pandorafms/pandora_console/operation/events/events_rss.php

<?php

// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2009 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
ini_set('display_errors', 0);
// Don't display other errors, messes up XML
require_once '../../include/config.php';
require_once '../../include/functions.php';
require_once '../../include/functions_db.php';
require_once '../../include/functions_api.php';
require_once '../../include/functions_agents.php';
require_once '../../include/functions_users.php';
require_once '../../include/functions_tags.php';
require_once '../../include/functions_groups.php';

$ipOrigin = $_SERVER['REMOTE_ADDR'];

// Uncoment this to activate ACL on RSS Events
if (!isInACL($ipOrigin)) {
    rss_error_handler(
        null,
        null,
        null,
        null,
        __('Your IP is not into the IP list with API access.')
    );

    exit;
}

// Check user credentials
$user = get_parameter('user');
$hashup = get_parameter('hashup');

$pss = get_user_info($user);
$hashup2 = md5($user.$pss['password']);

if ($hashup != $hashup2) {
    rss_error_handler(
        null,
        null,
        null,
        null,
        __('The URL of your feed has bad hash.')
    );

    exit;
}

header('Content-Type: application/xml; charset=UTF-8');
// Send header before starting to output
function rss_error_handler($errno, $errstr, $errfile, $errline, $error_human_description=null)
{
    $url = ui_get_full_url(false);
    $selfurl = ui_get_full_url('?'.$_SERVER['QUERY_STRING'], false, true);

    $rss_feed = '<?xml version="1.0" encoding="utf-8" ?>';
    // ' Fixes certain highlighters freaking out on the PHP closing tag
    $rss_feed .= "\n";
    $rss_feed .= '<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">';
    $rss_feed .= "\n";
    $rss_feed .= '<channel>';
    $rss_feed .= "\n";
    $rss_feed .= '<title>'.get_product_name().' RSS Feed</title>';
    $rss_feed .= "\n";
    $rss_feed .= '<description>Latest events on '.get_product_name().'</description>';
    $rss_feed .= "\n";
    $rss_feed .= '<lastBuildDate>'.date(DATE_RFC822, 0).'</lastBuildDate>';
    $rss_feed .= "\n";
    $rss_feed .= '<link>'.$url.'</link>';
    // Link back to the main Pandora page
    $rss_feed .= "\n";
    $rss_feed .= '<atom:link href="'.xml_entities(io_safe_input($selfurl)).'" rel="self" type="application/rss+xml" />';
    // Alternative for Atom feeds. It's the same.
    $rss_feed .= "\n";
    $rss_feed .= '<item>';
    $rss_feed .= "\n";
    $rss_feed .= '<guid>'.$url.'/index.php?sec=eventos&amp;sec2=operation/events/events</guid>';
    $rss_feed .= "\n";
    $rss_feed .= '<title>Error creating feed</title>';
    $rss_feed .= "\n";

    if (empty($error_human_description)) {
        $rss_feed .= '<description>There was an error creating the feed: '.$errno.' - '.$errstr.' in '.$errfile.' on line '.$errline.'</description>';
    } else {
        $rss_feed .= '<description>'.xml_entities(io_safe_input($error_human_description)).'</description>';
    }

    $rss_feed .= "\n";
    $rss_feed .= '<link>'.$url.'/index.php?sec=eventos&amp;sec2=operation/events/events</link>';
    $rss_feed .= "\n";
    $rss_feed .= '</item>';
    $rss_feed .= "\n";
    $rss_feed .= '</channel>';
    $rss_feed .= "\n";
    $rss_feed .= '</rss>';

    exit($rss_feed);
    // Exit by displaying the feed
}


set_error_handler('rss_error_handler', E_ERROR);
// Errors output as RSS
$id_group = get_parameter('id_group', 0);
// group
$event_type = get_parameter('event_type', '');
// 0 all
$severity = (int) get_parameter('severity', -1);
// -1 all
$status = (int) get_parameter('status', 0);
// -1 all, 0 only red, 1 only green
$id_agent = (int) get_parameter('id_agent', -1);

$id_event = (int) get_parameter('id_event', -1);
// This will allow to select only 1 event (eg. RSS)
$event_view_hr = (int) get_parameter('event_view_hr', 0);
$id_user_ack = get_parameter('id_user_ack', 0);
$search = io_safe_output(preg_replace('/&([A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/', '&', rawurldecode(get_parameter('search'))));
$text_agent = (string) get_parameter('text_agent', __('All'));

$tag_with_json = base64_decode(get_parameter('tag_with', ''));
$tag_with_json_clean = io_safe_output($tag_with_json);
$tag_with_base64 = base64_encode($tag_with_json_clean);
$tag_with = json_decode($tag_with_json_clean, true);
if (empty($tag_with)) {
    $tag_with = [];
}

$tag_with = array_diff($tag_with, [0 => 0]);

$tag_without_json = base64_decode(get_parameter('tag_without', ''));
$tag_without_json_clean = io_safe_output($tag_without_json);
$tag_without_base64 = base64_encode($tag_without_json_clean);
$tag_without = json_decode($tag_without_json_clean, true);
if (empty($tag_without)) {
    $tag_without = [];
}

$tag_without = array_diff($tag_without, [0 => 0]);

$filter_only_alert = (int) get_parameter('filter_only_alert', -1);

//
// Build the condition of the events query
$sql_post = '';
$meta = false;

$id_user = $user;

require 'events.build_query.php';

// Now $sql_post have all the where condition
//
$sql = 'SELECT *
	FROM tevento te LEFT JOIN tagent_secondary_group tasg
		ON te.id_grupo = tasg.id_group
	WHERE 1=1 '.$sql_post.'
	ORDER BY utimestamp DESC';

$result = db_get_all_rows_sql($sql);

$url = ui_get_full_url(false);
$selfurl = ui_get_full_url('?'.$_SERVER['QUERY_STRING'], false, true);

if (empty($result)) {
    $lastbuild = 0;
    // Last build in 1970
} else {
    $lastbuild = (int) $result[0]['utimestamp'];
}

$rss_feed = '<?xml version="1.0" encoding="utf-8" ?>'."\n";
// ' <?php ' -- Fixes highlighters thinking that the closing tag is PHP
$rss_feed .= '<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">'."\n";
$rss_feed .= '<channel>'."\n";
$rss_feed .= '<title>'.get_product_name().' RSS Feed</title>'."\n";
$rss_feed .= '<description>Latest events on '.get_product_name().'</description>'."\n";
$rss_feed .= '<lastBuildDate>'.date(DATE_RFC822, $lastbuild).'</lastBuildDate>'."\n";
// Last build date is the last event - that way readers won't mark it as having new posts
$rss_feed .= '<link>'.$url.'</link>'."\n";
// Link back to the main Pandora page
$rss_feed .= '<atom:link href="'.xml_entities(io_safe_input($selfurl)).'" rel="self" type="application/rss+xml" />'."\n";
;
// Alternative for Atom feeds. It's the same.
if (empty($result)) {
    $result = [];
    $rss_feed .= '<item><guid>'.xml_entities(io_safe_input($url.'/index.php?sec=eventos&sec2=operation/events/events')).'</guid><title>No results</title>';
    $rss_feed .= '<description>There are no results. Click on the link to see all Pending events</description>';
    $rss_feed .= '<link>'.xml_entities(io_safe_input($url.'/index.php?sec=eventos&sec2=operation/events/events')).'</link></item>'."\n";
}

foreach ($result as $row) {
    if (!check_acl($user, $row['id_grupo'], 'ER')) {
        continue;
    }

    if ($row['event_type'] == 'system') {
        $agent_name = __('System');
    } else if ($row['id_agente'] > 0) {
        // Agent name
        $agent_name = agents_get_alias($row['id_agente']);
    } else {
        $agent_name = __('Alert').__('SNMP');
    }

    // This is mandatory
    $rss_feed .= '<item><guid>';
    $rss_feed .= xml_entities(io_safe_input($url.'/index.php?sec=eventos&sec2=operation/events/events&id_event='.$row['id_evento']));
    $rss_feed .= '</guid><title>';
    $rss_feed .= xml_entities($agent_name);
    $rss_feed .= '</title><description>';
    $rss_feed .= xml_entities($row['evento']);
    if ($row['estado'] == 1) {
        $rss_feed .= xml_entities(io_safe_input('<br /><br />'.'Validated by '.$row['id_usuario']));
    }

    $rss_feed .= '</description><link>';
    $rss_feed .= xml_entities(io_safe_input($url.'/index.php?sec=eventos&sec2=operation/events/events&id_event='.$row['id_evento']));
    $rss_feed .= '</link>';

    // The rest is optional
    $rss_feed .= '<pubDate>'.date(DATE_RFC822, $row['utimestamp']).'</pubDate>';

    // This is mandatory again
    $rss_feed .= '</item>'."\n";
}

$rss_feed .= "</channel>\n</rss>\n";

echo $rss_feed;


function xml_entities($str)
{
    if (!is_string($str)) {
        return '';
    }

    if (preg_match_all('/(&[^;]+;)/', $str, $matches) != 0) {
        $matches = $matches[0];

        foreach ($matches as $entity) {
            $char = html_entity_decode($entity, (ENT_COMPAT | ENT_HTML401), 'UTF-8');

            $html_entity_numeric = '&#'.uniord($char).';';

            $str = str_replace($entity, $html_entity_numeric, $str);
        }
    }

    return $str;
}


function uniord($u)
{
    $k = mb_convert_encoding($u, 'UCS-2LE', 'UTF-8');
    $k1 = ord(substr($k, 0, 1));
    $k2 = ord(substr($k, 1, 1));

    return ($k2 * 256 + $k1);
}