Merge fixes into v5.5 branch (#12)

---------
Co-authored-by: codacy-production[bot] <61871480+codacy-production[bot]@users.noreply.github.com>
This commit is contained in:
floppydiskette 2023-07-29 18:03:13 +01:00 committed by Frankie B
parent e15ea940b3
commit 8c0a2a6383
18 changed files with 59 additions and 408 deletions

View file

@ -18,17 +18,20 @@ public function guestbookPost(Request $request) {
$matching_bans = DB::select('SELECT reason FROM guestbook__bans WHERE ip_address = ?', array($request->ip())); $matching_bans = DB::select('SELECT reason FROM guestbook__bans WHERE ip_address = ?', array($request->ip()));
if (count($matching_bans) > 0 ) { if (!empty($matching_bans)) {
return view('errors.guestbook-ipban')->with('reason', $matching_bans[0]->reason); return view('errors.guestbook-ipban')->with('reason', $matching_bans[0]->reason);
} }
DB::insert('INSERT INTO guestbook__entries (name, timestamp, ip_address, agent, message) values (?, ?, ?, ?, ?)', array( DB::insert(
htmlspecialchars($request->get('name')), 'INSERT INTO guestbook__entries (name, timestamp, ip_address, agent, message) values (?, ?, ?, ?, ?)',
time(), [
$request->ip(), htmlspecialchars($request->get('name')),
$request->userAgent(), time(),
htmlspecialchars($request->get('message')) $request->ip(),
)); $request->userAgent(),
htmlspecialchars($request->get('message'))
]
);
return back()->with('success', 'Entry submitted successfully!'); return back()->with('success', 'Entry submitted successfully!');
} }

View file

@ -11,7 +11,5 @@ class PreventRequestsDuringMaintenance extends Middleware
* *
* @var array<int, string> * @var array<int, string>
*/ */
protected $except = [ protected $except = [];
//
];
} }

View file

@ -17,14 +17,14 @@ class RateLimiter
public function handle(Request $request, Closure $next): Response public function handle(Request $request, Closure $next): Response
{ {
$ipAddress = $request->ip(); $ipAddress = $request->ip();
$cacheKey = 'rate_limit_' . $ipAddress; $cacheKey = 'rate_limit_'.$ipAddress;
if (Cache::has($cacheKey)) { if (Cache::has($cacheKey)) {
// If the cache key exists, the IP has submitted an entry within the last hour // If the cache key exists, the IP has submitted an entry within the last hour.
return response()->view('errors.guestbook-ratelimit', [], 429); return response()->view('errors.guestbook-ratelimit', [], 429);
} }
// Add the IP address to the cache and set the expiration time to one hour // Add the IP address to the cache and set the expiration time to one hour.
Cache::put($cacheKey, true, 3600); Cache::put($cacheKey, true, 3600);
return $next($request); return $next($request);

View file

@ -26,5 +26,5 @@ public function handle(Request $request, Closure $next, string ...$guards): Resp
} }
return $next($request); return $next($request);
} } // End handle().
} }

View file

@ -19,10 +19,11 @@ class TrustProxies extends Middleware
* *
* @var int * @var int
*/ */
protected $headers = protected $headers =(
Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_FOR |
Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_HOST |
Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PORT |
Request::HEADER_X_FORWARDED_PROTO | Request::HEADER_X_FORWARDED_PROTO |
Request::HEADER_X_FORWARDED_AWS_ELB; Request::HEADER_X_FORWARDED_AWS_ELB
);
} }

View file

@ -11,7 +11,5 @@ class VerifyCsrfToken extends Middleware
* *
* @var array<int, string> * @var array<int, string>
*/ */
protected $except = [ protected $except = [];
//
];
} }

View file

@ -2,7 +2,6 @@
namespace App\Providers; namespace App\Providers;
// use Illuminate\Support\Facades\Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
class AuthServiceProvider extends ServiceProvider class AuthServiceProvider extends ServiceProvider

View file

@ -4,187 +4,30 @@
use Illuminate\Support\ServiceProvider; use Illuminate\Support\ServiceProvider;
return [ return [
/*
|--------------------------------------------------------------------------
| Application Name
|--------------------------------------------------------------------------
|
| This value is the name of your application. This value is used when the
| framework needs to place the application's name in a notification or
| any other location as required by the application or its packages.
|
*/
'name' => env('APP_NAME', 'diskfloppy.me'), 'name' => env('APP_NAME', 'diskfloppy.me'),
'version' => '5.5.0', 'version' => '5.5.0',
/*
|--------------------------------------------------------------------------
| Application Environment
|--------------------------------------------------------------------------
|
| This value determines the "environment" your application is currently
| running in. This may determine how you prefer to configure various
| services the application utilizes. Set this in your ".env" file.
|
*/
'env' => env('APP_ENV', 'production'), 'env' => env('APP_ENV', 'production'),
/*
|--------------------------------------------------------------------------
| Application Debug Mode
|--------------------------------------------------------------------------
|
| When your application is in debug mode, detailed error messages with
| stack traces will be shown on every error that occurs within your
| application. If disabled, a simple generic error page is shown.
|
*/
'debug' => (bool) env('APP_DEBUG', false), 'debug' => (bool) env('APP_DEBUG', false),
/*
|--------------------------------------------------------------------------
| Application URL
|--------------------------------------------------------------------------
|
| This URL is used by the console to properly generate URLs when using
| the Artisan command line tool. You should set this to the root of
| your application so that it is used when running Artisan tasks.
|
*/
'url' => env('APP_URL', 'http://localhost'), 'url' => env('APP_URL', 'http://localhost'),
'api_root' => env('API_ROOT', 'http://localhost:3000'), 'api_root' => env('API_ROOT', 'http://localhost:3000'),
'asset_url' => env('ASSET_URL'), 'asset_url' => env('ASSET_URL'),
/*
|--------------------------------------------------------------------------
| Application Timezone
|--------------------------------------------------------------------------
|
| Here you may specify the default timezone for your application, which
| will be used by the PHP date and date-time functions. We have gone
| ahead and set this to a sensible default for you out of the box.
|
*/
'timezone' => 'UTC', 'timezone' => 'UTC',
/*
|--------------------------------------------------------------------------
| Application Locale Configuration
|--------------------------------------------------------------------------
|
| The application locale determines the default locale that will be used
| by the translation service provider. You are free to set this value
| to any of the locales which will be supported by the application.
|
*/
'locale' => 'en', 'locale' => 'en',
/*
|--------------------------------------------------------------------------
| Application Fallback Locale
|--------------------------------------------------------------------------
|
| The fallback locale determines the locale to use when the current one
| is not available. You may change the value to correspond to any of
| the language folders that are provided through your application.
|
*/
'fallback_locale' => 'en', 'fallback_locale' => 'en',
/*
|--------------------------------------------------------------------------
| Faker Locale
|--------------------------------------------------------------------------
|
| This locale will be used by the Faker PHP library when generating fake
| data for your database seeds. For example, this will be used to get
| localized telephone numbers, street address information and more.
|
*/
'faker_locale' => 'en_US', 'faker_locale' => 'en_US',
/*
|--------------------------------------------------------------------------
| Encryption Key
|--------------------------------------------------------------------------
|
| This key is used by the Illuminate encrypter service and should be set
| to a random, 32 character string, otherwise these encrypted strings
| will not be safe. Please do this before deploying an application!
|
*/
'key' => env('APP_KEY'), 'key' => env('APP_KEY'),
'cipher' => 'AES-256-CBC', 'cipher' => 'AES-256-CBC',
/*
|--------------------------------------------------------------------------
| Maintenance Mode Driver
|--------------------------------------------------------------------------
|
| These configuration options determine the driver used to determine and
| manage Laravel's "maintenance mode" status. The "cache" driver will
| allow maintenance mode to be controlled across multiple machines.
|
| Supported drivers: "file", "cache"
|
*/
'maintenance' => [ 'maintenance' => [
'driver' => 'file', 'driver' => 'file',
// 'store' => 'redis',
], ],
/*
|--------------------------------------------------------------------------
| Autoloaded Service Providers
|--------------------------------------------------------------------------
|
| The service providers listed here will be automatically loaded on the
| request to your application. Feel free to add your own services to
| this array to grant expanded functionality to your applications.
|
*/
'providers' => ServiceProvider::defaultProviders()->merge([ 'providers' => ServiceProvider::defaultProviders()->merge([
/*
* Package Service Providers...
*/
/*
* Application Service Providers...
*/
App\Providers\AppServiceProvider::class, App\Providers\AppServiceProvider::class,
App\Providers\AuthServiceProvider::class, App\Providers\AuthServiceProvider::class,
// App\Providers\BroadcastServiceProvider::class,
App\Providers\EventServiceProvider::class, App\Providers\EventServiceProvider::class,
App\Providers\RouteServiceProvider::class, App\Providers\RouteServiceProvider::class,
])->toArray(), ])->toArray(),
/*
|--------------------------------------------------------------------------
| Class Aliases
|--------------------------------------------------------------------------
|
| This array of class aliases will be registered when this application
| is started. However, feel free to register as many as you wish as
| the aliases are "lazy" loaded so they don't hinder performance.
|
*/
'aliases' => Facade::defaultAliases()->merge([ 'aliases' => Facade::defaultAliases()->merge([
// 'Example' => App\Facades\Example::class, // 'Example' => App\Facades\Example::class,
])->toArray(), ])->toArray(),
]; ];

View file

@ -1,35 +1,8 @@
<?php <?php
return [ return [
/*
|--------------------------------------------------------------------------
| Default Broadcaster
|--------------------------------------------------------------------------
|
| This option controls the default broadcaster that will be used by the
| framework when an event needs to be broadcast. You may set this to
| any of the connections defined in the "connections" array below.
|
| Supported: "pusher", "ably", "redis", "log", "null"
|
*/
'default' => env('BROADCAST_DRIVER', 'null'), 'default' => env('BROADCAST_DRIVER', 'null'),
/*
|--------------------------------------------------------------------------
| Broadcast Connections
|--------------------------------------------------------------------------
|
| Here you may define all of the broadcast connections that will be used
| to broadcast events to other systems or over websockets. Samples of
| each available type of connection are provided inside this array.
|
*/
'connections' => [ 'connections' => [
'pusher' => [ 'pusher' => [
'driver' => 'pusher', 'driver' => 'pusher',
'key' => env('PUSHER_APP_KEY'), 'key' => env('PUSHER_APP_KEY'),

View file

@ -3,36 +3,8 @@
use Illuminate\Support\Str; use Illuminate\Support\Str;
return [ return [
/*
|--------------------------------------------------------------------------
| Default Database Connection Name
|--------------------------------------------------------------------------
|
| Here you may specify which of the database connections below you wish
| to use as your default connection for all database work. Of course
| you may use many connections at once using the Database library.
|
*/
'default' => env('DB_CONNECTION', 'mysql'), 'default' => env('DB_CONNECTION', 'mysql'),
/*
|--------------------------------------------------------------------------
| Database Connections
|--------------------------------------------------------------------------
|
| Here are each of the database connections setup for your application.
| Of course, examples of configuring each database platform that is
| supported by Laravel is shown below to make development simple.
|
|
| All database work in Laravel is done through the PHP PDO facilities
| so make sure you have the driver for your particular database of
| choice installed on your machine before you begin development.
|
*/
'connections' => [ 'connections' => [
'mysql' => [ 'mysql' => [
'driver' => 'mysql', 'driver' => 'mysql',
@ -55,16 +27,5 @@
], ],
], ],
/*
|--------------------------------------------------------------------------
| Migration Repository Table
|--------------------------------------------------------------------------
|
| This table keeps track of all the migrations that have already run for
| your application. Using this information, we can determine which of
| the migrations on disk haven't actually been run in the database.
|
*/
'migrations' => 'migrations', 'migrations' => 'migrations',
]; ];

View file

@ -1,52 +1,17 @@
<?php <?php
return [ return [
// One of "bcrypt", "argon", "argon2id"
/*
|--------------------------------------------------------------------------
| Default Hash Driver
|--------------------------------------------------------------------------
|
| This option controls the default hash driver that will be used to hash
| passwords for your application. By default, the bcrypt algorithm is
| used; however, you remain free to modify this option if you wish.
|
| Supported: "bcrypt", "argon", "argon2id"
|
*/
'driver' => 'bcrypt', 'driver' => 'bcrypt',
/*
|--------------------------------------------------------------------------
| Bcrypt Options
|--------------------------------------------------------------------------
|
| Here you may specify the configuration options that should be used when
| passwords are hashed using the Bcrypt algorithm. This will allow you
| to control the amount of time it takes to hash the given password.
|
*/
'bcrypt' => [ 'bcrypt' => [
'rounds' => env('BCRYPT_ROUNDS', 10), 'rounds' => env('BCRYPT_ROUNDS', 10),
], ],
/*
|--------------------------------------------------------------------------
| Argon Options
|--------------------------------------------------------------------------
|
| Here you may specify the configuration options that should be used when
| passwords are hashed using the Argon algorithm. These will allow you
| to control the amount of time it takes to hash the given password.
|
*/
'argon' => [ 'argon' => [
'memory' => 65536, 'memory' => 65536,
'threads' => 1, 'threads' => 1,
'time' => 4, 'time' => 4,
], ],
]; ];

View file

@ -6,51 +6,13 @@
use Monolog\Processor\PsrLogMessageProcessor; use Monolog\Processor\PsrLogMessageProcessor;
return [ return [
/*
|--------------------------------------------------------------------------
| Default Log Channel
|--------------------------------------------------------------------------
|
| This option defines the default log channel that gets used when writing
| messages to the logs. The name specified in this option should match
| one of the channels defined in the "channels" configuration array.
|
*/
'default' => env('LOG_CHANNEL', 'stack'), 'default' => env('LOG_CHANNEL', 'stack'),
/*
|--------------------------------------------------------------------------
| Deprecations Log Channel
|--------------------------------------------------------------------------
|
| This option controls the log channel that should be used to log warnings
| regarding deprecated PHP and library features. This allows you to get
| your application ready for upcoming major versions of dependencies.
|
*/
'deprecations' => [ 'deprecations' => [
'channel' => env('LOG_DEPRECATIONS_CHANNEL', 'null'), 'channel' => env('LOG_DEPRECATIONS_CHANNEL', 'null'),
'trace' => false, 'trace' => false,
], ],
/*
|--------------------------------------------------------------------------
| Log Channels
|--------------------------------------------------------------------------
|
| Here you may configure the log channels for your application. Out of
| the box, Laravel uses the Monolog PHP logging library. This gives
| you a variety of powerful log handlers / formatters to utilize.
|
| Available Drivers: "single", "daily", "slack", "syslog",
| "errorlog", "monolog",
| "custom", "stack"
|
*/
'channels' => [ 'channels' => [
'stack' => [ 'stack' => [
'driver' => 'stack', 'driver' => 'stack',

View file

@ -1,38 +0,0 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
use Illuminate\Support\Str;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\User>
*/
class UserFactory extends Factory
{
/**
* Define the model's default state.
*
* @return array<string, mixed>
*/
public function definition(): array
{
return [
'name' => fake()->name(),
'email' => fake()->unique()->safeEmail(),
'email_verified_at' => now(),
'password' => '$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password
'remember_token' => Str::random(10),
];
}
/**
* Indicate that the model's email address should be unverified.
*/
public function unverified(): static
{
return $this->state(fn (array $attributes) => [
'email_verified_at' => null,
]);
}
}

View file

@ -1,6 +1,6 @@
body { body {
font-family: sans-serif; font-family: sans-serif;
margin: 0px; margin: 0;
color: #ddd; color: #ddd;
background-color: #333; background-color: #333;
} }
@ -54,13 +54,7 @@ h2,
h3 { h3 {
margin-top: 1em; margin-top: 1em;
clear: left; clear: left;
h1, color: #fff;
h2,
h3 {
margin-top: 1em;
clear: left;
color: #fff;
}
} }
img { img {
@ -125,9 +119,10 @@ div.codeblock pre {
max-width: 90%; max-width: 90%;
min-width: 400px; min-width: 400px;
} }
div.codeblock pre h1, div.codeblock pre h1,
div.codeblock pre hr { div.codeblock pre hr {
margin: 0px margin: 0
} }
div.codeblock pre h1 small { div.codeblock pre h1 small {
@ -168,12 +163,12 @@ nav div a img {
nav div h1 { nav div h1 {
font-family: system-ui, -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, font-family: system-ui, -apple-system, BlinkMacSystemFont, Segoe UI, Roboto,
Oxygen, Ubuntu, Cantarell, Fira Sans, Droid Sans, Helvetica Neue, Oxygen, Ubuntu, Cantarell, "Fira Sans", "Droid Sans", "Helvetica Neue",
sans-serif; sans-serif;
font-weight: normal; font-weight: normal;
font-size: 30px; font-size: 30px;
margin: 10px; margin: 10px;
margin-left: 0px; margin-left: 0;
} }
div.date { div.date {
@ -186,10 +181,7 @@ div.note {
table { table {
border-collapse: collapse; border-collapse: collapse;
table { border-color: #fff;
border-collapse: collapse;
border-color: #fff;
}
} }
table.noborder td { table.noborder td {
@ -295,14 +287,12 @@ table td {
} }
td { td {
padding: 0px; padding: 0;
vertical-align: top; vertical-align: top;
} }
table.skami { table.skami {
table.skami { border-color: #eeeeee;
border-color: #eeeeee;
}
} }
.header .pagetree { .header .pagetree {
@ -344,7 +334,7 @@ table.computers {
td.computer { td.computer {
width: 50%; width: 50%;
border: 0px; border: 0;
} }
div.footer { div.footer {
@ -362,78 +352,74 @@ a {
text-decoration: none; text-decoration: none;
} }
table.gb_entryform tr td { table.gb-entryform tr td {
border: none; border: none;
} }
table.gb_entryform tr td label { table.gb-entryform tr td label {
padding-right: 5px; padding-right: 5px;
} }
table.gb_entryform tr td span.text-danger { table.gb-entryform tr td span.text-danger {
padding-left: 5px; padding-left: 5px;
color: rgb(255, 114, 114); color: rgb(255, 114, 114);
} }
table.gb_entryform tr td textarea, table.gb-entryform tr td textarea,
table.gb_entryform tr td input { table.gb-entryform tr td input {
margin-bottom: 5px; margin-bottom: 5px;
} }
table.gb_entryform_container { table.gb-entryform-container {
width: 100%; width: 100%;
} }
table.gb_entryform_container tr td { table.gb-entryform-container tr td {
border: none; border: none;
vertical-align: top; vertical-align: top;
} }
table.gb_entryform_container tr td p, table.gb-entryform-container tr td p,
table.gb_entryform_container tr td ul { table.gb-entryform-container tr td ul {
margin: 0px; margin: 0;
} }
table.gb_entryform tbody tr td textarea { table.gb-entryform tbody tr td textarea {
width: 210px; width: 210px;
} }
table.gb_entry tr td { table.gb-entry tr td {
border: solid #ffffff 1px; border: solid #ffffff 1px;
width: 500px; width: 500px;
vertical-align: top; vertical-align: top;
padding: 5px; padding: 5px;
} }
table.gb_entry { table.gb-entry {
margin-bottom: 5px; margin-bottom: 5px;
} }
table.gb_admin { table.gb-admin {
margin-bottom: 5px; margin-bottom: 5px;
width: 500px; width: 500px;
table.gb_admin { border: #fff solid;
margin-bottom: 5px;
width: 500px;
border: #fff solid;
}
} }
table.gb_admin tr td { table.gb-admin tr td {
border-right: none; border-right: none;
border-bottom: none; border-bottom: none;
vertical-align: top; vertical-align: top;
padding: 5px; padding: 5px;
} }
table.gb_admin tr td.gb_del { table.gb-admin tr td.gb-del {
border-left: none; border-left: none;
vertical-align: top; vertical-align: top;
padding: 5px; padding: 5px;
width: 32px; width: 32px;
} }
table.gb_admin tr td.gb_message { table.gb-admin tr td.gb-message {
border-top: none; border-top: none;
vertical-align: top; vertical-align: top;
padding: 5px; padding: 5px;
@ -448,7 +434,7 @@ table.infotable tr td {
table.infotable tr td h1, table.infotable tr td h1,
table.infotable tr td h2, table.infotable tr td h2,
table.infotable tr td small { table.infotable tr td small {
margin: 0px; margin: 0;
} }
table.infotable tr td small { table.infotable tr td small {

View file

@ -4,12 +4,12 @@ html {
body { body {
font-family: sans-serif; font-family: sans-serif;
margin: 0px; margin: 0;
margin-left: 10px; margin-left: 10px;
color: #ddd; color: #ddd;
background-color: #333; background-color: #333;
} }
table.gb_entry_details tr td { table.gb-entry_details tr td {
padding-right: 5px; padding-right: 5px;
} }

View file

@ -6,7 +6,7 @@
<p>Are you sure you want to delete this entry?</p> <p>Are you sure you want to delete this entry?</p>
<h3>Entry Details:</h3> <h3>Entry Details:</h3>
<table class="gb_entry_details"> <table class="gb-entry_details">
<tr> <tr>
<td><b>ID:</b></td> <td><b>ID:</b></td>
<td>{{ $entry->id }}</td> <td>{{ $entry->id }}</td>

View file

@ -10,19 +10,19 @@
@endphp @endphp
<h1>Entries <small>({{ count($entries) }} total)</small></h1> <h1>Entries <small>({{ count($entries) }} total)</small></h1>
@foreach ($entries as $entry) @foreach ($entries as $entry)
<table class="gb_admin"> <table class="gb-admin">
<tr> <tr>
<td> <td>
Name:&nbsp;{{ $entry->name }}<br> Name:&nbsp;{{ $entry->name }}<br>
IP:&nbsp;&nbsp;&nbsp;{{ $entry->ip_address }}<br> IP:&nbsp;&nbsp;&nbsp;{{ $entry->ip_address }}<br>
Date:&nbsp;{{ gmdate("H:i:s - Y-m-d", $entry->timestamp) }} Date:&nbsp;{{ gmdate("H:i:s - Y-m-d", $entry->timestamp) }}
</td> </td>
<td class="gb_del"> <td class="gb-del">
<a href="/admin/guestbook/delete?id={{ $entry->id }}">del</a> <a href="/admin/guestbook/delete?id={{ $entry->id }}">del</a>
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="2" class="gb_message"> <td colspan="2" class="gb-message">
<br> <br>
{{ htmlspecialchars($entry->message) }} {{ htmlspecialchars($entry->message) }}
</td> </td>

View file

@ -2,13 +2,13 @@
@section('title', 'Guestbook') @section('title', 'Guestbook')
@section('content') @section('content')
<br> <br>
<table class="gb_entryform_container"> <table class="gb-entryform_container">
<tr> <tr>
<td> <td>
<form method="POST" action="/guestbook"> <form method="POST" action="/guestbook">
@csrf @csrf
<x-honeypot /> <x-honeypot />
<table class="gb_entryform"> <table class="gb-entryform">
<tr> <tr>
<td> <td>
<label for="name"><strong>Name:</strong></label> <label for="name"><strong>Name:</strong></label>
@ -62,7 +62,7 @@
@endphp @endphp
<h1>Entries <small>({{ count($entries) }} total)</small></h1> <h1>Entries <small>({{ count($entries) }} total)</small></h1>
@foreach ($entries as $entry) @foreach ($entries as $entry)
<table class="gb_entry"> <table class="gb-entry">
<tr> <tr>
<td> <td>
Submitted by <strong>{{ $entry->name }}</strong> Submitted by <strong>{{ $entry->name }}</strong>