Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-07 13:54:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Check for blank api secret

Browse Source
This commit is contained in:
Hillel Coren 2016-06-05 18:50:41 +03:00
parent 0c16d89540
commit 8b2f7eb39f
6 changed files with 23 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/Http/Middleware/ApiCheck.php
View File

@ -23,7 +23,10 @@ class ApiCheck {
{
$loggingIn = $request->is('api/v1/login') || $request->is('api/v1/register');
$headers = Utils::getApiHeaders();
$hasApiSecret = hash_equals($request->api_secret ?: '', env(API_SECRET));
if ($secret = env(API_SECRET)) {
$hasApiSecret = hash_equals($request->api_secret ?: '', $secret);
}
if ($loggingIn) {
// check API secret

4
app/Http/routes.php
View File

@ -322,8 +322,8 @@ Route::get('/testimonials', function() {
Route::get('/compare-online-invoicing{sites?}', function() {
return Redirect::to(NINJA_WEB_URL, 301);
});
Route::get('/forgot_password', function() {
return Redirect::to(NINJA_APP_URL.'/forgot', 301);
Route::get('/forgot', function() {
return Redirect::to(NINJA_APP_URL.'/recover_password', 301);
});

5
app/Models/Document.php
View File

@ -18,7 +18,7 @@ class Document extends EntityModel
public static $allowedMimes = array(// Used by Dropzone.js; does not affect what the server accepts
'image/png', 'image/jpeg', 'image/tiff', 'application/pdf', 'image/gif', 'image/vnd.adobe.photoshop', 'text/plain',
'application/zip', 'application/msword',
'application/msword',
'application/excel', 'application/vnd.ms-excel', 'application/x-excel', 'application/x-msexcel',
'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/postscript', 'image/svg+xml',
@ -53,9 +53,6 @@ class Document extends EntityModel
'txt' => array(
'mime' => 'text/plain',
),
'zip' => array(
'mime' => 'application/zip',
),
'doc' => array(
'mime' => 'application/msword',
),

4
resources/views/expenses/edit.blade.php
View File

@ -371,7 +371,7 @@
}
window.countUploadingDocuments = 0;
@if (Auth::user()->account->hasFeature(FEATURE_DOCUMENTS))
function handleDocumentAdded(file){
// open document when clicked
if (file.url) {
@ -412,7 +412,7 @@
function handleDocumentError() {
window.countUploadingDocuments--;
}
@endif
</script>
@stop

3
resources/views/invoices/edit.blade.php
View File

@ -1463,7 +1463,7 @@
}
window.countUploadingDocuments = 0;
@if ($account->hasFeature(FEATURE_DOCUMENTS))
function handleDocumentAdded(file){
// open document when clicked
if (file.url) {
@ -1508,7 +1508,6 @@
function handleDocumentError() {
window.countUploadingDocuments--;
}
@endif
</script>
@if ($account->hasFeature(FEATURE_DOCUMENTS) && $account->invoice_embed_documents)

13
resources/views/master.blade.php
View File

@ -19,6 +19,15 @@
<meta property="og:image" content="{{ SITE_URL }}/images/round_logo.png" />
<meta property="og:description" content="Simple, Intuitive Invoicing." />
<!-- http://stackoverflow.com/questions/19012698/browser-cache-issues-in-laravel-4-application -->
<meta http-equiv="cache-control" content="max-age=0" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="cache-control" content="no-store" />
<meta http-equiv="cache-control" content="must-revalidate" />
<meta http-equiv="expires" content="0" />
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" />
<meta http-equiv="pragma" content="no-cache" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="csrf-token" content="{{ csrf_token() }}">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
@ -38,6 +47,10 @@
return;
}
if (errorMsg.indexOf('No unicode cmap for font') > -1) {
alert("Please force refresh the page to update the font cache.\n\n - Windows: Ctrl + F5\n - Mac/Apple: Apple + R or Command + R\n - Linux: F5");
}
try {
// Use StackTraceJS to parse the error context
if (error) {