feat: enable progressive web app

fix: update packages to fix vulnerabilities
docs: add documentation about trivy

Dockerfile

@@ -4,6 +4,9 @@ FROM php:8.0.5-fpm-alpine
 # Set working directory to /var/www/html
 WORKDIR /var/www/html
 
+# Update packages
+RUN apk update && apk upgrade
+
 # Install SQLite3 and its dependencies
 RUN apk add --no-cache sqlite-dev \
     && docker-php-ext-install pdo pdo_sqlite \

SECURITY.md

@@ -18,6 +18,9 @@ This project is currently supported with security updates for the following vers
 
 I take security seriously and am working on ways to implement security measures to protect the project.
 
+What is being done currenty:
+- Periodically scan the docker image for vulnerabilities with trivy.
+
 ## Reporting a Security Concern
 
 If you have any security concerns or questions regarding the security of this project, please contact the developer at [wallos@henrique.pt](mailto:wallos@henrique.pt).

images/icon/site.webmanifest

@@ -1 +0,0 @@
-{"name":"","short_name":"","icons":[{"src":"android-chrome-192x192.png","sizes":"192x192","type":"image/png"},{"src":"android-chrome-512x512.png","sizes":"512x512","type":"image/png"}],"theme_color":"#ffffff","background_color":"#ffffff","display":"standalone"}

includes/header.php

@@ -36,8 +36,9 @@
   <link rel="manifest" href="manifest.json" crossorigin="use-credentials">
   <link rel="stylesheet" href="styles/styles.css?<?= $version ?>">
   <link rel="stylesheet" href="styles/dark-theme.css?<?= $version ?>" id="dark-theme" <?= $theme == "light" ? "disabled" : "" ?>>
-  <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Barlow:300,400,500,600,700">
+  <link rel="stylesheet" href="styles/barlow.css">
-  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css">
+  <link rel="stylesheet" href="styles/font-awesome.min.css">
+  <script type="text/javascript" src="scripts/all.js?<?= $version ?>"></script>
   <script type="text/javascript" src="scripts/common.js?<?= $version ?>"></script>
   <script type="text/javascript">
     window.theme = "<?= $theme ?>";

includes/version.php

@@ -1,3 +1,3 @@
 <?php
-    $version = "v1.8.3";
+    $version = "v1.9.0";
 ?>

login.php

@@ -81,7 +81,7 @@ if (isset($_POST['username']) && isset($_POST['password'])) {
     <link rel="apple-touch-icon" sizes="180x180" href="images/icon/apple-touch-icon.png">
     <link rel="manifest" href="manifest.json">
     <link rel="stylesheet" href="styles/login.css?<?= $version ?>">
-    <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Barlow:300,400,500,600,700">
+    <link rel="stylesheet" href="styles/barlow.css">
     <link rel="stylesheet" href="styles/login-dark-theme.css?<?= $version ?>" id="dark-theme" <?= $theme == "light" ? "disabled" : "" ?>>
 </head>
 <body>

manifest.json

@@ -27,6 +27,49 @@
     ],
     "start_url": "/",   
     "id": "com.wallos.app",
+    "shortcuts": [
+        {
+          "name": "Subscriptions",
+          "short_name": "Subscriptions",
+          "description": "View your subscriptions",
+          "url": "index.php",
+          "icons": [{ "src": "images/siteicons/pwa/subscriptions.png", "sizes": "96x96" }]
+        },
+        {
+          "name": "Stats",
+          "short_name": "Stats",
+          "description": "View your statistics",
+          "url": "stats.php",
+          "icons": [{ "src": "images/siteicons/pwa/stats.png", "sizes": "96x96" }]
+        },
+        {
+          "name": "Settings",
+          "short_name": "Settings",
+          "description": "Change your settings",
+          "url": "settings.php",
+          "icons": [{ "src": "images/siteicons/pwa/settings.png", "sizes": "96x96" }]
+        },
+        {
+          "name": "About",
+          "short_name": "About",
+          "description": "More info about Wallos",
+          "url": "about.php",
+          "icons": [{ "src": "images/siteicons/pwa/about.png", "sizes": "96x96" }]
+        }
+    ],
+    "screenshots": [
+        {
+          "src": "images/screenshots/desktop.png",
+          "sizes": "1000x750",
+          "type": "image/png",
+          "form_factor": "wide"
+        },
+        {
+          "src": "images/screenshots/mobile.png",
+          "sizes": "600x1000",
+          "type": "image/png"
+        }
+    ],
     "background_color": "#FFFFFF",
     "display": "standalone",
     "scope": "/",

registration.php

@@ -97,7 +97,7 @@ if (isset($_POST['username'])) {
         <link rel="manifest" href="manifes.json">
         <link rel="stylesheet" href="styles/login.css?<?= $version ?>">
         <link rel="stylesheet" href="styles/login-dark-theme.css?<?= $version ?>" id="dark-theme" <?= $theme == "light" ? "disabled" : "" ?>>
-        <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Barlow:300,400,500,600,700">
+        <link rel="stylesheet" href="styles/barlow.css">
         <script type="text/javascript" src="scripts/registration.js?<?= $version ?>"></script>
     </head>
     <body>

service-worker.js

@@ -2,9 +2,20 @@ self.addEventListener('install', function(event) {
     event.waitUntil(
         caches.open('my-cache').then(function(cache) {
             return cache.addAll([
+                '.',
+                'index.php',
+                'settings.php',
+                'stats.php',
+                'about.php',
+                'endpoints/subscriptions/get.php',
+                'manifest.json',
                 'styles/styles.css',
                 'styles/dark-theme.css',
                 'styles/login.css',
+                'styles/font-awesome.min.css',
+                'styles/barlow.css',
+                'webfonts/fa-solid-900.woff2',
+                'webfonts/fa-solid-900.ttf',
                 'scripts/common.js',
                 'scripts/dashboard.js',
                 'scripts/stats.js',
@@ -21,18 +32,78 @@ self.addEventListener('install', function(event) {
                 'scripts/i18n/zh_cn.js',
                 'scripts/i18n/zh_tw.js',
                 'scripts/i18n/getlang.js',
+                'scripts/libs/chart.js',
                 'images/icon/favicon.ico',
                 'images/wallossolid.png',
                 'images/wallossolidwhite.png',
+                'images/siteimages/empty.png',
+                'images/avatars/1.svg',
+                'images/avatars/2.svg',
+                'images/avatars/3.svg',
+                'images/avatars/4.svg',
+                'images/avatars/5.svg',
+                'images/avatars/6.svg',
+                'images/avatars/7.svg',
+                'images/avatars/8.svg',
+                'images/avatars/9.svg',
+                'images/siteicons/edit.png',
+                'images/siteicons/websearch.png',
+                'images/siteicons/save.png',
+                'images/siteicons/delete.png',
+                'images/siteicons/category.png',
+                'images/siteicons/check.png',
+                'images/siteicons/editavatar.png',
+                'images/siteicons/notes.png',
+                'images/siteicons/payment.png',
+                'images/siteicons/plusicon.png',
+                'images/siteicons/sort.png',
+                'images/siteicons/subscription.png',
+                'images/siteicons/web.png',
+                'images/siteicons/pwa/stats.png',
+                'images/siteicons/pwa/settings.png',
+                'images/siteicons/pwa/about.png',
+                'images/siteicons/pwa/subscriptions.png',
+                'images/uploads/icons/paypal.png',
+                'images/uploads/icons/creditcard.png',
+                'images/uploads/icons/banktransfer.png',
+                'images/uploads/icons/directdebit.png',
+                'images/uploads/icons/money.png',
+                'images/uploads/icons/googlepay.png',
+                'images/uploads/icons/samsungpay.png',
+                'images/uploads/icons/applepay.png',
+                'images/uploads/icons/crypto.png',
+                'images/uploads/icons/klarna.png',
+                'images/uploads/icons/amazonpay.png',
+                'images/uploads/icons/sepa.png',
+                'images/uploads/icons/skrill.png',
+                'images/uploads/icons/sofort.png',
+                'images/uploads/icons/stripe.png',
+                'images/uploads/icons/affirm.png',
+                'images/uploads/icons/alipay.png',
+                'images/uploads/icons/elo.png',
+                'images/uploads/icons/facebookpay.png',
+                'images/uploads/icons/giropay.png',
+                'images/uploads/icons/ideal.png',
+                'images/uploads/icons/unionpay.png',
+                'images/uploads/icons/interac.png',
+                'images/uploads/icons/wechat.png',
+                'images/uploads/icons/paysafe.png',
+                'images/uploads/icons/poli.png',
+                'images/uploads/icons/qiwi.png',
+                'images/uploads/icons/shoppay.png',
+                'images/uploads/icons/venmo.png',
+                'images/uploads/icons/verifone.png',
+                'images/uploads/icons/webmoney.png',
             ]);
         })
     );
 });
 
+
 self.addEventListener('fetch', function(event) {
     event.respondWith(
-        caches.match(event.request, { redirect: 'follow' }).then(function(response) {
+        fetch(event.request, { redirect: 'follow' }).catch(function() {
-            return response || fetch(event.request);
+            return caches.match(event.request);
         })
     );
 });

styles/barlow.css

@@ -0,0 +1,120 @@
+/* vietnamese */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 300;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3p-ks6FospT4.woff2) format('woff2');
+  unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;
+}
+/* latin-ext */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 300;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3p-ks6VospT4.woff2) format('woff2');
+  unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+/* latin */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 300;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3p-ks51os.woff2) format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+/* vietnamese */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 400;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_A8s52Hs.woff2) format('woff2');
+  unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;
+}
+/* latin-ext */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 400;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_Ass52Hs.woff2) format('woff2');
+  unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+/* latin */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 400;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2) format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+/* vietnamese */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 500;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs6FospT4.woff2) format('woff2');
+  unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;
+}
+/* latin-ext */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 500;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs6VospT4.woff2) format('woff2');
+  unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+/* latin */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 500;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2) format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+/* vietnamese */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 600;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s6FospT4.woff2) format('woff2');
+  unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;
+}
+/* latin-ext */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 600;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s6VospT4.woff2) format('woff2');
+  unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+/* latin */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 600;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2) format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}
+/* vietnamese */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 700;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s6FospT4.woff2) format('woff2');
+  unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;
+}
+/* latin-ext */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 700;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s6VospT4.woff2) format('woff2');
+  unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;
+}
+/* latin */
+@font-face {
+  font-family: 'Barlow';
+  font-style: normal;
+  font-weight: 700;
+  src: url(https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2) format('woff2');
+  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
+}