myron/jarvis
1
0
Fork 0
mirror of https://github.com/myronblair/jarvis synced 2026-06-30 17:50:23 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: remove var sessionToken/sessionUser from injected script — conflicted with main script let declarations, killing all JS including logout()

Browse Source
This commit is contained in:
Myron Blair
2026-06-01 10:09:14 +00:00
parent 7286b999ff
commit 6ba412a886
1 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
public_html/index.php
+4 -5
View File
@@ -12,19 +12,18 @@ $token = $_SESSION['jarvis_token'];
$name = $_SESSION['jarvis_name'] ?? '';
$html = file_get_contents(__DIR__ . '/index.html');
// 1. Inject token as JS globals — no sessionStorage dependency
// Inject token as JS globals — __jarvisToken/__jarvisUser only (no var sessionToken/sessionUser
// which would conflict with the main script's `let` declarations and cause a SyntaxError)
$inject = '<script data-cfasync="false">'
. 'var __jarvisToken=' . json_encode($token) . ';'
. 'var __jarvisUser=' . json_encode($name) . ';'
. 'var sessionToken=' . json_encode($token) . ';'
. 'var sessionUser=' . json_encode($name) . ';'
. 'try{sessionStorage.setItem("jarvis_token",__jarvisToken);'
. 'sessionStorage.setItem("jarvis_user",__jarvisUser);}catch(e){}'
. '</script>';
$html = str_replace('<head>', '<head>' . $inject, $html);
// 2. Force login screen HIDDEN and app VISIBLE at the HTML level
// so even if JS fails the user sees the dashboard, not the login form
// Force login screen hidden and app visible at HTML level so the dashboard
// shows immediately regardless of JS execution order
$html = str_replace(
'<div id="loginScreen">',
'<div id="loginScreen" style="display:none!important">',