This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
Check that arguments can be used as reference when one is expected
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /* @var View */ |
||
4 | /* @var $model hipanel\modules\hosting\models\Ip */ |
||
5 | /* @var $tags array */ |
||
6 | |||
7 | use hipanel\modules\hosting\widgets\combo\ServiceCombo; |
||
8 | use hipanel\modules\server\widgets\combo\ServerCombo; |
||
9 | use hipanel\widgets\DynamicFormWidget; |
||
10 | use hiqdev\combo\StaticCombo; |
||
11 | use yii\bootstrap\ActiveForm; |
||
12 | use yii\helpers\Html; |
||
13 | use yii\helpers\Url; |
||
14 | use yii\web\JsExpression; |
||
15 | use yii\web\View; |
||
16 | |||
17 | $form = ActiveForm::begin([ |
||
18 | 'id' => 'dynamic-form', |
||
19 | 'enableClientValidation' => true, |
||
20 | 'validateOnBlur' => true, |
||
21 | 'enableAjaxValidation' => true, |
||
22 | 'validationUrl' => Url::toRoute(['validate-form', 'scenario' => $model->isNewRecord ? $model->scenario : 'update']), |
||
23 | ]); |
||
24 | |||
25 | DynamicFormWidget::begin([ |
||
26 | 'widgetContainer' => 'dynamicform_wrapper', |
||
27 | 'widgetBody' => '.container-items', |
||
28 | 'widgetItem' => '.ip-item', |
||
29 | 'limit' => 20, |
||
30 | 'min' => 1, |
||
31 | 'insertButton' => '.add-ip', |
||
32 | 'deleteButton' => '.remove-ip', |
||
33 | 'model' => reset($models), |
||
34 | 'formId' => 'dynamic-form', |
||
35 | 'formFields' => [ |
||
36 | 'ip', |
||
37 | ], |
||
38 | ]); ?> |
||
39 | <div class="container-items"><!-- widgetContainer --> |
||
40 | <?php foreach ($models as $i => $model) : ?> |
||
41 | <div class="row ip-item"> |
||
42 | <div class="col-md-5"> |
||
43 | <div class="box box-danger"> |
||
44 | <div class="box-body"> |
||
45 | <div class="form-instance" xmlns="http://www.w3.org/1999/html" xmlns="http://www.w3.org/1999/html"> |
||
46 | <?php |
||
47 | if ($model->isNewRecord) { |
||
48 | $model->id = $i; |
||
49 | } |
||
50 | echo $form->field($model, "[$i]id")->hiddenInput(['data-attribute' => 'id'])->label(false); |
||
51 | echo $form->field($model, "[$i]ip")->textInput(['readonly' => !$model->isNewRecord]); |
||
52 | |||
53 | DynamicFormWidget::begin([ |
||
54 | 'widgetContainer' => 'dynamicform_links', |
||
55 | 'widgetBody' => '.container-ips', |
||
56 | 'widgetItem' => '.item', |
||
57 | 'limit' => 20, |
||
58 | 'min' => 1, |
||
59 | 'insertButton' => '.add-link', |
||
60 | 'deleteButton' => '.remove-link', |
||
61 | 'model' => reset($model->getAddedLinks()), |
||
0 ignored issues
–
show
Bug
introduced
by
![]() |
|||
62 | 'formId' => 'dynamic-form', |
||
63 | 'formFields' => [ |
||
64 | 'id', |
||
65 | 'device', |
||
66 | 'service_id', |
||
67 | ], |
||
68 | ]) ?> |
||
69 | <div class="container-ips"> |
||
70 | <?php foreach ($model->getAddedLinks() as $link_id => $link) : ?> |
||
71 | <div class="item"> |
||
72 | <?php |
||
73 | if ($link->isNewRecord && empty($link->ip_id)) { |
||
74 | $link->ip_id = $i; |
||
75 | } |
||
76 | |||
77 | echo Html::activeHiddenInput($link, "[$i][$link_id]id", ['value' => $link->id]); |
||
78 | echo Html::activeHiddenInput($link, "[$i][$link_id]ip_id", ['data-attribute' => 'ip_id', 'value' => $model->id]); ?> |
||
79 | |||
80 | <label><?= Yii::t('hipanel:hosting', 'Links') ?></label> |
||
81 | <div class="row" style="margin-bottom: 5pt"> |
||
82 | <div class="col-md-5"> |
||
83 | <?= $form->field($link, "[$i][$link_id]device")->widget(ServerCombo::class, [ |
||
84 | // TODO: Change to DeviceCombo when will be implemented |
||
85 | 'pluginOptions' => [], |
||
86 | 'formElementSelector' => '.item', |
||
87 | 'inputOptions' => [ |
||
88 | 'data-combo-field' => 'device', |
||
89 | ], |
||
90 | ])->label(false) ?> |
||
91 | </div> |
||
92 | <div class="col-md-5"> |
||
93 | <?php |
||
94 | $formatJs = new JsExpression(" |
||
95 | function (data) { |
||
96 | if (data.text === data.soft) { |
||
97 | return data.text; |
||
98 | } else if (data.text == '') { |
||
99 | return data.soft; |
||
100 | } else if (data.soft) { |
||
101 | return data.text + '<br><small>' + data.soft + '</small>'; |
||
102 | } else { |
||
103 | return data.text; |
||
104 | } |
||
105 | } |
||
106 | "); |
||
107 | echo $form->field($link, "[$i][$link_id]service_id")->widget(ServiceCombo::class, [ |
||
108 | 'pluginOptions' => [ |
||
109 | 'activeWhen' => [ |
||
110 | 'server/server', |
||
111 | ], |
||
112 | 'select2Options' => [ |
||
113 | 'templateResult' => $formatJs, |
||
114 | 'templateSelection' => $formatJs, |
||
115 | 'escapeMarkup' => new JsExpression('function (markup) { |
||
116 | return markup; // Allows HTML |
||
117 | }'), |
||
118 | ], |
||
119 | ], |
||
120 | 'formElementSelector' => '.item', |
||
121 | 'inputOptions' => [ |
||
122 | 'data-combo-field' => 'service_id', |
||
123 | ], |
||
124 | ])->label(false) ?> |
||
125 | </div> |
||
126 | <div class="col-md-2 text-right"> |
||
127 | <div class="btn-group" role="group"> |
||
128 | <button type="button" class="add-link btn btn-default"><i class="glyphicon glyphicon-plus"></i></button> |
||
129 | <button type="button" class="remove-link btn btn-default"><i class="glyphicon glyphicon-minus"></i></button> |
||
130 | </div> |
||
131 | </div> |
||
132 | </div> |
||
133 | </div> |
||
134 | <?php endforeach; ?> |
||
135 | </div> |
||
136 | <?php DynamicFormWidget::end(); |
||
137 | echo $form->field($model, "[$i]tags")->widget(StaticCombo::class, [ |
||
138 | 'data' => $tags, |
||
139 | 'hasId' => true, |
||
140 | 'multiple' => true, |
||
141 | ]); |
||
142 | ?> |
||
143 | <?php if (Yii::$app->user->can('admin')) : ?> |
||
144 | <?= $form->field($model, "[$i]note")->textarea() ?> |
||
145 | <?php endif; ?> |
||
146 | </div> |
||
147 | </div> |
||
148 | </div> |
||
149 | </div> |
||
150 | </div> |
||
151 | <?php endforeach; ?> |
||
152 | </div> |
||
153 | <?php DynamicFormWidget::end() ?> |
||
154 | |||
155 | <?= Html::submitButton(Yii::t('hipanel', 'Save'), ['class' => 'btn btn-success']) ?> |
||
156 | |
||
157 | <?= Html::button(Yii::t('hipanel', 'Cancel'), ['class' => 'btn btn-default', 'onclick' => 'history.go(-1)']) ?> |
||
158 | |||
159 | <?php ActiveForm::end(); |
||
160 | |||
161 | $this->registerJs("$('.dynamicform_links').on('afterInsert', function (e, item) { |
||
162 | var new_ip_id = $(item).find('[data-attribute=ip_id]'); |
||
163 | var ip_id = $(item).closest('.ip-item').find('[data-attribute=id]'); |
||
164 | |||
165 | new_ip_id.val(ip_id.val()); |
||
166 | });"); |
||
167 |