2008-08-21 Evi Vanoost <vanooste@rcbi.rochester.edu>
* index.php: Update HTML for unclosed tags and put everything in PHP Updated the HTTPS detection. Made sure the password doesn't get passed to other scripts (like 'evil' plugins) * include/functions_html.php: Added print_input_password_extended() * general/main_menu.php: Removed old code and header * general/login_page.php: Tried putting it in functions_html code but that didn't work (rowspan), so I just ended up with a smaller file and the input boxes getting printed * general/header.php: Updated to use functions_html * general/footer.php: Updated header and develop_bypass for the query counter git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1020 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
parent
81a61a3025
commit
39bc02f570
|
@ -1,3 +1,22 @@
|
||||||
|
2008-08-21 Evi Vanoost <vanooste@rcbi.rochester.edu>
|
||||||
|
|
||||||
|
* index.php: Update HTML for unclosed tags and put everything in PHP
|
||||||
|
Updated the HTTPS detection. Made sure the password doesn't get
|
||||||
|
passed to other scripts (like 'evil' plugins)
|
||||||
|
|
||||||
|
* include/functions_html.php: Added print_input_password_extended()
|
||||||
|
|
||||||
|
* general/main_menu.php: Removed old code and header
|
||||||
|
|
||||||
|
* general/login_page.php: Tried putting it in functions_html code but
|
||||||
|
that didn't work (rowspan), so I just ended up with a smaller file and
|
||||||
|
the input boxes getting printed
|
||||||
|
|
||||||
|
* general/header.php: Updated to use functions_html
|
||||||
|
|
||||||
|
* general/footer.php: Updated header and develop_bypass for the query
|
||||||
|
counter
|
||||||
|
|
||||||
|
|
||||||
2008-08-21 Sancho Lerena <slerena@gmail.com>
|
2008-08-21 Sancho Lerena <slerena@gmail.com>
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
<?PHP
|
<?php
|
||||||
// Pandora FMS - the Free Monitoring System
|
// Pandora FMS - the Flexible Monitoring System
|
||||||
// ========================================
|
// =============================================
|
||||||
// Copyright (c) 2008 Artica Soluciones Tecnológicas, http://www.artica.es
|
|
||||||
// Please see http://pandora.sourceforge.net for full contribution list
|
// Please see http://pandora.sourceforge.net for full contribution list
|
||||||
|
|
||||||
// This program is free software; you can redistribute it and/or
|
// This program is free software; you can redistribute it and/or
|
||||||
|
@ -13,19 +12,20 @@
|
||||||
// GNU General Public License for more details.
|
// GNU General Public License for more details.
|
||||||
// You should have received a copy of the GNU General Public License
|
// You should have received a copy of the GNU General Public License
|
||||||
// along with this program; if not, write to the Free Software
|
// along with this program; if not, write to the Free Software
|
||||||
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
|
||||||
|
// USA.
|
||||||
|
|
||||||
global $config;
|
if (isset($_SERVER['REQUEST_TIME'])) {
|
||||||
|
$time = $_SERVER['REQUEST_TIME'];
|
||||||
|
} else {
|
||||||
|
$time = time();
|
||||||
|
}
|
||||||
|
|
||||||
echo "<center>";
|
echo '<a class="white_bold" target="_new" href="general/license/pandora_info_'.$config["language"].'.html">Pandora FMS '.$pandora_version.' - Build '.$build_version.'<br>'.
|
||||||
echo '<a class="white_bold" target="_new" href="general/license/pandora_info_'.$config["language"].'.html">
|
__('is an OpenSource Software Project, licensed under GPL terms').'</a><br />
|
||||||
Pandora FMS '.$pandora_version.' - Build '.$build_version.'<br>'.
|
<a class="white">'.__('Page generated at').' '.$LOCALE->fmt_time($time);
|
||||||
__('is a <b>OpenSource Software Project, licensed under GPL terms</b>').'</a><br>';
|
if ($develop_bypass == 1) {
|
||||||
if (isset($_SERVER['REQUEST_TIME'])) {
|
echo ' - Saved '.$LOCALE->fmt_number($sql_cache["saved"]).' Queries';
|
||||||
$time = $_SERVER['REQUEST_TIME'];
|
}
|
||||||
} else {
|
echo '</a><br>';
|
||||||
$time = time();
|
|
||||||
}
|
|
||||||
echo "<a class='white'>".__('Page generated at')." ".$LOCALE->fmt_time($time)." - Saved ".$LOCALE->fmt_number($sql_cache["saved"])." Queries</a><br>";
|
|
||||||
echo "</center>";
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -15,60 +15,46 @@
|
||||||
// along with this program; if not, write to the Free Software
|
// along with this program; if not, write to the Free Software
|
||||||
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||||
|
|
||||||
echo '
|
echo '<div id="head_r"><span id="logo_text1">Pandora</span> <span id="logo_text2">FMS</span></div>
|
||||||
<div id="head_r">
|
<div id="head_l"><a href="index.php"><img src="images/pandora_logo_head.png" border="0" alt="logo" /></a></div><div id="head_m">';
|
||||||
<span id="logo_text1">Pandora</span> <span id="logo_text2">FMS</span>
|
|
||||||
</div>
|
|
||||||
<div id="head_l">
|
|
||||||
<a href="index.php"><img src="images/pandora_logo_head.png" border="0" alt="logo"></a>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
';
|
|
||||||
echo "<div id='head_m'>";
|
|
||||||
|
|
||||||
echo "<table width=520 border='0' cellpadding=3>
|
|
||||||
<tr>";
|
|
||||||
if (isset ($_SESSION["id_usuario"])){
|
|
||||||
// Fist column
|
|
||||||
echo "<td width=30%>";
|
|
||||||
if (dame_admin($_SESSION["id_usuario"])==1)
|
|
||||||
echo "<img src='images/user_suit.png' class='bot'> ";
|
|
||||||
else
|
|
||||||
echo "<img src='images/user_green.png' class='bot'> ";
|
|
||||||
echo "<a class='white'>".__('You are '). '
|
|
||||||
[<b>'. $_SESSION["id_usuario"]. '</b>]</a>';
|
|
||||||
|
|
||||||
// Second column
|
|
||||||
echo "<td>";
|
|
||||||
echo "<a class='white_bold' href='index.php?sec=main'><img src='images/information.png' class='bot'> ". __('General information')."</a>";
|
|
||||||
|
|
||||||
// Third column
|
|
||||||
echo "<td>";
|
|
||||||
// Autorefresh
|
|
||||||
if ((isset($_GET["refr"]) AND $_GET["refr"] != 0) OR (isset($_POST["refr"]) AND $_POST["refr"] != 0)) {
|
|
||||||
echo "<a class='white_grey_bold' href='".((substr($_SERVER['REQUEST_URI'],-1) != "/") ? $_SERVER['REQUEST_URI'] : "index.php?" )."&refr=0'><img src='images/page_lightning.png' class='bot'> ". __('Autorefresh')."</a>";
|
|
||||||
} else {
|
|
||||||
echo "<a class='white_bold' href='".((substr($_SERVER['REQUEST_URI'],-1) != "/") ? $_SERVER['REQUEST_URI'] : "index.php?" )."&refr=5'><img src='images/page_lightning.png' class='bot'> ". __('Autorefresh')."</a>";
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
echo "<tr><td>";
|
|
||||||
echo "<a class='white_bold' href='index.php?bye=bye'><img src='images/lock.png' class='bot'> ". __('Logout')."</a>";
|
|
||||||
|
|
||||||
echo "<td>";
|
|
||||||
$server_status = check_server_status ();
|
|
||||||
if ($server_status == 0)
|
|
||||||
echo "<a class='white_bold' href='index.php?sec=estado_server&sec2=operation/servers/view_server&refr=60'><img src='images/error.png' class='bot'> ". __('Server status: DOWN')."</a>";
|
|
||||||
else
|
|
||||||
echo "<a class='white_bold' href='index.php?sec=estado_server&sec2=operation/servers/view_server&refr=60'><img src='images/ok.png' class='bot'> ". __('Sytem ready')."</a>";
|
|
||||||
|
|
||||||
echo "<td>";
|
|
||||||
// Event - refresh
|
|
||||||
echo "<a class='white_bold' href='index.php?sec=eventos&sec2=operation/events/events&refr=5'><img src='images/lightning_go.png' class='bot'> ". __('Events')."</a>";
|
|
||||||
|
|
||||||
|
|
||||||
|
if(!isset ($_SESSION["id_usuario"])) {
|
||||||
|
echo "</div>";
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
echo "</tr></table>";
|
$table->width=520;
|
||||||
|
$table->border=0;
|
||||||
|
$table->cellpadding=3;
|
||||||
|
$table->size=array("30%");
|
||||||
|
$table->class="inherit";
|
||||||
|
$table->rowclass=array("inherit","inherit");
|
||||||
|
|
||||||
|
$table->data[] = array (
|
||||||
|
// First column
|
||||||
|
'<img src="images/user_'.((dame_admin ($_SESSION["id_usuario"]) == 1) ? 'suit' : 'green' ).'.png" class="bot">'.'<a class="white">'.__('You are ').'[<b>'.$_SESSION["id_usuario"].'</b>]</a>',
|
||||||
|
// Second column
|
||||||
|
'<a class="white_bold" href="index.php?sec=main"><img src="images/information.png" class="bot">'.__('General information').'</a>',
|
||||||
|
// Third column
|
||||||
|
// Autorefresh
|
||||||
|
((get_parameter ("refr") != 0) ?
|
||||||
|
'<a class="white_grey_bold" href="'.((substr($_SERVER['REQUEST_URI'],-1) != "/") ? $_SERVER['REQUEST_URI'] : 'index.php?' ).'&refr=0"><img src="images/page_lightning.png" class="bot" />'. __('Autorefresh').'</a>'
|
||||||
|
:
|
||||||
|
'<a class="white_bold" href="'.((substr($_SERVER['REQUEST_URI'],-1) != "/") ? $_SERVER['REQUEST_URI'] : "index.php?" ).'&refr=5"><img src="images/page_lightning.png" class="bot" />'.__('Autorefresh').'</a>'
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
$table->data[] = array (
|
||||||
|
'<a class="white_bold" href="index.php?bye=bye"><img src="images/lock.png" class="bot">'. __('Logout').'</a>',
|
||||||
|
'<a class="white_bold" href="index.php?sec=estado_server&sec2=operation/servers/view_server&refr=60">'.
|
||||||
|
((check_server_status () == 0) ?
|
||||||
|
'<img src="images/error.png" class="bot" />'.__('Server status: DOWN')
|
||||||
|
:
|
||||||
|
'<img src="images/ok.png" class="bot" />'.__('System ready')
|
||||||
|
).'</a>',
|
||||||
|
// Event - refresh
|
||||||
|
'<a class="white_bold" href="index.php?sec=eventos&sec2=operation/events/events&refr=5"><img src="images/lightning_go.png" class="bot" />'.__('Events').'</a>'
|
||||||
|
);
|
||||||
|
print_table ($table);
|
||||||
echo "</div>";
|
echo "</div>";
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -19,54 +19,37 @@
|
||||||
|
|
||||||
$addr = "";
|
$addr = "";
|
||||||
if (isset($_GET['sec'])){
|
if (isset($_GET['sec'])){
|
||||||
$addr = 'http://' . $_SERVER['SERVER_NAME']; // TODO: check https
|
$addr = 'http' . (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == TRUE ? 's': '') . '://' . $_SERVER['SERVER_NAME'];
|
||||||
|
|
||||||
if ($_SERVER['SERVER_PORT'] != 80)
|
if ($_SERVER['SERVER_PORT'] != 80 && (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == TRUE && $_SERVER['SERVER_PORT'] != 443))
|
||||||
$addr .= ":" . $_SERVER['SERVER_PORT'];
|
$query .= ":" . $_SERVER['SERVER_PORT'];
|
||||||
|
|
||||||
$addr .= $_SERVER['REQUEST_URI'];
|
$addr .= $_SERVER['REQUEST_URI'];
|
||||||
|
|
||||||
$addr = urlencode($addr);
|
$addr = urlencode($addr);
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
echo '<div class="databox" id="login">
|
||||||
<div class='databox' id='login'>
|
<h1 id="log">'.__('Welcome to Pandora FMS Web Console').'</h1>
|
||||||
<h1 id='log'><?php echo __('Welcome to Pandora FMS Web Console'); ?></h1>
|
<div class="databox" id="login_in">
|
||||||
<div class='databox' id='login_in'>
|
|
||||||
<form method="post" action="index.php?login=1">
|
<form method="post" action="index.php?login=1">
|
||||||
<table cellpadding='4' cellspacing='1' width='400'>
|
<table cellpadding="4" cellspacing="1" width="400">
|
||||||
<tr><td rowspan='3' align='left' style="border-right: solid 1px #678;">
|
<tr><td rowspan="3" align="left" style="border-right: solid 1px #678;">
|
||||||
<a href="index.php">
|
<a href="index.php"><img src="images/pandora_logo.png" border="0" alt="logo"></a><br />
|
||||||
<img src="images/pandora_logo.png" border="0" alt="logo"></a><br>
|
'.$pandora_version.(($develop_bypass == 1) ? ' '.__('Build').' '.$build_version : '').'
|
||||||
<?php
|
</td><td class="f9b">
|
||||||
echo $pandora_version;
|
'.__('Login').':<br />'.print_input_text_extended ("nick",'', "nick",'','','',false,'','class="login"',true).'
|
||||||
if ($develop_bypass == 1){
|
|
||||||
echo " Build " . $build_version;
|
|
||||||
}
|
|
||||||
?>
|
|
||||||
<td rowspan='3' width='5'>
|
|
||||||
<td class='f9b'>
|
|
||||||
Login <br>
|
|
||||||
<input class="login" type="text" name="nick" id="nick" value="">
|
|
||||||
</td></tr>
|
</td></tr>
|
||||||
<tr><td class='f9b'>
|
<tr><td class="f9b">
|
||||||
Password <br>
|
'.__('Password').':<br />'.print_input_password_extended ("pass",'', "pass",'','','',false,'','class="login"',true).'
|
||||||
<input class="login" type="password" name="pass" value="">
|
|
||||||
</td></tr>
|
</td></tr>
|
||||||
<tr><td align='center'>
|
<tr><td align="center">
|
||||||
<input type="submit" class="sub next" value="Login">
|
'.print_submit_button ("Login",'',false,'class="sub next"',true).'
|
||||||
</td></tr>
|
</td></tr>
|
||||||
</table>
|
</table>
|
||||||
|
'.((strlen($addr) > 0) ? print_input_hidden("redirect",$addr,true) : '').'
|
||||||
<?php if (strlen($addr) > 0) { ?>
|
|
||||||
<input type="hidden" name="redirect" value="<?php echo $addr; ?>">
|
|
||||||
<?php } ?>
|
|
||||||
</form>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
<div id="ip"><?php echo 'IP: <b class="f10">'.$REMOTE_ADDR.'</b>'; ?></div>
|
<div id="ip">IP: <b class="f10">'.$REMOTE_ADDR.'</b></div>
|
||||||
|
</div><script type="text/javascript">document.getElementById(\'nick\').focus();</script>';
|
||||||
</div>
|
?>
|
||||||
|
|
||||||
<script type="text/javascript">
|
|
||||||
document.getElementById('nick').focus();
|
|
||||||
</script>
|
|
||||||
|
|
|
@ -1,35 +1,23 @@
|
||||||
<?php
|
<?php
|
||||||
// Pandora FMS - the Free monitoring system
|
// Pandora FMS - the Flexible monitoring system
|
||||||
// ========================================
|
// ============================================
|
||||||
// Copyright (c) 2004-2007 Sancho Lerena, slerena@openideas.info
|
//
|
||||||
// Copyright (c) 2005-2007 Artica Soluciones Tecnologicas
|
|
||||||
// Copyright (c) 2004-2007 Raul Mateos Martin, raulofpandora@gmail.com
|
|
||||||
// Copyright (c) 2006-2007 Jose Navarro jose@jnavarro.net
|
|
||||||
// Copyright (c) 2006-2007 Jonathan Barajas, jonathan.barajas[AT]gmail[DOT]com
|
|
||||||
|
|
||||||
// This program is free software; you can redistribute it and/or
|
// This program is free software; you can redistribute it and/or
|
||||||
// modify it under the terms of the GNU General Public License
|
// modify it under the terms of the GNU General Public License
|
||||||
// as published by the Free Software Foundation version 2
|
// as published by the Free Software Foundation; version 2
|
||||||
// This program is distributed in the hope that it will be useful,
|
// This program is distributed in the hope that it will be useful,
|
||||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
// GNU General Public License for more details.
|
// GNU General Public License for more details.
|
||||||
// You should have received a copy of the GNU General Public License
|
// You should have received a copy of the GNU General Public License
|
||||||
// along with this program; if not, write to the Free Software
|
// along with this program; if not, write to the Free Software
|
||||||
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
|
||||||
|
// USA.
|
||||||
require ("operation/menu.php");
|
require ("operation/menu.php");
|
||||||
if (! isset ($_SESSION["id_usuario"])) {
|
if (! isset ($_SESSION["id_usuario"])) {
|
||||||
echo '<div class="f10">' . __('You\'re not connected');
|
require ("general/login_page.php");
|
||||||
echo '<br /><br />';
|
exit();
|
||||||
echo '<form method="post" action="index.php?login=1">';
|
|
||||||
echo '<div class="f9b">Login</div><input class="login" type="text" name="nick">';
|
|
||||||
echo '<div class="f9b">Password</div><input class="login" type="password" name="pass">';
|
|
||||||
echo '<div><input name="login" type="submit" class="sub" value="' . __('Login') .'"></div>';
|
|
||||||
echo '<br />IP: <b class="f10">' . $REMOTE_ADDR . '</b><br /></div>';
|
|
||||||
|
|
||||||
} else {
|
|
||||||
require ("godmode/menu.php");
|
|
||||||
require ("links_menu.php");
|
|
||||||
}
|
}
|
||||||
|
require ("godmode/menu.php");
|
||||||
|
require ("links_menu.php");
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -152,6 +152,41 @@ function print_input_text_extended ($name, $value, $id, $alt, $size, $maxlength,
|
||||||
echo $output;
|
echo $output;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Render an input password element. Extended version
|
||||||
|
* See print_input_text_extended for all options
|
||||||
|
*/
|
||||||
|
function print_input_password_extended ($name, $value, $id, $alt, $size, $maxlength, $disabled, $script, $attributes, $return = false) {
|
||||||
|
static $idcounter = 0;
|
||||||
|
|
||||||
|
++$idcounter;
|
||||||
|
if (empty ($name)) {
|
||||||
|
$name = 'unnamed';
|
||||||
|
}
|
||||||
|
if (empty ($alt)) {
|
||||||
|
$alt = 'textfield';
|
||||||
|
}
|
||||||
|
if (!empty ($maxlength)) {
|
||||||
|
$maxlength = ' maxlength="'.$maxlength.'" ';
|
||||||
|
}
|
||||||
|
$output = '<input name="'.$name.'" type="password" value="'.$value.'" size="'.$size.'" '.$maxlength.' alt="'.$alt.'" ';
|
||||||
|
if ($id != '') {
|
||||||
|
$output .= ' id="'.$id.'"';
|
||||||
|
} else {
|
||||||
|
$htmlid = 'pass-'.sprintf ('%04d', $idcounter);
|
||||||
|
$output .= ' id="'.$htmlid.'"';
|
||||||
|
}
|
||||||
|
if ($disabled)
|
||||||
|
$output .= ' disabled';
|
||||||
|
if ($attributes != '')
|
||||||
|
$output .= ' '.$attributes;
|
||||||
|
$output .= ' />';
|
||||||
|
if ($return)
|
||||||
|
return $output;
|
||||||
|
echo $output;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Render an input text element.
|
* Render an input text element.
|
||||||
*
|
*
|
||||||
|
|
|
@ -65,12 +65,9 @@ require_once ("include/functions.php");
|
||||||
require_once ("include/functions_db.php");
|
require_once ("include/functions_db.php");
|
||||||
//We should require this or you might end up with some empty strings
|
//We should require this or you might end up with some empty strings
|
||||||
load_extensions ($config['extensions']);
|
load_extensions ($config['extensions']);
|
||||||
?>
|
|
||||||
|
|
||||||
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head>';
|
||||||
<html>
|
|
||||||
<head>
|
|
||||||
<?php
|
|
||||||
// Pure mode (without menu, header and footer).
|
// Pure mode (without menu, header and footer).
|
||||||
$config["pure"] = get_parameter ("pure", 0);
|
$config["pure"] = get_parameter ("pure", 0);
|
||||||
|
|
||||||
|
@ -79,7 +76,7 @@ $intervalo = get_parameter ("refr", 0);
|
||||||
if ($intervalo > 0){
|
if ($intervalo > 0){
|
||||||
// Agent selection filters and refresh
|
// Agent selection filters and refresh
|
||||||
$query = 'http' . (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == TRUE ? 's': '') . '://' . $_SERVER['SERVER_NAME'];
|
$query = 'http' . (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == TRUE ? 's': '') . '://' . $_SERVER['SERVER_NAME'];
|
||||||
if ($_SERVER['SERVER_PORT'] != 80)
|
if ($_SERVER['SERVER_PORT'] != 80 && (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == TRUE && $_SERVER['SERVER_PORT'] != 443))
|
||||||
$query .= ":" . $_SERVER['SERVER_PORT'];
|
$query .= ":" . $_SERVER['SERVER_PORT'];
|
||||||
|
|
||||||
$query .= $_SERVER['SCRIPT_NAME'];
|
$query .= $_SERVER['SCRIPT_NAME'];
|
||||||
|
@ -95,8 +92,8 @@ if ($intervalo > 0){
|
||||||
}
|
}
|
||||||
if (isset ($_POST["ag_group"])) {
|
if (isset ($_POST["ag_group"])) {
|
||||||
$ag_group = $_POST["ag_group"];
|
$ag_group = $_POST["ag_group"];
|
||||||
$query = 'http://' . $_SERVER['SERVER_NAME'];
|
$query = 'http' . (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == TRUE ? 's': '') . '://' . $_SERVER['SERVER_NAME'];
|
||||||
if ($_SERVER['SERVER_PORT'] != 80)
|
if ($_SERVER['SERVER_PORT'] != 80 && (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == TRUE && $_SERVER['SERVER_PORT'] != 443))
|
||||||
$query .= ":" . $_SERVER['SERVER_PORT'];
|
$query .= ":" . $_SERVER['SERVER_PORT'];
|
||||||
$query .= $_SERVER['REQUEST_URI'] . '&ag_group_refresh=' . $ag_group;
|
$query .= $_SERVER['REQUEST_URI'] . '&ag_group_refresh=' . $ag_group;
|
||||||
} else {
|
} else {
|
||||||
|
@ -104,8 +101,7 @@ if ($intervalo > 0){
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
echo '<title>Pandora FMS - '.__('the Flexible Monitoring System').'</title>
|
||||||
<title>Pandora FMS - <?php echo __('the Flexible Monitoring System'); ?></title>
|
|
||||||
<meta http-equiv="expires" content="0">
|
<meta http-equiv="expires" content="0">
|
||||||
<meta http-equiv="content-type" content="text/html; charset=utf-8">
|
<meta http-equiv="content-type" content="text/html; charset=utf-8">
|
||||||
<meta name="resource-type" content="document">
|
<meta name="resource-type" content="document">
|
||||||
|
@ -115,18 +111,18 @@ if ($intervalo > 0){
|
||||||
<meta name="keywords" content="pandora, monitoring, system, GPL, software">
|
<meta name="keywords" content="pandora, monitoring, system, GPL, software">
|
||||||
<meta name="robots" content="index, follow">
|
<meta name="robots" content="index, follow">
|
||||||
<link rel="icon" href="images/pandora.ico" type="image/ico">
|
<link rel="icon" href="images/pandora.ico" type="image/ico">
|
||||||
<link rel="stylesheet" href="include/styles/<?php echo $config['style']; ?>.css" type="text/css">
|
<link rel="stylesheet" href="include/styles/'.$config["style"].'.css" type="text/css">
|
||||||
|
|
||||||
<script type="text/javascript" src="include/javascript/wz_jsgraphics.js"></script>
|
<script type="text/javascript" src="include/javascript/wz_jsgraphics.js"></script>
|
||||||
<script type="text/javascript" src="include/javascript/pandora.js"></script>
|
<script type="text/javascript" src="include/javascript/pandora.js"></script>
|
||||||
</head>
|
</head>';
|
||||||
|
|
||||||
<?php
|
|
||||||
// Show custom background
|
// Show custom background
|
||||||
if ($config["pure"] == 0)
|
if ($config["pure"] == 0) {
|
||||||
echo '<body bgcolor="#555555">';
|
echo '<body bgcolor="#555555">';
|
||||||
else
|
} else {
|
||||||
echo '<body bgcolor="#FFFFFF">';
|
echo '<body bgcolor="#FFFFFF">';
|
||||||
|
}
|
||||||
|
|
||||||
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
|
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
|
||||||
|
|
||||||
// Login process
|
// Login process
|
||||||
|
@ -153,32 +149,36 @@ if (! isset ($_SESSION['id_usuario']) && isset ($_GET["login"])) {
|
||||||
logon_db ($nick, $REMOTE_ADDR);
|
logon_db ($nick, $REMOTE_ADDR);
|
||||||
$_SESSION['id_usuario'] = $nick;
|
$_SESSION['id_usuario'] = $nick;
|
||||||
$config['id_user'] = $nick;
|
$config['id_user'] = $nick;
|
||||||
|
unset ($_GET['pass'], $pass);
|
||||||
} else {
|
} else {
|
||||||
// Login failed (bad password)
|
// Login failed (bad password)
|
||||||
unset ($_GET["sec2"]);
|
unset ($_GET["sec2"]);
|
||||||
include "general/logon_failed.php";
|
require "general/logon_failed.php";
|
||||||
// change password to do not show all string
|
// change password to do not show any string
|
||||||
$primera = substr ($pass,0,1);
|
// $primera = substr ($pass,0,1);
|
||||||
$ultima = substr ($pass, strlen ($pass) - 1, 1);
|
// $ultima = substr ($pass, strlen ($pass) - 1, 1);
|
||||||
$pass = $primera . "****" . $ultima;
|
// $pass = $primera . "****" . $ultima;
|
||||||
audit_db ($nick, $REMOTE_ADDR, "Logon Failed",
|
audit_db ($nick, $REMOTE_ADDR, "Logon Failed",
|
||||||
"Incorrect password: " . $nick . " / " . $pass);
|
"Incorrect password: " . $nick);
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// User not known
|
// User not known
|
||||||
unset ($_GET["sec2"]);
|
unset ($_GET["sec2"]);
|
||||||
include "general/logon_failed.php";
|
require "general/logon_failed.php";
|
||||||
$primera = substr ($pass, 0, 1);
|
// do not show any password string. Unsafe especially with
|
||||||
$ultima = substr ($pass, strlen ($pass) - 1, 1);
|
// short passwords
|
||||||
$pass = $primera . "****" . $ultima;
|
//$primera = substr ($pass, 0, 1);
|
||||||
|
//$ultima = substr ($pass, strlen ($pass) - 1, 1);
|
||||||
|
//$pass = $primera . "****" . $ultima;
|
||||||
audit_db ($nick, $REMOTE_ADDR, "Logon Failed",
|
audit_db ($nick, $REMOTE_ADDR, "Logon Failed",
|
||||||
"Invalid username: " . $nick . " / " . $pass);
|
"Invalid username: " . $nick);
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
} elseif (! isset ($_SESSION['id_usuario'])) {
|
} elseif (! isset ($_SESSION['id_usuario'])) {
|
||||||
// There is no user connected
|
// There is no user connected
|
||||||
include "general/login_page.php";
|
include "general/login_page.php";
|
||||||
|
echo '</body></html>';
|
||||||
exit;
|
exit;
|
||||||
} else {
|
} else {
|
||||||
// There is session for id_usuario
|
// There is session for id_usuario
|
||||||
|
@ -198,8 +198,9 @@ if (isset ($_GET["sec2"])){
|
||||||
$sec2 = get_parameter_get ('sec2');
|
$sec2 = get_parameter_get ('sec2');
|
||||||
$sec2 = parameter_extra_clean ($sec2);
|
$sec2 = parameter_extra_clean ($sec2);
|
||||||
$page = $sec2;
|
$page = $sec2;
|
||||||
} else
|
} else {
|
||||||
$sec2 = "";
|
$sec2 = "";
|
||||||
|
}
|
||||||
|
|
||||||
if (isset ($_GET["sec"])){
|
if (isset ($_GET["sec"])){
|
||||||
$sec = get_parameter_get ('sec');
|
$sec = get_parameter_get ('sec');
|
||||||
|
@ -215,12 +216,9 @@ session_write_close();
|
||||||
|
|
||||||
// Header
|
// Header
|
||||||
if ($config["pure"] == 0) {
|
if ($config["pure"] == 0) {
|
||||||
echo '<div id="container">';
|
echo '<div id="container"><div id="head">';
|
||||||
echo '<div id="head">';
|
|
||||||
require ("general/header.php");
|
require ("general/header.php");
|
||||||
echo '</div>';
|
echo '</div><div id="page"><div id="menu">';
|
||||||
echo '<div id="page">';
|
|
||||||
echo '<div id="menu">';
|
|
||||||
require ("general/main_menu.php");
|
require ("general/main_menu.php");
|
||||||
echo '</div>';
|
echo '</div>';
|
||||||
} else {
|
} else {
|
||||||
|
@ -246,17 +244,18 @@ if ($page != "") {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
echo "<br><b class='error'>".__('Sorry! I can\'t find the page!')."</b>";
|
echo '<br><b class="error">'.__('Sorry! I can\'t find the page!').'</b>';
|
||||||
}
|
}
|
||||||
} else
|
} else {
|
||||||
require ("general/logon_ok.php"); //default
|
require ("general/logon_ok.php"); //default
|
||||||
|
}
|
||||||
|
|
||||||
if ($config["pure"] == 0){
|
if ($config["pure"] == 0) {
|
||||||
echo '</div>'; // main
|
echo '</div>'; // main
|
||||||
echo '<div style="clear:both"></div>';
|
echo '<div style="clear:both"></div>';
|
||||||
echo '</div>'; // page
|
echo '</div>'; // page (id = page)
|
||||||
} else {
|
} else {
|
||||||
echo "</div>";
|
echo "</div>"; // main_pure
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($config["pure"] == 0) {
|
if ($config["pure"] == 0) {
|
||||||
|
|
Loading…
Reference in New Issue