static function getMenuContent() { global $CFG_GLPI; $image = "<img src='" . $CFG_GLPI["root_doc"] . "/plugins/accounts/pics/cadenas.png' title='" . _n('Encryption key', 'Encryption keys', 2) . "' alt='" . _n('Encryption key', 'Encryption keys', 2, 'accounts') . "'>"; $menu = array(); $menu['title'] = self::getMenuName(); $menu['page'] = "/plugins/accounts/front/account.php"; $menu['page'] = "/plugins/accounts/front/account.php"; $menu['links']['search'] = PluginAccountsAccount::getSearchURL(false); $menu['links'][$image] = PluginAccountsHash::getSearchURL(false); if (PluginAccountsAccount::canCreate()) { $menu['links']['add'] = PluginAccountsAccount::getFormURL(false); } $menu['options']['account']['title'] = PluginAccountsAccount::getTypeName(2); $menu['options']['account']['page'] = PluginAccountsAccount::getSearchURL(false); $menu['options']['account']['links']['search'] = PluginAccountsAccount::getSearchURL(false); $menu['options']['account']['links'][$image] = PluginAccountsHash::getSearchURL(false); if (PluginAccountsAccount::canCreate()) { $menu['options']['account']['links']['add'] = PluginAccountsAccount::getFormURL(false); } $menu['options']['hash']['title'] = PluginAccountsHash::getTypeName(2); $menu['options']['hash']['page'] = PluginAccountsHash::getSearchURL(false); $menu['options']['hash']['links']['search'] = PluginAccountsHash::getSearchURL(false); $menu['options']['hash']['links'][$image] = PluginAccountsHash::getSearchURL(false); if (PluginAccountsHash::canCreate()) { $menu['options']['hash']['links']['add'] = PluginAccountsHash::getFormURL(false); } return $menu; }
but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with accounts. If not, see <http://www.gnu.org/licenses/>. -------------------------------------------------------------------------- */ include '../../../inc/includes.php'; if (!isset($_GET["id"])) { $_GET["id"] = ""; } $plugin = new Plugin(); if ($plugin->isActivated("accounts")) { Session::checkRight("config", UPDATE); $PluginAccountsHash = new PluginAccountsHash(); $PluginAccountsHash->getFromDB(1); $hash = $PluginAccountsHash->fields["hash"]; $update = 0; if (countElementsInTable("glpi_plugin_accounts_accounts") > 0) { $update = 1; } if (empty($hash)) { if ($plugin->isActivated("environment")) { Html::header(PluginAccountsAccount::getTypeName(2), '', "assets", "pluginenvironmentdisplay", "accounts"); } else { Html::header(PluginAccountsAccount::getTypeName(2), '', "assets", "pluginaccountsmenu", "account"); } if ($_SESSION['glpiactive_entity'] == 0) { if ($update == 1) { echo "<div class='center b'>" . __('Upgrade') . "</div><br><br>";
public static function showAccountsList($values, $list) { global $CFG_GLPI; $ID = $values["id"]; $aeskey = $values["aeskey"]; $PluginAccountsHash = new PluginAccountsHash(); $PluginAccountsHash->getFromDB($ID); $hash = $PluginAccountsHash->fields["hash"]; $default_values["start"] = $start = 0; $default_values["id"] = $id = 0; $default_values["export"] = $export = false; foreach ($default_values as $key => $val) { if (isset($values[$key])) { ${$key} = $values[$key]; } } // Set display type for export if define $output_type = Search::HTML_OUTPUT; if (isset($values["display_type"])) { $output_type = $values["display_type"]; } $header_num = 1; $nbcols = 4; $row_num = 1; $numrows = 1; $parameters = "id=" . $ID . "&aeskey=" . $aeskey; if ($output_type == Search::HTML_OUTPUT && !empty($list)) { self::printPager($start, $numrows, $_SERVER['PHP_SELF'], $parameters, "PluginAccountsReport"); } echo Search::showHeader($output_type, 1, $nbcols, 1); echo Search::showNewLine($output_type); echo Search::showHeaderItem($output_type, __('Name'), $header_num); if (Session::isMultiEntitiesMode()) { echo Search::showHeaderItem($output_type, __('Entity'), $header_num); } echo Search::showHeaderItem($output_type, __('Type'), $header_num); echo Search::showHeaderItem($output_type, __('Login'), $header_num); echo Search::showHeaderItem($output_type, __('Uncrypted password', 'accounts'), $header_num); echo Search::showEndLine($output_type); if (!empty($list)) { foreach ($list as $user => $field) { $row_num++; $item_num = 1; echo Search::showNewLine($output_type); $IDc = $field["id"]; if ($output_type == Search::HTML_OUTPUT) { echo "<input type='hidden' name='hash_id' value='" . $ID . "'>"; echo "<input type='hidden' name='id[{$IDc}]' value='" . $IDc . "'>"; } $name = "<a href='" . $CFG_GLPI["root_doc"] . "/plugins/accounts/front/account.form.php?id=" . $IDc . "'>" . $field["name"]; if ($_SESSION["glpiis_ids_visible"]) { $name .= " (" . $IDc . ")"; } $name .= "</a>"; echo Search::showItem($output_type, $name, $item_num, $row_num); if ($output_type == Search::HTML_OUTPUT) { echo "<input type='hidden' name='name[{$IDc}]' value='" . $field["name"] . "'>"; } if (Session::isMultiEntitiesMode()) { echo Search::showItem($output_type, $field['entities_id'], $item_num, $row_num); if ($output_type == Search::HTML_OUTPUT) { echo "<input type='hidden' name='entities_id[{$IDc}]' value='" . $field["entities_id"] . "'>"; } } echo Search::showItem($output_type, $field["type"], $item_num, $row_num); if ($output_type == Search::HTML_OUTPUT) { echo "<input type='hidden' name='type[{$IDc}]' value='" . $field["type"] . "'>"; } echo Search::showItem($output_type, $field["login"], $item_num, $row_num); if ($output_type == Search::HTML_OUTPUT) { echo "<input type='hidden' name='login[{$IDc}]' value='" . $field["login"] . "'>"; } if ($output_type == Search::HTML_OUTPUT) { $encrypted = $field["password"]; echo "<input type='hidden' name='password[{$IDc}]'>"; $pass = "******"; $pass .= "<script language='javascript'>\n var good_hash=\"{$hash}\";\n var hash=SHA256(SHA256(\"{$aeskey}\"));\n if (hash != good_hash) {\n pass = \"" . __('Wrong encryption key', 'accounts') . "\";\n } else {\n pass = AESDecryptCtr(\"{$encrypted}\",SHA256(\"{$aeskey}\"), 256);\n };\n\n document.getElementsByName(\"password[{$IDc}]\").item(0).value = pass;\n\n document.getElementById(\"show_password\${$IDc}\").innerHTML = pass;\n </script>"; echo Search::showItem($output_type, $pass, $item_num, $row_num); } else { echo Search::showItem($output_type, $field["password"], $item_num, $row_num); } echo Search::showEndLine($output_type); } } if ($output_type == Search::HTML_OUTPUT) { Html::closeForm(); } // Display footer echo Search::showFooter($output_type, __('Linked accounts list', 'accounts')); }
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with accounts. If not, see <http://www.gnu.org/licenses/>. -------------------------------------------------------------------------- */ include '../../../inc/includes.php'; Session::checkRight("config", "w"); $plugin = new plugin(); if ($plugin->isActivated("environment")) { Html::header(PluginAccountsAccount::getTypeName(2), '', "plugins", "environment", "accounts"); } else { Html::header(PluginAccountsAccount::getTypeName(2), '', "plugins", "accounts"); } $PluginAccountsHash = new PluginAccountsHash(); $account = new PluginAccountsAccount(); if (isset($_POST["update_encrypted_password"]) && isset($_POST["item"])) { foreach ($_POST["upgrade_accounts"] as $key => $val) { foreach ($_POST["item"] as $key2 => $val2) { $encrypted_password = "******" . $key2; $_POST[$encrypted_password] = addslashes($_POST[$encrypted_password]); if (isset($_POST[$encrypted_password]) && $_POST[$encrypted_password]) { $query = "UPDATE `glpi_plugin_accounts_accounts`\n SET `encrypted_password` ='" . $_POST[$encrypted_password] . "'\n WHERE `id` ='" . $key2 . "' ;"; $result = $DB->query($query); $_SESSION['plugin_accounts']['upgrade'][] = $key2; } } } Html::back(); } else {
accounts is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with accounts. If not, see <http://www.gnu.org/licenses/>. -------------------------------------------------------------------------- */ include '../../../inc/includes.php'; if (!isset($_GET["id"])) { $_GET["id"] = ""; } $account = new PluginAccountsAccount(); $account->checkGlobal(UPDATE); $hashClass = new PluginAccountsHash(); $update = 0; if (countElementsInTable("glpi_plugin_accounts_accounts") > 0) { $update = 1; } if (isset($_POST["add"])) { $hashClass->check(-1, CREATE, $_POST); $newID = $hashClass->add($_POST); $hashClass->redirectToList(); } else { if (isset($_POST["upgrade"])) { if ($_POST["hash"]) { include_once GLPI_ROOT . "/plugins/accounts/hook.php"; $_SESSION['plugin_accounts']['aescrypted_key'] = $_POST["aeskey"]; $hashClass->update($_POST); plugin_accounts_configure15();
/** * Print the acccount form * * @param $ID integer ID of the item * @param $options array * - target for the Form * - withtemplate template or basic computer * * @return Nothing (display) **/ public function showForm($ID, $options = array()) { if (!$this->canView()) { return false; } $hashclass = new PluginAccountsHash(); $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', '', $hashclass->maybeRecursive()); if ($ID < 1 && countElementsInTable("glpi_plugin_accounts_hashes", $restrict) == 0) { echo "<div class='center'>" . __('There is no encryption key for this entity', 'accounts') . "<br><br>"; echo "<a href='" . Toolbox::getItemTypeSearchURL('PluginAccountsAccount') . "'>"; _e('Back'); echo "</a></div>"; return false; } /* if ($ID > 0) { $this->check($ID, READ); if (!Session::haveRight("plugin_accounts_see_all_users", 1)) { $access = 0; if (Session::haveRight("plugin_accounts_my_groups", 1)) { if ($this->fields["groups_id"]) { if (count($_SESSION['glpigroups']) && in_array($this->fields["groups_id"], $_SESSION['glpigroups']) ) { $access = 1; } } if ($this->fields["users_id"]) { if ($this->fields["users_id"] == Session::getLoginUserID()) $access = 1; } } if (!Session::haveRight("plugin_accounts_my_groups", 1) && $this->fields["users_id"] == Session::getLoginUserID() ) $access = 1; if ($access != 1) return false; } } else { // Create item $this->check(-1, UPDATE); $this->getEmpty(); } */ $options["formoptions"] = "id = 'account_form'"; $this->initForm($ID, $options); $this->showFormHeader($options); echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Name') . "</td>"; echo "<td>"; Html::autocompletionTextField($this, "name"); echo "</td>"; echo "<td>" . __('Status') . "</td><td>"; Dropdown::show('PluginAccountsAccountState', array('value' => $this->fields["plugin_accounts_accountstates_id"])); echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Login') . "</td>"; echo "<td>"; Html::autocompletionTextField($this, "login"); echo "</td>"; echo "<td>" . __('Type') . "</td><td>"; Dropdown::show('PluginAccountsAccountType', array('value' => $this->fields["plugin_accounts_accounttypes_id"])); echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; //hash $hash = 0; $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', $this->getEntityID(), $hashclass->maybeRecursive()); $hashes = getAllDatasFromTable("glpi_plugin_accounts_hashes", $restrict); if (!empty($hashes)) { foreach ($hashes as $hashe) { $hash = $hashe["hash"]; $hash_id = $hashe["id"]; } $alert = ''; } else { $alert = __('There is no encryption key for this entity', 'accounts'); } $aeskey = new PluginAccountsAesKey(); //aeskey non enregistre if ($hash) { if (!$aeskey->getFromDBByHash($hash_id) || !$aeskey->fields["name"]) { echo "<td>" . __('Encryption key', 'accounts') . "</div></td><td>"; echo "<input type='password' autocomplete='off' name='aeskey' id='aeskey'>"; echo Html::hidden('encrypted_password', array('value' => $this->fields["encrypted_password"], 'id' => 'encrypted_password')); echo Html::hidden('good_hash', array('value' => $hash, 'id' => 'good_hash')); echo Html::hidden('wrong_key_locale', array('value' => __('Wrong encryption key', 'accounts'), 'id' => 'wrong_key_locale')); if (!empty($ID) || $ID > 0) { $url = $this->getFormURL(); echo " <input type='button' id='decrypte_link' name='decrypte' value='" . __s('Uncrypt', 'accounts') . "'\n class='submit'>"; } echo "</td>"; } else { echo "<td></td><td>"; echo "</td>"; } } else { echo "<td>" . __('Encryption key', 'accounts') . "</div></td><td><div class='red'>"; echo $alert; echo "</div></td>"; } if ($_SESSION['glpiactiveprofile']['interface'] == 'central') { echo "<td>" . __('Affected User', 'accounts') . "</td><td>"; if ($this->canCreate()) { User::dropdown(array('value' => $this->fields["users_id"], 'entity' => $this->fields["entities_id"], 'right' => 'all')); } else { echo getUserName($this->fields["users_id"]); } echo "</td>"; } else { echo "<td>" . __('Affected User', 'accounts') . "</td><td>"; echo getUserName($this->fields["users_id"]); echo "</td>"; } echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Password') . "</td>"; echo "<td>"; //aeskey enregistre if (isset($hash_id) && $aeskey->getFromDBByHash($hash_id) && $aeskey->fields["name"]) { echo Html::hidden('good_hash', array('value' => $hash, 'id' => 'good_hash')); echo Html::hidden('aeskey', array('value' => $aeskey->fields["name"], 'id' => 'aeskey', 'autocomplete' => 'off')); echo Html::hidden('encrypted_password', array('value' => $this->fields["encrypted_password"], 'id' => 'encrypted_password')); echo Html::hidden('wrong_key_locale', array('value' => __('Wrong encryption key', 'accounts'), 'id' => 'wrong_key_locale')); echo Html::scriptBlock("auto_decrypt();"); } echo "<input type='text' name='hidden_password' id='hidden_password' size='30' >"; echo "</td>"; if ($_SESSION['glpiactiveprofile']['interface'] == 'central') { echo "<td>" . __('Affected Group', 'accounts') . "</td><td>"; if (self::canCreate()) { Dropdown::show('Group', array('value' => $this->fields["groups_id"], 'condition' => '`is_itemgroup`')); } else { echo Dropdown::getDropdownName("glpi_groups", $this->fields["groups_id"]); } echo "</td>"; } else { echo "<td>" . __('Affected Group', 'accounts') . ":\t</td><td>"; echo Dropdown::getDropdownName("glpi_groups", $this->fields["groups_id"]); echo "</td>"; } echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Creation date') . "</td>"; echo "<td>"; Html::showDateFormItem("date_creation", $this->fields["date_creation"], true, true); echo "</td>"; echo "<td>" . __('Technician in charge of the hardware') . "</td>"; echo "<td>"; User::dropdown(array('name' => "users_id_tech", 'value' => $this->fields["users_id_tech"], 'entity' => $this->fields["entities_id"], 'right' => 'interface')); echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Expiration date') . " "; Html::showToolTip(nl2br(__('Empty for infinite', 'accounts'))); echo "</td>"; echo "<td>"; Html::showDateFormItem("date_expiration", $this->fields["date_expiration"], true, true); echo "</td>"; echo "<td>" . __('Group in charge of the hardware') . "</td><td>"; Group::dropdown(array('name' => 'groups_id_tech', 'value' => $this->fields['groups_id_tech'], 'condition' => '`is_assign`')); echo "</td>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Others') . "</td>"; echo "<td>"; Html::autocompletionTextField($this, "others"); echo "</td>"; echo "<td>" . __('Location') . "</td><td>"; Location::dropdown(array('value' => $this->fields["locations_id"], 'entity' => $this->fields["entities_id"])); echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td colspan = '4'>"; echo "<table cellpadding='2' cellspacing='2' border='0'><tr><td>"; echo __('Comments') . "</td></tr>"; echo "<tr><td class='center'>"; echo "<textarea cols='125' rows='3' name='comment'>" . $this->fields["comment"] . "</textarea>"; echo "</td></tr></table>"; echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Associable to a ticket') . "</td><td>"; Dropdown::showYesNo('is_helpdesk_visible', $this->fields['is_helpdesk_visible']); echo "</td>"; echo "<td colspan='2'>"; printf(__('Last update on %s'), Html::convDateTime($this->fields["date_mod"])); echo "</td>"; echo "</tr>"; if (self::canCreate()) { if (empty($ID) || $ID < 0) { echo "<tr>"; echo "<td class='tab_bg_2 top' colspan='4'>"; echo "<div align='center'>"; echo "<input type='submit' name='add' id='account_add' value='" . _sx('button', 'Add') . "' class='submit'>"; echo "</div>"; echo Html::scriptBlock("\$('#account_form').submit(function(event){\n if (\$('#hidden_password').val() == '' || \$('#aeskey').val() == '') {\n alert('" . __('You have not filled the password and encryption key', 'accounts') . "');\n return false;\n };\n if (!check_hash()) {\n alert('" . __('Wrong encryption key', 'accounts') . "');\n return false;\n } else {\n encrypt_password();\n }\n });"); echo "</td>"; echo "</tr>"; } else { echo "<tr>"; echo "<td class='tab_bg_2' colspan='4 top'><div align='center'>"; echo "<input type='hidden' name='id' value=\"{$ID}\">"; echo "<input type='submit' name='update' id='account_update' value=\"" . _sx('button', 'Save') . "\" class='submit' >"; echo Html::scriptBlock("\$('#account_form').submit(function(event){\n if (\$('#hidden_password').val() == '' || \$('#aeskey').val() == '') {\n alert('" . __('Password will not be modified', 'accounts') . "');\n } else if (!check_hash()) {\n alert('" . __('Wrong encryption key', 'accounts') . "');\n return false;\n } else {\n encrypt_password();\n }\n });"); if ($this->fields["is_deleted"] == '0') { echo " <input type='submit' name='delete' value=\"" . _sx('button', 'Put in dustbin') . "\" class='submit'></div>"; } else { echo " <input type='submit' name='restore' value=\"" . _sx('button', 'Restore') . "\" class='submit'>"; echo " <input type='submit' name='purge' value=\"" . _sx('button', 'Delete permanently') . "\" class='submit'></div>"; } echo "</td>"; echo "</tr>"; } } $options['canedit'] = false; $options['candel'] = false; $this->showFormButtons($options); Html::closeForm(); return true; }
accounts is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with accounts. If not, see <http://www.gnu.org/licenses/>. -------------------------------------------------------------------------- */ include '../../../inc/includes.php'; if (!isset($_GET["id"])) { $_GET["id"] = ""; } $account = new PluginAccountsAccount(); $account->checkGlobal("w"); $hashClass = new PluginAccountsHash(); $update = 0; if (countElementsInTable("glpi_plugin_accounts_accounts") > 0) { $update = 1; } if (isset($_POST["add"])) { $hashClass->check(-1, 'w', $_POST); $newID = $hashClass->add($_POST); $hashClass->redirectToList(); } else { if (isset($_POST["upgrade"])) { if ($_POST["hash"]) { include_once GLPI_ROOT . "/plugins/accounts/hook.php"; $_SESSION['plugin_accounts']['aescrypted_key'] = $_POST["aeskey"]; $hashClass->update($_POST); plugin_accounts_configure15();
/** * Show accounts associated to an item * * @since version 0.84 * * @param $item CommonDBTM object for which associated accounts must be displayed * @param $withtemplate (default '') **/ static function showForItem(CommonDBTM $item, $withtemplate = '') { global $DB, $CFG_GLPI; $ID = $item->getField('id'); if ($item->isNewID($ID)) { return false; } if (!plugin_accounts_haveRight('accounts', 'r')) { return false; } if (!$item->can($item->fields['id'], 'r')) { return false; } if (empty($withtemplate)) { $withtemplate = 0; } $canedit = $item->canadditem('PluginAccountsAccount'); $rand = mt_rand(); $is_recursive = $item->isRecursive(); $who = Session::getLoginUserID(); if (count($_SESSION["glpigroups"]) && plugin_accounts_haveRight("my_groups", "r")) { $first_groups = true; $groups = ""; foreach ($_SESSION['glpigroups'] as $val) { if (!$first_groups) { $groups .= ","; } else { $first_groups = false; } $groups .= "'" . $val . "'"; } $ASSIGN = "( `groups_id` IN ({$groups}) OR `users_id` = '{$who}') "; } else { // Only personal ones $ASSIGN = " `users_id` = '{$who}' "; } $query = "SELECT `glpi_plugin_accounts_accounts_items`.`id` AS assocID,\n `glpi_entities`.`id` AS entity,\n `glpi_plugin_accounts_accounts`.`name` AS assocName,\n `glpi_plugin_accounts_accounts`.*\n FROM `glpi_plugin_accounts_accounts_items`\n LEFT JOIN `glpi_plugin_accounts_accounts`\n ON (`glpi_plugin_accounts_accounts_items`.`plugin_accounts_accounts_id`=`glpi_plugin_accounts_accounts`.`id`)\n LEFT JOIN `glpi_entities` ON (`glpi_plugin_accounts_accounts`.`entities_id`=`glpi_entities`.`id`)\n WHERE `glpi_plugin_accounts_accounts_items`.`items_id` = '{$ID}'\n AND `glpi_plugin_accounts_accounts_items`.`itemtype` = '" . $item->getType() . "' "; $query .= getEntitiesRestrictRequest(" AND", "glpi_plugin_accounts_accounts", '', '', true); if (!plugin_accounts_haveRight("all_users", "r")) { $query .= " AND {$ASSIGN} "; } $query .= " ORDER BY `assocName`"; $result = $DB->query($query); $number = $DB->numrows($result); $i = 0; $accounts = array(); $account = new PluginAccountsAccount(); $used = array(); if ($numrows = $DB->numrows($result)) { while ($data = $DB->fetch_assoc($result)) { $accounts[$data['assocID']] = $data; $used[$data['id']] = $data['id']; } } if ($canedit && $withtemplate < 2) { // Restrict entity for knowbase $entities = ""; $entity = $_SESSION["glpiactive_entity"]; if ($item->isEntityAssign()) { /// Case of personal items : entity = -1 : create on active entity (Reminder case)) if ($item->getEntityID() >= 0) { $entity = $item->getEntityID(); } if ($item->isRecursive()) { $entities = getSonsOf('glpi_entities', $entity); } else { $entities = $entity; } } $limit = getEntitiesRestrictRequest(" AND ", "glpi_plugin_accounts_accounts", '', $entities, true); $q = "SELECT COUNT(*)\n FROM `glpi_plugin_accounts_accounts`\n WHERE `is_deleted` = '0'\n {$limit}"; $result = $DB->query($q); $nb = $DB->result($result, 0, 0); echo "<div class='firstbloc'>"; if (plugin_accounts_haveRight('accounts', 'r') && $nb > count($used)) { echo "<form name='account_form{$rand}' id='account_form{$rand}' method='post'\n action='" . Toolbox::getItemTypeFormURL('PluginAccountsAccount') . "'>"; echo "<table class='tab_cadre_fixe'>"; echo "<tr class='tab_bg_1'>"; echo "<td colspan='4' class='center'>"; echo "<input type='hidden' name='entities_id' value='{$entity}'>"; echo "<input type='hidden' name='is_recursive' value='{$is_recursive}'>"; echo "<input type='hidden' name='itemtype' value='" . $item->getType() . "'>"; echo "<input type='hidden' name='items_id' value='{$ID}'>"; if ($item->getType() == 'Ticket') { echo "<input type='hidden' name='tickets_id' value='{$ID}'>"; } $account->dropdownAccounts("plugin_accounts_accounts_id", $entities, $used); echo "</td><td class='center' width='20%'>"; echo "<input type='submit' name='additem' value=\"" . _sx('button', 'Associate a account', 'accounts') . "\" class='submit'>"; echo "</td>"; echo "</tr>"; echo "</table>"; Html::closeForm(); } echo "</div>"; } echo "<div class='spaced'>"; if ($canedit && $number && $withtemplate < 2) { Html::openMassiveActionsForm('mass' . __CLASS__ . $rand); $massiveactionparams = array('num_displayed' => $number); Html::showMassiveActions(__CLASS__, $massiveactionparams); } echo "<table class='tab_cadre_fixe'>"; if (Session::isMultiEntitiesMode()) { $colsup = 1; } else { $colsup = 0; } //hash $hashclass = new PluginAccountsHash(); $hash = 0; $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', $item->getEntityID(), $hashclass->maybeRecursive()); $hashes = getAllDatasFromTable("glpi_plugin_accounts_hashes", $restrict); if (!empty($hashes)) { foreach ($hashes as $hashe) { $hash = $hashe["hash"]; $hash_id = $hashe["id"]; } $alert = ''; } else { $alert = __('There is no encryption key for this entity', 'accounts'); } $aeskey = new PluginAccountsAesKey(); if ($hash) { if (!$aeskey->getFromDBByHash($hash_id) || !$aeskey->fields["name"]) { echo "<tr><th colspan='" . (8 + $colsup) . "'>"; _e('Encryption key', 'accounts'); echo "<input type='password' name='aescrypted_key' id= 'aescrypted_key' autocomplete='off'>"; echo "</th></tr>"; } } else { echo "<tr><th colspan='" . (8 + $colsup) . "'>"; echo __('Encryption key', 'accounts') . "<div class='red'>"; echo $alert; echo "</div>"; echo "</th></tr>"; } echo "<tr>"; if ($canedit && $number && $withtemplate < 2) { echo "<th width='10'>" . Html::getCheckAllAsCheckbox('mass' . __CLASS__ . $rand) . "</th>"; } echo "<th>" . __('Name') . "</th>"; if (Session::isMultiEntitiesMode()) { echo "<th>" . __('Entity') . "</th>"; } echo "<th>" . __('Login') . "</th>"; echo "<th>" . __('Password') . "</th>"; echo "<th>" . __('Affected User', 'accounts') . "</th>"; echo "<th>" . __('Type') . "</th>"; echo "<th>" . __('Creation date') . "</th>"; echo "<th>" . __('Expiration date') . "</th>"; echo "</tr>"; $used = array(); if ($number) { Session::initNavigateListItems('PluginAccountsAccount', sprintf(__('%1$s = %2$s'), $item->getTypeName(1), $item->getName())); foreach ($accounts as $data) { $accountID = $data["id"]; $link = NOT_AVAILABLE; if ($account->getFromDB($accountID)) { $link = $account->getLink(); } Session::addToNavigateListItems('PluginAccountsAccount', $accountID); $used[$accountID] = $accountID; $assocID = $data["assocID"]; echo "<tr class='tab_bg_1" . ($data["is_deleted"] ? "_2" : "") . "'>"; if ($canedit && $withtemplate < 2) { echo "<td width='10'>"; Html::showMassiveActionCheckBox(__CLASS__, $data["assocID"]); echo "</td>"; } echo "<td class='center'>{$link}</td>"; if (Session::isMultiEntitiesMode()) { echo "<td class='center'>" . Dropdown::getDropdownName("glpi_entities", $data['entities_id']) . "</td>"; } echo "<td class='center'>" . $data["login"] . "</td>"; echo "<td class='center'>"; //hash if (isset($hash_id) && $aeskey->getFromDBByHash($hash_id) && $aeskey->fields["name"]) { echo "<input type='hidden' name='aeskey' id= 'aeskey'\n value='" . $aeskey->fields["name"] . "' class='' autocomplete='off'>"; echo "<input type='hidden' autocomplete='off'\n name='encrypted_password\${$accountID}' value='" . $data["encrypted_password"] . "'>"; echo "<input type='text' name='hidden_password\${$accountID}' value='' size='30' >"; echo "<script language='javascript'>\n var good_hash=\"{$hash}\";\n var hash=SHA256(SHA256(document.getElementById(\"aeskey\").value));\n if (hash != good_hash) {\n document.getElementsByName(\"hidden_password\${$accountID}\").\n item(0).value=\"" . __s('Wrong encryption key', 'accounts') . "\";\n } else {\n document.getElementsByName(\"hidden_password\${$accountID}\").\n item(0).value=AESDecryptCtr(document.getElementsByName(\"encrypted_password\${$accountID}\").\n item(0).value,SHA256(document.getElementById(\"aeskey\").value), 256)};</script>"; } else { $url = $CFG_GLPI["root_doc"] . "/plugins/accounts/front/account.form.php"; echo " <input type='button' id='decrypte_link{$accountID}' name='decrypte' value='" . __s('Uncrypt', 'accounts') . "'\n class='submit' onclick='return false;'>"; echo "<script type='text/javascript'>\n Ext.get('decrypte_link{$accountID}').on('click', function () {\n\n Ext.Ajax.request({\n url: '../plugins/accounts/ajax/get_new_crsf_token.php',\n success: function(response, opts) {\n var token = response.responseText;\n Ext.select('#account_form input[name=_glpi_csrf_token]')\n .set({'value': token});\n\n },\n failure: function(response, opts) {\n console.log('server-side failure with status code ' + response.status);\n }\n });\n\n var good_hash=\"{$hash}\";\n var hash=SHA256(SHA256(document.getElementById(\"aescrypted_key\").value));\n if (hash != good_hash) {\n alert(\"" . __('Wrong encryption key', 'accounts') . "\");\n return false;\n };\n alert(AESDecryptCtr(\"" . $data['encrypted_password'] . "\",\n SHA256(document.getElementById(\"aescrypted_key\").value),\n 256));\n\n callAjax(\"{$url}\",\n \"{$accountID}\" ,\n document.getElementsByName(\"name\").item(0).value,\n document.getElementsByName(\"_glpi_csrf_token\").item(0).value);\n\n });\n </script>"; } echo "</td>"; echo "<td class='center'>"; echo getUsername($data["users_id"]); echo "</td>"; echo "<td class='center'>"; echo Dropdown::getDropdownName("glpi_plugin_accounts_accounttypes", $data["plugin_accounts_accounttypes_id"]); echo "</td>"; echo "<td class='center'>" . Html::convdate($data["date_creation"]) . "</td>"; if ($data["date_expiration"] <= date('Y-m-d') && !empty($data["date_expiration"])) { echo "<td class='center'>"; echo "<div class='deleted'>" . Html::convdate($data["date_expiration"]) . "</div>"; echo "</td>"; } else { if (empty($data["date_expiration"])) { echo "<td class='center'>" . __('Don\'t expire', 'accounts') . "</td>"; } else { echo "<td class='center'>" . Html::convdate($data["date_expiration"]) . "</td>"; } } echo "</tr>"; $i++; } } echo "</table>"; if ($canedit && $number && $withtemplate < 2) { $massiveactionparams['ontop'] = false; Html::showMassiveActions(__CLASS__, $massiveactionparams); Html::closeForm(); } echo "</div>"; }
/** * Show accounts associated to an item * * @since version 0.84 * * @param $item CommonDBTM object for which associated accounts must be displayed * @param $withtemplate (default '') **/ static function showForItem(CommonDBTM $item, $withtemplate = '') { global $DB, $CFG_GLPI; $ID = $item->getField('id'); if ($item->isNewID($ID)) { return false; } if (!Session::haveRight("plugin_accounts", READ)) { return false; } if (!$item->can($item->fields['id'], READ)) { return false; } if (empty($withtemplate)) { $withtemplate = 0; } $canedit = $item->canadditem('PluginAccountsAccount'); $rand = mt_rand(); $is_recursive = $item->isRecursive(); $who = Session::getLoginUserID(); if (count($_SESSION["glpigroups"]) && Session::haveRight("plugin_accounts_my_groups", 1)) { $first_groups = true; $groups = ""; foreach ($_SESSION['glpigroups'] as $val) { if (!$first_groups) { $groups .= ","; } else { $first_groups = false; } $groups .= "'" . $val . "'"; } $ASSIGN = "( `groups_id` IN ({$groups}) OR `users_id` = '{$who}') "; } else { // Only personal ones $ASSIGN = " `users_id` = '{$who}' "; } $query = "SELECT `glpi_plugin_accounts_accounts_items`.`id` AS assocID,\n `glpi_entities`.`id` AS entity,\n `glpi_plugin_accounts_accounts`.`name` AS assocName,\n `glpi_plugin_accounts_accounts`.*\n FROM `glpi_plugin_accounts_accounts_items`\n LEFT JOIN `glpi_plugin_accounts_accounts`\n ON (`glpi_plugin_accounts_accounts_items`.`plugin_accounts_accounts_id`=`glpi_plugin_accounts_accounts`.`id`)\n LEFT JOIN `glpi_entities` ON (`glpi_plugin_accounts_accounts`.`entities_id`=`glpi_entities`.`id`)\n WHERE `glpi_plugin_accounts_accounts_items`.`items_id` = '{$ID}'\n AND `glpi_plugin_accounts_accounts_items`.`itemtype` = '" . $item->getType() . "' "; $query .= getEntitiesRestrictRequest(" AND", "glpi_plugin_accounts_accounts", '', '', true); if (!Session::haveRight("plugin_accounts_see_all_users", 1)) { $query .= " AND {$ASSIGN} "; } $query .= " ORDER BY `assocName`"; $result = $DB->query($query); $number = $DB->numrows($result); $i = 0; $accounts = array(); $account = new PluginAccountsAccount(); $used = array(); if ($numrows = $DB->numrows($result)) { while ($data = $DB->fetch_assoc($result)) { $accounts[$data['assocID']] = $data; $used[$data['id']] = $data['id']; } } if ($canedit && $withtemplate < 2) { // Restrict entity for knowbase $entities = ""; $entity = $_SESSION["glpiactive_entity"]; if ($item->isEntityAssign()) { /// Case of personal items : entity = -1 : create on active entity (Reminder case)) if ($item->getEntityID() >= 0) { $entity = $item->getEntityID(); } if ($item->isRecursive()) { $entities = getSonsOf('glpi_entities', $entity); } else { $entities = $entity; } } $limit = getEntitiesRestrictRequest(" AND ", "glpi_plugin_accounts_accounts", '', $entities, true); $q = "SELECT COUNT(*)\n FROM `glpi_plugin_accounts_accounts`\n WHERE `is_deleted` = '0'\n {$limit}"; $result = $DB->query($q); $nb = $DB->result($result, 0, 0); echo "<div class='firstbloc'>"; if (Session::haveRight('plugin_accounts', READ) && $nb > count($used)) { echo "<form name='account_form{$rand}' id='account_form{$rand}' method='post'\n action='" . Toolbox::getItemTypeFormURL('PluginAccountsAccount') . "'>"; echo "<table class='tab_cadre_fixe'>"; echo "<tr class='tab_bg_1'>"; echo "<td colspan='4' class='center'>"; echo "<input type='hidden' name='entities_id' value='{$entity}'>"; echo "<input type='hidden' name='is_recursive' value='{$is_recursive}'>"; echo "<input type='hidden' name='itemtype' value='" . $item->getType() . "'>"; echo "<input type='hidden' name='items_id' value='{$ID}'>"; if ($item->getType() == 'Ticket') { echo "<input type='hidden' name='tickets_id' value='{$ID}'>"; } PluginAccountsAccount::dropdownAccount(array('entity' => $entities, 'used' => $used)); echo "</td><td class='center' width='20%'>"; echo "<input type='submit' name='additem' value=\"" . _sx('button', 'Associate a account', 'accounts') . "\" class='submit'>"; echo "</td>"; echo "</tr>"; echo "</table>"; Html::closeForm(); } echo "</div>"; } echo "<div class='spaced'>"; if ($canedit && $number && $withtemplate < 2) { Html::openMassiveActionsForm('mass' . __CLASS__ . $rand); $massiveactionparams = array('num_displayed' => $number); Html::showMassiveActions($massiveactionparams); } echo "<table class='tab_cadre_fixe'>"; if (Session::isMultiEntitiesMode()) { $colsup = 1; } else { $colsup = 0; } //hash $hashclass = new PluginAccountsHash(); $hash = 0; $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', $item->getEntityID(), $hashclass->maybeRecursive()); $hashes = getAllDatasFromTable("glpi_plugin_accounts_hashes", $restrict); if (!empty($hashes)) { foreach ($hashes as $hashe) { $hash = $hashe["hash"]; $hash_id = $hashe["id"]; } $alert = ''; } else { $alert = __('There is no encryption key for this entity', 'accounts'); } $aeskey = new PluginAccountsAesKey(); echo "<tr><th colspan='" . (8 + $colsup) . "'>"; if ($hash) { if (!$aeskey->getFromDBByHash($hash_id) || !$aeskey->fields["name"]) { _e('Encryption key', 'accounts'); echo "<input type='password' name='aeskey' id='aeskey' autocomplete='off'>"; } else { echo Html::hidden('aeskey', array('value' => $aeskey->fields["name"], 'id' => 'aeskey', 'autocomplete' => 'off')); } } else { echo __('Encryption key', 'accounts'); echo "<div class='red'>"; echo $alert; echo "</div>"; } echo "<tr>"; if ($canedit && $number && $withtemplate < 2) { echo "<th width='10'>" . Html::getCheckAllAsCheckbox('mass' . __CLASS__ . $rand) . "</th>"; } echo "<th>" . __('Name') . "</th>"; if (Session::isMultiEntitiesMode()) { echo "<th>" . __('Entity') . "</th>"; } echo "<th>" . __('Login') . "</th>"; echo "<th>" . __('Password') . "</th>"; echo "<th>" . __('Affected User', 'accounts') . "</th>"; echo "<th>" . __('Type') . "</th>"; echo "<th>" . __('Creation date') . "</th>"; echo "<th>" . __('Expiration date') . "</th>"; echo "</tr>"; $used = array(); if ($number) { Session::initNavigateListItems('PluginAccountsAccount', sprintf(__('%1$s = %2$s'), $item->getTypeName(1), $item->getName())); foreach ($accounts as $data) { $accountID = $data["id"]; $link = NOT_AVAILABLE; if ($account->getFromDB($accountID)) { $link = $account->getLink(); } Session::addToNavigateListItems('PluginAccountsAccount', $accountID); $used[$accountID] = $accountID; $assocID = $data["assocID"]; echo "<tr class='tab_bg_1" . ($data["is_deleted"] ? "_2" : "") . "'>"; if ($canedit && $withtemplate < 2) { echo "<td width='10'>"; Html::showMassiveActionCheckBox(__CLASS__, $data["assocID"]); echo "</td>"; } echo "<td class='center'>{$link}</td>"; if (Session::isMultiEntitiesMode()) { echo "<td class='center'>" . Dropdown::getDropdownName("glpi_entities", $data['entities_id']) . "</td>"; } echo "<td class='center'>" . $data["login"] . "</td>"; echo "<td class='center'>"; //hash if (isset($hash_id) && $aeskey->getFromDBByHash($hash_id) && $aeskey->fields["name"]) { echo Html::hidden("encrypted_password{$accountID}", array('value' => $data["encrypted_password"], 'id' => "encrypted_password{$accountID}", 'autocomplete' => 'off')); echo "<input type='text' id='hidden_password{$accountID}' value='' size='30' >"; echo Html::scriptBlock("\n if (!check_hash()) {\n \$('#hidden_password{$accountID}')\n .after('" . __('Wrong encryption key', 'accounts') . "')\n .remove();\n } else {\n decrypt_password('{$accountID}');\n }\n "); } else { $url = $CFG_GLPI["root_doc"] . "/plugins/accounts/front/account.form.php"; echo " <input type='button' id='decrypt_link{$accountID}' name='decrypte' value='" . __s('Uncrypt', 'accounts') . "'\n class='submit'>"; echo Html::hidden("encrypted_password{$accountID}", array('value' => $data["encrypted_password"], 'id' => "encrypted_password{$accountID}", 'autocomplete' => 'off')); echo Html::scriptBlock("\$(document).on('click', '#decrypt_link{$accountID}', function(event) {\n if (!check_hash()) {\n alert('" . __('Wrong encryption key', 'accounts') . "');\n } else {\n var decrypted_password = decrypt_password('{$accountID}');\n \$('#decrypt_link{$accountID}')\n .after(decrypted_password)\n .remove();\n }\n });"); } echo "</td>"; echo "<td class='center'>"; echo getUsername($data["users_id"]); echo "</td>"; echo "<td class='center'>"; echo Dropdown::getDropdownName("glpi_plugin_accounts_accounttypes", $data["plugin_accounts_accounttypes_id"]); echo "</td>"; echo "<td class='center'>" . Html::convdate($data["date_creation"]) . "</td>"; if ($data["date_expiration"] <= date('Y-m-d') && !empty($data["date_expiration"])) { echo "<td class='center'>"; echo "<div class='deleted'>" . Html::convdate($data["date_expiration"]) . "</div>"; echo "</td>"; } else { if (empty($data["date_expiration"])) { echo "<td class='center'>" . __('Don\'t expire', 'accounts') . "</td>"; } else { echo "<td class='center'>" . Html::convdate($data["date_expiration"]) . "</td>"; } } echo "</tr>"; $i++; } } echo "</table>"; echo Html::hidden('good_hash', array('value' => $hash, 'id' => 'good_hash')); if ($canedit && $number && $withtemplate < 2) { $massiveactionparams['ontop'] = false; Html::showMassiveActions($massiveactionparams); Html::closeForm(); } echo "</div>"; }
/** * Print the acccount form * * @param $ID integer ID of the item * @param $options array * - target for the Form * - withtemplate template or basic computer * * @return Nothing (display) **/ public function showForm($ID, $options = array()) { if (!$this->canView()) { return false; } $hashclass = new PluginAccountsHash(); $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', '', $hashclass->maybeRecursive()); if ($ID < 1 && countElementsInTable("glpi_plugin_accounts_hashes", $restrict) == 0) { echo "<div class='center'>" . __('There is no encryption key for this entity', 'accounts') . "<br><br>"; echo "<a href='" . Toolbox::getItemTypeSearchURL('PluginAccountsAccount') . "'>"; _e('Back'); echo "</a></div>"; return false; } if ($ID > 0) { $this->check($ID, 'r'); if (!plugin_accounts_haveRight("all_users", "r")) { $access = 0; if (plugin_accounts_haveRight("my_groups", "r")) { if ($this->fields["groups_id"]) { if (count($_SESSION['glpigroups']) && in_array($this->fields["groups_id"], $_SESSION['glpigroups'])) { $access = 1; } } if ($this->fields["users_id"]) { if ($this->fields["users_id"] == Session::getLoginUserID()) { $access = 1; } } } if (!plugin_accounts_haveRight("my_groups", "r") && $this->fields["users_id"] == Session::getLoginUserID()) { $access = 1; } if ($access != 1) { return false; } } } else { // Create item $this->check(-1, 'w'); $this->getEmpty(); } $this->showTabs($options); $options["formoptions"] = "id = 'account_form'"; $this->showFormHeader($options); echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Name') . "</td>"; echo "<td>"; Html::autocompletionTextField($this, "name"); echo "</td>"; echo "<td>" . __('Status') . "</td><td>"; Dropdown::show('PluginAccountsAccountState', array('value' => $this->fields["plugin_accounts_accountstates_id"])); echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Login') . "</td>"; echo "<td>"; Html::autocompletionTextField($this, "login"); echo "</td>"; echo "<td>" . __('Type') . "</td><td>"; Dropdown::show('PluginAccountsAccountType', array('value' => $this->fields["plugin_accounts_accounttypes_id"])); echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; //hash $hash = 0; $restrict = getEntitiesRestrictRequest(" ", "glpi_plugin_accounts_hashes", '', $this->getEntityID(), $hashclass->maybeRecursive()); $hashes = getAllDatasFromTable("glpi_plugin_accounts_hashes", $restrict); if (!empty($hashes)) { foreach ($hashes as $hashe) { $hash = $hashe["hash"]; $hash_id = $hashe["id"]; } $alert = ''; } else { $alert = __('There is no encryption key for this entity', 'accounts'); } $aeskey = new PluginAccountsAesKey(); //aeskey non enregistre if ($hash) { if (!$aeskey->getFromDBByHash($hash_id) || !$aeskey->fields["name"]) { echo "<td>" . __('Encryption key', 'accounts') . "</div></td><td>"; echo "<input type='password' autocomplete='off' name='aeskey' id= 'aeskey' value='' class=''>"; echo "<input type='hidden' name='encrypted_password' value='" . $this->fields["encrypted_password"] . "'>"; if (!empty($ID) || $ID > 0) { $url = $this->getFormURL(); echo " <input type='button' id='decrypte_link' name='decrypte' value='" . __s('Uncrypt', 'accounts') . "'\n class='submit' onclick='return false;'>"; echo "<script type='text/javascript'>\n Ext.get('decrypte_link').on('click', function () {\n var good_hash=\"{$hash}\";var hash=SHA256(SHA256(document.getElementById(\"aeskey\").value));\n if (hash != good_hash) {\n alert(\"" . __('Wrong encryption key', 'accounts') . "\");\n return false;\n };\n document.getElementsByName(\"hidden_password\").item(0).value=AESDecryptCtr(document.getElementsByName(\"encrypted_password\").item(0).value,SHA256(document.getElementById(\"aeskey\").value), 256);\n\n callAjax(\"{$url}\", \"{$ID}\" , document.getElementsByName(\"name\").item(0).value, document.getElementsByName(\"_glpi_csrf_token\").item(0).value);\n\n Ext.Ajax.request({\n url: '../ajax/get_new_crsf_token.php',\n success: function(response, opts) {\n var token = response.responseText;\n Ext.select('#account_form input[name=_glpi_csrf_token]')\n .set({'value': token});\n },\n failure: function(response, opts) {\n console.log('server-side failure with status code ' + response.status);\n }\n });\n });\n </script>"; } echo "</td>"; } else { echo "<td></td><td>"; echo "</td>"; } } else { echo "<td>" . __('Encryption key', 'accounts') . "</div></td><td><div class='red'>"; echo $alert; echo "</div></td>"; } if ($_SESSION['glpiactiveprofile']['interface'] == 'central') { echo "<td>" . __('Affected User', 'accounts') . "</td><td>"; if ($this->canCreate()) { User::dropdown(array('value' => $this->fields["users_id"], 'entity' => $this->fields["entities_id"], 'right' => 'all')); } else { echo getUserName($this->fields["users_id"]); } echo "</td>"; } else { echo "<td>" . __('Affected User', 'accounts') . "</td><td>"; echo getUserName($this->fields["users_id"]); echo "</td>"; } echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Password') . "</td>"; echo "<td>"; //aeskey enregistre if (isset($hash_id) && $aeskey->getFromDBByHash($hash_id) && $aeskey->fields["name"]) { echo "<input type='hidden' name='aeskey' id= 'aeskey' value='" . $aeskey->fields["name"] . "' class='' autocomplete='off'>"; echo "<input type='hidden' name='encrypted_password' value='" . $this->fields["encrypted_password"] . "'>"; echo "<input type='text' name='hidden_password' value='' size='30'>"; echo "<script language='javascript'>\n var good_hash=\"{$hash}\";\n var hash=SHA256(SHA256(document.getElementById(\"aeskey\").value));\n if (hash != good_hash) {\n document.getElementsByName(\"hidden_password\").item(0).value=\"" . __s('Wrong encryption key', 'accounts') . "\";\n } else {\n document.getElementsByName(\"hidden_password\").item(0).value=AESDecryptCtr(document.getElementsByName(\"encrypted_password\").item(0).value,SHA256(document.getElementById(\"aeskey\").value), 256)};</script>"; } else { echo "<input type='text' name='hidden_password' value='' size='30' >"; } echo "</td>"; if ($_SESSION['glpiactiveprofile']['interface'] == 'central') { echo "<td>" . __('Affected Group', 'accounts') . "</td><td>"; if ($this->canCreate()) { Dropdown::show('Group', array('value' => $this->fields["groups_id"], 'condition' => '`is_itemgroup`')); } else { echo Dropdown::getDropdownName("glpi_groups", $this->fields["groups_id"]); } echo "</td>"; } else { echo "<td>" . __('Affected Group', 'accounts') . ":\t</td><td>"; echo Dropdown::getDropdownName("glpi_groups", $this->fields["groups_id"]); echo "</td>"; } echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Creation date') . "</td>"; echo "<td>"; Html::showDateFormItem("date_creation", $this->fields["date_creation"], true, true); echo "</td>"; echo "<td>" . __('Technician in charge of the hardware') . "</td>"; echo "<td>"; User::dropdown(array('name' => "users_id_tech", 'value' => $this->fields["users_id_tech"], 'entity' => $this->fields["entities_id"], 'right' => 'interface')); echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Expiration date') . " "; Html::showToolTip(nl2br(__('Empty for infinite', 'accounts'))); echo "</td>"; echo "<td>"; Html::showDateFormItem("date_expiration", $this->fields["date_expiration"], true, true); echo "</td>"; echo "<td>" . __('Group in charge of the hardware') . "</td><td>"; Group::dropdown(array('name' => 'groups_id_tech', 'value' => $this->fields['groups_id_tech'], 'condition' => '`is_assign`')); echo "</td>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Others') . "</td>"; echo "<td>"; Html::autocompletionTextField($this, "others"); echo "</td>"; echo "<td>" . __('Location') . "</td><td>"; Location::dropdown(array('value' => $this->fields["locations_id"], 'entity' => $this->fields["entities_id"])); echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td colspan = '4'>"; echo "<table cellpadding='2' cellspacing='2' border='0'><tr><td>"; echo __('Comments') . "</td></tr>"; echo "<tr><td class='center'>"; echo "<textarea cols='125' rows='3' name='comment'>" . $this->fields["comment"] . "</textarea>"; echo "</td></tr></table>"; echo "</td>"; echo "</tr>"; echo "<tr class='tab_bg_1'>"; echo "<td>" . __('Associable to a ticket') . "</td><td>"; Dropdown::showYesNo('is_helpdesk_visible', $this->fields['is_helpdesk_visible']); echo "</td>"; echo "<td colspan='2'>"; printf(__('Last update on %s'), Html::convDateTime($this->fields["date_mod"])); echo "</td>"; echo "</tr>"; if ($this->canCreate()) { if (empty($ID) || $ID < 0) { echo "<tr>"; echo "<td class='tab_bg_2 top' colspan='4'>"; echo "<div align='center'><input onclick='var good_hash=\"{$hash}\";\n var hash=SHA256(SHA256(document.getElementById(\"aeskey\").value));\n if ((document.getElementsByName(\"hidden_password\").item(0).value == \"\")\n || (document.getElementById(\"aeskey\").value == \"\")) {\n alert(\"" . __('You have not filled the password and encryption key', 'accounts') . "\");\n return false;\n };\n if (hash != good_hash) {\n alert(\"" . __('Wrong encryption key', 'accounts') . "\");\n return false;\n };\n document.getElementsByName(\"encrypted_password\").item(0).value=AESEncryptCtr(document.getElementsByName(\"hidden_password\").item(0).value,SHA256(document.getElementById(\"aeskey\").value), 256);'\n type='submit' name='add' value=\"" . _sx('button', 'Add') . "\" class='submit'></div>"; echo "</td>"; echo "</tr>"; } else { echo "<tr>"; echo "<td class='tab_bg_2' colspan='4 top'><div align='center'>"; echo "<input type='hidden' name='id' value=\"{$ID}\">"; echo "<input onclick='var good_hash=\"{$hash}\";\n var hash=SHA256(SHA256(document.getElementById(\"aeskey\").value));\n if ((document.getElementsByName(\"hidden_password\").item(0).value == \"\")\n || (document.getElementById(\"aeskey\").value == \"\")) {\n alert(\"" . __('Password will not be modified', 'accounts') . "\");\n return true;\n } else {\n if (hash != good_hash) {\n alert(\"" . __('Wrong encryption key', 'accounts') . "\");\n return false;\n };\n };\n document.getElementsByName(\"encrypted_password\").item(0).value=AESEncryptCtr(document.getElementsByName(\"hidden_password\").item(0).value,SHA256(document.getElementById(\"aeskey\").value), 256);'\n type='submit' name='update' value=\"" . _sx('button', 'Save') . "\" class='submit' >"; if ($this->fields["is_deleted"] == '0') { echo " <input type='submit' name='delete' value=\"" . _sx('button', 'Put in dustbin') . "\" class='submit'></div>"; } else { echo " <input type='submit' name='restore' value=\"" . _sx('button', 'Restore') . "\" class='submit'>"; echo " <input type='submit' name='purge' value=\"" . _sx('button', 'Delete permanently') . "\" class='submit'></div>"; } echo "</td>"; echo "</tr>"; } } echo "</table>"; echo "</div>"; Html::closeForm(); $this->addDivForTabs(); return true; }