Skip to content

Fix: Restore block_frontend functionality bypassed by domain-based maintenance check#157

Closed
Copilot wants to merge 19 commits intomainfrom
copilot/sub-pr-156
Closed

Fix: Restore block_frontend functionality bypassed by domain-based maintenance check#157
Copilot wants to merge 19 commits intomainfrom
copilot/sub-pr-156

Conversation

Copy link
Contributor

Copilot AI commented Oct 29, 2025
edited
Loading

The early-return logic in checkFrontend() only checked domain-based maintenance status, causing the classic block_frontend setting to be completely bypassed. Installations relying on the block_frontend toggle could no longer activate frontend maintenance.

Changes

  • Modified checkFrontend() to check both block_frontend config and domainInMaintenance before allowing early return
  • Frontend now blocks when either condition is true, rather than only when domain is in maintenance
// Before: block_frontend bypassed
if (!$domainInMaintenance) {
    return;
}

// After: both conditions respected
$blockFrontend = self::getBoolConfig('block_frontend', false);
if (!$blockFrontend && !$domainInMaintenance) {
    return;
}

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

skerbis and others added 18 commits October 29, 2025 17:57
@skerbis
feat: Umfassende Verbesserungen des Maintenance AddOns
6ed3e02 
- Emojis durch Font Awesome 6 Icons ersetzt
- YRewrite Domain-Verwaltung hinzugefügt mit Migration
- Settings in übersichtliche Unterseiten reorganisiert (Wartung, Einstellungen, Ankündigung, Domains)
- Mehrsprachige Wartungstexte (Deutsch/Englisch) mit Sprachswitcher
- Modernes upkeep-inspiriertes Design übernommen
  - Card-basiertes Layout mit Animationen
  - Dark Mode Support
  - Responsive Design
  - Dropdown-Sprachauswahl mit Globe-Icon
- IP-Adressen per Klick zur Whitelist hinzufügen
- Login-Formular nur bei gesetztem Passwort anzeigen
- Intelligente Bypass-URL-Anzeige (nur für gesperrte Domains)
- Sidebar-Komponente für alle Frontend-Seiten
- Editor-Konfiguration in Einstellungen verschoben
- Begriffe vereinheitlicht (Wartungsmodus -> Wartung)
- Weiterleitungs-URL zu allgemeinen Einstellungen verschoben
@skerbis @github-actions
Apply php-cs-fixer changes
e7a5669
@skerbis
Update fragments/maintenance/frontend.php
d58efb8 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@skerbis
Update boot.php
583f037 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@skerbis
Update fragments/maintenance/frontend_old.php
1acf059 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@skerbis
Fix: Add existence check for yrewrite addon to prevent exceptions
2cc1e88 
- Check rex_addon::exists('yrewrite') before calling methods
- Prevents exceptions when yrewrite addon is not installed
- Affected files: frontend.php, frontend.sidebar.php (2x), Maintenance.php (2x)
@skerbis @github-actions
Apply php-cs-fixer changes
0813f0e
@skerbis
Fix review comments from PR #156
18669f2 
- Fix: Internationalize hardcoded German text 'hinzugefügt'
  Added maintenance_ip_added translation key

- Fix: Correct spelling 'authentification' to 'authentication'
  Updated in package.yml, lang files, PHP code
  Added migration for existing installations

- Already fixed: Ternary operator logic in frontend.php
- Already fixed: YRewrite existence checks
@skerbis
Fix: Complete authentication spelling correction
ef11382 
- Fix login.php: Use authentication_mode instead of authentification_mode
- Improve update.php migration: Always remove old config key
- All files now consistently use 'authentication' (correct spelling)
@skerbis
Update README and extend console commands
20d851c 
README changes:
- Set Thomas Skerbis as lead developer
- Remove sponsor references
- Update project team structure

Console command enhancements:
- Add 'status' command to show current maintenance state
- Add 'frontend on/off' for frontend maintenance
- Add 'backend on/off' for backend maintenance
- Add 'all on/off' to toggle all modes at once
- Add 'domain <name> --lock/--unlock' for YRewrite domains
- Maintain backward compatibility with legacy 'on/off' commands
- Add comprehensive documentation for all commands
@skerbis @github-actions
Apply php-cs-fixer changes
133c1cc
@skerbis
Fix: Critical edge-case in multilanguage logic
d0b4b07 
Problem: When only German text (maintenance_text_de) was filled and English
text was empty, no text was displayed because the DE block didn't receive
the 'active' class.

Solution: Add fallback logic for DE block:
- DE is active if multilanguage is disabled OR only DE text exists
- EN is active if multilanguage is disabled OR only EN text exists

This ensures at least one text block is always visible when text is provided.
@skerbis
Fix: Password input field not showing in password mode
0e2192e 
Removed overly restrictive condition that required both password mode AND
a set secret. The login form should be displayed whenever password mode
is selected, regardless of whether a secret is actually configured.

This allows users to see the login form immediately after selecting
password authentication mode, even before setting a password.
@skerbis
Fix: Improve login form rendering
2c330d6 
- Add id attribute to password input field for better accessibility
- Add autocomplete='off' for better security
- Improve code formatting and comments
- Add debug comment placeholder for troubleshooting
@skerbis
feat: Add Silent Mode for staging/development environments
9cbc56f 
Implements feature request for permanent site blocking without maintenance
messaging, ideal for staging environments in deployment processes.

Features:
- New 'silent_mode' config option
- Sends only HTTP status code (503/403) without HTML content
- Prevents information disclosure about CMS
- Perfect for staging systems that should be permanently offline
- Accessible only via backend login, IP whitelist, or secret URL

Changes:
- Added silent_mode to package.yml default_config
- Added silent_mode checkbox in advanced settings
- Implemented logic in Maintenance::checkFrontend()
- Added German translations
- Updated README with Silent Mode documentation

Use case: Production preview systems that need permanent protection
without revealing 'maintenance mode' or CMS information.
@skerbis @coderabbitai
Update fragments/maintenance/frontend.php
f1c3fdb 
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
@skerbis @coderabbitai
Update fragments/maintenance/frontend.php
1a6ea5c 
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Initial plan
1094947
Copilot AI mentioned this pull request Oct 29, 2025
Merged
6 tasks
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 29, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@skerbis
Fix: Restore block_frontend functionality in checkFrontend()
7eac2d7 
Co-authored-by: skerbis <791247+skerbis@users.noreply.github.com>
Copy link
Contributor Author

Copilot AI commented Oct 29, 2025

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/repos/composer/semver/zipball/198166618906cb2de69b95d7d47e5fa8aa1b2b95
    • Triggering command: /usr/bin/php8.3 -n -c /tmp/CFnmf0 /usr/bin/composer install (http block)

If you need me to access, download, or install something from one of these locations, you can either:

Copilot AI changed the title [WIP] Address feedback on improvements to Maintenance AddOn Fix: Restore block_frontend functionality bypassed by domain-based maintenance check Oct 29, 2025
Copilot AI requested a review from skerbis October 29, 2025 18:11
Base automatically changed from feature/maintenance-improvements to main October 29, 2025 19:49
@skerbis skerbis closed this Oct 29, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@skerbis skerbis Awaiting requested review from skerbis

Assignees

@skerbis skerbis

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@skerbis