This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /* @var View */ |
||
4 | /* @var $model hipanel\modules\hosting\models\Ip */ |
||
5 | /* @var $tags array */ |
||
6 | |||
7 | use hipanel\modules\hosting\widgets\combo\ServiceCombo; |
||
8 | use hipanel\modules\server\widgets\combo\ServerCombo; |
||
9 | use hipanel\widgets\DynamicFormWidget; |
||
10 | use hiqdev\combo\StaticCombo; |
||
11 | use yii\bootstrap\ActiveForm; |
||
12 | use yii\helpers\Html; |
||
13 | use yii\helpers\Url; |
||
14 | use yii\web\JsExpression; |
||
15 | use yii\web\View; |
||
16 | |||
17 | $form = ActiveForm::begin([ |
||
18 | 'id' => 'dynamic-form', |
||
19 | 'enableClientValidation' => true, |
||
20 | 'validateOnBlur' => true, |
||
21 | 'enableAjaxValidation' => true, |
||
22 | 'validationUrl' => Url::toRoute(['validate-form', 'scenario' => $model->isNewRecord ? $model->scenario : 'update']), |
||
23 | ]); |
||
24 | |||
25 | DynamicFormWidget::begin([ |
||
26 | 'widgetContainer' => 'dynamicform_wrapper', |
||
27 | 'widgetBody' => '.container-items', |
||
28 | 'widgetItem' => '.ip-item', |
||
29 | 'limit' => 20, |
||
30 | 'min' => 1, |
||
31 | 'insertButton' => '.add-ip', |
||
32 | 'deleteButton' => '.remove-ip', |
||
33 | 'model' => reset($models), |
||
34 | 'formId' => 'dynamic-form', |
||
35 | 'formFields' => [ |
||
36 | 'ip', |
||
37 | ], |
||
38 | ]); ?> |
||
39 | <div class="container-items"><!-- widgetContainer --> |
||
40 | <?php foreach ($models as $i => $model) : ?> |
||
41 | <div class="row ip-item"> |
||
42 | <div class="col-md-5"> |
||
43 | <div class="box box-danger"> |
||
44 | <div class="box-body"> |
||
45 | <div class="form-instance" xmlns="http://www.w3.org/1999/html" xmlns="http://www.w3.org/1999/html"> |
||
46 | <?php |
||
47 | if ($model->isNewRecord) { |
||
48 | $model->id = $i; |
||
49 | } |
||
50 | echo $form->field($model, "[$i]id")->hiddenInput(['data-attribute' => 'id'])->label(false); |
||
51 | echo $form->field($model, "[$i]ip")->textInput(['readonly' => !$model->isNewRecord]); |
||
52 | |||
53 | DynamicFormWidget::begin([ |
||
54 | 'widgetContainer' => 'dynamicform_links', |
||
55 | 'widgetBody' => '.container-ips', |
||
56 | 'widgetItem' => '.item', |
||
57 | 'limit' => 20, |
||
58 | 'min' => 1, |
||
59 | 'insertButton' => '.add-link', |
||
60 | 'deleteButton' => '.remove-link', |
||
61 | 'model' => reset($model->getAddedLinks()), |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
62 | 'formId' => 'dynamic-form', |
||
63 | 'formFields' => [ |
||
64 | 'id', |
||
65 | 'device', |
||
66 | 'service_id', |
||
67 | ], |
||
68 | ]) ?> |
||
69 | <div class="container-ips"> |
||
70 | <?php foreach ($model->getAddedLinks() as $link_id => $link) : ?> |
||
71 | <div class="item"> |
||
72 | <?php |
||
73 | if ($link->isNewRecord && empty($link->ip_id)) { |
||
74 | $link->ip_id = $i; |
||
75 | } |
||
76 | |||
77 | echo Html::activeHiddenInput($link, "[$i][$link_id]id", ['value' => $link->id]); |
||
78 | echo Html::activeHiddenInput($link, "[$i][$link_id]ip_id", ['data-attribute' => 'ip_id', 'value' => $model->id]); ?> |
||
79 | |||
80 | <label><?= Yii::t('hipanel:hosting', 'Links') ?></label> |
||
81 | <div class="row" style="margin-bottom: 5pt"> |
||
82 | <div class="col-md-5"> |
||
83 | <?= $form->field($link, "[$i][$link_id]device")->widget(ServerCombo::class, [ |
||
84 | // TODO: Change to DeviceCombo when will be implemented |
||
85 | 'pluginOptions' => [], |
||
86 | 'formElementSelector' => '.item', |
||
87 | 'inputOptions' => [ |
||
88 | 'data-combo-field' => 'device', |
||
89 | ], |
||
90 | ])->label(false) ?> |
||
91 | </div> |
||
92 | <div class="col-md-5"> |
||
93 | <?php |
||
94 | $formatJs = new JsExpression(" |
||
95 | function (data) { |
||
96 | if (data.text === data.soft) { |
||
97 | return data.text; |
||
98 | } else if (data.text == '') { |
||
99 | return data.soft; |
||
100 | } else if (data.soft) { |
||
101 | return data.text + '<br><small>' + data.soft + '</small>'; |
||
102 | } else { |
||
103 | return data.text; |
||
104 | } |
||
105 | } |
||
106 | "); |
||
107 | echo $form->field($link, "[$i][$link_id]service_id")->widget(ServiceCombo::class, [ |
||
108 | 'pluginOptions' => [ |
||
109 | 'activeWhen' => [ |
||
110 | 'server/server', |
||
111 | ], |
||
112 | 'select2Options' => [ |
||
113 | 'templateResult' => $formatJs, |
||
114 | 'templateSelection' => $formatJs, |
||
115 | 'escapeMarkup' => new JsExpression('function (markup) { |
||
116 | return markup; // Allows HTML |
||
117 | }'), |
||
118 | ], |
||
119 | ], |
||
120 | 'formElementSelector' => '.item', |
||
121 | 'inputOptions' => [ |
||
122 | 'data-combo-field' => 'service_id', |
||
123 | ], |
||
124 | ])->label(false) ?> |
||
125 | </div> |
||
126 | <div class="col-md-2 text-right"> |
||
127 | <div class="btn-group" role="group"> |
||
128 | <button type="button" class="add-link btn btn-default"><i class="glyphicon glyphicon-plus"></i></button> |
||
129 | <button type="button" class="remove-link btn btn-default"><i class="glyphicon glyphicon-minus"></i></button> |
||
130 | </div> |
||
131 | </div> |
||
132 | </div> |
||
133 | </div> |
||
134 | <?php endforeach; ?> |
||
135 | </div> |
||
136 | <?php DynamicFormWidget::end(); |
||
137 | echo $form->field($model, "[$i]tags")->widget(StaticCombo::class, [ |
||
138 | 'data' => $tags, |
||
139 | 'hasId' => true, |
||
140 | 'multiple' => true, |
||
141 | ]); |
||
142 | ?> |
||
143 | <?php if (Yii::$app->user->can('admin')) : ?> |
||
144 | <?= $form->field($model, "[$i]note")->textarea() ?> |
||
145 | <?php endif; ?> |
||
146 | </div> |
||
147 | </div> |
||
148 | </div> |
||
149 | </div> |
||
150 | </div> |
||
151 | <?php endforeach; ?> |
||
152 | </div> |
||
153 | <?php DynamicFormWidget::end() ?> |
||
154 | |||
155 | <?= Html::submitButton(Yii::t('hipanel', 'Save'), ['class' => 'btn btn-success']) ?> |
||
156 | |
||
157 | <?= Html::button(Yii::t('hipanel', 'Cancel'), ['class' => 'btn btn-default', 'onclick' => 'history.go(-1)']) ?> |
||
158 | |||
159 | <?php ActiveForm::end(); |
||
160 | |||
161 | $this->registerJs("$('.dynamicform_links').on('afterInsert', function (e, item) { |
||
162 | var new_ip_id = $(item).find('[data-attribute=ip_id]'); |
||
163 | var ip_id = $(item).closest('.ip-item').find('[data-attribute=id]'); |
||
164 | |||
165 | new_ip_id.val(ip_id.val()); |
||
166 | });"); |
||
167 |