Subversion Repositories oidplus

Compare Revisions

Regard whitespace Rev 1447 → Rev 1448

/trunk/changelog.json.php
3,6 → 3,15
"dummy": "<?php die('For security reasons, this file can only be accessed locally (without PHP).'.base64_decode('IgogICAgfQpdCg==')); /* @phpstan-ignore-line */ ?>"
},
{
"version": "2.0.1.13",
"date": "2023-12-31 00:45:00 +0100",
"author": "Daniel Marschall (ViaThinkSoft)",
"changes": [
"Log entries are now displayed in a table instead of a monospace text block.",
"JavaScript: JavaScript can now handle errors raised by PHP and show something instead of just silently failing."
]
},
{
"version": "2.0.1.12",
"date": "2023-12-26 23:55:00 +0100",
"author": "Daniel Marschall (ViaThinkSoft)",
/trunk/plugins/viathinksoft/adminPages/600_log/OIDplusPageAdminLogEvents.class.php
53,10 → 53,10
$page = $parts[1] ?? null;
if ($page == null) {
$res = OIDplus::db()->query("select max(id) as cnt from ###log");
$page = floor($res->fetch_array()['cnt'] / 50) + 1;
$page = floor($res->fetch_array()['cnt'] / 500) + 1;
}
$min = ($page-1) * 50 + 1;
$max = ($page ) * 50;
$min = ($page-1) * 500 + 1;
$max = ($page ) * 500;
 
$res = OIDplus::db()->query("select id, unix_ts, addr, event from ###log ".
"where id >= ? and id <= ? ".
69,8 → 69,14
$out['text'] .= '<a '.OIDplus::gui()->link($parts[0].'$'.($page-1)).'>Older log entries</a>';
$out['text'] .= '<p>';
 
$out['text'] .= '<div class="container box"><div id="suboid_table" class="table-responsive">';
$out['text'] .= '<table class="table table-bordered table-striped">';
$out['text'] .= '<thead>';
$out['text'] .= '<tr><th>'._L('Time').'</th><th>'._L('Event').'</th><th>'._L('Affected users').'</th><th>'._L('Affected objects').'</th><th>'._L('IP Address').'</th></tr>';
$out['text'] .= '</thead>';
$out['text'] .= '<tbody>';
 
if ($res->any()) {
$out['text'] .= '<pre>';
while ($row = $res->fetch_array()) {
$severity = 0;
$contains_messages_for_me = false;
85,7 → 91,7
$contains_messages_for_me = true;
}
}
$users = count($users) > 0 ? '; '._L('affected users: %1',implode(', ',$users)) : '';
$users = implode("\n",$users);
// ---
$objects = array();
$res2 = OIDplus::db()->query("select object, severity from ###log_object ".
93,20 → 99,32
while ($row2 = $res2->fetch_array()) {
$objects[] = $row2['object'];
}
$objects = count($objects) > 0 ? '; '._L('affected objects: %1',implode(', ',$objects)) : '';
$objects = implode("\n",$objects);
// ---
$addr = empty($row['addr']) ? _L('no address') : $row['addr'];
// ---
if ($contains_messages_for_me) $out['text'] .= '<b>';
$out['text'] .= '<span class="severity_'.$severity.'">' . date('Y-m-d H:i:s', (int)$row['unix_ts']) . ': ' . htmlentities($row["event"])." (" . htmlentities($addr.$users.$objects) . ")</span>\n";
if ($contains_messages_for_me) $out['text'] .= '</b>';
 
$a = '<span class="severity_'.$severity.'">';
$b = '</span>';
if ($contains_messages_for_me) $a = '<b>'.$a;
if ($contains_messages_for_me) $b = $b.'</b>';
$out['text'] .= '<tr>';
$out['text'] .= '<td>'.$a.date('Y-m-d H:i:s', (int)$row['unix_ts']).$b.'</td>';
$out['text'] .= '<td>'.$a.htmlentities($row['event']).$b.'</td>';
$out['text'] .= '<td>'.$a.nl2br(htmlentities($users)).$b.'</td>';
$out['text'] .= '<td>'.$a.nl2br(htmlentities($objects)).$b.'</td>';
$out['text'] .= '<td>'.$a.htmlentities($addr).$b.'</td>';
$out['text'] .= '<tr>';
 
}
$out['text'] .= '</pre>';
} else {
$out['text'] .= '<p>'._L('There are no log entries on this page').'</p>';
$out['text'] .= '<tr><td colspan="5">'._L('There are no log entries on this page').'</td></tr>';
}
 
// TODO: List logs in a table instead of a <pre> text
$out['text'] .= '</tbody>';
$out['text'] .= '</table>';
$out['text'] .= '</div></div>';
 
}
}
 
/trunk/plugins/viathinksoft/adminPages/902_systemfile_check/checksums.json
Cannot display: file marked as a binary type.
svn:mime-type = application/json
/trunk/plugins/viathinksoft/language/dede/messages.xml
510,6 → 510,22
</message>
<message>
<source><![CDATA[
Affected objects
]]></source>
<target><![CDATA[
Betroffene Objekte
]]></target>
</message>
<message>
<source><![CDATA[
Affected users
]]></source>
<target><![CDATA[
Betroffene Benutzer
]]></target>
</message>
<message>
<source><![CDATA[
After clicking "change", your OIDplus system will contact the ViaThinkSoft server to adjust (add or remove information) your privacy setting. This may take a few minutes.
]]></source>
<target><![CDATA[
2550,6 → 2566,14
</message>
<message>
<source><![CDATA[
Event
]]></source>
<target><![CDATA[
Ereignis
]]></target>
</message>
<message>
<source><![CDATA[
Everything OK!
]]></source>
<target><![CDATA[
3238,6 → 3262,14
</message>
<message>
<source><![CDATA[
IP Address
]]></source>
<target><![CDATA[
IP-Adresse
]]></target>
</message>
<message>
<source><![CDATA[
IP address has changed. Please try again. (current IP %1, expected %2)
]]></source>
<target><![CDATA[
8254,6 → 8286,14
</message>
<message>
<source><![CDATA[
Time
]]></source>
<target><![CDATA[
Zeit
]]></target>
</message>
<message>
<source><![CDATA[
Title
]]></source>
<target><![CDATA[
/trunk/plugins/viathinksoft/raPages/099_object_log/OIDplusPageRaObjectLog.class.php
78,12 → 78,22
"where lu.object = ? " .
"order by lo.unix_ts desc", array($id));
$text .= '<h2>'._L('Log messages for object %1',htmlentities($id)).'</h2>';
$max_ent = 0;
 
$text .= '<div class="container box"><div id="suboid_table" class="table-responsive">';
$text .= '<table class="table table-bordered table-striped">';
$text .= '<thead>';
$text .= '<tr><th>'._L('Time').'</th><th>'._L('Event').'</th><th>'._L('Affected users').'</th><!--<th>'._L('Affected objects').'</th>--><th>'._L('IP Address').'</th></tr>';
$text .= '</thead>';
$text .= '<tbody>';
 
if ($res->any()) {
$text .= '<pre>';
$count = 0;
while ($row = $res->fetch_array()) {
$max_ent++;
if ($max_ent > 100) break; // TODO: also allow to watch older entries
$count++;
if ($count > 100) break; // TODO: also allow to watch older entries
 
$addr = empty($row['addr']) ? _L('no address') : $row['addr'];
 
$users = array();
$res2 = OIDplus::db()->query("select username, severity from ###log_user ".
"where log_id = ?", array((int)$row['id']));
90,19 → 100,25
while ($row2 = $res2->fetch_array()) {
$users[] = $row2['username'];
}
$users = count($users) > 0 ? ", ".implode('/',$users) : '';
$users = implode("\n",$users);
 
$addr = empty($row['addr']) ? _L('no address') : $row['addr'];
 
$text .= '<span class="severity_'.$row['severity'].'">' . date('Y-m-d H:i:s', (int)$row['unix_ts']) . ': ' . htmlentities($row["event"]??'')." (" . htmlentities($addr.$users) . ")</span>\n";
$a = '<span class="severity_'.$row['severity'].'">';
$b = '</span>';
$text .= '<tr>';
$text .= '<td>'.$a.date('Y-m-d H:i:s', (int)$row['unix_ts']).$b.'</td>';
$text .= '<td>'.$a.htmlentities($row['event']).$b.'</td>';
$text .= '<td>'.$a.nl2br(htmlentities($users)).$b.'</td>';
#$text .= '<td>'.$a.nl2br(htmlentities($objects)).$b.'</td>';
$text .= '<td>'.$a.htmlentities($addr).$b.'</td>';
$text .= '<tr>';
}
$text .= '</pre>';
 
// TODO: List logs in a table instead of a <pre> text
} else {
$text .= '<p>'._L('Currently there are no log entries').'</p>';
$text .= '<tr><td colspan="4">'._L('There are no log entries on this page').'</td></tr>';
}
 
$text .= '</tbody>';
$text .= '</table>';
$text .= '</div></div>';
}
 
/**
/trunk/plugins/viathinksoft/raPages/200_log/OIDplusPageRaLogEvents.class.php
68,10 → 68,10
"left join ###log_user lu on lu.log_id = lo.id ".
"where lu.username = ? " .
"order by lo.unix_ts desc", array($ra_email));
$page = floor($res->fetch_array()['cnt'] / 50) + 1;
$page = floor($res->fetch_array()['cnt'] / 500) + 1;
}
$min = ($page-1) * 50 + 1;
$max = ($page ) * 50;
$min = ($page-1) * 500 + 1;
$max = ($page ) * 500;
 
$res = OIDplus::db()->query("select lo.unix_ts, lo.addr, lo.event, lu.severity from ###log lo ".
"left join ###log_user lu on lu.log_id = lo.id ".
86,19 → 86,36
$out['text'] .= '<a '.OIDplus::gui()->link($parts[0].'$'.$parts[1].'$'.($page-1)).'>Older log entries</a>';
$out['text'] .= '<p>';
 
$out['text'] .= '<div class="container box"><div id="suboid_table" class="table-responsive">';
$out['text'] .= '<table class="table table-bordered table-striped">';
$out['text'] .= '<thead>';
$out['text'] .= '<tr><th>'._L('Time').'</th><th>'._L('Event').'</th><!--<th>'._L('Affected users').'</th><th>'._L('Affected objects').'</th>--><th>'._L('IP Address').'</th></tr>';
$out['text'] .= '</thead>';
$out['text'] .= '<tbody>';
 
if ($res->any()) {
$out['text'] .= '<pre>';
$count = 0;
while ($row = $res->fetch_array()) {
$addr = empty($row['addr']) ? _L('no address') : $row['addr'];
 
$out['text'] .= '<span class="severity_'.$row['severity'].'">' . date('Y-m-d H:i:s', (int)$row['unix_ts']) . ': ' . htmlentities($row["event"])." (" . htmlentities($addr) . ")</span>\n";
$a = '<span class="severity_'.$row['severity'].'">';
$b = '</span>';
$out['text'] .= '<tr>';
$out['text'] .= '<td>'.$a.date('Y-m-d H:i:s', (int)$row['unix_ts']).$b.'</td>';
$out['text'] .= '<td>'.$a.htmlentities($row['event']).$b.'</td>';
#$out['text'] .= '<td>'.$a.nl2br(htmlentities($users)).$b.'</td>';
#$out['text'] .= '<td>'.$a.nl2br(htmlentities($objects)).$b.'</td>';
$out['text'] .= '<td>'.$a.htmlentities($addr).$b.'</td>';
$out['text'] .= '<tr>';
 
}
$out['text'] .= '</pre>';
} else {
$out['text'] .= '<p>'._L('There are no log entries on this page').'</p>';
$out['text'] .= '<tr><td colspan="3">'._L('There are no log entries on this page').'</td></tr>';
}
 
// TODO: List logs in a table instead of a <pre> text
$out['text'] .= '</tbody>';
$out['text'] .= '</table>';
$out['text'] .= '</div></div>';
}
}
 
/trunk/vendor/composer/installed.json
837,12 → 837,12
"source": {
"type": "git",
"url": "https://github.com/phpseclib/phpseclib.git",
"reference": "d2cd758ecb50addfe7a4283a2084a63efeefce3d"
"reference": "4b1827beabce71953ca479485c0ae9c51287f2fe"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/d2cd758ecb50addfe7a4283a2084a63efeefce3d",
"reference": "d2cd758ecb50addfe7a4283a2084a63efeefce3d",
"url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/4b1827beabce71953ca479485c0ae9c51287f2fe",
"reference": "4b1827beabce71953ca479485c0ae9c51287f2fe",
"shasum": ""
},
"require": {
860,7 → 860,7
"ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.",
"ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations."
},
"time": "2023-12-19T04:55:17+00:00",
"time": "2023-12-29T01:59:53+00:00",
"type": "library",
"installation-source": "dist",
"autoload": {
/trunk/vendor/composer/installed.php
189,7 → 189,7
'phpseclib/phpseclib' => array(
'pretty_version' => '3.0.x-dev',
'version' => '3.0.9999999.9999999-dev',
'reference' => 'd2cd758ecb50addfe7a4283a2084a63efeefce3d',
'reference' => '4b1827beabce71953ca479485c0ae9c51287f2fe',
'type' => 'library',
'install_path' => __DIR__ . '/../phpseclib/phpseclib',
'aliases' => array(),
/trunk/vendor/licenses
28,7 → 28,7
matthiasmullie/path-converter 1.1.3 MIT
paragonie/constant_time_encoding v2.6.3 MIT
paragonie/random_compat v9.99.100 MIT
phpseclib/phpseclib 3.0.x-dev d2cd758 MIT
phpseclib/phpseclib 3.0.x-dev 4b1827b MIT
script47/bs5-utils master master MIT
spamspan/spamspan master GPL-2.0-only
spomky-labs/php-punycode 9999999-dev d12fe5c MIT
/trunk/vendor/phpseclib/phpseclib/README.md
51,7 → 51,7
* PHP4 compatible
* Composer compatible (PSR-0 autoloading)
* Install using Composer: `composer require phpseclib/phpseclib:~1.0`
* [Download 1.0.21 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.21.zip/download)
* [Download 1.0.22 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.22.zip/download)
 
## Security contact information
 
/trunk/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php
382,7 → 382,7
$shortname = $meta->getShortName();
self::$plugins[static::ALGORITHM]['Keys'][strtolower($shortname)] = $fullname;
if ($meta->hasConstant('IS_INVISIBLE')) {
self::$invisiblePlugins[static::ALGORITHM] = strtolower($name);
self::$invisiblePlugins[static::ALGORITHM][] = strtolower($shortname);
}
}
}
/trunk/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php
1103,6 → 1103,16
private $errorOnMultipleChannels;
 
/**
* Terrapin Countermeasure
*
* "During initial KEX, terminate the connection if any unexpected or out-of-sequence packet is received"
* -- https://github.com/openssh/openssh-portable/commit/1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5
*
* @var int
*/
private $extra_packets;
 
/**
* Default Constructor.
*
* $host can either be a string, representing the host, or a stream resource.
1536,7 → 1546,7
$preferred['client_to_server']['comp'] :
SSH2::getSupportedCompressionAlgorithms();
 
$kex_algorithms = array_merge($kex_algorithms, ['ext-info-c']);
$kex_algorithms = array_merge($kex_algorithms, ['ext-info-c', 'kex-strict-c-v00@openssh.com']);
 
// some SSH servers have buggy implementations of some of the above algorithms
switch (true) {
1592,6 → 1602,7
if ($kexinit_payload_server === false) {
$this->send_binary_packet($kexinit_payload_client);
 
$this->extra_packets = 0;
$kexinit_payload_server = $this->get_binary_packet();
 
if (
1623,6 → 1634,11
$this->languages_server_to_client,
$first_kex_packet_follows
) = Strings::unpackSSH2('L10C', $response);
if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) {
if ($this->session_id === false && $this->extra_packets) {
throw new \UnexpectedValueException('Possible Terrapin Attack detected');
}
}
 
$this->supported_private_key_algorithms = $this->server_host_key_algorithms;
 
1881,6 → 1897,10
throw new \UnexpectedValueException('Expected SSH_MSG_NEWKEYS');
}
 
if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) {
$this->get_seq_no = $this->send_seq_no = 0;
}
 
$keyBytes = pack('Na*', strlen($keyBytes), $keyBytes);
 
$this->encrypt = self::encryption_algorithm_to_crypt_instance($encrypt);
3769,9 → 3789,11
$this->bitmap = 0;
return false;
case NET_SSH2_MSG_IGNORE:
$this->extra_packets++;
$payload = $this->get_binary_packet($skip_channel_filter);
break;
case NET_SSH2_MSG_DEBUG:
$this->extra_packets++;
Strings::shift($payload, 2); // second byte is "always_display"
list($message) = Strings::unpackSSH2('s', $payload);
$this->errors[] = "SSH_MSG_DEBUG: $message";
3780,6 → 3802,7
case NET_SSH2_MSG_UNIMPLEMENTED:
return false;
case NET_SSH2_MSG_KEXINIT:
// this is here for key re-exchanges after the initial key exchange
if ($this->session_id !== false) {
if (!$this->key_exchange($payload)) {
$this->bitmap = 0;