Merge branch '3.2' into 'main'

thorsten · Jan 23, 2024 · aca0663 · aca0663
2 parents cb373dd + 638b1a9
commit aca0663
Show file tree

Hide file tree

Showing 6 changed files with 14 additions and 11 deletions.
diff --git a/phpmyfaq/admin/category.edit.php b/phpmyfaq/admin/category.edit.php
@@ -209,7 +209,7 @@ class="form-check-input" <?= ($allUsers ? 'checked' : '') ?>>
                           </label>
                       </div>
                       <select name="restricted_users" id="restricted_users" class="form-select">
-                          <?= $userHelper->getAllUserOptions($userPermission[0]) ?>
+                          <?= $userHelper->getAllUserOptions($categoryData->getUserId()) ?>
                       </select>
                   </div>
               </div>

diff --git a/phpmyfaq/index.php b/phpmyfaq/index.php
@@ -144,7 +144,7 @@
 //
 // Validating token from 2FA if given; else: returns error message
 //
-if ($token !== '' && $userid !== '') {
+if ($token !== '' && !is_null($userid)) {
     if (strlen((string) $token) === 6 && is_numeric((string) $token)) {
         $user = new CurrentUser($faqConfig);
         $user->getUserById($userid);
@@ -185,7 +185,7 @@
 
 if (isset($userAuth)) {
     if ($userAuth instanceof UserAuthentication) {
-        if ($userAuth->hasTwoFactorAuthentication() === true) {
+        if ($userAuth->hasTwoFactorAuthentication()) {
             $action = 'twofactor';
         }
     }

diff --git a/phpmyfaq/src/phpMyFAQ/Category.php b/phpmyfaq/src/phpMyFAQ/Category.php
@@ -145,7 +145,7 @@ public function getGroups(): array
      *
      * @param bool $withPermission With or without permission check
      */
-    public function getOrderedCategories(bool $withPermission = true): array
+    public function getOrderedCategories(bool $withPermission = true, bool $withInactive = false): array
     {
         $categories = [];
         $where = '';
@@ -157,11 +157,11 @@ public function getOrderedCategories(bool $withPermission = true): array
                     ( fg.group_id IN (%s)
                 OR
                     (fu.user_id = %d AND fg.group_id IN (%s)))
-                AND
-                    fc.active = 1',
+                %s',
                 implode(', ', $this->groups),
                 $this->user,
-                implode(', ', $this->groups)
+                implode(', ', $this->groups),
+                $withInactive ? '' : 'AND fc.active = 1'
             );
         }
 
@@ -1180,6 +1180,7 @@ public function getMissingCategories(): void
             $query .= " WHERE lang != '" . $this->language . "'";
         }
         $query .= ' ORDER BY id';
+
         $result = $this->config->getDb()->query($query);
         while ($row = $this->config->getDb()->fetchArray($result)) {
             if (!array_key_exists($row['id'], $this->categoryName)) {

diff --git a/phpmyfaq/src/phpMyFAQ/User/CurrentUser.php b/phpmyfaq/src/phpMyFAQ/User/CurrentUser.php
@@ -186,7 +186,7 @@ public function login(string $login, string $password): bool
             $this->getUserByLogin($login);
 
             // only save this successful login to session when 2FA is not enabled
-            if ($this->getUserData('twofactor_enabled') !== 1) {
+            if ((int)$this->getUserData('twofactor_enabled') !== 1) {
                 $this->setLoggedIn(true);
                 $this->updateSessionId(true);
                 $this->saveToSession();
@@ -210,7 +210,7 @@ public function login(string $login, string $password): bool
             }
 
             // Login successful if 2FA is not enabled
-            if ($this->getUserData('twofactor_enabled') !== 1) {
+            if ((int)$this->getUserData('twofactor_enabled') !== 1) {
                 $this->setSuccess(true);
             }
 

diff --git a/phpmyfaq/src/phpMyFAQ/User/TwoFactor.php b/phpmyfaq/src/phpMyFAQ/User/TwoFactor.php
@@ -93,10 +93,12 @@ public function validateToken(string $token, int $userid): bool
 
     /**
      * Returns a QR-Code to a given secret for transmitting the secret to the Authenticator-App
+     *
+     * @throws TwoFactorAuthException
      */
     public function getQrCode(string $secret): string
     {
-        $user = CurrentUser::getFromSession($this->config);
+        $user = CurrentUser::getCurrentUser($this->config);
         $label = $this->config->getTitle() . ':' . $user->getUserData('email');
         $qrCodeText = $this->twoFactorAuth->getQrText($label, $secret) . '&image=' . $this->config->getDefaultUrl() .
         'assets/themes/' . Template::getTplSetName() . '/img/logo.png';

diff --git a/phpmyfaq/src/phpMyFAQ/User/UserAuthentication.php b/phpmyfaq/src/phpMyFAQ/User/UserAuthentication.php
@@ -87,7 +87,7 @@ public function authenticate(string $username, string $password): CurrentUser
 
         // Local
         if ($this->user->login($username, $password)) {
-            if ($this->user->getUserData('twofactor_enabled') == 1) {
+            if ($this->user->getUserData('twofactor_enabled')) {
                 $this->setTwoFactorAuthentication(true);
                 $this->user->setLoggedIn(false);
             } else {