mirror/opensourcepos
1
0
Fork 0
mirror of https://github.com/opensourcepos/opensourcepos.git synced 2026-05-31 11:48:39 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
refactor-4491-js-modernization
opensourcepos/app/Views/partial/header_js.php
Ollama 0a0f0c7f4c fix: Address CodeRabbit review comments 
- items/manage.php: Remove duplicate let declaration for start_date
  (partial/daterangepicker already declares it)
- header_js.php: Escape CSRF hash in JavaScript context
- tax_jurisdictions.php: Fix mismatched selector (remove_tax_jurisdictions
  -> remove_tax_jurisdiction)
2026-04-15 14:36:34 +00:00

90 lines
2.5 KiB
PHP
Raw Permalink Blame History

<?php
/**
* @var array $config
*/
?>
<script type="text/javascript">
// Live clock
const clock_tick = function clock_tick() {
setInterval('update_clock();', 1000);
}
// Start the clock immediately
clock_tick();
const update_clock = function update_clock() {
document.getElementById('liveclock').innerHTML = moment().format("<?= dateformat_momentjs($config['dateformat'] . ' ' . $config['timeformat']) ?>");
}
const notify = $.notify;
$.notify = function(content, options) {
const message = typeof content === "object" ? content.message : content;
const sanitizedMessage = DOMPurify.sanitize(message);
return notify(sanitizedMessage, options);
};
$.notifyDefaults({
placement: {
align: "<?= esc($config['notify_horizontal_position'], 'js') ?>",
from: "<?= esc($config['notify_vertical_position'], 'js') ?>"
}
});
const csrf_token = function() {
return "<?= esc(csrf_hash(), 'js') ?>";
};
const csrf_form_base = function() {
return {
<?= esc(config('Security')->tokenName, 'js') ?>: function() {
return csrf_token()
}
}
};
const setup_csrf_token = function() {
$('input[name="<?= esc(config('Security')->tokenName, 'js') ?>"]').val(csrf_token());
};
const ajax = $.ajax;
$.ajax = function() {
let args = arguments[0];
if (args['type'] && args['type'].toLowerCase() == 'post' && csrf_token()) {
if (typeof args['data'] === 'string') {
args['data'] += '&' + $.param(csrf_form_base());
} else {
args['data'] = $.extend(args['data'], csrf_form_base());
}
}
return ajax.apply(this, arguments);
};
$(document).ajaxComplete(setup_csrf_token);
$(document).ready(function() {
$("#logout").click(function(event) {
event.preventDefault();
$.ajax({
url: "<?= site_url('home/logout'); ?>",
data: {
"<?= esc(config('Security')->tokenName, 'js'); ?>": csrf_token()
},
success: function() {
window.location.href = '<?= site_url(); ?>';
},
method: "POST"
});
});
});
const submit = $.fn.submit;
$.fn.submit = function() {
setup_csrf_token();
submit.apply(this, arguments);
};
</script>
Reference in New Issue View Git Blame Copy Permalink