Sanitize activity log meta data values (on frontend) (#1705)
This commit is contained in:
parent
8f1ec20e96
commit
8dc99e6390
@ -17,6 +17,7 @@ use Illuminate\Database\Eloquent\Relations\HasOne;
|
|||||||
use Illuminate\Database\Eloquent\Relations\HasMany;
|
use Illuminate\Database\Eloquent\Relations\HasMany;
|
||||||
use Illuminate\Database\Eloquent\Relations\MorphTo;
|
use Illuminate\Database\Eloquent\Relations\MorphTo;
|
||||||
use Illuminate\Database\Eloquent\Model;
|
use Illuminate\Database\Eloquent\Model;
|
||||||
|
use Illuminate\Support\Arr;
|
||||||
use Illuminate\Support\Str;
|
use Illuminate\Support\Str;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -173,13 +174,14 @@ class ActivityLog extends Model implements HasIcon, HasLabel
|
|||||||
}
|
}
|
||||||
|
|
||||||
$avatarUrl = Filament::getUserAvatarUrl($user);
|
$avatarUrl = Filament::getUserAvatarUrl($user);
|
||||||
|
$username = str($user->username)->stripTags();
|
||||||
|
|
||||||
return "
|
return "
|
||||||
<div style='display: flex; align-items: center;'>
|
<div style='display: flex; align-items: center;'>
|
||||||
<img width='50px' height='50px' src='{$avatarUrl}' style='margin-right: 15px' />
|
<img width='50px' height='50px' src='{$avatarUrl}' style='margin-right: 15px' />
|
||||||
|
|
||||||
<div>
|
<div>
|
||||||
<p>$user->username — $this->event</p>
|
<p>$username — $this->event</p>
|
||||||
<p>{$this->getLabel()}</p>
|
<p>{$this->getLabel()}</p>
|
||||||
<p>$this->ip — <span title='{$this->timestamp->format('M j, Y g:ia')}'>{$this->timestamp->diffForHumans()}</span></p>
|
<p>$this->ip — <span title='{$this->timestamp->format('M j, Y g:ia')}'>{$this->timestamp->diffForHumans()}</span></p>
|
||||||
</div>
|
</div>
|
||||||
@ -203,17 +205,17 @@ class ActivityLog extends Model implements HasIcon, HasLabel
|
|||||||
$value = str_replace('//', '/', '/' . trim($value, '/') . '/');
|
$value = str_replace('//', '/', '/' . trim($value, '/') . '/');
|
||||||
}
|
}
|
||||||
|
|
||||||
return [$key => $value];
|
return [$key => str($value)->stripTags()->toString()];
|
||||||
}
|
}
|
||||||
|
|
||||||
$first = array_first($value);
|
$first = Arr::first($value);
|
||||||
|
|
||||||
// Backwards compatibility for old logs
|
// Backwards compatibility for old logs
|
||||||
if (is_array($first)) {
|
if (is_array($first)) {
|
||||||
return ["{$key}_count" => count($value)];
|
return ["{$key}_count" => count($value)];
|
||||||
}
|
}
|
||||||
|
|
||||||
return [$key => $first, "{$key}_count" => count($value)];
|
return [$key => str($first)->stripTags()->toString(), "{$key}_count" => count($value)];
|
||||||
});
|
});
|
||||||
|
|
||||||
$keys = $properties->keys()->filter(fn ($key) => Str::endsWith($key, '_count'))->values();
|
$keys = $properties->keys()->filter(fn ($key) => Str::endsWith($key, '_count'))->values();
|
||||||
|
Loading…
x
Reference in New Issue
Block a user