From b8057a7a12e8c442c5f3488763336c78111203fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Denis=20Duli=C3=A7i?= Date: Fri, 14 May 2021 18:29:24 +0300 Subject: [PATCH] several fixes --- app/Http/Controllers/Settings/Settings.php | 8 +- app/Http/Kernel.php | 2 +- app/Http/Middleware/Money.php | 8 ++ app/Http/Requests/Auth/User.php | 4 +- app/Http/Requests/Banking/Transaction.php | 2 +- app/Http/Requests/Common/Company.php | 4 +- app/Http/Requests/Common/Contact.php | 6 ++ app/Http/Requests/Common/Item.php | 8 +- app/Http/Requests/Document/Document.php | 13 ++- app/Http/Requests/Setting/Setting.php | 2 +- app/Http/Requests/Wizard/Company.php | 2 +- app/Jobs/Auth/CreateUser.php | 10 ++- app/Jobs/Auth/UpdateUser.php | 10 ++- app/Listeners/Update/V21/Version2112.php | 14 +++- app/Providers/Validation.php | 4 + app/Traits/Uploads.php | 32 +------- composer.lock | 93 +++++++++++++++++----- config/firewall.php | 2 +- resources/assets/js/views/common/items.js | 16 +++- 19 files changed, 165 insertions(+), 75 deletions(-) diff --git a/app/Http/Controllers/Settings/Settings.php b/app/Http/Controllers/Settings/Settings.php index 5fdf4cb09..bc8bbc49d 100644 --- a/app/Http/Controllers/Settings/Settings.php +++ b/app/Http/Controllers/Settings/Settings.php @@ -113,6 +113,10 @@ class Settings extends Controller } if ($real_key == 'default.locale') { + if (!in_array($value, config('language.allowed'))) { + continue; + } + user()->setAttribute('locale', $value)->save(); } @@ -156,10 +160,10 @@ class Settings extends Controller Installer::updateEnv(['MAIL_FROM_NAME' => '"' . $value . '"']); break; case 'company.email': - Installer::updateEnv(['MAIL_FROM_ADDRESS' => $value]); + Installer::updateEnv(['MAIL_FROM_ADDRESS' => '"' . $value . '"']); break; case 'default.locale': - Installer::updateEnv(['APP_LOCALE' => $value]); + Installer::updateEnv(['APP_LOCALE' => '"' . $value . '"']); break; case 'schedule.time': Installer::updateEnv(['APP_SCHEDULE_TIME' => '"' . $value . '"']); diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 7d46349f9..4e1bf2fe0 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -14,7 +14,7 @@ class Kernel extends HttpKernel * @var array */ protected $middleware = [ - // \App\Http\Middleware\TrustHosts::class, + \App\Http\Middleware\TrustHosts::class, \App\Http\Middleware\TrustProxies::class, \Fruitcake\Cors\HandleCors::class, \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, diff --git a/app/Http/Middleware/Money.php b/app/Http/Middleware/Money.php index 5b8549897..02411b933 100644 --- a/app/Http/Middleware/Money.php +++ b/app/Http/Middleware/Money.php @@ -43,6 +43,10 @@ class Money $money_format = $request->get($parameter); + if (!preg_match("/^(?=.*?[0-9])[0-9.,]+$/", $money_format)) { + continue; + } + if ($parameter == 'sale_price' || $parameter == 'purchase_price') { $money_format = Str::replaceFirst(',', '.', $money_format); } @@ -62,6 +66,10 @@ class Money continue; } + if (!preg_match("/^(?=.*?[0-9])[0-9.,]+$/", $item['price'])) { + continue; + } + $amount = $item['price']; if (strpos($item['price'], config('money.' . $currency_code . '.symbol')) !== false) { diff --git a/app/Http/Requests/Auth/User.php b/app/Http/Requests/Auth/User.php index 89c734f49..6ab6ffd81 100644 --- a/app/Http/Requests/Auth/User.php +++ b/app/Http/Requests/Auth/User.php @@ -26,8 +26,8 @@ class User extends FormRequest { $picture = 'nullable'; - if ($this->request->get('picture', null)) { - $picture = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024; + if ($this->files->get('picture')) { + $picture = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024 . '|dimensions:max_width=1000,max_height=1000'; } $email = 'required|email'; diff --git a/app/Http/Requests/Banking/Transaction.php b/app/Http/Requests/Banking/Transaction.php index e3b347c8e..f7790f558 100644 --- a/app/Http/Requests/Banking/Transaction.php +++ b/app/Http/Requests/Banking/Transaction.php @@ -26,7 +26,7 @@ class Transaction extends FormRequest { $attachment = 'nullable'; - if ($this->request->get('attachment', null)) { + if ($this->files->get('attachment')) { $attachment = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024; } diff --git a/app/Http/Requests/Common/Company.php b/app/Http/Requests/Common/Company.php index 61a5f65e6..bebcc081e 100644 --- a/app/Http/Requests/Common/Company.php +++ b/app/Http/Requests/Common/Company.php @@ -25,8 +25,8 @@ class Company extends FormRequest { $logo = 'nullable'; - if ($this->request->get('logo', null)) { - $logo = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024; + if ($this->files->get('logo')) { + $logo = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024 . '|dimensions:max_width=1000,max_height=1000'; } return [ diff --git a/app/Http/Requests/Common/Contact.php b/app/Http/Requests/Common/Contact.php index c1cd8cb60..e5607b5c8 100644 --- a/app/Http/Requests/Common/Contact.php +++ b/app/Http/Requests/Common/Contact.php @@ -25,6 +25,7 @@ class Contact extends FormRequest { $email = ''; $required = ''; + $logo = 'nullable'; $type = $this->request->get('type', 'customer'); $company_id = $this->request->get('company_id'); @@ -54,6 +55,10 @@ class Contact extends FormRequest } } + if ($this->files->get('logo')) { + $logo = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024 . '|dimensions:max_width=1000,max_height=1000'; + } + return [ 'type' => 'required|string', 'name' => 'required|string', @@ -62,6 +67,7 @@ class Contact extends FormRequest 'currency_code' => 'required|string|currency', 'password' => $required . 'confirmed', 'enabled' => 'integer|boolean', + 'logo' => $logo, ]; } } diff --git a/app/Http/Requests/Common/Item.php b/app/Http/Requests/Common/Item.php index b5a55fd41..06af9bb17 100644 --- a/app/Http/Requests/Common/Item.php +++ b/app/Http/Requests/Common/Item.php @@ -25,14 +25,14 @@ class Item extends FormRequest { $picture = 'nullable'; - if ($this->request->get('picture', null)) { - $picture = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024; + if ($this->files->get('picture')) { + $picture = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024 . '|dimensions:max_width=1000,max_height=1000'; } return [ 'name' => 'required|string', - 'sale_price' => 'required', - 'purchase_price' => 'required', + 'sale_price' => 'required|regex:/^(?=.*?[0-9])[0-9.,]+$/', + 'purchase_price' => 'required|regex:/^(?=.*?[0-9])[0-9.,]+$/', 'tax_ids' => 'nullable|array', 'category_id' => 'nullable|integer', 'enabled' => 'integer|boolean', diff --git a/app/Http/Requests/Document/Document.php b/app/Http/Requests/Document/Document.php index d6336dc16..da79a7771 100644 --- a/app/Http/Requests/Document/Document.php +++ b/app/Http/Requests/Document/Document.php @@ -26,6 +26,9 @@ class Document extends FormRequest */ public function rules() { + $company_logo = 'nullable'; + $attachment = 'nullable'; + $type = $this->request->get('type', Model::INVOICE_TYPE); $type = config('type.' . $type . '.route.parameter'); @@ -39,15 +42,11 @@ class Document extends FormRequest $id = null; } - $company_logo = 'nullable'; - - if ($this->request->get('company_logo', null)) { - $company_logo = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024; + if ($this->files->get('company_logo')) { + $company_logo = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024 . '|dimensions:max_width=1000,max_height=1000'; } - $attachment = 'nullable'; - - if ($this->request->get('attachment', null)) { + if ($this->files->get('attachment')) { $attachment = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024; } diff --git a/app/Http/Requests/Setting/Setting.php b/app/Http/Requests/Setting/Setting.php index ce8cbd1da..1a30ce246 100644 --- a/app/Http/Requests/Setting/Setting.php +++ b/app/Http/Requests/Setting/Setting.php @@ -30,7 +30,7 @@ class Setting extends FormRequest if ($this->request->get('_prefix', null) == 'company') { $name = 'required|string'; $email = 'required|email'; - $logo = 'mimes:' . config('filesystems.mimes', 'pdf,jpeg,jpg,png'); + $logo = 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024 . '|dimensions:max_width=1000,max_height=1000'; } return [ diff --git a/app/Http/Requests/Wizard/Company.php b/app/Http/Requests/Wizard/Company.php index 6029f324d..ce7853018 100644 --- a/app/Http/Requests/Wizard/Company.php +++ b/app/Http/Requests/Wizard/Company.php @@ -39,7 +39,7 @@ class Company extends FormRequest public function rules() { $rules = [ - 'company_logo' => 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024, + 'company_logo' => 'mimes:' . config('filesystems.mimes') . '|between:0,' . config('filesystems.max_size') * 1024 . '|dimensions:max_width=1000,max_height=1000', ]; if (!setting('apps.api_key', false) && !empty($this->request->get('api_key'))) { diff --git a/app/Jobs/Auth/CreateUser.php b/app/Jobs/Auth/CreateUser.php index a9149b053..7a43a6424 100644 --- a/app/Jobs/Auth/CreateUser.php +++ b/app/Jobs/Auth/CreateUser.php @@ -52,7 +52,15 @@ class CreateUser extends Job } if ($this->request->has('companies')) { - $this->user->companies()->attach($this->request->get('companies')); + $user = user(); + + $companies = $user->withoutEvents(function () use ($user) { + return $user->companies()->whereIn('id', $this->request->get('companies'))->pluck('id'); + }); + + if ($companies->isNotEmpty()) { + $this->user->companies()->attach($companies->toArray()); + } } if (empty($this->user->companies)) { diff --git a/app/Jobs/Auth/UpdateUser.php b/app/Jobs/Auth/UpdateUser.php index 9120a6d98..4b1123ff3 100644 --- a/app/Jobs/Auth/UpdateUser.php +++ b/app/Jobs/Auth/UpdateUser.php @@ -53,7 +53,15 @@ class UpdateUser extends Job } if ($this->request->has('companies')) { - $this->user->companies()->sync($this->request->get('companies')); + $user = user(); + + $companies = $user->withoutEvents(function () use ($user) { + return $user->companies()->whereIn('id', $this->request->get('companies'))->pluck('id'); + }); + + if ($companies->isNotEmpty()) { + $this->user->companies()->sync($companies->toArray()); + } } if ($this->user->contact) { diff --git a/app/Listeners/Update/V21/Version2112.php b/app/Listeners/Update/V21/Version2112.php index feac2ff73..32f5c6f18 100644 --- a/app/Listeners/Update/V21/Version2112.php +++ b/app/Listeners/Update/V21/Version2112.php @@ -8,6 +8,7 @@ use App\Models\Common\Company; use App\Models\Common\Media; use App\Utilities\Date; use Illuminate\Support\Facades\Artisan; +use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\File; use Illuminate\Support\Facades\Storage; @@ -29,11 +30,22 @@ class Version2112 extends Listener return; } - Artisan::call('migrate', ['--force' => true]); + $this->updateDatabase(); $this->updateCompanies(); } + public function updateDatabase() + { + DB::table('migrations')->insert([ + 'id' => DB::table('migrations')->max('id') + 1, + 'migration' => '2016_06_27_000001_create_mediable_test_tables', + 'batch' => DB::table('migrations')->max('batch') + 1, + ]); + + Artisan::call('migrate', ['--force' => true]); + } + public function updateCompanies() { $companies = Company::withTrashed()->cursor(); diff --git a/app/Providers/Validation.php b/app/Providers/Validation.php index 346c722e1..0e8ac6a64 100644 --- a/app/Providers/Validation.php +++ b/app/Providers/Validation.php @@ -46,6 +46,10 @@ class Validation extends Provider $status = true; } + if (!preg_match("/^(?=.*?[0-9])[0-9.,]+$/", $value)) { + $status = false; + } + $amount = $value; return $status; diff --git a/app/Traits/Uploads.php b/app/Traits/Uploads.php index 351fb1c2c..b29659ce5 100644 --- a/app/Traits/Uploads.php +++ b/app/Traits/Uploads.php @@ -112,44 +112,20 @@ trait Uploads return Storage::path($path); } - public function streamMedia($media, $path = '', $action = '') - { - if ($this->isLocalStorage()) { - if (empty($path)) { - $path = $this->getMediaPathOnStorage($media); - } - - if (empty($action)) { - $action = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2)[1]['function']; - } - - return $this->streamLocalMedia($path, $action); - } - - return $this->streamRemoteMedia($media); - } - - public function streamLocalMedia($path, $action) - { - $function = ($action == 'get') ? 'file' : $action; - - return response()->$function($path); - } - - public function streamRemoteMedia($media) + public function streamMedia($media, $path = '') { return response()->streamDownload( function() use ($media) { $stream = $media->stream(); - while($bytes = $stream->read(1024)) { + while ($bytes = $stream->read(1024)) { echo $bytes; } }, $media->basename, [ - 'Content-Type' => $media->mime_type, - 'Content-Length' => $media->size, + 'Content-Type' => $media->mime_type, + 'Content-Length' => $media->size, ], ); } diff --git a/composer.lock b/composer.lock index 31299dac0..1e210759b 100644 --- a/composer.lock +++ b/composer.lock @@ -8,16 +8,16 @@ "packages": [ { "name": "akaunting/laravel-firewall", - "version": "1.3.0", + "version": "1.3.1", "source": { "type": "git", "url": "https://github.com/akaunting/laravel-firewall.git", - "reference": "5803f8166b98491feafb2367c8232361e800fea9" + "reference": "3c60543441f898b23326b50c70db2164df69f019" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/akaunting/laravel-firewall/zipball/5803f8166b98491feafb2367c8232361e800fea9", - "reference": "5803f8166b98491feafb2367c8232361e800fea9", + "url": "https://api.github.com/repos/akaunting/laravel-firewall/zipball/3c60543441f898b23326b50c70db2164df69f019", + "reference": "3c60543441f898b23326b50c70db2164df69f019", "shasum": "" }, "require": { @@ -69,9 +69,9 @@ ], "support": { "issues": "https://github.com/akaunting/laravel-firewall/issues", - "source": "https://github.com/akaunting/laravel-firewall/tree/1.3.0" + "source": "https://github.com/akaunting/laravel-firewall/tree/1.3.1" }, - "time": "2021-04-17T08:14:42+00:00" + "time": "2021-05-14T08:45:14+00:00" }, { "name": "akaunting/laravel-language", @@ -765,16 +765,16 @@ }, { "name": "barryvdh/laravel-debugbar", - "version": "v3.5.5", + "version": "v3.5.7", "source": { "type": "git", "url": "https://github.com/barryvdh/laravel-debugbar.git", - "reference": "6420113d90bb746423fa70b9940e9e7c26ebc121" + "reference": "88fd9cfa144b06b2549e9d487fdaec68265e791e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/barryvdh/laravel-debugbar/zipball/6420113d90bb746423fa70b9940e9e7c26ebc121", - "reference": "6420113d90bb746423fa70b9940e9e7c26ebc121", + "url": "https://api.github.com/repos/barryvdh/laravel-debugbar/zipball/88fd9cfa144b06b2549e9d487fdaec68265e791e", + "reference": "88fd9cfa144b06b2549e9d487fdaec68265e791e", "shasum": "" }, "require": { @@ -834,7 +834,7 @@ ], "support": { "issues": "https://github.com/barryvdh/laravel-debugbar/issues", - "source": "https://github.com/barryvdh/laravel-debugbar/tree/v3.5.5" + "source": "https://github.com/barryvdh/laravel-debugbar/tree/v3.5.7" }, "funding": [ { @@ -842,7 +842,7 @@ "type": "github" } ], - "time": "2021-04-07T11:19:20+00:00" + "time": "2021-05-13T20:18:35+00:00" }, { "name": "barryvdh/laravel-dompdf", @@ -1981,28 +1981,30 @@ }, { "name": "doctrine/annotations", - "version": "1.12.1", + "version": "1.13.0", "source": { "type": "git", "url": "https://github.com/doctrine/annotations.git", - "reference": "b17c5014ef81d212ac539f07a1001832df1b6d3b" + "reference": "03cb2123a67d4be806554fe670d0adc298199808" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/doctrine/annotations/zipball/b17c5014ef81d212ac539f07a1001832df1b6d3b", - "reference": "b17c5014ef81d212ac539f07a1001832df1b6d3b", + "url": "https://api.github.com/repos/doctrine/annotations/zipball/03cb2123a67d4be806554fe670d0adc298199808", + "reference": "03cb2123a67d4be806554fe670d0adc298199808", "shasum": "" }, "require": { "doctrine/lexer": "1.*", "ext-tokenizer": "*", - "php": "^7.1 || ^8.0" + "php": "^7.1 || ^8.0", + "psr/cache": "^1 || ^2 || ^3" }, "require-dev": { - "doctrine/cache": "1.*", + "doctrine/cache": "^1.11 || ^2.0", "doctrine/coding-standard": "^6.0 || ^8.1", "phpstan/phpstan": "^0.12.20", - "phpunit/phpunit": "^7.5 || ^9.1.5" + "phpunit/phpunit": "^7.5 || ^9.1.5", + "symfony/cache": "^4.4 || ^5.2" }, "type": "library", "autoload": { @@ -2045,9 +2047,9 @@ ], "support": { "issues": "https://github.com/doctrine/annotations/issues", - "source": "https://github.com/doctrine/annotations/tree/1.12.1" + "source": "https://github.com/doctrine/annotations/tree/1.13.0" }, - "time": "2021-02-21T21:00:45+00:00" + "time": "2021-04-29T07:39:39+00:00" }, { "name": "doctrine/cache", @@ -8436,6 +8438,55 @@ }, "time": "2021-04-30T02:05:55+00:00" }, + { + "name": "psr/cache", + "version": "1.0.1", + "source": { + "type": "git", + "url": "https://github.com/php-fig/cache.git", + "reference": "d11b50ad223250cf17b86e38383413f5a6764bf8" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/cache/zipball/d11b50ad223250cf17b86e38383413f5a6764bf8", + "reference": "d11b50ad223250cf17b86e38383413f5a6764bf8", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Cache\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "http://www.php-fig.org/" + } + ], + "description": "Common interface for caching libraries", + "keywords": [ + "cache", + "psr", + "psr-6" + ], + "support": { + "source": "https://github.com/php-fig/cache/tree/master" + }, + "time": "2016-08-06T20:24:11+00:00" + }, { "name": "psr/container", "version": "1.1.1", diff --git a/config/firewall.php b/config/firewall.php index d666e44e5..dc853a9db 100644 --- a/config/firewall.php +++ b/config/firewall.php @@ -389,7 +389,7 @@ return [ '#-moz-binding[\x00-\x20]*:#u', // Unneeded tags - '#]*>?#i' + '#]*>?#i' ], 'auto_block' => [ diff --git a/resources/assets/js/views/common/items.js b/resources/assets/js/views/common/items.js index ad74e93de..e2ecc94ce 100644 --- a/resources/assets/js/views/common/items.js +++ b/resources/assets/js/views/common/items.js @@ -30,5 +30,19 @@ const app = new Vue({ form: new Form('item'), bulk_action: new BulkAction('items'), } - } + }, + + watch: { + 'form.sale_price': function (newVal, oldVal) { + if (newVal != '' && newVal.search('^(?=.*?[0-9])[0-9.,]+$') == -1) { + this.form.sale_price = oldVal; + } + }, + + 'form.purchase_price': function (newVal, oldVal) { + if (newVal != '' && newVal.search('^(?=.*?[0-9])[0-9.,]+$') == -1) { + this.form.purchase_price = oldVal; + } + } + }, });