pandorafms/pandora_console/index.php

1681 lines
57 KiB
PHP
Raw Normal View History

<?php
2022-06-16 13:02:49 +02:00
2019-07-02 16:22:23 +02:00
/**
* Index.
*
* @category Main entrypoint.
* @package Pandora FMS
* @subpackage Opensource.
* @version 1.0.0
* @license See below
*
* ______ ___ _______ _______ ________
2023-06-08 12:42:10 +02:00
* | __ \.-----.--.--.--| |.-----.----.-----. | ___| | | __|
* | __/| _ | | _ || _ | _| _ | | ___| |__ |
2019-07-02 16:22:23 +02:00
* |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______|
*
* ============================================================================
2023-06-08 11:53:13 +02:00
* Copyright (c) 2005-2023 Pandora FMS
2023-06-08 13:19:01 +02:00
* Please see https://pandorafms.com/community/ for full contribution list
2019-07-02 16:22:23 +02:00
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation for version 2.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* ============================================================================
*/
2019-07-02 16:22:23 +02:00
// Begin.
if (defined('__PAN_XHPROF__') === false) {
define('__PAN_XHPROF__', 0);
}
2018-11-13 12:55:25 +01:00
2023-01-26 16:00:08 +01:00
// Needed for InfoBox count.
if (isset($_SESSION['info_box_count']) === true) {
$_SESSION['info_box_count'] = 0;
}
2019-07-02 16:22:23 +02:00
// Set character encoding to UTF-8
// fixes a lot of multibyte character issues.
if (function_exists('mb_internal_encoding') === true) {
mb_internal_encoding('UTF-8');
}
// Set to 1 to do not check for installer or config file (for development!).
2019-07-02 16:22:23 +02:00
// Activate gives more error information, not useful for production sites.
$develop_bypass = 0;
if ($develop_bypass !== 1) {
2019-07-02 16:22:23 +02:00
// If no config file, automatically try to install.
if (file_exists('include/config.php') === false) {
if (file_exists('install.php') === false) {
$url = explode('/', $_SERVER['REQUEST_URI']);
$flag_url = 0;
foreach ($url as $key => $value) {
if (strpos($value, 'index.php') !== false || $flag_url) {
$flag_url = 1;
unset($url[$key]);
} else if (strpos($value, 'enterprise') !== false || $flag_url) {
$flag_url = 1;
unset($url[$key]);
}
}
$config['homeurl'] = rtrim(join('/', $url), '/');
$config['homeurl_static'] = $config['homeurl'];
$login_screen = 'error_noconfig';
$ownDir = dirname(__FILE__).DIRECTORY_SEPARATOR;
$config['homedir'] = $ownDir;
include 'general/error_screen.php';
exit;
} else {
include 'install.php';
exit;
}
}
if (filesize('include/config.php') == 0) {
include 'install.php';
exit;
}
if (isset($_POST['rename_file']) === true) {
$rename_file_install = (bool) $_POST['rename_file'];
if ($rename_file_install === true) {
$salida_rename = rename('install.php', 'install_old.php');
}
}
2019-07-02 16:22:23 +02:00
// Check installer presence.
if (file_exists('install.php') === true) {
$login_screen = 'error_install';
include 'general/error_screen.php';
exit;
}
2019-07-02 16:22:23 +02:00
// Check perms for config.php.
if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
if ((substr(sprintf('%o', fileperms('include/config.php')), -4) !== '0600')
&& (substr(sprintf('%o', fileperms('include/config.php')), -4) !== '0660')
&& (substr(sprintf('%o', fileperms('include/config.php')), -4) !== '0640')
) {
$url = explode('/', $_SERVER['REQUEST_URI']);
$flag_url = 0;
foreach ($url as $key => $value) {
if (strpos($value, 'index.php') !== false || $flag_url) {
$flag_url = 1;
unset($url[$key]);
} else if (strpos($value, 'enterprise') !== false || $flag_url) {
$flag_url = 1;
unset($url[$key]);
}
}
$config['homeurl'] = rtrim(join('/', $url), '/');
$config['homeurl_static'] = $config['homeurl'];
$ownDir = dirname(__FILE__).DIRECTORY_SEPARATOR;
$config['homedir'] = $ownDir;
$login_screen = 'error_perms';
include 'general/error_screen.php';
exit;
}
}
}
if ((file_exists('include/config.php') === false)
|| (is_readable('include/config.php') === false)
2019-07-02 16:22:23 +02:00
) {
$login_screen = 'error_noconfig';
include 'general/error_screen.php';
exit;
}
require 'vendor/autoload.php';
if (__PAN_XHPROF__ === 1) {
if (function_exists('tideways_xhprof_enable') === true) {
tideways_xhprof_enable();
} else {
error_log('Cannot find tideways_xhprof_enable function');
}
}
2019-07-02 16:22:23 +02:00
/*
* DO NOT CHANGE ORDER OF FOLLOWING REQUIRES.
*/
require_once 'include/config.php';
require_once 'include/functions_config.php';
if (isset($config['console_log_enabled']) === true && (int) $config['console_log_enabled'] === 1) {
ini_set('log_errors', 1);
ini_set('error_log', $config['homedir'].'/log/console.log');
} else {
ini_set('log_errors', 0);
2022-01-26 17:34:56 +01:00
ini_set('error_log', '');
}
if (isset($config['error']) === true) {
$login_screen = $config['error'];
include 'general/error_screen.php';
exit;
}
2019-07-02 16:22:23 +02:00
// If metaconsole activated, redirect to it.
if (is_metaconsole() === true) {
header('Location: '.ui_get_full_url('index.php'));
2019-07-02 16:22:23 +02:00
// Always exit after sending location headers.
exit;
}
if (file_exists(ENTERPRISE_DIR.'/include/functions_login.php') === true) {
include_once ENTERPRISE_DIR.'/include/functions_login.php';
}
if (empty($config['https']) === false && empty($_SERVER['HTTPS']) === true) {
$query = '';
if (count($_REQUEST) > 0) {
2019-07-02 16:22:23 +02:00
// Some (old) browsers don't like the ?&key=var.
$query .= '?1=1';
}
2019-07-02 16:22:23 +02:00
// We don't clean these variables up as they're only being passed along.
foreach ($_GET as $key => $value) {
if ($key == 1) {
continue;
}
$query .= '&'.$key.'='.$value;
}
foreach ($_POST as $key => $value) {
$query .= '&'.$key.'='.$value;
}
$url = ui_get_full_url($query);
// Prevent HTTP response splitting attacks
2019-07-02 16:22:23 +02:00
// http://en.wikipedia.org/wiki/HTTP_response_splitting.
$url = str_replace("\n", '', $url);
header('Location: '.$url);
2019-07-02 16:22:23 +02:00
// Always exit after sending location headers.
exit;
}
2008-07-02 Esteban Sanchez <estebans@artica.es> * general/logon_ok.php: Style correction. * include/languages/language_en.php: Added a couple of strings. * include/styles/pandora.css: Container div has now variable width, so Pandora console is wider now. * include/config.php: Replaced default values from last commit. Change homeurl variable, which now points to base url directory. * include/config_process.php: Style correction. Use pandora functions and indent the code properly. * reporting/fgraph.php, include/functions.php, ajax.php: Use require_once instead of require which speeds up the code parsing. * index.php: Use require_once instead of require which speeds up the code parsing. Add all GET and POST variables when refreshing a page. Style corrections. Use $_SERVER instead getenv. * include/functions_db.php: Avoid including config.php and use global instead. Replaced some id_user with the respective variable holds in config array. Replaced SQL syntax, removed an undeclared variable and renamed to english in event_insert(). Renamed return_moduledata_*_value() to get_agent_module_value_*(). Fixed an error in the sumatory when the module is incremental. * include/functions_reporting.php: Renamed return_module_SLA() to get_agent_module_sla(). * include/functions_reporting_pdf.php: Tabs and blankspaces correction. Style correction. Added new reports rendering, and fixed images references. Removed old and deprecated functions. * operation/agentes/networkmap.php: Style correction. * operation/agentes/sla_view.php, reporting/stat_win.php: Use renamed functions. * operation/reporting/reporting_viewer.php: Table reports width are now wider. Fixed some colspan problems. Generate custom graph ids better. Added agent and module name to SLAs. Style correction in the use of rowclass structure since now each content has its own table. * operation/reporting/custom_reporting.php: Removed unused variable for PDF reporting generation link. * operation/reporting/reporting_viewer_pdf.php: Rewrite the code to make style corrections and use pandora functions. * operation/menu.php: Tabs and blankspaces correction. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@916 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2008-07-02 14:30:56 +02:00
// Pure mode (without menu, header and footer).
$config['pure'] = (bool) get_parameter('pure');
2008-06-13 Sancho Lerena <slerena@gmail.com> * index.php: Added pure (Fullscreen). HTML code cleanup and user session. * pandoradb.sql: talert_snmp: Added priority field. * pandoradb_data.sql: Changes default values in talerta. tconfig_os, tgrupo and some links. * header.php: Fixed some user session management. * logon_ok.php: New design for welcome screen, odometer is over. * menu.php, godmode/menu.php: Some ACL improvements. * agent_disk_conf_editor.php: Minor fix in view link. * configurar_agente.php, agent_manager.php: Added parent combo and better ACL checks. New remote configuration control for get timestamp info of config file. * modify_alert.php: Changes to use new internal Mail alert. * config.php: Some items moved to config_process. (font, attachment and default style). * functions.php: Added form_agent_combo(), form_event_type_combo(), form_priority() and return_priority() functions. * functions_db.php: Added smal_event_table() to render a variable table with latest events (filtered). * pandora.css. Added pure and priority colors. * estado_alertas.php: Fixed ACL problems. * stado_generalagente.php: Graph of modules now represents modules that has generated events. Old graph is not used anymore. Also display parent. * estado_grupo.php: Border of boxes is now thicker. * tactical.php: New screen, almost all code changed. Odometer is not used anymore, added some new items, like module LAG meter, module sanity, and other general metrics. * ver_agente.php: Now renders also event for each agent view. Alert manual validation generate a new event. * events.php: New event system. 90% new code. A LOT of new features, including full screen, coloured (by priority) and filters by six fields. * snmp_alert.php: Added support for alert priority. * operation/users/user.php: No longer a user with UM privileges could see any other user. * render_view.php: Added fullscreen support for visual maps. * fgraph.php: Added support for session checking in graphs (at least!). New graphics for events (some changed it's function like events by group), and feature added to progress GD implementation. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@860 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2008-06-13 18:59:54 +02:00
// Auto Refresh page (can now be disabled anywhere in the script).
if (get_parameter('refr') != null) {
$config['refr'] = (int) get_parameter('refr');
}
// Get possible errors with files.
$errorFileOutput = (string) get_parameter('errorFileOutput');
$delete_file = get_parameter('del_file');
if ($delete_file === 'yes_delete') {
$salida_delete = shell_exec('rm /var/www/html/pandora_console/install.php');
}
ob_start();
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'."\n";
echo '<html xmlns="http://www.w3.org/1999/xhtml">'."\n";
echo '<head>'."\n";
2009-03-03 Esteban Sanchez <estebans@artica.es> * general/main_menu.php: Operation and godmode menus files includes now the dependant files. * godmode/agentes/modificar_agente.php: Removed unnecessary require() * godmode/alerts/alert_list.php: Avoid notice for undefined index when calling max(). Added option to delete the template. * godmode/alerts/configure_alert_template.php, godmode/alerts/alert_templates.php: Fixed field2_recovery and field3_recovery updating. * operation/menu.php, godmode/menu.php: Require functions_menu.php. * include/config_process.php: Updated build version. * include/functions.php: Keep time in a static variable on get_system_time(). * include/functions_db.php: Now a custom operation can be passed to format_array_to_where_clause_sql() if the field key is numeric. * include/functions_reporting.php: Return float value on get_agentmodule_sla(). Added required files. * include/functions_ui.php: Show template name on format_alert_row(). Style correction. * operation/agentes/export_csv.php: Style correction. * operation/events/export_csv.php: Use pandora functions to fetch results. Fixed auth part. Style correction. * operation/reporting/custom_reporting.php: Fixed enterprise include. * operation/reporting/reporting_xml.php: Fixed auth part. * index.php: process_page_head() may looked for uninitialized $config["refr"]. * include/styles/pandora_width.css: Fixed style for ol.steps git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1500 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-03-03 16:21:13 +01:00
2019-07-02 16:22:23 +02:00
// This starts the page head. In the callback function,
// $page['head'] array content will be processed into the head.
ob_start('ui_process_page_head');
2019-07-02 16:22:23 +02:00
// Enterprise main.
2020-10-19 10:59:46 +02:00
enterprise_include_once('index.php');
// Load event.css to display the about section dialog with correct styles.
echo '<link rel="stylesheet" href="'.ui_get_full_url('/include/styles/events.css', false, false, false).'?v='.$config['current_package'].'" type="text/css" />';
2016-06-27 11:13:34 +02:00
echo '<script type="text/javascript">';
2022-06-16 13:02:49 +02:00
echo 'var dispositivo = navigator.userAgent.toLowerCase();';
echo 'if( dispositivo.search(/iphone|ipod|ipad|android/) > -1 ){';
echo 'document.location = "'.ui_get_full_url('/mobile').'"; }';
2016-06-27 11:13:34 +02:00
echo '</script>';
// This tag is included in the buffer passed to ui_process_page_head so
2019-07-02 16:22:23 +02:00
// technically it can be stripped.
echo '</head>'."\n";
require_once 'include/functions_themes.php';
ob_start('ui_process_page_body');
2023-03-03 14:16:06 +01:00
ui_require_javascript_file('pandora');
$config['remote_addr'] = $_SERVER['REMOTE_ADDR'];
$sec2 = get_parameter_get('sec2');
$sec2 = safe_url_extraclean($sec2);
$page = $sec2;
2019-07-02 16:22:23 +02:00
// Reference variable for old time sake.
$sec = get_parameter_get('sec');
$sec = safe_url_extraclean($sec);
2021-05-21 13:59:54 +02:00
// CSRF Validation.
$validatedCSRF = validate_csrf_code();
$process_login = false;
2019-07-02 16:22:23 +02:00
// Update user password.
$change_pass = (int) get_parameter_post('renew_password');
if ($change_pass === 1) {
$password_old = (string) get_parameter_post('old_password', '');
$password_new = (string) get_parameter_post('new_password', '');
$password_confirm = (string) get_parameter_post('confirm_new_password', '');
$id = (string) get_parameter_post('login', '');
$changed_pass = login_update_password_check($password_old, $password_new, $password_confirm, $id);
}
$minor_release_message = false;
$searchPage = false;
$search = get_parameter_get('head_search_keywords');
if (strlen($search) > 0) {
$config['search_keywords'] = io_safe_input(trim(io_safe_output(get_parameter('keywords'))));
2019-07-02 16:22:23 +02:00
// If not search category providad, we'll use an agent search.
$config['search_category'] = get_parameter('search_category', 'all');
if (($config['search_keywords'] !== 'Enter keywords to search') && (strlen($config['search_keywords']) > 0)) {
$searchPage = true;
}
}
2019-07-02 16:22:23 +02:00
// Login process.
enterprise_include_once('include/auth/saml.php');
if (isset($config['id_user']) === false) {
// Clear error messages.
unset($_COOKIE['errormsg']);
2023-07-26 14:18:20 +02:00
setcookie('errormsg', '', -1);
if (isset($_GET['login']) === true) {
include_once 'include/functions_db.php';
2019-07-02 16:22:23 +02:00
// Include it to use escape_string_sql function.
$config['auth_error'] = '';
2019-07-02 16:22:23 +02:00
// Set this to the error message from the authorization mechanism.
$nick = get_parameter_post('nick');
2019-07-02 16:22:23 +02:00
// This is the variable with the login.
$pass = get_parameter_post('pass');
2019-07-02 16:22:23 +02:00
// This is the variable with the password.
$nick = db_escape_string_sql($nick);
$pass = db_escape_string_sql($pass);
2019-07-02 16:22:23 +02:00
// Since now, only the $pass variable are needed.
unset($_GET['pass'], $_POST['pass'], $_REQUEST['pass']);
2022-09-12 12:41:09 +02:00
// IP allowed check.
$user_info = users_get_user_by_id($nick);
if ((bool) $user_info['allowed_ip_active'] === true) {
$userIP = $_SERVER['REMOTE_ADDR'];
2022-09-12 18:29:58 +02:00
$allowedIP = false;
$arrayIP = explode(',', $user_info['allowed_ip_list']);
// By default, if the IP definition is no correct, allows all.
if (empty($arrayIP) === true) {
$allowedIP = true;
} else {
$allowedIP = checkIPInRange($arrayIP, $userIP);
}
if ($allowedIP === false) {
2022-09-12 12:41:09 +02:00
$config['auth_error'] = 'IP not allowed';
$login_failed = true;
include_once 'general/login_page.php';
db_pandora_audit(
AUDIT_LOG_USER_REGISTRATION,
sprintf(
'IP %s not allowed for user %s',
$userIP,
$nick
),
2022-09-29 17:46:39 +02:00
$nick
2022-09-12 12:41:09 +02:00
);
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
}
2019-07-02 16:22:23 +02:00
// If the auth_code exists, we assume the user has come from
// double authorization page.
if (isset($_POST['auth_code']) === true) {
$double_auth_success = false;
2019-07-02 16:22:23 +02:00
// The double authentication is activated and the user has
// surpassed the first step (the login).
// Now the authentication code provided will be checked.
if (isset($_SESSION['prepared_login_da']) === true) {
if (isset($_SESSION['prepared_login_da']['id_user']) === true
&& isset($_SESSION['prepared_login_da']['timestamp']) === true
) {
2019-07-02 16:22:23 +02:00
// The user has a maximum of 5 minutes to introduce
// the double auth code.
$dauth_period = SECONDS_2MINUTES;
$now = time();
$dauth_time = $_SESSION['prepared_login_da']['timestamp'];
if (($now - $dauth_period) < $dauth_time) {
2019-07-02 16:22:23 +02:00
// Nick.
$nick = $_SESSION['prepared_login_da']['id_user'];
2019-07-02 16:22:23 +02:00
// Code.
$code = (string) get_parameter_post('auth_code');
2021-05-21 13:59:54 +02:00
if (empty($code) === false) {
$result = validate_double_auth_code($nick, $code);
if ($result === true) {
2019-07-02 16:22:23 +02:00
// Double auth success.
$double_auth_success = true;
} else {
2019-07-02 16:22:23 +02:00
// Screen.
$login_screen = 'double_auth';
2019-07-02 16:22:23 +02:00
// Error message.
$config['auth_error'] = __('Invalid code');
2021-05-21 13:59:54 +02:00
if (isset($_SESSION['prepared_login_da']['attempts']) === false) {
$_SESSION['prepared_login_da']['attempts'] = 0;
}
$_SESSION['prepared_login_da']['attempts']++;
}
} else {
2019-07-02 16:22:23 +02:00
// Screen.
$login_screen = 'double_auth';
2019-07-02 16:22:23 +02:00
// Error message.
$config['auth_error'] = __("The code shouldn't be empty");
if (isset($_SESSION['prepared_login_da']['attempts']) !== false) {
$_SESSION['prepared_login_da']['attempts'] = 0;
}
$_SESSION['prepared_login_da']['attempts']++;
}
} else {
2019-07-02 16:22:23 +02:00
// Expired login.
unset($_SESSION['prepared_login_da']);
2019-07-02 16:22:23 +02:00
// Error message.
$config['auth_error'] = __('Expired login');
}
} else {
2019-07-02 16:22:23 +02:00
// If the code doesn't exist, remove the prepared login.
unset($_SESSION['prepared_login_da']);
2019-07-02 16:22:23 +02:00
// Error message.
$config['auth_error'] = __('Login error');
}
2019-07-02 16:22:23 +02:00
} else {
// If $_SESSION['prepared_login_da'] doesn't exist, the user
// must login again.
// Error message.
$config['auth_error'] = __('Login error');
}
2019-07-02 16:22:23 +02:00
// Remove the authenticator code.
unset($_POST['auth_code'], $code);
if (!$double_auth_success) {
2023-01-19 14:44:30 +01:00
$config['auth_error'] = __('Double auth error');
$login_failed = true;
include_once 'general/login_page.php';
db_pandora_audit(
2022-01-20 10:55:23 +01:00
AUDIT_LOG_USER_REGISTRATION,
'Invalid double auth login: '.$_SERVER['REMOTE_ADDR'],
$_SERVER['REMOTE_ADDR']
);
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
}
$login_button_saml = get_parameter('login_button_saml', false);
2020-10-06 17:02:58 +02:00
config_update_value('2Fa_auth', '');
if (isset($double_auth_success) && $double_auth_success) {
2019-07-02 16:22:23 +02:00
// This values are true cause there are checked before complete
// the 2nd auth step.
$nick_in_db = $_SESSION['prepared_login_da']['id_user'];
$expired_pass = false;
} else if (($config['auth'] === 'saml') && ($login_button_saml)) {
2020-10-19 10:59:46 +02:00
$saml_user_id = enterprise_hook('saml_process_user_login');
2019-07-09 18:13:46 +02:00
if (!$saml_user_id) {
2023-01-19 14:44:30 +01:00
$config['auth_error'] = __('saml error');
2020-10-19 19:00:00 +02:00
$login_failed = true;
include_once 'general/login_page.php';
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
2020-10-19 19:00:00 +02:00
}
2019-07-09 18:13:46 +02:00
2020-10-19 19:00:00 +02:00
exit('</html>');
}
2019-07-09 18:13:46 +02:00
$nick_in_db = $saml_user_id;
if (!$nick_in_db) {
2020-10-19 17:42:50 +02:00
if ($config['auth'] === 'saml') {
enterprise_hook('saml_logout');
2020-10-16 14:00:38 +02:00
}
2020-10-19 17:42:50 +02:00
2020-10-19 18:51:18 +02:00
if (session_status() !== PHP_SESSION_NONE) {
$_SESSION = [];
session_destroy();
header_remove('Set-Cookie');
setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/');
}
2020-10-19 17:42:50 +02:00
// Process logout.
include 'general/logoff.php';
}
2022-01-11 13:10:47 +01:00
$validatedCSRF = true;
} else {
// process_user_login is a virtual function which should be defined in each auth file.
// It accepts username and password. The rest should be internal to the auth file.
// The auth file can set $config["auth_error"] to an informative error output or reference their internal error messages to it
// process_user_login should return false in case of errors or invalid login, the nickname if correct.
$nick_in_db = process_user_login($nick, $pass);
$expired_pass = false;
if (($nick_in_db != false) && ((!is_user_admin($nick)
|| $config['enable_pass_policy_admin']))
&& (file_exists(ENTERPRISE_DIR.'/load_enterprise.php'))
&& ($config['enable_pass_policy'])
) {
include_once ENTERPRISE_DIR.'/include/auth/mysql.php';
$blocked = login_check_blocked($nick);
if ($blocked) {
include_once 'general/login_page.php';
2022-01-20 10:55:23 +01:00
db_pandora_audit(
AUDIT_LOG_USER_MANAGEMENT,
'Password expired: '.$nick,
$nick
);
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
2019-07-02 16:22:23 +02:00
// Checks if password has expired.
$check_status = check_pass_status($nick, $pass);
switch ($check_status) {
case PASSSWORD_POLICIES_FIRST_CHANGE:
2019-07-02 16:22:23 +02:00
// First change.
case PASSSWORD_POLICIES_EXPIRED:
2019-07-02 16:22:23 +02:00
// Pass expired.
$expired_pass = true;
login_change_password($nick, '', $check_status);
break;
2019-07-02 16:22:23 +02:00
default:
// Ignore.
break;
}
}
}
2021-05-21 13:59:54 +02:00
// CSRF Validation not pass in login.
if ($validatedCSRF === false) {
$process_error_message = __(
'%s cannot verify the origin of the request. Try again, please.',
get_product_name()
);
include_once 'general/login_page.php';
// Finish the execution.
exit('</html>');
}
if (($nick_in_db !== false) && $expired_pass) {
2019-07-02 16:22:23 +02:00
// Login ok and password has expired.
include_once 'general/login_page.php';
db_pandora_audit(
2022-01-20 10:55:23 +01:00
AUDIT_LOG_USER_MANAGEMENT,
'Password expired: '.$nick,
$nick
);
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
} else if (($nick_in_db !== false) && (!$expired_pass)) {
2019-07-02 16:22:23 +02:00
// Login ok and password has not expired.
// Double auth check.
if ((!isset($double_auth_success)
|| !$double_auth_success)
&& is_double_auth_enabled($nick_in_db)
2022-09-22 08:59:39 +02:00
&& (bool) $config['double_auth_enabled'] === true
2019-07-02 16:22:23 +02:00
) {
// Store this values in the session to know if the user login
// was correct.
$_SESSION['prepared_login_da'] = [
'id_user' => $nick_in_db,
'timestamp' => time(),
'attempts' => 0,
];
2019-07-02 16:22:23 +02:00
// Load the page to introduce the double auth code.
$login_screen = 'double_auth';
include_once 'general/login_page.php';
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
2019-07-02 16:22:23 +02:00
// Login ok and password has not expired.
$process_login = true;
if (is_user_admin($nick)) {
echo "<script type='text/javascript'>var process_login_ok = 1;</script>";
} else {
echo "<script type='text/javascript'>var process_login_ok = 0;</script>";
}
if (!isset($_GET['sec2']) && !isset($_GET['sec'])) {
// Avoid the show homepage when the user go to
// a specific section of pandora
2019-07-02 16:22:23 +02:00
// for example when timeout the sesion.
unset($_GET['sec2']);
$_GET['sec'] = 'general/logon_ok';
$home_page = '';
if (isset($nick)) {
$user_info = users_get_user_by_id($nick);
$home_page = io_safe_output($user_info['section']);
$home_url = $user_info['data_section'];
if ($home_page != '') {
switch ($home_page) {
2023-06-28 15:09:21 +02:00
case 'event_list':
$_GET['sec'] = 'eventos';
$_GET['sec2'] = 'operation/events/events';
break;
2023-06-28 15:09:21 +02:00
case 'group_view':
$_GET['sec'] = 'view';
$_GET['sec2'] = 'operation/agentes/group_view';
break;
2023-06-28 15:09:21 +02:00
case 'alert_detail':
$_GET['sec'] = 'view';
$_GET['sec2'] = 'operation/agentes/alerts_status';
break;
2023-06-28 15:09:21 +02:00
case 'tactical_view':
$_GET['sec'] = 'view';
$_GET['sec2'] = 'operation/agentes/tactical';
break;
2023-06-28 15:09:21 +02:00
case 'default':
2019-07-02 16:22:23 +02:00
default:
$_GET['sec'] = 'general/logon_ok';
break;
2023-06-28 15:09:21 +02:00
case 'dashboard':
$_GET['sec'] = 'reporting';
2020-03-26 12:29:38 +01:00
$_GET['sec2'] = 'operation/dashboard/dashboard';
$_GET['id_dashboard_select'] = $home_url;
$_GET['d_from_main_page'] = 1;
break;
2023-06-28 15:09:21 +02:00
case 'visual_console':
$_GET['sec'] = 'network';
$_GET['sec2'] = 'operation/visual_console/index';
break;
2023-06-28 15:09:21 +02:00
case 'other':
$home_url = io_safe_output($home_url);
$url_array = parse_url($home_url);
parse_str($url_array['query'], $res);
foreach ($res as $key => $param) {
$_GET[$key] = $param;
}
break;
}
} else {
$_GET['sec'] = 'general/logon_ok';
}
}
}
if (is_reporting_console_node() === true) {
$_GET['sec'] = 'discovery';
$_GET['sec2'] = 'godmode/servers/discovery';
$_GET['wiz'] = 'tasklist';
$home_page = '';
}
db_logon($nick_in_db, $_SERVER['REMOTE_ADDR']);
$_SESSION['id_usuario'] = $nick_in_db;
$config['id_user'] = $nick_in_db;
config_prepare_expire_time_session(true);
2019-07-02 16:22:23 +02:00
// Check if connection goes through F5 balancer. If it does, then
// don't call config_prepare_session() or user will be back to login
// all the time.
$prepare_session = true;
foreach ($_COOKIE as $key => $value) {
if (preg_match('/BIGipServer*/', $key)) {
$prepare_session = false;
2019-07-02 16:22:23 +02:00
break;
}
}
if ($prepare_session) {
2021-02-09 10:25:08 +01:00
config_prepare_session();
}
// ==========================================================
// -------- SET THE CUSTOM CONFIGS OF USER ------------------
config_user_set_custom_config();
// ==========================================================
// Remove everything that might have to do with people's passwords or logins
unset($pass, $login_good);
$user_language = get_user_language($config['id_user']);
$l10n = null;
2022-01-20 10:55:23 +01:00
if (file_exists('./include/languages/'.$user_language.'.mo') === true) {
2019-07-02 16:22:23 +02:00
$cacheFileReader = new CachedFileReader(
'./include/languages/'.$user_language.'.mo'
);
$l10n = new gettext_reader($cacheFileReader);
$l10n->load_tables();
}
} else {
2019-07-02 16:22:23 +02:00
// Login wrong.
$blocked = false;
2022-01-20 10:55:23 +01:00
if ((is_user_admin($nick) === false || (bool) $config['enable_pass_policy_admin'] === true)
&& file_exists(ENTERPRISE_DIR.'/load_enterprise.php') === true
2019-07-02 16:22:23 +02:00
) {
$blocked = login_check_blocked($nick);
}
2022-01-20 10:55:23 +01:00
if ((bool) $blocked === false) {
if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php') === true) {
2019-07-02 16:22:23 +02:00
// Checks failed attempts.
login_check_failed($nick);
}
$login_failed = true;
2022-01-20 10:55:23 +01:00
}
2022-01-20 10:55:23 +01:00
include_once 'general/login_page.php';
db_pandora_audit(
AUDIT_LOG_USER_REGISTRATION,
'Invalid login: '.$nick,
$nick
);
2022-01-20 10:55:23 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
2022-01-20 10:55:23 +01:00
exit('</html>');
}
2019-07-02 16:22:23 +02:00
// Form the url.
$query_params_redirect = $_GET;
2019-07-02 16:22:23 +02:00
// Visual console do not want sec2.
2023-06-28 15:09:21 +02:00
if ($home_page === 'visual_console') {
unset($query_params_redirect['sec2']);
}
2020-06-11 17:49:28 +02:00
// Dashboard do not want sec2.
2023-06-28 15:09:21 +02:00
if ($home_page === 'dashboard') {
2020-06-11 17:49:28 +02:00
unset($query_params_redirect['sec2']);
}
$redirect_url = '?logged=1';
foreach ($query_params_redirect as $key => $value) {
2022-01-20 10:55:23 +01:00
if ($key === 'login') {
continue;
}
$redirect_url .= '&'.safe_url_extraclean($key).'='.safe_url_extraclean($value);
}
2020-10-06 17:02:58 +02:00
$double_auth_enabled = (bool) db_get_value('id', 'tuser_double_auth', 'id_user', $config['id_user']);
2019-07-02 16:22:23 +02:00
header('Location: '.ui_get_full_url('index.php'.$redirect_url));
exit;
// Always exit after sending location headers.
} else if (isset($_GET['loginhash']) === true || isset($_POST['loginhash']) === true) {
2019-07-02 16:22:23 +02:00
// Hash login process.
$loginhash_data = get_parameter('loginhash_data', '');
$loginhash_user = str_rot13(get_parameter('loginhash_user', ''));
2019-07-02 16:22:23 +02:00
if ($config['loginhash_pwd'] != ''
&& $loginhash_data == md5(
$loginhash_user.io_output_password($config['loginhash_pwd'])
)
) {
db_logon($loginhash_user, $_SERVER['REMOTE_ADDR']);
$_SESSION['id_usuario'] = $loginhash_user;
$config['id_user'] = $loginhash_user;
} else {
include_once 'general/login_page.php';
2022-01-20 10:55:23 +01:00
db_pandora_audit(
AUDIT_LOG_USER_REGISTRATION,
'Loginhash failed',
'system'
);
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
2020-10-19 10:59:46 +02:00
} else if (isset($_GET['bye']) === false) {
// There is no user connected.
if ($config['enterprise_installed']) {
enterprise_include_once('include/functions_reset_pass.php');
}
2021-05-21 13:59:54 +02:00
// Boolean parameters.
2022-06-16 13:02:49 +02:00
$correct_pass_change = (bool) get_parameter('correct_pass_change', false);
$reset = (bool) get_parameter('reset', false);
$first = (bool) get_parameter('first', false);
2021-05-21 13:59:54 +02:00
// Strings.
$reset_hash = get_parameter('reset_hash');
$pass1 = get_parameter_post('pass1');
$pass2 = get_parameter_post('pass2');
$id_user = get_parameter_post('id_user');
$db_reset_pass_entry = false;
2021-05-21 13:59:54 +02:00
if (empty($reset_hash) === false) {
2020-10-27 10:28:42 +01:00
$hash_data = explode(':::', $reset_hash);
$id_user = $hash_data[0];
$codified_hash = $hash_data[1];
$db_reset_pass_entry = db_get_value_filter('reset_time', 'treset_pass', ['id_user' => $id_user, 'cod_hash' => $id_user.':::'.$codified_hash]);
}
2021-05-21 13:59:54 +02:00
if ($correct_pass_change === true
&& empty($pass1) === false
&& empty($pass2) === false
&& empty($id_user) === false
&& $db_reset_pass_entry !== false
) {
// The CSRF does not be validated.
if ($validatedCSRF === false) {
$process_error_message = __(
'%s cannot verify the origin of the request. Try again, please.',
get_product_name()
);
include_once 'general/login_page.php';
// Finish the execution.
exit('</html>');
} else {
delete_reset_pass_entry($id_user);
$correct_reset_pass_process = '';
$process_error_message = '';
2020-10-27 10:28:42 +01:00
2021-05-21 13:59:54 +02:00
if ($pass1 === $pass2) {
$res = update_user_password($id_user, $pass1);
if ($res) {
db_process_sql_insert(
'tsesion',
[
'id_sesion' => '',
'id_usuario' => $id_user,
'ip_origen' => $_SERVER['REMOTE_ADDR'],
'accion' => 'Reset&#x20;change',
'descripcion' => 'Successful reset password process ',
'fecha' => date('Y-m-d H:i:s'),
'utimestamp' => time(),
]
);
2021-05-21 13:59:54 +02:00
$correct_reset_pass_process = __('Password changed successfully');
2021-05-21 13:59:54 +02:00
register_pass_change_try($id_user, 1);
} else {
register_pass_change_try($id_user, 0);
2021-05-21 13:59:54 +02:00
$process_error_message = __('Failed to change password');
}
} else {
register_pass_change_try($id_user, 0);
2021-05-21 13:59:54 +02:00
$process_error_message = __('Passwords must be the same');
}
2021-05-21 13:59:54 +02:00
include_once 'general/login_page.php';
}
} else {
2021-05-21 13:59:54 +02:00
if (empty($reset_hash) === false) {
$process_error_message = '';
if ($db_reset_pass_entry) {
if (($db_reset_pass_entry + SECONDS_2HOUR) < time()) {
register_pass_change_try($id_user, 0);
$process_error_message = __('Too much time since password change request');
include_once 'general/login_page.php';
} else {
include_once 'enterprise/include/process_reset_pass.php';
}
} else {
register_pass_change_try($id_user, 0);
$process_error_message = __('This user has not requested a password change');
include_once 'general/login_page.php';
}
} else {
2021-05-21 13:59:54 +02:00
if ($reset === false) {
include_once 'general/login_page.php';
} else {
2021-05-21 13:59:54 +02:00
$user_reset_pass = get_parameter('user_reset_pass');
$error = '';
$mail = '';
$show_error = false;
2021-05-21 13:59:54 +02:00
if ($first === false) {
// The CSRF does not be validated.
if ($validatedCSRF === false) {
$process_error_message = __(
'%s cannot verify the origin of the request. Try again, please.',
get_product_name()
);
include_once 'general/login_page.php';
// Finish the execution.
exit('</html>');
}
if (empty($user_reset_pass) === true) {
$reset = false;
$error = __('Id user cannot be empty');
$show_error = true;
} else {
$check_user = check_user_id($user_reset_pass);
2021-05-21 13:59:54 +02:00
if ($check_user === false) {
$reset = false;
register_pass_change_try($user_reset_pass, 0);
$error = __('Error in reset password request');
$show_error = true;
} else {
$check_mail = check_user_have_mail($user_reset_pass);
if (!$check_mail) {
$reset = false;
register_pass_change_try($user_reset_pass, 0);
$error = __('This user doesn\'t have a valid email address');
$show_error = true;
} else {
$mail = $check_mail;
}
}
}
$cod_hash = $user_reset_pass.'::::'.md5(rand(10, 1000000).rand(10, 1000000).rand(10, 1000000));
$subject = '['.io_safe_output(get_product_name()).'] '.__('Reset password');
$body = __('This is an automatically sent message for user ');
$body .= ' "<strong>'.$user_reset_pass.'"</strong>';
$body .= '<p />';
$body .= __('Please click the link below to reset your password');
$body .= '<p />';
2019-07-02 16:22:23 +02:00
$body .= '<a href="'.ui_get_full_url('index.php?reset_hash='.$cod_hash).'">'.__('Reset your password').'</a>';
$body .= '<p />';
$body .= get_product_name();
$body .= '<p />';
$body .= '<em>'.__('Please do not reply to this email.').'</em>';
2021-05-21 13:59:54 +02:00
$result = (bool) send_email_to_user($mail, $body, $subject);
2021-05-21 13:59:54 +02:00
if ($result === false) {
$process_error_message = __('Error at sending the email');
} else {
send_token_to_db($user_reset_pass, $cod_hash);
}
include_once 'general/login_page.php';
} else {
include_once 'enterprise/include/reset_pass.php';
}
}
}
}
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
} else {
if (isset($_GET['loginhash_data'])) {
$loginhash_data = get_parameter('loginhash_data', '');
$loginhash_user = str_rot13(get_parameter('loginhash_user', ''));
$iduser = $_SESSION['id_usuario'];
unset($_SESSION['id_usuario']);
unset($iduser);
2019-07-02 16:22:23 +02:00
if ($config['loginhash_pwd'] != ''
&& $loginhash_data == md5(
$loginhash_user.io_output_password($config['loginhash_pwd'])
)
) {
db_logon($loginhash_user, $_SERVER['REMOTE_ADDR']);
$_SESSION['id_usuario'] = $loginhash_user;
$config['id_user'] = $loginhash_user;
} else {
include_once 'general/login_page.php';
2022-01-20 10:55:23 +01:00
db_pandora_audit(
AUDIT_LOG_USER_REGISTRATION,
'Loginhash failed',
'system'
);
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
}
$user_in_db = db_get_row_filter(
'tusuario',
['id_user' => $config['id_user']],
'*'
);
if ($user_in_db == false) {
2019-07-02 16:22:23 +02:00
// Logout.
$_REQUEST = [];
$_GET = [];
$_POST = [];
$config['auth_error'] = __("User doesn\'t exist.");
$iduser = $_SESSION['id_usuario'];
unset($_SESSION['id_usuario']);
unset($iduser);
include_once 'general/login_page.php';
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
} else {
if (((bool) $user_in_db['is_admin'] === false)
2022-06-16 13:02:49 +02:00
&& ((bool) $user_in_db['not_login'] === true
|| (is_metaconsole() === false
&& has_metaconsole() === true
&& is_management_allowed() === false
&& (bool) $user_in_db['metaconsole_access_node'] === false))
) {
2019-07-02 16:22:23 +02:00
// Logout.
$_REQUEST = [];
$_GET = [];
$_POST = [];
$config['auth_error'] = __('User only can use the API.');
$iduser = $_SESSION['id_usuario'];
unset($_SESSION['id_usuario']);
unset($iduser);
$login_screen = 'disabled_access_node';
include_once 'general/login_page.php';
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
} else {
if ($config['auth'] === 'saml') {
enterprise_hook('saml_login_status_verifier');
}
}
}
}
2023-06-16 11:50:52 +02:00
if ((bool) ($config['maintenance_mode'] ?? false) === true
&& is_user_admin($config['id_user']) === false
) {
// Show maintenance web-page. For non-admin users only.
include $config['homedir'].'/general/maintenance.php';
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
if ((bool) ($config['maintenance_mode'] ?? false) === true
&& $page !== 'advanced/command_center'
&& $page !== 'godmode/update_manager/update_manager'
2023-06-16 11:50:52 +02:00
&& is_user_admin($config['id_user']) === true
) {
// Prevent access to metaconsole if not merged.
include 'general/admin_maintenance_mode.php';
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
2019-07-02 16:22:23 +02:00
// Enterprise support.
if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php')) {
include_once ENTERPRISE_DIR.'/load_enterprise.php';
}
2019-07-02 16:22:23 +02:00
// Log off.
if (isset($_GET['bye'])) {
$iduser = $_SESSION['id_usuario'];
2020-10-19 10:59:46 +02:00
if ($config['auth'] === 'saml') {
2020-10-19 17:42:50 +02:00
enterprise_hook('saml_logout');
2020-10-16 16:41:42 +02:00
}
$_SESSION = [];
session_destroy();
header_remove('Set-Cookie');
setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/');
generate_csrf_code();
2020-10-19 10:59:46 +02:00
// Process logout.
include 'general/logoff.php';
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
2008-07-02 Esteban Sanchez <estebans@artica.es> * general/logon_ok.php: Style correction. * include/languages/language_en.php: Added a couple of strings. * include/styles/pandora.css: Container div has now variable width, so Pandora console is wider now. * include/config.php: Replaced default values from last commit. Change homeurl variable, which now points to base url directory. * include/config_process.php: Style correction. Use pandora functions and indent the code properly. * reporting/fgraph.php, include/functions.php, ajax.php: Use require_once instead of require which speeds up the code parsing. * index.php: Use require_once instead of require which speeds up the code parsing. Add all GET and POST variables when refreshing a page. Style corrections. Use $_SERVER instead getenv. * include/functions_db.php: Avoid including config.php and use global instead. Replaced some id_user with the respective variable holds in config array. Replaced SQL syntax, removed an undeclared variable and renamed to english in event_insert(). Renamed return_moduledata_*_value() to get_agent_module_value_*(). Fixed an error in the sumatory when the module is incremental. * include/functions_reporting.php: Renamed return_module_SLA() to get_agent_module_sla(). * include/functions_reporting_pdf.php: Tabs and blankspaces correction. Style correction. Added new reports rendering, and fixed images references. Removed old and deprecated functions. * operation/agentes/networkmap.php: Style correction. * operation/agentes/sla_view.php, reporting/stat_win.php: Use renamed functions. * operation/reporting/reporting_viewer.php: Table reports width are now wider. Fixed some colspan problems. Generate custom graph ids better. Added agent and module name to SLAs. Style correction in the use of rowclass structure since now each content has its own table. * operation/reporting/custom_reporting.php: Removed unused variable for PDF reporting generation link. * operation/reporting/reporting_viewer_pdf.php: Rewrite the code to make style corrections and use pandora functions. * operation/menu.php: Tabs and blankspaces correction. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@916 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2008-07-02 14:30:56 +02:00
clear_pandora_error_for_header();
2022-01-11 12:08:41 +01:00
if ((bool) ($config['node_deactivated'] ?? false) === true) {
2021-07-19 13:47:43 +02:00
// Prevent access node if not merged.
include 'general/node_deactivated.php';
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
2022-01-11 12:08:41 +01:00
if ((bool) ($config['maintenance_mode'] ?? false) === true
2021-07-19 13:47:43 +02:00
&& (bool) users_is_admin() === false
) {
// Show maintenance web-page. For non-admin users only.
include 'general/maintenance.php';
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
if (is_reporting_console_node() === true
&& (bool) users_is_admin() === false
) {
include 'general/reporting_console_node.php';
exit;
}
/*
2019-07-02 16:22:23 +02:00
* ----------------------------------------------------------------------
2021-02-09 10:25:08 +01:00
* EXTENSIONS
* ----------------------------------------------------------------------
*
* Load the basic configurations of extension and add extensions into menu.
* Load here, because if not, some extensions not load well, I don't why.
*/
$config['logged'] = false;
extensions_load_extensions($process_login);
if ($process_login) {
2019-07-02 16:22:23 +02:00
// Call all extensions login function.
extensions_call_login_function();
unset($_SESSION['new_update']);
include_once 'include/functions_update_manager.php';
if ($config['autoupdate'] == 1) {
$result = update_manager_check_updates_available();
if ($result) {
$_SESSION['new_update'] = 'new';
}
}
$config['logged'] = true;
}
require_once 'general/register.php';
if (get_parameter('login', 0) !== 0) {
if ((!isset($config['skip_login_help_dialog']) || $config['skip_login_help_dialog'] == 0)
&& $display_previous_popup === false
&& $config['initial_wizard'] == 1
) {
include_once 'general/login_help_dialog.php';
}
$php_version = phpversion();
$php_version_array = explode('.', $php_version);
if ($php_version_array[0] < 7) {
2022-11-22 16:31:09 +01:00
include_once 'general/php_message.php';
}
}
2022-01-11 12:08:41 +01:00
if ((bool) ($config['maintenance_mode'] ?? false) === true
&& (bool) users_is_admin() === false
) {
// Show maintenance web-page. For non-admin users only.
include 'general/maintenance.php';
while (ob_get_length() > 0) {
ob_end_flush();
}
exit('</html>');
}
// Pure.
if ($config['pure'] == 0) {
// Menu container prepared to autohide menu.
$menuCollapsed = (isset($_SESSION['menu_type']) === true && $_SESSION['menu_type'] !== 'classic');
$menuTypeClass = ($menuCollapsed === true) ? 'collapsed' : 'classic';
// Container.
echo '<div id="container">';
2023-03-08 19:25:25 +01:00
// Notifications content wrapper
echo '<div id="notification-content" class="invisible"/></div>';
// Header.
echo '<div id="head">';
include 'general/header.php';
echo '</div>';
// Main menu.
echo sprintf('<div id="page" class="page_%s">', $menuTypeClass);
echo '<div id="menu">';
include 'general/main_menu.php';
2023-03-03 14:16:06 +01:00
echo html_print_go_top();
} else {
echo '<div id="main_pure">';
2019-07-02 16:22:23 +02:00
// Require menu only to build structure to use it in ACLs.
include 'operation/menu.php';
include 'godmode/menu.php';
}
if (has_metaconsole() === true
&& (bool) $config['centralized_management'] === true
) {
$MR = (float) $config['MR'];
// Node attached to a metaconsole.
$server_id = $config['metaconsole_node_id'];
// Connect to meta.
metaconsole_load_external_db(
[
'dbhost' => $config['replication_dbhost'],
'dbuser' => $config['replication_dbuser'],
'dbpass' => io_output_password($config['replication_dbpass']),
'dbname' => $config['replication_dbname'],
]
);
$metaMR = (float) db_get_value(
'value',
'tconfig',
'token',
'MR',
false,
false
);
// Return connection to node.
metaconsole_restore_db();
if ($MR !== $metaMR) {
$err = '<div id="err_msg_centralised">'.html_print_image(
'/images/warning_modern.png',
true
);
$err .= '<div>'.__(
'Metaconsole MR (%d) is different than this one (%d)',
$metaMR,
$MR
);
$err .= '<br>';
$err .= __('Please keep all environment updated to same version.');
$err .= '</div>';
?>
<script type="text/javascript">
2022-06-16 13:02:49 +02:00
$(document).ready(function() {
infoMessage({
title: '<?php echo __('Warning'); ?>',
text: '<?php echo $err; ?>',
simple: true,
})
})
</script>
<?php
}
}
2019-07-02 16:22:23 +02:00
/*
* Session locking concurrency speedup!
2021-02-09 10:25:08 +01:00
* http://es2.php.net/manual/en/ref.session.php#64525
2019-07-02 16:22:23 +02:00
*/
session_write_close();
2019-07-02 16:22:23 +02:00
// Main block of content.
if ($config['pure'] == 0) {
echo '<div id="main">';
}
2008-06-13 Sancho Lerena <slerena@gmail.com> * index.php: Added pure (Fullscreen). HTML code cleanup and user session. * pandoradb.sql: talert_snmp: Added priority field. * pandoradb_data.sql: Changes default values in talerta. tconfig_os, tgrupo and some links. * header.php: Fixed some user session management. * logon_ok.php: New design for welcome screen, odometer is over. * menu.php, godmode/menu.php: Some ACL improvements. * agent_disk_conf_editor.php: Minor fix in view link. * configurar_agente.php, agent_manager.php: Added parent combo and better ACL checks. New remote configuration control for get timestamp info of config file. * modify_alert.php: Changes to use new internal Mail alert. * config.php: Some items moved to config_process. (font, attachment and default style). * functions.php: Added form_agent_combo(), form_event_type_combo(), form_priority() and return_priority() functions. * functions_db.php: Added smal_event_table() to render a variable table with latest events (filtered). * pandora.css. Added pure and priority colors. * estado_alertas.php: Fixed ACL problems. * stado_generalagente.php: Graph of modules now represents modules that has generated events. Old graph is not used anymore. Also display parent. * estado_grupo.php: Border of boxes is now thicker. * tactical.php: New screen, almost all code changed. Odometer is not used anymore, added some new items, like module LAG meter, module sanity, and other general metrics. * ver_agente.php: Now renders also event for each agent view. Alert manual validation generate a new event. * events.php: New event system. 90% new code. A LOT of new features, including full screen, coloured (by priority) and filters by six fields. * snmp_alert.php: Added support for alert priority. * operation/users/user.php: No longer a user with UM privileges could see any other user. * render_view.php: Added fullscreen support for visual maps. * fgraph.php: Added support for session checking in graphs (at least!). New graphics for events (some changed it's function like events by group), and feature added to progress GD implementation. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@860 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2008-06-13 18:59:54 +02:00
if (is_reporting_console_node() === true) {
echo notify_reporting_console_node();
}
2019-07-02 16:22:23 +02:00
// Page loader / selector.
if ($searchPage) {
include 'operation/search_results.php';
} else {
if ($page != '') {
$main_sec = get_sec($sec);
if ($main_sec == false) {
if ($sec == 'extensions') {
$main_sec = get_parameter('extension_in_menu');
if (empty($main_sec) === true) {
$main_sec = $sec;
}
} else if ($sec == 'gextensions') {
2022-06-16 13:02:49 +02:00
$main_sec = get_parameter('extension_in_menu');
2020-08-24 10:16:25 +02:00
if (empty($main_sec) === true) {
$main_sec = $sec;
}
} else {
$main_sec = $sec;
}
$sec = $sec2;
$sec2 = '';
}
$tab = get_parameter('tab', '');
if (empty($tab) === true) {
$tab = get_parameter('wiz', '');
}
$acl_reporting_console_node = acl_reporting_console_node($page, $tab);
if ($acl_reporting_console_node === false) {
include 'general/reporting_console_node.php';
exit;
}
$page .= '.php';
2019-07-02 16:22:23 +02:00
// Enterprise ACL check.
if (enterprise_hook(
'enterprise_acl',
[
$config['id_user'],
$main_sec,
$sec,
true,
$sec2,
]
2023-04-12 11:46:26 +02:00
) == false
) {
include 'general/noaccess.php';
} else {
$sec = $main_sec;
if (file_exists($page) === true) {
if ((bool) extensions_is_extension($page) === false) {
try {
include_once $page;
} catch (Exception $e) {
ui_print_error_message(
$e->getMessage().' in '.$e->getFile().':'.$e->getLine()
);
}
} else {
if ($sec[0] == 'g') {
extensions_call_godmode_function(basename($page));
} else {
extensions_call_main_function(basename($page));
}
}
} else {
ui_print_error_message(__('Sorry! I can\'t find the page!'));
}
}
} else {
2019-07-02 16:22:23 +02:00
// Home screen chosen by the user.
$home_page = '';
2021-05-27 12:16:17 +02:00
if (isset($config['id_user']) === true) {
$user_info = users_get_user_by_id($config['id_user']);
$home_page = io_safe_output($user_info['section']);
$home_url = $user_info['data_section'];
}
if ($home_page != '') {
switch ($home_page) {
2023-06-28 15:09:21 +02:00
case 'event_list':
$_GET['sec'] = 'eventos';
$_GET['sec2'] = 'operation/events/events';
break;
2023-06-28 15:09:21 +02:00
case 'group_view':
$_GET['sec'] = 'view';
$_GET['sec2'] = 'operation/agentes/group_view';
break;
2023-06-28 15:09:21 +02:00
case 'alert_detail':
$_GET['sec'] = 'view';
$_GET['sec2'] = 'operation/agentes/alerts_status';
break;
2023-06-28 15:09:21 +02:00
case 'tactical_view':
$_GET['sec'] = 'view';
$_GET['sec2'] = 'operation/agentes/tactical';
break;
2023-06-28 15:09:21 +02:00
case 'default':
2019-07-02 16:22:23 +02:00
default:
$_GET['sec2'] = 'general/logon_ok';
break;
2023-06-28 15:09:21 +02:00
case 'dashboard':
2021-05-27 12:16:17 +02:00
$_GET['specialSec2'] = sprintf('operation/dashboard/dashboard&dashboardId=%s', $home_url);
$str = sprintf('sec=reporting&sec2=%s&d_from_main_page=1', $_GET['specialSec2']);
parse_str($str, $res);
foreach ($res as $key => $param) {
$_GET[$key] = $param;
}
break;
2023-06-28 15:09:21 +02:00
case 'visual_console':
$id_visualc = db_get_value('id', 'tlayout', 'name', $home_url);
if (($home_url == '') || ($id_visualc == false)) {
$str = 'sec=godmode/reporting/map_builder&sec2=godmode/reporting/map_builder';
} else {
$str = 'sec=network&sec2=operation/visual_console/render_view&id='.$id_visualc;
}
parse_str($str, $res);
foreach ($res as $key => $param) {
$_GET[$key] = $param;
}
break;
2023-06-28 15:09:21 +02:00
case 'other':
$home_url = io_safe_output($home_url);
$url_array = parse_url($home_url);
parse_str($url_array['query'], $res);
foreach ($res as $key => $param) {
$_GET[$key] = $param;
}
break;
2020-11-27 12:54:28 +01:00
2023-06-28 15:09:21 +02:00
case 'external_link':
2020-11-27 12:54:28 +01:00
$home_url = io_safe_output($home_url);
if (strlen($home_url) !== 0) {
echo '<script type="text/javascript">document.location="'.$home_url.'"</script>';
} else {
$_GET['sec2'] = 'general/logon_ok';
}
2020-11-27 12:54:28 +01:00
break;
}
2021-05-27 12:16:17 +02:00
if (isset($_GET['sec2']) === true) {
$file = $_GET['sec2'].'.php';
2020-01-22 17:20:13 +01:00
// Make file path absolute to prevent accessing remote files.
$file = __DIR__.'/'.$file;
2019-07-02 16:22:23 +02:00
// Translate some secs.
$main_sec = get_sec($_GET['sec']);
2019-07-02 16:22:23 +02:00
$_GET['sec'] = ($main_sec == false) ? $_GET['sec'] : $main_sec;
2020-01-22 17:20:13 +01:00
// Third condition is aimed to prevent from traversal attack.
2021-05-27 12:16:17 +02:00
if (file_exists($file) === false
2019-07-02 16:22:23 +02:00
|| ($_GET['sec2'] != 'general/logon_ok' && enterprise_hook(
'enterprise_acl',
[
$config['id_user'],
$_GET['sec'],
$_GET['sec2'],
true,
isset($_GET['sec3']) ? $_GET['sec3'] : '',
]
2020-01-22 17:20:13 +01:00
) == false
|| strpos(realpath($file), __DIR__) === false)
) {
unset($_GET['sec2']);
include 'general/noaccess.php';
} else {
include $file;
}
} else {
include 'general/noaccess.php';
}
} else {
include 'general/logon_ok.php';
}
}
}
if (__PAN_XHPROF__ === 1) {
echo "<span style='font-size: 0.8em;'>";
echo __('Page generated at').' ';
echo date('D F d, Y H:i:s', $time).'</span>';
echo ' - ( ';
pandora_xhprof_display_result('node_index');
echo ' )';
echo '</center>';
}
if ($config['pure'] == 0) {
// echo '<div id="both"></div>';
echo '</div>';
2019-07-02 16:22:23 +02:00
// Main.
// echo '<div id="both">&nbsp;</div>';
echo '</div>';
2019-07-02 16:22:23 +02:00
// Page (id = page).
} else {
echo '</div>';
2019-07-02 16:22:23 +02:00
// Main pure.
}
2022-06-16 13:02:49 +02:00
echo html_print_div(
['id' => 'wiz_container'],
true
);
2022-06-16 13:02:49 +02:00
echo html_print_div(
['id' => 'um_msg_receiver'],
true
);
echo html_print_input_hidden(
'flagEasternEgg',
$config['eastern_eggs_disabled'],
false,
'',
'',
'flagEasternEgg'
);
2020-06-19 23:03:37 +02:00
// Connection lost alert.
set_js_value('check_conexion_interval', $config['check_conexion_interval']);
set_js_value('title_conexion_interval', __('Connection with console has been lost'));
set_js_value('status_conexion_interval', __('Connection status: '));
ui_require_javascript_file('connection_check');
set_js_value('absolute_homeurl', ui_get_full_url(false, false, false, false));
$conn_title = __('Connection with console has been lost');
$conn_text = __('Connection to the console has been lost. Please check your internet connection.');
2023-03-13 19:30:51 +01:00
ui_print_message_dialog($conn_title, $conn_text, 'connection', '/images/fail@svg.svg');
2020-06-19 23:03:37 +02:00
if ($config['pure'] == 0) {
echo '</div>';
// Container div.
echo '</div>';
// echo '<div id="both"></div>';
2021-05-27 15:49:20 +02:00
echo '</div>';
}
2019-06-06 17:50:47 +02:00
// Clippy function.
require_once 'include/functions_clippy.php';
clippy_start($sec2);
2021-02-09 10:25:08 +01:00
while (ob_get_length() > 0) {
ob_end_flush();
}
db_print_database_debug();
2009-02-09 19:41:54 +01:00
echo '</html>';
$run_time = format_numeric((microtime(true) - $config['start_time']), 3);
2019-07-02 16:22:23 +02:00
echo "\n<!-- Page generated in ".$run_time." seconds -->\n";
2019-07-02 16:22:23 +02:00
// Values from PHP to be recovered from JAVASCRIPT.
require 'include/php_to_js_values.php';
?>
<script type="text/javascript" language="javascript">
2022-11-16 16:04:22 +01:00
// Handle the scroll.
$(document).ready(scrollFunction());
2019-07-02 16:22:23 +02:00
// When the user scrolls down 400px from the top of the document, show the
// button.
2022-06-16 13:02:49 +02:00
window.onscroll = function() {
scrollFunction()
};
2022-11-16 16:04:22 +01:00
window.onresize = function() {
scrollFunction()
};
2022-06-16 13:02:49 +02:00
function first_time_identification() {
jQuery.post("ajax.php", {
"page": "general/register",
"load_wizards": 'initial'
},
2022-06-16 13:02:49 +02:00
function(data) {
$('#wiz_container').empty()
.html(data);
run_configuration_wizard();
},
"html"
);
}
<?php if (empty($errorFileOutput) === false) : ?>
// There are one issue with the file that you trying to catch. Show a dialog with message.
$(document).ready(function() {
2022-06-29 10:20:17 +02:00
confirmDialog({
title: "<?php echo __('Error'); ?>",
message: "<?php echo io_safe_output($errorFileOutput); ?>",
hideCancelButton: true,
});
});
<?php endif; ?>
function show_modal(id) {
var match = /notification-(.*)-id-([0-9]+)/.exec(id);
if (!match) {
console.error(
"Cannot handle toast click event. Id not valid: ",
event.target.id
);
return;
}
2022-06-16 13:02:49 +02:00
jQuery.post("ajax.php", {
"page": "godmode/setup/setup_notifications",
"get_notification": 1,
"id": match[2]
},
2022-06-16 13:02:49 +02:00
function(data) {
notifications_hide();
try {
var json = JSON.parse(data);
$('#um_msg_receiver')
2022-06-16 13:02:49 +02:00
.empty()
.html(json.mensaje);
$('#um_msg_receiver').prop('title', json.subject);
2022-06-16 13:02:49 +02:00
// Launch modal.
$("#um_msg_receiver").dialog({
resizable: true,
draggable: true,
modal: true,
width: 800,
2022-06-16 16:19:33 +02:00
height: 600,
2022-06-16 13:02:49 +02:00
buttons: [{
text: "OK",
click: function() {
$(this).dialog("close");
}
2022-06-16 13:02:49 +02:00
}],
overlay: {
2022-06-16 13:02:49 +02:00
opacity: 0.5,
background: "black"
},
closeOnEscape: false,
2022-06-16 13:02:49 +02:00
open: function(event, ui) {
$(".ui-dialog-titlebar-close").hide();
}
});
$(".ui-widget-overlay").css("background", "#000");
$(".ui-widget-overlay").css("opacity", 0.6);
2023-07-06 13:15:45 +02:00
//$(".ui-draggable").css("cursor", "inherit");
} catch (error) {
console.log(error);
}
},
"html"
);
}
2023-01-26 16:00:08 +01:00
// Info messages action.
$(document).ready(function() {
var $autocloseTime = <?php echo ((int) $config['notification_autoclose_time'] * 1000); ?>;
var $listOfMessages = document.querySelectorAll('.info_box_autoclose');
$listOfMessages.forEach(
function(item) {
autoclose_info_box(item.id, $autocloseTime)
}
);
});
2023-02-20 15:16:27 +01:00
// Cog animations.
$(document).ready(function() {
$(".submitButton").click(function(){
$("#"+this.id+" > .subIcon.cog").addClass("rotation");
});
});
</script>