- = $members[$subscription['payer_user_id']]['name'] ?>
-
- = $subscription['payment_method_name'] ?>
-
+ = $members[$subscription['payer_user_id']]['name'] ?>
+
-
-
-
-
-
-
-
= $subscription['name'] ?>
-
= $subscription['billing_cycle'] ?>
-
= $subscription['next_payment'] ?>
-
-
- = CurrencyFormatter::format($subscription['price'], $subscription['currency_code']) ?>
-
-
-
- -
-
- = translate('edit_subscription', $i18n) ?>
-
- -
-
- = translate('delete', $i18n) ?>
-
- -
-
- = translate('clone', $i18n) ?>
-
-
-
-
-
= $subscription['name'] ?>
-
= $members[$subscription['payer_user_id']]['name'] ?>
-
= $categories[$subscription['category_id']]['name'] ?>
+
+
-
-
-
-
- = $subscription['notes'] ?>
-
-
+
+ ?>
+
+
= $subscription['name'] ?>
+
= $subscription['billing_cycle'] ?>
+
= $subscription['next_payment'] ?>
+
+
+ = CurrencyFormatter::format($subscription['price'], $subscription['currency_code']) ?>
+
+
+
+ -
+
+ = translate('edit_subscription', $i18n) ?>
+
+ -
+
+ = translate('delete', $i18n) ?>
+
+ -
+
+ = translate('clone', $i18n) ?>
+
+
+
+
= $subscription['name'] ?>
+
= $members[$subscription['payer_user_id']]['name'] ?>
+
= $categories[$subscription['category_id']]['name'] ?>
+
+
+
+
+
+
+
+
+ = $subscription['notes'] ?>
+
+
+
+
prepare($query);
- $stmt->bindValue(':userId', $userId, SQLITE3_INTEGER);
- $result = $stmt->execute();
- $row = $result->fetchArray(SQLITE3_ASSOC);
- $mainCurrencyId = $row['main_currency'];
+$query = "SELECT main_currency FROM user WHERE id = :userId";
+$stmt = $db->prepare($query);
+$stmt->bindValue(':userId', $userId, SQLITE3_INTEGER);
+$result = $stmt->execute();
+$row = $result->fetchArray(SQLITE3_ASSOC);
+$mainCurrencyId = $row['main_currency'];
?>
\ No newline at end of file
diff --git a/includes/version.php b/includes/version.php
index dc380584f..7ba82494d 100644
--- a/includes/version.php
+++ b/includes/version.php
@@ -1,3 +1,3 @@
\ No newline at end of file
diff --git a/index.php b/index.php
index b35fa6d55..1f2e46bd0 100644
--- a/index.php
+++ b/index.php
@@ -289,19 +289,8 @@
}
}
- if ($sort === "price") {
- usort($subscriptions, function ($a, $b) {
- return $a['price'] < $b['price'] ? 1 : -1;
- });
- if ($settings['disabledToBottom'] === 'true') {
- usort($print, function ($a, $b) {
- return $a['inactive'] - $b['inactive'];
- });
- }
- }
-
if (isset($print)) {
- printSubscriptions($print, $sort, $categories, $members, $i18n, $colorTheme, "");
+ printSubscriptions($print, $sort, $categories, $members, $i18n, $colorTheme, "", $settings['disabledToBottom']);
}
$db->close();
diff --git a/login.php b/login.php
index df63847df..7dcdb87e6 100644
--- a/login.php
+++ b/login.php
@@ -51,16 +51,25 @@
$_SESSION['main_currency'] = $main_currency;
$_SESSION['userId'] = $userId;
$cookieExpire = time() + (30 * 24 * 60 * 60);
- setcookie('language', $language, $cookieExpire);
+ setcookie('language', $language, [
+ 'expires' => $cookieExpire,
+ 'samesite' => 'Strict'
+ ]);
$query = "SELECT color_theme FROM settings";
$stmt = $db->prepare($query);
$result = $stmt->execute();
$settings = $result->fetchArray(SQLITE3_ASSOC);
- setcookie('colorTheme', $settings['color_theme'], $cookieExpire);
+ setcookie('colorTheme', $settings['color_theme'], [
+ 'expires' => $cookieExpire,
+ 'samesite' => 'Strict'
+ ]);
$cookieValue = $username . "|" . "abc123ABC" . "|" . $main_currency;
- setcookie('wallos_login', $cookieValue, $cookieExpire);
+ setcookie('wallos_login', $cookieValue, [
+ 'expires' => $cookieExpire,
+ 'samesite' => 'Strict'
+ ]);
$db->close();
header("Location: .");
@@ -118,14 +127,20 @@
$_SESSION['main_currency'] = $main_currency;
$_SESSION['userId'] = $userId;
$cookieExpire = time() + (30 * 24 * 60 * 60);
- setcookie('language', $language, $cookieExpire);
+ setcookie('language', $language, [
+ 'expires' => $cookieExpire,
+ 'samesite' => 'Strict'
+ ]);
if ($rememberMe) {
$query = "SELECT color_theme FROM settings";
$stmt = $db->prepare($query);
$result = $stmt->execute();
$settings = $result->fetchArray(SQLITE3_ASSOC);
- setcookie('colorTheme', $settings['color_theme'], $cookieExpire);
+ setcookie('colorTheme', $settings['color_theme'], [
+ 'expires' => $cookieExpire,
+ 'samesite' => 'Strict'
+ ]);
$token = bin2hex(random_bytes(32));
$addLoginTokens = "INSERT INTO login_tokens (user_id, token) VALUES (:userId, :token)";
@@ -135,7 +150,10 @@
$addLoginTokensStmt->execute();
$_SESSION['token'] = $token;
$cookieValue = $username . "|" . $token . "|" . $main_currency;
- setcookie('wallos_login', $cookieValue, $cookieExpire);
+ setcookie('wallos_login', $cookieValue, [
+ 'expires' => $cookieExpire,
+ 'samesite' => 'Strict'
+ ]);
}
$db->close();
header("Location: .");
diff --git a/scripts/common.js b/scripts/common.js
index f76aee04d..f681dcb44 100644
--- a/scripts/common.js
+++ b/scripts/common.js
@@ -8,9 +8,9 @@ function toggleDropdown() {
function showErrorMessage(message) {
const toast = document.querySelector(".toast#errorToast");
- (closeIcon = document.querySelector(".close-error")),
- (errorMessage = document.querySelector(".errorMessage")),
- (progress = document.querySelector(".progress.error"));
+ const closeIcon = document.querySelector(".close-error");
+ const errorMessage = document.querySelector(".errorMessage");
+ const progress = document.querySelector(".progress.error");
let timer1, timer2;
errorMessage.textContent = message;
toast.classList.add("active");
@@ -39,9 +39,9 @@ function showErrorMessage(message) {
function showSuccessMessage(message) {
const toast = document.querySelector(".toast#successToast");
- (closeIcon = document.querySelector(".close-success")),
- (successMessage = document.querySelector(".successMessage")),
- (progress = document.querySelector(".progress.success"));
+ const closeIcon = document.querySelector(".close-success");
+ const successMessage = document.querySelector(".successMessage");
+ const progress = document.querySelector(".progress.success");
let timer1, timer2;
successMessage.textContent = message;
toast.classList.add("active");
@@ -76,7 +76,7 @@ document.addEventListener('DOMContentLoaded', function () {
const darkThemeCss = document.querySelector("#dark-theme");
darkThemeCss.disabled = themePreference === 'light';
document.body.className = themePreference;
- document.cookie = `inUseTheme=${themePreference}; expires=Fri, 31 Dec 9999 23:59:59 GMT`;
+ document.cookie = `inUseTheme=${themePreference}; expires=Fri, 31 Dec 9999 23:59:59 GMT; SameSite=Strict`;
const themeColorMetaTag = document.querySelector('meta[name="theme-color"]');
themeColorMetaTag.setAttribute('content', themePreference === 'dark' ? '#222222' : '#FFFFFF');
}
diff --git a/scripts/dashboard.js b/scripts/dashboard.js
index 32ca26414..beef96f49 100644
--- a/scripts/dashboard.js
+++ b/scripts/dashboard.js
@@ -337,7 +337,7 @@ function setSortOption(sortOption) {
const expirationDate = new Date();
expirationDate.setDate(expirationDate.getDate() + daysToExpire);
const cookieValue = encodeURIComponent(sortOption) + '; expires=' + expirationDate.toUTCString();
- document.cookie = 'sortOrder=' + cookieValue;
+ document.cookie = 'sortOrder=' + cookieValue + '; SameSite=Strict';
fetchSubscriptions();
toggleSortOptions();
}
diff --git a/scripts/registration.js b/scripts/registration.js
index 442ba7377..df386e4bb 100644
--- a/scripts/registration.js
+++ b/scripts/registration.js
@@ -5,7 +5,7 @@ function setCookie(name, value, days) {
date.setTime(date.getTime() + (days * 24 * 60 * 60 * 1000));
expires = "; expires=" + date.toUTCString();
}
- document.cookie = name + "=" + value + expires;
+ document.cookie = name + "=" + value + expires + "; SameSite=Strict";
}
function storeFormFieldValue(fieldId) {
diff --git a/scripts/theme.js b/scripts/theme.js
index cfe63cd9f..6ff1c6b9f 100644
--- a/scripts/theme.js
+++ b/scripts/theme.js
@@ -3,7 +3,7 @@ function switchTheme() {
darkThemeCss.disabled = !darkThemeCss.disabled;
const themeChoice = darkThemeCss.disabled ? 'light' : 'dark';
- document.cookie = `theme=${themeChoice}; expires=Fri, 31 Dec 9999 23:59:59 GMT`;
+ document.cookie = 'theme=' + themeValue + '; expires=Fri, 31 Dec 9999 23:59:59 GMT; SameSite=Strict';
document.body.className = themeChoice;
@@ -60,7 +60,7 @@ function setDarkTheme(theme) {
lightThemeButton.classList.remove('selected');
automaticThemeButton.classList.remove('selected');
- document.cookie = `theme=${themeValue}; expires=Fri, 31 Dec 9999 23:59:59 GMT`;
+ document.cookie = `theme=${themeValue}; expires=Fri, 31 Dec 9999 23:59:59 GMT; SameSite=Strict`;
if (theme == 0) {
darkThemeCss.disabled = true;
@@ -78,7 +78,7 @@ function setDarkTheme(theme) {
darkThemeCss.disabled = !prefersDarkMode;
document.body.className = prefersDarkMode ? 'dark' : 'light';
automaticThemeButton.classList.add('selected');
- document.cookie = `inUseTheme=${prefersDarkMode ? 'dark' : 'light'}; expires=Fri, 31 Dec 9999 23:59:59 GMT`;
+ document.cookie = `inUseTheme=${prefersDarkMode ? 'dark' : 'light'}; expires=Fri, 31 Dec 9999 23:59:59 GMT; SameSite=Strict`;
}
showSuccessMessage(data.message);
@@ -129,7 +129,7 @@ function setTheme(themeColor) {
targetLabel.classList.add('is-selected');
}
- document.cookie = `colorTheme=${themeColor}; expires=Fri, 31 Dec 9999 23:59:59 GMT`;
+ document.cookie = `colorTheme=${themeColor}; expires=Fri, 31 Dec 9999 23:59:59 GMT; SameSite=Strict`;
fetch('endpoints/settings/colortheme.php', {
method: 'POST',
diff --git a/service-worker.js b/service-worker.js
index 673dbb859..231b9a8d7 100644
--- a/service-worker.js
+++ b/service-worker.js
@@ -8,7 +8,6 @@ self.addEventListener('install', function (event) {
'settings.php',
'stats.php',
'about.php',
- 'logout.php',
'login.php',
'admin.php',
'endpoints/subscriptions/get.php',