Project-Pro/orderPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1cbbc76a17db93b45a771e145bfbfd0960b47ead
orderPRO/resources/views/layouts/app.php
Jacek Pyziak 1cbbc76a17 feat: cache-bust assets, fix XSS and filemtime error handling, clean up users filters 
- Add ?ver=<filemtime> cache-busting to CSS/JS assets in app and auth layouts
- Use ?: 0 fallback on filemtime() to prevent E_WARNING when files are missing
- Escape security_information output with $e() to fix XSS vulnerability (show.php:91)
- Wrap product image metadata in __meta container, move storage path into <details>
- Add table--details CSS class and th { white-space: nowrap } rule
- Remove redundant sort, sort_dir, per_page filter dropdowns from users list
- Add 10 as a per-page option in users list
- Clean up completed items from TODO.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-27 21:40:17 +01:00

74 lines
3.9 KiB
PHP
Raw Blame History

<!doctype html>
<html lang="pl">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title><?= $e($t('meta.title_pattern', ['title' => (string) ($title ?? $t('meta.default_panel_title'))])) ?></title>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap" rel="stylesheet">
<link rel="stylesheet" href="/assets/css/app.css?ver=<?= filemtime(dirname(__DIR__, 3) . '/public/assets/css/app.css') ?: 0 ?>">
<link rel="stylesheet" href="/assets/css/modules/jquery-alerts.css?ver=<?= filemtime(dirname(__DIR__, 3) . '/public/assets/css/modules/jquery-alerts.css') ?: 0 ?>">
</head>
<body>
<?php $currentMenu = (string) ($activeMenu ?? ''); ?>
<?php $marketplaceMenuIntegrations = is_array($marketplaceIntegrations ?? null) ? $marketplaceIntegrations : []; ?>
<?php $isMarketplaceMenu = $currentMenu === 'marketplace'; ?>
<div class="app-shell">
<aside class="sidebar">
<div class="sidebar__brand"><?= $e($t('brand.name_prefix')) ?><strong><?= $e($t('brand.name_suffix')) ?></strong></div>
<nav class="sidebar__nav" aria-label="<?= $e($t('navigation.main_menu')) ?>">
<a class="sidebar__link<?= $currentMenu === 'dashboard' ? ' is-active' : '' ?>" href="/dashboard">
<?= $e($t('navigation.dashboard')) ?>
</a>
<a class="sidebar__link<?= $currentMenu === 'users' ? ' is-active' : '' ?>" href="/users">
<?= $e($t('navigation.users')) ?>
</a>
<a class="sidebar__link<?= $currentMenu === 'products' ? ' is-active' : '' ?>" href="/products">
<?= $e($t('navigation.products')) ?>
</a>
<details class="sidebar__group<?= $isMarketplaceMenu ? ' is-active' : '' ?>"<?= $isMarketplaceMenu ? ' open' : '' ?>>
<summary class="sidebar__group-toggle"><?= $e($t('navigation.marketplace')) ?></summary>
<div class="sidebar__group-links">
<a class="sidebar__sublink<?= $isMarketplaceMenu && (int) ($selectedMarketplaceIntegrationId ?? 0) === 0 ? ' is-active' : '' ?>" href="/marketplace">
<?= $e($t('marketplace.integrations_title')) ?>
</a>
<?php foreach ($marketplaceMenuIntegrations as $integration): ?>
<?php $integrationId = (int) ($integration['id'] ?? 0); ?>
<?php if ($integrationId <= 0) continue; ?>
<a class="sidebar__sublink<?= ($isMarketplaceMenu && (int) ($selectedMarketplaceIntegrationId ?? 0) === $integrationId) ? ' is-active' : '' ?>" href="/marketplace/<?= $e((string) $integrationId) ?>">
<?= $e((string) ($integration['name'] ?? ('#' . $integrationId))) ?>
</a>
<?php endforeach; ?>
</div>
</details>
<a class="sidebar__link<?= $currentMenu === 'cron' ? ' is-active' : '' ?>" href="/settings/cron">
<?= $e($t('navigation.cron')) ?>
</a>
<a class="sidebar__link<?= $currentMenu === 'settings' ? ' is-active' : '' ?>" href="/settings/integrations/shoppro">
<?= $e($t('navigation.settings')) ?>
</a>
</nav>
</aside>
<div class="app-main">
<header class="topbar">
<div>
<strong><?= $e((string) (($user['name'] ?? '') !== '' ? $user['name'] : ($user['email'] ?? ''))) ?></strong>
</div>
<form action="/logout" method="post">
<input type="hidden" name="_token" value="<?= $e($csrfToken ?? '') ?>">
<button type="submit" class="btn btn--secondary"><?= $e($t('actions.logout')) ?></button>
</form>
</header>
<main class="container">
<?= $content ?>
</main>
</div>
</div>
<script src="/assets/js/modules/jquery-alerts.js?ver=<?= filemtime(dirname(__DIR__, 3) . '/public/assets/js/modules/jquery-alerts.js') ?: 0 ?>"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink