2006-10-08 16:04:10 +02:00
|
|
|
<?php
|
|
|
|
|
|
2009-06-08 20:17:33 +02:00
|
|
|
// Pandora FMS - http://pandorafms.com
|
|
|
|
|
// ==================================================
|
2010-03-03 23:19:22 +01:00
|
|
|
// Copyright (c) 2005-2010 Artica Soluciones Tecnologicas
|
2009-06-08 20:17:33 +02:00
|
|
|
// Please see http://pandorafms.org for full contribution list
|
2006-10-08 16:04:10 +02:00
|
|
|
// This program is free software; you can redistribute it and/or
|
|
|
|
|
// modify it under the terms of the GNU General Public License
|
2008-08-22 20:07:32 +02:00
|
|
|
// as published by the Free Software Foundation for version 2.
|
2006-10-08 16:04:10 +02:00
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
// GNU General Public License for more details.
|
|
|
|
|
// Load global vars
|
2010-03-02 20:25:51 +01:00
|
|
|
global $config;
|
2019-01-30 16:18:44 +01:00
|
|
|
require_once 'include/functions_incidents.php';
|
|
|
|
|
require_once 'include/functions_events.php';
|
|
|
|
|
// To get events group information
|
|
|
|
|
check_login();
|
|
|
|
|
|
|
|
|
|
if (! check_acl($config['id_user'], 0, 'IR') && ! check_acl($config['id_user'], 0, 'IW') && ! check_acl($config['id_user'], 0, 'IM')) {
|
|
|
|
|
// Doesn't have access to this page
|
|
|
|
|
db_pandora_audit('ACL Violation', 'Trying to access incident details');
|
|
|
|
|
include 'general/noaccess.php';
|
|
|
|
|
exit;
|
2007-02-05 18:45:14 +01:00
|
|
|
}
|
|
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
$inicio = get_system_time();
|
|
|
|
|
// Just inits the variable
|
|
|
|
|
$actualizacion = get_system_time();
|
2008-11-10 18:35:27 +01:00
|
|
|
|
2007-02-05 18:45:14 +01:00
|
|
|
// EDITION MODE
|
2019-01-30 16:18:44 +01:00
|
|
|
if (isset($_GET['id'])) {
|
|
|
|
|
$id_inc = (int) get_parameter('id', 0);
|
|
|
|
|
|
|
|
|
|
// Obtain group of this incident
|
|
|
|
|
$row = db_get_row('tincidencia', 'id_incidencia', $id_inc);
|
|
|
|
|
|
|
|
|
|
// Get values
|
|
|
|
|
$titulo = $row['titulo'];
|
|
|
|
|
$texto = $row['descripcion'];
|
|
|
|
|
$inicio = time_w_fixed_tz($row['inicio']);
|
|
|
|
|
$actualizacion = time_w_fixed_tz($row['actualizacion']);
|
|
|
|
|
$estado = $row['estado'];
|
|
|
|
|
$prioridad = $row['prioridad'];
|
|
|
|
|
$origen = $row['origen'];
|
|
|
|
|
$usuario = $row['id_usuario'];
|
|
|
|
|
// owner
|
|
|
|
|
$id_grupo = $row['id_grupo'];
|
|
|
|
|
$id_creator = $row['id_creator'];
|
|
|
|
|
// creator
|
|
|
|
|
$id_lastupdate = $row['id_lastupdate'];
|
|
|
|
|
// last updater
|
|
|
|
|
$id_agent = $row['id_agent'];
|
|
|
|
|
// Agent
|
|
|
|
|
// Note add - everybody that can read incidents, can add notes
|
|
|
|
|
if (isset($_GET['insertar_nota'])) {
|
|
|
|
|
$nota = get_parameter('nota');
|
|
|
|
|
|
|
|
|
|
$sql = sprintf(
|
|
|
|
|
"INSERT INTO tnota (id_usuario, id_incident, nota)
|
|
|
|
|
VALUES ('%s', %d, '%s')",
|
|
|
|
|
$config['id_user'],
|
|
|
|
|
$id_inc,
|
|
|
|
|
$nota
|
|
|
|
|
);
|
|
|
|
|
$id_nota = db_process_sql($sql, 'insert_id');
|
|
|
|
|
|
|
|
|
|
if ($id_nota !== false) {
|
|
|
|
|
incidents_process_touch($id_inc);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ui_print_result_message(
|
|
|
|
|
$id_nota,
|
|
|
|
|
__('Successfully added'),
|
|
|
|
|
__('Could not be added')
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Delete note
|
|
|
|
|
if (isset($_POST['delete_nota'])) {
|
|
|
|
|
$id_nota = get_parameter('delete_nota', 0);
|
|
|
|
|
$note_user = incidents_get_notes_author($id_nota);
|
|
|
|
|
if (((check_acl($config['id_user'], $id_grupo, 'IM') == 1) or ($note_user == $config['id_user'])) or ($id_owner == $config['id_user'])) {
|
|
|
|
|
// Only admins (manage incident) or owners can modify
|
|
|
|
|
// incidents notes. note authors are
|
|
|
|
|
// able to delete their own notes
|
|
|
|
|
$result = incidents_delete_note($id_nota);
|
|
|
|
|
|
|
|
|
|
if (!empty($result)) {
|
|
|
|
|
incidents_process_touch($id_inc);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ui_print_result_message(
|
|
|
|
|
$id_nota,
|
|
|
|
|
__('Successfully deleted'),
|
|
|
|
|
__('Could not be deleted')
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Delete file
|
|
|
|
|
if (((check_acl($config['id_user'], $id_grupo, 'IM') == 1)
|
|
|
|
|
or ($id_owner == $config['id_user'])) and isset($_POST['delete_file'])
|
|
|
|
|
) {
|
|
|
|
|
$file_id = (int) get_parameter('delete_file', 0);
|
|
|
|
|
$filename = db_get_value('filename', 'tattachment', 'id_attachment', $file_id);
|
|
|
|
|
$sql = sprintf(
|
|
|
|
|
'
|
2013-06-18 11:48:57 +02:00
|
|
|
DELETE
|
|
|
|
|
FROM tattachment
|
2019-01-30 16:18:44 +01:00
|
|
|
WHERE id_attachment = %d',
|
|
|
|
|
$file_id
|
|
|
|
|
);
|
|
|
|
|
$result = db_process_sql($sql);
|
|
|
|
|
|
|
|
|
|
if (!empty($result)) {
|
|
|
|
|
if (file_exists($config['homedir'].'/attachment/pand'.$row['id_attachment'].'_'.$row['filename'].'.zip')) {
|
|
|
|
|
unlink(
|
|
|
|
|
$config['attachment_store'].'/pand'.$file_id.'_'.io_safe_output($filename).'.zip'
|
|
|
|
|
);
|
|
|
|
|
} else {
|
|
|
|
|
unlink(
|
|
|
|
|
$config['attachment_store'].'/pand'.$file_id.'_'.io_safe_output($filename)
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
incidents_process_touch($id_inc);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ui_print_result_message(
|
|
|
|
|
$result,
|
|
|
|
|
__('Successfully deleted'),
|
|
|
|
|
__('Could not be deleted')
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Upload file
|
|
|
|
|
if ((check_acl($config['id_user'], $id_grupo, 'IW') == 1) and isset($_GET['upload_file']) and ($_FILES['userfile']['name'] != '')) {
|
|
|
|
|
$description = get_parameter('file_description', __('No description available'));
|
|
|
|
|
|
|
|
|
|
// Insert into database
|
|
|
|
|
$filename = io_safe_input($_FILES['userfile']['name']);
|
|
|
|
|
$filesize = io_safe_input($_FILES['userfile']['size']);
|
|
|
|
|
|
|
|
|
|
// The following is if you have clamavlib installed
|
|
|
|
|
// (php5-clamavlib) and enabled in php.ini
|
|
|
|
|
// http://www.howtoforge.com/scan_viruses_with_php_clamavlib
|
|
|
|
|
if (extension_loaded('clamav')) {
|
|
|
|
|
cl_setlimits(5, 1000, 200, 0, 10485760);
|
|
|
|
|
$malware = cl_scanfile($_FILES['file']['tmp_name']);
|
|
|
|
|
if ($malware) {
|
|
|
|
|
$error = 'Malware detected: '.$malware.'<br>ClamAV version: '.clam_get_version();
|
|
|
|
|
die($error);
|
|
|
|
|
// On malware, we die because it's not good to handle it
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$sql = sprintf(
|
|
|
|
|
"INSERT INTO tattachment (id_incidencia, id_usuario, filename, description, size)
|
|
|
|
|
VALUES (%d, '%s', '%s', '%s', %d)",
|
|
|
|
|
$id_inc,
|
|
|
|
|
$config['id_user'],
|
|
|
|
|
$filename,
|
|
|
|
|
$description,
|
|
|
|
|
$filesize
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$id_attachment = db_process_sql($sql, 'insert_id');
|
|
|
|
|
|
|
|
|
|
// Copy file to directory and change name
|
|
|
|
|
if ($id_attachment !== false) {
|
|
|
|
|
$nombre_archivo = $config['attachment_store'].'/pand'.$id_attachment.'_'.$_FILES['userfile']['name'];
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$zip = new ZipArchive;
|
|
|
|
|
|
|
|
|
|
if ($zip->open($nombre_archivo.'.zip', ZIPARCHIVE::CREATE) === true) {
|
|
|
|
|
$zip->addFile($_FILES['userfile']['tmp_name'], io_safe_output($filename));
|
|
|
|
|
$zip->close();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// $result = copy ($_FILES['userfile']['tmp_name'], $nombre_archivo);
|
|
|
|
|
} else {
|
|
|
|
|
ui_print_error_message(__('File could not be saved due to database error'));
|
|
|
|
|
$result = false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ($result !== false) {
|
|
|
|
|
unlink($_FILES['userfile']['tmp_name']);
|
|
|
|
|
incidents_process_touch($id_inc);
|
|
|
|
|
} else {
|
|
|
|
|
db_process_sql('DELETE FROM tattachment WHERE id_attachment = '.$id_attachment);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ui_print_result_message(
|
|
|
|
|
$result,
|
|
|
|
|
__('File uploaded'),
|
|
|
|
|
__('File could not be uploaded')
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
} //end if
|
2007-02-06 16:38:29 +01:00
|
|
|
// Create incident from event... read event data
|
2019-01-30 16:18:44 +01:00
|
|
|
else if (isset($_GET['insert_form'])) {
|
|
|
|
|
$titulo = '';
|
|
|
|
|
$descripcion = '';
|
|
|
|
|
$origen = '';
|
|
|
|
|
$prioridad = 0;
|
|
|
|
|
$id_grupo = 0;
|
|
|
|
|
$estado = 0;
|
|
|
|
|
$texto = '';
|
|
|
|
|
$usuario = $config['id_user'];
|
|
|
|
|
$id_creator = $config['id_user'];
|
|
|
|
|
$id_grupo = 0;
|
|
|
|
|
$id_agent = 0;
|
|
|
|
|
|
|
|
|
|
if (isset($_GET['from_event'])) {
|
|
|
|
|
$event = get_parameter('from_event');
|
|
|
|
|
$texto = io_safe_output(events_get_description($event));
|
|
|
|
|
$titulo = ui_print_truncate_text(events_get_description($event), 'description', false, true, false);
|
|
|
|
|
$id_grupo = events_get_group($event);
|
|
|
|
|
$origen = 'Pandora FMS Event';
|
|
|
|
|
$id_agent = db_get_value('id_agente', 'tevento', 'id_evento', $event);
|
|
|
|
|
unset($event);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$prioridad = 0;
|
|
|
|
|
} else {
|
|
|
|
|
db_pandora_audit('HACK', 'Trying to get to incident details in an unusual way');
|
|
|
|
|
include 'general/noaccess.php';
|
|
|
|
|
exit;
|
2007-02-05 18:45:14 +01:00
|
|
|
}
|
|
|
|
|
|
2007-02-06 16:38:29 +01:00
|
|
|
|
|
|
|
|
|
2007-02-05 18:45:14 +01:00
|
|
|
// ********************************************************************************************************
|
|
|
|
|
// ********************************************************************************************************
|
|
|
|
|
// Show the form
|
|
|
|
|
// ********************************************************************************************************
|
2019-01-30 16:18:44 +01:00
|
|
|
// This is for the pretty slide down attachment form
|
2008-09-19 18:08:59 +02:00
|
|
|
echo "<script type=\"text/javascript\">
|
|
|
|
|
$(document).ready(function() {
|
|
|
|
|
$('#file_control').hide();
|
|
|
|
|
$('#add_note').hide();
|
2010-07-18 13:13:38 +02:00
|
|
|
$('a.attachment').click(function() {
|
|
|
|
|
$('a.attachment').fadeOut('fast');
|
2008-09-19 18:08:59 +02:00
|
|
|
$('#file_control').slideDown('slow');
|
|
|
|
|
return false;
|
|
|
|
|
});
|
2010-07-18 13:13:38 +02:00
|
|
|
$('a.note_control').click(function() {
|
|
|
|
|
$('a.note_control').fadeOut('fast');
|
2008-09-19 18:08:59 +02:00
|
|
|
$('#add_note').slideDown('slow');
|
|
|
|
|
return false;
|
|
|
|
|
});
|
2012-08-17 13:39:25 +02:00
|
|
|
});
|
|
|
|
|
</script>";
|
2008-09-19 18:08:59 +02:00
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
if (isset($id_inc)) {
|
|
|
|
|
// If $id_inc is set (when $_GET["id"] is set, not $_GET["insert_form"]
|
|
|
|
|
ui_print_page_header(__('Incident details').' #'.$id_inc, 'images/book_edit.png', false, '', false, '');
|
|
|
|
|
echo '<form name="accion_form" method="POST" action="index.php?sec=workspace&sec2=operation/incidents/incident&action=update">';
|
|
|
|
|
echo '<input type="hidden" name="id_inc" value="'.$id_inc.'">';
|
|
|
|
|
} else {
|
|
|
|
|
ui_print_page_header(__('Create incident'), 'images/book_edit.png', false, '', false, '');
|
|
|
|
|
echo '<form name="accion_form" method="POST" action="index.php?sec=workspace&sec2=operation/incidents/incident&action=insert">';
|
2007-02-05 18:45:14 +01:00
|
|
|
}
|
2008-09-19 18:08:59 +02:00
|
|
|
|
2015-06-26 08:49:51 +02:00
|
|
|
echo '<table cellpadding="4" cellspacing="4" class="databox filters" width="100%">';
|
2012-08-17 13:39:25 +02:00
|
|
|
echo '<tr>
|
|
|
|
|
<td class="datos"><b>'.__('Incident').'</b></td>
|
|
|
|
|
<td colspan="3" class="datos">';
|
2008-09-19 18:08:59 +02:00
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
if ((check_acl($config['id_user'], $id_grupo, 'IM') == 1)
|
|
|
|
|
or ($usuario == $config['id_user'])
|
|
|
|
|
) {
|
|
|
|
|
html_print_input_text('titulo', $titulo, '', 70);
|
|
|
|
|
} else {
|
|
|
|
|
html_print_input_text_extended('titulo', $titulo, '', '', 70, '', false, '', 'readonly');
|
2007-02-05 18:45:14 +01:00
|
|
|
}
|
2008-09-19 18:08:59 +02:00
|
|
|
|
2012-08-17 13:39:25 +02:00
|
|
|
echo '</td>
|
|
|
|
|
</tr>';
|
2008-09-19 18:08:59 +02:00
|
|
|
|
2012-08-17 13:39:25 +02:00
|
|
|
echo '<tr>
|
|
|
|
|
<td class="datos2"><b>'.__('Opened at').'</b></td>
|
2019-01-30 16:18:44 +01:00
|
|
|
<td class="datos2"><i>'.date($config['date_format'], $inicio).'</i></td>
|
2012-08-17 13:39:25 +02:00
|
|
|
<td class="datos2"><b>'.__('Updated at').'</b></td>
|
2019-01-30 16:18:44 +01:00
|
|
|
<td class="datos2"><i>'.date($config['date_format'], $actualizacion).'</i></td>
|
2012-08-17 13:39:25 +02:00
|
|
|
</tr>';
|
2008-09-19 18:08:59 +02:00
|
|
|
|
2012-08-17 13:39:25 +02:00
|
|
|
echo '<tr>
|
|
|
|
|
<td class="datos"><b>'.__('Owner').'</b></td>
|
|
|
|
|
<td class="datos">';
|
2008-09-19 18:08:59 +02:00
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
if ((check_acl($config['id_user'], $id_grupo, 'IM') == 1) or ($usuario == $config['id_user'])) {
|
|
|
|
|
html_print_select(users_get_info(), 'usuario_form', $usuario, '', 'SYSTEM', '', false, false, true, 'w135');
|
|
|
|
|
} else {
|
|
|
|
|
html_print_select(users_get_info(), 'usuario_form', $usuario, '', 'SYSTEM', '', false, false, true, 'w135', true);
|
2007-04-18 23:45:03 +02:00
|
|
|
}
|
2019-01-30 16:18:44 +01:00
|
|
|
|
2012-08-17 13:39:25 +02:00
|
|
|
echo '</td>
|
|
|
|
|
<td class="datos"><b>'.__('Status').'</b></td>
|
|
|
|
|
<td class="datos">';
|
2007-02-05 18:45:14 +01:00
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
if ((check_acl($config['id_user'], $id_grupo, 'IM') == 1) or ($usuario == $config['id_user'])) {
|
|
|
|
|
html_print_select(incidents_get_status(), 'estado_form', $estado, '', '', '', false, false, false, 'w135');
|
|
|
|
|
} else {
|
|
|
|
|
html_print_select(incidents_get_status(), 'estado_form', $estado, '', '', '', false, false, false, 'w135', true);
|
2007-02-05 18:45:14 +01:00
|
|
|
}
|
2019-01-30 16:18:44 +01:00
|
|
|
|
2012-08-17 13:39:25 +02:00
|
|
|
echo '</td>
|
|
|
|
|
</tr>';
|
2008-09-19 18:08:59 +02:00
|
|
|
|
2012-08-17 13:39:25 +02:00
|
|
|
echo '<tr>
|
|
|
|
|
<td class="datos2"><b>'.__('Source').'</b></td>
|
|
|
|
|
<td class="datos2">';
|
2007-02-05 18:45:14 +01:00
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
$fields = [];
|
|
|
|
|
$return = db_get_all_rows_sql('SELECT origen FROM torigen ORDER BY origen');
|
|
|
|
|
if ($return === false) {
|
|
|
|
|
$return[0] = $estado;
|
|
|
|
|
// Something must be displayed
|
|
|
|
|
}
|
2008-09-19 18:08:59 +02:00
|
|
|
|
|
|
|
|
foreach ($return as $row) {
|
2019-01-30 16:18:44 +01:00
|
|
|
$fields[$row['origen']] = $row['origen'];
|
2008-09-19 18:08:59 +02:00
|
|
|
}
|
2007-02-05 18:45:14 +01:00
|
|
|
|
|
|
|
|
// Only owner could change source or user with Incident management privileges
|
2019-01-30 16:18:44 +01:00
|
|
|
if ((check_acl($config['id_user'], $id_grupo, 'IM') == 1) or ($usuario == $config['id_user'])) {
|
|
|
|
|
html_print_select($fields, 'origen_form', $origen, '', '', '', false, false, false, 'w135');
|
|
|
|
|
} else {
|
|
|
|
|
html_print_select($fields, 'origen_form', $origen, '', '', '', false, false, false, 'w135', true);
|
2007-04-18 23:45:03 +02:00
|
|
|
}
|
2019-01-30 16:18:44 +01:00
|
|
|
|
2008-09-19 18:08:59 +02:00
|
|
|
echo '</td><td class="datos2"><b>'.__('Group').'</b></td><td class="datos2">';
|
2007-02-05 18:45:14 +01:00
|
|
|
|
|
|
|
|
// Group combo
|
2019-01-30 16:18:44 +01:00
|
|
|
if ((check_acl($config['id_user'], $id_grupo, 'IM') == 1) or ($usuario == $config['id_user'])) {
|
|
|
|
|
html_print_select_groups($config['id_user'], 'IR', true, 'grupo_form', $id_grupo, '', '', '', false, false, false, 'w135');
|
|
|
|
|
} else {
|
|
|
|
|
html_print_select_groups($config['id_user'], 'IR', true, 'grupo_form', $id_grupo, '', '', '', false, false, true, 'w135', true);
|
2007-02-05 18:45:14 +01:00
|
|
|
}
|
|
|
|
|
|
2008-09-19 18:08:59 +02:00
|
|
|
echo '</td></tr><tr><td class="datos"><b>'.__('Priority').'</b></td><td class="datos">';
|
|
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
if ((check_acl($config['id_user'], $id_grupo, 'IM') == 1) or ($usuario == $config['id_user'])) {
|
|
|
|
|
html_print_select(incidents_get_priorities(), 'prioridad_form', $prioridad, '', '', '', false, false, false, 'w135');
|
|
|
|
|
} else {
|
|
|
|
|
html_print_select(incidents_get_priorities(), 'prioridad_form', $prioridad, '', '', '', false, false, false, 'w135', true);
|
2007-04-18 23:45:03 +02:00
|
|
|
}
|
2007-02-05 18:45:14 +01:00
|
|
|
|
2008-09-19 18:08:59 +02:00
|
|
|
echo '</td><td class="datos"><b>'.__('Creator').'</b></td><td class="datos">';
|
2019-01-30 16:18:44 +01:00
|
|
|
if (empty($id_creator)) {
|
|
|
|
|
echo 'SYSTEM';
|
|
|
|
|
} else {
|
|
|
|
|
echo $id_creator.' (<i>'.get_user_fullname($id_creator).'</i>)';
|
2007-02-05 18:45:14 +01:00
|
|
|
}
|
|
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
$agents_incidents = agents_get_agents(false, ['id_agente', 'nombre']);
|
2012-01-23 18:01:00 +01:00
|
|
|
|
2012-02-28 17:08:30 +01:00
|
|
|
if ($agents_incidents === false) {
|
2019-01-30 16:18:44 +01:00
|
|
|
$agents_incidents = [];
|
2012-01-23 18:01:00 +01:00
|
|
|
}
|
|
|
|
|
|
2012-02-28 17:08:30 +01:00
|
|
|
foreach ($agents_incidents as $agent_incident) {
|
2019-01-30 16:18:44 +01:00
|
|
|
$result_agent_incidents[$agent_incident['id_agente']] = $agent_incident['nombre'];
|
2012-01-23 18:01:00 +01:00
|
|
|
}
|
|
|
|
|
|
2012-09-12 17:53:58 +02:00
|
|
|
echo '</td>';
|
|
|
|
|
echo '</tr>';
|
|
|
|
|
|
|
|
|
|
echo '<tr>';
|
2019-01-30 16:18:44 +01:00
|
|
|
echo '<td class="datos"><b>'.__('Agent').'</b></td>';
|
2012-09-12 17:53:58 +02:00
|
|
|
echo '<td class="datos">';
|
2019-01-30 16:18:44 +01:00
|
|
|
$params = [];
|
2012-09-12 17:53:58 +02:00
|
|
|
$params['show_helptip'] = true;
|
|
|
|
|
$params['input_name'] = 'agent';
|
2019-01-30 16:18:44 +01:00
|
|
|
$params['value'] = db_get_value('alias', 'tagente', 'id_agente', $id_agent);
|
2012-09-12 17:53:58 +02:00
|
|
|
$params['print_hidden_input_idagent'] = true;
|
|
|
|
|
$params['hidden_input_idagent_value'] = $id_agent;
|
|
|
|
|
$params['hidden_input_idagent_name'] = 'id_agent';
|
|
|
|
|
ui_print_agent_autocomplete_input($params);
|
|
|
|
|
echo '</td>';
|
|
|
|
|
echo '</tr>';
|
|
|
|
|
echo '<tr><td class="datos2" colspan="4">';
|
2007-02-05 18:45:14 +01:00
|
|
|
|
2019-01-30 16:18:44 +01:00
|
|
|
if ((check_acl($config['id_user'], $id_grupo, 'IM') == 1) or ($usuario == $config['id_user'])) {
|
|
|
|
|
html_print_textarea('descripcion', 15, 80, $texto, 'style="height:200px;"');
|
|
|
|
|
} else {
|
|
|
|
|
html_print_textarea('descripcion', 15, 80, $texto, 'style="height:200px;" disabled');
|
2007-04-18 23:45:03 +02:00
|
|
|
}
|
2007-02-05 18:45:14 +01:00
|
|
|
|
2015-06-26 08:49:51 +02:00
|
|
|
echo '</td></tr></table><div style="width: 100%; text-align:right;">';
|
2009-11-27 Sancho lerena <slerena@artica.es>
* operation/menu.php: User section has no ACL check, always can be seen.
* index.php: Added suppor for user-defined custom language (this code was
on my disk for 3 months, pending to be commited!).
* include/functions_db.php,
* include/functions_agents.php,
* godmode/alerts/alert_list.php,
* godmode/agentes/modificar_agente.php,
* godmode/agentes/configurar_agente.php: Added audit calls to several
management operations who don't have or have insufficient audit info.
* godmode/users/configure_user.php: Fixed several annoyings bugs. Added
custom language support, and added more audit info on management operations.
* godmode/users/user_list.php: More audit info.
* include/config_process.php: Add new debug option to render error log to
/pandora_console.log. Also set timezone if not defined (this makes warnings
on several PHP 5.x setups). Added user custom language support.
* include/functions_events.php: More audit info. Fixed problems with HTML
encoding render.
* functions_io.php: Some cleaning.
* include/functions_messages.php: Fixed problems with HTML
encoding render.
* functions_ui.php: Fixed problems with HTML encoding render in
print_string_substr() function.
* auth/mysql.php: is_user_admin() functions seems to be broken ¿?¿!. Fixed.
* styles/pandora.css: removed green colored left border in default style.
* message.php, incident*: Fixed problems with HTML encoding render.
* user.php: Better ACL check before let user to view/edit another user.
* user_edit: Removed some un-used form fields, some arrangements in layout,
and FIXED forever problems with password change (new code written).
* users/user_statistics.php: Now user can see its own audit records.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@2139 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-11-27 21:02:12 +01:00
|
|
|
|
2007-02-05 18:45:14 +01:00
|
|
|
// Only if user is the used who opened incident or (s)he is admin
|
2019-01-30 16:18:44 +01:00
|
|
|
if (isset($id_inc) and ((check_acl($config['id_user'], $id_grupo, 'IM') == 1) or ($usuario == $config['id_user']))) {
|
|
|
|
|
html_print_submit_button(__('Update incident'), 'accion', false, 'class="sub upd"');
|
|
|
|
|
} else if (check_acl($config['id_user'], $id_grupo, 'IW')) {
|
|
|
|
|
html_print_submit_button(__('Create'), 'accion', false, 'class="sub wand"');
|
|
|
|
|
} else {
|
|
|
|
|
html_print_submit_button(__('Submit'), 'accion', true, 'class="sub upd"');
|
2012-07-24 Miguel de Dios <miguel.dedios@artica.es>
* godmode/setup/file_manager.php, godmode/setup/news.php,
godmode/users/configure_user.php, godmode/users/user_list.php,
godmode/massive/massive_copy_modules.php,
godmode/massive/massive_enable_disable_alerts.php,
godmode/massive/massive_delete_action_alerts.php,
godmode/massive/massive_delete_alerts.php,
godmode/modules/manage_network_templates_form.php,
godmode/modules/manage_nc_groups.php,
godmode/modules/manage_nc_groups_form.php,
godmode/modules/manage_network_templates.php,
godmode/netflow/nf_edit.php, godmode/netflow/nf_edit_form.php,
godmode/netflow/nf_item_list.php,
godmode/netflow/nf_report_item.php, godmode/netflow/nf.php,
operation/incidents/incident.php,
operation/incidents/incident_detail.php,
operation/agentes/estado_agente.php, operation/agentes/sla_view.php,
operation/agentes/tactical.php,
operation/agentes/estado_generalagente.php,
operation/snmpconsole/snmp_view.php, operation/users/user_edit.php,
operation/integria_incidents/incident_detail.php,
operation/gis_maps/index.php, operation/events/events_list.php,
operation/events/events.php, operation/messages/message_edit.php,
operation/messages/message_list.php,
operation/reporting/graph_viewer.php, operation/search_reports.php,
operation/netflow/nf_view.php: cleaned source code.
* godmode/massive/massive_operations.php,
godmode/massive/massive_edit_modules.php: fixed the massive edition
of "any" module in agents.
Fixes: #3543484
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@6806 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2012-07-24 18:38:48 +02:00
|
|
|
}
|
2019-01-30 16:18:44 +01:00
|
|
|
|
|
|
|
|
echo '</div></form>';
|
|
|
|
|
|
|
|
|
|
// If we're actually working on an incident
|
|
|
|
|
if (isset($id_inc)) {
|
|
|
|
|
// ******************************************************************
|
|
|
|
|
// Notes
|
|
|
|
|
// ******************************************************************
|
|
|
|
|
echo '<div>';
|
|
|
|
|
|
|
|
|
|
echo '<a class="note_control" href="#">';
|
|
|
|
|
echo html_print_image('images/add.png', true);
|
|
|
|
|
echo __('Add note');
|
|
|
|
|
echo '</a>';
|
|
|
|
|
echo '</div><div>';
|
|
|
|
|
echo '<form id="add_note" name="nota" method="POST" action="index.php?sec=workspace&sec2=operation/incidents/incident_detail&insertar_nota=1&id='.$id_inc.'"><h4>'.__('Add note').'</h4>';
|
|
|
|
|
|
|
|
|
|
echo '<table cellpadding="4" cellspacing="4" class="databox" width="100%">
|
2008-11-10 18:35:27 +01:00
|
|
|
<tr><td class="datos2"><textarea name="nota" rows="5" cols="70" style="height: 100px;"></textarea></td>
|
|
|
|
|
<td valign="bottom"><input name="addnote" type="submit" class="sub wand" value="'.__('Add').'"></td></tr>
|
|
|
|
|
</table></form></div><div>';
|
2019-01-30 16:18:44 +01:00
|
|
|
|
|
|
|
|
$result = incidents_get_notes($id_inc);
|
|
|
|
|
|
|
|
|
|
$table->cellpadding = 4;
|
|
|
|
|
$table->cellspacing = 4;
|
|
|
|
|
$table->class = 'databox';
|
|
|
|
|
$table->width = '98%';
|
|
|
|
|
$table->data = [];
|
|
|
|
|
$table->head = [];
|
|
|
|
|
|
|
|
|
|
foreach ($result as $row) {
|
|
|
|
|
$data = [];
|
|
|
|
|
$data[0] = html_print_image('images/page_white_text.png', true, ['border' => '0']);
|
|
|
|
|
$data[1] = __('Author').': '.ui_print_username($row['id_usuario'], true).' ('.ui_print_timestamp($row['timestamp'], true).')';
|
|
|
|
|
array_push($table->data, $data);
|
|
|
|
|
|
|
|
|
|
$data = [];
|
|
|
|
|
$data[0] = '';
|
|
|
|
|
if ((check_acl($config['id_user'], $id_grupo, 'IM') == 1) or ($row['id_usuario'] == $config['id_user'])) {
|
|
|
|
|
$data[0] .= html_print_input_image('delete_nota', 'images/cross.png', $row['id_nota'], 'border:0px;" onClick="if (!confirm(\' '.__('Are you sure?').'\')) return false;', true);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$data[1] = $row['nota'];
|
|
|
|
|
array_push($table->data, $data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!empty($table->data)) {
|
|
|
|
|
echo '<h4>'.__('Notes attached to incident').'</h4>';
|
|
|
|
|
echo '<form method="POST" action="index.php?sec=workspace&sec2=operation/incidents/incident_detail&id='.$id_inc.'">';
|
|
|
|
|
html_print_table($table);
|
|
|
|
|
echo '</form>';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
unset($table);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// ******************************************************************
|
|
|
|
|
// Files attached to this incident
|
|
|
|
|
// ******************************************************************
|
|
|
|
|
$result = incidents_get_attach($id_inc);
|
|
|
|
|
|
|
|
|
|
$table->cellpadding = 4;
|
|
|
|
|
$table->cellspacing = 4;
|
|
|
|
|
$table->class = 'databox';
|
|
|
|
|
$table->width = '98%';
|
|
|
|
|
$table->head = [];
|
|
|
|
|
$table->data = [];
|
|
|
|
|
|
|
|
|
|
$table->head[0] = __('Filename');
|
|
|
|
|
$table->head[1] = __('Description');
|
|
|
|
|
$table->head[2] = __('Size');
|
|
|
|
|
$table->head[3] = __('Delete');
|
|
|
|
|
|
|
|
|
|
$table->align[2] = 'center';
|
|
|
|
|
$table->align[3] = 'center';
|
|
|
|
|
|
|
|
|
|
foreach ($result as $row) {
|
|
|
|
|
if (file_exists($config['homedir'].'/attachment/pand'.$row['id_attachment'].'_'.io_safe_output($row['filename']).'.zip')) {
|
|
|
|
|
$url = 'attachment/pand'.$row['id_attachment'].'_'.io_safe_output($row['filename']).'.zip';
|
|
|
|
|
} else {
|
|
|
|
|
$url = 'attachment/pand'.$row['id_attachment'].'_'.io_safe_output($row['filename']);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$data[0] = html_print_image('images/disk.png', true, ['border' => '0', 'align' => 'top']).' <a target="_new" href="'.$url.'"><b>'.$row['filename'].'</b></a>';
|
|
|
|
|
$data[1] = $row['description'];
|
|
|
|
|
$data[2] = format_for_graph($row['size']).'B';
|
|
|
|
|
if ((check_acl($config['id_user'], $id_grupo, 'IM') == 1) or ($usuario == $config['id_user'])) {
|
|
|
|
|
$data[3] = html_print_input_image('delete_file', 'images/cross.png', $row['id_attachment'], 'border:0px;" onClick="if (!confirm(\' '.__('Are you sure?').'\')) return false;', true);
|
|
|
|
|
} else {
|
|
|
|
|
$data[3] = '';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
array_push($table->data, $data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!empty($table->data)) {
|
|
|
|
|
echo '<h4>'.__('Attached files').'</h4>';
|
|
|
|
|
echo '<form method="POST" action="index.php?sec=workspace&sec2=operation/incidents/incident_detail&id='.$id_inc.'">';
|
|
|
|
|
html_print_table($table);
|
|
|
|
|
echo '</form>';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
unset($table);
|
|
|
|
|
|
|
|
|
|
// ******************************************************************
|
|
|
|
|
// Upload control
|
|
|
|
|
// ******************************************************************
|
|
|
|
|
// Upload control
|
|
|
|
|
if ((check_acl($config['id_user'], $id_grupo, 'IW') == 1)) {
|
|
|
|
|
echo '<div>';
|
|
|
|
|
echo '<a class="attachment" href="#">';
|
|
|
|
|
echo html_print_image('images/add.png', true);
|
|
|
|
|
echo __('Add attachment');
|
|
|
|
|
echo '</a>';
|
|
|
|
|
echo '</div>';
|
|
|
|
|
|
|
|
|
|
echo '<div><form method="post" id="file_control" action="index.php?sec=workspace&sec2=operation/incidents/incident_detail&id='.$id_inc.'&upload_file=1" enctype="multipart/form-data"><h4>'.__('Add attachment').'</h4>';
|
|
|
|
|
echo '<table cellpadding="4" cellspacing="3" class="databox" width="98%">
|
2008-12-10 21:15:38 +01:00
|
|
|
<tr><td class="datos">'.__('Filename').'</td><td class="datos"><input type="file" name="userfile" value="userfile" class="sub" size="40" /></td></tr>
|
|
|
|
|
<tr><td class="datos2">'.__('Description').'</td><td class="datos2" colspan="3"><input type="text" name="file_description" size="47"></td></tr>
|
2010-07-18 13:13:38 +02:00
|
|
|
<tr><td colspan="2" style="text-align: right;"> <input type="submit" name="upload" value="'.__('Upload').'" class="sub wand"></td></tr>
|
2008-12-10 21:15:38 +01:00
|
|
|
</table></form></div>';
|
2019-01-30 16:18:44 +01:00
|
|
|
}
|
2008-09-19 18:08:59 +02:00
|
|
|
}
|
