s.probst/OpenXE
1
0
Fork 0
mirror of https://github.com/OpenXE-org/OpenXE.git synced 2024-11-14 20:17:14 +01:00
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into mirakl

Browse Source
This commit is contained in:
OpenXE 2024-08-25 20:16:38 +02:00
commit 4351fd7b9d
8 changed files with 473 additions and 450 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
classes/Modules/TOTPLogin/TOTPLoginService.php
View File

@ -270,7 +270,7 @@ class TOTPLoginService
$secret = $this->getTOTPSecret($userId);
}
$query = "otpauth://totp/{$label}?secret=" . $secret . '&issuer=Xentral&algorithm=SHA1&digits=6&period=30';
$query = "otpauth://totp/{$label}?secret=" . $secret . '&issuer=OpenXE&algorithm=SHA1&digits=6&period=30';
return $this->barcodeService->createQrCode($query);
}

28
cronjobs/cleaner.php
View File

@ -148,8 +148,7 @@ $tables = [
'templatemessage',
'shopimport_auftraege',
'versandzentrum_log',
'api_request_response_log',
'shopimport_amazon_fees',
'api_request_response_log'
];
$minMemoryMb = 1;
$minMemory = $minMemoryMb * 1024 * 1024;
@ -623,34 +622,11 @@ if($shopExportLogCleanerActive && $tage > 0) {
$shopExportLogCleanerActive = $app->erp->Firmendaten('cleaner_shopexportlog');
$tage = (int)$app->erp->Firmendaten('cleaner_shopexportlog_tage');
$isToDelete = !empty($tableSchemaByTables['shopimport_amazon_fees'])
&& !empty($tableSchemaByTables['shopimport_amazon_fees']['todelete']);
if((!$shopExportLogCleanerActive || $tage <= 0 || $tage > 30) && $isToDelete) {
$shopExportLogCleanerActive = true;
if($tage <= 0 || $tage > 30) {
$tage = 30;
}
}
if($shopExportLogCleanerActive && $tage > 0) {
if($tage < 30) {
$tage = 30;
}
$app->DB->Delete(
sprintf(
"DELETE FROM `shopimport_amazon_fees`
WHERE DATE_SUB(NOW(), INTERVAL %d DAY) >= `zeitstempel` OR `zeitstempel` = '0000-00-00 00:00:00'",
$tage
)
);
$affectedRows = $app->DB->affected_rows();
if(!empty($tableSchemaByTables['shopimport_amazon_fees'])
&& ($tableSchemaByTables['shopimport_amazon_fees']['todelete'] > 0)) {
$tableSchemaByTables['shopimport_amazon_fees']['todelete'] -= $affectedRows;
}
if($affectedRows > 0 && !empty($optimize['shopimport_amazon_fees'])) {
$app->DB->Query('OPTIMIZE TABLE `shopimport_amazon_fees`');
unset($optimize['shopimport_amazon_fees']);
}
$app->DB->Update(
"UPDATE prozessstarter SET letzteausfuerhung=NOW(),mutex=1,mutexcounter=0 WHERE parameter = 'cleaner' AND aktiv = 1"
);

17
database/struktur.sql
View File

@ -17873,6 +17873,23 @@ INSERT INTO `hook_register` (`hook_action`, `function`, `aktiv`, `position`, `ho
;
/* OpenXE 2024-02-03 für belegvorlagen */
/* OpenXE 2024-08-11 für TOTP */
INSERT INTO `hook`(`name`, `aktiv`, `parametercount`, `alias`, `description`) VALUES
('login_password_check_otp', 1, 3, '', '');
INSERT INTO `hook_register`(
`hook_action`, `function`, `aktiv`, `position`, `hook`, `module`, `module_parameter`) VALUES
( 0, 'TOTPCheckLogin', 1, 1, (SELECT id FROM hook WHERE NAME = 'login_password_check_otp' LIMIT 1), 'totp', 0);
/* OpenXE 2024-08-11 für TOTP */
/* OpenXE 2024-08-11 für Smarty shopimport */
INSERT INTO `hook` (`name`, `aktiv`, `parametercount`, `alias`, `description`) VALUES
('ImportAuftragBefore', 1, 4, '', '');
INSERT INTO `hook_register` (`hook_action`, `function`, `aktiv`, `position`, `hook`, `module`, `module_parameter`) VALUES
(0, 'ImportAuftragBeforeHook', 1, 1, (SELECT id FROM hook WHERE name = 'ImportAuftragBefore' LIMIT 1), 'onlineshops', 0);
/* OpenXE 2024-08-11 für Smarty shopimport */
/*
BelegPositionenButtons

2
phpwf/plugins/class.templateparser.php
View File

@ -616,7 +616,7 @@ class TemplateParser {
}
}
if(count($this->VARARRAY)>0)
if(!empty($this->VARARRAY))
foreach($this->VARARRAY as $key=>$value)
{
if($key!="")

4
tools/module_creator/module_creator_php_template.txt
View File

@ -36,7 +36,7 @@ class PLACEHOLDER_MODULECLASSNAME {
// columns that are aligned right (numbers etc)
// $alignright = array(4,5,6,7,8);
$findcols = array('PLACEHOLDER_ID_COLUMN','PLACEHOLDER_ID_COLUMN',PLACEHOLDER_SQL_COLUMNS);
$findcols = array('PLACEHOLDER_ID_COLUMN','PLACEHOLDER_ID_COLUMN',PLACEHOLDER_SQL_COLUMNS); // use 'null' for non-searchable columns
$searchsql = array(PLACEHOLDER_SQL_COLUMNS);
$defaultorder = 1;
@ -60,6 +60,8 @@ class PLACEHOLDER_MODULECLASSNAME {
$count = "SELECT count(DISTINCT id) FROM PLACEHOLDER_MODULENAME WHERE $where";
// $groupby = "";
// echo($sql." WHERE ".$where." ".$groupby);
break;
}

6
www/pages/content/verbindlichkeit_edit.tpl
View File

@ -62,7 +62,7 @@
{|Rechnungsdatum|}:
</td>
<td>
<input type="text" name="rechnungsdatum" id="rechnungsdatum" value="[RECHNUNGSDATUM]" size="20" [SAVEDISABLED]>
<input type="text" name="rechnungsdatum" id="rechnungsdatum" value="[RECHNUNGSDATUM]" size="20" [SAVEDISABLED] required>
</td>
</tr>
<tr>
@ -103,7 +103,7 @@
{|Zahlbar bis|}:
</td>
<td>
<input type="text" name="zahlbarbis" id="zahlbarbis" value="[ZAHLBARBIS]" size="20" [SAVEDISABLED]>
<input type="text" name="zahlbarbis" id="zahlbarbis" value="[ZAHLBARBIS]" size="20" [SAVEDISABLED]>&nbsp;<input type="number" name="zahlbarbis_tage" id="zahlbarbis_tage" size="4" [SAVEDISABLED]>&nbsp;Tage
</td>
</tr>
<tr>
@ -119,7 +119,7 @@
{|Skonto bis|}:
</td>
<td>
<input type="text" name="skontobis" id="skontobis" value="[SKONTOBIS]" size="20" [SAVEDISABLED]>
<input type="text" name="skontobis" id="skontobis" value="[SKONTOBIS]" size="20" [SAVEDISABLED]>&nbsp;<input type="number" name="skontobis_tage" id="skontobis_tage" size="4" [SAVEDISABLED]>&nbsp;Tage
</td>
</tr>
<tr>

261
www/pages/totp.php
View File

@ -1,134 +1,133 @@
<?php
/*
**** COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
*
* Xentral (c) Xentral ERP Sorftware GmbH, Fuggerstrasse 11, D-86150 Augsburg, * Germany 2019
*
* This file is licensed under the Embedded Projects General Public License *Version 3.1.
*
* You should have received a copy of this license from your vendor and/or *along with this file; If not, please visit www.wawision.de/Lizenzhinweis
* to obtain the text of the corresponding license version.
*
**** END OF COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
/*
**** COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
*
* Xentral (c) Xentral ERP Sorftware GmbH, Fuggerstrasse 11, D-86150 Augsburg, * Germany 2019
*
* This file is licensed under the Embedded Projects General Public License *Version 3.1.
*
* You should have received a copy of this license from your vendor and/or *along with this file; If not, please visit www.wawision.de/Lizenzhinweis
* to obtain the text of the corresponding license version.
*
**** END OF COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
*/
?>
<?php
use Xentral\Components\Http\JsonResponse;
use Xentral\Modules\TOTPLogin\TOTPLoginService;
class Totp
{
/** @var Application */
private $app;
/**
* Totp constructor.
*
* @param Application $app
* @param bool $intern
*/
public function __construct($app, $intern = false)
{
$this->app = $app;
if($intern) return;
$app->ActionHandlerInit($this);
$app->ActionHandler('generate', 'TOTPGenerateSecretJSON');
$app->ActionHandler('enable', 'TOTPEnable');
$app->ActionHandler('disable', 'TOTPDisable');
$app->ActionHandlerListen($app);
}
public function Install()
{
$tableName = 'user_totp';
$this->app->erp->CheckTable($tableName);
$this->app->erp->CheckColumn('id', 'UNSIGNED INT', $tableName, 'NOT NULL AUTO_INCREMENT');
$this->app->erp->CheckColumn('user_id', 'INT', $tableName, 'UNSIGNED NOT NULL');
$this->app->erp->CheckColumn('active', 'TINYINT(1)', $tableName, 'UNSIGNED DEFAULT 0');
$this->app->erp->CheckColumn('secret', 'VARCHAR(100)', $tableName, 'NOT NULL');
$this->app->erp->CheckColumn('created_at', 'TIMESTAMP', $tableName, 'DEFAULT NOW()');
$this->app->erp->CheckColumn('modified_at', 'TIMESTAMP', $tableName);
$this->app->erp->CheckIndex($tableName, 'user_id', true);
$this->app->erp->RegisterHook('login_password_check_otp', 'totp', 'TOTPCheckLogin', 1, false, null, 3);
}
function TOTPDisable(){
$action = $this->app->Secure->GetPOST('action');
if($action !== 'disable'){
return new JsonResponse(['status' => 'error', 'msg' => 'muss POST sein'], 400);
}
/** @var TOTPLoginService $totpLoginService */
$totpLoginService = $this->app->Container->get('TOTPLoginService');
$userId = $this->app->User->GetID();
$totpLoginService->disableTotp($userId);
return new JsonResponse(['status' => 'success']);
}
function TOTPEnable(){
$secret = $this->app->Secure->GetPOST('secret');
if(empty($secret)){
return new JsonResponse(['status' => 'error', 'msg' => 'Secret Empty'], 400);
}
/** @var TOTPLoginService $totpLoginService */
$totpLoginService = $this->app->Container->get('TOTPLoginService');
$userId = $this->app->User->GetID();
$totpLoginService->enableTotp($userId);
$totpLoginService->setUserSecret($userId, $secret);
return new JsonResponse(['status' => 'success']);
}
/**
* @param $userID
* @param $token
* @param $passwordValid
*
* @throws Exception
*/
public function TOTPCheckLogin($userID, $token, &$passwordValid)
{
/** @var TOTPLoginService $totpLoginService */
$totpLoginService = $this->app->Container->get('TOTPLoginService');
if(!$totpLoginService->isTOTPEnabled($userID)){
return;
}
$passwordValid = $totpLoginService->isTokenValid($userID, $token);
}
public function TOTPGenerateSecretJSON(){
/** @var TOTPLoginService $totpLoginService */
$totpLoginService = $this->app->Container->get('TOTPLoginService');
/** @var \Xentral\Components\Token\TOTPTokenManager $tokenManager */
$tokenManager = $this->app->Container->get('TOTPTokenManager');
$secret = $tokenManager->generateBase32Secret();
$label = 'Xentral' . ' | ' . $this->app->erp->GetFirmaName();
$qr = $totpLoginService->generatePairingQrCode($this->app->User->GetID(), $label, $secret);
return new JsonResponse(
[
'secret' => $secret,
'qr' => $qr->toHtml(4, 4)
]
);
}
}
<?php
use Xentral\Components\Http\JsonResponse;
use Xentral\Modules\TOTPLogin\TOTPLoginService;
class Totp
{
/** @var Application */
private $app;
/**
* Totp constructor.
*
* @param Application $app
* @param bool $intern
*/
public function __construct($app, $intern = false)
{
$this->app = $app;
if($intern) return;
$app->ActionHandlerInit($this);
$app->ActionHandler('generate', 'TOTPGenerateSecretJSON');
$app->ActionHandler('enable', 'TOTPEnable');
$app->ActionHandler('disable', 'TOTPDisable');
$app->ActionHandlerListen($app);
}
public function Install()
{
$tableName = 'user_totp';
$this->app->erp->CheckTable($tableName);
$this->app->erp->CheckColumn('id', 'UNSIGNED INT', $tableName, 'NOT NULL AUTO_INCREMENT');
$this->app->erp->CheckColumn('user_id', 'INT', $tableName, 'UNSIGNED NOT NULL');
$this->app->erp->CheckColumn('active', 'TINYINT(1)', $tableName, 'UNSIGNED DEFAULT 0');
$this->app->erp->CheckColumn('secret', 'VARCHAR(100)', $tableName, 'NOT NULL');
$this->app->erp->CheckColumn('created_at', 'TIMESTAMP', $tableName, 'DEFAULT NOW()');
$this->app->erp->CheckColumn('modified_at', 'TIMESTAMP', $tableName);
$this->app->erp->CheckIndex($tableName, 'user_id', true);
$this->app->erp->RegisterHook('login_password_check_otp', 'totp', 'TOTPCheckLogin', 1, false, null, 3);
}
function TOTPDisable(){
$action = $this->app->Secure->GetPOST('action');
if($action !== 'disable'){
return new JsonResponse(['status' => 'error', 'msg' => 'muss POST sein'], 400);
}
/** @var TOTPLoginService $totpLoginService */
$totpLoginService = $this->app->Container->get('TOTPLoginService');
$userId = $this->app->User->GetID();
$totpLoginService->disableTotp($userId);
return new JsonResponse(['status' => 'success']);
}
function TOTPEnable(){
$secret = $this->app->Secure->GetPOST('secret');
if(empty($secret)){
return new JsonResponse(['status' => 'error', 'msg' => 'Secret Empty'], 400);
}
/** @var TOTPLoginService $totpLoginService */
$totpLoginService = $this->app->Container->get('TOTPLoginService');
$userId = $this->app->User->GetID();
$totpLoginService->enableTotp($userId);
$totpLoginService->setUserSecret($userId, $secret);
return new JsonResponse(['status' => 'success']);
}
/**
* @param $userID
* @param $token
* @param $passwordValid
*
* @throws Exception
*/
public function TOTPCheckLogin($userID, $token, &$passwordValid)
{
/** @var TOTPLoginService $totpLoginService */
$totpLoginService = $this->app->Container->get('TOTPLoginService');
if(!$totpLoginService->isTOTPEnabled($userID)){
return;
}
$passwordValid = $totpLoginService->isTokenValid($userID, $token);
}
public function TOTPGenerateSecretJSON(){
/** @var TOTPLoginService $totpLoginService */
$totpLoginService = $this->app->Container->get('TOTPLoginService');
/** @var \Xentral\Components\Token\TOTPTokenManager $tokenManager */
$tokenManager = $this->app->Container->get('TOTPTokenManager');
$secret = $tokenManager->generateBase32Secret();
$label = 'OpenXE' . ':' . $this->app->User->Getname();
$qr = $totpLoginService->generatePairingQrCode($this->app->User->GetID(), $label, $secret);
return new JsonResponse(
[
'secret' => $secret,
'qr' => $qr->toHtml(4, 4)
]
);
}
}

603
www/pages/verbindlichkeit.php
View File

File diff suppressed because it is too large Load Diff