diff --git a/install/phpnuxbill.sql b/install/phpnuxbill.sql index d6645f60..d89c89d6 100644 --- a/install/phpnuxbill.sql +++ b/install/phpnuxbill.sql @@ -177,6 +177,7 @@ CREATE TABLE `tbl_users` ( `user_type` enum('SuperAdmin','Admin','Report','Agent','Sales') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL, `status` enum('Active','Inactive') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT 'Active', `last_login` datetime DEFAULT NULL, + `login_token` VARCHAR(255), `creationdate` datetime NOT NULL ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; diff --git a/system/autoload/Admin.php b/system/autoload/Admin.php index 72d17e7c..d6b51718 100644 --- a/system/autoload/Admin.php +++ b/system/autoload/Admin.php @@ -21,6 +21,15 @@ class Admin if ($enable_session_timeout) { $_SESSION['aid_expiration'] = time() + $session_timeout_duration; } + // Validate the token in the cookie + $isValid = self::validateToken($_SESSION['aid'], $_COOKIE['aid']); + if (!$isValid) { + self::removeCookie(); + session_destroy(); + _alert(Lang::T('Token has expired. Please log in again.'), 'danger', "admin"); + return 0; + } + return $_SESSION['aid']; } // Session expired, log out the user @@ -35,7 +44,15 @@ class Admin // Check if the cookie is set and valid elseif (isset($_COOKIE['aid'])) { $tmp = explode('.', $_COOKIE['aid']); - if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_pass) == $tmp[2]) { + if (sha1("$tmp[0].$tmp[1].$db_pass") == $tmp[2]) { + // Validate the token in the cookie + $isValid = self::validateToken($tmp[0], $_COOKIE['aid']); + if (!$isValid) { + self::removeCookie(); + _alert(Lang::T('Token has expired. Please log in again.'), 'danger', "admin"); + return 0; + } + if (time() - $tmp[1] < 86400 * 7) { $_SESSION['aid'] = $tmp[0]; if ($enable_session_timeout) { @@ -48,10 +65,9 @@ class Admin return 0; } - public static function setCookie($aid) { - global $db_pass, $config; + global $db_pass, $config, $_app_stage; $enable_session_timeout = $config['enable_session_timeout']; $session_timeout_duration = intval($config['session_timeout_duration']) * 60; // Convert minutes to seconds @@ -61,12 +77,13 @@ class Admin // Detect the current protocol $isSecure = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'; - + $serverHost = $_SERVER['HTTP_HOST']; + $app_stage = ($serverHost === 'localhost') ? '' : APP_URL; // Set cookie with security flags setcookie('aid', $token, [ 'expires' => time() + 86400 * 7, // 7 days 'path' => '/', - 'domain' => APP_URL, + 'domain' => $app_stage, 'secure' => $isSecure, 'httponly' => true, 'samesite' => 'Lax', // or Strict @@ -78,20 +95,25 @@ class Admin $_SESSION['aid_expiration'] = $time + $session_timeout_duration; } + self::upsertToken($aid, $token); + return $token; } return ''; } - + public static function removeCookie() { + global $_app_stage; if (isset($_COOKIE['aid'])) { $isSecure = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'; + $serverHost = $_SERVER['HTTP_HOST']; + $app_stage = ($serverHost === 'localhost') ? '' : APP_URL; setcookie('aid', '', [ 'expires' => time() - 3600, 'path' => '/', - 'domain' => APP_URL, + 'domain' => $app_stage, 'secure' => $isSecure, 'httponly' => true, 'samesite' => 'Lax', @@ -112,4 +134,27 @@ class Admin return null; } } + + public static function upsertToken($aid, $token) + { + $query = ORM::for_table('tbl_users')->where('id', $aid)->findOne(); + $query->login_token = $token; + $query->save(); + } + + public static function validateToken($aid, $cookieToken) + { + $query = ORM::for_table('tbl_users')->where('id', $aid)->findOne(); + $storedToken = $query->login_token; + + if (empty($storedToken)) { + return false; + } + + if ($storedToken !== $cookieToken) { + return false; + } + + return $storedToken === $cookieToken; + } } diff --git a/system/controllers/order.php b/system/controllers/order.php index 1d032da2..e0a46075 100644 --- a/system/controllers/order.php +++ b/system/controllers/order.php @@ -15,7 +15,7 @@ switch ($action) { $ui->assign('_system_menu', 'voucher'); $ui->assign('_title', Lang::T('Order Voucher')); run_hook('customer_view_order'); #HOOK - $ui->display('user-ui/order.tpl'); + $ui->display('customer/order.tpl'); break; case 'history': $ui->assign('_system_menu', 'history'); @@ -24,7 +24,7 @@ switch ($action) { $ui->assign('d', $d); $ui->assign('_title', Lang::T('Order History')); run_hook('customer_view_order_history'); #HOOK - $ui->display('user-ui/orderHistory.tpl'); + $ui->display('customer/orderHistory.tpl'); break; case 'balance': if (strpos($user['email'], '@') === false) { @@ -34,7 +34,7 @@ switch ($action) { $ui->assign('_system_menu', 'balance'); $plans_balance = ORM::for_table('tbl_plans')->where('enabled', '1')->where('type', 'Balance')->where('prepaid', 'yes')->find_many(); $ui->assign('plans_balance', $plans_balance); - $ui->display('user-ui/orderBalance.tpl'); + $ui->display('customer/orderBalance.tpl'); break; case 'package': if (strpos($user['email'], '@') === false) { @@ -127,7 +127,7 @@ switch ($action) { $ui->assign('plans_hotspot', $plans_hotspot); $ui->assign('plans_vpn', $plans_vpn); run_hook('customer_view_order_plan'); #HOOK - $ui->display('user-ui/orderPlan.tpl'); + $ui->display('customer/orderPlan.tpl'); break; case 'unpaid': $d = ORM::for_table('tbl_payment_gateway') @@ -192,7 +192,7 @@ switch ($action) { $ui->assign('plan', $plan); $ui->assign('bandw', $bandw); $ui->assign('_title', 'TRX #' . $trxid); - $ui->display('user-ui/orderView.tpl'); + $ui->display('customer/orderView.tpl'); break; case 'pay': if ($config['enable_balance'] != 'yes') { @@ -383,7 +383,7 @@ switch ($action) { $ui->assign('router', $router_name); $ui->assign('plan', $plan); $ui->assign('tax', $tax); - $ui->display('user-ui/sendPlan.tpl'); + $ui->display('customer/sendPlan.tpl'); break; case 'gateway': $ui->assign('_title', Lang::T('Select Payment Gateway')); @@ -421,7 +421,7 @@ switch ($action) { $ui->assign('add_cost', $add_cost); $ui->assign('bills', $bills); $ui->assign('plan', $plan); - $ui->display('user-ui/selectGateway.tpl'); + $ui->display('customer/selectGateway.tpl'); break; } else { sendTelegram("Payment Gateway not set, please set it in Settings"); diff --git a/system/updates.json b/system/updates.json index 8d66fc0c..4b74421e 100644 --- a/system/updates.json +++ b/system/updates.json @@ -161,5 +161,8 @@ "ALTER TABLE `tbl_customers` CHANGE `service_type` `service_type` ENUM('Hotspot','PPPoE','VPN','Others') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT 'Others' COMMENT 'For selecting user type';", "ALTER TABLE `tbl_transactions` CHANGE `type` `type` ENUM('Hotspot','PPPOE','VPN','Balance') CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL;", "CREATE TABLE IF NOT EXISTS `tbl_port_pool` ( `id` int(10) NOT NULL AUTO_INCREMENT , `public_ip` varchar(40) NOT NULL, `port_name` varchar(40) NOT NULL, `range_port` varchar(40) NOT NULL, `routers` varchar(40) NOT NULL, PRIMARY KEY (`id`)) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;" + ], + "2024.10.10": [ + "ALTER TABLE `tbl_users` ADD `login_token` VARCHAR(255) AFTER `last_login`;" ] } \ No newline at end of file