mirror of
https://gitlab.com/crafty-controller/crafty-4.git
synced 2024-08-30 18:23:09 +00:00
Merge branch 'secops/pre-beta-security-fixes' into 'dev'
Pass 2 sec advisory fixes See merge request crafty-controller/crafty-4!294
This commit is contained in:
commit
ebf00a1900
@ -440,9 +440,7 @@ class Helpers:
|
||||
full_root_path = temp_dir
|
||||
|
||||
for item in os.listdir(full_root_path):
|
||||
print(item)
|
||||
if os.path.isdir(os.path.join(full_root_path, item)):
|
||||
print("dir")
|
||||
try:
|
||||
FileHelpers.move_dir(
|
||||
os.path.join(full_root_path, item),
|
||||
@ -459,7 +457,7 @@ class Helpers:
|
||||
except Exception as ex:
|
||||
logger.error(f"ERROR IN ZIP IMPORT: {ex}")
|
||||
except Exception as ex:
|
||||
print(ex)
|
||||
Console.error(ex)
|
||||
else:
|
||||
return "false"
|
||||
return
|
||||
|
@ -1115,6 +1115,7 @@ class ServerInstance:
|
||||
+ ". Check log file for details.",
|
||||
)
|
||||
logger.error("Executable download failed.")
|
||||
self.stats_helper.set_update(False)
|
||||
|
||||
# **********************************************************************************
|
||||
# Minecraft Servers Statistics
|
||||
|
@ -223,6 +223,8 @@ class FileHandler(BaseHandler):
|
||||
self.redirect("/panel/error?error=Unauthorized access to Files")
|
||||
return
|
||||
path = Helpers.get_os_understandable_path(self.get_argument("path", None))
|
||||
if Helpers.is_os_windows():
|
||||
path = Helpers.wtol_path(path)
|
||||
Helpers.unzip_file(path)
|
||||
self.redirect(f"/panel/server_detail?id={server_id}&subpage=files")
|
||||
return
|
||||
|
@ -601,17 +601,19 @@
|
||||
|
||||
server_players.setAttribute('data-players', server.online);
|
||||
server_players.setAttribute('data-max', server.max);
|
||||
let servers = document.getElementsByClassName("server-player-totals");
|
||||
let servers = Array.from(document.getElementsByClassName("server-player-totals"));
|
||||
let all_total_players = 0;
|
||||
let all_total_max_players = 0;
|
||||
for (let i = 0; i < servers.length; i++) {
|
||||
|
||||
servers.forEach(server => {
|
||||
try {
|
||||
all_total_players += parseInt(servers[i].getAttribute('data-players'));
|
||||
all_total_max_players += parseInt(servers[i].getAttribute('data-max'));
|
||||
all_total_players += parseInt(server.getAttribute('data-players'));
|
||||
all_total_max_players += parseInt(server.getAttribute('data-max'));
|
||||
} catch {
|
||||
console.log("Player totals are not of type int");
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
total_players.innerHTML = all_total_players;
|
||||
document.getElementById('max_players').innerHTML = all_total_max_players;
|
||||
document.getElementById('sync').innerHTML = '';
|
||||
|
@ -450,9 +450,7 @@
|
||||
var ctxmenuName = e.target.getAttribute('data-name');
|
||||
|
||||
document.getElementById('context-title').innerHTML = ctxmenuName;
|
||||
console.log(ctxmenuName);
|
||||
if (!ctxmenuPath) {
|
||||
console.log({ 'event.target': e.target, ctxmenuPath });
|
||||
return;
|
||||
}
|
||||
$('#renameItem').show();
|
||||
@ -466,7 +464,6 @@
|
||||
var isFile = e.target.classList.contains('tree-file');
|
||||
$('#deleteFile').toggle(isFile);
|
||||
$('#downloadFile').toggle(isFile);
|
||||
console.log({ 'event.target': e.target, isDir, isFile });
|
||||
|
||||
if (e.target.classList.contains('root-dir')) {
|
||||
$('#createFile').show();
|
||||
@ -479,7 +476,6 @@
|
||||
}
|
||||
if (e.target.textContent.endsWith('.zip')) {
|
||||
$('#unzip').show();
|
||||
console.log(e.target.textContent)
|
||||
} else {
|
||||
$('#unzip').hide();
|
||||
}
|
||||
@ -502,7 +498,6 @@
|
||||
}
|
||||
document.getElementById("files-tree-nav").style.top = clientY + 'px';
|
||||
document.getElementById("files-tree-nav").style.left = clientX + 'px';
|
||||
console.log(window.innerHeight)
|
||||
timer = null;
|
||||
};
|
||||
}
|
||||
@ -585,7 +580,6 @@
|
||||
console.log("got response:");
|
||||
document.getElementById("save_status").innerHTML = '<i class="fal fa-file-check"></i>';
|
||||
document.getElementById('save_status').style.color = '#2fb689';
|
||||
console.log(data);
|
||||
},
|
||||
});
|
||||
}
|
||||
@ -602,7 +596,6 @@
|
||||
},
|
||||
success: function (data) {
|
||||
console.log("got response:");
|
||||
console.log(data);
|
||||
callback();
|
||||
},
|
||||
});
|
||||
@ -620,7 +613,6 @@
|
||||
},
|
||||
success: function (data) {
|
||||
console.log("got response:");
|
||||
console.log(data);
|
||||
callback();
|
||||
},
|
||||
});
|
||||
@ -638,7 +630,6 @@
|
||||
},
|
||||
success: function (data) {
|
||||
console.log("got response:");
|
||||
console.log(data);
|
||||
callback();
|
||||
},
|
||||
});
|
||||
@ -656,7 +647,6 @@
|
||||
},
|
||||
success: function (data) {
|
||||
console.log("got response:");
|
||||
console.log(data);
|
||||
callback();
|
||||
},
|
||||
});
|
||||
@ -673,13 +663,13 @@
|
||||
},
|
||||
success: function (data) {
|
||||
console.log("got response:");
|
||||
console.log(data);
|
||||
callback();
|
||||
},
|
||||
});
|
||||
}
|
||||
|
||||
function unZip(path, callback) {
|
||||
console.log('path: ', path)
|
||||
var token = getCookie("_xsrf")
|
||||
$.ajax({
|
||||
type: "POST",
|
||||
@ -731,7 +721,6 @@
|
||||
|
||||
function uploadFilesE(event) {
|
||||
path = event.target.parentElement.getAttribute('data-path');
|
||||
console.log("PATH: " + path);
|
||||
$(function () {
|
||||
var uploadHtml = "<div>" +
|
||||
'<form id="upload_file" enctype="multipart/form-data">' + "<label class='upload-area' style='width:100%;text-align:center;' for='files'>" +
|
||||
@ -765,14 +754,15 @@
|
||||
message: waitMessage,
|
||||
closeButton: false
|
||||
});
|
||||
|
||||
let nFiles = files.files.length;
|
||||
for (i = 0; i < files.files.length; i++) {
|
||||
for (i = 0; i < nFiles; i++) {
|
||||
if (!doUpload) {
|
||||
doUpload = true;
|
||||
hideUploadBox();
|
||||
break;
|
||||
}
|
||||
console.log(files.files[i].name);
|
||||
|
||||
const progressHtml = `
|
||||
<div style="width: 100%; min-width: 100%;">
|
||||
${files.files[i].name}:
|
||||
@ -788,8 +778,8 @@
|
||||
</div><br>
|
||||
`;
|
||||
$('#upload-progress-bar-parent').append(progressHtml);
|
||||
console.log(files.files.length)
|
||||
sendFile(files.files[i], path, serverId, files.files.length - i - 1, (progress) => {
|
||||
|
||||
sendFile(files.files[i], path, serverId, nFiles - i - 1, (progress) => {
|
||||
$(`#upload-progress-bar-${i + 1}`).attr('aria-valuenow', progress)
|
||||
$(`#upload-progress-bar-${i + 1}`).css('width', progress + '%')
|
||||
});
|
||||
@ -804,16 +794,17 @@
|
||||
var fileList = document.getElementById("files");
|
||||
fileList.addEventListener("change", function (e) {
|
||||
var list = "";
|
||||
for (var i = 0; i < this.files.length; i++) {
|
||||
list += "<li class='col-xs-12 file-list'>" + this.files[i].name + "</li>"
|
||||
}
|
||||
let files = Array.from(this.files)
|
||||
files.forEach(file => {
|
||||
list += "<li class='col-xs-12 file-list'>" + file.name + "</li>"
|
||||
})
|
||||
|
||||
document.getElementById("fileList").innerHTML = list;
|
||||
}, false);
|
||||
});
|
||||
}
|
||||
function getTreeView(event) {
|
||||
|
||||
function getTreeView(event) {
|
||||
const path = $('#root_dir').data('path');;
|
||||
|
||||
$.ajax({
|
||||
@ -822,7 +813,6 @@
|
||||
dataType: 'text',
|
||||
success: function (data) {
|
||||
console.log("got response:");
|
||||
console.log(data);
|
||||
|
||||
dataArr = data.split('\n');
|
||||
serverDir = dataArr.shift(); // Remove & return first element (server directory)
|
||||
@ -899,10 +889,9 @@
|
||||
}
|
||||
|
||||
function setTreeViewContext() {
|
||||
var treeItems = document.getElementsByClassName('tree-ctx-item');
|
||||
var treeItems = Array.from(document.getElementsByClassName('tree-ctx-item'));
|
||||
|
||||
for (var i = 0; i < treeItems.length; i++) {
|
||||
var treeItem = treeItems[i];
|
||||
treeItems.forEach(item => {
|
||||
if ([
|
||||
'iPad Simulator',
|
||||
'iPhone Simulator',
|
||||
@ -913,10 +902,10 @@
|
||||
].includes(navigator.platform)
|
||||
// iPad on iOS 13 detection
|
||||
|| (navigator.userAgent.includes("Mac") && "ontouchend" in document)) {
|
||||
treeItem.addEventListener("touchstart", touchstart, false);
|
||||
treeItem.addEventListener("touchend", touchend, false);
|
||||
item.addEventListener("touchstart", touchstart, false);
|
||||
item.addEventListener("touchend", touchend, false);
|
||||
}
|
||||
treeItem.addEventListener('contextmenu', function contextListener(event) {
|
||||
item.addEventListener('contextmenu', function contextListener(event) {
|
||||
event.preventDefault();
|
||||
var ctxmenuPath = event.target.getAttribute('data-path');
|
||||
var ctxmenuName = event.target.getAttribute('data-name');
|
||||
@ -933,12 +922,10 @@
|
||||
$('#upload').toggle(isDir);
|
||||
|
||||
document.getElementById('context-title').innerHTML = ctxmenuName;
|
||||
console.log(ctxmenuName);
|
||||
|
||||
var isFile = event.target.classList.contains('tree-file');
|
||||
$('#deleteFile').toggle(isFile);
|
||||
$('#downloadFile').toggle(isFile);
|
||||
console.log({ 'event.target': event.target, isDir, isFile });
|
||||
|
||||
if (event.target.classList.contains('root-dir')) {
|
||||
$('#createFile').show();
|
||||
@ -951,7 +938,6 @@
|
||||
}
|
||||
if (event.target.textContent.endsWith('.zip')) {
|
||||
$('#unzip').show();
|
||||
console.log(event.target.textContent)
|
||||
} else {
|
||||
$('#unzip').hide();
|
||||
}
|
||||
@ -959,8 +945,6 @@
|
||||
var clientX = event.clientX;
|
||||
var clientY = event.clientY;
|
||||
|
||||
|
||||
|
||||
document.getElementById('files-tree-nav-content')
|
||||
.setAttribute('data-path', ctxmenuPath);
|
||||
document.getElementById('files-tree-nav-content')
|
||||
@ -974,10 +958,8 @@
|
||||
}
|
||||
document.getElementById("files-tree-nav").style.top = clientY + 'px';
|
||||
document.getElementById("files-tree-nav").style.left = clientX + 'px';
|
||||
console.log(domRect)
|
||||
console.log(window.innerHeight)
|
||||
})
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
document.addEventListener('click', function (e) {
|
||||
@ -1049,6 +1031,7 @@
|
||||
}
|
||||
function unzipFilesE(event) {
|
||||
path = event.target.parentElement.getAttribute('data-path');
|
||||
console.log(path)
|
||||
unZip(path)
|
||||
}
|
||||
|
||||
@ -1117,10 +1100,10 @@
|
||||
editor.setKeyboardHandler(handlerName);
|
||||
|
||||
var nodes = target.parentNode.querySelectorAll("[data-handler-name]");
|
||||
for (var i = 0; i < nodes.length; i++) {
|
||||
nodes[i].classList.remove('btn-primary');
|
||||
nodes[i].classList.add('btn-secondary');
|
||||
}
|
||||
nodes.forEach(node => {
|
||||
node.classList.remove('btn-primary');
|
||||
node.classList.add('btn-secondary');
|
||||
})
|
||||
|
||||
target.classList.remove('btn-secondary');
|
||||
target.classList.add('btn-primary');
|
||||
|
@ -133,7 +133,7 @@
|
||||
<button class="btn btn-primary mr-2" id="root_files_button" type="button">{{ translate('serverWizard', 'clickRoot', data['lang']) }}</button>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
<div class="col-sm-12">
|
||||
<div class="form-group">
|
||||
@ -367,7 +367,7 @@ function hide(event) {
|
||||
}catch{
|
||||
document.getElementById('files-tree').innerHTML = text;
|
||||
}
|
||||
|
||||
|
||||
|
||||
document.getElementsByClassName('files-tree-title')[0].setAttribute('data-path', serverDir);
|
||||
document.getElementsByClassName('files-tree-title')[0].setAttribute('data-name', 'Files');
|
||||
@ -382,7 +382,7 @@ function hide(event) {
|
||||
document.getElementById(path+"span").classList.toggle("tree-caret-down");
|
||||
document.getElementById(path+"span").classList.toggle("tree-caret");
|
||||
}
|
||||
|
||||
|
||||
|
||||
function getDirView(event) {
|
||||
path = event.target.parentElement.getAttribute('data-path');
|
||||
@ -417,7 +417,7 @@ function hide(event) {
|
||||
}
|
||||
|
||||
var toggler = document.getElementById(path);
|
||||
|
||||
|
||||
if (toggler.classList.contains('files-tree-title')){
|
||||
document.getElementById(path+"span").addEventListener("click", function caretListener() {
|
||||
document.getElementById(path+"ul").classList.toggle("d-block");
|
||||
@ -442,27 +442,10 @@ function hide(event) {
|
||||
document.getElementById('main-tree-input').setAttribute('value', data.path)
|
||||
getTreeView(data.path);
|
||||
show_file_tree();
|
||||
|
||||
|
||||
}, 5000);
|
||||
});
|
||||
}
|
||||
|
||||
</script>
|
||||
<script type="text/javascript">
|
||||
//<![CDATA[
|
||||
// array of possible countries in the same order as they appear in the country selection list
|
||||
|
||||
function decodeHtmlCharCodes(str) {
|
||||
return str.replace(""", "\"");
|
||||
}
|
||||
|
||||
function convertHtmlJsonToJavacriptArray(str) {
|
||||
var result = []
|
||||
str = decodeHtmlCharCodes(str)
|
||||
for(var i in str)
|
||||
result.push([i, str [i]]);
|
||||
return result
|
||||
}
|
||||
//]]>
|
||||
</script>
|
||||
{% end %}
|
||||
{% end %}
|
||||
|
@ -522,13 +522,16 @@
|
||||
event.target.parentElement.children[1].classList.remove("d-none");
|
||||
document.getElementById("overlay").classList.remove("d-none");
|
||||
}
|
||||
|
||||
function hide(event) {
|
||||
var items = document.getElementsByClassName('menu');
|
||||
for (let i = 0; i < items.length; i++) {
|
||||
items[i].classList.add("d-none");
|
||||
}
|
||||
items.forEach(item => {
|
||||
item.classList.add("d-none");
|
||||
})
|
||||
|
||||
document.getElementById("overlay").classList.add("d-none");
|
||||
}
|
||||
|
||||
$(document).ready(function () {
|
||||
console.log('ready');
|
||||
var forms = $('form.server-wizard');
|
||||
@ -672,24 +675,8 @@
|
||||
|
||||
</script>
|
||||
<script type="text/javascript">
|
||||
//<![CDATA[
|
||||
// array of possible countries in the same order as they appear in the country selection list
|
||||
|
||||
function decodeHtmlCharCodes(str) {
|
||||
return str.replace(""", "\"");
|
||||
}
|
||||
|
||||
function convertHtmlJsonToJavacriptArray(str) {
|
||||
var result = []
|
||||
str = decodeHtmlCharCodes(str)
|
||||
for (var i in str)
|
||||
result.push([i, str[i]]);
|
||||
return result
|
||||
}
|
||||
|
||||
var text = '{% raw data["js_server_types"] %}';
|
||||
var serverTypesLists = JSON.parse(text);
|
||||
//convertHtmlJsonToJavacriptArray('{{ data["js_server_types"] }}')
|
||||
/* CountryChange() is called from the onchange event of a select element.
|
||||
* param selectObj - the select object which fired the on change event.
|
||||
*/
|
||||
@ -709,10 +696,10 @@
|
||||
}
|
||||
var newOption;
|
||||
// create new options ordered by ascending
|
||||
for (var i = 0; i < (cList.length); i++) {
|
||||
cList.forEach(type => {
|
||||
newOption = document.createElement("option");
|
||||
newOption.value = which + "|" + cList[i]; // assumes option string and value are the same
|
||||
newOption.text = cList[i];
|
||||
newOption.value = which + "|" + type; // assumes option string and value are the same
|
||||
newOption.text = type;
|
||||
// add the new option
|
||||
try {
|
||||
cSelect.add(newOption); // this will fail in DOM browsers but is needed for IE
|
||||
@ -720,8 +707,7 @@
|
||||
catch (e) {
|
||||
cSelect.appendChild(newOption);
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
||||
//]]>
|
||||
</script>
|
||||
{% end %}
|
||||
{% end %}
|
||||
|
Loading…
Reference in New Issue
Block a user