From 6ba412a88671323ab27ad2d7241b71d8a3d50bf3 Mon Sep 17 00:00:00 2001 From: Myron Blair Date: Mon, 1 Jun 2026 10:09:14 +0000 Subject: [PATCH] =?UTF-8?q?fix:=20remove=20var=20sessionToken/sessionUser?= =?UTF-8?q?=20from=20injected=20script=20=E2=80=94=20conflicted=20with=20m?= =?UTF-8?q?ain=20script=20let=20declarations,=20killing=20all=20JS=20inclu?= =?UTF-8?q?ding=20logout()?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- public_html/index.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/public_html/index.php b/public_html/index.php index 38bc2e7..cf1adcc 100644 --- a/public_html/index.php +++ b/public_html/index.php @@ -12,19 +12,18 @@ $token = $_SESSION['jarvis_token']; $name = $_SESSION['jarvis_name'] ?? ''; $html = file_get_contents(__DIR__ . '/index.html'); -// 1. Inject token as JS globals — no sessionStorage dependency +// Inject token as JS globals — __jarvisToken/__jarvisUser only (no var sessionToken/sessionUser +// which would conflict with the main script's `let` declarations and cause a SyntaxError) $inject = ''; $html = str_replace('', '' . $inject, $html); -// 2. Force login screen HIDDEN and app VISIBLE at the HTML level -// so even if JS fails the user sees the dashboard, not the login form +// Force login screen hidden and app visible at HTML level so the dashboard +// shows immediately regardless of JS execution order $html = str_replace( '
', '
',