nilsteampassnet
diff --git a/‎includes/config/include.php
+1-1 b/‎includes/config/include.php
+1-1
diff --git a/‎includes/libraries/teampassclasses/passwordmanager/src/PasswordManager.php
+1-1 b/‎includes/libraries/teampassclasses/passwordmanager/src/PasswordManager.php
+1-1
diff --git a/‎install/install.queries.php
+11-7 b/‎install/install.queries.php
+11-7
diff --git a/‎install/upgrade.php
+1-1 b/‎install/upgrade.php
+1-1
diff --git a/‎install/upgrade_operations.php
+38-9 b/‎install/upgrade_operations.php
+38-9
diff --git a/‎install/upgrade_run_3.0.0.php
+6-10 b/‎install/upgrade_run_3.0.0.php
+6-10
diff --git a/‎install/upgrade_run_3.0.0_fields.php
+4-11 b/‎install/upgrade_run_3.0.0_fields.php
+4-11
diff --git a/‎install/upgrade_run_3.0.0_files.php
+3-10 b/‎install/upgrade_run_3.0.0_files.php
+3-10
diff --git a/‎install/upgrade_run_3.0.0_logs.php
+2-9 b/‎install/upgrade_run_3.0.0_logs.php
+2-9
@@ -40,7 +40,7 @@
 define('TP_COPYRIGHT', '2009-'.date('Y'));
 define('TP_ALLOWED_TAGS', '<b><i><sup><sub><em><strong><u><br><br /><a><strike><ul><blockquote><blockquote><img><li><h1><h2><h3><h4><h5><ol><small><font>');
 define('TP_FILE_PREFIX', 'EncryptedFile_');
-define('NUMBER_ITEMS_IN_BATCH', 100);
+define('NUMBER_ITEMS_IN_BATCH', 1000);
 define('WIP', false);
 define('UPGRADE_SEND_EMAILS', true);
 define('KEY_LENGTH', 16);
 
@@ -62,7 +62,7 @@ public function migratePassword(string $hashedPassword, string $plainPassword, i
         // Vérifiez si le mot de passe a été haché avec passwordlib
         if ($this->isPasswordLibHash($hashedPassword)) {
             // Utilisez la vérification de passwordlib ici
-            if ($this->passwordLibVerify($hashedPassword, $plainPassword)) {
+            if ($this->passwordLibVerify($hashedPassword, html_entity_decode($plainPassword))) {
                 // Password is valid, hash it with new system
                 $newHashedPassword = $this->hashPassword($plainPassword);
                 $userInfo['pw'] = $newHashedPassword;
 
@@ -382,7 +382,8 @@ function encryptFollowingDefuse($message, $ascii_key)
 								`object_id` int(12) NOT NULL,
 								`user_id` int(12) NOT NULL,
 								`share_key` text NOT NULL,
-								PRIMARY KEY (`increment_id`)
+								PRIMARY KEY (`increment_id`),
+                                INDEX idx_object_user (`object_id`, `user_id`)
 							) CHARSET=utf8;'
                         );
                         $mysqli_result = mysqli_query(
@@ -471,7 +472,8 @@ function encryptFollowingDefuse($message, $ascii_key)
                             `updated_at` varchar(30) NULL,
                             `deleted_at` varchar(30) NULL,
                             PRIMARY KEY (`id`),
-                            KEY `restricted_inactif_idx` (`restricted_to`,`inactif`)
+                            KEY `restricted_inactif_idx` (`restricted_to`,`inactif`),
+                            INDEX items_perso_id_idx (`perso`, `id`)
                             ) CHARSET=utf8;"
                         );
                     } elseif ($task === 'log_items') {
@@ -486,7 +488,8 @@ function encryptFollowingDefuse($message, $ascii_key)
                             `raison` text NULL,
                             `old_value` MEDIUMTEXT NULL DEFAULT NULL,
                             `encryption_type` VARCHAR(20) NOT NULL DEFAULT 'not_set',
-                            PRIMARY KEY (`increment_id`)
+                            PRIMARY KEY (`increment_id`),
+                            INDEX log_items_item_action_user_idx (`id_item`, `action`, `id_user`)
                             ) CHARSET=utf8;"
                         );
                         // create index
@@ -1311,13 +1314,14 @@ function encryptFollowingDefuse($message, $ascii_key)
                             $dbTmp,
                             "CREATE TABLE IF NOT EXISTS `" . $var['tbl_prefix'] . "background_tasks_logs` (
                             `increment_id` int(12) NOT NULL AUTO_INCREMENT,
-                            `created_at` varchar(20) NOT NULL,
+                            `created_at` INT NOT NULL,
                             `job` varchar(50) NOT NULL,
                             `status` varchar(10) NOT NULL,
-                            `updated_at` varchar(20) DEFAULT NULL,
-                            `finished_at` varchar(20) DEFAULT NULL,
+                            `updated_at` INT DEFAULT NULL,
+                            `finished_at` INT DEFAULT NULL,
                             `treated_objects` varchar(20) DEFAULT NULL,
-                            PRIMARY KEY (`increment_id`)
+                            PRIMARY KEY (`increment_id`),
+                            INDEX idx_created_at (`created_at`)
                             ) CHARSET=utf8;"
                         );
                     } else if ($task === 'ldap_groups_roles') {
 
@@ -754,7 +754,7 @@ function aesEncrypt(text)
 function manageUpgradeScripts(file_number)
 {
     var start_at = 0;
-    var noitems_by_loop = 100;
+    var noitems_by_loop = 1000;
     var loop_number = 0;
 
     if (file_number == 0) {
 
@@ -73,20 +73,15 @@
 $port = DB_PORT;
 $user = DB_USER;
 
-if (mysqli_connect(
-    $server,
-    $user,
-    $pass,
-    $database,
-    $port
-)) {
-    $db_link = mysqli_connect(
+if ($db_link = mysqli_connect(
         $server,
         $user,
         $pass,
         $database,
         $port
-    );
+    )
+) {
+    $db_link->set_charset(DB_ENCODING);
 } else {
     $res = 'Impossible to get connected to server. Error is: ' . addslashes(mysqli_connect_error());
     echo '[{"finish":"1", "msg":"", "error":"Impossible to get connected to server. Error is: ' . addslashes(mysqli_connect_error()) . '!"}]';
@@ -102,6 +97,9 @@
         // ---->
         // OPERATION - 20230604_1 - generate key for item_key
 
+        // Start transaction to avoid autocommit
+        mysqli_begin_transaction($db_link, MYSQLI_TRANS_START_READ_WRITE);
+
         // Get items to treat
         $rows = mysqli_query(
             $db_link,
@@ -113,6 +111,8 @@
         // Handle error on query
         if (!$rows) {
             echo '[{"finish":"1" , "error":"'.mysqli_error($db_link).'"}]';
+            mysqli_commit($db_link);
+            mysqli_close($db_link);
             exit();
         }
 
@@ -131,6 +131,8 @@
                 );
                 if (mysqli_error($db_link)) {
                     echo '[{"finish":"1", "next":"", "error":"MySQL Error! '.addslashes(mysqli_error($db_link)).'"}]';
+                    mysqli_commit($db_link);
+                    mysqli_close($db_link);
                     exit();
                 }
             }
@@ -158,12 +160,17 @@
     }
     // Return back
     echo '[{"finish":"'.$finish.'" , "next":"", "error":"", "total":"'.$total.'"}]';
+    // Commit transaction.
+    mysqli_commit($db_link);
 }
 
 
 function populateItemsTable_CreatedAt($pre, $post_nb)
 {
     global $db_link;
+    // Start transaction to avoid autocommit
+    mysqli_begin_transaction($db_link, MYSQLI_TRANS_START_READ_WRITE);
+
     // loop on items - created_at
     $items = mysqli_query(
         $db_link,
@@ -190,12 +197,19 @@ function populateItemsTable_CreatedAt($pre, $post_nb)
             "SELECT * FROM `" . $pre . "items` WHERE created_at IS NULL"
         )
     );
+
+    // Commit transaction.
+    mysqli_commit($db_link);
+
     return $remainingItems > 0 ? 0 : 1;
 }
 
 function populateItemsTable_UpdatedAt($pre)
 {
     global $db_link;
+    // Start transaction to avoid autocommit
+    mysqli_begin_transaction($db_link, MYSQLI_TRANS_START_READ_WRITE);
+
     // loop on items - updated_at
     $items = mysqli_query(
         $db_link,
@@ -212,12 +226,18 @@ function populateItemsTable_UpdatedAt($pre)
         }
     }
 
+    // Commit transaction.
+    mysqli_commit($db_link);
+
     return 1;
 }
 
 function populateItemsTable_DeletedAt($pre)
 {
     global $db_link;
+    // Start transaction to avoid autocommit
+    mysqli_begin_transaction($db_link, MYSQLI_TRANS_START_READ_WRITE);
+
     // loop on items - deleted_at
     $items = mysqli_query(
         $db_link,
@@ -234,6 +254,9 @@ function populateItemsTable_DeletedAt($pre)
         }
     }
 
+    // Commit transaction.
+    mysqli_commit($db_link);
+
     return 1;
 }
 
@@ -273,6 +296,9 @@ function installPurgeUnnecessaryKeys(bool $allUsers = true, int $user_id=0, stri
 function installPurgeUnnecessaryKeysForUser(int $user_id=0, string $pre)
 {
     global $db_link;
+    // Start transaction to avoid autocommit
+    mysqli_begin_transaction($db_link, MYSQLI_TRANS_START_READ_WRITE);
+
     if ($user_id === 0) {
         return;
     }
@@ -319,6 +345,9 @@ function installPurgeUnnecessaryKeysForUser(int $user_id=0, string $pre)
             WHERE object_id IN ('.$pfItemsList.') AND user_id NOT IN ('.TP_USER_ID.', '.$user_id.')'
         );
     }
+
+    // Commit transaction.
+    mysqli_commit($db_link);
 }
 
 
 
@@ -78,20 +78,15 @@
 $port = DB_PORT;
 $user = DB_USER;
 
-if (mysqli_connect(
-    $server,
-    $user,
-    $pass,
-    $database,
-    $port
-)) {
-    $db_link = mysqli_connect(
+if ($db_link = mysqli_connect(
         $server,
         $user,
         $pass,
         $database,
         $port
-    );
+    )
+) {
+    $db_link->set_charset(DB_ENCODING);
 } else {
     $res = 'Impossible to get connected to server. Error is: ' . addslashes(mysqli_connect_error());
     echo '[{"finish":"1", "msg":"", "error":"Impossible to get connected to server. Error is: ' . addslashes(mysqli_connect_error()) . '!"}]';
@@ -248,7 +243,8 @@
         `object_id` int(12) NOT NULL,
         `user_id` int(12) NOT NULL,
         `share_key` text NOT NULL,
-        PRIMARY KEY (`increment_id`)
+        PRIMARY KEY (`increment_id`),
+        INDEX idx_object_user (`object_id`, `user_id`)
     ) CHARSET=utf8;'
 );
 
 
@@ -69,21 +69,14 @@
 $port = DB_PORT;
 $user = DB_USER;
 
-if (mysqli_connect(
-    $server,
-    $user,
-    $pass,
-    $database,
-    $port
-)
-) {
-    $db_link = mysqli_connect(
+if ($db_link = mysqli_connect(
         $server,
         $user,
         $pass,
         $database,
         $port
-    );
+    )
+) {
 	$db_link->set_charset(DB_ENCODING);
 } else {
     $res = 'Impossible to get connected to server. Error is: '.addslashes(mysqli_connect_error());
@@ -161,7 +154,7 @@
         );
 
         // Encrypt with Object Key
-        $cryptedStuff = doDataEncryption($passwd['string']);
+        $cryptedStuff = doDataEncryption(html_entity_decode($passwd['string']));
 
         // Store new password in DB
         mysqli_query(
 
@@ -74,21 +74,14 @@
 $port = DB_PORT;
 $user = DB_USER;
 
-if (mysqli_connect(
-    $server,
-    $user,
-    $pass,
-    $database,
-    $port
-)
-) {
-    $db_link = mysqli_connect(
+if ($db_link = mysqli_connect(
         $server,
         $user,
         $pass,
         $database,
         $port
-    );
+    )
+) {
 	$db_link->set_charset(DB_ENCODING);
 } else {
     $res = 'Impossible to get connected to server. Error is: '.addslashes(mysqli_connect_error());
 
@@ -69,21 +69,14 @@
 $port = DB_PORT;
 $user = DB_USER;
 
-if (mysqli_connect(
+if ($db_link = mysqli_connect(
     $server,
     $user,
     $pass,
     $database,
     $port
 )
 ) {
-    $db_link = mysqli_connect(
-        $server,
-        $user,
-        $pass,
-        $database,
-        $port
-    );
 	$db_link->set_charset(DB_ENCODING);
 } else {
     $res = 'Impossible to get connected to server. Error is: '.addslashes(mysqli_connect_error());
@@ -163,7 +156,7 @@
         );
 
         // Encrypt with Object Key
-        $cryptedStuff = doDataEncryption($passwd['string']);
+        $cryptedStuff = doDataEncryption(html_entity_decode($passwd['string']));
 
         // Store new password in DB
         mysqli_query(
Original file line number	Diff line number	Diff line change
`@@ -754,7 +754,7 @@ function aesEncrypt(text)`
`754`	`754`	`function manageUpgradeScripts(file_number)`
`755`	`755`	`{`
`756`	`756`	`var start_at = 0;`
`757`		`- var noitems_by_loop = 100;`
	`757`	`+ var noitems_by_loop = 1000;`
`758`	`758`	`var loop_number = 0;`
`759`	`759`
`760`	`760`	`if (file_number == 0) {`