diff --git a/pandora_console/godmode/agentes/manage_config.php b/pandora_console/godmode/agentes/manage_config.php index 9e5230fd3f..cff76f7588 100644 --- a/pandora_console/godmode/agentes/manage_config.php +++ b/pandora_console/godmode/agentes/manage_config.php @@ -19,9 +19,9 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. // Load global vars -require("include/config.php"); +require ("include/config.php"); -comprueba_login(); +check_login (); $id_user = $_SESSION["id_usuario"]; $id_group = get_parameter ("id_group",0); diff --git a/pandora_console/godmode/agentes/manage_config_remote.php b/pandora_console/godmode/agentes/manage_config_remote.php index bd20f6d7e1..d46f11a6b9 100644 --- a/pandora_console/godmode/agentes/manage_config_remote.php +++ b/pandora_console/godmode/agentes/manage_config_remote.php @@ -18,9 +18,9 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. // Load global vars -require("include/config.php"); +require ("include/config.php"); -comprueba_login(); +check_login(); $id_user = $_SESSION["id_usuario"]; $origen = get_parameter ("origen", -1); diff --git a/pandora_console/godmode/db/db_audit.php b/pandora_console/godmode/db/db_audit.php index ca82629fa4..3302897f71 100644 --- a/pandora_console/godmode/db/db_audit.php +++ b/pandora_console/godmode/db/db_audit.php @@ -1,10 +1,10 @@ // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 @@ -18,10 +18,10 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. // Load global vars -require("include/config.php"); +require ("include/config.php"); +check_login (); -if (comprueba_login() == 0) - if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { +if ((give_acl ($id_user, 0, "DM")==1) or (dame_admin ($id_user)==1)) { // Todo for a good DB maintenance /* - Delete too on datos_string and and datos_inc tables @@ -31,55 +31,11 @@ if (comprueba_login() == 0) - A more powerful selection (by Agent, by Module, etc). */ - - // 1 day - $d1_year = date("Y", time()-28800); - $d1_month = date("m", time()-28800); - $d1_day = date ("d", time()-28800); - $d1_hour = date ("H", time()-28800); - $d1 = $d1_year."-".$d1_month."-".$d1_day." ".$d1_hour.":00:00"; + require("godmode/db/times_incl.php"); - // today + 1 hour (to purge all possible data) - $all_year = date("Y", time()+3600); - $all_month = date("m", time()+3600); - $all_day = date ("d", time()+3600); - $all_hour = date ("H", time()+3600); - $all_data = $all_year."-".$all_month."-".$all_day." ".$all_hour.":00:00"; - - // 3 days ago - $d3_year = date("Y", time()-86400); - $d3_month = date("m", time()-86400); - $d3_day = date ("d", time()-86400); - $d3_hour = date ("H", time()-86400); - $d3 = $d3_year."-".$d3_month."-".$d3_day." ".$d3_hour.":00:00"; - // Date 24x7 Hours ago (a week) - $week_year = date("Y", time()-604800); - $week_month = date("m", time()-604800); - $week_day = date ("d", time()-604800); - $week_hour = date ("H", time()-604800); - $week = $week_year."-".$week_month."-".$week_day." ".$week_hour.":00:00"; - - // Date 24x7x2 Hours ago (two weeks) - $week2_year = date("Y", time()-1209600); - $week2_month = date("m", time()-1209600); - $week2_day = date ("d", time()-1209600); - $week2_hour = date ("H", time()-1209600); - $week2 = $week2_year."-".$week2_month."-".$week2_day." ".$week2_hour.":00:00"; - - // Date 24x7x30 Hours ago (one month) - $month_year = date("Y", time()-2592000); - $month_month = date("m", time()-2592000); - $month_day = date ("d", time()-2592000); - $month_hour = date ("H", time()-2592000); - $month = $month_year."-".$month_month."-".$month_day." ".$month_hour.":00:00"; - - // Three months ago - $month3_year = date("Y", time()-7257600); - $month3_month = date("m", time()-7257600); - $month3_day = date ("d", time()-7257600); - $month3_hour = date ("H", time()-7257600); - $month3 = $month3_year."-".$month3_month."-".$month3_day." ".$month3_hour.":00:00"; - $datos_rango3=0;$datos_rango2=0;$datos_rango1=0; + $datos_rango3=0; + $datos_rango2=0; + $datos_rango1=0; # ADQUIRE DATA PASSED AS FORM PARAMETERS @@ -87,8 +43,9 @@ if (comprueba_login() == 0) # Purge data using dates # Purge data using dates if (isset($_POST["purgedb"])){ # Fixed 2005-1-13, nil - $from_date =$_POST["date_purge"]; - $query = "DELETE FROM tsesion WHERE fecha < '".$from_date."'"; + $from_date = mysql_real_escape_string($_POST["date_purge"]); + $query = sprintf("DELETE FROM `tsesion` WHERE `fecha` < '%s';",$from_date); + echo $query; mysql_query($query); } # End of get parameters block @@ -98,22 +55,18 @@ if (comprueba_login() == 0) echo ""; echo ""; - echo ""; + echo ""; echo ""; - $result_t=mysql_query("SELECT min(fecha) FROM tsesion"); - $row=mysql_fetch_array($result_t); echo ""; - echo ""; + echo ""; echo ""; - echo ""; + echo ""; echo "
"; - $result_t=mysql_query("SELECT COUNT(*) FROM tsesion"); - $row=mysql_fetch_array($result_t); + $result = get_db_row_sql ("SELECT COUNT(*) AS total, MIN(fecha) AS first_date, MAX(fecha) AS latest_date FROM tsesion"); + echo "".$lang_label["total"]."".$row[0]." ".$lang_label["records"]."".$result["total"]." ".$lang_label["records"]."
".$lang_label["first_date"]."".$row[0]."
".$result["first_date"]."
"; - $result_t=mysql_query("SELECT max(fecha) FROM tsesion"); - $row=mysql_fetch_array($result_t); echo "".$lang_label["latest_date"]."".$row[0]."".$result["latest_date"]."
"; ?>

@@ -138,10 +91,8 @@ if (comprueba_login() == 0) \ No newline at end of file +?> diff --git a/pandora_console/godmode/db/db_event.php b/pandora_console/godmode/db/db_event.php index 3a0f905711..43b3e3e794 100644 --- a/pandora_console/godmode/db/db_event.php +++ b/pandora_console/godmode/db/db_event.php @@ -7,69 +7,26 @@ // Raul Mateos , 2005-2006 // Load global vars -require("include/config.php"); -if (comprueba_login() == 0) +require ("include/config.php"); +check_login (); - if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { - // 1 day - $d1_year = date("Y", time()-28800); - $d1_month = date("m", time()-28800); - $d1_day = date ("d", time()-28800); - $d1_hour = date ("H", time()-28800); - $d1 = $d1_year."-".$d1_month."-".$d1_day." ".$d1_hour.":00:00"; +if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { - // today + 1 hour (to purge all possible data) - $all_year = date("Y", time()+3600); - $all_month = date("m", time()+3600); - $all_day = date ("d", time()+3600); - $all_hour = date ("H", time()+3600); - $all_data = $all_year."-".$all_month."-".$all_day." ".$all_hour.":00:00"; + require("godmode/db/times_incl.php"); - // 3 days ago - $d3_year = date("Y", time()-86400); - $d3_month = date("m", time()-86400); - $d3_day = date ("d", time()-86400); - $d3_hour = date ("H", time()-86400); - $d3 = $d3_year."-".$d3_month."-".$d3_day." ".$d3_hour.":00:00"; - - // Date 24x7 Hours ago (a week) - $week_year = date("Y", time()-604800); - $week_month = date("m", time()-604800); - $week_day = date ("d", time()-604800); - $week_hour = date ("H", time()-604800); - $week = $week_year."-".$week_month."-".$week_day." ".$week_hour.":00:00"; - - // Date 24x7x2 Hours ago (two weeks) - $week2_year = date("Y", time()-1209600); - $week2_month = date("m", time()-1209600); - $week2_day = date ("d", time()-1209600); - $week2_hour = date ("H", time()-1209600); - $week2 = $week2_year."-".$week2_month."-".$week2_day." ".$week2_hour.":00:00"; - - // Date 24x7x30 Hours ago (one month) - $month_year = date("Y", time()-2592000); - $month_month = date("m", time()-2592000); - $month_day = date ("d", time()-2592000); - $month_hour = date ("H", time()-2592000); - $month = $month_year."-".$month_month."-".$month_day." ".$month_hour.":00:00"; - - // Three months ago - $month3_year = date("Y", time()-7257600); - $month3_month = date("m", time()-7257600); - $month3_day = date ("d", time()-7257600); - $month3_hour = date ("H", time()-7257600); - $month3 = $month3_year."-".$month3_month."-".$month3_day." ".$month3_hour.":00:00"; - $datos_rango3=0;$datos_rango2=0;$datos_rango1=0; + $datos_rango3=0; + $datos_rango2=0; + $datos_rango1=0; # ADQUIRE DATA PASSED AS FORM PARAMETERS # ====================================== # Purge data using dates # Purge data using dates - if (isset($_POST["date_purge"])){ - $from_date =$_POST["date_purge"]; - $query = "DELETE FROM tevento WHERE timestamp < '".$from_date."'"; - mysql_query($query); + if (isset ($_POST["date_purge"])){ + $from_date = mysql_real_esape_string ($_POST["date_purge"]); + $query = sprintf ("DELETE FROM `tevento` WHERE `timestamp` < '%s'",$from_date); + mysql_query ($query); } # End of get parameters block @@ -78,23 +35,19 @@ if (comprueba_login() == 0) echo ""; echo ""; + echo ""; echo ""; - $result_t=mysql_query("SELECT min(timestamp) FROM tevento"); - $row=mysql_fetch_array($result_t); echo ""; - echo ""; + echo ""; echo ""; + echo ""; echo "
"; - $result_t=mysql_query("SELECT COUNT(*) FROM tevento"); - $row=mysql_fetch_array($result_t); + $row = get_db_row_sql ("SELECT COUNT(*) AS total, MIN(timestamp) AS first_date, MAX(timestamp) AS latest_date FROM tevento"); + echo "".$lang_label["total"].""; - echo "".$row[0]." ".$lang_label["records"]."".$row["total"]." ".$lang_label["records"]."
".$lang_label["first_date"]."".$row[0]."
".$row["first_date"]."
"; - $result_t=mysql_query("SELECT max(timestamp) FROM tevento"); - $row=mysql_fetch_array($result_t); echo "".$lang_label["latest_date"].""; - echo "".$row[0]."".$row["latest_date"]."
"; ?> @@ -118,10 +71,8 @@ if (comprueba_login() == 0) \ No newline at end of file +} +?> diff --git a/pandora_console/godmode/db/db_info.php b/pandora_console/godmode/db/db_info.php index 90833f7ef8..3e26581adc 100644 --- a/pandora_console/godmode/db/db_info.php +++ b/pandora_console/godmode/db/db_info.php @@ -1,40 +1,40 @@ , 2003-2006 // Raul Mateos , 2005-2006 +// Evi Vanoost 2008 // Load global vars -require("include/config.php"); -if (comprueba_login() == 0) - if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { - // Todo for a good DB maintenance - /* - - Delete too on datos_string and and datos_inc tables - - - A function to "compress" data, and interpolate big chunks of data (1 month - 60000 registers) - onto a small chunk of interpolated data (1 month - 600 registers) - - - A more powerful selection (by Agent, by Module, etc). - */ +require ("include/config.php"); +check_login (); + +if ((give_acl ($id_user, 0, "DM")==1) or (dame_admin ($id_user)==1)) { +// Todo for a good DB maintenance +/* + - Delete too on datos_string and and datos_inc tables + + - A function to "compress" data, and interpolate big chunks of data (1 month - 60000 registers) + onto a small chunk of interpolated data (1 month - 600 registers) + + - A more powerful selection (by Agent, by Module, etc). + */ - echo "

".$lang_label["dbmain_title"]." > "; - echo $lang_label["db_info2"]."

"; - echo ""; - echo "
"; - echo '

'.$lang_label["db_agente_modulo"].'

'; - echo "
"; - echo "

"; - echo "
"; - echo '

'.$lang_label["db_agente_paquetes"].'

'; - echo "
"; - echo "

".$lang_label["press_db_info"].""; - echo "
"; - } - else { - audit_db($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access Database Management Info"); - require ("general/noaccess.php"); - } +echo "

".$lang_label["dbmain_title"]." > "; +echo $lang_label["db_info2"]."

"; +echo ""; +echo "
"; +echo '

'.$lang_label["db_agente_modulo"].'

'; +echo "
"; +echo "

"; +echo "
"; +echo '

'.$lang_label["db_agente_paquetes"].'

'; +echo "
"; +echo "

".$lang_label["press_db_info"].""; +echo "
"; +} else { + audit_db ($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access Database Management Info"); + require ("general/noaccess.php"); +} ?> diff --git a/pandora_console/godmode/db/db_info_data.php b/pandora_console/godmode/db/db_info_data.php index 78825687b7..bf6acd128f 100644 --- a/pandora_console/godmode/db/db_info_data.php +++ b/pandora_console/godmode/db/db_info_data.php @@ -1,5 +1,4 @@ ".$lang_label["total_data"].""; $color=0; - $result_2=mysql_query("SELECT id_agente FROM tagente"); - while ($row2=mysql_fetch_array($result_2)){ + $result_2=get_db_all_fields_in_table("tagente","id_agente"); + foreach($result_2 as $rownum => $row2) { $total_agente=0; - $result_3c=mysql_query("SELECT COUNT(id_agente_modulo) FROM tagente_modulo WHERE id_agente = ".$row2["id_agente"]); - $row3c=mysql_fetch_array($result_3c); - $result_3=mysql_query("SELECT * FROM tagente_modulo WHERE id_agente = ".$row2["id_agente"]); + $result_3=mysql_query("SELECT id_agente_modulo FROM tagente_modulo WHERE id_agente = ".$row2["id_agente"]); + $row3c = mysql_num_rows($result_3); // for all data_modules belongs to an agent while ($row3=mysql_fetch_array($result_3)){ $result_4=mysql_query("SELECT COUNT(id_agente_modulo) FROM tagente_datos WHERE id_agente_modulo = ".$row3["id_agente_modulo"]); @@ -64,15 +62,14 @@ if (comprueba_login() == 0) echo " ".dame_nombre_agente($row2[0]).""; - echo "".$row3c[0].""; + echo "".$row3c.""; echo "".$total_agente.""; flush(); //ob_flush(); } echo ""; +} else { + audit_db($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access Database Management Info data"); + require ("general/noaccess.php"); } -else { - audit_db($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access Database Management Info data"); - require ("general/noaccess.php"); - } -?> \ No newline at end of file +?> diff --git a/pandora_console/godmode/db/db_main.php b/pandora_console/godmode/db/db_main.php index 1ff2899101..c990dec87b 100644 --- a/pandora_console/godmode/db/db_main.php +++ b/pandora_console/godmode/db/db_main.php @@ -18,9 +18,9 @@ // Load global vars global $config; +check_login (); -if (comprueba_login() == 0) - if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { +if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { // Todo for a good DB maintenance /* - Delete too on datos_string and and datos_inc tables @@ -44,8 +44,8 @@ if (comprueba_login() == 0) diff --git a/pandora_console/godmode/db/db_purge.php b/pandora_console/godmode/db/db_purge.php index 3bbec49eba..2c9cac3e3d 100644 --- a/pandora_console/godmode/db/db_purge.php +++ b/pandora_console/godmode/db/db_purge.php @@ -17,10 +17,11 @@ // Load global vars global $config; +check_login (); -if (comprueba_login() == 0) - $id_usuario= $_SESSION["id_usuario"]; - if (give_acl($id_usuario, 0, "DM")==1){ +$id_usuario= $_SESSION["id_usuario"]; + +if (give_acl($id_usuario, 0, "DM")==1){ if (isset($_POST["agent"])){ $id_agent =$_POST["agent"]; @@ -35,49 +36,8 @@ if (comprueba_login() == 0) // All data (now) $purge_all=date("Y-m-d H:i:s",time()); - // 1 day ago - $d1_year = date("Y", time()-28800); - $d1_month = date("m", time()-28800); - $d1_day = date ("d", time()-28800); - $d1_hour = date ("H", time()-28800); - $minuto = date("i",time()); - $segundo = date("s",time()); - $d1 = $d1_year."-".$d1_month."-".$d1_day." ".$d1_hour.":".$minuto.":".$segundo.""; + require("godmode/db/times_incl.php"); - // 3 days ago - $d3_year = date("Y", time()-86400); - $d3_month = date("m", time()-86400); - $d3_day = date ("d", time()-86400); - $d3_hour = date ("H", time()-86400); - $d3 = $d3_year."-".$d3_month."-".$d3_day." ".$d3_hour.":".$minuto.":".$segundo.""; - - // Date 24x7 Hours ago (a week) - $week_year = date("Y", time()-604800); - $week_month = date("m", time()-604800); - $week_day = date ("d", time()-604800); - $week_hour = date ("H", time()-604800); - $week = $week_year."-".$week_month."-".$week_day." ".$week_hour.":".$minuto.":".$segundo.""; - - // Date 24x7x2 Hours ago (two weeks) - $week2_year = date("Y", time()-1209600); - $week2_month = date("m", time()-1209600); - $week2_day = date ("d", time()-1209600); - $week2_hour = date ("H", time()-1209600); - $week2 = $week2_year."-".$week2_month."-".$week2_day." ".$week2_hour.":".$minuto.":".$segundo.""; - - // Date 24x7x30 Hours ago (one month) - $month_year = date("Y", time()-2592000); - $month_month = date("m", time()-2592000); - $month_day = date ("d", time()-2592000); - $month_hour = date ("H", time()-2592000); - $month = $month_year."-".$month_month."-".$month_day." ".$month_hour.":".$minuto.":".$segundo.""; - - // Three months - $month3_year = date("Y", time()-7257600); - $month3_month = date("m", time()-7257600); - $month3_day = date ("d", time()-7257600); - $month3_hour = date ("H", time()-7257600); - $month3 = $month3_year."-".$month3_month."-".$month3_day." ".$month3_hour.":".$minuto.":".$segundo.""; $datos_rango3=0;$datos_rango2=0;$datos_rango1=0;$datos_rango0=0; $datos_rango00=0; $datos_rango11=0; $datos_total=0; # ADQUIRE DATA PASSED AS FORM PARAMETERS @@ -259,8 +219,8 @@ if (comprueba_login() == 0) diff --git a/pandora_console/godmode/db/db_refine.php b/pandora_console/godmode/db/db_refine.php index 3b5c36a62d..b9bb76b36c 100644 --- a/pandora_console/godmode/db/db_refine.php +++ b/pandora_console/godmode/db/db_refine.php @@ -20,9 +20,9 @@ // Load global vars require("include/config.php"); -if (comprueba_login() == 0) - $id_user = $_SESSION["id_usuario"]; - if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { +check_login (); +$id_user = $_SESSION["id_usuario"]; +if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { if ((isset($_GET["operacion"])) AND (! isset($_POST["update_agent"]))){ // DATA COPY if (isset($_POST["eliminar"])) { @@ -109,8 +109,8 @@ if (comprueba_login() == 0) \ No newline at end of file +} else { + audit_db($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access Database Debug Admin section"); + require ("general/noaccess.php"); +} +?> diff --git a/pandora_console/godmode/db/db_sanity.php b/pandora_console/godmode/db/db_sanity.php index 600d77583f..6255ede7f9 100644 --- a/pandora_console/godmode/db/db_sanity.php +++ b/pandora_console/godmode/db/db_sanity.php @@ -18,6 +18,7 @@ // Load global vars require("include/config.php"); check_login(); + if ((give_acl($config["id_user"], 0, "DM")==0) AND (dame_admin($config["id_user"])==0)) { audit_db($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access Database cure section"); require ("general/noaccess.php"); diff --git a/pandora_console/godmode/db/times_incl.php b/pandora_console/godmode/db/times_incl.php new file mode 100644 index 0000000000..ac0c90bb2a --- /dev/null +++ b/pandora_console/godmode/db/times_incl.php @@ -0,0 +1,21 @@ + diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index 725c5e1296..104ceb36b3 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -670,29 +670,32 @@ function get_alert_priority ($priority = 0) { */ function get_alert_days ($row) { global $config; - global $lang_label; $days_output = ""; - $check = $row["monday"] + $row["tuesday"] + $row["wednesday"] + $row["thursday"]+ $row["friday"] + $row["saturday"] + $row["sunday"]; - - if ($row["monday"] != 0) - return "Mo"; - if ($row["tuesday"] != 0) - return "Tu"; - if ($row["wednesday"] != 0) - return "We"; - if ($row["thursday"] != 0) - return "Th"; - if ($row["friday"] != 0) - return "Fr"; - if ($row["saturday"] != 0) - return "Sa"; - if ($row["sunday"] != 0) - return "Su"; - if ($check == 7) + $check = $row["monday"] + $row["tuesday"] + $row["wednesday"] + $row["thursday"] + $row["friday"] + $row["saturday"] + $row["sunday"]; + if ($check == 7) { return lang_string ("all"); - - return lang_string ("none"); + } elseif ($check == 0) { + return lang_string ("none"); + } + if ($row["monday"] != 0) + $days_output .= "Mo "; + if ($row["tuesday"] != 0) + $days_output .= "Tu "; + if ($row["wednesday"] != 0) + $days_output .= "We "; + if ($row["thursday"] != 0) + $days_output .= "Th "; + if ($row["friday"] != 0) + $days_output .= "Fr "; + if ($row["saturday"] != 0) + $days_output .= "Sa "; + if ($row["sunday"] != 0) + $days_output .= "Su "; + if ($check > 1) { + return str_replace (" ",", ",$days_output); + } + return rtrim ($days_output); } /** @@ -703,9 +706,6 @@ function get_alert_days ($row) { * @return */ function get_alert_times ($row2) { - global $config; - global $lang_label; - if ($row2["time_from"]){ $time_from_table = $row2["time_from"]; } else { @@ -716,12 +716,10 @@ function get_alert_times ($row2) { } else { $time_to_table = lang_string ("N/A"); } - $string = ""; if ($time_to_table == $time_from_table) - $string .= lang_string ('N/A'); - else - $string .= substr ($time_from_table, 0, 5)." - ".substr ($time_to_table, 0, 5); - return $string; + return lang_string ('N/A'); + + return substr ($time_from_table, 0, 5)." - ".substr ($time_to_table, 0, 5); } /** @@ -852,11 +850,14 @@ function show_alert_show_view ($data, $tdcolor = "datos", $combined = 0) { global $lang_label; if ($combined == 0) { - $module_name = get_db_sql ("SELECT nombre FROM tagente_modulo WHERE id_agente_modulo = ".$data["id_agente_modulo"]); - $agent_name = get_db_sql ("SELECT tagente.nombre FROM tagente_modulo, tagente WHERE tagente_modulo.id_agente = tagente.id_agente AND tagente_modulo.id_agente_modulo = ".$data["id_agente_modulo"]); - $id_agente = get_db_sql ("SELECT id_agente FROM tagente_modulo WHERE id_agente_modulo = ".$data["id_agente_modulo"]); + $sql = sprintf ("SELECT tagente.nombre AS agent_name, tagente_modulo.nombre AS module_name, tagente_modulo.id_agente FROM `tagente_modulo`, `tagente` WHERE `tagente_modulo`.`id_agente` = `tagente`.`id_agente` AND `tagente_modulo`.`id_agente_modulo` = '%d'",$data["id_agente_modulo"]); + $result = get_db_all_rows_sql ($sql); + $agent_name = $result[0]["agent_name"]; + $id_agente = $result[0]["id_agente"]; + $module_name = $result[0]["module_name"]; } else { - $agent_name = get_db_sql ("SELECT nombre FROM tagente WHERE id_agente =".$data["id_agent"]); + $sql = sprintf ("SELECT `nombre` FROM `tagente` WHERE `id_agente` = '%d'",$data["id_agent"]); + $agent_name = get_db_sql ($sql); $id_agente = $data["id_agent"]; } $alert_name = get_db_sql ("SELECT nombre FROM talerta WHERE id_alerta = ".$data["id_alerta"]); diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php index 3d4aba802d..373db31746 100644 --- a/pandora_console/include/functions_db.php +++ b/pandora_console/include/functions_db.php @@ -1,5 +1,4 @@ @@ -37,7 +36,6 @@ function check_login () { include ($config["homedir"]."/general/noaccess.php"); exit; } - /** * Check access privileges to resources @@ -132,10 +130,8 @@ AND `tusuario_perfil`.`id_usuario` = '%s' AND (`tusuario_perfil`.`id_grupo` = '% * @param descripcion Long action description */ function audit_db ($id, $ip, $accion, $descripcion){ - $utimestamp = time(); - $today=date('Y-m-d H:i:s',$utimestamp); - $sql1='INSERT INTO tsesion (ID_usuario, accion, fecha, IP_origen,descripcion, utimestamp) VALUES ("'.$id.'","'.$accion.'","'.$today.'","'.$ip.'","'.$descripcion.'", "'.$utimestamp.'")'; - $result=mysql_query($sql1); + $sql1 = sprintf ("INSERT INTO `tsesion` (ID_usuario, accion, fecha, IP_origen,descripcion, utimestamp) VALUES ('%s','%s',NOW(),'%s','%s',UNIX_TIMESTAMP(NOW()))",$id,$accion,$ip,$descripcion); + mysql_query($sql1); } /** @@ -145,11 +141,9 @@ function audit_db ($id, $ip, $accion, $descripcion){ * @param ip Client user IP address. */ function logon_db ($id_user, $ip) { - global $config; - audit_db ($id_user, $ip, "Logon", "Logged in"); // Update last registry of user to set last logon. How do we audit when the user was created then? - $sql = sprintf ('UPDATE tusuario SET fecha_registro = $today WHERE id_usuario = "%s"', $id_user); + $sql = sprintf ("UPDATE `tusuario` SET `fecha_registro` = NOW() WHERE `id_usuario` = '%s'", $id_user); mysql_query ($sql); } @@ -196,16 +190,17 @@ function give_disabled_group ($id_group) { function get_agents_in_group ($id_group, $disabled = false) { /* 'All' group must return all agents */ if ($id_group == 1) { - if ($disabled) + if ($disabled) { return get_db_all_rows_in_table ('tagente', 'nombre'); - return get_db_all_rows_field_filter ('tagente', 'disabled', 0, 'nombre'); - } - if ($disabled) + } else { + return get_db_all_rows_field_filter ('tagente', 'disabled', 0, 'nombre'); + } + } elseif ($disabled && $id_group != 1) { return get_db_all_rows_field_filter ('tagente', 'id_grupo', (int) $id_group, 'nombre'); - $sql = sprintf ('SELECT * FROM tagente - WHERE id_grupo = %d AND disabled = 0 ORDER BY nombre', - $id_group); - return get_db_all_rows_sql ($sql); + } else { + $sql = sprintf ("SELECT * FROM `tagente` WHERE `id_grupo` = '%d' AND `disabled` = '0' ORDER BY `nombre`",$id_group); + return get_db_all_rows_sql ($sql); + } } /** @@ -227,10 +222,7 @@ function get_modules_in_agent ($id_agent) { * @return An array with all simple alerts defined for an agent. */ function get_simple_alerts_in_agent ($id_agent) { - $sql = sprintf ('SELECT talerta_agente_modulo.* - FROM talerta_agente_modulo, tagente_modulo - WHERE talerta_agente_modulo.id_agente_modulo = tagente_modulo.id_agente_modulo - AND tagente_modulo.id_agente = %d', $id_agent); + $sql = sprintf ("SELECT talerta_agente_modulo.* FROM talerta_agente_modulo, tagente_modulo WHERE talerta_agente_modulo.id_agente_modulo = tagente_modulo.id_agente_modulo AND tagente_modulo.id_agente = %d", $id_agent); return get_db_all_rows_sql ($sql); } @@ -489,14 +481,15 @@ function dame_nombre_real ($id_user) { * @return The number of times a monitor went down. */ function get_monitor_downs_in_period ($id_agent_module, $period, $date = 0) { - if (!$date) + if ($date == 0) { $date = time (); + } $datelimit = $date - $period; - $sql = sprintf ('SELECT COUNT(*) FROM tevento WHERE - event_type = "monitor_down" - AND id_agentmodule = %d - AND utimestamp > %d AND utimestamp <= %d', - $id_agent_module, $datelimit, $date); + $sql = sprintf ("SELECT COUNT(`id_agentmodule`) FROM `tevento` WHERE + `event_type` = 'monitor_down' + AND `id_agentmodule` = '%d' + AND `utimestamp` > '%d' + AND `utimestamp` <= '%d'",$id_agent_module, $datelimit, $date); return get_db_sql ($sql); } @@ -511,14 +504,15 @@ function get_monitor_downs_in_period ($id_agent_module, $period, $date = 0) { * @return The last time a monitor went down. */ function get_monitor_last_down_timestamp_in_period ($id_agent_module, $period, $date = 0) { - if (!$date) + if ($date == 0) { $date = time (); + } $datelimit = $date - $period; - $sql = sprintf ('SELECT MAX(timestamp) FROM tevento WHERE - event_type = "monitor_down" - AND id_agentmodule = %d - AND utimestamp > %d AND utimestamp <= %d', - $id_agent_module, $datelimit, $date); + $sql = sprintf ("SELECT MAX(`timestamp`) FROM `tevento` WHERE + event_type = 'monitor_down' + AND `id_agentmodule` = '%d' + AND `utimestamp` > '%d' + AND `utimestamp` <= '%d'",$id_agent_module, $datelimit, $date); return get_db_sql ($sql); } @@ -531,12 +525,11 @@ function get_monitor_last_down_timestamp_in_period ($id_agent_module, $period, $ * @return An array with all the monitors defined in the group (tagente_modulo). */ function get_monitors_in_group ($id_group) { - $sql = sprintf ('SELECT tagente_modulo.* - FROM tagente_modulo, ttipo_modulo, tagente - WHERE id_tipo_modulo = id_tipo - AND tagente.id_agente = tagente_modulo.id_agente - AND ttipo_modulo.nombre like "%%_proc" - AND tagente.id_grupo = %d', $id_group); + $sql = sprintf ("SELECT `tagente_modulo`.* FROM `tagente_modulo`, `ttipo_modulo`, `tagente` WHERE + `id_tipo_modulo` = `id_tipo` + AND `tagente`.`id_agente` = `tagente_modulo`.`id_agente` + AND `ttipo_modulo`.`nombre` LIKE '%%_proc' + AND `tagente`.`id_grupo` = '%d'", $id_group); return get_db_all_rows_sql ($sql); } @@ -548,12 +541,12 @@ function get_monitors_in_group ($id_group) { * @return An array with all the monitors defined (tagente_modulo). */ function get_monitors_in_agent ($id_agent) { - $sql = sprintf ('SELECT tagente_modulo.* - FROM tagente_modulo, ttipo_modulo, tagente - WHERE id_tipo_modulo = id_tipo - AND tagente.id_agente = tagente_modulo.id_agente - AND ttipo_modulo.nombre like "%%_proc" - AND tagente.id_agente = %d', $id_agent); + $sql = sprintf ("SELECT `tagente_modulo`.* + FROM `tagente_modulo`, `ttipo_modulo`, `tagente` + WHERE `id_tipo_modulo` = `id_tipo` + AND `tagente`.`id_agente` = `tagente_modulo`.`id_agente` + AND `ttipo_modulo.nombre` LIKE '%%_proc' + AND `tagente`.`id_agente` = '%d'", $id_agent); return get_db_all_rows_sql ($sql); } @@ -591,11 +584,11 @@ function get_alert_fires_in_period ($id_agent_module, $period, $date = 0) { if (!$date) $date = time (); $datelimit = $date - $period; - $sql = sprintf ('SELECT COUNT(*) FROM tevento WHERE - event_type = "alert_fired" - AND id_agentmodule = %d - AND utimestamp > %d AND utimestamp <= %d', - $id_agent_module, $datelimit, $date); + $sql = sprintf ("SELECT COUNT(`id_agentmodule`) FROM `tevento` WHERE + `event_type` = 'alert_fired' + AND `id_agentmodule` = '%d' + AND `utimestamp` > '%d' + AND `utimestamp` <= '%d'",$id_agent_module, $datelimit, $date); return (int) get_db_sql ($sql); } @@ -612,7 +605,7 @@ function get_alerts_in_group ($id_group) { $alerts = array (); $agents = get_agents_in_group ($id_group); foreach ($agents as $agent) { - $agent_alerts = get_alerts_in_agent ($agent['id_agente']); + $agent_alerts = get_alerts_in_agent ($agent["id_agente"]); $alerts = array_merge ($alerts, $agent_alerts); } @@ -656,14 +649,15 @@ function get_alerts_fired ($alerts, $period = 0, $date = 0) { * @return The last time an alert fired. */ function get_alert_last_fire_timestamp_in_period ($id_agent_module, $period, $date = 0) { - if (!$date) + if ($date == 0) { $date = time (); + } $datelimit = $date - $period; - $sql = sprintf ('SELECT MAX(timestamp) FROM tevento WHERE - event_type = "alert_fired" - AND id_agentmodule = %d - AND utimestamp > %d AND utimestamp <= %d', - $id_agent_module, $datelimit, $date); + $sql = sprintf ("SELECT MAX(`timestamp`) FROM `tevento` WHERE + `event_type` = 'alert_fired' + AND `id_agentmodule` = '%d' + AND `utimestamp` > '%d' + AND `utimestamp` <= '%d'",$id_agent_module, $datelimit, $date); return get_db_sql ($sql); } @@ -739,7 +733,7 @@ function dame_numero_notas ($id_incident) { * @return */ function dame_numero_datos () { - return (int) get_db_sql ('SELECT COUNT(*) FROM tagente_datos'); + return (int) get_db_sql ("SELECT COUNT(*) FROM `tagente_datos`"); } /** @@ -761,27 +755,25 @@ function dame_generic_string_data ($id) { function borrar_incidencia ($id_inc) { global $config; - $sql = "DELETE FROM tincidencia WHERE id_incidencia = ".$id_inc; + $sql = sprintf("DELETE FROM `tincidencia` WHERE `id_incidencia` = '%d'",$id_inc); mysql_query ($sql); - $sql = "SELECT * FROM tnota_inc WHERE id_incidencia = ".$id_inc; - $res2 = mysql_query ($sql); - while ($row2 = mysql_fetch_array ($res2)) { - // Delete all note ID related in table - $sql = "DELETE FROM tnota WHERE id_nota = ".$row2["id_nota"]; + $sql = sprintf("SELECT `id_nota` FROM `tnota_inc` WHERE `id_incidencia` = '%d'".$id_inc); + $rows = get_db_all_rows_sql ($sql); + foreach ($rows as $row) { + $sql = sprintf("DELETE FROM `tnota` WHERE `id_nota` = '%d'",$row["id_nota"]); mysql_query ($sql); } - $sql = "DELETE FROM tnota_inc WHERE id_incidencia = ".$id_inc; + $sql = "DELETE FROM `tnota_inc` WHERE `id_incidencia` = ".$id_inc; mysql_query ($sql); + // Delete attachments - $sql = "SELECT * FROM tattachment WHERE id_incidencia = ".$id_inc; - $result = mysql_query ($sql); - while ($row = mysql_fetch_array ($result)) { + $sql = sprintf("SELECT `id_attachment`,`filename` FROM `tattachment` WHERE `id_incidencia` = '%d'",$id_inc); + $rows = get_db_all_rows_sql ($sql); + foreach ($rows as $row) { // Unlink all attached files for this incident - $file_id = $row["id_attachment"]; - $filename = $row["filename"]; - unlink ($attachment_store."attachment/pand".$file_id."_".$filename); + unlink ($attachment_store."attachment/pand".$row["id_attachment"]."_".$row["filename"]); } - $sql = "DELETE FROM tattachment WHERE id_incidencia = ".$id_inc; + $sql = sprintf("DELETE FROM `tattachment` WHERE `id_incidencia` = '%d'",$id_inc); mysql_query ($sql); } @@ -802,7 +794,9 @@ function dame_so_name ($id_os) { * @param id_user User id */ function update_user_contact ($id_user) { - $sql = "UPDATE tusuario set fecha_registro = NOW() WHERE id_usuario = '".$id_user."'"; + global $config; + + $sql = sprintf("UPDATE `tusuario` set `fecha_registro` = NOW() WHERE 'id_usuario' = '%d'",$id_user); mysql_query ($sql); } @@ -840,15 +834,18 @@ function dame_email ($id_user) { */ function dame_admin ($id_user) { $level = get_db_value ('nivel', 'tusuario', 'id_usuario', $id_user); - if ($level) + if ($level == 1) { return true; - return false; + } else { + return false; + } } /** * WARNING: This is a deprectad function and must not be used */ function comprueba_login() { + echo "DEBUG:: Still using comprueba_login eh..."; return check_login (); } @@ -1248,9 +1245,8 @@ function get_db_value ($field, $table, $field_search=1, $condition=1){ } else { $sql = sprintf ("SELECT %s FROM `%s` WHERE `%s` = '%s' LIMIT 1", $field, $table, $field_search, $condition); } - $sql .= " LIMIT 1"; - $result = get_db_all_rows_sql($sql); - if(is_array($result)) + $result = get_db_all_rows_sql ($sql); + if(is_array ($result)) return $result[0][$field]; return ""; @@ -1264,7 +1260,8 @@ function get_db_value ($field, $table, $field_search=1, $condition=1){ * @return The first row of the result or something empty. */ function get_db_row_sql ($sql) { - $result = get_db_all_rows_sql($sql); + $sql .= " LIMIT 1"; + $result = get_db_all_rows_sql ($sql); return $result[0]; } @@ -1290,8 +1287,6 @@ function get_db_row ($table, $field_search, $condition) { } else { $sql = sprintf ("SELECT * FROM `%s` WHERE `%s` = '%s' LIMIT 1", $table, $field_search, $condition); } - $sql .= ' LIMIT 1'; - $result = get_db_all_rows_sql ($sql); return $result[0]; @@ -1306,8 +1301,12 @@ function get_db_row ($table, $field_search, $condition) { * @return The selected field of the first row in a select statement. */ function get_db_sql ($sql, $field = 0) { - $row = get_db_all_rows_sql($sql); - return $row[0][$field]; + $row = get_db_all_rows_sql ($sql); + if (is_array ($row)) { + return $row[0][$field]; + } else { + return ""; + } } /** @@ -1326,7 +1325,7 @@ function get_db_all_rows_sql ($sql) { $retval = $sql_cache[$sql]; $sql_cache[saved]++; } else { - $result = mysql_query($sql); + $result = mysql_query ($sql); if (!$result) { echo 'Error: get_db_all_rows_sql ("'.$sql.'") :'. mysql_error ().'
'; return $retval; @@ -1335,8 +1334,9 @@ function get_db_all_rows_sql ($sql) { array_push ($retval, $row); } $sql_cache[$sql] = $retval; + mysql_free_result ($result); } - if(!empty($retval)) + if(!empty ($retval)) return $retval; return ""; //Return empty because NULL is a possible database value } @@ -1350,9 +1350,9 @@ function get_db_all_rows_sql ($sql) { */ function get_db_all_rows_in_table ($table, $order_field = "") { if ($order_field != "") { - return get_db_all_rows_sql("SELECT * FROM `".$table."` ORDER BY `".$order_field."` "); + return get_db_all_rows_sql ("SELECT * FROM `".$table."` ORDER BY `".$order_field."` "); } else { - return get_db_all_rows_sql("SELECT * FROM `".$table."`"); + return get_db_all_rows_sql ("SELECT * FROM `".$table."`"); } } @@ -1388,8 +1388,12 @@ function get_db_all_rows_field_filter ($table, $field, $condition, $order_field * * @return A matrix with all the values in the table that matches the condition in the field */ -function get_db_all_fields_in_table ($table, $field) { - return get_db_all_rows_sql ('SELECT '.$field.' FROM '. $table); +function get_db_all_fields_in_table ($table, $field, $condition='') { + $sql = sprintf ("SELECT %s FROM `%s`",$field,$table); + if($condition != '') { + $sql .= sprintf (" WHERE `%s` = '%s'",$field,$condition); + } + return get_db_all_rows_sql ($sql); } /** @@ -1400,28 +1404,22 @@ function get_db_all_fields_in_table ($table, $field) { * @return True if there were alerts fired. */ function return_status_agent_module ($id_agentmodule = 0){ - $query1 = "SELECT estado FROM tagente_estado WHERE id_agente_modulo = " . $id_agentmodule; - $resq1 = mysql_query ($query1); - if ($resq1 != 0) { - $rowdup = mysql_fetch_array($resq1); - if ($rowdup[0] == 100) { - // We need to check if there are any alert on this item - $query2 = "SELECT SUM(times_fired) FROM talerta_agente_modulo WHERE id_agente_modulo = " . $id_agentmodule; - $resq2 = mysql_query($query2); - if ($resq2 != 0) { - $rowdup2 = mysql_fetch_array ($resq2); - if ($rowdup2[0] > 0){ - return 0; - } - } - // No alerts fired for this agent module - return 1; - } elseif ($rowdup[0] == 0) // 0 is ok for estado field - return 1; + $sql = sprintf ("SELECT `estado` FROM `tagente_estado` WHERE `id_agente_modulo` = '%d'",$id_agentmodule); + $estado = get_db_sql($sql); + if ($estado == 100) { + // We need to check if there are any alert on this item + $sql = sprintf ("SELECT SUM(times_fired) FROM `talerta_agente_modulo` WHERE `id_agente_modulo` = '%d'",$id_agentmodule); + $times_fired = get_db_sql($sql); + if ($times_fired > 0){ + return 0; + } + // No alerts fired for this agent module + return 1; + } elseif ($estado == 0) { // 0 is ok for estado field + return 1; + } else { return 0; } - - return 1; } /** @@ -1438,24 +1436,22 @@ function return_status_agent_module ($id_agentmodule = 0){ function return_status_layout ($id_layout = 0) { $temp_status = 0; $temp_total = 0; - $sql = "SELECT * FROM tlayout_data WHERE id_layout = $id_layout"; - $res = mysql_query ($sql); - while ($row = mysql_fetch_array ($res)) { - $id_agentmodule = $row["id_agente_modulo"]; - $type = $row["type"]; - $parent_item = $row["parent_item"]; - $link_layout = $row["id_layout_linked"]; - if (($link_layout != 0) && ($id_agentmodule == 0)) { - $temp_status += return_status_layout ($link_layout); + $sql = sprintf ("SELECT id_agente_modulo, parent_item, id_layout_linked FROM `tlayout_date` WHERE `id_layout` = '%d'",$id_layout); + $result = get_db_all_rows_sql ($sql); + foreach ($result as $rownum => $data) { + if (($data["id_layout_linked"] != 0) && ($data["id_agente_modulo"] == 0)) { + $temp_status += return_status_layout ($data["id_layout_linked"]); $temp_total++; } else { - $temp_status += return_status_agent_module ($id_agentmodule); + $temp_status += return_status_agent_module ($data["id_agente_modulo"]); $temp_total++; } } - if ($temp_status == $temp_total) + if ($temp_status == $temp_total) { return 1; - return 0; + } else { + return 0; + } } /** @@ -1616,8 +1612,7 @@ function get_agent_module_value_sumatory ($id_agent_module, $period, $date = 0) if (! $date) $date = time (); $datelimit = $date - $period; // limit date - $id_module_type = get_db_value ('id_tipo_modulo', 'tagente_modulo', - 'id_agente_modulo', $id_agent_module); + $id_module_type = get_db_value ('id_tipo_modulo', 'tagente_modulo','id_agente_modulo', $id_agent_module); $module_name = get_db_value ('nombre', 'ttipo_modulo', 'id_tipo', $id_module_type); if (is_module_data_string ($module_name)) { @@ -1691,7 +1686,12 @@ function get_agent_module_value_sumatory ($id_agent_module, $period, $date = 0) */ function lang_string ($string) { global $config; - require ($config["homedir"]."/include/languages/language_".$config["language"].".php"); + global $lang_label; + + if(!is_array ($lang_label)) { + require_once ($config["homedir"]."/include/languages/language_".$config["language"].".php"); + } //Only includes the file once (the first function call) and since $lang_label is global, it will propagate + if (isset ($lang_label[$string])) return $lang_label[$string]; return $string; diff --git a/pandora_console/operation/agentes/estado_alertas.php b/pandora_console/operation/agentes/estado_alertas.php index e5f255025a..1948e29dc2 100644 --- a/pandora_console/operation/agentes/estado_alertas.php +++ b/pandora_console/operation/agentes/estado_alertas.php @@ -65,7 +65,7 @@ if (isset($_GET["id_agente"])){ echo " ".$lang_label["type"]."".$lang_label["name"]." ".$lang_label["description"]." - ".lang_string ("info")." + ".$lang_label["Info"]." ".$lang_label["min."]." ".$lang_label["max."]." ".$lang_label["time_threshold"]."