/**
  * Show accounts associated to an item
  *
  * @since version 0.84
  *
  * @param $item            CommonDBTM object for which associated accounts must be displayed
  * @param $withtemplate    (default '')
  **/
 static function showForItem(CommonDBTM $item, $withtemplate = '')
 {
     global $DB, $CFG_GLPI;
     $ID = $item->getField('id');
     if ($item->isNewID($ID)) {
         return false;
     }
     if (!plugin_accounts_haveRight('accounts', 'r')) {
         return false;
     }
     if (!$item->can($item->fields['id'], 'r')) {
         return false;
     }
     if (empty($withtemplate)) {
         $withtemplate = 0;
     }
     $canedit = $item->canadditem('PluginAccountsAccount');
     $rand = mt_rand();
     $is_recursive = $item->isRecursive();
     $who = Session::getLoginUserID();
     if (count($_SESSION["glpigroups"]) && plugin_accounts_haveRight("my_groups", "r")) {
         $first_groups = true;
         $groups = "";
         foreach ($_SESSION['glpigroups'] as $val) {
             if (!$first_groups) {
                 $groups .= ",";
             } else {
                 $first_groups = false;
             }
             $groups .= "'" . $val . "'";
         }
         $ASSIGN = "( `groups_id` IN ({$groups}) OR `users_id` = '{$who}') ";
     } else {
         // Only personal ones
         $ASSIGN = " `users_id` = '{$who}' ";
     }
     $query = "SELECT `glpi_plugin_accounts_accounts_items`.`id` AS assocID,\n                       `glpi_entities`.`id` AS entity,\n                       `glpi_plugin_accounts_accounts`.`name` AS assocName,\n                       `glpi_plugin_accounts_accounts`.*\n                FROM `glpi_plugin_accounts_accounts_items`\n                LEFT JOIN `glpi_plugin_accounts_accounts`\n                 ON (`glpi_plugin_accounts_accounts_items`.`plugin_accounts_accounts_id`=`glpi_plugin_accounts_accounts`.`id`)\n                LEFT JOIN `glpi_entities` ON (`glpi_plugin_accounts_accounts`.`entities_id`=`glpi_entities`.`id`)\n                WHERE `glpi_plugin_accounts_accounts_items`.`items_id` = '{$ID}'\n                      AND `glpi_plugin_accounts_accounts_items`.`itemtype` = '" . $item->getType() . "' ";
     $query .= getEntitiesRestrictRequest(" AND", "glpi_plugin_accounts_accounts", '', '', true);
     if (!plugin_accounts_haveRight("all_users", "r")) {
         $query .= " AND {$ASSIGN} ";
     }
     $query .= " ORDER BY `assocName`";
     $result = $DB->query($query);
     $number = $DB->numrows($result);
     $i = 0;
     $accounts = array();
     $account = new PluginAccountsAccount();
     $used = array();
     if ($numrows = $DB->numrows($result)) {
         while ($data = $DB->fetch_assoc($result)) {
             $accounts[$data['assocID']] = $data;
             $used[$data['id']] = $data['id'];
         }
     }
     if ($canedit && $withtemplate < 2) {
         // Restrict entity for knowbase
         $entities = "";
         $entity = $_SESSION["glpiactive_entity"];
         if ($item->isEntityAssign()) {
             /// Case of personal items : entity = -1 : create on active entity (Reminder case))
             if ($item->getEntityID() >= 0) {
                 $entity = $item->getEntityID();
             }
             if ($item->isRecursive()) {
                 $entities = getSonsOf('glpi_entities', $entity);
             } else {
                 $entities = $entity;
             }
         }
         $limit = getEntitiesRestrictRequest(" AND ", "glpi_plugin_accounts_accounts", '', $entities, true);
         $q = "SELECT COUNT(*)\n               FROM `glpi_plugin_accounts_accounts`\n               WHERE `is_deleted` = '0'\n               {$limit}";
         $result = $DB->query($q);
         $nb = $DB->result($result, 0, 0);
         echo "<div class='firstbloc'>";
         if (plugin_accounts_haveRight('accounts', 'r') && $nb > count($used)) {
             echo "<form name='account_form{$rand}' id='account_form{$rand}' method='post'\n                   action='" . Toolbox::getItemTypeFormURL('PluginAccountsAccount') . "'>";
             echo "<table class='tab_cadre_fixe'>";
             echo "<tr class='tab_bg_1'>";
             echo "<td colspan='4' class='center'>";
             echo "<input type='hidden' name='entities_id' value='{$entity}'>";
             echo "<input type='hidden' name='is_recursive' value='{$is_recursive}'>";
             echo "<input type='hidden' name='itemtype' value='" . $item->getType() . "'>";
             echo "<input type='hidden' name='items_id' value='{$ID}'>";
             if ($item->getType() == 'Ticket') {
                 echo "<input type='hidden' name='tickets_id' value='{$ID}'>";
             }
             $account->dropdownAccounts("plugin_accounts_accounts_id", $entities, $used);
             echo "</td><td class='center' width='20%'>";
             echo "<input type='submit' name='additem' value=\"" . _sx('button', 'Associate a account', 'accounts') . "\" class='submit'>";
             echo "</td>";
             echo "</tr>";
             echo "</table>";
             Html::closeForm();
         }
         echo "</div>";
     }
     echo "<div class='spaced'>";
     if ($canedit && $number && $withtemplate < 2) {
         Html::openMassiveActionsForm('mass' . __CLASS__ . $rand);
         $massiveactionparams = array('num_displayed' => $number);
         Html::showMassiveActions(__CLASS__, $massiveactionparams);
     }
     echo "<table class='tab_cadre_fixe'>";
     if (Session::isMultiEntitiesMode()) {
         $colsup = 1;
     } else {
         $colsup = 0;
     }
     //hash
     $hashclass = new PluginAccountsHash();
     $hash = 0;
     $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', $item->getEntityID(), $hashclass->maybeRecursive());
     $hashes = getAllDatasFromTable("glpi_plugin_accounts_hashes", $restrict);
     if (!empty($hashes)) {
         foreach ($hashes as $hashe) {
             $hash = $hashe["hash"];
             $hash_id = $hashe["id"];
         }
         $alert = '';
     } else {
         $alert = __('There is no encryption key for this entity', 'accounts');
     }
     $aeskey = new PluginAccountsAesKey();
     if ($hash) {
         if (!$aeskey->getFromDBByHash($hash_id) || !$aeskey->fields["name"]) {
             echo "<tr><th colspan='" . (8 + $colsup) . "'>";
             _e('Encryption key', 'accounts');
             echo "<input type='password' name='aescrypted_key' id= 'aescrypted_key' autocomplete='off'>";
             echo "</th></tr>";
         }
     } else {
         echo "<tr><th colspan='" . (8 + $colsup) . "'>";
         echo __('Encryption key', 'accounts') . "<div class='red'>";
         echo $alert;
         echo "</div>";
         echo "</th></tr>";
     }
     echo "<tr>";
     if ($canedit && $number && $withtemplate < 2) {
         echo "<th width='10'>" . Html::getCheckAllAsCheckbox('mass' . __CLASS__ . $rand) . "</th>";
     }
     echo "<th>" . __('Name') . "</th>";
     if (Session::isMultiEntitiesMode()) {
         echo "<th>" . __('Entity') . "</th>";
     }
     echo "<th>" . __('Login') . "</th>";
     echo "<th>" . __('Password') . "</th>";
     echo "<th>" . __('Affected User', 'accounts') . "</th>";
     echo "<th>" . __('Type') . "</th>";
     echo "<th>" . __('Creation date') . "</th>";
     echo "<th>" . __('Expiration date') . "</th>";
     echo "</tr>";
     $used = array();
     if ($number) {
         Session::initNavigateListItems('PluginAccountsAccount', sprintf(__('%1$s = %2$s'), $item->getTypeName(1), $item->getName()));
         foreach ($accounts as $data) {
             $accountID = $data["id"];
             $link = NOT_AVAILABLE;
             if ($account->getFromDB($accountID)) {
                 $link = $account->getLink();
             }
             Session::addToNavigateListItems('PluginAccountsAccount', $accountID);
             $used[$accountID] = $accountID;
             $assocID = $data["assocID"];
             echo "<tr class='tab_bg_1" . ($data["is_deleted"] ? "_2" : "") . "'>";
             if ($canedit && $withtemplate < 2) {
                 echo "<td width='10'>";
                 Html::showMassiveActionCheckBox(__CLASS__, $data["assocID"]);
                 echo "</td>";
             }
             echo "<td class='center'>{$link}</td>";
             if (Session::isMultiEntitiesMode()) {
                 echo "<td class='center'>" . Dropdown::getDropdownName("glpi_entities", $data['entities_id']) . "</td>";
             }
             echo "<td class='center'>" . $data["login"] . "</td>";
             echo "<td class='center'>";
             //hash
             if (isset($hash_id) && $aeskey->getFromDBByHash($hash_id) && $aeskey->fields["name"]) {
                 echo "<input type='hidden' name='aeskey' id= 'aeskey'\n                        value='" . $aeskey->fields["name"] . "' class='' autocomplete='off'>";
                 echo "<input type='hidden' autocomplete='off'\n               name='encrypted_password\${$accountID}' value='" . $data["encrypted_password"] . "'>";
                 echo "<input type='text' name='hidden_password\${$accountID}' value='' size='30' >";
                 echo "<script language='javascript'>\n               var good_hash=\"{$hash}\";\n               var hash=SHA256(SHA256(document.getElementById(\"aeskey\").value));\n               if (hash != good_hash) {\n               document.getElementsByName(\"hidden_password\${$accountID}\").\n               item(0).value=\"" . __s('Wrong encryption key', 'accounts') . "\";\n            } else {\n            document.getElementsByName(\"hidden_password\${$accountID}\").\n            item(0).value=AESDecryptCtr(document.getElementsByName(\"encrypted_password\${$accountID}\").\n            item(0).value,SHA256(document.getElementById(\"aeskey\").value), 256)};</script>";
             } else {
                 $url = $CFG_GLPI["root_doc"] . "/plugins/accounts/front/account.form.php";
                 echo "&nbsp;<input type='button' id='decrypte_link{$accountID}' name='decrypte' value='" . __s('Uncrypt', 'accounts') . "'\n                        class='submit' onclick='return false;'>";
                 echo "<script type='text/javascript'>\n               Ext.get('decrypte_link{$accountID}').on('click', function () {\n\n               Ext.Ajax.request({\n               url: '../plugins/accounts/ajax/get_new_crsf_token.php',\n               success: function(response, opts) {\n               var token = response.responseText;\n               Ext.select('#account_form input[name=_glpi_csrf_token]')\n               .set({'value': token});\n\n            },\n            failure: function(response, opts) {\n            console.log('server-side failure with status code ' + response.status);\n            }\n            });\n\n            var good_hash=\"{$hash}\";\n            var hash=SHA256(SHA256(document.getElementById(\"aescrypted_key\").value));\n            if (hash != good_hash) {\n            alert(\"" . __('Wrong encryption key', 'accounts') . "\");\n                     return false;\n            };\n                     alert(AESDecryptCtr(\"" . $data['encrypted_password'] . "\",\n                     SHA256(document.getElementById(\"aescrypted_key\").value),\n                     256));\n\n                     callAjax(\"{$url}\",\n                     \"{$accountID}\" ,\n                     document.getElementsByName(\"name\").item(0).value,\n                     document.getElementsByName(\"_glpi_csrf_token\").item(0).value);\n\n            });\n            </script>";
             }
             echo "</td>";
             echo "<td class='center'>";
             echo getUsername($data["users_id"]);
             echo "</td>";
             echo "<td class='center'>";
             echo Dropdown::getDropdownName("glpi_plugin_accounts_accounttypes", $data["plugin_accounts_accounttypes_id"]);
             echo "</td>";
             echo "<td class='center'>" . Html::convdate($data["date_creation"]) . "</td>";
             if ($data["date_expiration"] <= date('Y-m-d') && !empty($data["date_expiration"])) {
                 echo "<td class='center'>";
                 echo "<div class='deleted'>" . Html::convdate($data["date_expiration"]) . "</div>";
                 echo "</td>";
             } else {
                 if (empty($data["date_expiration"])) {
                     echo "<td class='center'>" . __('Don\'t expire', 'accounts') . "</td>";
                 } else {
                     echo "<td class='center'>" . Html::convdate($data["date_expiration"]) . "</td>";
                 }
             }
             echo "</tr>";
             $i++;
         }
     }
     echo "</table>";
     if ($canedit && $number && $withtemplate < 2) {
         $massiveactionparams['ontop'] = false;
         Html::showMassiveActions(__CLASS__, $massiveactionparams);
         Html::closeForm();
     }
     echo "</div>";
 }
Exemple #2
0
 /**
  * Print the acccount form
  *
  * @param $ID        integer ID of the item
  * @param $options   array
  *     - target for the Form
  *     - withtemplate template or basic computer
  *
  * @return Nothing (display)
  **/
 public function showForm($ID, $options = array())
 {
     if (!$this->canView()) {
         return false;
     }
     $hashclass = new PluginAccountsHash();
     $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', '', $hashclass->maybeRecursive());
     if ($ID < 1 && countElementsInTable("glpi_plugin_accounts_hashes", $restrict) == 0) {
         echo "<div class='center'>" . __('There is no encryption key for this entity', 'accounts') . "<br><br>";
         echo "<a href='" . Toolbox::getItemTypeSearchURL('PluginAccountsAccount') . "'>";
         _e('Back');
         echo "</a></div>";
         return false;
     }
     /*
           if ($ID > 0) {
              $this->check($ID, READ);
              if (!Session::haveRight("plugin_accounts_see_all_users", 1)) {
                 $access = 0;
                 if (Session::haveRight("plugin_accounts_my_groups", 1)) {
                    if ($this->fields["groups_id"]) {
                       if (count($_SESSION['glpigroups'])
                                && in_array($this->fields["groups_id"], $_SESSION['glpigroups'])
                       ) {
                          $access = 1;
                       }
                    }
                    if ($this->fields["users_id"]) {
                       if ($this->fields["users_id"] == Session::getLoginUserID())
                          $access = 1;
                    }
                 }
                 if (!Session::haveRight("plugin_accounts_my_groups", 1)
                          && $this->fields["users_id"] == Session::getLoginUserID()
                 )
                    $access = 1;
     
                 if ($access != 1)
                    return false;
              }
           } else {
              // Create item
              $this->check(-1, UPDATE);
              $this->getEmpty();
           }
     */
     $options["formoptions"] = "id = 'account_form'";
     $this->initForm($ID, $options);
     $this->showFormHeader($options);
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Name') . "</td>";
     echo "<td>";
     Html::autocompletionTextField($this, "name");
     echo "</td>";
     echo "<td>" . __('Status') . "</td><td>";
     Dropdown::show('PluginAccountsAccountState', array('value' => $this->fields["plugin_accounts_accountstates_id"]));
     echo "</td>";
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Login') . "</td>";
     echo "<td>";
     Html::autocompletionTextField($this, "login");
     echo "</td>";
     echo "<td>" . __('Type') . "</td><td>";
     Dropdown::show('PluginAccountsAccountType', array('value' => $this->fields["plugin_accounts_accounttypes_id"]));
     echo "</td>";
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     //hash
     $hash = 0;
     $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', $this->getEntityID(), $hashclass->maybeRecursive());
     $hashes = getAllDatasFromTable("glpi_plugin_accounts_hashes", $restrict);
     if (!empty($hashes)) {
         foreach ($hashes as $hashe) {
             $hash = $hashe["hash"];
             $hash_id = $hashe["id"];
         }
         $alert = '';
     } else {
         $alert = __('There is no encryption key for this entity', 'accounts');
     }
     $aeskey = new PluginAccountsAesKey();
     //aeskey non enregistre
     if ($hash) {
         if (!$aeskey->getFromDBByHash($hash_id) || !$aeskey->fields["name"]) {
             echo "<td>" . __('Encryption key', 'accounts') . "</div></td><td>";
             echo "<input type='password' autocomplete='off' name='aeskey' id='aeskey'>";
             echo Html::hidden('encrypted_password', array('value' => $this->fields["encrypted_password"], 'id' => 'encrypted_password'));
             echo Html::hidden('good_hash', array('value' => $hash, 'id' => 'good_hash'));
             echo Html::hidden('wrong_key_locale', array('value' => __('Wrong encryption key', 'accounts'), 'id' => 'wrong_key_locale'));
             if (!empty($ID) || $ID > 0) {
                 $url = $this->getFormURL();
                 echo "&nbsp;<input type='button' id='decrypte_link' name='decrypte' value='" . __s('Uncrypt', 'accounts') . "'\n                        class='submit'>";
             }
             echo "</td>";
         } else {
             echo "<td></td><td>";
             echo "</td>";
         }
     } else {
         echo "<td>" . __('Encryption key', 'accounts') . "</div></td><td><div class='red'>";
         echo $alert;
         echo "</div></td>";
     }
     if ($_SESSION['glpiactiveprofile']['interface'] == 'central') {
         echo "<td>" . __('Affected User', 'accounts') . "</td><td>";
         if ($this->canCreate()) {
             User::dropdown(array('value' => $this->fields["users_id"], 'entity' => $this->fields["entities_id"], 'right' => 'all'));
         } else {
             echo getUserName($this->fields["users_id"]);
         }
         echo "</td>";
     } else {
         echo "<td>" . __('Affected User', 'accounts') . "</td><td>";
         echo getUserName($this->fields["users_id"]);
         echo "</td>";
     }
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Password') . "</td>";
     echo "<td>";
     //aeskey enregistre
     if (isset($hash_id) && $aeskey->getFromDBByHash($hash_id) && $aeskey->fields["name"]) {
         echo Html::hidden('good_hash', array('value' => $hash, 'id' => 'good_hash'));
         echo Html::hidden('aeskey', array('value' => $aeskey->fields["name"], 'id' => 'aeskey', 'autocomplete' => 'off'));
         echo Html::hidden('encrypted_password', array('value' => $this->fields["encrypted_password"], 'id' => 'encrypted_password'));
         echo Html::hidden('wrong_key_locale', array('value' => __('Wrong encryption key', 'accounts'), 'id' => 'wrong_key_locale'));
         echo Html::scriptBlock("auto_decrypt();");
     }
     echo "<input type='text' name='hidden_password' id='hidden_password' size='30' >";
     echo "</td>";
     if ($_SESSION['glpiactiveprofile']['interface'] == 'central') {
         echo "<td>" . __('Affected Group', 'accounts') . "</td><td>";
         if (self::canCreate()) {
             Dropdown::show('Group', array('value' => $this->fields["groups_id"], 'condition' => '`is_itemgroup`'));
         } else {
             echo Dropdown::getDropdownName("glpi_groups", $this->fields["groups_id"]);
         }
         echo "</td>";
     } else {
         echo "<td>" . __('Affected Group', 'accounts') . ":\t</td><td>";
         echo Dropdown::getDropdownName("glpi_groups", $this->fields["groups_id"]);
         echo "</td>";
     }
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Creation date') . "</td>";
     echo "<td>";
     Html::showDateFormItem("date_creation", $this->fields["date_creation"], true, true);
     echo "</td>";
     echo "<td>" . __('Technician in charge of the hardware') . "</td>";
     echo "<td>";
     User::dropdown(array('name' => "users_id_tech", 'value' => $this->fields["users_id_tech"], 'entity' => $this->fields["entities_id"], 'right' => 'interface'));
     echo "</td>";
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Expiration date') . "&nbsp;";
     Html::showToolTip(nl2br(__('Empty for infinite', 'accounts')));
     echo "</td>";
     echo "<td>";
     Html::showDateFormItem("date_expiration", $this->fields["date_expiration"], true, true);
     echo "</td>";
     echo "<td>" . __('Group in charge of the hardware') . "</td><td>";
     Group::dropdown(array('name' => 'groups_id_tech', 'value' => $this->fields['groups_id_tech'], 'condition' => '`is_assign`'));
     echo "</td>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Others') . "</td>";
     echo "<td>";
     Html::autocompletionTextField($this, "others");
     echo "</td>";
     echo "<td>" . __('Location') . "</td><td>";
     Location::dropdown(array('value' => $this->fields["locations_id"], 'entity' => $this->fields["entities_id"]));
     echo "</td>";
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td colspan = '4'>";
     echo "<table cellpadding='2' cellspacing='2' border='0'><tr><td>";
     echo __('Comments') . "</td></tr>";
     echo "<tr><td class='center'>";
     echo "<textarea cols='125' rows='3' name='comment'>" . $this->fields["comment"] . "</textarea>";
     echo "</td></tr></table>";
     echo "</td>";
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Associable to a ticket') . "</td><td>";
     Dropdown::showYesNo('is_helpdesk_visible', $this->fields['is_helpdesk_visible']);
     echo "</td>";
     echo "<td colspan='2'>";
     printf(__('Last update on %s'), Html::convDateTime($this->fields["date_mod"]));
     echo "</td>";
     echo "</tr>";
     if (self::canCreate()) {
         if (empty($ID) || $ID < 0) {
             echo "<tr>";
             echo "<td class='tab_bg_2 top' colspan='4'>";
             echo "<div align='center'>";
             echo "<input type='submit' name='add' id='account_add' value='" . _sx('button', 'Add') . "' class='submit'>";
             echo "</div>";
             echo Html::scriptBlock("\$('#account_form').submit(function(event){\n               if (\$('#hidden_password').val() == '' || \$('#aeskey').val() == '') {\n                  alert('" . __('You have not filled the password and encryption key', 'accounts') . "');\n                  return false;\n               };\n               if (!check_hash()) {\n                  alert('" . __('Wrong encryption key', 'accounts') . "');\n                  return false;\n               } else {\n                  encrypt_password();\n               }\n            });");
             echo "</td>";
             echo "</tr>";
         } else {
             echo "<tr>";
             echo "<td class='tab_bg_2'  colspan='4 top'><div align='center'>";
             echo "<input type='hidden' name='id' value=\"{$ID}\">";
             echo "<input type='submit' name='update' id='account_update' value=\"" . _sx('button', 'Save') . "\" class='submit' >";
             echo Html::scriptBlock("\$('#account_form').submit(function(event){\n               if (\$('#hidden_password').val() == '' || \$('#aeskey').val() == '') {\n                  alert('" . __('Password will not be modified', 'accounts') . "');\n               } else if (!check_hash()) {\n                  alert('" . __('Wrong encryption key', 'accounts') . "');\n                  return false;\n               } else {\n                  encrypt_password();\n               }\n            });");
             if ($this->fields["is_deleted"] == '0') {
                 echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='delete' value=\"" . _sx('button', 'Put in dustbin') . "\" class='submit'></div>";
             } else {
                 echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='restore' value=\"" . _sx('button', 'Restore') . "\" class='submit'>";
                 echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='purge' value=\"" . _sx('button', 'Delete permanently') . "\" class='submit'></div>";
             }
             echo "</td>";
             echo "</tr>";
         }
     }
     $options['canedit'] = false;
     $options['candel'] = false;
     $this->showFormButtons($options);
     Html::closeForm();
     return true;
 }
Exemple #3
0
 public static function updateHash($oldaeskey, $newaeskey, $hash_id)
 {
     global $DB;
     $self = new self();
     $self->getFromDB($hash_id);
     $entities = getSonsOf('glpi_entities', $self->fields['entities_id']);
     $account = new PluginAccountsAccount();
     $aeskey = new PluginAccountsAesKey();
     $oldhash = hash("sha256", $oldaeskey);
     $newhash = hash("sha256", $newaeskey);
     $newhashstore = hash("sha256", $newhash);
     // uncrypt passwords for update
     $query_ = "SELECT *\n                FROM `glpi_plugin_accounts_accounts`\n                WHERE ";
     $query_ .= getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_accounts", '', $entities);
     $result_ = $DB->query($query_);
     if ($DB->numrows($result_) > 0) {
         while ($data = $DB->fetch_array($result_)) {
             $oldpassword = addslashes(plugin_accounts_AESDecryptCtr($data['encrypted_password'], $oldhash, 256));
             $newpassword = addslashes(plugin_accounts_AESEncryptCtr($oldpassword, $newhash, 256));
             $account->update(array('id' => $data["id"], 'encrypted_password' => $newpassword));
         }
         $self->update(array('id' => $hash_id, 'hash' => $newhashstore));
         if ($aeskey->getFromDBByHash($hash_id) && isset($aeskey->fields["name"])) {
             $values["id"] = $aeskey->fields["id"];
             $values["name"] = $newaeskey;
             $aeskey->update($values);
         }
     }
 }
Exemple #4
0
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with accounts. If not, see <http://www.gnu.org/licenses/>.
--------------------------------------------------------------------------
*/
include '../../../inc/includes.php';
if (!isset($_GET["id"])) {
    $_GET["id"] = "";
}
if (!isset($_GET["plugin_accounts_hashes_id"])) {
    $_GET["plugin_accounts_hashes_id"] = "";
}
Session::checkRight("config", "w");
$aeskey = new PluginAccountsAesKey();
$plugin = new plugin();
if ($plugin->isActivated("environment")) {
    Html::header(PluginAccountsAccount::getTypeName(2), '', "plugins", "environment", "accounts", "hash");
} else {
    Html::header(PluginAccountsAccount::getTypeName(2), '', "plugins", "accounts", "hash");
}
if (isset($_POST["add"])) {
    if ($aeskey->canCreate()) {
        $newID = $aeskey->add($_POST);
    }
    Html::back();
} else {
    if (isset($_POST["update"])) {
        if ($aeskey->canCreate()) {
            $aeskey->update($_POST);
Exemple #5
0
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with accounts. If not, see <http://www.gnu.org/licenses/>.
--------------------------------------------------------------------------
*/
include '../../../inc/includes.php';
if (!isset($_GET["id"])) {
    $_GET["id"] = "";
}
if (!isset($_GET["plugin_accounts_hashes_id"])) {
    $_GET["plugin_accounts_hashes_id"] = "";
}
Session::checkRight("config", UPDATE);
$aeskey = new PluginAccountsAesKey();
$plugin = new plugin();
if ($plugin->isActivated("environment")) {
    Html::header(PluginAccountsAccount::getTypeName(2), '', "assets", "pluginenvironmentdisplay", "accounts", "hash");
} else {
    Html::header(PluginAccountsAccount::getTypeName(2), '', "admin", "pluginaccountsmenu", "hash");
}
if (isset($_POST["add"])) {
    if ($aeskey->canCreate()) {
        $newID = $aeskey->add($_POST);
    }
    if ($_SESSION['glpibackcreated']) {
        Html::redirect($aeskey->getFormURL() . "?id=" . $newID);
    }
    Html::back();
} else {
 /**
  * Show accounts associated to an item
  *
  * @since version 0.84
  *
  * @param $item            CommonDBTM object for which associated accounts must be displayed
  * @param $withtemplate    (default '')
  **/
 static function showForItem(CommonDBTM $item, $withtemplate = '')
 {
     global $DB, $CFG_GLPI;
     $ID = $item->getField('id');
     if ($item->isNewID($ID)) {
         return false;
     }
     if (!Session::haveRight("plugin_accounts", READ)) {
         return false;
     }
     if (!$item->can($item->fields['id'], READ)) {
         return false;
     }
     if (empty($withtemplate)) {
         $withtemplate = 0;
     }
     $canedit = $item->canadditem('PluginAccountsAccount');
     $rand = mt_rand();
     $is_recursive = $item->isRecursive();
     $who = Session::getLoginUserID();
     if (count($_SESSION["glpigroups"]) && Session::haveRight("plugin_accounts_my_groups", 1)) {
         $first_groups = true;
         $groups = "";
         foreach ($_SESSION['glpigroups'] as $val) {
             if (!$first_groups) {
                 $groups .= ",";
             } else {
                 $first_groups = false;
             }
             $groups .= "'" . $val . "'";
         }
         $ASSIGN = "( `groups_id` IN ({$groups}) OR `users_id` = '{$who}') ";
     } else {
         // Only personal ones
         $ASSIGN = " `users_id` = '{$who}' ";
     }
     $query = "SELECT `glpi_plugin_accounts_accounts_items`.`id` AS assocID,\n                       `glpi_entities`.`id` AS entity,\n                       `glpi_plugin_accounts_accounts`.`name` AS assocName,\n                       `glpi_plugin_accounts_accounts`.*\n                FROM `glpi_plugin_accounts_accounts_items`\n                LEFT JOIN `glpi_plugin_accounts_accounts`\n                 ON (`glpi_plugin_accounts_accounts_items`.`plugin_accounts_accounts_id`=`glpi_plugin_accounts_accounts`.`id`)\n                LEFT JOIN `glpi_entities` ON (`glpi_plugin_accounts_accounts`.`entities_id`=`glpi_entities`.`id`)\n                WHERE `glpi_plugin_accounts_accounts_items`.`items_id` = '{$ID}'\n                      AND `glpi_plugin_accounts_accounts_items`.`itemtype` = '" . $item->getType() . "' ";
     $query .= getEntitiesRestrictRequest(" AND", "glpi_plugin_accounts_accounts", '', '', true);
     if (!Session::haveRight("plugin_accounts_see_all_users", 1)) {
         $query .= " AND {$ASSIGN} ";
     }
     $query .= " ORDER BY `assocName`";
     $result = $DB->query($query);
     $number = $DB->numrows($result);
     $i = 0;
     $accounts = array();
     $account = new PluginAccountsAccount();
     $used = array();
     if ($numrows = $DB->numrows($result)) {
         while ($data = $DB->fetch_assoc($result)) {
             $accounts[$data['assocID']] = $data;
             $used[$data['id']] = $data['id'];
         }
     }
     if ($canedit && $withtemplate < 2) {
         // Restrict entity for knowbase
         $entities = "";
         $entity = $_SESSION["glpiactive_entity"];
         if ($item->isEntityAssign()) {
             /// Case of personal items : entity = -1 : create on active entity (Reminder case))
             if ($item->getEntityID() >= 0) {
                 $entity = $item->getEntityID();
             }
             if ($item->isRecursive()) {
                 $entities = getSonsOf('glpi_entities', $entity);
             } else {
                 $entities = $entity;
             }
         }
         $limit = getEntitiesRestrictRequest(" AND ", "glpi_plugin_accounts_accounts", '', $entities, true);
         $q = "SELECT COUNT(*)\n               FROM `glpi_plugin_accounts_accounts`\n               WHERE `is_deleted` = '0'\n               {$limit}";
         $result = $DB->query($q);
         $nb = $DB->result($result, 0, 0);
         echo "<div class='firstbloc'>";
         if (Session::haveRight('plugin_accounts', READ) && $nb > count($used)) {
             echo "<form name='account_form{$rand}' id='account_form{$rand}' method='post'\n                   action='" . Toolbox::getItemTypeFormURL('PluginAccountsAccount') . "'>";
             echo "<table class='tab_cadre_fixe'>";
             echo "<tr class='tab_bg_1'>";
             echo "<td colspan='4' class='center'>";
             echo "<input type='hidden' name='entities_id' value='{$entity}'>";
             echo "<input type='hidden' name='is_recursive' value='{$is_recursive}'>";
             echo "<input type='hidden' name='itemtype' value='" . $item->getType() . "'>";
             echo "<input type='hidden' name='items_id' value='{$ID}'>";
             if ($item->getType() == 'Ticket') {
                 echo "<input type='hidden' name='tickets_id' value='{$ID}'>";
             }
             PluginAccountsAccount::dropdownAccount(array('entity' => $entities, 'used' => $used));
             echo "</td><td class='center' width='20%'>";
             echo "<input type='submit' name='additem' value=\"" . _sx('button', 'Associate a account', 'accounts') . "\" class='submit'>";
             echo "</td>";
             echo "</tr>";
             echo "</table>";
             Html::closeForm();
         }
         echo "</div>";
     }
     echo "<div class='spaced'>";
     if ($canedit && $number && $withtemplate < 2) {
         Html::openMassiveActionsForm('mass' . __CLASS__ . $rand);
         $massiveactionparams = array('num_displayed' => $number);
         Html::showMassiveActions($massiveactionparams);
     }
     echo "<table class='tab_cadre_fixe'>";
     if (Session::isMultiEntitiesMode()) {
         $colsup = 1;
     } else {
         $colsup = 0;
     }
     //hash
     $hashclass = new PluginAccountsHash();
     $hash = 0;
     $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', $item->getEntityID(), $hashclass->maybeRecursive());
     $hashes = getAllDatasFromTable("glpi_plugin_accounts_hashes", $restrict);
     if (!empty($hashes)) {
         foreach ($hashes as $hashe) {
             $hash = $hashe["hash"];
             $hash_id = $hashe["id"];
         }
         $alert = '';
     } else {
         $alert = __('There is no encryption key for this entity', 'accounts');
     }
     $aeskey = new PluginAccountsAesKey();
     echo "<tr><th colspan='" . (8 + $colsup) . "'>";
     if ($hash) {
         if (!$aeskey->getFromDBByHash($hash_id) || !$aeskey->fields["name"]) {
             _e('Encryption key', 'accounts');
             echo "<input type='password' name='aeskey' id='aeskey' autocomplete='off'>";
         } else {
             echo Html::hidden('aeskey', array('value' => $aeskey->fields["name"], 'id' => 'aeskey', 'autocomplete' => 'off'));
         }
     } else {
         echo __('Encryption key', 'accounts');
         echo "<div class='red'>";
         echo $alert;
         echo "</div>";
     }
     echo "<tr>";
     if ($canedit && $number && $withtemplate < 2) {
         echo "<th width='10'>" . Html::getCheckAllAsCheckbox('mass' . __CLASS__ . $rand) . "</th>";
     }
     echo "<th>" . __('Name') . "</th>";
     if (Session::isMultiEntitiesMode()) {
         echo "<th>" . __('Entity') . "</th>";
     }
     echo "<th>" . __('Login') . "</th>";
     echo "<th>" . __('Password') . "</th>";
     echo "<th>" . __('Affected User', 'accounts') . "</th>";
     echo "<th>" . __('Type') . "</th>";
     echo "<th>" . __('Creation date') . "</th>";
     echo "<th>" . __('Expiration date') . "</th>";
     echo "</tr>";
     $used = array();
     if ($number) {
         Session::initNavigateListItems('PluginAccountsAccount', sprintf(__('%1$s = %2$s'), $item->getTypeName(1), $item->getName()));
         foreach ($accounts as $data) {
             $accountID = $data["id"];
             $link = NOT_AVAILABLE;
             if ($account->getFromDB($accountID)) {
                 $link = $account->getLink();
             }
             Session::addToNavigateListItems('PluginAccountsAccount', $accountID);
             $used[$accountID] = $accountID;
             $assocID = $data["assocID"];
             echo "<tr class='tab_bg_1" . ($data["is_deleted"] ? "_2" : "") . "'>";
             if ($canedit && $withtemplate < 2) {
                 echo "<td width='10'>";
                 Html::showMassiveActionCheckBox(__CLASS__, $data["assocID"]);
                 echo "</td>";
             }
             echo "<td class='center'>{$link}</td>";
             if (Session::isMultiEntitiesMode()) {
                 echo "<td class='center'>" . Dropdown::getDropdownName("glpi_entities", $data['entities_id']) . "</td>";
             }
             echo "<td class='center'>" . $data["login"] . "</td>";
             echo "<td class='center'>";
             //hash
             if (isset($hash_id) && $aeskey->getFromDBByHash($hash_id) && $aeskey->fields["name"]) {
                 echo Html::hidden("encrypted_password{$accountID}", array('value' => $data["encrypted_password"], 'id' => "encrypted_password{$accountID}", 'autocomplete' => 'off'));
                 echo "<input type='text' id='hidden_password{$accountID}' value='' size='30' >";
                 echo Html::scriptBlock("\n                  if (!check_hash()) {\n                     \$('#hidden_password{$accountID}')\n                        .after('" . __('Wrong encryption key', 'accounts') . "')\n                        .remove();\n                  } else {\n                     decrypt_password('{$accountID}');\n                  }\n               ");
             } else {
                 $url = $CFG_GLPI["root_doc"] . "/plugins/accounts/front/account.form.php";
                 echo "&nbsp;<input type='button' id='decrypt_link{$accountID}' name='decrypte' value='" . __s('Uncrypt', 'accounts') . "'\n                        class='submit'>";
                 echo Html::hidden("encrypted_password{$accountID}", array('value' => $data["encrypted_password"], 'id' => "encrypted_password{$accountID}", 'autocomplete' => 'off'));
                 echo Html::scriptBlock("\$(document).on('click', '#decrypt_link{$accountID}', function(event) {\n                  if (!check_hash()) {\n                     alert('" . __('Wrong encryption key', 'accounts') . "');\n                  } else {\n                     var decrypted_password = decrypt_password('{$accountID}');\n                     \$('#decrypt_link{$accountID}')\n                        .after(decrypted_password)\n                        .remove();\n                  }\n               });");
             }
             echo "</td>";
             echo "<td class='center'>";
             echo getUsername($data["users_id"]);
             echo "</td>";
             echo "<td class='center'>";
             echo Dropdown::getDropdownName("glpi_plugin_accounts_accounttypes", $data["plugin_accounts_accounttypes_id"]);
             echo "</td>";
             echo "<td class='center'>" . Html::convdate($data["date_creation"]) . "</td>";
             if ($data["date_expiration"] <= date('Y-m-d') && !empty($data["date_expiration"])) {
                 echo "<td class='center'>";
                 echo "<div class='deleted'>" . Html::convdate($data["date_expiration"]) . "</div>";
                 echo "</td>";
             } else {
                 if (empty($data["date_expiration"])) {
                     echo "<td class='center'>" . __('Don\'t expire', 'accounts') . "</td>";
                 } else {
                     echo "<td class='center'>" . Html::convdate($data["date_expiration"]) . "</td>";
                 }
             }
             echo "</tr>";
             $i++;
         }
     }
     echo "</table>";
     echo Html::hidden('good_hash', array('value' => $hash, 'id' => 'good_hash'));
     if ($canedit && $number && $withtemplate < 2) {
         $massiveactionparams['ontop'] = false;
         Html::showMassiveActions($massiveactionparams);
         Html::closeForm();
     }
     echo "</div>";
 }
Exemple #7
0
 /**
  * Print the acccount form
  *
  * @param $ID        integer ID of the item
  * @param $options   array
  *     - target for the Form
  *     - withtemplate template or basic computer
  *
  * @return Nothing (display)
  **/
 public function showForm($ID, $options = array())
 {
     if (!$this->canView()) {
         return false;
     }
     $hashclass = new PluginAccountsHash();
     $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', '', $hashclass->maybeRecursive());
     if ($ID < 1 && countElementsInTable("glpi_plugin_accounts_hashes", $restrict) == 0) {
         echo "<div class='center'>" . __('There is no encryption key for this entity', 'accounts') . "<br><br>";
         echo "<a href='" . Toolbox::getItemTypeSearchURL('PluginAccountsAccount') . "'>";
         _e('Back');
         echo "</a></div>";
         return false;
     }
     if ($ID > 0) {
         $this->check($ID, 'r');
         if (!plugin_accounts_haveRight("all_users", "r")) {
             $access = 0;
             if (plugin_accounts_haveRight("my_groups", "r")) {
                 if ($this->fields["groups_id"]) {
                     if (count($_SESSION['glpigroups']) && in_array($this->fields["groups_id"], $_SESSION['glpigroups'])) {
                         $access = 1;
                     }
                 }
                 if ($this->fields["users_id"]) {
                     if ($this->fields["users_id"] == Session::getLoginUserID()) {
                         $access = 1;
                     }
                 }
             }
             if (!plugin_accounts_haveRight("my_groups", "r") && $this->fields["users_id"] == Session::getLoginUserID()) {
                 $access = 1;
             }
             if ($access != 1) {
                 return false;
             }
         }
     } else {
         // Create item
         $this->check(-1, 'w');
         $this->getEmpty();
     }
     $this->showTabs($options);
     $options["formoptions"] = "id = 'account_form'";
     $this->showFormHeader($options);
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Name') . "</td>";
     echo "<td>";
     Html::autocompletionTextField($this, "name");
     echo "</td>";
     echo "<td>" . __('Status') . "</td><td>";
     Dropdown::show('PluginAccountsAccountState', array('value' => $this->fields["plugin_accounts_accountstates_id"]));
     echo "</td>";
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Login') . "</td>";
     echo "<td>";
     Html::autocompletionTextField($this, "login");
     echo "</td>";
     echo "<td>" . __('Type') . "</td><td>";
     Dropdown::show('PluginAccountsAccountType', array('value' => $this->fields["plugin_accounts_accounttypes_id"]));
     echo "</td>";
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     //hash
     $hash = 0;
     $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', $this->getEntityID(), $hashclass->maybeRecursive());
     $hashes = getAllDatasFromTable("glpi_plugin_accounts_hashes", $restrict);
     if (!empty($hashes)) {
         foreach ($hashes as $hashe) {
             $hash = $hashe["hash"];
             $hash_id = $hashe["id"];
         }
         $alert = '';
     } else {
         $alert = __('There is no encryption key for this entity', 'accounts');
     }
     $aeskey = new PluginAccountsAesKey();
     //aeskey non enregistre
     if ($hash) {
         if (!$aeskey->getFromDBByHash($hash_id) || !$aeskey->fields["name"]) {
             echo "<td>" . __('Encryption key', 'accounts') . "</div></td><td>";
             echo "<input type='password' autocomplete='off' name='aeskey' id= 'aeskey' value='' class=''>";
             echo "<input type='hidden' name='encrypted_password' value='" . $this->fields["encrypted_password"] . "'>";
             if (!empty($ID) || $ID > 0) {
                 $url = $this->getFormURL();
                 echo "&nbsp;<input type='button' id='decrypte_link' name='decrypte' value='" . __s('Uncrypt', 'accounts') . "'\n                        class='submit' onclick='return false;'>";
                 echo "<script type='text/javascript'>\n               Ext.get('decrypte_link').on('click', function () {\n               var good_hash=\"{$hash}\";var hash=SHA256(SHA256(document.getElementById(\"aeskey\").value));\n               if (hash != good_hash) {\n               alert(\"" . __('Wrong encryption key', 'accounts') . "\");\n               return false;\n            };\n            document.getElementsByName(\"hidden_password\").item(0).value=AESDecryptCtr(document.getElementsByName(\"encrypted_password\").item(0).value,SHA256(document.getElementById(\"aeskey\").value), 256);\n\n            callAjax(\"{$url}\", \"{$ID}\" , document.getElementsByName(\"name\").item(0).value, document.getElementsByName(\"_glpi_csrf_token\").item(0).value);\n\n            Ext.Ajax.request({\n            url: '../ajax/get_new_crsf_token.php',\n            success: function(response, opts) {\n            var token = response.responseText;\n            Ext.select('#account_form input[name=_glpi_csrf_token]')\n            .set({'value': token});\n            },\n            failure: function(response, opts) {\n            console.log('server-side failure with status code ' + response.status);\n            }\n            });\n            });\n            </script>";
             }
             echo "</td>";
         } else {
             echo "<td></td><td>";
             echo "</td>";
         }
     } else {
         echo "<td>" . __('Encryption key', 'accounts') . "</div></td><td><div class='red'>";
         echo $alert;
         echo "</div></td>";
     }
     if ($_SESSION['glpiactiveprofile']['interface'] == 'central') {
         echo "<td>" . __('Affected User', 'accounts') . "</td><td>";
         if ($this->canCreate()) {
             User::dropdown(array('value' => $this->fields["users_id"], 'entity' => $this->fields["entities_id"], 'right' => 'all'));
         } else {
             echo getUserName($this->fields["users_id"]);
         }
         echo "</td>";
     } else {
         echo "<td>" . __('Affected User', 'accounts') . "</td><td>";
         echo getUserName($this->fields["users_id"]);
         echo "</td>";
     }
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Password') . "</td>";
     echo "<td>";
     //aeskey enregistre
     if (isset($hash_id) && $aeskey->getFromDBByHash($hash_id) && $aeskey->fields["name"]) {
         echo "<input type='hidden' name='aeskey' id= 'aeskey' value='" . $aeskey->fields["name"] . "' class='' autocomplete='off'>";
         echo "<input type='hidden' name='encrypted_password' value='" . $this->fields["encrypted_password"] . "'>";
         echo "<input type='text' name='hidden_password' value='' size='30'>";
         echo "<script language='javascript'>\n         var good_hash=\"{$hash}\";\n         var hash=SHA256(SHA256(document.getElementById(\"aeskey\").value));\n         if (hash != good_hash) {\n         document.getElementsByName(\"hidden_password\").item(0).value=\"" . __s('Wrong encryption key', 'accounts') . "\";\n      } else {\n                  document.getElementsByName(\"hidden_password\").item(0).value=AESDecryptCtr(document.getElementsByName(\"encrypted_password\").item(0).value,SHA256(document.getElementById(\"aeskey\").value), 256)};</script>";
     } else {
         echo "<input type='text' name='hidden_password' value='' size='30' >";
     }
     echo "</td>";
     if ($_SESSION['glpiactiveprofile']['interface'] == 'central') {
         echo "<td>" . __('Affected Group', 'accounts') . "</td><td>";
         if ($this->canCreate()) {
             Dropdown::show('Group', array('value' => $this->fields["groups_id"], 'condition' => '`is_itemgroup`'));
         } else {
             echo Dropdown::getDropdownName("glpi_groups", $this->fields["groups_id"]);
         }
         echo "</td>";
     } else {
         echo "<td>" . __('Affected Group', 'accounts') . ":\t</td><td>";
         echo Dropdown::getDropdownName("glpi_groups", $this->fields["groups_id"]);
         echo "</td>";
     }
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Creation date') . "</td>";
     echo "<td>";
     Html::showDateFormItem("date_creation", $this->fields["date_creation"], true, true);
     echo "</td>";
     echo "<td>" . __('Technician in charge of the hardware') . "</td>";
     echo "<td>";
     User::dropdown(array('name' => "users_id_tech", 'value' => $this->fields["users_id_tech"], 'entity' => $this->fields["entities_id"], 'right' => 'interface'));
     echo "</td>";
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Expiration date') . "&nbsp;";
     Html::showToolTip(nl2br(__('Empty for infinite', 'accounts')));
     echo "</td>";
     echo "<td>";
     Html::showDateFormItem("date_expiration", $this->fields["date_expiration"], true, true);
     echo "</td>";
     echo "<td>" . __('Group in charge of the hardware') . "</td><td>";
     Group::dropdown(array('name' => 'groups_id_tech', 'value' => $this->fields['groups_id_tech'], 'condition' => '`is_assign`'));
     echo "</td>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Others') . "</td>";
     echo "<td>";
     Html::autocompletionTextField($this, "others");
     echo "</td>";
     echo "<td>" . __('Location') . "</td><td>";
     Location::dropdown(array('value' => $this->fields["locations_id"], 'entity' => $this->fields["entities_id"]));
     echo "</td>";
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td colspan = '4'>";
     echo "<table cellpadding='2' cellspacing='2' border='0'><tr><td>";
     echo __('Comments') . "</td></tr>";
     echo "<tr><td class='center'>";
     echo "<textarea cols='125' rows='3' name='comment'>" . $this->fields["comment"] . "</textarea>";
     echo "</td></tr></table>";
     echo "</td>";
     echo "</tr>";
     echo "<tr class='tab_bg_1'>";
     echo "<td>" . __('Associable to a ticket') . "</td><td>";
     Dropdown::showYesNo('is_helpdesk_visible', $this->fields['is_helpdesk_visible']);
     echo "</td>";
     echo "<td colspan='2'>";
     printf(__('Last update on %s'), Html::convDateTime($this->fields["date_mod"]));
     echo "</td>";
     echo "</tr>";
     if ($this->canCreate()) {
         if (empty($ID) || $ID < 0) {
             echo "<tr>";
             echo "<td class='tab_bg_2 top' colspan='4'>";
             echo "<div align='center'><input onclick='var good_hash=\"{$hash}\";\n            var hash=SHA256(SHA256(document.getElementById(\"aeskey\").value));\n            if ((document.getElementsByName(\"hidden_password\").item(0).value == \"\")\n            || (document.getElementById(\"aeskey\").value == \"\")) {\n            alert(\"" . __('You have not filled the password and encryption key', 'accounts') . "\");\n                     return false;\n         };\n                     if (hash != good_hash) {\n                     alert(\"" . __('Wrong encryption key', 'accounts') . "\");\n                              return false;\n         };\n                              document.getElementsByName(\"encrypted_password\").item(0).value=AESEncryptCtr(document.getElementsByName(\"hidden_password\").item(0).value,SHA256(document.getElementById(\"aeskey\").value), 256);'\n                              type='submit' name='add' value=\"" . _sx('button', 'Add') . "\" class='submit'></div>";
             echo "</td>";
             echo "</tr>";
         } else {
             echo "<tr>";
             echo "<td class='tab_bg_2'  colspan='4 top'><div align='center'>";
             echo "<input type='hidden' name='id' value=\"{$ID}\">";
             echo "<input onclick='var good_hash=\"{$hash}\";\n            var hash=SHA256(SHA256(document.getElementById(\"aeskey\").value));\n            if ((document.getElementsByName(\"hidden_password\").item(0).value == \"\")\n            || (document.getElementById(\"aeskey\").value == \"\")) {\n            alert(\"" . __('Password will not be modified', 'accounts') . "\");\n                     return true;\n         } else {\n                     if (hash != good_hash) {\n                     alert(\"" . __('Wrong encryption key', 'accounts') . "\");\n                              return false;\n         };\n         };\n                              document.getElementsByName(\"encrypted_password\").item(0).value=AESEncryptCtr(document.getElementsByName(\"hidden_password\").item(0).value,SHA256(document.getElementById(\"aeskey\").value), 256);'\n                              type='submit' name='update' value=\"" . _sx('button', 'Save') . "\" class='submit' >";
             if ($this->fields["is_deleted"] == '0') {
                 echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='delete' value=\"" . _sx('button', 'Put in dustbin') . "\" class='submit'></div>";
             } else {
                 echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='restore' value=\"" . _sx('button', 'Restore') . "\" class='submit'>";
                 echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='purge' value=\"" . _sx('button', 'Delete permanently') . "\" class='submit'></div>";
             }
             echo "</td>";
             echo "</tr>";
         }
     }
     echo "</table>";
     echo "</div>";
     Html::closeForm();
     $this->addDivForTabs();
     return true;
 }