lukasdotcom/website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Removes some possible XSS vulnerabilities

Browse Source
This commit is contained in:
Lukasdotcom
2022-10-04 17:00:28 -04:00
parent f97683af00
commit 6efb23117a
2 changed files with 12 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
html/internet/index.js
View File

@@ -1,15 +1,15 @@
function remove(id) {
document.getElementById("saveStatus").innerHTML = "Saving";
document.getElementById("saveStatus").innerText = "Saving";
const ajax = new XMLHttpRequest();
ajax.onload = function() {
if (ajax.status == 200) {
document.getElementById("saveStatus").innerHTML = "Saved";
setTimeout(() => { document.getElementById("saveStatus").innerHTML = ""; }, 2000);
document.getElementById("saveStatus").innerText = "Saved";
setTimeout(() => { document.getElementById("saveStatus").innerText = ""; }, 2000);
} else if (ajax.status == 429) {
window.location.reload();
} else {
document.getElementById("saveStatus").innerHTML = ajax.responseText;
document.getElementById("saveStatus").innerText = ajax.responseText;
}
}
ajax.open("POST", "/api/internet.php");
@@ -18,23 +18,24 @@ function remove(id) {
document.getElementById(id + ".row").remove()
}
function save(id) {
document.getElementById("saveStatus").innerHTML = "Saving";
document.getElementById("saveStatus").innerText = "Saving";
const ajax = new XMLHttpRequest();
ajax.onload = function() {
if (ajax.status == 200) {
document.getElementById("saveStatus").innerHTML = "Saved";
setTimeout(() => { document.getElementById("saveStatus").innerHTML = ""; }, 2000);
document.getElementById("saveStatus").innerText = "Saved";
setTimeout(() => { document.getElementById("saveStatus").innerText = ""; }, 2000);
} else if (ajax.status == 429) {
window.location.reload();
} else {
document.getElementById("saveStatus").innerHTML = ajax.responseText;
document.getElementById("saveStatus").innerText = ajax.responseText;
}
}
ajax.open("POST", "/api/internet.php");
ajax.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
ajax.send(`edit='${id}'&startHour='${document.getElementById(id + '.startHour').value}'&startMinute='${document.getElementById(id + '.startMinute').value}'&endHour='${document.getElementById(id + '.endHour').value}'&endMinute='${document.getElementById(id + '.endMinute').value}'&expire='${Date.parse(document.getElementById(id + '.expire').value)/1000}'&key='${getCookie('user')}'`);
}
// Note that topPriority is defined in the php code
function addRow() {
topPriority ++;
var table = document.getElementById ("internetTable");
@@ -45,7 +46,7 @@ function addRow() {
var endTime = row.insertCell();
var expiration = row.insertCell();
var buttons = row.insertCell();
priority.innerHTML = topPriority;
priority.innerText = topPriority;
startTime.innerHTML = `<input type='number' id='${topPriority}.startHour' value='0'>:<input type='number' id='${topPriority}.startMinute' value='0'>`;
endTime.innerHTML = `<input type='number' id='${topPriority}.endHour' value='0'>:<input type='number' id='${topPriority}.endMinute' value='0'>`;
expiration.innerHTML = `<input step="1" type='datetime-local' id='${topPriority}.expire'>`;

4
html/log/index.js
View File

@@ -44,13 +44,13 @@ function remove(message, time, id) { // Used to remove a log entry from the log.
}
function collapseCategories() { // Collapses or uncollapses the categories to make the webpage cleaner or more detailed.
if (! localStorage.collapseCategories) {
document.getElementById(`collapseCategories`).innerHTML = "Uncollapse Categories";
document.getElementById(`collapseCategories`).innerText = "Uncollapse Categories";
for(var i=0;i<typeLength;i++) {
document.getElementById(`${types[i]["name"]}.text`).style.display = "none";
}
localStorage.collapseCategories = true;
} else {
document.getElementById(`collapseCategories`).innerHTML = "Collapse Categories";
document.getElementById(`collapseCategories`).innerText = "Collapse Categories";
for(var i=0;i<typeLength;i++) {
document.getElementById(`${types[i]["name"]}.text`).style.display = "";
}