2.1.27

Fix for #1674, #1676, #1662
nilsteampassnet · Mar 4, 2017 · 4ba14a1 · 4ba14a1
1 parent 2362d06
commit 4ba14a1
Show file tree

Hide file tree

Showing 7 changed files with 106 additions and 55 deletions.
diff --git a/changelog.md b/changelog.md
@@ -1,5 +1,8 @@
 2.1.27
+ #1676 Pre-auth XSS in index.php
+ #1674 name and lastname are changed on other user edit
  #1672 Anonymous settings not stored
+ #1670 Incremental upgrade not active
  #1669 Logout - Errors
  #1666 Can`t set avatar
  #1659 Third level of sub folders in the Personal folder are not seen

diff --git a/includes/css/items.css b/includes/css/items.css
@@ -147,4 +147,14 @@ button{
 
 .small_spacing {
     margin:2px 0 2px 0;
+}
+
+.text-wrap {
+  text-overflow: ellipsis;
+  overflow: hidden;
+  white-space: nowrap;
+}
+
+.text-extract {
+  color: #6B6B6B;
 }
diff --git a/items.load.php b/items.load.php
@@ -1168,10 +1168,11 @@ function(data) {
                         $("#del_rep_show_error").html("<?php echo '<span class=\"fa fa-warning fa-lg\"></span>&nbsp;<\span>'.addslashes($LANG['error_cannot_delete_subfolders_exist']);?>").show(1).delay(3000).fadeOut(1000);
 
                     } else if (data.error === "ERR_FOLDER_NOT_ALLOWED") {
-                        $("#del_rep_show_error").html("<?php echo '<span class=\"fa fa-warning fa-lg\"></span>&nbsp;<\span>'.addslashes($LANG['error_not_allowed_to']);?>");
+                        $("#del_rep_show_error").html("<?php echo '<span class=\"fa fa-warning fa-lg\"></span>&nbsp;<\span>'.addslashes($LANG['error_not_allowed_to']);?>").show(1).delay(3000).fadeOut(1000);
                     }
                 } else {
-                    refreshTree();
+                    refreshTree(data.parent_id);
+                    ListerItems(data.parent_id,'', 0);
                     $("#div_supprimer_rep").dialog("close");
                 }
             }
@@ -2773,6 +2774,10 @@ function(data) {
         },
         open: function(event,ui) {
             $(".ui-tooltip").siblings(".tooltip").remove();
+        },
+        close: function() {
+            $("#delete_rep_groupe_validate").prop("checked", false);
+            $("#del_rep_show_error").html("").hide();
         }
     });
     //<=

diff --git a/sources/folders.queries.php b/sources/folders.queries.php
@@ -171,6 +171,8 @@
                 break;
             }
 
+            $error = "";
+
             // user shall not delete personal folder
             $data = DB::queryfirstrow(
                 "SELECT personal_folder
@@ -179,15 +181,25 @@
                 $_POST['id']
             );
             if ($data['personal_folder'] === "1") {
-                echo prepareExchangedData(array("error" => "ERR_FOLDER_NOT_ALLOWED"), "encode");
-                break;
+                $pf = true;
+            } else {
+                $pf = false;
             }
 
             // this will delete all sub folders and items associated
             $foldersDeleted = "";
             $folderForDel = array();
             $tree = new Tree\NestedTree\NestedTree(prefix_table("nested_tree"), 'id', 'parent_id', 'title');
 
+            // get parent folder
+            $parent = $tree->getPath($_POST['id']);
+            $parent = array_pop($parent);
+            if ($parent->id === null || $parent->id === "undefined") {
+                $parent_id = "";
+            } else {
+                $parent_id = $parent->id;
+            }
+
             // Get through each subfolder
             $folders = $tree->getDescendants($_POST['id'], true);
 
@@ -199,44 +211,50 @@
             foreach ($folders as $folder) {
                 if (($folder->parent_id > 0 || $folder->parent_id == 0) && $folder->title != $_SESSION['user_id'] ) {
                     //Store the deleted folder (recycled bin)
-                    DB::insert(
-                        prefix_table("misc"),
-                        array(
-                            'type' => 'folder_deleted',
-                            'intitule' => "f".$folder->id,
-                            'valeur' => $folder->id.', '.$folder->parent_id.', '.
-                                $folder->title.', '.$folder->nleft.', '.$folder->nright.', '.
-                                $folder->nlevel.', 0, 0, 0, 0'
-                       )
-                    );
+                    if ($pf === false) {
+                        DB::insert(
+                            prefix_table("misc"),
+                            array(
+                                'type' => 'folder_deleted',
+                                'intitule' => "f".$folder->id,
+                                'valeur' => $folder->id.', '.$folder->parent_id.', '.
+                                    $folder->title.', '.$folder->nleft.', '.$folder->nright.', '.
+                                    $folder->nlevel.', 0, 0, 0, 0'
+                           )
+                        );
+
+                        foreach ($items as $item) {
+                            DB::update(
+                                prefix_table("items"),
+                                array(
+                                    'inactif' => '1',
+                                ),
+                                "id = %i",
+                                $item['id']
+                            );
+                            //log
+                            DB::insert(
+                                prefix_table("log_items"),
+                                array(
+                                    'id_item' => $item['id'],
+                                    'date' => time(),
+                                    'id_user' => $_SESSION['user_id'],
+                                    'action' => 'at_delete'
+                                )
+                            );
+                        }
+
+                        //Update CACHE table
+                        updateCacheTable("delete_value", $_POST['id']);
+                    }
                     //array for delete folder
                     $folderForDel[] = $folder->id;
-
+                    
                     //delete items & logs
                     $items = DB::query(
                         "SELECT id FROM ".prefix_table("items")." WHERE id_tree=%i",
                         $folder->id
                     );
-                    foreach ($items as $item) {
-                        DB::update(
-                            prefix_table("items"),
-                            array(
-                                'inactif' => '1',
-                            ),
-                            "id = %i",
-                            $item['id']
-                        );
-                        //log
-                        DB::insert(
-                            prefix_table("log_items"),
-                            array(
-                                'id_item' => $item['id'],
-                                'date' => time(),
-                                'id_user' => $_SESSION['user_id'],
-                                'action' => 'at_delete'
-                            )
-                        );
-                    }
 
                     //Actualize the variable
                     $_SESSION['nb_folders'] --;
@@ -245,21 +263,20 @@
 
             // delete folder from SESSION
             if(($key = array_search($_POST['id'], $_SESSION['groupes_visibles'])) !== false) {
-                unset($messages[$key]);
+                unset($folders[$key]);
             }
 
             //rebuild tree
             $tree = new Tree\NestedTree\NestedTree(prefix_table("nested_tree"), 'id', 'parent_id', 'title');
             $tree->rebuild();
 
-            //Update CACHE table
-            updateCacheTable("delete_value", $_POST['id']);
-
             // delete folders
             $folderForDel = array_unique($folderForDel);
             foreach ($folderForDel as $fol){
                 DB::delete(prefix_table("nested_tree"), "id = %i", $fol);
             }
+
+            echo prepareExchangedData(array("error" => "", "parent_id" => $parent_id), "encode");
 
             break;
 

diff --git a/sources/items.queries.php b/sources/items.queries.php
@@ -2115,7 +2115,7 @@
                             in_array($_POST['id'], array_merge($_SESSION['personal_visible_groups'], $_SESSION['personal_folders']))
                             && $record['perso'] == 1
                         ) {
-                            $perso = '<i class="fa fa-warning mi-yellow fa-sm"></i>&nbsp';
+                            $perso = '<i class="fa fa-user-secret mi-grey-1 fa-sm"></i>&nbsp';
                             $findPfGroup = 1;
                             $action = 'AfficherDetailsItem(\''.$record['id'].'\', \'1\', \''.$expired_item.'\', \''.$restrictedTo.'\', \'\', \'\', \'\')';
                             $action_dbl = 'AfficherDetailsItem(\''.$record['id'].'\',\'1\',\''.$expired_item.'\', \''.$restrictedTo.'\', \'\', true, \'\')';
@@ -2138,7 +2138,7 @@
                         }
                         // CAse where item is restricted to a group of users not including user
                         elseif (
-                            $record['perso'] == 1
+                            $record['perso'] === "1"
                             ||
                             (
                                 !empty($record['restricted_to'])
@@ -2204,6 +2204,16 @@
                             $html .= '<span style="margin-left:11px;"></span>';
                         }
 
+                        // manage text to show
+                        $label = stripslashes(handleBackslash($record['label']));
+                        if (!empty($record['description']) && isset($_SESSION['settings']['show_description']) && $_SESSION['settings']['show_description'] === "1") {
+                            $desc = explode("<br>", $record['description']);
+                            $desc = strip_tags(stripslashes(cleanString($desc[0])));
+                        } else {
+                            $desc = "";
+                        }
+                        //$html .= $expirationFlag.''.$perso.'&nbsp;<a id="fileclass'.$record['id'].'" class="file" onclick="'.$action.'">'.$label.'&nbsp;<font size="1px">['.$desc.']</font></a></p>';
+
                             // manage text to show
                         $label = stripslashes(handleBackslash($record['label']));
                         if (!empty($record['description']) && isset($_SESSION['settings']['show_description']) && $_SESSION['settings']['show_description'] === "1") {
@@ -2221,6 +2231,7 @@
                             $item_text = substr($label, 0, 65);
                             $html .= $expirationFlag.''.$perso.'&nbsp;<a id="fileclass'.$record['id'].'" class="file" onclick="'.$action.'">'.$item_text.'&nbsp;<font size="1px">['.substr($desc, 0, 95 - strlen($label)).']</font>';
                         }
+
                         $html .= '</a>';
 
                         // increment array for icons shortcuts (don't do if option is not enabled)

diff --git a/sources/users.queries.php b/sources/users.queries.php
@@ -1239,7 +1239,7 @@
 
             // delete account
             // delete user in database
-            if ($account_status_action == "delete") {
+            if ($account_status_action === "delete") {
                 DB::delete(
                     prefix_table("users"),
                     "id = %i",
@@ -1278,8 +1278,8 @@
                 }
                 // update LOG
                 logEvents('user_mngt', 'at_user_deleted', $_SESSION['user_id'], $_SESSION['login'], $_POST['id']);
-            }
-            else {
+
+            } else {
 
                 // Get old data about user
                 $oldData = DB::queryfirstrow(
@@ -1317,10 +1317,11 @@
                 );
 
                 // update SESSION
-                $_SESSION['user_email'] = mysqli_escape_string($link, htmlspecialchars_decode($dataReceived['email']));
-                $_SESSION['name'] = mysqli_escape_string($link, htmlspecialchars_decode($dataReceived['name']));
-                $_SESSION['lastname'] = mysqli_escape_string($link, htmlspecialchars_decode($dataReceived['lastname']));
-
+                if ($_SESSION['user_id'] === $_POST['id']) {
+                    $_SESSION['user_email'] = mysqli_escape_string($link, htmlspecialchars_decode($dataReceived['email']));
+                    $_SESSION['name'] = mysqli_escape_string($link, htmlspecialchars_decode($dataReceived['name']));
+                    $_SESSION['lastname'] = mysqli_escape_string($link, htmlspecialchars_decode($dataReceived['lastname']));
+                }
 
                 // update LOG
                 if ($oldData['email'] != mysqli_escape_string($link, htmlspecialchars_decode($dataReceived['email']))) {

diff --git a/sources/views.queries.php b/sources/views.queries.php
@@ -150,18 +150,22 @@
             1,
             "at_delete"
         );
+        $prev_id = "";
         foreach ($rows as $record) {
-            if (in_array($record['id_tree'], $arrFolders)) {
-                if (count($arrFolders[$record['id_tree']])>0) {
-                    $thisFolder = '<td>'.$arrFolders[$record['id_tree']].'</td>';
+            if ($record['id'] !== $prev_id) {
+                if (in_array($record['id_tree'], $arrFolders)) {
+                    if (count($arrFolders[$record['id_tree']])>0) {
+                        $thisFolder = '<td>'.$arrFolders[$record['id_tree']].'</td>';
+                    } else {
+                        $thisFolder = "";
+                    }
                 } else {
                     $thisFolder = "";
                 }
-            } else {
-                $thisFolder = "";
-            }
 
-            $texte .= '<tr><td><input type=\'checkbox\' class=\'cb_deleted_item\' value=\''.$record['id'].'\' id=\'item_deleted_'.$record['id'].'\' />&nbsp;<b>'.$record['label'].'</b></td><td width=\"100px\" align=\"center\"><span class=\"fa fa-calendar\"></span>&nbsp;'.date($_SESSION['settings']['date_format'], $record['date']).'</td><td width=\"70px\" align=\"center\"><span class=\"fa fa-user\"></span>&nbsp;'.$record['login'].'</td><td><span class=\"fa fa-folder-o\"></span>&nbsp;'.$record['folder_title'].'</td>'.$thisFolder.'</tr>';
+                $texte .= '<tr><td><input type=\'checkbox\' class=\'cb_deleted_item\' value=\''.$record['id'].'\' id=\'item_deleted_'.$record['id'].'\' />&nbsp;<b>'.$record['label'].'</b></td><td width=\"100px\" align=\"center\"><span class=\"fa fa-calendar\"></span>&nbsp;'.date($_SESSION['settings']['date_format'], $record['date']).'</td><td width=\"70px\" align=\"center\"><span class=\"fa fa-user\"></span>&nbsp;'.$record['login'].'</td><td><span class=\"fa fa-folder-o\"></span>&nbsp;'.$record['folder_title'].'</td>'.$thisFolder.'</tr>';
+            }
+            $prev_id = $record['id'];
         }
 
         echo '[{"text":"'.$texte.'</table><div style=\'margin:15px 0px 0px 5px;\'><input type=\'checkbox\' id=\'item_deleted_select_all\' />&nbsp;&nbsp;<a class=\"button\" onclick=\"$(\'#tab2_action\').val(\'restoration\');OpenDialog(\'tab2_dialog\');\"><i class=\"fa fa-undo fa-lg\"></i>&nbsp;'.$LANG['restore'].'</a>&nbsp;&nbsp;<a class=\"button\" onclick=\"$(\'#tab2_action\').val(\'deletion\');OpenDialog(\'tab2_dialog\')\"><i class=\"fa fa-trash-o fa-lg\"></i>&nbsp;'.$LANG['delete'].'</a></div>"}]';