LotusGuild/tinker_tickets
4
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix layout regressions, nav drawer structure, and security issues

Browse Source 
- base.css: add width:100%+min-width:0 to .lt-main so flex column body
  doesn't shrink content due to margin:0 auto from .lt-container
- layout_header.php: restructure mobile nav drawer to match web_template
  exactly (nav-drawer-links nav, direct <a> links, section div, no ul/li
  wrapper, overlay after drawer); fix lt-nav-overlay id mismatch with
  base.js; rename lt-header-username -> lt-header-user (matches CSS);
  add JSON_HEX_TAG to all inline json_encode calls (closes </script> XSS)
- base.css: add lt-kv-row/label/value aliases (display:contents pattern
  used in web_template v1.2 kv-grid); add lt-badge-sm variant
- Admin views: add missing .catch() on editField/editRecurring/loadUsers;
  add JSON_HEX_TAG to json_encode in TemplatesView/WorkflowDesignerView
- TicketView: add JSON_HEX_TAG to all ticket-data json_encode calls

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Jared Vititoe
2026-03-28 12:43:24 -04:00
parent 51f6991f9d
commit d7775e62ec
7 changed files with 50 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files
views/admin/WorkflowDesignerView.php
+1 -1
View File
@@ -156,7 +156,7 @@ include __DIR__ . '/../../views/layout_header.php';
</div>
<script nonce="<?= $nonce ?>">
var workflows = <?= json_encode($workflows ?? []) ?>;
var workflows = <?= json_encode($workflows ?? [], JSON_HEX_TAG) ?>;
document.addEventListener('click', function (e) {
var target = e.target.closest('[data-action]');