diff --git a/admin.php b/admin.php index 993d730a1..adf4b1289 100644 --- a/admin.php +++ b/admin.php @@ -11,7 +11,7 @@ $result = $stmt->execute(); $settings = $result->fetchArray(SQLITE3_ASSOC); - // get user accounts where id is not 1 + // get user accounts $stmt = $db->prepare('SELECT id, username, email FROM user ORDER BY id ASC'); $result = $stmt->execute(); @@ -20,7 +20,8 @@ $users[] = $row; } $userCount = is_array($users) ? count($users) : 0; - + + $loginDisabledAllowed = $userCount == 1 && $settings['registrations_open'] == 0; ?>
@@ -42,6 +43,9 @@

+

+ + By enabling user registrations, the setting to disable login will be unavailable.

@@ -76,6 +80,21 @@

+
+
+ /> + +
+
+

+ + +

+

+ + +

+
diff --git a/endpoints/admin/saveopenregistrations.php b/endpoints/admin/saveopenregistrations.php index 159cd5933..6d3f4c8a7 100644 --- a/endpoints/admin/saveopenregistrations.php +++ b/endpoints/admin/saveopenregistrations.php @@ -26,6 +26,31 @@ $maxUsers = $data['max_users']; $requireEmailVerification = $data['require_email_validation']; $serverUrl = $data['server_url']; + $disableLogin = $data['disable_login']; + + if ($disableLogin == 1) { + if ($openRegistrations == 1) { + echo json_encode([ + "success" => false, + "message" => translate('error', $i18n) + ]); + die(); + } + + $sql = "SELECT COUNT(*) as userCount FROM user"; + $stmt = $db->prepare($sql); + $result = $stmt->execute(); + $row = $result->fetchArray(SQLITE3_ASSOC); + $userCount = $row['userCount']; + + if ($userCount > 1) { + echo json_encode([ + "success" => false, + "message" => translate('error', $i18n) + ]); + die(); + } + } if ($requireEmailVerification == 1 && $serverUrl == "") { echo json_encode([ @@ -35,12 +60,13 @@ die(); } - $sql = "UPDATE admin SET registrations_open = :openRegistrations, max_users = :maxUsers, require_email_verification = :requireEmailVerification, server_url = :serverUrl"; + $sql = "UPDATE admin SET registrations_open = :openRegistrations, max_users = :maxUsers, require_email_verification = :requireEmailVerification, server_url = :serverUrl, login_disabled = :disableLogin WHERE id = 1"; $stmt = $db->prepare($sql); $stmt->bindParam(':openRegistrations', $openRegistrations, SQLITE3_INTEGER); $stmt->bindParam(':maxUsers', $maxUsers, SQLITE3_INTEGER); $stmt->bindParam(':requireEmailVerification', $requireEmailVerification, SQLITE3_INTEGER); $stmt->bindParam(':serverUrl', $serverUrl, SQLITE3_TEXT); + $stmt->bindParam(':disableLogin', $disableLogin, SQLITE3_INTEGER); $result = $stmt->execute(); if ($result) { diff --git a/includes/checksession.php b/includes/checksession.php index 1ebe9bcd8..9ceed0a57 100644 --- a/includes/checksession.php +++ b/includes/checksession.php @@ -46,10 +46,20 @@ } $userId = $userData['id']; $main_currency = $userData['main_currency']; - $sql = "SELECT * FROM login_tokens WHERE user_id = :userId AND token = :token"; - $stmt = $db->prepare($sql); - $stmt->bindParam(':userId', $userId, SQLITE3_TEXT); - $stmt->bindParam(':token', $token, SQLITE3_TEXT); + + $adminQuery = "SELECT login_disabled FROM admin"; + $adminResult = $db->query($adminQuery); + $adminRow = $adminResult->fetchArray(SQLITE3_ASSOC); + if ($adminRow['login_disabled'] == 1) { + $sql = "SELECT * FROM login_tokens WHERE user_id = :userId"; + $stmt = $db->prepare($sql); + $stmt->bindParam(':userId', $userId, SQLITE3_TEXT); + } else { + $sql = "SELECT * FROM login_tokens WHERE user_id = :userId AND token = :token"; + $stmt = $db->prepare($sql); + $stmt->bindParam(':userId', $userId, SQLITE3_TEXT); + $stmt->bindParam(':token', $token, SQLITE3_TEXT); + } $result = $stmt->execute(); $row = $result->fetchArray(SQLITE3_ASSOC); diff --git a/includes/getsettings.php b/includes/getsettings.php index 76d8bc4e6..135c7433a 100644 --- a/includes/getsettings.php +++ b/includes/getsettings.php @@ -27,4 +27,12 @@ $settings['customColors'] = $customColors; } +$query = "SELECT * FROM admin"; +$result = $db->query($query); +$adminSettings = $result->fetchArray(SQLITE3_ASSOC); + +if ($adminSettings) { + $settings['disableLogin'] = $adminSettings['login_disabled']; +} + ?> \ No newline at end of file diff --git a/includes/header.php b/includes/header.php index f3ed638a9..77c945a92 100644 --- a/includes/header.php +++ b/includes/header.php @@ -101,7 +101,13 @@ - + + + diff --git a/includes/i18n/de.php b/includes/i18n/de.php index 77f5f6caa..17edd02bb 100644 --- a/includes/i18n/de.php +++ b/includes/i18n/de.php @@ -275,6 +275,9 @@ "server_url" => "Server URL", "server_url_info" => "Wird für die E-Mail-Überprüfung und die Passwortwiederherstellung verwendet. Muss eine gültige öffentliche URL sein.", "server_url_password_reset" => "Wenn diese Option gesetzt ist, wird auch die Funktion zum Zurücksetzen des Passworts aktiviert.", + "disable_login" => "Login deaktivieren", + "disable_login_info" => "Anmeldung umgehen. Wenn Sie Ihren Server nur in einem lokalen Netzwerk betreiben, ohne Zugriff von außen, können Sie die Anmeldung deaktivieren. Dadurch wird automatisch der Admin-Benutzer angemeldet.", + "disable_login_info2" => "Sie können diese Einstellung nur aktivieren, wenn die Benutzerregistrierung ausgeschaltet ist und es nicht mehr als ein Admin-Benutzerkonto gibt.", "max_users_info" => "0 für unbegrenzte Anzahl an Benutzern", "user_management" => "Benutzerverwaltung", "delete_user" => "Benutzer löschen", diff --git a/includes/i18n/el.php b/includes/i18n/el.php index af6dfb82a..e79ec943a 100644 --- a/includes/i18n/el.php +++ b/includes/i18n/el.php @@ -275,6 +275,9 @@ "server_url" => "Διεύθυνση URL διακομιστή", "server_url_info" => "Χρησιμοποιείται για επαλήθευση email και ανάκτηση κωδικού πρόσβασης. Πρέπει να είναι ένα έγκυρο δημόσιο URL.", "server_url_password_reset" => "Εάν οριστεί, θα ενεργοποιήσει επίσης τη λειτουργία επαναφοράς κωδικού πρόσβασης.", + "disable_login" => "Απενεργοποίηση σύνδεσης", + "disable_login_info" => "Παράκαμψη σύνδεσης. Εάν εκτελείτε το διακομιστή σας μόνο σε τοπικό δίκτυο, χωρίς εξωτερική πρόσβαση, μπορείτε να απενεργοποιήσετε τη σύνδεση. Αυτό θα πραγματοποιήσει αυτόματα την είσοδο του χρήστη διαχειριστή.", + "disable_login_info2" => "Μπορείτε να ενεργοποιήσετε αυτή τη ρύθμιση μόνο εάν η εγγραφή χρηστών είναι απενεργοποιημένη και δεν υπάρχουν περισσότεροι από το λογαριασμό χρήστη διαχειριστή.", "max_users_info" => "Ο μέγιστος αριθμός χρηστών που μπορούν να εγγραφούν. Αν η τιμή είναι 0, δεν υπάρχει όριο.", "user_management" => "Διαχείριση χρηστών", "delete_user" => "Διαγραφή χρήστη", diff --git a/includes/i18n/en.php b/includes/i18n/en.php index 7a2d975be..1a717eefa 100644 --- a/includes/i18n/en.php +++ b/includes/i18n/en.php @@ -275,6 +275,9 @@ "server_url" => "Server URL", "server_url_info" => "Used for email verification and password recovery. Must be a valid public URL.", "server_url_password_reset" => "If set will also enable password reset functionality.", + "disable_login" => "Disable login", + "disable_login_info" => "Bypass login. If you run your server on a local network only, without external access you can disable the login. This will automatically login the admin user.", + "disable_login_info2" => "You can only enable this setting if user registration is disabled and there are no more than the admin user account.", "max_users_info" => "0 means unlimited", "user_management" => "User Management", "delete_user" => "Delete User", diff --git a/includes/i18n/es.php b/includes/i18n/es.php index 0180c4c66..42e78dcdf 100644 --- a/includes/i18n/es.php +++ b/includes/i18n/es.php @@ -275,6 +275,9 @@ "server_url" => "URL del Servidor", "server_url_info" => "Se utiliza para verificar el correo electrónico y recuperar la contraseña. Debe ser una URL pública válida.", "server_url_password_reset" => "Si se configura, también se habilitará la función de restablecimiento de contraseña.", + "disable_login" => "Deshabilitar Inicio de Sesión", + "disable_login_info" => "Omitir el inicio de sesión. Si ejecuta su servidor sólo en una red local, sin acceso externo, puede desactivar el inicio de sesión. Esto iniciará automáticamente la sesión del usuario administrador.", + "disable_login_info2" => "Sólo puede activar esta configuración si el registro de usuarios está desactivado y no hay más que la cuenta de usuario admin.", "max_users_info" => "0 para ilimitado", "user_management" => "Gestión de Usuarios", "delete_user" => "Eliminar Usuario", diff --git a/includes/i18n/fr.php b/includes/i18n/fr.php index 418a0a028..a52110ab4 100644 --- a/includes/i18n/fr.php +++ b/includes/i18n/fr.php @@ -275,6 +275,9 @@ "server_url" => "URL du serveur", "server_url_info" => "Utilisé pour la vérification du courrier électronique et la récupération du mot de passe. Il doit s'agir d'une URL publique valide.", "server_url_password_reset" => "Si cette option est activée, la fonction de réinitialisation du mot de passe sera également activée.", + "disable_login" => "Désactiver la connexion", + "disable_login_info" => "Contourner le login. Si vous utilisez votre serveur sur un réseau local uniquement, sans accès externe, vous pouvez désactiver le login. L'utilisateur admin se connectera automatiquement.", + "disable_login_info2" => "Vous ne pouvez activer ce paramètre que si l'enregistrement des utilisateurs est désactivé et qu'il n'y a pas d'autre compte utilisateur que celui de l'administrateur.", "max_users_info" => "0 signifie un nombre illimité d'utilisateurs", "user_management" => "Gestion des utilisateurs", "delete_user" => "Supprimer l'utilisateur", diff --git a/includes/i18n/it.php b/includes/i18n/it.php index 08c879c78..78bec30d6 100644 --- a/includes/i18n/it.php +++ b/includes/i18n/it.php @@ -291,6 +291,9 @@ "server_url" => "URL del server", "server_url_info" => "Utilizzato per la verifica dell'e-mail e il recupero della password. Deve essere un URL pubblico valido.", "server_url_password_reset" => "Se impostato, abilita anche la funzionalità di reimpostazione della password.", + "disable_login" => "Disabilita il login", + "disable_login_info" => "Bypassare il login. Se si gestisce il server solo su una rete locale, senza accesso esterno, è possibile disabilitare il login. In questo modo, l'utente amministratore effettuerà automaticamente il login.", + "disable_login_info2" => "Questa impostazione può essere attivata solo se la registrazione degli utenti è disattivata e non ci sono più account utente oltre a quello dell'amministratore.", "max_users_info" => "Impostare a 0 per un numero illimitato di utenti", "user_management" => "Gestione utenti", "delete_user" => "Elimina utente", diff --git a/includes/i18n/jp.php b/includes/i18n/jp.php index 7921c5e40..78944a5c2 100644 --- a/includes/i18n/jp.php +++ b/includes/i18n/jp.php @@ -275,6 +275,9 @@ "server_url" => "サーバーURL", "server_url_info" => "電子メール認証とパスワード回復に使用される。有効な公開URLでなければなりません。", "server_url_password_reset" => "設定すると、パスワードリセット機能も有効になる。", + "disable_login" => "ログインを無効にする", + "disable_login_info" => "ログインをバイパスします。サーバーをローカルネットワークのみで運用し、外部からのアクセスがない場合、ログインを無効にすることができます。これにより、管理者ユーザが自動的にログインします。", + "disable_login_info2" => "この設定を有効にできるのは、ユーザー登録がオフで、管理者以上のユーザーアカウントが存在しない場合のみです。", "max_users_info" => "0に設定すると無制限になります", "user_management" => "ユーザー管理", "delete_user" => "ユーザーを削除", diff --git a/includes/i18n/ko.php b/includes/i18n/ko.php index 96efe1ef7..cc084985b 100644 --- a/includes/i18n/ko.php +++ b/includes/i18n/ko.php @@ -275,6 +275,9 @@ "server_url" => "서버 URL", "server_url_info" => "이메일 인증 및 비밀번호 복구에 사용됩니다. 유효한 공개 URL이어야 합니다.", "server_url_password_reset" => "설정하면 비밀번호 재설정 기능도 활성화됩니다.", + "disable_login" => "로그인 비활성화", + "disable_login_info" => "로그인 우회. 외부 액세스 없이 로컬 네트워크에서만 서버를 실행하는 경우 로그인을 비활성화할 수 있습니다. 그러면 관리자 사용자가 자동으로 로그인됩니다.", + "disable_login_info2" => "이 설정은 사용자 등록이 해제되어 있고 관리자 사용자 계정이 없는 경우에만 활성화할 수 있습니다.", "max_users_info" => "0으로 설정하면 무제한으로 설정됩니다.", "user_management" => "유저 관리", "delete_user" => "유저 삭제", diff --git a/includes/i18n/pl.php b/includes/i18n/pl.php index 8a15ff296..84596a635 100644 --- a/includes/i18n/pl.php +++ b/includes/i18n/pl.php @@ -275,6 +275,9 @@ "server_url" => "Adres URL serwera", "server_url_info" => "Służy do weryfikacji adresu e-mail i odzyskiwania hasła. Musi to być prawidłowy publiczny adres URL.", "server_url_password_reset" => "Jeśli zostanie ustawiona, włączy również funkcję resetowania hasła.", + "disable_login" => "Wyłącz logowanie", + "disable_login_info" => "Obejście logowania. Jeśli serwer działa tylko w sieci lokalnej, bez dostępu z zewnątrz, można wyłączyć logowanie. Spowoduje to automatyczne zalogowanie użytkownika admin.", + "disable_login_info2" => "To ustawienie można włączyć tylko wtedy, gdy rejestracja użytkowników jest wyłączona i nie ma więcej niż konto administratora.", "max_users_info" => "Jeśli ustawisz 0, nie będzie limitu użytkowników.", "user_management" => "Zarządzanie użytkownikami", "delete_user" => "Usuń użytkownika", diff --git a/includes/i18n/pt.php b/includes/i18n/pt.php index a82ff8ae0..f5e6fbba2 100644 --- a/includes/i18n/pt.php +++ b/includes/i18n/pt.php @@ -275,6 +275,9 @@ "server_url" => "URL do Servidor", "server_url_info" => "Usado para gerar links de verificação de email. Deve ser um URL público e válido.", "server_url_password_reset" => "Se definido, também activará a funcionalidade de reposição da palavra-passe.", + "disable_login" => "Desactivar Inicio de Sessão", + "disable_login_info" => "Ultrapassar o início de sessão. Se o seu servidor funciona apenas numa rede local, sem acesso externo, pode desativar o início de sessão. Isto irá iniciar automaticamente a sessão do utilizador administrador.", + "disable_login_info2" => "Só pode ativar esta definição se o registo de utilizadores estiver desativado e se não houver mais do que a conta de utilizador administrador.", "max_users_info" => "0 para ilimitado", "user_management" => "Gestão de Utilizadores", "delete_user" => "Apagar Utilizador", diff --git a/includes/i18n/pt_br.php b/includes/i18n/pt_br.php index 512e2319b..94e7695fe 100644 --- a/includes/i18n/pt_br.php +++ b/includes/i18n/pt_br.php @@ -273,6 +273,9 @@ "server_url" => "URL do servidor", "server_url_info" => "Será usado para gerar links de verificação de email, deve ser um endereço público e válido.", "server_url_password_reset" => "Se definido, também ativará a funcionalidade de redefinição de senha.", + "disable_login" => "Desativar login", + "disable_login_info" => "Ignorar login. Se você executar o servidor somente em uma rede local, sem acesso externo, poderá desativar o login. Isso fará o login automático do usuário administrador.", + "disable_login_info2" => "Só é possível ativar essa configuração se o registro de usuário estiver desativado e não houver mais do que a conta de usuário administrador.", "max_users_info" => "0 para ilimitado", "user_management" => "Gerenciamento de usuários", "delete_user" => "Excluir usuário", diff --git a/includes/i18n/ru.php b/includes/i18n/ru.php index eb1fc0cb2..e46854293 100644 --- a/includes/i18n/ru.php +++ b/includes/i18n/ru.php @@ -275,6 +275,9 @@ "server_url" => "URL-адрес сервера", "server_url_info" => "Используется для проверки электронной почты и восстановления пароля. Должен быть действительным публичным URL.", "server_url_password_reset" => "Если этот параметр установлен, он также включает функцию сброса пароля.", + "disable_login" => "Отключить вход", + "disable_login_info" => "Обход входа в систему. Если вы используете свой сервер только в локальной сети, без доступа извне, вы можете отключить вход в систему. При этом будет автоматически входить пользователь admin.", + "disable_login_info2" => "Этот параметр можно включить только в том случае, если регистрация пользователей отключена и их количество не превышает учетную запись администратора.", "max_users_info" => "Установите 0 для неограниченного количества пользователей.", "user_management" => "Управление пользователями", "delete_user" => "Удалить пользователя", diff --git a/includes/i18n/sl.php b/includes/i18n/sl.php index 48e27df29..85051025f 100644 --- a/includes/i18n/sl.php +++ b/includes/i18n/sl.php @@ -275,6 +275,9 @@ "server_url" => "URL strežnika", "server_url_info" => "Uporablja se za preverjanje e-pošte in obnovitev gesla. Biti mora veljaven javni URL.", "server_url_password_reset" => "Če je nastavljeno, bo omogočena tudi funkcija ponastavitve gesla.", + "disable_login" => "Onemogoči prijavo", + "disable_login_info" => "Obidite prijavo. Če strežnik uporabljate samo v lokalnem omrežju brez zunanjega dostopa, lahko onemogočite prijavo. Tako se bo samodejno prijavil uporabnik administrator.", + "disable_login_info2" => "To nastavitev lahko omogočite le, če je registracija uporabnikov izklopljena in če ni več uporabniških računov, razen uporabniškega računa upravitelja.", "max_users_info" => "0 pomeni neomejeno", "user_management" => "Upravljanje uporabnikov", "delete_user" => "Izbriši uporabnika", diff --git a/includes/i18n/sr.php b/includes/i18n/sr.php index aa14614c9..e448508b8 100644 --- a/includes/i18n/sr.php +++ b/includes/i18n/sr.php @@ -274,6 +274,9 @@ "server_url" => "URL сервера", "server_url_info" => "Користи се за верификацију е-поште и опоравак лозинке. Мора да буде важећи јавни УРЛ.", "server_url_password_reset" => "Ако је подешено, такође ће се омогућити функција ресетовања лозинке.", + "disable_login" => "Онемогући пријаву", + "disable_login_info" => "Заобиђите пријаву. Ако свој сервер покрећете само на локалној мрежи, без спољног приступа можете да онемогућите пријаву. Ово ће аутоматски пријавити корисника администратора.", + "disable_login_info2" => "Ово подешавање се може омогућити само ако је регистрација корисника затворена и број корисничких налога не прелази администраторске налоге.", "max_users_info" => "Максималан број корисника који могу бити регистровани. 0 за неограничено.", "user_management" => "Управљање корисницима", "delete_user" => "Обриши корисника", diff --git a/includes/i18n/sr_lat.php b/includes/i18n/sr_lat.php index a51830bbe..707da24f5 100644 --- a/includes/i18n/sr_lat.php +++ b/includes/i18n/sr_lat.php @@ -275,6 +275,9 @@ "server_url" => "URL servera", "server_url_info" => "Koristi se za verifikaciju e-pošte i oporavak lozinke. Mora da bude važeći javni URL.", "server_url_password_reset" => "Ako je podešeno, takođe će se omogućiti funkcija resetovanja lozinke.", + "disable_login" => "Onemogući prijavu", + "disable_login_info" => "Zaobiđite prijavu. Ako svoj server pokrećete samo na lokalnoj mreži, bez spoljnog pristupa možete da onemogućite prijavu. Ovo će automatski prijaviti korisnika administratora.", + "disable_login_info2" => "Ovo podešavanje se može omogućiti samo ako je registracija korisnika zatvorena i broj korisničkih naloga ne prelazi administratorske naloge.", "max_users_info" => "0 za neograničen broj korisnika", "user_management" => "Upravljanje korisnicima", "delete_user" => "Izbriši korisnika", diff --git a/includes/i18n/tr.php b/includes/i18n/tr.php index 31ea59d70..2d39c9620 100644 --- a/includes/i18n/tr.php +++ b/includes/i18n/tr.php @@ -275,7 +275,10 @@ "server_url" => "Sunucu URL'si", "server_url_info" => "E-posta doğrulama ve şifre kurtarma için kullanılır. Geçerli bir genel URL olmalıdır.", "server_url_password_reset" => "Ayarlanırsa şifre sıfırlama işlevini de etkinleştirir.", - "max_users_info" => "0 veya boş bırakıldığında sınırsız kullanıcı sayısı", + "disable_login" => "Girişi devre dışı bırak", + "disable_login_info" => "Girişi atlayın. Sunucunuzu yalnızca yerel bir ağ üzerinde, harici erişim olmadan çalıştırıyorsanız, oturum açmayı devre dışı bırakabilirsiniz. Bu, yönetici kullanıcıyı otomatik olarak oturum açacaktır.", + "disable_login_info2" => "Bu ayarı yalnızca kullanıcı kaydı kapalıysa ve yönetici kullanıcı hesabından başka kullanıcı yoksa etkinleştirebilirsiniz.", + "max_users_info" => "0 veya boş bırakıldığında sınırsız kullanıcı sayısı", "user_management" => "Kullanıcı Yönetimi", "delete_user" => "Kullanıcıyı Sil", "delete_user_info" => "Bir kullanıcının silinmesi aynı zamanda tüm aboneliklerinin ve ayarlarının da silinmesine neden olur.", diff --git a/includes/i18n/zh_cn.php b/includes/i18n/zh_cn.php index b933855a7..eb41ddc00 100644 --- a/includes/i18n/zh_cn.php +++ b/includes/i18n/zh_cn.php @@ -290,9 +290,12 @@ "maximum_number_users" => "最大用户数", "require_email_verification" => "需要电子邮件验证", "configure_smtp_settings_to_enable" => "要启用此功能,请配置 SMTP 设置。", - "server_url" => "服务器 URL", + "server_url" => "服务器 URL", "server_url_info" => "用于电子邮件验证和密码恢复。必须是有效的公共 URL。", "server_url_password_reset" => "如果设置,还将启用密码重置功能。", + "disable_login" => "禁用登录", + "disable_login_info" => "旁路登录。如果服务器只在本地网络上运行,没有外部访问,则可以禁用登录。这会自动登录管理员用户。", + "disable_login_info2" => "只有在用户注册关闭且用户账户数不超过管理员账户时,才能启用此设置。", "max_users_info" => "设置为 0 以无限制用户数", "user_management" => "用户管理", "delete_user" => "删除用户", diff --git a/includes/i18n/zh_tw.php b/includes/i18n/zh_tw.php index 1401b12e3..28bb06b87 100644 --- a/includes/i18n/zh_tw.php +++ b/includes/i18n/zh_tw.php @@ -275,6 +275,9 @@ "server_url" => "伺服器 URL", "server_url_info" => "用於電子郵件驗證和密碼恢復。 必須是有效的公共 URL。", "server_url_password_reset" => "如果設置,還將啟用密碼重置功能。", + "disable_login" => "停用登入", + "disable_login_info" => "繞過登入。如果您僅在本機網路上執行伺服器,而沒有外部存取權限,則可以停用登入。這將自動登入管理員用戶。", + "disable_login_info2" => "只有在使用者註冊關閉且使用者帳戶數不超過管理員帳戶時,才能啟用此設定。", "max_users_info" => "設定為 0 以無限制使用者數", "user_management" => "使用者管理", "delete_user" => "刪除使用者", diff --git a/includes/version.php b/includes/version.php index 13b60f72b..0c2010750 100644 --- a/includes/version.php +++ b/includes/version.php @@ -1,3 +1,3 @@ diff --git a/login.php b/login.php index 879081903..501a9c1cf 100644 --- a/login.php +++ b/login.php @@ -20,6 +20,54 @@ exit(); } +// Check if login is disabled +$adminQuery = "SELECT login_disabled FROM admin"; +$adminResult = $db->query($adminQuery); +$adminRow = $adminResult->fetchArray(SQLITE3_ASSOC); +if ($adminRow['login_disabled'] == 1) { + + $query = "SELECT id, username, main_currency, language FROM user WHERE id = :id"; + $stmt = $db->prepare($query); + $stmt->bindValue(':id', 1, SQLITE3_INTEGER); + $result = $stmt->execute(); + $row = $result->fetchArray(SQLITE3_ASSOC); + + if ($row === false) { + // Something is wrong with admin user. Reenable login + $updateQuery = "UPDATE admin SET login_disabled = 0"; + $updateStmt = $db->prepare($updateQuery); + $updateStmt->execute(); + + $db->close(); + header("Location: login.php"); + } else { + $userId = $row['id']; + $main_currency = $row['main_currency']; + $username = $row['username']; + $language = $row['language']; + + $_SESSION['username'] = $username; + $_SESSION['loggedin'] = true; + $_SESSION['main_currency'] = $main_currency; + $_SESSION['userId'] = $userId; + $cookieExpire = time() + (30 * 24 * 60 * 60); + setcookie('language', $language, $cookieExpire); + + $query = "SELECT color_theme FROM settings"; + $stmt = $db->prepare($query); + $result = $stmt->execute(); + $settings = $result->fetchArray(SQLITE3_ASSOC); + setcookie('colorTheme', $settings['color_theme'], $cookieExpire); + + $cookieValue = $username . "|" . "abc123ABC" . "|" . $main_currency; + setcookie('wallos_login', $cookieValue, $cookieExpire); + + $db->close(); + header("Location: ."); + } +} + + $theme = "light"; if (isset($_COOKIE['theme'])) { $theme = $_COOKIE['theme']; diff --git a/migrations/000022.php b/migrations/000022.php new file mode 100644 index 000000000..bb7737ef6 --- /dev/null +++ b/migrations/000022.php @@ -0,0 +1,15 @@ +query("SELECT * FROM pragma_table_info('admin') where name='login_disabled'"); +$columnRequired = $columnQuery->fetchArray(SQLITE3_ASSOC) === false; + +if ($columnRequired) { + $db->exec('ALTER TABLE admin ADD COLUMN login_disabled BOOLEAN DEFAULT 0'); +} + +?> \ No newline at end of file diff --git a/scripts/admin.js b/scripts/admin.js index d335157a3..aa4e5acc5 100644 --- a/scripts/admin.js +++ b/scripts/admin.js @@ -165,12 +165,14 @@ function saveAccountRegistrationsButton () { const max_users = document.getElementById('maxUsers').value; const require_email_validation = document.getElementById('requireEmail').checked ? 1 : 0; const server_url = document.getElementById('serverUrl').value; + const disable_login = document.getElementById('disableLogin').checked ? 1 : 0; const data = { open_registrations: open_registrations, max_users: max_users, require_email_validation: require_email_validation, - server_url: server_url + server_url: server_url, + disable_login: disable_login }; fetch('endpoints/admin/saveopenregistrations.php', { diff --git a/styles/styles.css b/styles/styles.css index 882576bcd..aa7e80215 100644 --- a/styles/styles.css +++ b/styles/styles.css @@ -668,6 +668,11 @@ header #avatar { gap: 30px; } +.admin-form hr { + margin: 20px 0px; + color: var(--main-color); +} + .account-notifications-section { border: 1px solid #aaa; border-radius: 8px;