AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

When exporting credential info, include the TOTP secret

This commit is contained in:
wrongecho 2025-10-15 10:12:14 +01:00
parent 21aee98f9f
commit b7a9f9ea38
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
agent/post/credential.php
View File

@ -317,8 +317,6 @@ if (isset($_POST['export_credentials_csv'])) {
//get records from database
$sql = mysqli_query($mysqli,"SELECT * FROM credentials LEFT JOIN clients ON client_id = credential_client_id WHERE credential_archived_at IS NULL $client_query ORDER BY credential_name ASC");
$row = mysqli_fetch_array($sql);
$num_rows = mysqli_num_rows($sql);
if ($num_rows > 0) {
@ -331,14 +329,14 @@ if (isset($_POST['export_credentials_csv'])) {
$f = fopen('php://memory', 'w');
//set column headers
$fields = array('Name', 'Description', 'Username', 'Password', 'URI');
$fields = array('Name', 'Description', 'Username', 'Password', 'TOTP', 'URI');
fputcsv($f, $fields, $delimiter, $enclosure, $escape);
//output each row of the data, format line as csv and write to file pointer
while($row = mysqli_fetch_assoc($sql)){
$credential_username = decryptCredentialEntry($row['credential_username']);
$credential_password = decryptCredentialEntry($row['credential_password']);
$lineData = array($row['credential_name'], $row['credential_description'], $credential_username, $credential_password, $row['credential_uri']);
$lineData = array($row['credential_name'], $row['credential_description'], $credential_username, $credential_password, $row['credential_otp_secret'], $row['credential_uri']);
fputcsv($f, $lineData, $delimiter, $enclosure, $escape);
}