/** * Devolver al navegador archivos CSS y JS comprimidos * Método que devuelve un recurso CSS o JS comprimido. Si coincide el ETAG se * devuelve el código HTTP/304 * * @param bool $disableMinify Deshabilitar minimizar */ public function getMinified($disableMinify = false) { $offset = 3600 * 24 * 30; $nextCheck = time() + $offset; $expire = 'Expires: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', $nextCheck); $etag = $this->getEtag(); $etagMatch = Request::getRequestHeaders('If-None-Match'); $cacheControl = Request::getRequestHeaders('Cache-Control'); $pragma = Request::getRequestHeaders('Pragma'); header('Etag: ' . $etag); header("Cache-Control: public, max-age={$offset}, must-revalidate"); header("Pragma: public; maxage={$offset}"); header($expire); // Devolver código 304 si la versión es la misma y no se solicita refrescar if ($etag == $etagMatch && !($cacheControl == 'no-cache' || $pragma == 'no-cache')) { header($_SERVER["SERVER_PROTOCOL"] . " 304 Not Modified"); exit; } if ($this->_type === self::FILETYPE_JS) { header("Content-type: application/x-javascript; charset: UTF-8"); } elseif ($this->_type === self::FILETYPE_CSS) { header("Content-type: text/css; charset: UTF-8"); } flush(); if ($this->checkZlib() || !ob_start('ob_gzhandler')) { ob_start(); } foreach ($this->_files as $file) { $filePath = $file['base'] . DIRECTORY_SEPARATOR . $file['name']; // Obtener el recurso desde una URL if (preg_match('#^https?://.*#', $file['name'])) { $data = Util::getDataFromUrl($file['name']); if ($data !== false) { echo '/* URL: ' . $file['name'] . ' */' . PHP_EOL; echo $data; } continue; } if (!file_exists($filePath)) { echo '/* ERROR: FILE NOT FOUND: ' . $file['name'] . ' */' . PHP_EOL; error_log('File not found: ' . $filePath); continue; } if ($file['min'] === true && $disableMinify === false) { echo '/* MINIFIED FILE: ' . $file['name'] . ' */' . PHP_EOL; if ($this->_type === self::FILETYPE_JS) { echo $this->jsCompress(file_get_contents($filePath)); } elseif ($this->_type === self::FILETYPE_CSS) { echo CssMin::minify(file_get_contents($filePath)); } } else { echo '/* FILE: ' . $file['name'] . ' */' . PHP_EOL; echo file_get_contents($filePath); } echo PHP_EOL; } ob_end_flush(); }
/** * Establecer las variables necesarias para las plantillas */ private function setVars() { $this->view->assign('isAdmin', \SP\Session::getUserIsAdminApp() || \SP\Session::getUserIsAdminAcc()); $this->view->assign('showGlobalSearch', \SP\Config::getValue('globalsearch', false)); // Comprobar si está creado el objeto de búsqueda en la sesión if (!is_object(\SP\Session::getSearchFilters())) { \SP\Session::setSearchFilters(new \SP\AccountSearch()); } // Obtener el filtro de búsqueda desde la sesión $filters = \SP\Session::getSearchFilters(); // Valores POST $this->view->assign('searchKey', \SP\Request::analyze('skey', $filters->getSortKey())); $this->view->assign('searchOrder', \SP\Request::analyze('sorder', $filters->getSortOrder())); $this->view->assign('searchCustomer', \SP\Request::analyze('customer', $filters->getCustomerId())); $this->view->assign('searchCategory', \SP\Request::analyze('category', $filters->getCategoryId())); $this->view->assign('searchTxt', \SP\Request::analyze('search', $filters->getTxtSearch())); $this->view->assign('searchGlobal', \SP\Request::analyze('gsearch', $filters->getGlobalSearch())); $this->view->assign('limitStart', \SP\Request::analyze('start', $filters->getLimitStart())); $this->view->assign('limitCount', \SP\Request::analyze('rpp', $filters->getLimitCount())); }
* @link http://syspass.org * @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org * * This file is part of sysPass. * * sysPass is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * sysPass is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with sysPass. If not, see <http://www.gnu.org/licenses/>. * */ use SP\Request; define('APP_ROOT', '..'); require APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php'; require APP_ROOT . DIRECTORY_SEPARATOR . 'js' . DIRECTORY_SEPARATOR . 'strings.js.php'; Request::checkReferer('GET'); $data = array('lang' => $stringsJsLang, 'app_root' => SP\Init::$WEBURI, 'pk' => ''); try { $CryptPKI = new SP\CryptPKI(); $data['pk'] = SP\Session::getPublicKey() ? SP\Session::getPublicKey() : $CryptPKI->getPublicKey(); } catch (Exception $e) { } SP\Response::printJSON($data, 0);
* (at your option) any later version. * * sysPass is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with sysPass. If not, see <http://www.gnu.org/licenses/>. * */ use SP\Request; use SP\SessionUtil; define('APP_ROOT', '..'); require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php'; Request::checkReferer('POST'); if (!SP\Init::isLoggedIn()) { SP\Response::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10); } $sk = SP\Request::analyze('sk', false); if (!$sk || !SessionUtil::checkSessionKey($sk)) { SP\Response::printJSON(_('CONSULTA INVÁLIDA')); } // Variables POST del formulario //$frmSaveType = SP_Request::analyze('savetyp', 0); $actionId = SP\Request::analyze('actionId', 0); $accountId = SP\Request::analyze('accountid', 0); $customerId = SP\Request::analyze('customerId', 0); $newCustomer = SP\Request::analyze('customer_new'); $accountName = SP\Request::analyze('name'); $accountLogin = SP\Request::analyze('login');
use SP\Minify; define('APP_ROOT', '..'); require APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php'; $file = \SP\Request::analyze('f'); $base = \SP\Request::analyze('b'); if (!$file) { $Minify = new Minify(); $Minify->setType(Minify::FILETYPE_JS); $Minify->setBase(__DIR__); $Minify->addFile('jquery-1.11.2.min.js'); $Minify->addFile('jquery-ui.min.js'); $Minify->addFile('jquery.fancybox.pack.js'); $Minify->addFile('jquery.powertip.min.js'); $Minify->addFile('chosen.jquery.min.js'); $Minify->addFile('alertify.min.js'); $Minify->addFile('jquery.fileDownload.min.js'); $Minify->addFile('jquery.filedrop.min.js'); $Minify->addFile('jquery.tagsinput.min.js'); $Minify->addFile('clipboard.min.js'); $Minify->addFile('zxcvbn-async.min.js'); $Minify->addFile('jsencrypt.min.js'); $Minify->addFile('functions.min.js'); $Minify->getMinified(); } elseif ($file && $base) { $base = \SP\Request::analyze('b'); $Minify = new Minify(); $Minify->setType(Minify::FILETYPE_JS); $Minify->setBase(\SP\Init::$SERVERROOT . urldecode($base)); $Minify->addFile(urldecode($file)); $Minify->getMinified(); }
/** * Obtener los datos para la vista de archivos de una cuenta */ public function getFiles() { $this->setAction(self::ACTION_ACC_FILES); $this->view->assign('accountId', \SP\Request::analyze('id', 0)); $this->view->assign('deleteEnabled', \SP\Request::analyze('del', 0)); $this->view->assign('files', \SP\Files::getFileList($this->view->accountId)); if (!is_array($this->view->files) || count($this->view->files) === 0) { return; } $this->view->addTemplate('files'); $this->view->assign('sk', SessionUtil::getSessionKey()); }
/** * Comprobar si hay que ejecutar acciones de URL después del login. * * @return bool */ public static function checkPostLoginActions() { if (!Request::analyze('a', '', true)) { return false; } $action = Request::analyze('a'); $controller = new Controller\MainC(null, 'main'); switch ($action) { case 'accView': $itemId = Request::analyze('i'); $onLoad = 'doAction(' . ActionsInterface::ACTION_ACC_VIEW . ',' . ActionsInterface::ACTION_ACC_SEARCH . ',' . $itemId . ')'; $controller->getMain($onLoad); $controller->view(); break; default: return false; } return true; }
/** * Obtener los datos para el interface de autentificación en 2 pasos */ public function get2FA() { if (Request::analyze('f', 0) === 1) { $this->view->addTemplate('2fa'); $this->view->assign('action', Request::analyze('a')); $this->view->assign('userId', Request::analyze('i')); $this->view->assign('time', Request::analyze('t')); } else { $this->view->assign('showLogo', true); $this->showError(self::ERR_UNAVAILABLE, false); } $this->view->addTemplate('footer'); $this->view->addTemplate('body-end'); }
* You should have received a copy of the GNU General Public License * along with sysPass. If not, see <http://www.gnu.org/licenses/>. * */ define('APP_ROOT', '.'); require APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php'; try { $ApiRequest = new \SP\ApiRequest(); switch ($ApiRequest->getAction()) { case \SP\Controller\ActionsInterface::ACTION_ACC_VIEW: $itemId = \SP\Request::analyze(\SP\ApiRequest::ITEM, 0); $out = $ApiRequest->getApi()->getAccountData($itemId); break; case \SP\Controller\ActionsInterface::ACTION_ACC_VIEW_PASS: $ApiRequest->addVar('userPass', \SP\ApiRequest::analyze(\SP\ApiRequest::USER_PASS)); $itemId = \SP\Request::analyze(\SP\ApiRequest::ITEM, 0); $out = $ApiRequest->getApi()->getAccountPassword($itemId); break; case \SP\Controller\ActionsInterface::ACTION_ACC_SEARCH: $search = \SP\Request::analyze(\SP\ApiRequest::SEARCH); $count = \SP\Request::analyze(\SP\ApiRequest::SEARCH_COUNT, 10); $out = $ApiRequest->getApi()->getAccountSearch($search, $count); break; default: throw new Exception(_('Acción Inválida')); } } catch (Exception $e) { \SP\Response::printJSON(array($e->getMessage(), _('Ayuda Parámetros') => \SP\ApiRequest::getHelp())); } header('Content-type: application/json'); echo $out;