Add security on More details action

TODO

@@ -1,3 +1 @@
 * Translate PHP interface in French
-* Add "More details" security (just one click)
-* Add more [INFO] in status with autodetected variables

conf/init_ynh-hotspot

@@ -383,9 +383,12 @@ case "$1" in
   ;;
   status)
     exitcode=0
-  
+
+    echo "[INFO] Autodetected internet interface: ${new_internet_device} (last start: ${old_internet_device})"
+
     if has_ip6delegatedprefix; then
       echo "[INFO] IPv6 delegated prefix found"
+      echo "[INFO] IPv6 address computed from the delegated prefix: ${ynh_ip6_addr}"
 
       if is_ndproxy_set; then
         echo "[OK] NDP proxy set"

scripts/install

@@ -127,7 +127,7 @@ sudo sed 's|^;\?\s*max_execution_time.\+|max_execution_time = 600|' -i /etc/php5
 sudo sed "s|<TPL:NGINX_LOCATION>|${url_path}|g" -i /var/www/wifiadmin/config.php
 
 # Copy init script
-sudo install -b -o root -g root -m 0755 ../conf/init_ynh-hotspot /etc/init.d/ynh-hotspot
+sudo install -o root -g root -m 0755 ../conf/init_ynh-hotspot /etc/init.d/ynh-hotspot
 
 # Set default inits
 # The boot order of these services are important, so they are disabled by default

sources/controller.php

@@ -147,7 +147,7 @@ dispatch_put('/settings', function() {
     }
 
   } catch(Exception $e) {
-    flash('error', $e->getMessage().T_(' (configuration not updated).'));
+    flash('error', $e->getMessage().' ('.T_('configuration not updated').').');
     goto redirect;
   }
 
@@ -184,16 +184,16 @@ dispatch('/status', function() {
 
   foreach($status_lines AS $status_line) {
     if(preg_match('/^\[INFO\]/', $status_line)) {
-      $status_list .= "<li class='status-info'>${status_line}</li>";
+      $status_list .= '<li class="status-info">'.htmlspecialchars($status_line).'</li>';
     }
     elseif(preg_match('/^\[OK\]/', $status_line)) {
-      $status_list .= "<li class='status-success'>${status_line}</li>";
+      $status_list .= '<li class="status-success">'.htmlspecialchars($status_line).'</li>';
     }
     elseif(preg_match('/^\[WARN\]/', $status_line)) {
-      $status_list .= "<li class='status-warning'>${status_line}</li>";
+      $status_list .= '<li class="status-warning">'.htmlspecialchars($status_line).'</li>';
     }
     elseif(preg_match('/^\[ERR\]/', $status_line)) {
-      $status_list .= "<li class='status-danger'>${status_line}</li>";
+      $status_list .= '<li class="status-danger">'.htmlspecialchars($status_line).'</li>';
     }
   }
 

sources/public/js/custom.js

@@ -39,14 +39,17 @@ $(document).ready(function() {
   });
 
   $('#statusbtn').click(function() {
-    $('#status-loading').show();
-
-    $.ajax({
-      url: '?/status',
-    }).done(function(data) {
-      $('#status-loading').hide();
-      $('#status-text').html('<ul>' + data + '</ul>');
-      $('#status').show('slow');
-    });
+    if($('#status-loading').is(':hidden')) {
+      $('#status').hide();
+      $('#status-loading').show();
+
+      $.ajax({
+        url: '?/status',
+      }).done(function(data) {
+        $('#status-loading').hide();
+        $('#status-text').html('<ul>' + data + '</ul>');
+        $('#status').show('slow');
+      });
+    }
   });
 });