mirror of https://github.com/itflow-org/itflow
174 lines
8.3 KiB
PHP
174 lines
8.3 KiB
PHP
<?php
|
|
|
|
require_once("inc_all_client.php");
|
|
|
|
if (!empty($_GET['sb'])) {
|
|
$sb = strip_tags(mysqli_real_escape_string($mysqli, $_GET['sb']));
|
|
} else {
|
|
$sb = "login_name";
|
|
}
|
|
|
|
//Rebuild URL
|
|
$url_query_strings_sb = http_build_query(array_merge($_GET, array('sb' => $sb, 'o' => $o)));
|
|
|
|
$sql = mysqli_query(
|
|
$mysqli,
|
|
"SELECT SQL_CALC_FOUND_ROWS * FROM logins
|
|
WHERE login_client_id = $client_id
|
|
AND (login_name LIKE '%$q%' OR login_uri LIKE '%$q%')
|
|
ORDER BY $sb $o LIMIT $record_from, $record_to"
|
|
);
|
|
|
|
$num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|
|
|
?>
|
|
|
|
<div class="card card-dark">
|
|
<div class="card-header py-2">
|
|
<h3 class="card-title mt-2"><i class="fa fa-fw fa-key"></i> Passwords</h3>
|
|
<div class="card-tools">
|
|
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addLoginModal"><i class="fas fa-fw fa-plus"></i> New Login</button>
|
|
</div>
|
|
</div>
|
|
<div class="card-body">
|
|
<form autocomplete="off">
|
|
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
|
|
<div class="row">
|
|
|
|
<div class="col-md-4">
|
|
<div class="input-group mb-3 mb-md-0">
|
|
<input type="search" class="form-control" name="q" value="<?php if (isset($q)) { echo strip_tags(htmlentities($q)); } ?>" placeholder="Search Passwords">
|
|
<div class="input-group-append">
|
|
<button class="btn btn-dark"><i class="fa fa-search"></i></button>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="col-md-8">
|
|
<div class="float-right">
|
|
<a href="post.php?export_client_logins_csv=<?php echo $client_id; ?>" class="btn btn-default"><i class="fa fa-fw fa-download"></i> Export</a>
|
|
<button type="button" class="btn btn-default" data-toggle="modal" data-target="#importLoginModal"><i class="fa fa-fw fa-upload"></i> Import</button>
|
|
</div>
|
|
</div>
|
|
|
|
</div>
|
|
</form>
|
|
<hr>
|
|
<div class="table-responsive">
|
|
<table class="table table-striped table-borderless table-hover">
|
|
<thead class="text-dark <?php if ($num_rows[0] == 0) { echo "d-none"; } ?>">
|
|
<tr>
|
|
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=login_name&o=<?php echo $disp; ?>">Name</a></th>
|
|
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=login_username&o=<?php echo $disp; ?>">Username</a></th>
|
|
<th>Password</th>
|
|
<th>OTP</th>
|
|
<th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=login_uri&o=<?php echo $disp; ?>">URI</a></th>
|
|
<th class="text-center">Action</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php
|
|
|
|
while ($row = mysqli_fetch_array($sql)) {
|
|
$login_id = $row['login_id'];
|
|
$login_name = htmlentities($row['login_name']);
|
|
$login_uri = htmlentities($row['login_uri']);
|
|
if (empty($login_uri)) {
|
|
$login_uri_display = "-";
|
|
} else {
|
|
$login_uri_display = "$login_uri<button class='btn btn-sm clipboardjs' data-clipboard-text='$login_uri'><i class='far fa-copy text-secondary'></i></button><a href='https://$login_uri' target='_blank'><i class='fa fa-external-link-alt text-secondary'></i></a>";
|
|
}
|
|
$login_username = htmlentities(decryptLoginEntry($row['login_username']));
|
|
if (empty($login_username)) {
|
|
$login_username_display = "-";
|
|
} else {
|
|
$login_username_display = "$login_username<button class='btn btn-sm clipboardjs' data-clipboard-text='$login_username'><i class='far fa-copy text-secondary'></i></button>";
|
|
}
|
|
$login_password = htmlentities(decryptLoginEntry($row['login_password']));
|
|
$login_otp_secret = htmlentities($row['login_otp_secret']);
|
|
$login_id_with_secret = '"' . $row['login_id'] . '","' . $row['login_otp_secret'] . '"';
|
|
if (empty($login_otp_secret)) {
|
|
$otp_display = "-";
|
|
} else {
|
|
$otp_display = "<span onmouseenter='showOTP($login_id_with_secret)'><i class='far fa-clock'></i> <span id='otp_$login_id'><i>Hover..</i></span></span>";
|
|
}
|
|
$login_note = htmlentities($row['login_note']);
|
|
$login_important = $row['login_important'];
|
|
$login_contact_id = $row['login_contact_id'];
|
|
$login_vendor_id = $row['login_vendor_id'];
|
|
$login_asset_id = $row['login_asset_id'];
|
|
$login_software_id = $row['login_software_id'];
|
|
|
|
?>
|
|
<tr>
|
|
<td>
|
|
<i class="fa fa-fw fa-key text-secondary"></i>
|
|
<a class="text-dark" href="#" data-toggle="modal" data-target="#editLoginModal<?php echo $login_id; ?>">
|
|
<?php echo $login_name; ?>
|
|
</a>
|
|
</td>
|
|
<td><?php echo $login_username_display; ?></td>
|
|
<td>
|
|
<a tabindex="0" href="#" data-toggle="popover" data-trigger="focus" data-placement="top" data-content="<?php echo $login_password; ?>"><i class="fas fa-2x fa-ellipsis-h text-secondary"></i><i class="fas fa-2x fa-ellipsis-h text-secondary"></i></a><button class="btn btn-sm clipboardjs" data-clipboard-text="<?php echo $login_password; ?>"><i class="far fa-copy text-secondary"></i></button>
|
|
</td>
|
|
<td><?php echo $otp_display; ?></td>
|
|
<td><?php echo $login_uri_display; ?></td>
|
|
<td>
|
|
<div class="dropdown dropleft text-center">
|
|
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
|
|
<i class="fas fa-ellipsis-h"></i>
|
|
</button>
|
|
<div class="dropdown-menu">
|
|
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#editLoginModal<?php echo $login_id; ?>">Edit</a>
|
|
<a class="dropdown-item" href="#" data-toggle="modal" data-target="#shareModal" onclick="populateShareModal(<?php echo "$client_id, 'Login', $login_id"; ?>)">Share</a>
|
|
<?php if ($session_user_role == 3) { ?>
|
|
<div class="dropdown-divider"></div>
|
|
<a class="dropdown-item text-danger" href="post.php?delete_login=<?php echo $login_id; ?>">Delete</a>
|
|
<?php } ?>
|
|
</div>
|
|
</div>
|
|
</td>
|
|
</tr>
|
|
|
|
<?php
|
|
|
|
require("client_login_edit_modal.php");
|
|
}
|
|
|
|
?>
|
|
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<?php require_once("pagination.php"); ?>
|
|
</div>
|
|
</div>
|
|
|
|
<script>
|
|
function showOTP(id, secret) {
|
|
//Send a GET request to ajax.php as ajax.php?get_totp_token=true&totp_secret=SECRET
|
|
jQuery.get(
|
|
"ajax.php",
|
|
{get_totp_token: 'true', totp_secret: secret},
|
|
function(data) {
|
|
//If we get a response from post.php, parse it as JSON
|
|
const token = JSON.parse(data);
|
|
|
|
document.getElementById("otp_" + id).innerText = token
|
|
|
|
}
|
|
);
|
|
}
|
|
|
|
function generatePassword() {
|
|
document.getElementById("password").value = "<?php echo randomString(); ?>"
|
|
}
|
|
</script>
|
|
|
|
<?php
|
|
|
|
require_once("client_login_add_modal.php");
|
|
require_once("share_modal.php");
|
|
require_once("client_login_import_modal.php");
|
|
require_once("footer.php");
|