diff --git a/pandora_console/ajax.php b/pandora_console/ajax.php
index fca916d796..f0032476e2 100644
--- a/pandora_console/ajax.php
+++ b/pandora_console/ajax.php
@@ -31,18 +31,18 @@ require 'vendor/autoload.php';
define('AJAX', true);
-if (!defined('__PAN_XHPROF__')) {
+if (defined('__PAN_XHPROF__') === false) {
define('__PAN_XHPROF__', 0);
}
if (__PAN_XHPROF__ === 1) {
- if (function_exists('tideways_xhprof_enable')) {
+ if (function_exists('tideways_xhprof_enable') === true) {
tideways_xhprof_enable();
}
}
-if ((! file_exists('include/config.php'))
- || (! is_readable('include/config.php'))
+if (file_exists('include/config.php') === false
+ || is_readable('include/config.php') === false
) {
exit;
}
@@ -57,11 +57,11 @@ require_once 'include/auth/mysql.php';
if (isset($config['console_log_enabled']) === true
&& $config['console_log_enabled'] == 1
) {
- ini_set('log_errors', 1);
+ ini_set('log_errors', true);
ini_set('error_log', $config['homedir'].'/log/console.log');
} else {
- ini_set('log_errors', 0);
- ini_set('error_log', null);
+ ini_set('log_errors', false);
+ ini_set('error_log', '');
}
// Sometimes input is badly retrieved from caller...
@@ -98,9 +98,11 @@ if (isset($_GET['loginhash']) === true) {
}
}
+// Another auth class example: PandoraFMS\Dashboard\Manager.
$auth_class = io_safe_output(
- get_parameter('auth_class', 'PandoraFMS\Dashboard\Manager')
+ get_parameter('auth_class', 'PandoraFMS\User')
);
+
$public_hash = get_parameter('auth_hash', false);
$public_login = false;
// Check user.
@@ -124,7 +126,7 @@ if (class_exists($auth_class) === false || $public_hash === false) {
ob_start();
// Enterprise support.
-if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php')) {
+if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php') === true) {
include_once ENTERPRISE_DIR.'/load_enterprise.php';
}
@@ -142,12 +144,12 @@ if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
);
}
-if (is_metaconsole()) {
+if (is_metaconsole() === true) {
// Backward compatibility.
define('METACONSOLE', true);
}
-if (file_exists($page)) {
+if (file_exists($page) === true) {
include_once $page;
} else {
echo '
Sorry! I can\'t find the page '.$page.'!';
@@ -172,7 +174,7 @@ if (isset($config['force_instant_logout']) === true
header_remove('Set-Cookie');
setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/');
- if ($config['auth'] == 'saml') {
+ if ($config['auth'] === 'saml') {
include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php';
$as = new SimpleSAML_Auth_Simple('PandoraFMS');
$as->logout();
diff --git a/pandora_console/extras/delete_files/delete_files.txt b/pandora_console/extras/delete_files/delete_files.txt
index 50d4b78c33..1d8e1ec96e 100644
--- a/pandora_console/extras/delete_files/delete_files.txt
+++ b/pandora_console/extras/delete_files/delete_files.txt
@@ -82,3 +82,4 @@ include/lib/WSManager.php
include/lib/WebSocketServer.php
include/lib/WebSocketUser.php
operation/network/network_explorer.php
+operation/vsual_console/pure_ajax.php
diff --git a/pandora_console/godmode/reporting/visual_console_builder.php b/pandora_console/godmode/reporting/visual_console_builder.php
index b03b55dd76..4bbd818c62 100755
--- a/pandora_console/godmode/reporting/visual_console_builder.php
+++ b/pandora_console/godmode/reporting/visual_console_builder.php
@@ -14,6 +14,8 @@
global $config;
global $statusProcessInDB;
+use PandoraFMS\User;
+
check_login();
require_once $config['homedir'].'/include/functions_visual_map.php';
@@ -753,8 +755,8 @@ if (!defined('METACONSOLE')) {
$url_view = 'index.php?sec=screen&sec2=screens/screens&action=visualmap&pure=0&id_visualmap='.$idVisualConsole.'&refr='.$view_refresh;
}
-// Hash for auto-auth in public link
-$hash = md5($config['dbpass'].$idVisualConsole.$config['id_user']);
+// Hash for auto-auth in public link.
+$hash = User::generatePublicHash();
$buttons = [];
diff --git a/pandora_console/include/javascript/pandora_visual_console.js b/pandora_console/include/javascript/pandora_visual_console.js
index 30a3d3f795..1b0a82b78f 100755
--- a/pandora_console/include/javascript/pandora_visual_console.js
+++ b/pandora_console/include/javascript/pandora_visual_console.js
@@ -1,5 +1,5 @@
// TODO: Add Artica ST header.
-/* globals jQuery, VisualConsole, AsyncTaskManager */
+/* globals jQuery, VisualConsole, AsyncTaskManager, hash, id_user */
/*
* *********************
@@ -720,7 +720,9 @@ function loadVisualConsoleData(baseUrl, vcId, size, callback) {
{
page: "include/rest-api/index",
getVisualConsole: 1,
- visualConsoleId: vcId
+ visualConsoleId: vcId,
+ id_user: id_user,
+ auth_hash: hash
},
"json"
)
@@ -735,7 +737,9 @@ function loadVisualConsoleData(baseUrl, vcId, size, callback) {
page: "include/rest-api/index",
getVisualConsoleItems: 1,
size: size,
- visualConsoleId: vcId
+ visualConsoleId: vcId,
+ id_user: id_user,
+ auth_hash: hash
},
"json"
)
diff --git a/pandora_console/include/lib/Dashboard/Manager.php b/pandora_console/include/lib/Dashboard/Manager.php
index be87ef8732..e72f292537 100644
--- a/pandora_console/include/lib/Dashboard/Manager.php
+++ b/pandora_console/include/lib/Dashboard/Manager.php
@@ -5,11 +5,12 @@ namespace PandoraFMS\Dashboard;
use PandoraFMS\View;
use PandoraFMS\Dashboard\Cell;
+use PandoraFMS\PublicLogin;
/**
* Dashboard manager.
*/
-class Manager
+class Manager implements PublicLogin
{
/**
diff --git a/pandora_console/include/lib/PublicLogin.php b/pandora_console/include/lib/PublicLogin.php
new file mode 100644
index 0000000000..b6124a62e7
--- /dev/null
+++ b/pandora_console/include/lib/PublicLogin.php
@@ -0,0 +1,61 @@
+idUser = $data['id_usuario'];
@@ -113,4 +116,81 @@ class User
}
+ /**
+ * Generates a hash to authenticate in public views.
+ *
+ * @param string|null $other_secret If you need to authenticate using a
+ * varable string, use this 'other_secret' to customize the hash.
+ *
+ * @return string Returns a hash with the authenticaction.
+ */
+ public static function generatePublicHash(?string $other_secret=''):string
+ {
+ global $config;
+
+ $str = $config['dbpass'];
+ $str .= $config['id_user'];
+ $str .= $other_secret;
+ return hash('sha256', $str);
+ }
+
+
+ /**
+ * Validates a hash to authenticate in public view.
+ *
+ * @param string $hash Hash to be checked.
+ * @param string $other_secret Any custom string needed for you.
+ *
+ * @return boolean Returns true if hash is valid.
+ */
+ public static function validatePublicHash(
+ string $hash,
+ string $other_secret=''
+ ):bool {
+ global $config;
+
+ if (isset($config['id_user']) === true) {
+ // Already logged in.
+ return true;
+ }
+
+ $userFromParams = false;
+ // Try to get id_user from parameters if it is missing.
+ if (isset($config['id_user']) === false) {
+ $userFromParams = true;
+ $config['id_user'] = get_parameter('id_user', false);
+ // It is impossible to authenticate without an id user.
+ if ($config['id_user'] === false) {
+ unset($config['id_user']);
+ return false;
+ }
+ } else {
+ $config['public_access'] = false;
+ }
+
+ // Build a hash to check.
+ $hashCheck = self::generatePublicHash($other_secret);
+ if ($hashCheck === $hash) {
+ // "Log" user in.
+ if (session_status() !== PHP_SESSION_ACTIVE) {
+ session_start();
+ }
+
+ $_SESSION['id_usuario'] = $config['id_user'];
+ session_write_close();
+
+ $config['public_access'] = true;
+ $config['force_instant_logout'] = true;
+ return true;
+ }
+
+ // Remove id user from config array if authentication has failed.
+ if ($userFromParams === true) {
+ unset($config['id_user']);
+ }
+
+ return false;
+ }
+
+
}
diff --git a/pandora_console/include/lib/Websockets/WebSocketUser.php b/pandora_console/include/lib/Websockets/WebSocketUser.php
index bcbe30cc17..9ab6c9e5da 100644
--- a/pandora_console/include/lib/Websockets/WebSocketUser.php
+++ b/pandora_console/include/lib/Websockets/WebSocketUser.php
@@ -147,8 +147,8 @@ class WebSocketUser
/**
* Initializes a websocket user.
*
- * @param string $id Id of the new user.
- * @param Socket $socket Socket where communication is stablished.
+ * @param string $id Id of the new user.
+ * @param \Socket $socket Socket where communication is stablished.
*/
public function __construct($id, $socket)
{
diff --git a/pandora_console/operation/visual_console/legacy_view.php b/pandora_console/operation/visual_console/legacy_view.php
index c9b4c086b2..3dab575425 100644
--- a/pandora_console/operation/visual_console/legacy_view.php
+++ b/pandora_console/operation/visual_console/legacy_view.php
@@ -13,6 +13,8 @@
// GNU General Public License for more details.
global $config;
+use PandoraFMS\User;
+
// Login check
require_once $config['homedir'].'/include/functions_visual_map.php';
ui_require_css_file('visual_maps');
@@ -122,7 +124,9 @@ $options['consoles_list']['text'] = ';
var items = ;
var baseUrl = "";
+ var hash = "";
+ var id_user = "";
var controls = document.getElementById('vc-controls');
autoHideElement(controls, 1000);
diff --git a/pandora_console/operation/visual_console/pure_ajax.php b/pandora_console/operation/visual_console/pure_ajax.php
deleted file mode 100644
index 9ef9fe3f56..0000000000
--- a/pandora_console/operation/visual_console/pure_ajax.php
+++ /dev/null
@@ -1,314 +0,0 @@
-'.html_print_image(
- 'images/visual_console.png',
- true,
- ['title' => __('Visual consoles list')]
-).'';
-
-if ($vconsole_write || $vconsole_manage) {
- $url_base = 'index.php?sec=network&sec2=godmode/reporting/visual_console_builder&action=';
-
- $hash = md5($config['dbpass'].$id_layout.$config['id_user']);
-
- $options['public_link']['text'] = ''.html_print_image(
- 'images/camera_mc.png',
- true,
- [
- 'title' => __('Show link to public Visual Console'),
- 'class' => 'invert_filter',
- ]
- ).'';
- $options['public_link']['active'] = false;
-
- $options['data']['text'] = ''.html_print_image(
- 'images/op_reporting.png',
- true,
- [
- 'title' => __('Main data'),
- 'class' => 'invert_filter',
- ]
- ).'';
- $options['list_elements']['text'] = ''.html_print_image(
- 'images/list.png',
- true,
- [
- 'title' => __('List elements'),
- 'class' => 'invert_filter',
- ]
- ).'';
-
- if (enterprise_installed()) {
- $options['wizard_services']['text'] = ''.html_print_image(
- 'images/wand_services.png',
- true,
- [
- 'title' => __('Services wizard'),
- 'class' => 'invert_filter',
- ]
- ).'';
- }
-
- $options['wizard']['text'] = ''.html_print_image(
- 'images/wand.png',
- true,
- [
- 'title' => __('Wizard'),
- 'class' => 'invert_filter',
- ]
- ).'';
- $options['editor']['text'] = ''.html_print_image(
- 'images/builder.png',
- true,
- [
- 'title' => __('Builder'),
- 'class' => 'invert_filter',
- ]
- ).'';
-}
-
-$options['view']['text'] = ''.html_print_image(
- 'images/eye.png',
- true,
- [
- 'title' => __('View'),
- 'class' => 'invert_filter',
- ]
-).'';
-$options['view']['active'] = true;
-
-if (!is_metaconsole()) {
- if (!$config['pure']) {
- $options['pure']['text'] = ''.html_print_image(
- 'images/full_screen.png',
- true,
- [
- 'title' => __('Full screen mode'),
- 'class' => 'invert_filter',
- ]
- ).'';
- ui_print_page_header($layout_name, 'images/visual_console.png', false, '', false, $options);
- }
-
- // Set the hidden value for the javascript
- html_print_input_hidden('metaconsole', 0);
-} else {
- // Set the hidden value for the javascript
- html_print_input_hidden('metaconsole', 1);
-}
-
- visual_map_print_visual_map(
- $id_layout,
- true,
- true,
- null,
- null,
- '',
- false,
- $graph_javascript
- );
-
- ?>
-
-
-
-
\ No newline at end of file
diff --git a/pandora_console/vendor/composer/ClassLoader.php b/pandora_console/vendor/composer/ClassLoader.php
index 1a58957d25..247294d66e 100644
--- a/pandora_console/vendor/composer/ClassLoader.php
+++ b/pandora_console/vendor/composer/ClassLoader.php
@@ -42,6 +42,8 @@ namespace Composer\Autoload;
*/
class ClassLoader
{
+ private $vendorDir;
+
// PSR-4
private $prefixLengthsPsr4 = array();
private $prefixDirsPsr4 = array();
@@ -57,6 +59,13 @@ class ClassLoader
private $missingClasses = array();
private $apcuPrefix;
+ private static $registeredLoaders = array();
+
+ public function __construct($vendorDir = null)
+ {
+ $this->vendorDir = $vendorDir;
+ }
+
public function getPrefixes()
{
if (!empty($this->prefixesPsr0)) {
@@ -300,6 +309,17 @@ class ClassLoader
public function register($prepend = false)
{
spl_autoload_register(array($this, 'loadClass'), true, $prepend);
+
+ if (null === $this->vendorDir) {
+ return;
+ }
+
+ if ($prepend) {
+ self::$registeredLoaders = array($this->vendorDir => $this) + self::$registeredLoaders;
+ } else {
+ unset(self::$registeredLoaders[$this->vendorDir]);
+ self::$registeredLoaders[$this->vendorDir] = $this;
+ }
}
/**
@@ -308,6 +328,10 @@ class ClassLoader
public function unregister()
{
spl_autoload_unregister(array($this, 'loadClass'));
+
+ if (null !== $this->vendorDir) {
+ unset(self::$registeredLoaders[$this->vendorDir]);
+ }
}
/**
@@ -367,6 +391,16 @@ class ClassLoader
return $file;
}
+ /**
+ * Returns the currently registered loaders indexed by their corresponding vendor directories.
+ *
+ * @return self[]
+ */
+ public static function getRegisteredLoaders()
+ {
+ return self::$registeredLoaders;
+ }
+
private function findFileWithExtension($class, $ext)
{
// PSR-4 lookup
diff --git a/pandora_console/vendor/composer/autoload_classmap.php b/pandora_console/vendor/composer/autoload_classmap.php
index 4169e631c6..934f8e77e2 100644
--- a/pandora_console/vendor/composer/autoload_classmap.php
+++ b/pandora_console/vendor/composer/autoload_classmap.php
@@ -113,6 +113,7 @@ return array(
'Models\\VisualConsole\\Items\\Label' => $baseDir . '/include/rest-api/models/VisualConsole/Items/Label.php',
'Models\\VisualConsole\\Items\\Line' => $baseDir . '/include/rest-api/models/VisualConsole/Items/Line.php',
'Models\\VisualConsole\\Items\\ModuleGraph' => $baseDir . '/include/rest-api/models/VisualConsole/Items/ModuleGraph.php',
+ 'Models\\VisualConsole\\Items\\NetworkLink' => $baseDir . '/include/rest-api/models/VisualConsole/Items/NetworkLink.php',
'Models\\VisualConsole\\Items\\Percentile' => $baseDir . '/include/rest-api/models/VisualConsole/Items/Percentile.php',
'Models\\VisualConsole\\Items\\SimpleValue' => $baseDir . '/include/rest-api/models/VisualConsole/Items/SimpleValue.php',
'Models\\VisualConsole\\Items\\StaticGraph' => $baseDir . '/include/rest-api/models/VisualConsole/Items/StaticGraph.php',
@@ -320,6 +321,7 @@ return array(
'PandoraFMS\\Module' => $baseDir . '/include/lib/Module.php',
'PandoraFMS\\ModuleStatus' => $baseDir . '/include/lib/ModuleStatus.php',
'PandoraFMS\\ModuleType' => $baseDir . '/include/lib/ModuleType.php',
+ 'PandoraFMS\\PublicLogin' => $baseDir . '/include/lib/PublicLogin.php',
'PandoraFMS\\User' => $baseDir . '/include/lib/User.php',
'PandoraFMS\\View' => $baseDir . '/include/lib/View.php',
'PandoraFMS\\Websockets\\WSManager' => $baseDir . '/include/lib/Websockets/WSManager.php',
diff --git a/pandora_console/vendor/composer/autoload_real.php b/pandora_console/vendor/composer/autoload_real.php
index 33d719ba60..d079efd543 100644
--- a/pandora_console/vendor/composer/autoload_real.php
+++ b/pandora_console/vendor/composer/autoload_real.php
@@ -25,7 +25,7 @@ class ComposerAutoloaderInitfdecadadce22e6dde51e9535fe4ad7aa
require __DIR__ . '/platform_check.php';
spl_autoload_register(array('ComposerAutoloaderInitfdecadadce22e6dde51e9535fe4ad7aa', 'loadClassLoader'), true, true);
- self::$loader = $loader = new \Composer\Autoload\ClassLoader();
+ self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__)));
spl_autoload_unregister(array('ComposerAutoloaderInitfdecadadce22e6dde51e9535fe4ad7aa', 'loadClassLoader'));
$useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
diff --git a/pandora_console/vendor/composer/autoload_static.php b/pandora_console/vendor/composer/autoload_static.php
index e1953333f9..fc522a2370 100644
--- a/pandora_console/vendor/composer/autoload_static.php
+++ b/pandora_console/vendor/composer/autoload_static.php
@@ -195,6 +195,7 @@ class ComposerStaticInitfdecadadce22e6dde51e9535fe4ad7aa
'Models\\VisualConsole\\Items\\Label' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/Label.php',
'Models\\VisualConsole\\Items\\Line' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/Line.php',
'Models\\VisualConsole\\Items\\ModuleGraph' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/ModuleGraph.php',
+ 'Models\\VisualConsole\\Items\\NetworkLink' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/NetworkLink.php',
'Models\\VisualConsole\\Items\\Percentile' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/Percentile.php',
'Models\\VisualConsole\\Items\\SimpleValue' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/SimpleValue.php',
'Models\\VisualConsole\\Items\\StaticGraph' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/StaticGraph.php',
@@ -402,6 +403,7 @@ class ComposerStaticInitfdecadadce22e6dde51e9535fe4ad7aa
'PandoraFMS\\Module' => __DIR__ . '/../..' . '/include/lib/Module.php',
'PandoraFMS\\ModuleStatus' => __DIR__ . '/../..' . '/include/lib/ModuleStatus.php',
'PandoraFMS\\ModuleType' => __DIR__ . '/../..' . '/include/lib/ModuleType.php',
+ 'PandoraFMS\\PublicLogin' => __DIR__ . '/../..' . '/include/lib/PublicLogin.php',
'PandoraFMS\\User' => __DIR__ . '/../..' . '/include/lib/User.php',
'PandoraFMS\\View' => __DIR__ . '/../..' . '/include/lib/View.php',
'PandoraFMS\\Websockets\\WSManager' => __DIR__ . '/../..' . '/include/lib/Websockets/WSManager.php',