/**
* Constructor
*
* @param $template \SP\Template con instancia de plantilla
*/
public function __construct(\SP\Template $template = null)
{
parent::__construct($template);
$this->view->assign('tabs', array());
$this->view->assign('sk', SessionUtil::getSessionKey(true));
$this->view->assign('isDemoMode', \SP\Util::demoIsEnabled() && !Session::getUserIsAdminApp());
$this->view->assign('isDisabled', \SP\Util::demoIsEnabled() && !Session::getUserIsAdminApp() ? 'DISABLED' : '');
}
/**
* Constructor
*
* @param $template \SP\Template con instancia de plantilla
*/
public function __construct(\SP\Template $template = null)
{
parent::__construct($template);
$this->view->assign('tabs', array());
$this->view->assign('sk', SessionUtil::getSessionKey(true));
$this->_userId = Session::getUserId();
$this->_userPrefs = UserPreferences::getPreferences($this->_userId);
}
/**
* Constructor
*
* @param \SP\Template $template instancia del motor de plantillas
* @param $lastAction int con la última acción realizada
* @param null $accountId int con el id de la cuenta
*/
public function __construct(\SP\Template $template = null, $lastAction, $accountId = null)
{
parent::__construct($template);
$this->setId($accountId);
$this->view->assign('changesHash', '');
$this->view->assign('chkUserEdit', '');
$this->view->assign('chkGroupEdit', '');
$this->view->assign('gotData', $this->isGotData());
$this->view->assign('sk', SessionUtil::getSessionKey(true));
}
/**
* Comprobar si es necesario limpiar el registro de eventos
*/
public function checkClear()
{
if ($this->view->clear && $this->view->sk && SessionUtil::checkSessionKey($this->view->sk)) {
if (\SP\Log::clearEvents()) {
\SP\Response::printJSON(_('Registro de eventos vaciado'), 0, "sysPassUtil.Common.doAction(" . ActionsInterface::ACTION_EVL . "); sysPassUtil.Common.scrollUp();");
} else {
\SP\Response::printJSON(_('Error al vaciar el registro de eventos'));
}
}
}
/**
* Constructor
*
* @param $template \SP\Template con instancia de plantilla
* @param null $page El nombre de página para la clase del body
* @param bool $initialize Si es una inicialización completa
*/
public function __construct(\SP\Template $template = null, $page = null, $initialize = true)
{
parent::__construct($template);
if ($initialize) {
$this->view->assign('startTime', microtime());
$this->view->addTemplate('header');
$this->view->addTemplate('body-start');
$this->view->assign('sk', SessionUtil::getSessionKey(true));
$this->view->assign('appInfo', Util::getAppInfo());
$this->view->assign('appVersion', Util::getVersionString());
$this->view->assign('isDemoMode', Util::demoIsEnabled());
$this->view->assign('page', $page);
$this->view->assign('loggedIn', \SP\Init::isLoggedIn());
$this->view->assign('logoIcon', Init::$WEBURI . '/imgs/logo.png');
$this->view->assign('logoNoText', Init::$WEBURI . '/imgs/logo.svg');
$this->view->assign('logo', Init::$WEBURI . '/imgs/logo_full.svg');
$this->view->assign('httpsEnabled', Util::httpsEnabled());
// Cargar la clave pública en la sesión
SessionUtil::loadPublicKey();
$this->getResourcesLinks();
$this->setResponseHeaders();
}
}
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*
*/
use SP\Request;
use SP\SessionUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
SP\Response::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SessionUtil::checkSessionKey($sk)) {
SP\Response::printJSON(_('CONSULTA INVÁLIDA'));
}
// Variables POST del formulario
//$frmSaveType = SP_Request::analyze('savetyp', 0);
$actionId = SP\Request::analyze('actionId', 0);
$accountId = SP\Request::analyze('accountid', 0);
$customerId = SP\Request::analyze('customerId', 0);
$newCustomer = SP\Request::analyze('customer_new');
$accountName = SP\Request::analyze('name');
$accountLogin = SP\Request::analyze('login');
$accountPassword = SP\Request::analyzeEncrypted('pass');
$accountPasswordR = SP\Request::analyzeEncrypted('passR');
$categoryId = SP\Request::analyze('categoryId', 0);
$accountOtherGroups = SP\Request::analyze('othergroups');
$accountOtherUsers = SP\Request::analyze('otherusers');
}
}
// Comprobar si se ha forzado un cambio de clave
if ($User->isUserChangePass()) {
$hash = SP\Util::generate_random_bytes();
if (UserPassRecover::addPassRecover($userLogin, $hash)) {
$url = SP\Init::$WEBURI . '/index.php?a=passreset&h=' . $hash . '&t=' . time() . '&f=1';
SP\Response::printJSON($url, 0);
}
}
// Obtenemos la clave maestra del usuario
if ($User->getUserMPass()) {
// Actualizar el último login del usuario
UserUtil::setUserLastLogin($User->getUserId());
// Cargar las variables de sesión del usuario
SessionUtil::loadUserSession($User);
$Log->addDescription(sprintf('%s: %s', _('Usuario'), $userLogin));
$Log->addDescription(sprintf('%s: %s', _('Perfil'), SP\Profile::getProfileNameById($User->getUserProfileId())));
$Log->addDescription(sprintf('%s: %s', _('Grupo'), SP\Groups::getGroupNameById($User->getUserGroupId())));
$Log->writeLog();
} else {
SP\Response::printJSON(_('Error interno'));
}
$UserPrefs = \SP\UserPreferences::getPreferences($User->getUserId());
if ($UserPrefs->isUse2Fa()) {
SP\Session::set2FApassed(false);
$url = SP\Init::$WEBURI . '/index.php?a=2fa&i=' . $User->getUserId() . '&t=' . time() . '&f=1';
SP\Response::printJSON($url, 0);
} else {
SP\Session::set2FApassed(true);
}
/**
* Obtener los datos para la pestaña de campos personalizados
*/
public function getCustomFields()
{
$this->setAction(self::ACTION_MGM_CUSTOMFIELDS);
if (!$this->checkAccess()) {
return;
}
$this->view->assign('sk', SessionUtil::getSessionKey(true));
$tableProp = array('tblId' => 'tblCustomFields', 'header' => '', 'tblHeaders' => array(_('Módulo'), _('Nombre'), _('Tipo')), 'tblRowSrc' => array('module', 'name', 'typeName'), 'tblRowSrcId' => 'id', 'onCloseAction' => self::ACTION_MGM, 'actions' => array('new' => array('id' => self::ACTION_MGM_CUSTOMFIELDS_NEW, 'title' => _('Nuevo Campo'), 'onclick' => 'sysPassUtil.Common.appMgmtData(this,' . self::ACTION_MGM_CUSTOMFIELDS_NEW . ',\'' . $this->view->sk . '\')', 'img' => 'imgs/new.png', 'skip' => true), 'edit' => array('id' => self::ACTION_MGM_CUSTOMFIELDS_EDIT, 'title' => _('Editar Campo'), 'onclick' => 'sysPassUtil.Common.appMgmtData(this,' . self::ACTION_MGM_CUSTOMFIELDS_EDIT . ',\'' . $this->view->sk . '\')', 'img' => 'imgs/edit.png', 'icon' => 'mode_edit'), 'del' => array('id' => self::ACTION_MGM_CUSTOMFIELDS_DELETE, 'title' => _('Eliminar Campo'), 'onclick' => 'sysPassUtil.Common.appMgmtDelete(this,' . self::ACTION_MGM_CUSTOMFIELDS_DELETE . ',\'' . $this->view->sk . '\')', 'img' => 'imgs/delete.png', 'icon' => 'delete', 'isdelete' => true)));
$tableProp['cellWidth'] = floor(65 / count($tableProp['tblHeaders']));
$this->view->append('tabs', array('title' => _('Campos Personalizados'), 'query' => \SP\CustomFieldDef::getCustomFields(), 'props' => $tableProp, 'time' => round(microtime() - $this->view->queryTimeStart, 5)));
}
/**
* Inicializar la vista de cambio de clave de usuario
*/
public function getUserPass()
{
$this->setAction(self::ACTION_USR_USERS_EDITPASS);
// Comprobar si el usuario a modificar es distinto al de la sesión
if ($this->view->userId != Session::getUserId() && !$this->checkAccess()) {
return;
}
$this->view->addTemplate('userspass');
$this->view->assign('actionId', self::ACTION_USR_USERS_EDITPASS);
// Obtener de nuevo el token de seguridad por si se habñia regenerado antes
$this->view->assign('sk', SessionUtil::getSessionKey());
}
/**
* Inicialiar la sesión de usuario
*/
private static function initSession()
{
$sessionLifeTime = self::getSessionLifeTime();
// Timeout de sesión
if (Session::getLastActivity() && time() - Session::getLastActivity() > $sessionLifeTime) {
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
}
self::wrLogoutInfo();
session_unset();
session_destroy();
session_start();
return;
}
// Regenerar el Id de sesión periódicamente para evitar fijación
if (Session::getSidStartTime() === 0) {
Session::setSidStartTime(time());
Session::setStartActivity(time());
} else {
if (Session::getUserId() && time() - Session::getSidStartTime() > $sessionLifeTime / 2) {
$sessionMPass = SessionUtil::getSessionMPass();
session_regenerate_id(true);
Session::setSidStartTime(time());
// Recargar los permisos del perfil de usuario
Session::setUserProfile(Profile::getProfile(Session::getUserProfileId()));
// Regenerar la clave maestra
SessionUtil::saveSessionMPass($sessionMPass);
}
}
Session::setLastActivity(time());
}
/**
* Constructor
*
* @param $template \SP\Template con instancia de plantilla
*/
public function __construct(\SP\Template $template = null)
{
parent::__construct($template);
$this->view->assign('sk', SessionUtil::getSessionKey(true));
$this->setVars();
}