joshuacoles/wallos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: joshuacoles:09d0c71569918f5b4672f5e5bd1c977baa112fe4
Branches Tags
joshuacoles:main
...
compare: joshuacoles:ef6f19eb77b775fc8befba48ab1d7b95286573b4
Branches Tags
joshuacoles:main

3 Commits
09d0c71569 ... ef6f19eb77

Author SHA1 Message Date
Joshua Coles
ef6f19eb77 Add support for the X-WebAuth-User header for authentication 2024-06-09 22:04:35 +01:00
Joshua Coles
48899f307c Remove now unneeded form requirements 2024-05-09 15:33:48 +01:00
Joshua Coles
d3a9bc8ca8 Strip out mail actions, replace with ntfy.sh 2024-05-09 15:25:00 +01:00
5 changed files with 84 additions and 149 deletions
Show Stats Expand all files Collapse all files

52
endpoints/cronjobs/sendnotifications.php
View File

@ -12,12 +12,6 @@
if ($row = $result->fetchArray(SQLITE3_ASSOC)) {
$notificationsEnabled = $row['enabled'];
$days = $row['days'];
$smtpAddress = $row["smtp_address"];
$smtpPort = $row["smtp_port"];
$encryption = $row["encryption"];
$smtpUsername = $row["smtp_username"];
$smtpPassword = $row["smtp_password"];
$fromEmail = $row["from_email"] ? $row["from_email"] : "wallos@wallosapp.com";
} else {
echo "Notifications are disabled. No need to run.";
}
@ -49,11 +43,6 @@
}
if (!empty($notify)) {
require $webPath . 'libs/PHPMailer/PHPMailer.php';
require $webPath . 'libs/PHPMailer/SMTP.php';
require $webPath . 'libs/PHPMailer/Exception.php';
$stmt = $db->prepare('SELECT * FROM user WHERE id = :id');
$stmt->bindValue(':id', 1, SQLITE3_INTEGER);
$result = $stmt->execute();
@ -68,37 +57,18 @@
foreach ($perUser as $subscription) {
$message .= $subscription['name'] . " for " . $subscription['price'] . "\n";
}
$mail = new PHPMailer(true);
$mail->CharSet="UTF-8";
$mail->isSMTP();
$mail->Host = $smtpAddress;
$mail->SMTPAuth = true;
$mail->Username = $smtpUsername;
$mail->Password = $smtpPassword;
$mail->SMTPSecure = $encryption;
$mail->Port = $smtpPort;
$stmt = $db->prepare('SELECT * FROM household WHERE id = :userId');
$stmt->bindValue(':userId', $userId, SQLITE3_INTEGER);
$result = $stmt->execute();
$user = $result->fetchArray(SQLITE3_ASSOC);
$email = !empty($user['email']) ? $user['email'] : $defaultEmail;
$name = !empty($user['name']) ? $user['name'] : $defaultName;
$mail->setFrom($fromEmail, 'Wallos App');
$mail->addAddress($email, $name);
$mail->Subject = 'Wallos Notification';
$mail->Body = $message;
if ($mail->send()) {
echo "Notifications sent";
} else {
echo "Error sending notifications: " . $mail->ErrorInfo;
}
$ntfy_title = 'Wallos Notification';
$ntfy_body = $message;
file_get_contents('https://ntfy.sh/canvas-progress-east', false, stream_context_create([
'http' => [
'method' => 'POST', // PUT also works
'header' =>
"Content-Type: text/plain\r\n" .
"Title: Subscription Alert",
'content' => $message
]
]));
}
} else {
echo "Nothing to notify.";

33
endpoints/notifications/save.php
View File

@ -7,11 +7,7 @@
$data = json_decode($postData, true);
if (
!isset($data["days"]) || $data['days'] == "" ||
!isset($data["smtpaddress"]) || $data["smtpaddress"] == "" ||
!isset($data["smtpport"]) || $data["smtpport"] == "" ||
!isset($data["smtpusername"]) || $data["smtpusername"] == "" ||
!isset($data["smtppassword"]) || $data["smtppassword"] == ""
!isset($data["days"]) || $data['days'] == ""
) {
$response = [
"success" => false,
@ -21,19 +17,10 @@
} else {
$enabled = $data["enabled"];
$days = $data["days"];
$smtpAddress = $data["smtpaddress"];
$smtpPort = $data["smtpport"];
$encryption = "tls";
if (isset($data["encryption"])) {
$encryption = $data["encryption"];
}
$smtpUsername = $data["smtpusername"];
$smtpPassword = $data["smtppassword"];
$fromEmail = $data["fromemail"];
$query = "SELECT COUNT(*) FROM notifications";
$result = $db->querySingle($query);
if ($result === false) {
$response = [
"success" => false,
@ -49,17 +36,17 @@
SET enabled = :enabled, days = :days, smtp_address = :smtpAddress, smtp_port = :smtpPort,
smtp_username = :smtpUsername, smtp_password = :smtpPassword, from_email = :fromEmail, encryption = :encryption";
}
$stmt = $db->prepare($query);
$stmt->bindValue(':enabled', $enabled, SQLITE3_INTEGER);
$stmt->bindValue(':days', $days, SQLITE3_INTEGER);
$stmt->bindValue(':smtpAddress', $smtpAddress, SQLITE3_TEXT);
$stmt->bindValue(':smtpPort', $smtpPort, SQLITE3_INTEGER);
$stmt->bindValue(':smtpUsername', $smtpUsername, SQLITE3_TEXT);
$stmt->bindValue(':smtpPassword', $smtpPassword, SQLITE3_TEXT);
$stmt->bindValue(':fromEmail', $fromEmail, SQLITE3_TEXT);
$stmt->bindValue(':encryption', $encryption, SQLITE3_TEXT);
$stmt->bindValue(':smtpAddress', "", SQLITE3_TEXT);
$stmt->bindValue(':smtpPort', 1, SQLITE3_INTEGER);
$stmt->bindValue(':smtpUsername', "", SQLITE3_TEXT);
$stmt->bindValue(':smtpPassword', "", SQLITE3_TEXT);
$stmt->bindValue(':fromEmail', "", SQLITE3_TEXT);
$stmt->bindValue(':encryption', "", SQLITE3_TEXT);
if ($stmt->execute()) {
$response = [
"success" => true,

110
includes/checksession.php
View File

@ -1,8 +1,26 @@
<?php
session_start();
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
$username = $_SESSION['username'];
$main_currency = $_SESSION['main_currency'];
session_start();
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
$username = $_SESSION['username'];
$main_currency = $_SESSION['main_currency'];
$sql = "SELECT * FROM user WHERE username = :username";
$stmt = $db->prepare($sql);
$stmt->bindValue(':username', $username, SQLITE3_TEXT);
$result = $stmt->execute();
$userData = $result->fetchArray(SQLITE3_ASSOC);
if ($userData === false) {
header('Location: logout.php');
exit();
}
if ($userData['avatar'] == "") {
$userData['avatar'] = "0";
}
} else {
// Read X-WebAuth-User header
if (isset($_SERVER['HTTP_X_WEBAUTH_USER'])) {
$username = $_SERVER['HTTP_X_WEBAUTH_USER'];
$sql = "SELECT * FROM user WHERE username = :username";
$stmt = $db->prepare($sql);
$stmt->bindValue(':username', $username, SQLITE3_TEXT);
@ -17,60 +35,56 @@
if ($userData['avatar'] == "") {
$userData['avatar'] = "0";
}
} else {
} else if (isset($_COOKIE['wallos_login'])) {
$cookie = explode('|', $_COOKIE['wallos_login'], 3);
$username = $cookie[0];
$token = $cookie[1];
$main_currency = $cookie[2];
if (isset($_COOKIE['wallos_login'])) {
$cookie = explode('|', $_COOKIE['wallos_login'], 3);
$username = $cookie[0];
$token = $cookie[1];
$main_currency = $cookie[2];
$sql = "SELECT * FROM user WHERE username = :username";
$stmt = $db->prepare($sql);
$stmt->bindValue(':username', $username, SQLITE3_TEXT);
$result = $stmt->execute();
$sql = "SELECT * FROM user WHERE username = :username";
$stmt = $db->prepare($sql);
$stmt->bindValue(':username', $username, SQLITE3_TEXT);
$result = $stmt->execute();
if ($result) {
$userData = $result->fetchArray(SQLITE3_ASSOC);
if (!isset($userData['id'])) {
$db->close();
header("Location: logout.php");
exit();
}
if ($userData['avatar'] == "") {
$userData['avatar'] = "0";
}
$userId = $userData['id'];
$main_currency = $userData['main_currency'];
$sql = "SELECT * FROM login_tokens WHERE user_id = ? AND token = ?";
$stmt = $db->prepare($sql);
$stmt->bindParam(1, $userId, SQLITE3_TEXT);
$stmt->bindParam(2, $token, SQLITE3_TEXT);
$result = $stmt->execute();
$row = $result->fetchArray(SQLITE3_ASSOC);
if ($row != false) {
$_SESSION['username'] = $username;
$_SESSION['token'] = $token;
$_SESSION['loggedin'] = true;
$_SESSION['main_currency'] = $main_currency;
} else {
$db->close();
header("Location: logout.php");
exit();
}
} else {
if ($result) {
$userData = $result->fetchArray(SQLITE3_ASSOC);
if (!isset($userData['id'])) {
$db->close();
header("Location: logout.php");
exit();
}
if ($userData['avatar'] == "") {
$userData['avatar'] = "0";
}
$userId = $userData['id'];
$main_currency = $userData['main_currency'];
$sql = "SELECT * FROM login_tokens WHERE user_id = ? AND token = ?";
$stmt = $db->prepare($sql);
$stmt->bindParam(1, $userId, SQLITE3_TEXT);
$stmt->bindParam(2, $token, SQLITE3_TEXT);
$result = $stmt->execute();
$row = $result->fetchArray(SQLITE3_ASSOC);
if ($row != false) {
$_SESSION['username'] = $username;
$_SESSION['token'] = $token;
$_SESSION['loggedin'] = true;
$_SESSION['main_currency'] = $main_currency;
} else {
$db->close();
header("Location: logout.php");
exit();
}
} else {
$db->close();
header("Location: login.php");
header("Location: logout.php");
exit();
}
} else {
$db->close();
header("Location: login.php");
exit();
}
}
?>

12
scripts/settings.js
View File

@ -848,22 +848,10 @@ function saveNotificationsButton() {
const enabled = document.getElementById("notifications").checked ? 1 : 0;
const days = document.getElementById("days").value;
const smtpAddress = document.getElementById("smtpaddress").value;
const smtpPort = document.getElementById("smtpport").value;
const encryption = document.querySelector('input[name="encryption"]:checked').value;
const smtpUsername = document.getElementById("smtpusername").value;
const smtpPassword = document.getElementById("smtppassword").value;
const fromEmail = document.getElementById("fromemail").value;
const data = {
enabled: enabled,
days: days,
smtpaddress: smtpAddress,
smtpport: smtpPort,
encryption: encryption,
smtpusername: smtpUsername,
smtppassword: smtpPassword,
fromemail: fromEmail
};
fetch('endpoints/notifications/save.php', {

26
settings.php
View File

@ -223,32 +223,8 @@
?>
</select>
</div>
<div class="form-group-inline">
<input type="text" name="smtpaddress" id="smtpaddress" placeholder="<?= translate('smtp_address', $i18n) ?>" value="<?= $notifications['smtp_address'] ?>" />
<input type="text" name="smtpport" id="smtpport" placeholder="<?= translate('port', $i18n) ?>" class="one-third" value="<?= $notifications['smtp_port'] ?>" />
</div>
<div class="form-group-inline">
<input type="radio" name="encryption" id="encryptiontls" value="tls" <?= $notifications['encryption'] == "tls" ? "checked" : "" ?> />
<label for="encryptiontls"><?= translate('tls', $i18n) ?></label>
<input type="radio" name="encryption" id="encryptionssl" value="ssl" <?= $notifications['encryption'] == "ssl" ? "checked" : "" ?> />
<label for="encryptionssl"><?= translate('ssl', $i18n) ?></label>
</div>
<div class="form-group-inline">
<input type="text" name="smtpusername" id="smtpusername" placeholder="<?= translate('smtp_username', $i18n) ?>" value="<?= $notifications['smtp_username'] ?>" />
</div>
<div class="form-group-inline">
<input type="password" name="smtppassword" id="smtppassword" placeholder="<?= translate('smtp_password', $i18n) ?>" value="<?= $notifications['smtp_password'] ?>" />
</div>
<div class="form-group-inline">
<input type="text" name="fromemail" id="fromemail" placeholder="<?= translate('from_email', $i18n) ?>" value="<?= $notifications['from_email'] ?>" />
</div>
<div class="settings-notes">
<p>
<i class="fa-solid fa-circle-info"></i> <?= translate('smtp_info', $i18n) ?></p>
<p>
</div>
<div class="buttons">
<input type="button" class="secondary-button thin" value="<?= translate('test', $i18n) ?>" id="testNotifications" onClick="testNotificationButton()"/>
<!-- <input type="button" class="secondary-button thin" value="--><?php //= translate('test', $i18n) ?><!--" id="testNotifications" onClick="testNotificationButton()"/>-->
<input type="submit" value="<?= translate('save', $i18n) ?>" id="saveNotifications" onClick="saveNotificationsButton()" class="thin"/>
</div>
</div>