diff options
| author | RaindropsSys <contact@minteck.org> | 2023-06-10 11:06:57 +0200 |
|---|---|---|
| committer | RaindropsSys <contact@minteck.org> | 2023-06-10 11:06:57 +0200 |
| commit | 6c620f7b9c483d25bab231baa50110f1c7b23174 (patch) | |
| tree | 2e3c1484529438854df47b48fd56c4fa87b58d3e | |
| parent | 82e1e0222c88b5df654767764c56fbc62c715bc5 (diff) | |
| download | delta-6c620f7b9c483d25bab231baa50110f1c7b23174.tar.gz delta-6c620f7b9c483d25bab231baa50110f1c7b23174.tar.bz2 delta-6c620f7b9c483d25bab231baa50110f1c7b23174.zip | |
Updated 11 files (automated)
| -rw-r--r-- | includes/changes.json | 18 | ||||
| -rw-r--r-- | includes/functions.php | 4 | ||||
| -rw-r--r-- | includes/header.php | 5 | ||||
| -rw-r--r-- | includes/oobe.php | 2 | ||||
| -rw-r--r-- | includes/rules.php | 1 | ||||
| -rw-r--r-- | includes/session.php | 2 | ||||
| -rw-r--r-- | lang/en.json | 4 | ||||
| -rw-r--r-- | lang/fr.json | 4 | ||||
| -rw-r--r-- | login/index.php | 80 | ||||
| -rw-r--r-- | register/submit/index.php | 5 | ||||
| -rw-r--r-- | version | 2 |
11 files changed, 112 insertions, 15 deletions
diff --git a/includes/changes.json b/includes/changes.json index d5beaad..0822a1f 100644 --- a/includes/changes.json +++ b/includes/changes.json @@ -1,5 +1,23 @@ [ { + "date": "2023-06-07 08:30", + "title": { + "en": "Here is Delta RC 2", + "fr": "Voici Delta RC 2" + }, + "message": { + "en": "A pretty major update that makes your Delta experience better. New login screen, new registration form, translations, better accuracy, and a ton of bug fixes.", + "fr": "Une mise à jour plutôt majeure qui rend votre expérience Delta meilleure. Un nouvel écran de connexion, un nouveau formulaire d'inscription, des traductions, une meilleure précision, et une tonne de problèmes corrigés." + }, + "version": "5.1.14-rc1", + "affects": { + "public": true, + "free": true, + "plus": true, + "ultra": true + } + }, + { "date": "2023-05-24 06:00", "title": { "en": "Here is Delta RC 1", diff --git a/includes/functions.php b/includes/functions.php index d741da6..f751cf2 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -81,10 +81,10 @@ function initLang(): void { if (isset($_PROFILE) && isset($_PROFILE["language"]) && !isset($_COOKIE["DeltaHandoffPalette"])) { genLang("en"); - genLang($_PROFILE["language"]); + genLang($_GET["hl"] ?? $_PROFILE["language"]); } else { genLang("en"); - genLang($_COOKIE["DeltaLanguage"] ?? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? "en", 0, 2)); + genLang($_GET["hl"] ?? $_COOKIE["DeltaLanguage"] ?? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? "en", 0, 2)); } } diff --git a/includes/header.php b/includes/header.php index b175bdc..d08f029 100644 --- a/includes/header.php +++ b/includes/header.php @@ -91,6 +91,11 @@ if (isset($_GET["__"])) { height: 24px; } + #desktop-navigation.mobile-show > div:nth-child(3) { + width: 100% !important; + overflow: auto; + } + .btn-with-img:hover img, .btn-with-img.dropdown-toggle.show img { filter: brightness(0%); } diff --git a/includes/oobe.php b/includes/oobe.php index 892664d..0405c60 100644 --- a/includes/oobe.php +++ b/includes/oobe.php @@ -235,7 +235,7 @@ <style> @media (max-width: 500px) { .oobe-container { - height: calc(100vh - 196px) !important; + height: calc(100vh - 196px - 56px) !important; } } diff --git a/includes/rules.php b/includes/rules.php index 921062c..466f620 100644 --- a/includes/rules.php +++ b/includes/rules.php @@ -1,4 +1,5 @@ <p><?= l("lang_rules_intro") ?></p> +<p><?= str_replace("%4", "</a>", str_replace("%2", "</a>", str_replace("%3", "<a href='https://policies.google.com/privacy' target='_blank'>", str_replace("%1", "<a href='https://policies.google.com/terms' target='_blank'>", l("lang_rules_recaptcha"))))) ?></p> <h2><?= l("lang_rules_sections_0") ?></h2> <ul> diff --git a/includes/session.php b/includes/session.php index cd155af..d904efa 100644 --- a/includes/session.php +++ b/includes/session.php @@ -61,7 +61,7 @@ function saveProfile(): void { file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/profiles/" . $_USER . ".json", pf_utf8_encode(json_encode($_PROFILE, JSON_PRETTY_PRINT))); } -$userLang = $_COOKIE["DeltaLanguage"] ?? (isset($_PROFILE) ? $_PROFILE["language"] : substr($_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? "en", 0, 2)); +$userLang = $_GET["hl"] ?? $_COOKIE["DeltaLanguage"] ?? (isset($_PROFILE) ? $_PROFILE["language"] : substr($_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? "en", 0, 2)); if (isset($_PROFILE)) { if (!isset($api) && date('d-m-Y') !== date('d-m-Y', strtotime($_PROFILE["last_seen"]))) { diff --git a/lang/en.json b/lang/en.json index b583a50..9d212da 100644 --- a/lang/en.json +++ b/lang/en.json @@ -25,7 +25,8 @@ "oauth2": { "notfound": "The email address from your Equestria.dev account (%1) is not registered on Delta" }, - "eqd": "Sign in with" + "eqd": "Sign in with", + "captcha": "We are unable to verify that you are not a robot, please try again." }, "home": { "title": "Dashboard", @@ -843,6 +844,7 @@ }, "rules": { "intro": "Delta users are part of a community. Therefore, as with any community, they have to abide to a specific set of rules to ensure their (and the others') experience stays enjoyable. Failure to abide to these rules will lead to punishments.", + "recaptcha": "Delta is using automated software to ensure the following rules are respected. Some of this software is provided by Google and their reCAPTCHA technology in accordance with their %1terms of service%2 and %3privacy policy%4. None of your Delta user data is sent to Google.", "sections": [ "Access to Delta", "Graphical and textual content", diff --git a/lang/fr.json b/lang/fr.json index b9e7bfa..2f821f2 100644 --- a/lang/fr.json +++ b/lang/fr.json @@ -25,7 +25,8 @@ "oauth2": { "notfound": "L'adresse courriel de votre compte Equestria.dev (%1) n'est pas valide sur Delta" }, - "eqd": "Se connecter avec" + "eqd": "Se connecter avec", + "captcha": "Nous ne parvenons pas à vérifier que vous n'êtes pas un robot, veuillez réessayer." }, "home": { "title": "Tableau de bord", @@ -843,6 +844,7 @@ }, "rules": { "intro": "Les utilisateurs de Delta font partie d'une communauté. De ce fait, comme pour toute communauté, ils doivent respecter certaines règles pour assurer que leur expérience (et celle des autres) reste agréable. Tout manquement à ces règles mènera à des sanctions.", + "recaptcha": "Delta utilise des programmes automatisés pour assurer le respect des règles suivantes. Certains de ces programmes sont fournis par Google et leur technologie reCAPTCHA en accord avec leurs %1conditions d'utilisation%2 et %3politique de confidentialité%4. Aucune de vos données utilisateur Delta ne sont transmises à Google.", "sections": [ "Accès à Delta", "Contenu textuel et graphique", diff --git a/login/index.php b/login/index.php index 2db1d41..95bf248 100644 --- a/login/index.php +++ b/login/index.php @@ -1,5 +1,6 @@ <?php +require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/recaptcha/src/autoload.php"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/functions.php"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/email.php"; @@ -18,6 +19,18 @@ $users = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] $app = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/email.json")), true); if (isset($_POST["p"]) && $_POST["p"] === "1") { + $recaptcha = new \ReCaptcha\ReCaptcha(trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/recaptcha-secret"))); + + if (!isset($_POST["g-recaptcha-response"])) { + $error = "lang_login_captcha"; + } else { + $resp = $recaptcha->setExpectedHostname(($_SERVER["HTTP_HOST"] === "192.168.1.121:81" ? "delta-staging" : "delta") . ".equestria.dev") + ->verify($_POST["g-recaptcha-response"], $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['REMOTE_ADDR']); + if (!$resp->isSuccess()) { + $error = "lang_login_captcha"; + } + } + if (!in_array($_POST["email"], array_keys($users))) { $error = "lang_login_notfound"; } @@ -43,11 +56,25 @@ if (isset($_POST["p"]) && $_POST["p"] === "1") { file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/codes.json", pf_utf8_encode(json_encode($list))); } } elseif (isset($_POST["p"]) && $_POST["p"] === "2") { + $recaptcha = new \ReCaptcha\ReCaptcha(trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/recaptcha-secret"))); + + if (!isset($_POST["g-recaptcha-response"])) { + $error = "lang_login_captcha"; + } else { + $resp = $recaptcha->setExpectedHostname(($_SERVER["HTTP_HOST"] === "192.168.1.121:81" ? "delta-staging" : "delta") . ".equestria.dev") + ->verify($_POST["g-recaptcha-response"], $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['REMOTE_ADDR']); + if (!$resp->isSuccess()) { + $error = "lang_login_captcha"; + } + } + $list = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/codes.json")), true); if (in_array($_POST['code'], array_keys($list)) && $list[$_POST['code']]["email"] === $_POST["email"]) { if (time() - strtotime($list[$_POST['code']]["date"]) > 900) { $error = "lang_login_invalid"; + $_GET["method"] = "email"; + $step = 1; } else { if ($_SERVER["HTTP_HOST"] === "192.168.1.121:81") { $cont = false; @@ -76,6 +103,8 @@ if (isset($_POST["p"]) && $_POST["p"] === "1") { } } else { $error = "lang_login_invalid"; + $_GET["method"] = "email"; + $step = 1; } } @@ -88,9 +117,23 @@ if (!isset($_GET["method"])) { } if ($step === 0 && $_GET["method"] === "hub") { - setcookie("DeltaReturnPage", $_GET["return"], 0, "/"); - header("Location: https://auth.equestria.horse/hub/api/rest/oauth2/auth?client_id=" . $app["oauth2_id"] . "&response_type=code&redirect_uri=https://" . ($_SERVER["HTTP_HOST"] === "192.168.1.121:81" ? "delta-staging" : "delta") . ".equestria.dev/login/oauth&scope=Hub&request_credentials=default&access_type=offline"); - die(); + $recaptcha = new \ReCaptcha\ReCaptcha(trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/recaptcha-secret"))); + + if (!isset($_POST["g-recaptcha-response"])) { + $error = "lang_login_captcha"; + } else { + $resp = $recaptcha->setExpectedHostname(($_SERVER["HTTP_HOST"] === "192.168.1.121:81" ? "delta-staging" : "delta") . ".equestria.dev") + ->verify($_POST["g-recaptcha-response"], $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['REMOTE_ADDR']); + if (!$resp->isSuccess()) { + $error = "lang_login_captcha"; + } else { + setcookie("DeltaReturnPage", $_GET["return"], 0, "/"); + header("Location: https://auth.equestria.horse/hub/api/rest/oauth2/auth?client_id=" . $app["oauth2_id"] . "&response_type=code&redirect_uri=https://" . ($_SERVER["HTTP_HOST"] === "192.168.1.121:81" ? "delta-staging" : "delta") . ".equestria.dev/login/oauth&scope=Hub&request_credentials=default&access_type=offline"); + die(); + } + } + + unset($_GET["method"]); } else if ($step === 0 && $_GET["method"] === "apply") { header("Location: /register"); die(); @@ -100,6 +143,12 @@ $title = "lang_login_title"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes ?> +<script src="https://www.google.com/recaptcha/api.js"></script> + +<style> + .grecaptcha-badge { visibility: hidden; } +</style> + <div class="container"> <?php global $palette; ?> <div style="background-color: #<?= $palette[0] ?>; position: fixed; inset: 0; display: flex; align-items: center; justify-content: center;"> <div style="background-color: #<?= $palette[2] ?>; padding: 20px; border-radius: 20px; text-align: center; width: 70vw; max-height: 80vh; overflow: auto; max-width: 500px;"> @@ -113,7 +162,7 @@ $title = "lang_login_title"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes <div class="alert alert-danger"><?= str_replace("%1", strip_tags($_GET["v"] ?? "-"), l($error)) ?></div> <?php endif; ?> - <form method="post"> + <form method="post" id="form"> <input type="hidden" name="p" value="1"> <p> @@ -122,16 +171,21 @@ $title = "lang_login_title"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes </label> </p> - <input type="submit" class="btn btn-primary" value="<?= l("lang_login_continue") ?>"> + <button class="btn btn-primary g-recaptcha" data-sitekey="<?= trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/recaptcha-site")) ?>" data-callback='onSubmit' data-action='submit'><?= l("lang_login_continue") ?></button> </form> <?php if (!isset($_COOKIE["DeltaHandoffPalette"])): ?> <hr> <div style="margin-top: 20px;"> - <a class="btn btn-outline-secondary" href="/login/?method=hub&return=<?= rawurlencode($_GET["return"]) ?>"><span style="vertical-align: middle; margin-right: 2px;"><?= l("lang_login_eqd") ?></span><img style="height: 36px;" alt="Equestria.dev" src="/equestriadev.svg"></a> + <form method="post" action="/login/?method=hub&return=<?= rawurlencode($_GET["return"]) ?>" id="oauth-form"> + <button class="btn btn-outline-secondary g-recaptcha" data-sitekey="<?= trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/recaptcha-site")) ?>" data-callback='onSubmit2' data-action='submit'><span style="vertical-align: middle; margin-right: 2px;"><?= l("lang_login_eqd") ?></span><img style="height: 36px;" alt="Equestria.dev" src="/equestriadev.svg"></button> + </form> <a style="display: block; margin-top: 5px;" href="/login/?method=apply&return=<?= rawurlencode($_GET["return"]) ?>"><?= l("lang_login_auth_apply") ?></a> </div> <?php endif; ?> + + <hr> + <small><?= str_replace("%4", '</a>', str_replace("%3", '<a href="https://policies.google.com/terms" target="_blank">', str_replace("%2", '</a>', str_replace("%1", '<a href="https://policies.google.com/privacy" target="_blank">', l("lang_register_recaptcha"))))) ?></small> <?php elseif ($step === 1): ?> <img src="/icons/code.svg?o" style="width: 48px; margin-bottom: 10px;"> <p><b><?= l("lang_login_code3") ?></b></p> @@ -141,7 +195,7 @@ $title = "lang_login_title"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes <div class="alert alert-danger"><?= l($error) ?></div> <?php endif; ?> - <form method="post"> + <form method="post" id="form"> <input type="hidden" name="p" value="2"> <input name="email" type="hidden" value="<?= $_POST["email"] ?>"> @@ -151,7 +205,7 @@ $title = "lang_login_title"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes </label> </p> - <input type="submit" class="btn btn-primary" value="<?= l("lang_login_continue") ?>"> + <button class="btn btn-primary g-recaptcha" data-sitekey="<?= trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/recaptcha-site")) ?>" data-callback='onSubmit' data-action='submit'><?= l("lang_login_continue") ?></button> </form> <?php endif; ?> <?php else: global $_USER; $user = json_decode(pf_utf8_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/profiles/" . $_USER . ".json")), true); ?> @@ -164,6 +218,16 @@ $title = "lang_login_title"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes </div> </div> +<script> + function onSubmit(_) { + document.getElementById("form").submit(); + } + + function onSubmit2(_) { + document.getElementById("oauth-form").submit(); + } +</script> + <br><br> <?php require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/footer.php"; ?>
\ No newline at end of file diff --git a/register/submit/index.php b/register/submit/index.php index 21c7966..d56bfd5 100644 --- a/register/submit/index.php +++ b/register/submit/index.php @@ -7,6 +7,11 @@ require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/email.php"; $recaptcha = new \ReCaptcha\ReCaptcha(trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/recaptcha-secret"))); header("Content-Type: text/plain"); +if (!isset($_POST["g-recaptcha-response"])) { + header("Location: /register/?error=captcha"); + die(); +} + $resp = $recaptcha->setExpectedHostname(($_SERVER["HTTP_HOST"] === "192.168.1.121:81" ? "delta-staging" : "delta") . ".equestria.dev") ->verify($_POST["g-recaptcha-response"], $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['REMOTE_ADDR']); if (!$resp->isSuccess()) { @@ -1 +1 @@ -5.1.14-rc2
\ No newline at end of file +5.2.15
\ No newline at end of file |