Fix dashboard html escaping and javascript redirect (#11370)

2020-04-02 23:33:18 +02:00 · 2020-04-02 23:33:18 +02:00 · 69280b3501
parent 7c770a99d8
commit 69280b3501
2 changed files with 3 additions and 3 deletions
--- a/includes/html/forms/add-dashboard.inc.php
+++ b/includes/html/forms/add-dashboard.inc.php
@ -36,7 +36,7 @@ if (!Auth::check()) {
 $status    = 'error';
 $message   = 'unknown error';

-$dashboard_name = display($_REQUEST['dashboard_name']);
+$dashboard_name = trim($_REQUEST['dashboard_name']);

 if (!empty($dashboard_name) && ($dash_id = dbInsert(['dashboard_name' => $dashboard_name, 'user_id' => Auth::id()], 'dashboards'))) {
    $status  = 'ok';
--- a/resources/views/overview/default.blade.php
+++ b/resources/views/overview/default.blade.php
@ -426,7 +426,7 @@
                    if (data.status == "ok") {
                        toastr.success(data.message);
                        setTimeout(function (){
-                            window.location.href = "{{ url('/?dashboard=') }} + dashboard_id";
+                            window.location.href = "{{ url('/?dashboard=') }}" + dashboard_id;
                        }, 500);
                    }
                    else {
@ -455,7 +455,7 @@
                if( data.status == "ok" ) {
                    toastr.success(data.message);
                    setTimeout(function (){
-                        window.location.href = "{{ url('/?dashboard=') }} + data.dashboard_id";
+                        window.location.href = "{{ url('/?dashboard=') }}" + data.dashboard_id;
                    }, 500);
                }
                else {