beenull/ctrlpanel
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Fixed Javascript exploit

Browse source
This commit is contained in:
1day2die 2022-04-20 12:12:48 +02:00
parent e9494a3dda
commit 4d3b88e59b
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/Http/Controllers/Admin/ServerController.php
View file

@ -163,7 +163,7 @@ class ServerController extends Controller
return $server->suspended ? $server->suspended->diffForHumans() : '';
})
->editColumn('name', function (Server $server) {
return '<a class="text-info" target="_blank" href="' . config("SETTINGS::SYSTEM:PTERODACTYL:URL") . '/admin/servers/view/' . $server->pterodactyl_id . '">' . $server->name . '</a>';
return '<a class="text-info" target="_blank" href="' . config("SETTINGS::SYSTEM:PTERODACTYL:URL") . '/admin/servers/view/' . $server->pterodactyl_id . '">' . strip_tags($server->name) . '</a>';
})
->rawColumns(['user', 'actions', 'status', 'name'])
->make();

2
app/Http/Controllers/Admin/UserController.php
View file

@ -302,7 +302,7 @@ class UserController extends Controller
return '<span class="badge ' . $badgeColor . '">' . $user->role . '</span>';
})
->editColumn('name', function (User $user) {
return '<a class="text-info" target="_blank" href="' . config("SETTINGS::SYSTEM:PTERODACTYL:URL") . '/admin/users/view/' . $user->pterodactyl_id . '">' . $user->name . '</a>';
return '<a class="text-info" target="_blank" href="' . config("SETTINGS::SYSTEM:PTERODACTYL:URL") . '/admin/users/view/' . $user->pterodactyl_id . '">' . strip_tags($user->name) . '</a>';
})
->orderColumn('last_seen', function ($query, $order) {
$query->orderBy('last_seen', $order);