2008-11-14 Evi Vanoost <vanooste@rcbi.rochester.edu>

* operation/incidents/incident_detail.php, incident.php: Update ACL's to reflect IR rights instead of default AR * operation/events/events.php: Updated style and html for new functions. Fixes Bug #2267593 * index.php: Put REMOTE_ADDR in $config as well. It's easier to globalize in functions. * include/functions_reporting.php: Updated event_reporting to accept any type of date. Style update. get_group_stats didn't need global * include/functions_html.php: Updated print_table documentation with pre-existing $table->id. Also added $table->headclass[] for classes in headers * include/functions_events.php: New-style function file to aggregate events functions. * include/functions_db.php: gime_idgroup_from_idevent is now in functions_events.php as get_events_group. Renamed get_events_in_group to get_group_events return_priority is now get_priority_name * include/functions.php: Added safe_int function to clean up and remove non-ints from either single values or arrays of values. Also has min and max limiters. Added $pagination in lieu of $config["block_size"] to pagination function. That way larger block sizes (eg in events) will display correctly. Added strtotime on format_datetime * godmode/db/db_event.php: After an ACL error, it's better to exit git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1244 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2008-11-14 15:37:32 +00:00 · 2008-11-14 15:37:32 +00:00 · 34ca6bff42
parent 0873a78a4f
commit 34ca6bff42
11 changed files with 500 additions and 396 deletions
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@ -1,3 +1,36 @@
 2008-11-14  Evi Vanoost  <vanooste@rcbi.rochester.edu>
 	* operation/incidents/incident_detail.php, incident.php: Update ACL's
 	to reflect IR rights instead of default AR
 	* operation/events/events.php: Updated style and html for new
 	functions. Fixes Bug #2267593
 	* index.php: Put REMOTE_ADDR in $config as well. It's easier to
 	globalize in functions.
 	* include/functions_reporting.php: Updated event_reporting to accept
 	any type of date. Style update. get_group_stats didn't need global
 	* include/functions_html.php: Updated print_table documentation with
 	pre-existing $table->id. Also added $table->headclass[] for classes
 	in headers
 	* include/functions_events.php: New-style function file to aggregate
 	events functions.
 	* include/functions_db.php: gime_idgroup_from_idevent is now in
 	functions_events.php as get_events_group. Renamed get_events_in_group 
 	to get_group_events return_priority is now get_priority_name
 	* include/functions.php: Added safe_int function to clean up and remove
 	non-ints from either single values or arrays of values. Also has min
 	and max limiters. Added $pagination in lieu of $config["block_size"]
 	to pagination function. That way larger block sizes (eg in events)
 	will display correctly. Added strtotime on format_datetime
 	* godmode/db/db_event.php: After an ACL error, it's better to exit
 2008-11-14  Esteban Sanchez  <estebans@artica.es>
 	* include/functions_reporting.php: Fixed an error when calculating
--- a/pandora_console/godmode/db/db_event.php
+++ b/pandora_console/godmode/db/db_event.php
@ -24,7 +24,7 @@ check_login ();
 if (! give_acl ($config['id_user'], 0, "DM")) {
 	audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation", "Trying to access Database Management Event");
 	require ("general/noaccess.php");
-	return;
+	exit;
 }
 # ADQUIRE DATA PASSED AS FORM PARAMETERS
--- a/pandora_console/include/functions.php
+++ b/pandora_console/include/functions.php
@ -55,6 +55,36 @@ function safe_input ($value) {
 	return htmlentities (utf8_decode ($value), ENT_QUOTES); 
 }
 /**
 * Cleans an object or an array and casts all values as integers
 *
 * @param value String or array of strings to be cleaned
 * @param min If value is smaller than min it will return false
 * @param max if value is larger than max it will return false
 *
 * @return The cleaned string. If an array was passed, the invalid values will have been removed
 */
 function safe_int ($value, $min = false, $max = false) {
 	if (is_array ($value)) {
 		foreach ($value as $key => $check) {
 			$check = safe_int ($check, $min, $max);
 			if ($check !== false) {
 				$value[$key] = $check;
 			} else {
 				unset ($value[$key]);
 			}
 		}
 	} else {
 		$value = (int) $value; //Cast as integer
 		if (($min !== false && $value < $min) || ($max !== false && $value > $max)) {
 			//If it's smaller than min or larger than max return false
 			return false;
 		}
 	}
 	return $value;
 }
 /** 
 * Pandora debug functions.
 *
@ -206,7 +236,7 @@ function no_permission () {
 * @param error Aditional error string to be shown. Blank by default
 */
 function unmanaged_error ($error = "") {
-	require("config.php");
+	require_once ("config.php");
 	echo "<h3 class='error'>".__('Unmanaged error')."</h3>";
 	echo "<img src='images/error.png' alt='error'><br><br>";
 	echo "<table width=550>";
@ -268,12 +298,17 @@ function list_files ($directory, $stringSearch, $searchHandler, $return) {
 * @param count Number of elements in the collection.
 * @param url URL of the pagination links. It must include all form values as GET form.
 * @param offset Current offset for the pagination
 * @param pagination Current pagination size. If a user requests a larger pagination than config["block_size"]
 * 
 * @return It returns nothing, it prints the pagination.
 */
-function pagination ($count, $url, $offset) {
+function pagination ($count, $url, $offset, $pagination = 0) {
 	global $config;
 	if (empty ($pagination)) {
 		$pagination = $config["block_size"];
 	}
 	/* 	URL passed render links with some parameter
 			&offset - Offset records passed to next page
 	  		&counter - Number of items to be blocked 
@ -282,12 +317,12 @@ function pagination ($count, $url, $offset) {
 	*/
 	$block_limit = 15; // Visualize only $block_limit blocks
-	if ($count <= $config["block_size"]) {
+	if ($count <= $pagination) {
 		return;
 	}
 	// If exists more registers than I can put in a page, calculate index markers
-	$index_counter = ceil($count/$config["block_size"]); // Number of blocks of block_size with data
+	$index_counter = ceil($count/$pagination); // Number of blocks of block_size with data
-	$index_page = ceil($offset/$config["block_size"])-(ceil($block_limit/2)); // block to begin to show data;
+	$index_page = ceil($offset/$pagination)-(ceil($block_limit/2)); // block to begin to show data;
 	if ($index_page < 0)
 		$index_page = 0;
@ -317,7 +352,7 @@ function pagination ($count, $url, $offset) {
 	echo '<a href="'.$url.'&offset=0"><img src="images/control_start_blue.png" class="bot" /></a>&nbsp;';
 	// Show PREVIOUS button
 	if ($index_page > 0){
-		$index_page_prev= ($index_page-(floor($block_limit/2)))*$config["block_size"];
+		$index_page_prev= ($index_page-(floor($block_limit/2)))*$pagination;
 		if ($index_page_prev < 0)
 			$index_page_prev = 0;
 		echo '<a href="'.$url.'&offset='.$index_page_prev.'"><img src="images/control_rewind_blue.png" class="bot" /></a>';
@ -326,10 +361,10 @@ function pagination ($count, $url, $offset) {
 	// Draw blocks markers
 	// $i stores number of page
 	for ($i = $inicio_pag; $i < $index_limit; $i++) {
-		$inicio_bloque = ($i * $config["block_size"]);
+		$inicio_bloque = ($i * $pagination);
-		$final_bloque = $inicio_bloque + $config["block_size"];
+		$final_bloque = $inicio_bloque + $pagination;
 		if ($final_bloque > $count){ // if upper limit is beyond max, this shouldnt be possible !
-			$final_bloque = ($i-1)*$config["block_size"] + $count-(($i-1) * $config["block_size"]);
+			$final_bloque = ($i-1) * $pagination + $count-(($i-1) * $pagination);
 		}
 		echo "<span>";
@ -348,9 +383,9 @@ function pagination ($count, $url, $offset) {
 	// Show NEXT PAGE (fast forward)
 	// Index_counter stores max of blocks
 	if (($paginacion_maxima == 1) AND (($index_counter - $i) > 0)) {
-		$prox_bloque = ($i+ceil($block_limit/2))*$config["block_size"];
+		$prox_bloque = ($i + ceil ($block_limit / 2)) * $pagination;
 		if ($prox_bloque > $count)
-			$prox_bloque = ($count -1) - $config["block_size"];
+			$prox_bloque = ($count -1) - $pagination;
 		echo '<a href="'.$url.'&offset='.$prox_bloque.'"><img class="bot" src="images/control_fastforward_blue.png" /></a>';
 		$i = $index_counter;
 	}
@ -358,8 +393,8 @@ function pagination ($count, $url, $offset) {
 	// get offset for index calculation
 	// Draw "last" block link, ajust for last block will be the same
 	// as painted in last block (last integer block).	
-	if (($count - $config["block_size"]) > 0){
+	if (($count - $pagination) > 0){
-		$myoffset = floor(($count-1)/ $config["block_size"])* $config["block_size"];
+		$myoffset = floor(($count-1) / $pagination) * $pagination;
 		echo '<a href="'.$url.'&offset='.$myoffset.'"><img class="bot" src="images/control_end_blue.png" /></a>';
 	}
 	// End div and layout
@ -381,6 +416,11 @@ function pagination ($count, $url, $offset) {
 function format_datetime ($timestamp, $alt_format = "") {
 	global $config;
 	if (!is_int ($timestamp)) {
 		//Make function format agnostic
 		$timestamp = strtotime ($timestamp);
 	}
 	if ($alt_format == "")
 		$alt_format = $config["date_format"];
@ -1152,11 +1192,13 @@ function get_priorities () {
 }
 /**
- * Get priority value from priority name.
+ * Get priority name from priority value.
 *
- * @param priority Priority name.
+ * @param priority value (integer) as stored eg. in database.
 *
 * @return priority string.
 */
-function return_priority ($priority) {
+function get_priority_name ($priority) {
 	global $config;
 	switch ($priority) {
@ -1177,7 +1219,8 @@ function return_priority ($priority) {
 /**
 * Avoid magic_quotes protection
- *
+ * Deprecated by get_parameter functions and safe_input funcitons
 * Magic Quotes are deprecated in PHP5 and will be removed in PHP6
 * @param string Text string to be stripped of magic_quotes protection
 */
@ -1187,12 +1230,21 @@ function unsafe_string ($string) {
 	return $string;
 }
 /**
 * Deprecated by get_parameter functions and safe_input funcitons
 * Magic Quotes are deprecated in PHP5 and will be removed in PHP6
 */
 function safe_sql_string ($string) {
 	if (get_magic_quotes_gpc () == 0) 
 		$string = mysql_escape_string ($string);
 	return $string;
 }
 /**
 * enterprise functions
 */
 function enterprise_hook ($function_name, $parameters = false) {
 	if (function_exists ($function_name)) {
 		if (!is_array ($parameters))
--- a/pandora_console/include/functions_db.php
+++ b/pandora_console/include/functions_db.php
@ -360,17 +360,6 @@ function return_event_description ($id_event) {
 	return (string) get_db_value ('evento', 'tevento', 'id_evento', (int) $id_event);
 }
 /** 
 * Get group id of an event.
 * 
 * @param id_event Event id
 * 
 * @return Group id of the given event.
 */
 function gime_idgroup_from_idevent ($id_event) {
 	return (int) get_db_value ('id_grupo', 'tevento', 'id_evento', (int) $id_event);
 }
 /** 
 * Get name of an agent.
 * 
@ -580,7 +569,7 @@ function get_monitors_in_group ($id_group) {
 * 
 * @return An array with all the events happened.
 */
-function get_events_in_group ($id_group, $period, $date) {
+function get_group_events ($id_group, $period, $date) {
 	$datelimit = $date - $period;
 	if ($id_group == 1) {
@ -2111,7 +2100,7 @@ function smal_event_table ($filter = "", $limit = 10, $width = 440) {
 			$tdclass = "datos_grey";
 		}
-		$criticity_label = return_priority ($event["criticity"]);
+		$criticity_label = get_priority_name ($event["criticity"]);
 		/* Colored box */
 		echo "<tr><td class='$tdclass' title='$criticity_label' align='center'>";
 		if ($event["estado"] == 0) {
--- a/pandora_console/include/functions_events.php
+++ b/pandora_console/include/functions_events.php
@ -0,0 +1,105 @@
 <?php
 // Pandora FMS - the Flexible Monitoring System
 // ============================================
 // Copyright (c) 2008 Evi Vanoost, <vanooste@rcbi.rochester.edu>
 // Please see http://pandora.sourceforge.net for full contribution list
 // This program is free software; you can redistribute it and/or
 // modify it under the terms of the GNU General Public License
 // as published by the Free Software Foundation for version 2.
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU General Public License for more details.
 // You should have received a copy of the GNU General Public License
 // along with this program; if not, write to the Free Software
 // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 function delete_event ($id_event) {
 	global $config;
 	$id_event = (array) safe_int ($id_event, 1); //Cleans up the selection for all unwanted values also casts any single values as an array 
 	process_sql ("SET AUTOCOMMIT = 0;");
 	process_sql ("START TRANSACTION;");
 	$errors = 0;
 	foreach ($id_event as $event) {
 		$sql = sprintf ("DELETE FROM tevento WHERE id_evento = %d", $event);
 		$ret = process_sql ($sql);
 		if (give_acl ($config["id_user"], get_event_group ($event), "IM") == 0) {
 			//Check ACL
 			audit_db ($config["id_user"], $config["remote_addr"], "ACL Violation", "Attempted deleting event #".$event);
 		} elseif ($ret !== false) {
 			//ACL didn't fail nor did return
 			continue;
 		}
 		$errors++;
 	}
 	if ($errors > 1) {
 		process_sql ("ROLLBACK;");
 		process_sql ("SET AUTOCOMMIT = 1;");
 		return false;
 	} else {
 		foreach ($id_event as $event) {
 			audit_db ($config["id_user"], $config["remote_addr"], "Event deleted", "Deleted event #".$event);
 		}
 		process_sql ("COMMIT;");
 		process_sql ("SET AUTOCOMMIT = 1;");
 		return true;
 	}
 }
 function process_event_validate ($id_event) {
 	global $config;
 	$id_event = (array) safe_int ($id_event, 1); //Cleans up the selection for all unwanted values also casts any single values as an array 
 	process_sql ("SET AUTOCOMMIT = 0;");
 	process_sql ("START TRANSACTION;");
 	$errors = 0;
 	foreach ($id_event as $event) {
 		$sql = sprintf ("UPDATE tevento SET estado = 1, id_usuario = '%s' WHERE id_evento = %d", $config['id_user'], $event);
 		$ret = process_sql ($sql);
 		if (give_acl ($config["id_user"], get_event_group ($event), "IW") == 0) {
 			//Check ACL
 			audit_db ($config["id_user"], $config["remote_addr"], "ACL Violation", "Attempted updating event #".$event);
 		} elseif ($ret !== false) {
 			//ACL didn't fail nor did return
 			continue;
 		}
 		$errors++;
 	}
 	if ($errors > 1) {
 		process_sql ("ROLLBACK;");
 		process_sql ("SET AUTOCOMMIT = 1;");
 		return false;
 	} else {
 		foreach ($id_event as $event) {
 			audit_db ($config["id_user"], $config["remote_addr"], "Event validated", "Validated event #".$event);
 		}
 		process_sql ("COMMIT;");
 		process_sql ("SET AUTOCOMMIT = 1;");
 		return true;
 	}
 }
 /** 
 * Get group id of an event.
 * 
 * @param id_event Event id
 * 
 * @return Group id of the given event.
 */
 function get_event_group ($id_event) {
 	return (int) get_db_value ('id_grupo', 'tevento', 'id_evento', (int) $id_event);
 }
 ?>
--- a/pandora_console/include/functions_html.php
+++ b/pandora_console/include/functions_html.php
@ -297,6 +297,8 @@ function print_textarea ($name, $rows, $columns, $value = '', $attributes = '',
 *     $table->cellpadding  - Padding on each cell
 *     $table->cellspacing  - Spacing between cells
 *     $table->class  - CSS table class
 *	   $table->id - Table ID (useful in JavaScript)
 *	   $table->headclass[] - An array of classes for each heading
 * @param  bool $return whether to return an output string or echo now
 */
 function print_table (&$table, $return = false) {
@ -397,8 +399,10 @@ function print_table (&$table, $return = false) {
 			if (!isset ($align[$key])) {
 				$align[$key] = '';
 			}
-	
+			if (!isset ($table->headclass[$key])) {
-			$output .= '<th class="header c'.$key.'" scope="col">'. $heading .'</th>';
+				$table->headclass[$key] = 'header c'.$key;
 			}	
 			$output .= '<th class="'.$table->headclass[$key].'" scope="col">'. $heading .'</th>';
 		}
 		$output .= '</tr></thead>'."\n";
 	}
--- a/pandora_console/include/functions_reporting.php
+++ b/pandora_console/include/functions_reporting.php
@ -121,9 +121,7 @@ function get_agent_module_sla ($id_agent_module, $period, $min_value, $max_value
 * @return 
 */
 function get_group_stats ($id_group) {
-	global $config;
+	$groups = array_keys (get_user_groups ());
 	$groups = array_keys (get_user_groups ($config["id_user"]));
 	if ($id_group > 0 && in_array ($groups, $id_group)) {
 		//If a group is selected, and we have permissions to it then we don't need to look for them
 		$groups = array ();
@ -288,16 +286,17 @@ function get_group_stats ($id_group) {
 * 
 * @param id_group Group id to get the report.
 * @param period Period of time to get the report.
- * @param date Beginning date of the report in UNIX time (current date by default).
+ * @param date Beginning date of the report
 * @param return Flag to return or echo the report table (echo by default).
 * 
 * @return A table object if return variable is true.
 */
 function event_reporting ($id_group, $period, $date = 0, $return = false) {
-	global $config;
+	if (empty ($date)) {
 	if (! $date)
 		$date = time ();
 	} elseif (!is_int ($date)) {
 		$date = strtotime ($date);
 	}
 	$table->data = array ();
 	$table->head = array ();
@ -306,25 +305,23 @@ function event_reporting ($id_group, $period, $date = 0, $return = false) {
 	$table->head[2] = __('User ID');
 	$table->head[3] = __('Timestamp');
-	$events = get_events_in_group ($id_group, $period, $date);
+	$events = get_group_events ($id_group, $period, $date);
-	if ($events === false) {
+	if (empty ($events)) {
-		if (!$return)
+		$events = array ();
 		print_table ($table);
 		return $table;
 	}
 	foreach ($events as $event) {
 		$data = array ();
 		if ($event["estado"] == 0)
-			$data[0] = '<img src="images/dot_red.png">';
+			$data[0] = '<img src="images/dot_red.png" />';
 		else
-			$data[0] = '<img src="images/dot_green.png">';
+			$data[0] = '<img src="images/dot_green.png" />';
 		$data[1] = $event['evento'];
 		$data[2] = $event['id_usuario'] != '0' ? $event['id_usuario'] : '';
 		$data[3] = $event["timestamp"];
 		array_push ($table->data, $data);
 	}
-	if (!$return)
+	if (empty ($return))
 		print_table ($table);
 	return $table;
 }
--- a/pandora_console/index.php
+++ b/pandora_console/index.php
@ -134,6 +134,7 @@ if ($config["pure"] == 0) {
 }
 $REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
 $config["remote_addr"] = $_SERVER['REMOTE_ADDR'];
 // Login process 
 if (! isset ($_SESSION['id_usuario']) && isset ($_GET["login"])) {
--- a/pandora_console/operation/events/events.php
+++ b/pandora_console/operation/events/events.php
@ -15,155 +15,41 @@
 // You should have received a copy of the GNU General Public License
 // along with this program; if not, write to the Free Software
 // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 ?>
 <script language="JavaScript" type="text/javascript">
 <!--
 	function CheckAll () {
 		for (var i = 0; i < document.eventtable.elements.length; i++) {
 			var e = document.eventtable.elements[i];
 			if (e.type == 'checkbox' && e.name != 'allbox')
 				e.checked = 1;
 		}
 	}
 	function OpConfirm (text, conf) {
 		for (var i = 0; i < document.pageform.elements.length; i++) {
 			var e = document.pageform.elements[i];
 			if (e.type == 'checkbox' && e.name != 'allbox' && e.checked == 1) {
 				if (conf) {
 					return confirm (text);
 				} else {
 					return 1;
 				}
 			}
 		}
 		return false;
 	}
 	/* Function to hide/unhide a specific Div id */
 	function toggleDiv (divid){
 		if (document.getElementById(divid).style.display == 'none'){
 			document.getElementById(divid).style.display = 'block';
 		} else {
 			document.getElementById(divid).style.display = 'none';
 		}
 	}
 //-->
 </script>
 <?php
 // Load global vars
-require("include/config.php");
+require_once ("include/config.php");
 require_once ("include/functions_events.php"); //Event processing functions
 check_login ();
-if (! give_acl ($config["id_user"], 0, "AR")) {
+if (! give_acl ($config["id_user"], 0, "IR")) {
 	audit_db ($config["id_user"], $REMOTE_ADDR, "ACL Violation",
 		"Trying to access event viewer");
 	require ("general/noaccess.php");
-	return;
+	exit;
 }
-$accion = "";
+$delete = get_parameter ("delete");
-// OPERATIONS
+$validate = get_parameter ("validate");
-// Delete Event (only incident management access).
+//Process deletion (pass array or single value)
-if (isset ($_GET["delete"])) {
+if (!empty ($delete)) {
-	//safe input
+	$eventid = (array) get_parameter ("eventid", -1);
-	$id_evento = get_parameter_get ("delete");
+	$return = delete_event ($eventid); //This function handles both single values as well arrays and cleans up before deleting
-	
+	print_error_message ($return, __('Events successfully deleted'), __('There was an error deleting events'));
 	// Look for event_id following parameters: id_group.
 	$id_group = gime_idgroup_from_idevent ($id_evento);
 	if (give_acl ($config['id_user'], $id_group, "IM")) {
 		$descr = return_event_description ($id_evento); //Get description before it gets deleted
 		$sql = "DELETE FROM tevento WHERE id_evento =".$id_evento;
 		$result = process_sql ($sql);
 		if ($result !== false) {
 			echo '<h3 class="suc">'.__('Event successfully deleted').'</h3>';
 			audit_db ($config['id_user'], $REMOTE_ADDR,
 				"Event deleted","Deleted event: ".$descr);
 		} else {
 			echo '<h3 class="error">'.__('Error deleting event').'</h3>';
 		}
 	} else {
 		audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
 			"Trying to delete event ID".$id_evento);
 	}
 }
 // Check Event (only incident write access).
 if (isset ($_GET["check"])) {
 	$id_evento = get_parameter_get ("check");
 	// Look for event_id following parameters: id_group.
 	$id_group = gime_idgroup_from_idevent ($id_evento);
 	if (give_acl ($config["id_user"], $id_group, "IW") ==1){
 		$sql = "UPDATE tevento SET estado = 1, id_usuario = '".$config["id_user"]."' WHERE id_evento = ".$id_evento;
 		$result = process_sql ($sql);
 		if ($result !== false) {
 			echo '<h3 class="suc">'.__('Event successfully validated').'</h3>';
 			audit_db($config["id_user"],$REMOTE_ADDR, "Event validated","Validate event: ".return_event_description ($id_evento));
 		} else {
 			echo '<h3 class="error">'.__('Error validating event').'</h3>';
 		}
 	} else {
 		audit_db ($config['id_user'],$REMOTE_ADDR, "ACL Violation",
 			"Trying to checkout event ".return_event_description ($id_evento));
 	}
 }
 // Mass-process DELETE
 if (isset ($_POST["deletebt"])){
 	$count=0;
 	while ($count <= $config["block_size"]) {
 		if (isset ($_POST["eventid".$count])) {
 			$event_id = get_parameter_post ("eventid".$count);
 			$descr = return_event_description ($event_id); //Get description before it gets deleted
 			// Look for event_id following parameters: id_group.
 			$id_group = gime_idgroup_from_idevent ($event_id);
 			if (give_acl ($config['id_user'], $id_group, "IM")) {
 				process_sql ("DELETE FROM tevento WHERE id_evento = ".$event_id);
 				audit_db ($config['id_user'], $REMOTE_ADDR,
 					"Event deleted","Deleted event: ".$descr);
 			} else {
 				audit_db ($config['id_user'], $REMOTE_ADDR,
 					"ACL Violation","Trying to delete event: ".$descr);
 			}
 		}
 		$count++;
 	}
 }
-// Mass-process UPDATE
+//Process validation (pass array or single value)
-if (isset ($_POST["updatebt"])) {
+if (!empty ($validate)) {
-	$count = 0;
+	$eventid = (array) get_parameter ("eventid", -1);
-	while ($count <= $config["block_size"]) {
+	$return = process_event_validate ($eventid);
-		if (isset ($_POST["eventid".$count])) {
+	print_error_message ($return, __('Events successfully validated'), __('There was an error validating events'));
 			$id_evento = get_parameter_post ("eventid".$count);
 			$id_group = gime_idgroup_from_idevent($id_evento);
 			if (give_acl ($config['id_user'], $id_group, "IW")) {
 				$sql = "UPDATE tevento SET estado=1, id_usuario = '".$config['id_user']."' WHERE estado = 0 AND id_evento = ".$id_evento;
 				$result = process_sql ($sql);
 				audit_db ($config['id_user'], $REMOTE_ADDR,
 					"Event validated","Validate event: ".return_event_description ($id_evento));
 			} else {
 				audit_db ($config['id_user'], $REMOTE_ADDR,
 					"ACL Violation","Trying to checkout event ID".$id_evento);
 			}
 		}
 		$count++;
 	}
 }
 // ***********************************************************************
 // Main code form / page
 // ***********************************************************************
 // Get data
 $offset = (int) get_parameter ( "offset",0);
 $ev_group = (int) get_parameter ("ev_group", 1); //1 = all
 $search = get_parameter ("search", ""); // free search
@ -173,10 +59,9 @@ $status = (int) get_parameter ("status", 0); // -1 all, 0 only red, 1 only green
 $id_agent = (int) get_parameter ("id_agent", -1); //-1 all, 0 system
 $id_event = (int) get_parameter ("id_event", -1);
 $pagination = (int) get_parameter ("pagination", $config["block_size"]);
-$config["block_size"] = $pagination;
+$groups = get_user_groups ($config["id_user"], "IR");
 $groups = get_user_groups ($config["id_user"]);
 //Group selection
 //Group selection
 if ($ev_group > 1 && in_array ($ev_group, array_keys ($groups))) {
 	//If a group is selected and it's in the groups allowed
 	$sql_post = " AND id_grupo = $ev_group";
@ -206,7 +91,7 @@ if ($id_agent != -1)
 if ($id_event != -1)
 	$sql_post .= " AND id_evento = ".$id_event;
-$url = "index.php?sec=eventos&sec2=operation/events/events&search=$search&event_type=$event_type&severity=$severity&status=$status&ev_group=$ev_group&refr=60&id_agent=$id_agent&id_event=$id_event";
+$url = "index.php?sec=eventos&sec2=operation/events/events&search=$search&event_type=$event_type&severity=$severity&status=$status&ev_group=$ev_group&refr=60&id_agent=$id_agent&id_event=$id_event&pagination=$pagination";
 echo "<h2>".__('Events')." &gt; ".__('Main event view'). "&nbsp";
@ -217,57 +102,51 @@ if ($config["pure"] == 1) {
 	echo "<a target='_top' href='$url&pure=1'><img src='images/monitor.png' title='".__('Full screen')."'></a>";
 }
 echo "</h2>";
-echo '<a href="javascript::" onmousedown="toggleDiv(\'event_control\');">';
+echo '<a href="#" id="tgl_event_control"><b>'.__('Event control filter').'</b>&nbsp;'.'<img src="images/wand.png" /></a>';
 echo "<b>".__('Event control filter')." ".'<img src="images/wand.png" /></a></b>';
 if ($config["pure"] == 1) {
-	echo "<div id='event_control' style='display:none'>";
+	echo '<div id="event_control" style="display:none">';
 } else {
-	echo "<div id='event_control' style='display:block'>"; //There is no value all to property display
+	echo '<div id="event_control" style="display:block">'; //There is no value all to property display
 }
 // Table who separate control and graph
 echo "<table width=99% cellpadding=0 cellspacing=2 border=0>";
 echo "<tr><td width=500>";
 // Table for filter controls
-echo "<form method='post' action='index.php?sec=eventos&sec2=operation/events/events&refr=60&pure=".$config["pure"]."'>";
+echo '<form method="post" action="index.php?sec=eventos&sec2=operation/events/events&refr=60&pure='.$config["pure"].'">';
-echo "<table width=500 cellpadding=4 cellspacing=4 class=databox>";
+echo '<table style="width:500px; float:left;" cellpadding="4" cellspacing="4" class="databox"><tr>';
 echo "<tr>";
 // Group combo
-echo "<td>".__('Group')."</td>";
+echo "<td>".__('Group')."</td><td>";
 echo "<td>";
 print_select ($groups, 'ev_group', $ev_group, 'javascript:this.form.submit();', '', 0, false, false, false, 'w130');
 echo "</td>";
 // Event type
-echo "<td>".__('Event type')."</td>";
+echo "<td>".__('Event type')."</td><td>";
 echo "<td>";
 print_select (get_event_types (), 'event_type', $event_type, '', __('All'), '');
 echo "</td></tr><tr>";
 // Severity
-echo "<td>".__('Severity')."</td>";
+echo "<td>".__('Severity')."</td><td>";
 echo "<td>";
 print_select (get_priorities (), "severity", $severity, '', __('All'), '-1');
 echo '</td>';
 // Status
-echo "</td><td>".__('Event status')."</td>";
+echo "<td>".__('Event status')."</td><td>";
 echo "<td>";
 $fields = array ();
 $fields[-1] = __('All event');
 $fields[1] = __('Only validated');
 $fields[0] = __('Only pending');
 print_select ($fields, 'status', $status, 'javascript:this.form.submit();', '', '');
 //NEW LINE
 echo "</td></tr><tr>";
 // Free search
 echo "<td>".__('Free search')."</td><td>";
 print_input_text ('search', $search, '', 15);
 echo '</td>';
 //Agent search
-echo "</td><td>".__('Agent search')."</td><td>";
+echo "<td>".__('Agent search')."</td><td>";
 $sql = "SELECT DISTINCT(id_agente) FROM tevento WHERE 1=1 ".$sql_post;
 $result = get_db_all_rows_sql ($sql);
 if ($result === false)
@ -294,14 +173,14 @@ echo "</td></tr>";
 echo '<tr><td>';
 echo __('Block size for pagination');
 echo '</td>';
-$lpagination[25]=25;
+$lpagination[25] = 25;
-$lpagination[50]=50;
+$lpagination[50] = 50;
-$lpagination[100]=100;
+$lpagination[100] = 100;
-$lpagination[200]=200;
+$lpagination[200] = 200;
-$lpagination[500]=500;
+$lpagination[500] = 500;
 echo "<td>";
-print_select ($lpagination, "pagination", $pagination, '', __('Default'), $config["block_size"]);
+print_select ($lpagination, "pagination", $pagination, 'javascript:this.form.submit();', __('Default'), $config["block_size"]);
 echo "</td>";
 //The buttons
@ -311,207 +190,251 @@ print_submit_button (__('Update'), '', false, 'class="sub upd"');
 // CSV
 echo '&nbsp;&nbsp;&nbsp;
 	<a href="operation/events/export_csv.php?ev_group='.$ev_group.'&event_type='.$event_type.'&search='.$search.'&severity='.$severity.'&status='.$status.'&id_agent='.$id_agent.'">
-	<img src="images/disk.png" title="Export to CSV file"></a>';
+	<img src="images/disk.png" title="Export to CSV file" /></a>';
 // Marquee
-echo "&nbsp;<a target='_top' href='operation/events/events_marquee.php'><img src='images/heart.png' title='".__('Marquee display')."'></a>";
+echo '&nbsp;<a target="_top" href="operation/events/events_marquee.php"><img src="images/heart.png" title="'.__('Marquee display').'" /></a>';
 // RSS
-echo '&nbsp;<a target="_top" href="operation/events/events_rss.php?ev_group='.$ev_group.'&event_type='.$event_type.'&search='.$search.'&severity='.$severity.'&status='.$status.'&id_agent='.$id_agent.'"><img src="images/transmit.png" title="'.__('RSS Events').'"></a>';
+echo '&nbsp;<a target="_top" href="operation/events/events_rss.php?ev_group='.$ev_group.'&event_type='.$event_type.'&search='.$search.'&severity='.$severity.'&status='.$status.'&id_agent='.$id_agent.'"><img src="images/transmit.png" title="'.__('RSS Events').'" /></a>';
-echo "</td></tr></table></form>";
+echo "</td></tr></table></form>"; //This is the internal table
-echo '<td><img src="reporting/fgraph.php?tipo=group_events&width=250&height=180&url='.rawurlencode($sql_post).'" border="0">'; //Don't rely on browsers to do this correctly
+echo '<div style="width:250px; float:left;"><img src="reporting/fgraph.php?tipo=group_events&width=250&height=180&url='.rawurlencode ($sql_post).'" border="0"></div>';
-echo "</td></tr></table></div>";
+echo '</div><div style="clear:both">&nbsp;</div>';
-$sql = "SELECT * FROM tevento WHERE 1=1 ".$sql_post." ORDER BY utimestamp DESC LIMIT ".$offset.",".$config["block_size"];
+$sql = "SELECT * FROM tevento WHERE 1=1 ".$sql_post." ORDER BY utimestamp DESC LIMIT ".$offset.",".$pagination;
 $result = get_db_all_rows_sql ($sql);
 $sql = "SELECT COUNT(id_evento) FROM tevento WHERE 1=1 ".$sql_post;
 $total_events = get_db_sql ($sql);
 if (empty ($result)) {
 	$result = array ();
 }
 if (empty ($total_events)) {
 	$total_events = 0;
 }
 // Show pagination header
-if ($total_events > 0) {
+$offset = get_parameter ("offset", 0);
 pagination ($total_events, $url."&pure=".$config["pure"], $offset, $pagination);		
-	$offset = get_parameter ("offset",0);
+// If pure, table width takes more space
-	pagination ($total_events, $url."&pure=".$config["pure"], $offset);		
+if ($config["pure"] != 0) {
-	// Show data.
+	$table->width = 765;
-		
+} else {
-	echo "<br>";
+	$table->width = 750;
-	echo "<br>";
+}
-	if ($config["pure"] == 0) {
+
-		echo "<table cellpadding='4' cellspacing='4' width='765' class='databox'>";
+$table->id = "eventtable";
 $table->cellpadding = 4;
 $table->cellspacing = 4;
 $table->class = "databox";
 $table->head = array ();
 $table->data = array ();
 $table->head[0] = '';
 $table->head[1] = __('Type');
 $table->headclass[1] = 'f9';
 $table->head[2] = __('Event name');
 //$table->headclass[2] = 'f9';
 $table->head[3] = __('Agent name');
 //$table->headclass[3] = 'f9';
 $table->head[4] = __('Source');
 //$table->headclass[4] = 'f9';
 $table->head[5] = __('Group');
 //$table->headclass[5] = 'f9';
 $table->head[6] = __('User ID');
 //$table->headclass[6] = 'f9';
 $table->head[7] = __('Timestamp');
 //$table->headclass[7] = 'f9';
 $table->head[8] = __('Action');
 //$table->headclass[8] = 'f9';
 $table->head[9] = print_checkbox ("allbox", "1", false, true);
 //$table->headclass[9] = 'p10';
 //Arrange data. We already did ACL's in the query
 foreach ($result as $row) {
 	$data = array ();
 	//First pass along the class of this row
 	switch ($row["criticity"]) {
 	case 0: 
 		$table->rowclass[] = "datos_blue";
 		break;
 	case 1: 
 		$table->rowclass[] = "datos_grey";
 		break;
 	case 2: 
 		$table->rowclass[] = "datos_green";
 		break;
 	case 3: 
 		$table->rowclass[] = "datos_yellow";
 		break;
 	case 4: 
 		$table->rowclass[] = "datos_red";
 		break;
 	default:
 		$table->rowclass[] = "datos_grey";
 	}
 	// Colored box
 	if ($row["estado"] == 0) {
 		$data[0] = '<img src="images/pixel_red.png" width="20" height="35" title="'.get_priority_name ($row["criticity"]).'" />';
 	} else {
-		echo "<table cellpadding='4' cellspacing='4' class='databox'>";
+		$data[0] = '<img src="images/pixel_green.png" width="20" height="35" title="'.get_priority_name ($row["criticity"]).'" />';
 	}
-	echo "<tr>";
+
 	echo "<th class=f9>".__('St')."</th>";
 	echo "<th class=f9>".__('Type')."</th>";
 	echo "<th class=f9>".__('Event name')."</th>";
 	echo "<th class=f9>".__('Agent name')."</th>";
 	echo "<th class=f9>".__('Source')."</th>";
 	echo "<th class=f9>".__('Group')."</th>";
 	echo "<th class=f9>".__('User ID')."</th>";
 	echo "<th class=f9>".__('Timestamp')."</th>";
 	echo "<th class=f9>".__('Action')."</th>";
 	echo "<th class='p10'>";
 	echo "<label for='checkbox' class='p21'>".__('All')." </label>";
 	echo '<input type="checkbox" class="chk" name="allbox" onclick="CheckAll();"></th>';
 	echo "<form name='eventtable' method='POST' action='$url&pure=".$config["pure"]."'>";
 	$id_evento = 0;
-	$offset_counter=0;
+	switch ($row["event_type"]) {
-	// Make query for data (all data, not only distinct).
+	case "alert_recovered": 
-	foreach ($result as $row2) {
+		$data[1] = '<img src="images/error.png" title="'.__('Alert Recovered').'" />';
-		$id_grupo = $row2["id_grupo"];
+		break;
-		if (give_acl($config["id_user"], $id_grupo, "AR") == 1) // Only incident read access to view data !
+	case "alert_manual_validation": 
-			$id_group = $row2["id_grupo"];
+		$data[1] = '<img src="images/eye.png" title="'.__('Manual Alert Validation').'" />';
-
+		break;
-		switch ($row2["criticity"]) {
+	case "monitor_up":
-		case 0: 
+		$data[1] = '<img src="images/lightbulb.png" title="'.__('Monitor Up').'" />';
-			$tdclass = "datos_blue";
+		break;
 	case "monitor_down":
 		$data[1] = '<img src="images/lightbulb_off.png" title="'.__('Monitor Down').'" />';
 		break;
 	case "alert_fired":
 		$data[1] = '<img src="images/bell.png" title="'.__('Alert Fired').'" />';
 		break;
 	case "system";
 		$data[1] = '<img src="images/cog.png" title="'.__('System').'" />';
 		break;
 	case "recon_host_detected";
 		$data[1] = '<img src="images/network.png" title="'.__('Host Detected (Recon)').'" />';
 		break;
 	case "new_agent";
 		$data[1] = '<img src="images/wand.png" title="'.__('New Agent').'" />';
 		break;
 	case "unknown": 
 	default:
 			$data[1] = '<img src="images/err.png" title="'.__('Unknown type').': '.$row["event_type"].'" />';
 			break;
 		case 1: 
 			$tdclass = "datos_grey";
 			break;
 		case 2: 
 			$tdclass = "datos_green";
 			break;
 		case 3: 
 			$tdclass = "datos_yellow";
 			break;
 		case 4: 
 			$tdclass = "datos_red";
 			break;
 		default:
 			$tdclass = "datos_grey";
 		}
 		$criticity_label = return_priority ($row2["criticity"]);
 		// Colored box 
 		echo "<tr><td class='$tdclass' title='$criticity_label' align='center'>";
 		if ($row2["estado"] == 0) {
 			echo "<img src='images/pixel_red.png' width=20 height=35>";
 		} else {
 			echo "<img src='images/pixel_green.png' width=20 height=35>";
 		}
 		// Event type
 		echo "<td class='".$tdclass."' title='".$row2["event_type"]."'>";
 		switch ($row2["event_type"]) {
 		case "unknown": 
 			echo "<img src='images/err.png'>";
 			break;
 		case "alert_recovered": 
 			echo "<img src='images/error.png'>";
 			break;
 		case "alert_manual_validation": 
 			echo "<img src='images/eye.png'>";
 			break;
 		case "monitor_up":
 			echo "<img src='images/lightbulb.png'>";
 			break;
 		case "monitor_down":
 			echo "<img src='images/lightbulb_off.png'>";
 			break;
 		case "alert_fired":
 			echo "<img src='images/bell.png'>";
 			break;
 		case "system";
 			echo "<img src='images/cog.png'>";
 			break;
 		case "recon_host_detected";
 			echo "<img src='images/network.png'>";
 			break;
 		case "new_agent";
 			echo "<img src='images/wand.png'>";
 			break;
 		}
 		// Event description
 		$event_title = safe_input ($row2["evento"]);
 		echo "<td class='".$tdclass."f9' title='$event_title'>";
 		echo substr($row2["evento"],0,45);
 		if (strlen($row2["evento"]) > 45)
 			echo "..";
 		if ($row2["id_agente"] > 0) {
 			// Agent name
 			$agent_name = dame_nombre_agente ($row2["id_agente"]);
 			echo "<td class='".$tdclass."f9' title='$agent_name'><a href='$url&pure=".$config["pure"]."&id_agent=".$row2["id_agente"]."'><b>";
 			echo substr($agent_name, 0, 14);
 			if (strlen($agent_name) > 14)
 				echo "..";
 			echo "</b></a>";
 			// Module name / Alert
 			echo "<td class='$tdclass'>";
 			if ($row2["id_agentmodule"] != 0)
 				echo "<a href='index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente=".$row2["id_agente"]."&tab=data'><img src='images/bricks.png' border=0></A>";
 			echo "&nbsp;";
 			if ($row2["id_alert_am"] != 0)
 				echo "<a href='index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente=".$row2["id_agente"]."&tab=alert'><img src='images/bell.png' border=0></a>";
 			// Group icon
 			$group_name = (string) get_db_value ('nombre', 'tgrupo', 'id_grupo', $id_group);
 			echo "<td class='$tdclass' align='center'><img src='images/groups_small/".show_icon_group($id_group).".png' title='$group_name' class='bot'></td>";
 			// for System or SNMP generated alerts
 		} elseif ($row2["event_type"] == "system") {
 			echo "<td class='$tdclass' colspan=3>".__('System');
 		} else {
 			echo "<td class='$tdclass' colspan=3>".__('Alert')."SNMP";
 		}
 		// User who validated event
 		echo "<td class='$tdclass'>";
 		if ($row2["estado"] <> 0)
 			echo "<a href='index.php?sec=usuario&sec2=operation/users/user_edit&ver=".$row2["id_usuario"]."'>".substr($row2["id_usuario"],0,8)."<a href='#' class='tip'> <span>".dame_nombre_real($row2["id_usuario"])."</span></a></a>";
 		// Timestamp
 		echo "<td class='".$tdclass."f9' title='".$row2["timestamp"]."'>";
 		echo human_time_comparation ($row2["timestamp"]);
 		echo "</td>";
 		// Several options grouped here
 		echo "<td class='$tdclass' align='right'>";
 		// Validate event
 		if (($row2["estado"] == 0) and (give_acl ($config["id_user"], $id_group,"IW") ==1))
 			echo "<a href='$url&check=".$row2["id_evento"]."&pure=".$config["pure"]."'>
 			<img src='images/ok.png' border='0'></a> ";
 		// Delete event
 		if (give_acl ($config["id_user"], $id_group,"IM") ==1)
 			echo "<a href='$url&delete=".$row2["id_evento"]."&pure=".$config["pure"]."'>
 			<img src='images/cross.png' border=0></a> ";
 		// Create incident from this event			
 		if (give_acl ($config["id_user"], $id_group,"IW") == 1)
 			echo "<a href='index.php?sec=incidencias&sec2=operation/incidents/incident_detail&insert_form&from_event=".$row2["id_evento"]."'><img src='images/page_lightning.png' border=0></a>";
 			echo "</td>";
 		// Checbox				
 		echo "<td class='$tdclass' align='center'>";
 		echo "<input type='checkbox' class='chk' name='eventid".$offset_counter."' 
 		value='".$row2["id_evento"]."'>";
 		echo "</td></tr>";
 		$offset_counter++;
 	}
 	echo "</table>";
 	echo "<table width='750'><tr><td align='right'>";
-	echo "<input class='sub ok' type='submit' name='updatebt' value='".__('Validate')."'> ";
+	// Event description
 	$data[2] = '<span title="'.$row["evento"].'" class="f9">';
 	if (strlen ($row["evento"]) > 39) {
 		$data[2] .= substr ($row["evento"], 0, 37)."...";
 	} else {
 		$data[2] .= $row["evento"];
 	}
 	$data[2] .= '</span>';
 	if ($row["event_type"] == "system") {
 		$data[3] = __('System');
 	} elseif ($row["id_agente"] > 0) {
 		// Agent name
 		$agent_name = dame_nombre_agente ($row["id_agente"]);
 		$data[3] = '<a href='.$url.'&pure='.$config["pure"].'&id_agent='.$row["id_agente"].'" title="'.$agent_name.'" class="f9"><b>';
 		if (strlen ($agent_name) > 16) {
 			$data[3] .= substr ($agent_name, 0, 14)."...";
 		} else {
 			$data[3] .= $agent_name;
 		}
 		$data[3] .= '</b></a>';
 	} else {
 		$data[3] = __('Alert').__('SNMP');
 	}
 	$data[4] = '';
 	if ($row["id_agentmodule"] != 0) {
 		$data[4] .= '<a href="index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='.$row["id_agente"].'&tab=data"><img src="images/bricks.png" border="0" /></a>&nbsp;';
 	}
 	if ($row["id_alert_am"] != 0) {
 		$data[4] .= '<a href="index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='.$row["id_agente"].'&tab=alert"><img src="images/bell.png" border="0" /></a>';
 	}
 	if (!empty ($row["id_grupo"])) {
 		$data[5] = '<img src="images/groups_small/'.show_icon_group ($row["id_grupo"]).'.png" title="'.dame_nombre_grupo ($row["id_grupo"]).'" class="bot" />';
 	} else {
 		$data[5] = '';
 	}
 	if (!empty ($row["estado"])) {
 		$data[6] = '<a href="index.php?sec=usuario&sec2=operation/user/user_edit&ver='.$row["id_usuario"].'" title="'.dame_nombre_real ($row["id_usuario"]).'">'.substr ($row["id_usuario"],0,8).'</a>';
 	} else {
 		$data[6] = '';
 	}
 	//Time
 	$data[7] = '<span class="f9" title="'.format_datetime ($row["timestamp"]).'">'.human_time_comparation ($row["timestamp"]).'</span>';
 	//Actions
 	$data[8] = '';
 	// Validate event
 	if (($row["estado"] == 0) and (give_acl ($config["id_user"], $row["id_grupo"], "IW") == 1)) {
 		$data[8] .= '<a href="'.$url.'&validate=1&eventid='.$row["id_evento"].'&pure='.$config["pure"].'"><img src="images/ok.png" border="0" /></a>';
 	}
 	// Delete event
 	if (give_acl ($config["id_user"], $row["id_grupo"], "IM") == 1) {
 		$data[8] .= '<a href="'.$url.'&delete=1&eventid='.$row["id_evento"].'&pure='.$config["pure"].'"><img src="images/cross.png" border="0" /></a>';
 	}
 	// Create incident from this event			
 	if (give_acl ($config["id_user"], $row["id_grupo"], "IW") == 1) {
 		$data[8] .= '<a href="index.php?sec=incidencias&sec2=operation/incidents/incident_detail&insert_form&from_event='.$row["id_evento"].'"><img src="images/page_lightning.png" border="0" /></a>';
 	}
 	//Checkbox
 	$data[9] = print_checkbox_extended ("eventid[]", $row["id_evento"], false, false, false, 'class="chk"', true);
 	array_push ($table->data, $data);
 }
 if (!empty ($table->data)) {
 	echo '<form method="post" action="'.$url.'&pure='.$config["pure"].'">';
 	print_table ($table);
 	echo '<div style="width:750px; text-align:right">';
 	if (give_acl ($config["id_user"], 0, "IW") == 1) {
 		print_submit_button (__('Validate'), 'validate', false, 'class="sub ok"');
 	}
 	if (give_acl ($config["id_user"], 0,"IM") == 1) {
-		echo "<input class='sub delete' type='submit' name='deletebt' value='".__('Delete')."'>";
+		print_submit_button (__('Delete'), 'delete', false, 'class="sub delete"');
 	}
-	echo "</form></table>";
+	echo '</div></form>';
-	echo "<table>";
+} else {
-	echo "<tr>";
+	echo '<div class="error">'.__('No events').'</div>';
-	echo "<td rowspan='4' class='f9' style='padding-left: 30px; line-height: 17px; vertical-align: top;'>";
+}
-	echo "<h3>".__('Status')."</h3>";
+unset ($table);
-	echo "<img src='images/dot_green.png'> - ".__('Validated event');
+
-	echo "<br>";
+echo '<div style="padding-left:30px; width:150px; float:left; line-height:17px;">';
-	echo "<img src='images/dot_red.png'> - ".__('Not validated event');
+echo '<h3>'.__('Status').'</h3>';
-	echo "</td>";
+echo '<img src="images/dot_green.png" /> - '.__('Validated event');
-	echo "<td rowspan='4' class='f9' style='padding-left: 30px; line-height: 17px; vertical-align: top;'>";
+echo '<br />';
-	echo "<h3>".__('Action')."</h3>";
+echo '<img src="images/dot_red.png" /> - '.__('Not validated event');
-	echo "<img src='images/ok.png'> - ".__('Validate event');
+
-	echo "<br>";
+echo '</div><div style="padding-left:30px; width:150px; float:left; line-height:17px;">';
-	echo "<img src='images/cross.png'> - ".__('Delete event');
+echo '<h3>'.__('Action').'</h3>';
-	echo "<br>";
+echo '<img src="images/ok.png" /> - '.__('Validate event');
-	echo "<img src='images/page_lightning.png'> - ".__('Create incident');
+echo '<br />';
-	echo "</td></tr></table>";
+echo '<img src="images/cross.png" /> - '.__('Delete event');
-} // no events to show
+echo '<br />';
 echo '<img src="images/page_lightning.png" /> - '.__('Create incident');
 echo '</div><div style="clear:both;">&nbsp;</div>';
 ?>
 <script type="text/javascript" src="include/javascript/jquery.js"></script>
 <script language="JavaScript" type="text/javascript">
 $(document).ready( function() {
 	$("INPUT[name='allbox']").click( function() {
 		$("INPUT[name='eventid[]']").each( function() {
 			$(this).attr('checked', !$(this).attr('checked'));
 		});
 		return !(this).attr('checked');
 	});
 	$("#tgl_event_control").click( function () {
 		$("#event_control").slideToggle ("slow");						  
 	});
 });
 </script>
--- a/pandora_console/operation/incidents/incident.php
+++ b/pandora_console/operation/incidents/incident.php
@ -141,7 +141,7 @@ if ($prioridad != -1) //-1 = All
 	$filter .= sprintf (" AND prioridad = %d", $prioridad);
 $offset = (int) get_parameter ("offset", 0);
-$groups = get_user_groups ($config["id_user"]);
+$groups = get_user_groups ($config["id_user"], "IR");
 //Select incidencts where the user has access to ($groups from
--- a/pandora_console/operation/incidents/incident_detail.php
+++ b/pandora_console/operation/incidents/incident_detail.php
@ -281,9 +281,9 @@ echo '</td><td class="datos2"><b>'.__('Group').'</b></td><td class="datos2">';
 // Group combo
 if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) {
-	print_select (get_user_groups (), "grupo_form", $id_grupo, '', '', '', false, false, false, 'w135');
+	print_select (get_user_groups ($config["id_user"], "IR"), "grupo_form", $id_grupo, '', '', '', false, false, false, 'w135');
 } else {
-	print_select (get_user_groups (), "grupo_form", $id_grupo, '', '', '', false, false, true, 'w135', true);
+	print_select (get_user_groups ($config["id_user"], "IR"), "grupo_form", $id_grupo, '', '', '', false, false, true, 'w135', true);
 }
 echo '</td></tr><tr><td class="datos"><b>'.__('Priority').'</b></td><td class="datos">';