From 481e236fafa5e7ec5e283cf562097af39884f5b8 Mon Sep 17 00:00:00 2001
From: jokob-sk <jokob-sk@gmail.com>
Date: Thu, 29 May 2025 13:20:08 +1000
Subject: [PATCH] various fixes

---
 back/app.conf                           | 2 +-
 docs/PLUGINS.md                         | 6 +++---
 front/index.php                         | 6 +++---
 front/php/templates/auth.php            | 2 +-
 front/php/templates/language/de_de.json | 0
 front/php/templates/security.php        | 2 +-
 front/plugins/omada_sdn_imp/README.md   | 3 +++
 server/initialise.py                    | 2 +-
 8 files changed, 13 insertions(+), 10 deletions(-)
 mode change 100644 => 100755 front/php/templates/language/de_de.json

diff --git a/back/app.conf b/back/app.conf
index 13963958..bb53a13e 100755
--- a/back/app.conf
+++ b/back/app.conf
@@ -24,7 +24,7 @@ LOADED_PLUGINS=['ARPSCAN','CSVBCKP','DBCLNP', 'INTRNT','MAINT','NEWDEV','NSLOOKU
 
 DAYS_TO_KEEP_EVENTS=90
 # Used for generating links in emails. Make sure not to add a trailing slash!
-REPORT_DASHBOARD_URL='http://netalertx'
+REPORT_DASHBOARD_URL='http://127.0.0.1'
 
 # Make sure at least these scanners are enabled for new installs, other defaults are taken from the config.json
 INTRNT_RUN='schedule'
diff --git a/docs/PLUGINS.md b/docs/PLUGINS.md
index 664b4a22..7700a8ca 100755
--- a/docs/PLUGINS.md
+++ b/docs/PLUGINS.md
@@ -71,8 +71,8 @@ Device-detecting plugins insert values into the `CurrentScan` database table.  T
 | `NSLOOKUP`    | 🆎       | NSLookup (DNS-based) name resolution     |           |          | Script       | [nslookup_scan](https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/nslookup_scan/)                    |
 | `NTFPRCS`     | ⚙       | Notification processing                   |           |  Yes     | Template     | [notification_processing](https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/notification_processing/)|
 | `NTFY`        | ▶️      | NTFY notifications                        |           |          | Script       | [_publisher_ntfy](https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/_publisher_ntfy/)                |
-| `OMDSDN`      | 📥/🆎   | OMADA TP-Link import                      |   🖧 🔄  |          | Script       | [omada_sdn_imp](https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/omada_sdn_imp/)                    |
-| `OMDSDNOPENAPI`| 📥/🆎   | OMADA TP-Link import via OpenAPI        |   🖧      |          | Script       | [omada_sdn_openapi](https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/omada_sdn_openapi/)                    |
+| `OMDSDN`      | 📥/🆎 ❌  |  UNMAINTAINED use `OMDSDNOPENAPI`        |   🖧 🔄  |          | Script       | [omada_sdn_imp](https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/omada_sdn_imp/)                    |
+| `OMDSDNOPENAPI`| 📥/🆎   | OMADA TP-Link import via OpenAPI       |   🖧      |          | Script       | [omada_sdn_openapi](https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/omada_sdn_openapi/)                    |
 | `PIHOLE`      | 🔍/🆎/📥| Pi-hole device import & sync             |           |          | SQLite DB    | [pihole_scan](https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/pihole_scan/)                        |
 | `PUSHSAFER`   | ▶️      | Pushsafer notifications                   |           |          | Script       | [_publisher_pushsafer](https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/_publisher_pushsafer/)      |
 | `PUSHOVER`    | ▶️      | Pushover notifications                    |           |          | Script       | [_publisher_pushover](https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/_publisher_pushover/)        |
@@ -90,7 +90,7 @@ Device-detecting plugins insert values into the `CurrentScan` database table.  T
 
 
 > \* The database cleanup plugin (`DBCLNP`) is not _required_ but the app will become unusable after a while if not executed.
-> ❌ marked for removal
+> ❌ marked for removal/unmaintained - looking for help
 > ⌚It's recommended to use the same schedule interval for all plugins responsible for discovering new devices.
 
 
diff --git a/front/index.php b/front/index.php
index cb7fc79a..2fa50823 100755
--- a/front/index.php
+++ b/front/index.php
@@ -29,7 +29,7 @@ if (isset ($_GET["action"]) && $_GET["action"] == 'logout')
 }
 
 // Password without Cookie check -> pass and set initial cookie
-if (isset ($_POST["loginpassword"]) && $nax_Password == hash('sha256',$_POST["loginpassword"]))
+if (isset ($_POST["loginpassword"]) && $nax_Password === hash('sha256',$_POST["loginpassword"]))
 {
     header('Location: devices.php');
     $_SESSION["login"] = 1;
@@ -37,7 +37,7 @@ if (isset ($_POST["loginpassword"]) && $nax_Password == hash('sha256',$_POST["lo
 }
 
 // active Session or valid cookie (cookie not extends)
-if (( isset ($_SESSION["login"]) && ($_SESSION["login"] == 1)) || (isset ($_COOKIE[$CookieSaveLoginName]) && $nax_Password == $_COOKIE[$CookieSaveLoginName]))
+if (( isset ($_SESSION["login"]) && ($_SESSION["login"] == 1)) || (isset ($_COOKIE[$CookieSaveLoginName]) && $nax_Password === $_COOKIE[$CookieSaveLoginName]))
 {
     header('Location: devices.php');
     $_SESSION["login"] = 1;
@@ -53,7 +53,7 @@ $login_icon = 'fa-info';
 // no active session, cookie not checked
 if (isset ($_SESSION["login"]) == FALSE || $_SESSION["login"] != 1)
 {
-  if ($nax_Password == '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92') 
+  if ($nax_Password === '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92') 
   {
     $login_info = lang('Login_Default_PWD');
     $login_mode = 'danger';
diff --git a/front/php/templates/auth.php b/front/php/templates/auth.php
index 5cc39789..67010e67 100755
--- a/front/php/templates/auth.php
+++ b/front/php/templates/auth.php
@@ -21,7 +21,7 @@ $config_file_lines = array_values(preg_grep('/^SETPWD_password.*=/', $config_fil
 $password_line = explode("'", $config_file_lines[0]);
 $nax_Password = $password_line[1];
 
-if (isset($_COOKIE[$CookieSaveLoginName]) && $nax_Password == $_COOKIE[$CookieSaveLoginName]) {
+if (isset($_COOKIE[$CookieSaveLoginName]) && $nax_Password === $_COOKIE[$CookieSaveLoginName]) {
     $isAuthenticated = true;
 }
 
diff --git a/front/php/templates/language/de_de.json b/front/php/templates/language/de_de.json
old mode 100644
new mode 100755
diff --git a/front/php/templates/security.php b/front/php/templates/security.php
index 4a2518b3..e140eeaa 100755
--- a/front/php/templates/security.php
+++ b/front/php/templates/security.php
@@ -71,7 +71,7 @@ if ($nax_WebProtection == 'true') {
     $isLoggedIn = isset($_SESSION['login']) && $_SESSION['login'] == 1;
 
     // Determine if the user should be redirected
-    if ($isLoggedIn || $isLogonPage || (isset($_COOKIE[COOKIE_SAVE_LOGIN_NAME]) && $nax_Password == $_COOKIE[COOKIE_SAVE_LOGIN_NAME])) {
+    if ($isLoggedIn || $isLogonPage || (isset($_COOKIE[COOKIE_SAVE_LOGIN_NAME]) && $nax_Password === $_COOKIE[COOKIE_SAVE_LOGIN_NAME])) {
         // Logged in or stay on this page if we are on the index.php already
     } else {
         // We need to redirect
diff --git a/front/plugins/omada_sdn_imp/README.md b/front/plugins/omada_sdn_imp/README.md
index 90c29ac8..e21a1d34 100755
--- a/front/plugins/omada_sdn_imp/README.md
+++ b/front/plugins/omada_sdn_imp/README.md
@@ -1,5 +1,8 @@
 ## Overview
 
+> [!WARNING]
+> UNMAINTAINED - Looking for maintainers. If possible, use the `OMDSDNOPENAPI` instead.
+
 The OMADA SDN plugin aims at synchronizing data between NetAlertX and a TPLINK OMADA SND controler by leveraging a tplink omada python library.
 
 #### Features
diff --git a/server/initialise.py b/server/initialise.py
index fe8569d4..fac42004 100755
--- a/server/initialise.py
+++ b/server/initialise.py
@@ -163,7 +163,7 @@ def importConfigs (db, all_plugins):
     conf.LOG_LEVEL = ccd('LOG_LEVEL', 'verbose' , c_d, 'Log verboseness', '{"dataType":"string", "elements": [{"elementType" : "select", "elementOptions" : [] ,"transformers": []}]}', "['none', 'minimal', 'verbose', 'debug', 'trace']", 'General')
     conf.TIMEZONE = ccd('TIMEZONE', default_tz , c_d, 'Time zone', '{"dataType":"string", "elements": [{"elementType" : "input", "elementOptions" : [] ,"transformers": []}]}', '[]', 'General')    
     conf.PLUGINS_KEEP_HIST = ccd('PLUGINS_KEEP_HIST', 250 , c_d, 'Keep history entries', '{"dataType":"integer", "elements": [{"elementType" : "input", "elementOptions" : [{"type": "number"}] ,"transformers": []}]}', '[]', 'General') 
-    conf.REPORT_DASHBOARD_URL = ccd('REPORT_DASHBOARD_URL', 'http://netalertx/' , c_d, 'NetAlertX URL', '{"dataType":"string", "elements": [{"elementType" : "input", "elementOptions" : [] ,"transformers": []}]}', '[]', 'General')
+    conf.REPORT_DASHBOARD_URL = ccd('REPORT_DASHBOARD_URL', 'http://127.0.0.1/' , c_d, 'NetAlertX URL', '{"dataType":"string", "elements": [{"elementType" : "input", "elementOptions" : [] ,"transformers": []}]}', '[]', 'General')
     conf.DAYS_TO_KEEP_EVENTS = ccd('DAYS_TO_KEEP_EVENTS', 90 , c_d, 'Delete events days', '{"dataType":"integer", "elements": [{"elementType" : "input", "elementOptions" : [{"type": "number"}] ,"transformers": []}]}', '[]', 'General')
     conf.HRS_TO_KEEP_NEWDEV = ccd('HRS_TO_KEEP_NEWDEV', 0 , c_d, 'Keep new devices for', '{"dataType":"integer", "elements": [{"elementType" : "input", "elementOptions" : [{"type": "number"}] ,"transformers": []}]}', "[]", 'General')        
     conf.HRS_TO_KEEP_OFFDEV = ccd('HRS_TO_KEEP_OFFDEV', 0 , c_d, 'Keep offline devices for', '{"dataType":"integer", "elements": [{"elementType" : "input", "elementOptions" : [{"type": "number"}] ,"transformers": []}]}', "[]", 'General')