示例#1
0
 /**
  * Constructor
  *
  * @param $template \SP\Template con instancia de plantilla
  */
 public function __construct(\SP\Template $template = null)
 {
     parent::__construct($template);
     $this->view->assign('tabs', array());
     $this->view->assign('sk', SessionUtil::getSessionKey(true));
     $this->view->assign('isDemoMode', \SP\Util::demoIsEnabled() && !Session::getUserIsAdminApp());
     $this->view->assign('isDisabled', \SP\Util::demoIsEnabled() && !Session::getUserIsAdminApp() ? 'DISABLED' : '');
 }
示例#2
0
 /**
  * Constructor
  *
  * @param $template \SP\Template con instancia de plantilla
  */
 public function __construct(\SP\Template $template = null)
 {
     parent::__construct($template);
     $this->view->assign('tabs', array());
     $this->view->assign('sk', SessionUtil::getSessionKey(true));
     $this->_userId = Session::getUserId();
     $this->_userPrefs = UserPreferences::getPreferences($this->_userId);
 }
示例#3
0
 /**
  * Constructor
  *
  * @param \SP\Template $template              instancia del motor de plantillas
  * @param              $lastAction            int con la última acción realizada
  * @param null         $accountId             int con el id de la cuenta
  */
 public function __construct(\SP\Template $template = null, $lastAction, $accountId = null)
 {
     parent::__construct($template);
     $this->setId($accountId);
     $this->view->assign('changesHash', '');
     $this->view->assign('chkUserEdit', '');
     $this->view->assign('chkGroupEdit', '');
     $this->view->assign('gotData', $this->isGotData());
     $this->view->assign('sk', SessionUtil::getSessionKey(true));
 }
示例#4
0
 /**
  * Comprobar si es necesario limpiar el registro de eventos
  */
 public function checkClear()
 {
     if ($this->view->clear && $this->view->sk && SessionUtil::checkSessionKey($this->view->sk)) {
         if (\SP\Log::clearEvents()) {
             \SP\Response::printJSON(_('Registro de eventos vaciado'), 0, "sysPassUtil.Common.doAction(" . ActionsInterface::ACTION_EVL . "); sysPassUtil.Common.scrollUp();");
         } else {
             \SP\Response::printJSON(_('Error al vaciar el registro de eventos'));
         }
     }
 }
示例#5
0
 /**
  * Constructor
  *
  * @param      $template   \SP\Template con instancia de plantilla
  * @param null $page       El nombre de página para la clase del body
  * @param bool $initialize Si es una inicialización completa
  */
 public function __construct(\SP\Template $template = null, $page = null, $initialize = true)
 {
     parent::__construct($template);
     if ($initialize) {
         $this->view->assign('startTime', microtime());
         $this->view->addTemplate('header');
         $this->view->addTemplate('body-start');
         $this->view->assign('sk', SessionUtil::getSessionKey(true));
         $this->view->assign('appInfo', Util::getAppInfo());
         $this->view->assign('appVersion', Util::getVersionString());
         $this->view->assign('isDemoMode', Util::demoIsEnabled());
         $this->view->assign('page', $page);
         $this->view->assign('loggedIn', \SP\Init::isLoggedIn());
         $this->view->assign('logoIcon', Init::$WEBURI . '/imgs/logo.png');
         $this->view->assign('logoNoText', Init::$WEBURI . '/imgs/logo.svg');
         $this->view->assign('logo', Init::$WEBURI . '/imgs/logo_full.svg');
         $this->view->assign('httpsEnabled', Util::httpsEnabled());
         // Cargar la clave pública en la sesión
         SessionUtil::loadPublicKey();
         $this->getResourcesLinks();
         $this->setResponseHeaders();
     }
 }
示例#6
0
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with sysPass.  If not, see <http://www.gnu.org/licenses/>.
 *
 */
use SP\Request;
use SP\SessionUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
    SP\Response::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SessionUtil::checkSessionKey($sk)) {
    SP\Response::printJSON(_('CONSULTA INVÁLIDA'));
}
// Variables POST del formulario
//$frmSaveType = SP_Request::analyze('savetyp', 0);
$actionId = SP\Request::analyze('actionId', 0);
$accountId = SP\Request::analyze('accountid', 0);
$customerId = SP\Request::analyze('customerId', 0);
$newCustomer = SP\Request::analyze('customer_new');
$accountName = SP\Request::analyze('name');
$accountLogin = SP\Request::analyze('login');
$accountPassword = SP\Request::analyzeEncrypted('pass');
$accountPasswordR = SP\Request::analyzeEncrypted('passR');
$categoryId = SP\Request::analyze('categoryId', 0);
$accountOtherGroups = SP\Request::analyze('othergroups');
$accountOtherUsers = SP\Request::analyze('otherusers');
示例#7
0
    }
}
// Comprobar si se ha forzado un cambio de clave
if ($User->isUserChangePass()) {
    $hash = SP\Util::generate_random_bytes();
    if (UserPassRecover::addPassRecover($userLogin, $hash)) {
        $url = SP\Init::$WEBURI . '/index.php?a=passreset&h=' . $hash . '&t=' . time() . '&f=1';
        SP\Response::printJSON($url, 0);
    }
}
// Obtenemos la clave maestra del usuario
if ($User->getUserMPass()) {
    // Actualizar el último login del usuario
    UserUtil::setUserLastLogin($User->getUserId());
    // Cargar las variables de sesión del usuario
    SessionUtil::loadUserSession($User);
    $Log->addDescription(sprintf('%s: %s', _('Usuario'), $userLogin));
    $Log->addDescription(sprintf('%s: %s', _('Perfil'), SP\Profile::getProfileNameById($User->getUserProfileId())));
    $Log->addDescription(sprintf('%s: %s', _('Grupo'), SP\Groups::getGroupNameById($User->getUserGroupId())));
    $Log->writeLog();
} else {
    SP\Response::printJSON(_('Error interno'));
}
$UserPrefs = \SP\UserPreferences::getPreferences($User->getUserId());
if ($UserPrefs->isUse2Fa()) {
    SP\Session::set2FApassed(false);
    $url = SP\Init::$WEBURI . '/index.php?a=2fa&i=' . $User->getUserId() . '&t=' . time() . '&f=1';
    SP\Response::printJSON($url, 0);
} else {
    SP\Session::set2FApassed(true);
}
示例#8
0
 /**
  * Obtener los datos para la pestaña de campos personalizados
  */
 public function getCustomFields()
 {
     $this->setAction(self::ACTION_MGM_CUSTOMFIELDS);
     if (!$this->checkAccess()) {
         return;
     }
     $this->view->assign('sk', SessionUtil::getSessionKey(true));
     $tableProp = array('tblId' => 'tblCustomFields', 'header' => '', 'tblHeaders' => array(_('Módulo'), _('Nombre'), _('Tipo')), 'tblRowSrc' => array('module', 'name', 'typeName'), 'tblRowSrcId' => 'id', 'onCloseAction' => self::ACTION_MGM, 'actions' => array('new' => array('id' => self::ACTION_MGM_CUSTOMFIELDS_NEW, 'title' => _('Nuevo Campo'), 'onclick' => 'sysPassUtil.Common.appMgmtData(this,' . self::ACTION_MGM_CUSTOMFIELDS_NEW . ',\'' . $this->view->sk . '\')', 'img' => 'imgs/new.png', 'skip' => true), 'edit' => array('id' => self::ACTION_MGM_CUSTOMFIELDS_EDIT, 'title' => _('Editar Campo'), 'onclick' => 'sysPassUtil.Common.appMgmtData(this,' . self::ACTION_MGM_CUSTOMFIELDS_EDIT . ',\'' . $this->view->sk . '\')', 'img' => 'imgs/edit.png', 'icon' => 'mode_edit'), 'del' => array('id' => self::ACTION_MGM_CUSTOMFIELDS_DELETE, 'title' => _('Eliminar Campo'), 'onclick' => 'sysPassUtil.Common.appMgmtDelete(this,' . self::ACTION_MGM_CUSTOMFIELDS_DELETE . ',\'' . $this->view->sk . '\')', 'img' => 'imgs/delete.png', 'icon' => 'delete', 'isdelete' => true)));
     $tableProp['cellWidth'] = floor(65 / count($tableProp['tblHeaders']));
     $this->view->append('tabs', array('title' => _('Campos Personalizados'), 'query' => \SP\CustomFieldDef::getCustomFields(), 'props' => $tableProp, 'time' => round(microtime() - $this->view->queryTimeStart, 5)));
 }
示例#9
0
 /**
  * Inicializar la vista de cambio de clave de usuario
  */
 public function getUserPass()
 {
     $this->setAction(self::ACTION_USR_USERS_EDITPASS);
     // Comprobar si el usuario a modificar es distinto al de la sesión
     if ($this->view->userId != Session::getUserId() && !$this->checkAccess()) {
         return;
     }
     $this->view->addTemplate('userspass');
     $this->view->assign('actionId', self::ACTION_USR_USERS_EDITPASS);
     // Obtener de nuevo el token de seguridad por si se habñia regenerado antes
     $this->view->assign('sk', SessionUtil::getSessionKey());
 }
示例#10
0
 /**
  * Inicialiar la sesión de usuario
  */
 private static function initSession()
 {
     $sessionLifeTime = self::getSessionLifeTime();
     // Timeout de sesión
     if (Session::getLastActivity() && time() - Session::getLastActivity() > $sessionLifeTime) {
         if (isset($_COOKIE[session_name()])) {
             setcookie(session_name(), '', time() - 42000, '/');
         }
         self::wrLogoutInfo();
         session_unset();
         session_destroy();
         session_start();
         return;
     }
     // Regenerar el Id de sesión periódicamente para evitar fijación
     if (Session::getSidStartTime() === 0) {
         Session::setSidStartTime(time());
         Session::setStartActivity(time());
     } else {
         if (Session::getUserId() && time() - Session::getSidStartTime() > $sessionLifeTime / 2) {
             $sessionMPass = SessionUtil::getSessionMPass();
             session_regenerate_id(true);
             Session::setSidStartTime(time());
             // Recargar los permisos del perfil de usuario
             Session::setUserProfile(Profile::getProfile(Session::getUserProfileId()));
             // Regenerar la clave maestra
             SessionUtil::saveSessionMPass($sessionMPass);
         }
     }
     Session::setLastActivity(time());
 }
示例#11
0
 /**
  * Constructor
  *
  * @param $template \SP\Template con instancia de plantilla
  */
 public function __construct(\SP\Template $template = null)
 {
     parent::__construct($template);
     $this->view->assign('sk', SessionUtil::getSessionKey(true));
     $this->setVars();
 }