Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'pretzel-sanitize' into 'dev'

Browse Source 
Santize inputs to the best of our ability. Could not find full solutions for...

See merge request crafty-controller/crafty-commander!171
This commit is contained in:
Andrew 2022-02-27 19:43:03 +00:00
commit db4c15eb91
4 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/frontend/templates/panel/panel_edit_user.html
View File

@ -239,13 +239,15 @@
{% block js %}
<script>
const userId = new URLSearchParams(document.location.search).get('id')
$( ".delete-user" ).click(function() {
var file_to_del = $(this).data("file");
console.log("User to delete is {{ data['user']['username'] }}");
console.log("User to delete is "+userId);
bootbox.confirm({
title: "{% raw translate('userConfig', 'deleteUser', data['lang']) %}"+"{{ data['user']['username'] }}",
title: "{% raw translate('userConfig', 'deleteUser', data['lang']) %} "+userId,
message: "{{ translate('userConfig', 'confirmDelete', data['lang']) }}",
buttons: {
cancel: {
@ -259,7 +261,7 @@
callback: function (result) {
console.log(result);
if (result == true) {
location.href="/panel/remove_user?id={{ data['user']['user_id'] }}";
location.href="/panel/remove_user?id="+userId;
}
}
});

5
app/frontend/templates/panel/server_backup.html
View File

@ -87,7 +87,7 @@
</a>
<br>
<br>
<button data-file="{{ backup['path'] }}" class="btn btn-danger del_button">
<button data-file="{{ backup['path'] }}" data-backup_path="{{ data['backup_path'] }}" class="btn btn-danger del_button">
<i class="fas fa-trash" aria-hidden="true"></i>
{{ translate('serverBackups', 'delete', data['lang']) }}
</button>
@ -209,6 +209,7 @@
$( ".del_button" ).click(function() {
var file_to_del = $(this).data("file");
var backup_path = $(this).data('backup_path');
console.log("file to delete is" + file_to_del);
@ -226,7 +227,7 @@
callback: function (result) {
console.log(result);
if (result == true) {
var full_path = '{{ data['backup_path'] }}' + '/' + file_to_del;
var full_path = backup_path + '/' + file_to_del;
del_backup(full_path, serverId);
}
}

4
app/frontend/templates/panel/server_files.html
View File

@ -133,7 +133,7 @@
</style>
<ul class="tree-view">
<li>
<div class="tree-ctx-item" data-path="{{ data['server_stats']['server_id']['path'] }}">
<div id="root_dir" class="tree-ctx-item" data-path="{{ data['server_stats']['server_id']['path'] }}">
<span id="{{ data['server_stats']['server_id']['path'] }}span" class="files-tree-title tree-caret-down root-dir" data-path="{{ data['server_stats']['server_id']['path'] }}" onclick="getToggleMain(event)">
<i class="far fa-folder"></i>
<i class="far fa-folder-open"></i>
@ -650,7 +650,7 @@
}
function getTreeView(event) {
let path = "{{ data['server_stats']['server_id']['path'] }}";
const path = $('#root_dir').data('path');;
$.ajax({
type: "GET",

6
app/frontend/templates/panel/server_schedule_edit.html
View File

@ -233,18 +233,18 @@ function startup(){
try{
document.getElementById("{{ data['schedule']['interval_type'] }}").setAttribute('selected', true);
}catch{
console.log("no element named {{ data['schedule']['interval_type'] }}")
console.log("no element named")
}
try{
document.getElementById("{{ data['schedule']['difficulty'] }}").setAttribute('selected', true);
}catch{
console.log("no element named {{ data['schedule']['difficulty'] }}")
console.log("no element named")
}
try{
document.getElementById("{{ data['schedule']['action'] }}").setAttribute('selected', true);
}catch{
console.log("no element named {{ data['schedule']['action'] }}")
console.log("no element named")
}
ifDays();
yesnoCheck();