Translation support updates + csrf correction

2026-01-13 05:00:06 -06:00 · 2021-05-31 09:48:54 +02:00
parent bba1d930a4
commit 345feb910d
3 changed files with 9 additions and 5 deletions
--- a/login.php
+++ b/login.php
@@ -1,10 +1,14 @@
 <?php
 $docroot = $docroot ?? $_SERVER['DOCUMENT_ROOT'] ?: '/usr/local/emhttp';
 require_once "$docroot/webGui/include/Helpers.php";
-require_once "$docroot/webGui/include/Translations.php";
 $var = parse_ini_file('state/var.ini');
 $error = '';

+// Translation support
+extract(parse_plugin_cfg('dynamix',true));
+$_SESSION['locale'] = $display['locale'];
+require_once "$docroot/webGui/include/Translations.php";
+
 if ($_SERVER['REQUEST_URI'] == '/logout') {
    // User Logout
    if (isset($_COOKIE[session_name()])) {
--- a/plugins/dynamix/include/local_prepend.php
+++ b/plugins/dynamix/include/local_prepend.php
@@ -27,7 +27,7 @@ ini_set("session.use_strict_mode", "1");
 ini_set("session.cookie_samesite", $secure?'Strict':'Lax');
 session_name("unraid_".md5(strstr($_SERVER['HTTP_HOST'].':', ':', true)));
 session_set_cookie_params(0, '/', null, $secure, true);
-if ($_SERVER['SCRIPT_NAME'] != '/login.php' && $_SERVER['SCRIPT_NAME'] != '/auth_request.php' && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
+if ($_SERVER['SCRIPT_NAME'] != '/login.php' && $_SERVER['SCRIPT_NAME'] != '/auth-request.php' && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
    if (!isset($var)) $var = parse_ini_file('state/var.ini');
    if (!isset($var['csrf_token'])) csrf_terminate("uninitialized");
    if (!isset($_POST['csrf_token'])) csrf_terminate("missing");
--- a/plugins/dynamix/include/set-password.php
+++ b/plugins/dynamix/include/set-password.php
@@ -55,7 +55,7 @@ $THEME_DARK = in_array($display['theme'],['black','gray']);
    <meta name="robots" content="noindex, nofollow">
    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
    <meta name="referrer" content="same-origin">
-    <title><?=$var['NAME']?>/<? _('SetPassword') ?></title>
+    <title><?=$var['NAME']?>/SetPassword</title>
    <link rel="icon" href="webGui/images/animated-logo.svg" sizes="any" type="image/svg+xml">
    <style>
    /************************
@@ -343,8 +343,8 @@ $THEME_DARK = in_array($display['theme'],['black','gray']);
                <p>Please set a password for the root user account.  Maximum length is 128 characters.</p>
            </header>
            <noscript>
-                <p class="error"><?= _('The Unraid OS webgui requires JavaScript. Please enable it.') ?></p>
-                <p class="error"><?= _('Please also ensure you have cookies enabled.') ?></p>
+                <p class="error"><?= _('The Unraid OS webgui requires JavaScript').'. '._('Please enable it').'.' ?></p>
+                <p class="error"><?= _('Please also ensure you have cookies enabled').'.' ?></p>
            </noscript>
            <form action="/login" method="POST" class="js-validate w-full flex flex-col">
                <label for="password"><?= _('Username') ?></label>