diff --git a/api/Model/ItemModel.php b/api/Model/ItemModel.php index a27cb7494..75c2a8216 100755 --- a/api/Model/ItemModel.php +++ b/api/Model/ItemModel.php @@ -77,7 +77,7 @@ public function getItems(string $sqlExtra, int $limit, string $userPrivateKey, i if (empty($path) === true) { $path = htmlspecialchars(stripslashes(htmlspecialchars_decode($elem->title, ENT_QUOTES)), ENT_QUOTES); } else { - $path .= '>' . htmlspecialchars(stripslashes(htmlspecialchars_decode($elem->title, ENT_QUOTES)), ENT_QUOTES); + $path .= '/' . htmlspecialchars(stripslashes(htmlspecialchars_decode($elem->title, ENT_QUOTES)), ENT_QUOTES); } } diff --git a/includes/config/include.php b/includes/config/include.php index bb8642736..279fbeeac 100755 --- a/includes/config/include.php +++ b/includes/config/include.php @@ -12,12 +12,12 @@ * @copyright 2009-2022 Nils Laumaillé * @license https://spdx.org/licenses/GPL-3.0-only.html#licenseText GPL-3.0 * - * @version 3.0.0.22 + * @version 3.0.0.23 * * @see http://www.teampass.net */ define('TP_VERSION', '3.0.0'); -define('TP_VERSION_FULL', TP_VERSION.'.22'); +define('TP_VERSION_FULL', TP_VERSION.'.23'); define('TP_TOOL_NAME', 'Teampass'); define('TP_ONE_DAY_SECONDS', 86400); define('TP_ONE_WEEK_SECONDS', 604800); diff --git a/includes/core/load.js.php b/includes/core/load.js.php index 411b35bec..62627c373 100755 --- a/includes/core/load.js.php +++ b/includes/core/load.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file load.js.php * --- * diff --git a/includes/core/login.js.php b/includes/core/login.js.php index e5200efd5..e55f5dbbb 100755 --- a/includes/core/login.js.php +++ b/includes/core/login.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file login.js.php * --- * diff --git a/includes/core/login.php b/includes/core/login.php index cb2cbd36c..b686cad90 100755 --- a/includes/core/login.php +++ b/includes/core/login.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file login.php * --- * diff --git a/includes/core/logout.php b/includes/core/logout.php index 2a22a3294..a68b1821c 100755 --- a/includes/core/logout.php +++ b/includes/core/logout.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file logout.php * --- * diff --git a/includes/core/otv.php b/includes/core/otv.php index 7aac87191..1db3f1860 100755 --- a/includes/core/otv.php +++ b/includes/core/otv.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file otv.php * --- * diff --git a/includes/language/arabic.php b/includes/language/arabic.php index 61ab01e72..988b9b42d 100755 --- a/includes/language/arabic.php +++ b/includes/language/arabic.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file arabic.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/bulgarian.php b/includes/language/bulgarian.php index f83818d28..ebfc106c4 100755 --- a/includes/language/bulgarian.php +++ b/includes/language/bulgarian.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file bulgarian.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/catalan.php b/includes/language/catalan.php index d6bbfc6de..543e305e6 100755 --- a/includes/language/catalan.php +++ b/includes/language/catalan.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file catalan.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/chinese.php b/includes/language/chinese.php index 118ae26c3..ea20ac1ee 100755 --- a/includes/language/chinese.php +++ b/includes/language/chinese.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file chinese.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/czech.php b/includes/language/czech.php index 8f129f866..b16a12275 100755 --- a/includes/language/czech.php +++ b/includes/language/czech.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file czech.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/dutch.php b/includes/language/dutch.php index a74fcda07..0fcb14508 100755 --- a/includes/language/dutch.php +++ b/includes/language/dutch.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file dutch.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/english.php b/includes/language/english.php index a3ecb131e..f931586dd 100755 --- a/includes/language/english.php +++ b/includes/language/english.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file english.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -517,7 +517,7 @@ 'api_whitelist_ips' => 'API IPs Whitelist', 'api_whitelist_ips_tip' => 'If no API client IP addresses are explicitly listed here, then any IP address is authorized.', 'email_share_item_subject' => 'A password item was shared with you', - 'email_share_item_mail' => 'Hello,

This is a generated email from Teampass passwords manager.

#tp_user# has shared with you the password item #tp_item#.

Click this link to access the item.


Greetings', + 'email_share_item_mail' => 'Hello,

This is a generated email from Teampass passwords manager.

#tp_user# has shared with you the password item #tp_item#.

Click this link to access the item.


Greetings', 'index_maintenance_mode_admin' => 'Maintenance mode is enabled. Users cannot sign in.', '2fa_authentication_selector' => 'Select a 2 factor authentication method', 'upload_empty_file' => 'Upload empty file', diff --git a/includes/language/estonian.php b/includes/language/estonian.php index d18c347f6..03f63b6ab 100755 --- a/includes/language/estonian.php +++ b/includes/language/estonian.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file estonian.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/french.php b/includes/language/french.php index 80f40c6a3..88c183779 100755 --- a/includes/language/french.php +++ b/includes/language/french.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file french.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/german.php b/includes/language/german.php index 5137fd621..b7716bb2d 100755 --- a/includes/language/german.php +++ b/includes/language/german.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file german.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/greek.php b/includes/language/greek.php index 17115e3e3..b4cb1bf61 100755 --- a/includes/language/greek.php +++ b/includes/language/greek.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file greek.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/hungarian.php b/includes/language/hungarian.php index c6034ec67..febe08b40 100755 --- a/includes/language/hungarian.php +++ b/includes/language/hungarian.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file hungarian.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/italian.php b/includes/language/italian.php index e6cecb541..17c90e7b9 100755 --- a/includes/language/italian.php +++ b/includes/language/italian.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file italian.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/japanese.php b/includes/language/japanese.php index 52402c817..2511964aa 100755 --- a/includes/language/japanese.php +++ b/includes/language/japanese.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file japanese.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/norwegian.php b/includes/language/norwegian.php index df2c2aaaa..a294588a0 100755 --- a/includes/language/norwegian.php +++ b/includes/language/norwegian.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file norwegian.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/polish.php b/includes/language/polish.php index f1f4b3f9a..740c82b7f 100755 --- a/includes/language/polish.php +++ b/includes/language/polish.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file polish.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/portuguese.php b/includes/language/portuguese.php index 8416aebee..d5b89c256 100755 --- a/includes/language/portuguese.php +++ b/includes/language/portuguese.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file portuguese.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -65,14 +65,14 @@ 'settings_ldap_hosts_tip' => 'The hosts option is an array of IP addresses or host names located on your network that serve an LDAP directory (seprated by a comma). You insert as many servers or as little as you would like depending on your forest (with the minimum of one of course).', 'base_distiguished_name' => 'Base DN', 'settings_ldap_bdn_tip' => 'The root distinguished name (DN) to use when running queries against the directory server. Examples: o=example,c=com ; cn=users,dc=ad,dc=example,dc=com', - 'username' => 'Username', + 'username' => 'Utilizador', 'settings_ldap_username_tip' => 'The distinguished name of the user that the application will use when connecting to the directory server. Examples: cn=administrator,cn=users,dc=ad,dc=example,dc=com ; cn=user,dc=domain,dc=name', - 'settings_ldap_password_tip' => 'The password of the user specified above.', + 'settings_ldap_password_tip' => 'A palavra-passe do utilizador especificado acima.', 'settings_ldap_port_tip' => 'Default non secure LDAP port: 389, default secure LDAP port: 636', - 'undefined' => 'Undefined', - 'error_cannot_open_file' => 'File cannot be opened', + 'undefined' => 'Indefinido', + 'error_cannot_open_file' => 'O ficheiro não pode ser aberto', 'provide_current_psk_and_click_launch' => 'When ready, click button Launch', - 'start' => 'Start', + 'start' => 'Iniciar', 'data_inconsistency' => 'Data inconsistency found. Please reload the page!', 'one_time_code_expected' => 'One-Time-Code expected', 'data_are_missing' => 'Expected data are missing', @@ -83,13 +83,13 @@ 'ldap_user_password_is_used_for_authentication' => 'User password in LDAP is used for authentication', 'local_user_password_is_used_for_authentication' => 'User password in Teampass is used for authentication', 'provide_your_current_password' => 'Provide your current password', - 'current_password' => 'Current password', - 'password_is_not_correct' => 'This password is not correct', + 'current_password' => 'Palavra-passe atual', + 'password_is_not_correct' => 'Esta palavra-passe não é a correta', 'ldap_password_change_warning' => 'Your login password has changed since last connection. It is requested to re-encrypt all the keys using this new password. For this operation, please fill in the next field with your previous ldap password. The operation can take several minutes.', - 'personal_items' => 'Personal items', + 'personal_items' => 'Itens pessoais', 'logout_on_going' => 'You will now be logout. Use your new password for being connected from now.', 'fill_in_fields_and_hit_launch' => 'Provide expected data and hit Launch button', - 'please_select_a_folder' => 'Please select a folder', + 'please_select_a_folder' => 'Por favor seleccione uma pasta', 'user_must_have_login_and_email' => 'User must have a login and an email', 'user_has_this_role_in_teampass' => 'O utilizador tem esta função no Teampass', 'select_role_to_create' => 'Seleccione função a criar', @@ -101,14 +101,14 @@ 'remove_install_folder' => 'Install folder has to be removed', 'list_users' => 'List users', 'ldap_synchronization' => 'LDAP synchronization', - 'in_progress' => 'In progress', + 'in_progress' => 'Em progresso', 'clipboard_password_life_duration' => 'Delay before the clipboard is cleared (in seconds)', 'clipboard_password_life_duration_tip' => 'Permits to define a delay in seconds before which the password copied in clipboard will be cleared from the browser clipboard. Set to 0 to disable.', 'clipboard_will_be_cleared' => 'Password is now in clipboard. It will soon be cleared...', 'file_folder_not_accessible' => 'Files folder is not accessible', 'error_missing_id' => 'An error occurred. Missing ID ... ?', 'error_folder_not_allowed' => 'Selected folder is not allowed', - 'all_fields_mandatory' => 'All fields are mandatory', + 'all_fields_mandatory' => 'Todos os campos são obrigatórios', 'history_insert_entry' => 'Insert in History', 'clear_form' => 'Clear form', 'info_about_history_insertion' => 'Caution - This feature permits you to insert manually an event in the item history log. Once added it will not be possible to remove it. Also notice that your account id will be associated to this new entry.', @@ -126,14 +126,14 @@ 'password_overview_delay_tip' => 'This setting permits to define the number of seconds the clear password will be displayed to the user.', 'select_date_showing_items_expiration' => 'List the expired items at date', 'renewal_page_info' => 'This page permits to identify the items currently expired or expiring in next period.', - 'filename' => 'Filename', - 'exported_to_file' => 'Exported to file', - 'operation_progress' => 'Operation is in progress', - 'exporting_items' => 'Exporting items', - 'select_folders_to_export' => 'Select folders to export', - 'export_format_type' => 'Select the export format type', - 'export_items' => 'Export items', - 'loading_item' => 'Loading item', + 'filename' => 'Nome do ficheiro', + 'exported_to_file' => 'Exportado para ficheiro', + 'operation_progress' => 'A operação está em progresso', + 'exporting_items' => 'A exportar itens', + 'select_folders_to_export' => 'Seleccione pastas para exportar', + 'export_format_type' => 'Seleccione o formato de exportação', + 'export_items' => 'Exportar itens', + 'loading_item' => 'A carregar item', 'otv_message' => 'You can share this item with someone without a Teampass account. One-Time-View permits your guest to access basic fields of this item only once without being authenticated in Teampass. Please notice that this link is valid for a period of ##otv_expiration_period## days. Copy and share the link below.', 'no_sharekey_found' => 'No key found for this file and your account', 'otv_link' => 'One-time-view link', @@ -499,7 +499,7 @@ 'server_time' => 'Server time', 'settings_tree_counters' => 'Show more counters in folder tree', 'settings_tree_counters_tip' => 'Enabling shows three numbers next to each folder: number of items in base folder; number of items including subfolders; number of subfolders. Enabling this feature may slow loading of the folder tree pane.', - 'admin_action_check_pf' => 'Criar pastas pessoas para todos os utilizadores que não têm', + 'admin_action_check_pf' => 'Criar pastas pessoas para todos os utilizadores que não as têm', 'enable_personal_folder_feature_tip' => 'Personal folders are a private location for individual user passwords. Password items are encrypted by a user\'s salt key (more secure) or by their password (easier). Enabling this feature does not create the actual folders for existing users - you must also run the create personal folders task.', 'administrators_only' => 'Administrators only', 'managers_of' => 'Gestores da função', @@ -724,7 +724,7 @@ 'level' => 'Nivel', 'login' => 'Login (se necessário)', 'mask_pw' => 'Oculta/Mostra a senha', - 'max_last_items' => 'Maximo de últimos itens visto por um usuários (Padrão é 10)', + 'max_last_items' => 'Tamanho da lista dos últimos itens vistos (padrão é 10)', 'minutes' => 'minutos', 'name' => 'Nome', 'nb_false_login_attempts' => 'Número de tentativas de login sem sucesso para bloquear a conta (0 é desativado)', @@ -737,14 +737,14 @@ 'not_allowed_to_see_pw' => 'Você não esta autorizado a ver este item!', 'not_allowed_to_see_pw_is_expired' => 'Este item esta expirado', 'not_defined' => 'Não definido', - 'number_of_used_pw' => 'Número de novas senhas que o usuário precisa ingressar antes de usar uma senha antiga', + 'number_of_used_pw' => 'Número de palavras-passe antigas guardadas para evitar reutilização (0 para desativar)', 'pages' => 'Paginas', 'pdf_download' => 'Dowload do arquivo', 'personal_salt_key' => 'Sua senha pessoal \'SALT KEY\'', 'pw' => 'Senha', 'pw_generate' => 'Gera', 'pw_is_expired_-_update_it' => 'Este item expirou! Precisa alterar a senha.', - 'pw_life_duration' => 'Vida útil da senha de um usuário para expirar (em dia, 0 para desativar)', + 'pw_life_duration' => 'Palavras-passe de sessão expiram ao fim de xx dias (0 para desativar)', 'readme_open' => 'Abrir o arquivo README completo', 'read_only_account' => 'Somente Leitura', 'restore' => 'Recuperar', @@ -767,7 +767,7 @@ 'settings_ldap_ssl' => 'Usar SSL (LDAPS)', 'settings_ldap_tls' => 'Use LDAP a traves de TLS', 'settings_log_accessed' => 'Ativa registros de quem acessou aos itens', - 'settings_log_connections' => 'Guarda todos os inícios de sessão', + 'settings_log_connections' => 'Guarda registo de todos os inícios de sessão', 'settings_maintenance_mode' => 'Coloca TeamPass em modo de manutenção', 'settings_manager_edit' => 'Os Gerenciadores podem editar e apagar itens que estão autorizados a ver', 'settings_printing' => 'Habilita a opção de imprimir arquivos PDF', diff --git a/includes/language/portuguese_br.php b/includes/language/portuguese_br.php index 184540e34..a4af6eaf1 100755 --- a/includes/language/portuguese_br.php +++ b/includes/language/portuguese_br.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file portuguese_br.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/romanian.php b/includes/language/romanian.php index c407889bb..b546895e8 100755 --- a/includes/language/romanian.php +++ b/includes/language/romanian.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file romanian.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/russian.php b/includes/language/russian.php index f6a2df461..c294ee60f 100755 --- a/includes/language/russian.php +++ b/includes/language/russian.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file russian.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/spanish.php b/includes/language/spanish.php index e7f05a5be..9a7080155 100755 --- a/includes/language/spanish.php +++ b/includes/language/spanish.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file spanish.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -447,7 +447,7 @@ 'api_whitelist_ips' => 'Lista blanca de IPs de la API', 'api_whitelist_ips_tip' => 'Si no hay direcciones IP de clientes de la API enumeradas explícitamente aquí, cualquier dirección IP está autorizada.', 'email_share_item_subject' => '[TeamPass] Un elemento ha sido compartido con usted', - 'email_share_item_mail' => 'Hola,<br><br><u>#tp_user#</u> ha compartido con usted el elemento <b>#tp_item#</b><br>Pulse <a href=\'#tp_link#\'>aquí</a> para acceder.<br><br>Saludos.', + 'email_share_item_mail' => 'Hola,<br><br><u>#tp_user#</u> ha compartido con usted el elemento <b>#tp_item#</b><br>Pulse <a href="#tp_link#">aquí</a> para acceder.<br><br>Saludos.', 'index_maintenance_mode_admin' => 'Modo de mantenimiento activado. En este momento los usuarios no pueden acceder a TeamPass.', '2fa_authentication_selector' => 'Select a 2 factor authenticator method', 'upload_empty_file' => 'Upload empty file', diff --git a/includes/language/swedish.php b/includes/language/swedish.php index 4b6dfea49..35628e1e9 100755 --- a/includes/language/swedish.php +++ b/includes/language/swedish.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file swedish.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -447,7 +447,7 @@ 'api_whitelist_ips' => 'API IPs Whitelist', 'api_whitelist_ips_tip' => 'If no API client IP addresses are explicitly listed here, then any IP address is authorized.', 'email_share_item_subject' => 'A password item was shared with you', - 'email_share_item_mail' => 'Hello,

This is a generated email from Teampass passwords manager.

#tp_user# has shared with you the password item #tp_item#.

Click this link to access the item.


Greetings', + 'email_share_item_mail' => 'Hello,

This is a generated email from Teampass passwords manager.

#tp_user# has shared with you the password item #tp_item#.

Click this link to access the item.


Greetings', 'index_maintenance_mode_admin' => 'Maintenance mode is enabled. Users cannot sign in.', '2fa_authentication_selector' => 'Select a 2 factor authentication method', 'upload_empty_file' => 'Upload empty file', diff --git a/includes/language/turkish.php b/includes/language/turkish.php index 140e4e57d..eb41100e1 100755 --- a/includes/language/turkish.php +++ b/includes/language/turkish.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file turkish.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/ukrainian.php b/includes/language/ukrainian.php index 88944356e..11a7208d4 100755 --- a/includes/language/ukrainian.php +++ b/includes/language/ukrainian.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file ukrainian.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/includes/language/vietnamese.php b/includes/language/vietnamese.php index bbec2416a..0470d9bf7 100755 --- a/includes/language/vietnamese.php +++ b/includes/language/vietnamese.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file vietnamese.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/index.php b/index.php index ac9d13770..537437f5f 100755 --- a/index.php +++ b/index.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file index.php * --- * diff --git a/install/install.php b/install/install.php index 45b794062..f1a361fbf 100755 --- a/install/install.php +++ b/install/install.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file install.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -287,7 +287,7 @@ - The SaltKey is stored in a file called teampass-seckey.txt. For security reasons, this file should be stored in a folder outside the WWW folder of your server (example: /var/teampass/). This key will be used to encrypt data when sharing information with users without any Teampass account. If this field remains empty, this file will be stored in folder /includes/. + The SaltKey is stored in a file called teampass-seckey.txt and hashed for security purpose. For security reasons, this file should be stored in a folder outside the WWW folder of your server (example: /var/teampass/). This key will be used to encrypt data when sharing information with users without any Teampass account. If this field remains empty, this file will be stored in folder /includes/. diff --git a/install/install.queries.php b/install/install.queries.php index 968d0b723..1635aca98 100755 --- a/install/install.queries.php +++ b/install/install.queries.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file install.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -1350,7 +1350,8 @@ function encryptFollowingDefuse($message, $ascii_key) if ($task === 'settings.php') { // first is to create teampass-seckey.txt // 0- check if exists - $filename_seckey = $securePath . '/teampass-seckey.txt'; + define('SECUREFILE', generateRandomKey(25)); + $filename_seckey = $securePath . '/' . SECUREFILE; if (file_exists($filename_seckey)) { if (!copy($filename_seckey, $filename_seckey . '.' . date('Y_m_d', mktime(0, 0, 0, (int) date('m'), (int) date('d'), (int) date('y'))))) { @@ -1424,6 +1425,7 @@ function encryptFollowingDefuse($message, $ascii_key) MYSQLI_OPT_CONNECT_TIMEOUT => 10 )); define("SECUREPATH", "' . $securePath . '"); +define("SECUREFILE", "' . SECUREFILE. '"); if (isset($_SESSION[\'settings\'][\'timezone\']) === true) { date_default_timezone_set($_SESSION[\'settings\'][\'timezone\']); diff --git a/install/migrate_users_to_v3.php b/install/migrate_users_to_v3.php index fa534e6c2..49d85f1ce 100755 --- a/install/migrate_users_to_v3.php +++ b/install/migrate_users_to_v3.php @@ -8,7 +8,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file migrate_users_to_v3.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/install/tp.functions.php b/install/tp.functions.php old mode 100755 new mode 100644 index a8b28f8be..b32de31cd --- a/install/tp.functions.php +++ b/install/tp.functions.php @@ -1,5 +1,91 @@ "'.DB_SSL['key'].'", + "cert" => "'.DB_SSL['cert'].'", + "ca_cert" => ""'.DB_SSL['ca_cert'].', + "ca_path" => "'.DB_SSL['ca_path'].'", + "cipher" => "'.DB_SSL['cipher'].'" +)); +define("DB_CONNECT_OPTIONS", array( + MYSQLI_OPT_CONNECT_TIMEOUT => 10 +)); +define("SECUREPATH", "' . str_replace('\\', '\\\\', SECUREPATH) . '"); +define("SECUREFILE", "' . SECUREFILE. '");'; + + if (defined('IKEY') === true) $settingsTxt .= ' +define("IKEY", "' . IKEY . '");'; + else $settingsTxt .= ' +define("IKEY", "");'; + if (defined('SKEY') === true) $settingsTxt .= ' +define("SKEY", "' . SKEY . '");'; + else $settingsTxt .= ' +define("SKEY", "");'; + if (defined('HOST') === true) $settingsTxt .= ' +define("HOST", "' . HOST . '");'; + else $settingsTxt .= ' +define("HOST", "");'; + + + $settingsTxt .= ' + +if (isset($_SESSION[\'settings\'][\'timezone\']) === true) { + date_default_timezone_set($_SESSION[\'settings\'][\'timezone\']); +} +'; + + $fileCreation = fwrite( + $file_handled, + utf8_encode($settingsTxt) + ); + + fclose($file_handled); + sleep(3); + if ($fileCreation === false) { + return [ + 'error' => true, + 'message' => 'Setting.php file could not be created in /includes/config/ folder. Please check the path and the rights.', + ]; + } + + return [ + 'error' => false, + 'message' => '' + ]; + } +} /** * Undocumented function @@ -37,7 +123,8 @@ function defuseCryption($message, $ascii_key, $type) // init $err = ''; if (empty($ascii_key) === true) { - $ascii_key = file_get_contents(SECUREPATH.'/teampass-seckey.txt'); + // new check - 3.0.0.23 + $ascii_key = file_get_contents(SECUREPATH.'/'.SECUREFILE); } // convert KEY diff --git a/install/upgrade.php b/install/upgrade.php index e785673bb..b07964958 100755 --- a/install/upgrade.php +++ b/install/upgrade.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upgrade.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/install/upgrade_ajax.php b/install/upgrade_ajax.php old mode 100755 new mode 100644 index 13f37c0dd..613bf51e9 --- a/install/upgrade_ajax.php +++ b/install/upgrade_ajax.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upgrade_ajax.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -175,6 +175,7 @@ MYSQLI_OPT_CONNECT_TIMEOUT => 10 )); define("SECUREPATH", "' . str_replace('\\', '\\\\', SECUREPATH) . '");'; +define("SECUREFILE", "' . SECUREFILE. '"); if (defined('IKEY') === true) $settingsTxt .= ' define("IKEY", "' . IKEY . '");'; @@ -221,6 +222,7 @@ } } + // Test DB connexion $pass = defuse_return_decrypted(DB_PASSWD); $server = DB_HOST; @@ -852,17 +854,6 @@ // Manage saltkey.txt file if (empty($post_sk_path) === false || defined('SECUREPATH') === true) { - /* - $filename = (empty($post_sk_path) === false ? $post_sk_path : SECUREPATH).'/teampass-seckey.txt'; - if (file_exists($filename)) { - $newfile = str_replace('teampass-seckey.txt', time()); - rename($filename, $newfile); - unlink($filename); - echo '$("#step5_saltkeyFile").html("You can remove file '.$newfile.'");'; - } else { - echo '$("#step5_saltkeyFile").html("Nothing done");'; - } - */ array_push( $returnStatus, array( diff --git a/install/upgrade_run_3.0.0.php b/install/upgrade_run_3.0.0.php old mode 100755 new mode 100644 index 586e3be7b..04f51ea2f --- a/install/upgrade_run_3.0.0.php +++ b/install/upgrade_run_3.0.0.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upgrade_run_3.0.0.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -35,6 +35,15 @@ require_once 'tp.functions.php'; require_once 'libs/aesctr.php'; require_once '../includes/config/tp.config.php'; + +// 3.0.0.23 +$ret = handleSecurefileConstant(); +if ($ret['error'] === true) { + echo '[{"finish":"1", "msg":"", "error":"'.$ret['message'].'"}]'; + exit(); +} + +// Get the encrypted password define('DB_PASSWD_CLEAR', defuse_return_decrypted(DB_PASSWD)); //Build tree @@ -76,6 +85,8 @@ } + + // Load libraries require_once '../includes/libraries/protect/SuperGlobal/SuperGlobal.php'; $superGlobal = new protect\SuperGlobal\SuperGlobal(); diff --git a/install/upgrade_run_3.0.0_fields.php b/install/upgrade_run_3.0.0_fields.php index 8440887b7..3788c0cba 100755 --- a/install/upgrade_run_3.0.0_fields.php +++ b/install/upgrade_run_3.0.0_fields.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upgrade_run_3.0.0_fields.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/install/upgrade_run_3.0.0_files.php b/install/upgrade_run_3.0.0_files.php index 3f83d8db3..328a2094d 100755 --- a/install/upgrade_run_3.0.0_files.php +++ b/install/upgrade_run_3.0.0_files.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upgrade_run_3.0.0_files.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -149,19 +149,8 @@ // Is this file encrypted? // Force all files to be encrypted if ($file_info['status'] === 'encrypted') { - // load PhpEncryption library - /*include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/Encryption/'.'Crypto.php'; - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/Encryption/'.'Encoding.php'; - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/Encryption/'.'DerivedKeys.php'; - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/Encryption/'.'Key.php'; - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/Encryption/'.'KeyOrPassword.php'; - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/Encryption/'.'File.php'; - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/Encryption/'.'RuntimeTests.php'; - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/Encryption/'.'KeyProtectedByPassword.php'; - include_once $SETTINGS['cpassman_dir'].'/includes/libraries/Encryption/Encryption/'.'Core.php';*/ - // get KEY - $ascii_key = file_get_contents(SECUREPATH.'/teampass-seckey.txt'); + $ascii_key = file_get_contents(SECUREPATH.'/'.SECUREFILE); // Now decrypt the file $err = ''; diff --git a/install/upgrade_run_3.0.0_logs.php b/install/upgrade_run_3.0.0_logs.php index e1a8b7600..230b42473 100755 --- a/install/upgrade_run_3.0.0_logs.php +++ b/install/upgrade_run_3.0.0_logs.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upgrade_run_3.0.0_logs.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/install/upgrade_run_3.0.0_passwords.php b/install/upgrade_run_3.0.0_passwords.php index e56691a9e..92bd65c26 100755 --- a/install/upgrade_run_3.0.0_passwords.php +++ b/install/upgrade_run_3.0.0_passwords.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upgrade_run_3.0.0_passwords.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/install/upgrade_run_3.0.0_suggestions.php b/install/upgrade_run_3.0.0_suggestions.php index e34dd277c..f21a989ed 100755 --- a/install/upgrade_run_3.0.0_suggestions.php +++ b/install/upgrade_run_3.0.0_suggestions.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upgrade_run_3.0.0_suggestions.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/install/upgrade_run_3.0.0_users.php b/install/upgrade_run_3.0.0_users.php index d647e7c14..29e06a769 100755 --- a/install/upgrade_run_3.0.0_users.php +++ b/install/upgrade_run_3.0.0_users.php @@ -8,7 +8,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upgrade_run_3.0.0_users.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/install/upgrade_scripts_manager.php b/install/upgrade_scripts_manager.php index 3aed077a0..b4dd19871 100755 --- a/install/upgrade_scripts_manager.php +++ b/install/upgrade_scripts_manager.php @@ -7,7 +7,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upgrade_scripts_manager.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/pages/2fa.js.php b/pages/2fa.js.php index 493d84ee9..36f972739 100755 --- a/pages/2fa.js.php +++ b/pages/2fa.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file 2fa.js.php * --- * diff --git a/pages/2fa.php b/pages/2fa.php index a01d58988..fb5d29a7f 100755 --- a/pages/2fa.php +++ b/pages/2fa.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file 2fa.php * --- * diff --git a/pages/actions.js.php b/pages/actions.js.php index f89b127fb..04645bbc2 100755 --- a/pages/actions.js.php +++ b/pages/actions.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file actions.js.php * --- * diff --git a/pages/actions.php b/pages/actions.php index d5a3320c9..2b10ac301 100755 --- a/pages/actions.php +++ b/pages/actions.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file actions.php * --- * diff --git a/pages/admin.js.php b/pages/admin.js.php index 6dae8e98a..e55a6fda5 100755 --- a/pages/admin.js.php +++ b/pages/admin.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file admin.js.php * --- * diff --git a/pages/admin.php b/pages/admin.php index 39d90fcbd..75a6756d1 100755 --- a/pages/admin.php +++ b/pages/admin.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file admin.php * --- * diff --git a/pages/api.js.php b/pages/api.js.php index a1098fa90..50ca683e2 100755 --- a/pages/api.js.php +++ b/pages/api.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file api.js.php * --- * diff --git a/pages/api.php b/pages/api.php index 9e96788a6..8efd8edc2 100755 --- a/pages/api.php +++ b/pages/api.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file api.php * --- * diff --git a/pages/backups.js.php b/pages/backups.js.php index f73efd1cf..7f8f71f49 100755 --- a/pages/backups.js.php +++ b/pages/backups.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file backups.js.php * --- * diff --git a/pages/backups.php b/pages/backups.php index 7b2150221..d38ac00b5 100755 --- a/pages/backups.php +++ b/pages/backups.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file backups.php * --- * diff --git a/pages/emails.js.php b/pages/emails.js.php index 1d4a599f3..463a57472 100755 --- a/pages/emails.js.php +++ b/pages/emails.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file emails.js.php * --- * diff --git a/pages/emails.php b/pages/emails.php index 250963311..988848650 100755 --- a/pages/emails.php +++ b/pages/emails.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file emails.php * --- * diff --git a/pages/export.js.php b/pages/export.js.php index 867658607..b665744c4 100755 --- a/pages/export.js.php +++ b/pages/export.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file export.js.php * --- * diff --git a/pages/export.php b/pages/export.php index 60ed3588c..ae5dc327f 100755 --- a/pages/export.php +++ b/pages/export.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file export.php * --- * diff --git a/pages/favorites.js.php b/pages/favorites.js.php index 711a2033d..1d33c9122 100755 --- a/pages/favorites.js.php +++ b/pages/favorites.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file favorites.js.php * --- * diff --git a/pages/favourites.php b/pages/favourites.php index 014e597cf..487fcb511 100755 --- a/pages/favourites.php +++ b/pages/favourites.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file favourites.php * --- * diff --git a/pages/fields.js.php b/pages/fields.js.php index a252b542d..12e168856 100755 --- a/pages/fields.js.php +++ b/pages/fields.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file fields.js.php * --- * diff --git a/pages/fields.php b/pages/fields.php index 5c32057e3..0b8e3ed4c 100755 --- a/pages/fields.php +++ b/pages/fields.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file fields.php * --- * diff --git a/pages/folders.js.php b/pages/folders.js.php index 43e2586db..f86bb7af1 100755 --- a/pages/folders.js.php +++ b/pages/folders.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file folders.js.php * --- * diff --git a/pages/folders.php b/pages/folders.php index d00e9e1c6..4ab321642 100755 --- a/pages/folders.php +++ b/pages/folders.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file folders.php * --- * diff --git a/pages/import.js.php b/pages/import.js.php index 5f7e2e575..338a2c555 100755 --- a/pages/import.js.php +++ b/pages/import.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file import.js.php * --- * diff --git a/pages/import.php b/pages/import.php index 79783bdde..f8c7b7e87 100755 --- a/pages/import.php +++ b/pages/import.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file import.php * --- * diff --git a/pages/items.js.php b/pages/items.js.php index f5550650f..d878e21ea 100755 --- a/pages/items.js.php +++ b/pages/items.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file items.js.php * --- * @@ -4116,6 +4116,35 @@ function(teampassApplication) { } + function checkAccess(itemId, treeId, userId) + { + var data = { + 'itemId': parseInt(itemId), + 'treeId': parseInt(treeId), + 'userId': parseInt(userId), + }; + + //Send query + $.post( + 'sources/items.queries.php', { + type: 'check_current_access_rights', + data: prepareExchangedData(JSON.stringify(data), 'encode', ''), + key: '' + }, + function(data) { + //decrypt data + data = decodeQueryReturn(data, '', 'items.queries.php', 'show_details_item'); + requestRunning = true; + if (debugJavascript === true) { + console.log("DEBUG: checkAccess"); + console.log(data); + } + + + return false; + } + ); + } /** @@ -4124,14 +4153,6 @@ function(teampassApplication) { function Details(itemDefinition, actionType, hotlink = false) { if (debugJavascript === true) console.info('EXPECTED ACTION on ' + itemDefinition + ' is ' + actionType + ' -- ') - // Store current view - savePreviousView(); - - if (debugJavascript === true) console.log("Request is running: " + requestRunning) - - // Store status query running - requestRunning = true; - // Init if (hotlink === false) { var itemId = parseInt($(itemDefinition).data('item-id')) || ''; @@ -4155,6 +4176,28 @@ function Details(itemDefinition, actionType, hotlink = false) { var itemRights = parseInt($(itemDefinition).data('item-rights')) || 10; } + // check if user still has access + if (checkAccess(itemId, itemTreeId, ) === false) { + toastr.remove(); + toastr.warning( + '', + '', { + timeOut: 5000, + progressBar: true + } + ); + + // Finished + return false; + } + + // Store current view + savePreviousView(); + + if (debugJavascript === true) console.log("Request is running: " + requestRunning) + + // Store status query running + requestRunning = true; userDidAChange = false; // Select tab#1 diff --git a/pages/items.php b/pages/items.php index 03f6a4696..aafb76037 100755 --- a/pages/items.php +++ b/pages/items.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file items.php * --- * diff --git a/pages/kb.php b/pages/kb.php index 49ca141dd..49b43af68 100755 --- a/pages/kb.php +++ b/pages/kb.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file kb.php * --- * diff --git a/pages/ldap.js.php b/pages/ldap.js.php index 3f8f4495e..a5b213879 100755 --- a/pages/ldap.js.php +++ b/pages/ldap.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file ldap.js.php * --- * diff --git a/pages/ldap.php b/pages/ldap.php index 8848af5c9..64bdf2119 100755 --- a/pages/ldap.php +++ b/pages/ldap.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file ldap.php * --- * diff --git a/pages/offline.js.php b/pages/offline.js.php index e9b52c8d2..555463aba 100755 --- a/pages/offline.js.php +++ b/pages/offline.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file offline.js.php * --- * diff --git a/pages/offline.php b/pages/offline.php index 571cd1aa6..3c1da73a6 100755 --- a/pages/offline.php +++ b/pages/offline.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file offline.php * --- * diff --git a/pages/options.js.php b/pages/options.js.php index 437b80ea7..f5f0c9d52 100755 --- a/pages/options.js.php +++ b/pages/options.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file options.js.php * --- * diff --git a/pages/options.php b/pages/options.php index dd8ae7599..162c287e2 100755 --- a/pages/options.php +++ b/pages/options.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file options.php * --- * diff --git a/pages/profile.js.php b/pages/profile.js.php index c65c3bafd..a37c33249 100755 --- a/pages/profile.js.php +++ b/pages/profile.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file profile.js.php * --- * diff --git a/pages/profile.php b/pages/profile.php index 13a3f4eaa..ecab712d8 100755 --- a/pages/profile.php +++ b/pages/profile.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file profile.php * --- * diff --git a/pages/roles.js.php b/pages/roles.js.php index d625fc436..ac6e42e3c 100755 --- a/pages/roles.js.php +++ b/pages/roles.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file roles.js.php * --- * diff --git a/pages/roles.php b/pages/roles.php index 20413c8b4..f4aaaf10e 100755 --- a/pages/roles.php +++ b/pages/roles.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file roles.php * --- * diff --git a/pages/search.js.php b/pages/search.js.php index 3956c114e..d4ca87a8c 100755 --- a/pages/search.js.php +++ b/pages/search.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * * @file search.js.php * --- diff --git a/pages/search.php b/pages/search.php index 637e2e651..01139a6f7 100755 --- a/pages/search.php +++ b/pages/search.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file search.php * --- * diff --git a/pages/special.php b/pages/special.php index 24f2656ef..10a2acb98 100755 --- a/pages/special.php +++ b/pages/special.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file special.php * --- * diff --git a/pages/statistics.js.php b/pages/statistics.js.php index bdb2277b8..eb7876d56 100755 --- a/pages/statistics.js.php +++ b/pages/statistics.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file statistics.js.php * --- * diff --git a/pages/statistics.php b/pages/statistics.php index a0badbbdc..31c00f45b 100755 --- a/pages/statistics.php +++ b/pages/statistics.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file statistics.php * --- * diff --git a/pages/suggestion.php b/pages/suggestion.php index f0b6cc24a..8fd511709 100755 --- a/pages/suggestion.php +++ b/pages/suggestion.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file suggestion.php * --- * diff --git a/pages/tasks.js.php b/pages/tasks.js.php index 1c8724976..63d1a4039 100755 --- a/pages/tasks.js.php +++ b/pages/tasks.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file tasks.js.php * --- * diff --git a/pages/tasks.php b/pages/tasks.php index 373bacebf..30899c015 100755 --- a/pages/tasks.php +++ b/pages/tasks.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file tasks.php * --- * diff --git a/pages/uploads.js.php b/pages/uploads.js.php index fa933d97a..2380c7f54 100755 --- a/pages/uploads.js.php +++ b/pages/uploads.js.php @@ -8,7 +8,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file uploads.js.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/pages/uploads.php b/pages/uploads.php index f509d6270..c5922bc39 100755 --- a/pages/uploads.php +++ b/pages/uploads.php @@ -8,7 +8,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file uploads.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/pages/users.js.php b/pages/users.js.php index bc33c1f24..e3281f725 100755 --- a/pages/users.js.php +++ b/pages/users.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file users.js.php * --- * diff --git a/pages/users.php b/pages/users.php index ffde78956..8450d5d53 100755 --- a/pages/users.php +++ b/pages/users.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file users.php * --- * diff --git a/pages/utilities.database.js.php b/pages/utilities.database.js.php index d40f6422b..7f1707204 100755 --- a/pages/utilities.database.js.php +++ b/pages/utilities.database.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file utilities.database.js.php * --- * diff --git a/pages/utilities.database.php b/pages/utilities.database.php index 18277532c..e6110633f 100755 --- a/pages/utilities.database.php +++ b/pages/utilities.database.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file utilities.database.php * --- * diff --git a/pages/utilities.deletion.js.php b/pages/utilities.deletion.js.php index d95b90019..a98986f0f 100755 --- a/pages/utilities.deletion.js.php +++ b/pages/utilities.deletion.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file utilities.deletion.js.php * --- * diff --git a/pages/utilities.deletion.php b/pages/utilities.deletion.php index db1a73ece..2c083f913 100755 --- a/pages/utilities.deletion.php +++ b/pages/utilities.deletion.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file utilities.deletion.php * --- * diff --git a/pages/utilities.logs.js.php b/pages/utilities.logs.js.php index fed8fee14..276de04c4 100755 --- a/pages/utilities.logs.js.php +++ b/pages/utilities.logs.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file utilities.logs.js.php * --- * diff --git a/pages/utilities.logs.php b/pages/utilities.logs.php index 1efc8a13d..03a9eb168 100755 --- a/pages/utilities.logs.php +++ b/pages/utilities.logs.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file utilities.logs.php * --- * diff --git a/pages/utilities.php b/pages/utilities.php index 11356c8df..7a404d73b 100755 --- a/pages/utilities.php +++ b/pages/utilities.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file utilities.php * --- * diff --git a/pages/utilities.renewal.js.php b/pages/utilities.renewal.js.php index 057f1c8e4..841c43efc 100755 --- a/pages/utilities.renewal.js.php +++ b/pages/utilities.renewal.js.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file utilities.renewal.js.php * --- * diff --git a/pages/utilities.renewal.php b/pages/utilities.renewal.php index bfdb17d11..a474b32f1 100755 --- a/pages/utilities.renewal.php +++ b/pages/utilities.renewal.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file utilities.renewal.php * --- * diff --git a/sources/admin.queries.php b/sources/admin.queries.php index 4c520c7bd..74a70b351 100755 --- a/sources/admin.queries.php +++ b/sources/admin.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file admin.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -1048,7 +1048,7 @@ // Check KEY if ($post_key !== $_SESSION['key']) { echo prepareExchangedData( - $SETTINGS['cpassman_dir'], + $SETTINGS['cpassman_dir'], array( 'error' => true, 'message' => langHdl('key_is_not_correct'), @@ -1060,7 +1060,7 @@ // Is admin? if ($_SESSION['is_admin'] === true) { echo prepareExchangedData( - $SETTINGS['cpassman_dir'], + $SETTINGS['cpassman_dir'], array( 'error' => true, 'message' => langHdl('error_not_allowed_to'), @@ -1074,22 +1074,22 @@ require_once 'main.functions.php'; // store old sk - $_SESSION['reencrypt_old_salt'] = file_get_contents(SECUREPATH . '/teampass-seckey.txt'); + $_SESSION['reencrypt_old_salt'] = file_get_contents(SECUREPATH.'/'.SECUREFILE); // generate new saltkey - $old_sk_filename = SECUREPATH . '/teampass-seckey.txt.' . date('Y_m_d', mktime(0, 0, 0, (int) date('m'), (int) date('d'), (int) date('y'))) . '.' . time(); + $old_sk_filename = SECUREPATH.'/'.SECUREFILE . date('Y_m_d', mktime(0, 0, 0, (int) date('m'), (int) date('d'), (int) date('y'))) . '.' . time(); copy( - SECUREPATH . '/teampass-seckey.txt', + SECUREPATH.'/'.SECUREFILE, $old_sk_filename ); $new_key = defuse_generate_key(); file_put_contents( - SECUREPATH . '/teampass-seckey.txt', + SECUREPATH.'/'.SECUREFILE, $new_key ); // store new sk - $_SESSION['reencrypt_new_salt'] = file_get_contents(SECUREPATH . '/teampass-seckey.txt'); + $_SESSION['reencrypt_new_salt'] = file_get_contents(SECUREPATH.'/'.SECUREFILE); //put tool in maintenance. DB::update( @@ -1592,7 +1592,7 @@ // Send back echo prepareExchangedData( - $SETTINGS['cpassman_dir'], + $SETTINGS['cpassman_dir'], array( 'error' => false, 'message' => '', @@ -1609,7 +1609,7 @@ // Check KEY if ($post_key !== $_SESSION['key']) { echo prepareExchangedData( - $SETTINGS['cpassman_dir'], + $SETTINGS['cpassman_dir'], array( 'error' => true, 'message' => langHdl('key_is_not_correct'), @@ -1621,7 +1621,7 @@ // Is admin? if ($_SESSION['is_admin'] === true) { echo prepareExchangedData( - $SETTINGS['cpassman_dir'], + $SETTINGS['cpassman_dir'], array( 'error' => true, 'message' => langHdl('error_not_allowed_to'), @@ -1660,10 +1660,10 @@ // restore saltkey file if (file_exists($previous_saltkey_filename)) { - unlink(SECUREPATH . '/teampass-seckey.txt'); + unlink(SECUREPATH.'/'.SECUREFILE); rename( $previous_saltkey_filename, - SECUREPATH . '/teampass-seckey.txt' + SECUREPATH.'/'.SECUREFILE ); } @@ -1672,7 +1672,7 @@ // Send back echo prepareExchangedData( - $SETTINGS['cpassman_dir'], + $SETTINGS['cpassman_dir'], array( 'error' => false, 'message' => '', diff --git a/sources/aes.functions.php b/sources/aes.functions.php index f97665e0c..0bdd722a7 100755 --- a/sources/aes.functions.php +++ b/sources/aes.functions.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file aes.functions.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/background.php b/sources/background.php index 7114c6199..bf8e729a2 100755 --- a/sources/background.php +++ b/sources/background.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file users.background.php * --- * diff --git a/sources/backups.queries.php b/sources/backups.queries.php index c35ffc2c6..ccf79ec6e 100755 --- a/sources/backups.queries.php +++ b/sources/backups.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file backups.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/checks.php b/sources/checks.php index 2977b1317..a46c7f135 100755 --- a/sources/checks.php +++ b/sources/checks.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file checks.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/core.php b/sources/core.php index f2efb7e4b..9fcfa051b 100755 --- a/sources/core.php +++ b/sources/core.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file core.php * --- * diff --git a/sources/downloadFile.php b/sources/downloadFile.php index 8688cf8c2..13b0ab82e 100755 --- a/sources/downloadFile.php +++ b/sources/downloadFile.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file downloadFile.php * --- * diff --git a/sources/expired.datatables.php b/sources/expired.datatables.php index ac918b812..d9239b01d 100755 --- a/sources/expired.datatables.php +++ b/sources/expired.datatables.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file expired.datatables.php * --- * diff --git a/sources/export.queries.php b/sources/export.queries.php index f419a57a0..16a768a4f 100755 --- a/sources/export.queries.php +++ b/sources/export.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file export.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -251,7 +251,7 @@ 'email' => $record['email'] !== 'none' ? (is_null($record['email']) === false ? cleanStringForExport($record['email']) : '') : '', 'kbs' => implode(' | ', $arr_kbs), 'tags' => implode(' ', $arr_tags), - 'folder' => implode(' > ', $arr_trees), + 'folder' => implode('/', $arr_trees), ); ++$i; diff --git a/sources/favourites.queries.php b/sources/favourites.queries.php index 5bab1ddea..681b15ac3 100755 --- a/sources/favourites.queries.php +++ b/sources/favourites.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file favourites.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/fields.queries.php b/sources/fields.queries.php index 35c1dfb9d..3ee1151e3 100755 --- a/sources/fields.queries.php +++ b/sources/fields.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file fields.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/find.queries.php b/sources/find.queries.php index 7c0b93575..5db827f35 100755 --- a/sources/find.queries.php +++ b/sources/find.queries.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file find.queries.php * --- * diff --git a/sources/folders.datatable.php b/sources/folders.datatable.php index ad839e869..cb4bed685 100755 --- a/sources/folders.datatable.php +++ b/sources/folders.datatable.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file folders.datatable.php * --- * diff --git a/sources/folders.queries.php b/sources/folders.queries.php index 66da9c4df..c7b9e588c 100755 --- a/sources/folders.queries.php +++ b/sources/folders.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file folders.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/identify.php b/sources/identify.php index c0d4bed3b..b18b070b1 100755 --- a/sources/identify.php +++ b/sources/identify.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file identify.php * --- * diff --git a/sources/import.queries.php b/sources/import.queries.php index 9ef08a408..25eac4ae7 100755 --- a/sources/import.queries.php +++ b/sources/import.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file import.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/items.logs.php b/sources/items.logs.php index 46cdacc71..7cd4a5900 100755 --- a/sources/items.logs.php +++ b/sources/items.logs.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file items.logs.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/items.queries.php b/sources/items.queries.php index 1100ac45a..91221f126 100755 --- a/sources/items.queries.php +++ b/sources/items.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file items.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -6005,6 +6005,7 @@ break; } $arr_data = []; + $arr_folders = []; // decrypt and retreive data in JSON format $dataReceived = prepareExchangedData( @@ -6125,6 +6126,7 @@ $arr_data['folders'][$inc]['disabled'] = $disabled; $arr_data['folders'][$inc]['parent_id'] = (int) $folder->parent_id; $arr_data['folders'][$inc]['perso'] = (int) $folder->personal_folder; + //array_push($arr_folders, (int) $folder->id); // Is this folder an active folders? (where user can do something) $is_visible_active = 0; @@ -6140,6 +6142,7 @@ } } } + /* if (isset($arr_data['folders']) === true) { // save to cache_tree cacheTreeUserHandler( @@ -6148,7 +6151,16 @@ $SETTINGS, 'visible_folders', ); + + // save to cache_tree + cacheTreeUserHandler( + (int) $_SESSION['user_id'], + json_encode($arr_folders), + $SETTINGS, + 'folders', + ); } + */ // send data echo (string) prepareExchangedData( @@ -6788,6 +6800,61 @@ 'encode' ); + break; + + /* + * CASE + * check_current_access_rights + */ + case 'check_current_access_rights': + // Check KEY + if ($inputData['key'] !== $_SESSION['key']) { + echo (string) prepareExchangedData( + $SETTINGS['cpassman_dir'], + array( + 'error' => 'key_not_conform', + 'message' => langHdl('key_is_not_correct'), + ), + 'encode' + ); + break; + } + // decrypt and retrieve data in JSON format + $dataReceived = prepareExchangedData( + $SETTINGS['cpassman_dir'], + $inputData['data'], + 'decode' + ); + + // prepare variables + $inputData['userId'] = (int) filter_var($dataReceived['userId'], FILTER_SANITIZE_NUMBER_INT); + $inputData['itemId'] = (int) filter_var($dataReceived['itemId'], FILTER_SANITIZE_NUMBER_INT); + $inputData['treeId'] = (int) filter_var($dataReceived['treeId'], FILTER_SANITIZE_NUMBER_INT); + + $data = DB::queryFirstRow( + 'SELECT visible_folders + FROM ' . prefixTable('cache_tree') . ' WHERE user_id = %i', + $inputData['userId'] + ); + // Check if tree ID is in visible folders. + if (null !== $data['visible_folders']) { + $arr = json_decode($data['visible_folders'], true); + $ids = array_column($arr, 'id'); + } + + + $data = array( + 'error' => false, + 'access' => isset($inputData['treeId']) === true && in_array($inputData['treeId'], $ids) === true ? true : false, + ); + + // send data + echo (string) prepareExchangedData( + $SETTINGS['cpassman_dir'], + $data, + 'encode' + ); + break; } } diff --git a/sources/ldap.queries.php b/sources/ldap.queries.php index 5e0175b4e..50bcde1bb 100755 --- a/sources/ldap.queries.php +++ b/sources/ldap.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file ldap.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/logs.datatables.php b/sources/logs.datatables.php index 219091860..83fff7367 100755 --- a/sources/logs.datatables.php +++ b/sources/logs.datatables.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file logs.datatables.php * --- * diff --git a/sources/main.functions.php b/sources/main.functions.php index 0b06d53a3..a16e07ea2 100755 --- a/sources/main.functions.php +++ b/sources/main.functions.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file main.functions.php * --- * @@ -125,7 +125,7 @@ function bCrypt( */ function cryption(string $message, string $ascii_key, string $type, ?array $SETTINGS = []): array { - $ascii_key = empty($ascii_key) === true ? file_get_contents(SECUREPATH . '/teampass-seckey.txt') : $ascii_key; + $ascii_key = empty($ascii_key) === true ? file_get_contents(SECUREPATH.'/'.SECUREFILE) : $ascii_key; $err = false; $path = __DIR__.'/../includes/libraries/Encryption/Encryption/'; @@ -637,7 +637,7 @@ function identUser( foreach ($rows as $record) { //if (isset($record['id_tree'])) { $foldersLimited[$record['id_tree']][$inc] = $record['item_id']; - array_push($foldersLimitedFull, $record['item_id']); + array_push($foldersLimitedFull, $record['id_tree']); ++$inc; //} } @@ -651,7 +651,7 @@ function identUser( $noAccessPersonalFolders, $foldersLimitedFull, $allowedFoldersByRoles, - $restrictedFoldersForItems, + array_keys($restrictedFoldersForItems), $readOnlyFolders, $noAccessFolders, isset($SETTINGS['enable_pf_feature']) === true ? $SETTINGS['enable_pf_feature'] : 0, @@ -1293,7 +1293,7 @@ function prepareSendingEmail( 'receivers' => $email, 'body' => $body, 'receiver_name' => $receiverName, - ]), + ], JSON_HEX_QUOT | JSON_HEX_TAG), 'updated_at' => '', 'finished_at' => '', 'output' => '', @@ -1433,7 +1433,7 @@ function buildEmail( foreach (array_filter(explode(',', $email)) as $dest) { $mail->addAddress($dest); } - + // Prepare HTML $text_html = emailBody($textMail); $mail->WordWrap = 80; @@ -2301,7 +2301,7 @@ function prepareFileWithDefuse( $target_file = $antiXss->xss_clean($target_file); if (empty($password) === true || is_null($password) === true) { // get KEY to define password - $ascii_key = file_get_contents(SECUREPATH . '/teampass-seckey.txt'); + $ascii_key = file_get_contents(SECUREPATH.'/'.SECUREFILE); $password = \Defuse\Crypto\Key::loadFromAsciiSafeString($ascii_key); } diff --git a/sources/main.queries.php b/sources/main.queries.php index 89bb6acb1..a26026e33 100755 --- a/sources/main.queries.php +++ b/sources/main.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file main.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/roles.queries.php b/sources/roles.queries.php index 004af8829..e5c702f16 100755 --- a/sources/roles.queries.php +++ b/sources/roles.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file roles.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) @@ -251,6 +251,40 @@ } } + /* + // update folders rights for users in cache_tree + // Requested for real-time changes + $rows = DB::query( + 'SELECT increment_id, folders + FROM ' . prefixTable('cache_tree'), + ); + + foreach($rows as $row) { + if ($row['folders'] === '' || $post_selectedFolders === null) { + continue; + } + // get visible folders + $arr = json_decode($row['folders'], true); + + foreach($arr as $folder) { + if (in_array($folder, $post_selectedFolders) === true) { + unset($arr[$folder]); + } + } + print_r($arr); + + // update + /*DB::update( + prefixTable('cache_tree'), + array( + 'folders' => json_encode($arr), + ), + 'increment_id = %i', + $row['increment_id'] + );*/ + } + */ + echo prepareExchangedData( $SETTINGS['cpassman_dir'], array( diff --git a/sources/scheduler.php b/sources/scheduler.php index 811547385..ac74ddcbd 100755 --- a/sources/scheduler.php +++ b/sources/scheduler.php @@ -8,7 +8,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file scheduler.php * --- * diff --git a/sources/tree.php b/sources/tree.php index 263712ad3..1361efbcf 100755 --- a/sources/tree.php +++ b/sources/tree.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file tree.php * * @author Nils Laumaillé (nils@teampass.net) @@ -251,8 +251,17 @@ function showFolderToUser( array $listRestrictedFoldersForItemsKeys ): bool { - $big_array = array_diff(array_unique(array_merge($session_groupes_visibles, $listFoldersLimitedKeys, $listRestrictedFoldersForItemsKeys), SORT_NUMERIC), $session_forbiden_pfs); - //print_r($session_groupes_visibles); + $big_array = array_diff( + array_unique( + array_merge( + $session_groupes_visibles, + $listFoldersLimitedKeys, + $listRestrictedFoldersForItemsKeys + ), + SORT_NUMERIC + ), + $session_forbiden_pfs + ); if ($nodeId === 0 || in_array($nodeId, $big_array) === true) { return true; } diff --git a/sources/upload.attachments.php b/sources/upload.attachments.php index dc79d5251..ae255ba41 100755 --- a/sources/upload.attachments.php +++ b/sources/upload.attachments.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upload.attachments.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/upload.files.php b/sources/upload.files.php index 21bde8be2..e1e84d2c1 100755 --- a/sources/upload.files.php +++ b/sources/upload.files.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file upload.files.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/user.logs.datatables.php b/sources/user.logs.datatables.php index 261450c78..c0ef94d7c 100755 --- a/sources/user.logs.datatables.php +++ b/sources/user.logs.datatables.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file user.logs.datatables.php * --- * diff --git a/sources/users.datatable.php b/sources/users.datatable.php index 2583a306e..b9536fc98 100755 --- a/sources/users.datatable.php +++ b/sources/users.datatable.php @@ -11,7 +11,7 @@ * --- * * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file users.datatable.php * --- * diff --git a/sources/users.queries.php b/sources/users.queries.php index c1a6620fa..3e41cdbab 100755 --- a/sources/users.queries.php +++ b/sources/users.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file users.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/utilities.queries.php b/sources/utilities.queries.php index 0c15d2eef..fb512f9dc 100755 --- a/sources/utilities.queries.php +++ b/sources/utilities.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file utilities.queries.php * --- * @author Nils Laumaillé (nils@teampass.net) diff --git a/sources/utils.queries.php b/sources/utils.queries.php index d0163c7c1..3128049da 100755 --- a/sources/utils.queries.php +++ b/sources/utils.queries.php @@ -10,7 +10,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * --- * @project Teampass - * @version 3.0.0.22 + * @version 3.0.0.23 * @file utils.queries.php * --- * @author Nils Laumaillé (nils@teampass.net)