Skip to content

Commit

Permalink
3.0.10
Browse files Browse the repository at this point in the history 
Fix for #3945

Code review improvements
  • Loading branch information
@nilsteampassnet
nilsteampassnet committed Nov 17, 2023
1 parent 883394a commit 78dd46a
Show file tree
Hide file tree
Showing 30 changed files with 45 additions and 150 deletions.
2 changes: 1 addition & 1 deletion includes/config/include.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
*/
define('TP_VERSION', '3.0.10');
define("UPGRADE_MIN_DATE", "1697990713");
define('TP_VERSION_MINOR', '150');
define('TP_VERSION_MINOR', '151');
define('TP_TOOL_NAME', 'Teampass');
define('TP_ONE_DAY_SECONDS', 86400);
define('TP_ONE_WEEK_SECONDS', 604800);
Expand Down
4 changes: 0 additions & 4 deletions includes/core/load.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,10 +27,6 @@
use TeampassClasses\SuperGlobal\SuperGlobal;
use TeampassClasses\Language\Language;

if (isset($_SESSION['CPM']) === false || (int) $_SESSION['CPM'] !== 1) {
die('Hacking attempt...');
}

// Is maintenance on-going?
if (
isset($SETTINGS['maintenance_mode']) === true
Expand Down
4 changes: 0 additions & 4 deletions includes/core/login.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,6 @@
* @see https://www.teampass.net
*/

if (isset($_SESSION['CPM']) === false || (int) $_SESSION['CPM'] !== 1) {
die('Hacking attempt...');
}

?>
<script type="text/javascript">
var debugJavascript = true;
Expand Down
5 changes: 0 additions & 5 deletions includes/core/logout.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,6 @@

use TeampassClasses\SuperGlobal\SuperGlobal;
use TeampassClasses\Language\Language;
use EZimuel\PHPSecureSession;
use TeampassClasses\PerformChecks\PerformChecks;
use TeampassClasses\NestedTree\NestedTree;

// Load functions
Expand All @@ -47,9 +45,6 @@
throw new Exception("Error file '/includes/config/tp.config.php' not exists", 1);
}

// Load superglobal library
$superGlobal = new SuperGlobal();
$lang = new Language();
$tree = new NestedTree(prefixTable('nested_tree'), 'id', 'parent_id', 'title');
$get = [];
$get['user_id'] = $superGlobal->get('user_id', 'GET');
Expand Down
6 changes: 1 addition & 5 deletions pages/2fa.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,11 +37,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
2 changes: 1 addition & 1 deletion pages/admin.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -171,7 +171,7 @@ function(data) {

// <- PREPARE SELECT2
$('.select2').select2({
language: '<?php echo isset($_SESSION['user_language_code']) === true ? $_SESSION['user_language_code'] : 'EN'; ?>'
language: '<?php echo $userLang = $superGlobal->get('user_language_code', 'SESSION'); echo isset($userLang) === null ? $userLang : 'EN'; ?>'
});

/**
Expand Down
6 changes: 1 addition & 5 deletions pages/api.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
6 changes: 1 addition & 5 deletions pages/backups.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
6 changes: 1 addition & 5 deletions pages/emails.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
10 changes: 3 additions & 7 deletions pages/export.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down Expand Up @@ -89,7 +85,7 @@

// Prepare Select2 inputs
$('.select2').select2({
language: '<?php echo $_SESSION['user_language_code']; ?>'
language: '<?php echo $superGlobal->get('user_language_code', 'SESSION'); ?>'
});

// Select2 with buttons selectall
Expand Down Expand Up @@ -147,7 +143,7 @@ function SelectAll() {}
});

$('.select2-all').select2({
language: '<?php echo $_SESSION['user_language_code']; ?>',
language: '<?php echo $superGlobal->get('user_language_code', 'SESSION'); ?>',
dropdownAdapter: $.fn.select2.amd.require('select2/selectAllAdapter')
})
.on("change", function(e) {
Expand Down
6 changes: 1 addition & 5 deletions pages/favorites.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
6 changes: 1 addition & 5 deletions pages/fields.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
8 changes: 2 additions & 6 deletions pages/folders.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down Expand Up @@ -738,7 +734,7 @@ function(data) {
});

$('.select2').select2({
language: '<?php echo $_SESSION['user_language_code']; ?>'
language: '<?php echo $superGlobal->get('user_language_code', 'SESSION'); ?>'
});

// Manage status of the checkboxes
Expand Down
8 changes: 2 additions & 6 deletions pages/import.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down Expand Up @@ -89,7 +85,7 @@
$('.select2')
.html(store.get('teampassUser').folders)
.select2({
language: '<?php echo $_SESSION['user_language_code']; ?>'
language: '<?php echo $superGlobal->get('user_language_code', 'SESSION'); ?>'
});


Expand Down
16 changes: 6 additions & 10 deletions pages/items.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,11 +37,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down Expand Up @@ -737,7 +733,7 @@ function(teampassItem) {
format: '<?php echo str_replace(['Y', 'M'], ['yyyy', 'mm'], $SETTINGS['date_format']); ?>',
todayHighlight: true,
todayBtn: true,
language: '<?php echo isset($_SESSION['user_language_code']) === true ? $_SESSION['user_language_code'] : 'en'; ?>'
language: '<?php $userLang = $superGlobal->get('user_language_code', 'SESSION'); echo isset($userLang) === null ? $userLang : 'en'; ?>'
});

// Add track-change class
Expand Down Expand Up @@ -5261,7 +5257,7 @@ function(data) {

// Prepare Select2 inputs
$('.select2').select2({
language: '<?php echo isset($_SESSION['user_language_code']) === true ? $_SESSION['user_language_code'] : 'en'; ?>',
language: '<?php echo $userLang = $superGlobal->get('user_language_code', 'SESSION'); echo isset($userLang) === null ? $userLang : 'en'; ?>',
theme: "bootstrap4",
});

Expand All @@ -5270,7 +5266,7 @@ function(data) {
format: '<?php echo str_replace(['Y', 'M'], ['yyyy', 'mm'], $SETTINGS['date_format']); ?>',
todayHighlight: true,
todayBtn: true,
language: '<?php echo isset($_SESSION['user_language_code']) === true ? $_SESSION['user_language_code'] : 'en'; ?>'
language: '<?php echo $userLang = $superGlobal->get('user_language_code', 'SESSION'); echo isset($userLang) === null ? $userLang : 'en'; ?>'
});

// Prepare Date range picker with time picker
Expand Down Expand Up @@ -5463,7 +5459,7 @@ function(data) {
format: '<?php echo str_replace(['Y', 'M'], ['yyyy', 'mm'], $SETTINGS['date_format']); ?>',
todayHighlight: true,
todayBtn: true,
language: '<?php echo isset($_SESSION['user_language_code']) === true ? $_SESSION['user_language_code'] : 'en'; ?>'
language: '<?php echo $userLang = $superGlobal->get('user_language_code', 'SESSION'); echo isset($userLang) === null ? $userLang : 'en'; ?>'
});

$('#warningModal #add-history-label').focus();
Expand Down Expand Up @@ -5890,7 +5886,7 @@ function(data) {

// Prepare Select2
$('.select2').select2({
language: '<?php echo $_SESSION['user_language_code']; ?>',
language: '<?php echo $superGlobal->get('user_language_code', 'SESSION'); ?>',
theme: "bootstrap4",
});

Expand Down
6 changes: 1 addition & 5 deletions pages/ldap.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
6 changes: 1 addition & 5 deletions pages/options.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
6 changes: 1 addition & 5 deletions pages/profile.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
12 changes: 4 additions & 8 deletions pages/roles.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down Expand Up @@ -102,7 +98,7 @@

// Preapre select drop list
$('#roles-list.select2').select2({
language: '<?php echo $_SESSION['user_language_code']; ?>',
language: '<?php echo $superGlobal->get('user_language_code', 'SESSION'); ?>',
placeholder: '<?php echo $lang->get('select_a_role'); ?>',
allowClear: true
});
Expand All @@ -115,7 +111,7 @@


$('#form-complexity-list.select2').select2({
language: '<?php echo $_SESSION['user_language_code']; ?>'
language: '<?php echo $superGlobal->get('user_language_code', 'SESSION'); ?>'
});

//iCheck for checkbox and radio inputs
Expand Down Expand Up @@ -780,7 +776,7 @@ function(data) {
var selectedOption = $('#roles-list option[value=' + $('#roles-list').find(':selected').val() + ']');
selectedOption.remove();
$("#roles-list").select2({
language: '<?php echo $_SESSION['user_language_code']; ?>',
language: '<?php echo $superGlobal->get('user_language_code', 'SESSION'); ?>',
placeholder: '<?php echo $lang->get('select_a_role'); ?>',
allowClear: true
});
Expand Down
6 changes: 1 addition & 5 deletions pages/search.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
6 changes: 1 addition & 5 deletions pages/statistics.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
6 changes: 1 addition & 5 deletions pages/tasks.js.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,7 @@
$superGlobal = new SuperGlobal();
$lang = new Language();

if (
isset($_SESSION['CPM']) === false || $_SESSION['CPM'] !== 1
|| isset($_SESSION['user_id']) === false || empty($_SESSION['user_id']) === true
|| $superGlobal->get('key', 'SESSION') === null
) {
if ($superGlobal->get('key', 'SESSION') === null) {
die('Hacking attempt...');
}

Expand Down
Loading

0 comments on commit 78dd46a

Please sign in to comment.