fix

opentibiabr · Apr 13, 2024 · 172fe10 · 172fe10
1 parent dec4470
commit 172fe10
Show file tree

Hide file tree

Showing 14 changed files with 46 additions and 51 deletions.
diff --git a/app/Controller/Admin/Compendium.php b/app/Controller/Admin/Compendium.php
@@ -16,20 +16,14 @@ class Compendium extends Base
 {
     public static function convertNewsCategory($category_id)
     {
-        switch ($category_id) {
-            case 4:
-                return 'USEFUL INFO';
-            case 5:
-                return 'SUPPORT';
-            case 13:
-                return 'CLIENT FEATURES';
-            case 17:
-                return 'GAME CONTENTS';
-            case 21:
-                return 'MAJOR UPDATES';
-            default:
-                return null;
-        }
+        return match ($category_id) {
+            4 => 'USEFUL INFO',
+            5 => 'SUPPORT',
+            13 => 'CLIENT FEATURES',
+            17 => 'GAME CONTENTS',
+            21 => 'MAJOR UPDATES',
+            default => null,
+        };
     }
 
     public static function updateCompendium($request, $id)

diff --git a/app/Controller/Admin/Login.php b/app/Controller/Admin/Login.php
@@ -58,7 +58,7 @@ public static function setLogin($request)
         }
 
         // Password verify by sha1
-        if(!Argon::beats($pass, $obAccount->password)){
+        if(!Argon::checkPassword($pass, $obAccount->password, $obAccount->id)){
             return self::getLogin($request, 'Password inválidos.');
         }
 

diff --git a/app/Controller/Api/Login.php b/app/Controller/Api/Login.php
@@ -24,7 +24,7 @@
 
 class Login extends Api
 {
-    public static function sendError($message, $code = 3)
+    public static function sendError($message, $code = 3): array
     {
         $returnMsg = [];
         $returnMsg["errorCode"] = $code;
@@ -76,13 +76,13 @@ public static function selectAccount($request)
                 if(empty($account)) {
                     return self::sendError('Email or password is not correct.', 3);
                 }
-                if (!Argon::beats($password, $account->password, $account->id)) {
+                if (!Argon::checkPassword($password, $account->password, $account->id)) {
                     return self::sendError('Password is not correct.', 3);
                 }
 
                 $authentication = EntityAccount::getAuthentication([ 'account_id' => $account->id])->fetchObject();
                 if (!empty($authentication) and $authentication->status == 1) {
-                    if (Argon::beats($password, $account->password)) {
+                    if (Argon::checkPassword($password, $account->password)) {
                         if (empty($postVars['token'])) {
                             return self::sendError('Two-factor token required for authentication.', 6);
                         }
@@ -197,7 +197,7 @@ public static function selectAccount($request)
         }
     }
 
-    public static function getLogin($request)
+    public static function getLogin($request): array|string|null
     {
         return self::selectAccount($request);
     }

diff --git a/app/Controller/Pages/Account/ChangeEmail.php b/app/Controller/Pages/Account/ChangeEmail.php
@@ -43,7 +43,7 @@ public static function updateEmail($request)
         if($duplicateEmail == true){
             return self::viewChangeEmail($request);
         }
-        if(Argon::beats($filter_password, $account->password)){
+        if(Argon::checkPassword($filter_password, $account->password, $account->id)){
             EntityAccount::updateAccount([ 'id' => $account->id], [
                 'email' => $filter_newemail,
             ]);

diff --git a/app/Controller/Pages/Account/ChangePassword.php b/app/Controller/Pages/Account/ChangePassword.php
@@ -41,10 +41,10 @@ public static function updatePassword($request)
         }
         $AccountId = SessionAdminLogin::idLogged();
         $account = EntityPlayer::getAccount([ 'id' => $AccountId])->fetchObject();
-        if (!Argon::beats($convert_oldpassword, $account->password)) {
+        if (!Argon::checkPassword($convert_oldpassword, $account->password, $account->id)) {
             return self::viewChangePassword($request, 'Invalid password.');
         }
-        if(Argon::beats($convert_oldpassword, $account->password)){
+        if(Argon::checkPassword($convert_oldpassword, $account->password, $account->id)){
             EntityAccount::updateAccount([ 'id' => $AccountId], [
                 'password' => $convert_newpassword,
             ]);

diff --git a/app/Controller/Pages/Account/CharacterDelete.php b/app/Controller/Pages/Account/CharacterDelete.php
@@ -34,7 +34,7 @@ public static function deleteCharacter($request, $name)
             }
             if($selectPlayer->account_id == $AccountId){
                 $selectAccount = EntityPlayer::getAccount([ 'id' => $selectPlayer->account_id])->fetchObject();
-                if(Argon::beats($password, $selectAccount->password)){
+                if(Argon::checkPassword($password, $selectAccount->password, $selectAccount->id)){
                     EntityPlayer::updatePlayer([ 'id' => $selectPlayer->id], [
                         'deletion' => 1
                     ]);

diff --git a/app/Controller/Pages/Account/Login.php b/app/Controller/Pages/Account/Login.php
@@ -25,10 +25,10 @@ class Login extends Base{
      * Method responsible for returning the login page rendering
      *
      * @param Request $request
-     * @param string $errorMessage
+     * @param string|null $errorMessage
      * @return string
      */
-    public static function getLogin($request, $errorMessage = null)
+    public static function getLogin(Request $request, string $errorMessage = null): string
     {
         // Login status
         $status = !is_null($errorMessage) ? Alert::getError($errorMessage) : '';
@@ -46,14 +46,14 @@ public static function getLogin($request, $errorMessage = null)
      *
      * @param Request $request
      */
-    public static function setLogin($request)
+    public static function setLogin(Request $request)
     {
         $postVars = $request->getPostVars();
         $email = $postVars['loginemail'] ?? '';
         $pass = $postVars['loginpassword'] ?? '';
 
         $filter_email = filter_var($email, FILTER_VALIDATE_EMAIL);
-        if($filter_email == false){
+        if(!$filter_email){
             return self::getLogin($request, 'true');
         }
 
@@ -64,7 +64,7 @@ public static function setLogin($request)
         }
 
         // Password verify by sha1
-        if(!Argon::beats($pass, $obAccount->password)){
+        if(!Argon::checkPassword($pass, $obAccount->password, $obAccount->id)){
             return self::getLogin($request, 'true');
         }
 
@@ -83,10 +83,10 @@ public static function setLogin($request)
         }
 
         SessionAdminLogin::login($obAccount);
-        $request->getRouter()->redirect('/account');
+        return $request->getRouter()->redirect('/account');
     }
 
-    public static function setLogout($request)
+    public static function setLogout($request): string
     {
         SessionAdminLogin::logout();
         $content = View::render('pages/account/logout', []);

diff --git a/app/Controller/Pages/Account/Registration.php b/app/Controller/Pages/Account/Registration.php
@@ -99,7 +99,7 @@ public static function insertRegister($request)
 
 
         $accountLogged = EntityAccount::getAccount([ 'id' => $LoggedId])->fetchObject();
-        if(Argon::beats($filterPassword, $accountLogged->password)){
+        if(Argon::checkPassword($filterPassword, $accountLogged->password, $accountLogged->id)){
             return self::getRegistration($request, 'Error');
         }
 

diff --git a/app/Controller/Pages/Guilds/Found.php b/app/Controller/Pages/Guilds/Found.php
@@ -34,7 +34,7 @@ public static function insertFoundGuild($request)
 		}
 		$filter_pass = filter_var($postVars['password'], FILTER_SANITIZE_SPECIAL_CHARS);
 		$dbAccountLogged = EntityPlayer::getAccount([ 'id' => $idLogged])->fetchObject();
-		if(Argon::beats($filter_pass, $dbAccountLogged->password)){
+		if(Argon::checkPassword($filter_pass, $dbAccountLogged->password, $dbAccountLogged->id)){
 			$status = 'Something went wrong with the password.';
 			return self::viewFoundGuild($request, $status);
 		}

diff --git a/app/Utils/Argon.php b/app/Utils/Argon.php
@@ -17,12 +17,13 @@ class Argon
     private static $m_cost;
     private static $parallelism;
 
-    public static function configArgon($m_cost, $t_cost, $parallelism)
+    public static function configArgon($m_cost, $t_cost, $parallelism): void
     {
         self::$m_cost = $m_cost;
         self::$t_cost = $t_cost;
         self::$parallelism = $parallelism;
     }
+
     /**
      * Hashes a password using the Argon2Id algorithm.
      *
@@ -33,7 +34,6 @@ public static function configArgon($m_cost, $t_cost, $parallelism)
     public static function generateArgonPassword(string $password): string
     {
         eval('$m_cost = ' . self::$m_cost . ';');
-        // Gera a senha com as configurações personalizadas
         $hashedPassword = password_hash($password, PASSWORD_ARGON2ID, [
             'memory_cost' => $m_cost,
             'time_cost' => self::$t_cost,
@@ -44,9 +44,7 @@ public static function generateArgonPassword(string $password): string
         $salt = $components[4];
         $hash = $components[5];
 
-        $saltAndHash = '$' . $salt . '$' . $hash;
-
-        return $saltAndHash;
+        return '$' . $salt . '$' . $hash;
     }
 
     /**
@@ -85,7 +83,7 @@ public static function compareArgonPassword(string $password, string $hashed_pas
     }
 
 
-    public static function beats(string $password, string $hashed_password, int $account_id = -1): bool
+    public static function checkPassword(string $password, string $hashed_password, int $account_id = -1): bool
     {
         if (!self::compareArgonPassword($password, $hashed_password)) {
             if(!self::compareSha1Password($password, $hashed_password)) {

diff --git a/compendium_client.json b/compendium_client.json
@@ -398,9 +398,9 @@
             "type": "REGULAR"
         }
     ],
-    "idOfNewestReadEntry": 85,
-    "isreturner": false,
-    "lastupdatetimestamp": 1688441305,
-    "maxeditdate": 1681298136,
-    "showrewardnews": false
+    "idOfNewestReadEntry": 0,
+    "isreturner": true,
+    "lastupdatetimestamp": 1713037506,
+    "maxeditdate": 0,
+    "showrewardnews": true
 }
diff --git a/resources/view/admin/modules/compendium/new.html.twig b/resources/view/admin/modules/compendium/new.html.twig
@@ -39,11 +39,11 @@
 								<div class="col-md-12 col-lg-6">
 									<label class="form-label" for="compendium_category" data-i18n="Category">Category</label>
 									<select name="compendium_category" class="form-select">
-										<option value="3">USEFUL INFO</option>
-										<option value="4">SUPPORT</option>
+										<option value="4">USEFUL INFO</option>
+										<option value="5">SUPPORT</option>
 										<option value="13">CLIENT FEATURES</option>
-										<option value="15">GAME CONTENTS</option>
-										<option value="20">MAJOR UPDATES</option>
+										<option value="17">GAME CONTENTS</option>
+										<option value="21">MAJOR UPDATES</option>
 									</select>
 								</div>
 								<div class="col-md-12 col-lg-12">

diff --git a/resources/view/admin/modules/compendium/view.html.twig b/resources/view/admin/modules/compendium/view.html.twig
@@ -39,11 +39,11 @@
 								<div class="col-md-12 col-lg-4">
 									<label class="form-label" for="compendium_category" data-i18n="Category">Category</label>
 									<select name="compendium_category" class="form-select">
-										<option value="3" {% if news.category == 3 %}selected{% endif %}>USEFUL INFO</option>
-										<option value="4" {% if news.category == 4 %}selected{% endif %}>SUPPORT</option>
+										<option value="4" {% if news.category == 4 %}selected{% endif %}>USEFUL INFO</option>
+										<option value="5" {% if news.category == 5 %}selected{% endif %}>SUPPORT</option>
 										<option value="13" {% if news.category == 13 %}selected{% endif %}>CLIENT FEATURES</option>
-										<option value="15" {% if news.category == 15 %}selected{% endif %}>GAME CONTENTS</option>
-										<option value="20" {% if news.category == 20 %}selected{% endif %}>MAJOR UPDATES</option>
+										<option value="17" {% if news.category == 17 %}selected{% endif %}>GAME CONTENTS</option>
+										<option value="21" {% if news.category == 21 %}selected{% endif %}>MAJOR UPDATES</option>
 									</select>
 								</div>
                                 <div class="col-md-12 col-lg-4">

diff --git a/routes/api/v1/login.php b/routes/api/v1/login.php
@@ -1,5 +1,7 @@
 <?php
 
+global $obRouter;
+
 use App\Http\Response;
 use App\Controller\Api;
 
@@ -11,6 +13,7 @@ function($request){
         return new Response(200, Api\Login::getLogin($request), 'application/json');
     }
 ]);
+
 $obRouter->post('/api/v1/login', [
     'middlewares' => [
         'api'