) { |
|
| 744 | 744 | echo '[{"nextAction":"" , "error":"Input `'.$objects[0].'` is not allowed" , "nbOfItems":""}]'; |
| 745 | 745 | break; |
| 746 | 746 | } |
@@ -1305,7 +1305,7 @@ discard block |
||
| 1305 | 1305 | foreach ($rows as $record) { |
| 1306 | 1306 | if (is_file($SETTINGS['path_to_upload_folder'].'/'.$record['file'])) { |
| 1307 | 1307 | $addFile = 0; |
| 1308 | - if ($post_option== "decrypt" && $record['status'] === 'encrypted') { |
|
| 1308 | + if ($post_option == "decrypt" && $record['status'] === 'encrypted') { |
|
| 1309 | 1309 | $addFile = 1; |
| 1310 | 1310 | } elseif ($post_option == "encrypt" && $record['status'] === 'clear') { |
| 1311 | 1311 | $addFile = 1; |
@@ -2112,16 +2112,16 @@ discard block |
||
| 2112 | 2112 | ); |
| 2113 | 2113 | |
| 2114 | 2114 | $debug_ldap .= 'Search filter (group): '.$filter_group."<br/>". |
| 2115 | - 'Results : '.str_replace("\n","<br>", print_r(ldap_get_entries($ldapconn, $result_group), true))."<br/>"; |
|
| 2115 | + 'Results : '.str_replace("\n", "<br>", print_r(ldap_get_entries($ldapconn, $result_group), true))."<br/>"; |
|
| 2116 | 2116 | |
| 2117 | 2117 | if ($result_group) { |
| 2118 | 2118 | $entries = ldap_get_entries($ldapconn, $result_group); |
| 2119 | 2119 | |
| 2120 | 2120 | if ($entries['count'] > 0) { |
| 2121 | 2121 | // Now check if group fits |
| 2122 | - for ($i=0; $i<$entries['count']; $i++) { |
|
| 2123 | - $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 2124 | - if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 2122 | + for ($i = 0; $i < $entries['count']; $i++) { |
|
| 2123 | + $parsr = ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 2124 | + if (str_replace(array('CN=', 'cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 2125 | 2125 | $GroupRestrictionEnabled = true; |
| 2126 | 2126 | break; |
| 2127 | 2127 | } |
@@ -2134,7 +2134,7 @@ discard block |
||
| 2134 | 2134 | } |
| 2135 | 2135 | |
| 2136 | 2136 | $debug_ldap .= 'Search filter : '.$filter."<br/>". |
| 2137 | - 'Results : '.str_replace("\n","<br>", print_r(ldap_get_entries($ldapconn, $result), true))."<br/>"; |
|
| 2137 | + 'Results : '.str_replace("\n", "<br>", print_r(ldap_get_entries($ldapconn, $result), true))."<br/>"; |
|
| 2138 | 2138 | |
| 2139 | 2139 | if (ldap_count_entries($ldapconn, $result)) { |
| 2140 | 2140 | // try auth |
@@ -3156,7 +3156,7 @@ discard block |
||
| 3156 | 3156 | if ((isset($_SESSION['user_settings']['session_psk']) === false || empty($_SESSION['user_settings']['session_psk']) === true) |
| 3157 | 3157 | && ($dataSource['personal_folder'] === '1' || $dataDestination['personal_folder'] === '1') |
| 3158 | 3158 | ) { |
| 3159 | - echo '[{"error" : "ERR_PSK_REQUIRED"}]'; |
|
| 3159 | + echo '[{"error" : "ERR_PSK_REQUIRED"}]'; |
|
| 3160 | 3160 | break; |
| 3161 | 3161 | } |
| 3162 | 3162 | |
@@ -4257,30 +4257,30 @@ discard block |
||
| 4257 | 4257 | $ret = sendEmail( |
| 4258 | 4258 | $LANG['email_request_access_subject'], |
| 4259 | 4259 | str_replace( |
| 4260 | - array( |
|
| 4261 | - '#tp_item_author#', |
|
| 4262 | - '#tp_user#', |
|
| 4263 | - '#tp_item#', |
|
| 4264 | - '#tp_reason#' |
|
| 4265 | - ), |
|
| 4266 | - array( |
|
| 4267 | - " ".addslashes($dataAuthor['login']), |
|
| 4268 | - addslashes($_SESSION['login']), |
|
| 4269 | - addslashes($dataItem['label']), |
|
| 4270 | - nl2br(addslashes($emailText)) |
|
| 4271 | - ), |
|
| 4272 | - $LANG['email_request_access_mail'] |
|
| 4260 | + array( |
|
| 4261 | + '#tp_item_author#', |
|
| 4262 | + '#tp_user#', |
|
| 4263 | + '#tp_item#', |
|
| 4264 | + '#tp_reason#' |
|
| 4265 | + ), |
|
| 4266 | + array( |
|
| 4267 | + " ".addslashes($dataAuthor['login']), |
|
| 4268 | + addslashes($_SESSION['login']), |
|
| 4269 | + addslashes($dataItem['label']), |
|
| 4270 | + nl2br(addslashes($emailText)) |
|
| 4271 | + ), |
|
| 4272 | + $LANG['email_request_access_mail'] |
|
| 4273 | 4273 | ), |
| 4274 | 4274 | $dataAuthor['email'] |
| 4275 | 4275 | ); |
| 4276 | 4276 | |
| 4277 | 4277 | // Do log |
| 4278 | 4278 | logItems( |
| 4279 | - $item_id, |
|
| 4280 | - $dataItem['label'], |
|
| 4281 | - $_SESSION['user_id'], |
|
| 4282 | - 'at_access', |
|
| 4283 | - $_SESSION['login'] |
|
| 4279 | + $item_id, |
|
| 4280 | + $dataItem['label'], |
|
| 4281 | + $_SESSION['user_id'], |
|
| 4282 | + 'at_access', |
|
| 4283 | + $_SESSION['login'] |
|
| 4284 | 4284 | ); |
| 4285 | 4285 | |
| 4286 | 4286 | // Return |
@@ -321,26 +321,26 @@ discard block |
||
| 321 | 321 | $dataReceived = prepareExchangedData($sentData, "decode"); |
| 322 | 322 | |
| 323 | 323 | // prepare variables |
| 324 | - if (isset($SETTINGS['enable_http_request_login']) === true |
|
| 324 | + if (isset($SETTINGS['enable_http_request_login']) === true |
|
| 325 | 325 | && $SETTINGS['enable_http_request_login'] === '1' |
| 326 | 326 | && isset($_SERVER['PHP_AUTH_USER']) === true |
| 327 | 327 | && !(isset($SETTINGS['maintenance_mode']) === true |
| 328 | 328 | && $SETTINGS['maintenance_mode'] === '1') |
| 329 | 329 | ) { |
| 330 | 330 | if (strpos($_SERVER['PHP_AUTH_USER'], '@') !== false) { |
| 331 | - $username = explode("@", $_SERVER['PHP_AUTH_USER'])[0]; |
|
| 332 | - } elseif (strpos($_SERVER['PHP_AUTH_USER'], '\\') !== false) { |
|
| 333 | - $username = explode("\\", $_SERVER['PHP_AUTH_USER'])[1]; |
|
| 334 | - } else { |
|
| 335 | - $username = $_SERVER['PHP_AUTH_USER']; |
|
| 336 | - } |
|
| 337 | - $passwordClear = $_SERVER['PHP_AUTH_PW']; |
|
| 338 | - $pwdOldEncryption = encryptOld($_SERVER['PHP_AUTH_PW']); |
|
| 339 | - }else{ |
|
| 340 | - $passwordClear = htmlspecialchars_decode($dataReceived['pw']); |
|
| 341 | - $pwdOldEncryption = encryptOld(htmlspecialchars_decode($dataReceived['pw'])); |
|
| 342 | - $username = $antiXss->xss_clean(htmlspecialchars_decode($dataReceived['login'])); |
|
| 343 | - } |
|
| 331 | + $username = explode("@", $_SERVER['PHP_AUTH_USER'])[0]; |
|
| 332 | + } elseif (strpos($_SERVER['PHP_AUTH_USER'], '\\') !== false) { |
|
| 333 | + $username = explode("\\", $_SERVER['PHP_AUTH_USER'])[1]; |
|
| 334 | + } else { |
|
| 335 | + $username = $_SERVER['PHP_AUTH_USER']; |
|
| 336 | + } |
|
| 337 | + $passwordClear = $_SERVER['PHP_AUTH_PW']; |
|
| 338 | + $pwdOldEncryption = encryptOld($_SERVER['PHP_AUTH_PW']); |
|
| 339 | + }else{ |
|
| 340 | + $passwordClear = htmlspecialchars_decode($dataReceived['pw']); |
|
| 341 | + $pwdOldEncryption = encryptOld(htmlspecialchars_decode($dataReceived['pw'])); |
|
| 342 | + $username = $antiXss->xss_clean(htmlspecialchars_decode($dataReceived['login'])); |
|
| 343 | + } |
|
| 344 | 344 | $logError = ""; |
| 345 | 345 | $userPasswordVerified = false; |
| 346 | 346 | |
@@ -438,10 +438,10 @@ discard block |
||
| 438 | 438 | if (($SETTINGS['ldap_bind_dn'] === "" && $SETTINGS['ldap_bind_passwd'] === "") || $ldapbind === true) { |
| 439 | 439 | $filter = "(&(".$SETTINGS['ldap_user_attribute']."=".$username.")(objectClass=".$SETTINGS['ldap_object_class']."))"; |
| 440 | 440 | $result = ldap_search( |
| 441 | - $ldapconn, |
|
| 442 | - $SETTINGS['ldap_search_base'], |
|
| 443 | - $filter, |
|
| 444 | - array('dn', 'mail', 'givenname', 'sn') |
|
| 441 | + $ldapconn, |
|
| 442 | + $SETTINGS['ldap_search_base'], |
|
| 443 | + $filter, |
|
| 444 | + array('dn', 'mail', 'givenname', 'sn') |
|
| 445 | 445 | ); |
| 446 | 446 | if ($debugLdap == 1) { |
| 447 | 447 | fputs( |
@@ -488,11 +488,11 @@ discard block |
||
| 488 | 488 | if ($entries['count'] > 0) { |
| 489 | 489 | // Now check if group fits |
| 490 | 490 | for ($i=0; $i<$entries['count']; $i++) { |
| 491 | - $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 492 | - if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 491 | + $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 492 | + if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 493 | 493 | $GroupRestrictionEnabled = true; |
| 494 | 494 | break; |
| 495 | - } |
|
| 495 | + } |
|
| 496 | 496 | } |
| 497 | 497 | |
| 498 | 498 | } |
@@ -336,7 +336,7 @@ discard block |
||
| 336 | 336 | } |
| 337 | 337 | $passwordClear = $_SERVER['PHP_AUTH_PW']; |
| 338 | 338 | $pwdOldEncryption = encryptOld($_SERVER['PHP_AUTH_PW']); |
| 339 | - }else{ |
|
| 339 | + } else { |
|
| 340 | 340 | $passwordClear = htmlspecialchars_decode($dataReceived['pw']); |
| 341 | 341 | $pwdOldEncryption = encryptOld(htmlspecialchars_decode($dataReceived['pw'])); |
| 342 | 342 | $username = $antiXss->xss_clean(htmlspecialchars_decode($dataReceived['login'])); |
@@ -487,9 +487,9 @@ discard block |
||
| 487 | 487 | |
| 488 | 488 | if ($entries['count'] > 0) { |
| 489 | 489 | // Now check if group fits |
| 490 | - for ($i=0; $i<$entries['count']; $i++) { |
|
| 491 | - $parsr=ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 492 | - if (str_replace(array('CN=','cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 490 | + for ($i = 0; $i < $entries['count']; $i++) { |
|
| 491 | + $parsr = ldap_explode_dn($entries[$i]['dn'], 0); |
|
| 492 | + if (str_replace(array('CN=', 'cn='), '', $parsr[0]) === $SETTINGS['ldap_usergroup']) { |
|
| 493 | 493 | $GroupRestrictionEnabled = true; |
| 494 | 494 | break; |
| 495 | 495 | } |
@@ -13,7 +13,7 @@ |
||
| 13 | 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| 14 | 14 | */ |
| 15 | 15 | global $LANG; |
| 16 | -$LANG = array ( |
|
| 16 | +$LANG = array( |
|
| 17 | 17 | 'request_access_to_item' => 'Request access for this item', |
| 18 | 18 | 'request_access_to_item_info' => 'Provide the reason why you want to access this item', |
| 19 | 19 | 'send_request' => 'Send request', |
@@ -13,7 +13,7 @@ |
||
| 13 | 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| 14 | 14 | */ |
| 15 | 15 | global $LANG; |
| 16 | -$LANG = array ( |
|
| 16 | +$LANG = array( |
|
| 17 | 17 | 'request_access_to_item' => 'Request access for this item', |
| 18 | 18 | 'request_access_to_item_info' => 'Provide the reason why you want to access this item', |
| 19 | 19 | 'send_request' => 'Send request', |
@@ -13,7 +13,7 @@ |
||
| 13 | 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| 14 | 14 | */ |
| 15 | 15 | global $LANG; |
| 16 | -$LANG = array ( |
|
| 16 | +$LANG = array( |
|
| 17 | 17 | 'request_access_to_item' => 'Request access for this item', |
| 18 | 18 | 'request_access_to_item_info' => 'Provide the reason why you want to access this item', |
| 19 | 19 | 'send_request' => 'Send request', |
@@ -13,7 +13,7 @@ |
||
| 13 | 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| 14 | 14 | */ |
| 15 | 15 | global $LANG; |
| 16 | -$LANG = array ( |
|
| 16 | +$LANG = array( |
|
| 17 | 17 | 'request_access_to_item' => 'Request access for this item', |
| 18 | 18 | 'request_access_to_item_info' => 'Provide the reason why you want to access this item', |
| 19 | 19 | 'send_request' => 'Send request', |
@@ -13,7 +13,7 @@ |
||
| 13 | 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| 14 | 14 | */ |
| 15 | 15 | global $LANG; |
| 16 | -$LANG = array ( |
|
| 16 | +$LANG = array( |
|
| 17 | 17 | 'request_access_to_item' => 'Request access for this item', |
| 18 | 18 | 'request_access_to_item_info' => 'Provide the reason why you want to access this item', |
| 19 | 19 | 'send_request' => 'Send request', |
@@ -13,7 +13,7 @@ |
||
| 13 | 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| 14 | 14 | */ |
| 15 | 15 | global $LANG; |
| 16 | -$LANG = array ( |
|
| 16 | +$LANG = array( |
|
| 17 | 17 | 'request_access_to_item' => 'Request access for this item', |
| 18 | 18 | 'request_access_to_item_info' => 'Provide the reason why you want to access this item', |
| 19 | 19 | 'send_request' => 'Send request', |
