Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-04 07:34:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Devel merge into master

Browse Source 
* [ADD] Security improvements preventing common threats (SQL Injection, XSS, CSRF)
* [ADD] Fully MVC
* [ADD] Using PDO for database queries
* [ADD] Using PKI for forms passwords encryption (for insecure channels)
* [ADD] Using TOTP for 2-factor authentication
* [ADD] Custom fields can be created for several modules
* [ADD] Export to sysPass encrypted XML file
* [ADD] View passwords as images
* [ADD] Temporary master password for limited time logins
* [ADD] Password generator with complexity options
* [ADD] API authorizations
* [ADD] New visual theme with Material Design Lite by Google
* [ADD] Theming features
* [ADD] Special searches
* [ADD] Image thumbnail preview
* [MOD] 60% of code rewriting for improve performance and reusability (2x faster)
* [MOD] Better error handling
* [MOD] Better in-context help
This commit is contained in:
nuxsmin
2015-09-23 19:56:21 +02:00
parent 37d9dca7e6 fa19dffefa
commit b7ef6de033
382 changed files with 92151 additions and 33638 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
CHANGELOG
View File

@@ -1,3 +1,24 @@
=== ** v1.2.0.0-rc1 ===
* [ADD] Security improvements preventing common threats (SQL Injection, XSS, CSRF)
* [ADD] Fully MVC
* [ADD] Using PDO for database queries
* [ADD] Using PKI for forms passwords encryption (for insecure channels)
* [ADD] Using TOTP for 2-factor authentication
* [ADD] Custom fields can be created for several modules
* [ADD] Export to sysPass encrypted XML file
* [ADD] View passwords as images
* [ADD] Temporary master password for limited time logins
* [ADD] Password generator with complexity options
* [ADD] API authorizations
* [ADD] New visual theme with Material Design Lite by Google
* [ADD] Theming features
* [ADD] Special searches
* [ADD] Image thumbnail preview
* [MOD] 60% of code rewriting for improve performance and reusability (2x faster)
* [MOD] Better error handling
* [MOD] Better in-context help
=== ** v1.1.2.24 ===
* [FIX] Fixed error on saving files extensions.

21
CHANGELOG-ES
View File

@@ -1,3 +1,24 @@
=== ** v1.2.0.0-rc1 ===
* [ADD] Mejoras de seguridad para prevenir ataques comunes (SQL Injection, XSS, CSRF)
* [ADD] Totalmente MVC
* [ADD] Uso de PDO para consultas a la base de datos
* [ADD] Uso de PKI para encriptar las claves de los formularios (para canales inseguros)
* [ADD] Uso de TOTP para autentificación de doble factor
* [ADD] Campos personalizados para insertarlos en varios módulos
* [ADD] Exportación a formato XML de sysPass encriptado
* [ADD] Visualización de claves como imágenes
* [ADD] Clave maestra temporal para accesos limitados en tiempo
* [ADD] Generador de claves con opciones de complejidad
* [ADD] Autorizaciones de acceso a la API
* [ADD] Nuevo estilo visual com Material Design Lite by Google
* [ADD] Posibilidad de crear temas personalizados
* [ADD] Búsquedas especiales
* [ADD] Previsualización de imágenes en miniatura
* [MOD] Reescrito el 60% del código para mejorar el rendimiento y la reusabilidad (2x más rápido)
* [MOD] Mejoras en el manejo de errores
* [MOD] Mejoras en la ayuda en contexto
=== ** v1.1.2.24 ===
* [FIX] Corregido error al guardar extensiones de archivos.

18
README
View File

@@ -25,8 +25,7 @@
sysPass es una aplicación web en PHP para la gestión de claves en un entorno
multiusuario.
Esta aplicación es derivada de phpPasswordManager, la cual ha sido reescrita
casi por completo, añadiendo nuevas funcionalidades que permiten:
Funcionalidades:
- Seguridad basada en grupos y pefiles de usuario.
- Acceso mediante LDAP y BBDD.
@@ -34,10 +33,12 @@ casi por completo, añadiendo nuevas funcionalidades que permiten:
- Gestión de usuarios, grupos y perfiles.
- Posibilidad de subir adjuntos para las cuentas.
- Log de eventos de auditoría.
- Backup "portable".
- Exportación a XML y packup "portable".
- Enlaces a Wiki.
- Histórico de cambios en cuentas.
- Importación desde phpPMS.
- Importación desde XML, CSV y phpPMS.
- Temas visuales
- Multilenguaje
Para realizar la instalación siga los pasos que se indican en http://wiki.syspass.org/doku.php/es:instalar
@@ -49,8 +50,7 @@ en el archivo COPYING se encuentra una copia de esta.
sysPass is a PHP web based application, for passwords management in a multiuser
environment.
This application derives from phpPasswordManager, that was almost fully rewritten,
and added new features that allows:
Functionalities:
- Group/Profile based security.
- LDAP and DB access.
@@ -58,10 +58,12 @@ and added new features that allows:
- Users/Groups management.
- Attachments can be uploaded.
- Audit event log.
- Backup "portable".
- XML exporting and "portable" backups.
- Wiki links.
- Accounts changes history.
- Import from phpPMS.
- Import from XML, CSV and phpPMS.
- Visual themes
- Multilanguage
To install you can follow steps at http://wiki.syspass.org/doku.php/en:install

9
README.md
View File

@@ -1,8 +1,8 @@
#### ACTUALIZAR / UPDATE
Para actualizar desde 1.0 seguir los pasos en http://wiki.syspass.org/doku.php/es:actualizar
Para actualizar desde 1.1 seguir los pasos en http://wiki.syspass.org/doku.php/es:actualizar
In order to update from 1.0 you need to follow the steps at http://wiki.syspass.org/doku.php/en:upgrade
In order to update from 1.1 you need to follow the steps at http://wiki.syspass.org/doku.php/en:upgrade
----------------
@@ -27,6 +27,9 @@ Installation instructions and changelog at Wiki
----------------
http://syspass.org
http://demo.syspass.org
http://wiki.syspass.org
http://sourceforge.net/projects/syspass
https://github.com/nuxsmin/sysPass

59
ajax/ajax_2fa.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
SP\Request::checkReferer('POST');
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
$userId = SP\Request::analyze('itemId', 0);
$pin = SP\Request::analyze('security_pin', 0);
$twoFa = new \SP\Auth\Auth2FA($userId, $userLogin);
if($userId && $pin && $twoFa->verifyKey($pin)){
\SP\Session::set2FApassed(true);
// Comprobar si existen parámetros adicionales en URL via GET
foreach ($_POST as $param => $value) {
if (preg_match('/g_.*/', $param)) {
$params[] = substr($param, 2) . '=' . $value;
}
}
$urlParams = isset($params) ? '?' . implode('&', $params) : '';
SP\Common::printJSON(_('Código correcto'), 0, 'redirect(\'index.php\')');
} else {
\SP\Session::set2FApassed(false);
SP\Common::printJSON(_('Código incorrecto'));
}

365
ajax/ajax_accountSave.php
View File

@@ -1,5 +1,4 @@
<?php
/**
* sysPass
*
@@ -24,242 +23,242 @@
*
*/
use SP\Request;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
SP_Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$sk = SP_Common::parseParams('p', 'sk', false);
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP_Common::checkSessionKey($sk)) {
SP_Common::printJSON(_('CONSULTA INVÁLIDA'));
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
// Variables POST del formulario
$frmSaveType = SP_Common::parseParams('p', 'savetyp', 0);
$frmAccountId = SP_Common::parseParams('p', 'accountid', 0);
$frmSelCustomer = SP_Common::parseParams('p', 'customerId', 0);
$frmNewCustomer = SP_Common::parseParams('p', 'customer_new');
$frmName = SP_Common::parseParams('p', 'name');
$frmLogin = SP_Common::parseParams('p', 'login');
$frmPassword = SP_Common::parseParams('p', 'password', '', false, false, false);
$frmPasswordV = SP_Common::parseParams('p', 'password2', '', false, false, false);
$frmCategoryId = SP_Common::parseParams('p', 'categoryId', 0);
$frmOtherGroups = SP_Common::parseParams('p', 'othergroups');
$frmOtherUsers = SP_Common::parseParams('p', 'otherusers');
$frmNotes = SP_Common::parseParams('p', 'notice');
$frmUrl = SP_Common::parseParams('p', 'url');
$frmGroupEditEnabled = SP_Common::parseParams('p', 'geditenabled', 0, false, 1);
$frmUserEditEnabled = SP_Common::parseParams('p', 'ueditenabled', 0, false, 1);
$frmChangesHash = SP_Common::parseParams('p', 'hash');
//$frmSaveType = SP_Request::analyze('savetyp', 0);
$actionId = SP\Request::analyze('actionId', 0);
$accountId = SP\Request::analyze('accountid', 0);
$customerId = SP\Request::analyze('customerId', 0);
$newCustomer = SP\Request::analyze('customer_new');
$accountName = SP\Request::analyze('name');
$accountLogin = SP\Request::analyze('login');
$accountPassword = SP\Request::analyze('pass', '', false, false, false);
$accountPasswordR = SP\Request::analyze('passR', '', false, false, false);
$categoryId = SP\Request::analyze('categoryId', 0);
$accountOtherGroups = SP\Request::analyze('othergroups');
$accountOtherUsers = SP\Request::analyze('otherusers');
$accountNotes = SP\Request::analyze('notes');
$accountUrl = SP\Request::analyze('url');
$accountGroupEditEnabled = SP\Request::analyze('geditenabled', 0, false, 1);
$accountUserEditEnabled = SP\Request::analyze('ueditenabled', 0, false, 1);
$accountMainGroupId = SP\Request::analyze('mainGroupId', 0);
$accountChangesHash = SP\Request::analyze('hash');
$customFields = SP\Request::analyze('customfield');
// Datos del Usuario
$userId = SP_Common::parseParams('s', 'uid', 0);
$groupId = SP_Common::parseParams('s', 'ugroup', 0);
$currentUserId = SP\Session::getUserId();
if ($frmSaveType == 1) {
// Comprobaciones para nueva cuenta
if (!$frmName) {
SP_Common::printJSON(_('Es necesario un nombre de cuenta'));
}
if (!$frmSelCustomer && !$frmNewCustomer) {
SP_Common::printJSON(_('Es necesario un nombre de cliente'));
}
if (!$frmLogin) {
SP_Common::printJSON(_('Es necesario un usuario'));
}
if (!$frmPassword) {
SP_Common::printJSON(_('Es necesario una clave'));
}
if ($frmPassword != $frmPasswordV) {
SP_Common::printJSON(_('Las claves no coinciden'));
}
} elseif ($frmSaveType == 2) {
// Comprobaciones para modificación de cuenta
if (!$frmSelCustomer && !$frmNewCustomer) {
SP_Common::printJSON(_('Es necesario un nombre de cliente'));
}
if (!$frmName) {
SP_Common::printJSON(_('Es necesario un nombre de cuenta'));
}
if (!$frmLogin) {
SP_Common::printJSON(_('Es necesario un usuario'));
}
} elseif ($frmSaveType == 3) {
if (!$frmAccountId) {
SP_Common::printJSON(_('Id inválido'));
}
} elseif ($frmSaveType == 4) {
// Comprobaciones para modficación de clave
if (!$frmPassword && !$frmPasswordV) {
SP_Common::printJSON(_('La clave no puede estar en blanco'));
}
if ($frmPassword != $frmPasswordV) {
SP_Common::printJSON(_('Las claves no coinciden'));
}
} elseif ($frmSaveType == 5) {
if (!$frmAccountId) {
SP_Common::printJSON(_('Id inválido'));
}
} else {
SP_Common::printJSON(_('Acción Inválida'));
if ($accountMainGroupId === 0) {
$accountMainGroupId = SP\Session::getUserGroupId();
}
if ($frmSaveType == 1 || $frmSaveType == 4) {
// Comprobar el módulo de encriptación
if (!SP_Crypt::checkCryptModule()) {
SP_Common::printJSON(_('No se puede usar el módulo de encriptación'));
if ($actionId === \SP\Controller\ActionsInterface::ACTION_ACC_NEW) {
// Comprobaciones para nueva cuenta
if (!$accountName) {
SP\Common::printJSON(_('Es necesario un nombre de cuenta'));
} elseif (!$customerId && !$newCustomer) {
SP\Common::printJSON(_('Es necesario un nombre de cliente'));
} elseif (!$accountLogin) {
SP\Common::printJSON(_('Es necesario un usuario'));
} elseif (!$accountPassword || !$accountPasswordR) {
SP\Common::printJSON(_('Es necesaria una clave'));
} elseif (!$categoryId) {
SP\Common::printJSON(_('Es necesario una categoría'));
}
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_ACC_EDIT) {
// Comprobaciones para modificación de cuenta
if (!$customerId && !$newCustomer) {
SP\Common::printJSON(_('Es necesario un nombre de cliente'));
} elseif (!$accountName) {
SP\Common::printJSON(_('Es necesario un nombre de cuenta'));
} elseif (!$accountLogin) {
SP\Common::printJSON(_('Es necesario un usuario'));
} elseif (!$categoryId) {
SP\Common::printJSON(_('Es necesario una categoría'));
}
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_ACC_DELETE) {
if (!$accountId) {
SP\Common::printJSON(_('Id inválido'));
}
} elseif ($actionId == \SP\Controller\ActionsInterface::ACTION_ACC_EDIT_PASS) {
// Comprobaciones para modficación de clave
if (!$accountPassword || !$accountPasswordR) {
SP\Common::printJSON(_('Es necesaria una clave'));
}
} elseif ($actionId == \SP\Controller\ActionsInterface::ACTION_ACC_EDIT_RESTORE) {
if (!$accountId) {
SP\Common::printJSON(_('Id inválido'));
}
} else {
SP\Common::printJSON(_('Acción Inválida'));
}
if ($actionId == \SP\Controller\ActionsInterface::ACTION_ACC_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_ACC_EDIT_PASS
) {
// Desencriptar con la clave RSA
$CryptPKI = new \SP\CryptPKI();
$clearAccountPass = $CryptPKI->decryptRSA(base64_decode($accountPassword));
$clearAccountPassR = $CryptPKI->decryptRSA(base64_decode($accountPasswordR));
if ($clearAccountPass != $clearAccountPassR) {
SP\Common::printJSON(_('Las claves no coinciden'));
}
// Encriptar clave de cuenta
$accountPass = SP_Crypt::mkEncrypt($frmPassword);
if ($accountPass === false || is_null($accountPass)) {
SP_Common::printJSON(_('Error al generar datos cifrados'));
try {
$accountEncPass = SP\Crypt::encryptData($clearAccountPass);
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage());
}
$accountIV = SP_Crypt::$strInitialVector;
}
$account = new SP_Account;
$Account = new SP\Account;
switch ($frmSaveType) {
case 1:
SP_Customer::$customerName = $frmNewCustomer;
switch ($actionId) {
case \SP\Controller\ActionsInterface::ACTION_ACC_NEW:
SP\Customer::$customerName = $newCustomer;
// Comprobar si se ha introducido un nuevo cliente
if ($frmNewCustomer) {
if (!SP_Customer::checkDupCustomer()) {
SP_Common::printJSON(_('Cliente duplicado'));
if ($newCustomer) {
try {
SP\Customer::addCustomer();
$customerId = SP\Customer::$customerLastId;
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage());
}
if (!SP_Customer::addCustomer()) {
SP_Common::printJSON(_('Error al crear el cliente'));
}
$account->accountCustomerId = SP_Customer::$customerLastId;
} else {
$account->accountCustomerId = $frmSelCustomer;
}
$account->accountName = $frmName;
$account->accountCategoryId = $frmCategoryId;
$account->accountLogin = $frmLogin;
$account->accountUrl = $frmUrl;
$account->accountPass = $accountPass;
$account->accountIV = $accountIV;
$account->accountNotes = $frmNotes;
$account->accountUserId = $userId;
$account->accountUserGroupId = $groupId;
$account->accountUserGroupsId = $frmOtherGroups;
$account->accountUsersId = $frmOtherUsers;
$account->accountOtherUserEdit = $frmUserEditEnabled;
$account->accountOtherGroupEdit = $frmGroupEditEnabled;
$Account->setAccountName($accountName);
$Account->setAccountCategoryId($categoryId);
$Account->setAccountCustomerId($customerId);
$Account->setAccountLogin($accountLogin);
$Account->setAccountUrl($accountUrl);
$Account->setAccountPass($accountEncPass['data']);
$Account->setAccountIV($accountEncPass['iv']);
$Account->setAccountNotes($accountNotes);
$Account->setAccountUserId($currentUserId);
$Account->setAccountUserGroupId($accountMainGroupId);
$Account->setAccountUsersId($accountOtherUsers);
$Account->setAccountUserGroupsId($accountOtherGroups);
$Account->setAccountOtherUserEdit($accountUserEditEnabled);
$Account->setAccountOtherGroupEdit($accountGroupEditEnabled);
// Crear cuenta
if ($account->createAccount()) {
SP_Common::printJSON(_('Cuenta creada'), 0);
if ($Account->createAccount()) {
if (is_array($customFields)) {
foreach ($customFields as $id => $value) {
$CustomFields = new \SP\CustomFields($id, $Account->getAccountId(), $value);
$CustomFields->addCustomField();
}
}
SP\Common::printJSON(_('Cuenta creada'), 0);
}
SP_Common::printJSON(_('Error al crear la cuenta'), 0);
SP\Common::printJSON(_('Error al crear la cuenta'), 0);
break;
case 2:
SP_Customer::$customerName = $frmNewCustomer;
$account->accountId = $frmAccountId;
$account->accountName = $frmName;
$account->accountCategoryId = $frmCategoryId;
$account->accountLogin = $frmLogin;
$account->accountUrl = $frmUrl;
$account->accountNotes = $frmNotes;
$account->accountUserEditId = $userId;
$account->accountUserGroupsId = $frmOtherGroups;
$account->accountUsersId = $frmOtherUsers;
$account->accountOtherUserEdit = $frmUserEditEnabled;
$account->accountOtherGroupEdit = $frmGroupEditEnabled;
case \SP\Controller\ActionsInterface::ACTION_ACC_EDIT:
SP\Customer::$customerName = $newCustomer;
// Comprobar si se ha introducido un nuevo cliente
if ($frmNewCustomer) {
if (!SP_Customer::checkDupCustomer()) {
SP_Common::printJSON(_('Cliente duplicado'));
if ($newCustomer) {
try {
SP\Customer::addCustomer();
$customerId = SP\Customer::$customerLastId;
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage());
}
}
if (!SP_Customer::addCustomer()) {
SP_Common::printJSON(_('Error al crear el cliente'));
}
$Account->setAccountId($accountId);
$Account->setAccountName($accountName);
$Account->setAccountCategoryId($categoryId);
$Account->setAccountCustomerId($customerId);
$Account->setAccountLogin($accountLogin);
$Account->setAccountUrl($accountUrl);
$Account->setAccountNotes($accountNotes);
$Account->setAccountUserEditId($currentUserId);
$Account->setAccountUsersId($accountOtherUsers);
$Account->setAccountUserGroupsId($accountOtherGroups);
$Account->setAccountOtherUserEdit($accountUserEditEnabled);
$Account->setAccountOtherGroupEdit($accountGroupEditEnabled);
$account->accountCustomerId = SP_Customer::$customerLastId;
} else {
$account->accountCustomerId = $frmSelCustomer;
// Cambiar el grupo principal si el usuario es Admin
if (SP\Session::getUserIsAdminApp() || SP\Session::getUserIsAdminAcc()) {
$Account->setAccountUserGroupId($accountMainGroupId);
}
// Comprobar si han habido cambios
if ($frmChangesHash == $account->calcChangesHash()) {
SP_Common::printJSON(_('Sin cambios'), 0);
if ($accountChangesHash == $Account->calcChangesHash()) {
SP\Common::printJSON(_('Sin cambios'), 0);
}
// Actualizar cuenta
if ($account->updateAccount()) {
SP_Common::printJSON(_('Cuenta actualizada'), 0);
if ($Account->updateAccount()) {
if (is_array($customFields)) {
foreach ($customFields as $id => $value) {
$CustomFields = new \SP\CustomFields($id, $accountId, $value);
$CustomFields->updateCustomField();
}
}
SP\Common::printJSON(_('Cuenta actualizada'), 0);
}
SP_Common::printJSON(_('Error al modificar la cuenta'));
SP\Common::printJSON(_('Error al modificar la cuenta'));
break;
case 3:
$account->accountId = $frmAccountId;
case \SP\Controller\ActionsInterface::ACTION_ACC_DELETE:
$Account->setAccountId($accountId);
// Eliminar cuenta
if ($account->deleteAccount()) {
SP_Common::printJSON(_('Cuenta eliminada'), 0, "doAction('accsearch');");
if ($Account->deleteAccount() && \SP\CustomFields::deleteCustomFieldForItem($accountId, \SP\Controller\ActionsInterface::ACTION_ACC_NEW)) {
SP\Common::printJSON(_('Cuenta eliminada'), 0, "sysPassUtil.Common.doAction('" . \SP\Controller\ActionsInterface::ACTION_ACC_SEARCH . "');");
}
SP_Common::printJSON(_('Error al eliminar la cuenta'));
SP\Common::printJSON(_('Error al eliminar la cuenta'));
break;
case 4:
$account->accountId = $frmAccountId;
$account->accountPass = $accountPass;
$account->accountIV = $accountIV;
$account->accountUserEditId = $userId;
case \SP\Controller\ActionsInterface::ACTION_ACC_EDIT_PASS:
$Account->setAccountId($accountId);
$Account->setAccountPass($accountEncPass['data']);
$Account->setAccountIV($accountEncPass['iv']);
$Account->setAccountUserEditId($currentUserId);
// Actualizar clave de cuenta
if ($account->updateAccountPass()) {
SP_Common::printJSON(_('Clave actualizada'), 0);
if ($Account->updateAccountPass()) {
SP\Common::printJSON(_('Clave actualizada'), 0);
}
SP_Common::printJSON(_('Error al actualizar la clave'));
SP\Common::printJSON(_('Error al actualizar la clave'));
break;
case 5:
$account->accountId = $frmAccountId;
$accountHistData = $account->getAccountHistory();
case \SP\Controller\ActionsInterface::ACTION_ACC_EDIT_RESTORE:
$Account->setAccountId(SP\AccountHistory::getAccountIdFromId($accountId));
$Account->setAccountUserEditId($currentUserId);
$account->accountId = $accountHistData->account_id;
$account->accountName = $accountHistData->account_name;
$account->accountCategoryId = $accountHistData->account_categoryId;
$account->accountCustomerId = $accountHistData->account_customerId;
$account->accountLogin = $accountHistData->account_login;
$account->accountUrl = $accountHistData->account_url;
$account->accountPass = $accountHistData->account_pass;
$account->accountIV = $accountHistData->account_IV;
$account->accountNotes = $accountHistData->account_notes;
$account->accountUserId = $accountHistData->account_userId;
$account->accountUserGroupId = $accountHistData->account_userGroupId;
$account->accountOtherUserEdit = $accountHistData->account_otherUserEdit;
$account->accountOtherGroupEdit = $accountHistData->account_otherGroupEdit;
$account->accountUserEditId = $userId;
// Restaurar cuenta y clave
if ($account->updateAccount(true) && $account->updateAccountPass(false, true)) {
SP_Common::printJSON(_('Cuenta restaurada'), 0);
if ($Account->restoreFromHistory($accountId)) {
SP\Common::printJSON(_('Cuenta restaurada'), 0);
}
SP_Common::printJSON(_('Error al restaurar cuenta'));
SP\Common::printJSON(_('Error al restaurar cuenta'));
break;
default:
SP_Common::printJSON(_('Acción Inválida'));
SP\Common::printJSON(_('Acción Inválida'));
}

191
ajax/ajax_appMgmtData.php
View File

@@ -23,77 +23,162 @@
*
*/
use SP\Request;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
SP_Util::logout();
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Util::logout();
}
if (SP_Common::parseParams('p', 'id', false, true) && SP_Common::parseParams('p', 'type', false, true)) {
$tplvars['itemid'] = SP_Common::parseParams('p', 'id', 0);
$itemType = $tplvars['itemtype'] = SP_Common::parseParams('p', 'type', 0);
$tplvars['activeTab'] = SP_Common::parseParams('p', 'active', 0);
$tplvars['view'] = SP_Common::parseParams('p', 'view', 0);
} else {
return;
if (!SP\Request::analyze('itemId', false, true)
|| !SP\Request::analyze('actionId', false, true)
) {
exit();
}
switch ($itemType) {
case 1:
$tplvars['header'] = _('Editar Usuario');
$tplvars['onCloseAction'] = 'usersmenu';
$template = 'users';
$actionId = SP\Request::analyze('actionId', 0);
$tpl = new SP\Template();
$tpl->assign('itemId', SP\Request::analyze('itemId', 0));
$tpl->assign('activeTab', SP\Request::analyze('activeTab', 0));
$tpl->assign('actionId', $actionId);
$tpl->assign('isView', false);
switch ($actionId) {
case \SP\Controller\ActionsInterface::ACTION_USR_USERS_VIEW:
$tpl->assign('header', _('Ver Usuario'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$tpl->assign('isView', true);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getUser();
break;
case 2:
$tplvars['header'] = _('Nuevo Usuario');
$tplvars['onCloseAction'] = 'usersmenu';
$template = 'users';
case \SP\Controller\ActionsInterface::ACTION_USR_USERS_EDIT:
$tpl->assign('header', _('Editar Usuario'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getUser();
break;
case 3:
$tplvars['header'] = _('Editar Grupo');
$tplvars['onCloseAction'] = 'usersmenu';
$template = 'groups';
case \SP\Controller\ActionsInterface::ACTION_USR_USERS_NEW:
$tpl->assign('header', _('Nuevo Usuario'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getUser();
break;
case 4:
$tplvars['header'] = _('Nuevo Grupo');
$tplvars['onCloseAction'] = 'usersmenu';
$template = 'groups';
case \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_VIEW:
$tpl->assign('header', _('Ver Grupo'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$tpl->assign('isView', true);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getGroup();
break;
case 5:
$tplvars['header'] = _('Editar Perfil');
$tplvars['onCloseAction'] = 'usersmenu';
$template = 'profiles';
case \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_EDIT:
$tpl->assign('header', _('Editar Grupo'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getGroup();
break;
case 6:
$tplvars['header'] = _('Nuevo Perfil');
$tplvars['onCloseAction'] = 'usersmenu';
$template = 'profiles';
case \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_NEW:
$tpl->assign('header', _('Nuevo Grupo'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getGroup();
break;
case 7:
$tplvars['header'] = _('Editar Cliente');
$tplvars['onCloseAction'] = 'appmgmtmenu';
$template = 'customers';
case \SP\Controller\ActionsInterface::ACTION_USR_PROFILES_VIEW:
$tpl->assign('header', _('Ver Perfil'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$tpl->assign('isView', true);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getProfile();
break;
case 8:
$tplvars['header'] = _('Nuevo Cliente');
$tplvars['onCloseAction'] = 'appmgmtmenu';
$template = 'customers';
case \SP\Controller\ActionsInterface::ACTION_USR_PROFILES_EDIT:
$tpl->assign('header', _('Editar Perfil'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getProfile();
break;
case 9:
$tplvars['header'] = _('Editar Categoría');
$tplvars['onCloseAction'] = 'appmgmtmenu';
$template = 'categories';
case \SP\Controller\ActionsInterface::ACTION_USR_PROFILES_NEW:
$tpl->assign('header', _('Nuevo Perfil'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getProfile();
break;
case 10:
$tplvars['header'] = _('Nueva Categoría');
$tplvars['onCloseAction'] = 'appmgmtmenu';
$template = 'categories';
case \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS_VIEW:
$tpl->assign('header', _('Ver Cliente'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_MGM);
$tpl->assign('isView', true);
$controller = new SP\Controller\AccountsMgmtC($tpl);
$controller->getCustomer();
break;
case \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS_EDIT:
$tpl->assign('header', _('Editar Cliente'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_MGM);
$controller = new SP\Controller\AccountsMgmtC($tpl);
$controller->getCustomer();
break;
case \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS_NEW:
$tpl->assign('header', _('Nuevo Cliente'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_MGM);
$controller = new SP\Controller\AccountsMgmtC($tpl);
$controller->getCustomer();
break;
case \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES_VIEW:
$tpl->assign('header', _('Ver Categoría'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_MGM);
$tpl->assign('isView', true);
$controller = new SP\Controller\AccountsMgmtC($tpl);
$controller->getCategory();
break;
case \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES_EDIT:
$tpl->assign('header', _('Editar Categoría'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_MGM);
$controller = new SP\Controller\AccountsMgmtC($tpl);
$controller->getCategory();
break;
case \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES_NEW:
$tpl->assign('header', _('Nueva Categoría'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_MGM);
$controller = new SP\Controller\AccountsMgmtC($tpl);
$controller->getCategory();
break;
case \SP\Controller\ActionsInterface::ACTION_MGM_APITOKENS_VIEW:
$tpl->assign('header', _('Ver Autorización'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$tpl->assign('isView', true);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getToken();
break;
case \SP\Controller\ActionsInterface::ACTION_MGM_APITOKENS_NEW:
$tpl->assign('header', _('Nueva Autorización'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getToken();
break;
case \SP\Controller\ActionsInterface::ACTION_MGM_APITOKENS_EDIT:
$tpl->assign('header', _('Editar Autorización'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_USR);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getToken();
break;
case \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMFIELDS_NEW:
$tpl->assign('header', _('Nuevo Campo'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_MGM);
$controller = new SP\Controller\AccountsMgmtC($tpl);
$controller->getCustomField();
break;
case \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMFIELDS_EDIT:
$tpl->assign('header', _('Editar Campo'));
$tpl->assign('onCloseAction', \SP\Controller\ActionsInterface::ACTION_MGM);
$controller = new SP\Controller\AccountsMgmtC($tpl);
$controller->getCustomField();
break;
default :
exit();
break;
}
SP_Html::getTemplate($template, $tplvars);
$controller->view();

667
ajax/ajax_appMgmtSave.php
View File

@@ -1,5 +1,4 @@
<?php
/**
* sysPass
*
@@ -24,197 +23,214 @@
*
*/
use SP\Request;
use SP\UserUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
Request::checkReferer('POST');
if (!SP_Init::isLoggedIn()) {
SP_Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
if (!SP\Init::isLoggedIn()) {
SP\Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$sk = SP_Common::parseParams('p', 'sk', false);
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP_Common::checkSessionKey($sk)) {
SP_Common::printJSON(_('CONSULTA INVÁLIDA'));
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
// Variables POST del formulario
$frmSaveType = SP_Common::parseParams('p', 'type', 0);
$frmAction = SP_Common::parseParams('p', 'action', 0);
$frmItemId = SP_Common::parseParams('p', 'id', 0);
$frmOnCloseAction = SP_Common::parseParams('p', 'onCloseAction');
$frmActiveTab = SP_Common::parseParams('p', 'activeTab', 0);
$actionId = SP\Request::analyze('actionId', 0);
$itemId = SP\Request::analyze('itemId', 0);
$onCloseAction = SP\Request::analyze('onCloseAction');
$activeTab = SP\Request::analyze('activeTab', 0);
$customFields = SP\Request::analyze('customfield');
$doActionOnClose = "doAction('$frmOnCloseAction','',$frmActiveTab);";
// Acción al cerrar la vista
$doActionOnClose = "sysPassUtil.Common.doAction('$onCloseAction','',$activeTab);";
$userLogin = SP_Users::getUserLoginById($frmItemId);
$userLogin = UserUtil::getUserLoginById($itemId);
if ($frmSaveType == 1 || $frmSaveType == 2) {
$objUser = new SP_Users;
if ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_EDIT
|| $actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_EDITPASS
|| $actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_DELETE
) {
$isLdap = SP\Request::analyze('isLdap', 0);
$userPassR = SP\Request::analyze('passR', '', false, false, false);
// Variables POST del formulario
$frmLdap = SP_Common::parseParams('p', 'ldap', 0);
$frmUsrName = SP_Common::parseParams('p', 'name');
$frmUsrLogin = SP_Common::parseParams('p', 'login');
$frmUsrProfile = SP_Common::parseParams('p', 'profileid', 0);
$frmUsrGroup = SP_Common::parseParams('p', 'groupid', 0);
$frmUsrEmail = SP_Common::parseParams('p', 'email');
$frmUsrNotes = SP_Common::parseParams('p', 'notes');
$frmUsrPass = SP_Common::parseParams('p', 'pass', '', false, false, false);
$frmUsrPassV = SP_Common::parseParams('p', 'passv', '', false, false, false);
$frmAdminApp = SP_Common::parseParams('p', 'adminapp', 0, false, 1);
$frmAdminAcc = SP_Common::parseParams('p', 'adminacc', 0, false, 1);
$frmDisabled = SP_Common::parseParams('p', 'disabled', 0, false, 1);
$frmChangePass = SP_Common::parseParams('p', 'changepass', 0, false, 1);
$User = new SP\User();
$User->setUserId($itemId);
$User->setUserName(SP\Request::analyze('name'));
$User->setUserLogin(SP\Request::analyze('login'));
$User->setUserEmail(SP\Request::analyze('email'));
$User->setUserNotes(SP\Request::analyze('notes'));
$User->setUserGroupId(SP\Request::analyze('groupid', 0));
$User->setUserProfileId(SP\Request::analyze('profileid', 0));
$User->setUserIsAdminApp(SP\Request::analyze('adminapp', 0, false, 1));
$User->setUserIsAdminAcc(SP\Request::analyze('adminacc', 0, false, 1));
$User->setUserIsDisabled(SP\Request::analyze('disabled', 0, false, 1));
$User->setUserChangePass(SP\Request::analyze('changepass', 0, false, 1));
$User->setUserPass(SP\Request::analyze('pass', '', false, false, false));
// Nuevo usuario o editar
if ($frmAction == 1 OR $frmAction == 2) {
if (!$frmUsrName && !$frmLdap) {
SP_Common::printJSON(_('Es necesario un nombre de usuario'), 2);
if ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_EDIT
) {
if (!$User->getUserName() && !$isLdap) {
SP\Common::printJSON(_('Es necesario un nombre de usuario'), 2);
} elseif (!$User->getUserLogin() && !$isLdap) {
SP\Common::printJSON(_('Es necesario un login'), 2);
} elseif (!$User->getUserProfileId()) {
SP\Common::printJSON(_('Es necesario un perfil'), 2);
} elseif (!$User->getUserGroupId()) {
SP\Common::printJSON(_('Es necesario un grupo'), 2);
} elseif (!$User->getUserEmail() && !$isLdap) {
SP\Common::printJSON(_('Es necesario un email'), 2);
} elseif (SP\Util::demoIsEnabled() && !\SP\Session::getUserIsAdminApp() && $User->getUserLogin() == 'demo') {
SP\Common::printJSON(_('Ey, esto es una DEMO!!'));
}
if (!$frmUsrLogin && !$frmLdap) {
SP_Common::printJSON(_('Es necesario un login'), 2);
}
if ($frmUsrProfile == "") {
SP_Common::printJSON(_('Es necesario un perfil'), 2);
}
if (!$frmUsrGroup) {
SP_Common::printJSON(_('Es necesario un grupo'), 2);
}
if (!$frmUsrEmail && !$frmLdap) {
SP_Common::printJSON(_('Es necesario un email'), 2);
}
$objUser->userId = $frmItemId;
$objUser->userName = $frmUsrName;
$objUser->userLogin = $frmUsrLogin;
$objUser->userEmail = $frmUsrEmail;
$objUser->userNotes = $frmUsrNotes;
$objUser->userGroupId = $frmUsrGroup;
$objUser->userProfileId = $frmUsrProfile;
$objUser->userIsAdminApp = $frmAdminApp;
$objUser->userIsAdminAcc = $frmAdminAcc;
$objUser->userIsDisabled = $frmDisabled;
$objUser->userChangePass = $frmChangePass;
$objUser->userPass = $frmUsrPass;
switch ($objUser->checkUserExist()) {
case 1:
SP_Common::printJSON(_('Login de usuario duplicado'), 2);
switch ($User->checkUserExist()) {
case UserUtil::USER_LOGIN_EXIST:
SP\Common::printJSON(_('Login de usuario duplicado'), 2);
break;
case 2:
SP_Common::printJSON(_('Email de usuario duplicado'), 2);
case UserUtil::USER_MAIL_EXIST:
SP\Common::printJSON(_('Email de usuario duplicado'), 2);
break;
}
if ($frmAction == 1) {
if (!$frmUsrPass && !$frmUsrPassV) {
SP_Common::printJSON(_('La clave no puede estar en blanco'), 2);
if ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_NEW) {
if (!$User->getUserPass() && !$userPassR) {
SP\Common::printJSON(_('La clave no puede estar en blanco'), 2);
} elseif ($User->getUserPass() != $userPassR) {
SP\Common::printJSON(_('Las claves no coinciden'), 2);
}
if ($frmUsrPass != $frmUsrPassV) {
SP_Common::printJSON(_('Las claves no coinciden'), 2);
if ($User->addUser()) {
if (is_array($customFields)) {
foreach ($customFields as $id => $value) {
$CustomFields = new \SP\CustomFields($id, $User->getUserId(), $value);
$CustomFields->addCustomField();
}
}
SP\Common::printJSON(_('Usuario creado'), 0, $doActionOnClose);
}
if ($objUser->addUser()) {
SP_Common::printJSON(_('Usuario creado'), 0, $doActionOnClose);
SP\Common::printJSON(_('Error al crear el usuario'));
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_EDIT) {
if ($User->updateUser()) {
if (is_array($customFields)) {
foreach ($customFields as $id => $value) {
$CustomFields = new \SP\CustomFields($id, $User->getUserId(), $value);
$CustomFields->updateCustomField();
}
}
SP\Common::printJSON(_('Usuario actualizado'), 0, $doActionOnClose);
}
SP_Common::printJSON(_('Error al crear el usuario'));
} elseif ($frmAction == 2) {
if ($objUser->updateUser()) {
SP_Common::printJSON(_('Usuario actualizado'), 0, $doActionOnClose);
}
SP_Common::printJSON(_('Error al actualizar el usuario'));
SP\Common::printJSON(_('Error al actualizar el usuario'));
}
// Cambio de clave
} elseif ($frmAction == 3) {
if (SP_Util::demoIsEnabled() && $userLogin == 'demo') {
SP_Common::printJSON(_('Ey, esto es una DEMO!!'));
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_EDITPASS) {
if (SP\Util::demoIsEnabled() && UserUtil::getUserLoginById($itemId) == 'demo') {
SP\Common::printJSON(_('Ey, esto es una DEMO!!'));
} elseif (!$User->getUserPass() || !$userPassR) {
SP\Common::printJSON(_('La clave no puede estar en blanco'), 2);
}
if (!$frmUsrPass || !$frmUsrPassV) {
SP_Common::printJSON(_('La clave no puede estar en blanco'), 2);
// Desencriptar con la clave RSA
$CryptPKI = new \SP\CryptPKI();
$clearUserPass = $CryptPKI->decryptRSA(base64_decode($User->getUserPass()));
$clearUserPassR = $CryptPKI->decryptRSA(base64_decode($userPassR));
if ($clearUserPass != $clearUserPassR) {
SP\Common::printJSON(_('Las claves no coinciden'), 2);
}
if ($frmUsrPass != $frmUsrPassV) {
SP_Common::printJSON(_('Las claves no coinciden'), 2);
$User->setUserPass($clearUserPass);
if ($User->updateUserPass()) {
SP\Common::printJSON(_('Clave actualizada'), 0);
}
$objUser->userId = $frmItemId;
$objUser->userPass = $frmUsrPass;
if ($objUser->updateUserPass()) {
SP_Common::printJSON(_('Clave actualizada'), 0);
}
SP_Common::printJSON(_('Error al modificar la clave'));
SP\Common::printJSON(_('Error al modificar la clave'));
// Eliminar usuario
} elseif ($frmAction == 4) {
if (SP_Util::demoIsEnabled() && $userLogin == 'demo') {
SP_Common::printJSON(_('Ey, esto es una DEMO!!'));
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_DELETE) {
if (SP\Util::demoIsEnabled() && UserUtil::getUserLoginById($itemId) == 'demo') {
SP\Common::printJSON(_('Ey, esto es una DEMO!!'));
} elseif ($User->getUserId() == SP\Session::getUserId()) {
SP\Common::printJSON(_('No es posible eliminar, usuario en uso'));
}
$objUser->userId = $frmItemId;
if ($frmItemId == $_SESSION["uid"]) {
SP_Common::printJSON(_('No es posible eliminar, usuario en uso'));
if ($User->deleteUser() && SP\CustomFields::deleteCustomFieldForItem($User->getUserId(), \SP\Controller\ActionsInterface::ACTION_USR_USERS)) {
SP\Common::printJSON(_('Usuario eliminado'), 0, $doActionOnClose);
}
if ($objUser->deleteUser()) {
SP_Common::printJSON(_('Usuario eliminado'), 0, $doActionOnClose);
}
SP_Common::printJSON(_('Error al eliminar el usuario'));
SP\Common::printJSON(_('Error al eliminar el usuario'));
}
SP_Common::printJSON(_('Acción Inválida'));
} elseif ($frmSaveType == 3 || $frmSaveType == 4) {
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_EDIT
|| $actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_DELETE
) {
// Variables POST del formulario
$frmGrpName = SP_Common::parseParams('p', 'name');
$frmGrpDesc = SP_Common::parseParams('p', 'description');
$frmGrpName = SP\Request::analyze('name');
$frmGrpDesc = SP\Request::analyze('description');
$frmGrpUsers = SP\Request::analyze('users');
// Nuevo grupo o editar
if ($frmAction == 1 OR $frmAction == 2) {
if ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_EDIT
) {
if (!$frmGrpName) {
SP_Common::printJSON(_('Es necesario un nombre de grupo'), 2);
SP\Common::printJSON(_('Es necesario un nombre de grupo'), 2);
}
SP_Groups::$groupId = $frmItemId;
SP_Groups::$groupName = $frmGrpName;
SP_Groups::$groupDescription = $frmGrpDesc;
SP\Groups::$groupId = $itemId;
SP\Groups::$groupName = $frmGrpName;
SP\Groups::$groupDescription = $frmGrpDesc;
if (!SP_Groups::checkGroupExist()) {
SP_Common::printJSON(_('Nombre de grupo duplicado'), 2);
if (SP\Groups::checkGroupExist()) {
SP\Common::printJSON(_('Nombre de grupo duplicado'), 2);
}
if ($frmAction == 1) {
if (SP_Groups::addGroup()) {
SP_Common::printJSON(_('Grupo creado'), 0, $doActionOnClose);
if ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_NEW) {
if (SP\Groups::addGroup($frmGrpUsers)) {
if (is_array($customFields)) {
foreach ($customFields as $id => $value) {
$CustomFields = new \SP\CustomFields($id, SP\Groups::$queryLastId, $value);
$CustomFields->addCustomField();
}
}
SP\Common::printJSON(_('Grupo creado'), 0, $doActionOnClose);
} else {
SP_Common::printJSON(_('Error al crear el grupo'));
SP\Common::printJSON(_('Error al crear el grupo'));
}
} else if ($frmAction == 2) {
if (SP_Groups::updateGroup()) {
SP_Common::printJSON(_('Grupo actualizado'), 0, $doActionOnClose);
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_EDIT) {
if (SP\Groups::updateGroup($frmGrpUsers)) {
if (is_array($customFields)) {
foreach ($customFields as $id => $value) {
$CustomFields = new \SP\CustomFields($id, $itemId, $value);
$CustomFields->updateCustomField();
}
}
SP\Common::printJSON(_('Grupo actualizado'), 0, $doActionOnClose);
}
SP_Common::printJSON(_('Error al actualizar el grupo'));
SP\Common::printJSON(_('Error al actualizar el grupo'));
}
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_DELETE) {
SP\Groups::$groupId = $itemId;
// Eliminar grupo
} elseif ($frmAction == 4) {
SP_Groups::$groupId = $frmItemId;
$resGroupUse = SP_Groups::checkGroupInUse();
$resGroupUse = SP\Groups::checkGroupInUse();
if ($resGroupUse['users'] > 0 || $resGroupUse['accounts'] > 0) {
if ($resGroupUse['users'] > 0) {
@@ -225,195 +241,304 @@ if ($frmSaveType == 1 || $frmSaveType == 2) {
$uses[] = _('Cuentas') . " (" . $resGroupUse['accounts'] . ")";
}
SP_Common::printJSON(_('No es posible eliminar') . ';;' . _('Grupo en uso por:') . ';;' . implode(';;', $uses));
SP\Common::printJSON(_('No es posible eliminar') . ';;' . _('Grupo en uso por:') . ';;' . implode(';;', $uses));
} else {
$groupName = SP_Groups::getGroupNameById($frmItemId);
$groupName = SP\Groups::getGroupNameById($itemId);
if (SP_Groups::deleteGroup()) {
SP_Common::printJSON(_('Grupo eliminado'), 0, $doActionOnClose);
if (SP\Groups::deleteGroup() && SP\CustomFields::deleteCustomFieldForItem($itemId, \SP\Controller\ActionsInterface::ACTION_USR_GROUPS)) {
SP\Common::printJSON(_('Grupo eliminado'), 0, $doActionOnClose);
}
SP_Common::printJSON(_('Error al eliminar el grupo'));
SP\Common::printJSON(_('Error al eliminar el grupo'));
}
}
SP_Common::printJSON(_('Acción Inválida'));
} elseif ($frmSaveType == 5 || $frmSaveType == 6) {
$profileProp = array();
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_PROFILES_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_USR_PROFILES_EDIT
|| $actionId === \SP\Controller\ActionsInterface::ACTION_USR_PROFILES_DELETE
) {
$Profile = new \SP\Profile();
// Variables POST del formulario
$frmProfileName = SP_Common::parseParams('p', 'profile_name');
SP_Profiles::$profileId = $frmItemId;
$name = SP\Request::analyze('profile_name');
// Profile properties Array
$profileProp["pAccView"] = SP_Common::parseParams('p', 'profile_accview', 0, false, 1);
$profileProp["pAccViewPass"] = SP_Common::parseParams('p', 'profile_accviewpass', 0, false, 1);
$profileProp["pAccViewHistory"] = SP_Common::parseParams('p', 'profile_accviewhistory', 0, false, 1);
$profileProp["pAccEdit"] = SP_Common::parseParams('p', 'profile_accedit', 0, false, 1);
$profileProp["pAccEditPass"] = SP_Common::parseParams('p', 'profile_acceditpass', 0, false, 1);
$profileProp["pAccAdd"] = SP_Common::parseParams('p', 'profile_accadd', 0, false, 1);
$profileProp["pAccDel"] = SP_Common::parseParams('p', 'profile_accdel', 0, false, 1);
$profileProp["pAccFiles"] = SP_Common::parseParams('p', 'profile_accfiles', 0, false, 1);
$profileProp["pConfig"] = SP_Common::parseParams('p', 'profile_config', 0, false, 1);
$profileProp["pAppMgmtCat"] = SP_Common::parseParams('p', 'profile_categories', 0, false, 1);
$profileProp["pAppMgmtCust"] = SP_Common::parseParams('p', 'profile_customers', 0, false, 1);
$profileProp["pConfigMpw"] = SP_Common::parseParams('p', 'profile_configmpw', 0, false, 1);
$profileProp["pConfigBack"] = SP_Common::parseParams('p', 'profile_configback', 0, false, 1);
$profileProp["pUsers"] = SP_Common::parseParams('p', 'profile_users', 0, false, 1);
$profileProp["pGroups"] = SP_Common::parseParams('p', 'profile_groups', 0, false, 1);
$profileProp["pProfiles"] = SP_Common::parseParams('p', 'profile_profiles', 0, false, 1);
$profileProp["pEventlog"] = SP_Common::parseParams('p', 'profile_eventlog', 0, false, 1);
$Profile->setName($name);
$Profile->setId(SP\Request::analyze('itemId', 0));
$Profile->setAccAdd(SP\Request::analyze('profile_accadd', 0, false, 1));
$Profile->setAccView(SP\Request::analyze('profile_accview', 0, false, 1));
$Profile->setAccViewPass(SP\Request::analyze('profile_accviewpass', 0, false, 1));
$Profile->setAccViewHistory(SP\Request::analyze('profile_accviewhistory', 0, false, 1));
$Profile->setAccEdit(SP\Request::analyze('profile_accedit', 0, false, 1));
$Profile->setAccEditPass(SP\Request::analyze('profile_acceditpass', 0, false, 1));
$Profile->setAccDelete(SP\Request::analyze('profile_accdel', 0, false, 1));
$Profile->setAccFiles(SP\Request::analyze('profile_accfiles', 0, false, 1));
$Profile->setConfigGeneral(SP\Request::analyze('profile_config', 0, false, 1));
$Profile->setConfigEncryption(SP\Request::analyze('profile_configmpw', 0, false, 1));
$Profile->setConfigBackup(SP\Request::analyze('profile_configback', 0, false, 1));
$Profile->setConfigImport(SP\Request::analyze('profile_configimport', 0, false, 1));
$Profile->setMgmCategories(SP\Request::analyze('profile_categories', 0, false, 1));
$Profile->setMgmCustomers(SP\Request::analyze('profile_customers', 0, false, 1));
$Profile->setMgmCustomFields(SP\Request::analyze('profile_customfields', 0, false, 1));
$Profile->setMgmUsers(SP\Request::analyze('profile_users', 0, false, 1));
$Profile->setMgmGroups(SP\Request::analyze('profile_groups', 0, false, 1));
$Profile->setMgmProfiles(SP\Request::analyze('profile_profiles', 0, false, 1));
$Profile->setMgmApiTokens(SP\Request::analyze('profile_apitokens', 0, false, 1));
$Profile->setEvl(SP\Request::analyze('profile_eventlog', 0, false, 1));
// Nuevo perfil o editar
if ($frmAction == 1 OR $frmAction == 2) {
if (!$frmProfileName) {
SP_Common::printJSON(_('Es necesario un nombre de perfil'), 2);
if ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_PROFILES_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_USR_PROFILES_EDIT
) {
if (!$Profile->getName()) {
SP\Common::printJSON(_('Es necesario un nombre de perfil'), 2);
} elseif (SP\Profile::checkProfileExist($Profile->getId(), $Profile->getName())) {
SP\Common::printJSON(_('Nombre de perfil duplicado'), 2);
}
SP_Profiles::$profileName = $frmProfileName;
if (!SP_Profiles::checkProfileExist()) {
SP_Common::printJSON(_('Nombre de perfil duplicado'), 2);
}
if ($frmAction == 1) {
if (SP_Profiles::addProfile($profileProp)) {
SP_Common::printJSON(_('Perfil creado'), 0, $doActionOnClose);
if ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_PROFILES_NEW) {
if ($Profile->profileAdd()) {
SP\Common::printJSON(_('Perfil creado'), 0, $doActionOnClose);
}
SP_Common::printJSON(_('Error al crear el perfil'));
} else if ($frmAction == 2) {
if (SP_Profiles::updateProfile($profileProp)) {
SP_Common::printJSON(_('Perfil actualizado'), 0, $doActionOnClose);
SP\Common::printJSON(_('Error al crear el perfil'));
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_PROFILES_EDIT) {
if ($Profile->profileUpdate()) {
SP\Common::printJSON(_('Perfil actualizado'), 0, $doActionOnClose);
}
SP_Common::printJSON(_('Error al actualizar el perfil'));
SP\Common::printJSON(_('Error al actualizar el perfil'));
}
// Eliminar perfil
} elseif ($frmAction == 4) {
$resProfileUse = SP_Profiles::checkProfileInUse();
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_PROFILES_DELETE) {
$resProfileUse = SP\Profile::checkProfileInUse($Profile->getId());
if ($resProfileUse['users'] > 0) {
$uses[] = _('Usuarios') . " (" . $resProfileUse['users'] . ")";
SP_Common::printJSON(_('No es posible eliminar') . ';;' . _('Perfil en uso por:') . ';;' . implode(';;', $uses));
SP\Common::printJSON(_('No es posible eliminar') . ';;' . _('Perfil en uso por:') . ';;' . implode(';;', $uses));
} else {
$profileName = SP_Profiles::getProfileNameById($frmItemId);
if (SP_Profiles::deleteProfile()) {
$message['action'] = _('Eliminar Perfil');
$message['text'][] = SP_Html::strongText(_('Perfil') . ': ') . $profileName;
SP_Log::wrLogInfo($message);
SP_Common::sendEmail($message);
SP_Common::printJSON(_('Perfil eliminado'), 0, $doActionOnClose);
if ($Profile->profileDelete()) {
SP\Common::printJSON(_('Perfil eliminado'), 0, $doActionOnClose);
}
SP_Common::printJSON(_('Error al eliminar el perfil'));
SP\Common::printJSON(_('Error al eliminar el perfil'));
}
}
SP_Common::printJSON(_('Acción Inválida'));
} elseif ($frmSaveType == 7 || $frmSaveType == 8) {
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS_EDIT
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS_DELETE
) {
// Variables POST del formulario
$frmCustomerName = SP_Common::parseParams('p', 'name');
$frmCustomerDesc = SP_Common::parseParams('p', 'description');
$frmCustomerName = SP\Request::analyze('name');
$frmCustomerDesc = SP\Request::analyze('description');
// Nuevo cliente o editar
if ($frmAction == 1 OR $frmAction == 2) {
if ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS_EDIT
) {
if (!$frmCustomerName) {
SP_Common::printJSON(_('Es necesario un nombre de cliente'), 2);
SP\Common::printJSON(_('Es necesario un nombre de cliente'), 2);
}
SP_Customer::$customerName = $frmCustomerName;
SP_Customer::$customerDescription = $frmCustomerDesc;
SP\Customer::$customerName = $frmCustomerName;
SP\Customer::$customerDescription = $frmCustomerDesc;
if (!SP_Customer::checkDupCustomer($frmItemId)) {
SP_Common::printJSON(_('Nombre de cliente duplicado'), 2);
}
if ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS_NEW) {
try {
SP\Customer::addCustomer($itemId);
if ($frmAction == 1) {
if (SP_Customer::addCustomer()) {
SP_Common::printJSON(_('Cliente creado'), 0, $doActionOnClose);
} else {
SP_Common::printJSON(_('Error al crear el cliente'));
}
} else if ($frmAction == 2) {
if (SP_Customer::updateCustomer($frmItemId)) {
SP_Common::printJSON(_('Cliente actualizado'), 0, $doActionOnClose);
if (is_array($customFields)) {
foreach ($customFields as $id => $value) {
$CustomFields = new \SP\CustomFields($id, SP\Customer::$customerLastId, $value);
$CustomFields->addCustomField();
}
}
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage(), 2);
}
SP_Common::printJSON(_('Error al actualizar el cliente'));
}
SP\Common::printJSON(_('Cliente creado'), 0, $doActionOnClose);
} else if ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS_EDIT) {
try {
SP\Customer::updateCustomer($itemId);
// Eliminar cliente
} elseif ($frmAction == 4) {
$resCustomerUse = SP_Customer::checkCustomerInUse($frmItemId);
if ($resCustomerUse['accounts'] > 0) {
$uses[] = _('Cuentas') . " (" . $resCustomerUse['accounts'] . ")";
SP_Common::printJSON(_('No es posible eliminar') . ';;' . _('Cliente en uso por:') . ';;' . implode(';;', $uses));
} else {
if (SP_Customer::delCustomer($frmItemId)) {
SP_Common::printJSON(_('Cliente eliminado'), 0, $doActionOnClose);
if (is_array($customFields)) {
foreach ($customFields as $id => $value) {
$CustomFields = new \SP\CustomFields($id, $itemId, $value);
$CustomFields->updateCustomField();
}
}
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage(), 2);
}
SP_Common::printJSON(_('Error al eliminar el cliente'));
SP\Common::printJSON(_('Cliente actualizado'), 0, $doActionOnClose);
}
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS_DELETE) {
try {
SP\Customer::deleteCustomer($itemId);
SP\CustomFields::deleteCustomFieldForItem($itemId, \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMERS);
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage());
}
SP\Common::printJSON(_('Cliente eliminado'), 0, $doActionOnClose);
}
SP_Common::printJSON(_('Acción Inválida'));
} elseif ($frmSaveType == 9 || $frmSaveType == 10) {
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES_EDIT
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES_DELETE
) {
// Variables POST del formulario
$frmCategoryName = SP_Common::parseParams('p', 'name');
$frmCategoryDesc = SP_Common::parseParams('p', 'description');
$frmCategoryName = SP\Request::analyze('name');
$frmCategoryDesc = SP\Request::analyze('description');
// Nueva categoría o editar
if ($frmAction == 1 OR $frmAction == 2) {
if ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES_EDIT
) {
if (!$frmCategoryName) {
SP_Common::printJSON(_('Es necesario un nombre de categoría'), 2);
SP\Common::printJSON(_('Es necesario un nombre de categoría'), 2);
}
SP_Category::$categoryName = $frmCategoryName;
SP_Category::$categoryDescription = $frmCategoryDesc;
SP\Category::$categoryName = $frmCategoryName;
SP\Category::$categoryDescription = $frmCategoryDesc;
if (!SP_Category::checkDupCategory($frmItemId)) {
SP_Common::printJSON(_('Nombre de categoría duplicado'), 2);
}
if ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES_NEW) {
try {
SP\Category::addCategory();
if ($frmAction == 1) {
if (SP_Category::addCategory()) {
SP_Common::printJSON(_('Categoría creada'), 0, $doActionOnClose);
} else {
SP_Common::printJSON(_('Error al crear la categoría'));
}
} else if ($frmAction == 2) {
if (SP_Category::updateCategory($frmItemId)) {
SP_Common::printJSON(_('Categoría actualizada'), 0, $doActionOnClose);
if (is_array($customFields)) {
foreach ($customFields as $id => $value) {
$CustomFields = new \SP\CustomFields($id, SP\Category::$categoryLastId, $value);
$CustomFields->addCustomField();
}
}
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage(), 2);
}
SP_Common::printJSON(_('Error al actualizar la categoría'));
}
SP\Common::printJSON(_('Categoría creada'), 0, $doActionOnClose);
} else if ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES_EDIT) {
try {
SP\Category::updateCategory($itemId);
// Eliminar categoría
} elseif ($frmAction == 4) {
$resCategoryUse = SP_Category::checkCategoryInUse($frmItemId);
if ($resCategoryUse !== true) {
SP_Common::printJSON(_('No es posible eliminar') . ';;' . _('Categoría en uso por:') . ';;' . $resCategoryUse);
} else {
if (SP_Category::delCategory($frmItemId)) {
SP_Common::printJSON(_('Categoría eliminada'), 0, $doActionOnClose);
if (is_array($customFields)) {
foreach ($customFields as $id => $value) {
$CustomFields = new \SP\CustomFields($id, $itemId, $value);
$CustomFields->updateCustomField();
}
}
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage(), 2);
}
SP_Common::printJSON(_('Error al eliminar la categoría'));
SP\Common::printJSON(_('Categoría actualizada'), 0, $doActionOnClose);
}
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES_DELETE) {
try {
SP\Category::deleteCategory($itemId);
SP\CustomFields::deleteCustomFieldForItem($itemId, \SP\Controller\ActionsInterface::ACTION_MGM_CATEGORIES);
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage());
}
SP\Common::printJSON(_('Categoría eliminada'), 0, $doActionOnClose);
}
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_APITOKENS_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_APITOKENS_EDIT
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_APITOKENS_DELETE
) {
$ApiTokens = new \SP\ApiTokens();
$ApiTokens->setTokenId($itemId);
$ApiTokens->setUserId(SP\Request::analyze('users', 0));
$ApiTokens->setActionId(SP\Request::analyze('actions', 0));
$ApiTokens->setRefreshToken(SP\Request::analyze('refreshtoken', false, false, true));
SP_Common::printJSON(_('Acción Inválida'));
if ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_APITOKENS_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_APITOKENS_EDIT)
{
if ($ApiTokens->getUserId() === 0 || $ApiTokens->getActionId() === 0) {
SP\Common::printJSON(_('Usuario o acción no indicado'), 2);
}
if ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_APITOKENS_NEW){
try {
$ApiTokens->addToken();
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage(), 2);
}
SP\Common::printJSON(_('Autorización creada'), 0, $doActionOnClose);
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_APITOKENS_EDIT){
try {
$ApiTokens->updateToken();
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage(), 2);
}
SP\Common::printJSON(_('Autorización actualizada'), 0, $doActionOnClose);
}
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_APITOKENS_DELETE){
try {
$ApiTokens->deleteToken();
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage(), 2);
}
SP\Common::printJSON(_('Autorización eliminada'), 0, $doActionOnClose);
}
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMFIELDS_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMFIELDS_EDIT
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMFIELDS_DELETE
) {
// Variables POST del formulario
$frmFieldName = SP\Request::analyze('name');
$frmFieldType = SP\Request::analyze('type', 0);
$frmFieldModule = SP\Request::analyze('module', 0);
$frmFieldHelp = SP\Request::analyze('help');
$frmFieldRequired = SP\Request::analyze('required', false, false, true);
if ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMFIELDS_NEW
|| $actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMFIELDS_EDIT)
{
if (!$frmFieldName) {
SP\Common::printJSON(_('Nombre del campo no indicado'), 2);
} elseif ($frmFieldType === 0) {
SP\Common::printJSON(_('Tipo del campo no indicado'), 2);
} elseif ($frmFieldModule === 0) {
SP\Common::printJSON(_('Módulo del campo no indicado'), 2);
}
$CustomFieldDef = new \SP\CustomFieldDef($frmFieldName, $frmFieldType, $frmFieldModule);
$CustomFieldDef->setHelp($frmFieldHelp);
$CustomFieldDef->setRequired($frmFieldRequired);
if ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMFIELDS_NEW){
try {
$CustomFieldDef->addCustomField();
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage(), 2);
}
SP\Common::printJSON(_('Campo creado'), 0, $doActionOnClose);
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMFIELDS_EDIT){
try {
$CustomFieldDef->setId($itemId);
$CustomFieldDef->updateCustomField();
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage(), 2);
}
SP\Common::printJSON(_('Campo actualizado'), 0, $doActionOnClose);
}
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_MGM_CUSTOMFIELDS_DELETE){
try {
\SP\CustomFieldDef::deleteCustomField($itemId);
} catch (\SP\SPException $e) {
SP\Common::printJSON($e->getMessage(), 2);
}
SP\Common::printJSON(_('Campo eliminado'), 0, $doActionOnClose);
}
} else {
SP\Common::printJSON(_('Acción Inválida'));
}

61
ajax/ajax_backup.php
View File

@@ -24,36 +24,59 @@
*/
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
SP_Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
SP\Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$sk = SP_Common::parseParams('p', 'sk', false);
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP_Common::checkSessionKey($sk)) {
SP_Common::printJSON(_('CONSULTA INVÁLIDA'));
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
$doBackup = SP_Common::parseParams('p', 'backup', 0);
$frmOnCloseAction = SP_Common::parseParams('p', 'onCloseAction');
$frmActiveTab = SP_Common::parseParams('p', 'activeTab', 0);
$actionId = SP\Request::analyze('actionId', 0);
$onCloseAction = SP\Request::analyze('onCloseAction');
$activeTab = SP\Request::analyze('activeTab', 0);
$exportPassword = SP\Request::analyze('exportPwd', '', false, false, false);
$exportPasswordR = SP\Request::analyze('exportPwdR', '', false, false, false);
$doActionOnClose = "doAction('$frmOnCloseAction','',$frmActiveTab);";
$doActionOnClose = "sysPassUtil.Common.doAction($actionId,'',$activeTab);";
if ($doBackup) {
if (!SP_Backup::doBackup()) {
SP_Common::printJSON(_('Error al realizar el backup') . ';;' . _('Revise el registro de eventos para más detalles'));
if ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_BACKUP) {
if (!SP\Backup::doBackup()) {
SP\Log::writeNewLogAndEmail(_('Realizar Backup'), _('Error al realizar el backup'));
SP\Common::printJSON(_('Error al realizar el backup') . ';;' . _('Revise el registro de eventos para más detalles'));
}
$message['action'] = _('Realizar Backup');
$message['text'][] = _('Copia de la aplicación y base de datos realizada correctamente');
SP\Log::writeNewLogAndEmail(_('Realizar Backup'), _('Copia de la aplicación y base de datos realizada correctamente'));
SP_Log::wrLogInfo($message);
SP_Common::sendEmail($message);
SP\Common::printJSON(_('Proceso de backup finalizado'), 0, $doActionOnClose);
} elseif ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_EXPORT) {
try {
$CryptPKI = new \SP\CryptPKI();
$clearExportPwd = $CryptPKI->decryptRSA(base64_decode($exportPassword));
$clearExportPwdR = $CryptPKI->decryptRSA(base64_decode($exportPasswordR));
} catch (Exception $e) {
SP\Common::printJSON(_('Error en clave RSA'));
}
SP_Common::printJSON(_('Proceso de backup finalizado'), 0, $doActionOnClose);
if (!empty($clearExportPwd) && $clearExportPwd !== $clearExportPwdR){
SP\Common::printJSON(_('Las claves no coinciden'));
}
if(!\SP\XmlExport::doExport($clearExportPwd)){
SP\Log::writeNewLogAndEmail(_('Realizar Exportación'), _('Error al realizar la exportación de cuentas'));
SP\Common::printJSON(_('Error al realizar la exportación') . ';;' . _('Revise el registro de eventos para más detalles'));
}
SP\Log::writeNewLogAndEmail(_('Realizar Exportación'), _('Exportación de cuentas realizada correctamente'));
SP\Common::printJSON(_('Proceso de exportación finalizado'), 0, $doActionOnClose);
}

35
ajax/ajax_checkLdap.php
View File

@@ -23,35 +23,38 @@
*
*/
use SP\Request;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
SP_Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$sk = SP_Common::parseParams('p', 'sk', false);
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP_Common::checkSessionKey($sk)) {
SP_Common::printJSON(_('CONSULTA INVÁLIDA'));
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
$frmLdapServer = SP_Common::parseParams('p', 'ldap_server');
$frmLdapBase = SP_Common::parseParams('p', 'ldap_base');
$frmLdapGroup = SP_Common::parseParams('p', 'ldap_group');
$frmLdapBindUser = SP_Common::parseParams('p', 'ldap_binduser');
$frmLdapBindPass = SP_Common::parseParams('p', 'ldap_bindpass');
$frmLdapServer = SP\Request::analyze('ldap_server');
$frmLdapBase = SP\Request::analyze('ldap_base');
$frmLdapGroup = SP\Request::analyze('ldap_group');
$frmLdapBindUser = SP\Request::analyze('ldap_binduser');
$frmLdapBindPass = SP\Request::analyze('ldap_bindpass');
if (!$frmLdapServer || !$frmLdapBase || !$frmLdapBindUser || !$frmLdapBindPass) {
SP_Common::printJSON(_('Los parámetros de LDAP no están configurados'));
SP\Common::printJSON(_('Los parámetros de LDAP no están configurados'));
}
$resCheckLdap = SP_LDAP::checkLDAPConn($frmLdapServer, $frmLdapBindUser, $frmLdapBindPass, $frmLdapBase, $frmLdapGroup);
$resCheckLdap = SP\Ldap::checkLDAPConn($frmLdapServer, $frmLdapBindUser, $frmLdapBindPass, $frmLdapBase, $frmLdapGroup);
if ($resCheckLdap === false) {
SP_Common::printJSON(_('Error de conexión a LDAP') . ';;' . _('Revise el registro de eventos para más detalles'));
SP\Common::printJSON(_('Error de conexión a LDAP') . ';;' . _('Revise el registro de eventos para más detalles'));
} else {
SP_Common::printJSON(_('Conexión a LDAP correcta') . ';;' . _('Objetos encontrados') . ': ' . $resCheckLdap, 0);
SP\Common::printJSON(_('Conexión a LDAP correcta') . ';;' . _('Objetos encontrados') . ': ' . $resCheckLdap, 0);
}

28
ajax/ajax_checkUpds.php
View File

@@ -2,8 +2,8 @@
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
@@ -23,25 +23,13 @@
*
*/
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('GET');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
$checkVersion = SP_Common::parseParams('s', 'UPDATED', false, true);
SP\Request::checkReferer('GET');
// Una vez por sesión
if (!$checkVersion) {
$_SESSION["UPDATED"] = $checkVersion = SP_Util::checkUpdates();
}
session_write_close();
if (is_array($checkVersion)) {
$title = _('Descargar nueva versión') . ' - ' . $checkVersion['version'] . '<br><br>' . nl2br($checkVersion['description']);
echo '<a href="' . $checkVersion['url'] . '" target="_blank" title="' . $title . '"><img src="imgs/update.png" />&nbsp;' . $checkVersion['title'] . '</a>';
} elseif ($checkVersion === true) {
echo '<img src="imgs/ok.png" title="' . _('Actualizado') . ' ' . implode('.', SP_Util::getVersion(true)) . '"/>';
} elseif ($checkVersion === false) {
echo '!';
}
$controller = new \SP\Controller\MainC(null, null, false);
$controller->getCheckUpdates();
$controller->view();

392
ajax/ajax_configSave.php
View File

@@ -1,5 +1,4 @@
<?php
/**
* sysPass
*
@@ -24,217 +23,276 @@
*
*/
use SP\UserUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
SP_Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
SP\Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$sk = SP_Common::parseParams('p', 'sk', false);
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP_Common::checkSessionKey($sk)) {
SP_Common::printJSON(_('CONSULTA INVÁLIDA'));
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
// Variables POST del formulario
$frmAction = SP_Common::parseParams('p', 'action');
$frmOnCloseAction = SP_Common::parseParams('p', 'onCloseAction');
$frmActiveTab = SP_Common::parseParams('p', 'activeTab', 0);
$actionId = SP\Request::analyze('actionId', 0);
$activeTab = SP\Request::analyze('activeTab', 0);
$doActionOnClose = "doAction('$frmOnCloseAction','',$frmActiveTab);";
$doActionOnClose = "sysPassUtil.Common.doAction($actionId,'',$activeTab);";
if ($frmAction == "config") {
$frmSiteLang = SP_Common::parseParams('p', 'sitelang');
$frmSessionTimeout = SP_Common::parseParams('p', 'session_timeout', 300);
$frmLog = SP_Common::parseParams('p', 'log_enabled', false, false, true);
$frmDebug = SP_Common::parseParams('p', 'debug', false, false, true);
$frmMaintenance = SP_Common::parseParams('p', 'maintenance', false, false, true);
$frmCheckUpdates = SP_Common::parseParams('p', 'updates', false, false, true);
$frmFiles = SP_Common::parseParams('p', 'files_enabled', false, false, true);
$frmGlobalSearch = SP_Common::parseParams('p', 'globalsearch', false, false, true);
$frmAccountLink = SP_Common::parseParams('p', 'account_link', false, false, true);
$frmAccountCount = SP_Common::parseParams('p', 'account_count', 10);
$frmAllowedSize = SP_Common::parseParams('p', 'files_allowed_size', 1024);
$frmAllowedExts = SP_Common::parseParams('p', 'files_allowed_exts');
$frmResultsAsCards = SP_Common::parseParams('p', 'resultsascards', false, false, true);
if ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_GENERAL
|| $actionId === SP\Controller\ActionsInterface::ACTION_CFG_WIKI
|| $actionId === SP\Controller\ActionsInterface::ACTION_CFG_LDAP
|| $actionId === SP\Controller\ActionsInterface::ACTION_CFG_MAIL
) {
$log = SP\Log::newLog(_('Modificar Configuración'));
$frmWiki = SP_Common::parseParams('p', 'wiki_enabled', false, false, true);
$frmWikiSearchUrl = SP_Common::parseParams('p', 'wiki_searchurl');
$frmWikiPageUrl = SP_Common::parseParams('p', 'wiki_pageurl');
$frmWikiFilter = SP_Common::parseParams('p', 'wiki_filter');
if ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_GENERAL) {
// General
$siteLang = SP\Request::analyze('sitelang');
$siteTheme = SP\Request::analyze('sitetheme');
$sessionTimeout = SP\Request::analyze('session_timeout', 300);
$logEnabled = SP\Request::analyze('log_enabled', false, false, true);
$debugEnabled = SP\Request::analyze('debug', false, false, true);
$maintenanceEnabled = SP\Request::analyze('maintenance', false, false, true);
$checkUpdatesEnabled = SP\Request::analyze('updates', false, false, true);
$checkNoticesEnabled = SP\Request::analyze('notices', false, false, true);
$frmLdap = SP_Common::parseParams('p', 'ldap_enabled', false, false, true);
$frmLdapADS = SP_Common::parseParams('p', 'ldap_ads', false, false, true);
$frmLdapServer = SP_Common::parseParams('p', 'ldap_server');
$frmLdapBase = SP_Common::parseParams('p', 'ldap_base');
$frmLdapGroup = SP_Common::parseParams('p', 'ldap_group');
$frmLdapDefaultGroup = SP_Common::parseParams('p', 'ldap_defaultgroup', 0);
$frmLdapDefaultProfile = SP_Common::parseParams('p', 'ldap_defaultprofile', 0);
$frmLdapBindUser = SP_Common::parseParams('p', 'ldap_binduser');
$frmLdapBindPass = SP_Common::parseParams('p', 'ldap_bindpass', '', false, false, false);
SP\Config::setValue('sitelang', $siteLang);
SP\Config::setValue('sitetheme', $siteTheme);
SP\Config::setValue('session_timeout', $sessionTimeout);
SP\Config::setValue('log_enabled', $logEnabled);
SP\Config::setValue('debug', $debugEnabled);
SP\Config::setValue('maintenance', $maintenanceEnabled);
SP\Config::setValue('checkupdates', $checkUpdatesEnabled);
SP\Config::setValue('checknotices', $checkNoticesEnabled);
$frmMail = SP_Common::parseParams('p', 'mail_enabled', false, false, true);
$frmMailServer = SP_Common::parseParams('p', 'mail_server');
$frmMailPort = SP_Common::parseParams('p', 'mail_port', 25);
$frmMailUser = SP_Common::parseParams('p', 'mail_user');
$frmMailPass = SP_Common::parseParams('p', 'mail_pass', '', false, false, false);
$frmMailSecurity = SP_Common::parseParams('p', 'mail_security');
$frmMailFrom = SP_Common::parseParams('p', 'mail_from');
$frmMailRequests = SP_Common::parseParams('p', 'mail_requestsenabled', false, false, true);
$frmMailAuth = SP_Common::parseParams('p', 'mail_authenabled', false, false, true);
// Accounts
$globalSearchEnabled = SP\Request::analyze('globalsearch', false, false, true);
$accountPassToImageEnabled = SP\Request::analyze('account_passtoimage', false, false, true);
$accountLinkEnabled = SP\Request::analyze('account_link', false, false, true);
$accountCount = SP\Request::analyze('account_count', 10);
$resultsAsCardsEnabled = SP\Request::analyze('resultsascards', false, false, true);
if ($frmAccountCount == "all") {
$intAccountCount = 99;
} else {
$intAccountCount = $frmAccountCount;
}
SP\Config::setValue('globalsearch', $globalSearchEnabled);
SP\Config::setValue('account_passtoimage', $accountPassToImageEnabled);
SP\Config::setValue('account_link', $accountLinkEnabled);
SP\Config::setValue('account_count', $accountCount);
SP\Config::setValue('resultsascards', $resultsAsCardsEnabled);
if ($frmWiki && (!$frmWikiSearchUrl || !$frmWikiPageUrl || !$frmWikiFilter)) {
SP_Common::printJSON(_('Faltan parámetros de Wiki'));
} elseif ($frmWiki) {
SP_Config::setValue("wiki_enabled", true);
SP_Config::setValue("wiki_searchurl", $frmWikiSearchUrl);
SP_Config::setValue("wiki_pageurl", $frmWikiPageUrl);
SP_Config::setValue("wiki_filter", $frmWikiFilter);
} else {
SP_Config::setValue("wiki_enabled", false);
}
// Files
$filesEnabled = SP\Request::analyze('files_enabled', false, false, true);
$filesAllowedSize = SP\Request::analyze('files_allowed_size', 1024);
$filesAllowedExts = SP\Request::analyze('files_allowed_exts');
if ($frmLdap && (!$frmLdapServer || !$frmLdapBase || !$frmLdapBindUser)) {
SP_Common::printJSON(_('Faltan parámetros de LDAP'));
} elseif ($frmLdap) {
SP_Config::setValue("ldap_enabled", true);
SP_Config::setValue("ldap_ads", $frmLdapADS);
SP_Config::setValue("ldap_server", $frmLdapServer);
SP_Config::setValue("ldap_base", $frmLdapBase);
SP_Config::setValue("ldap_group", $frmLdapGroup);
SP_Config::setValue("ldap_defaultgroup", $frmLdapDefaultGroup);
SP_Config::setValue("ldap_defaultprofile", $frmLdapDefaultProfile);
SP_Config::setValue("ldap_binduser", $frmLdapBindUser);
SP_Config::setValue("ldap_bindpass", $frmLdapBindPass);
} else {
SP_Config::setValue("ldap_enabled", false);
}
SP\Config::setValue('files_enabled', $filesEnabled);
SP\Config::setValue('files_allowed_size', $filesAllowedSize);
SP\Config::setValue('files_allowed_exts', $filesAllowedExts);
if ($frmMail && (!$frmMailServer || !$frmMailFrom)) {
SP_Common::printJSON(_('Faltan parámetros de Correo'));
} elseif ($frmMail) {
SP_Config::setValue("mail_enabled", true);
SP_Config::setValue("mail_requestsenabled", $frmMailRequests);
SP_Config::setValue("mail_server", $frmMailServer);
SP_Config::setValue("mail_port", $frmMailPort);
SP_Config::setValue("mail_security", $frmMailSecurity);
SP_Config::setValue("mail_from", $frmMailFrom);
if ($frmMailAuth) {
SP_Config::setValue("mail_authenabled", $frmMailAuth);
SP_Config::setValue("mail_user", $frmMailUser);
SP_Config::setValue("mail_pass", $frmMailPass);
if ($filesEnabled && $filesAllowedSize >= 16384) {
SP\Common::printJSON(_('El tamaño máximo por archivo es de 16MB'));
}
} else {
SP_Config::setValue("mail_enabled", false);
SP_Config::setValue("mail_requestsenabled", false);
SP_Config::setValue("mail_authenabled", false);
// Proxy
$proxyEnabled = SP\Request::analyze('proxy_enabled', false, false, true);
$proxyServer = SP\Request::analyze('proxy_server');
$proxyPort = SP\Request::analyze('proxy_port', 0);
$proxyUser = SP\Request::analyze('proxy_user');
$proxyPass = SP\Request::analyze('proxy_pass');
// Valores para Proxy
if ($proxyEnabled && (!$proxyServer || !$proxyPort)) {
SP\Common::printJSON(_('Faltan parámetros de Proxy'));
} elseif ($proxyEnabled) {
SP\Config::setValue('proxy_enabled', true);
SP\Config::setValue('proxy_server', $proxyServer);
SP\Config::setValue('proxy_port', $proxyPort);
SP\Config::setValue('proxy_user', $proxyUser);
SP\Config::setValue('proxy_pass', $proxyPass);
} else {
SP\Config::setValue('proxy_enabled', false);
}
$log->addDescription(_('General'));
} elseif ( $actionId === SP\Controller\ActionsInterface::ACTION_CFG_WIKI ) {
// Wiki
$wikiEnabled = SP\Request::analyze('wiki_enabled', false, false, true);
$wikiSearchUrl = SP\Request::analyze('wiki_searchurl');
$wikiPageUrl = SP\Request::analyze('wiki_pageurl');
$wikiFilter = SP\Request::analyze('wiki_filter');
// Valores para la conexión a la Wiki
if ($wikiEnabled && (!$wikiSearchUrl || !$wikiPageUrl || !$wikiFilter)) {
SP\Common::printJSON(_('Faltan parámetros de Wiki'));
} elseif ($wikiEnabled) {
SP\Config::setValue('wiki_enabled', true);
SP\Config::setValue('wiki_searchurl', $wikiSearchUrl);
SP\Config::setValue('wiki_pageurl', $wikiPageUrl);
SP\Config::setValue('wiki_filter', $wikiFilter);
} else {
SP\Config::setValue('wiki_enabled', false);
}
$log->addDescription(_('Wiki'));
} elseif ( $actionId === SP\Controller\ActionsInterface::ACTION_CFG_LDAP ) {
// LDAP
$ldapEnabled = SP\Request::analyze('ldap_enabled', false, false, true);
$ldapADSEnabled = SP\Request::analyze('ldap_ads', false, false, true);
$ldapServer = SP\Request::analyze('ldap_server');
$ldapBase = SP\Request::analyze('ldap_base');
$ldapGroup = SP\Request::analyze('ldap_group');
$ldapDefaultGroup = SP\Request::analyze('ldap_defaultgroup', 0);
$ldapDefaultProfile = SP\Request::analyze('ldap_defaultprofile', 0);
$ldapBindUser = SP\Request::analyze('ldap_binduser');
$ldapBindPass = SP\Request::analyze('ldap_bindpass', '', false, false, false);
// Valores para la configuración de LDAP
if ($ldapEnabled && (!$ldapServer || !$ldapBase || !$ldapBindUser)) {
SP\Common::printJSON(_('Faltan parámetros de LDAP'));
} elseif ($ldapEnabled) {
SP\Config::setValue('ldap_enabled', true);
SP\Config::setValue('ldap_ads', $ldapADSEnabled);
SP\Config::setValue('ldap_server', $ldapServer);
SP\Config::setValue('ldap_base', $ldapBase);
SP\Config::setValue('ldap_group', $ldapGroup);
SP\Config::setValue('ldap_defaultgroup', $ldapDefaultGroup);
SP\Config::setValue('ldap_defaultprofile', $ldapDefaultProfile);
SP\Config::setValue('ldap_binduser', $ldapBindUser);
SP\Config::setValue('ldap_bindpass', $ldapBindPass);
} else {
SP\Config::setValue('ldap_enabled', false);
}
$log->addDescription(_('LDAP'));
} elseif ( $actionId === SP\Controller\ActionsInterface::ACTION_CFG_MAIL ) {
// Mail
$mailEnabled = SP\Request::analyze('mail_enabled', false, false, true);
$mailServer = SP\Request::analyze('mail_server');
$mailPort = SP\Request::analyze('mail_port', 25);
$mailUser = SP\Request::analyze('mail_user');
$mailPass = SP\Request::analyze('mail_pass', '', false, false, false);
$mailSecurity = SP\Request::analyze('mail_security');
$mailFrom = SP\Request::analyze('mail_from');
$mailRequests = SP\Request::analyze('mail_requestsenabled', false, false, true);
$mailAuth = SP\Request::analyze('mail_authenabled', false, false, true);
// Valores para la configuración del Correo
if ($mailEnabled && (!$mailServer || !$mailFrom)) {
SP\Common::printJSON(_('Faltan parámetros de Correo'));
} elseif ($mailEnabled) {
SP\Config::setValue('mail_enabled', true);
SP\Config::setValue('mail_requestsenabled', $mailRequests);
SP\Config::setValue('mail_server', $mailServer);
SP\Config::setValue('mail_port', $mailPort);
SP\Config::setValue('mail_security', $mailSecurity);
SP\Config::setValue('mail_from', $mailFrom);
if ($mailAuth) {
SP\Config::setValue('mail_authenabled', $mailAuth);
SP\Config::setValue('mail_user', $mailUser);
SP\Config::setValue('mail_pass', $mailPass);
}
} else {
SP\Config::setValue('mail_enabled', false);
SP\Config::setValue('mail_requestsenabled', false);
SP\Config::setValue('mail_authenabled', false);
}
$log->addDescription(_('Correo'));
}
if ($frmAllowedSize > 16384) {
SP_Common::printJSON(_('El tamaño máximo de archivo es de 16MB'));
$log->writeLog();
SP\Email::sendEmail($log);
if ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_GENERAL) {
// Recargar la aplicación completa para establecer nuevos valores
SP\Util::reload();
}
SP_Config::setValue("account_link", $frmAccountLink);
SP_Config::setValue("account_count", $frmAccountCount);
SP_Config::setValue("sitelang", $frmSiteLang);
SP_Config::setValue("session_timeout", $frmSessionTimeout);
SP_Config::setValue("log_enabled", $frmLog);
SP_Config::setValue("debug", $frmDebug);
SP_Config::setValue("maintenance", $frmMaintenance);
SP_Config::setValue("checkupdates", $frmCheckUpdates);
SP_Config::setValue("files_enabled", $frmFiles);
SP_Config::setValue("resultsascards", $frmResultsAsCards);
SP_Config::setValue("globalsearch", $frmGlobalSearch);
SP_Config::setValue("files_allowed_size", $frmAllowedSize);
SP_Config::setValue("files_allowed_exts", $frmAllowedExts);
SP\Common::printJSON(_('Configuración actualizada'), 0, $doActionOnClose);
} elseif ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_ENCRYPTION) {
$currentMasterPass = SP\Request::analyze('curMasterPwd', '', false, false, false);
$newMasterPass = SP\Request::analyze('newMasterPwd', '', false, false, false);
$newMasterPassR = SP\Request::analyze('newMasterPwdR', '', false, false, false);
$confirmPassChange = SP\Request::analyze('confirmPassChange', 0, false, 1);
$noAccountPassChange = SP\Request::analyze('chkNoAccountChange', 0, false, 1);
$message['action'] = _('Modificar Configuración');
SP_Log::wrLogInfo($message);
SP_Common::sendEmail($message);
// Recargar la aplicación completa para establecer nuevos valores
SP_Util::reload();
SP_Common::printJSON(_('Configuración actualizada'), 0, $doActionOnClose);
} elseif ($frmAction == "crypt") {
$currentMasterPass = SP_Common::parseParams('p', 'curMasterPwd', '', false, false, false);
$newMasterPass = SP_Common::parseParams('p', 'newMasterPwd', '', false, false, false);
$newMasterPassR = SP_Common::parseParams('p', 'newMasterPwdR', '', false, false, false);
$confirmPassChange = SP_Common::parseParams('p', 'confirmPassChange', 0, false, 1);
$noAccountPassChange = SP_Common::parseParams('p', 'chkNoAccountChange', 0, false, 1);
if (!SP_Users::checkUserUpdateMPass()) {
SP_Common::printJSON(_('Clave maestra actualizada') . ';;' . _('Reinicie la sesión para cambiarla'));
if (!UserUtil::checkUserUpdateMPass()) {
SP\Common::printJSON(_('Clave maestra actualizada') . ';;' . _('Reinicie la sesión para cambiarla'));
} elseif ($newMasterPass == '' && $currentMasterPass == '') {
SP\Common::printJSON(_('Clave maestra no indicada'));
} elseif ($confirmPassChange == 0) {
SP\Common::printJSON(_('Se ha de confirmar el cambio de clave'));
}
if ($newMasterPass == "" && $currentMasterPass == "") {
SP_Common::printJSON(_('Clave maestra no indicada'));
try {
// Desencriptar con la clave RSA
$CryptPKI = new \SP\CryptPKI();
$clearCurMasterPass = $CryptPKI->decryptRSA(base64_decode($currentMasterPass));
$clearNewMasterPass = $CryptPKI->decryptRSA(base64_decode($newMasterPass));
$clearNewMasterPassR = $CryptPKI->decryptRSA(base64_decode($newMasterPassR));
} catch (Exception $e) {
SP\Common::printJSON(_('Error en clave RSA'));
}
if ($confirmPassChange == 0) {
SP_Common::printJSON(_('Se ha de confirmar el cambio de clave'));
if ($clearNewMasterPass == $clearCurMasterPass) {
SP\Common::printJSON(_('Las claves son idénticas'));
} elseif ($clearNewMasterPass != $clearNewMasterPassR) {
SP\Common::printJSON(_('Las claves maestras no coinciden'));
} elseif (!SP\Crypt::checkHashPass($clearCurMasterPass, SP\Config::getConfigDbValue('masterPwd'))) {
SP\Common::printJSON(_('La clave maestra actual no coincide'));
}
if ($newMasterPass == $currentMasterPass) {
SP_Common::printJSON(_('Las claves son idénticas'));
}
if ($newMasterPass != $newMasterPassR) {
SP_Common::printJSON(_('Las claves maestras no coinciden'));
}
if (!SP_Crypt::checkHashPass($currentMasterPass, SP_Config::getConfigValue("masterPwd"))) {
SP_Common::printJSON(_('La clave maestra actual no coincide'));
}
$hashMPass = SP_Crypt::mkHashPassword($newMasterPass);
$hashMPass = SP\Crypt::mkHashPassword($clearNewMasterPass);
if (!$noAccountPassChange) {
$objAccount = new SP_Account;
$Account = new SP\Account();
if (!$objAccount->updateAllAccountsMPass($currentMasterPass, $newMasterPass)) {
SP_Common::printJSON(_('Errores al actualizar las claves de las cuentas'));
if (!$Account->updateAccountsMasterPass($clearCurMasterPass, $clearNewMasterPass)) {
SP\Common::printJSON(_('Errores al actualizar las claves de las cuentas'));
}
$objAccount->updateAllAccountsHistoryMPass($currentMasterPass, $newMasterPass, $hashMPass);
$AccountHistory = new SP\AccountHistory();
if (!$AccountHistory->updateAccountsMasterPass($clearCurMasterPass, $clearNewMasterPass, $hashMPass)) {
SP\Common::printJSON(_('Errores al actualizar las claves de las cuentas del histórico'));
}
}
if (SP_Util::demoIsEnabled()) {
SP_Common::printJSON(_('Ey, esto es una DEMO!!'));
if (SP\Util::demoIsEnabled()) {
SP\Common::printJSON(_('Ey, esto es una DEMO!!'));
}
SP_Config::$arrConfigValue["masterPwd"] = $hashMPass;
SP_Config::$arrConfigValue["lastupdatempass"] = time();
SP\Config::getConfigDb();
SP\Config::setArrConfigValue('masterPwd', $hashMPass);
SP\Config::setArrConfigValue('lastupdatempass', time());
if (SP_Config::writeConfig()) {
$message['action'] = _('Actualizar Clave Maestra');
if (SP\Config::writeConfigDb()) {
SP\Log::writeNewLogAndEmail(_('Actualizar Clave Maestra'));
SP_Common::sendEmail($message);
SP_Common::printJSON(_('Clave maestra actualizada'), 0);
SP\Common::printJSON(_('Clave maestra actualizada'), 0);
} else {
SP\Common::printJSON(_('Error al guardar el hash de la clave maestra'));
}
SP_Common::printJSON(_('Error al guardar el hash de la clave maestra'));
} elseif ($frmAction == "flpass") {
$passLogin = SP_Config::setFirstLoginPass();
} elseif ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_ENCRYPTION_TEMPPASS) {
$tempMasterMaxTime = SP\Request::analyze('tmpass_maxtime', 3600);
$tempMasterPass = SP\Config::setTempMasterPass($tempMasterMaxTime);
if (!empty($passLogin)){
$message['action'] = _('Generar Clave Temporal');
$message['text'][] = SP_Html::strongText(_('Clave') . ": ") . $passLogin;
if (!empty($tempMasterPass)) {
SP\Email::sendEmail(new \SP\Log(_('Generar Clave Temporal'), SP\Html::strongText(_('Clave') . ': ') . $tempMasterPass));
SP_Common::sendEmail($message);
SP_Common::printJSON(_('Clave Temporal Generada'), 0, $doActionOnClose);
SP\Common::printJSON(_('Clave Temporal Generada'), 0, $doActionOnClose);
}
} else {
SP_Common::printJSON(_('Acción Inválida'));
SP\Common::printJSON(_('Acción Inválida'));
}

205
ajax/ajax_doLogin.php
View File

@@ -1,5 +1,4 @@
<?php
/**
* sysPass
*
@@ -24,149 +23,191 @@
*
*/
use SP\Request;
use SP\SessionUtil;
use SP\UserLdap;
use SP\UserUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Common::parseParams('p', 'login', false)) {
Request::checkReferer('POST');
if (!SP\Request::analyze('login', false)) {
return;
}
$userLogin = SP_Common::parseParams('p', 'user');
$userPass = SP_Common::parseParams('p', 'pass', '', false, false, false);
$masterPass = SP_Common::parseParams('p', 'mpass');
$userLogin = SP\Request::analyze('user');
$userPass = SP\Request::analyze('pass', '', false, false, false);
$masterPass = SP\Request::analyze('mpass');
if (!$userLogin || !$userPass) {
SP_Common::printJSON(_('Usuario/Clave no introducidos'));
SP\Common::printJSON(_('Usuario/Clave no introducidos'));
}
$resLdap = SP_Auth::authUserLDAP($userLogin, $userPass);
try {
$CryptPKI = new \SP\CryptPKI();
$clearUserPass = $CryptPKI->decryptRSA(base64_decode($userPass));
} catch (Exception $e) {
SP\Common::printJSON(_('Error en clave RSA'));
}
$objUser = new SP_Users;
$objUser->userLogin = $userLogin;
$objUser->userPass = $userPass;
$objUser->userName = SP_Auth::$userName;
$objUser->userEmail = SP_Auth::$userEmail;
$User = new SP\User();
$User->setUserLogin($userLogin);
$User->setUserPass($clearUserPass);
if ($resLdap = SP\Auth::authUserLDAP($userLogin, $clearUserPass)) {
$User->setUserName(SP\Auth::$userName);
$User->setUserEmail(SP\Auth::$userEmail);
}
$Log = new \SP\Log(_('Inicio sesión'));
// Autentificamos por LDAP
if ($resLdap === true) {
$message['action'] = _('Inicio sesión (LDAP)');
$Log->addDescription('(LDAP)');
$Log->addDescription(sprintf('%s : %s', _('Servidor Login'), \SP\Ldap::getLdapServer()));
// Verificamos si el usuario existe en la BBDD
if (!$objUser->checkLDAPUserInDB()) {
if (!UserLdap::checkLDAPUserInDB($userLogin)) {
// Creamos el usuario de LDAP en MySQL
if (!$objUser->newUserLDAP()) {
$message['text'][] = _('Error al guardar los datos de LDAP');
SP_Log::wrLogInfo($message);
if (!\SP\UserLdap::newUserLDAP($User)) {
$Log->addDescription(_('Error al guardar los datos de LDAP'));
$Log->writeLog();
SP_Common::printJSON(_('Error interno'));
SP\Common::printJSON(_('Error interno'));
}
} else {
// Actualizamos la clave del usuario en MySQL
if (!$objUser->updateLDAPUserInDB()) {
$message['text'][] = _('Error al actualizar la clave del usuario en la BBDD');
SP_Log::wrLogInfo($message);
if (!UserLdap::updateLDAPUserInDB($User)) {
$Log->addDescription(_('Error al actualizar la clave del usuario en la BBDD'));
$Log->writeLog();
SP_Common::printJSON(_('Error interno'));
SP\Common::printJSON(_('Error interno'));
}
}
} else if ($resLdap == 49) {
$message['action'] = _('Inicio sesión (LDAP)');
$message['text'][] = _('Login incorrecto');
$message['text'][] = _('Usuario') . ": " . $userLogin;
SP_Log::wrLogInfo($message);
$Log->addDescription('(LDAP)');
$Log->addDescription(_('Login incorrecto'));
$Log->addDescription(_('Usuario') . ": " . $userLogin);
$Log->writeLog();
SP_Common::printJSON(_('Usuario/Clave incorrectos'));
SP\Common::printJSON(_('Usuario/Clave incorrectos'));
} else if ($resLdap === 701) {
$message['action'] = _('Inicio sesión (LDAP)');
$message['text'][] = _('Cuenta expirada');
$message['text'][] = _('Usuario') . ": " . $userLogin;
SP_Log::wrLogInfo($message);
$Log->addDescription('(LDAP)');
$Log->addDescription(_('Cuenta expirada'));
$Log->addDescription(_('Usuario') . ": " . $userLogin);
$Log->writeLog();
SP_Common::printJSON(_('Cuenta expirada'));
SP\Common::printJSON(_('Cuenta expirada'));
} else if ($resLdap === 702) {
$message['action'] = _('Inicio sesión (LDAP)');
$message['text'][] = _('El usuario no tiene grupos asociados');
$message['text'][] = _('Usuario') . ": " . $userLogin;
SP_Log::wrLogInfo($message);
$Log->addDescription('(LDAP)');
$Log->addDescription(_('El usuario no tiene grupos asociados'));
$Log->addDescription(_('Usuario') . ": " . $userLogin);
$Log->writeLog();
SP_Common::printJSON(_('Usuario/Clave incorrectos'));
SP\Common::printJSON(_('Usuario/Clave incorrectos'));
} else { // Autentificamos por MySQL (ha fallado LDAP)
$message['action'] = _('Inicio sesión (MySQL)');
$Log->resetDescription();
$Log->addDescription('(MySQL)');
// Autentificamos con la BBDD
if (!SP_Auth::authUserMySQL($userLogin, $userPass)) {
$message['text'][] = _('Login incorrecto');
$message['text'][] = _('Usuario') . ": " . $userLogin;
SP_Log::wrLogInfo($message);
if (!SP\Auth::authUserMySQL($userLogin, $clearUserPass)) {
$Log->addDescription(_('Login incorrecto'));
$Log->addDescription(_('Usuario') . ": " . $userLogin);
$Log->writeLog();
SP_Common::printJSON(_('Usuario/Clave incorrectos'));
SP\Common::printJSON(_('Usuario/Clave incorrectos'));
}
}
// Comprobar si el usuario está deshabilitado
if (SP_Users::checkUserIsDisabled($userLogin)) {
$message['text'][] = _('Usuario deshabilitado');
$message['text'][] = _('Usuario') . ": " . $userLogin;
SP_Log::wrLogInfo($message);
if (UserUtil::checkUserIsDisabled($userLogin)) {
$Log->addDescription(_('Usuario deshabilitado'));
$Log->addDescription(_('Usuario') . ": " . $userLogin);
$Log->writeLog();
SP_Common::printJSON(_('Usuario deshabilitado'));
SP\Common::printJSON(_('Usuario deshabilitado'));
}
// Obtenemos los datos del usuario
if (!$objUser->getUserInfo()) {
$message['text'][] = _('Error al obtener los datos del usuario de la BBDD');
SP_Log::wrLogInfo($message);
if (!$User->getUserInfo()) {
$Log->addDescription(_('Error al obtener los datos del usuario de la BBDD'));
$Log->writeLog();
SP_Common::printJSON(_('Error interno'));
SP\Common::printJSON(_('Error interno'));
}
// Comprobamos que la clave maestra del usuario es correcta y está actualizada
if (!$masterPass && (!$objUser->checkUserMPass() || !SP_Users::checkUserUpdateMPass($userLogin))) {
SP_Common::printJSON(_('La clave maestra no ha sido guardada o es incorrecta'), 3);
if (!$masterPass
&& (!UserUtil::checkUserMPass($User) || !UserUtil::checkUserUpdateMPass($userLogin))
) {
SP\Common::printJSON(_('La clave maestra no ha sido guardada o es incorrecta'), 3);
} elseif ($masterPass) {
if(SP_Config::checkFirstLoginPass($masterPass)){
$masterPass = SP_Config::getFirstLoginPass($masterPass);
$clearMasterPass = $CryptPKI->decryptRSA(base64_decode($masterPass));
if (SP\Config::checkTempMasterPass($clearMasterPass)) {
$clearMasterPass = SP\Config::getTempMasterPass($clearMasterPass);
}
if (!$objUser->updateUserMPass($masterPass)) {
$message['text'][] = _('Clave maestra incorrecta');
SP_Log::wrLogInfo($message);
if (!$User->updateUserMPass($clearMasterPass)) {
$Log->addDescription(_('Clave maestra incorrecta'));
$Log->writeLog();
SP_Common::printJSON(_('Clave maestra incorrecta'), 4);
SP\Common::printJSON(_('Clave maestra incorrecta'), 4);
}
}
// Comprobar si se ha forzado un cambio de clave
if ($objUser->userChangePass) {
$hash = SP_Util::generate_random_bytes();
if ($User->isUserChangePass()) {
$hash = SP\Util::generate_random_bytes();
if (SP_Users::addPassRecover($userLogin, $hash)) {
$url = SP_Init::$WEBURI . '/index.php?a=passreset&h=' . $hash . '&t=' . time() . '&f=1';
SP_Common::printJSON($url, 0);
if (UserUtil::addPassRecover($userLogin, $hash)) {
$url = SP\Init::$WEBURI . '/index.php?a=passreset&h=' . $hash . '&t=' . time() . '&f=1';
SP\Common::printJSON($url, 0);
}
}
// Obtenemos la clave maestra del usuario
if ($objUser->getUserMPass()) {
// Establecemos las variables de sesión
$objUser->setUserSession();
if ($User->getUserMPass()) {
// Actualizar el último login del usuario
UserUtil::setUserLastLogin($User->getUserId());
$message['text'][] = _('Usuario') . ": " . $userLogin;
$message['text'][] = _('Perfil') . ": " . SP_Profiles::getProfileNameById($objUser->userProfileId);
$message['text'][] = _('Grupo') . ": " . SP_Groups::getGroupNameById($objUser->userGroupId);
// Cargar las variables de sesión del usuario
SessionUtil::loadUserSession($User);
SP_Log::wrLogInfo($message);
$Log->addDescription(sprintf('%s : %s', _('Usuario'), $userLogin));
$Log->addDescription(sprintf('%s : %s', _('Perfil'), SP\Profile::getProfileNameById($User->getUserProfileId())));
$Log->addDescription(sprintf('%s : %s', _('Grupo'), SP\Groups::getGroupNameById($User->getUserGroupId())));
$Log->writeLog();
} else {
SP\Common::printJSON(_('Error interno'));
}
// Comprobar si existen parámetros adicionales en URL via GET
foreach ($_POST as $param => $value) {
if (preg_match('/g_.*/', $param)) {
$params[] = substr($param, 2) . '=' . $value;
}
$userPrefs = new \SP\UserPreferences();
$prefs = $userPrefs->getPreferences($User->getUserId());
if ($prefs->isUse2Fa()) {
SP\Session::set2FApassed(false);
$url = SP\Init::$WEBURI . '/index.php?a=2fa&i=' . $User->getUserId() . '&t=' . time() . '&f=1';
SP\Common::printJSON($url, 0);
} else {
SP\Session::set2FApassed(true);
}
$params = array();
// Comprobar si existen parámetros adicionales en URL via POST para pasarlos por GET
foreach ($_POST as $param => $value) {
\SP\Html::sanitize($param);
\SP\Html::sanitize($value);
if (!strncmp($param, 'g_', 2)) {
$params[] = substr($param, 2) . '=' . $value;
}
}
$urlParams = isset($params) ? '?' . implode('&', $params) : '';
$urlParams = (count($params) > 0) ? '?' . implode('&', $params) : '';
SP_Common::printJSON('index.php' . $urlParams, 0);
}
SP\Common::printJSON('index.php' . $urlParams, 0);

81
ajax/ajax_eventlog.php
View File

@@ -1,50 +1,49 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
use SP\Request;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
SP_Util::logout();
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Util::logout();
}
SP_ACL::checkUserAccess('eventlog') || SP_Html::showCommonError('unavailable');
$start = SP\Request::analyze('start', 0);
$clear = SP\Request::analyze('clear', 0);
$sk = SP\Request::analyze('sk', false);
$start = SP_Common::parseParams('p', 'start', 0);
$clear = SP_Common::parseParams('p', 'clear', 0);
$sk = SP_Common::parseParams('p', 'sk', false);
if ($clear && $sk && SP_Common::checkSessionKey($sk)) {
if (SP_Log::clearEvents()) {
SP_Common::printJSON(_('Registro de eventos vaciado'), 0, "doAction('eventlog');scrollUp();");
} else {
SP_Common::printJSON(_('Error al vaciar el registro de eventos'));
}
}
$tplvars = array('start' => $start);
SP_Html::getTemplate('eventlog', $tplvars);
$tpl = new SP\Template();
$tpl->assign('limitStart', $start);
$tpl->assign('clear', $clear);
$tpl->assign('sk', $sk);
$controller = new SP\Controller\EventlogC($tpl);
$controller->checkClear();
$controller->getEventlog();
echo $tpl->render();

131
ajax/ajax_files.php
View File

@@ -1,12 +1,11 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
@@ -23,44 +22,53 @@
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
// TODO: comprobar permisos para eliminar archivos
use SP\Request;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
SP_Util::logout();
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Util::logout();
}
$sk = SP_Common::parseParams('p', 'sk', false);
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP_Common::checkSessionKey($sk)) {
if (!$sk || !SP\Common::checkSessionKey($sk)) {
die(_('CONSULTA INVÁLIDA'));
}
if (!SP_Util::fileIsEnabled()) {
if (!SP\Util::fileIsEnabled()) {
exit(_('Gestión de archivos deshabilitada'));
}
$action = SP_Common::parseParams('p', 'action');
$accountId = SP_Common::parseParams('p', 'accountId', 0);
$fileId = SP_Common::parseParams('p', 'fileId', 0);
$action = SP\Request::analyze('action');
$accountId = SP\Request::analyze('accountId', 0);
$fileId = SP\Request::analyze('fileId', 0);
$log = new \SP\Log();
if ($action == 'upload') {
if (!is_array($_FILES["inFile"]) || !$accountId === 0) {
exit();
}
$allowedExts = strtoupper(SP_Config::getValue('files_allowed_exts'));
$allowedSize = SP_Config::getValue('files_allowed_size');
$log->setAction(_('Subir Archivo'));
$allowedExts = strtoupper(SP\Config::getValue('files_allowed_exts'));
$allowedSize = SP\Config::getValue('files_allowed_size');
if ($allowedExts) {
// Extensiones aceptadas
$extsOk = explode(",", $allowedExts);
} else {
exit(_('No hay extensiones permitidas'));
$log->addDescription(_('No hay extensiones permitidas'));
$log->writeLog();
exit($log->getDescription());
}
if (is_array($_FILES) && $_FILES['inFile']['name']) {
@@ -68,45 +76,61 @@ if ($action == 'upload') {
$fileData['extension'] = strtoupper(pathinfo($_FILES['inFile']['name'], PATHINFO_EXTENSION));
if (!in_array($fileData['extension'], $extsOk)) {
exit(_('Tipo de archivo no soportado') . " '" . $fileData['extension'] . "' ");
$log->addDescription(_('Tipo de archivo no soportado') . " '" . $fileData['extension'] . "' ");
$log->writeLog();
exit($log->getDescription());
}
} else {
exit(_('Archivo inválido') . ":<br>" . $_FILES['inFile']['name']);
$log->addDescription(_('Archivo inválido') . ":<br>" . $_FILES['inFile']['name']);
$log->writeLog();
exit($log->getDescription());
}
// Variables con información del archivo
$fileData['name'] = SP_Html::sanitize($_FILES['inFile']['name']);
$tmpName = SP_Html::sanitize($_FILES['inFile']['tmp_name']);
$fileData['name'] = SP\Html::sanitize($_FILES['inFile']['name']);
$tmpName = SP\Html::sanitize($_FILES['inFile']['tmp_name']);
$fileData['size'] = $_FILES['inFile']['size'];
$fileData['type'] = $_FILES['inFile']['type'];
if (!file_exists($tmpName)) {
// Registramos el máximo tamaño permitido por PHP
SP_Util::getMaxUpload();
SP\Util::getMaxUpload();
exit(_('Error interno al leer el archivo'));
$log->addDescription(_('Error interno al leer el archivo'));
$log->writeLog();
exit($log->getDescription());
}
if ($fileData['size'] > ($allowedSize * 1000)) {
exit(_('El archivo es mayor de ') . " " . round(($allowedSize / 1000), 1) . "MB");
$log->addDescription(_('El archivo es mayor de ') . " " . round(($allowedSize / 1000), 1) . "MB");
$log->writeLog();
exit($log->getDescription());
}
// Leemos el archivo a una variable
$fileData['content'] = file_get_contents($tmpName);
if ($fileData['content'] === false) {
$message['action'] = _('Subir Archivo');
$message['text'][] = _('Error interno al leer el archivo');
$log->addDescription(_('Error interno al leer el archivo'));
$log->writeLog();
SP_Log::wrLogInfo($message);
exit(_('Error interno al leer el archivo'));
exit($log->getDescription());
}
if (SP_Files::fileUpload($accountId, $fileData)) {
exit(_('Archivo guardado'));
if (SP\Files::fileUpload($accountId, $fileData)) {
$log->addDescription(_('Archivo guardado'));
$log->writeLog();
exit($log->getDescription());
} else {
exit(_('No se pudo guardar el archivo'));
$log->addDescription(_('No se pudo guardar el archivo'));
$log->writeLog();
exit($log->getDescription());
}
}
@@ -118,7 +142,7 @@ if ($action == 'download' || $action == 'view') {
$isView = ($action == 'view') ? true : false;
$file = SP_Files::fileDownload($fileId);
$file = SP\Files::fileDownload($fileId);
if (!$file) {
exit(_('El archivo no existe'));
@@ -130,15 +154,15 @@ if ($action == 'download' || $action == 'view') {
$fileExt = $file->accfile_extension;
$fileData = $file->accfile_content;
$message['action'] = _('Descargar Archivo');
$message['text'][] = _('ID') . ": " . $fileId;
$message['text'][] = _('Archivo') . ": " . $fileName;
$message['text'][] = _('Tipo') . ": " . $fileType;
$message['text'][] = _('Tamaño') . ": " . round($fileSize / 1024, 2) . " KB";
$log->setAction(_('Descargar Archivo'));
$log->addDescription(_('ID') . ": " . $fileId);
$log->addDescription(_('Archivo') . ": " . $fileName);
$log->addDescription(_('Tipo') . ": " . $fileType);
$log->addDescription(_('Tamaño') . ": " . round($fileSize / 1024, 2) . " KB");
if (!$isView) {
SP_Log::wrLogInfo($message);
$log->writeLog();
// Enviamos el archivo al navegador
header('Set-Cookie: fileDownload=true; path=/');
header('Cache-Control: max-age=60, must-revalidate');
@@ -151,17 +175,18 @@ if ($action == 'download' || $action == 'view') {
exit($fileData);
} else {
$extsOkImg = array("JPG", "GIF", "PNG");
if (in_array(strtoupper($fileExt), $extsOkImg)) {
SP_Log::wrLogInfo($message);
$log->writeLog();
$imgData = chunk_split(base64_encode($fileData));
exit('<img src="data:' . $fileType . ';base64, ' . $imgData . '" border="0" />');
// } elseif ( strtoupper($fileExt) == "PDF" ){
// echo '<object data="data:application/pdf;base64, '.base64_encode($fileData).'" type="application/pdf"></object>';
} elseif (strtoupper($fileExt) == "TXT") {
SP_Log::wrLogInfo($message);
exit('<div id="fancyView" class="backGrey"><pre>' . $fileData . '</pre></div>');
$log->writeLog();
exit('<div id="fancyView" class="backGrey"><pre>' . htmlentities($fileData) . '</pre></div>');
} else {
exit();
}
@@ -174,9 +199,15 @@ if ($action == "delete") {
exit(_('No es un ID de archivo válido'));
}
if (SP_Files::fileDelete($fileId)) {
exit(_('Archivo eliminado'));
if (SP\Files::fileDelete($fileId)) {
$log->addDescription(_('Archivo eliminado'));
$log->writeLog();
exit($log->getDescription());
} else {
exit(_('Error al eliminar el archivo'));
$log->addDescription(_('Error al eliminar el archivo'));
$log->writeLog();
exit($log->getDescription());
}
}

508
ajax/ajax_getContent.php
View File

@@ -1,5 +1,4 @@
<?php
/**
* sysPass
*
@@ -23,385 +22,158 @@
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
use SP\Request;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
SP_Util::logout();
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Util::logout();
}
SP_Util::checkReload();
SP\Util::checkReload();
if (SP_Common::parseParams('p', 'action', '', true)) {
$action = $tplvars['action'] = SP_Common::parseParams('p', 'action');
$itemId = $tplvars['id'] = SP_Common::parseParams('p', 'id', 0);
$tplvars['lastaction'] = filter_var(SP_Common::parseParams('p', 'lastAction', 'accsearch', false, false, false), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH);
} else {
if (!SP\Request::analyze('actionId', 0, true)) {
die('<div class="error">' . _('Parámetros incorrectos') . '</DIV>');
}
switch ($action) {
case "accsearch":
SP_Account::$accountSearchTxt = SP_Common::parseParams('s', 'accountSearchTxt');
SP_Account::$accountSearchCustomer = SP_Common::parseParams('s', 'accountSearchCustomer');
SP_Account::$accountSearchCategory = SP_Common::parseParams('s', 'accountSearchCategory', 0);
SP_Account::$accountSearchOrder = SP_Common::parseParams('s', 'accountSearchOrder', 0);
SP_Account::$accountSearchKey = SP_Common::parseParams('s', 'accountSearchKey', 0);
$actionId = SP\Request::analyze('actionId');
$itemId = SP\Request::analyze('itemId', 0);
$lastAction = SP\Request::analyze('lastAction', \SP\Controller\ActionsInterface::ACTION_ACC_SEARCH);
SP_Html::getTemplate('search', $tplvars);
break;
case "accnew":
SP_ACL::checkUserAccess($action) || SP_Html::showCommonError('unavailable');
SP_Users::checkUserUpdateMPass() || SP_Html::showCommonError('updatempass');
$tpl = new SP\Template();
$tpl->assign('actionId', $actionId);
$tpl->assign('id', $itemId);
$tpl->assign('activeTabId', $itemId);
$tpl->assign('queryTimeStart', microtime());
$tpl->assign('userId', SP\Session::getUserId());
$tpl->assign('userGroupId', SP\Session::getUserGroupId());
$tpl->assign('userIsAdminApp', SP\Session::getUserIsAdminApp());
$tpl->assign('userIsAdminAcc', SP\Session::getUserIsAdminAcc());
$tpl->assign('themeUri', \SP\Init::$THEMEURI);
SP_Html::getTemplate('accounts', $tplvars);
break;
case "acccopy":
SP_ACL::checkUserAccess($action) || SP_Html::showCommonError('unavailable');
SP_Users::checkUserUpdateMPass() || SP_Html::showCommonError('updatempass');
// Control de ruta de acciones
if ($actionId != \SP\Controller\ActionsInterface::ACTION_ACC_SEARCH) {
$actionsPath = &$_SESSION['actionsPath'];
$actionsPath[] = $actionId;
$actions = count($actionsPath);
SP_Html::getTemplate('accounts', $tplvars);
break;
case "accedit":
SP_ACL::checkUserAccess($action) || SP_Html::showCommonError('unavailable');
SP_Users::checkUserUpdateMPass() || SP_Html::showCommonError('updatempass');
SP_Html::getTemplate('accounts', $tplvars);
break;
case "acceditpass":
SP_ACL::checkUserAccess($action) || SP_Html::showCommonError('unavailable');
SP_Users::checkUserUpdateMPass() || SP_Html::showCommonError('updatempass');
SP_Html::getTemplate('editpass', $tplvars);
break;
case "accview":
SP_ACL::checkUserAccess($action) || SP_Html::showCommonError('unavailable');
SP_Html::getTemplate('accounts', $tplvars);
break;
case "accviewhistory":
SP_ACL::checkUserAccess($action) || SP_Html::showCommonError('unavailable');
SP_Html::getTemplate('accounts', $tplvars);
break;
case "accdelete":
SP_ACL::checkUserAccess($action) || SP_Html::showCommonError('unavailable');
SP_Html::getTemplate('accounts', $tplvars);
break;
case "accrequest":
SP_Html::getTemplate('request', $tplvars);
break;
case "usersmenu":
echo '<DIV ID="tabs">';
echo '<UL>';
echo (SP_ACL::checkUserAccess("users")) ? '<LI><A HREF="#tabs-1" TITLE="' . _('Gestión de Usuarios') . '">' . _('Gestión de Usuarios') . '</A></LI>' : '';
echo (SP_ACL::checkUserAccess("groups")) ? '<LI><A HREF="#tabs-2" TITLE="' . _('Gestión de Grupos') . '">' . _('Gestión de Grupos') . '</A></LI>' : '';
echo (SP_ACL::checkUserAccess("profiles")) ? '<LI><A HREF="#tabs-3" TITLE="' . _('Gestión de Perfiles') . '">' . _('Gestión de Perfiles') . '</A></LI>' : '';
echo '</UL>';
$activeTab = 0;
if (SP_ACL::checkUserAccess("users")) {
$arrUsersTableProp = array(
'tblId' => 'tblUsers',
'header' => '',
'tblHeaders' => array(
_('Nombre'),
_('Login'),
_('Perfil'),
_('Grupo'),
_('Propiedades')),
'tblRowSrc' => array(
'user_name',
'user_login',
'userprofile_name',
'usergroup_name', array(
'user_isAdminApp' => array('img_file' => 'check_blue.png', 'img_title' => _('Admin Aplicación')),
'user_isAdminAcc' => array('img_file' => 'check_orange.png', 'img_title' => _('Admin Cuentas')),
'user_isLdap' => array('img_file' => 'ldap.png', 'img_title' => _('Usuario de LDAP')),
'user_isDisabled' => array('img_file' => 'disabled.png', 'img_title' => _('Deshabilitado'))
)
),
'tblRowSrcId' => 'user_id',
'frmId' => 'frm_tblusers',
'onCloseAction' => $action,
'actionId' => 1,
'newActionId' => 2,
'activeTab' => $activeTab++,
'actions' => array(
'new' => array('title' => _('Nuevo Usuario'), 'action' => 'appMgmtData'),
'view' => array('title' => _('Ver Detalles de Usuario'), 'action' => 'appMgmtData'),
'edit' => array('title' => _('Editar Usuario'), 'action' => 'appMgmtData'),
'del' => array('title' => _('Eliminar Usuario'), 'action' => 'appMgmtSave'),
'pass' => array('title' => _('Cambiar Clave de Usuario'), 'action' => 'usrUpdPass')
)
);
echo '<DIV ID="tabs-1">';
$startTime = microtime();
$users = SP_Users::getUsers();
if ($users) {
SP_Html::getQueryTable($arrUsersTableProp, $users);
SP_Html::printQueryInfoBar(count($users), $startTime);
}
echo '</DIV>';
}
if (SP_ACL::checkUserAccess("groups")) {
$arrGroupsTableProp = array(
'tblId' => 'tblGroups',
'header' => '',
'tblHeaders' => array(_('Nombre'), _('Descripción')),
'tblRowSrc' => array('usergroup_name', 'usergroup_description'),
'tblRowSrcId' => 'usergroup_id',
'frmId' => 'frm_tblgroups',
'onCloseAction' => $action,
'actionId' => 3,
'newActionId' => 4,
'activeTab' => $activeTab++,
'actions' => array(
'new' => array('title' => _('Nuevo Grupo'), 'action' => 'appMgmtData'),
'edit' => array('title' => _('Editar Grupo'), 'action' => 'appMgmtData'),
'del' => array('title' => _('Eliminar Grupo'), 'action' => 'appMgmtSave')
)
);
echo '<DIV ID="tabs-2">';
$startTime = microtime();
$groups = SP_Groups::getGroups();
if ($groups) {
SP_Html::getQueryTable($arrGroupsTableProp, $groups);
SP_Html::printQueryInfoBar(count($groups), $startTime);
}
echo '</DIV>';
}
if (SP_ACL::checkUserAccess("profiles")) {
$arrProfilesTableProp = array(
'tblId' => 'tblProfiles',
'header' => '',
'tblHeaders' => array(_('Nombre')),
'tblRowSrc' => array('userprofile_name'),
'tblRowSrcId' => 'userprofile_id',
'frmId' => 'frm_tblprofiles',
'onCloseAction' => $action,
'actionId' => 5,
'newActionId' => 6,
'activeTab' => $activeTab++,
'actions' => array(
'new' => array('title' => _('Nuevo Perfil'), 'action' => 'appMgmtData'),
'edit' => array('title' => _('Editar Perfil'), 'action' => 'appMgmtData'),
'del' => array('title' => _('Eliminar Perfil'), 'action' => 'appMgmtSave')
)
);
echo '<DIV ID="tabs-3">';
$startTime = microtime();
$profiles = SP_Profiles::getProfiles();
if ($profiles) {
SP_Html::getQueryTable($arrProfilesTableProp, $profiles);
SP_Html::printQueryInfoBar(count($profiles), $startTime);
}
echo '</DIV>';
}
echo '</DIV>';
echo '<script>
$("#tabs").tabs({
active: ' . $itemId . ',
create: function( event, ui ) {$("input:visible:first").focus();},
activate: function( event, ui ) {
setContentSize();
}
});
</script>';
break;
case "appmgmtmenu":
echo '<DIV ID="tabs">';
echo '<UL>';
echo (SP_ACL::checkUserAccess("categories")) ? '<LI><A HREF="#tabs-1" TITLE="' . _('Gestión de Categorías') . '">' . _('Gestión de Categorías') . '</A></LI>' : '';
echo (SP_ACL::checkUserAccess("customers")) ? '<LI><A HREF="#tabs-2" TITLE="' . _('Gestión de Clientes') . '">' . _('Gestión de Clientes') . '</A></LI>' : '';
echo '</UL>';
$activeTab = 0;
if (SP_ACL::checkUserAccess("categories")) {
$arrCategoriesTableProp = array(
'tblId' => 'tblCategories',
'header' => '',
'tblHeaders' => array(_('Nombre'), _('Descripción')),
'tblRowSrc' => array('category_name', 'category_description'),
'tblRowSrcId' => 'category_id',
'frmId' => 'frm_tblcategories',
'onCloseAction' => $action,
'actionId' => 9,
'newActionId' => 10,
'activeTab' => $activeTab++,
'actions' => array(
'new' => array('title' => _('Nueva Categoría'), 'action' => 'appMgmtData'),
'edit' => array('title' => _('Editar Categoría'), 'action' => 'appMgmtData'),
'del' => array('title' => _('Eliminar Categoría'), 'action' => 'appMgmtSave')
)
);
echo '<DIV ID="tabs-1">';
$startTime = microtime();
$categories = SP_Category::getCategories();
if ($categories !== false) {
SP_Html::getQueryTable($arrCategoriesTableProp, $categories);
SP_Html::printQueryInfoBar(count($categories), $startTime);
}
echo '</DIV>';
}
if (SP_ACL::checkUserAccess("customers")) {
$arrCustomersTableProp = array(
'tblId' => 'tblCustomers',
'header' => '',
'tblHeaders' => array(_('Nombre'), _('Descripción')),
'tblRowSrc' => array('customer_name', 'customer_description'),
'tblRowSrcId' => 'customer_id',
'frmId' => 'frm_tblcustomers',
'onCloseAction' => $action,
'actionId' => 7,
'newActionId' => 8,
'activeTab' => $activeTab++,
'actions' => array(
'new' => array('title' => _('Nuevo Cliente'), 'action' => 'appMgmtData'),
'edit' => array('title' => _('Editar Cliente'), 'action' => 'appMgmtData'),
'del' => array('title' => _('Eliminar Cliente'), 'action' => 'appMgmtSave')
)
);
echo '<DIV ID="tabs-2">';
$startTime = microtime();
$customers = SP_Customer::getCustomers();
if ($customers !== false) {
SP_Html::getQueryTable($arrCustomersTableProp, $customers);
SP_Html::printQueryInfoBar(count($customers), $startTime);
}
echo '</DIV>';
}
echo '</DIV>';
echo '<script>
$("#tabs").tabs({
active: ' . $itemId . ',
create: function( event, ui ) {$("input:visible:first").focus();},
activate: function( event, ui ) {
setContentSize();
$("input:visible:first").focus();
}
});
</script>';
break;
case "configmenu":
echo '<DIV ID="tabs">';
echo '<UL>';
echo (SP_ACL::checkUserAccess("config")) ? '<LI><A HREF="#tabs-1" TITLE="' . _('Configuración') . '">' . _('Configuración') . '</A></LI>' : '';
echo (SP_ACL::checkUserAccess("masterpass")) ? '<LI><A HREF="#tabs-2" TITLE="' . _('Clave Maestra') . '">' . _('Clave Maestra') . '</A></LI>' : '';
echo (SP_ACL::checkUserAccess("backup")) ? '<LI><A HREF="#tabs-3" TITLE="' . _('Copia de Seguridad') . '">' . _('Copia de Seguridad') . '</A></LI>' : '';
echo (SP_ACL::checkUserAccess("config")) ? '<LI><A HREF="#tabs-4" TITLE="' . _('Importar cuentas desde fuentes externas') . '">' . _('Importar Cuentas') . '</A></LI>' : '';
echo '</UL>';
$tplvars['activeTab'] = 0;
$tplvars['onCloseAction'] = $action;
if (SP_ACL::checkUserAccess("config")) {
echo '<DIV ID="tabs-1">';
SP_Html::getTemplate('config', $tplvars);
echo '</DIV>';
}
if (SP_ACL::checkUserAccess("masterpass")) {
$tplvars['activeTab']++;
echo '<DIV ID="tabs-2">';
SP_Html::getTemplate('masterpass', $tplvars);
echo '</DIV>';
}
if (SP_ACL::checkUserAccess("backup")) {
$tplvars['activeTab']++;
echo '<DIV ID="tabs-3">';
SP_Html::getTemplate('backup', $tplvars);
echo '</DIV>';
}
if (SP_ACL::checkUserAccess("config")) {
$tplvars['activeTab']++;
echo '<DIV ID="tabs-4">';
SP_Html::getTemplate('migrate', $tplvars);
echo '</DIV>';
}
echo '</DIV>';
echo '<script>
$("#tabs").tabs({
active: ' . $itemId . ',
create: function( event, ui ) {$("input:visible:first").focus();},
activate: function( event, ui ) {
setContentSize();
$("input:visible:first").focus();
}
});
</script>';
break;
case "eventlog":
SP_ACL::checkUserAccess($action) || SP_Html::showCommonError('unavailable');
SP_Html::getTemplate('eventlog', $tplvars);
break;
}
if (isset($_SESSION["uisadminapp"]) && SP_Config::getValue('debug')) {
$time_stop = SP_Init::microtime_float();
$time = ($time_stop - $time_start);
$memEnd = memory_get_usage();
$debugTxt[] = "<div ID= 'debuginfo' class='round'>";
$debugTxt[] = "<h3>DEBUG INFO</h3>";
$debugTxt[] = "<ul>";
$debugTxt[] = "<li>RENDER -> " . $time . " sec</li>";
$debugTxt[] = "<li>MEM -> Init: " . ($memInit / 1000) . " KB - End: " . ($memEnd / 1000) . " KB - Total: " . (($memEnd - $memInit) / 1000) . " KB</li>";
$debugTxt[] = "<li>SESSION:";
$debugTxt[] = "<pre>" . print_r($_SESSION, true) . "</pre";
$debugTxt[] = "</li>";
// $debugTxt[] = "<li>Master Pass: " . SP_Crypt::getSessionMasterPass() ."</li>";
$debugTxt[] = "<li>CONFIG:<pre>";
$debugTxt[] = "<pre>" . print_r(SP_Config::getKeys(true), true) . "</pre>";
$debugTxt[] = "</li>";
$debugTxt[] = "</div>";
foreach ($debugTxt as $out) {
echo $out;
// Se eliminan las acciones ya realizadas
if ($actions > 2 && $actionsPath[$actions - 3] == $actionId) {
unset($actionsPath[$actions - 3]);
unset($actionsPath[$actions - 2]);
$actionsPath = array_values($actionsPath);
$actions = count($actionsPath);
}
$tpl->assign('lastAction', $actionsPath[$actions - 2]);
}
// Se comprueba si hay actualizaciones.
// Es necesario que se haga al final de obtener el contenido ya que la
// consulta ajax detiene al resto si se ejecuta antes
if ($_SESSION['uisadminapp'] && SP_Config::getValue('checkupdates') === true && !SP_Common::parseParams('s', 'UPDATED', false, true)) {
echo '<script>checkUpds();</script>';
}
switch ($actionId) {
case \SP\Controller\ActionsInterface::ACTION_ACC_SEARCH:
$_SESSION['actionsPath'] = array(\SP\Controller\ActionsInterface::ACTION_ACC_SEARCH);
$tpl->assign('lastAction', $lastAction);
$controller = new SP\Controller\SearchC($tpl);
$controller->getSearchBox();
$controller->getSearch();
break;
case \SP\Controller\ActionsInterface::ACTION_ACC_NEW:
$controller = new SP\Controller\AccountC($tpl, null, $itemId);
$controller->getNewAccount();
break;
case \SP\Controller\ActionsInterface::ACTION_ACC_COPY:
$controller = new SP\Controller\AccountC($tpl, null, $itemId);
$controller->getCopyAccount();
break;
case \SP\Controller\ActionsInterface::ACTION_ACC_EDIT:
$controller = new SP\Controller\AccountC($tpl, null, $itemId);
$controller->getEditAccount();
break;
case \SP\Controller\ActionsInterface::ACTION_ACC_EDIT_PASS:
$controller = new SP\Controller\AccountC($tpl, null, $itemId);
$controller->getEditPassAccount();
break;
case \SP\Controller\ActionsInterface::ACTION_ACC_VIEW:
$controller = new SP\Controller\AccountC($tpl, null, $itemId);
$controller->getViewAccount();
break;
case \SP\Controller\ActionsInterface::ACTION_ACC_VIEW_HISTORY:
$controller = new SP\Controller\AccountC($tpl, null, $itemId);
$controller->getViewHistoryAccount();
break;
case \SP\Controller\ActionsInterface::ACTION_ACC_DELETE:
$controller = new SP\Controller\AccountC($tpl, null, $itemId);
$controller->getDeleteAccount();
break;
case \SP\Controller\ActionsInterface::ACTION_ACC_REQUEST:
$controller = new SP\Controller\AccountC($tpl, null, $itemId);
$controller->getRequestAccountAccess();
break;
case \SP\Controller\ActionsInterface::ACTION_USR:
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->useTabs();
$controller->getUsersList();
$controller->getGroupsList();
$controller->getProfilesList();
$controller->getAPITokensList();
break;
case \SP\Controller\ActionsInterface::ACTION_MGM:
$controller = new SP\Controller\AccountsMgmtC($tpl);
$controller->useTabs();
$controller->getCategories();
$controller->getCustomers();
$controller->getCustomFields();
break;
case \SP\Controller\ActionsInterface::ACTION_CFG:
case \SP\Controller\ActionsInterface::ACTION_CFG_GENERAL:
case \SP\Controller\ActionsInterface::ACTION_CFG_WIKI:
case \SP\Controller\ActionsInterface::ACTION_CFG_LDAP:
case \SP\Controller\ActionsInterface::ACTION_CFG_MAIL:
case \SP\Controller\ActionsInterface::ACTION_CFG_ENCRYPTION:
case \SP\Controller\ActionsInterface::ACTION_CFG_ENCRYPTION_TEMPPASS:
case \SP\Controller\ActionsInterface::ACTION_CFG_BACKUP:
case \SP\Controller\ActionsInterface::ACTION_CFG_EXPORT:
case \SP\Controller\ActionsInterface::ACTION_CFG_IMPORT:
$tpl->assign('onCloseAction', $actionId);
$tpl->addTemplate('tabs-start');
$controller = new SP\Controller\ConfigC($tpl);
$controller->getGeneralTab();
$controller->getWikiTab();
$controller->getLdapTab();
$controller->getMailTab();
$controller->getEncryptionTab();
$controller->getBackupTab();
$controller->getImportTab();
$controller->getInfoTab();
$tpl->addTemplate('tabs-end');
break;
case \SP\Controller\ActionsInterface::ACTION_EVL:
$controller = new SP\Controller\EventlogC($tpl);
$controller->getEventlog();
break;
case \SP\Controller\ActionsInterface::ACTION_USR_PREFERENCES:
case \SP\Controller\ActionsInterface::ACTION_USR_PREFERENCES_SECURITY:
$tpl->addTemplate('tabs-start');
$controller = new \SP\Controller\UsersPrefsC($tpl);
$controller->getSecurityTab();
$tpl->addTemplate('tabs-end');
break;
}
// Se comprueba si se debe de mostrar la vista de depuración
if (\SP\Session::getUserIsAdminApp() && SP\Config::getValue('debug')) {
$controller->getDebug();
}
$tpl->addTemplate('js-common');
$controller->view();

42
ajax/ajax_getEnvironment.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
use SP\Request;
define('APP_ROOT', '..');
require APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
require APP_ROOT . DIRECTORY_SEPARATOR . 'js' . DIRECTORY_SEPARATOR . 'strings.js.php';
Request::checkReferer('GET');
$data = array(
'lang' => $stringsJsLang,
'app_root' => SP\Init::$WEBURI,
'pk' => str_replace("\r\n", "", \SP\Session::getPublicKey())
);
SP\Common::printJSON($data, 0);

51
ajax/ajax_getFiles.php
View File

@@ -23,54 +23,29 @@
*
*/
use SP\Request;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('GET');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
Request::checkReferer('GET');
if (!SP\Init::isLoggedIn()) {
return;
}
if (!SP_Util::fileIsEnabled()) {
if (!SP\Util::fileIsEnabled()) {
echo _('Gestión de archivos deshabilitada');
return false;
}
$sk = SP_Common::parseParams('g', 'sk', false);
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP_Common::checkSessionKey($sk)) {
SP_Common::printXML(_('CONSULTA INVÁLIDA'));
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printXML(_('CONSULTA INVÁLIDA'));
}
$accountId = SP_Common::parseParams('g', 'id', 0);
$deleteEnabled = SP_Common::parseParams('g', 'del', 0);
$files = SP_Files::getFileList($accountId, $deleteEnabled);
if (!is_array($files) || count($files) === 0) {
return;
}
?>
<div id="files-wrap" class="round">
<ul id="files-list">
<?php foreach ($files as $file): ?>
<li class="files-item round">
<span title="<?php echo $file['name'] ?>"> <?php echo SP_Html::truncate($file['name'], 25); ?>
(<?php echo $file['size']; ?> KB)</span>
<?php if ($deleteEnabled === 1): ?>
<img src="imgs/delete.png" title="<?php echo _('Eliminar Archivo'); ?>" id="btnDelete"
class="inputImg" alt="Delete"
OnClick="delFile(<?php echo $file['id']; ?>, '<?php echo SP_Common::getSessionKey(); ?>', <?php echo $accountId; ?>);"/>
<?php endif; ?>
<img src="imgs/download.png" title="<?php echo _('Descargar Archivo'); ?>" id="btnDownload"
class="inputImg" alt="download"
OnClick="downFile(<?php echo $file['id']; ?>, '<?php echo SP_Common::getSessionKey(); ?>', 'download');"/>
<img src="imgs/view.png" title="<?php echo _('Ver Archivo'); ?>" id="btnView" class="inputImg"
alt="View"
OnClick="downFile(<?php echo $file['id']; ?>, '<?php echo SP_Common::getSessionKey(); ?>', 'view');"/>
</li>
<?php endforeach; ?>
</ul>
</div>
$controller = new SP\Controller\AccountsMgmtC();
$controller->getFiles();
$controller->view();

77
ajax/ajax_import.php
View File

@@ -1 +1,76 @@
<?php
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
use SP\Request;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
if (SP\Util::demoIsEnabled()) {
SP\Common::printJSON(_('Ey, esto es una DEMO!!'));
}
$sk = SP\Request::analyze('sk', false);
$defaultUser= SP\Request::analyze('defUser', 0);
$defaultGroup = SP\Request::analyze('defGroup', 0);
$importPwd = SP\Request::analyze('importPwd', '', false, false, false);
$csvDelimiter = SP\Request::analyze('csvDelimiter');
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
try {
$CryptPKI = new \SP\CryptPKI();
$clearImportPwd = $CryptPKI->decryptRSA(base64_decode($importPwd));
} catch (Exception $e) {
SP\Common::printJSON(_('Error en clave RSA'));
}
SP\Import::setDefUser($defaultUser);
SP\Import::setDefGroup($defaultGroup);
SP\Import::setImportPwd($clearImportPwd);
SP\Import::setCsvDelimiter($csvDelimiter);
$res = SP\Import::doImport($_FILES["inFile"]);
if (isset($res['error']) && is_array($res['error'])) {
error_log($res['error']['hint']);
$out = implode('\n\n', $res['error']);
SP\Common::printJSON($out);
} else if (is_array($res['ok'])) {
$out = implode('\n\n', $res['ok']);
SP\Common::printJSON($out, 0);
}

87
ajax/ajax_migrate.php
View File

@@ -1 +1,86 @@
<?php
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
use SP\Request;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
if (SP\Util::demoIsEnabled()) {
SP\Common::printJSON(_('Ey, esto es una DEMO!!'));
}
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
$frmDBUser = SP\Request::analyze('dbuser');
$frmDBPass = SP\Request::analyze('dbpass');
$frmDBName = SP\Request::analyze('dbname');
$frmDBHost = SP\Request::analyze('dbhost');
$frmMigrateEnabled = SP\Request::analyze('chkmigrate', 0, false, 1);
if (!$frmMigrateEnabled) {
SP\Common::printJSON(_('Confirmar la importación de cuentas'));
} elseif (!$frmDBUser) {
SP\Common::printJSON(_('Es necesario un usuario de conexión'));
} elseif (!$frmDBPass) {
SP\Common::printJSON(_('Es necesaria una clave de conexión'));
} elseif (!$frmDBName) {
SP\Common::printJSON(_('Es necesario el nombre de la BBDD'));
} elseif (!$frmDBHost) {
SP\Common::printJSON(_('Es necesario un nombre de host'));
}
$options['dbhost'] = $frmDBHost;
$options['dbname'] = $frmDBName;
$options['dbuser'] = $frmDBUser;
$options['dbpass'] = $frmDBPass;
$res = SP\Migrate::migrate($options);
if (is_array($res['error'])) {
foreach ($res['error'] as $error) {
$errors [] = $error['description'];
$errors [] = $error['hint'];
error_log($error['hint']);
}
$out = implode('<br>', $errors);
SP\Common::printJSON($out);
} elseif (is_array($res['ok'])) {
$out = implode('<br>', $res['ok']);
SP\Common::printJSON($out, 0);
}

67
ajax/ajax_passReset.php
View File

@@ -23,64 +23,59 @@
*
*/
use SP\UserUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
$sk = SP_Common::parseParams('p', 'sk', false);
SP\Request::checkReferer('POST');
if (!$sk || !SP_Common::checkSessionKey($sk)) {
SP_Common::printJSON(_('CONSULTA INVÁLIDA'));
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
$userLogin = SP_Common::parseParams('p', 'login');
$userEmail = SP_Common::parseParams('p', 'email');
$userPass = SP_Common::parseParams('p', 'pass');
$userPassV = SP_Common::parseParams('p', 'passv');
$hash = SP_Common::parseParams('p', 'hash');
$time = SP_Common::parseParams('p', 'time');
$userLogin = SP\Request::analyze('login');
$userEmail = SP\Request::analyze('email');
$userPass = SP\Request::analyze('pass');
$userPassV = SP\Request::analyze('passv');
$hash = SP\Request::analyze('hash');
$time = SP\Request::analyze('time');
$message['action'] = _('Recuperación de Clave');
if ($userLogin && $userEmail) {
if (SP_Auth::mailPassRecover($userLogin, $userEmail)) {
$message['text'][] = SP_Html::strongText(_('Solicitado para') . ': ') . ' ' . $userLogin . ' (' . $userEmail . ')';
$log = new \SP\Log(_('Recuperación de Clave'));
SP_Common::sendEmail($message);
SP_Log::wrLogInfo($message);
SP_Common::printJSON(_('Solicitud enviada') . ';;' . _('En breve recibirá un correo para completar la solicitud.'), 0, 'goLogin();');
if (SP\Auth::mailPassRecover($userLogin, $userEmail)) {
$log->addDescription(SP\Html::strongText(_('Solicitado para') . ': ') . ' ' . $userLogin . ' (' . $userEmail . ')');
SP\Common::printJSON(_('Solicitud enviada') . ';;' . _('En breve recibirá un correo para completar la solicitud.'), 0, 'goLogin();');
} else {
$message['text'][] = 'ERROR';
$message['text'][] = SP_Html::strongText(_('Solicitado para') . ': ') . ' ' . $userLogin . ' (' . $userEmail . ')';
$log->addDescription('ERROR');
$log->addDescription(SP\Html::strongText(_('Solicitado para') . ': ') . ' ' . $userLogin . ' (' . $userEmail . ')');
SP_Common::sendEmail($message);
SP_Log::wrLogInfo($message);
SP_Common::printJSON(_('No se ha podido realizar la solicitud. Consulte con el administrador.'));
SP\Common::printJSON(_('No se ha podido realizar la solicitud. Consulte con el administrador.'));
}
$log->writeLog();
SP\Email::sendEmail($log);
}
if ($userPass && $userPassV && $userPass === $userPassV) {
$userId = SP_Users::checkHashPassRecover($hash);
$userId = UserUtil::checkHashPassRecover($hash);
if ($userId) {
$user = new SP_Users();
if (UserUtil::updateUserPass($userId, $userPass) && UserUtil::updateHashPassRecover($hash)) {
\SP\Log::writeNewLogAndEmail(_('Modificar Clave Usuario'), SP\Html::strongText(_('Login') . ': ') . UserUtil::getUserLoginById($userId));
$user->userId = $userId;
$user->userPass = $userPass;
if ($user->updateUserPass() && SP_Users::updateHashPassRecover($hash)) {
$message['action'] = _('Modificar Clave Usuario');
$message['text'][] = SP_Html::strongText(_('Login') . ': ') . $user->getUserLoginById($userId);
SP_Log::wrLogInfo($message);
SP_Common::sendEmail($message);
SP_Common::printJSON(_('Clave actualizada'), 0, 'goLogin();');
SP\Common::printJSON(_('Clave actualizada'), 0, 'goLogin();');
}
}
SP_Common::printJSON(_('Error al modificar la clave'));
SP\Common::printJSON(_('Error al modificar la clave'));
} else {
SP_Common::printJSON(_('La clave es incorrecta o no coincide'));
SP\Common::printJSON(_('La clave es incorrecta o no coincide'));
}

330
ajax/ajax_search.php
View File

@@ -23,330 +23,24 @@
*
*/
use SP\Request;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
SP_Util::logout();
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Util::logout();
}
$sk = SP_Common::parseParams('p', 'sk', false);
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP_Common::checkSessionKey($sk)) {
if (!$sk || !SP\Common::checkSessionKey($sk)) {
die('<div class="error round">' . _('CONSULTA INVÁLIDA') . '</div>');
}
$startTime = microtime();
// Valores Configuración
$accountLink = SP_Config::getValue('account_link', 0);
$accountCount = (isset($_POST["rpp"]) && $_POST["rpp"] > 0) ? (int)$_POST["rpp"] : SP_Config::getValue('account_count', 10);
$filesEnabled = SP_Util::fileIsEnabled();
$wikiEnabled = SP_Util::wikiIsEnabled();
if ($wikiEnabled) {
$wikiSearchUrl = SP_Config::getValue('wiki_searchurl', false);
$wikiFilter = explode(',', SP_Config::getValue('wiki_filter'));
$wikiPageUrl = SP_Config::getValue('wiki_pageurl');
}
$requestEnabled = SP_Util::mailrequestIsEnabled();
$maxTextLength = (SP_Util::resultsCardsIsEnabled()) ? 40 : 60;
$isDemoMode = SP_Util::demoIsEnabled();
// Valores POST
$sortKey = SP_Common::parseParams('p', 'skey', 0);
$sortOrder = SP_Common::parseParams('p', 'sorder', 0);
$customerId = SP_Common::parseParams('p', 'customer', 0);
$categoryId = SP_Common::parseParams('p', 'category', 0);
$searchTxt = SP_Common::parseParams('p', 'search', '');
$limitStart = SP_Common::parseParams('p', 'start', 0);
$globalSearch = SP_Common::parseParams('p', 'gsearch', 0, false, 1);
// Valores Sesión
$userGroupId = SP_Common::parseParams('s', 'ugroup', 0);
$userProfileId = SP_Common::parseParams('s', 'uprofile', 0);
$userId = SP_Common::parseParams('s', 'uid', 0);
$filterOn = ($sortKey > 1 || $customerId || $categoryId || $searchTxt) ? true : false;
$colors = array(
'FF66CC',
'FF99FF',
'CC99FF',
'9999FF',
'6699FF',
'3399FF',
'0099FF',
'6699FF',
'3399FF',
'00CC66',
'00CC66',
'00CC99',
'00CCCC',
'FFCC66',
'FF9999',
'FF6699',
'FF99CC'
);
$objAccount = new SP_Account;
$arrSearchFilter = array("txtSearch" => $searchTxt,
"userId" => $userId,
"groupId" => $userGroupId,
"categoryId" => $categoryId,
"customerId" => $customerId,
"keyId" => $sortKey,
"txtOrder" => $sortOrder,
"limitStart" => $limitStart,
"limitCount" => $accountCount,
"globalSearch" => $globalSearch);
$resQuery = $objAccount->getAccounts($arrSearchFilter);
if (!$resQuery) {
die('<div class="noRes round">' . _('No se encontraron registros') . '</div>');
}
if (count($resQuery) > 0) {
$sortKeyImg = "";
if ($sortKey > 0) {
$sortKeyImg = ($sortOrder == 0) ? "imgs/sort_asc.png" : "imgs/sort_desc.png";
$sortKeyImg = '<img src="' . $sortKeyImg . '" class="icon" />';
}
echo '<div id="data-search-header" class="data-header data-header-minimal">';
echo '<ul>';
echo '<li>';
echo '<a id="search-sort-5" class="round" onClick="searchSort(5,' . $limitStart . ')" title="' . _('Ordenar por Cliente') . '" >' . _('Cliente') . '</a>';
echo '</li>';
echo '<li>';
echo '<a id="search-sort-1" class="round" onClick="searchSort(1,' . $limitStart . ')" title="' . _('Ordenar por Nombre') . '">' . _('Nombre') . '</a>';
echo '</li>';
echo '<li>';
echo '<a id="search-sort-2" class="round" onClick="searchSort(2,' . $limitStart . ')" title="' . _('Ordenar por Categoría') . '">' . _('Categoría') . '</a>';
echo '</li>';
echo '<li>';
echo '<a id="search-sort-3" class="round" onClick="searchSort(3,' . $limitStart . ')" title="' . _('Ordenar por Usuario') . '">' . _('Usuario') . '</a>';
echo '</li>';
echo '<li>';
echo '<a id="search-sort-4" class="round" onClick="searchSort(4,' . $limitStart . ')" title="' . _('Ordenar por URL / IP') . '">' . _('URL / IP') . '</a>';
echo '</li>';
echo '</ul>';
echo '</div>';
}
echo '<div id="data-search">';
// Mostrar los resultados de la búsqueda
foreach ($resQuery as $account) {
$objAccount->accountId = $account->account_id;
$objAccount->accountUserId = $account->account_userId;
$objAccount->accountUserGroupId = $account->account_userGroupId;
$objAccount->accountOtherUserEdit = $account->account_otherUserEdit;
$objAccount->accountOtherGroupEdit = $account->account_otherGroupEdit;
$accView = (SP_ACL::checkAccountAccess("accview", $objAccount->getAccountDataForACL()) && SP_ACL::checkUserAccess("accview"));
$accViewPass = (SP_ACL::checkAccountAccess("accviewpass", $objAccount->getAccountDataForACL()) && SP_ACL::checkUserAccess("accviewpass"));
$accEdit = (SP_ACL::checkAccountAccess("accedit", $objAccount->getAccountDataForACL()) && SP_ACL::checkUserAccess("accedit"));
$accCopy = (SP_ACL::checkAccountAccess("accview", $objAccount->getAccountDataForACL()) && SP_ACL::checkUserAccess("accnew"));
$accDel = (SP_ACL::checkAccountAccess("accdelete", $objAccount->getAccountDataForACL()) && SP_ACL::checkUserAccess("accdelete"));
$show = ($accView || $accViewPass || $accEdit || $accCopy || $accDel);
//$randomRGB = array(rand(150, 210), rand(150, 210), rand(150, 210));
//$color = array($account->account_customerId => array(SP_Html::rgb2hex($randomRGB), $randomRGB));
$color = array_rand($colors);
if (!isset($customerColor)) {
$customerColor[$account->account_customerId] = '#' . $colors[$color];
} elseif (isset($customerColor) && !array_key_exists($account->account_customerId, $customerColor)) {
$customerColor[$account->account_customerId] = '#' . $colors[$color];
}
//$hexColor = $customerColor[$account->account_customerId][0];
$hexColor = $customerColor[$account->account_customerId];
if ($wikiEnabled) {
$wikiLink = $wikiSearchUrl . $account->customer_name;
$customerName = '<a href="' . $wikiLink . '" target="blank" title="' . _('Buscar en Wiki') . '<br><br>' . $account->customer_name . '">' . SP_Html::truncate($account->customer_name, $maxTextLength) . '</a>';
} else {
$customerName = SP_Html::truncate($account->customer_name, $maxTextLength);
}
if ($accountLink && $show) {
// Comprobación de accesos para mostrar enlaces de acciones de cuenta
if ($accView) {
$accountName = '<a title="' . _('Detalles de Cuenta') . '" OnClick="doAction(\'accview\',\'accsearch\',' . $account->account_id . ')">' . $account->account_name . '</a>';
} else {
$accountName = $account->account_name;
}
} else {
$accountName = $account->account_name;
}
// Obtenemos datos si el usuario tiene acceso a los datos de la cuenta
if ($show) {
$vacLogin = (strlen($account->account_login) >= $maxTextLength) ? SP_Html::truncate($account->account_login, $maxTextLength) : $account->account_login;
$strAccUrl = $account->account_url;
$urlIsLink = ($strAccUrl && preg_match("#^https?://.*#i", $strAccUrl));
if (strlen($strAccUrl) >= $maxTextLength) {
$strAccUrl_short = SP_Html::truncate($strAccUrl, $maxTextLength);
$strAccUrl = ($urlIsLink) ? '<a href="' . $strAccUrl . '" target="_blank" title="' . _('Abrir enlace a') . ': ' . $strAccUrl . '">' . $strAccUrl_short . '</a>' : $strAccUrl_short;
} else {
$strAccUrl = ($urlIsLink) ? '<a href="' . $strAccUrl . '" target="_blank" title="' . _('Abrir enlace a') . ': ' . $strAccUrl . '">' . $strAccUrl . '</a>' : $strAccUrl;
}
$secondaryGroups = SP_Groups::getGroupsNameForAccount($account->account_id);
$secondaryUsers = SP_Users::getUsersNameForAccount($account->account_id);
$secondaryAccesses = '<em>(G) ' . $account->usergroup_name . '*</em><br>';
if ($secondaryGroups) {
foreach ($secondaryGroups as $group) {
$secondaryAccesses .= '<em>(G) ' . $group . '</em><br>';
}
}
if ($secondaryUsers) {
foreach ($secondaryUsers as $user) {
$secondaryAccesses .= '<em>(U) ' . $user . '</em><br>';
}
}
unset($strAccNotes);
if ($account->account_notes) {
$strAccNotes = (strlen($account->account_notes) > 300) ? substr($account->account_notes, 0, 300) . "..." : $account->account_notes;
$strAccNotes = nl2br(wordwrap(htmlspecialchars($strAccNotes), 50, '<br>', true));
}
}
//echo '<div class="account-label round shadow" onMouseOver="this.style.backgroundColor=\'RGBA('.$rgbaColor.')\'" onMouseOut="this.style.backgroundColor=\'#FFFFFF\'" >';
echo '<div class="account-label round shadow">';
echo '<div class="field-customer label-field">';
echo '<div class="field-name">' . _('Cliente') . '</div>';
echo '<div class="field-text round5 no-link" style="background-color: ' . $hexColor . ';">' . $customerName . '</div>';
echo '</div>';
echo '<div class="field-account label-field">';
echo '<div class="field-name">' . _('Nombre') . '</div>';
echo '<div class="field-text">' . $accountName . '</div>';
echo '</div>';
echo '<div class="field-category label-field">';
echo '<div class="field-name">' . _('Categoría') . '</div>';
echo '<div class="field-text">' . $account->category_name . '</div>';
echo '</div>';
// Mostramos datos si el usuario tiene acceso a los datos de la cuenta
if ($show) {
echo '<div class="field-user label-field">';
echo '<div class="field-name">' . _('Usuario') . '</div>';
echo '<div class="field-text">' . $vacLogin . '</div>';
echo '</div>';
echo '<div class="field-url label-field">';
echo '<div class="field-name">' . _('URL / IP') . '</div>';
echo '<div class="field-text">' . $strAccUrl . '</div>';
echo '</div>';
echo '<div class="account-info">';
echo '<img src="imgs/btn_group.png" title="' . $secondaryAccesses . '" />';
echo (isset($strAccNotes)) ? '<img src="imgs/notes.png" title="' . _('Notas') . ': <br><br>' . $strAccNotes . '" />' : '';
if ($filesEnabled) {
$intNumFiles = SP_Files::countFiles($account->account_id);
echo ($intNumFiles) ? '<img src="imgs/attach.png" title="' . _('Archivos adjuntos') . ': ' . $intNumFiles . '" />' : '';
}
if ($wikiEnabled) {
if (is_array($wikiFilter)) {
foreach ($wikiFilter as $strFilter) {
// Quote filter string
$strFilter = preg_quote($strFilter);
if (preg_match("/^" . $strFilter . ".*/i", $account->account_name)) {
$wikiLink = $wikiPageUrl . $account->account_name;
echo '<a href="' . $wikiLink . '" target="_blank" ><img src="imgs/wiki.png" title="' . _('Enlace a Wiki') . '" /></a>';
}
}
}
}
echo '</div>';
echo '<div class="account-actions round">';
// Comprobar accesos para mostrar enlaces de acciones de cuenta
if ($accView) {
echo '<img src="imgs/view.png" title="' . _('Detalles de Cuenta') . '" OnClick="doAction(\'accview\',\'accsearch\',' . $account->account_id . ')" />';
}
if ($accViewPass) {
echo '<img src="imgs/user-pass.png" title="' . _('Ver Clave') . '" onClick="viewPass(' . $account->account_id . ', 1)" />';
echo '<img src="imgs/clipboard.png" title="' . _('Copiar Clave en Portapapeles') . '" onmouseover="viewPass(' . $account->account_id . ', 0)" onmouseout="passToClip = 0;" class="actions-optional clip_pass_button" data-clipboard-target="clip_pass_text" />';
}
if ($accEdit || $accCopy || $accDel || $accViewPass) {
echo '<img src="imgs/action.png" title="' . _('Más Acciones') . '" OnClick="showOptional(this)" />';
}
if ($accEdit) {
echo '<img src="imgs/edit.png" title="' . _('Modificar Cuenta') . '" class="actions-optional" OnClick="doAction(\'accedit\',\'accsearch\',' . $account->account_id . ')" />';
}
if ($accCopy) {
echo '<img src="imgs/btn_copy.png" title="' . _('Copiar Cuenta') . '" class="actions-optional" OnClick="doAction(\'acccopy\',\'accsearch\',' . $account->account_id . ')" />';
}
if ($accDel) {
echo '<img src="imgs/delete.png" title="' . _('Eliminar Cuenta') . '" class="actions-optional" OnClick="doAction(\'accdelete\',\'accsearch\',' . $account->account_id . ')"/>';
}
echo '</div>';
} elseif ($requestEnabled || $isDemoMode) {
echo '<div class="account-spacer"></div>';
echo '<div class="account-actions round">';
echo '<img src="imgs/request.png" title="' . _('Solicitar Modificación') . '" class="inputImg" OnClick="doAction(\'accrequest\',\'accsearch\',' . $account->account_id . ')" />';
echo '</div>';
}
echo '</div>';
// Fin del bucle para obtener los registros
}
echo '</div>';
$endTime = microtime();
$totalTime = round($endTime - $startTime, 5);
SP_Html::printQuerySearchNavBar($sortKey, $arrSearchFilter["limitStart"], $objAccount->queryNumRows, $arrSearchFilter["limitCount"], $totalTime, $filterOn);
//echo $objAccount->query;
?>
<div id="clip_pass_text" style="visibility: hidden"></div>
<script>
passToClip = 0;
var client = new ZeroClipboard($('.clip_pass_button'), {
moviePath: "js/ZeroClipboard.swf",
debug: false
});
//client.setText(data);
client.on('load', function (client) {
$('#global-zeroclipboard-html-bridge').attr('rel', 'tooltip').attr('title', '<?php echo _('Copiar Clave en Portapapeles'); ?>');
});
client.on("complete", function (client, args) {
resMsg("ok", "<?php echo _('Clave Copiada al Portapapeles'); ?>");
});
</script>
$controller = new SP\Controller\SearchC();
$controller->getSearch();
$controller->view();

56
ajax/ajax_sendRequest.php
View File

@@ -1,5 +1,4 @@
<?php
/**
* sysPass
*
@@ -23,52 +22,57 @@
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
use SP\UserUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
SP_Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
SP\Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$sk = SP_Common::parseParams('p', 'sk', false);
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP_Common::checkSessionKey($sk)) {
SP_Common::printJSON(_('CONSULTA INVÁLIDA'));
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
$frmAccountId = SP_Common::parseParams('p', 'accountid', 0);
$frmDescription = SP_Common::parseParams('p', 'description');
$frmAccountId = SP\Request::analyze('accountid', 0);
$frmDescription = SP\Request::analyze('description');
if (!$frmDescription) {
SP_Common::printJSON(_('Es necesaria una descripción'));
SP\Common::printJSON(_('Es necesaria una descripción'));
}
$accountRequestData = SP_Account::getAccountRequestData($frmAccountId);
$accountRequestData = SP\Account::getAccountRequestData($frmAccountId);
$recipients = array(
SP_Users::getUserEmail($accountRequestData->account_userId),
SP_Users::getUserEmail($accountRequestData->account_userEditId)
UserUtil::getUserEmail($accountRequestData->account_userId),
UserUtil::getUserEmail($accountRequestData->account_userEditId)
);
$requestUsername = SP_Common::parseParams('s', 'uname');
$requestLogin = SP_Common::parseParams('s', 'ulogin');
$requestUsername = SP\Session::getUserName();
$requestLogin = SP\Session::getUserLogin();
$message['action'] = _('Solicitud de Modificación de Cuenta');
$message['text'][] = SP_Html::strongText(_('Solicitante') . ': ') . $requestUsername . ' (' . $requestLogin . ')';
$message['text'][] = SP_Html::strongText(_('Cuenta') . ': ') . $accountRequestData->account_name;
$message['text'][] = SP_Html::strongText(_('Cliente') . ': ') . $accountRequestData->customer_name;
$message['text'][] = SP_Html::strongText(_('Descripción') . ': ') . $frmDescription;
$log = new \SP\Log(_('Solicitud de Modificación de Cuenta'));
$log->addDescription(SP\Html::strongText(_('Solicitante') . ': ') . $requestUsername . ' (' . $requestLogin . ')');
$log->addDescription(SP\Html::strongText(_('Cuenta') . ': ') . $accountRequestData->account_name);
$log->addDescription(SP\Html::strongText(_('Cliente') . ': ') . $accountRequestData->customer_name);
$log->addDescription(SP\Html::strongText(_('Descripción') . ': ') . $frmDescription);
$mailto = implode(',', $recipients);
if ($mailto
&& SP_Util::mailrequestIsEnabled()
&& SP_Common::sendEmail($message, $mailto)
&& SP\Util::mailrequestIsEnabled()
&& SP\Email::sendEmail($log, $mailto)
) {
SP_Log::wrLogInfo($message);
SP_Common::printJSON(_('Solicitud enviada'), 0, "doAction('accsearch');");
$log->writeLog();
SP\Common::printJSON(_('Solicitud enviada'), 0, "doAction('" . \SP\Controller\ActionsInterface::ACTION_ACC_SEARCH . "');");
}
SP_Common::printJSON(_('Error al enviar la solicitud'));
SP\Common::printJSON(_('Error al enviar la solicitud'));

80
ajax/ajax_userPrefsSave.php Normal file
View File

@@ -0,0 +1,80 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
use SP\Request;
use SP\UserUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
// Variables POST del formulario
$actionId = SP\Request::analyze('actionId', 0);
$itemId = SP\Request::analyze('itemId', 0);
$activeTab = SP\Request::analyze('activeTab', 0);
// Acción al cerrar la vista
$doActionOnClose = "sysPassUtil.Common.doAction($actionId,'',$activeTab);";
if ($actionId === SP\Controller\ActionsInterface::ACTION_USR_PREFERENCES_SECURITY) {
if (SP\Util::demoIsEnabled() && \SP\Session::getUserLogin() == 'demo') {
SP\Common::printJSON(_('Ey, esto es una DEMO!!'));
}
// Variables POST del formulario
$twoFaEnabled = SP\Request::analyze('security_2faenabled', 0, false, 1);
$pin = SP\Request::analyze('security_pin', 0);
$userLogin = UserUtil::getUserLoginById($itemId);
$twoFa = new \SP\Auth\Auth2FA($itemId, $userLogin);
if (!$twoFa->verifyKey($pin)) {
SP\Common::printJSON(_('Código incorrecto'));
}
$preferences = new \SP\UserPreferences();
$preferences->setId($itemId);
$preferences->setUse2Fa(\SP\Util::boolval($twoFaEnabled));
if (!$preferences->updatePreferences()) {
SP\Common::printJSON(_('Error al actualizar preferencias'));
}
SP\Common::printJSON(_('Preferencias actualizadas'), 0, $doActionOnClose);
} else {
SP\Common::printJSON(_('Acción Inválida'));
}

118
ajax/ajax_usrpass.php
View File

@@ -1,93 +1,49 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
use SP\Request;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('GET');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if ( ! SP_Init::isLoggedIn() ){
SP_Util::logout();
Request::checkReferer('GET');
if (!SP\Init::isLoggedIn()) {
SP\Util::logout();
}
$userId = SP_Common::parseParams('g', 'usrid', false);
$userId = SP\Request::analyze('userId', false);
if ( ! $userId ) {
if (!$userId) {
return;
}
$strError = '<div id="fancyView" class="msgError">'._('No tiene permisos para realizar esta operación').'</div>';
SP_ACL::checkUserAccess("acceditpass", $userId) || die ($strError);
?>
<div id="fancyContainer" align="center">
<h2 class="midround"><?php echo _('Cambio de Clave'); ?></h2>
<form method="post" name="updUsrPass" id="frmUpdUsrPass">
<table class="fancydata">
<tr>
<td class="descField">
<?php echo _('Clave'); ?>
</td>
<td class="valField">
<input type="password" id="usrpass" name="pass" title="<?php echo _('Clave'); ?>" class="txtpass" OnFocus="$('#passLevel').show(); $('#resFancyAccion').hide();" OnKeyUp="checkPassLevel(this.value, 'fancyContainer')" />
<img id="passGen" src="imgs/genpass.png" title="<?php echo _('Generar clave aleatoria'); ?>"
class="inputImg"/>
</td>
</tr>
<tr>
<td class="descField">
<?php echo _('Clave (repetir)'); ?></td>
<td class="valField">
<input type="password" id="usrpassv" name="passv" title="<?php echo _('Clave (repetir)'); ?>" class="txtpassv" />
<span class="passLevel fullround" title="<?php echo _('Nivel de fortaleza de la clave'); ?>"></span>
</td>
</tr>
</table>
<input type="hidden" name="id" value="<?php echo $userId; ?>" />
<input type="hidden" name="type" value="1" />
<input type="hidden" name="action" value="3" />
<input type="hidden" name="sk" value="<?php echo SP_Common::getSessionKey(); ?>">
</form>
<div id="resCheck">
<span id="resFancyAccion"></span>
</div>
<div class="action-in-box">
<ul>
<li>
<img src="imgs/check.png" title="<?php echo _('Guardar'); ?>" class="inputImg"
OnClick="appMgmtSave('frmUpdUsrPass')" alt="<?php echo _('Guardar'); ?>"/>
</li>
</ul>
</div>
</div>
<script>
$('#passGen').click(function () {
$('#resFancyAccion').hide();
password(11, true, false, 'fancyContainer');
});
</script>
$tpl = new SP\Template();
$tpl->assign('userId', $userId);
$controller = new SP\Controller\UsersMgmtC($tpl);
$controller->getUserPass();
$tpl->addTemplate('js-common');
$controller->view();

116
ajax/ajax_viewpass.php
View File

@@ -1,11 +1,11 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
@@ -23,85 +23,63 @@
*
*/
use SP\Request;
use SP\UserUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
SP_Util::checkReferer('POST');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
if (!SP_Init::isLoggedIn()) {
SP_Util::logout();
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$accountId = SP_Common::parseParams('p', 'accountid', false);
$fullTxt = SP_Common::parseParams('p', 'full', 0);
$isHistory = SP_Common::parseParams('p', 'isHistory', 0);
$accountId = SP\Request::analyze('accountid', false);
$isHistory = SP\Request::analyze('isHistory', false);
if (!$accountId) {
return;
}
$account = new SP_Account;
$account->accountParentId = ( isset($_SESSION["accParentId"]) ) ? $_SESSION["accParentId"] : "";
$account->accountId = $accountId;
$account->accountIsHistory = $isHistory;
$account = (!$isHistory) ? new SP\Account() : new SP\AccountHistory();
$account->setAccountParentId(\SP\Session::getAccountParentId());
$account->setAccountId($accountId);
$accountData = $account->getAccountPassData();
if ($isHistory && !$account->checkAccountMPass()) {
SP\Common::printJSON(_('La clave maestra no coincide'));
}
if (!SP\Acl::checkAccountAccess(SP\Acl::ACTION_ACC_VIEW_PASS, $account->getAccountDataForACL()) || !SP\Acl::checkUserAccess(SP\Acl::ACTION_ACC_VIEW_PASS)) {
SP\Common::printJSON(_('No tiene permisos para acceder a esta cuenta'));
} elseif (!UserUtil::checkUserUpdateMPass()) {
SP\Common::printJSON(_('Clave maestra actualizada') . '<br>' . _('Reinicie la sesión para cambiarla'));
}
$accountClearPass = SP\Crypt::getDecrypt($accountData->pass, $accountData->iv);
if (!$isHistory) {
$accountData = $account->getAccount();
if (!SP_ACL::checkAccountAccess("accviewpass", $account->getAccountDataForACL()) || !SP_ACL::checkUserAccess("accviewpass")) {
die('<span class="altTxtRed">' . _('No tiene permisos para acceder a esta cuenta') . '</span>');
}
} else {
if ($account->checkAccountMPass()) {
$accountData = $account->getAccountHistory();
if (!SP_ACL::checkAccountAccess("accviewpass", $account->getAccountDataForACL()) || !SP_ACL::checkUserAccess("accviewpass")) {
die('<span class="altTxtRed">' . _('No tiene permisos para acceder a esta cuenta') . '</span>');
}
} else {
echo '<div id="fancyMsg" class="msgError">' . _('La clave maestra no coincide') . '</div>';
return;
}
}
if (!SP_Users::checkUserUpdateMPass()) {
if ($fullTxt) {
die('<div id="fancyMsg" class="msgError">' . _('Clave maestra actualizada') . '<br>' . _('Reinicie la sesión para cambiarla') . '</div>');
} else {
die(_('Clave maestra actualizada') . '<br>' . _('Reinicie la sesión para cambiarla'));
}
}
$masterPass = SP_Crypt::getSessionMasterPass();
$accountClearPass = SP_Crypt::getDecrypt($accountData->account_pass, $masterPass, $accountData->account_IV);
if (!$isHistory && $fullTxt) {
$account->incrementDecryptCounter();
$message['action'] = _('Ver Clave');
$message['text'][] = _('ID') . ': ' . $accountId;
$message['text'][] = _('Cuenta') . ': ' . $accountData->customer_name . " / " . $accountData->account_name;
SP_Log::wrLogInfo($message);
$log = new \SP\Log(_('Ver Clave'));
$log->addDescription(_('ID') . ': ' . $accountId);
$log->addDescription(_('Cuenta') . ': ' . $accountData->customer_name . " / " . $accountData->name);
$log->writeLog();
}
$accountPass = htmlentities(trim($accountClearPass), ENT_COMPAT, 'UTF-8');
//$accountPass = htmlspecialchars(trim($accountClearPass));
if ($fullTxt) {
?>
<div id="fancyMsg" class="msgInfo">
<table>
<tr>
<td><span class="altTxtBlue"><?php echo _('Usuario'); ?></span></td>
<td><?php echo $accountData->account_login; ?></td>
</tr>
<tr>
<td><span class="altTxtBlue"><?php echo _('Clave'); ?></span></td>
<td><?php echo $accountPass; ?></td>
</tr>
</table>
</div>
<?php
} else {
echo $accountPass;
}
?>
$useImage = intval(\SP\Util::accountPassToImageIsEnabled());
$data = array(
'title' => _('Clave de Cuenta'),
'acclogin' => $accountData->login,
'accpass' => (!$useImage) ? trim($accountClearPass) : \SP\ImageUtil::convertText($accountClearPass),
'useimage' => $useImage
);
SP\Common::printJSON($data, 0);

60
api.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.or
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
define('APP_ROOT', '.');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
try {
$ApiRequest = new \SP\ApiRequest();
switch ($ApiRequest->getAction()) {
case \SP\Controller\ActionsInterface::ACTION_ACC_VIEW:
$itemId = \SP\Request::analyze(\SP\ApiRequest::ITEM, 0);
$out = $ApiRequest->getApi()->getAccountData($itemId);
break;
case \SP\Controller\ActionsInterface::ACTION_ACC_VIEW_PASS:
$ApiRequest->addVar('userPass', \SP\ApiRequest::analyze(\SP\ApiRequest::USER_PASS));
$itemId = \SP\Request::analyze(\SP\ApiRequest::ITEM, 0);
$out = $ApiRequest->getApi()->getAccountPassword($itemId);
break;
case \SP\Controller\ActionsInterface::ACTION_ACC_SEARCH:
$search = \SP\Request::analyze(\SP\ApiRequest::SEARCH);
$count = \SP\Request::analyze(\SP\ApiRequest::SEARCH_COUNT, 10);
$out = $ApiRequest->getApi()->getAccountSearch($search, $count);
break;
default:
throw new Exception(_('Acción Inválida'));
}
} catch (Exception $e) {
\SP\Common::printJSON(array($e->getMessage(), _('Ayuda Parámetros') => \SP\ApiRequest::getHelp()));
}
header('Content-type: application/json');
echo $out;

BIN
css/MaterialIcons-Regular.eot Normal file
View File

Binary file not shown.

BIN
css/MaterialIcons-Regular.ttf Normal file
View File

Binary file not shown.

BIN
css/MaterialIcons-Regular.woff Normal file
View File

Binary file not shown.

BIN
css/MaterialIcons-Regular.woff2 Normal file
View File

Binary file not shown.

1
css/alertify-bootstrap-3.css Normal file
View File

@@ -0,0 +1 @@
@charset "UTF-8";.alertify{font-family:inherit;position:fixed;background-color:rgba(0,0,0,.6);left:0;right:0;top:0;bottom:0;width:100%;height:100%;z-index:99999}.alertify,.alertify *{box-sizing:border-box}.alertify .alertify-alert,.alertify .alertify-dialog{width:100%;margin:0 auto;position:relative;top:50%;-webkit-transform:translateY(-50%);-ms-transform:translateY(-50%);transform:translateY(-50%)}.alertify .alertify-alert .alertify-inner,.alertify .alertify-dialog .alertify-inner{width:400px;max-width:95%;margin:0 auto}.alertify .alertify-buttons{text-align:right}.alertify,.alertify-hide,.alertify-log,.alertify-show{box-sizing:border-box;-webkit-transition:all .3s cubic-bezier(.25,.8,.25,1);transition:all .3s cubic-bezier(.25,.8,.25,1)}.alertify-hidden{opacity:0;display:none}.alertify-logs{position:fixed;z-index:5000;bottom:0;right:0}.alertify-log{display:block;margin-top:10px;position:relative;right:-100%;opacity:0}.alertify-log-show{right:0;opacity:1}.alertify-log-hide{-webkit-transform:translate(100%,0);-ms-transform:translate(100%,0);transform:translate(100%,0);opacity:0}.alertify-text{margin-bottom:15px;width:100%;font-size:100%}.alertify-inner{background:#FFF;border:1px solid #8E8E8E;border:1px solid rgba(0,0,0,.3);border-radius:6px;box-shadow:0 3px 7px rgba(0,0,0,.3);background-clip:padding-box;text-align:left;margin-top:15px}.alertify-buttons button{margin-left:6px}.alertify-alert,.alertify-dialog{padding:0}.alertify-message{padding:15px;margin:0}.alertify-text-wrapper{padding:0 15px}.alertify-text{color:#555;border-radius:4px;padding:8px;background-color:#FFF;border:1px solid #CCC;box-shadow:inset 0 1px 1px rgba(0,0,0,.075)}.alertify-text:focus{border-color:rgba(82,168,236,.8);outline:0;box-shadow:inset 0 1px 1px rgba(0,0,0,.075),0 0 8px rgba(82,168,236,.6)}.alertify-buttons{margin:0 15px;padding:14px 0 15px;border-top:1px solid #DDD;border-radius:0 0 6px 6px;box-shadow:inset 0 1px 0 #FFF;text-align:right}.alertify-button,.alertify-button:active,.alertify-button:focus,.alertify-button:hover{display:inline-block;padding:6px 12px;margin-bottom:0;font-size:14px;font-weight:400;line-height:1.428571429;text-align:center;white-space:nowrap;vertical-align:middle;cursor:pointer;border:1px solid transparent;border-radius:4px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;-o-user-select:none;user-select:none}.alertify-button:focus{outline:0;box-shadow:0 0 5px #2B72D5}.alertify-button:active{position:relative;box-shadow:inset 0 2px 4px rgba(0,0,0,.15),0 1px 2px rgba(0,0,0,.05)}.alertify-button-cancel,.alertify-button-cancel:active,.alertify-button-cancel:focus,.alertify-button-cancel:hover{color:#fff;background-color:#d9534f;border-color:#d43f3a}.alertify-button-cancel:active,.alertify-button-cancel:focus,.alertify-button-cancel:hover{color:#fff;background-color:#d2322d;border-color:#ac2925}.alertify-button-ok,.alertify-button-ok:active,.alertify-button-ok:focus,.alertify-button-ok:hover{color:#fff;background-color:#5cb85c;border-color:#4cae4c}.alertify-button-ok:active,.alertify-button-ok:focus,.alertify-button-ok:hover{color:#fff;background-color:#47a447;border-color:#398439}.alertify-log{background:#3276b1;padding:15px 14px;border-radius:4px;color:#D9EDF7;border:1px solid #285e8e}.alertify-log-error{color:#ecf0f1;background:#e74c3c;border:1px solid #c0392b}.alertify-log-success{color:#ecf0f1;background:#27ae60;border:1px solid #2ecc71}

137
css/alertify.core.css
View File

@@ -1,137 +0,0 @@
.alertify,
.alertify-show,
.alertify-log {
-webkit-transition: all 500ms cubic-bezier(0.175, 0.885, 0.320, 1.275);
-moz-transition: all 500ms cubic-bezier(0.175, 0.885, 0.320, 1.275);
-ms-transition: all 500ms cubic-bezier(0.175, 0.885, 0.320, 1.275);
-o-transition: all 500ms cubic-bezier(0.175, 0.885, 0.320, 1.275);
transition: all 500ms cubic-bezier(0.175, 0.885, 0.320, 1.275); /* easeOutBack */
}
.alertify-hide {
-webkit-transition: all 250ms cubic-bezier(0.600, -0.280, 0.735, 0.045);
-moz-transition: all 250ms cubic-bezier(0.600, -0.280, 0.735, 0.045);
-ms-transition: all 250ms cubic-bezier(0.600, -0.280, 0.735, 0.045);
-o-transition: all 250ms cubic-bezier(0.600, -0.280, 0.735, 0.045);
transition: all 250ms cubic-bezier(0.600, -0.280, 0.735, 0.045); /* easeInBack */
}
.alertify-log-hide {
-webkit-transition: all 500ms cubic-bezier(0.600, -0.280, 0.735, 0.045);
-moz-transition: all 500ms cubic-bezier(0.600, -0.280, 0.735, 0.045);
-ms-transition: all 500ms cubic-bezier(0.600, -0.280, 0.735, 0.045);
-o-transition: all 500ms cubic-bezier(0.600, -0.280, 0.735, 0.045);
transition: all 500ms cubic-bezier(0.600, -0.280, 0.735, 0.045); /* easeInBack */
}
.alertify-cover {
position: fixed; z-index: 99999;
top: 0; right: 0; bottom: 0; left: 0;
background-color:white;
filter:alpha(opacity=0);
opacity:0;
}
.alertify-cover-hidden {
display: none;
}
.alertify {
position: fixed; z-index: 99999;
top: 50px; left: 50%;
width: 550px;
margin-left: -275px;
opacity: 1;
}
.alertify-hidden {
-webkit-transform: translate(0,-150px);
-moz-transform: translate(0,-150px);
-ms-transform: translate(0,-150px);
-o-transform: translate(0,-150px);
transform: translate(0,-150px);
opacity: 0;
display: none;
}
/* overwrite display: none; for everything except IE6-8 */
:root *> .alertify-hidden {
display: block;
visibility: hidden;
}
.alertify-logs {
position: fixed;
z-index: 5000;
bottom: 10px;
right: 10px;
width: 300px;
}
.alertify-logs-hidden {
display: none;
}
.alertify-log {
display: block;
margin-top: 10px;
position: relative;
right: -300px;
opacity: 0;
}
.alertify-log-show {
right: 0;
opacity: 1;
}
.alertify-log-hide {
-webkit-transform: translate(300px, 0);
-moz-transform: translate(300px, 0);
-ms-transform: translate(300px, 0);
-o-transform: translate(300px, 0);
transform: translate(300px, 0);
opacity: 0;
}
.alertify-dialog {
padding: 25px;
}
.alertify-resetFocus {
border: 0;
clip: rect(0 0 0 0);
height: 1px;
margin: -1px;
overflow: hidden;
padding: 0;
position: absolute;
width: 1px;
}
.alertify-inner {
text-align: center;
}
.alertify-text {
margin-bottom: 15px;
width: 100%;
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
box-sizing: border-box;
font-size: 100%;
}
.alertify-buttons {
}
.alertify-button,
.alertify-button:hover,
.alertify-button:active,
.alertify-button:visited {
background: none;
text-decoration: none;
border: none;
/* line-height and font-size for input button */
line-height: 1.5;
font-size: 100%;
display: inline-block;
cursor: pointer;
margin-left: 5px;
}
@media only screen and (max-width: 680px) {
.alertify,
.alertify-logs {
width: 90%;
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
box-sizing: border-box;
}
.alertify {
left: 5%;
margin: 0;
}
}

82
css/alertify.default.css
View File

@@ -1,82 +0,0 @@
/**
* Default Look and Feel
*/
.alertify,
.alertify-log {
font-family: sans-serif;
}
.alertify {
background: #FFF;
border: 10px solid #333; /* browsers that don't support rgba */
border: 10px solid rgba(0, 0, 0, .3);
border-radius: 8px;
box-shadow: 0 3px 3px rgba(0,0,0,.3);
-webkit-background-clip: padding; /* Safari 4? Chrome 6? */
-moz-background-clip: padding; /* Firefox 3.6 */
background-clip: padding-box; /* Firefox 4, Safari 5, Opera 10, IE 9 */
}
.alertify-text {
border: 1px solid #CCC;
padding: 10px;
border-radius: 4px;
}
.alertify-button {
border-radius: 4px;
color: #FFF;
font-weight: bold;
padding: 6px 15px;
text-decoration: none;
text-shadow: 1px 1px 0 rgba(0,0,0,.5);
box-shadow: inset 0 1px 0 0 rgba(255,255,255,.5);
background-image: -webkit-linear-gradient(top, rgba(255,255,255,.3), rgba(255,255,255,0));
background-image: -moz-linear-gradient(top, rgba(255,255,255,.3), rgba(255,255,255,0));
background-image: -ms-linear-gradient(top, rgba(255,255,255,.3), rgba(255,255,255,0));
background-image: -o-linear-gradient(top, rgba(255,255,255,.3), rgba(255,255,255,0));
background-image: linear-gradient(top, rgba(255,255,255,.3), rgba(255,255,255,0));
}
.alertify-button:hover,
.alertify-button:focus {
outline: none;
background-image: -webkit-linear-gradient(top, rgba(0,0,0,.1), rgba(0,0,0,0));
background-image: -moz-linear-gradient(top, rgba(0,0,0,.1), rgba(0,0,0,0));
background-image: -ms-linear-gradient(top, rgba(0,0,0,.1), rgba(0,0,0,0));
background-image: -o-linear-gradient(top, rgba(0,0,0,.1), rgba(0,0,0,0));
background-image: linear-gradient(top, rgba(0,0,0,.1), rgba(0,0,0,0));
}
.alertify-button:focus {
box-shadow: 0 0 15px #2B72D5;
}
.alertify-button:active {
position: relative;
box-shadow: inset 0 2px 4px rgba(0,0,0,.15), 0 1px 2px rgba(0,0,0,.05);
}
.alertify-button-cancel,
.alertify-button-cancel:hover,
.alertify-button-cancel:focus {
background-color: #FE1A00;
border: 1px solid #D83526;
}
.alertify-button-ok,
.alertify-button-ok:hover,
.alertify-button-ok:focus {
background-color: #5CB811;
border: 1px solid #3B7808;
}
.alertify-log {
background: #1F1F1F;
background: rgba(0,0,0,.9);
padding: 15px;
border-radius: 4px;
color: #FFF;
font-weight: bold;
text-shadow: -1px -1px 0 rgba(0,0,0,.5);
}
.alertify-log-error {
background: #FE1A00;
background: rgba(254,26,0,.9);
}
.alertify-log-success {
background: #5CB811;
background: rgba(92,184,17,.9);
}

34
css/chosen-custom.css Normal file
View File

@@ -0,0 +1,34 @@
/*!
Chosen, a Select Box Enhancer for jQuery and Prototype
by Patrick Filler for Harvest, http://getharvest.com
Version 1.4.2
Full source at https://github.com/harvesthq/chosen
Copyright (c) 2011-2015 Harvest http://getharvest.com
MIT License, https://github.com/harvesthq/chosen/blob/master/LICENSE.md
This file is generated by `grunt build`, do not edit it by hand.
*/
/* @group Results */
.chosen-container .chosen-results li.highlighted {
background-color: #536DFE;
background-image: -webkit-gradient(linear, 50% 0%, 50% 100%, color-stop(20%, #879bff), color-stop(90%, #536DFE));
background-image: -webkit-linear-gradient(#879bff 20%, #536DFE 90%);
background-image: -moz-linear-gradient(#879bff 20%, #536DFE 90%);
background-image: -o-linear-gradient(#879bff 20%, #536DFE 90%);
background-image: linear-gradient(#879bff 20%, #536DFE 90%);
color: #fff;
}
/* @end */
/* @group Active */
.chosen-container-active .chosen-single {
border: 1px solid rgba(83, 109, 254, .8);
box-shadow: 0 0 5px rgba(0, 0, 0, 0.3);
}
.chosen-container-active .chosen-choices {
border: 1px solid rgba(83, 109, 254, .8);
box-shadow: 0 0 5px rgba(0, 0, 0, 0.3);
}
/* @end */

BIN
css/chosen-sprite.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 646 B

After

Width:  |  Height:  |  Size: 538 B

BIN
css/chosen-sprite@2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 738 B

430
css/chosen.css
View File

@@ -1,430 +0,0 @@
/* @group Base */
.chosen-container {
position: relative;
display: inline-block;
vertical-align: middle;
font-size: 12px;
zoom: 1;
*display: inline;
-webkit-user-select: none;
-moz-user-select: none;
user-select: none;
}
.chosen-container .chosen-drop {
position: absolute;
top: 100%;
left: -9999px;
z-index: 1010;
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
box-sizing: border-box;
width: 100%;
border: 1px solid #aaa;
border-top: 0;
background: #fff;
box-shadow: 0 4px 5px rgba(0, 0, 0, 0.15);
}
.chosen-container.chosen-with-drop .chosen-drop {
left: 0;
}
.chosen-container a {
cursor: pointer;
}
/* @end */
/* @group Single Chosen */
.chosen-container-single .chosen-single {
position: relative;
display: block;
overflow: hidden;
padding: 0 0 0 8px;
height: 23px;
border: 1px solid #aaa;
border-radius: 5px;
background-color: #fff;
background: -webkit-gradient(linear, 50% 0%, 50% 100%, color-stop(20%, #ffffff), color-stop(50%, #f6f6f6), color-stop(52%, #eeeeee), color-stop(100%, #f4f4f4));
background: -webkit-linear-gradient(top, #ffffff 20%, #f6f6f6 50%, #eeeeee 52%, #f4f4f4 100%);
background: -moz-linear-gradient(top, #ffffff 20%, #f6f6f6 50%, #eeeeee 52%, #f4f4f4 100%);
background: -o-linear-gradient(top, #ffffff 20%, #f6f6f6 50%, #eeeeee 52%, #f4f4f4 100%);
background: linear-gradient(top, #ffffff 20%, #f6f6f6 50%, #eeeeee 52%, #f4f4f4 100%);
background-clip: padding-box;
box-shadow: 0 0 3px white inset, 0 1px 1px rgba(0, 0, 0, 0.1);
color: #444;
text-decoration: none;
white-space: nowrap;
line-height: 24px;
}
.chosen-container-single .chosen-default {
color: #999;
}
.chosen-container-single .chosen-single span {
display: block;
overflow: hidden;
margin-right: 26px;
text-overflow: ellipsis;
white-space: nowrap;
}
.chosen-container-single .chosen-single-with-deselect span {
margin-right: 38px;
}
.chosen-container-single .chosen-single abbr {
position: absolute;
top: 6px;
right: 26px;
display: block;
width: 12px;
height: 12px;
background: url('chosen-sprite.png') -42px 1px no-repeat;
font-size: 1px;
}
.chosen-container-single .chosen-single abbr:hover {
background-position: -42px -10px;
}
.chosen-container-single.chosen-disabled .chosen-single abbr:hover {
background-position: -42px -10px;
}
.chosen-container-single .chosen-single div {
position: absolute;
top: 0;
right: 0;
display: block;
width: 18px;
height: 100%;
}
.chosen-container-single .chosen-single div b {
display: block;
width: 100%;
height: 100%;
background: url('chosen-sprite.png') no-repeat 0px 2px;
}
.chosen-container-single .chosen-search {
position: relative;
z-index: 1010;
margin: 0;
padding: 3px 4px;
white-space: nowrap;
}
.chosen-container-single .chosen-search input[type="text"] {
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
box-sizing: border-box;
margin: 1px 0;
padding: 4px 20px 4px 5px;
width: 100%;
height: auto;
outline: 0;
border: 1px solid #aaa;
background: white url('chosen-sprite.png') no-repeat 100% -20px;
background: url('chosen-sprite.png') no-repeat 100% -20px, -webkit-gradient(linear, 50% 0%, 50% 100%, color-stop(1%, #eeeeee), color-stop(15%, #ffffff));
background: url('chosen-sprite.png') no-repeat 100% -20px, -webkit-linear-gradient(#eeeeee 1%, #ffffff 15%);
background: url('chosen-sprite.png') no-repeat 100% -20px, -moz-linear-gradient(#eeeeee 1%, #ffffff 15%);
background: url('chosen-sprite.png') no-repeat 100% -20px, -o-linear-gradient(#eeeeee 1%, #ffffff 15%);
background: url('chosen-sprite.png') no-repeat 100% -20px, linear-gradient(#eeeeee 1%, #ffffff 15%);
font-size: 1em;
font-family: sans-serif;
line-height: normal;
border-radius: 0;
}
.chosen-container-single .chosen-drop {
margin-top: -1px;
border-radius: 0 0 4px 4px;
background-clip: padding-box;
}
.chosen-container-single.chosen-container-single-nosearch .chosen-search {
position: absolute;
left: -9999px;
}
/* @end */
/* @group Results */
.chosen-container .chosen-results {
position: relative;
overflow-x: hidden;
overflow-y: auto;
margin: 0 4px 4px 0;
padding: 0 0 0 4px;
max-height: 240px;
-webkit-overflow-scrolling: touch;
}
.chosen-container .chosen-results li {
display: none;
margin: 0;
padding: 5px 6px;
list-style: none;
line-height: 15px;
}
.chosen-container .chosen-results li.active-result {
display: list-item;
cursor: pointer;
}
.chosen-container .chosen-results li.disabled-result {
display: list-item;
color: #ccc;
cursor: default;
}
.chosen-container .chosen-results li.highlighted {
background-color: #3875d7;
background-image: -webkit-gradient(linear, 50% 0%, 50% 100%, color-stop(20%, #3875d7), color-stop(90%, #2a62bc));
background-image: -webkit-linear-gradient(#3875d7 20%, #2a62bc 90%);
background-image: -moz-linear-gradient(#3875d7 20%, #2a62bc 90%);
background-image: -o-linear-gradient(#3875d7 20%, #2a62bc 90%);
background-image: linear-gradient(#3875d7 20%, #2a62bc 90%);
color: #fff;
}
.chosen-container .chosen-results li.no-results {
display: list-item;
background: #f4f4f4;
}
.chosen-container .chosen-results li.group-result {
display: list-item;
font-weight: bold;
cursor: default;
}
.chosen-container .chosen-results li.group-option {
padding-left: 15px;
}
.chosen-container .chosen-results li em {
font-style: normal;
text-decoration: underline;
}
/* @end */
/* @group Multi Chosen */
.chosen-container-multi .chosen-choices {
position: relative;
overflow: hidden;
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
box-sizing: border-box;
margin: 0;
padding: 0;
width: 100%;
height: auto !important;
height: 1%;
border: 1px solid #aaa;
background-color: #fff;
background-image: -webkit-gradient(linear, 50% 0%, 50% 100%, color-stop(1%, #eeeeee), color-stop(15%, #ffffff));
background-image: -webkit-linear-gradient(#eeeeee 1%, #ffffff 15%);
background-image: -moz-linear-gradient(#eeeeee 1%, #ffffff 15%);
background-image: -o-linear-gradient(#eeeeee 1%, #ffffff 15%);
background-image: linear-gradient(#eeeeee 1%, #ffffff 15%);
cursor: text;
}
.chosen-container-multi .chosen-choices li {
float: left;
list-style: none;
}
.chosen-container-multi .chosen-choices li.search-field {
margin: 0;
padding: 0;
white-space: nowrap;
}
.chosen-container-multi .chosen-choices li.search-field input[type="text"] {
margin: 1px 0;
padding: 5px;
height: 15px;
outline: 0;
border: 0 !important;
background: transparent !important;
box-shadow: none;
color: #666;
font-size: 100%;
font-family: sans-serif;
line-height: normal;
border-radius: 0;
}
.chosen-container-multi .chosen-choices li.search-field .default {
color: #999;
}
.chosen-container-multi .chosen-choices li.search-choice {
position: relative;
margin: 3px 0 3px 5px;
padding: 3px 20px 3px 5px;
border: 1px solid #aaa;
border-radius: 3px;
background-color: #e4e4e4;
background-image: -webkit-gradient(linear, 50% 0%, 50% 100%, color-stop(20%, #f4f4f4), color-stop(50%, #f0f0f0), color-stop(52%, #e8e8e8), color-stop(100%, #eeeeee));
background-image: -webkit-linear-gradient(#f4f4f4 20%, #f0f0f0 50%, #e8e8e8 52%, #eeeeee 100%);
background-image: -moz-linear-gradient(#f4f4f4 20%, #f0f0f0 50%, #e8e8e8 52%, #eeeeee 100%);
background-image: -o-linear-gradient(#f4f4f4 20%, #f0f0f0 50%, #e8e8e8 52%, #eeeeee 100%);
background-image: linear-gradient(#f4f4f4 20%, #f0f0f0 50%, #e8e8e8 52%, #eeeeee 100%);
background-clip: padding-box;
box-shadow: 0 0 2px white inset, 0 1px 0 rgba(0, 0, 0, 0.05);
color: #333;
line-height: 13px;
cursor: default;
}
.chosen-container-multi .chosen-choices li.search-choice .search-choice-close {
position: absolute;
top: 4px;
right: 3px;
display: block;
width: 12px;
height: 12px;
background: url('chosen-sprite.png') -42px 1px no-repeat;
font-size: 1px;
}
.chosen-container-multi .chosen-choices li.search-choice .search-choice-close:hover {
background-position: -42px -10px;
}
.chosen-container-multi .chosen-choices li.search-choice-disabled {
padding-right: 5px;
border: 1px solid #ccc;
background-color: #e4e4e4;
background-image: -webkit-gradient(linear, 50% 0%, 50% 100%, color-stop(20%, #f4f4f4), color-stop(50%, #f0f0f0), color-stop(52%, #e8e8e8), color-stop(100%, #eeeeee));
background-image: -webkit-linear-gradient(top, #f4f4f4 20%, #f0f0f0 50%, #e8e8e8 52%, #eeeeee 100%);
background-image: -moz-linear-gradient(top, #f4f4f4 20%, #f0f0f0 50%, #e8e8e8 52%, #eeeeee 100%);
background-image: -o-linear-gradient(top, #f4f4f4 20%, #f0f0f0 50%, #e8e8e8 52%, #eeeeee 100%);
background-image: linear-gradient(top, #f4f4f4 20%, #f0f0f0 50%, #e8e8e8 52%, #eeeeee 100%);
color: #666;
}
.chosen-container-multi .chosen-choices li.search-choice-focus {
background: #d4d4d4;
}
.chosen-container-multi .chosen-choices li.search-choice-focus .search-choice-close {
background-position: -42px -10px;
}
.chosen-container-multi .chosen-results {
margin: 0;
padding: 0;
}
.chosen-container-multi .chosen-drop .result-selected {
display: list-item;
color: #ccc;
cursor: default;
}
/* @end */
/* @group Active */
.chosen-container-active .chosen-single {
border: 1px solid #5897fb;
box-shadow: 0 0 5px rgba(0, 0, 0, 0.3);
}
.chosen-container-active.chosen-with-drop .chosen-single {
border: 1px solid #aaa;
-moz-border-radius-bottomright: 0;
border-bottom-right-radius: 0;
-moz-border-radius-bottomleft: 0;
border-bottom-left-radius: 0;
background-image: -webkit-gradient(linear, 50% 0%, 50% 100%, color-stop(20%, #eeeeee), color-stop(80%, #ffffff));
background-image: -webkit-linear-gradient(#eeeeee 20%, #ffffff 80%);
background-image: -moz-linear-gradient(#eeeeee 20%, #ffffff 80%);
background-image: -o-linear-gradient(#eeeeee 20%, #ffffff 80%);
background-image: linear-gradient(#eeeeee 20%, #ffffff 80%);
box-shadow: 0 1px 0 #fff inset;
}
.chosen-container-active.chosen-with-drop .chosen-single div {
border-left: none;
background: transparent;
}
.chosen-container-active.chosen-with-drop .chosen-single div b {
background-position: -18px 2px;
}
.chosen-container-active .chosen-choices {
border: 1px solid #5897fb;
box-shadow: 0 0 5px rgba(0, 0, 0, 0.3);
}
.chosen-container-active .chosen-choices li.search-field input[type="text"] {
color: #111 !important;
}
/* @end */
/* @group Disabled Support */
.chosen-disabled {
opacity: 0.5 !important;
cursor: default;
}
.chosen-disabled .chosen-single {
cursor: default;
}
.chosen-disabled .chosen-choices .search-choice .search-choice-close {
cursor: default;
}
/* @end */
/* @group Right to Left */
.chosen-rtl {
text-align: right;
}
.chosen-rtl .chosen-single {
overflow: visible;
padding: 0 8px 0 0;
}
.chosen-rtl .chosen-single span {
margin-right: 0;
margin-left: 26px;
direction: rtl;
}
.chosen-rtl .chosen-single-with-deselect span {
margin-left: 38px;
}
.chosen-rtl .chosen-single div {
right: auto;
left: 3px;
}
.chosen-rtl .chosen-single abbr {
right: auto;
left: 26px;
}
.chosen-rtl .chosen-choices li {
float: right;
}
.chosen-rtl .chosen-choices li.search-field input[type="text"] {
direction: rtl;
}
.chosen-rtl .chosen-choices li.search-choice {
margin: 3px 5px 3px 0;
padding: 3px 5px 3px 19px;
}
.chosen-rtl .chosen-choices li.search-choice .search-choice-close {
right: auto;
left: 4px;
}
.chosen-rtl.chosen-container-single-nosearch .chosen-search,
.chosen-rtl .chosen-drop {
left: 9999px;
}
.chosen-rtl.chosen-container-single .chosen-results {
margin: 0 0 4px 4px;
padding: 0 4px 0 0;
}
.chosen-rtl .chosen-results li.group-option {
padding-right: 15px;
padding-left: 0;
}
.chosen-rtl.chosen-container-active.chosen-with-drop .chosen-single div {
border-right: none;
}
.chosen-rtl .chosen-search input[type="text"] {
padding: 4px 5px 4px 20px;
background: white url('chosen-sprite.png') no-repeat -30px -20px;
background: url('chosen-sprite.png') no-repeat -30px -20px, -webkit-gradient(linear, 50% 0%, 50% 100%, color-stop(1%, #eeeeee), color-stop(15%, #ffffff));
background: url('chosen-sprite.png') no-repeat -30px -20px, -webkit-linear-gradient(#eeeeee 1%, #ffffff 15%);
background: url('chosen-sprite.png') no-repeat -30px -20px, -moz-linear-gradient(#eeeeee 1%, #ffffff 15%);
background: url('chosen-sprite.png') no-repeat -30px -20px, -o-linear-gradient(#eeeeee 1%, #ffffff 15%);
background: url('chosen-sprite.png') no-repeat -30px -20px, linear-gradient(#eeeeee 1%, #ffffff 15%);
direction: rtl;
}
.chosen-rtl.chosen-container-single .chosen-single div b {
background-position: 6px 2px;
}
.chosen-rtl.chosen-container-single.chosen-with-drop .chosen-single div b {
background-position: -12px 2px;
}
/* @end */
/* @group Retina compatibility */
@media only screen and (-webkit-min-device-pixel-ratio: 2), only screen and (min-resolution: 144dpi) {
.chosen-rtl .chosen-search input[type="text"],
.chosen-container-single .chosen-single abbr,
.chosen-container-single .chosen-single div b,
.chosen-container-single .chosen-search input[type="text"],
.chosen-container-multi .chosen-choices .search-choice .search-choice-close,
.chosen-container .chosen-results-scroll-down span,
.chosen-container .chosen-results-scroll-up span {
background-image: url('chosen-sprite@2x.png') !important;
background-size: 52px 37px !important;
background-repeat: no-repeat !important;
}
}
/* @end */

3
css/chosen.min.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

31
css/css.php
View File

@@ -24,23 +24,32 @@
*/
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'init.php';
$cssFiles = array(
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
$themeCssPath = VIEW_PATH . DIRECTORY_SEPARATOR . \SP\Init::$THEME . DIRECTORY_SEPARATOR . 'css' . DIRECTORY_SEPARATOR . 'css.php';
$cssFilesBase = array(
array('href' => 'css/reset.css', 'min' => true),
array('href' => 'css/smoothness/jquery-ui.css', 'min' => true),
array('href' => 'css/jquery-ui.min.css', 'min' => false),
array('href' => 'css/jquery-ui.structure.min.css', 'min' => false),
array('href' => 'css/jquery.powertip.css', 'min' => true),
array('href' => 'css/jquery.powertip-yellow.min.css', 'min' => true),
array('href' => 'css/chosen.css', 'min' => true),
array('href' => 'css/alertify.core.css', 'min' => true),
array('href' => 'css/alertify.default.css', 'min' => true),
array('href' => 'css/chosen.min.css', 'min' => true),
array('href' => 'css/chosen-custom.css', 'min' => true),
array('href' => 'css/alertify-bootstrap-3.css', 'min' => false),
array('href' => 'css/jquery.tagsinput.css', 'min' => true),
array('href' => 'js/fancybox/jquery.fancybox.css', 'min' => true),
array('href' => 'css/styles.css', 'min' => true)
array('href' => 'css/jquery.fancybox.css', 'min' => true),
array('href' => 'css/fonts.css', 'min' => true),
array('href' => 'css/material-icons.css', 'min' => true),
);
if (!SP_Util::resultsCardsIsEnabled()) {
array_push($cssFiles, array('href' => 'css/search-grid.css', 'min' => true));
if (file_exists($themeCssPath)){
include $themeCssPath;
foreach ($cssFilesTheme as $file) {
array_push($cssFilesBase, $file);
}
}
SP_Util::getMinified('css', $cssFiles);
SP\Util::getMinified('css', $cssFilesBase);

0
js/fancybox/blank.gif → css/fancybox/blank.gif
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 43 B

After

Width:  |  Height:  |  Size: 43 B

BIN
css/fancybox/fancybox_loading.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.4 KiB

BIN
css/fancybox/fancybox_loading@2x.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 14 KiB

0
js/fancybox/fancybox_overlay.png → css/fancybox/fancybox_overlay.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1003 B

After

Width:  |  Height:  |  Size: 1003 B

0
js/fancybox/fancybox_sprite.png → css/fancybox/fancybox_sprite.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.3 KiB

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
css/fancybox/fancybox_sprite@2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.4 KiB

0
js/fancybox/helpers/fancybox_buttons.png → css/fancybox/helpers/fancybox_buttons.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.1 KiB

After

Width:  |  Height:  |  Size: 1.1 KiB

1
js/fancybox/helpers/jquery.fancybox-buttons.css → css/fancybox/helpers/jquery.fancybox-buttons.css
View File

@@ -46,6 +46,7 @@
width: 30px;
height: 30px;
text-indent: -9999px;
background-color: transparent;
background-image: url('fancybox_buttons.png');
background-repeat: no-repeat;
outline: none;

9
js/fancybox/helpers/jquery.fancybox-buttons.js → css/fancybox/helpers/jquery.fancybox-buttons.js
View File

@@ -1,6 +1,6 @@
/*!
* Buttons helper for fancyBox
* version: 1.0.4 (Mon, 01 Oct 2012)
* version: 1.0.5 (Mon, 15 Oct 2012)
* @requires fancyBox v2.0 or later
*
* Usage:
@@ -22,7 +22,7 @@
defaults : {
skipSingle : false, // disables if gallery contains single image
position : 'top', // 'top' or 'bottom'
tpl : '<div id="fancybox-buttons"><ul><li><a class="btnPrev" title="Previous" href="javascript:;"></a></li><li><a class="btnPlay" title="Start slideshow" href="javascript:;"></a></li><li><a class="btnNext" title="Next" href="javascript:;"></a></li><li><a class="btnToggle" title="Toggle size" href="javascript:;"></a></li><li><a class="btnClose" title="Close" href="javascript:jQuery.fancybox.close();"></a></li></ul></div>',
tpl : '<div id="fancybox-buttons"><ul><li><a class="btnPrev" title="Previous" href="javascript:;"></a></li><li><a class="btnPlay" title="Start slideshow" href="javascript:;"></a></li><li><a class="btnNext" title="Next" href="javascript:;"></a></li><li><a class="btnToggle" title="Toggle size" href="javascript:;"></a></li><li><a class="btnClose" title="Close" href="javascript:;"></a></li></ul></div>'
},
list : null,
@@ -64,7 +64,8 @@
prev : this.list.find('.btnPrev').click( F.prev ),
next : this.list.find('.btnNext').click( F.next ),
play : this.list.find('.btnPlay').click( F.play ),
toggle : this.list.find('.btnToggle').click( F.toggle )
toggle : this.list.find('.btnToggle').click( F.toggle ),
close : this.list.find('.btnClose').click( F.close )
}
}
@@ -118,4 +119,4 @@
}
};
}(jQuery));
}(jQuery));

25
js/fancybox/helpers/jquery.fancybox-media.js → css/fancybox/helpers/jquery.fancybox-media.js
View File

@@ -1,6 +1,6 @@
/*!
* Media helper for fancyBox
* version: 1.0.4 (Mon, 01 Oct 2012)
* version: 1.0.6 (Fri, 14 Jun 2013)
* @requires fancyBox v2.0 or later
*
* Usage:
@@ -25,7 +25,7 @@
*
* Or:
* $(".fancybox").fancybox({,
* helpers : {
* helpers : {
* media: true
* },
* youtube : {
@@ -39,6 +39,7 @@
* http://www.youtube.com/watch?v=opj24KnzrWo
* http://www.youtube.com/embed/opj24KnzrWo
* http://youtu.be/opj24KnzrWo
* http://www.youtube-nocookie.com/embed/opj24KnzrWo
* Vimeo
* http://vimeo.com/40648169
* http://vimeo.com/channels/staffpicks/38843628
@@ -88,7 +89,7 @@
F.helpers.media = {
defaults : {
youtube : {
matcher : /(youtube\.com|youtu\.be)\/(watch\?v=|v\/|u\/|embed\/?)?([\w-]{11}|\?listType=(.*)&list=(.*)).*/i,
matcher : /(youtube\.com|youtu\.be|youtube-nocookie\.com)\/(watch\?v=|v\/|u\/|embed\/?)?(videoseries\?list=(.*)|[\w-]{11}|\?listType=(.*)&list=(.*)).*/i,
params : {
autoplay : 1,
autohide : 1,
@@ -151,7 +152,7 @@
instagram : {
matcher : /(instagr\.am|instagram\.com)\/p\/([a-zA-Z0-9_\-]+)\/?/i,
type : 'image',
url : '//$1/p/$2/media/'
url : '//$1/p/$2/media/?size=l'
},
google_maps : {
matcher : /maps\.google\.([a-z]{2,3}(\.[a-z]{2})?)\/(\?ll=|maps\?)(.*)/i,
@@ -171,16 +172,18 @@
params;
for (what in opts) {
item = opts[ what ];
rez = url.match( item.matcher );
if (opts.hasOwnProperty(what)) {
item = opts[ what ];
rez = url.match( item.matcher );
if (rez) {
type = item.type;
params = $.extend(true, {}, item.params, obj[ what ] || ($.isPlainObject(opts[ what ]) ? opts[ what ].params : null));
if (rez) {
type = item.type;
params = $.extend(true, {}, item.params, obj[ what ] || ($.isPlainObject(opts[ what ]) ? opts[ what ].params : null));
url = $.type( item.url ) === "function" ? item.url.call( this, rez, params, obj ) : format( item.url, rez, params );
url = $.type( item.url ) === "function" ? item.url.call( this, rez, params, obj ) : format( item.url, rez, params );
break;
break;
}
}
}

1
js/fancybox/helpers/jquery.fancybox-thumbs.css → css/fancybox/helpers/jquery.fancybox-thumbs.css
View File

@@ -51,4 +51,5 @@
position: relative;
border: 0;
padding: 0;
max-width: none;
}

0
js/fancybox/helpers/jquery.fancybox-thumbs.js → css/fancybox/helpers/jquery.fancybox-thumbs.js
View File

11
css/fonts.css Normal file
View File

@@ -0,0 +1,11 @@
@font-face {
font-family: 'Material Icons';
font-style: normal;
font-weight: 400;
src: url("MaterialIcons-Regular.eot"); /* For IE6-8 */
src: local('Material Icons'),
local('MaterialIcons-Regular'),
url("MaterialIcons-Regular.woff2") format('woff2'),
url("MaterialIcons-Regular.woff") format('woff'),
url("MaterialIcons-Regular.ttf") format('truetype');
}

BIN
css/images/ui-bg_flat_0_aaaaaa_40x100.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 212 B

BIN
css/images/ui-bg_flat_75_ffffff_40x100.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 208 B

BIN
css/smoothness/images/ui-bg_glass_55_fbf9ee_1x400.png → css/images/ui-bg_glass_55_fbf9ee_1x400.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 335 B

After

Width:  |  Height:  |  Size: 335 B

BIN
css/images/ui-bg_glass_65_ffffff_1x400.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 207 B

0
css/smoothness/images/ui-bg_glass_75_ON_1x400.png → css/images/ui-bg_glass_75_ON_1x400.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 159 B

After

Width:  |  Height:  |  Size: 159 B

BIN
css/smoothness/images/ui-bg_glass_75_dadada_1x400.png → css/images/ui-bg_glass_75_dadada_1x400.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 262 B

After

Width:  |  Height:  |  Size: 262 B

BIN
css/smoothness/images/ui-bg_glass_75_e6e6e6_1x400.png → css/images/ui-bg_glass_75_e6e6e6_1x400.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 262 B

After

Width:  |  Height:  |  Size: 262 B

BIN
css/smoothness/images/ui-bg_glass_95_fef1ec_1x400.png → css/images/ui-bg_glass_95_fef1ec_1x400.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 332 B

After

Width:  |  Height:  |  Size: 332 B

BIN
css/images/ui-bg_highlight-soft_75_cccccc_1x100.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 280 B

BIN
css/smoothness/images/ui-icons_222222_256x240.png → css/images/ui-icons_222222_256x240.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 6.8 KiB

After

Width:  |  Height:  |  Size: 6.8 KiB

BIN
css/smoothness/images/ui-icons_2e83ff_256x240.png → css/images/ui-icons_2e83ff_256x240.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 4.4 KiB

After

Width:  |  Height:  |  Size: 4.4 KiB

BIN
css/smoothness/images/ui-icons_454545_256x240.png → css/images/ui-icons_454545_256x240.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 6.8 KiB

After

Width:  |  Height:  |  Size: 6.8 KiB

BIN
css/smoothness/images/ui-icons_888888_256x240.png → css/images/ui-icons_888888_256x240.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 6.8 KiB

After

Width:  |  Height:  |  Size: 6.8 KiB

BIN
css/smoothness/images/ui-icons_cd0a0a_256x240.png → css/images/ui-icons_cd0a0a_256x240.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 4.4 KiB

After

Width:  |  Height:  |  Size: 4.4 KiB

7
css/jquery-ui.min.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

5
css/jquery-ui.structure.min.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

44
js/fancybox/jquery.fancybox.css → css/jquery.fancybox.css vendored
View File

@@ -1,4 +1,4 @@
/*! fancyBox v2.1.0 fancyapps.com | fancyapps.com/fancybox/#license */
/*! fancyBox v2.1.5 fancyapps.com | fancyapps.com/fancybox/#license */
.fancybox-wrap,
.fancybox-skin,
.fancybox-outer,
@@ -76,7 +76,7 @@
}
#fancybox-loading, .fancybox-close, .fancybox-prev span, .fancybox-next span {
background-image: url('../js/fancybox/fancybox_sprite.png');
background-image: url('fancybox/fancybox_sprite.png');
}
#fancybox-loading {
@@ -94,7 +94,7 @@
#fancybox-loading div {
width: 44px;
height: 44px;
background: url('../js/fancybox/fancybox_loading.gif') center center no-repeat;
background: url('fancybox/fancybox_loading.gif') center center no-repeat;
}
.fancybox-close {
@@ -114,7 +114,7 @@
height: 100%;
cursor: pointer;
text-decoration: none;
background: transparent url('../js/fancybox/blank.gif'); /* helps IE */
background: transparent url('fancybox/blank.gif'); /* helps IE */
-webkit-tap-highlight-color: rgba(0,0,0,0);
z-index: 8040;
}
@@ -154,15 +154,27 @@
.fancybox-tmp {
position: absolute;
top: -9999px;
left: -9999px;
top: -99999px;
left: -99999px;
visibility: hidden;
max-width: 99999px;
max-height: 99999px;
overflow: visible !important;
}
/* Overlay helper */
.fancybox-lock {
overflow: hidden;
overflow: hidden !important;
width: auto;
}
.fancybox-lock body {
overflow: hidden !important;
}
.fancybox-lock-test {
overflow-y: hidden !important;
}
.fancybox-overlay {
@@ -172,7 +184,7 @@
overflow: hidden;
display: none;
z-index: 8010;
background: url('../js/fancybox/fancybox_overlay.png');
background: url('fancybox/fancybox_overlay.png');
}
.fancybox-overlay-fixed {
@@ -243,4 +255,20 @@
padding: 10px;
background: #000;
background: rgba(0, 0, 0, .8);
}
/*Retina graphics!*/
@media only screen and (-webkit-min-device-pixel-ratio: 1.5),
only screen and (min--moz-device-pixel-ratio: 1.5),
only screen and (min-device-pixel-ratio: 1.5){
#fancybox-loading, .fancybox-close, .fancybox-prev span, .fancybox-next span {
background-image: url('fancybox/fancybox_sprite@2x.png');
background-size: 44px 152px; /*The size of the normal image, half the size of the hi-res image*/
}
#fancybox-loading div {
background-image: url('fancybox/fancybox_loading@2x.gif');
background-size: 24px 24px; /*The size of the normal image, half the size of the hi-res image*/
}
}

2
css/jquery.tagsinput.css
View File

@@ -76,7 +76,7 @@ div.tagsinput input {
}
div.tagsinput span.tag {
background: url("smoothness/images/ui-bg_glass_75_e6e6e6_1x400.png") repeat-x scroll 50% 50% #E6E6E6;
background: url("images/ui-bg_glass_75_e6e6e6_1x400.png") repeat-x scroll 50% 50% #E6E6E6;
border: 1px solid #D3D3D3;
color: #555555;
}

36
css/material-icons.css Normal file
View File

@@ -0,0 +1,36 @@
.material-icons {
font-family: 'Material Icons';
font-weight: normal;
font-style: normal;
font-size: 24px; /* Preferred icon size */
display: inline-block;
width: 1em;
height: 1em;
line-height: 1;
text-transform: none;
letter-spacing: normal;
word-wrap: normal;
/* Support for all WebKit browsers. */
-webkit-font-smoothing: antialiased;
/* Support for Safari and Chrome. */
text-rendering: optimizeLegibility;
/* Support for Firefox. */
-moz-osx-font-smoothing: grayscale;
/* Support for IE. */
font-feature-settings: 'liga';
}
.material-icons.md-18 { font-size: 18px; }
.material-icons.md-24 { font-size: 24px; }
.material-icons.md-36 { font-size: 36px; }
.material-icons.md-48 { font-size: 48px; }
.material-icons.md-60 { font-size: 60px; }
.material-icons.md-dark { color: rgba(0, 0, 0, 0.54); }
.material-icons.md-dark.md-inactive { color: rgba(0, 0, 0, 0.26); }
.material-icons.md-light { color: rgba(255, 255, 255, 1); }
.material-icons.md-light.md-inactive { color: rgba(255, 255, 255, 0.3); }

108
css/search-grid.css
View File

@@ -1,108 +0,0 @@
#content #data-search .account-info img,
#content #data-search .account-actions img {
width: 24px;
height: 24px;
margin: 0 0.5em;
}
#content #data-search {
text-align: center;
padding: 0.5em 0;
}
#content #data-search .account-label {
width: 95%;
height: 70px;
text-align: left;
margin: 0;
margin-bottom: 0.2em;
padding: 0.5em;
color: #696969;
background-color: #fcfcfc;
display: inline-block;
}
#content #data-search .account-label .label-field {
float: left;
width: 18%;
height: 3em;
}
#content #data-search .account-label .field-name {
float: left;
width: 80px;
padding: 0.3em 0.2em;
color: #b9b9b9;
display: none
}
#content #data-search .account-label .field-text {
float: left;
width: 95%;
padding: 0.3em 0.3em;
word-wrap: break-word;
}
#content #data-search .account-label .header .field-name {
color: white;
font-weight: bold
}
#content #data-search .account-label .field-text a {
color: #4895FA
}
#content #data-search .account-label .no-link,
#content #data-search .account-label .no-link a {
color: white;
font-weight: bold;
}
#content #data-search .account-label .field-customer .field-text {
height: 2.5em;
width: 95%;
}
#content #data-search .account-label .field-category {
width: 10% !important;
}
#content #data-search .account-info {
float: left;
clear: left;
width: 20%;
/*height: 2em;*/
padding: 0.5em 0;
text-align: left;
/*border-top: 1px solid #d9d9d9;*/
border: none;
}
#content #data-search .account-actions {
float: right;
position: relative;
top: -3em;
width: auto;
max-width: 18%;
height: auto;
padding: 0.5em;
text-align: right;
/*border-top: 1px solid #c9c9c9;*/
background-color: transparent;
box-shadow: 0 0 8px rgba(0, 0, 0, 0.075) inset;
}
#content #data-search .account-actions img {
margin: 3px 5px;
}
#content .actions-optional {
display: none;
}
#content #data-search .account-spacer {
float: left;
clear: left;
height: 2em;
width: 20%
}

BIN
css/smoothness/images/animated-overlay.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.7 KiB

BIN
css/smoothness/images/ui-bg_flat_0_aaaaaa_40x100.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 212 B

BIN
css/smoothness/images/ui-bg_flat_75_ffffff_40x100.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 208 B

BIN
css/smoothness/images/ui-bg_glass_65_ffffff_1x400.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 207 B

BIN
css/smoothness/images/ui-bg_highlight-soft_75_cccccc_1x100.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 280 B

1725
css/smoothness/jquery-ui.css vendored
View File

File diff suppressed because it is too large Load Diff

BIN
imgs/NotoSansUI-Regular.ttf Normal file
View File

Binary file not shown.

BIN
imgs/logo.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 18 KiB

After

Width:  |  Height:  |  Size: 18 KiB

74
imgs/logo.svg
View File

@@ -14,8 +14,11 @@
height="395.32526"
id="svg2985"
version="1.1"
inkscape:version="0.48.5 r10040"
sodipodi:docname="logo.svg">
inkscape:version="0.91 r13725"
sodipodi:docname="logo.svg"
inkscape:export-filename="C:\Users\rdominguez\Documents\IMGS\logo.png"
inkscape:export-xdpi="90"
inkscape:export-ydpi="90">
<defs
id="defs2987">
<linearGradient
@@ -427,24 +430,62 @@
result="composite2"
id="feComposite4495-8" />
</filter>
<filter
style="color-interpolation-filters:sRGB;"
inkscape:label="Diffuse Light"
id="filter4302">
<feGaussianBlur
in="SourceGraphic"
stdDeviation="5"
result="blur"
id="feGaussianBlur4304" />
<feDiffuseLighting
diffuseConstant="1"
surfaceScale="10"
lighting-color="rgb(255,255,255)"
result="diffuse"
id="feDiffuseLighting4306"
kernelUnitLength="0.01">
<feDistantLight
elevation="25"
azimuth="235"
id="feDistantLight4308"
specularExponent="1" />
</feDiffuseLighting>
<feComposite
in="diffuse"
in2="diffuse"
operator="arithmetic"
k1="1"
result="composite1"
id="feComposite4310" />
<feComposite
in="composite1"
in2="SourceGraphic"
k1="1"
operator="arithmetic"
k3="1"
result="composite2"
id="feComposite4312" />
</filter>
</defs>
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0.0"
borderopacity="1"
inkscape:pageopacity="1"
inkscape:pageshadow="2"
inkscape:zoom="1"
inkscape:cx="24.119479"
inkscape:cy="161.20187"
inkscape:zoom="0.97443379"
inkscape:cx="222.73701"
inkscape:cy="232.3281"
inkscape:current-layer="layer2"
inkscape:document-units="px"
showgrid="false"
inkscape:window-width="1440"
inkscape:window-height="852"
inkscape:window-x="0"
inkscape:window-y="25"
inkscape:window-width="1618"
inkscape:window-height="1028"
inkscape:window-x="54"
inkscape:window-y="-8"
inkscape:window-maximized="1"
showguides="true"
inkscape:guide-bbox="true"
@@ -452,7 +493,8 @@
fit-margin-top="0"
fit-margin-left="0"
fit-margin-right="0"
fit-margin-bottom="0" />
fit-margin-bottom="0"
borderlayer="true" />
<metadata
id="metadata2990">
<rdf:RDF>
@@ -461,10 +503,14 @@
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title />
<dc:title></dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:groupmode="layer"
id="layer1"
inkscape:label="Fondo" />
<g
inkscape:groupmode="layer"
id="layer2"
@@ -497,7 +543,7 @@
y="396.5" /></text>
</g>
<rect
style="fill:#3f51b5;fill-opacity:1;fill-rule:evenodd;stroke:none;filter:url(#filter4485-6)"
style="fill:#3f51b5;fill-opacity:1;fill-rule:evenodd;stroke:none;opacity:0.5;filter:url(#filter4302)"
id="rect3079"
width="298"
height="380"
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 20 KiB

After

Width:  |  Height:  |  Size: 21 KiB

535
imgs/logo_full.svg
View File

@@ -14,7 +14,7 @@
height="325"
id="svg2985"
version="1.1"
inkscape:version="0.91 r13725"
inkscape:version="0.48.5 r10040"
sodipodi:docname="logo_full.svg">
<defs
id="defs2987">
@@ -147,6 +147,162 @@
url('register.otf') format('otf');
}
</style>
<filter
style="color-interpolation-filters:sRGB;"
inkscape:label="Drop Shadow"
id="filter3059">
<feFlood
flood-opacity="1"
flood-color="rgb(63,81,181)"
result="flood"
id="feFlood3061" />
<feComposite
in="flood"
in2="SourceGraphic"
operator="in"
result="composite1"
id="feComposite3063" />
<feGaussianBlur
in="composite"
stdDeviation="5"
result="blur"
id="feGaussianBlur3065" />
<feOffset
dx="1"
dy="1"
result="offset"
id="feOffset3067" />
<feComposite
in="SourceGraphic"
in2="offset"
operator="over"
result="composite2"
id="feComposite3069" />
</filter>
<filter
color-interpolation-filters="sRGB"
inkscape:label="Drop Shadow"
id="filter3059-9">
<feFlood
flood-opacity="1"
flood-color="rgb(255,255,255)"
result="flood"
id="feFlood3061-9" />
<feComposite
in="flood"
in2="SourceGraphic"
operator="in"
result="composite1"
id="feComposite3063-0" />
<feGaussianBlur
stdDeviation="10"
result="blur"
id="feGaussianBlur3065-7" />
<feOffset
dx="1"
dy="1"
result="offset"
id="feOffset3067-9" />
<feComposite
in="SourceGraphic"
in2="offset"
operator="over"
result="composite2"
id="feComposite3069-1" />
</filter>
<filter
color-interpolation-filters="sRGB"
inkscape:label="Drop Shadow"
id="filter3059-9-6">
<feFlood
flood-opacity="1"
flood-color="rgb(63,81,181)"
result="flood"
id="feFlood3061-9-6" />
<feComposite
in="flood"
in2="SourceGraphic"
operator="in"
result="composite1"
id="feComposite3063-0-4" />
<feGaussianBlur
stdDeviation="5"
result="blur"
id="feGaussianBlur3065-7-1" />
<feOffset
dx="1"
dy="1"
result="offset"
id="feOffset3067-9-0" />
<feComposite
in="SourceGraphic"
in2="offset"
operator="over"
result="composite2"
id="feComposite3069-1-3" />
</filter>
<filter
color-interpolation-filters="sRGB"
inkscape:label="Drop Shadow"
id="filter3059-9-6-6">
<feFlood
flood-opacity="1"
flood-color="rgb(63,81,181)"
result="flood"
id="feFlood3061-9-6-1" />
<feComposite
in="flood"
in2="SourceGraphic"
operator="in"
result="composite1"
id="feComposite3063-0-4-5" />
<feGaussianBlur
stdDeviation="5"
result="blur"
id="feGaussianBlur3065-7-1-4" />
<feOffset
dx="1"
dy="1"
result="offset"
id="feOffset3067-9-0-9" />
<feComposite
in="SourceGraphic"
in2="offset"
operator="over"
result="composite2"
id="feComposite3069-1-3-1" />
</filter>
<filter
color-interpolation-filters="sRGB"
inkscape:label="Drop Shadow"
id="filter3059-9-6-6-4">
<feFlood
flood-opacity="1"
flood-color="rgb(63,81,181)"
result="flood"
id="feFlood3061-9-6-1-3" />
<feComposite
in="flood"
in2="SourceGraphic"
operator="in"
result="composite1"
id="feComposite3063-0-4-5-4" />
<feGaussianBlur
stdDeviation="4"
result="blur"
id="feGaussianBlur3065-7-1-4-6" />
<feOffset
dx="1"
dy="1"
result="offset"
id="feOffset3067-9-0-9-7" />
<feComposite
in="SourceGraphic"
in2="offset"
operator="over"
result="composite2"
id="feComposite3069-1-3-1-0" />
</filter>
</defs>
<sodipodi:namedview
id="base"
@@ -155,16 +311,16 @@
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="1.4142136"
inkscape:cx="306.34952"
inkscape:cy="222.65414"
inkscape:current-layer="g3864"
inkscape:zoom="1"
inkscape:cx="345.39776"
inkscape:cy="208.45656"
inkscape:current-layer="g3095"
inkscape:document-units="px"
showgrid="false"
inkscape:window-width="1618"
inkscape:window-height="1028"
inkscape:window-x="54"
inkscape:window-y="-8"
inkscape:window-width="1440"
inkscape:window-height="849"
inkscape:window-x="0"
inkscape:window-y="25"
inkscape:window-maximized="1"
showguides="false"
inkscape:guide-bbox="true"
@@ -236,44 +392,11 @@
style="fill:#3f51b5;fill-opacity:1;fill-rule:evenodd;stroke:none;filter:url(#filter4485)"
d="m 50.016484,128.39088 c -13.7906,0 -23.73383,2.70821 -22.3125,6.09375 l 55.40625,132.03125 c 0.568847,1.35497 2.901995,2.58263 6.34375,3.59375 l 0,-2.0625 c 0,-11.04839 11.222306,-20.03125 25.062496,-20.03125 l 3.71875,0 0,-51.6875 c 0,-30.95746 27.91708,-56.0625 62.34375,-56.0625 l 22.8125,0 c 34.42579,0 62.34375,25.10504 62.34375,56.0625 l 0,51.6875 3.71875,0 c 13.8402,0 25.0625,8.98286 25.0625,20.03125 l 0,4.5625 340.46875,0 c 13.7906,0 23.73383,-2.70821 22.3125,-6.09375 L 601.89148,134.48463 c -1.42133,-3.38554 -13.67815,-6.09375 -27.46875,-6.09375 l -524.406246,0 z"
id="path3862" />
<path
style="fill:#3f51b5;fill-opacity:1;fill-rule:evenodd;stroke:none;filter:url(#filter4485)"
d="m 294.51648,272.60963 -183.9375,0 c -8.27129,0 -15.967135,-0.98472 -21.124996,-2.5 l 0,121.59375 c 0,11.04839 11.222306,20 25.062496,20 l 154.9375,0 c 13.8402,0 25.0625,-8.95161 25.0625,-20 l 0,-119.09375 z"
id="path3860" />
<path
style="fill:#ffffff;fill-opacity:1;fill-rule:evenodd;stroke:none;filter:url(#filter3878);opacity:1"
d="m 184.98523,163.20338 c -21.06495,0 -38.125,16.36463 -38.125,36.5625 l 0,48.25 90.25,0 0,-48.25 c 0,-20.19787 -17.06004,-36.5625 -38.125,-36.5625 l -14,0 z"
id="rect4164" />
<path
id="path4152"
d="m 180.59375,140.28125 c -34.42667,0 -62.34375,25.10504 -62.34375,56.0625 l 0,51.6875 -3.71875,0 c -13.8402,0 -25.0625,8.98286 -25.0625,20.03125 l 0,123.65625 c 0,11.04839 11.2223,20 25.0625,20 l 154.9375,0 c 13.8402,0 25.0625,-8.95161 25.0625,-20 l 0,-123.65625 c 0,-11.04839 -11.2223,-20.03125 -25.0625,-20.03125 l -3.71875,0 0,-51.6875 c 0,-30.95746 -27.91796,-56.0625 -62.34375,-56.0625 l -22.8125,0 z m 4.40625,22.9375 14,0 c 21.06496,0 38.125,16.36463 38.125,36.5625 l 0,48.25 -90.25,0 0,-48.25 c 0,-20.19787 17.06004,-36.5625 38.125,-36.5625 z"
style="fill:#e6e6e6;stroke:#ffffff;stroke-width:1;stroke-miterlimit:4;stroke-dasharray:none;stroke-linejoin:round;stroke-opacity:1"
inkscape:connector-curvature="0" />
<path
d="m 106.87694,320.46931 q -1.35333,-0.76493 -1.7505,-2.28006 -0.39717,-1.51514 0.36775,-2.86846 l 1.88289,-3.23621 q 0.76492,-1.35333 2.28006,-1.7505 1.51513,-0.39717 2.86846,0.36775 l 7.82574,4.50128 0,-9.03197 q 0,-1.52985 1.11797,-2.64781 1.11796,-1.11797 2.6478,-1.11797 l 3.76578,0 q 1.52984,0 2.64781,1.11797 1.11796,1.11796 1.11796,2.64781 l 0,9.03197 7.82575,-4.50128 q 1.35332,-0.76492 2.86846,-0.36775 1.51514,0.39717 2.28006,1.7505 l 1.88288,3.23621 q 0.76493,1.35332 0.36776,2.86846 -0.39717,1.51513 -1.7505,2.28006 L 137.29732,325 l 7.82575,4.5307 q 1.35333,0.76492 1.7505,2.28005 0.39717,1.51514 -0.36776,2.86846 l -1.88288,3.23621 q -0.76492,1.35333 -2.28006,1.7505 -1.51514,0.39717 -2.86846,-0.36775 l -7.82575,-4.50128 0,9.03197 q 0,1.52985 -1.11796,2.64781 -1.11797,1.11797 -2.64781,1.11797 l -3.76578,0 q -1.52984,0 -2.6478,-1.11797 -1.11797,-1.11796 -1.11797,-2.64781 l 0,-9.03197 -7.82574,4.50128 q -1.35333,0.76492 -2.86846,0.36775 -1.51514,-0.39717 -2.28006,-1.7505 l -1.88289,-3.23621 q -0.76492,-1.35332 -0.36775,-2.86846 0.39717,-1.51513 1.7505,-2.28005 L 114.70268,325 z"
id="path3041"
inkscape:connector-curvature="0"
style="fill:#cccccc;fill-opacity:1;stroke:#cccccc;stroke-width:0.14366552;stroke-miterlimit:4;stroke-dasharray:none" />
<path
d="m 187.46931,344.12306 q -0.76492,1.35333 -2.28006,1.7505 -1.51513,0.39717 -2.86846,-0.36776 l -3.23621,-1.88288 q -1.35333,-0.76492 -1.75049,-2.28006 -0.39718,-1.51513 0.36774,-2.86846 l 4.50128,-7.82574 -9.03197,0 q -1.52984,0 -2.64781,-1.11797 -1.11797,-1.11796 -1.11797,-2.64781 l 0,-3.76577 q 0,-1.52984 1.11797,-2.64781 1.11797,-1.11796 2.64781,-1.11796 l 9.03197,0 -4.50128,-7.82575 q -0.76492,-1.35332 -0.36774,-2.86845 0.39716,-1.51514 1.75049,-2.28006 l 3.23621,-1.88289 q 1.35333,-0.76492 2.86846,-0.36775 1.51514,0.39717 2.28006,1.7505 l 4.53069,7.82574 4.5307,-7.82574 q 0.76492,-1.35333 2.28005,-1.7505 1.51514,-0.39717 2.86846,0.36775 l 3.23621,1.88289 q 1.35333,0.76492 1.7505,2.28006 0.39717,1.51513 -0.36775,2.86845 l -4.50128,7.82575 9.03197,0 q 1.52985,0 2.64782,1.11796 1.11796,1.11797 1.11796,2.64781 l 0,3.76577 q 0,1.52985 -1.11796,2.64781 -1.11797,1.11797 -2.64782,1.11797 l -9.03197,0 4.50128,7.82574 q 0.76492,1.35333 0.36775,2.86846 -0.39717,1.51514 -1.7505,2.28006 l -3.23621,1.88288 q -1.35332,0.76493 -2.86846,0.36776 -1.51513,-0.39717 -2.28005,-1.7505 L 192,336.29732 z"
id="path3041-6"
inkscape:connector-curvature="0"
style="fill:#607d8b;fill-opacity:1;stroke:#cccccc;stroke-width:0.14366552;stroke-miterlimit:4;stroke-dasharray:none" />
<path
d="m 238.92424,320.46931 q -1.35333,-0.76492 -1.75049,-2.28006 -0.39717,-1.51513 0.36775,-2.86846 l 1.88288,-3.23621 q 0.76493,-1.35333 2.28006,-1.75049 1.51514,-0.39718 2.86846,0.36774 l 7.82575,4.50128 0,-9.03197 q 0,-1.52984 1.11796,-2.64781 1.11796,-1.11797 2.64781,-1.11797 l 3.76577,0 q 1.52984,0 2.64781,1.11797 1.11797,1.11797 1.11797,2.64781 l 0,9.03197 7.82574,-4.50128 q 1.35332,-0.76492 2.86846,-0.36774 1.51513,0.39716 2.28006,1.75049 l 1.88289,3.23621 q 0.76491,1.35333 0.36774,2.86846 -0.39717,1.51514 -1.75049,2.28006 L 269.34462,325 l 7.82575,4.5307 q 1.35332,0.76492 1.75049,2.28005 0.39717,1.51514 -0.36774,2.86846 l -1.88289,3.23621 q -0.76493,1.35333 -2.28006,1.7505 -1.51514,0.39717 -2.86846,-0.36775 l -7.82574,-4.50128 0,9.03197 q 0,1.52985 -1.11797,2.64781 -1.11797,1.11797 -2.64781,1.11797 l -3.76577,0 q -1.52985,0 -2.64781,-1.11797 -1.11796,-1.11796 -1.11796,-2.64781 l 0,-9.03197 -7.82575,4.50128 q -1.35332,0.76492 -2.86846,0.36775 -1.51513,-0.39717 -2.28006,-1.7505 l -1.88288,-3.23621 q -0.76492,-1.35332 -0.36775,-2.86846 0.39716,-1.51513 1.75049,-2.28005 L 246.74999,325 z"
id="path3041-1"
inkscape:connector-curvature="0"
style="fill:#3f51b5;fill-opacity:1;stroke:#cccccc;stroke-width:0.14366552;stroke-miterlimit:4;stroke-dasharray:none" />
<rect
style="opacity:0.50000000000000000;fill:#ffffff;fill-opacity:1;fill-rule:evenodd;stroke:#cccccc;stroke-width:1.01193643000000000;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;filter:url(#filter3878)"
id="rect3044"
width="191.49452"
height="68.371681"
x="96.257629"
y="291.35638"
rx="15.806274"
ry="14.576706" />
</g>
<g
inkscape:groupmode="layer"
id="layer1"
inkscape:label="Candado_2" />
<g
inkscape:groupmode="layer"
id="layer3"
@@ -281,136 +404,200 @@
transform="translate(-2.5164841,-106.54713)"
style="display:inline">
<g
id="g3864">
id="g3095"
transform="translate(-4.1115388,15.04713)">
<path
inkscape:connector-curvature="0"
style="fill:#e6e6e6;stroke:none;filter:url(#filter3059-9-6-6-4)"
d="m 184.59374,108.28125 c -34.42664,0 -62.34372,25.10504 -62.34372,56.0625 l 0,51.68751 -3.71875,0 c -13.84019,0 -25.062502,8.98286 -25.062502,20.03125 l 0,123.65624 c 0,11.04839 11.222312,20 25.062502,20 l 154.93747,0 c 13.84019,0 25.0625,-8.95161 25.0625,-20 l 0,-123.65625 c 0,-11.04839 -11.22231,-20.03125 -25.0625,-20.03125 l -3.71875,0 0,-51.6875 c 0,-30.95746 -27.91796,-56.0625 -62.34375,-56.0625 l -22.8125,0 z m 4.40625,22.9375 14,0 c 21.06495,0 38.125,16.36463 38.125,36.5625 l 0,48.25001 -90.24997,0 0,-48.25001 c 0,-20.19787 17.06004,-36.5625 38.12497,-36.5625 z"
id="path4152-7-7" />
<path
style="fill:#cccccc;fill-opacity:1;stroke:#cccccc;stroke-width:0.14366552;stroke-miterlimit:4;stroke-dasharray:none"
inkscape:connector-curvature="0"
id="path3041"
d="m 110.87694,300.46931 q -1.35333,-0.76493 -1.7505,-2.28006 -0.39717,-1.51514 0.36775,-2.86846 l 1.88289,-3.23621 q 0.76492,-1.35333 2.28006,-1.7505 1.51513,-0.39717 2.86846,0.36775 l 7.82574,4.50128 0,-9.03197 q 0,-1.52985 1.11797,-2.64781 1.11796,-1.11797 2.6478,-1.11797 l 3.76578,0 q 1.52984,0 2.64781,1.11797 1.11796,1.11796 1.11796,2.64781 l 0,9.03197 7.82575,-4.50128 q 1.35332,-0.76492 2.86846,-0.36775 1.51514,0.39717 2.28006,1.7505 l 1.88288,3.23621 q 0.76493,1.35332 0.36776,2.86846 -0.39717,1.51513 -1.7505,2.28006 L 141.29732,305 l 7.82575,4.5307 q 1.35333,0.76492 1.7505,2.28005 0.39717,1.51514 -0.36776,2.86846 l -1.88288,3.23621 q -0.76492,1.35333 -2.28006,1.7505 -1.51514,0.39717 -2.86846,-0.36775 l -7.82575,-4.50128 0,9.03197 q 0,1.52985 -1.11796,2.64781 -1.11797,1.11797 -2.64781,1.11797 l -3.76578,0 q -1.52984,0 -2.6478,-1.11797 -1.11797,-1.11796 -1.11797,-2.64781 l 0,-9.03197 -7.82574,4.50128 q -1.35333,0.76492 -2.86846,0.36775 -1.51514,-0.39717 -2.28006,-1.7505 l -1.88289,-3.23621 q -0.76492,-1.35332 -0.36775,-2.86846 0.39717,-1.51513 1.7505,-2.28005 L 118.70268,305 z" />
<path
style="fill:#607d8b;fill-opacity:1;stroke:#cccccc;stroke-width:0.14366552;stroke-miterlimit:4;stroke-dasharray:none"
inkscape:connector-curvature="0"
id="path3041-6"
d="m 191.46931,324.12306 q -0.76492,1.35333 -2.28006,1.7505 -1.51513,0.39717 -2.86846,-0.36776 l -3.23621,-1.88288 q -1.35333,-0.76492 -1.75049,-2.28006 -0.39718,-1.51513 0.36774,-2.86846 l 4.50128,-7.82574 -9.03197,0 q -1.52984,0 -2.64781,-1.11797 -1.11797,-1.11796 -1.11797,-2.64781 l 0,-3.76577 q 0,-1.52984 1.11797,-2.64781 1.11797,-1.11796 2.64781,-1.11796 l 9.03197,0 -4.50128,-7.82575 q -0.76492,-1.35332 -0.36774,-2.86845 0.39716,-1.51514 1.75049,-2.28006 l 3.23621,-1.88289 q 1.35333,-0.76492 2.86846,-0.36775 1.51514,0.39717 2.28006,1.7505 l 4.53069,7.82574 4.5307,-7.82574 q 0.76492,-1.35333 2.28005,-1.7505 1.51514,-0.39717 2.86846,0.36775 l 3.23621,1.88289 q 1.35333,0.76492 1.7505,2.28006 0.39717,1.51513 -0.36775,2.86845 l -4.50128,7.82575 9.03197,0 q 1.52985,0 2.64782,1.11796 1.11796,1.11797 1.11796,2.64781 l 0,3.76577 q 0,1.52985 -1.11796,2.64781 -1.11797,1.11797 -2.64782,1.11797 l -9.03197,0 4.50128,7.82574 q 0.76492,1.35333 0.36775,2.86846 -0.39717,1.51514 -1.7505,2.28006 l -3.23621,1.88288 q -1.35332,0.76493 -2.86846,0.36776 -1.51513,-0.39717 -2.28005,-1.7505 L 196,316.29732 z" />
<path
style="fill:#3f51b5;fill-opacity:1;stroke:#cccccc;stroke-width:0.14366552;stroke-miterlimit:4;stroke-dasharray:none"
inkscape:connector-curvature="0"
id="path3041-1"
d="m 242.92424,300.46931 q -1.35333,-0.76492 -1.75049,-2.28006 -0.39717,-1.51513 0.36775,-2.86846 l 1.88288,-3.23621 q 0.76493,-1.35333 2.28006,-1.75049 1.51514,-0.39718 2.86846,0.36774 l 7.82575,4.50128 0,-9.03197 q 0,-1.52984 1.11796,-2.64781 1.11796,-1.11797 2.64781,-1.11797 l 3.76577,0 q 1.52984,0 2.64781,1.11797 1.11797,1.11797 1.11797,2.64781 l 0,9.03197 7.82574,-4.50128 q 1.35332,-0.76492 2.86846,-0.36774 1.51513,0.39716 2.28006,1.75049 l 1.88289,3.23621 q 0.76491,1.35333 0.36774,2.86846 -0.39717,1.51514 -1.75049,2.28006 L 273.34462,305 l 7.82575,4.5307 q 1.35332,0.76492 1.75049,2.28005 0.39717,1.51514 -0.36774,2.86846 l -1.88289,3.23621 q -0.76493,1.35333 -2.28006,1.7505 -1.51514,0.39717 -2.86846,-0.36775 l -7.82574,-4.50128 0,9.03197 q 0,1.52985 -1.11797,2.64781 -1.11797,1.11797 -2.64781,1.11797 l -3.76577,0 q -1.52985,0 -2.64781,-1.11797 -1.11796,-1.11796 -1.11796,-2.64781 l 0,-9.03197 -7.82575,4.50128 q -1.35332,0.76492 -2.86846,0.36775 -1.51513,-0.39717 -2.28006,-1.7505 l -1.88288,-3.23621 q -0.76492,-1.35332 -0.36775,-2.86846 0.39716,-1.51513 1.75049,-2.28005 L 250.74999,305 z" />
<rect
ry="14.576706"
rx="15.806274"
y="271.35638"
x="100.25763"
height="68.371681"
width="191.49452"
id="rect3044"
style="opacity:0.5;fill:#ffffff;fill-opacity:1;fill-rule:evenodd;stroke:#cccccc;stroke-width:1.01193643;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;filter:url(#filter3878)" />
<g
id="g4243">
id="g3864"
transform="translate(0,-28)">
<g
id="text4744"
style="font-style:normal;font-weight:normal;font-size:40px;line-height:125%;font-family:Register;letter-spacing:0px;word-spacing:0px;fill:#ffffff;fill-opacity:1;stroke:none;filter:url(#filter3034-2)">
<path
id="path4182"
style="font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:56px;font-family:Register;-inkscape-font-specification:'Register Italic';letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1"
d="m 301.5756,170.49813 -0.952,4.928 4.984,0 0.952,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.288,6.216 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 11.2,-24.864 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 11.2,-24.864 -0.952,4.928 4.984,0 0.952,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.288,6.216 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 11.2,-24.864 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -22.344,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z" />
<path
id="path4184"
style="font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:56px;font-family:Register;-inkscape-font-specification:'Register Italic';letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1"
d="m 326.52785,207.79413 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 22.344,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -7.448,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z" />
<path
id="path4186"
style="font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:56px;font-family:Register;-inkscape-font-specification:'Register Italic';letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1"
d="m 372.5921,201.57813 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 8.68,-12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 8.68,-12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 12.432,-31.08 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.288,6.216 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -19.88,-24.864 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.288,6.216 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z" />
<path
id="path4188"
style="font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:56px;font-family:Register;-inkscape-font-specification:'Register Italic';letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1"
d="m 403.76035,207.79413 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 22.344,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -7.448,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z" />
<path
id="path4190"
style="font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:56px;font-family:Register;-inkscape-font-specification:'Register Italic';letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1"
d="m 471.8886,182.48213 -0.952,4.928 4.984,0 0.952,-4.928 -4.984,0 z m 1.288,-6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -8.736,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -9.968,18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -9.968,18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -13.664,37.296 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 1.232,-6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 1.232,-6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 1.232,-6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 1.232,-6.216 -0.952,4.928 4.984,0 0.952,-4.928 -4.984,0 z m 1.288,-6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m 1.232,-6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z" />
<path
id="path4192"
style="font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:56px;font-family:Register;-inkscape-font-specification:'Register Italic';letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1"
d="m 492.19285,182.93013 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 11.2,-24.864 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 11.2,-24.864 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 9.968,-18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.288,6.216 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -23.632,-6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z" />
<path
id="path4194"
style="font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:56px;font-family:Register;-inkscape-font-specification:'Register Italic';letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1"
d="m 519.6091,207.79413 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 22.344,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -7.448,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z" />
<path
id="path4196"
style="font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:56px;font-family:Register;-inkscape-font-specification:'Register Italic';letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1"
d="m 558.22535,207.79413 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 22.344,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -7.448,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z" />
</g>
<g
id="text5277"
style="font-style:normal;font-weight:normal;font-size:12px;line-height:125%;font-family:Sans;letter-spacing:0px;word-spacing:0px;opacity:0.85;fill:#ffffff;fill-opacity:1;stroke:none">
<path
id="path4199"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 442.47137,231.45978 q 0,-0.58008 -0.41601,-0.97266 -0.41602,-0.39258 -1.46484,-0.66797 -1.30079,-0.32226 -2.03321,-0.94922 -0.72656,-0.62695 -0.72656,-1.57617 0,-1.00195 0.78516,-1.66992 0.78515,-0.66797 2.03906,-0.66797 1.34765,0 2.14453,0.76758 0.80273,0.76172 0.7793,1.78125 l -0.0176,0.0352 -1.10156,0 q 0,-0.72657 -0.50977,-1.20118 -0.50391,-0.47461 -1.29492,-0.47461 -0.8086,0 -1.24219,0.39258 -0.42773,0.39258 -0.42773,1.01953 0,0.55664 0.46875,0.93164 0.47461,0.36915 1.53515,0.6504 1.28907,0.33398 1.96289,0.98437 0.67383,0.65039 0.67383,1.60547 0,1.03125 -0.81445,1.6582 -0.8086,0.62696 -2.11524,0.62696 -1.23632,0 -2.18554,-0.69141 -0.94336,-0.69141 -0.91407,-1.85156 l 0.0117,-0.0352 1.10157,0 q 0,0.80273 0.60937,1.24219 0.60938,0.43359 1.37695,0.43359 0.82032,0 1.29493,-0.36914 0.48046,-0.36914 0.48046,-1.00195 z" />
<path
id="path4201"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 447.04169,231.26056 0.20508,0.79687 0.0351,0 1.5586,-4.78711 1.2832,0 -2.66602,7.3125 q -0.24023,0.63868 -0.6914,1.11329 -0.44532,0.47461 -1.20703,0.47461 -0.14063,0 -0.35743,-0.0352 -0.21679,-0.0293 -0.33398,-0.0586 l 0.11719,-0.90821 q -0.0352,-0.006 0.20507,0.0117 0.2461,0.0176 0.31055,0.0176 0.36914,0 0.60352,-0.32813 0.23437,-0.32812 0.39258,-0.72656 l 0.27539,-0.66211 -2.35547,-6.21094 1.28906,0 1.33594,3.99024 z" />
<path
id="path4203"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 454.83466,231.90509 q 0,-0.38086 -0.29297,-0.62109 -0.28711,-0.24024 -1.09571,-0.42188 -1.11914,-0.24023 -1.72265,-0.67383 -0.59766,-0.43359 -0.59766,-1.16015 0,-0.77344 0.65625,-1.32422 0.66211,-0.55078 1.71094,-0.55078 1.07812,0 1.74609,0.58593 0.66797,0.58594 0.63867,1.36524 l -0.0117,0.0352 -1.10157,0 q 0,-0.41016 -0.36328,-0.74415 -0.35742,-0.33398 -0.9082,-0.33398 -0.60938,0 -0.91406,0.27539 -0.29883,0.27539 -0.29883,0.65625 0,0.375 0.25781,0.58008 0.26367,0.20508 1.07813,0.375 1.16601,0.24609 1.76953,0.69726 0.60351,0.45118 0.60351,1.17774 0,0.84375 -0.68554,1.37695 -0.67969,0.53321 -1.78125,0.53321 -1.21289,0 -1.91016,-0.61524 -0.69727,-0.61523 -0.66211,-1.43555 l 0.0117,-0.0352 1.10156,0 q 0.0293,0.61523 0.45703,0.90234 0.42774,0.28125 1.00196,0.28125 0.61523,0 0.96093,-0.25781 0.35157,-0.26367 0.35157,-0.66797 z" />
<path
id="path4205"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 459.03583,225.74103 0,1.52929 1.20117,0 0,0.85547 -1.20117,0 0,3.84961 q 0,0.44532 0.18164,0.62696 0.1875,0.18164 0.49219,0.18164 0.0996,0 0.22265,-0.0234 0.12305,-0.0293 0.20508,-0.0586 l 0.1582,0.79101 q -0.1289,0.10547 -0.38086,0.16992 -0.25195,0.0703 -0.49804,0.0703 -0.70313,0 -1.11914,-0.42188 -0.41602,-0.42773 -0.41602,-1.33594 l 0,-3.84961 -1.00781,0 0,-0.85547 1.00781,0 0,-1.52929 1.1543,0 z" />
<path
id="path4207"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 464.11005,233.73322 q -1.36524,0 -2.13282,-0.87305 -0.76171,-0.87305 -0.76171,-2.29688 l 0,-0.25781 q 0,-1.36523 0.78515,-2.25586 0.79102,-0.89648 1.92774,-0.89648 1.27148,0 1.90429,0.79101 0.63867,0.79102 0.63867,2.10352 l 0,0.60937 -4.05468,0 -0.0176,0.0293 q 0,0.95508 0.42187,1.55273 0.42188,0.5918 1.28907,0.5918 0.58593,0 1.02539,-0.16406 0.44531,-0.16992 0.76172,-0.46289 l 0.45117,0.75 q -0.33985,0.32812 -0.89649,0.55664 -0.55664,0.22266 -1.34179,0.22266 z m -0.18164,-5.67188 q -0.60352,0 -1.00196,0.46875 -0.39258,0.46289 -0.48047,1.18945 l 0.0117,0.0293 2.85938,0 0,-0.0937 q 0,-0.69141 -0.33985,-1.14258 -0.33984,-0.45117 -1.04882,-0.45117 z" />
<path
id="path4209"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 468.79755,227.27032 0.082,0.83204 q 0.31054,-0.45118 0.78515,-0.69727 0.48047,-0.25195 1.11329,-0.25195 0.63281,0 1.08398,0.29297 0.45703,0.29296 0.68555,0.8789 0.30468,-0.54492 0.79101,-0.85547 0.49219,-0.3164 1.14844,-0.3164 0.9668,0 1.5293,0.66797 0.5625,0.66211 0.5625,1.99804 l 0,3.79102 -1.1543,0 0,-3.80274 q 0,-0.9375 -0.32227,-1.32421 -0.32226,-0.39258 -0.96093,-0.39258 -0.5918,0 -0.96094,0.41015 -0.36328,0.41016 -0.42774,1.03711 l 0,0.0469 0,4.02539 -1.16015,0 0,-3.80274 q 0,-0.89062 -0.33399,-1.30078 -0.32812,-0.41601 -0.94921,-0.41601 -0.52735,0 -0.86719,0.21679 -0.33985,0.2168 -0.52149,0.60938 l 0,4.69336 -1.15429,0 0,-6.33985 1.03125,0 z" />
<path
id="path4211"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 481.95184,231.90509 q 0,-0.38086 -0.29297,-0.62109 -0.2871,-0.24024 -1.0957,-0.42188 -1.11914,-0.24023 -1.72265,-0.67383 -0.59766,-0.43359 -0.59766,-1.16015 0,-0.77344 0.65625,-1.32422 0.66211,-0.55078 1.71094,-0.55078 1.07812,0 1.74609,0.58593 0.66797,0.58594 0.63867,1.36524 l -0.0117,0.0352 -1.10156,0 q 0,-0.41016 -0.36328,-0.74415 -0.35742,-0.33398 -0.9082,-0.33398 -0.60938,0 -0.91407,0.27539 -0.29882,0.27539 -0.29882,0.65625 0,0.375 0.25781,0.58008 0.26367,0.20508 1.07812,0.375 1.16602,0.24609 1.76953,0.69726 0.60352,0.45118 0.60352,1.17774 0,0.84375 -0.68555,1.37695 -0.67968,0.53321 -1.78125,0.53321 -1.21289,0 -1.91015,-0.61524 -0.69727,-0.61523 -0.66211,-1.43555 l 0.0117,-0.0352 1.10156,0 q 0.0293,0.61523 0.45703,0.90234 0.42773,0.28125 1.00195,0.28125 0.61524,0 0.96094,-0.25781 0.35156,-0.26367 0.35156,-0.66797 z" />
<path
id="path4213"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 488.83661,230.18829 0,3.42188 -1.1543,0 0,-8.53125 3.26367,0 q 1.36524,0 2.1211,0.70312 0.76172,0.70313 0.76172,1.85157 0,1.16015 -0.76172,1.85742 -0.75586,0.69726 -2.1211,0.69726 l -2.10937,0 z m 0,-0.90234 2.10937,0 q 0.86719,0 1.29493,-0.46289 0.42773,-0.46875 0.42773,-1.17774 0,-0.70898 -0.43359,-1.18359 -0.42774,-0.47461 -1.28907,-0.47461 l -2.10937,0 0,3.29883 z" />
<path
id="path4215"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 498.99091,233.61017 q -0.0586,-0.28711 -0.0937,-0.50391 -0.0293,-0.22265 -0.0352,-0.44531 -0.32227,0.45703 -0.84375,0.76758 -0.51563,0.30469 -1.11328,0.30469 -0.99024,0 -1.51172,-0.50391 -0.51563,-0.50977 -0.51563,-1.40039 0,-0.9082 0.73243,-1.41797 0.73828,-0.51563 1.99804,-0.51563 l 1.25391,0 0,-0.62695 q 0,-0.55664 -0.33984,-0.8789 -0.33985,-0.32813 -0.96094,-0.32813 -0.5625,0 -0.9082,0.28125 -0.34571,0.28125 -0.34571,0.67383 l -1.0957,0.0117 -0.0117,-0.0352 q -0.041,-0.69141 0.64453,-1.26562 0.69141,-0.57422 1.78125,-0.57422 1.07813,0 1.73438,0.55078 0.65625,0.54492 0.65625,1.57617 l 0,3.05273 q 0,0.33985 0.0351,0.65625 0.0352,0.31641 0.12891,0.6211 l -1.18945,0 z m -1.91602,-0.84375 q 0.62695,0 1.13086,-0.32227 0.50391,-0.32226 0.65625,-0.73828 l 0,-1.03125 -1.29492,0 q -0.69727,0 -1.11914,0.35156 -0.41602,0.35157 -0.41602,0.82618 0,0.42187 0.26367,0.66796 0.26368,0.2461 0.7793,0.2461 z" />
<path
id="path4217"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 505.38934,231.90509 q 0,-0.38086 -0.29297,-0.62109 -0.2871,-0.24024 -1.0957,-0.42188 -1.11914,-0.24023 -1.72265,-0.67383 -0.59766,-0.43359 -0.59766,-1.16015 0,-0.77344 0.65625,-1.32422 0.66211,-0.55078 1.71094,-0.55078 1.07812,0 1.74609,0.58593 0.66797,0.58594 0.63867,1.36524 l -0.0117,0.0352 -1.10156,0 q 0,-0.41016 -0.36328,-0.74415 -0.35742,-0.33398 -0.9082,-0.33398 -0.60938,0 -0.91407,0.27539 -0.29882,0.27539 -0.29882,0.65625 0,0.375 0.25781,0.58008 0.26367,0.20508 1.07812,0.375 1.16602,0.24609 1.76953,0.69726 0.60352,0.45118 0.60352,1.17774 0,0.84375 -0.68555,1.37695 -0.67968,0.53321 -1.78125,0.53321 -1.21289,0 -1.91015,-0.61524 -0.69727,-0.61523 -0.66211,-1.43555 l 0.0117,-0.0352 1.10156,0 q 0.0293,0.61523 0.45703,0.90234 0.42773,0.28125 1.00195,0.28125 0.61524,0 0.96094,-0.25781 0.35156,-0.26367 0.35156,-0.66797 z" />
<path
id="path4219"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 511.67059,231.90509 q 0,-0.38086 -0.29297,-0.62109 -0.2871,-0.24024 -1.0957,-0.42188 -1.11914,-0.24023 -1.72265,-0.67383 -0.59766,-0.43359 -0.59766,-1.16015 0,-0.77344 0.65625,-1.32422 0.66211,-0.55078 1.71094,-0.55078 1.07812,0 1.74609,0.58593 0.66797,0.58594 0.63867,1.36524 l -0.0117,0.0352 -1.10156,0 q 0,-0.41016 -0.36328,-0.74415 -0.35742,-0.33398 -0.9082,-0.33398 -0.60938,0 -0.91407,0.27539 -0.29882,0.27539 -0.29882,0.65625 0,0.375 0.25781,0.58008 0.26367,0.20508 1.07812,0.375 1.16602,0.24609 1.76953,0.69726 0.60352,0.45118 0.60352,1.17774 0,0.84375 -0.68555,1.37695 -0.67968,0.53321 -1.78125,0.53321 -1.21289,0 -1.91015,-0.61524 -0.69727,-0.61523 -0.66211,-1.43555 l 0.0117,-0.0352 1.10156,0 q 0.0293,0.61523 0.45703,0.90234 0.42773,0.28125 1.00195,0.28125 0.61524,0 0.96094,-0.25781 0.35156,-0.26367 0.35156,-0.66797 z" />
<path
id="path4221"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 515.88934,231.30157 0.14649,0.81446 0.0351,0 0.15235,-0.81446 1.26562,-4.03125 0.92578,0 1.27149,4.03125 0.16406,0.90821 0.0352,0 0.1875,-0.90821 0.9375,-4.03125 1.20703,0 -1.83985,6.33985 -0.93164,0 -1.2539,-3.86133 -0.24024,-1.00781 -0.0351,0 -0.22266,1.00781 -1.23047,3.86133 -0.93164,0 -1.83984,-6.33985 1.20117,0 0.99609,4.03125 z" />
<path
id="path4223"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 523.09052,230.38165 q 0,-1.40625 0.76171,-2.31445 0.76172,-0.91406 2.06836,-0.91406 1.31836,0 2.08008,0.9082 0.76758,0.9082 0.76758,2.32031 l 0,0.12891 q 0,1.41797 -0.76172,2.32031 -0.76172,0.90235 -2.07422,0.90235 -1.3125,0 -2.08008,-0.90235 -0.76171,-0.9082 -0.76171,-2.32031 l 0,-0.12891 z m 1.15429,0.12891 q 0,1.00781 0.42188,1.66406 0.42773,0.65625 1.26562,0.65625 0.82617,0 1.25391,-0.65625 0.42773,-0.65625 0.42773,-1.66406 l 0,-0.12891 q 0,-0.99609 -0.43359,-1.6582 -0.42774,-0.66211 -1.25977,-0.66211 -0.82617,0 -1.2539,0.66211 -0.42188,0.66211 -0.42188,1.6582 l 0,0.12891 z" />
<path
id="path4225"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 533.18036,228.28986 -0.5918,-0.0352 q -0.45703,0 -0.77344,0.2168 -0.31054,0.21679 -0.48046,0.60937 l 0,4.5293 -1.1543,0 0,-6.33985 1.03125,0 0.11133,0.92579 q 0.26953,-0.49219 0.66211,-0.76758 0.39843,-0.27539 0.91406,-0.27539 0.12891,0 0.24609,0.0234 0.11719,0.0176 0.19336,0.041 l -0.1582,1.07227 z" />
<path
id="path4227"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 533.99481,230.55743 q 0,-1.52929 0.65039,-2.46679 0.65625,-0.9375 1.83399,-0.9375 0.55664,0 0.98437,0.20508 0.4336,0.20507 0.73828,0.59765 l 0,-3.48633 1.1543,0 0,9.14063 -0.88477,0 -0.17578,-0.80274 q -0.31054,0.45704 -0.76757,0.69141 -0.45704,0.23438 -1.06055,0.23438 -1.16016,0 -1.81641,-0.8379 -0.65625,-0.84375 -0.65625,-2.21484 l 0,-0.12305 z m 1.1543,0.12305 q 0,0.96094 0.39258,1.54102 0.39258,0.57422 1.21875,0.57422 0.51562,0 0.86718,-0.23438 0.35157,-0.23437 0.57422,-0.65625 l 0,-2.95898 q -0.22265,-0.39258 -0.58007,-0.6211 -0.35157,-0.23437 -0.84961,-0.23437 -0.83204,0 -1.23047,0.68554 -0.39258,0.68555 -0.39258,1.78125 l 0,0.12305 z" />
<path
id="path4229"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 548.44403,232.01056 0.0352,0 2.72461,-6.93164 1.43554,0 0,8.53125 -1.15429,0 0,-6.39258 -0.0352,-0.006 -2.58398,6.39844 -0.80274,0 -2.66015,-6.60938 -0.0352,0.006 0,6.60352 -1.1543,0 0,-8.53125 1.51758,0 2.71289,6.93164 z" />
<path
id="path4231"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 558.38153,233.61017 q -0.0586,-0.28711 -0.0937,-0.50391 -0.0293,-0.22265 -0.0352,-0.44531 -0.32226,0.45703 -0.84375,0.76758 -0.51562,0.30469 -1.11328,0.30469 -0.99023,0 -1.51172,-0.50391 -0.51562,-0.50977 -0.51562,-1.40039 0,-0.9082 0.73242,-1.41797 0.73828,-0.51563 1.99805,-0.51563 l 1.2539,0 0,-0.62695 q 0,-0.55664 -0.33984,-0.8789 -0.33984,-0.32813 -0.96094,-0.32813 -0.5625,0 -0.9082,0.28125 -0.3457,0.28125 -0.3457,0.67383 l -1.09571,0.0117 -0.0117,-0.0352 q -0.041,-0.69141 0.64453,-1.26562 0.6914,-0.57422 1.78125,-0.57422 1.07812,0 1.73437,0.55078 0.65625,0.54492 0.65625,1.57617 l 0,3.05273 q 0,0.33985 0.0352,0.65625 0.0351,0.31641 0.1289,0.6211 l -1.18945,0 z m -1.91601,-0.84375 q 0.62695,0 1.13085,-0.32227 0.50391,-0.32226 0.65625,-0.73828 l 0,-1.03125 -1.29492,0 q -0.69726,0 -1.11914,0.35156 -0.41601,0.35157 -0.41601,0.82618 0,0.42187 0.26367,0.66796 0.26367,0.2461 0.7793,0.2461 z" />
<path
id="path4233"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 562.12567,227.27032 0.082,0.94336 q 0.31641,-0.5039 0.79102,-0.77929 0.48047,-0.28125 1.08984,-0.28125 1.02539,0 1.58789,0.60351 0.5625,0.59766 0.5625,1.85157 l 0,4.00195 -1.15429,0 0,-3.97852 q 0,-0.83789 -0.33399,-1.18945 -0.32812,-0.35156 -1.00781,-0.35156 -0.5332,0 -0.9082,0.21679 -0.36914,0.21094 -0.58594,0.59766 l 0,4.70508 -1.1543,0 0,-6.33985 1.03125,0 z" />
<path
id="path4235"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 571.81122,233.61017 q -0.0586,-0.28711 -0.0937,-0.50391 -0.0293,-0.22265 -0.0352,-0.44531 -0.32226,0.45703 -0.84375,0.76758 -0.51562,0.30469 -1.11328,0.30469 -0.99023,0 -1.51172,-0.50391 -0.51562,-0.50977 -0.51562,-1.40039 0,-0.9082 0.73242,-1.41797 0.73828,-0.51563 1.99805,-0.51563 l 1.2539,0 0,-0.62695 q 0,-0.55664 -0.33984,-0.8789 -0.33985,-0.32813 -0.96094,-0.32813 -0.5625,0 -0.9082,0.28125 -0.34571,0.28125 -0.34571,0.67383 l -1.0957,0.0117 -0.0117,-0.0352 q -0.041,-0.69141 0.64453,-1.26562 0.69141,-0.57422 1.78125,-0.57422 1.07813,0 1.73438,0.55078 0.65625,0.54492 0.65625,1.57617 l 0,3.05273 q 0,0.33985 0.0352,0.65625 0.0352,0.31641 0.1289,0.6211 l -1.18945,0 z m -1.91602,-0.84375 q 0.62696,0 1.13086,-0.32227 0.50391,-0.32226 0.65625,-0.73828 l 0,-1.03125 -1.29492,0 q -0.69727,0 -1.11914,0.35156 -0.41602,0.35157 -0.41602,0.82618 0,0.42187 0.26368,0.66796 0.26367,0.2461 0.77929,0.2461 z" />
<path
id="path4237"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 574.31903,230.55743 q 0,-1.52929 0.65039,-2.46679 0.65625,-0.9375 1.82813,-0.9375 0.60351,0 1.06054,0.24609 0.45703,0.24024 0.76758,0.69727 l 0.14063,-0.82618 0.91992,0 0,6.375 q 0,1.21875 -0.70899,1.86915 -0.70898,0.65625 -2.04492,0.65625 -0.45703,0 -0.99023,-0.12891 -0.52735,-0.12305 -0.93164,-0.33984 l 0.17578,-0.89649 q 0.33398,0.17578 0.80273,0.28125 0.47461,0.11133 0.93164,0.11133 0.84375,0 1.22461,-0.38672 0.38672,-0.38086 0.38672,-1.16602 l 0,-0.7207 q -0.31055,0.39844 -0.74414,0.60352 -0.43359,0.20508 -1.00195,0.20508 -1.16016,0 -1.81641,-0.8379 -0.65039,-0.84375 -0.65039,-2.21484 l 0,-0.12305 z m 1.1543,0.12305 q 0,0.95508 0.39258,1.53516 0.39257,0.58008 1.21289,0.58008 0.52148,0 0.87304,-0.23438 0.35157,-0.24023 0.58008,-0.67383 l 0,-2.91797 q -0.22265,-0.40429 -0.58008,-0.63867 -0.35742,-0.24023 -0.86132,-0.24023 -0.82618,0 -1.22461,0.68554 -0.39258,0.68555 -0.39258,1.78125 l 0,0.12305 z" />
<path
id="path4239"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 583.96942,233.73322 q -1.36523,0 -2.13281,-0.87305 -0.76172,-0.87305 -0.76172,-2.29688 l 0,-0.25781 q 0,-1.36523 0.78516,-2.25586 0.79101,-0.89648 1.92773,-0.89648 1.27149,0 1.9043,0.79101 0.63867,0.79102 0.63867,2.10352 l 0,0.60937 -4.05469,0 -0.0176,0.0293 q 0,0.95508 0.42188,1.55273 0.42187,0.5918 1.28906,0.5918 0.58594,0 1.02539,-0.16406 0.44531,-0.16992 0.76172,-0.46289 l 0.45117,0.75 q -0.33984,0.32812 -0.89648,0.55664 -0.55664,0.22266 -1.3418,0.22266 z m -0.18164,-5.67188 q -0.60351,0 -1.00195,0.46875 -0.39258,0.46289 -0.48047,1.18945 l 0.0117,0.0293 2.85937,0 0,-0.0937 q 0,-0.69141 -0.33984,-1.14258 -0.33984,-0.45117 -1.04883,-0.45117 z" />
<path
id="path4241"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-family:Roboto;-inkscape-font-specification:Roboto;fill:#ffffff;fill-opacity:1"
d="m 590.62567,228.28986 -0.5918,-0.0352 q -0.45703,0 -0.77343,0.2168 -0.31055,0.21679 -0.48047,0.60937 l 0,4.5293 -1.1543,0 0,-6.33985 1.03125,0 0.11133,0.92579 q 0.26953,-0.49219 0.66211,-0.76758 0.39844,-0.27539 0.91406,-0.27539 0.12891,0 0.2461,0.0234 0.11718,0.0176 0.19335,0.041 l -0.1582,1.07227 z" />
id="g4243">
<g
style="font-size:40px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#ffffff;fill-opacity:1;stroke:none;filter:url(#filter3034-2);font-family:Register"
id="text4744">
<path
d="m 301.5756,170.49813 -0.952,4.928 4.984,0 0.952,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.288,6.216 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 11.2,-24.864 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 11.2,-24.864 -0.952,4.928 4.984,0 0.952,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.288,6.216 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 11.2,-24.864 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -22.344,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z"
style="font-size:56px;font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1;font-family:Register;-inkscape-font-specification:Register Italic"
id="path4182"
inkscape:connector-curvature="0" />
<path
d="m 326.52785,207.79413 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 22.344,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -7.448,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z"
style="font-size:56px;font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1;font-family:Register;-inkscape-font-specification:Register Italic"
id="path4184"
inkscape:connector-curvature="0" />
<path
d="m 372.5921,201.57813 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 8.68,-12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 8.68,-12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 12.432,-31.08 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.288,6.216 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -19.88,-24.864 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.288,6.216 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z"
style="font-size:56px;font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1;font-family:Register;-inkscape-font-specification:Register Italic"
id="path4186"
inkscape:connector-curvature="0" />
<path
d="m 403.76035,207.79413 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 22.344,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -7.448,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z"
style="font-size:56px;font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1;font-family:Register;-inkscape-font-specification:Register Italic"
id="path4188"
inkscape:connector-curvature="0" />
<path
d="m 471.8886,182.48213 -0.952,4.928 4.984,0 0.952,-4.928 -4.984,0 z m 1.288,-6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -8.736,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -9.968,18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -9.968,18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -13.664,37.296 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 1.232,-6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 1.232,-6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 1.232,-6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 1.232,-6.216 -0.952,4.928 4.984,0 0.952,-4.928 -4.984,0 z m 1.288,-6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m 1.232,-6.216 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z"
style="font-size:56px;font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1;font-family:Register;-inkscape-font-specification:Register Italic"
id="path4190"
inkscape:connector-curvature="0" />
<path
d="m 492.19285,182.93013 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 11.2,-24.864 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 11.2,-24.864 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -2.52,12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -2.464,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 9.968,-18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.288,6.216 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -1.232,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -23.632,-6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z"
style="font-size:56px;font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1;font-family:Register;-inkscape-font-specification:Register Italic"
id="path4192"
inkscape:connector-curvature="0" />
<path
d="m 519.6091,207.79413 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 22.344,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -7.448,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z"
style="font-size:56px;font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1;font-family:Register;-inkscape-font-specification:Register Italic"
id="path4194"
inkscape:connector-curvature="0" />
<path
d="m 558.22535,207.79413 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 3.752,-18.648 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 22.344,12.432 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m -7.448,6.216 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z m -11.2,24.864 -1.008,4.984 4.984,0 1.008,-4.984 -4.984,0 z m 2.464,-12.432 -0.952,4.984 4.984,0 0.952,-4.984 -4.984,0 z m 2.52,-12.432 -1.008,4.928 4.984,0 1.008,-4.928 -4.984,0 z"
style="font-size:56px;font-style:italic;font-variant:normal;font-weight:normal;font-stretch:normal;letter-spacing:1.21000004px;fill:#ffffff;fill-opacity:1;font-family:Register;-inkscape-font-specification:Register Italic"
id="path4196"
inkscape:connector-curvature="0" />
</g>
<g
style="font-size:12px;font-style:normal;font-weight:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;opacity:0.5;fill:#ffffff;fill-opacity:1;stroke:none;font-family:Sans"
id="text5277">
<path
d="m 442.47137,231.45978 q 0,-0.58008 -0.41601,-0.97266 -0.41602,-0.39258 -1.46484,-0.66797 -1.30079,-0.32226 -2.03321,-0.94922 -0.72656,-0.62695 -0.72656,-1.57617 0,-1.00195 0.78516,-1.66992 0.78515,-0.66797 2.03906,-0.66797 1.34765,0 2.14453,0.76758 0.80273,0.76172 0.7793,1.78125 l -0.0176,0.0352 -1.10156,0 q 0,-0.72657 -0.50977,-1.20118 -0.50391,-0.47461 -1.29492,-0.47461 -0.8086,0 -1.24219,0.39258 -0.42773,0.39258 -0.42773,1.01953 0,0.55664 0.46875,0.93164 0.47461,0.36915 1.53515,0.6504 1.28907,0.33398 1.96289,0.98437 0.67383,0.65039 0.67383,1.60547 0,1.03125 -0.81445,1.6582 -0.8086,0.62696 -2.11524,0.62696 -1.23632,0 -2.18554,-0.69141 -0.94336,-0.69141 -0.91407,-1.85156 l 0.0117,-0.0352 1.10157,0 q 0,0.80273 0.60937,1.24219 0.60938,0.43359 1.37695,0.43359 0.82032,0 1.29493,-0.36914 0.48046,-0.36914 0.48046,-1.00195 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4199"
inkscape:connector-curvature="0" />
<path
d="m 447.04169,231.26056 0.20508,0.79687 0.0351,0 1.5586,-4.78711 1.2832,0 -2.66602,7.3125 q -0.24023,0.63868 -0.6914,1.11329 -0.44532,0.47461 -1.20703,0.47461 -0.14063,0 -0.35743,-0.0352 -0.21679,-0.0293 -0.33398,-0.0586 l 0.11719,-0.90821 q -0.0352,-0.006 0.20507,0.0117 0.2461,0.0176 0.31055,0.0176 0.36914,0 0.60352,-0.32813 0.23437,-0.32812 0.39258,-0.72656 l 0.27539,-0.66211 -2.35547,-6.21094 1.28906,0 1.33594,3.99024 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4201"
inkscape:connector-curvature="0" />
<path
d="m 454.83466,231.90509 q 0,-0.38086 -0.29297,-0.62109 -0.28711,-0.24024 -1.09571,-0.42188 -1.11914,-0.24023 -1.72265,-0.67383 -0.59766,-0.43359 -0.59766,-1.16015 0,-0.77344 0.65625,-1.32422 0.66211,-0.55078 1.71094,-0.55078 1.07812,0 1.74609,0.58593 0.66797,0.58594 0.63867,1.36524 l -0.0117,0.0352 -1.10157,0 q 0,-0.41016 -0.36328,-0.74415 -0.35742,-0.33398 -0.9082,-0.33398 -0.60938,0 -0.91406,0.27539 -0.29883,0.27539 -0.29883,0.65625 0,0.375 0.25781,0.58008 0.26367,0.20508 1.07813,0.375 1.16601,0.24609 1.76953,0.69726 0.60351,0.45118 0.60351,1.17774 0,0.84375 -0.68554,1.37695 -0.67969,0.53321 -1.78125,0.53321 -1.21289,0 -1.91016,-0.61524 -0.69727,-0.61523 -0.66211,-1.43555 l 0.0117,-0.0352 1.10156,0 q 0.0293,0.61523 0.45703,0.90234 0.42774,0.28125 1.00196,0.28125 0.61523,0 0.96093,-0.25781 0.35157,-0.26367 0.35157,-0.66797 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4203"
inkscape:connector-curvature="0" />
<path
d="m 459.03583,225.74103 0,1.52929 1.20117,0 0,0.85547 -1.20117,0 0,3.84961 q 0,0.44532 0.18164,0.62696 0.1875,0.18164 0.49219,0.18164 0.0996,0 0.22265,-0.0234 0.12305,-0.0293 0.20508,-0.0586 l 0.1582,0.79101 q -0.1289,0.10547 -0.38086,0.16992 -0.25195,0.0703 -0.49804,0.0703 -0.70313,0 -1.11914,-0.42188 -0.41602,-0.42773 -0.41602,-1.33594 l 0,-3.84961 -1.00781,0 0,-0.85547 1.00781,0 0,-1.52929 1.1543,0 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4205"
inkscape:connector-curvature="0" />
<path
d="m 464.11005,233.73322 q -1.36524,0 -2.13282,-0.87305 -0.76171,-0.87305 -0.76171,-2.29688 l 0,-0.25781 q 0,-1.36523 0.78515,-2.25586 0.79102,-0.89648 1.92774,-0.89648 1.27148,0 1.90429,0.79101 0.63867,0.79102 0.63867,2.10352 l 0,0.60937 -4.05468,0 -0.0176,0.0293 q 0,0.95508 0.42187,1.55273 0.42188,0.5918 1.28907,0.5918 0.58593,0 1.02539,-0.16406 0.44531,-0.16992 0.76172,-0.46289 l 0.45117,0.75 q -0.33985,0.32812 -0.89649,0.55664 -0.55664,0.22266 -1.34179,0.22266 z m -0.18164,-5.67188 q -0.60352,0 -1.00196,0.46875 -0.39258,0.46289 -0.48047,1.18945 l 0.0117,0.0293 2.85938,0 0,-0.0937 q 0,-0.69141 -0.33985,-1.14258 -0.33984,-0.45117 -1.04882,-0.45117 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4207"
inkscape:connector-curvature="0" />
<path
d="m 468.79755,227.27032 0.082,0.83204 q 0.31054,-0.45118 0.78515,-0.69727 0.48047,-0.25195 1.11329,-0.25195 0.63281,0 1.08398,0.29297 0.45703,0.29296 0.68555,0.8789 0.30468,-0.54492 0.79101,-0.85547 0.49219,-0.3164 1.14844,-0.3164 0.9668,0 1.5293,0.66797 0.5625,0.66211 0.5625,1.99804 l 0,3.79102 -1.1543,0 0,-3.80274 q 0,-0.9375 -0.32227,-1.32421 -0.32226,-0.39258 -0.96093,-0.39258 -0.5918,0 -0.96094,0.41015 -0.36328,0.41016 -0.42774,1.03711 l 0,0.0469 0,4.02539 -1.16015,0 0,-3.80274 q 0,-0.89062 -0.33399,-1.30078 -0.32812,-0.41601 -0.94921,-0.41601 -0.52735,0 -0.86719,0.21679 -0.33985,0.2168 -0.52149,0.60938 l 0,4.69336 -1.15429,0 0,-6.33985 1.03125,0 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4209"
inkscape:connector-curvature="0" />
<path
d="m 481.95184,231.90509 q 0,-0.38086 -0.29297,-0.62109 -0.2871,-0.24024 -1.0957,-0.42188 -1.11914,-0.24023 -1.72265,-0.67383 -0.59766,-0.43359 -0.59766,-1.16015 0,-0.77344 0.65625,-1.32422 0.66211,-0.55078 1.71094,-0.55078 1.07812,0 1.74609,0.58593 0.66797,0.58594 0.63867,1.36524 l -0.0117,0.0352 -1.10156,0 q 0,-0.41016 -0.36328,-0.74415 -0.35742,-0.33398 -0.9082,-0.33398 -0.60938,0 -0.91407,0.27539 -0.29882,0.27539 -0.29882,0.65625 0,0.375 0.25781,0.58008 0.26367,0.20508 1.07812,0.375 1.16602,0.24609 1.76953,0.69726 0.60352,0.45118 0.60352,1.17774 0,0.84375 -0.68555,1.37695 -0.67968,0.53321 -1.78125,0.53321 -1.21289,0 -1.91015,-0.61524 -0.69727,-0.61523 -0.66211,-1.43555 l 0.0117,-0.0352 1.10156,0 q 0.0293,0.61523 0.45703,0.90234 0.42773,0.28125 1.00195,0.28125 0.61524,0 0.96094,-0.25781 0.35156,-0.26367 0.35156,-0.66797 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4211"
inkscape:connector-curvature="0" />
<path
d="m 488.83661,230.18829 0,3.42188 -1.1543,0 0,-8.53125 3.26367,0 q 1.36524,0 2.1211,0.70312 0.76172,0.70313 0.76172,1.85157 0,1.16015 -0.76172,1.85742 -0.75586,0.69726 -2.1211,0.69726 l -2.10937,0 z m 0,-0.90234 2.10937,0 q 0.86719,0 1.29493,-0.46289 0.42773,-0.46875 0.42773,-1.17774 0,-0.70898 -0.43359,-1.18359 -0.42774,-0.47461 -1.28907,-0.47461 l -2.10937,0 0,3.29883 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4213"
inkscape:connector-curvature="0" />
<path
d="m 498.99091,233.61017 q -0.0586,-0.28711 -0.0937,-0.50391 -0.0293,-0.22265 -0.0352,-0.44531 -0.32227,0.45703 -0.84375,0.76758 -0.51563,0.30469 -1.11328,0.30469 -0.99024,0 -1.51172,-0.50391 -0.51563,-0.50977 -0.51563,-1.40039 0,-0.9082 0.73243,-1.41797 0.73828,-0.51563 1.99804,-0.51563 l 1.25391,0 0,-0.62695 q 0,-0.55664 -0.33984,-0.8789 -0.33985,-0.32813 -0.96094,-0.32813 -0.5625,0 -0.9082,0.28125 -0.34571,0.28125 -0.34571,0.67383 l -1.0957,0.0117 -0.0117,-0.0352 q -0.041,-0.69141 0.64453,-1.26562 0.69141,-0.57422 1.78125,-0.57422 1.07813,0 1.73438,0.55078 0.65625,0.54492 0.65625,1.57617 l 0,3.05273 q 0,0.33985 0.0351,0.65625 0.0352,0.31641 0.12891,0.6211 l -1.18945,0 z m -1.91602,-0.84375 q 0.62695,0 1.13086,-0.32227 0.50391,-0.32226 0.65625,-0.73828 l 0,-1.03125 -1.29492,0 q -0.69727,0 -1.11914,0.35156 -0.41602,0.35157 -0.41602,0.82618 0,0.42187 0.26367,0.66796 0.26368,0.2461 0.7793,0.2461 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4215"
inkscape:connector-curvature="0" />
<path
d="m 505.38934,231.90509 q 0,-0.38086 -0.29297,-0.62109 -0.2871,-0.24024 -1.0957,-0.42188 -1.11914,-0.24023 -1.72265,-0.67383 -0.59766,-0.43359 -0.59766,-1.16015 0,-0.77344 0.65625,-1.32422 0.66211,-0.55078 1.71094,-0.55078 1.07812,0 1.74609,0.58593 0.66797,0.58594 0.63867,1.36524 l -0.0117,0.0352 -1.10156,0 q 0,-0.41016 -0.36328,-0.74415 -0.35742,-0.33398 -0.9082,-0.33398 -0.60938,0 -0.91407,0.27539 -0.29882,0.27539 -0.29882,0.65625 0,0.375 0.25781,0.58008 0.26367,0.20508 1.07812,0.375 1.16602,0.24609 1.76953,0.69726 0.60352,0.45118 0.60352,1.17774 0,0.84375 -0.68555,1.37695 -0.67968,0.53321 -1.78125,0.53321 -1.21289,0 -1.91015,-0.61524 -0.69727,-0.61523 -0.66211,-1.43555 l 0.0117,-0.0352 1.10156,0 q 0.0293,0.61523 0.45703,0.90234 0.42773,0.28125 1.00195,0.28125 0.61524,0 0.96094,-0.25781 0.35156,-0.26367 0.35156,-0.66797 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4217"
inkscape:connector-curvature="0" />
<path
d="m 511.67059,231.90509 q 0,-0.38086 -0.29297,-0.62109 -0.2871,-0.24024 -1.0957,-0.42188 -1.11914,-0.24023 -1.72265,-0.67383 -0.59766,-0.43359 -0.59766,-1.16015 0,-0.77344 0.65625,-1.32422 0.66211,-0.55078 1.71094,-0.55078 1.07812,0 1.74609,0.58593 0.66797,0.58594 0.63867,1.36524 l -0.0117,0.0352 -1.10156,0 q 0,-0.41016 -0.36328,-0.74415 -0.35742,-0.33398 -0.9082,-0.33398 -0.60938,0 -0.91407,0.27539 -0.29882,0.27539 -0.29882,0.65625 0,0.375 0.25781,0.58008 0.26367,0.20508 1.07812,0.375 1.16602,0.24609 1.76953,0.69726 0.60352,0.45118 0.60352,1.17774 0,0.84375 -0.68555,1.37695 -0.67968,0.53321 -1.78125,0.53321 -1.21289,0 -1.91015,-0.61524 -0.69727,-0.61523 -0.66211,-1.43555 l 0.0117,-0.0352 1.10156,0 q 0.0293,0.61523 0.45703,0.90234 0.42773,0.28125 1.00195,0.28125 0.61524,0 0.96094,-0.25781 0.35156,-0.26367 0.35156,-0.66797 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4219"
inkscape:connector-curvature="0" />
<path
d="m 515.88934,231.30157 0.14649,0.81446 0.0351,0 0.15235,-0.81446 1.26562,-4.03125 0.92578,0 1.27149,4.03125 0.16406,0.90821 0.0352,0 0.1875,-0.90821 0.9375,-4.03125 1.20703,0 -1.83985,6.33985 -0.93164,0 -1.2539,-3.86133 -0.24024,-1.00781 -0.0351,0 -0.22266,1.00781 -1.23047,3.86133 -0.93164,0 -1.83984,-6.33985 1.20117,0 0.99609,4.03125 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4221"
inkscape:connector-curvature="0" />
<path
d="m 523.09052,230.38165 q 0,-1.40625 0.76171,-2.31445 0.76172,-0.91406 2.06836,-0.91406 1.31836,0 2.08008,0.9082 0.76758,0.9082 0.76758,2.32031 l 0,0.12891 q 0,1.41797 -0.76172,2.32031 -0.76172,0.90235 -2.07422,0.90235 -1.3125,0 -2.08008,-0.90235 -0.76171,-0.9082 -0.76171,-2.32031 l 0,-0.12891 z m 1.15429,0.12891 q 0,1.00781 0.42188,1.66406 0.42773,0.65625 1.26562,0.65625 0.82617,0 1.25391,-0.65625 0.42773,-0.65625 0.42773,-1.66406 l 0,-0.12891 q 0,-0.99609 -0.43359,-1.6582 -0.42774,-0.66211 -1.25977,-0.66211 -0.82617,0 -1.2539,0.66211 -0.42188,0.66211 -0.42188,1.6582 l 0,0.12891 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4223"
inkscape:connector-curvature="0" />
<path
d="m 533.18036,228.28986 -0.5918,-0.0352 q -0.45703,0 -0.77344,0.2168 -0.31054,0.21679 -0.48046,0.60937 l 0,4.5293 -1.1543,0 0,-6.33985 1.03125,0 0.11133,0.92579 q 0.26953,-0.49219 0.66211,-0.76758 0.39843,-0.27539 0.91406,-0.27539 0.12891,0 0.24609,0.0234 0.11719,0.0176 0.19336,0.041 l -0.1582,1.07227 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4225"
inkscape:connector-curvature="0" />
<path
d="m 533.99481,230.55743 q 0,-1.52929 0.65039,-2.46679 0.65625,-0.9375 1.83399,-0.9375 0.55664,0 0.98437,0.20508 0.4336,0.20507 0.73828,0.59765 l 0,-3.48633 1.1543,0 0,9.14063 -0.88477,0 -0.17578,-0.80274 q -0.31054,0.45704 -0.76757,0.69141 -0.45704,0.23438 -1.06055,0.23438 -1.16016,0 -1.81641,-0.8379 -0.65625,-0.84375 -0.65625,-2.21484 l 0,-0.12305 z m 1.1543,0.12305 q 0,0.96094 0.39258,1.54102 0.39258,0.57422 1.21875,0.57422 0.51562,0 0.86718,-0.23438 0.35157,-0.23437 0.57422,-0.65625 l 0,-2.95898 q -0.22265,-0.39258 -0.58007,-0.6211 -0.35157,-0.23437 -0.84961,-0.23437 -0.83204,0 -1.23047,0.68554 -0.39258,0.68555 -0.39258,1.78125 l 0,0.12305 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4227"
inkscape:connector-curvature="0" />
<path
d="m 548.44403,232.01056 0.0352,0 2.72461,-6.93164 1.43554,0 0,8.53125 -1.15429,0 0,-6.39258 -0.0352,-0.006 -2.58398,6.39844 -0.80274,0 -2.66015,-6.60938 -0.0352,0.006 0,6.60352 -1.1543,0 0,-8.53125 1.51758,0 2.71289,6.93164 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4229"
inkscape:connector-curvature="0" />
<path
d="m 558.38153,233.61017 q -0.0586,-0.28711 -0.0937,-0.50391 -0.0293,-0.22265 -0.0352,-0.44531 -0.32226,0.45703 -0.84375,0.76758 -0.51562,0.30469 -1.11328,0.30469 -0.99023,0 -1.51172,-0.50391 -0.51562,-0.50977 -0.51562,-1.40039 0,-0.9082 0.73242,-1.41797 0.73828,-0.51563 1.99805,-0.51563 l 1.2539,0 0,-0.62695 q 0,-0.55664 -0.33984,-0.8789 -0.33984,-0.32813 -0.96094,-0.32813 -0.5625,0 -0.9082,0.28125 -0.3457,0.28125 -0.3457,0.67383 l -1.09571,0.0117 -0.0117,-0.0352 q -0.041,-0.69141 0.64453,-1.26562 0.6914,-0.57422 1.78125,-0.57422 1.07812,0 1.73437,0.55078 0.65625,0.54492 0.65625,1.57617 l 0,3.05273 q 0,0.33985 0.0352,0.65625 0.0351,0.31641 0.1289,0.6211 l -1.18945,0 z m -1.91601,-0.84375 q 0.62695,0 1.13085,-0.32227 0.50391,-0.32226 0.65625,-0.73828 l 0,-1.03125 -1.29492,0 q -0.69726,0 -1.11914,0.35156 -0.41601,0.35157 -0.41601,0.82618 0,0.42187 0.26367,0.66796 0.26367,0.2461 0.7793,0.2461 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4231"
inkscape:connector-curvature="0" />
<path
d="m 562.12567,227.27032 0.082,0.94336 q 0.31641,-0.5039 0.79102,-0.77929 0.48047,-0.28125 1.08984,-0.28125 1.02539,0 1.58789,0.60351 0.5625,0.59766 0.5625,1.85157 l 0,4.00195 -1.15429,0 0,-3.97852 q 0,-0.83789 -0.33399,-1.18945 -0.32812,-0.35156 -1.00781,-0.35156 -0.5332,0 -0.9082,0.21679 -0.36914,0.21094 -0.58594,0.59766 l 0,4.70508 -1.1543,0 0,-6.33985 1.03125,0 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4233"
inkscape:connector-curvature="0" />
<path
d="m 571.81122,233.61017 q -0.0586,-0.28711 -0.0937,-0.50391 -0.0293,-0.22265 -0.0352,-0.44531 -0.32226,0.45703 -0.84375,0.76758 -0.51562,0.30469 -1.11328,0.30469 -0.99023,0 -1.51172,-0.50391 -0.51562,-0.50977 -0.51562,-1.40039 0,-0.9082 0.73242,-1.41797 0.73828,-0.51563 1.99805,-0.51563 l 1.2539,0 0,-0.62695 q 0,-0.55664 -0.33984,-0.8789 -0.33985,-0.32813 -0.96094,-0.32813 -0.5625,0 -0.9082,0.28125 -0.34571,0.28125 -0.34571,0.67383 l -1.0957,0.0117 -0.0117,-0.0352 q -0.041,-0.69141 0.64453,-1.26562 0.69141,-0.57422 1.78125,-0.57422 1.07813,0 1.73438,0.55078 0.65625,0.54492 0.65625,1.57617 l 0,3.05273 q 0,0.33985 0.0352,0.65625 0.0352,0.31641 0.1289,0.6211 l -1.18945,0 z m -1.91602,-0.84375 q 0.62696,0 1.13086,-0.32227 0.50391,-0.32226 0.65625,-0.73828 l 0,-1.03125 -1.29492,0 q -0.69727,0 -1.11914,0.35156 -0.41602,0.35157 -0.41602,0.82618 0,0.42187 0.26368,0.66796 0.26367,0.2461 0.77929,0.2461 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4235"
inkscape:connector-curvature="0" />
<path
d="m 574.31903,230.55743 q 0,-1.52929 0.65039,-2.46679 0.65625,-0.9375 1.82813,-0.9375 0.60351,0 1.06054,0.24609 0.45703,0.24024 0.76758,0.69727 l 0.14063,-0.82618 0.91992,0 0,6.375 q 0,1.21875 -0.70899,1.86915 -0.70898,0.65625 -2.04492,0.65625 -0.45703,0 -0.99023,-0.12891 -0.52735,-0.12305 -0.93164,-0.33984 l 0.17578,-0.89649 q 0.33398,0.17578 0.80273,0.28125 0.47461,0.11133 0.93164,0.11133 0.84375,0 1.22461,-0.38672 0.38672,-0.38086 0.38672,-1.16602 l 0,-0.7207 q -0.31055,0.39844 -0.74414,0.60352 -0.43359,0.20508 -1.00195,0.20508 -1.16016,0 -1.81641,-0.8379 -0.65039,-0.84375 -0.65039,-2.21484 l 0,-0.12305 z m 1.1543,0.12305 q 0,0.95508 0.39258,1.53516 0.39257,0.58008 1.21289,0.58008 0.52148,0 0.87304,-0.23438 0.35157,-0.24023 0.58008,-0.67383 l 0,-2.91797 q -0.22265,-0.40429 -0.58008,-0.63867 -0.35742,-0.24023 -0.86132,-0.24023 -0.82618,0 -1.22461,0.68554 -0.39258,0.68555 -0.39258,1.78125 l 0,0.12305 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4237"
inkscape:connector-curvature="0" />
<path
d="m 583.96942,233.73322 q -1.36523,0 -2.13281,-0.87305 -0.76172,-0.87305 -0.76172,-2.29688 l 0,-0.25781 q 0,-1.36523 0.78516,-2.25586 0.79101,-0.89648 1.92773,-0.89648 1.27149,0 1.9043,0.79101 0.63867,0.79102 0.63867,2.10352 l 0,0.60937 -4.05469,0 -0.0176,0.0293 q 0,0.95508 0.42188,1.55273 0.42187,0.5918 1.28906,0.5918 0.58594,0 1.02539,-0.16406 0.44531,-0.16992 0.76172,-0.46289 l 0.45117,0.75 q -0.33984,0.32812 -0.89648,0.55664 -0.55664,0.22266 -1.3418,0.22266 z m -0.18164,-5.67188 q -0.60351,0 -1.00195,0.46875 -0.39258,0.46289 -0.48047,1.18945 l 0.0117,0.0293 2.85937,0 0,-0.0937 q 0,-0.69141 -0.33984,-1.14258 -0.33984,-0.45117 -1.04883,-0.45117 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4239"
inkscape:connector-curvature="0" />
<path
d="m 590.62567,228.28986 -0.5918,-0.0352 q -0.45703,0 -0.77343,0.2168 -0.31055,0.21679 -0.48047,0.60937 l 0,4.5293 -1.1543,0 0,-6.33985 1.03125,0 0.11133,0.92579 q 0.26953,-0.49219 0.66211,-0.76758 0.39844,-0.27539 0.91406,-0.27539 0.12891,0 0.2461,0.0234 0.11718,0.0176 0.19335,0.041 l -0.1582,1.07227 z"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fill:#ffffff;fill-opacity:1;font-family:Roboto;-inkscape-font-specification:Roboto"
id="path4241"
inkscape:connector-curvature="0" />
</g>
</g>
</g>
</g>
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 43 KiB

After

Width:  |  Height:  |  Size: 48 KiB

BIN
imgs/preferences.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.8 KiB

705
inc/Account.class.php Normal file
View File

@@ -0,0 +1,705 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Esta clase es la encargada de realizar las operaciones sobre las cuentas de sysPass.
*/
class Account extends AccountBase implements AccountInterface
{
/**
* @var array Variable para la caché de parámetros de una cuenta.
*/
private $_cacheParams;
/**
* Obtener los datos de usuario y modificador de una cuenta.
*
* @param int $accountId con el Id de la cuenta
* @return false|object con el id de usuario y modificador.
*/
public static function getAccountRequestData($accountId)
{
$query = 'SELECT account_userId,'
. 'account_userEditId,'
. 'account_name,'
. 'customer_name '
. 'FROM accounts '
. 'LEFT JOIN customers ON account_customerId = customer_id '
. 'WHERE account_id = :id LIMIT 1';
$data['id'] = $accountId;
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
return false;
}
return $queryRes;
}
/**
* Obtiene el listado con el nombre de los usuaios de una cuenta.
*
* @param int $accountId con el Id de la cuenta
* @return false|array con los nombres de los usuarios ordenados
*/
public static function getAccountUsersName($accountId)
{
$query = 'SELECT user_name '
. 'FROM accUsers '
. 'JOIN usrData ON accuser_userId = user_id '
. 'WHERE accuser_accountId = :id';
$data['id'] = $accountId;
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
return false;
}
if (!is_array($queryRes)) {
return false;
}
foreach ($queryRes as $users) {
$usersName[] = $users->user_name;
}
sort($usersName, SORT_STRING);
return $usersName;
}
/**
* Actualiza los datos de una cuenta en la BBDD.
*
* @return bool
*/
public function updateAccount()
{
$Log = new Log(__FUNCTION__);
// Guardamos una copia de la cuenta en el histórico
if (!AccountHistory::addHistory($this->getAccountId(), false)) {
$Log->addDescription(_('Error al actualizar el historial'));
$Log->writeLog();
return false;
}
$Log->setAction(_('Actualizar Cuenta'));
if (!Groups::updateGroupsForAccount($this->getAccountId(), $this->getAccountUserGroupsId())) {
$Log->addDescription(_('Error al actualizar los grupos secundarios'));
$Log->writeLog();
$Log->resetDescription();
}
if (!UserUtil::updateUsersForAccount($this->getAccountId(), $this->getAccountUsersId())) {
$Log->addDescription(_('Error al actualizar los usuarios de la cuenta'));
$Log->writeLog();
$Log->resetDescription();
}
$query = 'UPDATE accounts SET '
. 'account_customerId = :accountCustomerId,'
. 'account_categoryId = :accountCategoryId,'
. 'account_name = :accountName,'
. 'account_login = :accountLogin,'
. 'account_url = :accountUrl,'
. 'account_notes = :accountNotes,'
. 'account_userEditId = :accountUserEditId,'
. 'account_userGroupId = :accountUserGroupId,'
. 'account_dateEdit = NOW(),'
. 'account_otherUserEdit = :accountOtherUserEdit,'
. 'account_otherGroupEdit = :accountOtherGroupEdit '
. 'WHERE account_id = :accountId';
$data['accountCustomerId'] = $this->getAccountCustomerId();
$data['accountCategoryId'] = $this->getAccountCategoryId();
$data['accountName'] = $this->getAccountName();
$data['accountLogin'] = $this->getAccountLogin();
$data['accountUrl'] = $this->getAccountUrl();
$data['accountNotes'] = $this->getAccountNotes();
$data['accountUserEditId'] = $this->getAccountUserEditId();
$data['accountUserGroupId'] = ($this->getAccountUserGroupId()) ? $this->getAccountUserGroupId() : 'account_userGroupId';
$data['accountOtherUserEdit'] = intval($this->getAccountOtherUserEdit());
$data['accountOtherGroupEdit'] = intval($this->getAccountOtherGroupEdit());
$data['accountId'] = $this->getAccountId();
if (DB::getQuery($query, __FUNCTION__, $data) === false) {
return false;
}
$accountInfo = array('customer_name');
$this->getAccountInfoById($accountInfo);
$Log->addDescription(Html::strongText(_('Cliente') . ': ') . $this->_cacheParams['customer_name']);
$Log->addDescription(Html::strongText(_('Cuenta') . ': ') . $this->getAccountName() . " (" . $this->getAccountId() . ")");
$Log->writeLog();
Email::sendEmail($Log);
return true;
}
/**
* Restaurar una cuenta desde el histórico.
*
* @param $id int El Id del registro en el histórico
* @return bool
*/
public function restoreFromHistory($id)
{
$Log = new Log(__FUNCTION__);
// Guardamos una copia de la cuenta en el histórico
if (!AccountHistory::addHistory($this->getAccountId(), false)) {
$Log->addDescription(_('Error al actualizar el historial'));
$Log->writeLog();
return false;
}
$query = 'UPDATE accounts dst, '
. '(SELECT * FROM accHistory WHERE acchistory_id = :id) src SET '
. 'dst.account_customerId = src.acchistory_customerId,'
. 'dst.account_categoryId = src.acchistory_categoryId,'
. 'dst.account_name = src.acchistory_name,'
. 'dst.account_login = src.acchistory_login,'
. 'dst.account_url = src.acchistory_url,'
. 'dst.account_notes = src.acchistory_notes,'
. 'dst.account_userEditId = :accountUserEditId,'
. 'dst.account_dateEdit = NOW(),'
. 'dst.account_otherUserEdit = src.acchistory_otherUserEdit + 0,'
. 'dst.account_otherGroupEdit = src.acchistory_otherGroupEdit + 0,'
. 'dst.account_pass = src.acchistory_pass,'
. 'dst.account_IV = src.acchistory_IV '
. 'WHERE dst.account_id = :accountId';
$data['id'] = $id;
$data['accountId'] = $this->getAccountId();
$data['accountUserEditId'] = $this->getAccountUserEditId();
if (DB::getQuery($query, __FUNCTION__, $data) === false) {
return false;
}
$accountInfo = array('customer_name', 'account_name');
$this->getAccountInfoById($accountInfo);
$Log->setAction(_('Restaurar Cuenta'));
$Log->addDescription(Html::strongText(_('Cliente') . ': ') . $this->_cacheParams['customer_name']);
$Log->addDescription(Html::strongText(_('Cuenta') . ': ') . $this->_cacheParams['account_name'] . " (" . $this->getAccountId() . ")");
$Log->writeLog();
Email::sendEmail($Log);
return true;
}
/**
* Obtener los datos de una cuenta con el id.
* Se guardan los datos en la variable $cacheParams de la clase para consultarlos
* posteriormente.
*
* @param array $params con los campos de la BBDD a obtener
* @return bool
*/
private function getAccountInfoById($params)
{
if (!is_array($params)) {
return false;
}
if (is_array($this->_cacheParams)) {
$cache = true;
foreach ($params as $param) {
if (!array_key_exists($param, $this->_cacheParams)) {
$cache = false;
}
}
if ($cache) {
return true;
}
}
$query = 'SELECT ' . implode(',', $params) . ' '
. 'FROM accounts '
. 'LEFT JOIN usrGroups ug ON account_userGroupId = usergroup_id '
. 'LEFT JOIN usrData u1 ON account_userId = u1.user_id '
. 'LEFT JOIN usrData u2 ON account_userEditId = u2.user_id '
. 'LEFT JOIN customers ON account_customerId = customer_id '
. 'WHERE account_id = :id LIMIT 1';
$data['id'] = $this->getAccountId();
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
return false;
}
foreach ($queryRes as $param => $value) {
$this->_cacheParams[$param] = $value;
}
return true;
}
/**
* Obtener los datos de una cuenta.
* Esta funcion realiza la consulta a la BBDD y guarda los datos en las variables de la clase.
*
* @return object
* @throws SPException
*/
public function getAccountData()
{
$query = 'SELECT account_id,'
. 'account_name,'
. 'account_categoryId,'
. 'account_userId,'
. 'account_customerId,'
. 'account_userGroupId,'
. 'account_userEditId,'
. 'category_name,'
. 'account_login,'
. 'account_url,'
// . 'account_pass,'
// . 'account_IV,'
. 'account_notes,'
. 'account_countView,'
. 'account_countDecrypt,'
. 'account_dateAdd,'
. 'account_dateEdit,'
. 'BIN(account_otherUserEdit) AS account_otherUserEdit,'
. 'BIN(account_otherGroupEdit) AS account_otherGroupEdit,'
. 'u1.user_name,'
. 'u1.user_login,'
. 'u2.user_name as user_editName,'
. 'u2.user_login as user_editLogin,'
. 'usergroup_name,'
. 'customer_name, '
. 'CONCAT(account_name,account_categoryId,account_customerId,account_login,account_url,account_notes,BIN(account_otherUserEdit),BIN(account_otherGroupEdit)) as modHash '
. 'FROM accounts '
. 'LEFT JOIN categories ON account_categoryId = category_id '
. 'LEFT JOIN usrGroups ug ON account_userGroupId = usergroup_id '
. 'LEFT JOIN usrData u1 ON account_userId = u1.user_id '
. 'LEFT JOIN usrData u2 ON account_userEditId = u2.user_id '
. 'LEFT JOIN customers ON account_customerId = customer_id '
. 'WHERE account_id = :id LIMIT 1';
$data['id'] = $this->getAccountId();
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
throw new SPException(SPException::SP_CRITICAL, _('No se pudieron obtener los datos de la cuenta'));
}
$this->setAccountUserId($queryRes->account_userId);
$this->setAccountUserGroupId($queryRes->account_userGroupId);
$this->setAccountOtherUserEdit($queryRes->account_otherUserEdit);
$this->setAccountOtherGroupEdit($queryRes->account_otherGroupEdit);
$this->setAccountModHash($queryRes->modHash);
return $queryRes;
}
/**
* Crea una nueva cuenta en la BBDD
*
* @return bool
*/
public function createAccount()
{
$query = 'INSERT INTO accounts SET '
. 'account_customerId = :accountCustomerId,'
. 'account_categoryId = :accountCategoryId,'
. 'account_name = :accountName,'
. 'account_login = :accountLogin,'
. 'account_url = :accountUrl,'
. 'account_pass = :accountPass,'
. 'account_IV = :accountIV,'
. 'account_notes = :accountNotes,'
. 'account_dateAdd = NOW(),'
. 'account_userId = :accountUserId,'
. 'account_userGroupId = :accountUserGroupId,'
. 'account_otherUserEdit = :accountOtherUserEdit,'
. 'account_otherGroupEdit = :accountOtherGroupEdit';
$data['accountCustomerId'] = $this->getAccountCustomerId();
$data['accountCategoryId'] = $this->getAccountCategoryId();
$data['accountName'] = $this->getAccountName();
$data['accountLogin'] = $this->getAccountLogin();
$data['accountUrl'] = $this->getAccountUrl();
$data['accountPass'] = $this->getAccountPass();
$data['accountIV'] = $this->getAccountIV();
$data['accountNotes'] = $this->getAccountNotes();
$data['accountUserId'] = $this->getAccountUserId();
$data['accountUserGroupId'] = $this->getAccountUserGroupId();
$data['accountOtherUserEdit'] = $this->getAccountOtherUserEdit();
$data['accountOtherGroupEdit'] = $this->getAccountOtherGroupEdit();
if (DB::getQuery($query, __FUNCTION__, $data) === false) {
return false;
}
$this->setAccountId(DB::$lastId);
$Log = new Log(__FUNCTION__);
if (is_array($this->getAccountUserGroupsId())) {
if (!Groups::addGroupsForAccount($this->getAccountId(), $this->getAccountUserGroupsId())) {
$Log->addDescription(_('Error al actualizar los grupos secundarios'));
$Log->writeLog();
$Log->resetDescription();
}
}
if (is_array($this->getAccountUsersId())) {
if (!UserUtil::addUsersForAccount($this->getAccountId(), $this->getAccountUsersId())) {
$Log->addDescription(_('Error al actualizar los usuarios de la cuenta'));
$Log->writeLog();
$Log->resetDescription();
}
}
$accountInfo = array('customer_name');
$this->getAccountInfoById($accountInfo);
$Log->setAction(_('Nueva Cuenta'));
$Log->addDescription(Html::strongText(_('Cliente') . ': ') . $this->_cacheParams['customer_name']);
$Log->addDescription(Html::strongText(_('Cuenta') . ': ') . $this->getAccountName() . " (" . $this->getAccountId() . ")");
$Log->writeLog();
Email::sendEmail($Log);
return true;
}
/**
* Elimina los datos de una cuenta en la BBDD.
*
* @return bool
*/
public function deleteAccount()
{
// Guardamos una copia de la cuenta en el histórico
AccountHistory::addHistory($this->getAccountId(), true) || die (_('ERROR: Error en la operación.'));
$accountInfo = array('account_name,customer_name');
$this->getAccountInfoById($accountInfo);
$Log = new Log(_('Eliminar Cuenta'));
$Log->addDescription(Html::strongText(_('Cliente') . ': ') . $this->_cacheParams['customer_name']);
$Log->addDescription(Html::strongText(_('Cuenta') . ': ') . $this->_cacheParams['account_name'] . " (" . $this->getAccountId() . ")");
$query = 'DELETE FROM accounts WHERE account_id = :id LIMIT 1';
$data['id'] = $this->getAccountId();
if (DB::getQuery($query, __FUNCTION__, $data) === false) {
return false;
}
if (!Groups::deleteGroupsForAccount($this->getAccountId())) {
$Log->addDescription(_('Error al eliminar grupos asociados a la cuenta'));
}
if (!UserUtil::deleteUsersForAccount($this->getAccountId())) {
$Log->addDescription(_('Error al eliminar usuarios asociados a la cuenta'));
}
if (!Files::deleteAccountFiles($this->getAccountId())) {
$Log->addDescription(_('Error al eliminar archivos asociados a la cuenta'));
}
$Log->writeLog();
Email::sendEmail($Log);
return true;
}
/**
* Incrementa el contador de visitas de una cuenta en la BBDD
*
* @return bool
*/
public function incrementViewCounter()
{
$query = 'UPDATE accounts SET account_countView = (account_countView + 1) WHERE account_id = :id LIMIT 1';
$data['id'] = $this->getAccountId();
return DB::getQuery($query, __FUNCTION__, $data);
}
/**
* Incrementa el contador de vista de clave de una cuenta en la BBDD
*
* @return bool
*/
public function incrementDecryptCounter()
{
$query = 'UPDATE accounts SET account_countDecrypt = (account_countDecrypt + 1) WHERE account_id = :id LIMIT 1';
$data['id'] = $this->getAccountId();
return DB::getQuery($query, __FUNCTION__, $data);
}
/**
* Actualiza las claves de todas las cuentas con la nueva clave maestra.
*
* @param string $currentMasterPass con la clave maestra actual
* @param string $newMasterPass con la nueva clave maestra
* @param string $newHash con el nuevo hash de la clave maestra
* @return bool
*/
public function updateAccountsMasterPass($currentMasterPass, $newMasterPass, $newHash = null)
{
$accountsOk = array();
$userId = Session::getUserId();
$demoEnabled = Util::demoIsEnabled();
$errorCount = 0;
$Log = new Log(_('Actualizar Clave Maestra'));
$Log->addDescription(_('Inicio'));
$Log->writeLog();
$Log->resetDescription();
if (!Crypt::checkCryptModule()) {
$Log->addDescription(_('Error en el módulo de encriptación'));
$Log->writeLog();
return false;
}
$accountsPass = $this->getAccountsPassData();
if (!$accountsPass) {
$Log->addDescription(_('Error al obtener las claves de las cuentas'));
$Log->writeLog();
return false;
}
foreach ($accountsPass as $account) {
$this->setAccountId($account->account_id);
$this->setAccountUserEditId($userId);
// No realizar cambios si está en modo demo
if ($demoEnabled) {
$accountsOk[] = $this->getAccountId();
continue;
}
if (strlen($account->account_pass) === 0){
$Log->addDescription(_('Clave de cuenta vacía') . ' (' . $account->account_id . ') ' . $account->account_name);
continue;
}
if (strlen($account->account_IV) < 32) {
$Log->addDescription(_('IV de encriptación incorrecto') . ' (' . $account->account_id . ') ' . $account->account_name);
}
$decryptedPass = Crypt::getDecrypt($account->account_pass, $account->account_IV);
$this->setAccountPass(Crypt::mkEncrypt($decryptedPass, $newMasterPass));
$this->setAccountIV(Crypt::$strInitialVector);
if ($this->getAccountPass() === false) {
$errorCount++;
$Log->addDescription(_('No es posible desencriptar la clave de la cuenta') . ' (' . $account->account_id . ') ' . $account->account_name);
continue;
}
if (!$this->updateAccountPass(true)) {
$errorCount++;
$Log->addDescription(_('Fallo al actualizar la clave de la cuenta') . ' (' . $this->getAccountId() . ') ' . $account->acchistory_name);
continue;
}
$accountsOk[] = $this->getAccountId();
}
// Vaciar el array de mensajes de log
if (count($Log->getDescription()) > 0) {
$Log->writeLog();
$Log->resetDescription();
}
if ($accountsOk) {
$Log->addDescription(_('Cuentas actualizadas') . ': ' . implode(',', $accountsOk));
$Log->writeLog();
$Log->resetDescription();
}
$Log->addDescription(_('Fin'));
$Log->writeLog();
Email::sendEmail($Log);
return true;
}
/**
* Obtener los datos relativos a la clave de todas las cuentas.
*
* @return false|array Con los datos de la clave
*/
protected function getAccountsPassData()
{
$query = 'SELECT account_id, account_name, account_pass, account_IV FROM accounts';
return DB::getResults($query, __FUNCTION__);
}
/**
* Obtener los datos de una cuenta para mostrar la clave
* Esta funcion realiza la consulta a la BBDD y devuelve los datos.
*
* @return object|false
*/
public function getAccountPassData()
{
$query = 'SELECT account_name AS name,'
. 'account_userId AS userId,'
. 'account_userGroupId AS groupId,'
. 'account_login AS login,'
. 'account_pass AS pass,'
. 'account_IV AS iv,'
. 'customer_name '
. 'FROM accounts '
. 'LEFT JOIN customers ON account_customerId = customer_id '
. 'WHERE account_id = :id LIMIT 1';
$data['id'] = $this->getAccountId();
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
return false;
}
$this->setAccountUserId($queryRes->userId);
$this->setAccountUserGroupId($queryRes->groupId);
$this->setAccountPass($queryRes->pass);
$this->setAccountIV($queryRes->iv);
return $queryRes;
}
/**
* Actualiza la clave de una cuenta en la BBDD.
*
* @param bool $isMassive para no actualizar el histórico ni enviar mensajes
* @param bool $isRestore indica si es una restauración
* @return bool
*/
public function updateAccountPass($isMassive = false, $isRestore = false)
{
$Log = new Log(__FUNCTION__);
// No actualizar el histórico si es por cambio de clave maestra o restauración
if (!$isMassive && !$isRestore) {
// Guardamos una copia de la cuenta en el histórico
if (!AccountHistory::addHistory($this->getAccountId(), false)) {
$Log->addDescription(_('Error al actualizar el historial'));
$Log->writeLog();
return false;
}
}
$query = 'UPDATE accounts SET '
. 'account_pass = :accountPass,'
. 'account_IV = :accountIV,'
. 'account_userEditId = :accountUserEditId,'
. 'account_dateEdit = NOW() '
. 'WHERE account_id = :accountId';
$data['accountPass'] = $this->getAccountPass();
$data['accountIV'] = $this->getAccountIV();
$data['accountUserEditId'] = $this->getAccountUserEditId();
$data['accountId'] = $this->getAccountId();
if (DB::getQuery($query, __FUNCTION__, $data) === false) {
return false;
}
// No escribir en el log ni enviar correos si la actualización es
// por cambio de clave maestra o restauración
if (!$isMassive && !$isRestore) {
$accountInfo = array('customer_name', 'account_name');
$this->getAccountInfoById($accountInfo);
$Log->setAction(_('Modificar Clave'));
$Log->addDescription(Html::strongText(_('Cliente') . ': ') . $this->_cacheParams['customer_name']);
$Log->addDescription(Html::strongText(_('Cuenta') . ': ') . $this->_cacheParams['account_name'] . " (" . $this->getAccountId() . ")");
$Log->writeLog();
Email::sendEmail($Log);
}
return true;
}
/**
* Obtener los datos de todas las cuentas
*
* @return array
* @throws SPException
*/
public static function getAccountsData()
{
$query = 'SELECT account_id,'
. 'account_name,'
. 'account_categoryId,'
. 'account_customerId,'
. 'account_login,'
. 'account_url,'
. 'account_pass,'
. 'account_IV,'
. 'account_notes '
. 'FROM accounts';
DB::setReturnArray();
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
throw new SPException(SPException::SP_CRITICAL, _('No se pudieron obtener los datos de las cuentas'));
}
return $queryRes;
}
}

578
inc/AccountBase.class.php Normal file
View File

@@ -0,0 +1,578 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Clase abstracta para definición de métodos comunes a las cuentas
*/
abstract class AccountBase
{
/**
* Tiempo de expiración de la caché de ACLde usuarios/grupos de cuentas
*/
const CACHE_EXPIRE_TIME = 300;
/**
* @var int Id de la cuenta padre.
*/
private $_accountParentId;
/**
* @var string Hash con los datos de la cuenta para verificación de cambios.
*/
private $_accountModHash;
/**
* @var int Indica si la cuenta es un registro del hitórico.
*/
private $_accountIsHistory = 0;
/**
* @var int Id de la cuenta.
*/
private $_accountId;
/**
* @var int Id del usuario principal de la cuenta.
*/
private $_accountUserId;
/**
* @var array Los Ids de los usuarios secundarios de la cuenta.
*/
private $_accountUsersId;
/**
* @var array Id del grupo principal de la cuenta.
*/
private $_accountUserGroupId;
/**
* @var array Los Ids de los grupos secundarios de la cuenta.
*/
private $_accountUserGroupsId;
/**
* @var int Id del usuario que editó la cuenta.
*/
private $_accountUserEditId;
/**
* @var string El nombre de la cuenta.
*/
private $_accountName;
/**
* @var int Id del cliente de la cuenta.
*/
private $_accountCustomerId;
/**
* @var int Id de la categoría de la cuenta.
*/
private $_accountCategoryId;
/**
* @var string El nombre de usuario de la cuenta.
*/
private $_accountLogin;
/**
* @var string La URL de la cuenta.
*/
private $_accountUrl;
/**
* @var string La clave de la cuenta.
*/
private $_accountPass;
/**
* @var string El vector de inicialización de la cuenta.
*/
private $_accountIV;
/**
* @var string Las nosta de la cuenta.
*/
private $_accountNotes;
/**
* @var bool Si se permite la edición por los usuarios secundarios.
*/
private $_accountOtherUserEdit;
/**
* @var bool Si se permita la edición por los grupos secundarios.
*/
private $_accountOtherGroupEdit;
/**
* @var array Los Ids de los grupos con acceso a la cuenta
*/
private $_cacheUserGroupsId;
/**
* @var array Los Ids de los usuarios con acceso a la cuenta
*/
private $_cacheUsersId;
/**
* Constructor
*
* @param int $id con el Id de la cuenta a obtener
*/
public function __construct($id = null)
{
if (!is_null($id)) {
$this->setAccountId($id);
}
}
/**
* @return int
*/
public function getAccountUserEditId()
{
return $this->_accountUserEditId;
}
/**
* @param int $accountUserEditId
*/
public function setAccountUserEditId($accountUserEditId)
{
$this->_accountUserEditId = $accountUserEditId;
}
/**
* @return string
*/
public function getAccountPass()
{
return $this->_accountPass;
}
/**
* @param string $accountPass
*/
public function setAccountPass($accountPass)
{
$this->_accountPass = $accountPass;
}
/**
* @return string
*/
public function getAccountIV()
{
return $this->_accountIV;
}
/**
* @param string $accountIV
*/
public function setAccountIV($accountIV)
{
$this->_accountIV = $accountIV;
}
/**
* @return int
*/
public function getAccountIsHistory()
{
return $this->_accountIsHistory;
}
/**
* @param int $accountIsHistory
*/
public function setAccountIsHistory($accountIsHistory)
{
$this->_accountIsHistory = $accountIsHistory;
}
/**
* @return int
*/
public function getAccountParentId()
{
return $this->_accountParentId;
}
/**
* @param int $accountParentId
*/
public function setAccountParentId($accountParentId)
{
$this->_accountParentId = $accountParentId;
}
/**
* Devolver datos de la cuenta para comprobación de accesos.
*
* @param int $accountId con el id de la cuenta
* @return array con los datos de la cuenta
*/
public function getAccountDataForACL($accountId = null)
{
$accId = (!is_null($accountId)) ? $accountId : $this->getAccountId();
return array(
'id' => $accId,
'user_id' => $this->getAccountUserId(),
'group_id' => $this->getAccountUserGroupId(),
'users_id' => $this->getUsersAccount(),
'groups_id' => $this->getGroupsAccount(),
'otheruser_edit' => $this->getAccountOtherUserEdit(),
'othergroup_edit' => $this->getAccountOtherGroupEdit()
);
}
/**
* @return int|null
*/
public function getAccountId()
{
return $this->_accountId;
}
/**
* @param int $accountId
*/
public function setAccountId($accountId)
{
$this->_accountId = (int)$accountId;
}
/**
* @return int
*/
public function getAccountUserId()
{
return $this->_accountUserId;
}
/**
* @param int $accountUserId
*/
public function setAccountUserId($accountUserId)
{
$this->_accountUserId = $accountUserId;
}
/**
* @return int
*/
public function getAccountUserGroupId()
{
return $this->_accountUserGroupId;
}
/**
* @param int $accountUserGroupId
*/
public function setAccountUserGroupId($accountUserGroupId)
{
$this->_accountUserGroupId = $accountUserGroupId;
}
/**
* Obtiene el listado usuarios con acceso a una cuenta.
* Lo almacena en la cache de sesión como array de cuentas
*
* @return array Con los registros con id de cuenta como clave e id de usuario como valor
*/
public function getUsersAccount()
{
$accId = $this->getAccountId();
$cacheUsers = &$_SESSION['cache']['usersId'];
if (!is_array($cacheUsers)) {
$cacheUsers = array($accId => array(), 'expires' => 0);
}
if (!isset($cacheUsers[$accId])
|| time() > $cacheUsers['expires']
) {
$cacheUsers[$accId] = UserUtil::getUsersForAccount($accId);
$cacheUsers['expires'] = time() + self::CACHE_EXPIRE_TIME;
}
return $cacheUsers[$accId];
}
/**
* Obtiene el listado de grupos secundarios de una cuenta.
* Lo almacena en la cache de sesión como array de cuentas
*
* @return array con los registros con id de cuenta como clave e id de grupo como valor
*/
public function getGroupsAccount()
{
$accId = $this->getAccountId();
$cacheUserGroups = &$_SESSION['cache']['userGroupsId'];
if (!is_array($cacheUserGroups)) {
$cacheUserGroups = array($accId => array(), 'expires' => 0);
}
if (!isset($cacheUserGroups[$accId])
|| time() > $cacheUserGroups['expires']
) {
$cacheUserGroups[$accId] = Groups::getGroupsForAccount($accId);
$cacheUserGroups['expires'] = time() + self::CACHE_EXPIRE_TIME;
}
return $cacheUserGroups[$accId];
}
/**
* @return bool
*/
public function getAccountOtherUserEdit()
{
return $this->_accountOtherUserEdit;
}
/**
* @param bool $accountOtherUserEdit
*/
public function setAccountOtherUserEdit($accountOtherUserEdit)
{
$this->_accountOtherUserEdit = $accountOtherUserEdit;
}
/**
* @return bool
*/
public function getAccountOtherGroupEdit()
{
return $this->_accountOtherGroupEdit;
}
/**
* @param bool $accountOtherGroupEdit
*/
public function setAccountOtherGroupEdit($accountOtherGroupEdit)
{
$this->_accountOtherGroupEdit = $accountOtherGroupEdit;
}
/**
* Calcular el hash de los datos de una cuenta.
* Esta función se utiliza para verificar si los datos de un formulario han sido cambiados
* con respecto a los guardados
*
* @return string con el hash
*/
public function calcChangesHash()
{
$groups = 0;
$users = 0;
if (is_array($this->getAccountUserGroupsId())) {
$groups = implode($this->getAccountUserGroupsId());
} elseif (is_array($this->_cacheUserGroupsId)) {
foreach ($this->_cacheUserGroupsId as $group) {
if (is_array($group)) {
// Ordenar el array para que el hash sea igual
sort($group, SORT_NUMERIC);
$groups = implode($group);
}
}
}
if (is_array($this->getAccountUsersId())) {
$users = implode($this->getAccountUsersId());
} elseif (is_array($this->_cacheUsersId)) {
foreach ($this->_cacheUsersId as $user) {
if (is_array($user)) {
// Ordenar el array para que el hash sea igual
sort($user, SORT_NUMERIC);
$users = implode($user);
}
}
}
if ($this->getAccountModHash()) {
$hashItems = $this->getAccountModHash() . (int)$users . (int)$groups;
//error_log("HASH MySQL: ".$hashItems);
} else {
$hashItems = $this->getAccountName() .
$this->getAccountCategoryId() .
$this->getAccountCustomerId() .
$this->getAccountLogin() .
$this->getAccountUrl() .
$this->getAccountNotes() .
$this->getAccountOtherUserEdit() .
$this->getAccountOtherGroupEdit() .
(int)$users .
(int)$groups;
//error_log("HASH PHP: ".$hashItems);
}
return md5($hashItems);
}
/**
* @return array
*/
public function getAccountUserGroupsId()
{
return $this->_accountUserGroupsId;
}
/**
* @param array $accountUserGroupsId
*/
public function setAccountUserGroupsId($accountUserGroupsId)
{
$this->_accountUserGroupsId = $accountUserGroupsId;
}
/**
* @return array
*/
public function getAccountUsersId()
{
return $this->_accountUsersId;
}
/**
* @param array $accountUsersId
*/
public function setAccountUsersId($accountUsersId)
{
$this->_accountUsersId = $accountUsersId;
}
/**
* @return string
*/
public function getAccountModHash()
{
return $this->_accountModHash;
}
/**
* @param string $accountModHash
*/
public function setAccountModHash($accountModHash)
{
$this->_accountModHash = $accountModHash;
}
/**
* @return string
*/
public function getAccountName()
{
return $this->_accountName;
}
/**
* @param string $accountName
*/
public function setAccountName($accountName)
{
$this->_accountName = $accountName;
}
/**
* @return int
*/
public function getAccountCategoryId()
{
return $this->_accountCategoryId;
}
/**
* @param int $accountCategoryId
*/
public function setAccountCategoryId($accountCategoryId)
{
$this->_accountCategoryId = $accountCategoryId;
}
/**
* @return int
*/
public function getAccountCustomerId()
{
return $this->_accountCustomerId;
}
/**
* @param int $accountCustomerId
*/
public function setAccountCustomerId($accountCustomerId)
{
$this->_accountCustomerId = $accountCustomerId;
}
/**
* @return string
*/
public function getAccountLogin()
{
return $this->_accountLogin;
}
/**
* @param string $accountLogin
*/
public function setAccountLogin($accountLogin)
{
$this->_accountLogin = $accountLogin;
}
/**
* @return string
*/
public function getAccountUrl()
{
return $this->_accountUrl;
}
/**
* @param string $accountUrl
*/
public function setAccountUrl($accountUrl)
{
$this->_accountUrl = $accountUrl;
}
/**
* @return string
*/
public function getAccountNotes()
{
return $this->_accountNotes;
}
/**
* @param string $accountNotes
*/
public function setAccountNotes($accountNotes)
{
$this->_accountNotes = $accountNotes;
}
/**
* Obtener los datos de una cuenta para mostrar la clave
* Esta funcion realiza la consulta a la BBDD y devuelve los datos.
*/
protected abstract function getAccountPassData();
/**
* Obtener los datos relativos a la clave de todas las cuentas.
*/
protected abstract function getAccountsPassData();
}

510
inc/AccountHistory.class.php Normal file
View File

@@ -0,0 +1,510 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
class AccountHistory extends AccountBase implements AccountInterface
{
private $_isDelete = false;
private $_isModify = false;
/**
* Obtiene el listado del histórico de una cuenta.
*
* @return false|array Con los registros con id como clave y fecha - usuario como valor
*/
public static function getAccountList($accountId)
{
$query = 'SELECT acchistory_id,'
. 'acchistory_dateEdit,'
. 'u1.user_login as user_edit,'
. 'u2.user_login as user_add,'
. 'acchistory_dateAdd '
. 'FROM accHistory '
. 'LEFT JOIN usrData u1 ON acchistory_userEditId = u1.user_id '
. 'LEFT JOIN usrData u2 ON acchistory_userId = u2.user_id '
. 'WHERE acchistory_accountId = :id '
. 'ORDER BY acchistory_id DESC';
$data['id'] = $accountId;
DB::setReturnArray();
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
return false;
}
$arrHistory = array();
foreach ($queryRes as $history) {
// Comprobamos si la entrada en el historial es la primera (no tiene editor ni fecha de edición)
if ($history->acchistory_dateEdit === null || $history->acchistory_dateEdit == '0000-00-00 00:00:00') {
$arrHistory[$history->acchistory_id] = $history->acchistory_dateAdd . ' - ' . $history->user_add;
} else {
$arrHistory[$history->acchistory_id] = $history->acchistory_dateEdit . ' - ' . $history->user_edit;
}
}
return $arrHistory;
}
/**
* @return boolean
*/
public function isIsDelete()
{
return $this->_isDelete;
}
/**
* @param boolean $isDelete
*/
public function setIsDelete($isDelete)
{
$this->_isDelete = $isDelete;
}
/**
* @return boolean
*/
public function isIsModify()
{
return $this->_isModify;
}
/**
* @param boolean $isModify
*/
public function setIsModify($isModify)
{
$this->_isModify = $isModify;
}
/**
* Actualiza las claves de todas las cuentas en el histórico con la nueva clave maestra.
*
* @param string $currentMasterPass con la clave maestra actual
* @param string $newMasterPass con la nueva clave maestra
* @param string $newHash con el nuevo hash de la clave maestra
* @return bool
*/
public function updateAccountsMasterPass($currentMasterPass, $newMasterPass, $newHash = null)
{
$idOk = array();
$errorCount = 0;
$demoEnabled = Util::demoIsEnabled();
$log = new Log(_('Actualizar Clave Maestra (H)'));
$log->addDescription(_('Inicio'));
$log->writeLog();
$log->resetDescription();
if (!Crypt::checkCryptModule()) {
$log->addDescription(_('Error en el módulo de encriptación'));
$log->writeLog();
return false;
}
$accountsPass = $this->getAccountsPassData();
if (!$accountsPass) {
$log->addDescription(_('Error al obtener las claves de las cuentas'));
$log->writeLog();
return false;
}
foreach ($accountsPass as $account) {
$this->setAccountId($account->acchistory_id);
// No realizar cambios si está en modo demo
if ($demoEnabled) {
$idOk[] = $account->acchistory_id;
continue;
}
if (!$this->checkAccountMPass()) {
$errorCount++;
$log->addDescription(_('La clave maestra del registro no coincide') . ' (' . $account->acchistory_id . ') ' . $account->acchistory_name);
continue;
}
if (strlen($account->acchistory_pass) === 0){
$log->addDescription(_('Clave de cuenta vacía') . ' (' . $account->acchistory_id . ') ' . $account->acchistory_name);
continue;
}
if (strlen($account->acchistory_IV) < 32) {
$log->addDescription(_('IV de encriptación incorrecto') . ' (' . $account->acchistory_id . ') ' . $account->acchistory_name);
}
$decryptedPass = Crypt::getDecrypt($account->acchistory_pass, $account->acchistory_IV);
$this->setAccountPass(Crypt::mkEncrypt($decryptedPass, $newMasterPass));
$this->setAccountIV(Crypt::$strInitialVector);
if ($this->getAccountPass() === false) {
$errorCount++;
$log->addDescription(_('No es posible desencriptar la clave de la cuenta') . ' (' . $account->acchistory_id . ') ' . $account->acchistory_name);
continue;
}
if (!$this->updateAccountPass($account->acchistory_id, $newHash)) {
$errorCount++;
$log->addDescription(_('Fallo al actualizar la clave del histórico') . ' (' . $account->acchistory_id . ') ' . $account->acchistory_name);
continue;
}
$idOk[] = $account->acchistory_id;
}
// Vaciar el array de mensaje de log
if (count($log->getDescription()) > 0) {
$log->writeLog();
$log->resetDescription();
}
if ($idOk) {
$log->addDescription(_('Registros actualizados') . ': ' . implode(',', $idOk));
$log->writeLog();
$log->resetDescription();
}
$log->addDescription(_('Fin'));
$log->writeLog();
return true;
}
/**
* Obtener los datos relativos a la clave de todas las cuentas del histórico.
*
* @return false|array con los datos de la clave
*/
protected function getAccountsPassData()
{
$query = 'SELECT acchistory_id, acchistory_name, acchistory_pass, acchistory_IV FROM accHistory';
DB::setReturnArray();
return DB::getResults($query, __FUNCTION__);
}
/**
* Comprueba el hash de la clave maestra del registro de histórico de una cuenta.
*
* @param int $id opcional, con el Id del registro a comprobar
* @return bool
*/
public function checkAccountMPass($id = null)
{
$query = 'SELECT acchistory_mPassHash ' .
'FROM accHistory ' .
'WHERE acchistory_id = :id ' .
'AND acchistory_mPassHash = :mPassHash';
$data['id'] = (is_null($id)) ? $this->getAccountId() : $id;
$data['mPassHash'] = Config::getConfigDbValue('masterPwd');
return (DB::getResults($query, __FUNCTION__, $data) !== false);
}
/**
* Obtener los datos de una cuenta para mostrar la clave
* Esta funcion realiza la consulta a la BBDD y devuelve los datos.
*
* @return object|false
*/
public function getAccountPassData()
{
$query = 'SELECT acchistory_name AS name,'
. 'acchistory_userId AS userId,'
. 'acchistory_userGroupId AS groupId,'
. 'acchistory_login AS login,'
. 'acchistory_pass AS pass,'
. 'acchistory_IV AS iv '
. 'FROM accHistory '
. 'WHERE acchistory_id = :id LIMIT 1';
$data['id'] = $this->getAccountId();
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
return false;
}
$this->setAccountUserId($queryRes->userId);
$this->setAccountUserGroupId($queryRes->groupId);
$this->setAccountPass($queryRes->pass);
$this->setAccountIV($queryRes->iv);
return $queryRes;
}
/**
* Actualiza la clave del histórico de una cuenta en la BBDD.
*
* @param int $id con el id del registro a actualizar
* @param string $newHash con el hash de la clave maestra
* @return bool
*/
public function updateAccountPass($id, $newHash)
{
$query = 'UPDATE accHistory SET '
. 'acchistory_pass = :accountPass,'
. 'acchistory_IV = :accountIV,'
. 'acchistory_mPassHash = :newHash '
. 'WHERE acchistory_id = :id';
$data['accountPass'] = $this->getAccountPass();
$data['accountIV'] = $this->getAccountIV();
$data['newHash'] = $newHash;
$data['id'] = $id;
return DB::getQuery($query, __FUNCTION__, $data);
}
/**
* Obtener los datos del histórico de una cuenta.
* Esta funcion realiza la consulta a la BBDD y guarda los datos del histórico
* en las variables de la clase.
*
* @return object
* @throws SPException
*/
public function getAccountData()
{
$query = 'SELECT acchistory_accountId as account_id,'
. 'acchistory_customerId as account_customerId,'
. 'acchistory_categoryId as account_categoryId,'
. 'acchistory_name as account_name,'
. 'acchistory_login as account_login,'
. 'acchistory_url as account_url,'
. 'acchistory_pass as account_pass,'
. 'acchistory_IV as account_IV,'
. 'acchistory_notes as account_notes,'
. 'acchistory_countView as account_countView,'
. 'acchistory_countDecrypt as account_countDecrypt,'
. 'acchistory_dateAdd as account_dateAdd,'
. 'acchistory_dateEdit as account_dateEdit,'
. 'acchistory_userId as account_userId,'
. 'acchistory_userGroupId as account_userGroupId,'
. 'acchistory_userEditId as account_userEditId,'
. 'acchistory_isModify,'
. 'acchistory_isDeleted,'
. 'acchistory_otherUserEdit + 0 AS account_otherUserEdit,'
. 'acchistory_otherGroupEdit + 0 AS account_otherGroupEdit,'
. 'u1.user_name,'
. 'u1.user_login,'
. 'usergroup_name,'
. 'u2.user_name as user_editName,'
. 'u2.user_login as user_editLogin,'
. 'category_name, customer_name '
. 'FROM accHistory '
. 'LEFT JOIN categories ON acchistory_categoryId = category_id '
. 'LEFT JOIN usrGroups ON acchistory_userGroupId = usergroup_id '
. 'LEFT JOIN usrData u1 ON acchistory_userId = u1.user_id '
. 'LEFT JOIN usrData u2 ON acchistory_userEditId = u2.user_id '
. 'LEFT JOIN customers ON acchistory_customerId = customer_id '
. 'WHERE acchistory_id = :id LIMIT 1';
$data['id'] = $this->getAccountId();
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
throw new SPException(SPException::SP_CRITICAL, _('No se pudieron obtener los datos de la cuenta'));
}
$this->setAccountUserId($queryRes->account_userId);
$this->setAccountUserGroupId($queryRes->account_userGroupId);
$this->setAccountOtherUserEdit($queryRes->account_otherUserEdit);
$this->setAccountOtherGroupEdit($queryRes->account_otherGroupEdit);
return $queryRes;
}
/**
* Crear una cuenta en el historial
*
* @return bool
*/
public function createAccount()
{
// FIXME: continuar
$query = 'INSERT INTO accHistory SET '
. 'acchistory_accountId = :account_id,'
. 'acchistory_customerId = :accountCustomerId,'
. 'acchistory_categoryId = :accountCategoryId,'
. 'acchistory_name = :accountName,'
. 'acchistory_login = :accountLogin,'
. 'acchistory_url = :accountUrl,'
. 'acchistory_pass = :accountPass,'
. 'acchistory_IV = :accountIV,'
. 'acchistory_notes = :accountNotes,'
. 'acchistory_dateAdd = :accountDateAdd,'
. 'acchistory_dateEdit = :accountDateEdit,'
. 'acchistory_countView = :accountCountView,'
. 'acchistory_countDecrypt = :accountCountDecrypt,'
. 'acchistory_userId = :accountUserId,'
. 'acchistory_userGroupId = :accountUserGroupId,'
. 'acchistory_otherUserEdit = :accountOtherUserEdit,'
. 'acchistory_otherGroupEdit = :accountOtherGroupEdit,'
. 'acchistory_isModify = :isModify,'
. 'acchistory_isDeleted = :isDelete,'
. 'acchistory_mPassHash = :masterPwd';
$data['account_id'] = $this->getAccountId();
$data['accountCustomerId'] = $this->getAccountCustomerId();
$data['accountCategoryId'] = $this->getAccountCategoryId();
$data['accountName'] = $this->getAccountName();
$data['accountLogin'] = $this->getAccountLogin();
$data['accountUrl'] = $this->getAccountUrl();
$data['accountPass'] = $this->getAccountPass();
$data['accountIV'] = $this->getAccountIV();
$data['accountNotes'] = $this->getAccountNotes();
$data['accountUserId'] = $this->getAccountUserId();
$data['accountUserGroupId'] = $this->getAccountUserGroupId();
$data['accountOtherUserEdit'] = $this->getAccountOtherUserEdit();
$data['accountOtherGroupEdit'] = $this->getAccountOtherGroupEdit();
$data['isModify'] = $this->isIsModify();
$data['isDelete'] = $this->isIsDelete();
$data['masterPwd'] = Config::getConfigDbValue('masterPwd');
if (DB::getQuery($query, __FUNCTION__, $data) === false) {
return false;
}
return true;
}
/**
* Eliminar una cuenta del historial
*
* @return bool
*/
public function deleteAccount()
{
$query = 'DELETE FROM accHistory WHERE acchistory_id = :id LIMIT 1';
$data['id'] = $this->getAccountId();
if (DB::getQuery($query, __FUNCTION__, $data) === false) {
return false;
}
return true;
}
/**
* Crear un nuevo registro de histório de cuenta en la BBDD.
*
* @param int $id el id de la cuenta primaria
* @param bool $isDelete indica que la cuenta es eliminada
* @return bool
*/
public static function addHistory($id, $isDelete = false)
{
$query = 'INSERT INTO accHistory '
. '(acchistory_accountId,'
. 'acchistory_categoryId,'
. 'acchistory_customerId,'
. 'acchistory_name,'
. 'acchistory_login,'
. 'acchistory_url,'
. 'acchistory_pass,'
. 'acchistory_IV,'
. 'acchistory_notes,'
. 'acchistory_countView,'
. 'acchistory_countDecrypt,'
. 'acchistory_dateAdd,'
. 'acchistory_dateEdit,'
. 'acchistory_userId,'
. 'acchistory_userGroupId,'
. 'acchistory_userEditId,'
. 'acchistory_otherUserEdit,'
. 'acchistory_otherGroupEdit,'
. 'acchistory_isModify,'
. 'acchistory_isDeleted,'
. 'acchistory_mPassHash) '
. 'SELECT account_id,'
. 'account_categoryId,'
. 'account_customerId,'
. 'account_name,'
. 'account_login,'
. 'account_url,'
. 'account_pass,'
. 'account_IV,'
. 'account_notes,'
. 'account_countView,'
. 'account_countDecrypt,'
. 'account_dateAdd,'
. 'account_dateEdit,'
. 'account_userId,'
. 'account_userGroupId,'
. 'account_userEditId,'
. 'account_otherUserEdit,'
. 'account_otherGroupEdit,'
. ':isModify,'
. ':isDelete,'
. ':masterPwd '
. 'FROM accounts WHERE account_id = :account_id';
$data['account_id'] = $id;
$data['isModify'] = ($isDelete === false) ? 1 : 0;
$data['isDelete'] = ($isDelete === false) ? 0 : 1;
$data['masterPwd'] = Config::getConfigDbValue('masterPwd');
return DB::getQuery($query, __FUNCTION__, $data);
}
/**
* Obtener el Id padre de una cuenta en el histórico.
*
* @param $historyId int El id de la cuenta en el histórico
* @return int El id de la cuenta padre
* @throws SPException
*/
public static function getAccountIdFromId($historyId)
{
$query = 'SELECT acchistory_accountId FROM accHistory WHERE acchistory_id = :id LIMIT 1';
$data['id'] = $historyId;
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
throw new SPException(SPException::SP_CRITICAL, _('No se pudieron obtener los datos de la cuenta'), 0);
}
return $queryRes->acchistory_accountId;
}
}

42
inc/AccountInterface.class.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Interface AccountInterface con la definición de métodos comunes a las cuentas
*/
interface AccountInterface
{
public function getAccountData();
public function createAccount();
public function deleteAccount();
public function updateAccountsMasterPass($currentMasterPass, $newMasterPass, $newHash = null);
}

474
inc/AccountSearch.class.php Normal file
View File

@@ -0,0 +1,474 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Class AccountSearch para la gestión de búsquedas de cuentas
*/
class AccountSearch
{
/**
* Constantes de ordenación
*/
const SORT_NAME = 1;
const SORT_CATEGORY = 2;
const SORT_LOGIN = 3;
const SORT_URL = 4;
const SORT_CUSTOMER = 5;
/**
* @var int El número de registros de la última consulta
*/
public static $queryNumRows;
/**
* @var bool
*/
private $_globalSearch = false;
/**
* @var string
*/
private $_txtSearch = '';
/**
* @var int
*/
private $_customerId = 0;
/**
* @var int
*/
private $_categoryId = 0;
/**
* @var int
*/
private $_sortOrder = 0;
/**
* @var int
*/
private $_sortKey = 0;
/**
* @var int
*/
private $_limitStart = 0;
/**
* @var int
*/
private $_limitCount = 12;
/**
* Constructor
*/
function __construct()
{
$this->setLimitCount(Config::getValue('account_count'));
}
/**
* @return int
*/
public function getGlobalSearch()
{
return $this->_globalSearch;
}
/**
* @param int $globalSearch
*/
public function setGlobalSearch($globalSearch)
{
$this->_globalSearch = $globalSearch;
}
/**
* @return string
*/
public function getTxtSearch()
{
return $this->_txtSearch;
}
/**
* @param string $txtSearch
*/
public function setTxtSearch($txtSearch)
{
$this->_txtSearch = $txtSearch;
}
/**
* @return int
*/
public function getCustomerId()
{
return $this->_customerId;
}
/**
* @param int $customerId
*/
public function setCustomerId($customerId)
{
$this->_customerId = $customerId;
}
/**
* @return int
*/
public function getCategoryId()
{
return $this->_categoryId;
}
/**
* @param int $categoryId
*/
public function setCategoryId($categoryId)
{
$this->_categoryId = $categoryId;
}
/**
* @return int
*/
public function getSortOrder()
{
return $this->_sortOrder;
}
/**
* @param int $sortOrder
*/
public function setSortOrder($sortOrder)
{
$this->_sortOrder = $sortOrder;
}
/**
* @return int
*/
public function getSortKey()
{
return $this->_sortKey;
}
/**
* @param int $sortKey
*/
public function setSortKey($sortKey)
{
$this->_sortKey = $sortKey;
}
/**
* @return int
*/
public function getLimitStart()
{
return $this->_limitStart;
}
/**
* @param int $limitStart
*/
public function setLimitStart($limitStart)
{
$this->_limitStart = $limitStart;
}
/**
* @return int
*/
public function getLimitCount()
{
return $this->_limitCount;
}
/**
* @param int $limitCount
*/
public function setLimitCount($limitCount)
{
$this->_limitCount = $limitCount;
}
/**
* Obtener las cuentas de una búsqueda.
*
* @return bool Resultado de la consulta
*/
public function getAccounts()
{
$isAdmin = (Session::getUserIsAdminApp() || Session::getUserIsAdminAcc());
$arrFilterCommon = array();
$arrFilterSelect = array();
$arrFilterUser = array();
$arrQueryWhere = array();
switch ($this->_sortKey) {
case self::SORT_NAME:
$orderKey = 'account_name';
break;
case self::SORT_CATEGORY:
$orderKey = 'category_name';
break;
case self::SORT_LOGIN:
$orderKey = 'account_login';
break;
case self::SORT_URL:
$orderKey = 'account_url';
break;
case self::SORT_CUSTOMER:
$orderKey = 'customer_name';
break;
default :
$orderKey = 'customer_name, account_name';
break;
}
if ($this->_txtSearch) {
// Analizar la cadena de búsqueda por etiquetas especiales
$stringFilters = $this->analyzeQueryString();
if ($stringFilters !== false) {
$i = 0;
foreach ($stringFilters as $column => $value) {
$parameter = 'P_' . $column . $i;
$rel = '=';
if (preg_match('/name/i', $column)) {
$rel = 'LIKE';
$value = '%' . $value . '%';
}
$arrFilterCommon[] = $column . ' ' . $rel . ' :' . $parameter;
$data[$parameter] = $value;
$i++;
}
} else {
$arrFilterCommon[] = 'account_name LIKE :name';
$arrFilterCommon[] = 'account_login LIKE :login';
$arrFilterCommon[] = 'account_url LIKE :url';
$arrFilterCommon[] = 'account_notes LIKE :notes';
$data['name'] = '%' . $this->_txtSearch . '%';
$data['login'] = '%' . $this->_txtSearch . '%';
$data['url'] = '%' . $this->_txtSearch . '%';
$data['notes'] = '%' . $this->_txtSearch . '%';
}
}
if ($this->_categoryId !== 0) {
$arrFilterSelect[] = 'category_id = :categoryId';
$data['categoryId'] = $this->_categoryId;
}
if ($this->_customerId !== 0) {
$arrFilterSelect[] = 'account_customerId = :customerId';
$data['customerId'] = $this->_customerId;
}
if (count($arrFilterCommon) > 0) {
$arrQueryWhere[] = '(' . implode(' OR ', $arrFilterCommon) . ')';
}
if (count($arrFilterSelect) > 0) {
$arrQueryWhere[] = '(' . implode(' AND ', $arrFilterSelect) . ')';
}
if (!$isAdmin && !$this->_globalSearch) {
$subQueryGroupsA = '(SELECT user_groupId FROM usrData WHERE user_id = :userIduA UNION ALL SELECT usertogroup_groupId FROM usrToGroups WHERE usertogroup_userId = :userIdgA)';
$subQueryGroupsB = '(SELECT user_groupId FROM usrData WHERE user_id = :userIduB UNION ALL SELECT usertogroup_groupId FROM usrToGroups WHERE usertogroup_userId = :userIdgB)';
$arrFilterUser[] = 'account_userGroupId IN ' . $subQueryGroupsA;
$arrFilterUser[] = 'accgroup_groupId IN ' . $subQueryGroupsB;
$arrFilterUser[] = 'account_userId = :userId';
$arrFilterUser[] = 'accuser_userId = :accuser_userId';
// Usuario/Grupo principal de la cuenta
$data['userId'] = Session::getUserId();
$data['accuser_userId'] = Session::getUserId();
$data['userIduA'] = Session::getUserId();
$data['userIduB'] = Session::getUserId();
$data['userIdgA'] = Session::getUserId();
$data['userIdgB'] = Session::getUserId();
// Usuario/Grupo secundario de la cuenta
// $data['userGroupId'] = Session::getUserGroupId();
// $data['accgroup_groupId'] = Session::getUserGroupId();
$arrQueryWhere[] = '(' . implode(' OR ', $arrFilterUser) . ')';
}
$orderDir = ($this->_sortOrder === 0) ? 'ASC' : 'DESC';
$queryOrder = 'ORDER BY ' . $orderKey . ' ' . $orderDir;
if ($this->_limitCount != 99) {
$queryLimit = 'LIMIT :limitStart,:limitCount';
$data['limitStart'] = $this->_limitStart;
$data['limitCount'] = $this->_limitCount;
}
if (count($arrQueryWhere) === 1) {
$queryWhere = ' WHERE ' . implode($arrQueryWhere);
} elseif (count($arrQueryWhere) > 1) {
$queryWhere = ' WHERE ' . implode(' AND ', $arrQueryWhere);
} else {
$queryWhere = '';
}
$query = 'SELECT DISTINCT ' .
'account_id,' .
'account_customerId,' .
'category_name,' .
'account_name,' .
'account_login,' .
'account_url,' .
'account_notes,' .
'account_userId,' .
'account_userGroupId,' .
'BIN(account_otherUserEdit) AS account_otherUserEdit,' .
'BIN(account_otherGroupEdit) AS account_otherGroupEdit,' .
'usergroup_name,' .
'customer_name,' .
'count(accfile_id) as num_files ' .
'FROM accounts ' .
'LEFT JOIN accFiles ON account_id = accfile_accountId ' .
'LEFT JOIN categories ON account_categoryId = category_id ' .
'LEFT JOIN usrGroups ug ON account_userGroupId = usergroup_id ' .
'LEFT JOIN customers ON customer_id = account_customerId ' .
'LEFT JOIN accUsers ON accuser_accountId = account_id ' .
'LEFT JOIN accGroups ON accgroup_accountId = account_id ' .
$queryWhere . ' ' .
'GROUP BY account_id ' .
$queryOrder . ' ' .
$queryLimit;
// print_r($query);
// error_log($query);
// Obtener el número total de cuentas visibles por el usuario
DB::setFullRowCount();
// Obtener los resultados siempre en array de objetos
DB::setReturnArray();
// Consulta de la búsqueda de cuentas
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
// print_r($query);
// var_dump($data);
return false;
}
// Obtenemos el número de registros totales de la consulta sin contar el LIMIT
self::$queryNumRows = DB::$lastNumRows;
// Establecer el filtro de búsqueda en la sesión como un objeto
Session::setSearchFilters($this);
return $queryRes;
}
/**
* Analizar la cadena de consulta por eqituetas especiales y devolver un array
* con las columnas y los valores a buscar.
*
* @return array|bool
*/
private function analyzeQueryString()
{
preg_match('/:(user|group|file)\s(.*)/i', $this->_txtSearch, $filters);
if (!is_array($filters) || count($filters) === 0) {
return false;
}
switch ($filters[1]) {
case 'user':
return array(
'account_userId' => UserUtil::getUserIdByLogin(Html::sanitize($filters[2])),
'accuser_userId' => UserUtil::getUserIdByLogin(Html::sanitize($filters[2]))
);
break;
case 'group':
return array(
'account_userGroupId' => Groups::getGroupIdByName(Html::sanitize($filters[2])),
'accgroup_groupId' => Groups::getGroupIdByName(Html::sanitize($filters[2]))
);
break;
case 'file':
return array(
'accfile_name' => Html::sanitize($filters[2])
);
break;
default:
return false;
}
}
/**
* Obtiene el número de cuentas que un usuario puede ver.
*
* @return false|int con el número de registros
*/
public function getAccountMax()
{
$data = null;
if (!Session::getUserIsAdminApp() && !Session::getUserIsAdminAcc()) {
$query = 'SELECT COUNT(DISTINCT account_id) as numacc '
. 'FROM accounts '
. 'LEFT JOIN accGroups ON account_id = accgroup_accountId '
. 'WHERE account_userGroupId = :userGroupId '
. 'OR account_userId = :userId '
. 'OR accgroup_groupId = :groupId';
$data['userGroupId'] = Session::getUserGroupId();
$data['groupId'] = Session::getUserGroupId();
$data['userId'] = Session::getUserId();
} else {
$query = "SELECT COUNT(*) as numacc FROM accounts";
}
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
return false;
}
return $queryRes->numacc;
}
}

217
inc/Acl.class.php Normal file
View File

@@ -0,0 +1,217 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Esta clase es la encargada de calcular las access lists de acceso a usuarios.
*/
class Acl implements Controller\ActionsInterface
{
/**
* Comprobar los permisos de acceso del usuario a los módulos de la aplicación.
* Esta función comprueba los permisos del usuario para realizar una acción.
* Si los permisos ya han sido obtenidos desde la BBDD, se utiliza el objeto creado
* en la variable de sesión.
*
* @param string $action con el nombre de la acción
* @param int $userId opcional, con el Id del usuario
* @return bool
*/
public static function checkUserAccess($action, $userId = 0)
{
// Comprobamos si la cache de permisos está inicializada
if (!is_object(Session::getUserProfile())) {
// error_log('ACL_CACHE_MISS');
return false;
}
$curUserIsAdminApp = Session::getUserIsAdminApp();
$curUserIsAdminAcc = Session::getUserIsAdminAcc();
$curUserProfile = Session::getUserProfile();
$curUserId = Session::getUserId();
switch ($action) {
case self::ACTION_ACC_VIEW:
return ($curUserIsAdminApp || $curUserIsAdminAcc || $curUserProfile->isAccView() || $curUserProfile->isAccEdit());
case self::ACTION_ACC_VIEW_PASS:
return ($curUserIsAdminApp || $curUserIsAdminAcc || $curUserProfile->isAccViewPass());
case self::ACTION_ACC_VIEW_HISTORY:
return ($curUserIsAdminApp || $curUserIsAdminAcc || $curUserProfile->isAccViewHistory());
case self::ACTION_ACC_EDIT:
return ($curUserIsAdminApp || $curUserIsAdminAcc || $curUserProfile->isAccEdit());
case self::ACTION_ACC_EDIT_PASS:
return ($curUserIsAdminApp || $curUserIsAdminAcc || $curUserProfile->isAccEditPass());
case self::ACTION_ACC_NEW:
return ($curUserIsAdminApp || $curUserIsAdminAcc || $curUserProfile->isAccAdd());
case self::ACTION_ACC_COPY:
return ($curUserIsAdminApp || $curUserIsAdminAcc || ($curUserProfile->isAccAdd() && $curUserProfile->isAccView()));
case self::ACTION_ACC_DELETE:
return ($curUserIsAdminApp || $curUserIsAdminAcc || $curUserProfile->isAccDelete());
case self::ACTION_ACC_FILES:
return ($curUserIsAdminApp || $curUserIsAdminAcc || $curUserProfile->isAccFiles());
case self::ACTION_MGM:
return ($curUserIsAdminApp || $curUserProfile->isMgmCategories() || $curUserProfile->isMgmCustomers());
case self::ACTION_CFG:
return ($curUserIsAdminApp || $curUserProfile->isConfigGeneral() || $curUserProfile->isConfigEncryption() || $curUserProfile->isConfigBackup() || $curUserProfile->isConfigImport());
case self::ACTION_CFG_GENERAL:
return ($curUserIsAdminApp || $curUserProfile->isConfigGeneral());
case self::ACTION_CFG_IMPORT:
return ($curUserIsAdminApp || $curUserProfile->isConfigImport());
case self::ACTION_MGM_CATEGORIES:
return ($curUserIsAdminApp || $curUserProfile->isMgmCategories());
case self::ACTION_MGM_CUSTOMERS:
return ($curUserIsAdminApp || $curUserProfile->isMgmCustomers());
case self::ACTION_MGM_CUSTOMFIELDS:
return ($curUserIsAdminApp || $curUserProfile->isMgmCustomFields());
case self::ACTION_CFG_ENCRYPTION:
return ($curUserIsAdminApp || $curUserProfile->isConfigEncryption());
case self::ACTION_CFG_BACKUP:
return ($curUserIsAdminApp || $curUserProfile->isConfigBackup());
case self::ACTION_USR:
return ($curUserIsAdminApp || $curUserProfile->isMgmUsers() || $curUserProfile->isMgmGroups() || $curUserProfile->isMgmProfiles());
case self::ACTION_USR_USERS:
return ($curUserIsAdminApp || $curUserProfile->isMgmUsers());
case self::ACTION_USR_USERS_EDITPASS:
return ($userId == $curUserId || $curUserIsAdminApp || $curUserProfile->isMgmUsers());
case self::ACTION_USR_GROUPS:
return ($curUserIsAdminApp || $curUserProfile->isMgmGroups());
case self::ACTION_USR_PROFILES:
return ($curUserIsAdminApp || $curUserProfile->isMgmProfiles());
case self::ACTION_MGM_APITOKENS:
return ($curUserIsAdminApp || $curUserProfile->isMgmApiTokens());
case self::ACTION_EVL:
return ($curUserIsAdminApp || $curUserProfile->isEvl());
}
Log::writeNewLog(__FUNCTION__, sprintf('%s \'%s\'', _('Denegado acceso a'), self::getActionName($action)));
return false;
}
/**
* Obtener el nombre de la acción indicada
*
* @param int $action El id de la acción
* @return string
*/
public static function getActionName($action, $shortName = false)
{
$actionName = array(
self::ACTION_ACC_SEARCH => array('acc_search', _('Buscar Cuentas')),
self::ACTION_ACC_VIEW => array('acc_view', _('Ver Cuenta')),
self::ACTION_ACC_COPY => array('acc_copy', _('Copiar Cuenta')),
self::ACTION_ACC_NEW => array('acc_new', _('Nueva Cuenta')),
self::ACTION_ACC_EDIT => array('acc_edit', _('Editar Cuenta')),
self::ACTION_ACC_EDIT_PASS => array('acc_editpass', _('Editar Clave de Cuenta')),
self::ACTION_ACC_VIEW_HISTORY => array('acc_viewhist', _('Ver Historial')),
self::ACTION_ACC_VIEW_PASS => array('acc_viewpass', _('Ver Clave')),
self::ACTION_ACC_DELETE => array('acc_delete', _('Eliminar Cuenta')),
self::ACTION_ACC_FILES => array('acc_files', _('Archivos')),
self::ACTION_ACC_REQUEST => array('acc_request', _('Peticiones')),
self::ACTION_MGM => array('mgm', _('Gestión Aplicación')),
self::ACTION_MGM_CATEGORIES => array('mgm_categories', _('Gestión Categorías')),
self::ACTION_MGM_CUSTOMERS => array('mgm_customers', _('Gestión Clientes')),
self::ACTION_MGM_CUSTOMFIELDS => array('mgm_customfields', _('Gestión Campos Personalizados')),
self::ACTION_MGM_APITOKENS => array('mgm_apitokens', _('Gestión Autorizaciones API')),
self::ACTION_USR => array('usr', _('Gestión Usuarios')),
self::ACTION_USR_USERS => array('usr_users', _('Gestión Usuarios')),
self::ACTION_USR_GROUPS => array('usr_groups', _('Gestión Grupos')),
self::ACTION_USR_PROFILES => array('usr_profiles', _('Gestión Perfiles')),
self::ACTION_CFG => array('cfg', _('Configuración')),
self::ACTION_CFG_GENERAL => array('cfg_general', _('Configuración General')),
self::ACTION_CFG_ENCRYPTION => array('cfg_encryption', _('Encriptación')),
self::ACTION_CFG_BACKUP => array('cfg_backup', _('Copia de Seguridad')),
self::ACTION_CFG_EXPORT => array('cfg_export', _('Exportar')),
self::ACTION_CFG_IMPORT => array('cfg_import', _('Importar')),
self::ACTION_EVL => 'evl'
);
if (!isset($actionName[$action])) {
return 'action';
}
if ($shortName){
return $actionName[$action][0];
}
return $actionName[$action][1];
}
/**
* Comprueba los permisos de acceso a una cuenta.
*
* @param string $module con la acción realizada
* @param array $accountData con los datos de la cuenta a verificar
* @return bool
*/
public static function checkAccountAccess($module, $accountData)
{
$userGroupId = Session::getUserGroupId();
$userId = Session::getUserId();
$userIsAdminApp = Session::getUserIsAdminApp();
$userIsAdminAcc = Session::getUserIsAdminAcc();
$userToGroups = false;
foreach($accountData['groups_id'] as $groupId){
$users = Groups::getUsersForGroup($groupId);
if ($userGroupId === $groupId || in_array($userId, $users)){
$userToGroups = true;
}
}
$okView = ($userId == $accountData['user_id']
|| $userGroupId == $accountData['group_id']
|| in_array($userId, $accountData['users_id'])
|| $userToGroups
|| $userIsAdminApp
|| $userIsAdminAcc);
$okEdit = ($userId == $accountData['user_id']
|| $userGroupId == $accountData['group_id']
|| (in_array($userId, $accountData['users_id']) && $accountData['otheruser_edit'])
|| ($userToGroups && $accountData['othergroup_edit'])
|| $userIsAdminApp
|| $userIsAdminAcc);
switch ($module) {
case self::ACTION_ACC_VIEW:
case self::ACTION_ACC_VIEW_PASS:
case self::ACTION_ACC_VIEW_HISTORY:
case self::ACTION_ACC_COPY:
return $okView;
case self::ACTION_ACC_EDIT:
case self::ACTION_ACC_DELETE:
case self::ACTION_ACC_EDIT_PASS:
return $okEdit;
}
return false;
}
}

159
inc/ActionLog.class.php Normal file
View File

@@ -0,0 +1,159 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP;
/**
* Clase abstracta ActionLog para la gestión de mensajes de eventos
*
* @package SP
*/
abstract class ActionLog
{
/**
* Constante de nueva línea para descriciones
*/
const NEWLINE_TXT = ';;';
/**
* Constante de nueva línea para descriciones en formato HTML
*/
const NEWLINE_HTML = '<br>';
/**
* Acción realizada
*
* @var string
*/
protected $_action = __CLASS__;
/**
* Detalles de la acción
*
* @var array
*/
protected $_description = null;
/**
* Formato de nueva línea en HTML
*
* @var bool
*/
protected $_newLineHtml = false;
/**
* Contructor
*
* @param $action string La acción realizada
* @param $description string La descripción de la acción realizada
*/
function __construct($action = null, $description = null)
{
if (!is_null($action)) {
$this->setAction($action);
}
if (!is_null($description)) {
$this->addDescription($description);
}
}
/**
* Devuelve la acción realizada
*
* @return string
*/
public function getAction()
{
return $this->_action;
}
/**
* Establece la acción realizada
*
* @param string $action
*/
public function setAction($action)
{
$this->_action = $this->formatString($action);
}
/**
* Devuelve la descripción de la acción realizada
*
* @return array
*/
public function getDescription()
{
if(is_null($this->_description)){
return '';
}
if (count($this->_description) > 1){
$newline = ($this->_newLineHtml === false) ? self::NEWLINE_TXT : self::NEWLINE_HTML;
return implode($newline, $this->_description);
}
return $this->_description[0];
}
/**
* Establece la descripción de la acción realizada
*
* @param string $description
*/
public function addDescription($description = '')
{
$this->_description[] = $this->formatString($description);
}
/**
* Formatear una cadena para guardarla en el registro
*
* @param $string string La cadena a formatear
* @return string
*/
private function formatString($string)
{
return strip_tags(utf8_encode($string));
}
/**
* Establecer el formato de nueva línea a HTML
*
* @param $bool bool
*/
public function setNewLineHtml($bool){
$this->_newLineHtml = $bool;
}
/**
* Restablecer la variable de descripcion
*/
public function resetDescription()
{
$this->_description = null;
}
}

62
inc/ActionsI.class.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace Controller;
interface ActionsI {
const ACTION__ACC_SEARCH = 1;
const ACTION_ACC_VIEW = 2;
const ACTION_ACC_VIEW_PASS = 3;
const ACTION_ACC_VIEW_HISTORY = 4;
const ACTION_ACC_EDIT = 10;
const ACTION_ACC_EDIT_PASS = 11;
const ACTION_ACC_NEW = 20;
const ACTION_ACC_COPY = 30;
const ACTION_ACC_DELETE = 40;
const ACTION_ACC_FILES = 50;
const ACTION_ACC_REQUEST = 51;
const ACTION_MGM = 60;
const ACTION_MGM_CATEGORIES = 61;
const ACTION_MGM_CUSTOMERS = 62;
const ACTION_USR = 70;
const ACTION_USR_USERS = 71;
const ACTION_USR_USERS_NEW = 711;
const ACTION_USR_USERS_EDIT = 712;
const ACTION_USR_USERS_EDITPASS = 713;
const ACTION_USR_GROUPS = 72;
const ACTION_USR_GROUPS_NEW = 721;
const ACTION_USR_GROUPS_EDIT = 722;
const ACTION_USR_PROFILES = 73;
const ACTION_USR_PROFILES_NEW = 731;
const ACTION_USR_PROFILES_EDIT = 732;
const ACTION_CFG = 80;
const ACTION_CFG_GENERAL = 81;
const ACTION_CFG_ENCRYPTION = 82;
const ACTION_CFG_ENCRYPTION_TEMPPASS = 83;
const ACTION_CFG_BACKUP = 84;
const ACTION_CFG_IMPORT = 85;
const ACTION_EVL = 90;
}

97
inc/ActionsInterface.class.php Normal file
View File

@@ -0,0 +1,97 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP\Controller;
/**
* Interface ActionsInterface para la definición de constantes de acciones disponibles.
*
* @package Controller
*/
interface ActionsInterface {
const ACTION_ACC_SEARCH = 1;
const ACTION_ACC_VIEW = 2;
const ACTION_ACC_VIEW_PASS = 3;
const ACTION_ACC_VIEW_HISTORY = 4;
const ACTION_ACC_EDIT = 10;
const ACTION_ACC_EDIT_PASS = 11;
const ACTION_ACC_EDIT_RESTORE = 12;
const ACTION_ACC_NEW = 20;
const ACTION_ACC_COPY = 30;
const ACTION_ACC_DELETE = 40;
const ACTION_ACC_FILES = 50;
const ACTION_ACC_REQUEST = 51;
const ACTION_MGM = 60;
const ACTION_MGM_CATEGORIES = 61;
const ACTION_MGM_CATEGORIES_VIEW = 610;
const ACTION_MGM_CATEGORIES_NEW = 611;
const ACTION_MGM_CATEGORIES_EDIT = 612;
const ACTION_MGM_CATEGORIES_DELETE = 613;
const ACTION_MGM_CUSTOMERS = 62;
const ACTION_MGM_CUSTOMERS_VIEW = 620;
const ACTION_MGM_CUSTOMERS_NEW = 621;
const ACTION_MGM_CUSTOMERS_EDIT = 622;
const ACTION_MGM_CUSTOMERS_DELETE = 623;
const ACTION_MGM_APITOKENS = 63;
const ACTION_MGM_APITOKENS_NEW = 630;
const ACTION_MGM_APITOKENS_VIEW = 631;
const ACTION_MGM_APITOKENS_EDIT = 632;
const ACTION_MGM_APITOKENS_DELETE = 633;
const ACTION_MGM_CUSTOMFIELDS = 64;
const ACTION_MGM_CUSTOMFIELDS_NEW = 640;
const ACTION_MGM_CUSTOMFIELDS_VIEW = 641;
const ACTION_MGM_CUSTOMFIELDS_EDIT = 642;
const ACTION_MGM_CUSTOMFIELDS_DELETE = 643;
const ACTION_USR = 70;
const ACTION_USR_USERS = 71;
const ACTION_USR_USERS_VIEW= 710;
const ACTION_USR_USERS_NEW = 711;
const ACTION_USR_USERS_EDIT = 712;
const ACTION_USR_USERS_DELETE = 713;
const ACTION_USR_USERS_EDITPASS = 714;
const ACTION_USR_GROUPS = 72;
const ACTION_USR_GROUPS_VIEW = 720;
const ACTION_USR_GROUPS_NEW = 721;
const ACTION_USR_GROUPS_EDIT = 722;
const ACTION_USR_GROUPS_DELETE = 723;
const ACTION_USR_PROFILES = 73;
const ACTION_USR_PROFILES_VIEW = 730;
const ACTION_USR_PROFILES_NEW = 731;
const ACTION_USR_PROFILES_EDIT = 732;
const ACTION_USR_PROFILES_DELETE = 733;
const ACTION_USR_PREFERENCES = 740;
const ACTION_USR_PREFERENCES_SECURITY = 741;
const ACTION_CFG = 80;
const ACTION_CFG_GENERAL = 81;
const ACTION_CFG_ENCRYPTION = 82;
const ACTION_CFG_ENCRYPTION_TEMPPASS = 83;
const ACTION_CFG_BACKUP = 84;
const ACTION_CFG_IMPORT = 85;
const ACTION_CFG_EXPORT = 86;
const ACTION_CFG_WIKI = 87;
const ACTION_CFG_LDAP = 88;
const ACTION_CFG_MAIL = 89;
const ACTION_EVL = 90;
}

212
inc/Api.class.php Normal file
View File

@@ -0,0 +1,212 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP;
use SP\Controller\ActionsInterface;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Class Api para la gestión de peticiones a la API de sysPass
*
* @package SP
*/
class Api
{
/**
* @var int
*/
private $_userId = 0;
/**
* @var int
*/
private $_actionId = 0;
/**
* @var bool
*/
private $_auth = false;
/**
* @var string
*/
private $_mPass = '';
/**
* @param $actionId int El id de la acción
* @param $authToken string El token de seguridad
* @param null $userPass string La clave del usuario
* @throws SPException
*/
public function __construct($actionId, $authToken, $userPass = null)
{
if (!Auth::checkAuthToken($actionId, $authToken)) {
throw new SPException(SPException::SP_CRITICAL, _('Acceso no permitido'));
}
$this->_userId = ApiTokens::getUserIdForToken($authToken);
$this->_actionId = $actionId;
$this->_auth = true;
if (!is_null($userPass)) {
$userLogin = UserUtil::getUserLoginById($this->_userId);
$User = new User();
$User->setUserId($this->_userId);
$User->setUserLogin($userLogin);
$User->setUserPass($userPass);
if (Auth::authUserMySQL($userLogin, $userPass)
&& !UserUtil::checkUserIsDisabled($userLogin)
&& UserUtil::checkUserMPass($User)
&& UserUtil::checkUserUpdateMPass($userLogin)
&& !$User->isUserChangePass()
) {
$this->_mPass = $User->getUserMPass(true);
} else {
throw new SPException(SPException::SP_CRITICAL, _('Acceso no permitido'));
}
}
Session::setUserId($this->_userId);
}
/**
* Devolver la clave de una cuenta
*
* @param $accountId
* @return string
*/
public function getAccountPassword($accountId)
{
$this->checkActionAccess(ActionsInterface::ACTION_ACC_VIEW_PASS);
$Account = new Account($accountId);
$Account->getAccountPassData();
$Account->incrementDecryptCounter();
$ret = array(
'accountId' => $accountId,
'pass' => Crypt::getDecrypt($Account->getAccountPass(), $Account->getAccountIV(), $this->_mPass)
);
return $this->wrapJSON($ret);
}
/**
* Comprobar el acceso a la acción
*
* @param $action
* @throws SPException
*/
private function checkActionAccess($action)
{
if ($this->_actionId !== $action) {
throw new SPException(SPException::SP_CRITICAL, _('Acceso no permitido'));
}
}
/**
* Devuelve una respuesta en formato JSON con el estado y el mensaje.
*
* @param string $data Los datos a devolver
* @return bool
* @throws SPException
*/
private function wrapJSON($data)
{
$arrStrFrom = array("\\", '"', "'");
$arrStrTo = array("\\", '\"', "\'");
if (is_array($data) || is_object($data)) {
array_walk($data,
function (&$value) use ($arrStrFrom, $arrStrTo) {
if (is_object($value)) {
foreach ($value as &$attribute) {
str_replace($arrStrFrom, $arrStrTo, $attribute);
}
return $value;
} else {
return str_replace($arrStrFrom, $arrStrTo, $value);
}
}
);
} else {
$data = str_replace($arrStrFrom, $arrStrTo, $data);
}
$json = json_encode(array(
'action' => Acl::getActionName($this->_actionId, true),
'data' => $data,
));
if ($json === false) {
throw new SPException(SPException::SP_CRITICAL, sprintf('%s : %s', _('Error de codificación'), json_last_error_msg()));
}
return $json;
}
/**
* Devolver los resultados de una búsqueda
*
* @param string $search El texto de búsqueda
* @param int $count El número de cuentas a mostrar
* @return string
* @throws SPException
*/
public function getAccountSearch($search, $count = 0)
{
$this->checkActionAccess(ActionsInterface::ACTION_ACC_SEARCH);
$Search = new AccountSearch();
$Search->setTxtSearch($search);
if ($count > 0) {
$Search->setLimitCount($count);
}
$ret = $Search->getAccounts();
return $this->wrapJSON($ret);
}
/**
* Devolver la clave de una cuenta
*
* @param $accountId
* @return string
*/
public function getAccountData($accountId)
{
$this->checkActionAccess(ActionsInterface::ACTION_ACC_VIEW);
$Account = new Account($accountId);
$ret = $Account->getAccountData();
$Account->incrementViewCounter();
return $this->wrapJSON($ret);
}
}

111
inc/ApiRequest.class.php Normal file
View File

@@ -0,0 +1,111 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Class ApiRequest encargada de atender la peticiones a la API de sysPass
*
* @package SP
*/
class ApiRequest extends Request
{
const ACTION_ID = 'a';
const USER = 'u';
const USER_PASS = 'up';
const AUTH_TOKEN = 't';
const ITEM = 'i';
const SEARCH = 's';
const SEARCH_COUNT = 'sc';
/**
* @var \stdClass
*/
private $_vars;
public function __construct(){
$authToken = self::analyze(self::AUTH_TOKEN);
$actionId = self::analyze(self::ACTION_ID, 0);
if (!$authToken || !$actionId){
throw new SPException(SPException::SP_WARNING, _('Parámetros incorrectos'));
}
$this->addVar('authToken', $authToken);
$this->addVar('actionId', $actionId);
$this->addVar('userPass', null);
}
/**
* Añade una nueva variable de petición al array
*
* @param $name string El nombre de la variable
* @param $value mixed El valor de la variable
*/
public function addVar($name, $value)
{
$this->_vars->$name = $value;
}
/**
* Obtiene una nueva instancia de la Api
*
* @return Api
*/
public function getApi()
{
return new Api($this->_vars->actionId, $this->_vars->authToken, $this->_vars->userPass);
}
/**
* Obtener el id de la acción
*
* @return int
*/
public function getAction()
{
return $this->_vars->actionId;
}
/**
* Devolver un array con la ayuda de parámetros
*
* @return array
*/
public static function getHelp()
{
return array(
self::AUTH_TOKEN => _('Token de autorización'),
self::ACTION_ID => _('Acción a realizar'),
self::USER_PASS => _('Clave de usuario (opcional)'),
self::SEARCH => _('Cadena a buscar'),
self::SEARCH_COUNT => _('Numero de cuentas a mostar en la búsqueda'),
self::ITEM => _('Item a devolver')
);
}
}

385
inc/ApiTokens.class.php Normal file
View File

@@ -0,0 +1,385 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
use SP\Controller\ActionsInterface;
/**
* Class ApiTokens para la gestión de autorizaciones de acceso a la API de sysPass
*
* @package SP
*/
class ApiTokens
{
/**
* @var int
*/
private $_tokenId = 0;
/**
* @var int
*/
private $_userId = 0;
/**
* @var int
*/
private $_actionId = 0;
/**
* @var string
*/
private $_token = '';
/**
* @var bool
*/
private $_refreshToken = false;
/**
* Obtener los tokens de la API
*
* @param int $tokenId opcional, con el Id del token a consultar
* @param bool $returnRawData Devolver la consulta tal cual
* @return array|object con la lista de tokens
*/
public static function getTokens($tokenId = null, $returnRawData = false)
{
$query = 'SELECT authtoken_id,' .
'authtoken_userId,' .
'authtoken_actionId, ' .
'authtoken_token, ' .
'user_login ' .
'FROM authTokens ' .
'LEFT JOIN usrData ON user_id = authtoken_userId ';
$data = null;
if (!is_null($tokenId)) {
$query .= "WHERE authtoken_id = :id LIMIT 1";
$data['id'] = $tokenId;
} else {
$query .= "ORDER BY user_login";
}
if (!$returnRawData) {
DB::setReturnArray();
}
$queryRes = DB::getResults($query, __FUNCTION__, $data);
if ($queryRes === false) {
return array();
}
if (!$returnRawData) {
foreach ($queryRes as &$token) {
$token->authtoken_actionId = Acl::getActionName($token->authtoken_actionId);
}
}
return $queryRes;
}
/**
* Devuelver un array de acciones posibles para los tokens
*
* @return array
*/
public static function getTokenActions()
{
$actions = array(
ActionsInterface::ACTION_ACC_SEARCH => Acl::getActionName(ActionsInterface::ACTION_ACC_SEARCH),
ActionsInterface::ACTION_ACC_VIEW => Acl::getActionName(ActionsInterface::ACTION_ACC_VIEW),
ActionsInterface::ACTION_ACC_VIEW_PASS => Acl::getActionName(ActionsInterface::ACTION_ACC_VIEW_PASS),
ActionsInterface::ACTION_ACC_DELETE => Acl::getActionName(ActionsInterface::ACTION_ACC_DELETE),
ActionsInterface::ACTION_CFG_BACKUP => Acl::getActionName(ActionsInterface::ACTION_CFG_BACKUP),
ActionsInterface::ACTION_CFG_EXPORT => Acl::getActionName(ActionsInterface::ACTION_CFG_EXPORT),
);
return $actions;
}
/**
* Obtener el usuario a partir del token
*
* @param $token string El token de autorización
* @return bool|mixed
* @throws SPException
*/
public static function getUserIdForToken($token)
{
$query = 'SELECT authtoken_userId FROM authTokens WHERE authtoken_token = :token LIMIT 1';
$data['token'] = $token;
try {
$queryRes = DB::getResults($query, __FUNCTION__, $data);
} catch (SPException $e) {
throw new SPException(SPException::SP_CRITICAL, _('Error interno'));
}
if (DB::$lastNumRows === 0) {
return false;
}
return $queryRes->authtoken_userId;
}
/**
* @param boolean $refreshToken
*/
public function setRefreshToken($refreshToken)
{
$this->_refreshToken = $refreshToken;
}
/**
* Añadir un nuevo token
*
* @throws SPException
*/
public function addToken()
{
$this->checkTokenExist();
if ($this->_refreshToken) {
$this->refreshToken();
}
$query = 'INSERT INTO authTokens ' .
'SET authtoken_userId = :userid,' .
'authtoken_actionId = :actionid,' .
'authtoken_createdBy = :createdby,' .
'authtoken_token = :token,' .
'authtoken_startDate = UNIX_TIMESTAMP()';
$data['userid'] = $this->_userId;
$data['actionid'] = $this->_actionId;
$data['createdby'] = Session::getUserId();
$data['token'] = ($this->getUserToken()) ? $this->_token : sha1(uniqid() . time());
try {
DB::getQuery($query, __FUNCTION__, $data);
} catch (SPException $e) {
throw new SPException(SPException::SP_CRITICAL, _('Error interno'));
}
$Log = new Log(_('Nueva Autorización'));
$Log->addDescription(sprintf('%s : %s', Html::strongText(_('Usuario')), UserUtil::getUserLoginById($this->_userId)));
$Log->writeLog();
Email::sendEmail($Log);
}
/**
* Comprobar si el token ya existe
*
* @return bool
* @throws SPException
*/
private function checkTokenExist()
{
$query = 'SELECT authtoken_id FROM authTokens ' .
'WHERE authtoken_userId = :userid ' .
'AND authtoken_actionId = :actionid ' .
'AND authtoken_id <> :id ' .
'LIMIT 1';
$data['id'] = $this->_tokenId;
$data['userid'] = $this->_userId;
$data['actionid'] = $this->_actionId;
try {
DB::getResults($query, __FUNCTION__, $data);
} catch (SPException $e) {
throw new SPException(SPException::SP_CRITICAL, _('Error interno'));
}
if (DB::$lastNumRows === 1) {
throw new SPException(SPException::SP_WARNING, _('La autorización ya existe'));
}
}
/**
* Regenerar el hash de los tokens de un usuario
*
* @throws SPException
*/
private function refreshToken()
{
$query = 'UPDATE authTokens SET ' .
'authtoken_token = :token,' .
'authtoken_startDate = UNIX_TIMESTAMP() ' .
'WHERE authtoken_userId = :userid';
$data['userid'] = $this->_userId;
$data['token'] = sha1(uniqid() . time());
try {
DB::getQuery($query, __FUNCTION__, $data);
} catch (SPException $e) {
throw new SPException(SPException::SP_CRITICAL, _('Error interno'));
}
}
/**
* Obtener el token de la API de un usuario
*
* @return bool
* @throws SPException
*/
private function getUserToken()
{
$query = 'SELECT authtoken_token FROM authTokens WHERE authtoken_userId = :userid LIMIT 1';
$data['userid'] = $this->_userId;
try {
$queryRes = DB::getResults($query, __FUNCTION__, $data);
} catch (SPException $e) {
throw new SPException(SPException::SP_CRITICAL, _('Error interno'));
}
if (DB::$lastNumRows === 0) {
return false;
}
$this->_token = $queryRes->authtoken_token;
return true;
}
/**
* Actualizar un token
*
* @throws SPException
*/
public function updateToken()
{
$this->checkTokenExist();
if ($this->_refreshToken) {
$this->refreshToken();
}
$query = 'UPDATE authTokens ' .
'SET authtoken_userId = :userid,' .
'authtoken_actionId = :actionid,' .
'authtoken_createdBy = :createdby,' .
'authtoken_token = :token,' .
'authtoken_startDate = UNIX_TIMESTAMP() ' .
'WHERE authtoken_id = :id LIMIT 1';
$data['id'] = $this->_tokenId;
$data['userid'] = $this->_userId;
$data['actionid'] = $this->_actionId;
$data['createdby'] = Session::getUserId();
$data['token'] = ($this->getUserToken()) ? $this->_token : sha1(uniqid() . time());
try {
DB::getQuery($query, __FUNCTION__, $data);
} catch (SPException $e) {
throw new SPException(SPException::SP_CRITICAL, _('Error interno'));
}
$Log = new Log(_('Actualizar Autorización'));
$Log->addDescription(sprintf('%s : %s', Html::strongText(_('Usuario')), UserUtil::getUserLoginById($this->_userId)));
$Log->writeLog();
Email::sendEmail($Log);
}
/**
* Eliminar token
*
* @throws SPException
*/
public function deleteToken()
{
$query = 'DELETE FROM authTokens WHERE authtoken_id = :id LIMIT 1';
$data['id'] = $this->_tokenId;
try {
DB::getQuery($query, __FUNCTION__, $data);
} catch (SPException $e) {
throw new SPException(SPException::SP_CRITICAL, _('Error interno'));
}
$Log = new Log(_('Eliminar Autorización'));
$Log->addDescription(sprintf('%d', $this->_tokenId));
$Log->writeLog();
Email::sendEmail($Log);
}
/**
* @return int
*/
public function getUserId()
{
return $this->_userId;
}
/**
* @param int $userId
*/
public function setUserId($userId)
{
$this->_userId = $userId;
}
/**
* @return int
*/
public function getTokenId()
{
return $this->_tokenId;
}
/**
* @param int $tokenId
*/
public function setTokenId($tokenId)
{
$this->_tokenId = $tokenId;
}
/**
* @return int
*/
public function getActionId()
{
return $this->_actionId;
}
/**
* @param int $actionId
*/
public function setActionId($actionId)
{
$this->_actionId = $actionId;
}
}

225
inc/Auth.class.php Normal file
View File

@@ -0,0 +1,225 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Esta clase es la encargada de realizar la autentificación de usuarios de sysPass.
*/
class Auth
{
static $userName;
static $userEmail;
/**
* Autentificación de usuarios con LDAP.
*
* @param string $userLogin con el login del usuario
* @param string $userPass con la clave del usuario
* @return int|bool Número de error o boolean
*/
public static function authUserLDAP($userLogin, $userPass)
{
if (!Util::ldapIsAvailable() || !Util::ldapIsEnabled() || !Ldap::checkLDAPParams()) {
return false;
}
$ldapGroupAccess = false;
$message['action'] = __FUNCTION__;
// Conectamos al servidor realizamos la conexión con el usuario proxy
try {
Ldap::ldapConnect();
Ldap::ldapBind();
Ldap::getUserDN($userLogin);
} catch (\Exception $e) {
return false;
}
$userDN = Ldap::$ldapSearchData[0]['dn'];
// Realizamos la conexión con el usuario real y obtenemos los atributos
try {
Ldap::ldapBind($userDN, $userPass);
$attribs = Ldap::getLDAPAttr();
} catch (\Exception $e) {
return ldap_errno(Ldap::getConn());
}
// Comprobamos si la cuenta está bloqueada o expirada
if (isset($attribs['expire']) && $attribs['expire'] > 0) {
return 701;
}
if (Ldap::getLdapGroup() !== '*') {
// Comprobamos que el usuario está en el grupo indicado buscando en los atributos del usuario
if (isset($attribs['group'])) {
if (is_array($attribs['group'])) {
foreach ($attribs['group'] as $group) {
if (is_int($group)) {
continue;
}
// Comprobamos que el usuario está en el grupo indicado
if (self::checkLDAPGroup($group)) {
$ldapGroupAccess = true;
break;
}
}
} else {
$ldapGroupAccess = self::checkLDAPGroup($attribs['group']);
}
// Comprobamos que el usuario está en el grupo indicado buscando en los atributos del grupo
} else {
$ldapGroupAccess = (Ldap::searchUserInGroup($userDN) || LdapADS::searchADUserInGroup($userLogin));
}
} else {
$ldapGroupAccess = true;
}
if ($ldapGroupAccess === false) {
$log = new Log(__FUNCTION__);
$log->addDescription(_('Usuario no pertenece al grupo'));
$log->addDescription(sprintf('%s : %s', _('Usuario'), $userDN));
$log->writeLog();
return 702;
}
self::$userName = (isset($attribs['name'])) ? $attribs['name'] : $userLogin;
self::$userEmail = (isset($attribs['mail'])) ? $attribs['mail'] : '';
return true;
}
/**
* Comprobar si el grupo de LDAP está habilitado.
*
* @param string $group con el nombre del grupo
* @return bool
*/
private static function checkLDAPGroup($group)
{
$ldapGroup = strtolower(Config::getValue('ldap_group'));
$groupName = array();
preg_match('/^cn=([\w\s-]+),.*/i', $group, $groupName);
if (strtolower($groupName[1]) == $ldapGroup || strtolower($group) == $ldapGroup) {
return true;
}
return false;
}
/**
* Autentificación de usuarios con MySQL.
*
* Esta función comprueba la clave del usuario. Si el usuario necesita ser migrado desde phpPMS,
* se ejecuta el proceso para actualizar la clave.
*
* @param string $userLogin con el login del usuario
* @param string $userPass con la clave del usuario
* @return bool
*/
public static function authUserMySQL($userLogin, $userPass)
{
if (UserUtil::checkUserIsMigrate($userLogin)) {
if (!UserUtil::migrateUser($userLogin, $userPass)) {
return false;
}
}
$query = 'SELECT user_login, user_pass '
. 'FROM usrData '
. 'WHERE user_login = :login AND user_isMigrate = 0 '
. 'AND user_pass = SHA1(CONCAT(user_hashSalt, :pass)) LIMIT 1';
$data['login'] = $userLogin;
$data['pass'] = $userPass;
$ret = (DB::getQuery($query, __FUNCTION__, $data) === true && DB::$lastNumRows === 1);
return $ret;
}
/**
* Proceso para la recuperación de clave.
*
* @param string $login con el login del usuario
* @param string $email con el email del usuario
* @return bool
*/
public static function mailPassRecover($login, $email)
{
if (UserUtil::checkUserMail($login, $email)
&& !UserUtil::checkUserIsDisabled($login)
&& !UserLdap::checkUserIsLDAP($login)
&& !UserUtil::checkPassRecoverLimit($login)
) {
$hash = Util::generate_random_bytes();
$log = new Log(_('Cambio de Clave'));
$log->addDescription(Html::strongText(_('Se ha solicitado el cambio de su clave de usuario.')));
$log->addDescription();
$log->addDescription(_('Para completar el proceso es necesario que acceda a la siguiente URL:'));
$log->addDescription();
$log->addDescription(Html::anchorText(Init::$WEBURI . '/index.php?a=passreset&h=' . $hash . '&t=' . time()));
$log->addDescription('');
$log->addDescription(_('Si no ha solicitado esta acción, ignore este mensaje.'));
return (Email::sendEmail($log, $email, false) && UserUtil::addPassRecover($login, $hash));
} else {
return false;
}
}
/**
* Comprobar el token de seguridad
*
* @param $userId int El id del usuario
* @param $actionId int El id de la accion
* @param $token string El token de seguridad
* @return bool
*/
public static function checkAuthToken($actionId, $token)
{
$query = 'SELECT authtoken_id FROM authTokens ' .
'WHERE authtoken_actionId = :actionId ' .
'AND authtoken_token = :token ' .
'LIMIT 1';
$data['actionId'] = $actionId;
$data['token'] = $token;
DB::getQuery($query, __FUNCTION__, $data);
return (DB::$lastNumRows === 1);
}
}

142
inc/Auth2FA.class.php Normal file
View File

@@ -0,0 +1,142 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace SP\Auth;
use SP\Exts\Google2FA;
use SP\Exts\Base2n;
use SP\UserUtil;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Class Auth2FA
*
* @package SP\Auth
*/
class Auth2FA
{
/**
* @var int
*/
private $_timestamp = 0;
/**
* @var string
*/
private $_initializationKey = '';
/**
* @var string
*/
private $_totp = '';
/**
* @var int
*/
private $_userId = 0;
/**
* @var string
*/
private $_userLogin = '';
public function __construct($userId, $userLogin = null)
{
$this->_userId = $userId;
$this->_userLogin = $userLogin;
$this->_initializationKey = $this->genUserInitializationKey();
}
/**
* @param int $userId
*/
public function setUserId($userId)
{
$this->_userId = $userId;
}
/**
* @param string $userLogin
*/
public function setUserLogin($userLogin)
{
$this->_userLogin = $userLogin;
}
/**
* Verificar el código de 2FA
*
* @param $key
* @return bool
*/
public function verifyKey($key)
{
return Google2FA::verify_key($this->_initializationKey, $key);
}
public function getUserQRUrl(){
$qrUrl = 'https://www.google.com/chart?chs=150x150&chld=M|0&cht=qr&chl=';
$qrUrl .= urlencode('otpauth://totp/sysPass:syspass/' . $this->_userLogin . '?secret=' . $this->_initializationKey . '&issuer=sysPass');
return $qrUrl;
}
public function getUserQRCode()
{
$ch = curl_init($this->getUserQRUrl());
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, "sysPass 2FA");
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
$data = curl_exec($ch);
curl_close($ch);
if ($data === false) {
return false;
}
return base64_encode($data);
}
public function checkUserToken($userToken)
{
$timeStamp = Google2FA::get_timestamp();
$secretkey = Google2FA::base32_decode($this->_initializationKey);
$totp = Google2FA::oath_totp($secretkey, $timeStamp);
error_log($totp . '/' . $userToken);
return ($totp == $userToken);
}
private function genUserInitializationKey()
{
$userIV = UserUtil::getUserIVById($this->_userId);
$base32 = new Base2n(5, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', false, true, true);
$key = substr($base32->encode($userIV), 0, 16);
return $key;
}
}

83
inc/backup.class.php → inc/Backup.class.php
View File

@@ -23,12 +23,14 @@
*
*/
namespace SP;
defined('APP_ROOT') || die(_('No es posible acceder directamente a este archivo'));
/**
* Esta clase es la encargada de realizar la copia y restauración de sysPass.
*/
class SP_Backup
class Backup
{
/**
* Realizar backup de la BBDD y aplicación.
@@ -37,24 +39,23 @@ class SP_Backup
*/
public static function doBackup()
{
$siteName = SP_Html::getAppInfo('appname');
$backupDir = SP_Init::$SERVERROOT;
$siteName = Util::getAppInfo('appname');
$backupDir = Init::$SERVERROOT;
// Generar hash unico para evitar descargas no permitidas
$backupUniqueHash = uniqid();
Config::setValue('backup_hash', $backupUniqueHash);
$backupDstDir = $backupDir . DIRECTORY_SEPARATOR . 'backup';
$bakFileApp = $backupDstDir . DIRECTORY_SEPARATOR . $siteName . '.tar';
$bakFileDB = $backupDstDir . DIRECTORY_SEPARATOR . $siteName . '_db.sql';
$bakFileApp = $backupDstDir . DIRECTORY_SEPARATOR . $siteName . '-' . $backupUniqueHash . '.tar';
$bakFileDB = $backupDstDir . DIRECTORY_SEPARATOR . $siteName . '_db-' . $backupUniqueHash . '.sql';
try {
self::checkBackupDir($backupDstDir);
self::backupTables('*', $bakFileDB);
self::backupApp($bakFileApp);
} catch (Exception $e) {
$message['action'] = __FUNCTION__;
$message['text'][] = $e->getMessage();
SP_Log::wrLogInfo($message);
SP_Common::sendEmail($message);
} catch (\Exception $e) {
Log::writeNewLogAndEmail(__FUNCTION__, $e->getMessage());
return false;
}
@@ -67,12 +68,12 @@ class SP_Backup
*
* @param string $tables
* @param string $backupFile
* @throws Exception
* @throws SPException
* @return bool
*/
private static function backupTables($tables = '*', $backupFile)
{
$dbname = SP_Config::getValue("dbname");
$dbname = Config::getValue("dbname");
try {
$handle = fopen($backupFile, 'w');
@@ -105,10 +106,14 @@ class SP_Backup
$sqlOut .= $txtCreate->{'Create Table'} . ';' . PHP_EOL . PHP_EOL;
fwrite($handle, $sqlOut);
// Consulta para obtener los registros de la tabla
$queryRes = DB::getResults('SELECT * FROM ' . $tableName, __FUNCTION__, false, true);
DB::setReturnRawData();
while ($row = $queryRes->fetch_row()) {
// Consulta para obtener los registros de la tabla
$queryRes = DB::getResults('SELECT * FROM ' . $tableName, __FUNCTION__);
$numColumns = $queryRes->columnCount();
while ($row = $queryRes->fetch(\PDO::FETCH_NUM)) {
fwrite($handle, 'INSERT INTO `' . $tableName . '` VALUES(');
$field = 1;
@@ -116,10 +121,10 @@ class SP_Backup
if (is_numeric($value)) {
fwrite($handle, $value);
} else {
fwrite($handle, '"' . DB::escape($value) . '"');
fwrite($handle, DB::escape($value));
}
if ($field < $queryRes->field_count) {
if ($field < $numColumns) {
fwrite($handle, ',');
}
@@ -128,6 +133,8 @@ class SP_Backup
fwrite($handle, ');' . PHP_EOL);
}
fwrite($handle, PHP_EOL . PHP_EOL);
DB::setReturnRawData(false);
}
$sqlOut = '--' . PHP_EOL;
@@ -138,8 +145,8 @@ class SP_Backup
fwrite($handle, $sqlOut);
fclose($handle);
} catch (Exception $e) {
throw new Exception($e->getMessage());
} catch (\Exception $e) {
throw new SPException(SPException::SP_CRITICAL, $e->getMessage());
}
return true;
@@ -149,18 +156,16 @@ class SP_Backup
* Realizar un backup de la aplicación y comprimirlo.
*
* @param string $backupFile nombre del archivo de backup
* @throws Exception
* @throws SPException
* @return bool
*/
private static function backupApp($backupFile)
{
if (!class_exists('PharData')) {
if (SP_Util::runningOnWindows()) {
throw new Exception(_('Esta operación sólo es posible en entornos Linux'));
}
if (!self::backupAppLegacyLinux($backupFile)) {
throw new Exception(_('Error al realizar backup en modo compatibilidad'));
if (Util::runningOnWindows()) {
throw new SPException(SPException::SP_CRITICAL, _('Esta operación sólo es posible en entornos Linux'));
} elseif (!self::backupAppLegacyLinux($backupFile)) {
throw new SPException(SPException::SP_CRITICAL, _('Error al realizar backup en modo compatibilidad'));
}
return true;
@@ -173,13 +178,13 @@ class SP_Backup
unlink($compressedFile);
}
$archive = new PharData($backupFile);
$archive->buildFromDirectory(SP_Init::$SERVERROOT);
$archive->compress(Phar::GZ);
$archive = new \PharData($backupFile);
$archive->buildFromDirectory(Init::$SERVERROOT);
$archive->compress(\Phar::GZ);
unlink($backupFile);
} catch (Exception $e) {
throw new Exception($e->getMessage());
} catch (\Exception $e) {
throw new SPException(SPException::SP_CRITICAL, $e->getMessage());
}
return file_exists($backupFile);
@@ -194,7 +199,7 @@ class SP_Backup
private static function backupAppLegacyLinux($backupFile)
{
$compressedFile = $backupFile . '.gz';
$backupDir = SP_Init::$SERVERROOT;
$backupDir = Init::$SERVERROOT;
$bakDstDir = $backupDir . '/backup';
$command = 'tar czf ' . $compressedFile . ' ' . $backupDir . ' --exclude "' . $bakDstDir . '" 2>&1';
@@ -207,21 +212,21 @@ class SP_Backup
* Comprobar y crear el directorio de backups.
*
* @param string $backupDir ruta del directorio de backup
* @throws Exception
* @throws SPException
* @return bool
*/
private static function checkBackupDir($backupDir)
{
if (!is_dir($backupDir)) {
if (!@mkdir($backupDir, 0550)) {
throw new Exception(('No es posible crear el directorio de backups') . ' (' . $backupDir . ')');
throw new SPException(SPException::SP_CRITICAL, _('No es posible crear el directorio de backups') . ' (' . $backupDir . ')');
}
}
if (!is_writable($backupDir)) {
throw new Exception(_('Compruebe los permisos del directorio de backups'));
throw new SPException(SPException::SP_CRITICAL, _('Compruebe los permisos del directorio de backups'));
}
return true;
}
}
}

39
inc/Base.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
define('MODEL_PATH', __DIR__);
define('CONTROLLER_PATH', __DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'web');
define('VIEW_PATH', __DIR__ . DIRECTORY_SEPARATOR . 'themes');
define('EXTENSIONS_PATH', __DIR__ . DIRECTORY_SEPARATOR . 'ext');
define('DEBUG', false);
require MODEL_PATH . DIRECTORY_SEPARATOR . 'Init.class.php';
// Empezar a calcular el tiempo y memoria utilizados
$memInit = memory_get_usage();
$timeStart = \SP\Init::microtime_float();
// Inicializar sysPass
\SP\Init::start();

Some files were not shown because too many files have changed in this diff Show More