tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

#13035 refactored password_hash

This commit is contained in:
Daniel Cebrian 2024-04-11 10:26:53 +02:00
parent bcf2927660
commit 22c1b6e872
7 changed files with 20 additions and 158 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
pandora_console/godmode/reporting/reporting_builder.item_editor.php
View File

@ -6635,26 +6635,6 @@ function create_custom_graph() {
$("#meta_target_servers").css('display', 'inline');
}
else {
var hash_data;
var params1 = [];
params1.push("get_metaconsole_hash_data=1");
params1.push("server_name=" + target_server);
params1.push("page=include/ajax/reporting.ajax");
jQuery.ajax ({
data: params1.join ("&"),
type: 'POST',
url: action=
<?php
echo '"'.ui_get_full_url(false, false, false, false).'"';
?>
+ "/ajax.php",
async: false,
timeout: 10000,
success: function (data) {
hash_data = data;
}
});
var server_url;
var params1 = [];
params1.push("get_metaconsole_server_url=1");
@ -6680,7 +6660,7 @@ function create_custom_graph() {
}
});
window.location.href = server_url + "/index.php?sec=reporting&sec2=godmode/reporting/graph_builder&create=Create graph" + hash_data;
redirectNode(server_url + "/index.php?sec=reporting&sec2=godmode/reporting/graph_builder&create=Create graph", "_self");
}
<?php
} else {
@ -6709,31 +6689,6 @@ function edit_custom_graph() {
id_server = agent_server_temp[1];
}
var hash_data;
var params1 = [];
params1.push("get_metaconsole_hash_data=1");
params1.push("server_name=" + id_server);
params1.push("page=include/ajax/reporting.ajax");
jQuery.ajax ({
data: params1.join ("&"),
type: 'POST',
url: action=
<?php
echo '"'.ui_get_full_url(
false,
false,
false,
false
).'"';
?>
+ "/ajax.php",
async: false,
timeout: 10000,
success: function (data) {
hash_data = data;
}
});
var server_url;
var params1 = [];
params1.push("get_metaconsole_server_url=1");
@ -6759,7 +6714,7 @@ function edit_custom_graph() {
}
});
window.location.href = server_url + "index.php?sec=reporting&sec2=godmode/reporting/graph_builder&edit_graph=1&id=" + id_element_graph + hash_data;
redirectNode(server_url + "index.php?sec=reporting&sec2=godmode/reporting/graph_builder&edit_graph=1&id=" + id_element_graph, "_self");
<?php
} else {
?>

32
pandora_console/include/ajax/reporting.ajax.php
View File

@ -37,7 +37,6 @@ $add_sla = get_parameter('add_sla', 0);
$add_general = get_parameter('add_general', 0);
$id = get_parameter('id', 0);
$truncate_text = get_parameter('truncate_text', 0);
$get_metaconsole_hash_data = get_parameter('get_metaconsole_hash_data', 0);
$get_metaconsole_server_url = get_parameter('get_metaconsole_server_url', 0);
$change_custom_fields_macros_report = (bool) get_parameter(
'change_custom_fields_macros_report',
@ -186,37 +185,6 @@ if ($truncate_text) {
return ui_print_truncate_text($text, GENERIC_SIZE_TEXT, true, false);
}
if ($get_metaconsole_hash_data) {
$server_name = get_parameter('server_name');
enterprise_include_once('include/functions_metaconsole.php');
$server = enterprise_hook('metaconsole_get_connection', [$server_name]);
// Bad data
if (empty($server)) {
echo '';
return;
}
// Deserialization of auth_token
$auth_serialized = json_decode($server['auth_token'], true);
$auth_token = '';
if (is_array($auth_serialized)) {
$auth_token = $auth_serialized['auth_token'];
$api_password = $auth_serialized['api_password'];
$console_user = $auth_serialized['console_user'];
$console_password = $auth_serialized['console_password'];
}
$url_hash = metaconsole_get_servers_url_hash($server);
echo $url_hash;
return;
}
if ($get_metaconsole_server_url) {
$server_name = get_parameter('server_name');

32
pandora_console/include/functions_events.php
View File

@ -4357,12 +4357,9 @@ function events_page_details($event, $server_id=0)
global $config;
// If metaconsole switch to node to get details and custom fields.
$hashstring = '';
$serverstring = '';
if (is_metaconsole() === true && empty($server_id) === false) {
$server = metaconsole_get_connection_by_id($server_id);
$hashdata = metaconsole_get_server_hashdata($server);
$hashstring = '&amp;loginhash=auto&loginhash_data='.$hashdata.'&loginhash_user='.str_rot13($config['id_user']);
$serverstring = $server['server_url'].'/';
if (metaconsole_connect($server) !== NOERR) {
@ -4403,28 +4400,7 @@ function events_page_details($event, $server_id=0)
true
).ui_print_help_tip(__('This agent belongs to metaconsole, is not possible display it'), true);
} else if (can_user_access_node() && is_metaconsole()) {
// Workaround to pass login hash data in POST body instead of directly in the URL.
parse_str($hashstring, $url_hash_array);
$redirection_form = "<form id='agent-redirection' method='POST' action='".$serverstring.'index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='.$event['id_agente']."'>";
$redirection_form .= html_print_input_hidden(
'loginhash',
$url_hash_array['loginhash'],
true
);
$redirection_form .= html_print_input_hidden(
'loginhash_data',
$url_hash_array['loginhash_data'],
true
);
$redirection_form .= html_print_input_hidden(
'loginhash_user',
$url_hash_array['loginhash_user'],
true
);
$redirection_form .= '</form>';
$data[1] = $redirection_form;
$data[1] .= "<a target=_blank onclick='event.preventDefault(); document.getElementById(\"agent-redirection\").submit();' href='#'>";
$data[1] = '<a target=_blank onclick="redirectNode(\''.$serverstring.'index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='.$event['id_agente'].'\')" href="#">';
$data[1] .= '<b>'.$agent['alias'].'</b>';
$data[1] .= '</a>';
} else if (can_user_access_node()) {
@ -4435,7 +4411,7 @@ function events_page_details($event, $server_id=0)
'',
false,
$serverstring,
$hashstring,
'',
$agent['alias']
);
} else {
@ -4568,7 +4544,7 @@ function events_page_details($event, $server_id=0)
'id_mg',
$id_module_group
);
$data[1] = '<a href="'.$serverstring.'index.php?sec=view&amp;sec2=operation/agentes/status_monitor&amp;status=-1&amp;modulegroup='.$id_module_group.$hashstring.'">';
$data[1] = '<a href="#" onclick="redirectNode(\''.$serverstring.'index.php?sec=view&amp;sec2=operation/agentes/status_monitor&amp;status=-1&amp;modulegroup='.$id_module_group.'\')">';
$data[1] .= $module_group;
$data[1] .= '</a>';
}
@ -4634,7 +4610,7 @@ function events_page_details($event, $server_id=0)
if ($event['id_alert_am'] != 0) {
$data = [];
$data[0] = '<div class="normal_weight mrgn_lft_20px">'.__('Source').'</div>';
$data[1] = '<a href="'.$serverstring.'index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente='.$event['id_agente'].'&amp;tab=alert'.$hashstring.'">';
$data[1] = '<a href="#" onclick="redirectNode(\''.$serverstring.'index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente='.$event['id_agente'].'&amp;tab=alert\')">';
$standby = db_get_value('standby', 'talert_template_modules', 'id', $event['id_alert_am']);
if (!$standby) {
$data[1] .= html_print_image(

9
pandora_console/include/functions_inventory.php
View File

@ -418,12 +418,10 @@ function inventory_get_data(
// Setting for link the agent with the proper server.
if (is_metaconsole() === true && empty($node) === false) {
$loginHash = metaconsole_get_servers_url_hash($node);
$urlToAgent = sprintf(
'%sindex.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente=%s%s',
'%sindex.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente=%s',
$node['server_url'],
$row['id_agente'],
$loginHash
$row['id_agente']
);
} else {
$urlToAgent = sprintf(
@ -440,8 +438,9 @@ function inventory_get_data(
$table->data[$rowTable][0] = html_print_anchor(
[
'href' => $urlToAgent,
'href' => (is_metaconsole() === true) ? '#' : $urlToAgent,
'content' => '<strong>'.$agent_name.'</strong>',
'onClick' => (is_metaconsole() === true) ? 'redirectNode(\''.$urlToAgent.'\')' : '',
],
true
);

4
pandora_console/include/functions_networkmap.php
View File

@ -773,13 +773,11 @@ function networkmap_create_agent_node(
if (empty($server_data) === true) {
$server_name = '';
$server_id = '';
$url_hash = '';
$console_url = '';
} else {
$server_name = $server_data['server_name'];
$server_id = $server_data['id'];
$console_url = $server_data['server_url'].'/';
$url_hash = metaconsole_get_servers_url_hash($server_data);
}
// Set node status.
@ -870,7 +868,7 @@ function networkmap_create_agent_node(
}
if (can_user_access_node()) {
$url_node_link = ', URL="'.$console_url.'index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='.$agent['id_agente'].$url_hash.'"';
$url_node_link = ', URL="'.$console_url.'index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='.$agent['id_agente'].'"';
} else {
$url_node_link = '';
}

12
pandora_console/include/functions_ui.php
View File

@ -1165,16 +1165,10 @@ function ui_format_alert_row(
global $config;
if (!isset($alert['server_data'])) {
$server_name = '';
$server_id = '';
$url_hash = '';
$console_url = '';
} else {
$server_data = $alert['server_data'];
$server_name = $server_data['server_name'];
$server_id = $server_data['id'];
$console_url = $server_data['server_url'].'/';
$url_hash = metaconsole_get_servers_url_hash($server_data);
}
$actionText = '';
@ -1445,13 +1439,13 @@ function ui_format_alert_row(
if (is_metaconsole() === true) {
// Do not show link if user cannot access node
if ((bool) can_user_access_node() === true) {
$hashdata = metaconsole_get_server_hashdata($server);
$url = $server['server_url'].'/index.php?sec=estado&sec2=operation/agentes/ver_agente&amp;loginhash=auto&loginhash_data='.$hashdata.'&loginhash_user='.str_rot13($config['id_user']).'&id_agente='.$agente['id_agente'];
$url = $server['server_url'].'/index.php?sec=estado&sec2=operation/agentes/ver_agente&amp;&id_agente='.$agente['id_agente'];
$data[$index['agent_name']] .= html_print_anchor(
[
'href' => $url,
'href' => '#',
'content' => '<span class="bolder" title="'.$agente['nombre'].'">'.$agente['alias'].'</span>',
'target' => '_blank',
'onClick' => 'redirectNode(\''.$url.'\');',
],
true
);

40
pandora_console/operation/events/events.php
View File

@ -483,7 +483,6 @@ if (is_ajax() === true) {
}
if (empty($events) === false) {
$redirection_form_id = 0;
if ((int) $filter['group_rep'] > 0) {
$events_comments = [];
} else {
@ -492,7 +491,7 @@ if (is_ajax() === true) {
$data = array_reduce(
$events,
function ($carry, $item) use ($table_id, &$redirection_form_id, $filter, $compact_date, $external_url, $compact_name_event, $regex, $events_comments) {
function ($carry, $item) use ($table_id, $filter, $compact_date, $external_url, $compact_name_event, $regex, $events_comments) {
global $config;
$tmp = (object) $item;
@ -500,7 +499,6 @@ if (is_ajax() === true) {
// phpcs:disable Squiz.NamingConventions.ValidVariableName.MemberNotCamelCaps
$server_url = '';
$hashdata = '';
if ($tmp->meta === true) {
if ($tmp->server_name !== null) {
$data_server = metaconsole_get_servers(
@ -512,9 +510,6 @@ if (is_ajax() === true) {
&& $data_server !== false
) {
$server_url = $data_server['server_url'];
$hashdata = metaconsole_get_servers_url_hash(
$data_server
);
}
}
}
@ -1166,40 +1161,18 @@ if (is_ajax() === true) {
$url_link = ui_get_full_url(
'index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='
);
$url_link_hash = '';
if ($tmp->meta === true) {
$url_link = $server_url;
$url_link .= '/index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente=';
$url_link_hash = $hashdata;
parse_str($url_link_hash, $url_hash_array);
$redirection_form = "<form id='agent-table-redirection-".$redirection_form_id."' class='invisible' method='POST' action='".$url_link.$tmp->id_agente."'>";
$redirection_form .= html_print_input_hidden(
'loginhash',
$url_hash_array['loginhash'],
true
);
$redirection_form .= html_print_input_hidden(
'loginhash_data',
$url_hash_array['loginhash_data'],
true
);
$redirection_form .= html_print_input_hidden(
'loginhash_user',
$url_hash_array['loginhash_user'],
true
);
$redirection_form .= '</form>';
}
// Agent name link.
if ($tmp->id_agente > 0) {
if ($tmp->meta === true) {
$draw_agent_name = $redirection_form;
$draw_agent_name .= "<a target=_blank onclick='event.preventDefault(); document.getElementById(\"agent-table-redirection-".$redirection_form_id."\").submit();' href='#'>";
$draw_agent_name = '<a target=_blank onclick="redirectNode(\''.$url_link.$tmp->id_agente.'\')" href="#">';
} else {
$draw_agent_name = '<a href="'.$url_link.$tmp->id_agente.$url_link_hash.'">';
$draw_agent_name = '<a href="'.$url_link.$tmp->id_agente.'">';
}
$draw_agent_name .= $tmp->agent_name;
@ -1212,10 +1185,9 @@ if (is_ajax() === true) {
// Agent ID link.
if ($tmp->id_agente > 0) {
if ($tmp->meta === true) {
$draw_agent_id = "<a target=_blank onclick='event.preventDefault(); document.getElementById(\"agent-table-redirection-".$redirection_form_id."\").submit();' href='#'>";
$redirection_form_id++;
$draw_agent_id = '<a target=_blank onclick="redirectNode(\''.$url_link.$tmp->id_agente.'\')" href="#">';
} else {
$draw_agent_id = '<a href="'.$url_link.$tmp->id_agente.$url_link_hash.'">';
$draw_agent_id = '<a href="'.$url_link.$tmp->id_agente.'">';
}
$draw_agent_id .= $tmp->id_agente;