Compare commits

..

6 Commits

19 changed files with 72 additions and 75 deletions

View File

@@ -474,21 +474,21 @@ class API
$allowedMethods = ['GET', 'POST', 'PUT', 'DELETE']; $allowedMethods = ['GET', 'POST', 'PUT', 'DELETE'];
$method = $_SERVER['REQUEST_METHOD'] ?? ''; $method = $_SERVER['REQUEST_METHOD'] ?? '';
if (!in_array($method, $allowedMethods)) { # The HTTP_X_HTTP_METHOD_OVERRIDE header is allowed for API requests because
# some web servers do not support PUT or DELETE methods by default.
# This override is only applied when the request method is POST and the header is present.
if ($method === 'POST' && isset($_POST['X-HTTP-Method-Override'])) {
$override = strtoupper($_POST['X-HTTP-Method-Override']);
if (in_array($override, $allowedMethods, true)) {
$method = $override;
}
}
if (!in_array($method, $allowedMethods, true)) {
return false; return false;
} }
# Since browser doesnt allow DELETE or PUTs from the frontend forms (apart from some javascript/ajax fuckery)
# we need to check the _method POST value.
if ($this->user_type === 'frontend' && $method === 'POST' && isset($_POST['_method'])) {
$overrideMethod = strtoupper($_POST['_method']);
if (in_array($overrideMethod, ['PUT', 'DELETE'])) {
$this->request_method = $overrideMethod;
return true;
}
}
$this->request_method = $method; $this->request_method = $method;
return true; return true;
} }

View File

@@ -20,7 +20,7 @@ class API_system_modules extends API
public function enableModule() public function enableModule()
{ {
$module_uuid_enabled = ($this->data['module_enabled']) ? 0 : 1; $module_uuid_enabled = ($this->data['module_enabled']) ? 1 : 0;
# Module 'system cannot be disabled' # Module 'system cannot be disabled'
$query = "UPDATE system_modules SET module_enabled = ? WHERE module_uuid = ? AND module_slugify != 'system'"; $query = "UPDATE system_modules SET module_enabled = ? WHERE module_uuid = ? AND module_slugify != 'system'";

View File

@@ -20,14 +20,15 @@ class API_system_sources extends API
source_custom_data, source_custom_data,
source_create_timestamp, source_create_timestamp,
source_modified_timestamp) source_modified_timestamp)
VALUES (UUID(), ?, ?, '', '', ?, ?, ?, NULL) VALUES (UUID(), 'inserve', ?, '', '', ?, ?, ?, NULL)
ON DUPLICATE KEY UPDATE ON DUPLICATE KEY UPDATE
source_url = VALUES(source_url), source_url = VALUES(source_url),
source_auth_token = VALUES(source_auth_token), source_auth_token = VALUES(source_auth_token),
source_custom_data = VALUES(source_custom_data), source_custom_data = VALUES(source_custom_data),
source_modified_timestamp = VALUES(source_create_timestamp)"; source_modified_timestamp = VALUES(source_create_timestamp)";
$stmt = $this->prepareStatement($query); $stmt = $this->prepareStatement($query);
$stmt->bind_param('ssssi', $this->data['source_name'], $this->data['source_url'], $this->data['source_auth_token'], $this->data['source_custom_data'], time()); $source_modified_timestamp = time();
$stmt->bind_param('sssi', $this->data['source_url'], $this->data['source_auth_token'], $this->data['source_custom_data'], $source_modified_timestamp);
$this->executeStatement($stmt); $this->executeStatement($stmt);
$stmt->close(); $stmt->close();

View File

@@ -25,7 +25,7 @@ if ($API_permissions->request_method === 'GET') {
$API_permissions->validateData($requiredFields, $optionalFields); $API_permissions->validateData($requiredFields, $optionalFields);
$permissions = $API_permissions->getPermission(); $permissions = $API_permissions->getPermission();
$API_permissions->apiOutput($code = 200, ['success' => $permissions], 'permission_retrieved'); $API_permissions->apiOutput($code = 200, $permissions, 'permission_retrieved');
} elseif ($API_permissions->request_method === 'POST') { } elseif ($API_permissions->request_method === 'POST') {

View File

@@ -11,21 +11,14 @@ if ($API_system_sources->request_method === 'POST') {
# Enable or disable a module # Enable or disable a module
$API_system_sources->checkPermissions('admin-sources', 'RW'); $API_system_sources->checkPermissions('admin-sources', 'RW');
if ($_POST['source_name'] == 'inserve') {
$requiredFields = [ $requiredFields = [
'source_name' => ['type' => 'string'],
'source_url' => ['type' => 'string'], 'source_url' => ['type' => 'string'],
'source_auth_token' => ['type' => 'string'], 'source_auth_token' => ['type' => 'string'],
'source_custom_data' => ['type' => 'json'], 'source_custom_data' => ['type' => 'json'],
]; ];
} else {
$API_system_sources->apiOutput(400, ['error' => 'Error: no valid source_name posted']);
}
$API_system_sources->validateData($requiredFields); $API_system_sources->validateData($requiredFields);
if ($_POST['source_name'] == 'inserve') {
$API_system_sources->inserveUpdate(); $API_system_sources->inserveUpdate();
} }
}

View File

@@ -55,7 +55,7 @@ if ($API_usergroups->request_method === 'GET') {
$API_usergroups->checkPermissions('admin-access-control-user-groups', 'RW'); $API_usergroups->checkPermissions('admin-access-control-user-groups', 'RW');
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection # when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
$API_usergroups->return_url = false; $API_usergroups->return_url = false;
$requiredFields = ['user_group_uuid' => ['type' => 'uuid']]; $requiredFields = ['user_group_uuid' => ['type' => 'uuid']];

View File

@@ -20,28 +20,31 @@ if ($API_users->request_method === 'GET') {
'user_email' => ['type' => 'email'], 'user_email' => ['type' => 'email'],
'user_first_name' => ['type' => 'string'], 'user_first_name' => ['type' => 'string'],
'user_last_name' => ['type' => 'string'], 'user_last_name' => ['type' => 'string'],
'user_full_name' => ['type' => 'string'], 'user_full_name' => ['type' => 'string'], # Does not need to be posted, set later
'user_phone_number' => ['type' => 'string'], 'user_status' => ['type' => 'enum', 'values' => ['inactive', 'banned', 'pending']],
'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']], 'user_password' => ['type' => 'string'], # Does not need to be posted, set later
'user_password' => ['type' => 'string'], 'user_pref_language' => ['type' => 'enum', 'values' => ['en', 'nl']],
'user_pref_language' => ['type' => 'string'], 'user_password_reset_token' => ['type' => 'string'], # Does not need to be posted, set later
'user_password_reset_token' => ['type' => 'string'], 'user_password_reset_expires' => ['type' => 'int'], # Does not need to be posted, set later
'user_password_reset_expires' => ['type' => 'int'],
]; ];
# The user will need to verify their email, the password field cannot be NULL so set an random password for now till the user resets it on when verifing there email $optionalFields = [
'user_phone_number' => ['type' => 'string']
];
# The user will need to verify their email, the password field cannot be NULL so set a random password for now till the user resets it on when verifying there email
$random_string = substr(str_shuffle(str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01', 64)), 0, rand(50, 64)); $random_string = substr(str_shuffle(str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01', 64)), 0, rand(50, 64));
$user_password = password_hash($random_string, PASSWORD_BCRYPT, ["cost" => 12]); $user_password = password_hash($random_string, PASSWORD_BCRYPT, ["cost" => 12]);
$API_users->postedData['user_password'] = $user_password; $API_users->postedData['user_password'] = $user_password;
$API_users->postedData['user_full_name'] = trim($API_users->postedData['user_first_name'] . ' ' . $API_users->postedData['user_last_name']);
$API_users->postedData['user_pref_language'] = $API_users->postedData['user_pref_language'] ?? 'en';
$API_users->postedData['user_full_name'] = trim($_POST['user_first_name'] . ' ' . $_POST['user_last_name']); # Password reset token that will be sent to the newly created user
$API_users->postedData['user_pref_language'] = $_POST['user_pref_language'] ?? 'en';
# Password reset token that will be send to the newly created user
$API_users->postedData['user_password_reset_token'] = bin2hex(random_bytes(32)); $API_users->postedData['user_password_reset_token'] = bin2hex(random_bytes(32));
$API_users->postedData['user_password_reset_expires'] = time() + 86400; $API_users->postedData['user_password_reset_expires'] = time() + 86400;
$API_users->validateData($requiredFields); $API_users->validateData($requiredFields, $optionalFields);
$API_users->createUser(); $API_users->createUser();
} elseif ($API_users->request_method === 'PUT') { } elseif ($API_users->request_method === 'PUT') {
@@ -56,19 +59,20 @@ if ($API_users->request_method === 'GET') {
'user_first_name' => ['type' => 'string'], 'user_first_name' => ['type' => 'string'],
'user_last_name' => ['type' => 'string'], 'user_last_name' => ['type' => 'string'],
'user_full_name' => ['type' => 'string'], 'user_full_name' => ['type' => 'string'],
'user_phone_number' => ['type' => 'string'],
'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']], 'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']],
'user_pref_language' => ['type' => 'string'], 'user_pref_language' => ['type' => 'enum', 'values' => ['en', 'nl']],
];
$optionalFields = [
'user_phone_number' => ['type' => 'string'],
'user_stompable' => ['type' => 'boolean'] 'user_stompable' => ['type' => 'boolean']
]; ];
$API_users->postedData['user_full_name'] = trim($_POST['user_first_name'] . ' ' . $_POST['user_last_name']); $API_users->postedData['user_full_name'] = trim($API_users->postedData['user_first_name'] . ' ' . $API_users->postedData['user_last_name']);
$API_users->postedData['user_pref_language'] = $_POST['user_pref_language'] ?? 'en'; $API_users->postedData['user_pref_language'] = $API_users->postedData['user_pref_language'] ?? 'en';
$API_users->postedData['user_stompable'] = (bool)$_POST['user_stompable']; $API_users->postedData['user_stompable'] = (bool)$API_users->postedData['user_stompable'];
$API_users->validateData($requiredFields);
$API_users->validateData($requiredFields, $optionalFields);
$API_users->updateUser(); $API_users->updateUser();
@@ -82,7 +86,6 @@ if ($API_users->request_method === 'GET') {
'user_uuid' => ['type' => 'uuid'], 'user_uuid' => ['type' => 'uuid'],
]; ];
$API_users->validateData($requiredFields); $API_users->validateData($requiredFields);
$API_users->deleteUser(); $API_users->deleteUser();

View File

@@ -79,7 +79,7 @@ if ($device_found) {
$formBuilder->startForm(); $formBuilder->startForm();
?> ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/devices"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/devices">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="_return" value="/devices/?edit=<?php echo $device_data['device_uuid']; ?>"> <input type="hidden" name="_return" value="/devices/?edit=<?php echo $device_data['device_uuid']; ?>">
<input type="hidden" name="device_uuid" value="<?php echo $device_data['device_uuid'] ?>"> <input type="hidden" name="device_uuid" value="<?php echo $device_data['device_uuid'] ?>">
<div class="card-body"> <div class="card-body">

View File

@@ -60,7 +60,7 @@ function makeFileTables($API, $dataFolder, $device_slugify)
<?php if ($API->checkPermissions('admin-devices-files', 'RW', true)) { ?> <?php if ($API->checkPermissions('admin-devices-files', 'RW', true)) { ?>
<form action="/api/v1/autop/devices/files" method="post"> <form action="/api/v1/autop/devices/files" method="post">
<input type="hidden" name="filePath" value=""> <input type="hidden" name="filePath" value="">
<input type="hidden" name="_method" value="DELETE"> <input type="hidden" name="X-HTTP-Method-Override" value="DELETE">
<a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $urlPath ?>" data-api-url="/api/v1/autop/devices/files/" data-item-name="file_name"><i class="fas fa-trash-alt"></i></a> <a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $urlPath ?>" data-api-url="/api/v1/autop/devices/files/" data-item-name="file_name"><i class="fas fa-trash-alt"></i></a>
</form> </form>
<?php } ?> <?php } ?>

View File

@@ -58,7 +58,7 @@ if ($platform_data) {
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/autop/platforms/"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/autop/platforms/">
<input type="hidden" name="platform_uuid" value="<?php echo $platform_data["platform_uuid"] ?>"> <input type="hidden" name="platform_uuid" value="<?php echo $platform_data["platform_uuid"] ?>">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="platform_name" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('platform_name') ?></label> <label for="platform_name" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('platform_name') ?></label>

View File

@@ -55,7 +55,7 @@ $formBuilder->startForm();
if ($vendor_data) { ?> if ($vendor_data) { ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/autop/vendors"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/autop/vendors">
<input type="hidden" name="vendor_uuid" value="<?php echo $vendor_data["vendor_uuid"] ?>"> <input type="hidden" name="vendor_uuid" value="<?php echo $vendor_data["vendor_uuid"] ?>">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="vendor_name" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('vendor_name') ?></label> <label for="vendor_name" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('vendor_name') ?></label>

View File

@@ -60,7 +60,7 @@ $pageNavbar->outPutNavbar();
if ($admin_data) { if ($admin_data) {
$formBuilder->startForm(); ?> $formBuilder->startForm(); ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/portal-management/users/"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/portal-management/users/">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="_return" value="/accesscontrol/?admin_view=<?php echo $user_uuid ?>"> <input type="hidden" name="_return" value="/accesscontrol/?admin_view=<?php echo $user_uuid ?>">
<input type="hidden" name="user_uuid" value="<?php echo $user_uuid; ?>"/> <input type="hidden" name="user_uuid" value="<?php echo $user_uuid; ?>"/>
<div class="card-body"> <div class="card-body">

View File

@@ -61,7 +61,7 @@ if ($permission_data) {
$formBuilder->startForm(); ?> $formBuilder->startForm(); ?>
<form id="FormValidation" method="post" action="/api/v1/portal-management/permissions/"> <form id="FormValidation" method="post" action="/api/v1/portal-management/permissions/">
<input type="hidden" name="_return" value="/accesscontrol/?permission_view=<?php echo $permission_uuid ?>"> <input type="hidden" name="_return" value="/accesscontrol/?permission_view=<?php echo $permission_uuid ?>">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="permission_uuid" value="<?php echo $permission_uuid ?>"> <input type="hidden" name="permission_uuid" value="<?php echo $permission_uuid ?>">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">

View File

@@ -53,7 +53,7 @@ $pageNavbar->outPutNavbar();
$formBuilder->startForm(); $formBuilder->startForm();
?> ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/portal-management/user-groups/"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/portal-management/user-groups/">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="user_group_uuid" value="<?php echo $user_group['user_group_uuid'] ?>"/> <input type="hidden" name="user_group_uuid" value="<?php echo $user_group['user_group_uuid'] ?>"/>
<input type="hidden" name="user_group_slugify" value="<?php echo $user_group['user_group_slugify'] ?>"/> <input type="hidden" name="user_group_slugify" value="<?php echo $user_group['user_group_slugify'] ?>"/>
<div class="card-body"> <div class="card-body">

View File

@@ -86,7 +86,7 @@ while ($module = $system_modules_data->fetch_assoc()) {
</div> </div>
<div class="card"> <div class="card">
<form id="FormValidation" method="post" action="/api/v1/portal-management/configure/"> <form id="FormValidation" method="post" action="/api/v1/portal-management/configure/">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="_return" value="/systemconfig/#global-settings"> <input type="hidden" name="_return" value="/systemconfig/#global-settings">
<input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>"> <input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>">
<div class="card-body"> <div class="card-body">
@@ -175,7 +175,7 @@ while ($module = $system_modules_data->fetch_assoc()) {
<div class="card"> <div class="card">
<form id="FormValidation" method="post" action="/api/v1/portal-management/mail/configure/"> <form id="FormValidation" method="post" action="/api/v1/portal-management/mail/configure/">
<input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>"> <input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="_return" value="/systemconfig/#mail-settings"> <input type="hidden" name="_return" value="/systemconfig/#mail-settings">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
@@ -271,7 +271,7 @@ while ($module = $system_modules_data->fetch_assoc()) {
</p> </p>
<form id="FormValidation" method="post" action="/api/v1/portal-management/mail/test/"> <form id="FormValidation" method="post" action="/api/v1/portal-management/mail/test/">
<input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>"> <input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>">
<input type="hidden" name="_method" value="POST"> <input type="hidden" name="X-HTTP-Method-Override" value="POST">
<input type="hidden" name="_return" value="/systemconfig/#mail-settings"> <input type="hidden" name="_return" value="/systemconfig/#mail-settings">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="mail_to" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('mail_to') ?>:</label> <label for="mail_to" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('mail_to') ?>:</label>
@@ -308,7 +308,7 @@ while ($module = $system_modules_data->fetch_assoc()) {
<div class="card p-3"> <div class="card p-3">
<form id="FormValidation" method="post" action="/api/v1/modules/"> <form id="FormValidation" method="post" action="/api/v1/modules/">
<input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>"> <input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="_return" value="/systemconfig/#modules"> <input type="hidden" name="_return" value="/systemconfig/#modules">
<table class="multi-filter-select display table table-striped table-hover" data-skip-columns="0,5"> <table class="multi-filter-select display table table-striped table-hover" data-skip-columns="0,5">
<thead> <thead>
@@ -331,7 +331,7 @@ while ($module = $system_modules_data->fetch_assoc()) {
<td> <td>
<label class="switch"> <label class="switch">
<input type="checkbox" class="checkbox" data-api-url="/api/v1/portal-management/modules/" data-api-data='<?php echo json_encode(['module_uuid' => $module['module_uuid'], 'module_enabled' => $module['module_enabled'] ? 0 : 1]) ?>' data-api-changevalue="module_enabled" <input type="checkbox" class="checkbox" data-api-url="/api/v1/portal-management/modules/" data-api-data='<?php echo json_encode(['module_uuid' => $module['module_uuid'], 'module_enabled' => $module['module_enabled'] ? 1 : 0]) ?>' data-api-changevalue="module_enabled"
<?php echo(($module['module_enabled']) ? 'checked' : '') ?> <?php echo(($module['module_enabled']) ? 'checked' : '') ?>
<?php echo ($API->checkPermissions('admin-modules', 'RW', true)) ? '' : 'disabled' ?> <?php echo ($API->checkPermissions('admin-modules', 'RW', true)) ? '' : 'disabled' ?>
<?php echo(($module['module_slugify'] == 'system') ? 'disabled' : '') ?>> <?php echo(($module['module_slugify'] == 'system') ? 'disabled' : '') ?>>

View File

@@ -56,9 +56,8 @@ $pageNavbar->outPutNavbar();
</div> </div>
<form id="FormValidation" method="post" action="/api/v1/portal-management/sources/inserve/"> <form id="FormValidation" method="post" action="/api/v1/portal-management/sources/inserve/">
<input type="hidden" name="_method" value="POST"> <input type="hidden" name="X-HTTP-Method-Override" value="POST">
<input type="hidden" name="_return" value="/portal-management/sources/inserve"> <input type="hidden" name="_return" value="/portal-management/sources/inserve">
<input type="hidden" name="source_name" value="inserve">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">

View File

@@ -110,7 +110,7 @@ $logo = $logos[$baseos] ?? 'server';
if ($API->checkPermissions('servers', 'RW', true)) { if ($API->checkPermissions('servers', 'RW', true)) {
$pageNavbar->AddHTMLButton( $pageNavbar->AddHTMLButton(
'<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/servers/"> '<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/servers/">
<input type="hidden" name="_method" value="POST"> <input type="hidden" name="X-HTTP-Method-Override" value="POST">
<input type="hidden" name="_return" value="/servers?view=' . $server_data['server_uuid'] . '"> <input type="hidden" name="_return" value="/servers?view=' . $server_data['server_uuid'] . '">
<input type="hidden" name="server_vm_id" value="' . $server_data['server_vm_id'] . '"/>' . <input type="hidden" name="server_vm_id" value="' . $server_data['server_vm_id'] . '"/>' .
( (
@@ -155,7 +155,7 @@ $pageNavbar->outPutNavbar();
<div class="col-lg-auto col-md-auto"> <div class="col-lg-auto col-md-auto">
<table class="table table-borderless"> <table class="table table-borderless">
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/servers/"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/servers/">
<input type="hidden" name="_method" value="POST"> <input type="hidden" name="X-HTTP-Method-Override" value="POST">
<input type="hidden" name="_return" value="/servers?view=<?php echo $server_data['server_uuid'] ?>"> <input type="hidden" name="_return" value="/servers?view=<?php echo $server_data['server_uuid'] ?>">
<input type="hidden" name="server_vm_id" value="<?php echo $server_data['server_vm_id'] ?>"/> <input type="hidden" name="server_vm_id" value="<?php echo $server_data['server_vm_id'] ?>"/>
<tr> <tr>

View File

@@ -248,7 +248,7 @@ if (isset($this->jsScriptLoadData['activateCompany'])) { ?>
const params = { const params = {
company_uuid: companyUuid, company_uuid: companyUuid,
company_state: newState, company_state: newState,
_method: 'PUT' "X-HTTP-Method-Override": "PUT"
}; };
const rootStyles = getComputedStyle(document.documentElement); const rootStyles = getComputedStyle(document.documentElement);
@@ -641,7 +641,7 @@ if (isset($this->jsScriptLoadData['stompjes'])) { ?>
// Make the POST request to delete the device // Make the POST request to delete the device
$.post(apiUrl, { $.post(apiUrl, {
[itemName]: itemUuid, [itemName]: itemUuid,
_method: "POST" "X-HTTP-Method-Override": "POST"
}) })
.done(function (response) { .done(function (response) {
@@ -712,7 +712,7 @@ if (isset($this->jsScriptLoadData['stompjes'])) { ?>
// Make the POST request to delete the device // Make the POST request to delete the device
$.post(deleteStompOptions.apiUrl, { $.post(deleteStompOptions.apiUrl, {
[deleteStompOptions.itemName]: deleteStompOptions.itemUuid, [deleteStompOptions.itemName]: deleteStompOptions.itemUuid,
_method: "DELETE" "X-HTTP-Method-Override": "DELETE"
}) })
.done(function (response) { .done(function (response) {
@@ -963,7 +963,7 @@ if (isset($this->jsScriptLoadData['delete_confirmation'])) { ?>
// Make the POST request to delete the item // Make the POST request to delete the item
$.post(apiUrl, { $.post(apiUrl, {
[itemName]: itemUuid, [itemName]: itemUuid,
_method: "DELETE" "X-HTTP-Method-Override": "DELETE"
}) })
.done(function (response) { .done(function (response) {
@@ -1154,7 +1154,7 @@ if (isset($this->jsScriptLoadData['updateToggle'])) { ?>
} }
// Add method override // Add method override
dataObj._method = 'PUT'; dataObj['X-HTTP-Method-Override'] = 'PUT';
// Convert to URL-encoded string // Convert to URL-encoded string
const formBody = new URLSearchParams(dataObj).toString(); const formBody = new URLSearchParams(dataObj).toString();
@@ -1169,8 +1169,8 @@ if (isset($this->jsScriptLoadData['updateToggle'])) { ?>
}); });
if (response.ok) { if (response.ok) {
// Remove _method before saving back // Remove X-HTTP-Method-Override before saving back
delete dataObj._method; delete dataObj['X-HTTP-Method-Override']
input.setAttribute('data-api-data', JSON.stringify(dataObj)); input.setAttribute('data-api-data', JSON.stringify(dataObj));
} else { } else {
input.checked = !input.checked; // revert toggle input.checked = !input.checked; // revert toggle
@@ -1209,7 +1209,7 @@ if (isset($this->jsScriptLoadData['updatePermissions'])) { ?>
formData.append('permission_uuid', permissionUUID); formData.append('permission_uuid', permissionUUID);
formData.append('user_group_uuid', userGroupUUID); formData.append('user_group_uuid', userGroupUUID);
formData.append('permission_value', permissionValue); formData.append('permission_value', permissionValue);
formData.append('_method', 'PUT') formData.append('X-HTTP-Method-Override', 'PUT')
try { try {
const response = await fetch(apiUrl, { const response = await fetch(apiUrl, {

1
sql-update-1.2.3.sql Normal file
View File

@@ -0,0 +1 @@
ALTER TABLE `system_users` CHANGE COLUMN `user_pref_language` `user_pref_language` ENUM("en","nl") NOT NULL DEFAULT 'en' COLLATE 'utf8mb4_general_ci' AFTER `user_login_attempts`;