rene/banyaro
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix: UI.escHtml → UI.escape in events.js

Browse source
This commit is contained in:
rene 2026-04-17 23:56:34 +02:00
parent 80113eb0b9
commit 9563edbdf5
3 changed files with 16 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

2
backend/static/js/app.js
View file

@ -3,7 +3,7 @@
Router, State-Management, Navigation, Initialisierung. Router, State-Management, Navigation, Initialisierung.
============================================================ */ ============================================================ */
const APP_VER = '129'; // ← bei jedem Deploy mit Frontend-Änderungen erhöhen const APP_VER = '130'; // ← bei jedem Deploy mit Frontend-Änderungen erhöhen
const App = (() => { const App = (() => {

28
backend/static/js/pages/events.js
View file

@ -193,17 +193,17 @@ window.Page_events = (() => {
</div> </div>
<div class="events-card-body"> <div class="events-card-body">
<div class="events-card-title"> <div class="events-card-title">
${UI.escHtml(ev.titel)} ${UI.escape(ev.titel)}
${isVdh ? `<span class="ev-vdh-badge" title="Vom VDH importiert">VDH</span>` : ''} ${isVdh ? `<span class="ev-vdh-badge" title="Vom VDH importiert">VDH</span>` : ''}
</div> </div>
<div class="events-card-meta"> <div class="events-card-meta">
<span class="events-badge" style="background:${color}20;color:${color}">${typ.icon} ${typ.label}</span> <span class="events-badge" style="background:${color}20;color:${color}">${typ.icon} ${typ.label}</span>
${ev.uhrzeit ? `· ${_icon('clock')} ${ev.uhrzeit} Uhr` : ''} ${ev.uhrzeit ? `· ${_icon('clock')} ${ev.uhrzeit} Uhr` : ''}
${ev.ort_name ? `· ${_icon('map-pin')} ${UI.escHtml(ev.ort_name)}` : ''} ${ev.ort_name ? `· ${_icon('map-pin')} ${UI.escape(ev.ort_name)}` : ''}
</div> </div>
${ev.rsvp_count ? `<span class="event-attendees" data-ev-attendees="${ev.id}">${_icon('users')} ${ev.rsvp_count} nehmen teil</span>` : ''} ${ev.rsvp_count ? `<span class="event-attendees" data-ev-attendees="${ev.id}">${_icon('users')} ${ev.rsvp_count} nehmen teil</span>` : ''}
${ev.link ? `<div class="events-card-actions"> ${ev.link ? `<div class="events-card-actions">
<a class="btn btn-ghost btn-xs ev-ext-link" href="${UI.escHtml(ev.link)}" target="_blank" rel="noopener" onclick="event.stopPropagation()"> <a class="btn btn-ghost btn-xs ev-ext-link" href="${UI.escape(ev.link)}" target="_blank" rel="noopener" onclick="event.stopPropagation()">
${_icon('arrow-square-out')} Details ${_icon('arrow-square-out')} Details
</a> </a>
</div>` : ''} </div>` : ''}
@ -249,10 +249,10 @@ window.Page_events = (() => {
}); });
const popup = ` const popup = `
<div style="min-width:180px"> <div style="min-width:180px">
<strong>${UI.escHtml(ev.titel)}</strong><br> <strong>${UI.escape(ev.titel)}</strong><br>
<span style="color:#666;font-size:12px">${datum}</span><br> <span style="color:#666;font-size:12px">${datum}</span><br>
${ev.ort_name ? `<span style="font-size:12px">📍 ${UI.escHtml(ev.ort_name)}</span><br>` : ''} ${ev.ort_name ? `<span style="font-size:12px">📍 ${UI.escape(ev.ort_name)}</span><br>` : ''}
${ev.beschreibung ? `<span style="font-size:12px">${UI.escHtml(ev.beschreibung.slice(0, 80))}${ev.beschreibung.length > 80 ? '…' : ''}</span><br>` : ''} ${ev.beschreibung ? `<span style="font-size:12px">${UI.escape(ev.beschreibung.slice(0, 80))}${ev.beschreibung.length > 80 ? '…' : ''}</span><br>` : ''}
<a href="#" onclick="event.preventDefault();Page_events._openDetail(${ev.id})" <a href="#" onclick="event.preventDefault();Page_events._openDetail(${ev.id})"
style="font-size:12px;color:var(--c-primary,#2563eb)">Details</a> style="font-size:12px;color:var(--c-primary,#2563eb)">Details</a>
</div> </div>
@ -370,14 +370,14 @@ window.Page_events = (() => {
${isVdh ? `<span class="ev-vdh-badge">VDH</span>` : ''} ${isVdh ? `<span class="ev-vdh-badge">VDH</span>` : ''}
</div> </div>
<div class="events-detail-row">${_icon('calendar-dots')} ${datum}${ev.uhrzeit ? ' · ' + ev.uhrzeit + ' Uhr' : ''}</div> <div class="events-detail-row">${_icon('calendar-dots')} ${datum}${ev.uhrzeit ? ' · ' + ev.uhrzeit + ' Uhr' : ''}</div>
${ev.ort_name ? `<div class="events-detail-row">${_icon('map-pin')} ${UI.escHtml(ev.ort_name)}</div>` : ''} ${ev.ort_name ? `<div class="events-detail-row">${_icon('map-pin')} ${UI.escape(ev.ort_name)}</div>` : ''}
${ev.beschreibung ? `<div class="events-detail-desc">${UI.escHtml(ev.beschreibung)}</div>` : ''} ${ev.beschreibung ? `<div class="events-detail-desc">${UI.escape(ev.beschreibung)}</div>` : ''}
${ev.link ? `<div class="events-detail-row"> ${ev.link ? `<div class="events-detail-row">
${_icon('arrow-square-out')} ${_icon('arrow-square-out')}
<a href="${UI.escHtml(ev.link)}" target="_blank" rel="noopener">Mehr Infos</a> <a href="${UI.escape(ev.link)}" target="_blank" rel="noopener">Mehr Infos</a>
</div>` : ''} </div>` : ''}
<div class="events-detail-row" style="color:var(--c-text-muted);font-size:var(--text-xs)"> <div class="events-detail-row" style="color:var(--c-text-muted);font-size:var(--text-xs)">
${_icon('user')} Veranstalter: ${UI.escHtml(ev.veranstalter_name || '')} ${_icon('user')} Veranstalter: ${UI.escape(ev.veranstalter_name || '')}
</div> </div>
${rsvpBar} ${rsvpBar}
<div id="ev-attendees-panel-${id}"></div> <div id="ev-attendees-panel-${id}"></div>
@ -387,12 +387,12 @@ window.Page_events = (() => {
<button class="btn btn-secondary" id="ev-detail-edit">${_icon('pencil-simple')} Bearbeiten</button> <button class="btn btn-secondary" id="ev-detail-edit">${_icon('pencil-simple')} Bearbeiten</button>
<button class="btn btn-danger" id="ev-detail-del">${_icon('trash')} Löschen</button> <button class="btn btn-danger" id="ev-detail-del">${_icon('trash')} Löschen</button>
` : (ev.link ? ` ` : (ev.link ? `
<a class="btn btn-primary" href="${UI.escHtml(ev.link)}" target="_blank" rel="noopener"> <a class="btn btn-primary" href="${UI.escape(ev.link)}" target="_blank" rel="noopener">
${_icon('arrow-square-out')} Zur Veranstaltung ${_icon('arrow-square-out')} Zur Veranstaltung
</a> </a>
` : ''); ` : '');
UI.modal.open({ title: UI.escHtml(ev.titel), body, footer }); UI.modal.open({ title: UI.escape(ev.titel), body, footer });
document.getElementById('ev-detail-edit')?.addEventListener('click', () => { document.getElementById('ev-detail-edit')?.addEventListener('click', () => {
UI.modal.close(); setTimeout(() => _openForm(ev), 50); UI.modal.close(); setTimeout(() => _openForm(ev), 50);
@ -465,7 +465,7 @@ window.Page_events = (() => {
${attendees.map(a => ` ${attendees.map(a => `
<span class="ev-attendee-chip"> <span class="ev-attendee-chip">
${a.status === 'going' ? _icon('check-circle') : _icon('question')} ${a.status === 'going' ? _icon('check-circle') : _icon('question')}
${UI.escHtml(a.name)} ${UI.escape(a.name)}
</span> </span>
`).join('')} `).join('')}
</div>`; </div>`;
@ -496,7 +496,7 @@ window.Page_events = (() => {
<form id="${id}"> <form id="${id}">
<div class="form-group"> <div class="form-group">
<label class="form-label">Titel *</label> <label class="form-label">Titel *</label>
<input class="form-control" name="titel" required value="${ev ? UI.escHtml(ev.titel) : ''}"> <input class="form-control" name="titel" required value="${ev ? UI.escape(ev.titel) : ''}">
</div> </div>
<div class="form-row-2"> <div class="form-row-2">
<div class="form-group"> <div class="form-group">

2
backend/static/sw.js
View file

@ -3,7 +3,7 @@
Offline-Cache + Push Notifications + Tile-Cache Offline-Cache + Push Notifications + Tile-Cache
============================================================ */ ============================================================ */
const CACHE_VERSION = 'by-v157'; const CACHE_VERSION = 'by-v158';
const CACHE_STATIC = `${CACHE_VERSION}-static`; const CACHE_STATIC = `${CACHE_VERSION}-static`;
const CACHE_TILES = 'ban-yaro-tiles-v1'; // bleibt über SW-Updates erhalten const CACHE_TILES = 'ban-yaro-tiles-v1'; // bleibt über SW-Updates erhalten