Fix bug where server id was hard coded on cmd send

2024-08-30 18:23:09 +00:00 · 2022-04-02 22:44:40 -04:00 · 2022-04-02 22:44:40 -04:00 · 82df93c700
commit 82df93c700
parent 261a57e034
1 changed files with 98 additions and 91 deletions
--- a/app/frontend/templates/panel/server_admin_controls.html
+++ b/app/frontend/templates/panel/server_admin_controls.html
@ -14,7 +14,8 @@
    <div class="col-12">
      <div class="page-header">
        <h4 class="page-title">
-          {{ translate('serverDetails', 'serverDetails', data['lang']) }} - {{ data['server_stats']['server_id']['server_name'] }}
+          {{ translate('serverDetails', 'serverDetails', data['lang']) }} - {{
+          data['server_stats']['server_id']['server_name'] }}
          <br />
          <small>UUID: {{ data['server_stats']['server_id']['server_uuid'] }}</small>
        </h4>
@ -45,12 +46,14 @@
                  justify-content: space-between;
                  margin: 1rem 0px 1rem 0px;
                }
+
                .playerItem h3 {
                  vertical-align: middle;
                  padding: 0px;
                  margin: 0px;
                  margin-right: 1.5rem;
                }
+
                .playerItem button {
                  vertical-align: middle;
                  margin: 0.25rem;
@ -70,10 +73,14 @@
                <li class="playerItem">
                  <h3>{{ player }}</h3>
                  <div class="buttons">
-                        <button onclick="send_command_to_server('ban {{ player }}')" type="button" class="btn btn-danger">Ban</button>
-                        <button onclick="send_command_to_server('kick {{ player }}')" type="button" class="btn btn-outline-danger">Kick</button>
-                        <button onclick="send_command_to_server('op {{ player }}')" type="button" class="btn btn-warning">OP</button>
-                        <button onclick="send_command_to_server('deop {{ player }}')" type="button" class="btn btn-outline-warning">De-OP</button>
+                    <button onclick="send_command_to_server('ban {{ player }}')" type="button"
+                      class="btn btn-danger">Ban</button>
+                    <button onclick="send_command_to_server('kick {{ player }}')" type="button"
+                      class="btn btn-outline-danger">Kick</button>
+                    <button onclick="send_command_to_server('op {{ player }}')" type="button"
+                      class="btn btn-warning">OP</button>
+                    <button onclick="send_command_to_server('deop {{ player }}')" type="button"
+                      class="btn btn-outline-warning">De-OP</button>
                  </div>
                </li>
                {% end %}
@ -104,7 +111,7 @@

 {% block js %}
 <script>
-
+  const serverId = new URLSearchParams(document.location.search).get('id')

  //used to get cookies from browser - this is part of tornados xsrf protection - it's for extra security
  function getCookie(name) {
@ -138,7 +145,7 @@
    $.ajax({
      type: "POST",
      headers: { 'X-XSRFToken': token },
-        url: '/ajax/send_command?id=1',
+      url: '/ajax/send_command?id=' + serverId,
      data: { command },
      success: function (data) {
        console.log("got response:");