Skip to content

Commit

Permalink
2.1.27
Browse files Browse the repository at this point in the history 
Started implementing #1474
  • Loading branch information
@nilsteampassnet
nilsteampassnet committed Jan 5, 2017
1 parent c75a559 commit 3d79fad
Show file tree
Hide file tree
Showing 7 changed files with 45 additions and 27 deletions.
10 changes: 10 additions & 0 deletions admin.settings.php
View file
Expand Up @@ -714,6 +714,16 @@
</td><td>
<div class="toggle toggle-modern" id="subfolder_rights_as_parent" data-toggle-on="', isset($_SESSION['settings']['subfolder_rights_as_parent']) && $_SESSION['settings']['subfolder_rights_as_parent'] == 1 ? 'true' : 'false', '"></div><input type="hidden" id="subfolder_rights_as_parent_input" name="subfolder_rights_as_parent_input" value="', isset($_SESSION['settings']['subfolder_rights_as_parent']) && $_SESSION['settings']['subfolder_rights_as_parent'] == 1 ? '1' : '0', '" />
</td></tr>';
// Enable create_item_without_password
echo '
<tr><td>
<i class="fa fa-chevron-right mi-grey-1" style="margin-right: .3em;">&nbsp;</i>
<label>
'.$LANG['create_item_without_password'].'
</label>
</td><td>
<div class="toggle toggle-modern" id="create_item_without_password" data-toggle-on="', isset($_SESSION['settings']['create_item_without_password']) && $_SESSION['settings']['create_item_without_password'] == 1 ? 'true' : 'false', '"></div><input type="hidden" id="create_item_without_password_input" name="create_item_without_password_input" value="', isset($_SESSION['settings']['create_item_without_password']) && $_SESSION['settings']['create_item_without_password'] == 1 ? '1' : '0', '" />
</td></tr>';
/*
// Enable extra fields for each Item
echo '
Expand Down
1 change: 1 addition & 0 deletions includes/language/english.php
View file
Expand Up @@ -14,6 +14,7 @@
*/
global $LANG;
$LANG = array (
'create_item_without_password' => 'Allow item to be created without any password defined',
'ga_temporary_bad_code' => 'The temporary code you have entered is wrong. Please check your email, paste the code and try again.',
'ga_flash_qr_and_login' => 'Flash this QR code with your mobile device, enter the 2Factor Authentication code and click `Enter` button.',
'i_need_to_generate_new_ga_code' => 'I need a new QR code. Please send me by email a temporary Identication Code.',
Expand Down
3 changes: 2 additions & 1 deletion install/install.queries.php
View file
Expand Up @@ -419,7 +419,8 @@ function bCrypt($password, $cost)
array('admin','syslog_enable','0'),
array('admin','syslog_host','localhost'),
array('admin','syslog_port','514'),
array('admin','manager_move_item','0')
array('admin','manager_move_item','0'),
array('admin','create_item_without_password','0')
);
foreach ($aMiscVal as $elem) {
//Check if exists before inserting
Expand Down
8 changes: 8 additions & 0 deletions install/upgrade_run_2.1.27.php
View file
Expand Up @@ -370,6 +370,14 @@ function replace_a_line($data) {
);
}

// add new admin setting "create_item_without_password"
$tmp = mysqli_fetch_row(mysqli_query($dbTmp, "SELECT COUNT(*) FROM `".$_SESSION['tbl_prefix']."misc` WHERE type = 'admin' AND intitule = 'create_item_without_password'"));
if ($tmp[0] == 0 || empty($tmp[0])) {
mysqli_query($dbTmp,
"INSERT INTO `".$_SESSION['tbl_prefix']."misc` (`type`, `intitule`, `valeur`) VALUES ('admin', 'create_item_without_password', '0')"
);
}


// alter table USERS to add a new field "ga_temporary_code"
mysqli_query(
Expand Down
2 changes: 1 addition & 1 deletion items.load.php
View file
Expand Up @@ -562,7 +562,7 @@ function AjouterItem()

// do checks
if ($("#label").val() == "") erreur = "<?php echo $LANG['error_label'];?>";
else if ($("#pw1").val() == "") erreur = "<?php echo $LANG['error_pw'];?>";
else if ($("#pw1").val() === "" && $("#create_item_without_password").val() !== "1") erreur = "<?php echo $LANG['error_pw'];?>";
else if ($("#categorie").val() == "na") erreur = "<?php echo $LANG['error_group'];?>";
else if ($("#pw1").val() != $("#pw2").val()) erreur = "<?php echo $LANG['error_confirm'];?>";
else if ($("#enable_delete_after_consultation").is(':checked') && (($("#times_before_deletion").val() < 1 && $("#deletion_after_date").val() == "") || ($("#times_before_deletion").val() == "" && $("#deletion_after_date").val() == ""))) erreur = "<?php echo $LANG['error_times_before_deletion'];?>";
Expand Down
3 changes: 2 additions & 1 deletion items.php
View file
Expand Up @@ -93,7 +93,8 @@
<input type="hidden" id="access_level" value="" />
<input type="hidden" id="empty_clipboard" value="" />
<input type="hidden" id="selected_folder_is_personal" value="" />
<input type="hidden" id="personal_visible_groups_list" value="', isset($_SESSION['personal_visible_groups_list']) ? $_SESSION['personal_visible_groups_list'] : "", '" />';
<input type="hidden" id="personal_visible_groups_list" value="', isset($_SESSION['personal_visible_groups_list']) ? $_SESSION['personal_visible_groups_list'] : "", '" />
<input type="text" id="create_item_without_password" value="', isset($_SESSION['user_settings']['create_item_without_password']) ? $_SESSION['user_settings']['create_item_without_password'] : "0", '" />';
// Hidden objects for Item search
if (isset($_GET['group']) && isset($_GET['id'])) {
echo '
Expand Down
45 changes: 21 additions & 24 deletions sources/items.queries.php
View file
Expand Up @@ -134,7 +134,7 @@
}

// is pwd empty?
if (empty($pw)) {
if (empty($pw) && isset($_SESSION['user_settings']['create_item_without_password']) && $_SESSION['user_settings']['create_item_without_password'] !== "1") {
echo prepareExchangedData(array("error" => "ERR_PWD_EMPTY"), "encode");
break;
}
Expand Down Expand Up @@ -165,32 +165,29 @@
||
(isset($_SESSION['settings']['duplicate_item']) && $_SESSION['settings']['duplicate_item'] == 1)
) {
// encrypt PW
if ($dataReceived['salt_key_set'] == 1 && isset($dataReceived['salt_key_set']) && $dataReceived['is_pf'] == 1 && isset($dataReceived['is_pf'])) {
$passwd = cryption(
$pw,
$_SESSION['user_settings']['session_psk'],
"encrypt"
);
$restictedTo = $_SESSION['user_id'];
if (isset($_SESSION['user_settings']['create_item_without_password']) && $_SESSION['user_settings']['create_item_without_password'] !== "1") {
// encrypt PW
if ($dataReceived['salt_key_set'] == 1 && isset($dataReceived['salt_key_set']) && $dataReceived['is_pf'] == 1 && isset($dataReceived['is_pf'])) {
$passwd = cryption(
$pw,
$_SESSION['user_settings']['session_psk'],
"encrypt"
);
$restictedTo = $_SESSION['user_id'];
} else {
$passwd = cryption(
$pw,
"",
"encrypt"
);
}
} else {
$passwd = cryption(
$pw,
"",
"encrypt"
);
$passwd['string'] = "";
}

if (DEFUSE_ENCRYPTION === TRUE) {
if (!empty($passwd["error"])) {
echo prepareExchangedData(array("error" => "ERR_ENCRYPTION", "msg" => $passwd["error"]), "encode");
break;
}
} else {
if (empty($passwd["string"])) {
echo prepareExchangedData(array("error" => "ERR_ENCRYPTION_NOT_CORRECT"), "encode");
break;
}
if (!empty($passwd["error"])) {
echo prepareExchangedData(array("error" => "ERR_ENCRYPTION", "msg" => $passwd["error"]), "encode");
break;
}

// ADD item
Expand Down

0 comments on commit 3d79fad

Please sign in to comment.