pandorafms/pandora_console/operation/snmpconsole/snmp_mib_uploader.php

<?php

// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2013 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
// Load global vars
global $config;

check_login();

if (! check_acl($config['id_user'], 0, 'PM')) {
    db_pandora_audit('ACL Violation', 'Trying to access MIB uploader');
    include 'general/noaccess.php';
    return;
}

require_once 'include/functions_filemanager.php';

// Header
ui_print_page_header(__('MIB uploader'), 'images/op_snmp.png', false, '', false);

if (isset($config['filemanager']['message'])) {
    echo $config['filemanager']['message'];
    $config['filemanager']['message'] = null;
}

$directory = (string) get_parameter('directory', SNMP_DIR_MIBS);
$directory = str_replace('\\', '/', $directory);

// Add custom directories here
$fallback_directory = 'attachment/mibs';

// A miminal security check to avoid directory traversal
if (preg_match('/\.\./', $directory)) {
    $directory = $fallback_directory;
}

if (preg_match('/^\//', $directory)) {
    $directory = $fallback_directory;
}

if (preg_match('/^manager/', $directory)) {
    $directory = $fallback_directory;
}

$banned_directories['include'] = true;
$banned_directories['godmode'] = true;
$banned_directories['operation'] = true;
$banned_directories['reporting'] = true;
$banned_directories['general'] = true;
$banned_directories[ENTERPRISE_DIR] = true;

if (isset($banned_directories[$directory])) {
    $directory = $fallback_directory;
}

// Current directory
$available_directories[$directory] = $directory;

$real_directory = realpath($config['homedir'].'/'.$directory);

ui_print_info_message(__('MIB files will be installed on the system. Please note that a MIB may depend on other MIB. To customize trap definitions use the SNMP trap editor.'));

filemanager_file_explorer(
    $real_directory,
    $directory,
    'index.php?sec=snmpconsole&sec2=operation/snmpconsole/snmp_mib_uploader',
    SNMP_DIR_MIBS,
    false,
    false,
    '',
    false,
    '',
    false
);
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`<?php`
2013-02-07 Ramon Novoa <rnovoa@artica.es> * attachment/mibs, operation/snmpconsole/snmp_browser.php, operation/snmpconsole/snmp_mib_uploader.php, operation/tree/first_leaf.png: Added to repository. SNMP browser. * operation/menu.php: Moved SNMP related features to a new SNMP menu. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7612 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f 2013-02-07 19:21:59 +01:00
			`// Pandora FMS - http://pandorafms.com`
			`// ==================================================`
			`// Copyright (c) 2013 Artica Soluciones Tecnologicas`
			`// Please see http://pandorafms.org for full contribution list`
			`// This program is free software; you can redistribute it and/or`
			`// modify it under the terms of the GNU General Public License`
			`// as published by the Free Software Foundation for version 2.`
			`// This program is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU General Public License for more details.`
			`// Load global vars`
			`global $config;`

Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`check_login();`
2013-02-07 Ramon Novoa <rnovoa@artica.es> * attachment/mibs, operation/snmpconsole/snmp_browser.php, operation/snmpconsole/snmp_mib_uploader.php, operation/tree/first_leaf.png: Added to repository. SNMP browser. * operation/menu.php: Moved SNMP related features to a new SNMP menu. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7612 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f 2013-02-07 19:21:59 +01:00
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`if (! check_acl($config['id_user'], 0, 'PM')) {`
			`db_pandora_audit('ACL Violation', 'Trying to access MIB uploader');`
			`include 'general/noaccess.php';`
			`return;`
2013-02-07 Ramon Novoa <rnovoa@artica.es> * attachment/mibs, operation/snmpconsole/snmp_browser.php, operation/snmpconsole/snmp_mib_uploader.php, operation/tree/first_leaf.png: Added to repository. SNMP browser. * operation/menu.php: Moved SNMP related features to a new SNMP menu. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7612 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f 2013-02-07 19:21:59 +01:00			`}`

Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`require_once 'include/functions_filemanager.php';`
2013-02-07 Ramon Novoa <rnovoa@artica.es> * attachment/mibs, operation/snmpconsole/snmp_browser.php, operation/snmpconsole/snmp_mib_uploader.php, operation/tree/first_leaf.png: Added to repository. SNMP browser. * operation/menu.php: Moved SNMP related features to a new SNMP menu. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7612 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f 2013-02-07 19:21:59 +01:00
			`// Header`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`ui_print_page_header(__('MIB uploader'), 'images/op_snmp.png', false, '', false);`
2013-02-07 Ramon Novoa <rnovoa@artica.es> * attachment/mibs, operation/snmpconsole/snmp_browser.php, operation/snmpconsole/snmp_mib_uploader.php, operation/tree/first_leaf.png: Added to repository. SNMP browser. * operation/menu.php: Moved SNMP related features to a new SNMP menu. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7612 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f 2013-02-07 19:21:59 +01:00
			`if (isset($config['filemanager']['message'])) {`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`echo $config['filemanager']['message'];`
			`$config['filemanager']['message'] = null;`
2013-02-07 Ramon Novoa <rnovoa@artica.es> * attachment/mibs, operation/snmpconsole/snmp_browser.php, operation/snmpconsole/snmp_mib_uploader.php, operation/tree/first_leaf.png: Added to repository. SNMP browser. * operation/menu.php: Moved SNMP related features to a new SNMP menu. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7612 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f 2013-02-07 19:21:59 +01:00			`}`

Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`$directory = (string) get_parameter('directory', SNMP_DIR_MIBS);`
			`$directory = str_replace('\\', '/', $directory);`
2013-02-07 Ramon Novoa <rnovoa@artica.es> * attachment/mibs, operation/snmpconsole/snmp_browser.php, operation/snmpconsole/snmp_mib_uploader.php, operation/tree/first_leaf.png: Added to repository. SNMP browser. * operation/menu.php: Moved SNMP related features to a new SNMP menu. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7612 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f 2013-02-07 19:21:59 +01:00
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`// Add custom directories here`
			`$fallback_directory = 'attachment/mibs';`
2013-02-07 Ramon Novoa <rnovoa@artica.es> * attachment/mibs, operation/snmpconsole/snmp_browser.php, operation/snmpconsole/snmp_mib_uploader.php, operation/tree/first_leaf.png: Added to repository. SNMP browser. * operation/menu.php: Moved SNMP related features to a new SNMP menu. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7612 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f 2013-02-07 19:21:59 +01:00
			`// A miminal security check to avoid directory traversal`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`if (preg_match('/\.\./', $directory)) {`
			`$directory = $fallback_directory;`
			`}`

			`if (preg_match('/^\//', $directory)) {`
			`$directory = $fallback_directory;`
			`}`

			`if (preg_match('/^manager/', $directory)) {`
			`$directory = $fallback_directory;`
			`}`
2013-02-07 Ramon Novoa <rnovoa@artica.es> * attachment/mibs, operation/snmpconsole/snmp_browser.php, operation/snmpconsole/snmp_mib_uploader.php, operation/tree/first_leaf.png: Added to repository. SNMP browser. * operation/menu.php: Moved SNMP related features to a new SNMP menu. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7612 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f 2013-02-07 19:21:59 +01:00
			`$banned_directories['include'] = true;`
			`$banned_directories['godmode'] = true;`
			`$banned_directories['operation'] = true;`
			`$banned_directories['reporting'] = true;`
			`$banned_directories['general'] = true;`
			`$banned_directories[ENTERPRISE_DIR] = true;`

Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`if (isset($banned_directories[$directory])) {`
			`$directory = $fallback_directory;`
			`}`
2013-02-07 Ramon Novoa <rnovoa@artica.es> * attachment/mibs, operation/snmpconsole/snmp_browser.php, operation/snmpconsole/snmp_mib_uploader.php, operation/tree/first_leaf.png: Added to repository. SNMP browser. * operation/menu.php: Moved SNMP related features to a new SNMP menu. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@7612 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f 2013-02-07 19:21:59 +01:00
			`// Current directory`
			`$available_directories[$directory] = $directory;`

Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`$real_directory = realpath($config['homedir'].'/'.$directory);`

			`ui_print_info_message(__('MIB files will be installed on the system. Please note that a MIB may depend on other MIB. To customize trap definitions use the SNMP trap editor.'));`

			`filemanager_file_explorer(`
			`$real_directory,`
			`$directory,`
			`'index.php?sec=snmpconsole&sec2=operation/snmpconsole/snmp_mib_uploader',`
			`SNMP_DIR_MIBS,`
			`false,`
			`false,`
			`'',`
			`false,`
			`'',`
fixed filemanager 2019-05-08 10:55:20 +02:00			`false`
Changed the format of the .php files Former-commit-id: 4dc926a81de14e27df8be7982406b09d8e808399 2019-01-30 16:18:44 +01:00			`);`