Maty556677/simrail.pro_CZ
1
0
Fork 0
forked from simrail/simrail.pro
Code Pull Requests Activity

security(): prevent XSS attacks

Browse Source
This commit is contained in:
Aleksander Wilczyński 2024-11-03 00:52:20 +01:00
parent 3bd900c1fd
commit eb5e581995
Signed by untrusted user: alekswilc
GPG Key ID: D4464A248E5F27FE
9 changed files with 105 additions and 105 deletions

4
src/http/views/_modules/footer.ejs

@ -3,9 +3,9 @@
Community</p>
<p><a href="https://git.alekswilc.dev/alekswilc/">Open Source</a></p>
<p><% if (version) { %>
Wersja: <a href="https://git.alekswilc.dev/alekswilc/simrail-logs/releases/tag/<%- version %>"><%- version %></a>
Wersja: <a href="https://git.alekswilc.dev/alekswilc/simrail-logs/releases/tag/<%= version %>"><%= version %></a>
<% } %>
Commit: <a href="https://git.alekswilc.dev/alekswilc/simrail-logs/commit/<%- commit %>"><%- commit %></a>
Commit: <a href="https://git.alekswilc.dev/alekswilc/simrail-logs/commit/<%= commit %>"><%= commit %></a>
</p>
<% if (thanks) { %>
<p>Podziękowania dla społeczności discorda <a href="https://discord.gg/yDhy3pDrVr">Simrail24</a>, <a

10
src/http/views/leaderboard/index.ejs

@ -26,7 +26,7 @@
<h2 id="but">Tablica wyników</h2>
<div class="container">
<input type="text" id="search" value="<%-q%>">
<input type="text" id="search" value="<=-q%>">
<button onclick="search()">Szukaj</button>
<button onclick="clearSearch()">Wyczyść</button>
@ -50,15 +50,15 @@
<script>
function select() {
const isTrain = "<%- type %>" === 'train'
const isTrain = "<%= type %>" === 'train'
location.href = '/leaderboard/' + (isTrain ? 'station' : 'train')
}
document.getElementById('but').textContent = ("<%- type %>" === 'train') ? 'Tablica pociągów' : 'Tablica posterunków'
document.getElementById('but').textContent = ("<%= type %>" === 'train') ? 'Tablica pociągów' : 'Tablica posterunków'
function search() {
location.href = '/leaderboard/<%- type %>/?q=' + document.getElementById('search').value
location.href = '/leaderboard/<%= type %>/?q=' + document.getElementById('search').value
}
function clearSearch() {
location.href = '/leaderboard/<%- type %>';
location.href = '/leaderboard/<%= type %>';
}
document.getElementById('search').addEventListener("keyup", (event) => {
if (event.key === "Enter")

8
src/http/views/leaderboard/station.ejs

@ -1,9 +1,9 @@
<details>
<summary><span style="color:hotpink">
<%- record.steamName %>
<%= record.steamName %>
</span> <span style="color: lightskyblue">
<%- msToTime(record.dispatcherTime) %>
<%= msToTime(record.dispatcherTime) %>
</span> </summary>
<p>Spędzona liczba godzin: <%- msToTime(record.dispatcherTime, true) || 'Brak' %></p>
<button onclick="location.href = '/profiles/<%- record.steam %>'">Więcej</button>
<p>Spędzona liczba godzin: <%= msToTime(record.dispatcherTime, true) || 'Brak' %></p>
<button onclick="location.href = '/profiles/<%= record.steam %>'">Więcej</button>
</details>

12
src/http/views/leaderboard/train.ejs

@ -1,11 +1,11 @@
<details>
<summary><span style="color:hotpink">
<%- record.steamName %>
<%= record.steamName %>
</span> - <span style="color:lightskyblue">
<%- record.trainPoints %> pkt.
<%= record.trainPoints %> pkt.
</span></summary>
<p>Spędzona liczba godzin: <%- msToTime(record.trainTime, true) %></p>
<p>Przejechane kilometry: <%- record.trainDistance / 1000 %>km</p>
<p>Zdobyte punkty: <%- record.trainPoints %></p>
<button onclick="location.href = '/profiles/<%- record.steam %>'">Więcej</button>
<p>Spędzona liczba godzin: <%= msToTime(record.trainTime, true) %></p>
<p>Przejechane kilometry: <%= record.trainDistance / 1000 %>km</p>
<p>Zdobyte punkty: <%= record.trainPoints %></p>
<button onclick="location.href = '/profiles/<%= record.steam %>'">Więcej</button>
</details>

42
src/http/views/profiles/index.ejs

@ -6,13 +6,13 @@
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>simrail.alekswilc.dev</title>
<meta name="description"
content="<%- steam.personaname %>">
content="<%= steam.personaname %>">
<meta property="og:title" content="Simrail Log">
<meta property="og:url" content="https://simrail.alekswilc.dev/profiles/<%- player.steam %>/">
<meta property="og:url" content="https://simrail.alekswilc.dev/profiles/<%= player.steam %>/">
<meta property="og:description"
content="<%- steam.personaname %>">
content="<%= steam.personaname %>">
<meta property=" og:type" content="website">
<meta property="og:image" content="<%- steam.avatarfull %>" />
<meta property="og:image" content="<%= steam.avatarfull %>" />
<meta name="twitter:card" content="summary_large_image">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/open-fonts@1.1.1/fonts/inter.min.css">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@exampledev/new.css@1.1.2/new.min.css">
@ -35,7 +35,7 @@
<script>
function copylink() {
navigator.clipboard.writeText("https://simrail.alekswilc.dev/players/details/<%- player.steam %>/")
navigator.clipboard.writeText("https://simrail.alekswilc.dev/players/details/<%= player.steam %>/")
}
</script>
@ -43,15 +43,15 @@
<%- include('../_modules/header.ejs', { section: 'profiles' }) %>
<div class="details">
<h1><a href="<%- steam.profileurl %>"><%- steam.personaname %></a></h1>
<h1><a href="<%= steam.profileurl %>"><%= steam.personaname %></a></h1>
<%if (steamStats.stats) {%>
<details open>
<summary>Statystyki Steam</summary>
<p>Zdobyte punkty: <%- steamStats.stats.find(x => x.name === 'SCORE')?.value ?? "0" %></p>
<p>Przejechane kilometry: <%- (steamStats.stats.find(x => x.name === 'DISTANCE_M')?.value / 1000) ?? "0" %></p>
<p>Czas spędzony jako dyżurny ruchu: <%- msToTime((steamStats.stats.find(x => x.name === 'DISPATCHER_TIME')?.value ?? 0)*1_000_000, true) || 'Nigdy nie wszedł w tryb dyżurnego ruchu.' %></p>
<p>Zdobyte punkty: <%= steamStats.stats.find(x => x.name === 'SCORE')?.value ?? "0" %></p>
<p>Przejechane kilometry: <%= (steamStats.stats.find(x => x.name === 'DISTANCE_M')?.value / 1000) ?? "0" %></p>
<p>Czas spędzony jako dyżurny ruchu: <%= msToTime((steamStats.stats.find(x => x.name === 'DISPATCHER_TIME')?.value ?? 0)*1_000_000, true) || 'Nigdy nie wszedł w tryb dyżurnego ruchu.' %></p>
<br />
<p style="font-size: smaller;">UWAGA: powyższe statystyki udostępnia platforma STEAM, mogą one być z łatwością manipulowane.</p>
@ -61,21 +61,21 @@
<h1>Statystyki pociągów</h1>
<% if (player.trainTime) {%>
<p>Spędzony czas: <%- msToTime(player.trainTime) %></p>
<p>Przejechane kilometry: <%- player.trainDistance / 1000 %>km</p>
<p>Zdobyte punkty: <%- player.trainPoints %></p>
<p>Średnia prędkość: <%- ((player.trainDistance / (player.trainTime / 1000)) * 3.6).toFixed(2) %> km/h</p>
<p>Spędzony czas: <%= msToTime(player.trainTime) %></p>
<p>Przejechane kilometry: <%= player.trainDistance / 1000 %>km</p>
<p>Zdobyte punkty: <%= player.trainPoints %></p>
<p>Średnia prędkość: <%= ((player.trainDistance / (player.trainTime / 1000)) * 3.6).toFixed(2) %> km/h</p>
<%}%>
<% if (player.trainStats && Object.keys(player.trainStats).length) {%>
<ul>
<% Object.keys(player.trainStats).forEach(name => {%>
<li>
<details open>
<summary><%- name %></summary>
<p>Przejechany dystans: <%- player.trainStats[name].distance / 1000 %>km</p>
<p>Spędzony czas: <%- msToTime(player.trainStats[name].time, true) %></p>
<p>Zdobyte punkty: <%- player.trainStats[name].score %></p>
<p>Średnia prędkość: <%- ((player.trainStats[name].distance / (player.trainStats[name].time / 1000)) * 3.6).toFixed(2) %> km/h</p>
<summary><%= name %></summary>
<p>Przejechany dystans: <%= player.trainStats[name].distance / 1000 %>km</p>
<p>Spędzony czas: <%= msToTime(player.trainStats[name].time, true) %></p>
<p>Zdobyte punkty: <%= player.trainStats[name].score %></p>
<p>Średnia prędkość: <%= ((player.trainStats[name].distance / (player.trainStats[name].time / 1000)) * 3.6).toFixed(2) %> km/h</p>
</details>
</li>
@ -87,15 +87,15 @@
<h1>Statystyki posterunków</h1>
<% if (player.dispatcherTime) {%>
<p>Spędzony czas: <%- msToTime(player.dispatcherTime) %></p>
<p>Spędzony czas: <%= msToTime(player.dispatcherTime) %></p>
<%}%>
<% if (player.dispatcherStats && Object.keys(player.dispatcherStats).length) {%>
<ul>
<% Object.keys(player.dispatcherStats).forEach(name => {%>
<li>
<details open>
<summary><%- name %></summary>
<p>Spędzony czas: <%- msToTime(player.dispatcherStats[name].time, true) %></p>
<summary><%= name %></summary>
<p>Spędzony czas: <%= msToTime(player.dispatcherStats[name].time, true) %></p>
</details>
</li>

40
src/http/views/stations/details.ejs

@ -6,13 +6,13 @@
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>simrail.alekswilc.dev</title>
<meta name="description"
content="<%- record.stationName %> | <%- record.userUsername %> | <%- dayjs(record.leftDate).format('hh:mm DD/MM/YYYY') %>">
content="<%= record.stationName %> | <%= record.userUsername %> | <%= dayjs(record.leftDate).format('hh:mm DD/MM/YYYY') %>">
<meta property="og:title" content="Simrail Log">
<meta property="og:url" content="https://simrail.alekswilc.dev/details/<%- record.id %>/">
<meta property="og:url" content="https://simrail.alekswilc.dev/details/<%= record.id %>/">
<meta property="og:description"
content="<%- record.stationName %> | <%- record.userUsername %> | <%- dayjs(record.leftDate).format('hh:mm DD/MM/YYYY') %>"">
content="<%= record.stationName %> | <%= record.userUsername %> | <%= dayjs(record.leftDate).format('hh:mm DD/MM/YYYY') %>"">
<meta property=" og:type" content="website">
<meta property="og:image" content="<%- record.userAvatar %>" />
<meta property="og:image" content="<%= record.userAvatar %>" />
<meta name="twitter:card" content="summary_large_image">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/open-fonts@1.1.1/fonts/inter.min.css">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@exampledev/new.css@1.1.2/new.min.css">
@ -40,7 +40,7 @@
}
function copylink() {
navigator.clipboard.writeText("https://simrail.alekswilc.dev/stations/details/<%- record.id %>/")
navigator.clipboard.writeText("https://simrail.alekswilc.dev/stations/details/<%= record.id %>/")
}
</script>
@ -49,28 +49,28 @@
<div class="details">
<p>Użytkownik: <a href="/profiles/<%- record.userSteamId %>">
<%- record.userUsername %>
<p>Użytkownik: <a href="/profiles/<%= record.userSteamId %>">
<%= record.userUsername %>
</a></p>
<p>Stacja: <%- record.stationName %>
<p>Stacja: <%= record.stationName %>
</p>
<p>Serwer: <%- record.server.toUpperCase() %>
<p>Serwer: <%= record.server.toUpperCase() %>
</p>
<p>Data wejścia: <%- record.joinedDate ? dayjs(record.joinedDate).format('HH:mm DD/MM/YYYY') : '--:-- --/--/--'
%> (<%- record.joinedDate ? dayjs(record.joinedDate).fromNow() : '--' %>)</p>
<p>Data wyjścia: <%- dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %> (<%- dayjs(record.leftDate).fromNow()
<p>Data wejścia: <%= record.joinedDate ? dayjs(record.joinedDate).format('HH:mm DD/MM/YYYY') : '--:-- --/--/--'
%> (<%= record.joinedDate ? dayjs(record.joinedDate).fromNow() : '--' %>)</p>
<p>Data wyjścia: <%= dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %> (<%= dayjs(record.leftDate).fromNow()
%>)</p>
<p>Spędzony czas: <%- record.joinedDate ? msToTime(record.leftDate - record.joinedDate, true) : '--' %>
<p>Spędzony czas: <%= record.joinedDate ? msToTime(record.leftDate - record.joinedDate, true) : '--' %>
</p>
<br />
<code class="clickable" style="white-space: pre-line" onclick="copydata()" id="data">;station: <%- record.stationName %>
;steam: <%- record.userSteamId %>
;server: <%- record.server %>
;name: <%- record.userUsername %>
;joined: <%-record.joinedDate ? dayjs(record.joinedDate).format() : 'no-data'%>
;left: <%-dayjs(record.leftDate).format()%>
;url: https://simrail.alekswilc.dev/stations/details/<%- record.id %>/
<code class="clickable" style="white-space: pre-line" onclick="copydata()" id="data">;station: <%= record.stationName %>
;steam: <%= record.userSteamId %>
;server: <%= record.server %>
;name: <%= record.userUsername %>
;joined: <%=record.joinedDate ? dayjs(record.joinedDate).format() : 'no-data'%>
;left: <%=dayjs(record.leftDate).format()%>
;url: https://simrail.alekswilc.dev/stations/details/<%= record.id %>/
</code>
<br />
<p><button onclick="copylink()">Kopiuj link</button></p>

20
src/http/views/stations/index.ejs

@ -26,7 +26,7 @@
<h2>Wyszukaj posterunek, osobe lub serwer</h2>
<div class="container">
<input type="text" id="search" value="<%-q%>">
<input type="text" id="search" value="<%=q%>">
<button onclick="search()">Szukaj</button>
<button onclick="clearSearch()">Wyczyść</button>
@ -38,25 +38,25 @@
<li>
<details>
<summary>[<span style="color:lightskyblue">
<%- record.server.toUpperCase() %>
<%= record.server.toUpperCase() %>
</span>] <span style="color: lightskyblue">
<%- record.stationName %>
<%= record.stationName %>
</span> - <span style="color:hotpink">
<%- record.userUsername %>
<%= record.userUsername %>
</span>
<p style="margin-bottom: 0; opacity: 0.5;">
<%- dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %>
<%= dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %>
</p>
</summary>
<p>Data dołączenia: <%- record.joinedDate ? dayjs(record.joinedDate).format('HH:mm DD/MM/YYYY')
: '--:-- --/--/--' %> (<%- record.joinedDate ? dayjs(record.joinedDate).fromNow() : '--' %>)
<p>Data dołączenia: <%= record.joinedDate ? dayjs(record.joinedDate).format('HH:mm DD/MM/YYYY')
: '--:-- --/--/--' %> (<%= record.joinedDate ? dayjs(record.joinedDate).fromNow() : '--' %>)
</p>
<p>Data wyjścia: <%- dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %> (<%-
<p>Data wyjścia: <%= dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %> (<%=
dayjs(record.leftDate).fromNow() %>)</p>
<p>Spędzony czas: <%- record.joinedDate ? msToTime(record.leftDate - record.joinedDate) : '--' %>
<p>Spędzony czas: <%= record.joinedDate ? msToTime(record.leftDate - record.joinedDate) : '--' %>
</p>
<a href="/stations/details/<%- record.id %>">
<a href="/stations/details/<%= record.id %>">
<button>Więcej</button>
</a>
</details>

48
src/http/views/trains/details.ejs

@ -6,13 +6,13 @@
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>simrail.alekswilc.dev</title>
<meta name="description"
content="<%- record.stationName %> | <%- record.userUsername %> | <%- dayjs(record.leftDate).format('hh:mm DD/MM/YYYY') %>">
content="<%= record.stationName %> | <%= record.userUsername %> | <%= dayjs(record.leftDate).format('hh:mm DD/MM/YYYY') %>">
<meta property="og:title" content="Simrail Log">
<meta property="og:url" content="https://simrail.alekswilc.dev/details/<%- record.id %>/">
<meta property="og:url" content="https://simrail.alekswilc.dev/details/<%= record.id %>/">
<meta property="og:description"
content="<%- record.stationName %> | <%- record.userUsername %> | <%- dayjs(record.leftDate).format('hh:mm DD/MM/YYYY') %>"">
content="<%= record.stationName %> | <%= record.userUsername %> | <%= dayjs(record.leftDate).format('hh:mm DD/MM/YYYY') %>"">
<meta property=" og:type" content="website">
<meta property="og:image" content="<%- record.userAvatar %>" />
<meta property="og:image" content="<%= record.userAvatar %>" />
<meta name="twitter:card" content="summary_large_image">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/open-fonts@1.1.1/fonts/inter.min.css">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@exampledev/new.css@1.1.2/new.min.css">
@ -40,7 +40,7 @@
}
function copylink() {
navigator.clipboard.writeText("https://simrail.alekswilc.dev/trains/details/<%- record.id %>/")
navigator.clipboard.writeText("https://simrail.alekswilc.dev/trains/details/<%= record.id %>/")
}
</script>
@ -49,35 +49,35 @@
<div class="details">
<p>Użytkownik: <a href="/profiles/<%- record.userSteamId %>">
<%- record.userUsername %>
<p>Użytkownik: <a href="/profiles/<%= record.userSteamId %>">
<%= record.userUsername %>
</a></p>
<p>Pociąg: <%- record.trainName %> <%- record.trainNumber %>
<p>Pociąg: <%= record.trainName %> <%= record.trainNumber %>
</p>
<p>Data wejścia: <%- record.joinedDate ? dayjs(record.joinedDate).format('HH:mm DD/MM/YYYY') : '--:-- --/--/--'
%> (<%- record.joinedDate ? dayjs(record.joinedDate).fromNow() : '--' %>)</p>
<p>Data wyjścia: <%- dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %> (<%- dayjs(record.leftDate).fromNow()
<p>Data wejścia: <%= record.joinedDate ? dayjs(record.joinedDate).format('HH:mm DD/MM/YYYY') : '--:-- --/--/--'
%> (<%= record.joinedDate ? dayjs(record.joinedDate).fromNow() : '--' %>)</p>
<p>Data wyjścia: <%= dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %> (<%= dayjs(record.leftDate).fromNow()
%>)</p>
<p>Spędzony czas: <%- record.joinedDate ? msToTime(record.leftDate - record.joinedDate, true) : '--' %>
<p>Spędzony czas: <%= record.joinedDate ? msToTime(record.leftDate - record.joinedDate, true) : '--' %>
</p>
<% if (record.distance) { %>
<p>Przejechane kilometry: <%- record.distance / 1000 %></p>
<p>Zdobyte punkty: <%- record.points %></p>
<p>Średnia prędkość: <%- ((record.distance / ((record.leftDate - record.joinedDate) / 1000)) * 3.6).toFixed(2) %> km/h</p>
<p>Przejechane kilometry: <%= record.distance / 1000 %></p>
<p>Zdobyte punkty: <%= record.points %></p>
<p>Średnia prędkość: <%= ((record.distance / ((record.leftDate - record.joinedDate) / 1000)) * 3.6).toFixed(2) %> km/h</p>
<% } %>
</p>
<br />
<code class="clickable" style="white-space: pre-line" onclick="copydata()" id="data">;train: <%- record.trainNumber %>
;steam: <%- record.userSteamId %>
;server: <%- record.server %>
;name: <%- record.userUsername %>
;joined: <%-record.joinedDate ? dayjs(record.joinedDate).format() : 'no-data'%>
;left: <%-dayjs(record.leftDate).format()%><%if (record.distance) {%>
;distance: <%- record.distance / 1000 %>
;points: <%- record.points %><%}%>
;url: https://simrail.alekswilc.dev/trains/details/<%- record.id %>/
<code class="clickable" style="white-space: pre-line" onclick="copydata()" id="data">;train: <%= record.trainNumber %>
;steam: <%= record.userSteamId %>
;server: <%= record.server %>
;name: <%= record.userUsername %>
;joined: <%=record.joinedDate ? dayjs(record.joinedDate).format() : 'no-data'%>
;left: <%=dayjs(record.leftDate).format()%><%if (record.distance) {%>
;distance: <%= record.distance / 1000 %>
;points: <%= record.points %><%}%>
;url: https://simrail.alekswilc.dev/trains/details/<%= record.id %>/
</code>
<br />
<p><button onclick="copylink()">Kopiuj link</button></p>

26
src/http/views/trains/index.ejs

@ -26,7 +26,7 @@
<h2>Wyszukaj pociąg, osobe lub serwer</h2>
<div class="container">
<input type="text" id="search" value="<%-q%>">
<input type="text" id="search" value="<%=q%>">
<button onclick="search()">Szukaj</button>
<button onclick="clearSearch()">Wyczyść</button>
@ -38,31 +38,31 @@
<li>
<details>
<summary>[<span style="color:lightskyblue">
<%- record.server.toUpperCase() %>
<%= record.server.toUpperCase() %>
</span>] <span style="color: lightskyblue">
<%- record.trainName %>
<%= record.trainName %>
</span> - <span style="color: lightskyblue">
<%- record.trainNumber %>
<%= record.trainNumber %>
</span> - <span style="color:hotpink">
<%- record.userUsername %>
<%= record.userUsername %>
</span>
<p style="margin-bottom: 0; opacity: 0.5;">
<%- dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %>
<%= dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %>
</p>
</summary>
<p>Data dołączenia: <%- record.joinedDate ? dayjs(record.joinedDate).format('HH:mm DD/MM/YYYY')
: '--:-- --/--/--' %> (<%- record.joinedDate ? dayjs(record.joinedDate).fromNow() : '--' %>)
<p>Data dołączenia: <%= record.joinedDate ? dayjs(record.joinedDate).format('HH:mm DD/MM/YYYY')
: '--:-- --/--/--' %> (<%= record.joinedDate ? dayjs(record.joinedDate).fromNow() : '--' %>)
</p>
<p>Data wyjścia: <%- dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %> (<%-
<p>Data wyjścia: <%= dayjs(record.leftDate).format('HH:mm DD/MM/YYYY') %> (<%=
dayjs(record.leftDate).fromNow() %>)</p>
<p>Spędzony czas: <%- record.joinedDate ? msToTime(record.leftDate - record.joinedDate) : '--' %>
<p>Spędzony czas: <%= record.joinedDate ? msToTime(record.leftDate - record.joinedDate) : '--' %>
<% if (record.distance) { %>
<p>Przejechane kilometry: <%- record.distance / 1000 %></p>
<p>Zdobyte punkty: <%- record.points %></p>
<p>Przejechane kilometry: <%= record.distance / 1000 %></p>
<p>Zdobyte punkty: <%= record.points %></p>
<% } %>
</p>
<a href="/trains/details/<%- record.id %>">
<a href="/trains/details/<%= record.id %>">
<button>Więcej</button>
</a>
</details>