mirror of
				https://github.com/invoiceninja/invoiceninja.git
				synced 2025-10-26 09:42:51 -04:00 
			
		
		
		
	Check for blank api secret
This commit is contained in:
		
							parent
							
								
									4c8414f616
								
							
						
					
					
						commit
						d472fcc93d
					
				| @ -23,7 +23,10 @@ class ApiCheck { | ||||
|     { | ||||
|         $loggingIn = $request->is('api/v1/login') || $request->is('api/v1/register'); | ||||
|         $headers = Utils::getApiHeaders(); | ||||
|         $hasApiSecret = hash_equals($request->api_secret ?: '', env(API_SECRET)); | ||||
| 
 | ||||
|         if ($secret = env(API_SECRET)) { | ||||
|             $hasApiSecret = hash_equals($request->api_secret ?: '', $secret); | ||||
|         } | ||||
| 
 | ||||
|         if ($loggingIn) { | ||||
|             // check API secret
 | ||||
|  | ||||
| @ -303,11 +303,10 @@ Route::get('/testimonials', function() { | ||||
| Route::get('/compare-online-invoicing{sites?}', function() { | ||||
|     return Redirect::to(NINJA_WEB_URL, 301); | ||||
| }); | ||||
| Route::get('/forgot_password', function() { | ||||
|     return Redirect::to(NINJA_APP_URL.'/forgot', 301); | ||||
| Route::get('/forgot', function() { | ||||
|     return Redirect::to(NINJA_APP_URL.'/recover_password', 301); | ||||
| }); | ||||
| 
 | ||||
| 
 | ||||
| if (!defined('CONTACT_EMAIL')) { | ||||
|     define('CONTACT_EMAIL', Config::get('mail.from.address')); | ||||
|     define('CONTACT_NAME', Config::get('mail.from.name')); | ||||
|  | ||||
| @ -13,7 +13,7 @@ class Document extends EntityModel | ||||
| 
 | ||||
|     public static $allowedMimes = array(// Used by Dropzone.js; does not affect what the server accepts
 | ||||
|         'image/png', 'image/jpeg', 'image/tiff', 'application/pdf', 'image/gif', 'image/vnd.adobe.photoshop', 'text/plain', | ||||
|         'application/zip', 'application/msword', | ||||
|         'application/msword', | ||||
|         'application/excel', 'application/vnd.ms-excel', 'application/x-excel', 'application/x-msexcel', | ||||
|         'application/vnd.openxmlformats-officedocument.wordprocessingml.document', | ||||
|         'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/postscript', 'image/svg+xml', | ||||
| @ -48,9 +48,6 @@ class Document extends EntityModel | ||||
|         'txt' => array( | ||||
|             'mime' => 'text/plain', | ||||
|         ), | ||||
|         'zip' => array( | ||||
|             'mime' => 'application/zip', | ||||
|         ), | ||||
|         'doc' => array( | ||||
|             'mime' => 'application/msword', | ||||
|         ), | ||||
|  | ||||
| @ -378,7 +378,7 @@ | ||||
|         } | ||||
| 
 | ||||
|         window.countUploadingDocuments = 0; | ||||
|         @if (Auth::user()->account->hasFeature(FEATURE_DOCUMENTS)) | ||||
| 
 | ||||
|         function handleDocumentAdded(file){ | ||||
|             // open document when clicked
 | ||||
|             if (file.url) { | ||||
| @ -419,7 +419,7 @@ | ||||
|         function handleDocumentError() { | ||||
|             window.countUploadingDocuments--; | ||||
|         } | ||||
|         @endif | ||||
|          | ||||
|     </script> | ||||
| 
 | ||||
| @stop | ||||
|  | ||||
| @ -222,7 +222,7 @@ | ||||
|                 @endif | ||||
| 				<th style="min-width:120px" data-bind="text: costLabel">{{ $invoiceLabels['unit_cost'] }}</th> | ||||
| 				<th style="{{ $account->hide_quantity ? 'display:none' : 'min-width:120px' }}" data-bind="text: qtyLabel">{{ $invoiceLabels['quantity'] }}</th> | ||||
| 				<th style="min-width:180px;display:none;" data-bind="visible: $root.invoice_item_taxes.show">{{ trans('texts.tax') }}</th> | ||||
| 				<th style="min-width:120px;display:none;" data-bind="visible: $root.invoice_item_taxes.show">{{ trans('texts.tax') }}</th> | ||||
| 				<th style="min-width:120px;">{{ trans('texts.line_total') }}</th> | ||||
| 				<th style="min-width:32px;" class="hide-border"></th> | ||||
| 			</tr> | ||||
| @ -1409,7 +1409,7 @@ | ||||
|     } | ||||
| 
 | ||||
|     window.countUploadingDocuments = 0; | ||||
|     @if ($account->hasFeature(FEATURE_DOCUMENTS)) | ||||
| 
 | ||||
|     function handleDocumentAdded(file){ | ||||
|         // open document when clicked
 | ||||
|         if (file.url) { | ||||
| @ -1454,7 +1454,6 @@ | ||||
|     function handleDocumentError() { | ||||
|         window.countUploadingDocuments--; | ||||
|     } | ||||
|     @endif | ||||
| 
 | ||||
| 	</script> | ||||
|     @if ($account->hasFeature(FEATURE_DOCUMENTS) && $account->invoice_embed_documents) | ||||
|  | ||||
| @ -24,6 +24,15 @@ | ||||
|     <meta http-equiv="X-UA-Compatible" content="IE=edge"> | ||||
|     <meta name="msapplication-config" content="none"/> | ||||
| 
 | ||||
|     <!-- http://stackoverflow.com/questions/19012698/browser-cache-issues-in-laravel-4-application --> | ||||
|     <meta http-equiv="cache-control" content="max-age=0" /> | ||||
|     <meta http-equiv="cache-control" content="no-cache" /> | ||||
|     <meta http-equiv="cache-control" content="no-store" /> | ||||
|     <meta http-equiv="cache-control" content="must-revalidate" /> | ||||
|     <meta http-equiv="expires" content="0" /> | ||||
|     <meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" /> | ||||
|     <meta http-equiv="pragma" content="no-cache" /> | ||||
| 
 | ||||
|     <link rel="canonical" href="{{ NINJA_APP_URL }}/{{ Request::path() }}" /> | ||||
| 
 | ||||
|     <script src="{{ asset('built.js') }}?no_cache={{ NINJA_VERSION }}" type="text/javascript"></script> | ||||
| @ -38,6 +47,10 @@ | ||||
|                 return; | ||||
|             } | ||||
| 
 | ||||
|             if (errorMsg.indexOf('No unicode cmap for font') > -1) { | ||||
|                 alert("Please force refresh the page to update the font cache.\n\n - Windows: Ctrl + F5\n - Mac/Apple: Apple + R or Command + R\n - Linux: F5"); | ||||
|             } | ||||
| 
 | ||||
|             try { | ||||
|                 // Use StackTraceJS to parse the error context
 | ||||
|                 if (error) { | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user