Add password field to fix #1498

Add current background maxsize #1501

SECURITY.md

@@ -1,14 +0,0 @@
-# Security Policy
-
-## Supported Versions
-
-| Version | Supported          |
-| ------- | ------------------ |
-| 2.3.x   | :white_check_mark: |
-| < 2.3   | :x:                |
-
-## Reporting a Vulnerability
-
-You can report any vulnerabilities on our discord server by DM-ing a team member, or asking a team member to DM you.
-
-https://discord.com/invite/YWrKVTn

app/Helper.php

@@ -27,6 +27,17 @@ function format_bytes($bytes, bool $is_drive_size = true, string $beforeunit = '
     }
 }
 
+function parse_size($size) {
+    $unit = strtolower(substr($size, -1));
+    $bytes = (int)$size;
+    switch($unit) {
+        case 'g': $bytes *= 1024 * 1024 * 1024; break;
+        case 'm': $bytes *= 1024 * 1024; break;
+        case 'k': $bytes *= 1024; break;
+    }
+    return $bytes;
+}
+
 /**
  * @param $title
  * @param string $separator

app/Http/Controllers/ItemController.php

@@ -267,9 +267,16 @@ class ItemController extends Controller
                 ],
             ];
 
+            // Proxy management
+            $httpsProxy = getenv('HTTPS_PROXY');
+            $httpsProxyLower = getenv('https_proxy');
+            if ($httpsProxy !== false || $httpsProxyLower !== false) {
+                $options['proxy']['http'] = $httpsProxy ?: $httpsProxyLower;
+            }
+
             $file = $request->input('icon');
             $path_parts = pathinfo($file);
-            if (!isset($path_parts['extension'])) {
+            if (!array_key_exists('extension', $path_parts)) {
                 throw ValidationException::withMessages(['file' => 'Icon URL must have a valid file extension.']);
             }
             $extension = $path_parts['extension'];
@@ -312,7 +319,11 @@ class ItemController extends Controller
             $storedConfigObject = json_decode($storedItem->getAttribute('description'));
 
             $configObject = json_decode($config);
-            $configObject->password = $storedConfigObject->password;
+            if ($storedConfigObject && property_exists($storedConfigObject, 'password')) {
+                $configObject->password = $storedConfigObject->password;
+            } else {
+                $configObject->password = null;
+            }
 
             $config = json_encode($configObject);
         }

app/Services/CustomFormBuilder.php

@@ -21,6 +21,13 @@ class CustomFormBuilder
         );
     }
 
+    public function password($name, $options = [])
+    {
+        return new HtmlString(
+            $this->html->input('password', $name)->attributes($options)
+        );
+    }
+
     public function hidden($name, $value = null, $options = [])
     {
         return new HtmlString(

config/app.php

@@ -5,7 +5,7 @@ use Illuminate\Support\Facades\Facade;
 
 return [
 
-    'version' => '2.7.4',
+    'version' => '2.7.6',
 
     'appsource' => env('APP_SOURCE', 'https://appslist.heimdall.site/'),
 

lang/de/app.php

@@ -20,7 +20,7 @@ return array (
   'settings.language' => 'Sprache',
   'settings.reset' => 'Zurücksetzen auf Standard',
   'settings.remove' => 'Entfernen',
-  'settings.search' => 'suche',
+  'settings.search' => 'Suche',
   'settings.no_items' => 'Keine Elemente gefunden',
   'settings.label' => 'Bezeichnung',
   'settings.value' => 'Wert',
@@ -33,7 +33,7 @@ return array (
   'options.ddg' => 'DuckDuckGo',
   'options.bing' => 'Bing',
   'options.qwant' => 'Qwant',
-  'options.startpage' => 'StartSeite',
+  'options.startpage' => 'Startseite',
   'options.yes' => 'Ja',
   'options.no' => 'Nein',
   'options.nzbhydra' => 'NZBHydra',
@@ -46,7 +46,7 @@ return array (
   'dash.pin_item' => 'Element auf dem Dashboard anheften',
   'dash.no_apps' => 'Derzeit gibt es keine angeheftete Anwendungen. :link1 oder :link2',
   'dash.link1' => 'Anwendung neu hinzufügen',
-  'dash.link2' => 'anheften',
+  'dash.link2' => 'Anheften',
   'dash.pinned_items' => 'Angeheftete Elemente',
   'apps.app_list' => 'Anwendungsliste',
   'apps.view_trash' => 'Ansicht Papierkorb',
@@ -66,7 +66,7 @@ return array (
   'apps.add_tag' => 'Tag hinzufügen',
   'apps.tag_name' => 'Tag Name',
   'apps.tags' => 'Tags',
-  'apps.override' => 'Fals anders zur Haupt-URL',
+  'apps.override' => 'Falls anders zur Haupt-URL',
   'apps.preview' => 'Vorschau',
   'apps.apptype' => 'Anwendungstyp',
   'apps.website' => 'Webseite',
@@ -81,7 +81,7 @@ return array (
   'user.avatar' => 'Avatar',
   'user.email' => 'Email',
   'user.password_confirm' => 'Passwort bestätigen',
-  'user.secure_front' => 'Öffentlichen Zugang erlauben - Tritt nur bei gesetztem Passwort in kraft.',
+  'user.secure_front' => 'Öffentlichen Zugang erlauben - Tritt nur bei gesetztem Passwort in Kraft.',
   'user.autologin' => 'Anmelden von spezieller URL erlauben. Jeder mit diesem Link kann sich anmelden.',
   'url' => 'URL',
   'title' => 'Titel',

resources/views/settings/form.blade.php

@@ -1,7 +1,18 @@
 <section class="module-container">
 @if($enable_auth_admin_controls)
+
         <header>
-            <div class="section-title">{{ __($setting->label) }}</div>
+            <div class="section-title">
+                {{ __($setting->label) }}
+                @if($setting->type === 'image')
+                @php
+                    $max_upload = ini_get('upload_max_filesize');
+                    $max_upload_bytes = parse_size($max_upload);
+                @endphp
+                <a class="settinglink" target="_blank" rel="nofollow noreferer" href="https://github.com/linuxserver/Heimdall?tab=readme-ov-file#new-background-image-not-being-set">({{ format_bytes($max_upload_bytes, false) }})</a>
+                @endif
+
+            </div>
             <div class="module-actions">
                 <button type="submit"class="button"><i class="fa fa-save"></i><span>{{ __('app.buttons.save') }}</span></button>
                 <a href="{{ route('settings.index', []) }}" class="button"><i class="fa fa-ban"></i><span>{{ __('app.buttons.cancel') }}</span></a>