From 7376bbba8c344ff70678870a3f4ebc3cd66d699e Mon Sep 17 00:00:00 2001
From: NekoCH <96158157+ex-hentai@users.noreply.github.com>
Date: Fri, 14 Jul 2023 19:12:05 +0800
Subject: [PATCH] hide passkey and ip addresses

---
 include/functions.php  | 4 ++++
 public/usercp.php      | 6 +++---
 public/userdetails.php | 7 +++++--
 3 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/include/functions.php b/include/functions.php
index c3c5a4a0..796e155b 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -6516,4 +6516,8 @@ function can_view_post($uid, $post)
     return true;
 }
 
+function hide_text($text) {
+    return '<span class="hidden-text">' . $text . '</span>';
+}
+
 ?>
diff --git a/public/usercp.php b/public/usercp.php
index 80886565..1fa6e008 100644
--- a/public/usercp.php
+++ b/public/usercp.php
@@ -992,14 +992,14 @@ tr_small($lang_usercp['row_email_address'], $CURUSER['email'], 1);
 $seedBoxIcon = (new \App\Repositories\SeedBoxRepository())->renderIcon($CURUSER['ip'], $CURUSER['id']);
 if ($enablelocation_tweak == 'yes'){
 	list($loc_pub, $loc_mod) = get_ip_location($CURUSER["ip"]);
-	tr_small($lang_usercp['row_ip_location'], $CURUSER["ip"]." <span title='" . $loc_mod . "'>[" . $loc_pub . "]</span>$seedBoxIcon", 1);
+	tr_small($lang_usercp['row_ip_location'], hide_text($CURUSER["ip"])." <span title='" . $loc_mod . "'>[" . $loc_pub . "]</span>$seedBoxIcon", 1);
 }
 else{
-	tr_small($lang_usercp['row_ip_location'], $CURUSER["ip"] . $seedBoxIcon, 1);
+	tr_small($lang_usercp['row_ip_location'], hide_text($CURUSER["ip"]) . $seedBoxIcon, 1);
 }
 if ($CURUSER["avatar"])
 	tr_small($lang_usercp['row_avatar'], "<img src=\"" . $CURUSER["avatar"] . "\" border=0>", 1);
-tr_small($lang_usercp['row_passkey'], $CURUSER["passkey"], 1);
+tr_small($lang_usercp['row_passkey'], hide_text($CURUSER["passkey"]), 1);
 if (get_setting('security.login_type') == 'passkey' && get_setting('security.login_secret_deadline') > date('Y-m-d H:i:s')) {
     tr_small($lang_usercp['row_passkey_login_url'], sprintf('%s/%s/%s', getSchemeAndHttpHost(), get_setting('security.login_secret'), $CURUSER['passkey']), 1);
 }
diff --git a/public/userdetails.php b/public/userdetails.php
index 499141f5..51273ca2 100644
--- a/public/userdetails.php
+++ b/public/userdetails.php
@@ -235,7 +235,8 @@ if (user_can('userprofile') ||  $user["id"] == $CURUSER["id"])
 		$locationinfo = "<span title=\"" . $loc_mod . "\">[" . $loc_pub . "]</span>";
 	}
 	else $locationinfo = "";
-	tr_small($lang_userdetails['row_ip_address'], $user['ip'].$locationinfo.$seedBoxIcon, 1);
+    $ip = $user["id"] == $CURUSER["id"] ? hide_text($user['ip']) : $user['ip'];
+	tr_small($lang_userdetails['row_ip_address'], $ip.$locationinfo.$seedBoxIcon, 1);
 }
 $clientselect = '';
 $res = sql_query("SELECT peer_id, agent, ipv4, ipv6, port FROM peers WHERE userid = {$user['id']} GROUP BY agent, ipv4, ipv6, port") or sqlerr();
@@ -247,7 +248,9 @@ if (mysql_num_rows($res) > 0)
 	    $clientselect .= "<tr>";
 		$clientselect .= sprintf('<td>%s</td>', get_agent($arr['peer_id'], $arr['agent']));
 		if (user_can('userprofile') ||  $user["id"] == $CURUSER["id"]) {
-            $clientselect .= sprintf('<td>%s</td><td>%s</td><td>%s</td>', $arr['ipv4'].$seedBoxRep->renderIcon($arr['ipv4'], $user['id']), $arr['ipv6'].$seedBoxRep->renderIcon($arr['ipv6'], $user['id']), $arr['port']);
+            $v4 = $user["id"] == $CURUSER["id"] ? hide_text($arr['ipv4']) : $arr['ipv4'];
+            $v6 = $user["id"] == $CURUSER["id"] ? hide_text($arr['ipv6']) : $arr['ipv6'];
+            $clientselect .= sprintf('<td>%s</td><td>%s</td><td>%s</td>', $v4.$seedBoxRep->renderIcon($arr['ipv4'], $user['id']), $v6.$seedBoxRep->renderIcon($arr['ipv6'], $user['id']), $arr['port']);
         } else {
             $clientselect .= sprintf('<td>%s</td><td>%s</td><td>%s</td>', '---', '---', '---');
         }