EZSCALE/virtfusion-whmcs-module
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 10 Wiki Activity
Files
0d997a0cc26fe69f0384b781f4197b58e23ba837
virtfusion-whmcs-module/modules/servers/VirtFusionDirect/lib/AdminHTML.php
EZSCALE 6c7cdc6421 fix: XSS escaping, null guards, JS bug fixes, and documentation updates 
- Escape $serverObject and $systemUrl in AdminHTML.php heredocs to prevent XSS
- Add null guard in Database::getSystemUrl() to prevent fatal error
- Guard primaryNetwork access in module.js to prevent null dereference
- Reset badge/traffic-bar CSS classes on refresh to prevent accumulation
- Add VNC popup-blocked check with user-facing message
- Add BS3 input-group-btn dual class for theme compatibility
- Escape billing template variables with |escape:'htmlall'
- Add cache-busting to admin CSS/JS includes
- Switch cache-busting format from version to date-based (20260207)
- Create .releaserc.json for automated CHANGELOG.md management
- Add changelog/git plugins to semantic-release workflow
- Remove manual [Unreleased] section from CHANGELOG.md
- Update README: install/upgrade with rsync, accuracy fixes, add keygen.js
- Update CLAUDE.md: add keygen.js, document removed features
- Fix SECURITY.md grammar and version operator

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-07 15:48:49 -06:00

117 lines
5.0 KiB
PHP
Raw Blame History

<?php
namespace WHMCS\Module\Server\VirtFusionDirect;
class AdminHTML
{
public static function options($systemUrl, $serviceId)
{
$systemUrl = htmlspecialchars($systemUrl, ENT_QUOTES, 'UTF-8');
return <<<EOT
<button onclick="impersonateServerOwner('${serviceId}', '${systemUrl}')" type="button" class="btn btn-primary">Impersonate Server Owner</button>
<span class="text-info">&nbsp;&nbsp;A valid VirtFusion admin session in the same browser is required for this functionality to work.</span>
EOT;
}
public static function serverObject($serverObject)
{
$serverObject = htmlspecialchars($serverObject, ENT_QUOTES, 'UTF-8');
return <<<EOT
<textarea class="form-control" name="modulefields[1]" rows="10" style="width: 100%" disabled>${serverObject}</textarea>
EOT;
}
public static function serverId($serverId)
{
return <<<EOT
<input type="text" class="form-control input-200 input-inline" name="modulefields[0]" size="20" value="${serverId}" />
<span class="text-info">&nbsp;&nbsp;Changing the Sever ID manually is not recommended. Alterations to this field are usually handled automatically.</span>
EOT;
}
public static function serverInfo($systemUrl, $serviceId)
{
$systemUrl = htmlspecialchars($systemUrl, ENT_QUOTES, 'UTF-8');
return <<<EOT
<link href="${systemUrl}modules/servers/VirtFusionDirect/templates/css/module.css?v=20260207" rel="stylesheet">
<script src="${systemUrl}modules/servers/VirtFusionDirect/templates/js/module.js?v=20260207"></script>
<div id="vf-loader" class="vf-loader">
<div id="vf-loading"></div>
</div>
<div id="vf-server-info-error">
<div class="alert alert-warning mb-0">
<div id="vf-server-info-error-message"></div>
</div>
</div>
<div id="vf-server-info" class="row mb-2">
<div class="col-12">
<div class="row">
<div class="col-md-6">
<div class="row p-1">
<div class="col-xs-4 col-4 text-right vf-bold">
Name:
</div>
<div class="col-xs-8 col-8" id="vf-data-server-name">
</div>
</div>
<div class="row p-1">
<div class="col-xs-4 col-4 text-right vf-bold">
Hostname:
</div>
<div class="col-xs-8 col-8" id="vf-data-server-hostname">
</div>
</div>
<div class="row p-1">
<div class="col-xs-4 col-4 text-right vf-bold">
Memory:
</div>
<div class="col-xs-8 col-8" id="vf-data-server-memory">
</div>
</div>
<div class="row p-1">
<div class="col-xs-4 col-4 text-right vf-bold">
CPU:
</div>
<div class="col-xs-8 col-8" id="vf-data-server-cpu">
</div>
</div>
</div>
<div class="col-md-6">
<div class="row p-1">
<div class="col-xs-4 col-4 text-right vf-bold">
IPv4:
</div>
<div class="col-xs-8 col-8" id="vf-data-server-ipv4">
</div>
</div>
<div class="row p-1">
<div class="col-xs-4 col-4 text-right vf-bold">
IPv6:
</div>
<div class="col-xs-8 col-8" id="vf-data-server-ipv6">
</div>
</div>
<div class="row p-1">
<div class="col-xs-4 col-4 text-right vf-bold">
Storage:
</div>
<div class="col-xs-8 col-8" id="vf-data-server-storage">
</div>
</div>
<div class="row p-1">
<div class="col-xs-4 col-4 text-right vf-bold">
Traffic:
</div>
<div class="col-xs-8 col-8" id="vf-data-server-traffic">
</div>
</div>
</div>
</div>
</div>
</div>
<script>vfServerDataAdmin("${serviceId}","${systemUrl}");</script>
EOT;
}
}
Reference in New Issue View Git Blame Copy Permalink