admin/sides
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(security): resolve F-02 — remove XSS vector by replacing {!! !!} with Blade conditionals in stationmgmt

Browse Source
This commit is contained in:
root
2026-06-02 01:06:02 +08:00
parent 9e0e749855
commit 725ccbbeb6
1 changed files with 4 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/resources/views/layout/admin/stationmgmt.blade.php
View File

@@ -96,21 +96,10 @@
<td id="colbasin">{{$row->mainriverbasin}}</td> <td id="colbasin">{{$row->mainriverbasin}}</td>
<td id="colbasin">{{$row->subriverbasin}}</td> <td id="colbasin">{{$row->subriverbasin}}</td>
<td> <td>
@php @if($row->rainfall)<span class="badge bg-info me-1">{{ __('messages.rainfall') }}</span>@endif
$types = []; @if($row->waterlevel)<span class="badge bg-primary me-1">{{ __('messages.wl') }}</span>@endif
@if($row->siren)<span class="badge bg-danger me-1">Siren</span>@endif
if ($row->rainfall) { @if(!$row->rainfall && !$row->waterlevel && !$row->siren)<span class="badge bg-secondary">No Type</span>@endif
$types[] = '<span class="badge bg-info me-1">'.e(__('messages.rainfall')).'</span>';
}
if ($row->waterlevel) {
$types[] = '<span class="badge bg-primary me-1">'.e(__('messages.wl')).'</span>';
}
if ($row->siren) {
$types[] = '<span class="badge bg-danger me-1">Siren</span>';
}
@endphp
{!! $types ? implode(' ', $types) : '<span class="badge bg-secondary">No Type</span>' !!}
</td> </td>
<td class="text-center"> <td class="text-center">
<button type="button" class="btn btn-outline-primary btn-sm me-1" data-bs-toggle="modal" <button type="button" class="btn btn-outline-primary btn-sm me-1" data-bs-toggle="modal"