diff options
| author | Simon Rettberg | 2020-11-04 11:18:15 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2020-11-04 11:18:15 +0100 |
| commit | 73fb00658bef1a8ee7793d599e672df7bbb043ee (patch) | |
| tree | 3861aae2bc9eb7df8c02084cdccf034678ee0a87 | |
| parent | [serversetup-bwlp-ipxe] Re-interoduce direct boot for one-item menus (diff) | |
| download | slx-admin-73fb00658bef1a8ee7793d599e672df7bbb043ee.tar.gz slx-admin-73fb00658bef1a8ee7793d599e672df7bbb043ee.tar.xz slx-admin-73fb00658bef1a8ee7793d599e672df7bbb043ee.zip | |
[locationinfo] Fix: api.php access in redirect mode not working
Also get rid of slx-admin prefix / {{dirprefix}}. We now have only one
variable to be filled in the template, namely {{api}}, which should also
make sure that accessing other module's API is not possible.
Matching rewrite rules should land in setup-scripts soon.
3 files changed, 19 insertions, 15 deletions
diff --git a/modules-available/locationinfo/page.inc.php b/modules-available/locationinfo/page.inc.php index df5b3632..e350d407 100644 --- a/modules-available/locationinfo/page.inc.php +++ b/modules-available/locationinfo/page.inc.php @@ -1047,7 +1047,11 @@ class Page_LocationInfo extends Page preg_match('#^/(.*)/#', $_SERVER['PHP_SELF'], $script); preg_match('#^/([^?]+)/#', $_SERVER['REQUEST_URI'], $request); if ($script[1] !== $request[1]) { - $data['dirprefix'] = $script[1] . '/'; + // Working with server-side redirects + $data['api'] = 'api/'; + } else { + // 1:1 + $data['api'] = 'api.php?do=locationinfo&'; } if ($type === 'DEFAULT') { diff --git a/modules-available/locationinfo/templates/frontend-default.html b/modules-available/locationinfo/templates/frontend-default.html index 324ee559..ad2917f4 100755 --- a/modules-available/locationinfo/templates/frontend-default.html +++ b/modules-available/locationinfo/templates/frontend-default.html @@ -26,8 +26,8 @@ optional: <meta name="viewport" content="width=device-width, initial-scale=1.0" charset="utf-8"> <head> <title>DoorSign</title> - <link rel='stylesheet' type='text/css' href='{{dirprefix}}modules/js_jqueryui/style.css'/> - <link rel='stylesheet' type='text/css' href='{{dirprefix}}modules/js_weekcalendar/style.css'/> + <link rel='stylesheet' type='text/css' href='modules/js_jqueryui/style.css'/> + <link rel='stylesheet' type='text/css' href='modules/js_weekcalendar/style.css'/> <style type="text/css"> @@ -363,10 +363,10 @@ optional: </style> - <script type='text/javascript' src='{{dirprefix}}script/jquery.js'></script> - <script type='text/javascript' src='{{dirprefix}}modules/js_jqueryui/clientscript.js'></script> - <script type='text/javascript' src="{{dirprefix}}modules/js_weekcalendar/clientscript.js"></script> - <script type='text/javascript' src='{{dirprefix}}modules/locationinfo/frontend/frontendscript.js'></script> + <script type='text/javascript' src='script/jquery.js'></script> + <script type='text/javascript' src='modules/js_jqueryui/clientscript.js'></script> + <script type='text/javascript' src="modules/js_weekcalendar/clientscript.js"></script> + <script type='text/javascript' src='modules/locationinfo/frontend/frontendscript.js'></script> </head> <body> @@ -950,7 +950,7 @@ optional: */ function queryCalendars() { if (!panelUuid) return; - var url = "{{dirprefix}}api.php?do=locationinfo&get=calendar&uuid=" + panelUuid; + var url = "{{{api}}}get=calendar&uuid=" + panelUuid; $.ajax({ url: url, dataType: 'json', @@ -1502,7 +1502,7 @@ optional: */ function queryPanelChange() { $.ajax({ - url: "{{dirprefix}}api.php?do=locationinfo&get=timestamp&uuid=" + panelUuid, + url: "{{{api}}}get=timestamp&uuid=" + panelUuid, dataType: 'json', cache: false, timeout: 5000, @@ -1525,7 +1525,7 @@ optional: */ function queryRooms() { $.ajax({ - url: "{{dirprefix}}api.php?do=locationinfo&get=machines&uuid=" + panelUuid, + url: "{{{api}}}get=machines&uuid=" + panelUuid, dataType: 'json', cache: false, timeout: 30000, diff --git a/modules-available/locationinfo/templates/frontend-summary.html b/modules-available/locationinfo/templates/frontend-summary.html index 540d0af6..136ac3a5 100644 --- a/modules-available/locationinfo/templates/frontend-summary.html +++ b/modules-available/locationinfo/templates/frontend-summary.html @@ -2,8 +2,8 @@ <html lang="{{language}}"> <meta name="viewport" content="width=device-width, initial-scale=1.0" charset="utf-8"> <head> - <script type='text/javascript' src='{{dirprefix}}script/jquery.js'></script> - <script type='text/javascript' src='{{dirprefix}}modules/locationinfo/frontend/frontendscript.js'></script> + <script type='text/javascript' src='script/jquery.js'></script> + <script type='text/javascript' src='modules/locationinfo/frontend/frontendscript.js'></script> <style type='text/css'> @@ -249,7 +249,7 @@ */ function queryRooms() { $.ajax({ - url: "{{dirprefix}}api.php?do=locationinfo&get=pcstates&uuid={{uuid}}", + url: "{{{api}}}get=pcstates&uuid={{uuid}}", dataType: 'json', cache: false, timeout: 30000, @@ -696,7 +696,7 @@ * api.inc.php / page.inc.php is getting the ids with the panel uuid. */ function queryCalendars() { - var url = "{{dirprefix}}api.php?do=locationinfo&get=calendar&uuid={{uuid}}"; + var url = "{{{api}}}get=calendar&uuid={{uuid}}"; // Todo reimplement Frontend method if needed /* @@ -723,7 +723,7 @@ */ function queryPanelChange() { $.ajax({ - url: "{{dirprefix}}api.php?do=locationinfo&get=timestamp&uuid={{uuid}}", + url: "{{{api}}}get=timestamp&uuid={{uuid}}", dataType: 'json', cache: false, timeout: 5000, |