From 1175cc4ade37a40d38865db8a75288f43091c769 Mon Sep 17 00:00:00 2001
From: Marcus Hill <bcf8c9f2@opayq.com>
Date: Sat, 3 Jun 2023 21:04:43 +0100
Subject: [PATCH] Enable login key code (see #680)

---
 login.php             | 24 ++++++++++++------------
 settings_security.php |  2 +-
 settings_side_nav.php | 14 +++++++-------
 3 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/login.php b/login.php
index bdba08b6..f5b4fa50 100644
--- a/login.php
+++ b/login.php
@@ -46,18 +46,18 @@ $config_smtp_password = $row['config_smtp_password'];
 $config_mail_from_email = $row['config_mail_from_email'];
 $config_mail_from_name = $row['config_mail_from_name'];
 
-//// Login key (if setup)
-//$config_login_key_required = $row['config_login_key_required'];
-//$config_login_key_secret = $row['config_login_key_secret'];
-//
-//// Login key verification
-////  If no/incorrect 'key' is supplied, send to client portal instead
-//if ($config_login_key_required) {
-//    if (!isset($_GET['key']) || $_GET['key'] !== $config_login_key_secret) {
-//        header("Location: portal");
-//        exit();
-//    }
-//}
+// Login key (if setup)
+$config_login_key_required = $row['config_login_key_required'];
+$config_login_key_secret = $row['config_login_key_secret'];
+
+// Login key verification
+//  If no/incorrect 'key' is supplied, send to client portal instead
+if ($config_login_key_required) {
+    if (!isset($_GET['key']) || $_GET['key'] !== $config_login_key_secret) {
+        header("Location: portal");
+        exit();
+    }
+}
 
 // HTTP-Only cookies
 ini_set("session.cookie_httponly", true);
diff --git a/settings_security.php b/settings_security.php
index d53968d9..e4c16ba6 100644
--- a/settings_security.php
+++ b/settings_security.php
@@ -12,7 +12,7 @@ require_once("inc_all_settings.php");
                 <div class="form-group">
                     <div class="custom-control custom-switch">
                         <input type="checkbox" class="custom-control-input" name="config_login_key_required" <?php if ($config_login_key_required == 1) { echo "checked"; } ?> value="1" id="customSwitch1">
-                        <label class="custom-control-label" for="customSwitch1">Require a login key to protect the technician login page?</label>
+                        <label class="custom-control-label" for="customSwitch1">Require a login key to access the technician login page?</label>
                     </div>
                 </div>
 
diff --git a/settings_side_nav.php b/settings_side_nav.php
index 6485609b..e83828ba 100644
--- a/settings_side_nav.php
+++ b/settings_side_nav.php
@@ -33,13 +33,13 @@
           </a>
         </li>
 
-<!--        <li class="nav-item">-->
-<!--          <a class="nav-link --><?php //if (basename($_SERVER["PHP_SELF"]) == "settings_security.php") { echo "active"; } ?><!--"-->
-<!--             href="settings_security.php">-->
-<!--            <i class="nav-icon fas fa-shield-alt"></i>-->
-<!--            <p>Security</p>-->
-<!--          </a>-->
-<!--        </li>-->
+        <li class="nav-item">
+          <a class="nav-link <?php if (basename($_SERVER["PHP_SELF"]) == "settings_security.php") { echo "active"; } ?>"
+             href="settings_security.php">
+            <i class="nav-icon fas fa-shield-alt"></i>
+            <p>Security</p>
+          </a>
+        </li>
 
         <li class="nav-header mt-3">TAGS & CATEGORIES</li>