From 71baea4fa255912113ad3067b74de72d2f09ce7f Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 4 May 2017 16:50:35 +0200
Subject: [webinterface] Add separate option to enable HSTS

---
 modules-available/webinterface/lang/de/template-tags.json | 1 +
 modules-available/webinterface/lang/en/template-tags.json | 1 +
 modules-available/webinterface/page.inc.php               | 6 +++++-
 modules-available/webinterface/templates/https.html       | 6 ++++++
 4 files changed, 13 insertions(+), 1 deletion(-)

(limited to 'modules-available/webinterface')

diff --git a/modules-available/webinterface/lang/de/template-tags.json b/modules-available/webinterface/lang/de/template-tags.json
index ea1074d2..719dbdd6 100644
--- a/modules-available/webinterface/lang/de/template-tags.json
+++ b/modules-available/webinterface/lang/de/template-tags.json
@@ -18,6 +18,7 @@
     "lang_showPasswords": "Passw\u00f6rter anzeigen",
     "lang_suppliedSelected": "Der Server verwendet zur Zeit ein \u00fcber die Option \"Eigenes Zertifikat\" hochgeladenes Zertifikat.",
     "lang_unknownSelected": "Unbekanntes oder ung\u00fcltiges Zertifikat vorhanden. Wahrscheinlich wurde der Server von einer alten Version aktualisiert. Um diese Meldung zu entfernen, die HTTPS-Konfiguration erneut vornehmen.",
+    "lang_useHsts": "HSTS aktivieren (dies erh\u00f6ht die Sicherheit, kann aber in bei sp\u00e4terem Deaktivieren von HTTPS zu Zugriffsproblemen f\u00fchren)",
     "lang_youreNotUsingHttps": "Sie besuchen diese Seite nicht per HTTPS (oder die HTTPS-Terminierung wird von einem vorgeschalteten Proxy \u00fcbernommen).",
     "lang_youreUsingHttps": "Sie besuchen diese Seite (aus Sicht des Webservers) per HTTPS."
 }
\ No newline at end of file
diff --git a/modules-available/webinterface/lang/en/template-tags.json b/modules-available/webinterface/lang/en/template-tags.json
index efe649cb..be521dcb 100644
--- a/modules-available/webinterface/lang/en/template-tags.json
+++ b/modules-available/webinterface/lang/en/template-tags.json
@@ -18,6 +18,7 @@
     "lang_showPasswords": "Show passwords",
     "lang_suppliedSelected": "The server is currently using a certificate supplied using the \"Supply own certificate\" option.",
     "lang_unknownSelected": "Unknown or invalid certificate in use. The server war probably updated from an old version while HTTPS was already enabled. Redo the HTTPS configuration steps to get rid of this message.",
+    "lang_useHsts": "Use HSTS (increases security but might lead to problems accessing the site if you disable HTTPS later)",
     "lang_youreNotUsingHttps": "You're not using HTTPS to visit this website (or the HTTPS termination is done by a reverse proxy).",
     "lang_youreUsingHttps": "You're visiting this server through an HTTPS connection (from the server's point of view)."
 }
\ No newline at end of file
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php
index 93d659f0..5207420a 100644
--- a/modules-available/webinterface/page.inc.php
+++ b/modules-available/webinterface/page.inc.php
@@ -5,6 +5,7 @@ class Page_WebInterface extends Page
 
 	const PROP_REDIRECT = 'webinterface.https-redirect';
 	const PROP_TYPE = 'webinterface.https-type';
+	const PROP_HSTS = 'webinterface.https-hsts';
 
 	protected function doPreprocess()
 	{
@@ -42,6 +43,7 @@ class Page_WebInterface extends Page
 				$task = $this->setRedirectMode();
 				break;
 		}
+		Property::set(self::PROP_HSTS, Request::post('usehsts', false, 'string') === 'on' ? 'True' : 'False');
 		if (isset($task['id'])) {
 			Session::set('https-id', $task['id']);
 			Util::redirect('?do=WebInterface&show=httpsupdate' . $off);
@@ -65,11 +67,13 @@ class Page_WebInterface extends Page
 		}
 		$type = Property::get(self::PROP_TYPE);
 		$force = Property::get(self::PROP_REDIRECT) === 'True';
+		$hsts = Property::get(self::PROP_HSTS) === 'True';
 		$https = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off';
 		$exists = file_exists('/etc/lighttpd/server.pem');
 		$data = array(
 			'httpsUsed' => $https,
-			'redirect_checked' => ($force ? 'checked' : '')
+			'redirect_checked' => ($force ? 'checked' : ''),
+			'hsts_checked' => ($hsts ? 'checked' : '')
 		);
 		// Type should be 'off', 'generated', 'supplied'
 		if ($type === 'off') {
diff --git a/modules-available/webinterface/templates/https.html b/modules-available/webinterface/templates/https.html
index 77585ddf..ecfe5f5d 100644
--- a/modules-available/webinterface/templates/https.html
+++ b/modules-available/webinterface/templates/https.html
@@ -78,6 +78,12 @@ MIIFfTCCA...
 					{{lang_httpsRedirect}}
 				</span>
 			</div>
+			<div class="input-group">
+				<span class="input-group-addon"><input id="usehsts" type="checkbox" name="usehsts" value="on" {{hsts_checked}}></span>
+				<span class="form-control" onclick="$('#usehsts').prop('checked', !$('#usehsts').prop('checked'))">
+					{{lang_useHsts}}
+				</span>
+			</div>
 			<br>
 
 			<div class="pull-right">
-- 
cgit v1.2.3-55-g7522


From f7900fa08276d2668221a1b4ce7462d68e6f2893 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 5 May 2017 13:04:19 +0200
Subject: [webinterface] Log user out when disabling HTTPS to prevent lockout

---
 inc/session.inc.php                         |  9 +++++++--
 index.php                                   |  2 +-
 modules-available/webinterface/page.inc.php | 14 ++++++++------
 3 files changed, 16 insertions(+), 9 deletions(-)

(limited to 'modules-available/webinterface')

diff --git a/inc/session.inc.php b/inc/session.inc.php
index 26effa3f..24bf6ac0 100644
--- a/inc/session.inc.php
+++ b/inc/session.inc.php
@@ -74,10 +74,15 @@ class Session
 	{
 		if (self::$sid === false) return;
 		@unlink(self::getSessionFile());
-		@setcookie('sid', '', time() - 8640000, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+		self::deleteCookie();
 		self::$sid = false;
 		self::$data = false;
 	}
+
+	public static function deleteCookie()
+	{
+		setcookie('sid', '', time() - 8640000, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+	}
 	
 	private static function getSessionFile()
 	{
@@ -104,7 +109,7 @@ class Session
 		$sessionfile = self::getSessionFile();
 		$ret = @file_put_contents($sessionfile, @serialize(self::$data));
 		if (!$ret) Util::traceError('Storing session data  in ' . $sessionfile . ' failed.');
-		$ret = @setcookie('sid', self::$sid, time() + CONFIG_SESSION_TIMEOUT, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+		$ret = setcookie('sid', self::$sid, time() + CONFIG_SESSION_TIMEOUT, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
 		if (!$ret) Util::traceError('Error: Could not set Cookie for Client (headers already sent)');
 	}
 }
diff --git a/index.php b/index.php
index 7cbb3b40..a3f45ff3 100644
--- a/index.php
+++ b/index.php
@@ -116,7 +116,7 @@ if (defined('CONFIG_DEBUG') && CONFIG_DEBUG) {
 
 // Set HSTS Header if client is using HTTPS
 if(!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') {
-	if (Request::any('hsts') === 'off' || Property::get('webinterface.https-hsts', 'False') !== 'True') {
+	if (Property::get('webinterface.https-hsts', 'False') !== 'True') {
 		Header('Strict-Transport-Security: max-age=0', true);
 	} else {
 		Header('Strict-Transport-Security: max-age=15768000', true);
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php
index 5207420a..ae9a94fd 100644
--- a/modules-available/webinterface/page.inc.php
+++ b/modules-available/webinterface/page.inc.php
@@ -26,12 +26,10 @@ class Page_WebInterface extends Page
 
 	private function actionConfigureHttps()
 	{
-		$task = false;
-		$off = '';
-		switch (Request::post('mode')) {
+		$mode = Request::post('mode');
+		switch ($mode) {
 			case 'off':
 				$task = $this->setHttpsOff();
-				$off = '&hsts=off';
 				break;
 			case 'random':
 				$task = $this->setHttpsRandomCert();
@@ -43,10 +41,12 @@ class Page_WebInterface extends Page
 				$task = $this->setRedirectMode();
 				break;
 		}
-		Property::set(self::PROP_HSTS, Request::post('usehsts', false, 'string') === 'on' ? 'True' : 'False');
+		if ($mode !== 'off') {
+			Property::set(self::PROP_HSTS, Request::post('usehsts', false, 'string') === 'on' ? 'True' : 'False');
+		}
 		if (isset($task['id'])) {
 			Session::set('https-id', $task['id']);
-			Util::redirect('?do=WebInterface&show=httpsupdate' . $off);
+			Util::redirect('?do=WebInterface&show=httpsupdate');
 		}
 		Util::redirect('?do=WebInterface');
 	}
@@ -123,7 +123,9 @@ class Page_WebInterface extends Page
 	private function setHttpsOff()
 	{
 		Property::set(self::PROP_TYPE, 'off');
+		Property::set(self::PROP_HSTS, 'off');
 		Header('Strict-Transport-Security: max-age=0', true);
+		Session::deleteCookie();
 		return Taskmanager::submit('LighttpdHttps', array());
 	}
 
-- 
cgit v1.2.3-55-g7522


From 16dc9cfeea4bc060982f0b364ddaac98095ef654 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 9 May 2017 14:30:30 +0200
Subject: [webinterface] Allow customizing page title prefix and logo bgcolor

---
 inc/render.inc.php                                 | 19 +++++++++++++-
 modules-available/main/templates/main-menu.html    |  1 +
 modules-available/webinterface/page.inc.php        | 30 ++++++++++++++++++++++
 .../webinterface/templates/customization.html      | 30 ++++++++++++++++++++++
 4 files changed, 79 insertions(+), 1 deletion(-)
 create mode 100644 modules-available/webinterface/templates/customization.html

(limited to 'modules-available/webinterface')

diff --git a/inc/render.inc.php b/inc/render.inc.php
index 5515c659..c34c285a 100644
--- a/inc/render.inc.php
+++ b/inc/render.inc.php
@@ -40,6 +40,11 @@ class Render
 		self::$mustache = new Mustache_Engine($options);
 	}
 
+	private static function cssEsc($str)
+	{
+		return str_replace(array('"', '&', '<', '>'), array('\\000022', '\\000026', '\\00003c', '\\00003e'), $str);
+	}
+
 	/**
 	 * Output the buffered, generated page
 	 */
@@ -47,12 +52,24 @@ class Render
 	{
 		Header('Content-Type: text/html; charset=utf-8');
 		$modules = array_reverse(Module::getActivated());
+		$title = Property::get('page-title-prefix', '');
+		$bgcolor = Property::get('logo-background', '');
+		if (!empty($bgcolor) || !empty($title)) {
+			self::$header .= '<style type="text/css">' . "\n";
+			if (!empty($bgcolor)) {
+				self::$header .= ".navbar-header { background-color: $bgcolor; }";
+			}
+			if (!empty($title)) {
+				self::$header .= '#navbar-sub:after { content: "' . self::cssEsc($title) . '";margin:0 }';
+			}
+			self::$header .= "\n</style>";
+		}
 		ob_start('ob_gzhandler');
 		echo
 		'<!DOCTYPE html>
 	<html>
 		<head>
-			<title>', self::$title, RENDER_DEFAULT_TITLE, '</title>
+			<title>', $title, self::$title, RENDER_DEFAULT_TITLE, '</title>
 			<meta charset="utf-8"> 
 			<meta http-equiv="X-UA-Compatible" content="IE=edge">
 			<meta name="viewport" content="width=device-width, initial-scale=1.0">
diff --git a/modules-available/main/templates/main-menu.html b/modules-available/main/templates/main-menu.html
index 2ede4f87..55b19833 100644
--- a/modules-available/main/templates/main-menu.html
+++ b/modules-available/main/templates/main-menu.html
@@ -20,6 +20,7 @@
 				<span class="icon-bar"></span>
 			</button>
 			<a class="navbar-brand" href="?do=Main">OpenSLX</a>
+			<div id="navbar-sub" class="gray small"></div>
 		</div>
 		<!-- Collect the nav links, forms, and other content for toggling -->
 		<div class="collapse navbar-collapse" id="bs-sidebar-navbar-collapse-1">
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php
index ae9a94fd..e5a25834 100644
--- a/modules-available/webinterface/page.inc.php
+++ b/modules-available/webinterface/page.inc.php
@@ -21,6 +21,9 @@ class Page_WebInterface extends Page
 			case 'password':
 				$this->actionShowHidePassword();
 				break;
+			case 'customization':
+				$this->actionCustomization();
+				break;
 		}
 	}
 
@@ -57,6 +60,17 @@ class Page_WebInterface extends Page
 		Util::redirect('?do=WebInterface');
 	}
 
+	private function actionCustomization()
+	{
+		$prefix = Request::post('prefix', '', 'string');
+		if (!empty($prefix) && !preg_match('/[\]\)\}\-_\s\&\$\!\/\+\*\^\>]$/', $prefix)) {
+			$prefix .= ' ';
+		}
+		Property::set('page-title-prefix', $prefix);
+		Property::set('logo-background', Request::post('bgcolor', '', 'string'));
+		Util::redirect('?do=WebInterface');
+	}
+
 	protected function doRender()
 	{
 		//
@@ -118,6 +132,22 @@ class Page_WebInterface extends Page
 		else
 			$data['selected_hide'] = 'checked';
 		Render::addTemplate('passwords', $data);
+		$data = array('prefix' => Property::get('page-title-prefix'));
+		$data['colors'] = array_map(function ($i) { return array('color' => $i); },
+			array('', 'red', 'green', 'blue', 'black', 'white', 'orange', 'gray', 'lime', 'magenta', 'yellow'));
+		$color = Property::get('logo-background');
+		foreach ($data['colors'] as &$c) {
+			if ($c['color'] === $color) {
+				$c['selected'] = 'selected';
+				$color = false;
+				break;
+			}
+		}
+		unset($c);
+		if ($color) {
+			$data['colors'][] = array('color' => $color, 'selected' => 'selected');
+		}
+		Render::addTemplate('customization', $data);
 	}
 
 	private function setHttpsOff()
diff --git a/modules-available/webinterface/templates/customization.html b/modules-available/webinterface/templates/customization.html
new file mode 100644
index 00000000..447404a6
--- /dev/null
+++ b/modules-available/webinterface/templates/customization.html
@@ -0,0 +1,30 @@
+<form action="?do=WebInterface" method="post">
+	<input type="hidden" name="token" value="{{token}}">
+	<input type="hidden" name="action" value="customization">
+	<div class="panel panel-default">
+		<div class="panel-heading">{{lang_customization}}</div>
+		<div class="panel-body">
+			<p>{{lang_customizationDesc}}</p>
+			<div>
+				<label>
+					{{lang_pageTitlePrefix}}
+					<input type="text" class="form-control" name="prefix" value="{{prefix}}">
+				</label>
+
+			</div>
+			<div>
+				<label>
+					{{lang_logoBackground}}
+					<select class="form-control" name="bgcolor">
+						{{#colors}}
+							<option style="color:{{color}}" {{selected}}>{{color}}</option>
+						{{/colors}}
+					</select>
+				</label>
+			</div>
+			<div class="pull-right">
+				<button type="submit" class="btn btn-primary">{{lang_save}}</button>
+			</div>
+		</div>
+	</div>
+</form>
-- 
cgit v1.2.3-55-g7522


From ce1dd2f20f9c6e49515846d7401c832324088889 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 9 May 2017 14:36:47 +0200
Subject: Update translations

---
 modules-available/webinterface/lang/de/template-tags.json | 4 ++++
 modules-available/webinterface/lang/en/template-tags.json | 4 ++++
 2 files changed, 8 insertions(+)

(limited to 'modules-available/webinterface')

diff --git a/modules-available/webinterface/lang/de/template-tags.json b/modules-available/webinterface/lang/de/template-tags.json
index 719dbdd6..245173c3 100644
--- a/modules-available/webinterface/lang/de/template-tags.json
+++ b/modules-available/webinterface/lang/de/template-tags.json
@@ -3,14 +3,18 @@
     "lang_caChain": "Optional k\u00f6nnen Sie hier die zum Zertifikat geh\u00f6rende Zertifikatkette (CA-Chain) einf\u00fcgen. Dies wird ben\u00f6tigt, wenn das Zertifikat nicht direkt von einer der in Browsern mitgeliferten CAs signiert wurde. Die Datei enth\u00e4lt ein oder meherere Zertifikatsbl\u00f6cke, im gleichen Format wie das oben gezeigte Zertifikat.",
     "lang_certificate": "Bitte f\u00fcgen Sie hier das Zertifikat ein. Das Zertifikat wird im Base64-codierten x509-Format erwartet (manchmal pem genannt). Es sieht in etwa wie folgt aus:",
     "lang_customCert": "Eigenes Zertifikat verwenden",
+    "lang_customization": "Designanpassung",
+    "lang_customizationDesc": "Hier k\u00f6nnen Sie kleine optische Anpassungen an der Weboberfl\u00e4che vornehmen. Dies ist hilfreich, wenn Sie z.B. ein Produktiv- und ein Testsystem betreiben und verhindern m\u00f6chten, dass Sie versehentlich in der Falschen Weboberfl\u00e4che kritische Einstellungen ver\u00e4ndern.",
     "lang_generatedSelected": "Der Server verwendet zur Zeit ein automatisch generiertes, selbst signiertes Zertifikat.",
     "lang_hidePasswords": "Passw\u00f6rter maskieren",
     "lang_httpsDescription": "Hier k\u00f6nnen Sie festlegen, ob das Web-Interface auch per HTTPS erreichbar sein soll, und welches Zertifikat daf\u00fcr verwendet werden soll.",
     "lang_httpsRedirect": "Anfragen per HTTP immer auf HTTPS umleiten (sofern aktiviert)",
     "lang_httpsSettings": "HTTPS-Konfiguration",
     "lang_installAndRestart": "Zertifikat installieren und Webserver neustarten",
+    "lang_logoBackground": "Hintergrundfarbe des Logos",
     "lang_noHttps": "HTTPS wieder deaktivieren, aktuelles Zertifikat l\u00f6schen",
     "lang_offSelected": "HTTPS ist derzeit deaktiviert.",
+    "lang_pageTitlePrefix": "Pr\u00e4fix f\u00fcr den Seitentitel",
     "lang_passwordFields": "Passwortfelder",
     "lang_passwordsDescription": "Legen Sie fest, ob Passwortfelder in der Web-Schnittstelle maskiert werden, oder ob Ihr Inhalt sichtbar sein soll. Wenn Sie die Schnittstelle in einer sicheren Umgebung nutzen (keine neugierigen Augen), kann dies den Komfort erh\u00f6hen. Das Passwortfeld der Anmeldemaske ist von dieser Einstellung ausgenommen.",
     "lang_privateKey": "Bitte f\u00fcgen Sie hier den privaten Schl\u00fcssel ein, der zum obigen Zertifikat geh\u00f6rt. Er muss ebenfalls im \"pem\"-Format vorliegen, und sieht wie folgt aus:",
diff --git a/modules-available/webinterface/lang/en/template-tags.json b/modules-available/webinterface/lang/en/template-tags.json
index be521dcb..0fb4cc96 100644
--- a/modules-available/webinterface/lang/en/template-tags.json
+++ b/modules-available/webinterface/lang/en/template-tags.json
@@ -3,14 +3,18 @@
     "lang_caChain": "Here you can paste an optional certificate chain. It should only be required if you have a certificate that was not directly signed by a certificate authority known by the browsers. It should contain one or more certificate blocks, looking just like the certificate above.",
     "lang_certificate": "Please paste your certificate below. It has to be in base64 encoded x509 format (sometimes called pem). It should look something like this:",
     "lang_customCert": "Supply own certificate",
+    "lang_customization": "Design customization",
+    "lang_customizationDesc": "Here you can make small changes to the design of the web interface. This might help to prevent accidents if you run multiple satellite servers and have an open tab for all of them at the same time.",
     "lang_generatedSelected": "The server is currently using an automatically generated, self-signed certificate.",
     "lang_hidePasswords": "Mask passwords",
     "lang_httpsDescription": "Here you can set whether the web interface should be accessible via https. You can choose if you want to use a random self signed certificate, or supply your own.",
     "lang_httpsRedirect": "Redirect incoming HTTP requests to HTTPS (if enabled).",
     "lang_httpsSettings": "HTTPS settings",
     "lang_installAndRestart": "Installing certificate and restarting web server",
+    "lang_logoBackground": "Logo background color",
     "lang_noHttps": "Disable HTTPS, delete current certificate",
     "lang_offSelected": "HTTPS is currently disabled.",
+    "lang_pageTitlePrefix": "Page title prefix",
     "lang_passwordFields": "Password fields",
     "lang_passwordsDescription": "Set whether password fields should be masked or not. The password field of the login page to the web interface is always masked.",
     "lang_privateKey": "Please paste the private key belonging to the certificate here. It has to be in \"pem\" format too, which should look like this:",
-- 
cgit v1.2.3-55-g7522


From c8714cd09c397f2b77453fde6ac1547c5dd26b43 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 9 May 2017 17:31:25 +0200
Subject: Update translations

---
 modules-available/webinterface/lang/de/template-tags.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules-available/webinterface')

diff --git a/modules-available/webinterface/lang/de/template-tags.json b/modules-available/webinterface/lang/de/template-tags.json
index 245173c3..64ba84d0 100644
--- a/modules-available/webinterface/lang/de/template-tags.json
+++ b/modules-available/webinterface/lang/de/template-tags.json
@@ -4,7 +4,7 @@
     "lang_certificate": "Bitte f\u00fcgen Sie hier das Zertifikat ein. Das Zertifikat wird im Base64-codierten x509-Format erwartet (manchmal pem genannt). Es sieht in etwa wie folgt aus:",
     "lang_customCert": "Eigenes Zertifikat verwenden",
     "lang_customization": "Designanpassung",
-    "lang_customizationDesc": "Hier k\u00f6nnen Sie kleine optische Anpassungen an der Weboberfl\u00e4che vornehmen. Dies ist hilfreich, wenn Sie z.B. ein Produktiv- und ein Testsystem betreiben und verhindern m\u00f6chten, dass Sie versehentlich in der Falschen Weboberfl\u00e4che kritische Einstellungen ver\u00e4ndern.",
+    "lang_customizationDesc": "Hier k\u00f6nnen Sie kleine optische Anpassungen an der Weboberfl\u00e4che vornehmen. Dies ist hilfreich, wenn Sie z.B. ein Produktiv- und ein Testsystem betreiben und verhindern m\u00f6chten, dass Sie versehentlich in der falschen Weboberfl\u00e4che kritische Einstellungen ver\u00e4ndern.",
     "lang_generatedSelected": "Der Server verwendet zur Zeit ein automatisch generiertes, selbst signiertes Zertifikat.",
     "lang_hidePasswords": "Passw\u00f6rter maskieren",
     "lang_httpsDescription": "Hier k\u00f6nnen Sie festlegen, ob das Web-Interface auch per HTTPS erreichbar sein soll, und welches Zertifikat daf\u00fcr verwendet werden soll.",
-- 
cgit v1.2.3-55-g7522


From e7fb2eafc44d0b5eab79b13432d3e7c4227fd83e Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 10 May 2017 11:03:40 +0200
Subject: [weninterface] Improve color list a bit

---
 inc/render.inc.php                                 | 23 ++++++++++++++++++++--
 modules-available/webinterface/page.inc.php        |  4 ++--
 .../webinterface/templates/customization.html      |  2 +-
 3 files changed, 24 insertions(+), 5 deletions(-)

(limited to 'modules-available/webinterface')

diff --git a/inc/render.inc.php b/inc/render.inc.php
index c34c285a..72993ab5 100644
--- a/inc/render.inc.php
+++ b/inc/render.inc.php
@@ -57,10 +57,11 @@ class Render
 		if (!empty($bgcolor) || !empty($title)) {
 			self::$header .= '<style type="text/css">' . "\n";
 			if (!empty($bgcolor)) {
-				self::$header .= ".navbar-header { background-color: $bgcolor; }";
+				$fgcolor = self::readableColor($bgcolor);
+				self::$header .= ".navbar-header{background-color:$bgcolor}a.navbar-brand{color:$fgcolor!important}";
 			}
 			if (!empty($title)) {
-				self::$header .= '#navbar-sub:after { content: "' . self::cssEsc($title) . '";margin:0 }';
+				self::$header .= '#navbar-sub:after{content:"' . self::cssEsc($title) . '";margin:0}';
 			}
 			self::$header .= "\n</style>";
 		}
@@ -302,4 +303,22 @@ class Render
 		self::$dashboard = $params;
 	}
 
+	public static function readableColor($hex) {
+		if (strlen($hex) <= 4) {
+			$cnt = 1;
+		} else {
+			$cnt = 2;
+		}
+		if (preg_match('/^#?([a-f0-9]{'.$cnt.'})([a-f0-9]{'.$cnt.'})([a-f0-9]{'.$cnt.'})$/i', $hex, $out) != 1)
+			return '#000';
+		$chans = array();
+		$f = ($cnt === 1 ? 17 : 1);
+		for ($i = 1; $i <= 3; ++$i) {
+			$out[$i] = (hexdec($out[$i]) * $f);
+			$chans[] = $out[$i] ^ 0x80;
+		}
+		$b = (255 - (0.299 * $out[1] + 0.587 * $out[2] + 0.114 * $out[3])) * 2;
+		return sprintf("#%02x%02x%02x", ($chans[0] + $b) / 3, ($chans[1] + $b) / 3, ($chans[2] + $b) / 3);
+	}
+
 }
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php
index e5a25834..e576807e 100644
--- a/modules-available/webinterface/page.inc.php
+++ b/modules-available/webinterface/page.inc.php
@@ -133,8 +133,8 @@ class Page_WebInterface extends Page
 			$data['selected_hide'] = 'checked';
 		Render::addTemplate('passwords', $data);
 		$data = array('prefix' => Property::get('page-title-prefix'));
-		$data['colors'] = array_map(function ($i) { return array('color' => $i); },
-			array('', 'red', 'green', 'blue', 'black', 'white', 'orange', 'gray', 'lime', 'magenta', 'yellow'));
+		$data['colors'] = array_map(function ($i) { return array('color' => $i ? '#' . $i : '', 'text' => Render::readableColor($i)); },
+			array('', 'f00', '0f0', '00f', 'ff0', 'f0f', '0ff', 'fff', '000', 'f90', '09f', '90f', 'f09', '9f0'));
 		$color = Property::get('logo-background');
 		foreach ($data['colors'] as &$c) {
 			if ($c['color'] === $color) {
diff --git a/modules-available/webinterface/templates/customization.html b/modules-available/webinterface/templates/customization.html
index 447404a6..7949f95b 100644
--- a/modules-available/webinterface/templates/customization.html
+++ b/modules-available/webinterface/templates/customization.html
@@ -17,7 +17,7 @@
 					{{lang_logoBackground}}
 					<select class="form-control" name="bgcolor">
 						{{#colors}}
-							<option style="color:{{color}}" {{selected}}>{{color}}</option>
+							<option style="color:{{text}};background:{{color}}" {{selected}}>{{color}}</option>
 						{{/colors}}
 					</select>
 				</label>
-- 
cgit v1.2.3-55-g7522