LiteCore · s22-tech · Jun 29, 2026 · Jun 29, 2026 · Jun 29, 2026
diff --git a/public_html/backend/pages/login.inc.php b/public_html/backend/pages/login.inc.php
@@ -126,7 +126,7 @@
 			}
 
 			if (!empty($administrator['last_ip_address']) && $administrator['last_ip_address'] != $_SERVER['REMOTE_ADDR']) {
-				notices::add('warnings', strtr(t('warning_account_previously_used_by_another_ip', 'Your account was previously used by another IP address {ip_address} ({hostname}). If this was not you then your login credentials might be compromised.'), [
+				notices::add('warnings', strtr(t('warning_account_previously_used_by_another_ip', 'Your account was previously used by another IP address {ip_address} ({hostname}). If this was not you then y[...]
 					'{username}' => $administrator['username'],
 					'{ip_address}' => $administrator['last_ip_address'],
 					'{hostname}' => $administrator['last_hostname'],
@@ -159,7 +159,7 @@
 
 			unset(session::$data['security.administrator']['verification']);
 
-			// TOTP (opt-in per administrator). When enrolled, always challenge �
+			// TOTP (opt-in per administrator). When enrolled, always challenge ✓
 			// independent of the known-IP check below. Email OTP remains the
 			// fallback for admins who haven't enrolled.
 			if (!empty($administrator['totp_secret'])) {
@@ -241,7 +241,7 @@
 
 			if (!empty($_POST['remember_me']) && defined('HMAC_KEY_REMEMBER_ME')) {
 				$token = f::token_create_remember($administrator['id'], $administrator['password_hash']);
-				header('Set-Cookie: remember_me='. $token .'; Path='. WS_DIR_APP .'; Expires='. gmdate('r', strtotime('+30 days')) .'; HttpOnly; SameSite=Lax' . (!empty($_SERVER['HTTPS']) ? '; Secure' : ''), false);
+				header('Set-Cookie: remember_me='. $token .'; Path='. WS_DIR_APP .'; Expires='. gmdate('r', strtotime('+30 days')) .'; HttpOnly; SameSite=Lax' . (!empty($_SERVER['HTTPS']) ? '; Secure' : ''),[...]
 			} else if (!empty($_COOKIE['remember_me'])) {
 				header('Set-Cookie: remember_me=; Path='. WS_DIR_APP .'; Max-Age=-1; HttpOnly; SameSite=Lax', false);
 			}
@@ -383,4 +383,4 @@
 			});
 		});
 	});
-</script>
+</script>
diff --git a/public_html/includes/functions/func_admin.inc.php b/public_html/includes/functions/func_admin.inc.php
@@ -103,3 +103,35 @@ function admin_get_widgets(): array {
 
 		return $widgets;
 	}
+
+	function admin_get_mcp_tools(): array {
+
+		$tools_cache_token = cache::token('backend_mcp_tools', ['administrator', 'language']);
+		if (!$toolsets = cache::get($tools_cache_token)) {
+
+			$toolsets = [];
+
+			foreach (f::file_search('app://backend/mcp/mcp_*.inc.php') as $mcp_file) {
+
+				// Include without polluting global scope
+				$toolset = (function() use ($mcp_file) {
+					return include $mcp_file;
+				})();
+
+				if (empty($toolset['name']) || !is_array($toolset['tools'])) {
+					continue;
+				}
+
+				$toolsets[] = [
+					'id' => preg_replace('#^mcp_(.+)\.inc\.php$#', '$1', basename($mcp_file)),
+					'name' => $toolset['name'],
+					'description' => $toolset['description'] ?? '',
+					'tools' => array_column($toolset['tools'] ?? [], 'name'),
+				];
+			}
+
+			cache::set($tools_cache_token, $toolsets);
+		}
+
+		return $toolsets;
+	}