Some attached files went "broken" as stored encrypted file is downloaded instead of the clean original file
In the same item there are attachments that downloads right and other do not does
Searching for shared files keys I found out that there where missing, except for TP_USER_ID and some random User
I found out that this files ID are equal to personal items ID for those same users, so I search for purge functions
I made these changes into purgeUnnecessaryKeysForUser
function purgeUnnecessaryKeysForUser(int $user_id=0)
$personalItems,
[$user_id, TP_USER_ID, API_USER_ID, OTV_USER_ID,SSH_USER_ID]
);
- // Files keys
- DB::delete(
- prefixTable('sharekeys_files'),
- 'object_id IN %li AND user_id NOT IN %ls',
- $personalItems,
- [$user_id, TP_USER_ID, API_USER_ID, OTV_USER_ID,SSH_USER_ID]
- );
// Fields keys
DB::delete(
prefixTable('sharekeys_fields'),
At the end of this function:
+ $personalFiles = DB::queryFirstColumn(
+ 'SELECT f.id
+ FROM ' . prefixTable('files') . ' AS f
+ ' . prefixTable('items') . ' AS i ON f.id_item=i.id
+ INNER JOIN ' . prefixTable('log_items') . ' AS li ON li.id_item = i.id
+ WHERE i.perso = 1 AND li.action = "at_creation" AND li.id_user IN (%i, '.TP_USER_ID.')',
+ $user_id
+ );
+ if (count($personalFiles) > 0) {
+ // Files keys
+ DB::delete(
+ prefixTable('sharekeys_files'),
+ 'object_id IN %li AND user_id NOT IN %ls',
+ $personalFiles,
+ [$user_id, TP_USER_ID, API_USER_ID, OTV_USER_ID,SSH_USER_ID]
+ );
+ }
Note that this function also uses id from items to delete sharekeys_fields and sharekeys_logs, I am not sure if this is right, as I am not using these tables
Note that this issue was found in version 3.1.4.19, and this code is still present in 3.1.6.13
If object_id is unified to represent only items, this fix shall not be needed
It is working fine in my site.
Feel free to review and use if You like it
Thank You for teampass
TeamPass/sources/main.functions.php
Line 5711 in 58feab3
Some attached files went "broken" as stored encrypted file is downloaded instead of the clean original file
In the same item there are attachments that downloads right and other do not does
Searching for shared files keys I found out that there where missing, except for TP_USER_ID and some random User
I found out that this files ID are equal to personal items ID for those same users, so I search for purge functions
I made these changes into purgeUnnecessaryKeysForUser
function purgeUnnecessaryKeysForUser(int $user_id=0)
$personalItems, [$user_id, TP_USER_ID, API_USER_ID, OTV_USER_ID,SSH_USER_ID] ); - // Files keys - DB::delete( - prefixTable('sharekeys_files'), - 'object_id IN %li AND user_id NOT IN %ls', - $personalItems, - [$user_id, TP_USER_ID, API_USER_ID, OTV_USER_ID,SSH_USER_ID] - ); // Fields keys DB::delete( prefixTable('sharekeys_fields'),At the end of this function:
+ $personalFiles = DB::queryFirstColumn( + 'SELECT f.id + FROM ' . prefixTable('files') . ' AS f + ' . prefixTable('items') . ' AS i ON f.id_item=i.id + INNER JOIN ' . prefixTable('log_items') . ' AS li ON li.id_item = i.id + WHERE i.perso = 1 AND li.action = "at_creation" AND li.id_user IN (%i, '.TP_USER_ID.')', + $user_id + ); + if (count($personalFiles) > 0) { + // Files keys + DB::delete( + prefixTable('sharekeys_files'), + 'object_id IN %li AND user_id NOT IN %ls', + $personalFiles, + [$user_id, TP_USER_ID, API_USER_ID, OTV_USER_ID,SSH_USER_ID] + ); + }Note that this function also uses id from items to delete sharekeys_fields and sharekeys_logs, I am not sure if this is right, as I am not using these tables
Note that this issue was found in version 3.1.4.19, and this code is still present in 3.1.6.13
If object_id is unified to represent only items, this fix shall not be needed
It is working fine in my site.
Feel free to review and use if You like it
Thank You for teampass