Merge branch '3.2' into 'main'

thorsten · thorsten · commit aca0663d2be0 · 2024-01-23T19:08:34.000+01:00
diff --git a/phpmyfaq/admin/category.edit.php b/phpmyfaq/admin/category.edit.php
@@ -209,7 +209,7 @@ class="form-check-input" <?= ($allUsers ? 'checked' : '') ?>>
                           </label>
                       </div>
                       <select name="restricted_users" id="restricted_users" class="form-select">
-                          <?= $userHelper->getAllUserOptions($userPermission[0]) ?>
+                          <?= $userHelper->getAllUserOptions($categoryData->getUserId()) ?>
                       </select>
                   </div>
               </div>
diff --git a/phpmyfaq/index.php b/phpmyfaq/index.php
@@ -144,7 +144,7 @@
 //
 // Validating token from 2FA if given; else: returns error message
 //
-if ($token !== '' && $userid !== '') {
+if ($token !== '' && !is_null($userid)) {
     if (strlen((string) $token) === 6 && is_numeric((string) $token)) {
         $user = new CurrentUser($faqConfig);
         $user->getUserById($userid);
@@ -185,7 +185,7 @@
 
 if (isset($userAuth)) {
     if ($userAuth instanceof UserAuthentication) {
-        if ($userAuth->hasTwoFactorAuthentication() === true) {
+        if ($userAuth->hasTwoFactorAuthentication()) {
             $action = 'twofactor';
         }
     }
diff --git a/phpmyfaq/src/phpMyFAQ/Category.php b/phpmyfaq/src/phpMyFAQ/Category.php
@@ -145,7 +145,7 @@ public function getGroups(): array
      *
      * @param bool $withPermission With or without permission check
      */
-    public function getOrderedCategories(bool $withPermission = true): array
+    public function getOrderedCategories(bool $withPermission = true, bool $withInactive = false): array
     {
         $categories = [];
         $where = '';
@@ -157,11 +157,11 @@ public function getOrderedCategories(bool $withPermission = true): array
                     ( fg.group_id IN (%s)
                 OR
                     (fu.user_id = %d AND fg.group_id IN (%s)))
-                AND
-                    fc.active = 1',
+                %s',
                 implode(', ', $this->groups),
                 $this->user,
-                implode(', ', $this->groups)
+                implode(', ', $this->groups),
+                $withInactive ? '' : 'AND fc.active = 1'
             );
         }
 
@@ -1180,6 +1180,7 @@ public function getMissingCategories(): void
             $query .= " WHERE lang != '" . $this->language . "'";
         }
         $query .= ' ORDER BY id';
+
         $result = $this->config->getDb()->query($query);
         while ($row = $this->config->getDb()->fetchArray($result)) {
             if (!array_key_exists($row['id'], $this->categoryName)) {
diff --git a/phpmyfaq/src/phpMyFAQ/User/CurrentUser.php b/phpmyfaq/src/phpMyFAQ/User/CurrentUser.php
@@ -186,7 +186,7 @@ public function login(string $login, string $password): bool
             $this->getUserByLogin($login);
 
             // only save this successful login to session when 2FA is not enabled
-            if ($this->getUserData('twofactor_enabled') !== 1) {
+            if ((int)$this->getUserData('twofactor_enabled') !== 1) {
                 $this->setLoggedIn(true);
                 $this->updateSessionId(true);
                 $this->saveToSession();
@@ -210,7 +210,7 @@ public function login(string $login, string $password): bool
             }
 
             // Login successful if 2FA is not enabled
-            if ($this->getUserData('twofactor_enabled') !== 1) {
+            if ((int)$this->getUserData('twofactor_enabled') !== 1) {
                 $this->setSuccess(true);
             }
 
diff --git a/phpmyfaq/src/phpMyFAQ/User/TwoFactor.php b/phpmyfaq/src/phpMyFAQ/User/TwoFactor.php
@@ -93,10 +93,12 @@ public function validateToken(string $token, int $userid): bool
 
     /**
      * Returns a QR-Code to a given secret for transmitting the secret to the Authenticator-App
+     *
+     * @throws TwoFactorAuthException
      */
     public function getQrCode(string $secret): string
     {
-        $user = CurrentUser::getFromSession($this->config);
+        $user = CurrentUser::getCurrentUser($this->config);
         $label = $this->config->getTitle() . ':' . $user->getUserData('email');
         $qrCodeText = $this->twoFactorAuth->getQrText($label, $secret) . '&image=' . $this->config->getDefaultUrl() .
         'assets/themes/' . Template::getTplSetName() . '/img/logo.png';
diff --git a/phpmyfaq/src/phpMyFAQ/User/UserAuthentication.php b/phpmyfaq/src/phpMyFAQ/User/UserAuthentication.php
@@ -87,7 +87,7 @@ public function authenticate(string $username, string $password): CurrentUser
 
         // Local
         if ($this->user->login($username, $password)) {
-            if ($this->user->getUserData('twofactor_enabled') == 1) {
+            if ($this->user->getUserData('twofactor_enabled')) {
                 $this->setTwoFactorAuthentication(true);
                 $this->user->setLoggedIn(false);
             } else {

Original file line number	Diff line number	Diff line change
`@@ -186,7 +186,7 @@ public function login(string $login, string $password): bool`
`186`	`186`	`$this->getUserByLogin($login);`
`187`	`187`
`188`	`188`	`// only save this successful login to session when 2FA is not enabled`
`189`		`- if ($this->getUserData('twofactor_enabled') !== 1) {`
	`189`	`+ if ((int)$this->getUserData('twofactor_enabled') !== 1) {`
`190`	`190`	`$this->setLoggedIn(true);`
`191`	`191`	`$this->updateSessionId(true);`
`192`	`192`	`$this->saveToSession();`
`@@ -210,7 +210,7 @@ public function login(string $login, string $password): bool`
`210`	`210`	`}`
`211`	`211`
`212`	`212`	`// Login successful if 2FA is not enabled`
`213`		`- if ($this->getUserData('twofactor_enabled') !== 1) {`
	`213`	`+ if ((int)$this->getUserData('twofactor_enabled') !== 1) {`
`214`	`214`	`$this->setSuccess(true);`
`215`	`215`	`}`
`216`	`216`