7 ani în urmă · 00d502b740
--- a/api/functions.php
+++ b/api/functions.php
@@ -2,27 +2,29 @@
 
				 // Set UTC timeone
			
 
				 date_default_timezone_set("UTC");
			
 
				 // Autoload frameworks
			
 
				-require_once(__DIR__.DIRECTORY_SEPARATOR.'vendor'.DIRECTORY_SEPARATOR.'autoload.php');
			
 
				+require_once(__DIR__ . DIRECTORY_SEPARATOR . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php');
			
 
				 // Include all function files
			
 
				-foreach (glob(__DIR__.DIRECTORY_SEPARATOR.'functions'.DIRECTORY_SEPARATOR.'*.php') as $filename) {
			
 
				-    require_once $filename;
			
 
				+foreach (glob(__DIR__ . DIRECTORY_SEPARATOR . 'functions' . DIRECTORY_SEPARATOR . '*.php') as $filename) {
			
 
				+	require_once $filename;
			
 
				 }
			
 
				+//Cookie name
			
 
				+$GLOBALS['cookieName'] = 'organizr_token_' . hash('sha256', parseDomain($_SERVER['HTTP_HOST']));
			
 
				 // Add in default and custom settings
			
 
				 configLazy();
			
 
				 // Define Logs and files after db location is set
			
 
				 if (isset($GLOBALS['dbLocation'])) {
			
 
				-    $GLOBALS['organizrLog'] = $GLOBALS['dbLocation'].'organizrLog.json';
			
 
				-    $GLOBALS['organizrLoginLog'] = $GLOBALS['dbLocation'].'organizrLoginLog.json';
			
 
				-    //Upgrade Check
			
 
				-    upgradeCheck();
			
 
				+	$GLOBALS['organizrLog'] = $GLOBALS['dbLocation'] . 'organizrLog.json';
			
 
				+	$GLOBALS['organizrLoginLog'] = $GLOBALS['dbLocation'] . 'organizrLoginLog.json';
			
 
				+	//Upgrade Check
			
 
				+	upgradeCheck();
			
 
				 }
			
 
				 // Validate Token if set and set guest if not - sets GLOBALS
			
 
				 getOrganizrUserToken();
			
 
				 // Include all pages files
			
 
				-foreach (glob(__DIR__.DIRECTORY_SEPARATOR.'pages' . DIRECTORY_SEPARATOR . "*.php") as $filename) {
			
 
				-    require_once $filename;
			
 
				+foreach (glob(__DIR__ . DIRECTORY_SEPARATOR . 'pages' . DIRECTORY_SEPARATOR . "*.php") as $filename) {
			
 
				+	require_once $filename;
			
 
				 }
			
 
				 // Include all plugin files
			
 
				-foreach (glob(__DIR__.DIRECTORY_SEPARATOR.'plugins' . DIRECTORY_SEPARATOR . "*.php") as $filename) {
			
 
				-    require_once $filename;
			
 
				+foreach (glob(__DIR__ . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . "*.php") as $filename) {
			
 
				+	require_once $filename;
			
 
				 }
			
--- a/api/functions/normal-functions.php
+++ b/api/functions/normal-functions.php
@@ -61,6 +61,17 @@ function parseDomain($value)
 
				 	} else {
			
 
				 		$Domain = '';
			
 
				 	}
			
 
				+	/*
			
 
				+	if (is_numeric($Domain[0]) || strpos($Domain, '.') == false) {
			
 
				+		$Domain = '';
			
 
				+	} else {
			
 
				+		if (substr($Domain, 0, 3) == 'www') {
			
 
				+			$Domain = substr($Domain, 3, strlen($Domain) - 3);
			
 
				+		} else {
			
 
				+			$Domain = '.' . $Domain;
			
 
				+		}
			
 
				+	}
			
 
				+	*/
			
 
				 	return $Domain;
			
 
				 }
			
 
				 
			
--- a/api/functions/organizr-functions.php
+++ b/api/functions/organizr-functions.php
@@ -59,6 +59,9 @@ function organizrSpecialSettings()
 
				 			'timer' => $GLOBALS['lockoutTimeout'],
			
 
				 			'minGroup' => $GLOBALS['lockoutMinAuth'],
			
 
				 			'maxGroup' => $GLOBALS['lockoutMaxAuth']
			
 
				+		),
			
 
				+		'user' => array(
			
 
				+			'agent' => isset($_SERVER ['HTTP_USER_AGENT']) ? $_SERVER ['HTTP_USER_AGENT'] : null
			
 
				 		)
			
 
				 	);
			
 
				 }
			
@@ -301,7 +304,7 @@ function editUser($array)
 
				 
			
 
				 function logout()
			
 
				 {
			
 
				-	coookie('delete', 'organizrToken');
			
 
				+	coookie('delete', $GLOBALS['cookieName']);
			
 
				 	coookie('delete', 'mpt');
			
 
				 	coookie('delete', 'Auth');
			
 
				 	$GLOBALS['organizrUser'] = false;
			
--- a/api/functions/sso-functions.php
+++ b/api/functions/sso-functions.php
@@ -58,7 +58,8 @@ function getTautulliToken($username, $password)
 
				 				$url = $value . '/auth/signin';
			
 
				 				$headers = array(
			
 
				 					"Accept" => "application/json",
			
 
				-					"Content-Type" => "application/x-www-form-urlencoded"
			
 
				+					"Content-Type" => "application/x-www-form-urlencoded",
			
 
				+					"User-Agent" => isset($_SERVER ['HTTP_USER_AGENT']) ? $_SERVER ['HTTP_USER_AGENT'] : null
			
 
				 				);
			
 
				 				$data = array(
			
 
				 					"username" => $username,
			
--- a/api/functions/token-functions.php
+++ b/api/functions/token-functions.php
@@ -81,7 +81,7 @@ function createToken($username, $email, $image, $group, $groupID, $key, $days =
 
				 		->getToken(); // Retrieves the generated token
			
 
				 		$jwttoken->getHeaders(); // Retrieves the token headers
			
 
				 		$jwttoken->getClaims(); // Retrieves the token claims
			
 
				-		coookie('set', 'organizrToken', $jwttoken, $days);
			
 
				+		coookie('set', $GLOBALS['cookieName'], $jwttoken, $days);
			
 
				 		// Add token to DB
			
 
				 		$addToken = [
			
 
				 			'token' => (string)$jwttoken,
			
@@ -112,7 +112,7 @@ function validateToken($token, $global = false)
 
				 				$tokenCheck = $database->fetch('SELECT * FROM tokens WHERE user_id = ? AND token = ?', $userInfo['userID'], $token);
			
 
				 				if (!$tokenCheck) {
			
 
				 					// Delete cookie & reload page
			
 
				-					coookie('delete', 'organizrToken');
			
 
				+					coookie('delete', $GLOBALS['cookieName']);
			
 
				 					$GLOBALS['organizrUser'] = false;
			
 
				 				}
			
 
				 				$result = $database->fetch('SELECT * FROM users WHERE id = ?', $userInfo['userID']);
			
@@ -135,16 +135,16 @@ function validateToken($token, $global = false)
 
				 		}
			
 
				 	} else {
			
 
				 		// Delete cookie & reload page
			
 
				-		coookie('delete', 'organizrToken');
			
 
				+		coookie('delete', $GLOBALS['cookieName']);
			
 
				 		$GLOBALS['organizrUser'] = false;
			
 
				 	}
			
 
				 }
			
 
				 
			
 
				 function getOrganizrUserToken()
			
 
				 {
			
 
				-	if (isset($_COOKIE['organizrToken'])) {
			
 
				+	if (isset($_COOKIE[$GLOBALS['cookieName']])) {
			
 
				 		// Get token form cookie and validate
			
 
				-		validateToken($_COOKIE['organizrToken'], true);
			
 
				+		validateToken($_COOKIE[$GLOBALS['cookieName']], true);
			
 
				 	} else {
			
 
				 		$GLOBALS['organizrUser'] = array(
			
 
				 			"token" => null,
			
--- a/api/plugins/config/php-mailer.php
+++ b/api/plugins/config/php-mailer.php
@@ -43,4 +43,5 @@ return array(
 
				 	'PHPMAILER-emailTemplateCustom-include-Four' => '',
			
 
				 	'PHPMAILER-emailTemplateCustom-include-FourName' => 'Template #4',
			
 
				 	'PHPMAILER-emailTemplateCustom-include-FourSubject' => '',
			
 
				+	'PHPMAILER-verifyCert' => true,
			
 
				 );
			
--- a/api/plugins/php-mailer.php
+++ b/api/plugins/php-mailer.php
@@ -132,7 +132,7 @@ function phpmSendTestEmail()
 
				 		$mail->Password = decrypt($GLOBALS['PHPMAILER-smtpHostPassword']);
			
 
				 		$mail->SMTPOptions = array(
			
 
				 			'ssl' => [
			
 
				-				'verify_peer' => true,
			
 
				+				'verify_peer' => $GLOBALS['PHPMAILER-verifyCert'],
			
 
				 				'verify_depth' => 3,
			
 
				 				'allow_self_signed' => true,
			
 
				 				'peer_name' => $GLOBALS['PHPMAILER-smtpHost'],
			
@@ -177,7 +177,7 @@ function phpmSendEmail($emailInfo)
 
				 		$mail->Password = decrypt($GLOBALS['PHPMAILER-smtpHostPassword']);
			
 
				 		$mail->SMTPOptions = array(
			
 
				 			'ssl' => [
			
 
				-				'verify_peer' => true,
			
 
				+				'verify_peer' => $GLOBALS['PHPMAILER-verifyCert'],
			
 
				 				'verify_depth' => 3,
			
 
				 				'allow_self_signed' => true,
			
 
				 				'peer_name' => $GLOBALS['PHPMAILER-smtpHost'],
			
@@ -271,7 +271,13 @@ function phpmGetSettings()
 
				 						'value' => 'n/a'
			
 
				 					)
			
 
				 				)
			
 
				-			)
			
 
				+			),
			
 
				+			array(
			
 
				+				'type' => 'switch',
			
 
				+				'name' => 'PHPMAILER-verifyCert',
			
 
				+				'label' => 'Verify Certificate',
			
 
				+				'value' => $GLOBALS['PHPMAILER-verifyCert']
			
 
				+			),
			
 
				 		),
			
 
				 		'Sender Information' => array(
			
 
				 			array(