MokoConsulting/MokoCassiopeia
1
1
Fork 0
Code Issues 2 Pull Requests Actions Packages Releases 1 Activity

Security hardening

Browse Source
This commit is contained in:
Jonathan Miller
2025-08-25 00:18:56 -05:00
parent f2e774f8ec
commit 18f98dd606
124 changed files with 1102 additions and 13383 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
templates/moko-cassiopeia/html/com_osmembership/plans/columns.php
View File

@@ -1,84 +0,0 @@
<?php
/**
* @package Joomla
* @subpackage Membership Pro
* @author Tuan Pham Ngoc
* @copyright Copyright (C) 2012 - 2025 Ossolution Team
* @license GNU/GPL, see LICENSE.php
*/
defined('_JEXEC') or die;
use Joomla\CMS\HTML\HTMLHelper;
use Joomla\CMS\Language\Text;
?>
<div id="osm-plans-list-columns" class="osm-container osm-container-j4">
<?php
if ($this->params->get('show_page_heading', 1))
{
if ($this->category)
{
$pageHeading = $this->params->get('page_heading') ?: $this->category->title;
}
else
{
$pageHeading = $this->params->get('page_heading') ?: Text::_('OSM_SUBSCRIPTION_PLANS');
}
if ($this->input->getInt('hmvc_call'))
{
$hTag = 'h2';
}
else
{
$hTag = 'h1';
}
?>
<<?php echo $hTag; ?> class="osm-page-title"><?php echo $pageHeading; ?></<?php echo $hTag; ?>>
<?php
}
if (!empty($this->category->description))
{
$description = $this->category->description;
}
elseif (OSMembershipHelper::isValidMessage($this->params->get('intro_text')))
{
$description = $this->params->get('intro_text');
}
else
{
$description = '';
}
if ($description)
{
?>
<div class="osm-description osm-page-intro-text <?php echo $this->bootstrapHelper->getClassMapping('clearfix'); ?>">
<?php echo HTMLHelper::_('content.prepare', $description); ?>
</div>
<?php
}
if (count($this->categories))
{
echo OSMembershipHelperHtml::loadCommonLayout('common/tmpl/categories.php', ['items' => $this->categories, 'categoryId' => $this->categoryId, 'config' => $this->config, 'Itemid' => $this->Itemid]);
}
if (count($this->items))
{
echo OSMembershipHelperHtml::loadCommonLayout('common/tmpl/columns_plans.php', ['items' => $this->items, 'input' => $this->input, 'config' => $this->config, 'Itemid' => $this->Itemid, 'categoryId' => $this->categoryId, 'bootstrapHelper' => $this->bootstrapHelper, 'params' => $this->params]);
}
if (!$this->input->getInt('hmvc_call') && ($this->pagination->total > $this->pagination->limit))
{
?>
<div class="pagination">
<?php echo $this->pagination->getPagesLinks(); ?>
</div>
<?php
}
?>
</div>

83
templates/moko-cassiopeia/html/com_osmembership/plans/default.php
View File

@@ -1,83 +0,0 @@
<?php
/**
* @package Joomla
* @subpackage Membership Pro
* @author Tuan Pham Ngoc
* @copyright Copyright (C) 2012 - 2025 Ossolution Team
* @license GNU/GPL, see LICENSE.php
*/
defined('_JEXEC') or die ;
use Joomla\CMS\HTML\HTMLHelper;
use Joomla\CMS\Language\Text;
?>
<div id="osm-plans-list-default" class="osm-container osm-container-j4">
<?php
if ($this->params->get('show_page_heading', 1))
{
if ($this->category)
{
$pageHeading = $this->params->get('page_heading') ?: $this->category->title;
}
else
{
$pageHeading = $this->params->get('page_heading') ?: Text::_('OSM_SUBSCRIPTION_PLANS');
}
if ($this->input->getInt('hmvc_call'))
{
$hTag = 'h2';
}
else
{
$hTag = 'h1';
}
?>
<<?php echo $hTag; ?> class="osm-page-title"><?php echo $pageHeading; ?></<?php echo $hTag; ?>>
<?php
}
if (!empty($this->category->description))
{
$description = $this->category->description;
}
elseif (OSMembershipHelper::isValidMessage($this->params->get('intro_text')))
{
$description = $this->params->get('intro_text');
}
else
{
$description = '';
}
if ($description)
{
?>
<div class="osm-description osm-page-intro-text <?php echo $this->bootstrapHelper->getClassMapping('clearfix'); ?>">
<?php echo HTMLHelper::_('content.prepare', $description); ?>
</div>
<?php
}
if (count($this->categories))
{
echo OSMembershipHelperHtml::loadCommonLayout('common/tmpl/categories.php', ['items' => $this->categories, 'categoryId' => $this->categoryId, 'config' => $this->config, 'Itemid' => $this->Itemid]);
}
if (count($this->items))
{
echo OSMembershipHelperHtml::loadCommonLayout('common/tmpl/default_plans.php', ['items' => $this->items, 'input' => $this->input, 'config' => $this->config, 'Itemid' => $this->Itemid, 'categoryId' => $this->categoryId, 'bootstrapHelper' => $this->bootstrapHelper, 'params' => $this->params]);
}
if (!$this->input->getInt('hmvc_call') && ($this->pagination->total > $this->pagination->limit))
{
?>
<div class="pagination">
<?php echo $this->pagination->getPagesLinks(); ?>
</div>
<?php
}
?>
</div>

118
templates/moko-cassiopeia/html/com_osmembership/plans/index.html
View File

@@ -1,118 +0,0 @@
<!--
* Copyright (C) 2025 Moko Consulting <jmiller@mokoconsulting.tech>
*
* This file is part of a Moko Consulting project.
*
* SPDX-License-Identifier: GPL-3.0-or-later
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
-->
<!--FILE INFORMATION
* DEFGROUP: Joomla.Site
* INGROUP: Templates.Moko-Cassiopeia
* FILE: index.html
* BRIEF: Security redirect page to block folder access and forward to site root.
-->
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Redirecting…</title>
<!-- Search engines: do not index this placeholder redirect page -->
<meta name="robots" content="noindex, nofollow, noarchive" />
<!-- Instant redirect fallback even if JavaScript is disabled -->
<meta http-equiv="refresh" content="0; url=/" />
<!-- Canonical root reference -->
<link rel="canonical" href="/" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<script>
/**
* @defgroup Dolibarr
* @file index.html (embedded script)
* @version 1.0.0
* @brief Security redirect logic. Replaces the current history entry with the site root.
* @details This script computes the absolute root URL using `location.origin` and
* forwards the user immediately. It prevents leaving the protected folder
* in the browser history by default.
*
* @section VARIABLES
* @var {Object} opts Configuration options for the redirect behavior.
* @var {string} opts.fallbackPath Path used when `location.origin` cannot be determined.
* @var {number} opts.delayMs Optional delay in milliseconds before redirecting.
* @var {"replace"|"assign"} opts.behavior Navigation method used for the redirect.
*
* @section OPTIONS
* - opts.fallbackPath: default "/" (root path)
* - opts.delayMs: default 0 (immediate)
* - opts.behavior: one of
* * "replace" — calls `location.replace(url)`; does not keep the folder page in history.
* * "assign" — calls `location.assign(url)`; keeps an extra history entry.
*/
(function redirectToRoot() {
// Configuration object with safe defaults.
var opts = {
fallbackPath: "/", // string: fallback destination if origin is unavailable
delayMs: 0, // number: delay before redirect in ms (0 = immediate)
behavior: "replace" // enum: "replace" | "assign"
};
// Determine absolute origin in all mainstream browsers.
var origin = (typeof location.origin === "string" && location.origin)
|| (location.protocol + "//" + location.host);
// Final destination: absolute root of the current site, or fallback path.
var destination = origin ? origin + "/" : opts.fallbackPath;
function go() {
if (opts.behavior === "assign") {
location.assign(destination);
} else {
location.replace(destination);
}
}
// Execute redirect, optionally after a short delay.
if (opts.delayMs > 0) {
setTimeout(go, opts.delayMs);
} else {
go();
}
})();
</script>
<!--
Secondary meta-refresh for no-JS environments is already set above.
Some very old crawlers may ignore JS; the meta refresh ensures coverage.
-->
<noscript>
<!-- Extra defense-in-depth: if JS is disabled, meta refresh (above) handles redirect. -->
<style>
html, body { height:100%; }
body { display:flex; align-items:center; justify-content:center; margin:0; font: 16px/1.4 system-ui, -apple-system, Segoe UI, Roboto, Arial, sans-serif; }
.msg { opacity: .75; text-align: center; }
</style>
</noscript>
</head>
<body>
<div class="msg">Redirecting to the site root… If you are not redirected, <a href="/">click here</a>.</div>
</body>
</html>

75
templates/moko-cassiopeia/html/com_osmembership/plans/pricingtable.php
View File

@@ -1,75 +0,0 @@
<?php
/**
* @package Joomla
* @subpackage Membership Pro
* @author Tuan Pham Ngoc
* @copyright Copyright (C) 2012 - 2025 Ossolution Team
* @license GNU/GPL, see LICENSE.php
*/
defined('_JEXEC') or die;
use Joomla\CMS\HTML\HTMLHelper;
use Joomla\CMS\Language\Text;
$categoryId = $this->category ? $this->category->id : 0;
?>
<div id="osm-plans-list-columns" class="osm-container osm-container-j4 osm-pricingtable-container<?php echo $categoryId; ?>">
<?php
if ($this->params->get('show_page_heading', 1))
{
if ($this->category)
{
$pageHeading = $this->params->get('page_heading') ?: $this->category->title;
}
else
{
$pageHeading = $this->params->get('page_heading') ?: Text::_('OSM_SUBSCRIPTION_PLANS');
}
if ($this->input->getInt('hmvc_call'))
{
$hTag = 'h2';
}
else
{
$hTag = 'h1';
}
?>
<<?php echo $hTag; ?> class="osm-page-title"><?php echo $pageHeading; ?></<?php echo $hTag; ?>>
<?php
}
if (!empty($this->category->description))
{
$description = $this->category->description;
}
elseif (OSMembershipHelper::isValidMessage($this->params->get('intro_text')))
{
$description = $this->params->get('intro_text');
}
else
{
$description = '';
}
if ($description)
{
?>
<div class="osm-description osm-page-intro-text <?php echo $this->bootstrapHelper->getClassMapping('clearfix'); ?>">
<?php echo HTMLHelper::_('content.prepare', $description); ?>
</div>
<?php
}
if (count($this->categories))
{
echo OSMembershipHelperHtml::loadCommonLayout('common/tmpl/categories.php', ['items' => $this->categories, 'categoryId' => $this->categoryId, 'config' => $this->config, 'Itemid' => $this->Itemid]);
}
if (count($this->items))
{
echo OSMembershipHelperHtml::loadCommonLayout('common/tmpl/pricingtable_plans.php', ['items' => $this->items, 'input' => $this->input, 'config' => $this->config, 'Itemid' => $this->Itemid, 'categoryId' => $this->categoryId, 'bootstrapHelper' => $this->bootstrapHelper, 'params' => $this->params]);
}
?>
</div>

75
templates/moko-cassiopeia/html/com_osmembership/plans/pricingtablecircle.php
View File

@@ -1,75 +0,0 @@
<?php
/**
* @package Joomla
* @subpackage Membership Pro
* @author Tuan Pham Ngoc
* @copyright Copyright (C) 2012 - 2025 Ossolution Team
* @license GNU/GPL, see LICENSE.php
*/
defined('_JEXEC') or die;
use Joomla\CMS\HTML\HTMLHelper;
use Joomla\CMS\Language\Text;
$categoryId = $this->category ? $this->category->id : 0;
?>
<div id="osm-plans-list-pricing-table-circle" class="osm-container osm-container-j4 osm-pricingtable-container<?php echo $categoryId; ?>">
<?php
if ($this->params->get('show_page_heading', 1))
{
if ($this->category)
{
$pageHeading = $this->params->get('page_heading') ?: $this->category->title;
}
else
{
$pageHeading = $this->params->get('page_heading') ?: Text::_('OSM_SUBSCRIPTION_PLANS');
}
if ($this->input->getInt('hmvc_call'))
{
$hTag = 'h2';
}
else
{
$hTag = 'h1';
}
?>
<<?php echo $hTag; ?> class="osm-page-title"><?php echo $pageHeading; ?></<?php echo $hTag; ?>>
<?php
}
if (!empty($this->category->description))
{
$description = $this->category->description;
}
elseif (OSMembershipHelper::isValidMessage($this->params->get('intro_text')))
{
$description = $this->params->get('intro_text');
}
else
{
$description = '';
}
if ($description)
{
?>
<div class="osm-description osm-page-intro-text <?php echo $this->bootstrapHelper->getClassMapping('clearfix'); ?>">
<?php echo HTMLHelper::_('content.prepare', $description); ?>
</div>
<?php
}
if (count($this->categories))
{
echo OSMembershipHelperHtml::loadCommonLayout('common/tmpl/categories.php', ['items' => $this->categories, 'categoryId' => $this->categoryId, 'config' => $this->config, 'Itemid' => $this->Itemid]);
}
if (count($this->items))
{
echo OSMembershipHelperHtml::loadCommonLayout('common/tmpl/pricingtable_circle_plans.php', ['items' => $this->items, 'input' => $this->input, 'config' => $this->config, 'Itemid' => $this->Itemid, 'categoryId' => $this->categoryId, 'bootstrapHelper' => $this->bootstrapHelper, 'params' => $this->params]);
}
?>
</div>

75
templates/moko-cassiopeia/html/com_osmembership/plans/pricingtableflat.php
View File

@@ -1,75 +0,0 @@
<?php
/**
* @package Joomla
* @subpackage Membership Pro
* @author Tuan Pham Ngoc
* @copyright Copyright (C) 2012 - 2025 Ossolution Team
* @license GNU/GPL, see LICENSE.php
*/
defined('_JEXEC') or die;
use Joomla\CMS\HTML\HTMLHelper;
use Joomla\CMS\Language\Text;
$categoryId = $this->category ? $this->category->id : 0;
?>
<div id="osm-plans-list-pricing-table-flat" class="osm-container osm-container-j4 osm-pricingtable-container<?php echo $categoryId; ?>">
<?php
if ($this->params->get('show_page_heading', 1))
{
if ($this->category)
{
$pageHeading = $this->params->get('page_heading') ?: $this->category->title;
}
else
{
$pageHeading = $this->params->get('page_heading') ?: Text::_('OSM_SUBSCRIPTION_PLANS');
}
if ($this->input->getInt('hmvc_call'))
{
$hTag = 'h2';
}
else
{
$hTag = 'h1';
}
?>
<<?php echo $hTag; ?> class="osm-page-title"><?php echo $pageHeading; ?></<?php echo $hTag; ?>>
<?php
}
if (!empty($this->category->description))
{
$description = $this->category->description;
}
elseif (OSMembershipHelper::isValidMessage($this->params->get('intro_text')))
{
$description = $this->params->get('intro_text');
}
else
{
$description = '';
}
if ($description)
{
?>
<div class="osm-description osm-page-intro-text <?php echo $this->bootstrapHelper->getClassMapping('clearfix'); ?>">
<?php echo HTMLHelper::_('content.prepare', $description); ?>
</div>
<?php
}
if (count($this->categories))
{
echo OSMembershipHelperHtml::loadCommonLayout('common/tmpl/categories.php', ['items' => $this->categories, 'categoryId' => $this->categoryId, 'config' => $this->config, 'Itemid' => $this->Itemid]);
}
if (count($this->items))
{
echo OSMembershipHelperHtml::loadCommonLayout('common/tmpl/pricingtable_flat_plans.php', ['items' => $this->items, 'input' => $this->input, 'config' => $this->config, 'Itemid' => $this->Itemid, 'categoryId' => $this->categoryId, 'bootstrapHelper' => $this->bootstrapHelper, 'params' => $this->params]);
}
?>
</div>