/trunk/changelog.json.php |
---|
3,6 → 3,15 |
"dummy": "<?php die('For security reasons, this file can only be accessed locally (without PHP).'.base64_decode('IgogICAgfQpdCg==')); /* @phpstan-ignore-line */ ?>" |
}, |
{ |
"version": "2.0.1.13", |
"date": "2023-12-31 00:45:00 +0100", |
"author": "Daniel Marschall (ViaThinkSoft)", |
"changes": [ |
"Log entries are now displayed in a table instead of a monospace text block.", |
"JavaScript: JavaScript can now handle errors raised by PHP and show something instead of just silently failing." |
] |
}, |
{ |
"version": "2.0.1.12", |
"date": "2023-12-26 23:55:00 +0100", |
"author": "Daniel Marschall (ViaThinkSoft)", |
/trunk/plugins/viathinksoft/adminPages/600_log/OIDplusPageAdminLogEvents.class.php |
---|
53,10 → 53,10 |
$page = $parts[1] ?? null; |
if ($page == null) { |
$res = OIDplus::db()->query("select max(id) as cnt from ###log"); |
$page = floor($res->fetch_array()['cnt'] / 50) + 1; |
$page = floor($res->fetch_array()['cnt'] / 500) + 1; |
} |
$min = ($page-1) * 50 + 1; |
$max = ($page ) * 50; |
$min = ($page-1) * 500 + 1; |
$max = ($page ) * 500; |
$res = OIDplus::db()->query("select id, unix_ts, addr, event from ###log ". |
"where id >= ? and id <= ? ". |
69,8 → 69,14 |
$out['text'] .= '<a '.OIDplus::gui()->link($parts[0].'$'.($page-1)).'>Older log entries</a>'; |
$out['text'] .= '<p>'; |
$out['text'] .= '<div class="container box"><div id="suboid_table" class="table-responsive">'; |
$out['text'] .= '<table class="table table-bordered table-striped">'; |
$out['text'] .= '<thead>'; |
$out['text'] .= '<tr><th>'._L('Time').'</th><th>'._L('Event').'</th><th>'._L('Affected users').'</th><th>'._L('Affected objects').'</th><th>'._L('IP Address').'</th></tr>'; |
$out['text'] .= '</thead>'; |
$out['text'] .= '<tbody>'; |
if ($res->any()) { |
$out['text'] .= '<pre>'; |
while ($row = $res->fetch_array()) { |
$severity = 0; |
$contains_messages_for_me = false; |
85,7 → 91,7 |
$contains_messages_for_me = true; |
} |
} |
$users = count($users) > 0 ? '; '._L('affected users: %1',implode(', ',$users)) : ''; |
$users = implode("\n",$users); |
// --- |
$objects = array(); |
$res2 = OIDplus::db()->query("select object, severity from ###log_object ". |
93,20 → 99,32 |
while ($row2 = $res2->fetch_array()) { |
$objects[] = $row2['object']; |
} |
$objects = count($objects) > 0 ? '; '._L('affected objects: %1',implode(', ',$objects)) : ''; |
$objects = implode("\n",$objects); |
// --- |
$addr = empty($row['addr']) ? _L('no address') : $row['addr']; |
// --- |
if ($contains_messages_for_me) $out['text'] .= '<b>'; |
$out['text'] .= '<span class="severity_'.$severity.'">' . date('Y-m-d H:i:s', (int)$row['unix_ts']) . ': ' . htmlentities($row["event"])." (" . htmlentities($addr.$users.$objects) . ")</span>\n"; |
if ($contains_messages_for_me) $out['text'] .= '</b>'; |
$a = '<span class="severity_'.$severity.'">'; |
$b = '</span>'; |
if ($contains_messages_for_me) $a = '<b>'.$a; |
if ($contains_messages_for_me) $b = $b.'</b>'; |
$out['text'] .= '<tr>'; |
$out['text'] .= '<td>'.$a.date('Y-m-d H:i:s', (int)$row['unix_ts']).$b.'</td>'; |
$out['text'] .= '<td>'.$a.htmlentities($row['event']).$b.'</td>'; |
$out['text'] .= '<td>'.$a.nl2br(htmlentities($users)).$b.'</td>'; |
$out['text'] .= '<td>'.$a.nl2br(htmlentities($objects)).$b.'</td>'; |
$out['text'] .= '<td>'.$a.htmlentities($addr).$b.'</td>'; |
$out['text'] .= '<tr>'; |
} |
$out['text'] .= '</pre>'; |
} else { |
$out['text'] .= '<p>'._L('There are no log entries on this page').'</p>'; |
$out['text'] .= '<tr><td colspan="5">'._L('There are no log entries on this page').'</td></tr>'; |
} |
// TODO: List logs in a table instead of a <pre> text |
$out['text'] .= '</tbody>'; |
$out['text'] .= '</table>'; |
$out['text'] .= '</div></div>'; |
} |
} |
/trunk/plugins/viathinksoft/adminPages/902_systemfile_check/checksums.json |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/json |
/trunk/plugins/viathinksoft/language/dede/messages.xml |
---|
510,6 → 510,22 |
</message> |
<message> |
<source><![CDATA[ |
Affected objects |
]]></source> |
<target><![CDATA[ |
Betroffene Objekte |
]]></target> |
</message> |
<message> |
<source><![CDATA[ |
Affected users |
]]></source> |
<target><![CDATA[ |
Betroffene Benutzer |
]]></target> |
</message> |
<message> |
<source><![CDATA[ |
After clicking "change", your OIDplus system will contact the ViaThinkSoft server to adjust (add or remove information) your privacy setting. This may take a few minutes. |
]]></source> |
<target><![CDATA[ |
2550,6 → 2566,14 |
</message> |
<message> |
<source><![CDATA[ |
Event |
]]></source> |
<target><![CDATA[ |
Ereignis |
]]></target> |
</message> |
<message> |
<source><![CDATA[ |
Everything OK! |
]]></source> |
<target><![CDATA[ |
3238,6 → 3262,14 |
</message> |
<message> |
<source><![CDATA[ |
IP Address |
]]></source> |
<target><![CDATA[ |
IP-Adresse |
]]></target> |
</message> |
<message> |
<source><![CDATA[ |
IP address has changed. Please try again. (current IP %1, expected %2) |
]]></source> |
<target><![CDATA[ |
8254,6 → 8286,14 |
</message> |
<message> |
<source><![CDATA[ |
Time |
]]></source> |
<target><![CDATA[ |
Zeit |
]]></target> |
</message> |
<message> |
<source><![CDATA[ |
Title |
]]></source> |
<target><![CDATA[ |
/trunk/plugins/viathinksoft/raPages/099_object_log/OIDplusPageRaObjectLog.class.php |
---|
78,12 → 78,22 |
"where lu.object = ? " . |
"order by lo.unix_ts desc", array($id)); |
$text .= '<h2>'._L('Log messages for object %1',htmlentities($id)).'</h2>'; |
$max_ent = 0; |
$text .= '<div class="container box"><div id="suboid_table" class="table-responsive">'; |
$text .= '<table class="table table-bordered table-striped">'; |
$text .= '<thead>'; |
$text .= '<tr><th>'._L('Time').'</th><th>'._L('Event').'</th><th>'._L('Affected users').'</th><!--<th>'._L('Affected objects').'</th>--><th>'._L('IP Address').'</th></tr>'; |
$text .= '</thead>'; |
$text .= '<tbody>'; |
if ($res->any()) { |
$text .= '<pre>'; |
$count = 0; |
while ($row = $res->fetch_array()) { |
$max_ent++; |
if ($max_ent > 100) break; // TODO: also allow to watch older entries |
$count++; |
if ($count > 100) break; // TODO: also allow to watch older entries |
$addr = empty($row['addr']) ? _L('no address') : $row['addr']; |
$users = array(); |
$res2 = OIDplus::db()->query("select username, severity from ###log_user ". |
"where log_id = ?", array((int)$row['id'])); |
90,19 → 100,25 |
while ($row2 = $res2->fetch_array()) { |
$users[] = $row2['username']; |
} |
$users = count($users) > 0 ? ", ".implode('/',$users) : ''; |
$users = implode("\n",$users); |
$addr = empty($row['addr']) ? _L('no address') : $row['addr']; |
$text .= '<span class="severity_'.$row['severity'].'">' . date('Y-m-d H:i:s', (int)$row['unix_ts']) . ': ' . htmlentities($row["event"]??'')." (" . htmlentities($addr.$users) . ")</span>\n"; |
$a = '<span class="severity_'.$row['severity'].'">'; |
$b = '</span>'; |
$text .= '<tr>'; |
$text .= '<td>'.$a.date('Y-m-d H:i:s', (int)$row['unix_ts']).$b.'</td>'; |
$text .= '<td>'.$a.htmlentities($row['event']).$b.'</td>'; |
$text .= '<td>'.$a.nl2br(htmlentities($users)).$b.'</td>'; |
#$text .= '<td>'.$a.nl2br(htmlentities($objects)).$b.'</td>'; |
$text .= '<td>'.$a.htmlentities($addr).$b.'</td>'; |
$text .= '<tr>'; |
} |
$text .= '</pre>'; |
// TODO: List logs in a table instead of a <pre> text |
} else { |
$text .= '<p>'._L('Currently there are no log entries').'</p>'; |
$text .= '<tr><td colspan="4">'._L('There are no log entries on this page').'</td></tr>'; |
} |
$text .= '</tbody>'; |
$text .= '</table>'; |
$text .= '</div></div>'; |
} |
/** |
/trunk/plugins/viathinksoft/raPages/200_log/OIDplusPageRaLogEvents.class.php |
---|
68,10 → 68,10 |
"left join ###log_user lu on lu.log_id = lo.id ". |
"where lu.username = ? " . |
"order by lo.unix_ts desc", array($ra_email)); |
$page = floor($res->fetch_array()['cnt'] / 50) + 1; |
$page = floor($res->fetch_array()['cnt'] / 500) + 1; |
} |
$min = ($page-1) * 50 + 1; |
$max = ($page ) * 50; |
$min = ($page-1) * 500 + 1; |
$max = ($page ) * 500; |
$res = OIDplus::db()->query("select lo.unix_ts, lo.addr, lo.event, lu.severity from ###log lo ". |
"left join ###log_user lu on lu.log_id = lo.id ". |
86,19 → 86,36 |
$out['text'] .= '<a '.OIDplus::gui()->link($parts[0].'$'.$parts[1].'$'.($page-1)).'>Older log entries</a>'; |
$out['text'] .= '<p>'; |
$out['text'] .= '<div class="container box"><div id="suboid_table" class="table-responsive">'; |
$out['text'] .= '<table class="table table-bordered table-striped">'; |
$out['text'] .= '<thead>'; |
$out['text'] .= '<tr><th>'._L('Time').'</th><th>'._L('Event').'</th><!--<th>'._L('Affected users').'</th><th>'._L('Affected objects').'</th>--><th>'._L('IP Address').'</th></tr>'; |
$out['text'] .= '</thead>'; |
$out['text'] .= '<tbody>'; |
if ($res->any()) { |
$out['text'] .= '<pre>'; |
$count = 0; |
while ($row = $res->fetch_array()) { |
$addr = empty($row['addr']) ? _L('no address') : $row['addr']; |
$out['text'] .= '<span class="severity_'.$row['severity'].'">' . date('Y-m-d H:i:s', (int)$row['unix_ts']) . ': ' . htmlentities($row["event"])." (" . htmlentities($addr) . ")</span>\n"; |
$a = '<span class="severity_'.$row['severity'].'">'; |
$b = '</span>'; |
$out['text'] .= '<tr>'; |
$out['text'] .= '<td>'.$a.date('Y-m-d H:i:s', (int)$row['unix_ts']).$b.'</td>'; |
$out['text'] .= '<td>'.$a.htmlentities($row['event']).$b.'</td>'; |
#$out['text'] .= '<td>'.$a.nl2br(htmlentities($users)).$b.'</td>'; |
#$out['text'] .= '<td>'.$a.nl2br(htmlentities($objects)).$b.'</td>'; |
$out['text'] .= '<td>'.$a.htmlentities($addr).$b.'</td>'; |
$out['text'] .= '<tr>'; |
} |
$out['text'] .= '</pre>'; |
} else { |
$out['text'] .= '<p>'._L('There are no log entries on this page').'</p>'; |
$out['text'] .= '<tr><td colspan="3">'._L('There are no log entries on this page').'</td></tr>'; |
} |
// TODO: List logs in a table instead of a <pre> text |
$out['text'] .= '</tbody>'; |
$out['text'] .= '</table>'; |
$out['text'] .= '</div></div>'; |
} |
} |
/trunk/vendor/composer/installed.json |
---|
837,12 → 837,12 |
"source": { |
"type": "git", |
"url": "https://github.com/phpseclib/phpseclib.git", |
"reference": "d2cd758ecb50addfe7a4283a2084a63efeefce3d" |
"reference": "4b1827beabce71953ca479485c0ae9c51287f2fe" |
}, |
"dist": { |
"type": "zip", |
"url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/d2cd758ecb50addfe7a4283a2084a63efeefce3d", |
"reference": "d2cd758ecb50addfe7a4283a2084a63efeefce3d", |
"url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/4b1827beabce71953ca479485c0ae9c51287f2fe", |
"reference": "4b1827beabce71953ca479485c0ae9c51287f2fe", |
"shasum": "" |
}, |
"require": { |
860,7 → 860,7 |
"ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", |
"ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." |
}, |
"time": "2023-12-19T04:55:17+00:00", |
"time": "2023-12-29T01:59:53+00:00", |
"type": "library", |
"installation-source": "dist", |
"autoload": { |
/trunk/vendor/composer/installed.php |
---|
189,7 → 189,7 |
'phpseclib/phpseclib' => array( |
'pretty_version' => '3.0.x-dev', |
'version' => '3.0.9999999.9999999-dev', |
'reference' => 'd2cd758ecb50addfe7a4283a2084a63efeefce3d', |
'reference' => '4b1827beabce71953ca479485c0ae9c51287f2fe', |
'type' => 'library', |
'install_path' => __DIR__ . '/../phpseclib/phpseclib', |
'aliases' => array(), |
/trunk/vendor/licenses |
---|
28,7 → 28,7 |
matthiasmullie/path-converter 1.1.3 MIT |
paragonie/constant_time_encoding v2.6.3 MIT |
paragonie/random_compat v9.99.100 MIT |
phpseclib/phpseclib 3.0.x-dev d2cd758 MIT |
phpseclib/phpseclib 3.0.x-dev 4b1827b MIT |
script47/bs5-utils master master MIT |
spamspan/spamspan master GPL-2.0-only |
spomky-labs/php-punycode 9999999-dev d12fe5c MIT |
/trunk/vendor/phpseclib/phpseclib/README.md |
---|
51,7 → 51,7 |
* PHP4 compatible |
* Composer compatible (PSR-0 autoloading) |
* Install using Composer: `composer require phpseclib/phpseclib:~1.0` |
* [Download 1.0.21 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.21.zip/download) |
* [Download 1.0.22 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.22.zip/download) |
## Security contact information |
/trunk/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php |
---|
382,7 → 382,7 |
$shortname = $meta->getShortName(); |
self::$plugins[static::ALGORITHM]['Keys'][strtolower($shortname)] = $fullname; |
if ($meta->hasConstant('IS_INVISIBLE')) { |
self::$invisiblePlugins[static::ALGORITHM] = strtolower($name); |
self::$invisiblePlugins[static::ALGORITHM][] = strtolower($shortname); |
} |
} |
} |
/trunk/vendor/phpseclib/phpseclib/phpseclib/Net/SSH2.php |
---|
1103,6 → 1103,16 |
private $errorOnMultipleChannels; |
/** |
* Terrapin Countermeasure |
* |
* "During initial KEX, terminate the connection if any unexpected or out-of-sequence packet is received" |
* -- https://github.com/openssh/openssh-portable/commit/1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5 |
* |
* @var int |
*/ |
private $extra_packets; |
/** |
* Default Constructor. |
* |
* $host can either be a string, representing the host, or a stream resource. |
1536,7 → 1546,7 |
$preferred['client_to_server']['comp'] : |
SSH2::getSupportedCompressionAlgorithms(); |
$kex_algorithms = array_merge($kex_algorithms, ['ext-info-c']); |
$kex_algorithms = array_merge($kex_algorithms, ['ext-info-c', 'kex-strict-c-v00@openssh.com']); |
// some SSH servers have buggy implementations of some of the above algorithms |
switch (true) { |
1592,6 → 1602,7 |
if ($kexinit_payload_server === false) { |
$this->send_binary_packet($kexinit_payload_client); |
$this->extra_packets = 0; |
$kexinit_payload_server = $this->get_binary_packet(); |
if ( |
1623,6 → 1634,11 |
$this->languages_server_to_client, |
$first_kex_packet_follows |
) = Strings::unpackSSH2('L10C', $response); |
if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) { |
if ($this->session_id === false && $this->extra_packets) { |
throw new \UnexpectedValueException('Possible Terrapin Attack detected'); |
} |
} |
$this->supported_private_key_algorithms = $this->server_host_key_algorithms; |
1881,6 → 1897,10 |
throw new \UnexpectedValueException('Expected SSH_MSG_NEWKEYS'); |
} |
if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) { |
$this->get_seq_no = $this->send_seq_no = 0; |
} |
$keyBytes = pack('Na*', strlen($keyBytes), $keyBytes); |
$this->encrypt = self::encryption_algorithm_to_crypt_instance($encrypt); |
3769,9 → 3789,11 |
$this->bitmap = 0; |
return false; |
case NET_SSH2_MSG_IGNORE: |
$this->extra_packets++; |
$payload = $this->get_binary_packet($skip_channel_filter); |
break; |
case NET_SSH2_MSG_DEBUG: |
$this->extra_packets++; |
Strings::shift($payload, 2); // second byte is "always_display" |
list($message) = Strings::unpackSSH2('s', $payload); |
$this->errors[] = "SSH_MSG_DEBUG: $message"; |
3780,6 → 3802,7 |
case NET_SSH2_MSG_UNIMPLEMENTED: |
return false; |
case NET_SSH2_MSG_KEXINIT: |
// this is here for key re-exchanges after the initial key exchange |
if ($this->session_id !== false) { |
if (!$this->key_exchange($payload)) { |
$this->bitmap = 0; |