Merge BusinessAppTemplate

# Conflicts:
#	lib/User.lib.php
#	pages/form.php
master
Skylar Ittner 5 vuotta sitten
commit be00440f58

@ -55,24 +55,22 @@ function authenticate(): bool {
global $VARS;
// HTTP basic auth
if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
$user = User::byUsername($_SERVER['PHP_AUTH_USER']);
if (!$user->checkPassword($_SERVER['PHP_AUTH_PW'])) {
return false;
}
return true;
}
// Form auth
if (empty($VARS['username']) || empty($VARS['password'])) {
return false;
} else {
$username = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
} else if (!empty($VARS['username']) && !empty($VARS['password'])) {
$username = $VARS['username'];
$password = $VARS['password'];
$user = User::byUsername($username);
if ($user->exists() !== true || Login::auth($username, $password) !== Login::LOGIN_OK) {
return false;
}
} else {
return false;
}
$user = User::byUsername($username);
if (!$user->exists()) {
return false;
}
if ($user->checkPassword($password, true)) {
return true;
}
return true;
return false;
}
/**

@ -10,6 +10,8 @@ require __DIR__ . '/../required.php';
require __DIR__ . '/functions.php';
require __DIR__ . '/apisettings.php';
header("Access-Control-Allow-Origin: *");
$VARS = $_GET;
if ($_SERVER['REQUEST_METHOD'] != "GET") {
$VARS = array_merge($VARS, $_POST);

@ -178,7 +178,10 @@ HTMLTOP;
}
$itemhtml = "";
$itemlabel = "";
if ($item['type'] != "checkbox") {
if ($item['type'] == "textarea") {
$itemlabel = "<label class=\"mb-0\"><i class=\"$item[icon]\"></i> $item[label]:</label>";
} else if ($item['type'] != "checkbox") {
$itemlabel = "<label class=\"mb-0\">$item[label]:</label>";
}
$strippedlabel = strip_tags($item['label']);
@ -186,13 +189,16 @@ HTMLTOP;
\n\n <div class="col-12 col-md-$item[width]">
<div class="form-group mb-3">
$itemlabel
<div class="input-group">
ITEMTOP;
$inputgrouptop = <<<INPUTG
\n <div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="$item[icon]"></i></span>
</div>
ITEMTOP;
INPUTG;
switch ($item['type']) {
case "select":
$itemhtml .= $inputgrouptop;
$itemhtml .= <<<SELECT
\n <select class="form-control" name="$item[name]" aria-label="$strippedlabel" $required>
SELECT;
@ -206,6 +212,7 @@ SELECT;
$itemhtml .= "\n </select>";
break;
case "checkbox":
$itemhtml .= $inputgrouptop;
$itemhtml .= <<<CHECKBOX
\n <div class="form-group form-check">
<input type="checkbox" name="$item[name]" $id class="form-check-input" value="$item[value]" $required aria-label="$strippedlabel">
@ -213,7 +220,14 @@ SELECT;
</div>
CHECKBOX;
break;
case "textarea":
$val = htmlentities($item['value']);
$itemhtml .= <<<TEXTAREA
\n <textarea class="form-control" id="info" name="$item[name]" aria-label="$strippedlabel" minlength="$item[minlength]" maxlength="$item[maxlength]" $required>$val</textarea>
TEXTAREA;
break;
default:
$itemhtml .= $inputgrouptop;
$itemhtml .= <<<INPUT
\n <input type="$item[type]" name="$item[name]" $id class="form-control" aria-label="$strippedlabel" minlength="$item[minlength]" maxlength="$item[maxlength]" $pattern value="$item[value]" $required />
INPUT;
@ -227,9 +241,11 @@ INPUT;
</div>
ERROR;
}
if ($item["type"] != "textarea") {
$itemhtml .= "\n </div>";
}
$itemhtml .= <<<ITEMBOTTOM
\n </div>
</div>
\n </div>
</div>\n
ITEMBOTTOM;
$html .= $itemhtml;
@ -242,7 +258,7 @@ ITEMBOTTOM;
HTMLBOTTOM;
if (!empty($this->buttons)) {
$html .= "\n <div class=\"card-footer\">";
$html .= "\n <div class=\"card-footer d-flex\">";
foreach ($this->buttons as $btn) {
$btnhtml = "";
$inner = "<i class=\"$btn[icon]\"></i> $btn[text]";

@ -101,10 +101,16 @@ class User {
/**
* Check the given plaintext password against the stored hash.
* @param string $password
* @param bool $apppass Set to true to enforce app passwords when 2fa is on.
* @return bool
*/
function checkPassword(string $password): bool {
return password_verify($password, $this->passhash);
function checkPassword(string $password, bool $apppass = false): bool {
$resp = AccountHubApi::get("auth", ['username' => $this->username, 'password' => $password, 'apppass' => ($apppass ? "1" : "0")]);
if ($resp['status'] == "OK") {
return true;
} else {
return false;
}
}
/**

Ladataan…
Peruuta
Tallenna