mosparo / mosparo Goto Github PK

First up, thank you so much for the work that you've put into this project!

Now the question;

Is there a way to configure the operation to work like ReCaptchaV3?

My website form is set up (using Mautic* as the back-end) with ReCaptcha in 'silent mode'? There's no checkbox or button to click or puzzle to complete. For the form submitter, the experience is invisible.

*Mautic! Another open-source project!

Hi,
In project > apparence, pb with special caractere (in french) :

Thanks

Hi,
I would like to use mosparo on Joomla 4.0. Are there any plans for a Joomla 4.0 plugin?

Discussed in #108

Idea

Export functionality

• Add an option to export a project's settings into a file. This includes all project settings (Name, Description, Hosts, Spam rating factor, security settings, design settings, all rules with all items, and all rulesets). It does not include submissions, project members, and the API keys as well as the project UUID.
• The user can choose which parts should be included in the export. For example, general project data (Name, Description, Hosts, Spam rating factor), security settings, design settings, rules, or rulesets.
• The user will download a JSON file with the selected data.

Import functionality

• Add an option to import a project's settings from a file.
• The user can choose which parts should be imported from the provided file. For example, the user can only import rules, not other things in the file.
• The user can choose what the import process should do with existing rules. The user can either override the existing rules (remove additionally available items), append the not existing items to the existing rule, or add the rule as a new rule. All other data will be replaced if selected for import (project settings and rulesets).

Changes

• Add the schema for the configuration file to the mosparo Specifications
• Add the export functionality in the tools area
• Add the import functionality in the tools area
• Add a button (to go to the import functionality) in the project wizard to import directly (without going through all the wizard steps)
• Add two commands to export and import the settings via CLI

Suggested by

• @Digi92

When a project receives a lot of submissions, the submission list is not very useful right now. If you see in the dashboard that you received a spam submission some days ago, you must scroll through the list to find this message.

To solve this problem, we should add filters with which you can filter the list and show only the filtered results.

Filters (at least):

• Origin
• Is Spam
• Is Verified

For other fields (like IP address), we must check if it is possible (because some columns are encrypted in the database).

Discussed in #52

Changes

• Add a configuration interface in the Security Settings in the Administration interface.
• Add the RateLimiter configuration in the Symfony config

Suggested by

• @mosparo/core-developers

Hello,
while testing the option "IP allow list".
I noticed that if there are one or more "return character (\r)" in the string, it comes to errors in "SecurityHelper->isIpOnAllowList".
This leads to the fact that Captcha cannot be loaded in the form.
In order to fix this I have replaced explode(PHP_EOL, $ipAllowList) with preg_split('/\r\n|\r|\n/', $ipAllowList)
replaced.
See explanation why: https://stackoverflow.com/a/29471912

Additionally it was not considered that Factory::parseAddressString and Subnet::parseString can return a "null" value.

My initial error:

Uncaught Error: Call to a member function getAddressType() on null {"exception":"[object] (Error(code: 0): Call to a member function getAddressType() on null at /var/www/htdocs/src/Helper/SecurityHelper.php:71)"} []

For this reason I have created a pull request that contains all the necessary changes: #55

Explanation

Right now, every user can create new projects, but only the owner of a project can edit or delete one.

Since it's possible to have users with only read access, it should be impossible for them to create new projects.

A user can be configured to create new projects with this new role.

Administrators can always create projects, and the new field will be disabled for administrators.

Changes

• Add role to the user management
• Adjust the security settings
• Adjust the project list page and remove the Create Project button if needed

Suggested by

• @mosparo/core-developers

Discussed in #53

Changes

• Add the additional design mode in the design settings.
• Add the required options in the design settings.
• Adjust the frontend styles to handle the invisible mode.
• Adjust the frontend JavaScript to handle the invisible mode.
• Adjust the hint in the wizard regarding advanced mode with the invisible mode.

Suggested by

• @quadcom

We've added the Content Security Policy header with v0.3.15. But on the design settings page, we must use the flag unsafe-inline for style-src and the data: flag for the img-src option.

These two things are unsafe and should be removed.

Since the color picker uses both of them (images via url(data:...) and style="...") we have to replace the color picker.

• Replace the color picker
• Replace the inline styles from mosparo directly
• Remove the onKernelResponse event subscriber in the ProjectListener

When you try to create a new user and set the password for the user (not sending an invitation email), the process will not work. It will end in an error 500.

Because of a bug in the CleanupHelper, the spam submissions get deleted after 24 hours instead of 14 days.

https://github.com/mosparo/mosparo/blob/master/src/Helper/CleanupHelper.php#L69

The SQL statement must be adjusted to check if s.spam is 0 for the limitDay part. This part of the query is to delete valid but not submitted submissions because these user data are not required anymore (they did not submit, and the submission does not contain any spam, which means we have no reason to store the data any longer).

I really love all the customization provided, but one thing that would be nice is the ability to change the flavor text for the captcha. "I accept that the form entries are checked for spam and stored encrypted for 14 days" is a bit too verbose IMO, and I'd personally like to change it to something simple like "Are you a robot?"

Hi,
i noticed that neither in the documentation or in the code the required node version for building the frontend is noted.
Could you add this information.
Additionally it would be good to create a .nvmrc file.
Documentation: https://github.com/nvm-sh/nvm#nvmrc

Hi,

we run a mosparo instance 0.4.3 and run into the following error after selecting the project and displaying the chart in the backend.
Error: Maximum execution time of 30 seconds exceeded at vendor/paragonie/sodium_compat/src/Core/Util.php:583)"}
We do have ~4000 submissions in the database.

The issue comes from Controller/ProjectRelated/DashboardController.php:getSubmissionDataForChart and selected the whole content from submissions.

This request took 8.6 seconds to fetch.

SELECT s0_.id AS id_0, s0_.validation_token AS validation_token_1, s0_.data AS data_2, s0_.signature AS signature_3, s0_.submitted_at AS submitted_at_4, s0_.verified_at AS verified_at_5, s0_.matched_rule_items AS matched_rule_items_6, s0_.ignored_fields AS ignored_fields_7, s0_.verified_fields AS verified_fields_8, s0_.general_verifications AS general_verifications_9, s0_.spam_rating AS spam_rating_10, s0_.spam AS spam_11, s0_.spam_detection_rating AS spam_detection_rating_12, s0_.valid AS valid_13, s0_.submit_token_id AS submit_token_id_14, s0_.project_id AS project_id_15 
FROM submission s0_ 
WHERE (s0_.spam = 1 OR s0_.valid IS NOT NULL) 
AND (s0_.project_id = 1)

If we limit the select to the necessary fields we could speed up the request because we only need 3 fields to display the chart (submittedAt, valid, spam).

SELECT s0_.submitted_at AS submitted_at_4, s0_.valid AS valid_13, s0_.spam AS spam_11
FROM submission s0_ 
WHERE (s0_.spam = 1 OR s0_.valid IS NOT NULL) 
AND (s0_.project_id = 1)

0.028 Sec

protected function getSubmissionDataForChart($entityManager): array
    {
        $noSpamSubmissionsData = $spamSubmissionsData = $this->createEmptyDateArray();

        $builder = $entityManager->createQueryBuilder();
        $builder
            ->select('s.submittedAt, s.valid, s.spam')
            ->from(Submission::class, 's')
            ->where('s.spam = 1')
            ->orWhere('s.valid IS NOT NULL');

        foreach ($builder->getQuery()->getResult() as $submission) {
            $dateKey = $submission['submittedAt']->format('Y-m-d');
            if ($submission['spam'] || !$submission['valid']) {
                if (!isset($spamSubmissionsData[$dateKey])) {
                    continue;
                }

                $spamSubmissionsData[$dateKey]++;
            } else if ($submission['valid']) {
                if (!isset($noSpamSubmissionsData[$dateKey])) {
                    continue;
                }

                $noSpamSubmissionsData[$dateKey]++;
            }
        }

        return [
            $this->convertIntoChartArray($noSpamSubmissionsData),
            $this->convertIntoChartArray($spamSubmissionsData),
            array_sum($noSpamSubmissionsData),
            array_sum($spamSubmissionsData)
        ];
    }

A different approach could be to cache all data in the past and only fetch the current day from the database.

What do you think how should we address this issue?

Similar to the filter on the submission list page or in the ruleset detail view, adding a filter to the rules list page would help to make the list page more usable compared to right now, especially with a lot of rules.

Changes

• Add the filter dropdown with the different rule types on the list page.
• Filter the list for the selected rule type.

Suggested by

• @mosparo/core-developers

When I press "Check for update" I get a 500 internal server error

Hi,
i noticed that Mosparo currently does not set Content-Security-Policy (CSP) headers, which are important security headers.

Therefore I have created a first draft with which these are set via the ".htaccess" file, but in my draft "script-src" and "style-src" are set with "unsafe-inline".

Pull request: #44

When I try to is install mosparo on Plesk. I get a internal server error.

In the logs I get the following error

[2023-05-09T06:48:52.533099+00:00] request.CRITICAL: Uncaught PHP Exception RuntimeException: "Session Storage was not able to create directory "/var/lib/php/sessions"." at /var/www/vhosts/DOMAIN/example.DOMAIN/vendor/symfony/http-foundation/Session/Storage/Handler/NativeFileSessionHandler.php line 49 {"exception":"[object] (RuntimeException(code: 0): Session Storage was not able to create directory \"/var/lib/php/sessions\". at /var/www/vhosts/DOMAIN/example.DOMAIN/vendor/symfony/http-foundation/Session/Storage/Handler/NativeFileSessionHandler.php:49)"} []

Discussed in #101

Changes

• Replace the list of rules and items in the ruleset details view with a table. The table has to be sortable and needs a pagination. In the table, all rules in the ruleset are listed with a button on the right side to see the content of the rules.
• When the user clicks on the button in the table, the user will see a new view with the details of the rule. This new view will also have a sortable table with pagination and lists all rule items in a rule.
• The rules table should be filterable by choosing the rule types that should be visible in the table.

Suggested by

• @Digi92

Hello,
Another error 500 on QRCODE generation I think :
[2023-05-25T18:30:09.005183+00:00] request.CRITICAL: Uncaught PHP Exception Endroid\QrCode\Exception\GenerateImageException: "Unable to generate image: check your GD installation"
Thanks

Currently, I'm using an unmodified version of the docker-compose.yml file. However, I can't get past this step in the setup:

It was not possible to connect to the database. Please check your settings below and try again.

The callbacks and events are not described in the documentation.

Right now, the lockout security feature counts every request. This can be a problem if the mosparo box, for example, is visible in the footer of a website. Every page will increase the counter; if the maximum is reached, the user sees the lockout message.

The better solution is to change the behavior of the lockout security feature.

With the new behavior, only the form data validation will count and increase the counter. After the user tries to validate the form data too often within the defined time frame, the subsequent request will be blocked.

The delay security feature will not be changed.

With this change, the delay feature can be used to add a delay if the user tries to load a contact form too many times, while the lockout feature can be used to block the user from validating the form if the user tried it too many times (brute force protection).

Hello,
i have mosparo version 0.3.20 on a small site in testing.
Now it has come to a database error, whereby the captach has displayed an error message.
I could also trigger the error with the command "mosparo:cleanup-database".

I fixed the error message by changing the "ON DELETE" of the foreign key "FK_DB055AF32B4057C1" of the "submission" table from "RESTRICT" to "CASCADE".
So the DELETE statement could be executed but i am not sure if this was the correct solution?

Error message from log:

[2023-06-21T13:21:32.072463+02:00] request.CRITICAL: Uncaught PHP Exception Doctrine\DBAL\Exception\ForeignKeyConstraintViolationException: "An exception occurred while executing 'DELETE FROM submit_token WHERE (created_at < ? AND submission_id IS NULL) AND (submit_token.project_id = 2)' with params ["2023-06-20 13:21:32"]:  SQLSTATE[23000]: Integrity constraint violation: 1451 Cannot delete or update a parent row: a foreign key constraint fails (`captcha_api`.`submission`, CONSTRAINT `FK_DB055AF32B4057C1` FOREIGN KEY (`submit_token_id`) REFERENCES `submit_token` (`id`))" at /vendor/doctrine/dbal/lib/Doctrine/DBAL/Driver/AbstractMySQLDriver.php line 68 {"exception":"[object] (Doctrine\\DBAL\\Exception\\ForeignKeyConstraintViolationException(code: 0): An exception occurred while executing 'DELETE FROM submit_token WHERE (created_at < ? AND submission_id IS NULL) AND (submit_token.project_id = 2)' with params [\"2023-06-20 13:21:32\"]:\n\nSQLSTATE[23000]: Integrity constraint violation: 1451 Cannot delete or update a parent row: a foreign key constraint fails (`captcha_api`.`submission`, CONSTRAINT `FK_DB055AF32B4057C1` FOREIGN KEY (`submit_token_id`) REFERENCES `submit_token` (`id`)) at /vendor/doctrine/dbal/lib/Doctrine/DBAL/Driver/AbstractMySQLDriver.php:68)\n[previous exception] [object] (Doctrine\\DBAL\\Driver\\PDO\\Exception(code: 23000): SQLSTATE[23000]: Integrity constraint violation: 1451 Cannot delete or update a parent row: a foreign key constraint fails (`captcha_api`.`submission`, CONSTRAINT `FK_DB055AF32B4057C1` FOREIGN KEY (`submit_token_id`) REFERENCES `submit_token` (`id`)) at /vendor/doctrine/dbal/lib/Doctrine/DBAL/Driver/PDO/Exception.php:18)\n[previous exception] [object] (PDOException(code: 23000): SQLSTATE[23000]: Integrity constraint violation: 1451 Cannot delete or update a parent row: a foreign key constraint fails (`captcha_api`.`submission`, CONSTRAINT `FK_DB055AF32B4057C1` FOREIGN KEY (`submit_token_id`) REFERENCES `submit_token` (`id`)) at /vendor/doctrine/dbal/lib/Doctrine/DBAL/Driver/PDOStatement.php:117)"} []

Hi,
i just noticed that the console command "mosparo:rulesets:refresh" always returns the return code 1, which implied an error.
This should be at least a 0 and it would be best if this value would set with the constance of the class "Command".

Code: https://github.com/mosparo/mosparo/blob/master/src/Command/RefreshRulesetsCommand.php#L33

Discussed in #89

Changes

• Add table list mode to the project list page with pagination.
• Add a filter option to filter the list of visible projects on the project list page (not in the dropdown).
• Add a search field to the list page and the dropdown.

Suggested by

• @mosparo/core-developers

Thanks for this nice project!

While upgrading to 0.3.9, I realized I needed to apply the doctrine database updates.

It might be worth adding an upgrade section to the documentation (https://github.com/mosparo/documentation/tree/master/docs), including this hint:

./bin/console doctrine:migrations:migrate

For translations, which we stored with the locale and the script name (for example, zh_Hans/zh_Hant), we have to make sure that the translation is also used with the country-based locale (for example, zh_CN/zh_TW).

We currently require the locale with the script (zh_Hans/zh_Hant), so a person with the locale zh_CN/zh_TW will not see the correct translation.

Hi,
if I create a form where I want the submit button to remain disabled as long as the Mosparo captcha is not valid.
To do this, I would need to be able to disable the submit button again when the resetState function is called.
Which is not possible without a callback for the function „resetState“.

For this reason I have created a pull request that contains the necessary changes: #30

We got multiple requests to adjust the translation for the frontend box for a project. We discussed adding an interface in the backend to adjust the translations. But since that is a lot of work, it has no priority for us.

Today, @pBrambi suggested a solution that is easy to do for us and solves the problem perfectly.

Instead of adding an interface, we extend the JavaScript options for the frontend box. These options are customizable in many integrations (for example, in the WordPress plugin).

As a website owner, you can define the translations you would like to adjust (for example, the main box sentence) in the code of your website (for example, with a filter with the WordPress plugin). mosparo will then use the translation you provided for a language.

If you didn't provide a translation for a language, mosparo would use the translation shipped with mosparo. If no translation is available, the English translation will be used.

Hi

First of all, sorry for the many issues.

I am currently working on a backed client for Mosparo, written in ColdFusion, that will eventually be made into a plugin for MasaCMS. I am currently working on the verification of the Form data but I'm having some issues with the Auth header.

I am generating the auth header as described in the docs.

  /**
   * Generates the authorization header for the API call.
   *
   * @param formData The data struct to be used in generating the header.
   */
  private void function getAuthorizationHeader(
    required struct formData,
    string publicKey = variables.publicKey,
    string privateKey = variables.privateKey
  ) {
    local.apiEndpoint = "/api/v1/verification/verify";
    local.hash = lCase(hmac(local.apiEndpoint & serializeJSON(arguments.formData), getPrivateKey(), 'HmacSHA256'));

    variables.authHeader = "#getPublicKey()#:#local.hash#";
  }

If I plug the example values from the example page into this function I get the same header as the example:
QqfBxsmOfIMw0-uVNnRVdDlMUZdLpTG1xo0yyifyLrI:3bdd385caa53e3da76a8dcbfcaa0d9f4e04d8c189fab03ba41383deea236b2d3

Despite all of that I keep getting the following response:

{
	"error":true,
	"errorMessage":"Authorization header invalid."
}

I just don't know what to do since I have done everything that the dec asks from me and I have been on this issue since the last 4 days. In the screenshot below you will find all the values that could be useful for debugging.
All forms of help are welcome :3

Also, all my code is available in this repo.

Kind regards,
Ori

If you use mosparo with CloudFlare or other such providers, the IP address of the original client needs to be corrected. To get the correct IP address, the administrator must define the TRUSTED_PROXIES environment variable with the IP addresses of the reverse proxies. Additionally, some providers use different headers to send the correct client IP address.

A configuration interface should be added to make it easier to configure mosparo with a reverse proxy, where the administrator can configure the trusted proxies. Additionally, it should be possible to choose the header in which the client IP address is transmitted.

It should also be possible to choose from predefined providers like CloudFlare without searching their IP addresses in the documentation.

Inspired by #20

Since it is hard to keep track of the new versions of mosparo, we should add an automatic update check.

If a new update is available, a hint (a badge or something like that) should be visible in the header, notifying the user that an update is available.

The system will not automatically install the update.

The check should be done once daily and (most likely) in a cronjob.

Add the dark theme from Tabler for the mosparo user interface.

Hi,
if I create a form where I want the submit button to remain disabled as long as the Mosparo captcha is not valid.
If the validation failed, the submit button should remain disabled, but at the "onFormCheck" callback I don't get any information whether the check failed or not.
To do this, the callback „onFormCheck“ should be give the validation result as parameter on the callback call.

For this reason I have created a pull request that contains all the necessary changes: #32

The 2FA process needs the gd extension, but this extension is not on the list of required extensions.

Add the gd extension as a requirement in

• Setup
• System Overview
• Documentation
• README.md

And search for other places.

Hi,
we have run a small security test against the Mosparo backend.
The only result was that no "autocomplete='off'" is set for password fields.

For this reason I have created a pull request that contains the attribute on the password fields: 58

Discussed in #39

Changes

• Add a 'Tools' menu item
• Add the Rule Tester form, which allows the user to enter a value and choose its type (Text, Email address, URL, IP address, User-Agent), and if rules and rule sets should be used for the test.
• After submitting the form, the entered value will be tested with the available rules and rule sets, and the user will see the test result (which rule caught the value and the points for it).

Suggested by

• @mosparo/core-developers

HI
I am running Mosparo in a Docker container and have recently encountered an issue. After shutting down the container and starting it back up, the container seems to break. When trying to access Mosparo, I receive a 500 error and the console displays the following message when attempting to open the dashboard:

2023-07-24 09:57:25 {"message":"Matched route \"frontend_api_request_submit_token\".","context":{"route":"frontend_api_request_submit_token","route_parameters":{"_route":"frontend_api_request_submit_token","_controller":"Mosparo\\Controller\\Api\\V1\\Frontend\\FrontendApiController::request"},"request_uri":"http://localhost:8080/api/v1/frontend/request-submit-token","method":"POST"},"level":200,"level_name":"INFO","channel":"request","datetime":"2023-07-24T07:57:25.294188+00:00","extra":{}}
2023-07-24 09:57:25 {"message":"Uncaught PHP Exception Doctrine\\DBAL\\Exception\\ConnectionException: \"An exception occurred in the driver: SQLSTATE[HY000] [2002] Connection refused\" at /mosparo/vendor/doctrine/dbal/src/Driver/API/MySQL/ExceptionConverter.php line 101","context":{"exception":{"class":"Doctrine\\DBAL\\Exception\\ConnectionException","message":"An exception occurred in the driver: SQLSTATE[HY000] [2002] Connection refused","code":2002,"file":"/mosparo/vendor/doctrine/dbal/src/Driver/API/MySQL/ExceptionConverter.php:101","previous":{"class":"Doctrine\\DBAL\\Driver\\PDO\\Exception","message":"SQLSTATE[HY000] [2002] Connection refused","code":2002,"file":"/mosparo/vendor/doctrine/dbal/src/Driver/PDO/Exception.php:28","previous":{"class":"PDOException","message":"SQLSTATE[HY000] [2002] Connection refused","code":2002,"file":"/mosparo/vendor/doctrine/dbal/src/Driver/PDO/MySQL/Driver.php:33"}}}},"level":500,"level_name":"CRITICAL","channel":"request","datetime":"2023-07-24T07:57:25.312000+00:00","extra":{}}
2023-07-24 09:57:25 127.0.0.1 -  24/Jul/2023:07:57:24 +0000 "POST /index.php" 500
2023-07-24 09:57:57 {"message":"Matched route \"dashboard\".","context":{"route":"dashboard","route_parameters":{"_route":"dashboard","_controller":"Mosparo\\Controller\\ProjectRelated\\DashboardController::dashboard"},"request_uri":"http://localhost:8080/","method":"GET"},"level":200,"level_name":"INFO","channel":"request","datetime":"2023-07-24T07:57:57.092032+00:00","extra":{}}
2023-07-24 09:57:57 {"message":"Uncaught PHP Exception Doctrine\\DBAL\\Exception\\ConnectionException: \"An exception occurred in the driver: SQLSTATE[HY000] [2002] Connection refused\" at /mosparo/vendor/doctrine/dbal/src/Driver/API/MySQL/ExceptionConverter.php line 101","context":{"exception":{"class":"Doctrine\\DBAL\\Exception\\ConnectionException","message":"An exception occurred in the driver: SQLSTATE[HY000] [2002] Connection refused","code":2002,"file":"/mosparo/vendor/doctrine/dbal/src/Driver/API/MySQL/ExceptionConverter.php:101","previous":{"class":"Doctrine\\DBAL\\Driver\\PDO\\Exception","message":"SQLSTATE[HY000] [2002] Connection refused","code":2002,"file":"/mosparo/vendor/doctrine/dbal/src/Driver/PDO/Exception.php:28","previous":{"class":"PDOException","message":"SQLSTATE[HY000] [2002] Connection refused","code":2002,"file":"/mosparo/vendor/doctrine/dbal/src/Driver/PDO/MySQL/Driver.php:33"}}}},"level":500,"level_name":"CRITICAL","channel":"request","datetime":"2023-07-24T07:57:57.096822+00:00","extra":{}}
2023-07-24 09:57:57 127.0.0.1 -  24/Jul/2023:07:57:57 +0000 "GET /index.php" 500

If I set up a new container using the same image and DB container, it works flawlessly until I restart it.
Any help would be appreciated.

Hello,
On Ubuntu 22.04 + LAMP with PHP 8.2 & Mosparo 0.3.18
On wizard's step database configuration, I have an error 500 after submit form.
In logs :
php.CRITICAL: Uncaught Error: Undefined constant "XML_PI_NODE" {"exception":"[object] (Error(code: 0): Undefined constant
Thanks...

When a user submits a form I see the Cloudflare servers ip not the ip of the users pc.

Hi,

i noticed that Mosparo uses the default Symfony sessions handling, which does not work when the application is served from multiple servers.

Symfony Session Dokumentation: Symfony stores sessions in files by default. If your application is served by multiple servers, you'll need to use a database instead to make sessions work across different servers.

For this reason I have created a pull request that contains all the necessary changes to switch to database session handling: #26

The new automatic update check we introduced in v0.4 is not working when the update functionality is generally turned off.

The idea is to inform the user about the available update, even if the update functionality is disabled. The user then knows an update is available and can manually check how to update (for example, by pulling the latest Docker image).

If the automatic update check is disabled, the check will not be performed.

After a new project is created, the user should be redirected to a wizard in which the user can configure the most important things about the project.

First, we will show the user the design settings in easy mode, where the user chooses the three colors (text, background, accent) and the size. In the next step, all four security features will be described and can be enabled directly.

In the last step, the user sees the information about the project needed to integrate it (host, UUID, public and private key).

The user can skip every step of the wizard.

Refactor the design settings and add an easy mode, making it easier for the user.

In the easy mode, the user will see three color fields to choose the text, the background, and the accent color of the place where the form will be visible. mosparo will calculate the other colors depending on a predefined color schema. Additionally, the user can choose the size of the box.

In the expert mode, all fields will be visible as they are now.

In the setup, mosparo should check if the cURL extension is enabled and the curl_exec and curl_multi_exec methods are allowed or if allow_url_fopen is set to true.

A warning message should be visible if both things are missing. The setup should still work since the update and the ruleset feature are not directly required for mosparo to work correctly - but it's recommended to have at least the update feature functional.

Additionally, both features should check if the connection is possible and fatal errors should not be visible.

Hi,
Occasionally I get a timeout when we check the version:
[2023-05-25T18:45:36.326678+00:00] request.CRITICAL: Uncaught PHP Exception Symfony\Component\HttpClient\Exception\TransportException: "fopen(https://104.238.666.666/stable.json): Failed to open stream: Connection timed out"
And when I try to update :
[2023-05-25T18:49:52.884020+00:00] request.CRITICAL: Uncaught PHP Exception Symfony\Component\Filesystem\Exception\IOException: "Failed to create "/var/www/mosparo.mysite.com/public/update-log": mkdir(): Permission denied"
Another write permission ? on public ?
Thanks

I’m trying to integrate Mosparo onto my webpage and I’m running into an issue with the custom integration.

I’m linking the stylesheet as described in the Mosparo documentation:

<link href="#local.mosparoConfig.host#/resources/#local.mosparoConfig.uuid#.css" rel="stylesheet" />
However, my custom designs won’t load and only the default design is displayed. While debugging, I noticed that the URL of the stylesheet redirects me when opened in the browser:

<link href="#local.mosparoConfig.host#/resources/#local.mosparoConfig.uuid#/b9edfc8717218c1772c734cd39918c0ac138c0e4f462b72e66c1fd11f81bfe89.css" rel="stylesheet" />
If I enter this URL directly into the link tag, then the stylesheet loads without any issues.

My main question is: what is the part that comes after the UUID and where do I get it from? I can’t just enter it statically because I have to generate the URL dynamically (that’s why there are variables in the tag).

Regards, Ori