Skip to content

Commit

Permalink
Merge branch 'development'
Browse files Browse the repository at this point in the history
  • Loading branch information
@nilsteampassnet
nilsteampassnet committed Jun 4, 2016
2 parents a62dd6f + ae62966 commit d90575a
Show file tree
Hide file tree
Showing 45 changed files with 1,338 additions and 169 deletions.
136 changes: 122 additions & 14 deletions api/functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
require_once "../includes/include.php";
require_once "../sources/main.functions.php";


function teampass_api_enabled() {
teampass_connect();
$response = DB::queryFirstRow(
Expand Down Expand Up @@ -99,19 +100,7 @@ function addToCacheTable($id)
$tags .= $itemTag['tag']." ";
}
}
// form id_tree to full foldername
/*$folder = "";
$arbo = $tree->getPath($data['id_tree'], true);
foreach ($arbo as $elem) {
if ($elem->title == $_SESSION['user_id'] && $elem->nlevel == 1) {
$elem->title = $_SESSION['login'];
}
if (empty($folder)) {
$folder = stripslashes($elem->title);
} else {
$folder .= " » ".stripslashes($elem->title);
}
}*/

// finaly update
DB::insert(
prefix_table("cache"),
Expand Down Expand Up @@ -741,7 +730,7 @@ function rest_get () {
} elseif ($GLOBALS['request'][0] == "set") {
/*
* Expected call format: .../api/index.php/set/<login_to_save>/<password_to_save>/<url>/<user_login>/<user_password>?apikey=<VALID API KEY>
* Example: https://127.0.0.1/teampass/api/index.php/auth/myLogin/myPassword/USER1/test/76?apikey=chahthait5Aidood6johh6Avufieb6ohpaixain
* Example: https://127.0.0.1/teampass/api/index.php/set/newLogin/newPassword/newUrl/myLogin/myPassword?apikey=gu6Eexaewaishooph6iethoh5woh0yoit6ohquo
*
* NEW ITEM WILL BE STORED IN SPECIFIC FOLDER
*/
Expand All @@ -754,6 +743,9 @@ function rest_get () {
"SELECT `id`, `pw`, `groupes_interdits`, `groupes_visibles`, `fonction_id` FROM " . $pre . "users WHERE login = %s",
$GLOBALS['request'][4]
);
if (DB::count() == 0) {
rest_error ('AUTH_NO_IDENTIFIER');
}

// load passwordLib library
$_SESSION['settings']['cpassman_dir'] = "..";
Expand Down Expand Up @@ -861,6 +853,122 @@ function rest_get () {
} else {
rest_error ('AUTH_NO_IDENTIFIER');
}
}
/*
* DELETE
*
* Expected call format: .../api/index.php/delete/folder/<folder_id1;folder_id2;folder_id3>?apikey=<VALID API KEY>
* Expected call format: .../api/index.php/delete/item>/<item_id1;item_id2;item_id3>?apikey=<VALID API KEY>
*/
elseif ($GLOBALS['request'][0] == "delete") {
$_SESSION['settings']['cpassman_dir'] = "..";
if($GLOBALS['request'][1] == "folder") {
$array_category = explode(';',$GLOBALS['request'][2]);

if(count($array_category) > 0 && count($array_category) < 5) {
// load passwordLib library
require_once '../sources/SplClassLoader.php';

// prepare tree
$tree = new SplClassLoader('Tree\NestedTree', '../includes/libraries');
$tree->register();
$tree = new Tree\NestedTree\NestedTree(prefix_table("nested_tree"), 'id', 'parent_id', 'title', 'personal_folder');

// this will delete all sub folders and items associated
for ($i=0; $i < count($array_category); $i ++) {
// Get through each subfolder
$folders = $tree->getDescendants($array_category[$i], true);
print_r($folders);
if (count($folders) > 0) {
foreach ($folders as $folder) {
if (($folder->parent_id > 0 || $folder->parent_id == 0) && $folder->personal_folder != 1) {
//Store the deleted folder (recycled bin)
DB::insert(
prefix_table("misc"),
array(
'type' => 'folder_deleted',
'intitule' => "f".$array_category[$i],
'valeur' => $folder->id.', '.$folder->parent_id.', '.
$folder->title.', '.$folder->nleft.', '.$folder->nright.', '. $folder->nlevel.', 0, 0, 0, 0'
)
);
//delete folder
DB::delete(prefix_table("nested_tree"), "id = %i", $folder->id);

//delete items & logs
$items = DB::query(
"SELECT id
FROM ".prefix_table("items")."
WHERE id_tree=%i",
$folder->id
);
foreach ($items as $item) {
DB::update(
prefix_table("items"),
array(
'inactif' => '1',
),
"id = %i",
$item['id']
);
//log
DB::insert(
prefix_table("log_items"),
array(
'id_item' => $item['id'],
'date' => time(),
'id_user' => "9999999",
'action' => 'at_delete'
)
);
}
//Update CACHE table
updateCacheTable("delete_value", $array_category[$i]);
}
}
}
}
} else {
rest_error ('NO_CATEGORY');
}

$json['status'] = 'OK';

} elseif($GLOBALS['request'][1] == "item") {
$array_items = explode(';',$GLOBALS['request'][2]);

for ($i=0; $i < count($array_items); $i ++) {
DB::update(
prefix_table("items"),
array(
'inactif' => '1',
),
"id = %i",
$array_items[$i]
);
//log
DB::insert(
prefix_table("log_items"),
array(
'id_item' => $array_items[$i],
'date' => time(),
'id_user' => "9999999",
'action' => 'at_delete'
)
);

//Update CACHE table
updateCacheTable("delete_value", $array_items[$i]);
}

$json['status'] = 'OK';
}

if ($json) {
echo json_encode($json);
} else {
rest_error ('EMPTY');
}
} else {
rest_error ('METHOD');
}
Expand Down
10 changes: 10 additions & 0 deletions changelog.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
Last changes
2.1.26
#1310 Addes Estonian language
#1308 Teampass hangs when a folder is create with option "New sub-folder inherits rights from parent folder" enabled
#1300 After 3 bad login attempts, user needs to wait 10s before new try
#1299 Export to pdf or csv shows htmlencoded
#1298 Backup-filename on 2.1.26 contains /
#1284 fix for can_manage_all_users update during upgrade
#1279 SyntaxError: Unexpected token î in JSON at position 0
#1276 MySQL 5.7 query error
Expand All @@ -25,13 +30,18 @@ Last changes
#1178 New user right added for managing all users (super Manager)
#1174 Adding LDAP groups support to 'posix-search' LDAP auth
#1158 Can't Change admin Password
#910 Backslashes in accounts are not copied to clipboard
NEW: Server user password change through SSH connection
NEW: Upgrade database handler improved for better upgrades management
NEW: New user right added for managing all users (super Manager)
FIX: If expiration engaged and password is changed, the warning is still present.
FIX: New suggestion folder could remain empty in some specific cases.
FIX: By creating a role, this new one is directly visible by creator.
FIX: Security issue with downloadFile.php. Now protected by session and htaccess.
FIX: QRCode is not visible in Users list
FIX: Display inconsistancies in User log results
Fix: Inconsistency in Delete & Restore process
Fix: Errors in CSV import process

2.1.25
#1169 sending Google Authenticator code through index page
Expand Down
Binary file added includes/images/flags/ee.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
1 change: 1 addition & 0 deletions includes/language/arabic.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
*/
global $LANG;
$LANG = array (
'error_bad_credentials_more_than_3_times' => 'Login credentials do not correspond!<br>Please wait 10 seconds before new try',
'user_ga_code' => 'Send GoogleAuthenticator to user by email',
'send_ga_code' => 'Google Authenticator for user',
'error_no_email' => 'This user has no email set!',
Expand Down
1 change: 1 addition & 0 deletions includes/language/bulgarian.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
*/
global $LANG;
$LANG = array (
'error_bad_credentials_more_than_3_times' => 'Login credentials do not correspond!<br>Please wait 10 seconds before new try',
'user_ga_code' => 'Send GoogleAuthenticator to user by email',
'send_ga_code' => 'Google Authenticator за потребител',
'error_no_email' => 'Този потребител няма настроена поща!',
Expand Down
1 change: 1 addition & 0 deletions includes/language/catalan.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
*/
global $LANG;
$LANG = array (
'error_bad_credentials_more_than_3_times' => 'Login credentials do not correspond!<br>Please wait 10 seconds before new try',
'user_ga_code' => 'Enviar GoogleAuthenticator per email',
'send_ga_code' => 'Google Authenticator per l\'usuari',
'error_no_email' => 'L\'usuari no te email configurat!',
Expand Down
1 change: 1 addition & 0 deletions includes/language/chinese.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
*/
global $LANG;
$LANG = array (
'error_bad_credentials_more_than_3_times' => 'Login credentials do not correspond!<br>Please wait 10 seconds before new try',
'user_ga_code' => '发送 Google 身份验证器至用户,通过电子邮件',
'send_ga_code' => 'Google 身份验证器,为用户',
'error_no_email' => '此用户未设置电子邮件地址!',
Expand Down
1 change: 1 addition & 0 deletions includes/language/czech.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
*/
global $LANG;
$LANG = array (
'error_bad_credentials_more_than_3_times' => 'Login credentials do not correspond!<br>Please wait 10 seconds before new try',
'user_ga_code' => 'Zaslat uživateli Google Authenticator emailem',
'send_ga_code' => 'Google Authenticator pro uživatele',
'error_no_email' => 'Tento uživatel nemá nastavenou emailovou adresu!',
Expand Down
1 change: 1 addition & 0 deletions includes/language/dutch.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
*/
global $LANG;
$LANG = array (
'error_bad_credentials_more_than_3_times' => 'Login credentials do not correspond!<br>Please wait 10 seconds before new try',
'user_ga_code' => 'Stuur GoogleAuthenticator naar gebruiker via e-mail',
'send_ga_code' => 'GoogleAuthenticator voor gebruiker',
'error_no_email' => 'Deze gebruiker heeft geen e-mailadres ingesteld',
Expand Down
5 changes: 3 additions & 2 deletions includes/language/english.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,8 @@
*/
global $LANG;
$LANG = array (
'csv_import_information' => 'The CSV file needs to fullfil next rules:<ul><li>The 1st line must be a header,</li><li>It must contain 5 columns,</li><li>The separator character is a comma `,`,</li><li>The encalupsation character is a double quotes `"`,</li><li>Expected columns are: `Label` , `Login` , `Password` , `URL` , `Comments`.</li></ul>',
'error_bad_credentials_more_than_3_times' => 'Login credentials do not correspond!<br>Please wait 10 seconds before new try',
'user_ga_code' => 'Send GoogleAuthenticator to user by email',
'send_ga_code' => 'Google Authenticator for user',
'error_no_email' => 'This user has no email set!',
Expand Down Expand Up @@ -500,7 +502,6 @@
'import_button' => 'Import',
'import_csv_anyone_can_modify_in_role_txt' => 'Set "anyone in the same role can modify" right on all imported items.',
'import_csv_anyone_can_modify_txt' => 'Set "anyone can modify" right on all imported items.',
'import_csv_dialog_info' => 'Information: import must be done using a CSV file. Typically a file exported from KeePass has the expected structure.<br />If you use a file generated by another tool, please check that CSV structure is as follows: `Account`,`Login Name`,`Password`,`Web Site`,`Comments`.',
'import_csv_menu_title' => 'Import Items',
'import_error_no_file' => 'You must select a file!',
'import_error_no_read_possible' => 'Can\'t read the file!',
Expand Down Expand Up @@ -803,7 +804,7 @@
'edit_user' => 'Edit user',
'pf_change_encryption' => 'The encryption algorithm has changed and your personal passwords have to be re-encoded. You need to run this process to use your passwords. This process may take several minutes depending on the number of items you have.',
'operation_encryption_done' => 'Re-encryption has been performed. You can close this dialogbox.',
'show_password' => 'Show password',
'show_password' => 'Click and maintain to show password',
'change_password' => 'Change password',
'pf_sk_set' => 'Your personal Salt Key is correctly set, You can click on button Start',
'pf_sk_not_set' => 'Your personal Salt Key is NOT set! Please enter it.',
Expand Down
Loading

0 comments on commit d90575a

Please sign in to comment.