mirror/webgui
1
0
Fork 0
mirror of https://github.com/unraid/webgui.git synced 2026-01-27 12:09:06 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/master'

Browse Source
This commit is contained in:
bergware
2020-03-04 16:23:18 +01:00
parent 91de90c872 491c1386e8
commit 691d591f5e
3 changed files with 16 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
plugins/dynamix.docker.manager/include/CreateDocker.php
View File

@@ -344,7 +344,7 @@ button[type=button]{margin:0 20px 0 0}
function makeConfig(opts) {
confNum += 1;
var newConfig = $("#templateDisplayConfig").html();
newConfig = newConfig.format(opts.Name,
newConfig = newConfig.format(stripTags(opts.Name),
opts.Target,
opts.Default,
opts.Mode,
@@ -380,7 +380,10 @@ button[type=button]{margin:0 20px 0 0}
}
return newConfig.prop('outerHTML');
}
function stripTags(string) {
return string.replace(/(<([^>]+)>)/ig,"");
}
function escapeQuote(string) {
return string.replace(new RegExp('"','g'),"&quot;");
}

2
plugins/dynamix.docker.manager/include/Helpers.php
View File

@@ -245,7 +245,7 @@ function xmlSecurity(&$template) {
$tempElement = htmlspecialchars_decode($element);
$tempElement = str_replace("[","<",$tempElement);
$tempElement = str_replace("]",">",$tempElement);
if (preg_match('#<script(.*?)>(.*?)</script>#is',$tempElement) || preg_match('#<iframe(.*?)>(.*?)</iframe>#is',$tempElement)) {
if (preg_match('#<script(.*?)>(.*?)</script>#is',$tempElement) || preg_match('#<iframe(.*?)>(.*?)</iframe>#is',$tempElement) || (stripos($tempElement,"<link") !== false) ) {
$element = "REMOVED";
}
}

15
plugins/dynamix/scripts/notify
View File

@@ -1,7 +1,7 @@
#!/usr/bin/php -q
<?PHP
/* Copyright 2005-2019, Lime Technology
* Copyright 2012-2019, Bergware International.
/* Copyright 2005-2020, Lime Technology
* Copyright 2012-2020, Bergware International.
* Copyright 2012, Andrew Hamer-Adams, http://www.pixeleyes.co.nz.
*
* This program is free software; you can redistribute it and/or
@@ -19,7 +19,7 @@ require_once "$docroot/webGui/include/Encryption.php";
function usage() {
echo <<<EOT
notify [-e "event"] [-s "subject"] [-d "description"] [-i "normal|warning|alert"] [-m "message"] [-x] [-t] [add]
notify [-e "event"] [-s "subject"] [-d "description"] [-i "normal|warning|alert"] [-m "message"] [-x] [-t] [-b] [add]
create a notification
use -e to specify the event
use -s to specify a subject
@@ -29,6 +29,7 @@ notify [-e "event"] [-s "subject"] [-d "description"] [-i "normal|warning|alert"
use -x to create a single notification ticket
use -r to specify recipients and not use default
use -t to force send email only (for testing)
use -b to NOT send a browser notification
all options are optional
notify init
@@ -164,7 +165,7 @@ case 'add':
$mailtest = false;
$overrule = false;
$options = getopt("e:s:d:i:m:r:xt");
$options = getopt("e:s:d:i:m:r:xtb");
foreach ($options as $option => $value) {
switch ($option) {
case 'e':
@@ -192,14 +193,18 @@ case 'add':
case 't':
$mailtest = true;
break;
case 'b':
$noBrowser = true;
break;
}
}
$unread = "{$unread}/".safe_filename("{$event}-{$ticket}.notify");
$archive = "{$archive}/".safe_filename("{$event}-{$ticket}.notify");
if (file_exists($archive)) break;
$entity = $overrule===false ? $notify[$importance] : $overrule;
if (!$mailtest) file_put_contents($archive,"timestamp=$timestamp\nevent=$event\nsubject=$subject\ndescription=$description\nimportance=$importance\n".($message ? "message=".str_replace('\n','<br>',$message)."\n" : ""));
if (($entity & 1)==1 && !$mailtest) file_put_contents($unread,"timestamp=$timestamp\nevent=$event\nsubject=$subject\ndescription=$description\nimportance=$importance\n");
if (($entity & 1)==1 && !$mailtest && !$noBrowser) file_put_contents($unread,"timestamp=$timestamp\nevent=$event\nsubject=$subject\ndescription=$description\nimportance=$importance\n");
if (($entity & 2)==2 || $mailtest) if (!generate_email($event, $subject, str_replace('<br>','. ',$description), $importance, $message, $recipients)) exit(1);
if (($entity & 4)==4 && !$mailtest) { if (is_array($agents)) {foreach ($agents as $agent) {exec("TIMESTAMP='$timestamp' EVENT=".escapeshellarg($event)." SUBJECT=".escapeshellarg($subject)." DESCRIPTION=".escapeshellarg($description)." IMPORTANCE=".escapeshellarg($importance)." CONTENT=".escapeshellarg($message)." bash ".$agent);};}};
break;