joshuacoles/wallos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: add hability to disable login (#378)

Browse Source
This commit is contained in:
Miguel Ribeiro 2024-06-08 00:04:50 +02:00 committed by GitHub
parent f79a3f9957
commit 092be22183
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
28 changed files with 205 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
admin.php
View File

@ -11,7 +11,7 @@
$result = $stmt->execute(); $result = $stmt->execute();
$settings = $result->fetchArray(SQLITE3_ASSOC); $settings = $result->fetchArray(SQLITE3_ASSOC);
// get user accounts where id is not 1 // get user accounts
$stmt = $db->prepare('SELECT id, username, email FROM user ORDER BY id ASC'); $stmt = $db->prepare('SELECT id, username, email FROM user ORDER BY id ASC');
$result = $stmt->execute(); $result = $stmt->execute();
@ -20,7 +20,8 @@
$users[] = $row; $users[] = $row;
} }
$userCount = is_array($users) ? count($users) : 0; $userCount = is_array($users) ? count($users) : 0;
$loginDisabledAllowed = $userCount == 1 && $settings['registrations_open'] == 0;
?> ?>
<section class="contain settings"> <section class="contain settings">
@ -42,6 +43,9 @@
<p> <p>
<i class="fa-solid fa-circle-info"></i> <i class="fa-solid fa-circle-info"></i>
<?= translate('max_users_info', $i18n) ?> <?= translate('max_users_info', $i18n) ?>
</p><p>
<i class="fa-solid fa-circle-info"></i>
By enabling user registrations, the setting to disable login will be unavailable.
</p> </p>
</div> </div>
<div class="form-group-inline"> <div class="form-group-inline">
@ -76,6 +80,21 @@
<?= translate('server_url_password_reset', $i18n) ?> <?= translate('server_url_password_reset', $i18n) ?>
</p> </p>
</div> </div>
<hr>
<div class="form-group-inline">
<input type="checkbox" id="disableLogin" <?= $settings['login_disabled'] ? 'checked' : '' ?> <?= $loginDisabledAllowed ? '' : 'disabled' ?> />
<label for="disableLogin"><?= translate('disable_login', $i18n) ?></label>
</div>
<div class="settings-notes">
<p>
<i class="fa fa-exclamation-triangle" aria-hidden="true"></i>
<?= translate('disable_login_info', $i18n) ?>
</p>
<p>
<i class="fa fa-exclamation-triangle" aria-hidden="true"></i>
<?= translate('disable_login_info2', $i18n) ?>
</p>
</div>
<div class="buttons"> <div class="buttons">
<input type="submit" class="thin" value="<?= translate('save', $i18n) ?>" id="saveAccountRegistrations" onClick="saveAccountRegistrationsButton()"/> <input type="submit" class="thin" value="<?= translate('save', $i18n) ?>" id="saveAccountRegistrations" onClick="saveAccountRegistrationsButton()"/>
</div> </div>

28
endpoints/admin/saveopenregistrations.php
View File

@ -26,6 +26,31 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
$maxUsers = $data['max_users']; $maxUsers = $data['max_users'];
$requireEmailVerification = $data['require_email_validation']; $requireEmailVerification = $data['require_email_validation'];
$serverUrl = $data['server_url']; $serverUrl = $data['server_url'];
$disableLogin = $data['disable_login'];
if ($disableLogin == 1) {
if ($openRegistrations == 1) {
echo json_encode([
"success" => false,
"message" => translate('error', $i18n)
]);
die();
}
$sql = "SELECT COUNT(*) as userCount FROM user";
$stmt = $db->prepare($sql);
$result = $stmt->execute();
$row = $result->fetchArray(SQLITE3_ASSOC);
$userCount = $row['userCount'];
if ($userCount > 1) {
echo json_encode([
"success" => false,
"message" => translate('error', $i18n)
]);
die();
}
}
if ($requireEmailVerification == 1 && $serverUrl == "") { if ($requireEmailVerification == 1 && $serverUrl == "") {
echo json_encode([ echo json_encode([
@ -35,12 +60,13 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
die(); die();
} }
$sql = "UPDATE admin SET registrations_open = :openRegistrations, max_users = :maxUsers, require_email_verification = :requireEmailVerification, server_url = :serverUrl"; $sql = "UPDATE admin SET registrations_open = :openRegistrations, max_users = :maxUsers, require_email_verification = :requireEmailVerification, server_url = :serverUrl, login_disabled = :disableLogin WHERE id = 1";
$stmt = $db->prepare($sql); $stmt = $db->prepare($sql);
$stmt->bindParam(':openRegistrations', $openRegistrations, SQLITE3_INTEGER); $stmt->bindParam(':openRegistrations', $openRegistrations, SQLITE3_INTEGER);
$stmt->bindParam(':maxUsers', $maxUsers, SQLITE3_INTEGER); $stmt->bindParam(':maxUsers', $maxUsers, SQLITE3_INTEGER);
$stmt->bindParam(':requireEmailVerification', $requireEmailVerification, SQLITE3_INTEGER); $stmt->bindParam(':requireEmailVerification', $requireEmailVerification, SQLITE3_INTEGER);
$stmt->bindParam(':serverUrl', $serverUrl, SQLITE3_TEXT); $stmt->bindParam(':serverUrl', $serverUrl, SQLITE3_TEXT);
$stmt->bindParam(':disableLogin', $disableLogin, SQLITE3_INTEGER);
$result = $stmt->execute(); $result = $stmt->execute();
if ($result) { if ($result) {

18
includes/checksession.php
View File

@ -46,10 +46,20 @@
} }
$userId = $userData['id']; $userId = $userData['id'];
$main_currency = $userData['main_currency']; $main_currency = $userData['main_currency'];
$sql = "SELECT * FROM login_tokens WHERE user_id = :userId AND token = :token";
$stmt = $db->prepare($sql); $adminQuery = "SELECT login_disabled FROM admin";
$stmt->bindParam(':userId', $userId, SQLITE3_TEXT); $adminResult = $db->query($adminQuery);
$stmt->bindParam(':token', $token, SQLITE3_TEXT); $adminRow = $adminResult->fetchArray(SQLITE3_ASSOC);
if ($adminRow['login_disabled'] == 1) {
$sql = "SELECT * FROM login_tokens WHERE user_id = :userId";
$stmt = $db->prepare($sql);
$stmt->bindParam(':userId', $userId, SQLITE3_TEXT);
} else {
$sql = "SELECT * FROM login_tokens WHERE user_id = :userId AND token = :token";
$stmt = $db->prepare($sql);
$stmt->bindParam(':userId', $userId, SQLITE3_TEXT);
$stmt->bindParam(':token', $token, SQLITE3_TEXT);
}
$result = $stmt->execute(); $result = $stmt->execute();
$row = $result->fetchArray(SQLITE3_ASSOC); $row = $result->fetchArray(SQLITE3_ASSOC);

8
includes/getsettings.php
View File

@ -27,4 +27,12 @@ if ($customColors) {
$settings['customColors'] = $customColors; $settings['customColors'] = $customColors;
} }
$query = "SELECT * FROM admin";
$result = $db->query($query);
$adminSettings = $result->fetchArray(SQLITE3_ASSOC);
if ($adminSettings) {
$settings['disableLogin'] = $adminSettings['login_disabled'];
}
?> ?>

8
includes/header.php
View File

@ -101,7 +101,13 @@
<a href="admin.php"><i class="fa-solid fa-user-tie"></i><?= translate('admin', $i18n) ?></a> <a href="admin.php"><i class="fa-solid fa-user-tie"></i><?= translate('admin', $i18n) ?></a>
<?php endif; ?> <?php endif; ?>
<a href="about.php"><i class="fa-solid fa-info-circle"></i><?= translate('about', $i18n) ?></a> <a href="about.php"><i class="fa-solid fa-info-circle"></i><?= translate('about', $i18n) ?></a>
<a href="logout.php"><i class="fa-solid fa-arrow-right-from-bracket"></i><?= translate('logout', $i18n) ?></a> <?php
if ($settings['disableLogin'] == 0) {
?>
<a href="logout.php"><i class="fa-solid fa-arrow-right-from-bracket"></i><?= translate('logout', $i18n) ?></a>
<?php
}
?>
</div> </div>
</div> </div>
</nav> </nav>

3
includes/i18n/de.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "Server URL", "server_url" => "Server URL",
"server_url_info" => "Wird für die E-Mail-Überprüfung und die Passwortwiederherstellung verwendet. Muss eine gültige öffentliche URL sein.", "server_url_info" => "Wird für die E-Mail-Überprüfung und die Passwortwiederherstellung verwendet. Muss eine gültige öffentliche URL sein.",
"server_url_password_reset" => "Wenn diese Option gesetzt ist, wird auch die Funktion zum Zurücksetzen des Passworts aktiviert.", "server_url_password_reset" => "Wenn diese Option gesetzt ist, wird auch die Funktion zum Zurücksetzen des Passworts aktiviert.",
"disable_login" => "Login deaktivieren",
"disable_login_info" => "Anmeldung umgehen. Wenn Sie Ihren Server nur in einem lokalen Netzwerk betreiben, ohne Zugriff von außen, können Sie die Anmeldung deaktivieren. Dadurch wird automatisch der Admin-Benutzer angemeldet.",
"disable_login_info2" => "Sie können diese Einstellung nur aktivieren, wenn die Benutzerregistrierung ausgeschaltet ist und es nicht mehr als ein Admin-Benutzerkonto gibt.",
"max_users_info" => "0 für unbegrenzte Anzahl an Benutzern", "max_users_info" => "0 für unbegrenzte Anzahl an Benutzern",
"user_management" => "Benutzerverwaltung", "user_management" => "Benutzerverwaltung",
"delete_user" => "Benutzer löschen", "delete_user" => "Benutzer löschen",

3
includes/i18n/el.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "Διεύθυνση URL διακομιστή", "server_url" => "Διεύθυνση URL διακομιστή",
"server_url_info" => "Χρησιμοποιείται για επαλήθευση email και ανάκτηση κωδικού πρόσβασης. Πρέπει να είναι ένα έγκυρο δημόσιο URL.", "server_url_info" => "Χρησιμοποιείται για επαλήθευση email και ανάκτηση κωδικού πρόσβασης. Πρέπει να είναι ένα έγκυρο δημόσιο URL.",
"server_url_password_reset" => "Εάν οριστεί, θα ενεργοποιήσει επίσης τη λειτουργία επαναφοράς κωδικού πρόσβασης.", "server_url_password_reset" => "Εάν οριστεί, θα ενεργοποιήσει επίσης τη λειτουργία επαναφοράς κωδικού πρόσβασης.",
"disable_login" => "Απενεργοποίηση σύνδεσης",
"disable_login_info" => "Παράκαμψη σύνδεσης. Εάν εκτελείτε το διακομιστή σας μόνο σε τοπικό δίκτυο, χωρίς εξωτερική πρόσβαση, μπορείτε να απενεργοποιήσετε τη σύνδεση. Αυτό θα πραγματοποιήσει αυτόματα την είσοδο του χρήστη διαχειριστή.",
"disable_login_info2" => "Μπορείτε να ενεργοποιήσετε αυτή τη ρύθμιση μόνο εάν η εγγραφή χρηστών είναι απενεργοποιημένη και δεν υπάρχουν περισσότεροι από το λογαριασμό χρήστη διαχειριστή.",
"max_users_info" => "Ο μέγιστος αριθμός χρηστών που μπορούν να εγγραφούν. Αν η τιμή είναι 0, δεν υπάρχει όριο.", "max_users_info" => "Ο μέγιστος αριθμός χρηστών που μπορούν να εγγραφούν. Αν η τιμή είναι 0, δεν υπάρχει όριο.",
"user_management" => "Διαχείριση χρηστών", "user_management" => "Διαχείριση χρηστών",
"delete_user" => "Διαγραφή χρήστη", "delete_user" => "Διαγραφή χρήστη",

3
includes/i18n/en.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "Server URL", "server_url" => "Server URL",
"server_url_info" => "Used for email verification and password recovery. Must be a valid public URL.", "server_url_info" => "Used for email verification and password recovery. Must be a valid public URL.",
"server_url_password_reset" => "If set will also enable password reset functionality.", "server_url_password_reset" => "If set will also enable password reset functionality.",
"disable_login" => "Disable login",
"disable_login_info" => "Bypass login. If you run your server on a local network only, without external access you can disable the login. This will automatically login the admin user.",
"disable_login_info2" => "You can only enable this setting if user registration is disabled and there are no more than the admin user account.",
"max_users_info" => "0 means unlimited", "max_users_info" => "0 means unlimited",
"user_management" => "User Management", "user_management" => "User Management",
"delete_user" => "Delete User", "delete_user" => "Delete User",

3
includes/i18n/es.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "URL del Servidor", "server_url" => "URL del Servidor",
"server_url_info" => "Se utiliza para verificar el correo electrónico y recuperar la contraseña. Debe ser una URL pública válida.", "server_url_info" => "Se utiliza para verificar el correo electrónico y recuperar la contraseña. Debe ser una URL pública válida.",
"server_url_password_reset" => "Si se configura, también se habilitará la función de restablecimiento de contraseña.", "server_url_password_reset" => "Si se configura, también se habilitará la función de restablecimiento de contraseña.",
"disable_login" => "Deshabilitar Inicio de Sesión",
"disable_login_info" => "Omitir el inicio de sesión. Si ejecuta su servidor sólo en una red local, sin acceso externo, puede desactivar el inicio de sesión. Esto iniciará automáticamente la sesión del usuario administrador.",
"disable_login_info2" => "Sólo puede activar esta configuración si el registro de usuarios está desactivado y no hay más que la cuenta de usuario admin.",
"max_users_info" => "0 para ilimitado", "max_users_info" => "0 para ilimitado",
"user_management" => "Gestión de Usuarios", "user_management" => "Gestión de Usuarios",
"delete_user" => "Eliminar Usuario", "delete_user" => "Eliminar Usuario",

3
includes/i18n/fr.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "URL du serveur", "server_url" => "URL du serveur",
"server_url_info" => "Utilisé pour la vérification du courrier électronique et la récupération du mot de passe. Il doit s'agir d'une URL publique valide.", "server_url_info" => "Utilisé pour la vérification du courrier électronique et la récupération du mot de passe. Il doit s'agir d'une URL publique valide.",
"server_url_password_reset" => "Si cette option est activée, la fonction de réinitialisation du mot de passe sera également activée.", "server_url_password_reset" => "Si cette option est activée, la fonction de réinitialisation du mot de passe sera également activée.",
"disable_login" => "Désactiver la connexion",
"disable_login_info" => "Contourner le login. Si vous utilisez votre serveur sur un réseau local uniquement, sans accès externe, vous pouvez désactiver le login. L'utilisateur admin se connectera automatiquement.",
"disable_login_info2" => "Vous ne pouvez activer ce paramètre que si l'enregistrement des utilisateurs est désactivé et qu'il n'y a pas d'autre compte utilisateur que celui de l'administrateur.",
"max_users_info" => "0 signifie un nombre illimité d'utilisateurs", "max_users_info" => "0 signifie un nombre illimité d'utilisateurs",
"user_management" => "Gestion des utilisateurs", "user_management" => "Gestion des utilisateurs",
"delete_user" => "Supprimer l'utilisateur", "delete_user" => "Supprimer l'utilisateur",

3
includes/i18n/it.php
View File

@ -291,6 +291,9 @@ $i18n = [
"server_url" => "URL del server", "server_url" => "URL del server",
"server_url_info" => "Utilizzato per la verifica dell'e-mail e il recupero della password. Deve essere un URL pubblico valido.", "server_url_info" => "Utilizzato per la verifica dell'e-mail e il recupero della password. Deve essere un URL pubblico valido.",
"server_url_password_reset" => "Se impostato, abilita anche la funzionalità di reimpostazione della password.", "server_url_password_reset" => "Se impostato, abilita anche la funzionalità di reimpostazione della password.",
"disable_login" => "Disabilita il login",
"disable_login_info" => "Bypassare il login. Se si gestisce il server solo su una rete locale, senza accesso esterno, è possibile disabilitare il login. In questo modo, l'utente amministratore effettuerà automaticamente il login.",
"disable_login_info2" => "Questa impostazione può essere attivata solo se la registrazione degli utenti è disattivata e non ci sono più account utente oltre a quello dell'amministratore.",
"max_users_info" => "Impostare a 0 per un numero illimitato di utenti", "max_users_info" => "Impostare a 0 per un numero illimitato di utenti",
"user_management" => "Gestione utenti", "user_management" => "Gestione utenti",
"delete_user" => "Elimina utente", "delete_user" => "Elimina utente",

3
includes/i18n/jp.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "サーバーURL", "server_url" => "サーバーURL",
"server_url_info" => "電子メール認証とパスワード回復に使用される。有効な公開URLでなければなりません。", "server_url_info" => "電子メール認証とパスワード回復に使用される。有効な公開URLでなければなりません。",
"server_url_password_reset" => "設定すると、パスワードリセット機能も有効になる。", "server_url_password_reset" => "設定すると、パスワードリセット機能も有効になる。",
"disable_login" => "ログインを無効にする",
"disable_login_info" => "ログインをバイパスします。サーバーをローカルネットワークのみで運用し、外部からのアクセスがない場合、ログインを無効にすることができます。これにより、管理者ユーザが自動的にログインします。",
"disable_login_info2" => "この設定を有効にできるのは、ユーザー登録がオフで、管理者以上のユーザーアカウントが存在しない場合のみです。",
"max_users_info" => "0に設定すると無制限になります", "max_users_info" => "0に設定すると無制限になります",
"user_management" => "ユーザー管理", "user_management" => "ユーザー管理",
"delete_user" => "ユーザーを削除", "delete_user" => "ユーザーを削除",

3
includes/i18n/ko.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "서버 URL", "server_url" => "서버 URL",
"server_url_info" => "이메일 인증 및 비밀번호 복구에 사용됩니다. 유효한 공개 URL이어야 합니다.", "server_url_info" => "이메일 인증 및 비밀번호 복구에 사용됩니다. 유효한 공개 URL이어야 합니다.",
"server_url_password_reset" => "설정하면 비밀번호 재설정 기능도 활성화됩니다.", "server_url_password_reset" => "설정하면 비밀번호 재설정 기능도 활성화됩니다.",
"disable_login" => "로그인 비활성화",
"disable_login_info" => "로그인 우회. 외부 액세스 없이 로컬 네트워크에서만 서버를 실행하는 경우 로그인을 비활성화할 수 있습니다. 그러면 관리자 사용자가 자동으로 로그인됩니다.",
"disable_login_info2" => "이 설정은 사용자 등록이 해제되어 있고 관리자 사용자 계정이 없는 경우에만 활성화할 수 있습니다.",
"max_users_info" => "0으로 설정하면 무제한으로 설정됩니다.", "max_users_info" => "0으로 설정하면 무제한으로 설정됩니다.",
"user_management" => "유저 관리", "user_management" => "유저 관리",
"delete_user" => "유저 삭제", "delete_user" => "유저 삭제",

3
includes/i18n/pl.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "Adres URL serwera", "server_url" => "Adres URL serwera",
"server_url_info" => "Służy do weryfikacji adresu e-mail i odzyskiwania hasła. Musi to być prawidłowy publiczny adres URL.", "server_url_info" => "Służy do weryfikacji adresu e-mail i odzyskiwania hasła. Musi to być prawidłowy publiczny adres URL.",
"server_url_password_reset" => "Jeśli zostanie ustawiona, włączy również funkcję resetowania hasła.", "server_url_password_reset" => "Jeśli zostanie ustawiona, włączy również funkcję resetowania hasła.",
"disable_login" => "Wyłącz logowanie",
"disable_login_info" => "Obejście logowania. Jeśli serwer działa tylko w sieci lokalnej, bez dostępu z zewnątrz, można wyłączyć logowanie. Spowoduje to automatyczne zalogowanie użytkownika admin.",
"disable_login_info2" => "To ustawienie można włączyć tylko wtedy, gdy rejestracja użytkowników jest wyłączona i nie ma więcej niż konto administratora.",
"max_users_info" => "Jeśli ustawisz 0, nie będzie limitu użytkowników.", "max_users_info" => "Jeśli ustawisz 0, nie będzie limitu użytkowników.",
"user_management" => "Zarządzanie użytkownikami", "user_management" => "Zarządzanie użytkownikami",
"delete_user" => "Usuń użytkownika", "delete_user" => "Usuń użytkownika",

3
includes/i18n/pt.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "URL do Servidor", "server_url" => "URL do Servidor",
"server_url_info" => "Usado para gerar links de verificação de email. Deve ser um URL público e válido.", "server_url_info" => "Usado para gerar links de verificação de email. Deve ser um URL público e válido.",
"server_url_password_reset" => "Se definido, também activará a funcionalidade de reposição da palavra-passe.", "server_url_password_reset" => "Se definido, também activará a funcionalidade de reposição da palavra-passe.",
"disable_login" => "Desactivar Inicio de Sessão",
"disable_login_info" => "Ultrapassar o início de sessão. Se o seu servidor funciona apenas numa rede local, sem acesso externo, pode desativar o início de sessão. Isto irá iniciar automaticamente a sessão do utilizador administrador.",
"disable_login_info2" => "Só pode ativar esta definição se o registo de utilizadores estiver desativado e se não houver mais do que a conta de utilizador administrador.",
"max_users_info" => "0 para ilimitado", "max_users_info" => "0 para ilimitado",
"user_management" => "Gestão de Utilizadores", "user_management" => "Gestão de Utilizadores",
"delete_user" => "Apagar Utilizador", "delete_user" => "Apagar Utilizador",

3
includes/i18n/pt_br.php
View File

@ -273,6 +273,9 @@ $i18n = [
"server_url" => "URL do servidor", "server_url" => "URL do servidor",
"server_url_info" => "Será usado para gerar links de verificação de email, deve ser um endereço público e válido.", "server_url_info" => "Será usado para gerar links de verificação de email, deve ser um endereço público e válido.",
"server_url_password_reset" => "Se definido, também ativará a funcionalidade de redefinição de senha.", "server_url_password_reset" => "Se definido, também ativará a funcionalidade de redefinição de senha.",
"disable_login" => "Desativar login",
"disable_login_info" => "Ignorar login. Se você executar o servidor somente em uma rede local, sem acesso externo, poderá desativar o login. Isso fará o login automático do usuário administrador.",
"disable_login_info2" => "Só é possível ativar essa configuração se o registro de usuário estiver desativado e não houver mais do que a conta de usuário administrador.",
"max_users_info" => "0 para ilimitado", "max_users_info" => "0 para ilimitado",
"user_management" => "Gerenciamento de usuários", "user_management" => "Gerenciamento de usuários",
"delete_user" => "Excluir usuário", "delete_user" => "Excluir usuário",

3
includes/i18n/ru.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "URL-адрес сервера", "server_url" => "URL-адрес сервера",
"server_url_info" => "Используется для проверки электронной почты и восстановления пароля. Должен быть действительным публичным URL.", "server_url_info" => "Используется для проверки электронной почты и восстановления пароля. Должен быть действительным публичным URL.",
"server_url_password_reset" => "Если этот параметр установлен, он также включает функцию сброса пароля.", "server_url_password_reset" => "Если этот параметр установлен, он также включает функцию сброса пароля.",
"disable_login" => "Отключить вход",
"disable_login_info" => "Обход входа в систему. Если вы используете свой сервер только в локальной сети, без доступа извне, вы можете отключить вход в систему. При этом будет автоматически входить пользователь admin.",
"disable_login_info2" => "Этот параметр можно включить только в том случае, если регистрация пользователей отключена и их количество не превышает учетную запись администратора.",
"max_users_info" => "Установите 0 для неограниченного количества пользователей.", "max_users_info" => "Установите 0 для неограниченного количества пользователей.",
"user_management" => "Управление пользователями", "user_management" => "Управление пользователями",
"delete_user" => "Удалить пользователя", "delete_user" => "Удалить пользователя",

3
includes/i18n/sl.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "URL strežnika", "server_url" => "URL strežnika",
"server_url_info" => "Uporablja se za preverjanje e-pošte in obnovitev gesla. Biti mora veljaven javni URL.", "server_url_info" => "Uporablja se za preverjanje e-pošte in obnovitev gesla. Biti mora veljaven javni URL.",
"server_url_password_reset" => "Če je nastavljeno, bo omogočena tudi funkcija ponastavitve gesla.", "server_url_password_reset" => "Če je nastavljeno, bo omogočena tudi funkcija ponastavitve gesla.",
"disable_login" => "Onemogoči prijavo",
"disable_login_info" => "Obidite prijavo. Če strežnik uporabljate samo v lokalnem omrežju brez zunanjega dostopa, lahko onemogočite prijavo. Tako se bo samodejno prijavil uporabnik administrator.",
"disable_login_info2" => "To nastavitev lahko omogočite le, če je registracija uporabnikov izklopljena in če ni več uporabniških računov, razen uporabniškega računa upravitelja.",
"max_users_info" => "0 pomeni neomejeno", "max_users_info" => "0 pomeni neomejeno",
"user_management" => "Upravljanje uporabnikov", "user_management" => "Upravljanje uporabnikov",
"delete_user" => "Izbriši uporabnika", "delete_user" => "Izbriši uporabnika",

3
includes/i18n/sr.php
View File

@ -274,6 +274,9 @@ $i18n = [
"server_url" => "URL сервера", "server_url" => "URL сервера",
"server_url_info" => "Користи се за верификацију е-поште и опоравак лозинке. Мора да буде важећи јавни УРЛ.", "server_url_info" => "Користи се за верификацију е-поште и опоравак лозинке. Мора да буде важећи јавни УРЛ.",
"server_url_password_reset" => "Ако је подешено, такође ће се омогућити функција ресетовања лозинке.", "server_url_password_reset" => "Ако је подешено, такође ће се омогућити функција ресетовања лозинке.",
"disable_login" => "Онемогући пријаву",
"disable_login_info" => "Заобиђите пријаву. Ако свој сервер покрећете само на локалној мрежи, без спољног приступа можете да онемогућите пријаву. Ово ће аутоматски пријавити корисника администратора.",
"disable_login_info2" => "Ово подешавање се може омогућити само ако је регистрација корисника затворена и број корисничких налога не прелази администраторске налоге.",
"max_users_info" => "Максималан број корисника који могу бити регистровани. 0 за неограничено.", "max_users_info" => "Максималан број корисника који могу бити регистровани. 0 за неограничено.",
"user_management" => "Управљање корисницима", "user_management" => "Управљање корисницима",
"delete_user" => "Обриши корисника", "delete_user" => "Обриши корисника",

3
includes/i18n/sr_lat.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "URL servera", "server_url" => "URL servera",
"server_url_info" => "Koristi se za verifikaciju e-pošte i oporavak lozinke. Mora da bude važeći javni URL.", "server_url_info" => "Koristi se za verifikaciju e-pošte i oporavak lozinke. Mora da bude važeći javni URL.",
"server_url_password_reset" => "Ako je podešeno, takođe će se omogućiti funkcija resetovanja lozinke.", "server_url_password_reset" => "Ako je podešeno, takođe će se omogućiti funkcija resetovanja lozinke.",
"disable_login" => "Onemogući prijavu",
"disable_login_info" => "Zaobiđite prijavu. Ako svoj server pokrećete samo na lokalnoj mreži, bez spoljnog pristupa možete da onemogućite prijavu. Ovo će automatski prijaviti korisnika administratora.",
"disable_login_info2" => "Ovo podešavanje se može omogućiti samo ako je registracija korisnika zatvorena i broj korisničkih naloga ne prelazi administratorske naloge.",
"max_users_info" => "0 za neograničen broj korisnika", "max_users_info" => "0 za neograničen broj korisnika",
"user_management" => "Upravljanje korisnicima", "user_management" => "Upravljanje korisnicima",
"delete_user" => "Izbriši korisnika", "delete_user" => "Izbriši korisnika",

5
includes/i18n/tr.php
View File

@ -275,7 +275,10 @@ $i18n = [
"server_url" => "Sunucu URL'si", "server_url" => "Sunucu URL'si",
"server_url_info" => "E-posta doğrulama ve şifre kurtarma için kullanılır. Geçerli bir genel URL olmalıdır.", "server_url_info" => "E-posta doğrulama ve şifre kurtarma için kullanılır. Geçerli bir genel URL olmalıdır.",
"server_url_password_reset" => "Ayarlanırsa şifre sıfırlama işlevini de etkinleştirir.", "server_url_password_reset" => "Ayarlanırsa şifre sıfırlama işlevini de etkinleştirir.",
"max_users_info" => "0 veya boş bırakıldığında sınırsız kullanıcı sayısı", "disable_login" => "Girişi devre dışı bırak",
"disable_login_info" => "Girişi atlayın. Sunucunuzu yalnızca yerel bir ağ üzerinde, harici erişim olmadan çalıştırıyorsanız, oturum açmayı devre dışı bırakabilirsiniz. Bu, yönetici kullanıcıyı otomatik olarak oturum açacaktır.",
"disable_login_info2" => "Bu ayarı yalnızca kullanıcı kaydı kapalıysa ve yönetici kullanıcı hesabından başka kullanıcı yoksa etkinleştirebilirsiniz.",
"max_users_info" => "0 veya boş bırakıldığında sınırsız kullanıcı sayısı",
"user_management" => "Kullanıcı Yönetimi", "user_management" => "Kullanıcı Yönetimi",
"delete_user" => "Kullanıcıyı Sil", "delete_user" => "Kullanıcıyı Sil",
"delete_user_info" => "Bir kullanıcının silinmesi aynı zamanda tüm aboneliklerinin ve ayarlarının da silinmesine neden olur.", "delete_user_info" => "Bir kullanıcının silinmesi aynı zamanda tüm aboneliklerinin ve ayarlarının da silinmesine neden olur.",

5
includes/i18n/zh_cn.php
View File

@ -290,9 +290,12 @@ $i18n = [
"maximum_number_users" => "最大用户数", "maximum_number_users" => "最大用户数",
"require_email_verification" => "需要电子邮件验证", "require_email_verification" => "需要电子邮件验证",
"configure_smtp_settings_to_enable" => "要启用此功能,请配置 SMTP 设置。", "configure_smtp_settings_to_enable" => "要启用此功能,请配置 SMTP 设置。",
"server_url" => "服务器 URL", "server_url" => "服务器 URL",
"server_url_info" => "用于电子邮件验证和密码恢复。必须是有效的公共 URL。", "server_url_info" => "用于电子邮件验证和密码恢复。必须是有效的公共 URL。",
"server_url_password_reset" => "如果设置,还将启用密码重置功能。", "server_url_password_reset" => "如果设置,还将启用密码重置功能。",
"disable_login" => "禁用登录",
"disable_login_info" => "旁路登录。如果服务器只在本地网络上运行,没有外部访问,则可以禁用登录。这会自动登录管理员用户。",
"disable_login_info2" => "只有在用户注册关闭且用户账户数不超过管理员账户时,才能启用此设置。",
"max_users_info" => "设置为 0 以无限制用户数", "max_users_info" => "设置为 0 以无限制用户数",
"user_management" => "用户管理", "user_management" => "用户管理",
"delete_user" => "删除用户", "delete_user" => "删除用户",

3
includes/i18n/zh_tw.php
View File

@ -275,6 +275,9 @@ $i18n = [
"server_url" => "伺服器 URL", "server_url" => "伺服器 URL",
"server_url_info" => "用於電子郵件驗證和密碼恢復。 必須是有效的公共 URL。", "server_url_info" => "用於電子郵件驗證和密碼恢復。 必須是有效的公共 URL。",
"server_url_password_reset" => "如果設置,還將啟用密碼重置功能。", "server_url_password_reset" => "如果設置,還將啟用密碼重置功能。",
"disable_login" => "停用登入",
"disable_login_info" => "繞過登入。如果您僅在本機網路上執行伺服器,而沒有外部存取權限,則可以停用登入。這將自動登入管理員用戶。",
"disable_login_info2" => "只有在使用者註冊關閉且使用者帳戶數不超過管理員帳戶時,才能啟用此設定。",
"max_users_info" => "設定為 0 以無限制使用者數", "max_users_info" => "設定為 0 以無限制使用者數",
"user_management" => "使用者管理", "user_management" => "使用者管理",
"delete_user" => "刪除使用者", "delete_user" => "刪除使用者",

2
includes/version.php
View File

@ -1,3 +1,3 @@
<?php <?php
$version = "v2.3.0"; $version = "v2.4.0";
?> ?>

48
login.php
View File

@ -20,6 +20,54 @@ if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
exit(); exit();
} }
// Check if login is disabled
$adminQuery = "SELECT login_disabled FROM admin";
$adminResult = $db->query($adminQuery);
$adminRow = $adminResult->fetchArray(SQLITE3_ASSOC);
if ($adminRow['login_disabled'] == 1) {
$query = "SELECT id, username, main_currency, language FROM user WHERE id = :id";
$stmt = $db->prepare($query);
$stmt->bindValue(':id', 1, SQLITE3_INTEGER);
$result = $stmt->execute();
$row = $result->fetchArray(SQLITE3_ASSOC);
if ($row === false) {
// Something is wrong with admin user. Reenable login
$updateQuery = "UPDATE admin SET login_disabled = 0";
$updateStmt = $db->prepare($updateQuery);
$updateStmt->execute();
$db->close();
header("Location: login.php");
} else {
$userId = $row['id'];
$main_currency = $row['main_currency'];
$username = $row['username'];
$language = $row['language'];
$_SESSION['username'] = $username;
$_SESSION['loggedin'] = true;
$_SESSION['main_currency'] = $main_currency;
$_SESSION['userId'] = $userId;
$cookieExpire = time() + (30 * 24 * 60 * 60);
setcookie('language', $language, $cookieExpire);
$query = "SELECT color_theme FROM settings";
$stmt = $db->prepare($query);
$result = $stmt->execute();
$settings = $result->fetchArray(SQLITE3_ASSOC);
setcookie('colorTheme', $settings['color_theme'], $cookieExpire);
$cookieValue = $username . "|" . "abc123ABC" . "|" . $main_currency;
setcookie('wallos_login', $cookieValue, $cookieExpire);
$db->close();
header("Location: .");
}
}
$theme = "light"; $theme = "light";
if (isset($_COOKIE['theme'])) { if (isset($_COOKIE['theme'])) {
$theme = $_COOKIE['theme']; $theme = $_COOKIE['theme'];

15
migrations/000022.php Normal file
View File

@ -0,0 +1,15 @@
<?php
/*
This migration adds a column to the admin table to enable the option to disable login
*/
/** @noinspection PhpUndefinedVariableInspection */
$columnQuery = $db->query("SELECT * FROM pragma_table_info('admin') where name='login_disabled'");
$columnRequired = $columnQuery->fetchArray(SQLITE3_ASSOC) === false;
if ($columnRequired) {
$db->exec('ALTER TABLE admin ADD COLUMN login_disabled BOOLEAN DEFAULT 0');
}
?>

4
scripts/admin.js
View File

@ -165,12 +165,14 @@ function saveAccountRegistrationsButton () {
const max_users = document.getElementById('maxUsers').value; const max_users = document.getElementById('maxUsers').value;
const require_email_validation = document.getElementById('requireEmail').checked ? 1 : 0; const require_email_validation = document.getElementById('requireEmail').checked ? 1 : 0;
const server_url = document.getElementById('serverUrl').value; const server_url = document.getElementById('serverUrl').value;
const disable_login = document.getElementById('disableLogin').checked ? 1 : 0;
const data = { const data = {
open_registrations: open_registrations, open_registrations: open_registrations,
max_users: max_users, max_users: max_users,
require_email_validation: require_email_validation, require_email_validation: require_email_validation,
server_url: server_url server_url: server_url,
disable_login: disable_login
}; };
fetch('endpoints/admin/saveopenregistrations.php', { fetch('endpoints/admin/saveopenregistrations.php', {

5
styles/styles.css
View File

@ -668,6 +668,11 @@ header #avatar {
gap: 30px; gap: 30px;
} }
.admin-form hr {
margin: 20px 0px;
color: var(--main-color);
}
.account-notifications-section { .account-notifications-section {
border: 1px solid #aaa; border: 1px solid #aaa;
border-radius: 8px; border-radius: 8px;