LotusGuild/tinker_tickets
4
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix layout regressions, nav drawer structure, and security issues

Browse Source 
- base.css: add width:100%+min-width:0 to .lt-main so flex column body
  doesn't shrink content due to margin:0 auto from .lt-container
- layout_header.php: restructure mobile nav drawer to match web_template
  exactly (nav-drawer-links nav, direct <a> links, section div, no ul/li
  wrapper, overlay after drawer); fix lt-nav-overlay id mismatch with
  base.js; rename lt-header-username -> lt-header-user (matches CSS);
  add JSON_HEX_TAG to all inline json_encode calls (closes </script> XSS)
- base.css: add lt-kv-row/label/value aliases (display:contents pattern
  used in web_template v1.2 kv-grid); add lt-badge-sm variant
- Admin views: add missing .catch() on editField/editRecurring/loadUsers;
  add JSON_HEX_TAG to json_encode in TemplatesView/WorkflowDesignerView
- TicketView: add JSON_HEX_TAG to all ticket-data json_encode calls

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Jared Vititoe
2026-03-28 12:43:24 -04:00
parent 51f6991f9d
commit d7775e62ec
7 changed files with 50 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files
views/admin/CustomFieldsView.php
+3 -1
View File
@@ -202,8 +202,10 @@ function editField(id) {
}
document.getElementById('cfModalTitle').textContent = 'Edit Custom Field';
lt.modal.open('fieldModal');
} else {
lt.toast.error(data.error || 'Failed to load field');
}
});
}).catch(function () { lt.toast.error('Failed to load field'); });
}
function deleteField(id) {
views/admin/RecurringTicketsView.php
+4 -2
View File
@@ -240,8 +240,10 @@ function editRecurring(id) {
document.getElementById('assigned_to').value = rt.assigned_to || '';
document.getElementById('recModalTitle').textContent = 'Edit Recurring Ticket';
lt.modal.open('recurringModal');
} else {
lt.toast.error(data.error || 'Failed to load schedule');
}
});
}).catch(function () { lt.toast.error('Failed to load schedule'); });
}
function toggleRecurring(id) {
@@ -287,7 +289,7 @@ function loadUsers() {
select.appendChild(opt);
});
}
});
}).catch(function () { /* non-critical: assigned_to stays as manual input */ });
}
updateScheduleOptions();
views/admin/TemplatesView.php
+1 -1
View File
@@ -137,7 +137,7 @@ include __DIR__ . '/../../views/layout_header.php';
</div>
<script nonce="<?= $nonce ?>">
var templates = <?= json_encode($templates ?? []) ?>;
var templates = <?= json_encode($templates ?? [], JSON_HEX_TAG) ?>;
document.addEventListener('click', function (e) {
var target = e.target.closest('[data-action]');
views/admin/WorkflowDesignerView.php
+1 -1
View File
@@ -156,7 +156,7 @@ include __DIR__ . '/../../views/layout_header.php';
</div>
<script nonce="<?= $nonce ?>">
var workflows = <?= json_encode($workflows ?? []) ?>;
var workflows = <?= json_encode($workflows ?? [], JSON_HEX_TAG) ?>;
document.addEventListener('click', function (e) {
var target = e.target.closest('[data-action]');