From a8040ce03bd1eb71ece958897c38d760e9d4bb56 Mon Sep 17 00:00:00 2001
From: nuxsmin <nuxsmin@syspass.org>
Date: Mon, 6 Mar 2017 22:40:14 +0100
Subject: [PATCH] * [FIX] Fixed hashing issue on user's password reset. Related
 #474

---
 ajax/ajax_passReset.php                     |  5 ++-
 inc/SP/Auth/AuthUtil.class.php              |  2 +-
 inc/SP/Controller/LoginController.class.php |  2 +-
 js/app-actions.js                           |  2 +-
 js/app-actions.min.js                       |  4 +--
 js/app-main.js                              |  4 +++
 js/app-main.min.js                          | 39 +++++++++++----------
 7 files changed, 31 insertions(+), 27 deletions(-)

diff --git a/ajax/ajax_passReset.php b/ajax/ajax_passReset.php
index 1f84befc..400dba18 100644
--- a/ajax/ajax_passReset.php
+++ b/ajax/ajax_passReset.php
@@ -27,7 +27,6 @@ use SP\Core\SessionUtil;
 use SP\Core\Exceptions\SPException;
 use SP\Http\JsonResponse;
 use SP\Http\Request;
-use SP\Http\Response;
 use SP\Log\Email;
 use SP\Log\Log;
 use SP\Mgmt\Users\User;
@@ -81,7 +80,6 @@ if ($userLogin && $userEmail) {
 
     Email::sendEmail($LogMessage);
 
-    $JsonResponse->setStatus(0);
     $JsonResponse->setDescription($LogMessage->getDescription());
     Json::returnJson($JsonResponse);
 } elseif ($userPass && $userPassR && $userPass === $userPassR) {
@@ -106,5 +104,6 @@ if ($userLogin && $userEmail) {
     $JsonResponse->setDescription($LogMessage->getDescription());
     Json::returnJson($JsonResponse);
 } else {
-    Response::printJson(__('La clave es incorrecta o no coincide'));
+    $JsonResponse->setDescription(_('La clave es incorrecta o no coincide'));
+    Json::returnJson($JsonResponse);
 }
\ No newline at end of file
diff --git a/inc/SP/Auth/AuthUtil.class.php b/inc/SP/Auth/AuthUtil.class.php
index 56f67dbb..39bdb51d 100644
--- a/inc/SP/Auth/AuthUtil.class.php
+++ b/inc/SP/Auth/AuthUtil.class.php
@@ -55,7 +55,7 @@ class AuthUtil
             && !$UserData->isUserIsLdap()
             && !UserPassRecover::checkPassRecoverLimit($UserData)
         ) {
-            $hash = Util::generateRandomBytes();
+            $hash = Util::generateRandomBytes(16);
 
             $LogMessage = new LogMessage();
             $LogMessage->setAction(__('Cambio de Clave'));
diff --git a/inc/SP/Controller/LoginController.class.php b/inc/SP/Controller/LoginController.class.php
index dcb8898e..b79d7fee 100644
--- a/inc/SP/Controller/LoginController.class.php
+++ b/inc/SP/Controller/LoginController.class.php
@@ -263,7 +263,7 @@ class LoginController
 
             throw new AuthException(SPException::SP_INFO, __('Usuario deshabilitado', false), '', self::STATUS_USER_DISABLED);
         } elseif ($this->UserData->isUserIsChangePass()) {
-            $hash = Util::generateRandomBytes();
+            $hash = Util::generateRandomBytes(16);
 
             $UserPassRecoverData = new UserPassRecoverData();
             $UserPassRecoverData->setUserpassrUserId($this->UserData->getUserId());
diff --git a/js/app-actions.js b/js/app-actions.js
index 136891d0..8e5eb4b9 100644
--- a/js/app-actions.js
+++ b/js/app-actions.js
@@ -311,7 +311,7 @@ sysPass.Actions = function (Common) {
                 if (json.status == 0) {
                     setTimeout(function () {
                         Common.redirect("index.php");
-                    }, 1000);
+                    }, 2000);
                 }
             });
         }
diff --git a/js/app-actions.min.js b/js/app-actions.min.js
index 60e137a6..34bb2d6d 100644
--- a/js/app-actions.min.js
+++ b/js/app-actions.min.js
@@ -1,5 +1,5 @@
 var $jscomp={scope:{},findInternal:function(c,d,k){c instanceof String&&(c=String(c));for(var f=c.length,g=0;g<f;g++){var l=c[g];if(d.call(k,l,g,c))return{i:g,v:l}}return{i:-1,v:void 0}}};$jscomp.defineProperty="function"==typeof Object.defineProperties?Object.defineProperty:function(c,d,k){if(k.get||k.set)throw new TypeError("ES3 does not support getters and setters.");c!=Array.prototype&&c!=Object.prototype&&(c[d]=k.value)};
-$jscomp.getGlobal=function(c){return"undefined"!=typeof window&&window===c?c:"undefined"!=typeof global&&null!=global?global:c};$jscomp.global=$jscomp.getGlobal(this);$jscomp.polyfill=function(c,d,k,f){if(d){k=$jscomp.global;c=c.split(".");for(f=0;f<c.length-1;f++){var g=c[f];g in k||(k[g]={});k=k[g]}c=c[c.length-1];f=k[c];d=d(f);d!=f&&null!=d&&$jscomp.defineProperty(k,c,{configurable:!0,writable:!0,value:d})}};
+$jscomp.getGlobal=function(c){return"undefined"!=typeof window&&window===c?c:"undefined"!=typeof global?global:c};$jscomp.global=$jscomp.getGlobal(this);$jscomp.polyfill=function(c,d,k,f){if(d){k=$jscomp.global;c=c.split(".");for(f=0;f<c.length-1;f++){var g=c[f];g in k||(k[g]={});k=k[g]}c=c[c.length-1];f=k[c];d=d(f);d!=f&&null!=d&&$jscomp.defineProperty(k,c,{configurable:!0,writable:!0,value:d})}};
 $jscomp.polyfill("Array.prototype.find",function(c){return c?c:function(c,k){return $jscomp.findInternal(this,c,k).v}},"es6-impl","es3");
 sysPass.Actions=function(c){var d=c.log,k=0,f={doAction:"/ajax/ajax_getContent.php",updateItems:"/ajax/ajax_getItems.php",user:{savePreferences:"/ajax/ajax_userPrefsSave.php",password:"/ajax/ajax_usrpass.php",passreset:"/ajax/ajax_passReset.php"},main:{login:"/ajax/ajax_doLogin.php",install:"/ajax/ajax_install.php",upgrade:"/ajax/ajax_upgrade.php",getUpdates:"/ajax/ajax_checkUpds.php",task:"/ajax/ajax_task.php"},checks:"/ajax/ajax_checkConnection.php",config:{save:"/ajax/ajax_configSave.php","export":"/ajax/ajax_configSave.php",
 "import":"/ajax/ajax_configSave.php"},file:"/ajax/ajax_filesMgmt.php",link:"/ajax/ajax_itemSave.php",plugin:"/ajax/ajax_itemSave.php",account:{save:"/ajax/ajax_itemSave.php",saveFavorite:"/ajax/ajax_itemSave.php",request:"/ajax/ajax_itemSave.php",getFiles:"/ajax/ajax_accGetFiles.php",search:"/ajax/ajax_accSearch.php"},appMgmt:{show:"/ajax/ajax_itemShow.php",save:"/ajax/ajax_itemSave.php",search:"/ajax/ajax_itemSearch.php"},eventlog:"/ajax/ajax_eventlog.php",wiki:{show:"/ajax/ajax_wiki.php"},notice:{show:"/ajax/ajax_noticeShow.php",
@@ -34,7 +34,7 @@ b.useFullLoading=!0;b.data=a.serialize();c.appRequests().getActionCall(b,functio
 "export":function(a){d.info("config:export");var b=c.appRequests().getRequestOpts();b.url=f.config["export"];b.data=a.serialize();c.appRequests().getActionCall(b,function(b){c.msg.out(b);0===b.status&&void 0!==a.data("nextaction-id")&&g({actionId:a.data("nextaction-id"),itemId:a.data("activetab")})})},"import":function(a){d.info("config:import");var b=c.appRequests().getRequestOpts();b.url=f.config["import"];b.data=a.serialize();c.appRequests().getActionCall(b,function(b){c.msg.out(b);0===b.status&&
 void 0!==a.data("nextaction-id")&&g({actionId:a.data("nextaction-id"),itemId:a.data("activetab")})})},refreshMpass:function(a){d.info("config:import");var b=c.appRequests().getRequestOpts();b.url=f.config.save;b.data={actionId:a.data("action-id"),itemId:a.data("item-id"),sk:a.data("sk"),isAjax:1};c.appRequests().getActionCall(b,function(a){c.msg.out(a)})}},main:q,user:{savePreferences:function(a){d.info("user:savePreferences");var b=c.appRequests().getRequestOpts();b.url=f.user.savePreferences;b.data=
 a.serialize();c.appRequests().getActionCall(b,function(a){c.msg.out(a);setTimeout(function(){c.redirect("index.php")},2E3)})},saveSecurity:function(a){d.info("user:saveSecurity");var b=c.appRequests().getRequestOpts();b.url=f.user.savePreferences;b.data=a.serialize();c.appRequests().getActionCall(b,function(b){c.msg.out(b);g({actionId:a.data("nextaction-id"),itemId:a.data("activetab")})})},password:function(a){d.info("user:password");var b=c.appRequests().getRequestOpts();b.type="html";b.method="get";
-b.url=f.user.password;b.data={actionId:a.data("action-id"),itemId:a.data("item-id"),sk:a.data("sk"),isAjax:1};c.appRequests().getActionCall(b,function(b){0===b.length?q.logout():l(a,b)})},passreset:function(a){d.info("user:passreset");var b=c.appRequests().getRequestOpts();b.url=f.user.passreset;b.data=a.serialize();c.appRequests().getActionCall(b,function(a){c.msg.out(a);0==a.status&&setTimeout(function(){c.redirect("index.php")},1E3)})}},link:{save:function(a){d.info("link:save");var b=c.appRequests().getRequestOpts();
+b.url=f.user.password;b.data={actionId:a.data("action-id"),itemId:a.data("item-id"),sk:a.data("sk"),isAjax:1};c.appRequests().getActionCall(b,function(b){0===b.length?q.logout():l(a,b)})},passreset:function(a){d.info("user:passreset");var b=c.appRequests().getRequestOpts();b.url=f.user.passreset;b.data=a.serialize();c.appRequests().getActionCall(b,function(a){c.msg.out(a);0==a.status&&setTimeout(function(){c.redirect("index.php")},2E3)})}},link:{save:function(a){d.info("link:save");var b=c.appRequests().getRequestOpts();
 b.url=f.link;b.data={itemId:a.data("item-id"),actionId:a.data("action-id"),sk:c.sk.get(),isAjax:1};var e='<div id="alert"><p id="alert-text">'+c.config().LANG[48]+"</p></div>";showDialog({text:e,negative:{title:c.config().LANG[44],onClick:function(a){a.preventDefault();c.appRequests().getActionCall(b,function(a){c.msg.out(a)})}},positive:{title:c.config().LANG[43],onClick:function(e){e.preventDefault();b.data.notify=1;c.appRequests().getActionCall(b,function(b){c.msg.out(b);g({actionId:a.data("nextaction-id"),
 itemId:a.data("item-id")})})}}})},refresh:function(a){d.info("link:refresh");var b={itemId:a.data("item-id"),actionId:a.data("action-id"),sk:c.sk.get(),activeTab:a.data("activetab")},e=c.appRequests().getRequestOpts();e.url=f.link;e.data=b;c.appRequests().getActionCall(e,function(b){c.msg.out(b);0===b.status&&g({actionId:a.data("nextaction-id"),itemId:a.data("activetab")})})}},eventlog:{nav:function(a){if(void 0===a.data("start"))return!1;var b=c.appRequests().getRequestOpts();b.url=f.eventlog;b.method=
 "get";b.type="html";b.data={actionId:a.data("action-id"),sk:c.sk.get(),isAjax:1,start:a.data("start"),count:a.data("count"),current:a.data("current")};c.appRequests().getActionCall(b,function(a){$("#content").html(a);c.scrollUp()})},clear:function(a){var b='<div id="alert"><p id="alert-text">'+c.config().LANG[20]+"</p></div>";showDialog({text:b,negative:{title:c.config().LANG[44],onClick:function(a){a.preventDefault();c.msg.error(c.config().LANG[44])}},positive:{title:c.config().LANG[43],onClick:function(b){b.preventDefault();
diff --git a/js/app-main.js b/js/app-main.js
index 79433a9f..f5930e99 100644
--- a/js/app-main.js
+++ b/js/app-main.js
@@ -189,6 +189,10 @@ sysPass.Main = function () {
                         msg.ok(description);
                         msg.sticky(description);
                         break;
+                    case 101:
+                        msg.error(description);
+                        msg.sticky(description);
+                        break;
                     default:
                         msg.error(description);
                 }
diff --git a/js/app-main.min.js b/js/app-main.min.js
index 99658f8e..df7767a8 100644
--- a/js/app-main.min.js
+++ b/js/app-main.min.js
@@ -1,22 +1,23 @@
 var $jscomp={scope:{}};$jscomp.defineProperty="function"==typeof Object.defineProperties?Object.defineProperty:function(a,g,f){if(f.get||f.set)throw new TypeError("ES3 does not support getters and setters.");a!=Array.prototype&&a!=Object.prototype&&(a[g]=f.value)};$jscomp.getGlobal=function(a){return"undefined"!=typeof window&&window===a?a:"undefined"!=typeof global?global:a};$jscomp.global=$jscomp.getGlobal(this);$jscomp.SYMBOL_PREFIX="jscomp_symbol_";
 $jscomp.initSymbol=function(){$jscomp.initSymbol=function(){};$jscomp.global.Symbol||($jscomp.global.Symbol=$jscomp.Symbol)};$jscomp.symbolCounter_=0;$jscomp.Symbol=function(a){return $jscomp.SYMBOL_PREFIX+(a||"")+$jscomp.symbolCounter_++};
 $jscomp.initSymbolIterator=function(){$jscomp.initSymbol();var a=$jscomp.global.Symbol.iterator;a||(a=$jscomp.global.Symbol.iterator=$jscomp.global.Symbol("iterator"));"function"!=typeof Array.prototype[a]&&$jscomp.defineProperty(Array.prototype,a,{configurable:!0,writable:!0,value:function(){return $jscomp.arrayIterator(this)}});$jscomp.initSymbolIterator=function(){}};$jscomp.arrayIterator=function(a){var g=0;return $jscomp.iteratorPrototype(function(){return g<a.length?{done:!1,value:a[g++]}:{done:!0}})};
-$jscomp.iteratorPrototype=function(a){$jscomp.initSymbolIterator();a={next:a};a[$jscomp.global.Symbol.iterator]=function(){return this};return a};$jscomp.array=$jscomp.array||{};$jscomp.iteratorFromArray=function(a,g){$jscomp.initSymbolIterator();a instanceof String&&(a+="");var f=0,c={next:function(){if(f<a.length){var e=f++;return{value:g(e,a[e]),done:!1}}c.next=function(){return{done:!0,value:void 0}};return c.next()}};c[Symbol.iterator]=function(){return c};return c};
-$jscomp.polyfill=function(a,g,f,c){if(g){f=$jscomp.global;a=a.split(".");for(c=0;c<a.length-1;c++){var e=a[c];e in f||(f[e]={});f=f[e]}a=a[a.length-1];c=f[a];g=g(c);g!=c&&null!=g&&$jscomp.defineProperty(f,a,{configurable:!0,writable:!0,value:g})}};$jscomp.polyfill("Array.prototype.keys",function(a){return a?a:function(){return $jscomp.iteratorFromArray(this,function(a){return a})}},"es6-impl","es3");
-$jscomp.findInternal=function(a,g,f){a instanceof String&&(a=String(a));for(var c=a.length,e=0;e<c;e++){var m=a[e];if(g.call(f,m,e,a))return{i:e,v:m}}return{i:-1,v:void 0}};$jscomp.polyfill("Array.prototype.find",function(a){return a?a:function(a,f){return $jscomp.findInternal(this,a,f).v}},"es6-impl","es3");
-sysPass.Main=function(){var a={APP_ROOT:"",LANG:[],PK:"",MAX_FILE_SIZE:1024,CRYPT:new JSEncrypt,CHECK_UPDATES:!1,TIMEZONE:"",LOCALE:"",DEBUG:""},g={passLength:0,minPasswordLength:8,complexity:{chars:!0,numbers:!0,symbols:!0,uppercase:!0,numlength:12}},f={},c={},e={},m={},q={},n={},h={log:function(b){!0===a.DEBUG&&console.log(b)},info:function(b){!0===a.DEBUG&&console.info(b)},error:function(b){console.error(b)},warn:function(b){console.warn(b)},debug:function(b){!0===a.DEBUG&&console.debug(b)}};toastr.options=
-{closeButton:!0,debug:!1,newestOnTop:!1,progressBar:!1,positionClass:"toast-top-center",preventDuplicates:!1,onclick:null,showDuration:"300",hideDuration:"1000",timeOut:"5000",extendedTimeOut:"1000",showEasing:"swing",hideEasing:"linear",showMethod:"fadeIn",hideMethod:"fadeOut"};var w=function(){h.info("setupCallbacks");var b=$("#container").data("page");if(""!==b&&"function"===typeof c.views[b])c.views[b]();0<$("footer").length&&c.views.footer();$("#btnBack").click(function(){r("index.php")});c.bodyHooks()},
-l={ok:function(b){toastr.success(b)},error:function(b){toastr.error(b)},warn:function(b){toastr.warning(b)},info:function(b){toastr.info(b)},sticky:function(b,k){var d={timeOut:0};"function"===typeof k&&(d.onHidden=k);toastr.warning(b,a.LANG[60],d)},out:function(b){if("object"===typeof b){var a=b.status,d=b.description;void 0!==b.messages&&0<b.messages.length&&(d=d+"<br>"+b.messages.join("<br>"));switch(a){case 0:l.ok(d);break;case 1:case 2:case 4:l.error(d);break;case 3:l.warn(d);break;case 10:e.main.logout();
-break;case 100:l.ok(d);l.sticky(d);break;default:l.error(d)}}},html:{error:function(b){return'<p class="error round">Oops...<br>'+a.LANG[1]+"<br>"+b+"</p>"}}},x=function(b){h.info("getEnvironment");var k=window.location.pathname.split("/");a.APP_ROOT=window.location.protocol+"//"+window.location.host+function(){for(var b="",a=1;a<=k.length-2;a++)b+="/"+k[a];return b}();var d=m.getRequestOpts();d.url="/ajax/ajax_getEnvironment.php";d.method="get";d.async=!1;d.useLoading=!1;d.data={isAjax:1};m.getActionCall(d,
-function(d){a.LANG=d.lang;a.PK=d.pk;a.CHECK_UPDATES=d.check_updates;a.CRYPT.setPublicKey(d.pk);a.TIMEZONE=d.timezone;a.LOCALE=d.locale;a.DEBUG=d.debug;a.MAX_FILE_SIZE=parseInt(d.max_file_size);"function"===typeof b&&b()})},t={get:function(){h.info("sk:get");return $("#container").attr("data-sk")},set:function(b){h.info("sk:set");$("#container").attr("data-sk",b)}},y=function(){var b=$("#container");if(!b.hasClass("content-no-auto-resize")){var a=$("#content").height()+200;b.css("height",a)}},z=function(){$("html, body").animate({scrollTop:0},
-"slow")},A=function(a){for(var b=[],d,c=window.location.href.slice(window.location.href.indexOf("?")+1).split("&"),f=0;f<c.length;f++)d=c[f].split("="),b.push(d[0]),b[d[0]]=d[1];return void 0!==a&&void 0!==b[a]?b[a]:b},B=function(){h.info("checkLogout");1===parseInt(A("logout"))&&l.sticky(a.LANG[61],function(){r("index.php")})},r=function(a){window.location.replace(a)},C=function(b){var k={actionId:b.data("action-id"),itemId:b.data("item-id"),sk:t.get()},d={requestDoneAction:"",setRequestData:function(a){$.extend(k,
-a)},getRequestData:function(){return k},beforeSendAction:"",url:""},f=function(a){if(void 0===d.url||""===d.url)return!1;var b=new FormData;b.append("inFile",a);b.append("isAjax",1);k.sk=t.get();Object.keys(k).forEach(function(a){b.append(a,k[a])});a=m.getRequestOpts();a.url=d.url;a.processData=!1;a.contentType=!1;a.data=b;m.getActionCall(a,function(a){var b=a.status;a=a.description;0===b?("function"===typeof d.requestDoneAction&&d.requestDoneAction(),l.ok(a)):10===b?e.main.logout():l.error(a)})},
-c=function(d){if(5<d.length)l.error(a.LANG[17]+" (Max: 5)");else for(var k=0;k<d.length;k++){var p=d[k];if(p.size/1E3>a.MAX_FILE_SIZE)l.error(a.LANG[18]+"<br>"+p.name+" (Max: "+a.MAX_FILE_SIZE+")");else{var c;a:{c=p.name;for(var g=b.data("files-ext").toLowerCase().split(","),e=0;e<=g.length;e++)if(-1!==c.indexOf(g[e])){c=!0;break a}c=!1}c?f(d[k]):l.error(a.LANG[19]+"<br>"+p.name)}}},g=function(a){var b=$("#fileUploadForm");!1===a&&b.hide();a=b.find("input[type='file']");a.on("change",function(){"function"===
-typeof d.beforeSendAction&&d.beforeSendAction();c(this.files)});return a};window.File&&window.FileList&&window.FileReader?function(){h.info("fileUpload:init");var a=g(!1);b.on("dragover dragenter",function(a){h.info("fileUpload:drag");a.stopPropagation();a.preventDefault()});b.on("drop",function(a){h.info("fileUpload:drop");a.stopPropagation();a.preventDefault();"function"===typeof d.beforeSendAction&&d.beforeSendAction();c(a.originalEvent.dataTransfer.files)});b.on("click",function(){a.click()})}():
-g(!0);return d},D=function(a){h.info("checkPassLevel");g.passLength=a.val().length;v(zxcvbn(a.val()),a)},v=function(b,k){h.info("outputResult");var d=$(".passLevel-"+k.attr("id")),c=b.score;d.show();d.removeClass("weak good strong strongest");0===g.passLength?d.attr("title","").empty():g.passLength<g.minPasswordLength?d.attr("title",a.LANG[11]).addClass("weak"):0===c?d.attr("title",a.LANG[9]+" - "+b.feedback.warning).addClass("weak"):1===c||2===c?d.attr("title",a.LANG[8]+" - "+b.feedback.warning).addClass("good"):
-3===c?d.attr("title",a.LANG[7]).addClass("strong"):4===c&&d.attr("title",a.LANG[10]).addClass("strongest")},E=function(b){$(b).find(".checkbox").button({icons:{primary:"ui-icon-transferthick-e-w"}}).click(function(){var b=$(this);!0===b.prop("checked")?b.button("option","label",a.LANG[40]):b.button("option","label",a.LANG[41])})},u=function(b){h.info("encryptFormValue");var c=b.val();""!==c&&parseInt(b.attr("data-length"))!==c.length&&(c=a.CRYPT.encrypt(c),b.val(c),b.attr("data-length",c.length))},
-F=function(){h.info("initializeClipboard");var b=new Clipboard(".clip-pass-button",{text:function(a){return e.account.copypass($(a)).responseJSON.data.accpass}});b.on("success",function(b){l.ok(a.LANG[45])});b.on("error",function(b){l.error(a.LANG[46])});var b=new Clipboard(".dialog-clip-pass-button"),c=new Clipboard(".dialog-clip-user-button");b.on("success",function(a){$(".dialog-user-text").removeClass("dialog-clip-copy");$(".dialog-pass-text").addClass("dialog-clip-copy");a.clearSelection()});
-c.on("success",function(a){$(".dialog-pass-text").removeClass("dialog-clip-copy");$(".dialog-user-text").addClass("dialog-clip-copy");a.clearSelection()});(new Clipboard(".clip-pass-icon")).on("success",function(b){l.ok(a.LANG[45]);b.clearSelection()})},G=function(){h.info("bindPassEncrypt");$("body").on("blur",":input[type=password]",function(a){a=$(this);a.hasClass("passwordfield__no-pki")||u(a)}).on("keypress",":input[type=password]",function(a){13===a.keyCode&&(a.preventDefault(),a=$(this),u(a),
-a.closest("form").submit())})},H=function(a,c){console.info("Eval: "+a);if("function"===typeof a)a(c);else throw Error("Function not found: "+a);},I=function(a){h.info("resizeImage");var b=.9*$(window).width(),d=.9*$(window).height(),c={width:a.width(),height:a.height()},f={calc:0,main:0,secondary:0,factor:.9,rel:c.width/c.height},g=function(a){a.main>a.secondary?a.calc=a.main/a.rel:a.main<a.secondary&&(a.calc=a.main*a.rel);a.calc>a.secondary&&(a.main*=a.factor,g(a));return a},e=function(){f.main=
-b;f.secondary=d;var e=g(f);a.css({width:e.main,height:e.calc});c.width=e.main;c.height=e.calc},l=function(){f.main=d;f.secondary=b;var e=g(f);a.css({width:e.calc,height:e.main});c.width=e.calc;c.height=e.main};c.width>b?e():c.height>d&&(h.info("height"),l());return c},J=function(){return $.extend({log:h,config:function(){return a},appTheme:function(){return f},appActions:function(){return e},appTriggers:function(){return c},appRequests:function(){return m},evalAction:H,resizeImage:I},q)},K=function(){return{actions:function(){return e},
-triggers:function(){return c},theme:function(){return f},sk:t,msg:l,log:h,passToClip:0,passwordData:g,outputResult:v,checkboxDetect:E,checkPassLevel:D,encryptFormValue:u,fileUpload:C,redirect:r,scrollUp:z,setContentSize:y}};(function(){h.info("init");q=K();n=J();c=sysPass.Triggers(n);e=sysPass.Actions(n);m=sysPass.Requests(n);x(function(){""!==a.PK&&G();"function"===typeof sysPass.Theme&&(f=sysPass.Theme(n));!0===a.CHECK_UPDATES&&e.main.getUpdates();F();w();B()})})();return q};
+$jscomp.iteratorPrototype=function(a){$jscomp.initSymbolIterator();a={next:a};a[$jscomp.global.Symbol.iterator]=function(){return this};return a};$jscomp.array=$jscomp.array||{};$jscomp.iteratorFromArray=function(a,g){$jscomp.initSymbolIterator();a instanceof String&&(a+="");var f=0,d={next:function(){if(f<a.length){var e=f++;return{value:g(e,a[e]),done:!1}}d.next=function(){return{done:!0,value:void 0}};return d.next()}};d[Symbol.iterator]=function(){return d};return d};
+$jscomp.polyfill=function(a,g,f,d){if(g){f=$jscomp.global;a=a.split(".");for(d=0;d<a.length-1;d++){var e=a[d];e in f||(f[e]={});f=f[e]}a=a[a.length-1];d=f[a];g=g(d);g!=d&&null!=g&&$jscomp.defineProperty(f,a,{configurable:!0,writable:!0,value:g})}};$jscomp.polyfill("Array.prototype.keys",function(a){return a?a:function(){return $jscomp.iteratorFromArray(this,function(a){return a})}},"es6-impl","es3");
+$jscomp.findInternal=function(a,g,f){a instanceof String&&(a=String(a));for(var d=a.length,e=0;e<d;e++){var m=a[e];if(g.call(f,m,e,a))return{i:e,v:m}}return{i:-1,v:void 0}};$jscomp.polyfill("Array.prototype.find",function(a){return a?a:function(a,f){return $jscomp.findInternal(this,a,f).v}},"es6-impl","es3");
+sysPass.Main=function(){var a={APP_ROOT:"",LANG:[],PK:"",MAX_FILE_SIZE:1024,CRYPT:new JSEncrypt,CHECK_UPDATES:!1,TIMEZONE:"",LOCALE:"",DEBUG:""},g={passLength:0,minPasswordLength:8,complexity:{chars:!0,numbers:!0,symbols:!0,uppercase:!0,numlength:12}},f={},d={},e={},m={},q={},n={},k={log:function(b){!0===a.DEBUG&&console.log(b)},info:function(b){!0===a.DEBUG&&console.info(b)},error:function(b){console.error(b)},warn:function(b){console.warn(b)},debug:function(b){!0===a.DEBUG&&console.debug(b)}};toastr.options=
+{closeButton:!0,debug:!1,newestOnTop:!1,progressBar:!1,positionClass:"toast-top-center",preventDuplicates:!1,onclick:null,showDuration:"300",hideDuration:"1000",timeOut:"5000",extendedTimeOut:"1000",showEasing:"swing",hideEasing:"linear",showMethod:"fadeIn",hideMethod:"fadeOut"};var w=function(){k.info("setupCallbacks");var b=$("#container").data("page");if(""!==b&&"function"===typeof d.views[b])d.views[b]();0<$("footer").length&&d.views.footer();$("#btnBack").click(function(){r("index.php")});d.bodyHooks()},
+h={ok:function(b){toastr.success(b)},error:function(b){toastr.error(b)},warn:function(b){toastr.warning(b)},info:function(b){toastr.info(b)},sticky:function(b,l){var c={timeOut:0};"function"===typeof l&&(c.onHidden=l);toastr.warning(b,a.LANG[60],c)},out:function(b){if("object"===typeof b){var a=b.status,c=b.description;void 0!==b.messages&&0<b.messages.length&&(c=c+"<br>"+b.messages.join("<br>"));switch(a){case 0:h.ok(c);break;case 1:case 2:case 4:h.error(c);break;case 3:h.warn(c);break;case 10:e.main.logout();
+break;case 100:h.ok(c);h.sticky(c);break;case 101:h.error(c);h.sticky(c);break;default:h.error(c)}}},html:{error:function(b){return'<p class="error round">Oops...<br>'+a.LANG[1]+"<br>"+b+"</p>"}}},x=function(b){k.info("getEnvironment");var l=window.location.pathname.split("/");a.APP_ROOT=window.location.protocol+"//"+window.location.host+function(){for(var b="",a=1;a<=l.length-2;a++)b+="/"+l[a];return b}();var c=m.getRequestOpts();c.url="/ajax/ajax_getEnvironment.php";c.method="get";c.async=!1;c.useLoading=
+!1;c.data={isAjax:1};m.getActionCall(c,function(c){a.LANG=c.lang;a.PK=c.pk;a.CHECK_UPDATES=c.check_updates;a.CRYPT.setPublicKey(c.pk);a.TIMEZONE=c.timezone;a.LOCALE=c.locale;a.DEBUG=c.debug;a.MAX_FILE_SIZE=parseInt(c.max_file_size);"function"===typeof b&&b()})},t={get:function(){k.info("sk:get");return $("#container").attr("data-sk")},set:function(b){k.info("sk:set");$("#container").attr("data-sk",b)}},y=function(){var b=$("#container");if(!b.hasClass("content-no-auto-resize")){var a=$("#content").height()+
+200;b.css("height",a)}},z=function(){$("html, body").animate({scrollTop:0},"slow")},A=function(a){for(var b=[],c,d=window.location.href.slice(window.location.href.indexOf("?")+1).split("&"),f=0;f<d.length;f++)c=d[f].split("="),b.push(c[0]),b[c[0]]=c[1];return void 0!==a&&void 0!==b[a]?b[a]:b},B=function(){k.info("checkLogout");1===parseInt(A("logout"))&&h.sticky(a.LANG[61],function(){r("index.php")})},r=function(a){window.location.replace(a)},C=function(b){var l={actionId:b.data("action-id"),itemId:b.data("item-id"),
+sk:t.get()},c={requestDoneAction:"",setRequestData:function(a){$.extend(l,a)},getRequestData:function(){return l},beforeSendAction:"",url:""},f=function(a){if(void 0===c.url||""===c.url)return!1;var b=new FormData;b.append("inFile",a);b.append("isAjax",1);l.sk=t.get();Object.keys(l).forEach(function(a){b.append(a,l[a])});a=m.getRequestOpts();a.url=c.url;a.processData=!1;a.contentType=!1;a.data=b;m.getActionCall(a,function(a){var b=a.status;a=a.description;0===b?("function"===typeof c.requestDoneAction&&
+c.requestDoneAction(),h.ok(a)):10===b?e.main.logout():h.error(a)})},d=function(c){if(5<c.length)h.error(a.LANG[17]+" (Max: 5)");else for(var l=0;l<c.length;l++){var p=c[l];if(p.size/1E3>a.MAX_FILE_SIZE)h.error(a.LANG[18]+"<br>"+p.name+" (Max: "+a.MAX_FILE_SIZE+")");else{var d;a:{d=p.name;for(var g=b.data("files-ext").toLowerCase().split(","),e=0;e<=g.length;e++)if(-1!==d.indexOf(g[e])){d=!0;break a}d=!1}d?f(c[l]):h.error(a.LANG[19]+"<br>"+p.name)}}},g=function(a){var b=$("#fileUploadForm");!1===a&&
+b.hide();a=b.find("input[type='file']");a.on("change",function(){"function"===typeof c.beforeSendAction&&c.beforeSendAction();d(this.files)});return a};window.File&&window.FileList&&window.FileReader?function(){k.info("fileUpload:init");var a=g(!1);b.on("dragover dragenter",function(a){k.info("fileUpload:drag");a.stopPropagation();a.preventDefault()});b.on("drop",function(a){k.info("fileUpload:drop");a.stopPropagation();a.preventDefault();"function"===typeof c.beforeSendAction&&c.beforeSendAction();
+d(a.originalEvent.dataTransfer.files)});b.on("click",function(){a.click()})}():g(!0);return c},D=function(a){k.info("checkPassLevel");g.passLength=a.val().length;v(zxcvbn(a.val()),a)},v=function(b,l){k.info("outputResult");var c=$(".passLevel-"+l.attr("id")),d=b.score;c.show();c.removeClass("weak good strong strongest");0===g.passLength?c.attr("title","").empty():g.passLength<g.minPasswordLength?c.attr("title",a.LANG[11]).addClass("weak"):0===d?c.attr("title",a.LANG[9]+" - "+b.feedback.warning).addClass("weak"):
+1===d||2===d?c.attr("title",a.LANG[8]+" - "+b.feedback.warning).addClass("good"):3===d?c.attr("title",a.LANG[7]).addClass("strong"):4===d&&c.attr("title",a.LANG[10]).addClass("strongest")},E=function(b){$(b).find(".checkbox").button({icons:{primary:"ui-icon-transferthick-e-w"}}).click(function(){var b=$(this);!0===b.prop("checked")?b.button("option","label",a.LANG[40]):b.button("option","label",a.LANG[41])})},u=function(b){k.info("encryptFormValue");var d=b.val();""!==d&&parseInt(b.attr("data-length"))!==
+d.length&&(d=a.CRYPT.encrypt(d),b.val(d),b.attr("data-length",d.length))},F=function(){k.info("initializeClipboard");var b=new Clipboard(".clip-pass-button",{text:function(a){return e.account.copypass($(a)).responseJSON.data.accpass}});b.on("success",function(b){h.ok(a.LANG[45])});b.on("error",function(b){h.error(a.LANG[46])});var b=new Clipboard(".dialog-clip-pass-button"),d=new Clipboard(".dialog-clip-user-button");b.on("success",function(a){$(".dialog-user-text").removeClass("dialog-clip-copy");
+$(".dialog-pass-text").addClass("dialog-clip-copy");a.clearSelection()});d.on("success",function(a){$(".dialog-pass-text").removeClass("dialog-clip-copy");$(".dialog-user-text").addClass("dialog-clip-copy");a.clearSelection()});(new Clipboard(".clip-pass-icon")).on("success",function(b){h.ok(a.LANG[45]);b.clearSelection()})},G=function(){k.info("bindPassEncrypt");$("body").on("blur",":input[type=password]",function(a){a=$(this);a.hasClass("passwordfield__no-pki")||u(a)}).on("keypress",":input[type=password]",
+function(a){13===a.keyCode&&(a.preventDefault(),a=$(this),u(a),a.closest("form").submit())})},H=function(a,d){console.info("Eval: "+a);if("function"===typeof a)a(d);else throw Error("Function not found: "+a);},I=function(a){k.info("resizeImage");var b=.9*$(window).width(),c=.9*$(window).height(),d={width:a.width(),height:a.height()},f={calc:0,main:0,secondary:0,factor:.9,rel:d.width/d.height},g=function(a){a.main>a.secondary?a.calc=a.main/a.rel:a.main<a.secondary&&(a.calc=a.main*a.rel);a.calc>a.secondary&&
+(a.main*=a.factor,g(a));return a},e=function(){f.main=b;f.secondary=c;var e=g(f);a.css({width:e.main,height:e.calc});d.width=e.main;d.height=e.calc},h=function(){f.main=c;f.secondary=b;var e=g(f);a.css({width:e.calc,height:e.main});d.width=e.calc;d.height=e.main};d.width>b?e():d.height>c&&(k.info("height"),h());return d},J=function(){return $.extend({log:k,config:function(){return a},appTheme:function(){return f},appActions:function(){return e},appTriggers:function(){return d},appRequests:function(){return m},
+evalAction:H,resizeImage:I},q)},K=function(){return{actions:function(){return e},triggers:function(){return d},theme:function(){return f},sk:t,msg:h,log:k,passToClip:0,passwordData:g,outputResult:v,checkboxDetect:E,checkPassLevel:D,encryptFormValue:u,fileUpload:C,redirect:r,scrollUp:z,setContentSize:y}};(function(){k.info("init");q=K();n=J();d=sysPass.Triggers(n);e=sysPass.Actions(n);m=sysPass.Requests(n);x(function(){""!==a.PK&&G();"function"===typeof sysPass.Theme&&(f=sysPass.Theme(n));!0===a.CHECK_UPDATES&&
+e.main.getUpdates();F();w();B()})})();return q};