Skip to content

Commit

Permalink
2.1.26
Browse files Browse the repository at this point in the history 
Fix for #1300, #1310
Adapted DB structure for errors related to MySQL 5.7.x
SQL error shown when error fires at server level (through usage of a Developer Console)
  • Loading branch information
@nilsteampassnet
nilsteampassnet committed Jun 4, 2016
1 parent 3836f7c commit ae62966
Show file tree
Hide file tree
Showing 5 changed files with 98 additions and 87 deletions.
3 changes: 2 additions & 1 deletion changelog.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
Last changes
2.1.26
#1310 Addes Estonian language
#1308 Teampass hangs when a folder is create with option "New sub-folder inherits rights from parent folder" enabled
#1300 After 3 bad login attempts, user needs to wait 10s before new try
#1299 Export to pdf or csv shows htmlencoded
#1298 Backup-filename on 2.1.26 contains /
#1284 fix for can_manage_all_users update during upgrade
Expand Down Expand Up @@ -32,7 +34,6 @@ Last changes
NEW: Server user password change through SSH connection
NEW: Upgrade database handler improved for better upgrades management
NEW: New user right added for managing all users (super Manager)
NEW: After 3 bad login attempts, user needs to wait 10s before new try
FIX: If expiration engaged and password is changed, the warning is still present.
FIX: New suggestion folder could remain empty in some specific cases.
FIX: By creating a role, this new one is directly visible by creator.
Expand Down
8 changes: 5 additions & 3 deletions includes/libraries/Database/Meekrodb/db.class.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -609,11 +609,13 @@ protected function queryHelper() {
// ----- BEGIN ERROR HANDLING
if (!$sql || $db->error) {
if ($this->error_handler) {
$db_error = $db->error;
$db_errno = $db->errno;
$db->query(
"INSERT INTO ".$GLOBALS['pre']."log_system SET
date=".time().",
qui=".$_SESSION['user_id'].",
label='".addslashes($sql)."<br />".addslashes($db->error)."@".$_SERVER['REQUEST_URI']."',
label='Query: ".addslashes($sql)."<br />Error: ".addslashes($db_error)."<br />@ ".$_SERVER['REQUEST_URI']."',
type='error'",
MYSQLI_USE_RESULT
);
Expand All @@ -623,8 +625,8 @@ protected function queryHelper() {
call_user_func($error_handler, array(
'type' => 'sql',
'query' => $sql,
'error' => $db->error,
'code' => $db->errno
'error' => $db_error,
'code' => $db_errno
));
}

Expand Down
12 changes: 6 additions & 6 deletions install/install.queries.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -231,17 +231,17 @@ function chmod_r($dir, $dirPermissions, $filePermissions) {
$mysqli_result = mysqli_query($dbTmp,
"CREATE TABLE IF NOT EXISTS `".$var['tbl_prefix']."items` (
`id` int(12) NOT null AUTO_INCREMENT,
`label` varchar(100) NOT NULL,
`label` varchar(250) NOT NULL,
`description` text NOT NULL,
`pw` text NOT NULL,
`pw_iv` text NOT NULL,
`pw_len` int(5) NOT NULL DEFAULT '0',
`url` varchar(250) DEFAULT NULL,
`url` varchar(500) DEFAULT NULL,
`id_tree` varchar(10) DEFAULT NULL,
`perso` tinyint(1) NOT null DEFAULT '0',
`login` varchar(200) DEFAULT NULL,
`inactif` tinyint(1) NOT null DEFAULT '0',
`restricted_to` varchar(200) NOT NULL,
`restricted_to` varchar(200) DEFAULT NULL,
`anyone_can_modify` tinyint(1) NOT null DEFAULT '0',
`email` varchar(100) DEFAULT NULL,
`notification` varchar(250) DEFAULT NULL,
Expand Down Expand Up @@ -506,12 +506,12 @@ function chmod_r($dir, $dirPermissions, $filePermissions) {
$mysqli_result = mysqli_query($dbTmp,
"CREATE TABLE IF NOT EXISTS `".$var['tbl_prefix']."cache` (
`id` int(12) NOT NULL,
`label` varchar(50) NOT NULL,
`label` varchar(250) NOT NULL,
`description` text NOT NULL,
`tags` text NOT NULL,
`tags` text DEFAULT NULL,
`id_tree` int(12) NOT NULL,
`perso` tinyint(1) NOT NULL,
`restricted_to` varchar(200) NOT NULL,
`restricted_to` varchar(200) DEFAULT NULL,
`login` varchar(200) DEFAULT NULL,
`folder` varchar(300) NOT NULL,
`author` varchar(50) NOT NULL,
Expand Down
9 changes: 8 additions & 1 deletion install/upgrade_run_2.1.26.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -154,11 +154,18 @@ function tableExists($tablename, $database = false)

// alter table Items
mysqli_query($dbTmp, "ALTER TABLE `".$_SESSION['tbl_prefix']."items` MODIFY complexity_level VARCHAR(3)");
mysqli_query($dbTmp, "ALTER TABLE `".$_SESSION['tbl_prefix']."items` MODIFY label VARCHAR(100)");
mysqli_query($dbTmp, "ALTER TABLE `".$_SESSION['tbl_prefix']."items` MODIFY url VARCHAR(500)");
mysqli_query($dbTmp, "ALTER TABLE `".$_SESSION['tbl_prefix']."items` MODIFY restricted_to DEFAULT NULL");

// alter table cache
mysqli_query($dbTmp, "ALTER TABLE `".$_SESSION['tbl_prefix']."cache` MODIFY label VARCHAR(100)");
mysqli_query($dbTmp, "ALTER TABLE `".$_SESSION['tbl_prefix']."cache` MODIFY restricted_to DEFAULT NULL");
mysqli_query($dbTmp, "ALTER TABLE `".$_SESSION['tbl_prefix']."cache` MODIFY tags DEFAULT NULL");

// add Estonia
mysqli_query($dbTmp, "INSERT INTO `".$_SESSION['tbl_prefix']."languages` VALUES (null, 'estonia', 'Estonia', 'ee', 'ee.png')");

This comment has been minimized.

Sign in to view

Copy link
@tehnotronic

tehnotronic Jun 4, 2016

Thank you for adding, but country name is Estonia, language is called "estonian" with "n" at the end.


// ensure CSRFP config file is ready
if (!isset($_SESSION['upgrade']['csrfp_config_file']) || $_SESSION['upgrade']['csrfp_config_file']) != 1) {
$csrfp_file_sample = "../includes/libraries/csrfp/libs/csrfp.config.sample.php";
Expand Down
153 changes: 77 additions & 76 deletions sources/import.queries.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -828,82 +828,83 @@ function recursiveKeepassXML($xmlRoot, $xmlLevel = 0)
"SELECT title FROM ".prefix_table("nested_tree")." WHERE id = %i",
intval($folderId)
);

// escape if folderId is empty
if (!empty($folderId)) {
$results .= " - Inserting\n";

// prepare PW
if ($import_perso == true) {
$encrypt = cryption($pw, $_SESSION['my_sk'], "", "encrypt");
} else {
$encrypt = cryption($pw, SALT, "", "encrypt");
}

//ADD item
DB::insert(
prefix_table("items"),
array(
'label' => stripslashes($item[KP_TITLE]),
'description' => stripslashes(str_replace($lineEndSeparator, '<br />', $item[KP_NOTES])),
'pw' => $encrypt['string'],
'pw_iv' => $encrypt['iv'],
'url' => stripslashes($item[KP_URL]),
'id_tree' => $folderId,
'login' => stripslashes($item[KP_USERNAME]),
'anyone_can_modify' => $_POST['import_kps_anyone_can_modify'] == "true" ? 1 : 0
)
);
$newId = DB::insertId();

//if asked, anyone in role can modify
if (isset($_POST['import_kps_anyone_can_modify_in_role']) && $_POST['import_kps_anyone_can_modify_in_role'] == "true") {
foreach ($_SESSION['arr_roles'] as $role) {
DB::insert(
prefix_table("restriction_to_roles"),
array(
'role_id' => $role['id'],
'item_id' => $newId
)
);
}
}

//Add log
DB::insert(
prefix_table("log_items"),
array(
'id_item' => $newId,
'date' => time(),
'id_user' => $_SESSION['user_id'],
'action' => 'at_creation',
'raison' => 'at_import'
)
);

//Add entry to cache table
DB::insert(
prefix_table("cache"),
array(
'id' => $newId,
'label' => stripslashes($item[KP_TITLE]),
'description' => stripslashes(str_replace($lineEndSeparator, '<br />', $item[KP_NOTES])),
'id_tree' => $folderId,
'perso' => $personalFolder == 0 ? 0 : 1,
'login' => stripslashes($item[KP_USERNAME]),
'folder' => $data['title'],
'author' => $_SESSION['user_id']
)
);

//show
//$text .= '- '.addslashes($item[2]).'<br />';

//increment number of imported items
$nbItemsImported++;
} else {
$results .= " - ".$item[KP_TITLE]." was not imported\n";
}

// escape if folderId is empty
if (!empty($folderId)) {
$results .= " - Inserting\n";

// prepare PW
if ($import_perso == true) {
$encrypt = cryption($pw, $_SESSION['my_sk'], "", "encrypt");
} else {
$encrypt = cryption($pw, SALT, "", "encrypt");
}

//ADD item
DB::insert(
prefix_table("items"),
array(
'label' => stripslashes($item[KP_TITLE]),
'description' => stripslashes(str_replace($lineEndSeparator, '<br />', $item[KP_NOTES])),
'pw' => $encrypt['string'],
'pw_iv' => $encrypt['iv'],
'url' => stripslashes($item[KP_URL]),
'id_tree' => $folderId,
'login' => stripslashes($item[KP_USERNAME]),
'anyone_can_modify' => $_POST['import_kps_anyone_can_modify'] == "true" ? 1 : 0
)
);
$newId = DB::insertId();

//if asked, anyone in role can modify
if (isset($_POST['import_kps_anyone_can_modify_in_role']) && $_POST['import_kps_anyone_can_modify_in_role'] == "true") {
foreach ($_SESSION['arr_roles'] as $role) {
DB::insert(
prefix_table("restriction_to_roles"),
array(
'role_id' => $role['id'],
'item_id' => $newId
)
);
}
}

//Add log
DB::insert(
prefix_table("log_items"),
array(
'id_item' => $newId,
'date' => time(),
'id_user' => $_SESSION['user_id'],
'action' => 'at_creation',
'raison' => 'at_import'
)
);

//Add entry to cache table
DB::insert(
prefix_table("cache"),
array(
'id' => $newId,
'label' => stripslashes($item[KP_TITLE]),
'description' => stripslashes(str_replace($lineEndSeparator, '<br />', $item[KP_NOTES])),
'id_tree' => $folderId,
'perso' => $personalFolder == 0 ? 0 : 1,
'login' => stripslashes($item[KP_USERNAME]),
'folder' => $data['title'],
'author' => $_SESSION['user_id'],
'timestamp' => time()
)
);

//show
//$text .= '- '.addslashes($item[2]).'<br />';

//increment number of imported items
$nbItemsImported++;
} else {
$results .= " - ".$item[KP_TITLE]." was not imported\n";
}
}
}

Expand Down

0 comments on commit ae62966

Please sign in to comment.