Fix anon warnings, improve login check

ocdtrekkie · ocdtrekkie · commit afa5db0b0d13 · 2025-08-07T01:11:30.000-05:00
diff --git a/.sandstorm/sandstorm-pkgdef.capnp b/.sandstorm/sandstorm-pkgdef.capnp
@@ -19,9 +19,9 @@ const pkgdef :Spk.PackageDefinition = (
 
     appTitle = (defaultText = "XRF Books"),
 
-    appVersion = 2,  # Increment this for every release.
+    appVersion = 3,  # Increment this for every release.
 
-    appMarketingVersion = (defaultText = "0.0.3"),
+    appMarketingVersion = (defaultText = "0.0.4"),
     # Human-readable representation of appVersion. Should match the way you
     # identify versions of your app in documentation and marketing.
 
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,13 @@
+# 0.0.4
+
+- Fixed error when adding a serial entry.
+- Fixed warnings for anonymous users.
+- Only update check in date for current check out.
+
+# 0.0.3
+
+- Include full path in the address bar.
+
 # 0.0.2
 
 - Fix some encoding and performance bugs.
diff --git a/includes/global.php b/includes/global.php
@@ -11,6 +11,7 @@
 $xrf_myusername = "";
 $xrf_myuclass = "";
 $xrf_myulevel = 1;
+$xrf_mystylepref = "";
 
 $xrf_db = @mysqli_connect($xrf_dbserver, $xrf_dbusername, $xrf_dbpassword, $xrf_dbname) or die(mysqli_connect_error());
 
@@ -32,7 +33,7 @@
 
 xrf_check_auth_version($xrf_auth_version_page, $xrf_auth_version_db) or die("Unable to verify authentication version.  Please report to the system administrator.");
 
-$xrf_myemail = $_SERVER['HTTP_X_SANDSTORM_USER_ID'];
+$xrf_myemail = $_SERVER['HTTP_X_SANDSTORM_USER_ID'] ?? '';
 $xrf_myusername = urldecode($_SERVER['HTTP_X_SANDSTORM_USERNAME']);
 if (strpos($_SERVER['HTTP_X_SANDSTORM_PERMISSIONS'], "admin") !== false) { $xrf_myulevel = 4; }
 elseif (strpos($_SERVER['HTTP_X_SANDSTORM_PERMISSIONS'], "operate") !== false) { $xrf_myulevel = 3; }
@@ -41,7 +42,7 @@
 if (strpos($_SERVER['HTTP_X_SANDSTORM_PERMISSIONS'], "physicalbrowse") !== false) { $xrf_myuclass = $xrf_myuclass . "P"; if ($xrf_myulevel < 2) { $xrf_myulevel = 2; } }
 if (strpos($_SERVER['HTTP_X_SANDSTORM_PERMISSIONS'], "restrictedarea") !== false) { $xrf_myuclass = $xrf_myuclass . "R"; }
 
-if ($xrf_myusername != "Anonymous User")
+if ($xrf_myusername != "Anonymous User" && $xrf_myemail != '')
 {
 	$xrf_adduser_query=mysqli_prepare($xrf_db, "INSERT IGNORE INTO g_users (sandstormuserid, datereg) VALUES(?,now())") or die(mysqli_error($xrf_db));
 	mysqli_stmt_bind_param($xrf_adduser_query,"s", $xrf_myemail);
diff --git a/includes/global_req_login.php b/includes/global_req_login.php
@@ -11,6 +11,7 @@
 $xrf_myusername = "";
 $xrf_myuclass = "";
 $xrf_myulevel = 1;
+$xrf_mystylepref = "";
 
 $xrf_db = @mysqli_connect($xrf_dbserver, $xrf_dbusername, $xrf_dbpassword, $xrf_dbname) or die(mysqli_connect_error());
 
@@ -32,7 +33,7 @@
 
 xrf_check_auth_version($xrf_auth_version_page, $xrf_auth_version_db) or die("Unable to verify authentication version.  Please report to the system administrator.");
 
-$xrf_myemail = $_SERVER['HTTP_X_SANDSTORM_USER_ID'];
+$xrf_myemail = $_SERVER['HTTP_X_SANDSTORM_USER_ID'] ?? '';
 $xrf_myusername = urldecode($_SERVER['HTTP_X_SANDSTORM_USERNAME']);
 if (strpos($_SERVER['HTTP_X_SANDSTORM_PERMISSIONS'], "admin") !== false) { $xrf_myulevel = 4; }
 elseif (strpos($_SERVER['HTTP_X_SANDSTORM_PERMISSIONS'], "operate") !== false) { $xrf_myulevel = 3; }
@@ -42,7 +43,7 @@
 if (strpos($_SERVER['HTTP_X_SANDSTORM_PERMISSIONS'], "restrictedarea") !== false) { $xrf_myuclass = $xrf_myuclass . "R"; }
 
 // Ensure user is logged in
-if ($xrf_myusername == "Anonymous User")
+if ($xrf_myusername == "Anonymous User" || $xrf_myemail == '')
 {
 die("You are not logged in!");
 }
