dox / energy Goto Github PK

Hi, our Comms Team would like the CO₂ graph on the home page to be in more contrasting colours. Is it possible to make this a customisation in the settings file?

Our vulnerability scanner flags the import of scripts from third party sites as a medium risk, and recommends SRI https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity to mitigate it. It provides the following hashes for use in the integrity attribute:

https://cdn.jsdelivr.net/npm/flatpickr
sha256-AkQap91tDcS4YyQaZY2VV34UhSCxu2bDEIgXXXuf5Hg=

https://unpkg.com/[email protected]/dist/leaflet.js
sha256-yDc0eil8GjWFKqN1OSzHSVCiuGghTosZCcRje4tj7iQ=

https://cdn.jsdelivr.net/chartist.js/latest/chartist.min.js
sha256-UzffRueYhyZDw8Cj39UCnnggvBfa1fPcDQ0auvCbvCc=

Our administrator has been asked by management to provide a monthly report showing the usage compared to the same month in the previous year. However, for October 2021 the readings were taken a few days late in early November 2021 so there are no readings for that month. It seems in this case the reported usage for that month is zero!

Can anything be done to interpolate the results and give usage evened out across the requested reporting period?

The graph of CO₂ shows tonnes on the vertical axis. Our Comms team request that the headline figures for CO₂ are also displayed in tonnes. Could this be an option? Thanks!

Our routine vulnerability scanning was able to insert its own arbitrary code into the form with id="termUpdate"
I think $_SERVER['REQUEST_URI'] needs input sanitization, perhaps with filter_input() - but I'm a bit out of my depth now!

Please can the CO₂ graph show a second (perhaps thinner/dotted) line with the previous year's readings, for comparison?

Address
Waste Water SPID
Water SPID
Electricity Supply Number

Our routine network vulnerability scanning has run for the first time against our install and identified quite a few "high" risk vulnerabilities involving SQL injection. The vulnerability scanning service recommends use of "Prepared Statements" as best practive to prevent SQL injections, but input sanitization on variables might be a quick fix [perhaps filter_var()/filter_var_array() ]
The scans identified the following variables as open to SQL injection attacks:

/export.php [query.filter]
/index.php [payload.date_from]
/index.php [payload.date_to]
/index.php [payload.locations%5B%5D]
/index.php [payload.nodes%5B%5D]
/index.php [query.locationUID]
/index.php [query.nodeUID]

The map page is working, but 'add location' just gives a blank page with just the header bar. Looking at page source shows nothing inside the body tag except the header structure.
The map part of 'add node' works, but clicking only adds a marker to the map, it doesn't do anything to the mandatory location field (if it was supposed to?)

How much work would it take to be able to record the cost of each energy type along with readings (defaulting to the last figure entered) and having the cost graphs calculated based on usage_since_last_reading*cost for each reading, rather than a single value which affects past and present data?
With the rapidly rising energy costs, even if this year's usage graph is much the same as last, the costs will likely be much higher, which might be a useful metric to see?

Could you put a template config.php in, to show what variables should be defined?

When clicking on the map for a node, it updates to say 'New Node location...'. Obviously it isn't possible to update this way, but needs to not do this

After creating a new node the following screen appears once you have clicked on the new node to edit it. This error does not affect pre-existing nodes.

This occurred after the latest git pull I performed on 06/03/2023.

Best,
EP

Could kWh be added to gas readings?
=m3*(calorific value)*1.02264)/3.6 = kWh

Cubic metres (m3) used x calorific value (usually 40.0) x Correction factor (1.02264) ÷ kWh conversion factor (3.6) = kWh

Hi - we've got some big numbers on our graphs and they're being cropped from display on the Y axis:

Is there a way to fix this?

Need the ability to log readings for today, or any date before today. Also ability to edit existing readings

The headline CO₂ Emissions graph shows "Total for the last 12 months across all utilities" and then a percentage. It is not clear to us what this is showing - can we get this clarified, and perhaps improve the wording?

Photo upload not there!