kevinowino869/mitrobill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add Security settings

Browse Source
This commit is contained in:
iBNu Maksum 2024-11-04 12:05:17 +07:00
parent 8908f4bdc3
commit 27bd2590f2
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
3 changed files with 246 additions and 196 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
system/lan/indonesia.json
View File

@ -827,5 +827,21 @@
"Information": "Informasi",
"Export_and_Print_will_show_all_data_without_pagination": "Ekspor dan Cetak akan menampilkan semua data tanpa pagination",
"First_Name": "Nama depan",
"Last_Name": "Nama Belakang"
"Last_Name": "Nama Belakang",
"General": "Umum",
"Registration": "Pendaftaran",
"Allow_Registration": "Izinkan Registrasi",
"Voucher_Only": "Hanya Voucher",
"No_Registration": "Tidak Ada Registrasi",
"Registration_Username": "Nama Pengguna Registrasi",
"Customer_Registration_need_to_validate_using_OTP": "Registrasi Pelanggan perlu divalidasi menggunakan OTP",
"SMS_Notification": "Pemberitahuan SMS",
"Tax_Rates_by_percentage": "Tarif Pajak Berdasarkan Persentase",
"Settings_For_Mikrotik": "Pengaturan Untuk Mikrotik",
"Settings_For_Cron_Expired": "Pengaturan Untuk Cron Kedaluwarsa",
"Choose_one__above_or_below": "Pilih salah satu, di atas atau di bawah",
"Settings_For_Cron_Reminder": "Pengaturan Untuk Pengingat Cron",
"Security": "Keamanan",
"Enable_CSRF_Validation": "Aktifkan Validasi CSRF",
"Cross_site_request_forgery": "Pemalsuan permintaan lintas situs"
}

62
ui/ui/app-miscellaneous.tpl
View File

@ -11,52 +11,13 @@
class="glyphicon glyphicon-floppy-disk" aria-hidden="true"></span></button>
</div>
{Lang::T('Miscellaneous')}
</div>
<div class="panel-body">
<div class="form-group">
<label class="col-md-3 control-label">{Lang::T('Enable Session Timeout')}</label>
<div class="col-md-5">
<label class="switch">
<input type="checkbox" id="enable_session_timeout" value="1"
name="enable_session_timeout" {if $_c['enable_session_timeout']==1}checked{/if}>
<span class="slider"></span>
</label>
</div>
<p class="help-block col-md-4">
{Lang::T('Logout Admin if not Available/Online a period of time')}</p>
</div>
<div class="form-group" id="timeout_duration_input" style="display: none;">
<label class="col-md-3 control-label">{Lang::T('Timeout Duration')}</label>
<div class="col-md-5">
<input type="number" value="{$_c['session_timeout_duration']}" class="form-control"
name="session_timeout_duration" id="session_timeout_duration"
placeholder="{Lang::T('Enter the session timeout duration (minutes)')}" min="1">
</div>
<p class="help-block col-md-4">{Lang::T('Idle Timeout, Logout Admin if Idle for xx
minutes')}
</p>
</div>
<div class="form-group">
<label class="col-md-3 control-label">{Lang::T('Single session Admin')}</label>
<div class="col-md-5">
<select name="single_session" id="single_session" class="form-control">
<option value="no">
{Lang::T('No')}</option>
<option value="yes" {if $_c['single_session']=='yes' }selected="selected" {/if}>
{Lang::T('Yes')}
</option>
</select>
</div>
<p class="help-block col-md-4">
{Lang::T('Admin can only have single session login, it will logout another session')}
</p>
</div>
<div class="form-group">
<label class="col-md-3 control-label">{Lang::T('New Version Notification')}</label>
<div class="col-md-5">
<select name="new_version_notify" id="new_version_notify" class="form-control">
<option value="enable" {if $_c['new_version_notify']=='enable' }selected="selected"
{/if}>{Lang::T('Enabled')}
<option value="enable" {if $_c['new_version_notify']=='enable' }selected="selected" {/if}>
{Lang::T('Enabled')}
</option>
<option value="disable" {if $_c['new_version_notify']=='disable'
}selected="selected" {/if}>{Lang::T('Disabled')}
@ -105,8 +66,8 @@
<select name="phone_otp_type" id="phone_otp_type" class="form-control">
<option value="sms" {if $_c['phone_otp_type']=='sms' }selected="selected" {/if}>
{Lang::T('By SMS')}
<option value="whatsapp" {if $_c['phone_otp_type']=='whatsapp' }selected="selected"
{/if}> {Lang::T('by WhatsApp')}
<option value="whatsapp" {if $_c['phone_otp_type']=='whatsapp' }selected="selected" {/if}>
{Lang::T('by WhatsApp')}
<option value="both" {if $_c['phone_otp_type']=='both' }selected="selected" {/if}>
{Lang::T('By WhatsApp and SMS')}
</option>
@ -136,8 +97,7 @@
<select name="show_bandwidth_plan" id="show_bandwidth_plan" class="form-control">
<option value="no" {if $_c['show_bandwidth_plan']=='no' }selected="selected" {/if}>
{Lang::T('No')}</option>
<option value="yes" {if $_c['show_bandwidth_plan']=='yes' }selected="selected"
{/if}>
<option value="yes" {if $_c['show_bandwidth_plan']=='yes' }selected="selected" {/if}>
{Lang::T('Yes')}</option>
</select>
</div>
@ -170,8 +130,7 @@
<option value="no">
{Lang::T('No')}
</option>
<option value="yes" {if $_c['check_customer_online']=='yes' }selected="selected"
{/if}>
<option value="yes" {if $_c['check_customer_online']=='yes' }selected="selected" {/if}>
{Lang::T('Yes')}
</option>
</select>
@ -187,8 +146,7 @@
<option value="no">
{Lang::T('No')}
</option>
<option value="yes" {if $_c['allow_balance_custom']=='yes' }selected="selected"
{/if}>
<option value="yes" {if $_c['allow_balance_custom']=='yes' }selected="selected" {/if}>
{Lang::T('Yes')}
</option>
</select>
@ -214,7 +172,7 @@
<script>
document.addEventListener('DOMContentLoaded', function () {
document.addEventListener('DOMContentLoaded', function() {
var sectionTimeoutCheckbox = document.getElementById('enable_session_timeout');
var timeoutDurationInput = document.getElementById('timeout_duration_input');
var timeoutDurationField = document.getElementById('session_timeout_duration');
@ -224,7 +182,7 @@
timeoutDurationField.required = true;
}
sectionTimeoutCheckbox.addEventListener('change', function () {
sectionTimeoutCheckbox.addEventListener('change', function() {
if (this.checked) {
timeoutDurationInput.style.display = 'block';
timeoutDurationField.required = true;
@ -234,7 +192,7 @@
}
});
document.querySelector('form').addEventListener('submit', function (event) {
document.querySelector('form').addEventListener('submit', function(event) {
if (sectionTimeoutCheckbox.checked && (!timeoutDurationField.value || isNaN(
timeoutDurationField.value))) {
event.preventDefault();

76
ui/ui/app-settings.tpl
View File

@ -258,6 +258,82 @@
</div>
</form>
<form class="form-horizontal" method="post" role="form" action="{$_url}settings/app-post" enctype="multipart/form-data">
<input type="hidden" name="csrf_token" value="{$csrf_token}">
<div class="panel">
<div class="panel-heading" role="tab" id="Security">
<h4 class="panel-title">
<a class="collapsed" role="button" data-toggle="collapse" data-parent="#accordion"
href="#collapseSecurity" aria-expanded="false" aria-controls="collapseSecurity">
{Lang::T('Security')}
</a>
</h4>
</div>
<div id="collapseSecurity" class="panel-collapse collapse" role="tabpanel">
<div class="panel-body">
<div class="form-group">
<label class="col-md-3 control-label">{Lang::T('Enable Session Timeout')}</label>
<div class="col-md-5">
<label class="switch">
<input type="checkbox" id="enable_session_timeout" value="1"
name="enable_session_timeout" {if $_c['enable_session_timeout']==1}checked{/if}>
<span class="slider"></span>
</label>
</div>
<p class="help-block col-md-4">
{Lang::T('Logout Admin if not Available/Online a period of time')}</p>
</div>
<div class="form-group" id="timeout_duration_input" style="display: none;">
<label class="col-md-3 control-label">{Lang::T('Timeout Duration')}</label>
<div class="col-md-5">
<input type="number" value="{$_c['session_timeout_duration']}" class="form-control"
name="session_timeout_duration" id="session_timeout_duration"
placeholder="{Lang::T('Enter the session timeout duration (minutes)')}" min="1">
</div>
<p class="help-block col-md-4">{Lang::T('Idle Timeout, Logout Admin if Idle for xx
minutes')}
</p>
</div>
<div class="form-group">
<label class="col-md-3 control-label">{Lang::T('Single session Admin')}</label>
<div class="col-md-5">
<select name="single_session" id="single_session" class="form-control">
<option value="no">
{Lang::T('No')}</option>
<option value="yes" {if $_c['single_session']=='yes' }selected="selected" {/if}>
{Lang::T('Yes')}
</option>
</select>
</div>
<p class="help-block col-md-4">
{Lang::T('Admin can only have single session login, it will logout another session')}
</p>
</div>
<div class="form-group">
<label class="col-md-3 control-label">{Lang::T('Enable CSRF Validation')}</label>
<div class="col-md-5">
<select name="csrf_enabled" id="csrf_enabled" class="form-control">
<option value="no">
{Lang::T('No')}</option>
<option value="yes" {if $_c['csrf_enabled']=='yes' }selected="selected" {/if}>
{Lang::T('Yes')}
</option>
</select>
</div>
<p class="help-block col-md-4">
<a href="https://en.wikipedia.org/wiki/Cross-site_request_forgery" target="_blank">{Lang::T('Cross-site request forgery')}</a>
</p>
</div>
<button class="btn btn-success btn-block" type="submit">
{Lang::T('Save Changes')}
</button>
</div>
</div>
</div>
</form>
<form class="form-horizontal" method="post" role="form" action="{$_url}settings/app-post" enctype="multipart/form-data">
<input type="hidden" name="csrf_token" value="{$csrf_token}">
<div class="panel">