JWT secret outside <?php>

[Dragonisser]

What are the steps to reproduce this issue?

1. Run upgrade.php
2. Go to root page

What happens?

For some reason the "define" was added outside the <?php> and was shown publicly to everyone on the root page.

<?php
....
if(!defined('IN_SB')){echo 'You should not be here. Only follow links!';die();}
...
//define('DEVELOPER_MODE', true);			// Use if you want to show debugmessages
//define('SB_MEM', '128M'); 				// Override php memory limit, if isn't enough (Banlist is just a blank page)
?>define('SB_SECRET_KEY', ''); //Secret for JWT

What were you expecting to happen?

Its like all the other "define"

Any other comments?

Not entirely what i expected to see. Is there any way to regenerate the secret?

What versions of software are you using?

Operating System: ubuntu 20.04.3
SourceBans++ Version: 1.7 (latest)
PHP Version: 8.1

[Dragonisser]

Checking the config templates and going back all versions to 1.6.0 i cant find the closing tag of the <?php> anywhere in the template. Not entirely sure why its in there but that explains why it broke like this.

Issue is therefore not entirely relevant, just for a few that added or autocompleted the closing tag.