Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-05 08:04:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
9f00a62a390c48c4f0edfcf2d91beaf7a62320c7
sysPass/ajax/ajax_configSave.php
nuxsmin 7ba7c7e667 * [ADD] Profiles are stored as objects in DB, so it makes more flexible adding new modules without modifying the DB structure. DB upgrade required. 
* [ADD] New log class for better action events handling.
* [ADD] New email class which uses Log class attributes for message composing.
* [ADD] New Request class for managing POST/GET requests.
* [MOD] Almost whole session vars are managed through Session class.
* [MOD] Minor fixes on templates
2015-06-29 00:31:50 +02:00

233 lines
10 KiB
PHP
Raw Blame History

<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
SP\Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Common::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SP\Common::checkSessionKey($sk)) {
SP\Common::printJSON(_('CONSULTA INVÁLIDA'));
}
// Variables POST del formulario
$actionId = SP\Request::analyze('actionId', 0);
$activeTab = SP\Request::analyze('activeTab', 0);
$doActionOnClose = "doAction($actionId,'',$activeTab);";
if ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_GENERAL) {
$siteLang = SP\Request::analyze('sitelang');
$sessionTimeout = SP\Request::analyze('session_timeout', 300);
$logEnabled = SP\Request::analyze('log_enabled', false, false, true);
$debugEnabled = SP\Request::analyze('debug', false, false, true);
$maintenanceEnabled = SP\Request::analyze('maintenance', false, false, true);
$checkUpdatesEnabled = SP\Request::analyze('updates', false, false, true);
$filesEnabled = SP\Request::analyze('files_enabled', false, false, true);
$globalSearchEnabled = SP\Request::analyze('globalsearch', false, false, true);
$accountLinkEnabled = SP\Request::analyze('account_link', false, false, true);
$accountCount = SP\Request::analyze('account_count', 10);
$filesAllowedSize = SP\Request::analyze('files_allowed_size', 1024);
$filesAllowedExts = SP\Request::analyze('files_allowed_exts');
$resultsAsCardsEnabled = SP\Request::analyze('resultsascards', false, false, true);
$wikiEnabled = SP\Request::analyze('wiki_enabled', false, false, true);
$wikiSearchUrl = SP\Request::analyze('wiki_searchurl');
$wikiPageUrl = SP\Request::analyze('wiki_pageurl');
$wikiFilter = SP\Request::analyze('wiki_filter');
$ldapEnabled = SP\Request::analyze('ldap_enabled', false, false, true);
$ldapADSEnabled = SP\Request::analyze('ldap_ads', false, false, true);
$ldapServer = SP\Request::analyze('ldap_server');
$ldapBase = SP\Request::analyze('ldap_base');
$ldapGroup = SP\Request::analyze('ldap_group');
$ldapDefaultGroup = SP\Request::analyze('ldap_defaultgroup', 0);
$ldapDefaultProfile = SP\Request::analyze('ldap_defaultprofile', 0);
$ldapBindUser = SP\Request::analyze('ldap_binduser');
$ldapBindPass = SP\Request::analyze('ldap_bindpass', '', false, false, false);
$mailEnabled = SP\Request::analyze('mail_enabled', false, false, true);
$mailServer = SP\Request::analyze('mail_server');
$mailPort = SP\Request::analyze('mail_port', 25);
$mailUser = SP\Request::analyze('mail_user');
$mailPass = SP\Request::analyze('mail_pass', '', false, false, false);
$mailSecurity = SP\Request::analyze('mail_security');
$mailFrom = SP\Request::analyze('mail_from');
$mailRequests = SP\Request::analyze('mail_requestsenabled', false, false, true);
$mailAuth = SP\Request::analyze('mail_authenabled', false, false, true);
if ($accountCount == 'all') {
$accountCount = 99;
}
// Valores para la conexión a la Wiki
if ($wikiEnabled && (!$wikiSearchUrl || !$wikiPageUrl || !$wikiFilter)) {
SP\Common::printJSON(_('Faltan parámetros de Wiki'));
} elseif ($wikiEnabled) {
SP\Config::setValue('wiki_enabled', true);
SP\Config::setValue('wiki_searchurl', $wikiSearchUrl);
SP\Config::setValue('wiki_pageurl', $wikiPageUrl);
SP\Config::setValue('wiki_filter', $wikiFilter);
} else {
SP\Config::setValue('wiki_enabled', false);
}
// Valores para la configuración de LDAP
if ($ldapEnabled && (!$ldapServer || !$ldapBase || !$ldapBindUser)) {
SP\Common::printJSON(_('Faltan parámetros de LDAP'));
} elseif ($ldapEnabled) {
SP\Config::setValue('ldap_enabled', true);
SP\Config::setValue('ldap_ads', $ldapADSEnabled);
SP\Config::setValue('ldap_server', $ldapServer);
SP\Config::setValue('ldap_base', $ldapBase);
SP\Config::setValue('ldap_group', $ldapGroup);
SP\Config::setValue('ldap_defaultgroup', $ldapDefaultGroup);
SP\Config::setValue('ldap_defaultprofile', $ldapDefaultProfile);
SP\Config::setValue('ldap_binduser', $ldapBindUser);
SP\Config::setValue('ldap_bindpass', $ldapBindPass);
} else {
SP\Config::setValue('ldap_enabled', false);
}
// Valores para la configuración del Correo
if ($mailEnabled && (!$mailServer || !$mailFrom)) {
SP\Common::printJSON(_('Faltan parámetros de Correo'));
} elseif ($mailEnabled) {
SP\Config::setValue('mail_enabled', true);
SP\Config::setValue('mail_requestsenabled', $mailRequests);
SP\Config::setValue('mail_server', $mailServer);
SP\Config::setValue('mail_port', $mailPort);
SP\Config::setValue('mail_security', $mailSecurity);
SP\Config::setValue('mail_from', $mailFrom);
if ($mailAuth) {
SP\Config::setValue('mail_authenabled', $mailAuth);
SP\Config::setValue('mail_user', $mailUser);
SP\Config::setValue('mail_pass', $mailPass);
}
} else {
SP\Config::setValue('mail_enabled', false);
SP\Config::setValue('mail_requestsenabled', false);
SP\Config::setValue('mail_authenabled', false);
}
if ($filesEnabled && $filesAllowedSize > 16384) {
SP\Common::printJSON(_('El tamaño máximo de archivo es de 16MB'));
}
SP\Config::setValue('account_link', $accountLinkEnabled);
SP\Config::setValue('account_count', $accountCount);
SP\Config::setValue('sitelang', $siteLang);
SP\Config::setValue('session_timeout', $sessionTimeout);
SP\Config::setValue('log_enabled', $logEnabled);
SP\Config::setValue('debug', $debugEnabled);
SP\Config::setValue('maintenance', $maintenanceEnabled);
SP\Config::setValue('checkupdates', $checkUpdatesEnabled);
SP\Config::setValue('files_enabled', $filesEnabled);
SP\Config::setValue('files_allowed_exts', $filesAllowedExts);
SP\Config::setValue('files_allowed_size', $filesAllowedSize);
SP\Config::setValue('resultsascards', $resultsAsCardsEnabled);
SP\Config::setValue('globalsearch', $globalSearchEnabled);
$message['action'] = _('Modificar Configuración');
SP\Log::writeNewLogAndEmail(_('Modificar Configuración'));
// Recargar la aplicación completa para establecer nuevos valores
SP\Util::reload();
SP\Common::printJSON(_('Configuración actualizada'), 0, $doActionOnClose);
} elseif ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_ENCRYPTION) {
$currentMasterPass = SP\Request::analyze('curMasterPwd', '', false, false, false);
$newMasterPass = SP\Request::analyze('newMasterPwd', '', false, false, false);
$newMasterPassR = SP\Request::analyze('newMasterPwdR', '', false, false, false);
$confirmPassChange = SP\Request::analyze('confirmPassChange', 0, false, 1);
$noAccountPassChange = SP\Request::analyze('chkNoAccountChange', 0, false, 1);
if (!SP\Users::checkUserUpdateMPass()) {
SP\Common::printJSON(_('Clave maestra actualizada') . ';;' . _('Reinicie la sesión para cambiarla'));
} elseif ($newMasterPass == '' && $currentMasterPass == '') {
SP\Common::printJSON(_('Clave maestra no indicada'));
} elseif ($confirmPassChange == 0) {
SP\Common::printJSON(_('Se ha de confirmar el cambio de clave'));
} elseif ($newMasterPass == $currentMasterPass) {
SP\Common::printJSON(_('Las claves son idénticas'));
} elseif ($newMasterPass != $newMasterPassR) {
SP\Common::printJSON(_('Las claves maestras no coinciden'));
} elseif (!SP\Crypt::checkHashPass($currentMasterPass, SP\Config::getConfigDbValue('masterPwd'))) {
SP\Common::printJSON(_('La clave maestra actual no coincide'));
}
$hashMPass = SP\Crypt::mkHashPassword($newMasterPass);
if (!$noAccountPassChange) {
$account = new SP\Account();
if (!$account->updateAccountsMasterPass($currentMasterPass, $newMasterPass)) {
SP\Common::printJSON(_('Errores al actualizar las claves de las cuentas'));
}
$accountHistory = new SP\AccountHistory();
if (!$accountHistory->updateAccountsMasterPass($currentMasterPass, $newMasterPass, $hashMPass)) {
SP\Common::printJSON(_('Errores al actualizar las claves de las cuentas del histórico'));
}
}
if (SP\Util::demoIsEnabled()) {
SP\Common::printJSON(_('Ey, esto es una DEMO!!'));
}
SP\Config::getConfigDb();
SP\Config::setArrConfigValue('masterPwd', $hashMPass);
SP\Config::setArrConfigValue('lastupdatempass', time());
if (SP\Config::writeConfigDb()) {
SP\Log::writeNewLogAndEmail(_('Actualizar Clave Maestra'));
SP\Common::printJSON(_('Clave maestra actualizada'), 0);
} else {
SP\Common::printJSON(_('Error al guardar el hash de la clave maestra'));
}
} elseif ($actionId === SP\Controller\ActionsInterface::ACTION_CFG_ENCRYPTION_TEMPPASS) {
$tempMasterMaxTime = SP\Request::analyze('tmpass_maxtime', 3600);
$tempMasterPass = SP\Config::setTempMasterPass($tempMasterMaxTime);
if (!empty($tempMasterPass)) {
SP\Email::sendEmail(new \SP\Log(_('Generar Clave Temporal'),SP\Html::strongText(_('Clave') . ': ') . $tempMasterPass));
SP\Common::printJSON(_('Clave Temporal Generada'), 0, $doActionOnClose);
}
} else {
SP\Common::printJSON(_('Acción Inválida'));
}
Reference in New Issue View Git Blame Copy Permalink