mirror of
https://github.com/opensourcepos/opensourcepos.git
synced 2026-07-13 16:32:49 -04:00
Bug Fixes
- Properly reference Cookie and Security settings values. - Instantiate IncomingRequest Instance in view. - Added return value of Login::index(). - Added missing return statement to Secure_Controller::is_logged_in()
This commit is contained in:
committed by
Steve Ireland
parent
d7a3bc2259
commit
936ccb93bf
@@ -4,6 +4,7 @@ namespace App\Controllers;
|
||||
|
||||
use App\Libraries\MY_Migration;
|
||||
use App\Models\Employee;
|
||||
use CodeIgniter\HTTP\RedirectResponse;
|
||||
use Config\Migrations;
|
||||
use Config\Services;
|
||||
|
||||
@@ -14,7 +15,7 @@ class Login extends BaseController
|
||||
{
|
||||
protected $helpers = ['form'];
|
||||
|
||||
public function index()
|
||||
public function index(): RedirectResponse
|
||||
{
|
||||
$this->employee = model('Employee');
|
||||
|
||||
@@ -39,10 +40,10 @@ class Login extends BaseController
|
||||
// }
|
||||
}
|
||||
|
||||
// return redirect()->to('home');
|
||||
return redirect()->to('home');
|
||||
}
|
||||
|
||||
/* public function login_check(string $username): bool
|
||||
public function login_check(string $username): bool
|
||||
{
|
||||
if(!$this->installation_check())
|
||||
{
|
||||
@@ -127,5 +128,5 @@ class Login extends BaseController
|
||||
}
|
||||
|
||||
return $result;
|
||||
}*/
|
||||
}
|
||||
}
|
||||
@@ -26,15 +26,15 @@ class Secure_Controller extends BaseController
|
||||
|
||||
if(!$this->employee->is_logged_in())
|
||||
{
|
||||
redirect()->to('login');
|
||||
return redirect()->to('login');
|
||||
}
|
||||
|
||||
$logged_in_employee_info = $this->employee->get_logged_in_employee_info();
|
||||
// if(!$this->employee->has_module_grant($module_id, $logged_in_employee_info->person_id)
|
||||
// || (isset($submodule_id) && !$this->employee->has_module_grant($submodule_id, $logged_in_employee_info->person_id)))
|
||||
// {
|
||||
if(!$this->employee->has_module_grant($module_id, $logged_in_employee_info->person_id)
|
||||
|| (isset($submodule_id) && !$this->employee->has_module_grant($submodule_id, $logged_in_employee_info->person_id)))
|
||||
{
|
||||
redirect("no_access/$module_id/$submodule_id");
|
||||
// }
|
||||
}
|
||||
|
||||
// load up global data visible to all the loaded views
|
||||
$this->session = session();
|
||||
|
||||
@@ -2,10 +2,14 @@
|
||||
/**
|
||||
* @var object $user_info
|
||||
* @var array $allowed_modules
|
||||
* @var CodeIgniter\HTTP\IncomingRequest $request
|
||||
*/
|
||||
|
||||
$request = \Config\Services::request();
|
||||
helper('cookie');
|
||||
?>
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" lang="<?php echo $this->request->getLocale() ?>">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" lang="<?php echo $request->getLocale() ?>">
|
||||
<head>
|
||||
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
|
||||
<base href="<?php echo base_url() ?>" />
|
||||
@@ -13,7 +17,7 @@
|
||||
<link rel="shortcut icon" type="image/x-icon" href="<?php echo base_url() ?>favicon.ico">
|
||||
<link rel="stylesheet" type="text/css" href="<?php echo 'dist/bootswatch/' . (empty(config('OSPOS')->settings['theme']) ? 'flatly' : esc(config('OSPOS')->settings['theme'])) . '/bootstrap.min.css' ?>"/>
|
||||
|
||||
<?php if ($this->request->cookie('debug') == 'true' || $this->request->getGet('debug') == 'true') : ?>
|
||||
<?php if (get_cookie('debug') == 'true' || $request->getGet('debug') == 'true') : ?>
|
||||
<!-- bower:css -->
|
||||
<link rel="stylesheet" href="bower_components/jquery-ui/themes/base/jquery-ui.css" />
|
||||
<link rel="stylesheet" href="bower_components/bootstrap3-dialog/dist/css/bootstrap-dialog.min.css" />
|
||||
@@ -115,7 +119,7 @@
|
||||
|
||||
<div class="navbar-right" style="margin:0">
|
||||
<?php echo anchor(esc("home/change_password/$user_info->person_id", 'url'), esc("$user_info->first_name $user_info->last_name", 'attr'), ['class' => 'modal-dlg', 'data-btn-submit' => lang('Common.submit'), 'title' => lang('Employees.change_password')]) ?>
|
||||
<?php echo ' | ' . ($this->request->getGet('debug') == 'true' ? $this->session->get('session_sha1') . ' | ' : '') ?>
|
||||
<?php echo ' | ' . ($request->getGet('debug') == 'true' ? $this->session->get('session_sha1') . ' | ' : '') ?>
|
||||
<?php echo anchor('home/logout', lang('Login.logout')) ?>
|
||||
</div>
|
||||
|
||||
|
||||
@@ -16,18 +16,18 @@
|
||||
from: "<?php echo esc(config('OSPOS')->settings['notify_vertical_position'], 'js') ?>"
|
||||
}});
|
||||
|
||||
var cookie_name = "<?php echo esc(config('OSPOS')->settings['cookie_prefix'], 'js') . esc(config('OSPOS')->settings['csrf_cookie_name'], 'js') ?>";
|
||||
var cookie_name = "<?php echo esc(config('Cookie')->prefix, 'js') . esc(config('Security')->cookieName, 'js') ?>";
|
||||
|
||||
var csrf_token = function() {
|
||||
return Cookies.get(cookie_name);
|
||||
};
|
||||
|
||||
var csrf_form_base = function() {
|
||||
return { <?php echo esc($this->security->get_csrf_token_name(), 'js') ?> : function () { return csrf_token() } }
|
||||
return { <?php echo esc(config('Security')->tokenName, 'js') ?> : function () { return csrf_token() } }
|
||||
};
|
||||
|
||||
var setup_csrf_token = function() {
|
||||
$('input[name="<?php echo esc($this->security->get_csrf_token_name(), 'js') ?>"]').val(csrf_token());
|
||||
$('input[name="<?php echo esc(config('Security')->tokenName, 'js') ?>"]').val(csrf_token());
|
||||
};
|
||||
|
||||
var ajax = $.ajax;
|
||||
@@ -55,7 +55,7 @@
|
||||
$.ajax({
|
||||
url: "<?php echo site_url('home/logout'); ?>",
|
||||
data: {
|
||||
"<?php echo $this->security->get_csrf_token_name(); ?>": csrf_token()
|
||||
"<?php echo esc(config('Security')->tokenName, 'js'); ?>": csrf_token()
|
||||
},
|
||||
success: function() {
|
||||
window.location.href = '<?php echo site_url(); ?>';
|
||||
|
||||
Reference in New Issue
Block a user