remco/Atomcms-edit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

High priority fixes: PayPal env(), RadioApiKey Bearer-only, User restrict, SettingsService TTL, PHPStan config, + fix 7 broke points (forceFill)

Browse Source
This commit is contained in:
root
2026-06-04 20:17:45 +02:00
parent b2bb1811d0
commit 9b5c655c68
10 changed files with 36 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Actions/Fortify/DisableTwoFactorAuthentication.php
+1 -1
View File
@@ -15,7 +15,7 @@ class DisableTwoFactorAuthentication extends \Laravel\Fortify\Actions\DisableTwo
$user->forceFill([ $user->forceFill([
'two_factor_secret' => null, 'two_factor_secret' => null,
'two_factor_recovery_codes' => null, 'two_factor_recovery_codes' => null,
'two_factor_confirmed' => false, 'two_factor_confirmed_at' => null,
])->save(); ])->save();
} }
} }
app/Filament/Pages/Radio/PointsSettings.php
+1 -1
View File
@@ -196,7 +196,7 @@ final class PointsSettings extends Page implements HasForms
public function resetLeaderboard(): void public function resetLeaderboard(): void
{ {
User::where('radio_points', '>', 0)->update(['radio_points' => 0]); User::query()->where('radio_points', '>', 0)->each(fn (User $u) => $u->forceFill(['radio_points' => 0])->save());
RadioListenerPoint::query()->delete(); RadioListenerPoint::query()->delete();
$this->pointsService->clearLeaderboardCache(); $this->pointsService->clearLeaderboardCache();
app/Filament/Resources/Hotel/StaffApplications/StaffApplicationResource.php
+2 -2
View File
@@ -129,7 +129,7 @@ class StaffApplicationResource extends Resource
} }
if ((int) $user->team_id !== (int) $team->id) { if ((int) $user->team_id !== (int) $team->id) {
$user->update(['team_id' => $team->id]); $user->forceFill(['team_id' => $team->id])->save();
} }
$r->update([ $r->update([
@@ -177,7 +177,7 @@ class StaffApplicationResource extends Resource
} }
if ($r->status === 'approved' && (int) $user->team_id === (int) $team->id) { if ($r->status === 'approved' && (int) $user->team_id === (int) $team->id) {
$user->update(['team_id' => null]); $user->forceFill(['team_id' => null])->save();
} }
$r->update([ $r->update([
app/Filament/Resources/User/Users/Pages/EditUser.php
+1 -1
View File
@@ -189,7 +189,7 @@ class EditUser extends EditRecord
} }
if (! $user->online) { if (! $user->online) {
$user->update(['rank' => $data['rank']]); $user->forceFill(['rank' => $data['rank']])->save();
return; return;
} }
app/Http/Middleware/RadioApiKey.php
+2 -2
View File
@@ -13,11 +13,11 @@ class RadioApiKey
{ {
public function handle(Request $request, Closure $next, string $permission = '*'): Response public function handle(Request $request, Closure $next, string $permission = '*'): Response
{ {
$key = $request->bearerToken() ?? $request->query('api_key'); $key = $request->bearerToken();
if (empty($key)) { if (empty($key)) {
return response()->json([ return response()->json([
'error' => 'API key is required. Use Authorization: Bearer <key> or ?api_key=<key>', 'error' => 'API key is required. Use Authorization: Bearer <key>',
], 401); ], 401);
} }
app/Models/User.php
+2 -2
View File
@@ -125,7 +125,7 @@ class User extends Authenticatable implements FilamentUser, HasName
public $timestamps = false; public $timestamps = false;
#[\Override] #[\Override]
protected $fillable = ['username', 'mail', 'password', 'account_created', 'last_login', 'motto', 'look', 'credits', 'last_username_change', 'auth_ticket', 'home_room', 'ip_register', 'ip_current', 'referral_code', 'preferences', 'team_id', 'avatar_background', 'home_background', 'pincode', 'secret_key', 'extra_rank', 'is_hidden', 'background_id', 'background_stand_id', 'background_overlay_id', 'radio_points', 'pixels', 'points', 'online', 'gender', 'rank', 'mail_verified', 'two_factor_secret', 'two_factor_recovery_codes', 'two_factor_confirmed_at']; protected $fillable = ['username', 'mail', 'password', 'account_created', 'last_login', 'motto', 'look', 'credits', 'last_username_change', 'auth_ticket', 'home_room', 'ip_register', 'ip_current', 'referral_code', 'preferences', 'avatar_background', 'home_background', 'background_id', 'background_stand_id', 'background_overlay_id', 'gender'];
#[\Override] #[\Override]
protected $hidden = ['password', 'remember_token']; protected $hidden = ['password', 'remember_token'];
@@ -361,7 +361,7 @@ class User extends Authenticatable implements FilamentUser, HasName
return false; return false;
} }
$this->update(['two_factor_confirmed' => true]); $this->forceFill(['two_factor_confirmed_at' => now()])->save();
return true; return true;
} }
app/Services/PurchaseService.php
+1 -1
View File
@@ -49,7 +49,7 @@ class PurchaseService
$this->rconService->setRank($user, $package->give_rank); $this->rconService->setRank($user, $package->give_rank);
$this->rconService->disconnectUser($user); $this->rconService->disconnectUser($user);
} else { } else {
$user->update(['rank' => $package->give_rank]); $user->forceFill(['rank' => $package->give_rank])->save();
} }
} }
app/Services/SettingsService.php
+2 -2
View File
@@ -32,7 +32,7 @@ class SettingsService
public function getLanguages(): Collection public function getLanguages(): Collection
{ {
return Cache::rememberForever(self::LANGUAGES_CACHE_KEY, function (): Collection { return Cache::remember(self::LANGUAGES_CACHE_KEY, 86400, function (): Collection {
try { try {
if (! Schema::hasTable('website_languages')) { if (! Schema::hasTable('website_languages')) {
return collect(); return collect();
@@ -75,7 +75,7 @@ class SettingsService
return $this->fetchSettings(); return $this->fetchSettings();
} }
$this->cachedSettings = collect(Cache::rememberForever(self::CACHE_KEY, fn () => $this->fetchSettings()->toArray())); $this->cachedSettings = collect(Cache::remember(self::CACHE_KEY, 86400, fn () => $this->fetchSettings()->toArray()));
return $this->cachedSettings; return $this->cachedSettings;
} }
config/paypal.php
+7 -7
View File
@@ -4,9 +4,9 @@ declare(strict_types=1);
return [ return [
'sandbox' => [ 'sandbox' => [
'client_id' => 'test_client_id', 'client_id' => env('PAYPAL_SANDBOX_CLIENT_ID', ''),
'client_secret' => 'test_client_secret', 'client_secret' => env('PAYPAL_SANDBOX_CLIENT_SECRET', ''),
'app_id' => 'APP-80W284485P519543T', 'app_id' => env('PAYPAL_SANDBOX_APP_ID', 'APP-80W284485P519543T'),
'settings' => [ 'settings' => [
'mode' => 'sandbox', 'mode' => 'sandbox',
'http.ConnectionTimeOut' => 30, 'http.ConnectionTimeOut' => 30,
@@ -20,9 +20,9 @@ return [
], ],
'live' => [ 'live' => [
'client_id' => 'test_client_id', 'client_id' => env('PAYPAL_LIVE_CLIENT_ID', ''),
'client_secret' => 'test_client_secret', 'client_secret' => env('PAYPAL_LIVE_CLIENT_SECRET', ''),
'app_id' => 'AYo1u2z7N3rQ2i2b3c4d5e6f7g8h9i0j', 'app_id' => env('PAYPAL_LIVE_APP_ID', ''),
'settings' => [ 'settings' => [
'mode' => 'live', 'mode' => 'live',
'http.ConnectionTimeOut' => 30, 'http.ConnectionTimeOut' => 30,
@@ -36,7 +36,7 @@ return [
], ],
'settings' => [ 'settings' => [
'mode' => 'sandbox', 'mode' => env('PAYPAL_MODE', 'sandbox'),
'http.ConnectionTimeOut' => 30, 'http.ConnectionTimeOut' => 30,
'log.LogEnabled' => false, 'log.LogEnabled' => false,
'log.FileName' => storage_path('logs/paypal.log'), 'log.FileName' => storage_path('logs/paypal.log'),
phpstan.neon.dist
+17
View File
@@ -0,0 +1,17 @@
parameters:
level: 6
paths:
- app
- config
- database
- routes
excludePaths:
- vendor
- storage
- bootstrap
- public
- resources
- lang
tmpDir: storage/framework/cache/phpstan
checkMissingIterableValueType: false
checkGenericClassInNonGenericObjectType: false