Skip to content

Commit

Permalink
merge dev
Browse files Browse the repository at this point in the history
  • Loading branch information
@nivcoo
nivcoo committed Dec 11, 2021
2 parents 86a8ea1 + 902871b commit a34b801
Show file tree
Hide file tree
Showing 17 changed files with 139 additions and 39 deletions.
1 change: 1 addition & 0 deletions app/Config/Schema/schema.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ class AppSchema extends CakeSchema
'id' => ['type' => 'integer', 'null' => false, 'default' => null, 'length' => 20, 'unsigned' => false, 'key' => 'primary'],
'user_id' => ['type' => 'integer', 'null' => false, 'default' => null, 'length' => 20, 'unsigned' => false],
'reason' => ['type' => 'text', 'null' => false, 'default' => null, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'],
'ip' => ['type' => 'string', 'null' => false, 'default' => null, 'length' => 50, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'],
'indexes' => [
'PRIMARY' => ['column' => 'id', 'unique' => 1]
],
Expand Down
6 changes: 5 additions & 1 deletion app/Config/core.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,11 @@
'renderer' => 'ExceptionRenderer',
'log' => true,
'skipLog' => [
'MissingControllerException'
'NotFoundException',
'ForbiddenException',
'MissingControllerException',
'BadRequestException',
'MissingActionException'
]
]);

Expand Down
39 changes: 31 additions & 8 deletions app/Controller/AppController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,14 +56,25 @@ public function beforeFilter()

$LoginCondition = $this->here != "/login" || !$this->EyPlugin->isInstalled('phpierre.signinup');

$this->loadModel("Maintenance");
if ($this->params['controller'] != "user" and $this->params['controller'] != "maintenance" and !$this->Permissions->can("BYPASS_MAINTENANCE") and $maintenance = $this->Maintenance->checkMaintenance($this->here, $this->Util) and $LoginCondition) {
$this->redirect([
'controller' => 'maintenance',
'action' => $maintenance['url'],
'plugin' => false,
'admin' => false
]);
if ($this->params['controller'] != "user" and $LoginCondition) {
if ($this->isIPBan($this->Util->getIP()) and $this->params['controller'] != "ban" and !$this->Permissions->can("BYPASS_BAN")) {
$this->redirect([
'controller' => 'ban',
'action' => 'ip',
'plugin' => false,
'admin' => false
]);
}

$this->loadModel("Maintenance");
if ($this->params['controller'] != "maintenance" and !$this->Permissions->can("BYPASS_MAINTENANCE") and $maintenance = $this->Maintenance->checkMaintenance($this->here, $this->Util)) {
$this->redirect([
'controller' => 'maintenance',
'action' => $maintenance['url'],
'plugin' => false,
'admin' => false
]);
}
}

// Plugin disabled
Expand Down Expand Up @@ -671,4 +682,16 @@ public function sendJSON($data)
$this->autoRender = false;
return $this->response->body(json_encode($data));
}

public function isIPBan($ip) {
$this->loadModel("Ban");
$ipIsBan = $this->Ban->find('first', ['conditions' => ['ip' => $ip]]);

if (isset($ipIsBan["Ban"])) {
$this->isBanned = $ipIsBan["Ban"]["reason"];
return $this->isBanned;
} else {
return false;
}
}
}
28 changes: 23 additions & 5 deletions app/Controller/BanController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,14 @@ function index() {
$this->set('reason', $this->User->isBanned());
}

function ip() {
if (!$this->isIPBan($this->Util->getIP()))
$this->redirect("/");

$this->set('title_for_layout', $this->Lang->get("BAN__BAN"));
$this->set('reason', $this->isBanned);
}

function admin_index()
{
if (!$this->isConnected || !$this->Permissions->can("MANAGE_BAN"))
Expand Down Expand Up @@ -42,15 +50,22 @@ function admin_add()
if (empty($this->request->data("reason")))
return $this->response->body(json_encode(['statut' => false, 'msg' => $this->Lang->get('ERROR__FILL_ALL_FIELDS')]));

$this->loadModel("User");
foreach ($this->request->data as $key => $v) {
if ($v != "on" || $key == "name")
if ($v != "on" || $key == "name" || strpos($key, "-ip"))
continue;

$this->Ban->create();
$this->Ban->set([
"user_id" => $key,
"reason" => $this->request->data("reason")
"user_id" => $key,
"reason" => $this->request->data("reason")
]);

if ($this->request->data($key . "-ip") == "on")
$this->Ban->set([
"ip" => $this->User->find("first", ["conditions" => ['id' => $key]])['User']['ip']
]);

$this->Ban->save();
}

Expand Down Expand Up @@ -93,7 +108,7 @@ public function admin_get_users_not_ban()
$this->modelClass = 'User';
$this->DataTable->initialize($this);
$this->paginate = [
'fields' => ['User.id', 'User.pseudo', 'User.rank'],
'fields' => ['User.id', 'User.pseudo', 'User.rank', 'User.ip'],
];
$this->DataTable->mDataProp = true;
$response = $this->DataTable->getResponse();
Expand All @@ -113,11 +128,14 @@ public function admin_get_users_not_ban()
$rank_name = (isset($available_ranks[$value['User']['rank']])) ? $available_ranks[$value['User']['rank']]['name'] : $available_ranks[0]['name'];
$rank = '<span class="label label-' . $rank_label . '">' . $rank_name . '</span>';
$checkbox = "<input type='checkbox' name=" . $value['User']['id'] . ">";
$banIpCheckbox = "<input type='checkbox' name=" . $value['User']['id'] . "-ip>";
$data[] = [
'User' => [
'pseudo' => $username,
'ban' => $checkbox,
'rank' => $rank
'banIp' => $banIpCheckbox,
'rank' => $rank,
'ip' => $value['User']['ip']
]
];
}
Expand Down
4 changes: 2 additions & 2 deletions app/Controller/MaintenanceController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@
class MaintenanceController extends AppController
{

public $components = ['Session'];
public $components = ['Session', 'Util'];

public function index($url = "")
{
$this->set('title_for_layout', $this->Lang->get('MAINTENANCE__TITLE'));
$this->loadModel("Maintenance");
$check = $this->Maintenance->checkMaintenance("/" . $url);
$check = $this->Maintenance->checkMaintenance("/" . $url, $this->Util);
if ($this->Permissions->can("BYPASS_MAINTENANCE") || !$check)
$this->redirect("/");
$msg = $check["reason"];
Expand Down
27 changes: 25 additions & 2 deletions app/Controller/PermissionsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,36 @@ function admin_index()
$this->layout = 'admin';

$this->loadModel('Rank');
$custom_ranks = $this->Rank->find('all');
$this->set(compact('custom_ranks'));
$all_ranks = [
[
"Rank" => [
'rank_id' => 0,
'name' => $this->Lang->get('GLOBAL__TYPE_NORMAL'),
],
],
[
"Rank" => [
'rank_id' => 2,
'name' => $this->Lang->get('USER__RANK_MODERATOR'),
],
],
];

$all_ranks = array_merge($all_ranks, $this->Rank->find('all'));
$this->set(compact('all_ranks'));


if ($this->request->is('post')) {
$permissions = [];

foreach ($all_ranks as $rank) {
$rank = $rank['Rank'];
$permissions[$rank['rank_id']] = [];
}

foreach ($this->request->data as $permission => $checked) {
if (is_array($checked))
continue;
list($permission, $rank) = explode('-', $permission);
$permissions[$rank][] = $permission;
}
Expand Down
2 changes: 1 addition & 1 deletion app/Controller/SocialController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ public function admin_save_ajax() {
if ($this->isConnected AND $this->Permissions->can('MANAGE_SOCIAL')) {
if ($this->request->is('post')) {
if (!empty($this->request->data)) {
$data = $this->request->data['xss']['social_button_order'];
$data = $this->request->data['social_button_order'];
$data = explode('&', $data);
$i = 1;
foreach ($data as $key => $value) {
Expand Down
5 changes: 5 additions & 0 deletions app/Controller/UserController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ function ajax_register()
$conditionsChecked = !empty($this->request->data['condition']) || !$this->Configuration->getKey('condition');
if (!empty($this->request->data['pseudo']) && !empty($this->request->data['password']) && $conditionsChecked && !empty($this->request->data['password_confirmation']) && !empty($this->request->data['email'])) { // si tout les champs sont bien remplis
//check uuid if needed
$this->request->data = $this->request->data['xss'];
if ($this->Configuration->getKey('check_uuid')) {
$pseudoToUUID = file_get_contents("https://api.mojang.com/users/profiles/minecraft/" . htmlentities($this->request->data['pseudo']));
if (!$pseudoToUUID) {
Expand Down Expand Up @@ -137,6 +138,7 @@ function ajax_login()
$this->response->type('json');
$this->loadModel('Authentification');
$this->loadModel('User');
$this->request->data = $this->request->data['xss'];
$user_login = $this->User->getAllFromUser($this->request->data['pseudo']);
$infos = $this->Authentification->find('first', ['conditions' => ['user_id' => $user_login['id'], 'enabled' => true]]);

Expand Down Expand Up @@ -279,6 +281,7 @@ function ajax_resetpasswd()
$this->response->type('json');
if ($this->request->is('ajax')) {
if (!empty($this->request->data['password']) and !empty($this->request->data['password2']) and !empty($this->request->data['email']) && !empty($this->request->data['key'])) {
$this->request->data = $this->request->data['xss'];
$reset = $this->User->resetPass($this->request->data, $this);
if (isset($reset['status']) && $reset['status'] === true) {
$this->Session->write('user', $reset['session']);
Expand Down Expand Up @@ -517,6 +520,7 @@ function change_pw()
if ($this->isConnected) {
if ($this->request->is('ajax')) {
if (!empty($this->request->data['password']) and !empty($this->request->data['password_confirmation'])) {
$this->request->data = $this->request->data['xss'];
$password = $this->Util->password($this->request->data['password'], $this->User->getKey('pseudo'));
$password_confirmation = $this->Util->password($this->request->data['password_confirmation'], $this->User->getKey('pseudo'), $password);
if ($password == $password_confirmation) {
Expand Down Expand Up @@ -775,6 +779,7 @@ function admin_edit_ajax()
if ($this->request->is('post')) {
$this->loadModel('User');
if (!empty($this->request->data['id']) && !empty($this->request->data['email']) && !empty($this->request->data['pseudo']) && (!empty($this->request->data['rank']) || $this->request->data['rank'] == 0)) {
$this->request->data = $this->request->data['xss'];
$findUser = $this->User->find('first',
['conditions' => ['id' => intval($this->request->data['id'])]]);
if (empty($findUser)) {
Expand Down
6 changes: 5 additions & 1 deletion app/View/Ban/admin_add.ctp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@
<th><?= $Lang->get('BAN__QUESTION') ?></th>
<th><?= $Lang->get('USER__TITLE') ?></th>
<th><?= $Lang->get('USER__RANK') ?></th>
<th>IP</th>
<th><?= $Lang->get('BAN__IP_QUESTION') ?></th>
</tr>
</thead>
</table>
Expand Down Expand Up @@ -55,7 +57,9 @@
"aoColumns": [
{mData: "User.ban", "bSearchable": false},
{mData: "User.pseudo", "bSearchable": true},
{mData: "User.rank", "bSearchable": false}
{mData: "User.rank", "bSearchable": false},
{mData: "User.ip", "bSearchable": true},
{mData: "User.banIp", "bSearchable": false}
]
});
});
Expand Down
2 changes: 2 additions & 0 deletions app/View/Ban/admin_index.ctp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
<tr>
<th><?= $Lang->get("USER__USERNAME") ?></th>
<th><?= $Lang->get("BAN__REASON") ?></th>
<th><?= $Lang->get("BAN__IS_BAN_IP") ?></th>
<th><?= $Lang->get("GLOBAL__ACTIONS")?></th>
</tr>
</thead>
Expand All @@ -27,6 +28,7 @@
}
} ?>
<td><?= $v["Ban"]["reason"] ?></td>
<td><?= $v["Ban"]["ip"] != null ? $v["Ban"]["ip"] : $Lang->get("BAN__NOT_BAN_IP") ?></td>
<td>
<a onClick="confirmDel('<?= $this->Html->url(['action' => 'unban', $v["Ban"]['id']]) ?>')"
class="btn btn-danger"><?= $Lang->get('BAN__UNBAN') ?></a>
Expand Down
10 changes: 10 additions & 0 deletions app/View/Ban/ip.ctp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
<br><br><br>
<div class="container">
<div class="row">
<div class="panel panel-default">
<div class="panel-body">
<?=$Lang->get("BAN__IP_EXPLICATION") . $reason ?>
</div>
</div>
</div>
</div>
25 changes: 10 additions & 15 deletions app/View/Permissions/admin_index.ctp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,41 +15,36 @@
<form action="" method="post">
<input name="data[_Token][key]" value="<?= $csrfToken ?>" type="hidden">

<table class="table table-bordered table-responsive-sm">
<table class="table table-bordered">
<thead>
<tr>
<th><?= $Lang->get('PERMISSIONS__LABEL') ?></th>
<th><?= $Lang->get('GLOBAL__TYPE_NORMAL') ?></th>
<th><?= $Lang->get('USER__RANK_MODERATOR') ?></th>
<th><?= $Lang->get('USER__RANK_ADMINISTRATOR') ?></th>
<?php
if (!empty($custom_ranks)) {
foreach ($custom_ranks as $k => $data) {
if (!empty($all_ranks)) {
foreach ($all_ranks as $k => $data) {
echo '<th>' . $data['Rank']['name'] . '</th>';
}
}
?>
<th><?= $Lang->get('USER__RANK_ADMINISTRATOR') ?></th>

</tr>
</thead>
<tbody>
<?php
foreach ($permissions as $permission => $ranks) { ?>
<tr>
<td><?= $Lang->get('PERMISSIONS__' . $permission) ?></td>
<td><input type="checkbox"
name="<?= $permission ?>-0"<?= ($ranks[0]) ? ' checked="checked"' : '' ?>>
</td>
<td><input type="checkbox"
name="<?= $permission ?>-2"<?= ($ranks[2]) ? ' checked="checked"' : '' ?>>
</td>
<td><input type="checkbox" checked="checked" disabled="disabled"></td>
<?php if (!empty($custom_ranks)) { ?>
<?php foreach ($custom_ranks as $k => $data) { ?>

<?php if (!empty($all_ranks)) { ?>
<?php foreach ($all_ranks as $k => $data) { ?>
<td><input type="checkbox"
name="<?= $permission ?>-<?= $data['Rank']['rank_id'] ?>"<?= (isset($ranks[$data['Rank']['rank_id']]) && $ranks[$data['Rank']['rank_id']]) ? ' checked="checked"' : '' ?>>
</td>
<?php } ?>

<?php } ?>
<td><input type="checkbox" checked="checked" disabled="disabled"></td>
</tr>
<?php } ?>
<tr>
Expand Down
7 changes: 3 additions & 4 deletions app/View/Social/admin_index.ctp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,10 +61,8 @@
items: '.item:not(.fixed)',
stop: function (event, ui) {
$('#save').empty().html('<?= $Lang->get('SOCIAL__SAVE_IN_PROGRESS') ?>');
var inputs = {};
var social_button_order = $(this).sortable('serialize');
inputs['social_button_order'] = social_button_order;
$('#social_button_order').text(social_button_order);
let inputs = {};
inputs['social_button_order'] = $(this).sortable('serialize');
inputs['data[_Token][key]'] = '<?= $csrfToken ?>';
$.post("<?= $this->Html->url(array('controller' => 'social', 'action' => 'save_ajax', 'admin' => true)) ?>", inputs, function(data) {
if(data.statut) {
Expand All @@ -79,3 +77,4 @@
});
});
</script>

4 changes: 4 additions & 0 deletions lang/en_UK.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -686,6 +686,7 @@
"BAN__MEMBERS": "Banned members",
"BAN__HOME": "Bans",
"BAN__QUESTION": "Ban?",
"BAN__IP_QUESTION": "IP's ban ?",
"BAN__REASON": "Reason for ban",
"BAN__ADD": "Ban one or more members",
"BAN__SUCCESS": "Banned member(s)",
Expand All @@ -694,6 +695,9 @@
"BAN__UNBAN_SUCCESS": "Ban revoked",
"BAN__BAN": "Banned",
"BAN__EXPLICATION": "You have been banned for ",
"BAN__IP_EXPLICATION": "Your IP have been banned for ",
"BAN__IS_BAN_IP" : "The IP have been banned ?",
"BAN__NOT_BAN_IP" : "The IP is not banned",

"SOCIAL__TITLE": "Manage social networks",
"SOCIAL__HOME": "Social networks",
Expand Down
4 changes: 4 additions & 0 deletions lang/en_US.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -691,6 +691,7 @@
"BAN__MEMBERS": "Banned members",
"BAN__HOME": "Bans",
"BAN__QUESTION": "Ban?",
"BAN__IP_QUESTION": "IP's ban ?",
"BAN__REASON": "Reason for ban",
"BAN__ADD": "Ban one or more members",
"BAN__SUCCESS": "Banned member(s)",
Expand All @@ -699,6 +700,9 @@
"BAN__UNBAN_SUCCESS": "Ban revoked",
"BAN__BAN": "Banned",
"BAN__EXPLICATION": "You have been banned for ",
"BAN__IP_EXPLICATION": "Your IP have been banned for ",
"BAN__IS_BAN_IP" : "The IP have been banned ?",
"BAN__NOT_BAN_IP" : "The IP is not banned",

"SOCIAL__TITLE": "Manage social networks",
"SOCIAL__HOME": "Social networks",
Expand Down
Loading

0 comments on commit a34b801

Please sign in to comment.