users/includes, branch masterBitweaver users package repository
https://git.rdm1.uk/users/.git/atom?h=master2026-06-06T22:05:27Zusers: revert installer login changes to validate.php and getSiteCookieName2026-06-06T22:05:27ZLester Cainelester@lsces.co.uk2026-06-06T22:05:27Zurn:sha1:d7c0da0cbc86398d3a71a64355ca5e40fd26c2b6
Revert validate.php installer redirect and getSiteCookieName cookie-reuse
fallback. Both caused more problems than they solved. Original behaviour
restored; upgrade-time access via gOverrideLoginFunction works fine.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
users: fix session name split when site_title not yet in kernel_config2026-06-06T21:58:39ZLester Cainelester@lsces.co.uk2026-06-06T21:58:39Zurn:sha1:ce2c807ce05078401b3d105275d396297466e13d
getSiteCookieName() fell back to 'bit-user-bitweaver' whenever kernel_config
hadn't loaded site_title (e.g. during installer/upgrade flow). This created
a second cookie alongside the real 'bit-user-<site>' cookie, causing every
cross-page redirect to land in a different session and lose loginfrom, admin
status, and installer step state.
Fix: if site_title is empty, reuse any existing bit-user-* cookie already
present in the request rather than generating a new 'bitweaver' name.
Also: after successful admin login, redirect to the installer directly when
a version upgrade is pending (bypasses the broken loginfrom-via-session path
for the INSTALLER_FORCE case).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add CSS flag dropdown select with lipis flag-icons2026-06-05T14:34:31ZLester Cainelester@lsces.co.uk2026-06-05T14:34:31Zurn:sha1:cbfe62da3bb81e1a3f34bb061352579c8913370e
- css/flag-icons.css: lipis 4x3 set, 1x1 stripped, paths → ../icons/flags/
- countries_inc.php: asort, Smarty assigns, loadCss (PKG_PATH not PKG_URL);
PHP files reduce to single require()
- flag_select_inc.tpl: custom dropdown with .fi CSS flags, search filter,
jQuery open/close; fsName/fsValue/fsId/fsSize; min-width 300px;
line-height:1.5em on flag spans
- html_head_inc.tpl placeholder; display templates keep {biticon istyle=flag}
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Tidy countries list: add 5 entries, fix KOR, map 8 previously flagless2026-06-05T13:44:19ZLester Cainelester@lsces.co.uk2026-06-05T13:44:19Zurn:sha1:b9c0eeeccd91fd360dd26f5368199cac8ec4cdeb
New entries: Bonaire/BES, Jersey/JEY, Kosovo/XKX, Saint Martin/MAF,
Sint Maarten/SXM — all have lipis flags available.
Fix: KOR was mapped to 'ko' (wrong); corrected to 'kr'.
Added iso3166 mappings for BLM/bl, CUW/cw, SSD/ss which were in
$bwCountries but had no flag. Only SEA/AZR/FLD remain flagless.
Added note on unmapped lipis SVGs (regional, organisational, territories).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Switch to lipis flag-icons 4x3 SVG set; update constituent country codes2026-06-05T13:31:04ZLester Cainelester@lsces.co.uk2026-06-05T13:31:04Zurn:sha1:a7355f2229c5be22d339acd0340c8aaad1d6df7d
- Replace Marble SVGs with lipis/flag-icons 4x3 set (271 flags, consistent
4:3 ratio, CC0 licensed)
- Update iso3166 map: ENG/SCT/WLS/NIR now point to gb-eng/gb-sct/gb-wls/gb-nir
matching lipis naming; custom eng/sct/wls/nir SVGs retained alongside
- Switch flag {biticon} calls from hardcoded width/height to istyle=flag
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Fix countries_inc.php scope in RoleUser::load() — require not require_once2026-06-05T11:08:55ZLester Cainelester@lsces.co.uk2026-06-05T11:08:55Zurn:sha1:9b8641f687e050548020bfa484fa36b5955d5f21
Same issue as preferences/register: require_once inside a method is globally
tracked, so a second user object load won't re-execute the file, leaving
$bwIso3166 undefined and flag unset.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace GIF flag scan with static ISO alpha-3 country list and SVG flags2026-06-05T10:49:47ZLester Cainelester@lsces.co.uk2026-06-05T10:49:47Zurn:sha1:b27276bcd349afa551d0be6f3a4f87e9fcff9f3a
- Add countries_inc.php: 252 countries as alpha-3 → name + alpha-3 → alpha-2
map for flag image lookup; derived from webtrees CountryService, no runtime
webtrees dependency
- Add 243 Marble SVG flags (xx.svg) plus eng/sct/wls/nir for constituent countries
- Remove 244 full-name GIF flags
- RoleUser: set users_country_code (alpha-3), flag (alpha-2 lowercase), and
users_country (display name) at load time
- preferences.php, register.php, hauth_register.php: replace opendir GIF scan
with require_once countries_inc.php
- Templates: replace {section loop=$flags} with {foreach $countries as $code => $name};
iexplain now uses display name instead of raw flag code
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Fix invalid cookie domain when remember-me is active2026-05-30T15:52:21ZLester Cainelester@lsces.co.uk2026-05-30T15:52:21Zurn:sha1:7b4034e98282614c8e45e9c9d660b02e2cea9281
parse_url(BIT_ROOT_URL, PHP_URL_HOST) returns null for a path-only URL;
the ?? '/' fallback set domain to '/' which browsers reject as invalid.
Use ?? '' so the domain attribute is omitted and the browser infers the
current host.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Ensure permissions array is populated when checking admin permission. May not be set during install process2026-05-18T14:28:51ZLester Cainelester@lsces.co.uk2026-05-18T14:28:51Zurn:sha1:a6cad8fcba2dd8af532dc60f49dda02ee3f46cc5Pass users registered roles to session for use in protecting access using nginx auth2026-05-16T20:10:27ZLester Cainelester@lsces.co.uk2026-05-16T20:10:27Zurn:sha1:edee8faeed62e5cc1c919848ecdbab110c8d7e8f