mirror/php-typemill
1
0
Fork 0
mirror of https://github.com/typemill/typemill.git synced 2025-01-16 13:00:26 +01:00
Code Issues Releases Wiki Activity

Fixed wrong settings var for recaptcha securityMiddleware

Browse Source
This commit is contained in:
trendschau 2022-10-15 21:24:49 +02:00
parent 8242d787c0
commit 43a8d707de
2 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
content/00-welcome/01-manage-access.md
View File

@ -1,12 +1,12 @@
# Manage Access
# Manage Access
Typemill has a build-in system to restrict access to pages or to the whole websites. You can activate both features in the system settings under the section "access rights". If you activate one of the features, then Typemill will use session cookies on all frontend pages. Learn all the details in the following video tutorial:
![youtube-video](media/live/youtube-uw-m-4g1kaa.jpeg "click to load video"){#UW_m-4g1kAA .youtube}
## Restrict Access for the Website
This feature is perfect, if you want to lock down the whole website and only grant access for authenticated users. All non-authenticated users will be redirected to the login-page. There are two main use cases for this feature:
This feature is perfect, if you want to lock down the whole website and only grant access for authenticated users. All non-authenticated users will be redirected to the login-page. There are two main use cases for this feature:
* **Launch the website later**: You want to create your website first and launch it to the public later, for example if you have finished the website design or if you have polished your content.
* **Share website internally**: You want to share your typemill website only with certain users, for example with the company stuff or only with the members of your it-unit.
@ -28,5 +28,4 @@ You have some more features in the settings area:
* **Teaser**: You can add a standard text with markdown that will be displayed instead of the content or after the content is cut.
* **Teaser-Box**: You can optionally wrap the teaser in a box.
You can also combine these features with the registration plugin and this way create a membership website with member-only content.
You can also combine these features with the registration plugin and this way create a membership website with member-only content.

3
system/Middleware/SecurityMiddleware.php
View File

@ -80,8 +80,7 @@ class securityMiddleware
if( null !== $request->getParam('g-recaptcha-response') )
{
$recaptchaApi = 'https://www.google.com/recaptcha/api/siteverify';
$settings = $this->c->get('settings');
$secret = isset($settings['plugins'][$pluginName]['recaptcha_secretkey']) ? $settings['plugins'][$pluginName]['recaptcha_secretkey'] : false;
$secret = isset($this->settings['plugins'][$pluginName]['recaptcha_secretkey']) ? $this->settings['plugins'][$pluginName]['recaptcha_secretkey'] : false;
$recaptchaRequest = ['secret' => $secret, 'response' => $request->getParam('g-recaptcha-response')];
# use key 'http' even if you send the request to https://...