diff --git a/diff b/diff
deleted file mode 100644
index 9214e3532f..0000000000
--- a/diff
+++ /dev/null
@@ -1,22 +0,0 @@
-diff --git a/main/inc/lib/webservices/Rest.php b/main/inc/lib/webservices/Rest.php
-index 45408f9beccd6dd71d50654020d9a921cd4764a1..7fbacd658889ca10ce3393759fcdac3c13cbeb9b 100644
---- a/main/inc/lib/webservices/Rest.php
-+++ b/main/inc/lib/webservices/Rest.php
-@@ -885,7 +885,7 @@ class Rest extends WebService
- 'display_order' => 0,
- 'session_id' => $sessionId,
- 'visibility' => 1,
-- ]
-+ ],
- ],
- Link::getLinkCategories($courseId, $sessionId)
- );
-@@ -913,7 +913,7 @@ class Rest extends WebService
- 'title' => Security::remove_XSS($link['title']),
- 'description' => Security::remove_XSS($link['description']),
- 'visibility' => (int) $link['visibility'],
-- 'url' => $webCodePath."link/link_goto.php?$cidReq&link_id=".$link['id']
-+ 'url' => $webCodePath."link/link_goto.php?$cidReq&link_id=".$link['id'],
- ];
- },
- $links
diff --git a/main/common_cartridge/cc13_export.php b/main/common_cartridge/cc13_export.php
index 46661956a0..456c26ac00 100644
--- a/main/common_cartridge/cc13_export.php
+++ b/main/common_cartridge/cc13_export.php
@@ -3,7 +3,6 @@
require_once __DIR__.'/../inc/global.inc.php';
require_once api_get_path(SYS_CODE_PATH).'common_cartridge/export/src/lib/ccdependencyparser.php';
-use Chamilo\CourseBundle\Component\CourseCopy\CourseArchiver;
use Chamilo\CourseBundle\Component\CourseCopy\CourseBuilder;
use Chamilo\CourseBundle\Component\CourseCopy\CourseSelectForm;
@@ -85,8 +84,6 @@ if (Security::check_token('post') && ($action === 'course_select_form')) {
} else {
echo Display::return_message(get_lang('NoResourcesToBackup'), 'warning');
}
-
}
-
Display::display_footer();
diff --git a/main/common_cartridge/export/src/CcManifest.php b/main/common_cartridge/export/src/CcManifest.php
index 52eeb8391c..9a0d8374aa 100644
--- a/main/common_cartridge/export/src/CcManifest.php
+++ b/main/common_cartridge/export/src/CcManifest.php
@@ -274,7 +274,7 @@ class CcManifest extends XMLGenericDocument implements CcIManifest
}
/**
- * TODO - implement this method - critical
+ * TODO - implement this method - critical.
*/
private function fillManifest()
{
diff --git a/main/common_cartridge/export/src/base/CcConverters.php b/main/common_cartridge/export/src/base/CcConverters.php
index c5b53454d2..47596271ec 100644
--- a/main/common_cartridge/export/src/base/CcConverters.php
+++ b/main/common_cartridge/export/src/base/CcConverters.php
@@ -15,8 +15,6 @@ abstract class CcConverters
/**
* ctor.
*
- * @param CcIItem $item
- * @param CcIManifest $manifest
* @param string $rootpath
* @param string $path
*
@@ -44,7 +42,7 @@ abstract class CcConverters
/**
* performs conversion.
*
- * @param string $outdir - root directory of common cartridge
+ * @param string $outdir - root directory of common cartridge
* @param object $objCourse
*
* @return bool
diff --git a/main/common_cartridge/export/src/base/CcVersion1.php b/main/common_cartridge/export/src/base/CcVersion1.php
index a671b82ee7..c273a57bcb 100644
--- a/main/common_cartridge/export/src/base/CcVersion1.php
+++ b/main/common_cartridge/export/src/base/CcVersion1.php
@@ -223,8 +223,6 @@ class CcVersion1 extends CcVersionBase
/**
* Create a Resource (How to).
*
- * @param CcIResource $res
- * @param DOMDocument $doc
* @param object $xmlnode
*
* @return DOMNode
@@ -262,8 +260,6 @@ class CcVersion1 extends CcVersionBase
/**
* Create an Item Folder (How To).
*
- * @param CcIOrganization $org
- * @param DOMDocument $doc
* @param DOMElement $xmlnode
*/
protected function createItemFolder(CcIOrganization &$org, DOMDocument &$doc, DOMElement &$xmlnode = null)
@@ -285,8 +281,6 @@ class CcVersion1 extends CcVersionBase
/**
* Create an Organization (How To).
*
- * @param CcIOrganization $org
- * @param DOMDocument $doc
* @param object $xmlnode
*
* @return DOMNode
@@ -306,8 +300,6 @@ class CcVersion1 extends CcVersionBase
/**
* Create Metadata For Manifest (How To).
*
- * @param CcIMetadataManifest $met
- * @param DOMDocument $doc
* @param object $xmlnode
*
* @return DOMNode
@@ -334,8 +326,6 @@ class CcVersion1 extends CcVersionBase
/**
* Create Metadata For Resource (How To).
*
- * @param CcIMetadataResource $met
- * @param DOMDocument $doc
* @param object $xmlnode
*
* @return DOMNode
@@ -353,8 +343,6 @@ class CcVersion1 extends CcVersionBase
/**
* Create Metadata For File (How To).
*
- * @param CcIMetadataFile $met
- * @param DOMDocument $doc
* @param object $xmlnode
*
* @return DOMNode
@@ -479,7 +467,6 @@ class CcVersion1 extends CcVersionBase
* Create Lifecycle Metadata (How To).
*
* @param object $met
- * @param DOMDocument $doc
* @param object $met
* @param object $xmlnode
*
diff --git a/main/common_cartridge/export/src/base/XMLGenericDocument.php b/main/common_cartridge/export/src/base/XMLGenericDocument.php
index 2c45c0f788..bb31ff76d7 100644
--- a/main/common_cartridge/export/src/base/XMLGenericDocument.php
+++ b/main/common_cartridge/export/src/base/XMLGenericDocument.php
@@ -236,7 +236,7 @@ class XMLGenericDocument
}
/**
- * Get the nodes from a path
+ * Get the nodes from a path.
*
* @param string $path
* @param DOMNode $nd
@@ -256,7 +256,7 @@ class XMLGenericDocument
}
/**
- * Get a list of nodes from a path
+ * Get a list of nodes from a path.
*
* @param string $path
* @param DOMNode $node
diff --git a/main/common_cartridge/export/src/lib/ccdependencyparser.php b/main/common_cartridge/export/src/lib/ccdependencyparser.php
index 53088f216d..aa01bda62a 100644
--- a/main/common_cartridge/export/src/lib/ccdependencyparser.php
+++ b/main/common_cartridge/export/src/lib/ccdependencyparser.php
@@ -76,10 +76,11 @@ function stripUrl($path, $rootDir = '')
}
/**
- * Get full path
+ * Get full path.
*
* @param string $path
* @param string $dirsep
+ *
* @return false|string
*/
function fullPath($path, $dirsep = DIRECTORY_SEPARATOR)
@@ -136,12 +137,12 @@ function isUrl($url)
}
/**
- * Gets the dependency files of the $fname file
+ * Gets the dependency files of the $fname file.
*
* @param string $manifestroot
* @param string $fname
* @param string $folder
- * @param array $filenames
+ * @param array $filenames
*/
function getDepFiles($manifestroot, $fname, $folder, &$filenames)
{
@@ -164,7 +165,7 @@ function getDepFiles($manifestroot, $fname, $folder, &$filenames)
}
/**
- * Gets the dependency of .html of the $fname file
+ * Gets the dependency of .html of the $fname file.
*
* @param string $manifestroot
* @param string $fname
diff --git a/main/exercise/exercise_result.php b/main/exercise/exercise_result.php
index 43688397ba..c524d8d889 100755
--- a/main/exercise/exercise_result.php
+++ b/main/exercise/exercise_result.php
@@ -387,7 +387,6 @@ function showEmbeddableFinishButton()
$.get(url);
});
';
-
}
return $js.PHP_EOL.$html;
diff --git a/main/inc/lib/webservices/Rest.php b/main/inc/lib/webservices/Rest.php
index 03d4f88095..302995581d 100644
--- a/main/inc/lib/webservices/Rest.php
+++ b/main/inc/lib/webservices/Rest.php
@@ -52,7 +52,7 @@ class Rest extends WebService
const GET_COURSE_LEARNPATH = 'course_learnpath';
const GET_COURSE_LP_PROGRESS = 'course_lp_progress';
const GET_COURSE_LINKS = 'course_links';
- const GET_COURSE_WORKS= 'course_works';
+ const GET_COURSE_WORKS = 'course_works';
const SAVE_COURSE_NOTEBOOK = 'save_course_notebook';
@@ -2549,7 +2549,7 @@ class Rest extends WebService
);
return array_map(
- function (array $work) use ($isAllowedToEdit, $courseInfo, $courseId, $sessionId) {
+ function (array $work) use ($isAllowedToEdit, $courseInfo) {
$work['type'] = 'work.png';
if (!$isAllowedToEdit) {
@@ -2601,7 +2601,7 @@ class Rest extends WebService
switch ($status) {
case 1:
return makeVisible($workId, $courseInfo);
- case 0;
+ case 0:
return makeInvisible($workId, $courseInfo);
default:
throw new Exception(get_lang('ActionNotAllowed'));
diff --git a/plugin/lti_provider/LtiProviderPlugin.php b/plugin/lti_provider/LtiProviderPlugin.php
index 9f7afcd7df..f3b06c5855 100644
--- a/plugin/lti_provider/LtiProviderPlugin.php
+++ b/plugin/lti_provider/LtiProviderPlugin.php
@@ -56,6 +56,7 @@ class LtiProviderPlugin extends Plugin
* Get a selectbox with quizzes in courses , used for a tool provider.
*
* @param null $issuer
+ *
* @return string
*/
public function getQuizzesSelect($issuer = null)
@@ -79,7 +80,7 @@ class LtiProviderPlugin extends Plugin
);
foreach ($exerciseList as $key => $exercise) {
$selectValue = "{$course['code']}@@quiz-{$exercise['iid']}";
- $htmlcontent .= '';
+ $htmlcontent .= '';
}
$htmlcontent .= '';
}
@@ -87,6 +88,7 @@ class LtiProviderPlugin extends Plugin
$htmlcontent .= '
';
+
return $htmlcontent;
}
@@ -130,6 +132,7 @@ class LtiProviderPlugin extends Plugin
list($courseCode, $tool) = explode('@@', $toolProvider);
list($toolName, $toolId) = explode('-', $tool);
$vars = ['courseCode' => $courseCode, 'toolName' => $toolName, 'toolId' => $toolId];
+
return $vars;
}
diff --git a/plugin/lti_provider/create.php b/plugin/lti_provider/create.php
index fd0d03b457..2eaa34db42 100644
--- a/plugin/lti_provider/create.php
+++ b/plugin/lti_provider/create.php
@@ -6,6 +6,7 @@ $cidReset = true;
require_once __DIR__.'/../../main/inc/global.inc.php';
use Chamilo\PluginBundle\Entity\LtiProvider\Platform;
use Chamilo\PluginBundle\LtiProvider\Form\FrmAdd;
+
require_once __DIR__.'/LtiProviderPlugin.php';
api_protect_admin_script();
diff --git a/plugin/lti_provider/db/lti13_cookie.php b/plugin/lti_provider/db/lti13_cookie.php
index f37f693e39..6b5afc7009 100644
--- a/plugin/lti_provider/db/lti13_cookie.php
+++ b/plugin/lti_provider/db/lti13_cookie.php
@@ -7,7 +7,6 @@ class Lti13Cookie implements Lti1p3Cookie
{
public function getCookie($name)
{
-
if (isset($_REQUEST['state']) && $name === 'lti1p3_'.$_REQUEST['state']) {
return $_REQUEST['state'];
}
diff --git a/plugin/lti_provider/src/LtiProvider.php b/plugin/lti_provider/src/LtiProvider.php
index e7e022106b..393e6c1510 100644
--- a/plugin/lti_provider/src/LtiProvider.php
+++ b/plugin/lti_provider/src/LtiProvider.php
@@ -56,11 +56,10 @@ class LtiProvider
}
/**
- * Verify if email user is in the platform to create it and login (true) or not (false)
+ * Verify if email user is in the platform to create it and login (true) or not (false).
*/
public function validateUser(array $launchData, string $courseCode): bool
{
-
if (empty($launchData)) {
return false;
}
@@ -92,6 +91,7 @@ class LtiProvider
}
$login = UserManager::loginAsUser($userId, false);
+
return $login;
}
}
diff --git a/plugin/lti_provider/tool/api/score.php b/plugin/lti_provider/tool/api/score.php
index dab773f08d..6ae43d5a88 100644
--- a/plugin/lti_provider/tool/api/score.php
+++ b/plugin/lti_provider/tool/api/score.php
@@ -38,7 +38,6 @@ $score = Packback\Lti1p3\LtiGrade::new()
->setGradingProgress('FullyGraded')
->setUserId($launch->getLaunchData()['sub']);
-
$scoreLineitem = Packback\Lti1p3\LtiLineitem::new()
->setTag('score')
->setScoreMaximum($weight)
@@ -47,7 +46,6 @@ $scoreLineitem = Packback\Lti1p3\LtiLineitem::new()
$grades->putGrade($score, $scoreLineitem);
-
$time = Packback\Lti1p3\LtiGrade::new()
->setScoreGiven($duration)
->setScoreMaximum(999)
diff --git a/plugin/lti_provider/tool/login.php b/plugin/lti_provider/tool/login.php
index 5c6bbe7507..6b431593a4 100644
--- a/plugin/lti_provider/tool/login.php
+++ b/plugin/lti_provider/tool/login.php
@@ -3,6 +3,5 @@
require_once __DIR__.'/../../../main/inc/global.inc.php';
require_once __DIR__.'/../src/LtiProvider.php';
-use Packback\Lti1p3;
LtiProvider::create()->login($_REQUEST);
diff --git a/plugin/lti_provider/tool/start.php b/plugin/lti_provider/tool/start.php
index 90c6171799..c9ec4c83cb 100644
--- a/plugin/lti_provider/tool/start.php
+++ b/plugin/lti_provider/tool/start.php
@@ -5,8 +5,6 @@ require_once __DIR__.'/../../../main/inc/global.inc.php';
require_once __DIR__.'/../src/LtiProvider.php';
require_once __DIR__.'/../LtiProviderPlugin.php';
-use Packback\Lti1p3;
-
$launch = LtiProvider::create()->launch();
if (!$launch->hasNrps()) {
throw new Exception("Don't have names and roles!");
@@ -23,4 +21,3 @@ $cidReq = 'cidReq='.$toolVars['courseCode'].'&id_session=0&gidReq=0&gradebook=0'
$launchUrl = api_get_path(WEB_CODE_PATH).'exercise/overview.php?'.$cidReq.'&origin=embeddable&exerciseId='.$toolVars['toolId'].'<i_launch_id='.$launch->getLaunchId();
header('Location: '.$launchUrl);
exit;
-
diff --git a/plugin/onlyoffice/3rdparty/jwt/BeforeValidException.php b/plugin/onlyoffice/3rdparty/jwt/BeforeValidException.php
index a6ee2f7c69..c147852b98 100644
--- a/plugin/onlyoffice/3rdparty/jwt/BeforeValidException.php
+++ b/plugin/onlyoffice/3rdparty/jwt/BeforeValidException.php
@@ -1,7 +1,7 @@
* @author Anant Narayanan
* @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD
- * @link https://github.com/firebase/php-jwt
+ *
+ * @see https://github.com/firebase/php-jwt
*/
class JWT
{
-
/**
* When checking nbf, iat or expiration times,
* we want to provide some extra leeway time to
@@ -37,34 +39,34 @@ class JWT
*/
public static $timestamp = null;
- public static $supported_algs = array(
- 'HS256' => array('hash_hmac', 'SHA256'),
- 'HS512' => array('hash_hmac', 'SHA512'),
- 'HS384' => array('hash_hmac', 'SHA384'),
- 'RS256' => array('openssl', 'SHA256'),
- );
+ public static $supported_algs = [
+ 'HS256' => ['hash_hmac', 'SHA256'],
+ 'HS512' => ['hash_hmac', 'SHA512'],
+ 'HS384' => ['hash_hmac', 'SHA384'],
+ 'RS256' => ['openssl', 'SHA256'],
+ ];
/**
* Decodes a JWT string into a PHP object.
*
- * @param string $jwt The JWT
- * @param string|array $key The key, or map of keys.
- * If the algorithm used is asymmetric, this is the public key
- * @param array $allowed_algs List of supported verification algorithms
- * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
+ * @param string $jwt The JWT
+ * @param string|array $key The key, or map of keys.
+ * If the algorithm used is asymmetric, this is the public key
+ * @param array $allowed_algs List of supported verification algorithms
+ * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
*
- * @return object The JWT's payload as a PHP object
+ * @throws UnexpectedValueException Provided JWT was invalid
+ * @throws SignatureInvalidException Provided JWT was invalid because the signature verification failed
+ * @throws BeforeValidException Provided JWT is trying to be used before it's eligible as defined by 'nbf'
+ * @throws BeforeValidException Provided JWT is trying to be used before it's been created as defined by 'iat'
+ * @throws ExpiredException Provided JWT has since expired, as defined by the 'exp' claim
*
- * @throws UnexpectedValueException Provided JWT was invalid
- * @throws SignatureInvalidException Provided JWT was invalid because the signature verification failed
- * @throws BeforeValidException Provided JWT is trying to be used before it's eligible as defined by 'nbf'
- * @throws BeforeValidException Provided JWT is trying to be used before it's been created as defined by 'iat'
- * @throws ExpiredException Provided JWT has since expired, as defined by the 'exp' claim
+ * @return object The JWT's payload as a PHP object
*
* @uses jsonDecode
* @uses urlsafeB64Decode
*/
- public static function decode($jwt, $key, $allowed_algs = array())
+ public static function decode($jwt, $key, $allowed_algs = [])
{
$timestamp = is_null(static::$timestamp) ? time() : static::$timestamp;
@@ -86,7 +88,7 @@ class JWT
throw new UnexpectedValueException('Invalid claims encoding');
}
$sig = static::urlsafeB64Decode($cryptob64);
-
+
if (empty($header->alg)) {
throw new UnexpectedValueException('Empty algorithm');
}
@@ -112,18 +114,14 @@ class JWT
// Check if the nbf if it is defined. This is the time that the
// token can actually be used. If it's not yet that time, abort.
if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) {
- throw new BeforeValidException(
- 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->nbf)
- );
+ throw new BeforeValidException('Cannot handle token prior to '.date(DateTime::ISO8601, $payload->nbf));
}
// Check that this token has been created before 'now'. This prevents
// using tokens that have been created for later use (and haven't
// correctly used the nbf claim).
if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) {
- throw new BeforeValidException(
- 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->iat)
- );
+ throw new BeforeValidException('Cannot handle token prior to '.date(DateTime::ISO8601, $payload->iat));
}
// Check if this token has expired.
@@ -137,13 +135,13 @@ class JWT
/**
* Converts and signs a PHP object or array into a JWT string.
*
- * @param object|array $payload PHP object or array
- * @param string $key The secret key.
- * If the algorithm used is asymmetric, this is the private key
- * @param string $alg The signing algorithm.
- * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
- * @param mixed $keyId
- * @param array $head An array with header elements to attach
+ * @param object|array $payload PHP object or array
+ * @param string $key The secret key.
+ * If the algorithm used is asymmetric, this is the private key
+ * @param string $alg The signing algorithm.
+ * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
+ * @param mixed $keyId
+ * @param array $head An array with header elements to attach
*
* @return string A signed JWT
*
@@ -152,14 +150,14 @@ class JWT
*/
public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $head = null)
{
- $header = array('typ' => 'JWT', 'alg' => $alg);
+ $header = ['typ' => 'JWT', 'alg' => $alg];
if ($keyId !== null) {
$header['kid'] = $keyId;
}
- if ( isset($head) && is_array($head) ) {
+ if (isset($head) && is_array($head)) {
$header = array_merge($head, $header);
}
- $segments = array();
+ $segments = [];
$segments[] = static::urlsafeB64Encode(static::jsonEncode($header));
$segments[] = static::urlsafeB64Encode(static::jsonEncode($payload));
$signing_input = implode('.', $segments);
@@ -173,14 +171,14 @@ class JWT
/**
* Sign a string with a given key and algorithm.
*
- * @param string $msg The message to sign
- * @param string|resource $key The secret key
- * @param string $alg The signing algorithm.
- * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
- *
- * @return string An encrypted message
+ * @param string $msg The message to sign
+ * @param string|resource $key The secret key
+ * @param string $alg The signing algorithm.
+ * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
*
* @throws DomainException Unsupported algorithm was specified
+ *
+ * @return string An encrypted message
*/
public static function sign($msg, $key, $alg = 'HS256')
{
@@ -188,7 +186,7 @@ class JWT
throw new DomainException('Algorithm not supported');
}
list($function, $algorithm) = static::$supported_algs[$alg];
- switch($function) {
+ switch ($function) {
case 'hash_hmac':
return hash_hmac($algorithm, $msg, $key, true);
case 'openssl':
@@ -202,60 +200,14 @@ class JWT
}
}
- /**
- * Verify a signature with the message, key and method. Not all methods
- * are symmetric, so we must have a separate verify and sign method.
- *
- * @param string $msg The original message (header and body)
- * @param string $signature The original signature
- * @param string|resource $key For HS*, a string key works. for RS*, must be a resource of an openssl public key
- * @param string $alg The algorithm
- *
- * @return bool
- *
- * @throws DomainException Invalid Algorithm or OpenSSL failure
- */
- private static function verify($msg, $signature, $key, $alg)
- {
- if (empty(static::$supported_algs[$alg])) {
- throw new DomainException('Algorithm not supported');
- }
-
- list($function, $algorithm) = static::$supported_algs[$alg];
- switch($function) {
- case 'openssl':
- $success = openssl_verify($msg, $signature, $key, $algorithm);
- if (!$success) {
- throw new DomainException("OpenSSL unable to verify data: " . openssl_error_string());
- } else {
- return $signature;
- }
- case 'hash_hmac':
- default:
- $hash = hash_hmac($algorithm, $msg, $key, true);
- if (function_exists('hash_equals')) {
- return hash_equals($signature, $hash);
- }
- $len = min(static::safeStrlen($signature), static::safeStrlen($hash));
-
- $status = 0;
- for ($i = 0; $i < $len; $i++) {
- $status |= (ord($signature[$i]) ^ ord($hash[$i]));
- }
- $status |= (static::safeStrlen($signature) ^ static::safeStrlen($hash));
-
- return ($status === 0);
- }
- }
-
/**
* Decode a JSON string into a PHP object.
*
* @param string $input JSON string
*
- * @return object Object representation of JSON string
- *
* @throws DomainException Provided string was invalid JSON
+ *
+ * @return object Object representation of JSON string
*/
public static function jsonDecode($input)
{
@@ -280,6 +232,7 @@ class JWT
} elseif ($obj === null && $input !== 'null') {
throw new DomainException('Null result with non-null input');
}
+
return $obj;
}
@@ -288,9 +241,9 @@ class JWT
*
* @param object|array $input A PHP object or array
*
- * @return string JSON representation of the PHP object or array
- *
* @throws DomainException Provided object could not be encoded to valid JSON
+ *
+ * @return string JSON representation of the PHP object or array
*/
public static function jsonEncode($input)
{
@@ -300,6 +253,7 @@ class JWT
} elseif ($json === 'null' && $input !== null) {
throw new DomainException('Null result with non-null input');
}
+
return $json;
}
@@ -317,6 +271,7 @@ class JWT
$padlen = 4 - $remainder;
$input .= str_repeat('=', $padlen);
}
+
return base64_decode(strtr($input, '-_', '+/'));
}
@@ -332,6 +287,53 @@ class JWT
return str_replace('=', '', strtr(base64_encode($input), '+/', '-_'));
}
+ /**
+ * Verify a signature with the message, key and method. Not all methods
+ * are symmetric, so we must have a separate verify and sign method.
+ *
+ * @param string $msg The original message (header and body)
+ * @param string $signature The original signature
+ * @param string|resource $key For HS*, a string key works. for RS*, must be a resource of an openssl public key
+ * @param string $alg The algorithm
+ *
+ * @throws DomainException Invalid Algorithm or OpenSSL failure
+ *
+ * @return bool
+ */
+ private static function verify($msg, $signature, $key, $alg)
+ {
+ if (empty(static::$supported_algs[$alg])) {
+ throw new DomainException('Algorithm not supported');
+ }
+
+ list($function, $algorithm) = static::$supported_algs[$alg];
+ switch ($function) {
+ case 'openssl':
+ $success = openssl_verify($msg, $signature, $key, $algorithm);
+ if (!$success) {
+ throw new DomainException("OpenSSL unable to verify data: ".openssl_error_string());
+ } else {
+ return $signature;
+ }
+ // no break
+ case 'hash_hmac':
+ default:
+ $hash = hash_hmac($algorithm, $msg, $key, true);
+ if (function_exists('hash_equals')) {
+ return hash_equals($signature, $hash);
+ }
+ $len = min(static::safeStrlen($signature), static::safeStrlen($hash));
+
+ $status = 0;
+ for ($i = 0; $i < $len; $i++) {
+ $status |= (ord($signature[$i]) ^ ord($hash[$i]));
+ }
+ $status |= (static::safeStrlen($signature) ^ static::safeStrlen($hash));
+
+ return $status === 0;
+ }
+ }
+
/**
* Helper method to create a JSON error.
*
@@ -341,16 +343,12 @@ class JWT
*/
private static function handleJsonError($errno)
{
- $messages = array(
+ $messages = [
JSON_ERROR_DEPTH => 'Maximum stack depth exceeded',
JSON_ERROR_CTRL_CHAR => 'Unexpected control character found',
- JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON'
- );
- throw new DomainException(
- isset($messages[$errno])
- ? $messages[$errno]
- : 'Unknown JSON error: ' . $errno
- );
+ JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON',
+ ];
+ throw new DomainException(isset($messages[$errno]) ? $messages[$errno] : 'Unknown JSON error: '.$errno);
}
/**
@@ -365,6 +363,7 @@ class JWT
if (function_exists('mb_strlen')) {
return mb_strlen($str, '8bit');
}
+
return strlen($str);
}
}
diff --git a/plugin/onlyoffice/3rdparty/jwt/SignatureInvalidException.php b/plugin/onlyoffice/3rdparty/jwt/SignatureInvalidException.php
index 27332b21be..d35dee9f18 100644
--- a/plugin/onlyoffice/3rdparty/jwt/SignatureInvalidException.php
+++ b/plugin/onlyoffice/3rdparty/jwt/SignatureInvalidException.php
@@ -1,7 +1,7 @@
type;
@@ -60,7 +57,7 @@ if (isset($_GET["hash"]) && !empty($_GET["hash"])) {
$userInfo = api_get_user_info($userId);
} else {
$result["error"] = "User not found";
- die (json_encode($result));
+ exit(json_encode($result));
}
if (api_is_anonymous()) {
@@ -76,22 +73,22 @@ if (isset($_GET["hash"]) && !empty($_GET["hash"])) {
$userId = api_get_user_id();
}
- switch($type) {
+ switch ($type) {
case "track":
$callbackResponseArray = track();
- die (json_encode($callbackResponseArray));
+ exit(json_encode($callbackResponseArray));
case "download":
$callbackResponseArray = download();
- die (json_encode($callbackResponseArray));
+ exit(json_encode($callbackResponseArray));
default:
$callbackResponseArray["status"] = "error";
$callbackResponseArray["error"] = "404 Method not found";
- die(json_encode($callbackResponseArray));
+ exit(json_encode($callbackResponseArray));
}
}
/**
- * Handle request from the document server with the document status information
+ * Handle request from the document server with the document status information.
*/
function track(): array
{
@@ -107,6 +104,7 @@ function track(): array
if (($body_stream = file_get_contents("php://input")) === false) {
$result["error"] = "Bad Request";
+
return $result;
}
@@ -114,27 +112,29 @@ function track(): array
if ($data === null) {
$result["error"] = "Bad Response";
+
return $result;
}
if (!empty($plugin->get("jwt_secret"))) {
-
if (!empty($data["token"])) {
try {
- $payload = \Firebase\JWT\JWT::decode($data["token"], $plugin->get("jwt_secret"), array("HS256"));
+ $payload = \Firebase\JWT\JWT::decode($data["token"], $plugin->get("jwt_secret"), ["HS256"]);
} catch (\UnexpectedValueException $e) {
$result["status"] = "error";
$result["error"] = "403 Access denied";
+
return $result;
}
} else {
$token = substr($_SERVER[AppConfig::JwtHeader()], strlen("Bearer "));
try {
- $decodeToken = \Firebase\JWT\JWT::decode($token, $plugin->get("jwt_secret"), array("HS256"));
+ $decodeToken = \Firebase\JWT\JWT::decode($token, $plugin->get("jwt_secret"), ["HS256"]);
$payload = $decodeToken->payload;
} catch (\UnexpectedValueException $e) {
$result["status"] = "error";
$result["error"] = "403 Access denied";
+
return $result;
}
}
@@ -149,7 +149,6 @@ function track(): array
switch ($status) {
case TrackerStatus_MustSave:
case TrackerStatus_Corrupted:
-
$downloadUri = $data["url"];
if (!empty($docId) && !empty($courseCode)) {
@@ -157,16 +156,18 @@ function track(): array
if ($docInfo === false) {
$result["error"] = "File not found";
+
return $result;
}
$filePath = $docInfo["absolute_path"];
} else {
$result["error"] = "Bad Request";
+
return $result;
}
- list ($isAllowToEdit, $isMyDir, $isGroupAccess, $isReadonly) = getPermissions($docInfo, $userId, $courseCode, $groupId, $sessionId);
+ list($isAllowToEdit, $isMyDir, $isGroupAccess, $isReadonly) = getPermissions($docInfo, $userId, $courseCode, $groupId, $sessionId);
if ($isReadonly) {
break;
@@ -201,19 +202,20 @@ function track(): array
}
}
+ // no break
case TrackerStatus_Editing:
case TrackerStatus_Closed:
-
$track_result = 0;
break;
}
$result["error"] = $track_result;
+
return $result;
}
/**
- * Downloading file by the document service
+ * Downloading file by the document service.
*/
function download()
{
@@ -228,11 +230,11 @@ function download()
if (!empty($plugin->get("jwt_secret"))) {
$token = substr($_SERVER[AppConfig::JwtHeader()], strlen("Bearer "));
try {
- $payload = \Firebase\JWT\JWT::decode($token, $plugin->get("jwt_secret"), array("HS256"));
-
+ $payload = \Firebase\JWT\JWT::decode($token, $plugin->get("jwt_secret"), ["HS256"]);
} catch (\UnexpectedValueException $e) {
$result["status"] = "error";
$result["error"] = "403 Access denied";
+
return $result;
}
}
@@ -242,23 +244,25 @@ function download()
if ($docInfo === false) {
$result["error"] = "File not found";
+
return $result;
}
$filePath = $docInfo["absolute_path"];
} else {
$result["error"] = "File not found";
+
return $result;
}
@header("Content-Type: application/octet-stream");
- @header("Content-Disposition: attachment; filename=" . $docInfo["title"]);
+ @header("Content-Disposition: attachment; filename=".$docInfo["title"]);
readfile($filePath);
}
/**
- * Method checks access rights to document and returns permissions
+ * Method checks access rights to document and returns permissions.
*/
function getPermissions(array $docInfo, int $userId, string $courseCode, int $groupId = null, int $sessionId = null): array
{
diff --git a/plugin/onlyoffice/create.php b/plugin/onlyoffice/create.php
index e213931fa0..54c22e1b92 100644
--- a/plugin/onlyoffice/create.php
+++ b/plugin/onlyoffice/create.php
@@ -1,7 +1,6 @@
$plugin->get_lang("document"),
"spreadsheet" => $plugin->get_lang("spreadsheet"),
- "presentation" => $plugin->get_lang("presentation")
+ "presentation" => $plugin->get_lang("presentation"),
];
$userId = $_GET["userId"];
@@ -58,7 +55,7 @@ if (!($isAllowToEdit || $isMyDir || $groupRights)) {
$form = new FormValidator(
"doc_create",
"post",
- api_get_path(WEB_PLUGIN_PATH) . "onlyoffice/create.php"
+ api_get_path(WEB_PLUGIN_PATH)."onlyoffice/create.php"
);
$form->addText("fileName", $plugin->get_lang("title"), true);
@@ -84,13 +81,13 @@ if ($form->validate()) {
$fileType = $values["fileFormat"];
$fileExt = FileUtility::getDocExt($fileType);
- $fileTitle = $values["fileName"] . "." . $fileExt;
+ $fileTitle = $values["fileName"].".".$fileExt;
$courseInfo = api_get_course_info_by_id($courseId);
$courseCode = $courseInfo["code"];
$fileNamePrefix = DocumentManager::getDocumentSuffix($courseInfo, $sessionId, $groupId);
- $fileName = $values["fileName"] . $fileNamePrefix . "." . $fileExt;
+ $fileName = $values["fileName"].$fileNamePrefix.".".$fileExt;
$groupInfo = GroupManager::get_group_properties($groupId);
@@ -106,16 +103,16 @@ if ($form->validate()) {
$sessionId
);
$folderPath = $document_data["absolute_path"];
- $fileRelatedPath = $fileRelatedPath . substr($document_data["absolute_path_from_document"], 10) . "/" . $fileName;
+ $fileRelatedPath = $fileRelatedPath.substr($document_data["absolute_path_from_document"], 10)."/".$fileName;
} else {
- $folderPath = api_get_path(SYS_COURSE_PATH) . api_get_course_path($courseCode) . "/document";
+ $folderPath = api_get_path(SYS_COURSE_PATH).api_get_course_path($courseCode)."/document";
if (!empty($groupId)) {
- $folderPath = $folderPath . "/" . $groupInfo["directory"];
- $fileRelatedPath = $groupInfo["directory"] . "/";
+ $folderPath = $folderPath."/".$groupInfo["directory"];
+ $fileRelatedPath = $groupInfo["directory"]."/";
}
- $fileRelatedPath = $fileRelatedPath . $fileName;
+ $fileRelatedPath = $fileRelatedPath.$fileName;
}
- $filePath = $folderPath . "/" . $fileName;
+ $filePath = $folderPath."/".$fileName;
if (file_exists($filePath)) {
Display::addFlash(Display::return_message($plugin->get_lang("fileIsExist"), "error"));
@@ -156,10 +153,9 @@ if ($form->validate()) {
$sessionId
);
- header("Location: " . $goBackUrl);
+ header("Location: ".$goBackUrl);
exit();
}
-
} else {
Display::addFlash(
Display::return_message(
@@ -172,7 +168,7 @@ if ($form->validate()) {
display:
$goBackUrl = $goBackUrl ?: Security::remove_XSS($_SERVER["HTTP_REFERER"]);
- $actionsLeft = '' . Display::return_icon("back.png", get_lang("Back") . " " . get_lang("To") . " " . get_lang("DocumentsOverview"), "", ICON_SIZE_MEDIUM) . "";
+ $actionsLeft = ''.Display::return_icon("back.png", get_lang("Back")." ".get_lang("To")." ".get_lang("DocumentsOverview"), "", ICON_SIZE_MEDIUM)."";
Display::display_header($plugin->get_lang("createNewDocument"));
echo Display::toolbarAction("actions-documents", [$actionsLeft]);
diff --git a/plugin/onlyoffice/editor.php b/plugin/onlyoffice/editor.php
index 278f950fc6..de2388b9d7 100644
--- a/plugin/onlyoffice/editor.php
+++ b/plugin/onlyoffice/editor.php
@@ -1,7 +1,6 @@
get("enable_onlyoffice_plugin") === 'true';
if (!$isEnable) {
- die ("Document server isn't enabled");
+ exit("Document server isn't enabled");
+
return;
}
$documentServerUrl = $plugin->get("document_server_url");
if (empty($documentServerUrl)) {
- die ("Document server isn't configured");
+ exit("Document server isn't configured");
+
return;
}
$config = [];
-$docApiUrl = $documentServerUrl . "/web-apps/apps/api/documents/api.js";
+$docApiUrl = $documentServerUrl."/web-apps/apps/api/documents/api.js";
$docId = $_GET["docId"];
$groupId = isset($_GET["groupId"]) && !empty($_GET["groupId"]) ? $_GET["groupId"] : null;
@@ -68,26 +67,26 @@ $config = [
"fileType" => $extension,
"key" => $key,
"title" => $docInfo["title"],
- "url" => $fileUrl
+ "url" => $fileUrl,
],
"editorConfig" => [
"lang" => $langInfo["isocode"],
"region" => $langInfo["isocode"],
"user" => [
"id" => strval($userId),
- "name" => $userInfo["username"]
+ "name" => $userInfo["username"],
],
"customization" => [
"goback" => [
"blank" => false,
"requestClose" => false,
"text" => get_lang("Back"),
- "url" => Security::remove_XSS($_SERVER["HTTP_REFERER"])
+ "url" => Security::remove_XSS($_SERVER["HTTP_REFERER"]),
],
"compactHeader" => true,
- "toolbarNoTabs" => true
- ]
- ]
+ "toolbarNoTabs" => true,
+ ],
+ ],
];
$userAgent = $_SERVER['HTTP_USER_AGENT'];
@@ -167,7 +166,7 @@ if (!empty($plugin->get("jwt_secret"))) {
}
/**
- * Return callback url
+ * Return callback url.
*/
function getCallbackUrl(int $docId, int $userId, int $courseId, int $sessionId, int $groupId = null): string
{
@@ -178,7 +177,7 @@ function getCallbackUrl(int $docId, int $userId, int $courseId, int $sessionId,
"courseId" => $courseId,
"userId" => $userId,
"docId" => $docId,
- "sessionId" => $sessionId
+ "sessionId" => $sessionId,
];
if (!empty($groupId)) {
@@ -187,7 +186,7 @@ function getCallbackUrl(int $docId, int $userId, int $courseId, int $sessionId,
$hashUrl = Crypt::GetHash($data);
- return $url . api_get_path(WEB_PLUGIN_PATH) . "onlyoffice/callback.php?hash=" . $hashUrl;
+ return $url.api_get_path(WEB_PLUGIN_PATH)."onlyoffice/callback.php?hash=".$hashUrl;
}
?>
@@ -205,7 +204,7 @@ function getCallbackUrl(int $docId, int $userId, int $courseId, int $sessionId,
display: none;
}
-
+