aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/attach.php9
-rw-r--r--include/auth.php37
-rw-r--r--include/config.php4
-rw-r--r--include/event.php6
-rw-r--r--include/html2plain.php4
-rw-r--r--include/language.php4
-rw-r--r--include/network.php12
7 files changed, 54 insertions, 22 deletions
diff --git a/include/attach.php b/include/attach.php
index 2283da1c6..449721793 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -113,7 +113,6 @@ function z_mime_content_type($filename) {
'odf' => 'application/vnd.oasis.opendocument.formula',
'odi' => 'application/vnd.oasis.opendocument.image',
'odm' => 'application/vnd.oasis.opendocument.text-master',
- 'odb' => 'application/vnd.oasis.opendocument.base',
'odb' => 'application/vnd.oasis.opendocument.database',
'ott' => 'application/vnd.oasis.opendocument.text-template',
'ots' => 'application/vnd.oasis.opendocument.spreadsheet-template',
@@ -2467,8 +2466,8 @@ function copy_folder_to_cloudfiles($channel, $observer_hash, $srcpath, $cloudpat
* @param int $channel_id
* @param int $resource_id
* @param string $new_folder_hash
- * @param (optional) string $newname
- * @param (optional) boolean $recurse
+ * @param string (optional) $newname
+ * @param boolean (optional) $recurse
* @return array Associative array with:
* * \e boolean \b success
* * \e string \b resource_id
@@ -2668,8 +2667,8 @@ function attach_move($channel_id, $resource_id, $new_folder_hash, $newname = '',
* @param int $channel_id
* @param int $resource_id
* @param string $new_folder_hash
- * @param (optional) string $newname
- * @param (optional) boolean $recurse
+ * @param string (optional) $newname
+ * @param boolean (optional) $recurse
* @return array Associative array with:
* * \e boolean \b success
* * \e string \b resource_id of the new resource
diff --git a/include/auth.php b/include/auth.php
index 0cd48bce3..1fc2cc556 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -176,6 +176,40 @@ function log_failed_login($errormsg) {
@file_put_contents($authlog, datetime_convert() . ':' . session_id() . ' ' . $errormsg . PHP_EOL, FILE_APPEND);
}
+
+/**
+ * Determines if checking for multifactor authentication needs to be checked.
+ *
+ * Checks that multi factor authentication is enabled for the given account_id,
+ * and whether it's already authenticated or not.
+ *
+ * Some modules needs to be excluded from the mfa checks for various reasons:
+ *
+ * - `totp_check` is used by the mfa module itself.
+ * - `dav` provides WebDAV access, and has no way of providing a mfa code.
+ * - `cdav` is accessed both via CardDAV which has the same limitations as
+ * the `dav` module, but may also be accessed via a web browser over http.
+ * We only exclude it if it's not being accessed via a web browser.
+ *
+ * @param int $account_id The id of the account we're verifying.
+ * @param string $module The requested module.
+ * @param string $arg The first arg passed to the module (or empty if none.)
+ *
+ * @return bool `true` if mfa status needs to be checked, `false` otherwise.
+ */
+function requires_mfa_check(int $account_id, string $module, string $arg): bool {
+ if (in_array($module, ['totp_check', 'dav'], true)) {
+ return false;
+ }
+
+ if ($module === 'cdav' && !in_array($arg, ['addressbook', 'calendar'], true)) {
+ return false;
+ }
+
+ $multiFactor = AConfig::Get($account_id, 'system', 'mfa_enabled');
+ return $multiFactor && empty($_SESSION['2FA_VERIFIED']);
+}
+
/**
* Inline - not a function
* look for auth parameters or re-validate an existing session
@@ -267,8 +301,7 @@ if((isset($_SESSION)) && (x($_SESSION, 'authenticated')) &&
$login_refresh = true;
}
- $multiFactor = AConfig::Get(App::$account['account_id'], 'system', 'mfa_enabled');
- if ($multiFactor && empty($_SESSION['2FA_VERIFIED']) && App::$module !== 'totp_check') {
+ if (requires_mfa_check(App::$account['account_id'], App::$module, argv(1))) {
$o = new Totp_check;
echo $o->get();
killme();
diff --git a/include/config.php b/include/config.php
index 674d5afe4..4dd40eccf 100644
--- a/include/config.php
+++ b/include/config.php
@@ -120,8 +120,8 @@ function get_pconfig($uid, $family, $key, $default = false) {
return Zlib\PConfig::Get($uid,$family,$key,$default);
}
-function set_pconfig($uid, $family, $key, $value) {
- return Zlib\PConfig::Set($uid,$family,$key,$value);
+function set_pconfig($uid, $family, $key, $value, $updated = NULL) {
+ return Zlib\PConfig::Set($uid, $family, $key, $value, $updated);
}
function del_pconfig($uid, $family, $key, $updated = NULL) {
diff --git a/include/event.php b/include/event.php
index ef73fc9b5..f8511cbe2 100644
--- a/include/event.php
+++ b/include/event.php
@@ -272,9 +272,9 @@ function format_event_ical($ev) {
if($ev['adjust']) {
if($ev['dtstart'])
- $o .= "\r\nDTSTART$tzid:" . datetime_convert($tz,'UTC', $ev['dtstart'],'Ymd\\THis\\Z');
+ $o .= "\r\nDTSTART$tzid:" . datetime_convert('UTC', $tz, $ev['dtstart'],'Ymd\\THis');
if($ev['dtend'] && ! $ev['nofinish'])
- $o .= "\r\nDTEND$tzid:" . datetime_convert($tz,'UTC', $ev['dtend'],'Ymd\\THis\\Z');
+ $o .= "\r\nDTEND$tzid:" . datetime_convert('UTC', $tz, $ev['dtend'],'Ymd\\THis');
}
else {
if($ev['dtstart'])
@@ -797,7 +797,7 @@ function parse_event_object($event_object_json) {
$tz = $object['timezone'] ?? 'UTC';
$ev['summary'] = $object['summary'] ?? $object['name'] ?? '';
- $ev['description'] = html2bbcode($content['content']) ?? '';
+ $ev['description'] = html2bbcode($object['content']) ?? '';
$ev['dtstart'] = $object['startTime'] ? datetime_convert('UTC', 'UTC', $object['startTime']) : '';
$ev['dtend'] = $object['endTime'] ? datetime_convert('UTC', 'UTC', $object['endTime']) : $ev['dtstart'];
$ev['location'] = $object['location']['name'] ?? '';
diff --git a/include/html2plain.php b/include/html2plain.php
index 88dce577d..69fb5193a 100644
--- a/include/html2plain.php
+++ b/include/html2plain.php
@@ -196,7 +196,7 @@ function html2plain($html, $wraplength = 75, $compact = false)
// Problem: there is no reliable way to detect if it is a link to a tag or profile
//node2bbcode($doc, 'a', array('href'=>'/(.+)/'), ' $1 ', '', true);
- node2bbcode($doc, 'a', array('href'=>'/(.+)/', 'rel'=>'oembed'), ' $1 ', '', true);
+ node2bbcode($doc, 'a', array('href'=>'/(.+)/', 'rel'=>'oembed'), ' $1 ', '');
//node2bbcode($doc, 'img', array('alt'=>'/(.+)/'), '$1', '');
//node2bbcode($doc, 'img', array('title'=>'/(.+)/'), '$1', '');
//node2bbcode($doc, 'img', array(), '', '');
@@ -205,7 +205,7 @@ function html2plain($html, $wraplength = 75, $compact = false)
else
node2bbcode($doc, 'img', array('src'=>'/(.+)/'), '', '');
- node2bbcode($doc, 'iframe', array('src'=>'/(.+)/'), ' $1 ', '', true);
+ node2bbcode($doc, 'iframe', array('src'=>'/(.+)/'), ' $1 ', '');
$message = $doc->saveHTML();
diff --git a/include/language.php b/include/language.php
index 22f350aac..538f67d90 100644
--- a/include/language.php
+++ b/include/language.php
@@ -198,10 +198,10 @@ function load_translation_table($lang, $install = false) {
*
* @param string $s string that should get translated
* @param string $ctx (optional) context to appear in po file
- * @return translated string if exists, otherwise return $s
+ * @return string translated string if exists, otherwise return $s
*
*/
-function t($s, $ctx = '') {
+function t($s, $ctx = ''): string {
$cs = $ctx ? '__ctx:' . $ctx . '__ ' . $s : $s;
if (x(App::$strings, $cs)) {
diff --git a/include/network.php b/include/network.php
index a7a11ff6e..bb5bc1ce7 100644
--- a/include/network.php
+++ b/include/network.php
@@ -116,7 +116,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
}
else {
$curl_time = intval(@Config::Get('system','curl_timeout'));
- @curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
+ @curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== 0) ? $curl_time : 60));
}
if(x($opts,'connecttimeout') && intval($opts['connecttimeout'])) {
@@ -124,7 +124,7 @@ function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) {
}
else {
$curl_contime = intval(@Config::Get('system','curl_connecttimeout'));
- @curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, (($curl_contime !== false) ? $curl_contime : 30));
+ @curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, (($curl_contime !== 0) ? $curl_contime : 30));
}
if(x($opts,'http_auth')) {
@@ -298,7 +298,7 @@ function z_post_url($url, $params, $redirects = 0, $opts = array()) {
}
else {
$curl_time = intval(@Config::Get('system','curl_timeout'));
- @curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
+ @curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== 0) ? $curl_time : 60));
}
if(x($opts,'http_auth')) {
@@ -2146,9 +2146,9 @@ function get_request_string($url) {
*
* @param array $parsed_url An associative array as produced by `parse_url`.
*
- * @return The reassembled URL as a string.
+ * @return string The reassembled URL as a string.
*/
-function unparse_url($parsed_url) {
+function unparse_url(array $parsed_url): string {
$scheme = isset($parsed_url['scheme']) ? $parsed_url['scheme'] . '://' : '';
$host = isset($parsed_url['host']) ? $parsed_url['host'] : '';
$port = isset($parsed_url['port']) ? ':' . $parsed_url['port'] : '';
@@ -2158,5 +2158,5 @@ function unparse_url($parsed_url) {
$path = isset($parsed_url['path']) ? $parsed_url['path'] : '';
$query = isset($parsed_url['query']) ? '?' . $parsed_url['query'] : '';
$fragment = isset($parsed_url['fragment']) ? '#' . $parsed_url['fragment'] : '';
- return "$scheme$user$pass$host$port$path$query$fragment";
+ return $scheme . $user . $pass . $host . $port . $path . $query . $fragment;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-16 15:35:27 +0000