diff --git a/includes/config/include.php b/includes/config/include.php index 5e2577cab..1d90f8132 100755 --- a/includes/config/include.php +++ b/includes/config/include.php @@ -28,7 +28,7 @@ define('TP_VERSION', '3.1.2'); define("UPGRADE_MIN_DATE", "1727110744"); -define('TP_VERSION_MINOR', '112'); +define('TP_VERSION_MINOR', '114'); define('TP_TOOL_NAME', 'Teampass'); define('TP_ONE_DAY_SECONDS', 86400); define('TP_ONE_WEEK_SECONDS', 604800); diff --git a/includes/tables_integrity.json b/includes/tables_integrity.json index 0cacbb9fa..f1f7e2393 100644 --- a/includes/tables_integrity.json +++ b/includes/tables_integrity.json @@ -13,11 +13,11 @@ }, { "table_name": "background_tasks", - "structure_hash": "38da4ecc0e0b9ca5885c527507656b4fcf98df29e6b8bc794c4c45b00683aa21" + "structure_hash": "79a62efdee7707b95762fece4b2981229a155dedede422a44e4410270ad0c869" }, { "table_name": "background_tasks_logs", - "structure_hash": "670985b7418ff8176df19b15c6568b935ab27137112fed7f02e6d4f4f006a765" + "structure_hash": "5b885ec26fdf2bb38ef63969be47ea2ca773f3f40be61e2afffa738cc3c73795" }, { "table_name": "cache", @@ -97,11 +97,11 @@ }, { "table_name": "log_items", - "structure_hash": "41e2733b5cc25a4eab9b62d5e9ecc130c9427509c0dcc915f79e347048bb03fe" + "structure_hash": "bd6960c43399a81559a8ff6feb0c924421f7aa6c456241c00ccb3ba0cb75def6" }, { "table_name": "log_system", - "structure_hash": "5f62e1cbf98308aac6598cbafb4e938435162a2640c99e42cec8d6c5c60767fc" + "structure_hash": "966e6fd89b125f152be3f2d0113a95466ad770989bae9b73d8129820c9777281" }, { "table_name": "misc", diff --git a/sources/items.logs.php b/sources/items.logs.php index cfc3c6f22..727024791 100755 --- a/sources/items.logs.php +++ b/sources/items.logs.php @@ -123,8 +123,19 @@ $post_data, 'decode' ); + + // Check if the data is correct + // Required keys: id, label, user_id, action, login + $requiredKeys = ['id', 'label', 'user_id', 'action', 'login']; - if (is_array($dataReceived) === true && count($dataReceived) > 0 && array_key_exists('id', $dataReceived) === true && null !== filter_var($dataReceived['id'], FILTER_SANITIZE_NUMBER_INT)) { + if ( + is_array($dataReceived) && // check if the data is an array + array_diff_key(array_flip($requiredKeys), $dataReceived) === [] && // check if all required keys have a valuekeys are present + count(array_filter($dataReceived)) === count($requiredKeys) && // check if all required + in_array($dataReceived['action'], ['at_password_shown', 'at_password_copied'], true) && // only log these actions + $session->get('user-id') === (int) filter_var($dataReceived['user_id'], FILTER_SANITIZE_NUMBER_INT) // only log actions of the current user + ) { + // Log the action logItems( $SETTINGS, (int) filter_var($dataReceived['id'], FILTER_SANITIZE_NUMBER_INT), diff --git a/sources/main.functions.php b/sources/main.functions.php index 6dc882bbb..f25c4fe6d 100755 --- a/sources/main.functions.php +++ b/sources/main.functions.php @@ -1569,7 +1569,7 @@ function logItems( ] ); // Timestamp the last change - if ($action === 'at_creation' || $action === 'at_modifiation' || $action === 'at_delete' || $action === 'at_import') { + if (in_array($action, ['at_creation', 'at_modifiation', 'at_delete', 'at_import'], true)) { DB::update( prefixTable('misc'), [ @@ -1583,7 +1583,7 @@ function logItems( } // SYSLOG - if (isset($SETTINGS['syslog_enable']) === true && $SETTINGS['syslog_enable'] === '1') { + if (isset($SETTINGS['syslog_enable']) === true && (int) $SETTINGS['syslog_enable'] === 1) { // Extract reason $attribute = is_null($raison) === true ? Array('') : explode(' : ', $raison); // Get item info if not known