2009-05-01 17:01:52 +02:00
< ? php
2021-11-04 16:28:15 +01:00
// Pandora FMS - http://pandorafms.com
2009-06-08 20:26:14 +02:00
// ==================================================
2020-11-27 13:52:35 +01:00
// Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
2011-03-17 Raul Mateos <raulofpandora@gmail.com>
* extensions/dbmanager.php, extensions/pandora_logs.php, general/*.php,
index.php, ajax.php, operation/search_*.php, operation/menu.php,
operation/extensions.php, godmode/menu.php, godmode/extensions.php,
admin_access_logs.php: Cleaned code and updated page disclaimers.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4108 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-03-17 23:01:01 +01:00
// Please see http://pandorafms.org for full contribution list
2009-05-01 17:01:52 +02:00
// This program is free software; you can redistribute it and/or
2011-03-23 Raul Mateos <raulofpandora@gmail.com>
* extensions/ssh_console.php, extensions/vnc_view.php,
extensions/update_manager.php, extensions/users_connected.php,
extensions/extension_uploader.php, extensions/insert_data.php,
extensions/module_groups.php, extensions/plugin_registration.php,
extensions/agent_modules.php, extensions/resource_registration.php,
extensions/resource_exportation.php, extensions/dbmanager.php,
extensions/pandora_logs.php, general/*.php, ajax.php,
operation/search_*.php, operation/menu.php, operation/extensions.php,
godmode/menu.php, godmode/extensions.php, godmode/admin_access_logs.php:
CReverted unwanted license changes.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4126 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-03-23 17:13:28 +01:00
// modify it under the terms of the GNU General Public License
2011-03-17 Raul Mateos <raulofpandora@gmail.com>
* extensions/dbmanager.php, extensions/pandora_logs.php, general/*.php,
index.php, ajax.php, operation/search_*.php, operation/menu.php,
operation/extensions.php, godmode/menu.php, godmode/extensions.php,
admin_access_logs.php: Cleaned code and updated page disclaimers.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4108 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-03-17 23:01:01 +01:00
// as published by the Free Software Foundation; version 2
2009-05-01 17:01:52 +02:00
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
2011-03-17 Raul Mateos <raulofpandora@gmail.com>
* extensions/dbmanager.php, extensions/pandora_logs.php, general/*.php,
index.php, ajax.php, operation/search_*.php, operation/menu.php,
operation/extensions.php, godmode/menu.php, godmode/extensions.php,
admin_access_logs.php: Cleaned code and updated page disclaimers.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4108 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-03-17 23:01:01 +01:00
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2009-05-01 17:01:52 +02:00
// GNU General Public License for more details.
2022-02-04 15:14:32 +01:00
use PandoraFMS\Enterprise\Metaconsole\Node ;
2019-01-30 16:18:44 +01:00
function dbmanager_query ( $sql , & $error , $dbconnection )
{
global $config ;
$retval = [];
if ( $sql == '' ) {
return false ;
}
$sql = html_entity_decode ( $sql , ENT_QUOTES );
2019-12-20 14:18:48 +01:00
// Extract the text in quotes to add html entities before query db.
$patttern = '/(?:"|\')+([^"\']*)(?:"|\')+/m' ;
$sql = preg_replace_callback (
$patttern ,
function ( $matches ) {
return '"' . io_safe_input ( $matches [ 1 ]) . '"' ;
},
$sql
);
2019-01-30 16:18:44 +01:00
if ( $config [ 'mysqli' ]) {
$result = mysqli_query ( $dbconnection , $sql );
if ( $result === false ) {
$backtrace = debug_backtrace ();
$error = mysqli_error ( $dbconnection );
return false ;
}
}
if ( $result === true ) {
if ( $config [ 'mysqli' ]) {
return mysqli_affected_rows ( $dbconnection );
}
}
if ( $config [ 'mysqli' ]) {
while ( $row = mysqli_fetch_array ( $result , MYSQLI_ASSOC )) {
array_push ( $retval , $row );
}
}
if ( $config [ 'mysqli' ]) {
mysqli_free_result ( $result );
}
if ( ! empty ( $retval )) {
return $retval ;
}
2022-06-14 13:11:39 +02:00
// Return false, check with === or !== .
2019-01-30 16:18:44 +01:00
return 'Empty' ;
2009-05-02 01:41:09 +02:00
}
2009-05-01 17:01:52 +02:00
2019-01-30 16:18:44 +01:00
function dbmgr_extension_main ()
{
ui_require_css_file ( 'dbmanager' , 'extensions/dbmanager/' );
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
global $config ;
2018-10-04 17:17:39 +02:00
2022-02-04 15:14:32 +01:00
if ( is_metaconsole () === true ) {
open_meta_frame ();
}
2019-01-30 16:18:44 +01:00
if ( ! is_user_admin ( $config [ 'id_user' ])) {
2022-01-20 10:55:23 +01:00
db_pandora_audit (
AUDIT_LOG_ACL_VIOLATION ,
'Trying to access Setup Management'
);
2019-01-30 16:18:44 +01:00
include 'general/noaccess.php' ;
return ;
}
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
$sql = ( string ) get_parameter ( 'sql' );
2022-02-04 15:14:32 +01:00
$node_id = ( int ) get_parameter ( 'node_id' , - 1 );
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
ui_print_page_header ( __ ( 'Database interface' ), 'images/gm_db.png' , false , false , true );
2018-10-04 17:17:39 +02:00
2022-02-04 15:14:32 +01:00
if ( is_metaconsole () === true ) {
$img = '../../images/warning_modern.png' ;
} else {
$img = 'images/warning_modern.png' ;
}
$msg = '<div id="err_msg_centralised">' . html_print_image (
$img ,
true
);
$msg .= '<div>' . __ (
'Warning, you are accessing the database directly. You can leave the system inoperative if you run an inappropriate SQL statement'
) . '</div></div>' ;
$warning_message = ' < script type = " text/javascript " >
$ ( document ) . ready ( function () {
infoMessage ({
title : \ '' . __ ( 'Warning' ) . ' \ ' ,
text : \ '' . $msg . ' \ ' ,
simple : true ,
})
})
</ script > ' ;
if ( empty ( $sql ) === true ) {
echo $warning_message ;
}
echo " <form method='post' action=''> " ;
$table = new stdClass ();
$table -> id = 'db_interface' ;
$table -> class = 'databox' ;
$table -> width = '100%' ;
$table -> data = [];
$table -> head = [];
$table -> colspan = [];
$table -> rowstyle = [];
$table -> colspan [ 0 ][ 0 ] = 2 ;
$table -> colspan [ 1 ][ 0 ] = 2 ;
$table -> rowspan [ 2 ][ 0 ] = 3 ;
$table -> rowclass [ 0 ] = 'notify' ;
$table -> rowclass [ 3 ] = 'pdd_5px' ;
$table -> rowclass [ 3 ] = 'flex-content-right' ;
$table -> rowclass [ 4 ] = 'flex-content-right' ;
$data [ 0 ][ 0 ] = __ (
2019-01-30 16:18:44 +01:00
" This is an advanced extension to interface with %s database directly from WEB console
2018-05-14 17:51:10 +02:00
using native SQL sentences . Please note that < b > you can damage </ b > your % s installation
if you don ' t know </ b > exactly </ b > what are you are doing ,
this means that you can severily damage your setup using this extension .
This extension is intended to be used < b > only by experienced users </ b >
with a depth knowledge of % s internals . " ,
2019-01-30 16:18:44 +01:00
get_product_name (),
get_product_name (),
get_product_name ()
);
2018-10-04 17:17:39 +02:00
2022-02-04 15:14:32 +01:00
$data [ 1 ][ 0 ] = " Some samples of usage: <blockquote><em>SHOW STATUS;<br />DESCRIBE tagente<br />SELECT * FROM tserver<br />UPDATE tagente SET id_grupo = 15 WHERE nombre LIKE '%194.179%'</em></blockquote> " ;
$data [ 2 ][ 0 ] = html_print_textarea (
'sql' ,
5 ,
50 ,
html_entity_decode ( $sql , ENT_QUOTES ),
'' ,
true
);
if ( is_metaconsole () === true ) {
2022-06-14 13:11:39 +02:00
// Get the servers.
\enterprise_include_once ( 'include/functions_metaconsole.php' );
$servers = \metaconsole_get_servers ();
if ( is_array ( $servers ) === true ) {
$servers = array_reduce (
$servers ,
function ( $carry , $item ) {
$carry [ $item [ 'id' ]] = $item [ 'server_name' ];
return $carry ;
}
);
} else {
$servers = [];
}
2022-02-04 15:14:32 +01:00
$data [ 3 ][ 2 ] = html_print_input (
[
'name' => 'node_id' ,
'type' => 'select' ,
'fields' => $servers ,
'selected' => $node_id ,
'nothing' => __ ( 'This metaconsole' ),
'nothing_value' => - 1 ,
'return' => true ,
'label' => _ ( 'Select query target' ),
]
);
}
$data [ 4 ][ 2 ] = '<div class="action-buttons w100p">' ;
$data [ 4 ][ 2 ] .= html_print_submit_button (
__ ( 'Execute SQL' ),
'' ,
false ,
'class="sub next"' ,
true
);
$data [ 4 ][ 2 ] .= '</div>' ;
$table -> data = $data ;
html_print_table ( $table );
2019-01-30 16:18:44 +01:00
echo '</form>' ;
2018-10-04 17:17:39 +02:00
2022-06-14 13:11:39 +02:00
// Processing SQL Code.
2019-01-30 16:18:44 +01:00
if ( $sql == '' ) {
return ;
}
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
echo '<br />' ;
echo '<hr />' ;
echo '<br />' ;
2018-10-04 17:17:39 +02:00
2022-02-04 15:14:32 +01:00
try {
if ( \is_metaconsole () === true && $node_id !== - 1 ) {
$node = new Node ( $node_id );
$dbconnection = @ get_dbconnection (
[
'dbhost' => $node -> dbhost (),
'dbport' => $node -> dbport (),
'dbname' => $node -> dbname (),
'dbuser' => $node -> dbuser (),
'dbpass' => $node -> dbpass (),
]
);
$error = '' ;
$result = dbmanager_query ( $sql , $error , $dbconnection );
} else {
$dbconnection = $config [ 'dbconnection' ];
$error = '' ;
$result = dbmanager_query ( $sql , $error , $dbconnection );
}
} catch ( \Exception $e ) {
$error = __ ( 'Error querying database node' );
$result = false ;
}
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
if ( $result === false ) {
echo '<strong>An error has occured when querying the database.</strong><br />' ;
echo $error ;
2018-10-04 17:17:39 +02:00
2022-02-01 13:39:18 +01:00
db_pandora_audit (
AUDIT_LOG_SYSTEM ,
'DB Interface Extension. Error in SQL' ,
false ,
false ,
$sql
);
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
return ;
}
2018-10-04 17:17:39 +02:00
2022-06-14 13:11:39 +02:00
if ( is_array ( $result ) === false ) {
2019-01-30 16:18:44 +01:00
echo '<strong>Output: <strong>' . $result ;
2018-10-04 17:17:39 +02:00
2022-02-01 13:39:18 +01:00
db_pandora_audit (
AUDIT_LOG_SYSTEM ,
'DB Interface Extension. SQL' ,
false ,
false ,
$sql
);
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
return ;
}
2018-10-04 17:17:39 +02:00
2021-03-11 15:40:23 +01:00
echo " <div class='overflow'> " ;
2019-01-30 16:18:44 +01:00
$table = new stdClass ();
$table -> width = '100%' ;
2019-04-17 11:49:49 +02:00
$table -> class = 'info_table' ;
2019-01-30 16:18:44 +01:00
$table -> head = array_keys ( $result [ 0 ]);
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
$table -> data = $result ;
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
html_print_table ( $table );
echo '</div>' ;
2022-02-04 15:14:32 +01:00
if ( is_metaconsole ()) {
close_meta_frame ();
}
2009-05-01 17:01:52 +02:00
}
2022-02-04 15:14:32 +01:00
if ( is_metaconsole () === true ) {
// This adds a option in the operation menu.
extensions_add_meta_menu_option (
'DB interface' ,
'PM' ,
'gextensions' ,
'database.png' ,
'v1r1' ,
'gdbman'
);
extensions_add_meta_function ( 'dbmgr_extension_main' );
}
2022-06-14 13:11:39 +02:00
// This adds a option in the operation menu.
2019-01-30 16:18:44 +01:00
extensions_add_godmode_menu_option ( __ ( 'DB interface' ), 'PM' , 'gextensions' , 'dbmanager/icon.png' , 'v1r1' , 'gdbman' );
2022-06-14 13:11:39 +02:00
// This sets the function to be called when the extension is selected in the operation menu.
2019-01-30 16:18:44 +01:00
extensions_add_godmode_function ( 'dbmgr_extension_main' );
