Skip to content

Commit 7f8b6f8

Browse files
ScIT-RaphaelScIT-Raphael
authored
Merge pull request hestiacp#2977 from jaapmarcus/fix/search
Fix small issues with search box
2 parents 3ebd9e4 + 11879d6 commit 7f8b6f8

File tree

3 files changed

+17
-2
lines changed

3 files changed

+17
-2
lines changed

web/search/index.php

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,12 @@
1111
// Check token
1212
verify_csrf($_GET);
1313

14+
if (empty($_GET['u'])){
15+
$_GET['u'] = '';
16+
}
17+
if (empty($_GET['q'])){
18+
$_GET['q'] = '';
19+
}
1420
// Data
1521
$q = quoteshellarg($_GET['q']);
1622
$u = quoteshellarg($_GET['u']);

web/templates/pages/list_log.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
<?php } ?>
1616
<?php if ($_SESSION['DEMO_MODE'] != "yes"){
1717
if (($_SESSION['userContext'] === 'admin') && (htmlentities($_GET['user']) !== 'admin')) { ?>
18-
<?php if (($_SESSION['userContext'] === 'admin') && (isset($_GET['user'])) && (htmlentities($_GET['user']) !== 'admin')) { ?>
18+
<?php if (($_SESSION['userContext'] === 'admin') && ($_GET['user'] != '') && (htmlentities($_GET['user']) !== 'admin')) { ?>
1919
<?php if (htmlentities($_GET['user']) !== 'system') {?>
2020
<a href="/list/log/auth/?user=<?=htmlentities($_GET['user']); ?>&token=<?=$_SESSION['token']?>" id="btn-back" class="ui-button cancel" dir="ltr" title="<?=_('Login history');?>"><i class="fas fa-binoculars status-icon green"></i><?=_('Login history');?></a>
2121
<?php } ?>

web/templates/pages/list_search.html

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -143,7 +143,16 @@
143143
</div>
144144
<div class="clearfix l-unit__stat-col--left text-center"><?=translate_date($value['DATE'])?></div>
145145
<div class="clearfix l-unit__stat-col--left text-center"><b>
146-
<a href="/search/?q=<?=htmlspecialchars($q); ?>&u=<?=$value['USER']; ?>"><?=$value['USER']; ?></a></b></div>
146+
<a href="/search/?q=<?=htmlentities($_GET['q']); ?>&u=<?=$value['USER']; ?>&token=<?=$_SESSION['token']?>"><?=$value['USER']; ?></a>
147+
<?php if (!($_SESSION['POLICY_SYSTEM_HIDE_ADMIN'] === 'yes' && $value['USER'] !== 'admin')){
148+
if ($_SESSION['userContext'] === 'admin'){
149+
?>
150+
<a href="/login/?loginas=<?=$value['USER']?>&token=<?=$_SESSION['token']?>" title="<?=_('login as');?> <?=$value['USER']?>"><i class="fas fa-sign-in-alt status-icon green status-icon dim icon-large"></i></a>
151+
<?php
152+
}
153+
}
154+
?>
155+
</b></div>
147156
<div class="clearfix l-unit__stat-col--left text-center"><?=_($object)?></b></div>
148157
</div>
149158
</div>

0 commit comments

Comments
 (0)