From 3eb59ec24542887712611c67cf22f3b197c4a409 Mon Sep 17 00:00:00 2001
From: Thomas Skerbis <thomas.skerbis@mac.com>
Date: Tue, 15 Apr 2025 17:13:55 +0200
Subject: [PATCH 1/3] Update update.php

---
 update.php | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/update.php b/update.php
index d6a432f..9ef44e8 100644
--- a/update.php
+++ b/update.php
@@ -50,3 +50,16 @@
     $addon->removeConfig('type');
     $addon->removeConfig('secret');
 }
+
+// Leerer String ('') und 'URL' werden beide als gültige URL-Authentifizierung betrachtet
+$authentification_mode = $addon->getConfig('authentification_mode', '');
+if (!in_array($authentification_mode, ['URL', 'password'], true)) {
+    // Wenn kein gültiger Modus gesetzt ist, standardmäßig auf URL setzen
+    $addon->setConfig('authentification_mode', 'URL');
+}
+
+// Überprüfen, ob ein maintenance_secret existiert
+if (!$addon->hasConfig('maintenance_secret') || '' === $addon->getConfig('maintenance_secret')) {
+    // Falls kein Secret vorhanden, ein neues generieren
+    $addon->setConfig('maintenance_secret', bin2hex(random_bytes(16)));
+}

From 735deee68de4a6f034f381291c80ee7662ba4f00 Mon Sep 17 00:00:00 2001
From: Thomas Skerbis <thomas.skerbis@mac.com>
Date: Tue, 15 Apr 2025 17:16:12 +0200
Subject: [PATCH 2/3] Update Maintenance.php

---
 lib/Maintenance.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/lib/Maintenance.php b/lib/Maintenance.php
index cfa8e68..c74583c 100644
--- a/lib/Maintenance.php
+++ b/lib/Maintenance.php
@@ -135,8 +135,11 @@ public static function isSecretAllowed(): bool
         $maintenance_secret = rex_request('maintenance_secret', 'string', '');
         $authentification_mode = (string) self::getConfig('authentification_mode', '');
 
-        // Check if the correct secret is passed via URL or password
-        if (('URL' === $authentification_mode || 'password' === $authentification_mode) && '' !== $config_secret && $maintenance_secret === $config_secret) {
+        // Authentifizierung prüfen - für URL-Parameter und auch bei leerem Modus
+        $authentification_mode = (string) self::getConfig('authentification_mode', '');
+        if (('' === $authentification_mode || 'URL' === $authentification_mode || 'password' === $authentification_mode) && 
+            '' !== $config_secret && 
+            $maintenance_secret === $config_secret) {
             rex_set_session('maintenance_secret', $maintenance_secret);
             return true;
         }

From d760792b0a292f50fa818049695b20a3549fb4c8 Mon Sep 17 00:00:00 2001
From: skerbis <skerbis@users.noreply.github.com>
Date: Tue, 15 Apr 2025 15:16:47 +0000
Subject: [PATCH 3/3] Apply php-cs-fixer changes

---
 lib/Maintenance.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/Maintenance.php b/lib/Maintenance.php
index c74583c..882a20d 100644
--- a/lib/Maintenance.php
+++ b/lib/Maintenance.php
@@ -137,9 +137,9 @@ public static function isSecretAllowed(): bool
 
         // Authentifizierung prüfen - für URL-Parameter und auch bei leerem Modus
         $authentification_mode = (string) self::getConfig('authentification_mode', '');
-        if (('' === $authentification_mode || 'URL' === $authentification_mode || 'password' === $authentification_mode) && 
-            '' !== $config_secret && 
-            $maintenance_secret === $config_secret) {
+        if (('' === $authentification_mode || 'URL' === $authentification_mode || 'password' === $authentification_mode)
+            && '' !== $config_secret
+            && $maintenance_secret === $config_secret) {
             rex_set_session('maintenance_secret', $maintenance_secret);
             return true;
         }