v0.9.57

- move wtv-guide romcache + some fixes - fix getAbsolutePath - fix adding users (broken with getAbsolutePath update) - fix bugs, update badwords, more bugs with account addition to fix yet - implement bad username check (wordlist from Redialed) - update zefie server IP (again) - proper x-powered-by version format - fix: also respect in hide_minisrv_version in cgi - fix: properly respect hide_minisrv_version flag - removed a scary warning - add default php_binpath config entry (php is still disabled by default)
2025-01-06 19:31:54 -05:00
parent 65521fcad6
commit 184e91d784
225 changed files with 380 additions and 171 deletions
--- a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/add-user-name.js
+++ b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/add-user-name.js
@@ -63,8 +63,13 @@ User's Internet name
 <tr>
 <td>
 <td absheight=244 valign=top align=left>
-<form action="wtv-setup:/add-user-password">
+<form action="${(request_headers.query.user_password) ? "wtv-setup:/validate-add-user" : "wtv-setup:/add-user-password"}">
 <INPUT TYPE="hidden" NAME="display_name" VALUE="${request_headers.query.display_name || ''}">
+`;
+    if (request_headers.query.user_password) data += `<INPUT TYPE="hidden" NAME="user_password" VALUE="${request_headers.query.user_password}">`;
+    if (request_headers.query.user_password2) data += `<INPUT TYPE="hidden" NAME="user_password2" VALUE="${request_headers.query.user_password2}">`;
+
+data += `
 <table cellspacing=0 cellpadding=0 border=0>
 <tr>
 <td align=left valign=top abswidth=198>
--- a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/add-user-password.js
+++ b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/add-user-password.js
@@ -4,11 +4,11 @@ var errpage = null;
 const wtvr = new WTVRegister(minisrv_config, SessionStore);

 if (session_data.user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account.");
-else if (!request_headers.query.user_name) errpage = doErrorPage(400, "Please enter a username.");
+else if (!request_headers.query.user_name) errpage = wtvshared.doErrorPage(400, "Please enter a username.");
 else if (request_headers.query.user_name.length < minisrv_config.config.user_accounts.min_username_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with <b>" + minisrv_config.config.user_accounts.min_username_length + "</b> or more characters.");
 else if (request_headers.query.user_name.length > minisrv_config.config.user_accounts.max_username_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with <b>" + minisrv_config.config.user_accounts.max_username_length + "</b> or less characters.");
 else if (!wtvr.checkUsernameSanity(request_headers.query.user_name)) errpage = wtvshared.doErrorPage(400, "The username you have chosen contains invalid characters. Please choose a username with only <b>letters</b>, <b>numbers</b>, <b>_</b> or <b>-</b>. Also, please be sure your username begins with a letter.");
-else if (!wtvr.checkUsernameAvailable(request_headers.query.user_name)) errpage = wtvshared.doErrorPage(400, "The username you have selected is already in use. Please select another username.");
+else if (!wtvr.checkUsernameAvailable(request_headers.query.user_name)) errpage = wtvshared.doErrorPage(400, "The username you have selected is not available. Please select another username.");
 else if (session_data.getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`);


@@ -67,12 +67,13 @@ noscroll>
 <td abswidth=416 absheight=80 valign=center>
 <font size="+2" color="E7CE4A"><blackface><shadow>
 Optional password
+</table>
 <td abswidth=20>
 <tr>
 <td>
 <td absheight=244 valign=top align=left>
 <form action="wtv-setup:/validate-add-user">
-<INPUT TYPE="hidden" NAME="display_name" VALUE="${(request_headers.query.display_name) ? request_headers.query.display_name : request_headers.query.user_name}">
+<INPUT TYPE="hidden" NAME="display_name" VALUE="${request_headers.query.display_name || request_headers.query.user_name || ''}">
 <INPUT TYPE="hidden" NAME="user_name" VALUE="${request_headers.query.user_name}">
 <table cellspacing=0 cellpadding=0 border=0>
 <tr>
--- a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/add-user.js
+++ b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/add-user.js
@@ -66,8 +66,17 @@ User's name
 <td>
 <td absheight=244 valign=top align=left>
 <form
-action="wtv-setup:/add-user-name"
+action="${(request_headers.query.display_name) ? "wtv-setup:/validate-add-user" : "wtv-setup:/add-user-name"}"
 >
+`;
+    if (request_headers.query.display_name) {
+        data += `        
+            <INPUT TYPE="hidden" NAME="user_name" VALUE="${request_headers.query.user_name}">
+            <INPUT TYPE="hidden" NAME="user_password" VALUE="${request_headers.query.user_password}">
+            <INPUT TYPE="hidden" NAME="user_password2" VALUE="${request_headers.query.user_password2}">
+        `
+    }
+data += `
 <P>
 <table cellspacing=0 cellpadding=0 border=0>
 <tr>
@@ -94,7 +103,7 @@ person's name.
 <tr>
 <td colspan=3 align=left>
 Display name<br>
-<INPUT noSubmit name="display_name" id="display_name" Value=""
+<INPUT noSubmit name="display_name" id="display_name" Value="${(request_headers.query.display_name) ? request_headers.query.display_name : ""}"
 bgcolor=#444444 text=#ffdd33 cursor=#cc9933
 TYPE="text" ASCIIONLY
 SIZE="18"
--- a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/edit-password.js
+++ b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/edit-password.js
@@ -36,8 +36,7 @@ Content-Type: text/html`;
 <TITLE>
 Change ${(user_id == session_data.user_id) ? 'your' : 'user'} password
 </TITLE>
-<DISPLAY nosave
-noscroll>
+<DISPLAY nosave skipback noscroll>
 </HEAD>
 <sidebar width=110> <table cellspacing=0 cellpadding=0 BGCOLOR="30364D">
 <tr>
--- a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/validate-add-user-done.js
+++ b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/validate-add-user-done.js
@@ -34,7 +34,7 @@ if (errpage) {
 } else {
    if (!request_headers.query.display_name) request_headers.query.display_name = request_headers.query.username;
    userSession = new WTVClientSessionData(minisrv_config, socket.ssid);
-    var freeUserId = session_data.findFreeUserSlot(session_data);
+    var freeUserId = session_data.findFreeUserSlot();
    if (freeUserId) {
        userSession.user_id = freeUserId;
        userSession.setSessionData("subscriber_userid", freeUserId);
--- a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/validate-add-user.js
+++ b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-setup/validate-add-user.js
@@ -92,16 +92,10 @@ action="/validate-add-user-done"
 <td align=left>
 You are adding
 <a href="wtv-setup:/add-user-name?
-user-human-name-first=Joe&
-user-human-name-last=blow&
-user-name=xxxxxxx&
-user-password=xxxx&
-user-password2=xxxx&
-restricted-web-access=unrestricted-access&
-restricted-chat-access=unrestricted-access&
-email-access-denied=&
-cant-connect-past-cap=&
-review-only='TRUE'">
+user_name=${request_headers.query.user_name}&
+display_name=${request_headers.query.display_name}&
+user_password=${request_headers.query.user_password}&
+user_password2=${request_headers.query.user_password2}">
 ${request_headers.query.user_name}<br>
 </a>
 to your account.
@@ -110,7 +104,7 @@ to your account.
 <tr>
 <td align=left0 abswidth=198 maxlines=2>
 Display Name:
-<a href="wtv-setup:/add-user-name?
+<a href="wtv-setup:/add-user?
 display_name=${request_headers.query.display_name}&
 user_name=${request_headers.query.user_name}&
 user_password=${request_headers.query.user_password}&