mirror of
https://github.com/Froxlor/Froxlor.git
synced 2024-09-21 10:27:29 +00:00
fix editing api-keys as customer
Signed-off-by: Michael Kaufmann <michael.kaufmann@aixit.com>
This commit is contained in:
parent
4f69571e1c
commit
9e7715430b
12
api_keys.php
12
api_keys.php
@ -26,6 +26,7 @@ if (! defined('AREA')) {
|
||||
$del_stmt = Database::prepare("DELETE FROM `" . TABLE_API_KEYS . "` WHERE id = :id");
|
||||
$success_message = "";
|
||||
$id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
|
||||
$area = AREA;
|
||||
|
||||
// do the delete and then just show a success-message and the apikeys list again
|
||||
if ($action == 'delete') {
|
||||
@ -85,7 +86,16 @@ if ($action == 'delete') {
|
||||
$allowed_from = isset($_POST['allowed_from']) ? $_POST['allowed_from'] : "";
|
||||
$valid_until = isset($_POST['valid_until']) ? (int)$_POST['valid_until'] : -1;
|
||||
|
||||
// @todo validate allowed_from
|
||||
// validate allowed_from
|
||||
$ip_list = explode(",", $allowed_from);
|
||||
$_check_list = $ip_list;
|
||||
foreach ($_check_list as $idx => $ip) {
|
||||
if (validate_ip2($ip, true, 'invalidip', true, true) == false) {
|
||||
unset ($ip_list[$idx]);
|
||||
}
|
||||
}
|
||||
$ip_list = array_map('inet_pton', $ip_list);
|
||||
$allowed_from = implode(",", array_unique($ip_list));
|
||||
|
||||
if ($valid_until <= 0 || !is_numeric($valid_until)) {
|
||||
$valid_until = -1;
|
||||
|
@ -23,10 +23,7 @@ if (! defined('_CRON_UPDATE')) {
|
||||
|
||||
if (isFroxlorVersion('0.9.39.5')) {
|
||||
showUpdateStep("Updating from 0.9.39.5 to 0.10.0", false);
|
||||
updateToVersion('0.10.0');
|
||||
}
|
||||
|
||||
if (isFroxlorVersion('0.10.0')) {
|
||||
showUpdateStep("Adding new api keys table");
|
||||
Database::query("DROP TABLE IF EXISTS `api_keys`;");
|
||||
$sql = "CREATE TABLE `api_keys` (
|
||||
@ -60,9 +57,14 @@ if (isFroxlorVersion('0.10.0')) {
|
||||
Database::query("ALTER TABLE `panel_admins` MODIFY `ip` varchar(500) NOT NULL default '-1';");
|
||||
$upd_stmt = Database::prepare("UPDATE `panel_admins` SET `ip` = :ip WHERE `adminid` = :adminid");
|
||||
foreach ($all_admins as $adm) {
|
||||
if ($admin['ip'] != '-1') {
|
||||
Database::pexecute($upd_stmt, array('ip' => json_encode($adm['ip']), 'adminid' => $adm['adminid']));
|
||||
if ($adm['ip'] != '-1') {
|
||||
Database::pexecute($upd_stmt, array(
|
||||
'ip' => json_encode($adm['ip']),
|
||||
'adminid' => $adm['adminid']
|
||||
));
|
||||
}
|
||||
}
|
||||
lastStepStatus(0);
|
||||
|
||||
updateToVersion('0.10.0');
|
||||
}
|
||||
|
1
templates/Sparkle/api_keys/keys_key.tpl
vendored
1
templates/Sparkle/api_keys/keys_key.tpl
vendored
@ -23,6 +23,7 @@
|
||||
<div id="dialog-{$row['id']}" title="API-key / Secret" class="hidden api-dialog">
|
||||
<form action="{$linker->getLink(array('section' => 'apikeys'))}" method="post" enctype="application/x-www-form-urlencoded">
|
||||
<input type="hidden" name="id" value="{$row['id']}"/>
|
||||
<input type="hidden" name="area" value="{$area}"/>
|
||||
<table class="full hl">
|
||||
<tr>
|
||||
<th>API-key</th><td><input type="text" value="{$row['apikey']}" readonly/></td>
|
||||
|
5
templates/Sparkle/assets/js/apikey.js
vendored
5
templates/Sparkle/assets/js/apikey.js
vendored
@ -22,6 +22,7 @@ $(document).ready(function() {
|
||||
var sid = getUrlParameter('s');
|
||||
var page = getUrlParameter('page');
|
||||
|
||||
var area = $('#dialog-' + id + ' input[name="area"]').val();
|
||||
var apikey_id = $('#dialog-' + id + ' input[name="id"]').val();
|
||||
var allowed_from = $('#dialog-' + id + ' input[name="allowed_from"]').val();
|
||||
var valid_until = $('#dialog-' + id + ' input[name="valid_until"]').val();
|
||||
@ -33,7 +34,7 @@ $(document).ready(function() {
|
||||
}
|
||||
|
||||
$.ajax({
|
||||
url: "admin_index.php?s="+sid+"&page="+page+"&action=jqEditApiKey",
|
||||
url: area + "_index.php?s="+sid+"&page="+page+"&action=jqEditApiKey",
|
||||
type: "POST",
|
||||
data: {
|
||||
id: apikey_id, allowed_from: allowed_from, valid_until: s
|
||||
@ -41,7 +42,7 @@ $(document).ready(function() {
|
||||
dataType: "json",
|
||||
success: function(json) {
|
||||
$('#dialog-' + id).dialog("close");
|
||||
location.href = "admin_index.php?s="+sid+"&page="+page;
|
||||
location.href = area + "_index.php?s="+sid+"&page="+page;
|
||||
},
|
||||
error: function(a, b) {
|
||||
console.log(a, b);
|
||||
|
Loading…
Reference in New Issue
Block a user