From 577a92f09fffe374262c20283371347f13595360 Mon Sep 17 00:00:00 2001
From: LAUMAILLE Nils <298792@dom2.ad.sys>
Date: Mon, 30 Jan 2017 12:12:51 +0100
Subject: [PATCH] 2.1.27
Fix for #1628, #1627
Implemented item change proposal (#1625)
---
changelog.md | 3 +
folders.php | 2 +-
includes/language/english.php | 1 +
index.php | 2 +-
install/install.queries.php | 2 +-
install/upgrade_run_2.1.27.php | 2 +-
items.load.php | 32 +++++----
items.php | 37 +++++------
load.php | 28 ++++++++
sources/folders.queries.php | 1 +
sources/items.queries.php | 33 +++++++---
sources/main.queries.php | 23 +++++++
sources/suggestion.queries.php | 115 +++++++++++++++++++++++++++++----
suggestion.load.php | 36 +++++++++--
14 files changed, 251 insertions(+), 66 deletions(-)
diff --git a/changelog.md b/changelog.md
index b72d1ad0b..33d991eda 100755
--- a/changelog.md
+++ b/changelog.md
@@ -20,6 +20,9 @@ Last changes
- copy from public to personal folder
- list of folders is refreshed when copying an Item
# Copy folders
+ #1628 URL link to specific item does not work
+ #1627 Improved label preview length
+ #1625 Request to add/change password
#1624 Error 500 while importing item with API (with PHP < 7)
#1621 New option: OTV can be disabled
# New option: create Item without password
diff --git a/folders.php b/folders.php
index fbbc8f067..aa4606f13 100644
--- a/folders.php
+++ b/folders.php
@@ -45,7 +45,7 @@
// prepare options list
$prev_level = 0;
$droplist = '';
-if ($_SESSION['is_admin'] == 1 || $_SESSION['can_create_root_folder'] == 1) {
+if ($_SESSION['is_admin'] === "1" || $_SESSION['user_manager'] === "1" || $_SESSION['can_create_root_folder'] === "1") {
$droplist .= '';
}
foreach ($tst as $t) {
diff --git a/includes/language/english.php b/includes/language/english.php
index 6d08aa555..d2b91f8f0 100644
--- a/includes/language/english.php
+++ b/includes/language/english.php
@@ -14,6 +14,7 @@
*/
global $LANG;
$LANG = array (
+ 'Dont_update_with_this_data' => 'Don\'t update item with this data',
'show_suggestions' => 'New suggestions',
'show_changes' => 'Change proposals',
'suggest_password_change' => 'Suggest a password change',
diff --git a/index.php b/index.php
index 09273f0e7..a442776d6 100644
--- a/index.php
+++ b/index.php
@@ -203,7 +203,7 @@
) {
echo '
-
+
';
}
// Admin menu
diff --git a/install/install.queries.php b/install/install.queries.php
index 6de261c66..53408f4a3 100644
--- a/install/install.queries.php
+++ b/install/install.queries.php
@@ -807,7 +807,7 @@ function bCrypt($password, $cost)
`id` tinyint(10) NOT NULL AUTO_INCREMENT,
`item_id` tinyint(12) NOT NULL,
`label` varchar(255) NOT NULL DEFAULT 'none',
- `pwd` text NOT NULL,
+ `pw` text NOT NULL,
`login` varchar(255) NOT NULL DEFAULT 'none',
`email` varchar(255) NOT NULL DEFAULT 'none',
`url` varchar(255) NOT NULL DEFAULT 'none',
diff --git a/install/upgrade_run_2.1.27.php b/install/upgrade_run_2.1.27.php
index 58cd6e9ab..f4599c093 100644
--- a/install/upgrade_run_2.1.27.php
+++ b/install/upgrade_run_2.1.27.php
@@ -447,7 +447,7 @@ function replace_a_line($data) {
`id` tinyint(10) NOT NULL AUTO_INCREMENT,
`item_id` tinyint(12) NOT NULL,
`label` varchar(255) NOT NULL DEFAULT 'none',
- `pwd` text NOT NULL,
+ `pw` text NOT NULL,
`login` varchar(255) NOT NULL DEFAULT 'none',
`email` varchar(255) NOT NULL DEFAULT 'none',
`url` varchar(255) NOT NULL DEFAULT 'none',
diff --git a/items.load.php b/items.load.php
index 6d0e136c8..63df2c224 100755
--- a/items.load.php
+++ b/items.load.php
@@ -1077,7 +1077,7 @@ function AddNewFolder()
{
if ($("#new_rep_titre").val() == "") {
$("#new_rep_show_error").html("").show();
- } else if ($("#new_rep_groupe").val() == "0") {
+ } else if ($("#new_rep_groupe").val() === "") {
$("#new_rep_show_error").html("").show();
} else if ($("#new_rep_complexite").val() == "") {
$("#new_rep_show_error").html("").show();
@@ -1181,13 +1181,15 @@ function(data) {
function AfficherDetailsItem(id, salt_key_required, expired_item, restricted, display, open_edit, reload, id_tree)
{
- console.log(id+"--"+("#request_ongoing").val());
// If a request is already launched, then kill new.
if ($("#request_ongoing").val() !== "") {
request.abort();
return;
}
id_tree = id_tree || "";
+ salt_key_required = salt_key_required || 0;
+ id_tree = id_tree || "";
+ id_tree = id_tree || "";
// Store status query running
$("#request_ongoing").val("1");
@@ -2275,17 +2277,14 @@ function(data) {
data = prepareExchangedData(data , "decode", "");
//check if format error
if (data.error == "") {
- // clear list (except the entries with value = 0)
- $('#new_rep_groupe option[value!="0"]').remove();
- $('#edit_folder_folder option[value!="0"]').remove();
- $('#move_folder_id option[value!="0"]').remove();
- $('#delete_rep_groupe option[value!="0"]').remove();
- $('#copy_in_folder option[value!="0"]').remove();
-
// append new list
$("#categorie, #edit_categorie, #new_rep_groupe, #edit_folder_folder, #delete_rep_groupe").find('option').remove().end().append(data.selectVisibleFoldersOptions);
$("#move_folder_id").find('option').remove().end().append(data.selectFullVisibleFoldersOptions);
$("#copy_in_folder").find('option').remove().end().append(data.selectVisibleActiveFoldersOptions);
+
+ // remove ROOT option if exists
+ $('#edit_folder_folder option[value="0"]').remove();
+ $('#delete_rep_groupe option[value="0"]').remove();
}
}
);
@@ -2483,7 +2482,7 @@ function(data) {
bgiframe: true,
modal: true,
autoOpen: false,
- width: 350,
+ width: 490,
height: 280,
title: "",
buttons: {
@@ -3112,7 +3111,13 @@ function(data) {
},
function(data) {
if (data[0].error === "") {
- $("#div_suggest_change_wait").html("").show(1).delay(2000).fadeOut(1000);
+ $("#div_suggest_change_wait").html("").show(1).delay(1500).fadeOut(1000);
+ setTimeout(
+ function() {
+ $("#div_suggest_change").dialog("close");
+ },
+ 500
+ );
}
},
"json"
@@ -3374,9 +3379,8 @@ function(data) {
}
//Load item if needed and display items list
- if ($("#open_id").val() !== "") {console.log(">> open "+$("#open_id").val());
- AfficherDetailsItem($("#open_id").val(), "", "", "", "", "", "", "");
-console.log(">> suite1");
+ if ($("#open_id").val() !== "") {
+ AfficherDetailsItem($("#open_id").val());
//refreshTree($("#hid_cat").val(), "0");
$("#open_item_by_get").val("");
}
diff --git a/items.php b/items.php
index dad55b666..936be70e5 100644
--- a/items.php
+++ b/items.php
@@ -100,12 +100,12 @@
echo '
-
+
';
} elseif (isset($_GET['group']) && !isset($_GET['id'])) {
echo '';
echo '';
- echo '';
+ echo '';
echo '';
} else {
echo '';
@@ -151,7 +151,7 @@
(isset($_SESSION['settings']['allow_print']) && $_SESSION['settings']['allow_print'] == 1 && $_SESSION['user_admin'] != 1 && $_SESSION['temporary']['user_can_printout'] == true) ? ' '.$LANG['print_out_menu_title'].'' : '' ,
(isset($_SESSION['settings']['settings_offline_mode']) && $_SESSION['settings']['settings_offline_mode'] == 1 && $_SESSION['user_admin'] != 1) ? ' '.$LANG['offline_menu_title'].'' : '' , '
-
+
@@ -233,7 +233,7 @@
', isset($_SESSION['settings']['enable_suggestion']) && $_SESSION['settings']['enable_suggestion'] == 1 ? '
'.$LANG['suggest_password_change'].'' : '', '
-
+
@@ -415,7 +415,7 @@
// Line for FOLDERS
echo '
- ';
+ ';
// Line for LOGIN
echo '
@@ -597,7 +597,7 @@
echo '
-
+
';
// Line for LOGIN
echo '
@@ -766,24 +766,23 @@
@@ -798,23 +797,22 @@
@@ -858,8 +856,7 @@
| '.$LANG['group_select'].' : |
- |
@@ -900,7 +897,7 @@
'.$LANG['item_copy_to_folder'].'
diff --git a/load.php b/load.php
index a388f34b4..dd75f38d4 100644
--- a/load.php
+++ b/load.php
@@ -1172,6 +1172,34 @@ function prepare_delete_fav(id)
$("#detele_fav_id").val(id);
OpenDialogBox("div_delete_fav");
}';
+} else if (isset($_GET['page'])) {
+ // simulate a CRON activity (only 4 secs after page loading)
+ // check for existing suggestions / changes
+ $htmlHeaders .= '
+ setTimeout(
+ function() {
+ $.post(
+ "sources/main.queries.php",
+ {
+ type : "is_existings_suggestions",
+ key : "'.$_SESSION['key'].'"
+ },
+ function(data) {
+ //check if format error
+ if (data[0].error === "" && data[0].count > 0) {
+ $("#menu_icon_suggestions").addClass("mi-red");
+
+ setInterval(function(){blink()}, 700);
+ function blink() {
+ $("#menu_icon_suggestions").fadeTo(100, 0.1).fadeTo(200, 1.0);
+ }
+ }
+ },
+ "json"
+ );
+ },
+ 4000
+ );';
}
$htmlHeaders .= '
diff --git a/sources/folders.queries.php b/sources/folders.queries.php
index 1f2b87834..d06903242 100644
--- a/sources/folders.queries.php
+++ b/sources/folders.queries.php
@@ -469,6 +469,7 @@
&& isset($_SESSION['settings']['subfolder_rights_as_parent'])
&& $_SESSION['settings']['subfolder_rights_as_parent'] == 1
&& $_SESSION['is_admin'] !== 0
+ || ($isPersonal != 1 && $parentId === "0")
){
//Get user's rights
@identifyUserRights(
diff --git a/sources/items.queries.php b/sources/items.queries.php
index 2b785d730..a637ae79a 100644
--- a/sources/items.queries.php
+++ b/sources/items.queries.php
@@ -1263,7 +1263,7 @@
);
$arrData['edit_item_salt_key'] = 0;
}
-
+
$pw = @$pw['string'];
if (!isUTF8($pw)) {
$pw = '';
@@ -2203,16 +2203,26 @@
} else {
$html .= '';
}
- $html .= $expirationFlag.''.$perso.' '.substr(stripslashes(handleBackslash($record['label'])), 0, 65);
- if (!empty($record['description']) && isset($_SESSION['settings']['show_description']) && $_SESSION['settings']['show_description'] == 1) {
- $tempo = explode("
", $record['description']);
- if (count($tempo) == 1) {
- $html .= ' ['.strip_tags(stripslashes(substr(cleanString($record['description']), 0, 30))).']';
- } else {
- $html .= ' ['.strip_tags(stripslashes(substr(cleanString($tempo[0]), 0, 30))).']';
- }
+
+ // manage text to show
+ $label = stripslashes(handleBackslash($record['label']));
+ if (!empty($record['description']) && isset($_SESSION['settings']['show_description']) && $_SESSION['settings']['show_description'] === "1") {
+ $desc = explode("
", $record['description']);
+ $desc = strip_tags(stripslashes(cleanString($desc[0])));
+ } else {
+ $desc = "";
+ }
+ if (strlen($label) >= 95 || $desc === "") {
+ $html .= $expirationFlag.''.$perso.' '.substr($label, 0, 100);
+ } else if (strlen($label) < 95 && strlen($label) > 65) {
+ $item_text = substr($label, 0, 65);
+ $html .= $expirationFlag.''.$perso.' '.$item_text.' ['.substr($desc, 0, 95 - strlen($label)).']';
+ } else if (strlen($label) <= 65) {
+ $item_text = substr($label, 0, 65);
+ $html .= $expirationFlag.''.$perso.' '.$item_text.' ['.substr($desc, 0, 95 - strlen($label)).']';
}
$html .= '';
+
// increment array for icons shortcuts (don't do if option is not enabled)
if (isset($_SESSION['settings']['copy_to_clipboard_small_icons']) && $_SESSION['settings']['copy_to_clipboard_small_icons'] == 1) {
if ($need_sk == true && isset($_SESSION['user_settings']['session_psk'])) {
@@ -3409,6 +3419,9 @@
// Build list of visible folders
$selectVisibleFoldersOptions = $selectVisibleNonPersonalFoldersOptions = $selectVisibleActiveFoldersOptions = "";
+ if (isset($_SESSION['settings']['can_create_root_folder']) && $_SESSION['settings']['can_create_root_folder'] == 1) {
+ $selectVisibleFoldersOptions = '';
+ }
if ($_SESSION['user_admin'] == 1 && (isset($k['admin_full_right'])
&& $k['admin_full_right'] == true) || !isset($k['admin_full_right'])) {
@@ -3661,7 +3674,7 @@
array(
'item_id' => $item_id,
'label' => $label,
- 'pwd' => $encrypt['string'],
+ 'pw' => $encrypt['string'],
'login' => $login,
'email' => $email,
'url' => $url,
diff --git a/sources/main.queries.php b/sources/main.queries.php
index 104d7e90d..2972d3dfa 100644
--- a/sources/main.queries.php
+++ b/sources/main.queries.php
@@ -1035,4 +1035,27 @@
echo json_encode($array);
break;
+
+ /**
+ * Check if suggestions are existing
+ */
+ case "is_existings_suggestions":
+ if ($_POST['key'] != $_SESSION['key']) {
+ echo '[ { "error" : "key_not_conform" } ]';
+ break;
+ }
+
+ if ($_SESSION['user_manager'] === "1" || $_SESSION['is_admin'] === "1") {
+ $count = 0;
+ DB::query("SELECT * FROM ".$pre."items_change");
+ $count += DB::count();
+ DB::query("SELECT * FROM ".$pre."suggestion");
+ $count += DB::count();
+
+ echo '[ { "error" : "" , "count" : "'.$count.'"} ]';
+ } else {
+ echo '[ { "error" : "no" , "count" : ""} ]';
+ }
+
+ break;
}
diff --git a/sources/suggestion.queries.php b/sources/suggestion.queries.php
index 6a3def8a1..4cc738354 100644
--- a/sources/suggestion.queries.php
+++ b/sources/suggestion.queries.php
@@ -310,13 +310,13 @@
"SELECT * FROM ".$pre."items_change WHERE id = %i",
$_POST['id']
);
- $tmp = cryption($data['pwd'], "", "decrypt");
+ $tmp = cryption($data['pw'], "", "decrypt");
$data['pw'] = $tmp['string'];
$data_current = DB::queryfirstrow(
"SELECT * FROM ".$pre."items WHERE id = %i",
- $_POST['id']
+ $data['item_id']
);
$tmp = cryption($data_current['pw'], "", "decrypt");
$data_current['pw'] = $tmp['string'];
@@ -329,11 +329,11 @@
'.$LANG['label'].' |
'.$data_current['label'].' |
';
- if (!empty($data['label'])) {
+ if (!empty($data['label']) && $data['label'] !== $data_current['label']) {
$html .= '
|
- | ';
+ | ';
} else {
$html .= ' | | ';
}
@@ -342,11 +342,11 @@
| '.$LANG['pw'].' |
'.$data_current['pw'].' | ';
- if (!empty($data['pw'])) {
+ if (!empty($data['pw']) && $data['pw'] !== $data_current['pw']) {
$html .= '
|
- | ';
+ | ';
} else {
$html .= ' | | ';
}
@@ -355,11 +355,11 @@
| '.$LANG['index_login'].' |
'.$data_current['login'].' | ';
- if (!empty($data['login'])) {
+ if (!empty($data['login']) && $data['login'] !== $data_current['login']) {
$html .= '
|
- | ';
+ | ';
} else {
$html .= ' | | ';
}
@@ -368,11 +368,11 @@
| '.$LANG['email'].' |
'.$data_current['email'].' | ';
- if (!empty($data['email'])) {
+ if (!empty($data['email']) && $data['email'] !== $data_current['email']) {
$html .= '
|
- | ';
+ | ';
} else {
$html .= ' | | ';
}
@@ -381,11 +381,11 @@
| '.$LANG['url'].' |
'.$data_current['url'].' | ';
- if (!empty($data['url'])) {
+ if (!empty($data['url']) && $data['url'] !== $data_current['url']) {
$html .= '
|
- | ';
+ | ';
} else {
$html .= ' | | ';
}
@@ -396,7 +396,9 @@
-
';
+
+
+ ';
echo prepareExchangedData(
array(
@@ -406,5 +408,92 @@
"encode"
);
break;
+
+
+ case "approve_item_change":
+ // Check KEY
+ if ($_POST['key'] != $_SESSION['key']) {
+ echo '[ { "error" : "key_not_conform" } ]';
+ break;
+ }
+
+ // read changes proposal
+ $data = DB::queryfirstrow(
+ "SELECT * FROM ".$pre."items_change WHERE id = %i",
+ $_POST['id']
+ );
+
+ // read current item
+ $current_item = DB::queryfirstrow(
+ "SELECT * FROM ".$pre."items WHERE id = %i",
+ $data['item_id']
+ );
+
+ // get author login
+ $author = DB::queryfirstrow(
+ "SELECT login FROM ".$pre."users WHERE id = %i",
+ $data['user_id']
+ );
+
+ // prepare query
+ $fields_array = array();
+ $fields_to_update = explode(";", $_POST['data']);
+ foreach ($fields_to_update as $field) {
+ if (!empty($field)) {
+ $fields_array[$field] = $data[$field];
+ }
+ }
+
+ // update item
+ DB::update(
+ prefix_table("items"),
+ $fields_array,
+ "id = %i",
+ $data['item_id']
+ );
+
+ // Log all modifications done
+ foreach ($fields_to_update as $field) {
+ if (!empty($field)) {
+ if ($field !== "pw") {
+ logItems($data['item_id'], $current_item['label'], $data['user_id'], 'at_modification', $author['login'], 'at_'.$field.' : '.$current_item[$field].' => '.$data[$field]);
+ } else if ($field === "description") {
+ logItems($data['item_id'], $current_item['label'], $data['user_id'], 'at_modification', $author['login'], 'at_'.$field);
+ } else {
+ $oldPwClear = cryption(
+ $current_item['pw'],
+ "",
+ "decrypt"
+ );
+ logItems($data['item_id'], $current_item['label'], $data['user_id'], 'at_modification', $author['login'], 'at_'.$field.' : '.$oldPwClear);
+ }
+ }
+ }
+
+ // delete change proposal
+ DB::delete(
+ $pre."items_change",
+ "id = %i",
+ $_POST['id']
+ );
+
+ break;
+
+
+ case "reject_item_change":
+ // Check KEY
+ if ($_POST['key'] != $_SESSION['key']) {
+ echo '[ { "error" : "key_not_conform" } ]';
+ break;
+ }
+
+ // delete change proposal
+ DB::delete(
+ $pre."items_change",
+ "id = %i",
+ $_POST['id']
+ );
+
+ break;
}
}
diff --git a/suggestion.load.php b/suggestion.load.php
index d6ff1c2db..509707f52 100644
--- a/suggestion.load.php
+++ b/suggestion.load.php
@@ -200,6 +200,7 @@ function viewSuggestion(id) {
});
oTable2.fnDraw(false);
}
+ $('#tabs').tooltipster({multiple: true});
}
});
@@ -345,32 +346,57 @@ function(data) {
title: "",
buttons: {
"": function() {
+ $("#suggestion_view_wait").html(" ".addslashes($LANG['please_wait'])."...";?>").show();
+
+ // select fields to update
+ var fields_to_update = "";
+ if ($("#confirm_label-check").length !== 0) fields_to_update += "label;";
+ if ($("#confirm_pw-check").length !== 0) fields_to_update += "pw;";
+ if ($("#confirm_login-check").length !== 0) fields_to_update += "login;";
+ if ($("#confirm_url-check").length !== 0) fields_to_update += "url;";
+ if ($("#confirm_email-check").length !== 0) fields_to_update += "email;";
+
$.post(
"sources/suggestion.queries.php",
{
- type : "delete_suggestion",
+ type : "approve_item_change",
id : $("#suggestion_id").val(),
+ data : fields_to_update,
key : ""
},
function(data) {
- $("#div_suggestion_view").dialog("close");
+ $("#suggestion_view_wait").html("");
oTable = $("#t_change").dataTable();
oTable.fnDraw();
+ setTimeout(
+ function() {
+ $("#div_suggestion_view").dialog("close");
+ },
+ 1500
+ );
}
)
},
"": function() {
+ $("#suggestion_view_wait").html(" ".addslashes($LANG['please_wait'])."...";?>").show();
$.post(
"sources/suggestion.queries.php",
{
- type : "delete_suggestion",
+ type : "reject_item_change",
id : $("#suggestion_id").val(),
key : ""
},
function(data) {
- $("#div_suggestion_view").dialog("close");
+
+ $("#suggestion_view_wait").html("");
oTable = $("#t_change").dataTable();
oTable.fnDraw();
+ setTimeout(
+ function() {
+ $("#div_suggestion_view").dialog("close");
+ },
+ 1500
+ );
}
)
},
@@ -405,7 +431,7 @@ function(data) {
console.log($(this).attr("id"));
var tmp = $(this).attr("id").split('-');
$("#"+tmp[0]).html('');
- tmp = tmp[0].split('_');console.log(tmp[1]+"_change");
+ tmp = tmp[0].split('_');
$("#"+tmp[1]+"_change").val("").remove();
});
}