nilsteampassnet / TeamPass

sources/SecureHandler.php

Spacing +7 added lines, -7 removed lines

@@ -25,13 +25,13 @@ 
      */
     public function __construct()
     {
-        if (! extension_loaded('openssl')) {
+        if (!extension_loaded('openssl')) {
             throw new \RuntimeException(sprintf(
                 "You need the OpenSSL extension to use %s",
                 __CLASS__
             ));
         }
-        if (! extension_loaded('mbstring')) {
+        if (!extension_loaded('mbstring')) {
             throw new \RuntimeException(sprintf(
                 "You need the Multibytes extension to use %s",
                 __CLASS__
@@ -48,7 +48,7 @@ 
      */
     public function open($save_path, $session_name)
     {
-        $this->key = $this->getKey('KEY_' . $session_name);
+        $this->key = $this->getKey('KEY_'.$session_name);
         return parent::open($save_path, $session_name);
     }
 
@@ -95,11 +95,11 @@ 
         // Authentication
         $hmac = hash_hmac(
             'SHA256',
-            $iv . $ciphertext,
+            $iv.$ciphertext,
             mb_substr($key, 32, null, '8bit'),
             true
         );
-        return $hmac . $iv . $ciphertext;
+        return $hmac.$iv.$ciphertext;
     }
 
     /**
@@ -117,11 +117,11 @@ 
         // Authentication
         $hmacNew = hash_hmac(
             'SHA256',
-            $iv . $ciphertext,
+            $iv.$ciphertext,
             mb_substr($key, 32, null, '8bit'),
             true
         );
-        if (! $this->hash_equals($hmac, $hmacNew)) {
+        if (!$this->hash_equals($hmac, $hmacNew)) {
             throw new \RuntimeException('Authentication failed');
         }
         // Decrypt

sources/main.queries.php

Indentation +14 added lines, -14 removed lines

@@ -99,7 +99,7 @@ 
                     prefix_table("users"),
                     array(
                         'fonction_id' => $data_roles['fonction_id']
-                       ),
+                        ),
                     "id = %i",
                     $_SESSION['user_id']
                 );
@@ -166,7 +166,7 @@ 
                         'pw' => $newPw,
                         'last_pw_change' => mktime(0, 0, 0, date('m'), date('d'), date('y')),
                         'last_pw' => $oldPw
-                       ),
+                        ),
                     "id = %i",
                     $_SESSION['user_id']
                 );
@@ -204,7 +204,7 @@ 
                 array(
                     'pw' => $newPw,
                     'last_pw_change' => mktime(0, 0, 0, date('m'), date('d'), date('y'))
-                   ),
+                    ),
                 "id = %i",
                 $dataReceived['user_id']
             );
@@ -240,7 +240,7 @@ 
                 array(
                     'pw' => $newPw,
                     'last_pw_change' => mktime(0, 0, 0, date('m'), date('d'), date('y'))
-                   ),
+                    ),
                 "id = %i",
                 $_SESSION['user_id']
             );
@@ -261,8 +261,8 @@ 
         }
         break;
     /**
-    * This will generate the QR Google Authenticator
-    */
+     * This will generate the QR Google Authenticator
+     */
     case "ga_generate_qr":
         // is this allowed by setting
         if (!isset($_SESSION['settings']['ga_reset_by_user']) || $_SESSION['settings']['ga_reset_by_user'] !== "1") {
@@ -311,7 +311,7 @@ 
                     array(
                         'ga' => $gaSecretKey,
                         'ga_temporary_code' => $gaTemporaryCode
-                       ),
+                        ),
                     "id = %i",
                     $data['id']
                 );
@@ -457,7 +457,7 @@ 
                 prefix_table("users"),
                 array(
                     'pw' => $newPw
-                   ),
+                    ),
                 "login = %s",
                 mysqli_escape_string($link, $login)
             );
@@ -551,7 +551,7 @@ 
                     prefix_table("users"),
                     array(
                         'encrypted_psk' => $_SESSION['user_settings']['encrypted_psk']
-                       ),
+                        ),
                     "id = %i",
                     $_SESSION['user_id']
                 );
@@ -635,7 +635,7 @@ 
             prefix_table("users"),
             array(
                 'encrypted_psk' => $_SESSION['user_settings']['encrypted_psk']
-               ),
+                ),
             "id = %i",
             $_SESSION['user_id']
         );
@@ -739,7 +739,7 @@ 
                 prefix_table("users"),
                 array(
                     'user_language' => $language
-                   ),
+                    ),
                 "id = %i",
                 $_SESSION['user_id']
             );
@@ -806,7 +806,7 @@ 
                         prefix_table("emails"),
                         array(
                             'status' => $status
-                           ),
+                            ),
                         "timestamp = %s",
                         $record['timestamp']
                     );
@@ -820,7 +820,7 @@ 
                 prefix_table("misc"),
                 array(
                     'valeur' => time()
-                   ),
+                    ),
                 "intitule = %s AND type = %s",
                 "sending_emails",
                 "cron"
@@ -1137,7 +1137,7 @@ 
                 prefix_table("misc"),
                 array(
                     'valeur' => time()
-                   ),
+                    ),
                 "type = %s AND intitule = %s",
                 'admin',
                 'send_stats_time'

Spacing +14 added lines, -14 removed lines

@@ -83,7 +83,7 @@ 
         $pwdlib = new PasswordLib\PasswordLib();
 
         // Prepare variables
-        $newPw = $pwdlib->createPasswordHash(htmlspecialchars_decode($dataReceived['new_pw']));    //bCrypt(htmlspecialchars_decode($dataReceived['new_pw']), COST);
+        $newPw = $pwdlib->createPasswordHash(htmlspecialchars_decode($dataReceived['new_pw'])); //bCrypt(htmlspecialchars_decode($dataReceived['new_pw']), COST);
 
         // User has decided to change is PW
         if (isset($_POST['change_pw_origine']) && $_POST['change_pw_origine'] === "user_change" && $_SESSION['user_admin'] !== "1") {
@@ -91,7 +91,7 @@ 
             $data_roles = DB::queryfirstrow("SELECT fonction_id FROM ".prefix_table("users")." WHERE id = %i", $_SESSION['user_id']);
 
             // check if badly written
-            $data_roles['fonction_id'] = array_filter(explode(',',str_replace(';', ',', $data_roles['fonction_id'])));
+            $data_roles['fonction_id'] = array_filter(explode(',', str_replace(';', ',', $data_roles['fonction_id'])));
             if ($data_roles['fonction_id'][0] === "") {
                 //$data_roles['fonction_id'] = array_filter($data_roles['fonction_id']);
                 $data_roles['fonction_id'] = implode(';', $data_roles['fonction_id']);
@@ -222,9 +222,9 @@ 
                 if (!empty($row['email']) && isset($_SESSION['settings']['enable_email_notification_on_user_pw_change']) && $_SESSION['settings']['enable_email_notification_on_user_pw_change'] == 1) {
                     sendEmail(
                         $LANG['forgot_pw_email_subject'],
-                        $LANG['forgot_pw_email_body'] . " " . htmlspecialchars_decode($dataReceived['new_pw']),
+                        $LANG['forgot_pw_email_body']." ".htmlspecialchars_decode($dataReceived['new_pw']),
                         $row[0],
-                        $LANG['forgot_pw_email_altbody_1'] . " " . htmlspecialchars_decode($dataReceived['new_pw'])
+                        $LANG['forgot_pw_email_altbody_1']." ".htmlspecialchars_decode($dataReceived['new_pw'])
                     );
                 }
             }
@@ -318,7 +318,7 @@ 
 
                 // send mail?
                 if (isset($_POST['send_email']) && $_POST['send_email'] === "1") {
-                    sendEmail (
+                    sendEmail(
                         $LANG['email_ga_subject'],
                         str_replace(
                             "#2FACode#",
@@ -368,7 +368,7 @@ 
      */
     case "send_pw_by_email":
         // generate key
-        $key =  GenerateCryptKey(50);
+        $key = GenerateCryptKey(50);
 
         // Get account and pw associated to email
         DB::query(
@@ -527,7 +527,7 @@ 
                 }
             }
         }
-        echo json_encode($arrOutput, JSON_HEX_TAG|JSON_HEX_APOS|JSON_HEX_QUOT|JSON_HEX_AMP);
+        echo json_encode($arrOutput, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_QUOT | JSON_HEX_AMP);
         break;
     /**
      * Store the personal saltkey
@@ -863,10 +863,10 @@ 
             $pwgen->setCapitalize(true);
             $pwgen->setNumerals(true);
         } else {
-            $pwgen->setSecure(($_POST['secure'] == "true")? true : false);
-            $pwgen->setNumerals(($_POST['numerals'] == "true")? true : false);
-            $pwgen->setCapitalize(($_POST['capitalize'] == "true")? true : false);
-            $pwgen->setSymbols(($_POST['symbols'] == "true")? true : false);
+            $pwgen->setSecure(($_POST['secure'] == "true") ? true : false);
+            $pwgen->setNumerals(($_POST['numerals'] == "true") ? true : false);
+            $pwgen->setCapitalize(($_POST['capitalize'] == "true") ? true : false);
+            $pwgen->setSymbols(($_POST['symbols'] == "true") ? true : false);
         }
 
         echo prepareExchangedData(
@@ -927,7 +927,7 @@ 
                     prefix_table("statistics"),
                     array(
                         'scope' => 'item',
-                        'view' => $data['view']+1
+                        'view' => $data['view'] + 1
                     ),
                     "item_id = %i",
                     $_POST['id']
@@ -985,7 +985,7 @@ 
                 "existing_suggestions" => $nb_suggestions_waiting,
                 "text" => handleBackslash($return)
             ),
-            JSON_HEX_TAG|JSON_HEX_APOS|JSON_HEX_QUOT|JSON_HEX_AMP
+            JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_QUOT | JSON_HEX_AMP
         );
         break;
 
@@ -1023,7 +1023,7 @@ 
                 'token' => $token,
                 'reason' => $_POST['reason'],
                 'creation_timestamp' => time(),
-                'end_timestamp' => time()+$_POST['duration']    // in secs
+                'end_timestamp' => time() + $_POST['duration']    // in secs
             )
         );
 

Braces +3 added lines, -1 removed lines

@@ -964,7 +964,9 @@
                     $return .= '<li onclick="displayItemNumber('.$record['id'].', '.$record['id_tree'].')"><i class="fa fa-hand-o-right"></i>&nbsp;'.($record['label']).'</li>';
                     $x++;
                     array_push($arrTmp, $record['id']);
-                    if ($x >= 10) break;
+                    if ($x >= 10) {
+                        break;
+                    }
                 }
             }
         }

sources/identify.php

Indentation +5 added lines, -5 removed lines

@@ -89,7 +89,7 @@ 
             prefix_table('users'),
             array(
                 'agses-usercardid' =>  filter_var($_POST['cardid'], FILTER_SANITIZE_NUMBER_INT)
-               ),
+                ),
             "login = %s",
             $_POST['login']
         );
@@ -347,7 +347,7 @@ 
             $ldapconn = ldap_connect($ldapURIs);
 
             if ($_SESSION['settings']['ldap_tls']) {
-               ldap_start_tls($ldapconn);
+                ldap_start_tls($ldapconn);
             }
             if ($debugLdap == 1) {
                 fputs($dbgLdap, "LDAP connection : " . ($ldapconn ? "Connected" : "Failed") . "\n");
@@ -366,9 +366,9 @@ 
                         $result_group = ldap_search($ldapconn, $_SESSION['settings']['ldap_usergroup'],$filter_group, array('dn'));
                         if ($debugLdap == 1) {
                                 fputs(
-                                     $dbgLdap,
-                                     'Search filter (group): ' . $filter_group . "\n" .
-                                     'Results : ' . print_r(ldap_get_entries($ldapconn, $result_group), true) . "\n"
+                                        $dbgLdap,
+                                        'Search filter (group): ' . $filter_group . "\n" .
+                                        'Results : ' . print_r(ldap_get_entries($ldapconn, $result_group), true) . "\n"
                                 );
                         }
                         if (!ldap_count_entries($ldapconn, $result_group)) {

Spacing +61 added lines, -61 removed lines

@@ -43,8 +43,8 @@ 
         fputs(
             $dbgDuo,
             "\n\n-----\n\n".
-            "sig request : ".$_POST['login']."\n" .
-            'resp : ' . $sig_request . "\n"
+            "sig request : ".$_POST['login']."\n".
+            'resp : '.$sig_request."\n"
         );
     }
 
@@ -94,7 +94,7 @@ 
             $_POST['login']
         );
         $row['agses-usercardid'] = filter_var($_POST['cardid'], FILTER_SANITIZE_NUMBER_INT);
-    }else {
+    } else {
         // error
         echo '[{"error" : "something_wrong" , "agses_message" : ""}]';
         return false;
@@ -155,7 +155,7 @@ 
         if (empty($ret_agses_apikey['valeur']) || empty($ret_agses_url['valeur']) || empty($ret_agses_id['valeur'])) {
             echo '[{"error" : "no_agses_info" , "agses_message" : ""}]';
         } else {
-            echo '[{"error" : "something_wrong" , "agses_message" : ""}]';  // user not found but not displayed as this in the error message
+            echo '[{"error" : "something_wrong" , "agses_message" : ""}]'; // user not found but not displayed as this in the error message
         }
     }
 } elseif ($_POST['type'] == "identify_duo_user_check") {
@@ -170,12 +170,12 @@ 
     $resp = Duo::verifyResponse(IKEY, SKEY, AKEY, $_POST['sig_response']);
 
     if ($debugDuo == 1) {
-        $dbgDuo = fopen($_SESSION['settings']['path_to_files_folder'] . "/duo.debug.txt", "a");
+        $dbgDuo = fopen($_SESSION['settings']['path_to_files_folder']."/duo.debug.txt", "a");
         fputs(
             $dbgDuo,
-            "\n\n-----\n\n" .
-            "sig response : " . $_POST['sig_response'] . "\n" .
-            'resp : ' . $resp . "\n"
+            "\n\n-----\n\n".
+            "sig response : ".$_POST['sig_response']."\n".
+            'resp : '.$resp."\n"
         );
     }
 
@@ -192,7 +192,7 @@ 
 
     // increment counter of login attempts
     if (empty($_SESSION["pwd_attempts"])) $_SESSION["pwd_attempts"] = 1;
-    else $_SESSION["pwd_attempts"] ++;
+    else $_SESSION["pwd_attempts"]++;
 
     // manage brute force
     if ($_SESSION["pwd_attempts"] <= 3) {
@@ -236,13 +236,13 @@ 
     require_once $_SESSION['settings']['cpassman_dir'].'/sources/SplClassLoader.php';
 
     if ($debugDuo == 1) {
-        $dbgDuo = fopen($_SESSION['settings']['path_to_files_folder'] . "/duo.debug.txt", "a");
+        $dbgDuo = fopen($_SESSION['settings']['path_to_files_folder']."/duo.debug.txt", "a");
     }
 
     if ($debugDuo == 1) {
         fputs(
             $dbgDuo,
-            "Content of data sent '" . $sentData . "'\n"
+            "Content of data sent '".$sentData."'\n"
         );
     }
 
@@ -282,7 +282,7 @@ 
     if ($debugDuo == 1) {
         fputs(
             $dbgDuo,
-            "Starting authentication of '" . $username . "'\n"
+            "Starting authentication of '".$username."'\n"
         );
     }
 
@@ -300,18 +300,18 @@ 
         $dbgLdap = fopen($_SESSION['settings']['path_to_files_folder']."/ldap.debug.txt", "w");
         fputs(
             $dbgLdap,
-            "Get all LDAP params : \n" .
-            'mode : ' . $_SESSION['settings']['ldap_mode'] . "\n" .
-            'type : ' . $_SESSION['settings']['ldap_type'] . "\n" .
-            'base_dn : '.$_SESSION['settings']['ldap_domain_dn']."\n" .
-            'search_base : ' . $_SESSION['settings']['ldap_search_base']."\n" .
-            'bind_dn : ' . $_SESSION['settings']['ldap_bind_dn']."\n" .
-            'bind_passwd : ' . $_SESSION['settings']['ldap_bind_passwd']."\n" .
-            'user_attribute : ' . $_SESSION['settings']['ldap_user_attribute']."\n" .
-            'account_suffix : '.$_SESSION['settings']['ldap_suffix']."\n" .
-            'domain_controllers : '.$_SESSION['settings']['ldap_domain_controler']."\n" .
-            'port : '.$_SESSION['settings']['ldap_port']."\n" .
-            'use_ssl : '.$_SESSION['settings']['ldap_ssl']."\n" .
+            "Get all LDAP params : \n".
+            'mode : '.$_SESSION['settings']['ldap_mode']."\n".
+            'type : '.$_SESSION['settings']['ldap_type']."\n".
+            'base_dn : '.$_SESSION['settings']['ldap_domain_dn']."\n".
+            'search_base : '.$_SESSION['settings']['ldap_search_base']."\n".
+            'bind_dn : '.$_SESSION['settings']['ldap_bind_dn']."\n".
+            'bind_passwd : '.$_SESSION['settings']['ldap_bind_passwd']."\n".
+            'user_attribute : '.$_SESSION['settings']['ldap_user_attribute']."\n".
+            'account_suffix : '.$_SESSION['settings']['ldap_suffix']."\n".
+            'domain_controllers : '.$_SESSION['settings']['ldap_domain_controler']."\n".
+            'port : '.$_SESSION['settings']['ldap_port']."\n".
+            'use_ssl : '.$_SESSION['settings']['ldap_ssl']."\n".
             'use_tls : '.$_SESSION['settings']['ldap_tls']."\n*********\n\n"
         );
     }
@@ -319,7 +319,7 @@ 
     if ($debugDuo == 1) {
         fputs(
             $dbgDuo,
-            "LDAP status: " . $_SESSION['settings']['ldap_mode'] . "\n"
+            "LDAP status: ".$_SESSION['settings']['ldap_mode']."\n"
         );
     }
 
@@ -328,13 +328,13 @@ 
     ) {
         //Multiple Domain Names
         if (strpos(html_entity_decode($username), '\\') == true) {
-            $ldap_suffix="@".substr(html_entity_decode($username), 0, strpos(html_entity_decode($username), '\\'));
-            $username=substr(html_entity_decode($username), strpos(html_entity_decode($username), '\\') + 1);
+            $ldap_suffix = "@".substr(html_entity_decode($username), 0, strpos(html_entity_decode($username), '\\'));
+            $username = substr(html_entity_decode($username), strpos(html_entity_decode($username), '\\') + 1);
         }
         if ($_SESSION['settings']['ldap_type'] == 'posix-search') {
             $ldapURIs = "";
-            foreach(explode(",", $_SESSION['settings']['ldap_domain_controler']) as $domainControler) {
-                if($_SESSION['settings']['ldap_ssl'] == 1) {
+            foreach (explode(",", $_SESSION['settings']['ldap_domain_controler']) as $domainControler) {
+                if ($_SESSION['settings']['ldap_ssl'] == 1) {
                     $ldapURIs .= "ldaps://".$domainControler.":".$_SESSION['settings']['ldap_port']." ";
                 }
                 else {
@@ -342,7 +342,7 @@ 
                 }
             }
             if ($debugLdap == 1) {
-                fputs($dbgLdap, "LDAP URIs : " . $ldapURIs . "\n");
+                fputs($dbgLdap, "LDAP URIs : ".$ldapURIs."\n");
             }
             $ldapconn = ldap_connect($ldapURIs);
 
@@ -350,25 +350,25 @@ 
                ldap_start_tls($ldapconn);
             }
             if ($debugLdap == 1) {
-                fputs($dbgLdap, "LDAP connection : " . ($ldapconn ? "Connected" : "Failed") . "\n");
+                fputs($dbgLdap, "LDAP connection : ".($ldapconn ? "Connected" : "Failed")."\n");
             }
             ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
             if ($ldapconn) {
                 $ldapbind = ldap_bind($ldapconn, $_SESSION['settings']['ldap_bind_dn'], $_SESSION['settings']['ldap_bind_passwd']);
                 if ($debugLdap == 1) {
-                    fputs($dbgLdap, "LDAP bind : " . ($ldapbind ? "Bound" : "Failed") . "\n");
+                    fputs($dbgLdap, "LDAP bind : ".($ldapbind ? "Bound" : "Failed")."\n");
                 }
                 if ($ldapbind) {
-                    $filter="(&(" . $_SESSION['settings']['ldap_user_attribute']. "=$username)(objectClass=" . $_SESSION['settings']['ldap_object_class'] ."))";
-                    $result=ldap_search($ldapconn, $_SESSION['settings']['ldap_search_base'], $filter, array('dn','mail','givenname','sn'));
+                    $filter = "(&(".$_SESSION['settings']['ldap_user_attribute']."=$username)(objectClass=".$_SESSION['settings']['ldap_object_class']."))";
+                    $result = ldap_search($ldapconn, $_SESSION['settings']['ldap_search_base'], $filter, array('dn', 'mail', 'givenname', 'sn'));
                     if (isset($_SESSION['settings']['ldap_usergroup'])) {
                         $filter_group = "memberUid=".$username;
-                        $result_group = ldap_search($ldapconn, $_SESSION['settings']['ldap_usergroup'],$filter_group, array('dn'));
+                        $result_group = ldap_search($ldapconn, $_SESSION['settings']['ldap_usergroup'], $filter_group, array('dn'));
                         if ($debugLdap == 1) {
                                 fputs(
                                      $dbgLdap,
-                                     'Search filter (group): ' . $filter_group . "\n" .
-                                     'Results : ' . print_r(ldap_get_entries($ldapconn, $result_group), true) . "\n"
+                                     'Search filter (group): '.$filter_group."\n".
+                                     'Results : '.print_r(ldap_get_entries($ldapconn, $result_group), true)."\n"
                                 );
                         }
                         if (!ldap_count_entries($ldapconn, $result_group)) {
@@ -380,8 +380,8 @@ 
                     if ($debugLdap == 1) {
                         fputs(
                             $dbgLdap,
-                            'Search filter : ' . $filter . "\n" .
-                            'Results : ' . print_r(ldap_get_entries($ldapconn, $result), true) . "\n"
+                            'Search filter : '.$filter."\n".
+                            'Results : '.print_r(ldap_get_entries($ldapconn, $result), true)."\n"
                         );
                     }
                     if ($ldapConnection && ldap_count_entries($ldapconn, $result)) {
@@ -405,12 +405,12 @@ 
             if ($debugLdap == 1) {
                 fputs(
                     $dbgLdap,
-                    "Get all ldap params : \n" .
-                    'base_dn : '.$_SESSION['settings']['ldap_domain_dn']."\n" .
-                    'account_suffix : '.$_SESSION['settings']['ldap_suffix']."\n" .
-                    'domain_controllers : '.$_SESSION['settings']['ldap_domain_controler']."\n" .
-                    'port : '.$_SESSION['settings']['ldap_port']."\n" .
-                    'use_ssl : '.$_SESSION['settings']['ldap_ssl']."\n" .
+                    "Get all ldap params : \n".
+                    'base_dn : '.$_SESSION['settings']['ldap_domain_dn']."\n".
+                    'account_suffix : '.$_SESSION['settings']['ldap_suffix']."\n".
+                    'domain_controllers : '.$_SESSION['settings']['ldap_domain_controler']."\n".
+                    'port : '.$_SESSION['settings']['ldap_port']."\n".
+                    'use_ssl : '.$_SESSION['settings']['ldap_ssl']."\n".
                     'use_tls : '.$_SESSION['settings']['ldap_tls']."\n*********\n\n"
                 );
             }
@@ -465,7 +465,7 @@ 
             if ($debugLdap == 1) {
                 fputs(
                     $dbgLdap,
-                    "After authenticate : ".$adldap->getLastError()."\n\n\n" .
+                    "After authenticate : ".$adldap->getLastError()."\n\n\n".
                     "ldap status : ".$ldapConnection."\n\n\n"
                 ); //Debug
             }
@@ -485,7 +485,7 @@ 
     if ($debugDuo == 1) {
         fputs(
             $dbgDuo,
-            "USer exists: " . $counter . "\n"
+            "USer exists: ".$counter."\n"
         );
     }
 
@@ -520,7 +520,7 @@ 
             && ($_SESSION['settings']['ldap_elusers'] == 0)
     ) {
         // If LDAP enabled, create user in CPM if doesn't exist
-        $data['pw'] = $pwdlib->createPasswordHash($passwordClear);  // create passwordhash
+        $data['pw'] = $pwdlib->createPasswordHash($passwordClear); // create passwordhash
 
         // get user info from LDAP
         if ($_SESSION['settings']['ldap_type'] == 'posix-search') {
@@ -584,7 +584,7 @@ 
     if ($debugDuo == 1) {
         fputs(
             $dbgDuo,
-            "User exists (confirm): " . $counter . "\n"
+            "User exists (confirm): ".$counter."\n"
         );
     }
 
@@ -642,7 +642,7 @@ 
     if ($debugDuo == 1) {
         fputs(
             $dbgDuo,
-            "Proceed with Ident: " . $proceedIdentification . "\n"
+            "Proceed with Ident: ".$proceedIdentification."\n"
         );
     }
 
@@ -679,17 +679,17 @@ 
                 unset($_SESSION['flickercode']);
             } else {
                 if ($result < -10) {
-                    $logError =  "ERROR: ".$result;
+                    $logError = "ERROR: ".$result;
                 } else if ($result == -4) {
-                    $logError =  "Wrong response code, no more tries left.";
+                    $logError = "Wrong response code, no more tries left.";
                 } else if ($result == -3) {
-                    $logError =  "Wrong response code, try to reenter.";
+                    $logError = "Wrong response code, try to reenter.";
                 } else if ($result == -2) {
-                    $logError =  "Timeout. The response code is not valid anymore.";
+                    $logError = "Timeout. The response code is not valid anymore.";
                 } else if ($result == -1) {
-                    $logError =  "Security Error. Did you try to verify the response from a different computer?";
+                    $logError = "Security Error. Did you try to verify the response from a different computer?";
                 } else if ($result == 1) {
-                    $logError =  "Authentication successful, response code correct.
+                    $logError = "Authentication successful, response code correct.
                           <br /><br />Authentification Method for SecureBrowser updated!";
                     // Add necessary code here for accessing your Business Application
                 }
@@ -776,7 +776,7 @@ 
         if ($debugDuo == 1) {
             fputs(
                 $dbgDuo,
-                "User's password verified: " . $userPasswordVerified . "\n"
+                "User's password verified: ".$userPasswordVerified."\n"
             );
         }
 
@@ -811,7 +811,7 @@ 
             if ($debugDuo == 1) {
                 fputs(
                     $dbgDuo,
-                    "User's token: " . $key . "\n"
+                    "User's token: ".$key."\n"
                 );
             }
 
@@ -933,7 +933,7 @@ 
                     'disabled' => 0,
                     'no_bad_attempts' => 0,
                     'session_end' => $_SESSION['fin_session'],
-                    'psk' => $pwdlib->createPasswordHash(htmlspecialchars_decode($psk)),    //bCrypt(htmlspecialchars_decode($psk), COST)
+                    'psk' => $pwdlib->createPasswordHash(htmlspecialchars_decode($psk)), //bCrypt(htmlspecialchars_decode($psk), COST)
                     'user_ip' =>  get_client_ip_server()
                 ),
                 "id=%i",
@@ -1080,8 +1080,8 @@ 
     if ($debugDuo == 1) {
         fputs(
             $dbgDuo,
-            "\n\n----\n" .
-            "Identified : " . $return . "\n\n"
+            "\n\n----\n".
+            "Identified : ".$return."\n\n"
         );
     }
 

Braces +11 added lines, -8 removed lines

@@ -94,7 +94,7 @@ 
             $_POST['login']
         );
         $row['agses-usercardid'] = filter_var($_POST['cardid'], FILTER_SANITIZE_NUMBER_INT);
-    }else {
+    } else {
         // error
         echo '[{"error" : "something_wrong" , "agses_message" : ""}]';
         return false;
@@ -191,8 +191,11 @@ 
 //--------
 
     // increment counter of login attempts
-    if (empty($_SESSION["pwd_attempts"])) $_SESSION["pwd_attempts"] = 1;
-    else $_SESSION["pwd_attempts"] ++;
+    if (empty($_SESSION["pwd_attempts"])) {
+        $_SESSION["pwd_attempts"] = 1;
+    } else {
+        $_SESSION["pwd_attempts"] ++;
+    }
 
     // manage brute force
     if ($_SESSION["pwd_attempts"] <= 3) {
@@ -336,8 +339,7 @@ 
             foreach(explode(",", $_SESSION['settings']['ldap_domain_controler']) as $domainControler) {
                 if($_SESSION['settings']['ldap_ssl'] == 1) {
                     $ldapURIs .= "ldaps://".$domainControler.":".$_SESSION['settings']['ldap_port']." ";
-                }
-                else {
+                } else {
                     $ldapURIs .= "ldap://".$domainControler.":".$_SESSION['settings']['ldap_port']." ";
                 }
             }
@@ -420,8 +422,7 @@ 
             // Posix style LDAP handles user searches a bit differently
             if ($_SESSION['settings']['ldap_type'] == 'posix') {
                 $ldap_suffix = ','.$_SESSION['settings']['ldap_suffix'].','.$_SESSION['settings']['ldap_domain_dn'];
-            }
-            elseif ($_SESSION['settings']['ldap_type'] == 'windows' and $ldap_suffix == '') { //Multiple Domain Names
+            } elseif ($_SESSION['settings']['ldap_type'] == 'windows' and $ldap_suffix == '') { //Multiple Domain Names
                 $ldap_suffix = $_SESSION['settings']['ldap_suffix'];
             }
             $adldap = new adLDAP\adLDAP(
@@ -840,7 +841,9 @@ 
             $_SESSION['user_avatar_thumb'] = $data['avatar_thumb'];
             $_SESSION['user_upgrade_needed'] = $data['upgrade_needed'];
             // get personal settings
-            if (!isset($data['treeloadstrategy']) || empty($data['treeloadstrategy'])) $data['treeloadstrategy'] = "full";
+            if (!isset($data['treeloadstrategy']) || empty($data['treeloadstrategy'])) {
+                $data['treeloadstrategy'] = "full";
+            }
             $_SESSION['user_settings']['treeloadstrategy'] = $data['treeloadstrategy'];
             $_SESSION['user_settings']['agses-usercardid'] = $data['agses-usercardid'];
             $_SESSION['user_settings']['user_language'] = $data['user_language'];

sources/checks.php

Spacing +2 added lines, -2 removed lines

@@ -28,7 +28,7 @@ 
 
 function curPage()
 {
-    parse_str(substr($_SERVER["REQUEST_URI"], strpos($_SERVER["REQUEST_URI"], "?")+1), $result);
+    parse_str(substr($_SERVER["REQUEST_URI"], strpos($_SERVER["REQUEST_URI"], "?") + 1), $result);
     return $result['page'];
 }
 
@@ -86,7 +86,7 @@ 
 
 function IsInArray($pages, $table)
 {
-    foreach($pages as $page) {
+    foreach ($pages as $page) {
         if (in_array($page, $table)) {
             return true;
         }

sources/folders.queries.php

Indentation +17 added lines, -17 removed lines

@@ -84,7 +84,7 @@ 
             prefix_table("nested_tree"),
             array(
                 'renewal_period' => mysqli_escape_string($link, stripslashes(($_POST['renewal_period'])))
-           ),
+            ),
             "id=%i",
             $id[1]
         );
@@ -103,7 +103,7 @@ 
         prefix_table("nested_tree"),
         array(
             'parent_id' => $_POST['newparent_id']
-       ),
+        ),
         "id=%i",
         $id[1]
     );
@@ -138,7 +138,7 @@ 
                 'type' => 'complex',
                 'intitule' => $id[1],
                 'valeur' => $_POST['changer_complexite']
-           )
+            )
         );
     } else {
         //update DB
@@ -146,7 +146,7 @@ 
             prefix_table("misc"),
             array(
                 'valeur' => $_POST['changer_complexite']
-           ),
+            ),
             "type=%s AND  intitule = %i",
             "complex",
             $id[1]
@@ -220,7 +220,7 @@ 
                                 'valeur' => $folder->id.', '.$folder->parent_id.', '.
                                     $folder->title.', '.$folder->nleft.', '.$folder->nright.', '.
                                     $folder->nlevel.', 0, 0, 0, 0'
-                           )
+                            )
                         );
 
                         //array for delete folder
@@ -476,7 +476,7 @@ 
                             'renewal_period' => $renewalPeriod,
                             'bloquer_creation' => isset($dataReceived['block_creation']) && $dataReceived['block_creation'] == 1 ? '1' : $parentBloquerCreation,
                             'bloquer_modification' => isset($dataReceived['block_modif']) && $dataReceived['block_modif'] == 1 ? '1' : $parentBloquerModification
-                       )
+                        )
                     );
                     $newId = DB::insertId();
 
@@ -728,7 +728,7 @@ 
                         'tree_id' => $val[0],
                         'fonction_id' => $val[1],
                         'authorized' => 1
-                   )
+                    )
                 );
             } else {
                 //Update DB
@@ -737,20 +737,20 @@ 
                         prefix_table("rights"),
                         array(
                             'authorized' => 0
-                       ),
-                       "id = %i AND fonction_id=%i",
-                       $val[0],
-                       $val[1]
+                        ),
+                        "id = %i AND fonction_id=%i",
+                        $val[0],
+                        $val[1]
                     );
                 } else {
                     DB::update(
                         prefix_table("rights"),
                         array(
                             'authorized' => 1
-                       ),
-                       "id = %i AND fonction_id=%i",
-                       $val[0],
-                       $val[1]
+                        ),
+                        "id = %i AND fonction_id=%i",
+                        $val[0],
+                        $val[1]
                     );
                 }
             }
@@ -941,7 +941,7 @@ 
                         'renewal_period' => $nodeInfo->renewal_period,
                         'bloquer_creation' => $nodeInfo->bloquer_creation,
                         'bloquer_modification' => $nodeInfo->bloquer_modification
-                   )
+                    )
                 );
                 $newFolderId = DB::insertId();
 
@@ -1121,7 +1121,7 @@ 
                                     'extension' => $record2['extension'],
                                     'type' => $record2['type'],
                                     'file' => $record2['file']
-                                   )
+                                    )
                             );
                         }
                         // Add this duplicate in logs

Spacing +16 added lines, -16 removed lines

@@ -209,7 +209,7 @@ 
             }
 
             foreach ($folders as $folder) {
-                if (($folder->parent_id > 0 || $folder->parent_id == 0) && $folder->title != $_SESSION['user_id'] ) {
+                if (($folder->parent_id > 0 || $folder->parent_id == 0) && $folder->title != $_SESSION['user_id']) {
                     //Store the deleted folder (recycled bin)
                     if ($pf === false) {
                         DB::insert(
@@ -265,12 +265,12 @@ 
                     );
 
                     //Actualize the variable
-                    $_SESSION['nb_folders'] --;
+                    $_SESSION['nb_folders']--;
                 }
             }
 
             // delete folder from SESSION
-            if(($key = array_search($_POST['id'], $_SESSION['groupes_visibles'])) !== false) {
+            if (($key = array_search($_POST['id'], $_SESSION['groupes_visibles'])) !== false) {
                 unset($folders[$key]);
             }
 
@@ -280,7 +280,7 @@ 
 
             // delete folders
             $folderForDel = array_unique($folderForDel);
-            foreach ($folderForDel as $fol){
+            foreach ($folderForDel as $fol) {
                 DB::delete(prefix_table("nested_tree"), "id = %i", $fol);
             }
 
@@ -346,7 +346,7 @@ 
                                 );
 
                                 // delete folder from SESSION
-                                if(($key = array_search($item['id'], $_SESSION['groupes_visibles'])) !== false) {
+                                if (($key = array_search($item['id'], $_SESSION['groupes_visibles'])) !== false) {
                                     unset($_SESSION['groupes_visibles'][$item['id']]);
                                 }
 
@@ -355,13 +355,13 @@ 
                             }
 
                             //Actualize the variable
-                            $_SESSION['nb_folders'] --;
+                            $_SESSION['nb_folders']--;
                         }
                     }
 
                     // delete folders
-                    $folderForDel=array_unique($folderForDel);
-                    foreach ($folderForDel as $fol){
+                    $folderForDel = array_unique($folderForDel);
+                    foreach ($folderForDel as $fol) {
                         DB::delete(prefix_table("nested_tree"), "id = %i", $fol);
                     }
                 }
@@ -506,7 +506,7 @@ 
                         && $_SESSION['settings']['subfolder_rights_as_parent'] == 1
                         && $_SESSION['is_admin'] !== 0
                         || ($isPersonal != 1 && $parentId === "0")
-                    ){
+                    ) {
                         //Get user's rights
                         @identifyUserRights(
                             $_SESSION['groupes_visibles'].';'.$newId,
@@ -582,7 +582,7 @@ 
                         }
                     }
                 }
-                else{
+                else {
                     $error = $LANG['error_not_allowed_to'];
                 }
             }
@@ -625,7 +625,7 @@ 
             if (isset($_SESSION['settings']['duplicate_folder']) && $_SESSION['settings']['duplicate_folder'] == 0) {
                 $data = DB::queryfirstrow(
                     "SELECT id, title FROM ".prefix_table("nested_tree")." WHERE title = %s", $title);
-                if (!empty($data['id']) && $dataReceived['id'] != $data['id'] && $title != $data['title'] ) {
+                if (!empty($data['id']) && $dataReceived['id'] != $data['id'] && $title != $data['title']) {
                     echo '[ { "error" : "error_group_exist" } ]';
                     break;
                 }
@@ -732,7 +732,7 @@ 
                 );
             } else {
                 //Update DB
-                if ($data['authorized']==1) {
+                if ($data['authorized'] == 1) {
                     DB::update(
                         prefix_table("rights"),
                         array(
@@ -832,10 +832,10 @@ 
             // Get through each subfolder
             $folders = $tree->getDescendants($_POST['id'], false);
             foreach ($folders as $folder) {
-                if($subfolders === "") {
+                if ($subfolders === "") {
                     $subfolders = $folder->id;
                 } else {
-                    $subfolders .= ";" . $folder->id;
+                    $subfolders .= ";".$folder->id;
                 }
             }
 
@@ -869,7 +869,7 @@ 
                 if (in_array($t->id, $_SESSION['groupes_visibles'])) {
                     if (!is_numeric($t->title)) {
                         $ident = "  ";
-                        for ($x=1; $x<$t->nlevel; $x++) {
+                        for ($x = 1; $x < $t->nlevel; $x++) {
                             $ident .= "&nbsp;&nbsp;";
                         }
 
@@ -970,7 +970,7 @@ 
                     && isset($_SESSION['settings']['subfolder_rights_as_parent'])
                     && $_SESSION['settings']['subfolder_rights_as_parent'] == 1
                     && $_SESSION['is_admin'] !== 0
-                ){
+                ) {
                     //Get user's rights
                     @identifyUserRights(
                         $_SESSION['groupes_visibles'].';'.$newFolderId,

Braces +1 added lines, -2 removed lines

@@ -581,8 +581,7 @@
                             $prev_level = $t->nlevel;
                         }
                     }
-                }
-                else{
+                } else{
                     $error = $LANG['error_not_allowed_to'];
                 }
             }

sources/datatable/datatable.logs.php

Spacing +42 added lines, -42 removed lines

@@ -46,7 +46,7 @@ 
     //Paging
     $sLimit = "";
     if (isset($_GET['iDisplayStart']) && $_GET['iDisplayLength'] != '-1') {
-        $sLimit = "LIMIT ". mysqli_real_escape_string($link, filter_var($_GET['iDisplayStart'], FILTER_SANITIZE_NUMBER_INT)) .", ". mysqli_real_escape_string($link, filter_var($_GET['iDisplayLength'], FILTER_SANITIZE_NUMBER_INT)) ;
+        $sLimit = "LIMIT ".mysqli_real_escape_string($link, filter_var($_GET['iDisplayStart'], FILTER_SANITIZE_NUMBER_INT)).", ".mysqli_real_escape_string($link, filter_var($_GET['iDisplayLength'], FILTER_SANITIZE_NUMBER_INT));
     }
 }
 
@@ -57,13 +57,13 @@ 
     //Ordering
     if (isset($_GET['iSortCol_0']) && isset($_GET['sSortDir_0']) && in_array(strtoupper($_GET['sSortDir_0']), $aSortTypes)) {
         $sOrder = "ORDER BY  ";
-        for ($i=0; $i<intval($_GET['iSortingCols']); $i++) {
+        for ($i = 0; $i < intval($_GET['iSortingCols']); $i++) {
             if (
-                $_GET[ 'bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
+                $_GET['bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
                 preg_match("#^(asc|desc)\$#i", $_GET['sSortDir_'.$i])
             ) {
-                $sOrder .= "".$aColumns[ filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT) ]." "
-                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]) .", ";
+                $sOrder .= "".$aColumns[filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)]." "
+                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]).", ";
             }
         }
 
@@ -82,7 +82,7 @@ 
     $sWhere = "WHERE l.type = 'user_connection'";
     if ($_GET['sSearch'] != "") {
         $sWhere .= " AND (";
-        for ($i=0; $i<count($aColumns); $i++) {
+        for ($i = 0; $i < count($aColumns); $i++) {
             $sWhere .= $aColumns[$i]." LIKE %ss_".$i." OR ";
         }
         $sWhere = substr_replace($sWhere, "", -3).") ";
@@ -139,7 +139,7 @@ 
         $sOutput .= '"'.date($_SESSION['settings']['date_format']." ".$_SESSION['settings']['time_format'], $record['date']).'", ';
 
         //col2
-        $sOutput .= '"'.str_replace(array(CHR(10),CHR(13)),array(' ',' '),htmlspecialchars(stripslashes($record['label']), ENT_QUOTES)).'", ';
+        $sOutput .= '"'.str_replace(array(CHR(10), CHR(13)), array(' ', ' '), htmlspecialchars(stripslashes($record['label']), ENT_QUOTES)).'", ';
 
         //col3
         $sOutput .= '"'.htmlspecialchars(stripslashes($record['login']), ENT_QUOTES).'"';
@@ -163,13 +163,13 @@ 
     //Ordering
     if (isset($_GET['iSortCol_0']) && isset($_GET['sSortDir_0']) && in_array(strtoupper($_GET['sSortDir_0']), $aSortTypes)) {
         $sOrder = "ORDER BY  ";
-        for ($i=0; $i<intval($_GET['iSortingCols']); $i++) {
+        for ($i = 0; $i < intval($_GET['iSortingCols']); $i++) {
             if (
-                $_GET[ 'bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
+                $_GET['bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
                 preg_match("#^(asc|desc)\$#i", $_GET['sSortDir_'.$i])
             ) {
-                $sOrder .= "".$aColumns[ filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT) ]." "
-                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]) .", ";
+                $sOrder .= "".$aColumns[filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)]." "
+                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]).", ";
             }
         }
 
@@ -183,7 +183,7 @@ 
     $sWhere = " WHERE l.type = 'error'";
     if ($_GET['sSearch'] != "") {
         $sWhere .= " AND (";
-        for ($i=0; $i<count($aColumns); $i++) {
+        for ($i = 0; $i < count($aColumns); $i++) {
             $sWhere .= $aColumns[$i]." LIKE %ss_".$i." OR ";
         }
         $sWhere = substr_replace($sWhere, "", -3).") ";
@@ -238,7 +238,7 @@ 
         $sOutput .= '"'.date($_SESSION['settings']['date_format']." ".$_SESSION['settings']['time_format'], $record['date']).'", ';
 
         //col2
-        $sOutput .= '"'.str_replace(array(CHR(10),CHR(13)),array(' ',' '),htmlspecialchars(stripslashes($record['label']), ENT_QUOTES)).'", ';
+        $sOutput .= '"'.str_replace(array(CHR(10), CHR(13)), array(' ', ' '), htmlspecialchars(stripslashes($record['label']), ENT_QUOTES)).'", ';
 
         //col3
         $sOutput .= '"'.htmlspecialchars(stripslashes($record['login']), ENT_QUOTES).'"';
@@ -262,13 +262,13 @@ 
     //Ordering
     if (isset($_GET['iSortCol_0']) && isset($_GET['sSortDir_0']) && in_array(strtoupper($_GET['sSortDir_0']), $aSortTypes)) {
         $sOrder = "ORDER BY  ";
-        for ($i=0; $i<intval($_GET['iSortingCols']); $i++) {
+        for ($i = 0; $i < intval($_GET['iSortingCols']); $i++) {
             if (
-                $_GET[ 'bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
+                $_GET['bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
                 preg_match("#^(asc|desc)\$#i", $_GET['sSortDir_'.$i])
             ) {
-                $sOrder .= "".$aColumns[ filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT) ]." "
-                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]) .", ";
+                $sOrder .= "".$aColumns[filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)]." "
+                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]).", ";
             }
         }
 
@@ -282,7 +282,7 @@ 
     $sWhere = " WHERE l.action = 'at_shown'";
     if ($_GET['sSearch'] != "") {
         $sWhere .= " AND (";
-        for ($i=0; $i<count($aColumns); $i++) {
+        for ($i = 0; $i < count($aColumns); $i++) {
             $sWhere .= $aColumns[$i]." LIKE %ss_".$i." OR ";
         }
         $sWhere = substr_replace($sWhere, "", -3).") ";
@@ -339,7 +339,7 @@ 
         $sOutput .= '"'.date($_SESSION['settings']['date_format']." ".$_SESSION['settings']['time_format'], $record['date']).'", ';
 
         //col2
-        $sOutput .= '"'.str_replace(array(CHR(10),CHR(13)),array(' ',' '),htmlspecialchars(stripslashes($record['label']), ENT_QUOTES)).'", ';
+        $sOutput .= '"'.str_replace(array(CHR(10), CHR(13)), array(' ', ' '), htmlspecialchars(stripslashes($record['label']), ENT_QUOTES)).'", ';
 
         //col3
         $sOutput .= '"'.htmlspecialchars(stripslashes($record['login']), ENT_QUOTES).'"';
@@ -363,13 +363,13 @@ 
     //Ordering
     if (isset($_GET['iSortCol_0']) && isset($_GET['sSortDir_0']) && in_array(strtoupper($_GET['sSortDir_0']), $aSortTypes)) {
         $sOrder = "ORDER BY  ";
-        for ($i=0; $i<intval($_GET['iSortingCols']); $i++) {
+        for ($i = 0; $i < intval($_GET['iSortingCols']); $i++) {
             if (
-                $_GET[ 'bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
+                $_GET['bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
                 preg_match("#^(asc|desc)\$#i", $_GET['sSortDir_'.$i])
             ) {
-                $sOrder .= "".$aColumns[ filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT) ]." "
-                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]) .", ";
+                $sOrder .= "".$aColumns[filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)]." "
+                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]).", ";
             }
         }
 
@@ -383,7 +383,7 @@ 
     $sWhere = " WHERE l.action = 'at_copy'";
     if ($_GET['sSearch'] != "") {
         $sWhere .= " AND (";
-        for ($i=0; $i<count($aColumns); $i++) {
+        for ($i = 0; $i < count($aColumns); $i++) {
             $sWhere .= $aColumns[$i]." LIKE %ss_".$i." OR ";
         }
         $sWhere = substr_replace($sWhere, "", -3).") ";
@@ -464,13 +464,13 @@ 
     //Ordering
     if (isset($_GET['iSortCol_0']) && isset($_GET['sSortDir_0']) && in_array(strtoupper($_GET['sSortDir_0']), $aSortTypes)) {
         $sOrder = "ORDER BY  ";
-        for ($i=0; $i<intval($_GET['iSortingCols']); $i++) {
+        for ($i = 0; $i < intval($_GET['iSortingCols']); $i++) {
             if (
-                $_GET[ 'bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
+                $_GET['bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
                 preg_match("#^(asc|desc)\$#i", $_GET['sSortDir_'.$i])
             ) {
-                $sOrder .= "".$aColumns[ filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT) ]." "
-                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]) .", ";
+                $sOrder .= "".$aColumns[filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)]." "
+                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]).", ";
             }
         }
 
@@ -486,7 +486,7 @@ 
     $sWhere = "WHERE l.type = 'admin_action'";
     if ($_GET['sSearch'] != "") {
         $sWhere .= " AND (";
-        for ($i=0; $i<count($aColumns); $i++) {
+        for ($i = 0; $i < count($aColumns); $i++) {
             $sWhere .= $aColumns[$i]." LIKE %ss_".$i." OR ";
         }
         $sWhere = substr_replace($sWhere, "", -3);
@@ -565,13 +565,13 @@ 
     //Ordering
     if (isset($_GET['iSortCol_0']) && isset($_GET['sSortDir_0']) && in_array(strtoupper($_GET['sSortDir_0']), $aSortTypes)) {
         $sOrder = "ORDER BY  ";
-        for ($i=0; $i<intval($_GET['iSortingCols']); $i++) {
+        for ($i = 0; $i < intval($_GET['iSortingCols']); $i++) {
             if (
-                $_GET[ 'bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
+                $_GET['bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
                 preg_match("#^(asc|desc)\$#i", $_GET['sSortDir_'.$i])
             ) {
-                $sOrder .= "".$aColumns[ filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT) ]." "
-                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]) .", ";
+                $sOrder .= "".$aColumns[filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)]." "
+                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]).", ";
             }
         }
 
@@ -587,7 +587,7 @@ 
     $sWhere = "";
     if ($_GET['sSearch'] != "") {
         $sWhere .= " WHERE (";
-        for ($i=1; $i<count($aColumns)-1; $i++) {
+        for ($i = 1; $i < count($aColumns) - 1; $i++) {
             $sWhere .= $aColumns[$i]." LIKE %ss_".$i." OR ";
         }
         $sWhere = substr_replace($sWhere, "", -3);
@@ -658,9 +658,9 @@ 
 
         //col5
         if ($record['perso'] == 1) {
-            $sOutput_item .= '"'. htmlspecialchars(stripslashes($LANG['yes']), ENT_QUOTES). '"';
+            $sOutput_item .= '"'.htmlspecialchars(stripslashes($LANG['yes']), ENT_QUOTES).'"';
         } else {
-            $sOutput_item .= '"'. htmlspecialchars(stripslashes($LANG['no']), ENT_QUOTES). '"';
+            $sOutput_item .= '"'.htmlspecialchars(stripslashes($LANG['no']), ENT_QUOTES).'"';
         }
 
         //Finish the line
@@ -684,13 +684,13 @@ 
     //Ordering
     if (isset($_GET['iSortCol_0']) && isset($_GET['sSortDir_0']) && in_array(strtoupper($_GET['sSortDir_0']), $aSortTypes)) {
         $sOrder = "ORDER BY  ";
-        for ($i=0; $i<intval($_GET['iSortingCols']); $i++) {
+        for ($i = 0; $i < intval($_GET['iSortingCols']); $i++) {
             if (
-                $_GET[ 'bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
+                $_GET['bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
                 preg_match("#^(asc|desc)\$#i", $_GET['sSortDir_'.$i])
             ) {
-                $sOrder .= "".$aColumns[ filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT) ]." "
-                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]) .", ";
+                $sOrder .= "".$aColumns[filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)]." "
+                .mysqli_escape_string($link, $_GET['sSortDir_'.$i]).", ";
             }
         }
 
@@ -704,7 +704,7 @@ 
     $sWhere = " WHERE l.type = 'failed_auth'";
     if ($_GET['sSearch'] != "") {
         $sWhere .= " AND (";
-        for ($i=0; $i<count($aColumns); $i++) {
+        for ($i = 0; $i < count($aColumns); $i++) {
             $sWhere .= $aColumns[$i]." LIKE %ss_".$i." OR ";
         }
         $sWhere = substr_replace($sWhere, "", -3).") ";
@@ -757,7 +757,7 @@ 
         $sOutput .= '"'.date($_SESSION['settings']['date_format']." ".$_SESSION['settings']['time_format'], $record['auth_date']).'", ';
 
         //col2
-        $sOutput .= '"'.str_replace(array(CHR(10),CHR(13)),array(' ',' '),htmlspecialchars(stripslashes($record['label']), ENT_QUOTES)).'", ';
+        $sOutput .= '"'.str_replace(array(CHR(10), CHR(13)), array(' ', ' '), htmlspecialchars(stripslashes($record['label']), ENT_QUOTES)).'", ';
 
         //col3
         $sOutput .= '"'.htmlspecialchars(stripslashes($record['who']), ENT_QUOTES).'"';

sources/datatable/datatable.kb.php

Spacing +6 added lines, -6 removed lines

@@ -46,20 +46,20 @@ 
 //Paging
 $sLimit = "";
 if (isset($_GET['iDisplayStart']) && $_GET['iDisplayLength'] != '-1') {
-    $sLimit = "LIMIT ". filter_var($_GET['iDisplayStart'], FILTER_SANITIZE_NUMBER_INT) .", ". filter_var($_GET['iDisplayLength'], FILTER_SANITIZE_NUMBER_INT)."";
+    $sLimit = "LIMIT ".filter_var($_GET['iDisplayStart'], FILTER_SANITIZE_NUMBER_INT).", ".filter_var($_GET['iDisplayLength'], FILTER_SANITIZE_NUMBER_INT)."";
 }
 
 //Ordering
 
 if (isset($_GET['iSortCol_0']) && in_array($_GET['iSortCol_0'], $aSortTypes)) {
     $sOrder = "ORDER BY  ";
-    for ($i=0; $i<intval($_GET['iSortingCols']); $i++) {
+    for ($i = 0; $i < intval($_GET['iSortingCols']); $i++) {
         if (
-            $_GET[ 'bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
+            $_GET['bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
             preg_match("#^(asc|desc)\$#i", $_GET['sSortDir_'.$i])
         ) {
-            $sOrder .= "".$aColumns[ filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT) ]." "
-            .mysqli_escape_string($link, $_GET['sSortDir_'.$i]) .", ";
+            $sOrder .= "".$aColumns[filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)]." "
+            .mysqli_escape_string($link, $_GET['sSortDir_'.$i]).", ";
         }
     }
 
@@ -77,7 +77,7 @@ 
 */
 if ($_GET['sSearch'] != "") {
     $sWhere = " WHERE ";
-    for ($i=0; $i<count($aColumns); $i++) {
+    for ($i = 0; $i < count($aColumns); $i++) {
         $sWhere .= $aColumns[$i]." LIKE %ss_".$i." OR ";
     }
     $sWhere = substr_replace($sWhere, "", -3);

sources/datatable/datatable.users.php

Spacing +6 added lines, -6 removed lines

@@ -64,7 +64,7 @@ 
 //Paging
 $sLimit = "";
 if (isset($_GET['length']) && $_GET['length'] != '-1') {
-    $sLimit = "LIMIT ". filter_var($_GET['start'], FILTER_SANITIZE_NUMBER_INT) .", ". filter_var($_GET['length'], FILTER_SANITIZE_NUMBER_INT)."";
+    $sLimit = "LIMIT ".filter_var($_GET['start'], FILTER_SANITIZE_NUMBER_INT).", ".filter_var($_GET['length'], FILTER_SANITIZE_NUMBER_INT)."";
 }
 
 //Ordering
@@ -73,8 +73,8 @@ 
     if (
         preg_match("#^(asc|desc)\$#i", $_GET['order'][0]['column'])
     ) {
-        $sOrder .= "".$aColumns[ filter_var($_GET['order'][0]['column'], FILTER_SANITIZE_NUMBER_INT) ]." "
-        .mysqli_escape_string($link, $_GET['order'][0]['column']) .", ";
+        $sOrder .= "".$aColumns[filter_var($_GET['order'][0]['column'], FILTER_SANITIZE_NUMBER_INT)]." "
+        .mysqli_escape_string($link, $_GET['order'][0]['column']).", ";
     }
 
     $sOrder = substr_replace($sOrder, "", -2);
@@ -285,9 +285,9 @@ 
         //col11
         if ($_SESSION['is_admin'] === "1" || $_SESSION['user_can_manage_all_users'] == 1) {
             if ($record['can_manage_all_users'] === "1") {
-                $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\" tp=\"' . $record['id'] . '-can_manage_all_users-0\"></i>"';
+                $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-can_manage_all_users-0\"></i>"';
             } else {
-                $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"' . $record['id'] . '-can_manage_all_users-1\"></i>"';
+                $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-can_manage_all_users-1\"></i>"';
             }
         } else {
             $sOutput .= '""';
@@ -307,7 +307,7 @@ 
         //Finish the line
         $sOutput .= '],';
 
-        $iFilteredTotal ++;
+        $iFilteredTotal++;
     }
 }
 

Braces +46 added lines, -21 removed lines

@@ -90,13 +90,16 @@ 
    * on very large tables, and MySQL's regex functionality is very limited
 */
 if (isset($_GET['letter']) && $_GET['letter'] != "" && $_GET['letter'] != "None") {
-    if (empty($sWhere)) $sWhere = " WHERE ";
+    if (empty($sWhere)) {
+        $sWhere = " WHERE ";
+    }
     $sWhere .= $aColumns[1]." LIKE '".filter_var($_GET['letter'], FILTER_SANITIZE_STRING)."%' OR ";
     $sWhere .= $aColumns[2]." LIKE '".filter_var($_GET['letter'], FILTER_SANITIZE_STRING)."%' OR ";
     $sWhere .= $aColumns[3]." LIKE '".filter_var($_GET['letter'], FILTER_SANITIZE_STRING)."%' ";
-}
-elseif (isset($_GET['search']['value']) && $_GET['search']['value'] != "") {
-    if (empty($sWhere)) $sWhere = " WHERE ";
+} elseif (isset($_GET['search']['value']) && $_GET['search']['value'] != "") {
+    if (empty($sWhere)) {
+        $sWhere = " WHERE ";
+    }
     $sWhere .= $aColumns[1]." LIKE '".filter_var($_GET['search']['value'], FILTER_SANITIZE_STRING)."%' OR ";
     $sWhere .= $aColumns[2]." LIKE '".filter_var($_GET['search']['value'], FILTER_SANITIZE_STRING)."%' OR ";
     $sWhere .= $aColumns[3]." LIKE '".filter_var($_GET['search']['value'], FILTER_SANITIZE_STRING)."%' ";
@@ -104,8 +107,11 @@ 
 
 // enlarge the query in case of Manager
 if (!$_SESSION['is_admin'] && !$_SESSION['user_can_manage_all_users']) {
-    if (empty($sWhere)) $sWhere = " WHERE ";
-    else $sWhere .= " AND ";
+    if (empty($sWhere)) {
+        $sWhere = " WHERE ";
+    } else {
+        $sWhere .= " AND ";
+    }
     $sWhere .= "isAdministratedByRole IN (".implode(",", array_filter($_SESSION['user_roles'])).")";
 }
 db::debugmode(false);
@@ -213,8 +219,9 @@ 
         } else {
             $sOutput .= '"';
         }
-        if ($record['id'] != API_USER_ID && $record['id'] != OTV_USER_ID)
-            $sOutput .= '<span class=\"fa fa-external-link tip\" style=\"cursor:pointer;\" onclick=\"user_edit(\''.$record['id'].'\')\" title=\"'.$LANG['edit'].' ['.$record['id'].']'.'\"></span>';
+        if ($record['id'] != API_USER_ID && $record['id'] != OTV_USER_ID) {
+                    $sOutput .= '<span class=\"fa fa-external-link tip\" style=\"cursor:pointer;\" onclick=\"user_edit(\''.$record['id'].'\')\" title=\"'.$LANG['edit'].' ['.$record['id'].']'.'\"></span>';
+        }
 
         // pwd change
         $sOutput .= '&nbsp;<span class=\"fa fa-key tip\" style=\"cursor:pointer;\" onclick=\"mdp_user(\''.$record['id'].'\')\" title=\"'.addcslashes($LANG['change_password'], '"\\/').'\"></span>';
@@ -229,8 +236,9 @@ 
             $sOutput .= '&nbsp;<span class=\"fa fa-qrcode mi-green tip\" style=\"cursor:pointer;\" onclick=\"user_action_ga_code(\''.$record['id'].'\')\" title=\"'.addcslashes($LANG['user_ga_code'], '"\\/').'\"></span>';
         }
 
-        if ($record['admin'] !== "1")
-            $sOutput .= '&nbsp;<span class=\"fa fa-sitemap tip\" style=\"cursor:pointer;\" onclick=\"user_folders_rights(\''.$record['id'].'\')\" title=\"'.$LANG['user_folders_rights'].' ['.$record['id'].']'.'\"></span>';
+        if ($record['admin'] !== "1") {
+                    $sOutput .= '&nbsp;<span class=\"fa fa-sitemap tip\" style=\"cursor:pointer;\" onclick=\"user_folders_rights(\''.$record['id'].'\')\" title=\"'.$LANG['user_folders_rights'].' ['.$record['id'].']'.'\"></span>';
+        }
 
         $sOutput .= '",';
 
@@ -265,21 +273,30 @@ 
 
         //col9
         if ($_SESSION['user_can_manage_all_users'] === "1" || $_SESSION['is_admin'] === "1") {
-            if ($record['admin'] === "1") $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-admin-0\"></i>"';
-            else $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-admin-1\"></i>"';
+            if ($record['admin'] === "1") {
+                $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-admin-0\"></i>"';
+            } else {
+                $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-admin-1\"></i>"';
+            }
         } else {
             $sOutput .= '""';
         }
         $sOutput .= ',';
 
         //col10
-        if ($record['gestionnaire'] === "1") $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\"  tp=\"'.$record['id'].'-gestionnaire-0\"></i>"';
-        else $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-gestionnaire-1\"></i>"';
+        if ($record['gestionnaire'] === "1") {
+            $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\"  tp=\"'.$record['id'].'-gestionnaire-0\"></i>"';
+        } else {
+            $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-gestionnaire-1\"></i>"';
+        }
         $sOutput .= ',';
 
         //col11
-        if ($record['read_only'] === "1") $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-read_only-0\"></i>"';
-        else $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-read_only-1\"></i>"';
+        if ($record['read_only'] === "1") {
+            $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-read_only-0\"></i>"';
+        } else {
+            $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-read_only-1\"></i>"';
+        }
         $sOutput .= ',';
 
         //col11
@@ -295,13 +312,19 @@ 
         $sOutput .= ',';
 
         //col12
-        if ($record['can_create_root_folder'] === "1") $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-can_create_root_folder-0\"></i>"';
-        else $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-can_create_root_folder-1\"></i>"';
+        if ($record['can_create_root_folder'] === "1") {
+            $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-can_create_root_folder-0\"></i>"';
+        } else {
+            $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-can_create_root_folder-1\"></i>"';
+        }
         $sOutput .= ',';
 
         //col13
-        if ($record['personal_folder'] === "1") $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-personal_folder-0\"></i>"';
-        else $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-personal_folder-1\"></i>"';
+        if ($record['personal_folder'] === "1") {
+            $sOutput .= '"<i class=\"fa fa-toggle-on mi-green\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-personal_folder-0\"></i>"';
+        } else {
+            $sOutput .= '"<i class=\"fa fa-toggle-off\" style=\"cursor:pointer;\" tp=\"'.$record['id'].'-personal_folder-1\"></i>"';
+        }
 
 
         //Finish the line
@@ -312,7 +335,9 @@ 
 }
 
 if (count($rows) > 0) {
-    if (strrchr($sOutput, "[") != '[') $sOutput = substr_replace($sOutput, "", -1);
+    if (strrchr($sOutput, "[") != '[') {
+        $sOutput = substr_replace($sOutput, "", -1);
+    }
     $sOutput .= '] }';
 } else {
     $sOutput .= '[] }';

sources/datatable/datatable.users_logged.php

Indentation +9 added lines, -9 removed lines

@@ -55,15 +55,15 @@
 
 if (isset($_GET['iSortCol_0']) && in_array($_GET['iSortCol_0'], $aSortTypes)) {
     $sOrder = "ORDER BY  ";
-	for ($i=0; $i<intval($_GET['iSortingCols']); $i++) {
-		if (
-			$_GET[ 'bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
-			preg_match("#^(asc|desc)\$#i", $_GET['sSortDir_'.$i])
-		) {
-			$sOrder .= "".$aColumns[ filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT) ]." "
-			.mysqli_escape_string($link, $_GET['sSortDir_'.$i]) .", ";
-		}
-	}
+    for ($i=0; $i<intval($_GET['iSortingCols']); $i++) {
+        if (
+            $_GET[ 'bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
+            preg_match("#^(asc|desc)\$#i", $_GET['sSortDir_'.$i])
+        ) {
+            $sOrder .= "".$aColumns[ filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT) ]." "
+            .mysqli_escape_string($link, $_GET['sSortDir_'.$i]) .", ";
+        }
+    }
 
     $sOrder = substr_replace($sOrder, "", -2);
     if ($sOrder == "ORDER BY") {

Spacing +7 added lines, -7 removed lines

@@ -48,20 +48,20 @@ 
 //Paging
 $sLimit = "";
 if (isset($_GET['iDisplayStart']) && $_GET['iDisplayLength'] != '-1') {
-    $sLimit = "LIMIT ". filter_var($_GET['iDisplayStart'], FILTER_SANITIZE_NUMBER_INT) .", ". filter_var($_GET['iDisplayLength'], FILTER_SANITIZE_NUMBER_INT)."";
+    $sLimit = "LIMIT ".filter_var($_GET['iDisplayStart'], FILTER_SANITIZE_NUMBER_INT).", ".filter_var($_GET['iDisplayLength'], FILTER_SANITIZE_NUMBER_INT)."";
 }
 
 //Ordering
 
 if (isset($_GET['iSortCol_0']) && in_array($_GET['iSortCol_0'], $aSortTypes)) {
     $sOrder = "ORDER BY  ";
-	for ($i=0; $i<intval($_GET['iSortingCols']); $i++) {
+	for ($i = 0; $i < intval($_GET['iSortingCols']); $i++) {
 		if (
-			$_GET[ 'bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
+			$_GET['bSortable_'.filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)] == "true" &&
 			preg_match("#^(asc|desc)\$#i", $_GET['sSortDir_'.$i])
 		) {
-			$sOrder .= "".$aColumns[ filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT) ]." "
-			.mysqli_escape_string($link, $_GET['sSortDir_'.$i]) .", ";
+			$sOrder .= "".$aColumns[filter_var($_GET['iSortCol_'.$i], FILTER_SANITIZE_NUMBER_INT)]." "
+			.mysqli_escape_string($link, $_GET['sSortDir_'.$i]).", ";
 		}
 	}
 
@@ -80,7 +80,7 @@ 
 $sWhere = " WHERE ((timestamp != '' AND session_end >= '".time()."')";
 if ($_GET['sSearch'] != "") {
     $sWhere .= " AND (";
-    for ($i=0; $i<count($aColumns); $i++) {
+    for ($i = 0; $i < count($aColumns); $i++) {
         $sWhere .= $aColumns[$i]." LIKE %ss_".$aColumns[$i]." OR ";
     }
     $sWhere = substr_replace($sWhere, "", -3);
@@ -142,7 +142,7 @@ 
     $time_diff = intval(time() - $reccord['timestamp']);
     $hoursDiff = round($time_diff / 3600, 0, PHP_ROUND_HALF_DOWN);
     $minutesDiffRemainder = floor($time_diff % 3600 / 60);
-    $sOutput_item .= '"'.$hoursDiff . 'h ' . $minutesDiffRemainder . 'm" ';
+    $sOutput_item .= '"'.$hoursDiff.'h '.$minutesDiffRemainder.'m" ';
 
 
     //Finish the line