2011-03-08 Miguel de Dios <miguel.dedios@artica.es>
* include/functions_events.php, include/functions_messages.php, include/functions_incidents.php, include/functions_db.php, operation/incidents/incident.php, operation/agentes/ver_agente.php, operation/agentes/tactical.php, operation/servers/view_server_detail.php, operation/snmpconsole/snmp_view.php, godmode/groups/modu_group_list.php, godmode/agentes/configurar_agente.php, godmode/servers/manage_recontask.php, godmode/servers/modificar_server.php, godmode/snmpconsole/snmp_filters.php, godmode/setup/news.php, godmode/modules/manage_network_templates_form.php: change the source code for to use process_sql_update instead of the SQL. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4066 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
mdtrooper
parent
5dff4cd13a
commit
5153e70aa4
|
|
@ -1,3 +1,15 @@
|
|||
2011-03-08 Miguel de Dios <miguel.dedios@artica.es>
|
||||
|
||||
* include/functions_events.php, include/functions_messages.php,
|
||||
include/functions_incidents.php, include/functions_db.php,
|
||||
operation/incidents/incident.php, operation/agentes/ver_agente.php,
|
||||
operation/agentes/tactical.php, operation/servers/view_server_detail.php,
|
||||
operation/snmpconsole/snmp_view.php, godmode/groups/modu_group_list.php,
|
||||
godmode/agentes/configurar_agente.php, godmode/servers/manage_recontask.php,
|
||||
godmode/servers/modificar_server.php, godmode/snmpconsole/snmp_filters.php,
|
||||
godmode/setup/news.php, godmode/modules/manage_network_templates_form.php:
|
||||
change the source code for to use process_sql_update instead of the SQL.
|
||||
|
||||
2011-03-07 Miguel de Dios <miguel.dedios@artica.es>
|
||||
|
||||
* include/functions_reporting.php: added the SQL query with correct
|
||||
|
|
|
|||
|
|
@ -777,7 +777,12 @@ if ($delete_module) { // DELETE agent module !
|
|||
// error. NOTICE that we don't delete all data here, just marking for deletion
|
||||
// and delete some simple data.
|
||||
|
||||
if (process_sql ("UPDATE tagente_modulo SET nombre = 'pendingdelete', disabled = 1, delete_pending = 1 WHERE id_agente_modulo = ".$id_borrar_modulo) === false)
|
||||
$values = array(
|
||||
'nombre' => 'pendingdelete',
|
||||
'disabled' => 1,
|
||||
'delete_pending' => 1);
|
||||
$result = process_sql_update('tagente_modulo', $values, array('id_agente_modulo' => $id_borrar_modulo));
|
||||
if ($result === false)
|
||||
$error++;
|
||||
|
||||
if (process_sql ("DELETE FROM tagente_estado WHERE id_agente_modulo = ".$id_borrar_modulo) === false)
|
||||
|
|
|
|||
|
|
@ -83,12 +83,12 @@ if ($update_group) {
|
|||
$id_parent = (int) get_parameter ('id_parent');
|
||||
$alerts_enabled = (bool) get_parameter ('alerts_enabled');
|
||||
$custom_id = (string) get_parameter ('custom_id');
|
||||
|
||||
$sql = sprintf ('UPDATE tmodule_group SET name = "%s" WHERE id_mg = %d', $name,$id_group);
|
||||
$result = process_sql ($sql);
|
||||
|
||||
$result = process_sql_update('tmodule_group', array('name' => $name), array('id_mg' => $id_group));
|
||||
if ($result !== false) {
|
||||
echo "<h3 class='suc'>".__('Group successfully updated')."</h3>";
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
echo "<h3 class='error'>".__('There was a problem modifying group')."</h3>";
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -72,8 +72,11 @@ if (isset ($_GET["create"]) || isset ($_GET["update"])) {
|
|||
|
||||
if ($id_np > 0) {
|
||||
//Profile exists
|
||||
$sql = sprintf ("UPDATE tnetwork_profile SET name = '%s', description = '%s' WHERE id_np = %d", $name, $description, $id_np);
|
||||
$result = process_sql ($sql);
|
||||
$values = array(
|
||||
'name' => $name,
|
||||
'description' => $description);
|
||||
$result = process_sql_update('tnetwork_profile', $values, array('id_np' => $id_np));
|
||||
|
||||
print_result_message ($result !== false,
|
||||
__('Successfully updated network profile'),
|
||||
__('Error updating network profile'));
|
||||
|
|
|
|||
|
|
@ -76,21 +76,43 @@ if ((isset ($_GET["update"])) OR ((isset ($_GET["create"])))) {
|
|||
// --------------------------------
|
||||
if (isset($_GET["update"])) {
|
||||
$id = get_parameter_get ("update");
|
||||
$sql = sprintf ("UPDATE trecon_task SET snmp_community = '%s', id_os = %d, name = '%s', subnet = '%s', description = '%s', id_recon_server = %d, create_incident = %b, id_group = %d, interval_sweep = %u, id_network_profile = %d, recon_ports = '%s', id_recon_script = %d, field1 = '%s', field2 = '%s', field3 = '%s', field4 = '%s' WHERE id_rt = %u",$snmp_community, $id_os,$name,$network,$description,$id_recon_server,$create_incident,$id_group,$interval,$id_network_profile,$recon_ports, $id_recon_script, $field1, $field2, $field3, $field4, $id);
|
||||
|
||||
$values = array(
|
||||
'snmp_community' => $snmp_community,
|
||||
'id_os' => $id_os,
|
||||
'name' => $name,
|
||||
'subnet' => $network,
|
||||
'description' => $description,
|
||||
'id_recon_server' => $id_recon_server,
|
||||
'create_incident' => $create_incident,
|
||||
'id_group' => $id_group,
|
||||
'interval_sweep' => $interval,
|
||||
'id_network_profile' => $id_network_profile,
|
||||
'recon_ports' => $recon_ports,
|
||||
'id_recon_script' => $id_recon_script,
|
||||
'field1' => $field1,
|
||||
'field2' => $field2,
|
||||
'field3' => $field3,
|
||||
'field4' => $field4,
|
||||
);
|
||||
|
||||
$where = array('id_rt' => $id);
|
||||
|
||||
if ($name != "") {
|
||||
if (($id_recon_script == 0) && preg_match("/[0-9]+.+[0-9]+.+[0-9]+.+[0-9]+\/+[0-9]/", $network))
|
||||
$result = process_sql ($sql);
|
||||
$result = process_sql_update('trecon_task', $values, $where);
|
||||
elseif ($id_recon_script != 0)
|
||||
$result = process_sql ($sql);
|
||||
$result = process_sql_update('trecon_task', $values, $where);
|
||||
else
|
||||
$result = false;
|
||||
} else
|
||||
}
|
||||
else
|
||||
$result = false;
|
||||
|
||||
if ($result !== false) {
|
||||
echo '<h3 class="suc">'.__('Successfully updated recon task').'</h3>';
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
echo '<h3 class="error">'.__('Error updating recon task').'</h3>';
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,7 +51,8 @@ if (isset($_GET["server"])) {
|
|||
echo '<input type="submit" class="sub upd" value="'.__('Update').'">';
|
||||
echo "</div>";
|
||||
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
print_page_header (__('Manage servers'), "", false, "", true);
|
||||
|
||||
if (isset ($_GET["delete"])) {
|
||||
|
|
@ -60,18 +61,22 @@ if (isset($_GET["server"])) {
|
|||
$result = process_sql ($sql);
|
||||
if ($result !== false) {
|
||||
echo '<h3 class="suc">'.__('Server deleted successfully').'</h3>';
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
echo '<h3 class="error">'.__('There was a problem deleting the server').'</h3>';
|
||||
}
|
||||
} elseif (isset($_GET["update"])) {
|
||||
}
|
||||
elseif (isset($_GET["update"])) {
|
||||
$address = get_parameter_post ("address");
|
||||
$description = get_parameter_post ("description");
|
||||
$id_server = get_parameter_post ("server");
|
||||
$sql = sprintf ("UPDATE tserver SET ip_address = '%s', description = '%s' WHERE id_server = %d", $address, $description, $id_server);
|
||||
$result = process_sql ($sql);
|
||||
|
||||
$values = array('ip_address' => $address, 'description' => $description);
|
||||
$result = process_sql_update('tserver', $values, array('id_server' => $id_server));
|
||||
if ($result !== false) {
|
||||
echo '<h3 class="suc">'.__('Server updated successfully').'</h3>';
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
echo '<h3 class="error">'.__('There was a problem updating the server').'</h3>';
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -46,9 +46,8 @@ if (isset ($_POST["update"])) { // if update
|
|||
$subject = get_parameter ("subject");
|
||||
$text = get_parameter ("text");
|
||||
|
||||
$sql = sprintf ("UPDATE tnews SET subject = '%s', text ='%s', timestamp = NOW() WHERE id_news = %d", $subject, $text, $id_news);
|
||||
|
||||
$result = process_sql ($sql);
|
||||
$values = array('subject' => $subject, 'text' => $text, 'timestamp' => 'NOW()');
|
||||
$result = process_sql_update('tnews', $values, array('id_news' => $id_news));
|
||||
|
||||
print_result_message ($result,
|
||||
__('Successfully updated'),
|
||||
|
|
|
|||
|
|
@ -33,37 +33,43 @@ $filter = (string) get_parameter ('filter', '');
|
|||
if ($edit_filter > -2) {
|
||||
if ($edit_filter > -1) {
|
||||
print_page_header (__('SNMP Console')." » ".__('Update filter'), "images/computer_error.png", false, "", true);
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
print_page_header (__('SNMP Console')." » ".__('Create filter'), "images/computer_error.png", false, "", true);
|
||||
}
|
||||
// Overview header
|
||||
} else {
|
||||
}
|
||||
else {// Overview header
|
||||
print_page_header (__('SNMP Console')." » ".__('Filter overview'), "images/computer_error.png", false, "", true);
|
||||
}
|
||||
|
||||
// Create/update filter
|
||||
if ($update_filter > -2) {
|
||||
if ($update_filter > -1) {
|
||||
$sql = sprintf ("UPDATE tsnmp_filter SET description = '%s', filter = '%s' WHERE id_snmp_filter = %d", $description, $filter, $update_filter);
|
||||
if (process_sql ($sql) === false) {
|
||||
$values = array('description' => $description, 'filter' => $filter);
|
||||
$result = process_sql_update('tsnmp_filter', $values, array('id_snmp_filter' => $update_filter));
|
||||
if ($result === false) {
|
||||
print_error_message (__('There was a problem updating the filter'));
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
print_success_message (__('Successfully updated'));
|
||||
}
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
$sql = sprintf ("INSERT INTO tsnmp_filter (description, filter) VALUES ('%s', '%s')", $description, $filter);
|
||||
if (process_sql ($sql) === false) {
|
||||
print_error_message (__('There was a problem creating the filter'));
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
print_success_message (__('Successfully created'));
|
||||
}
|
||||
}
|
||||
// Delete
|
||||
} else if ($delete_filter > -1) {
|
||||
}
|
||||
else if ($delete_filter > -1) { // Delete
|
||||
$sql = sprintf ("DELETE FROM tsnmp_filter WHERE id_snmp_filter = %d", $delete_filter);
|
||||
if (process_sql ($sql) === false) {
|
||||
print_error_message (__('There was a problem deleting the filter'));
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
print_success_message (__('Successfully deleted'));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2060,15 +2060,8 @@ function agent_delete_address ($id_agent, $ip_address) {
|
|||
$new_ips = get_agent_addresses ($id_agent);
|
||||
// Change main address in agent to first one in the list
|
||||
|
||||
switch ($config["dbtype"]) {
|
||||
case "mysql":
|
||||
$query = sprintf ("UPDATE tagente SET `direccion` = '%s' WHERE id_agente = %d", current ($new_ips), $id_agent);
|
||||
break;
|
||||
case "postgresql":
|
||||
$query = sprintf ("UPDATE tagente SET direccion = '%s' WHERE id_agente = %d", current ($new_ips), $id_agent);
|
||||
break;
|
||||
}
|
||||
process_sql ($query);
|
||||
process_sql_update('tagente', array('direccion' => current ($new_ips)),
|
||||
array('id_agente' => $id_agent));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -194,13 +194,17 @@ function validate_event ($id_event, $similars = true, $comment = '', $new_status
|
|||
$comment .= '<br>'.$fullevent['user_comment'];
|
||||
}
|
||||
|
||||
$sql = sprintf ("UPDATE tevento SET estado = %d, id_usuario = '%s', user_comment = '%s' WHERE id_evento = %d", $new_status, $config['id_user'], $comment, $event);
|
||||
$ret = process_sql ($sql);
|
||||
$values = array(
|
||||
'estado' => $new_status,
|
||||
'id_usuario' => $config['id_user'],
|
||||
'user_comment' => $comment);
|
||||
$ret = process_sql_update('tevento', $values, array('id_evento' => $event));
|
||||
|
||||
if (check_acl ($config["id_user"], get_event_group ($event), "IW") == 0) {
|
||||
//Check ACL
|
||||
pandora_audit("ACL Violation", "Attempted updating event #".$event);
|
||||
} elseif ($ret !== false) {
|
||||
}
|
||||
elseif ($ret !== false) {
|
||||
//ACL didn't fail nor did return
|
||||
continue;
|
||||
}
|
||||
|
|
@ -212,7 +216,8 @@ function validate_event ($id_event, $similars = true, $comment = '', $new_status
|
|||
if ($errors > 1) {
|
||||
process_sql_rollback ();
|
||||
return false;
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
foreach ($id_event as $event) {
|
||||
pandora_audit("Event validated", "Validated event #".$event);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -135,13 +135,12 @@ function process_incidents_touch ($id_incident) {
|
|||
if (empty ($id_incident)) {
|
||||
return false;
|
||||
}
|
||||
$id_incident = implode (",", $id_incident);
|
||||
|
||||
if (empty ($id_incident)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$sql = sprintf ("UPDATE tincidencia SET id_lastupdate = '%s' WHERE id_incidencia IN (%s)", $config["id_user"], $id_incident);
|
||||
return process_sql ($sql);
|
||||
|
||||
return process_sql_update('tincidencia', array('id_lastupdate' => $config["id_user"]), array('id_incidencia' => $id_incident));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -119,11 +119,12 @@ function delete_message ($id_message) {
|
|||
function process_message_read ($message_id, $read = true) {
|
||||
if (empty ($read)) {
|
||||
$read = 0;
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
$read = 1;
|
||||
}
|
||||
|
||||
return (bool) process_sql ("UPDATE tmensajes SET estado = ".$read." WHERE id_mensaje = ".$message_id);
|
||||
return (bool) process_sql_update('tmensajes', array('estado' => $read), array('id_mensaje' => $message_id));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -51,8 +51,7 @@ function print_cells_temp ($cells) {
|
|||
if (isset($row["href"]))
|
||||
echo '<td class="'.$class.'" style="text-align:right;"><a class="big_data" href="'.safe_input ($row["href"]).'" style="color: '.$row["color"].';">'.$row[1].'</a></td></tr>';
|
||||
else
|
||||
echo '<td class="'.$class.'" style="text-align:right;"><a class="big_data" s
|
||||
tyle="color: '.$row["color"].';">'.$row[1].'</a></td></tr>';
|
||||
echo '<td class="'.$class.'" style="text-align:right;"><a class="big_data" style="color: '.$row["color"].';">'.$row[1].'</a></td></tr>';
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -60,14 +59,14 @@ if ($config["realtimestats"] == 0){
|
|||
$updated_time ="<a href='index.php?sec=estado&sec2=operation/agentes/tactical&force_refresh=1'>";
|
||||
$updated_time .= __('Last update'). " : ". print_timestamp (get_db_sql ("SELECT min(utimestamp) FROM tgroup_stat"), true);
|
||||
$updated_time .= "</a>";
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
$updated_time = __("Updated at realtime");
|
||||
}
|
||||
|
||||
// Header
|
||||
print_page_header (__("Tactical view"), "images/bricks.png", false, "", false, $updated_time );
|
||||
|
||||
$data = get_group_stats ();
|
||||
$data = get_group_stats();
|
||||
|
||||
echo '<div style="width:20%; float:left; padding-right: 5%;" id="leftcolumn">';
|
||||
// Monitor checks
|
||||
|
|
|
|||
|
|
@ -327,16 +327,15 @@ $flag = get_parameter('flag', '');
|
|||
if ($flag !== '') {
|
||||
if ($flag == 1 && check_acl ($config['id_user'], $id_grupo, "AW")) {
|
||||
$id_agent_module = get_parameter('id_agente_modulo');
|
||||
$sql = sprintf("UPDATE tagente_modulo SET flag=1 WHERE id_agente_modulo = %d", $id_agent_module);
|
||||
process_sql ($sql);
|
||||
|
||||
process_sql_update('tagente_modulo', array('flag' => 1), array('id_agente_modulo' => $id_agent_module));
|
||||
}
|
||||
}
|
||||
// Check for Network FLAG change request
|
||||
$flag_agent = get_parameter('flag_agent','');
|
||||
if ($flag_agent !== ''){
|
||||
if ($flag_agent == 1 && check_acl ($config['id_user'], $id_grupo, "AW")) {
|
||||
$sql = sprintf("UPDATE tagente_modulo SET flag=1 WHERE id_agente = %d", $id_agente);
|
||||
process_sql ($sql);
|
||||
process_sql_update('tagente_modulo', array('flag' => 1), array('id_agente' =>$id_agente));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -87,9 +87,18 @@ elseif ($action == "update") {
|
|||
$grupo = get_parameter_post ("grupo_form", 1);
|
||||
$usuario = get_parameter_post ("usuario_form", $config["id_user"]);
|
||||
|
||||
$sql = sprintf ("UPDATE tincidencia SET titulo = '%s', origen = '%s', estado = %d, id_grupo = %d, id_usuario = '%s', prioridad = %d, descripcion = '%s', id_lastupdate = '%s' WHERE id_incidencia = %d",
|
||||
$titulo, $origen, $estado, $grupo, $usuario, $prioridad, $descripcion, $config["id_user"], $id_inc);
|
||||
$values = array(
|
||||
'titulo' => $titulo,
|
||||
'origen' => $origen,
|
||||
'estado' => $estado,
|
||||
'id_grupo' => $grupo,
|
||||
'id_usuario' => $usuario,
|
||||
'prioridad' => $prioridad,
|
||||
'descripcion' => $descripcion,
|
||||
'id_lastupdate' => $config["id_user"]);
|
||||
$result = process_sql ($sql);
|
||||
|
||||
$result = process_sql_update('tincidencia', $values, array('id_incidencia' => $id_inc));
|
||||
|
||||
if ($result !== false) {
|
||||
pandora_audit("Incident updated","User ".$config['id_user']." updated incident #".$id_inc);
|
||||
|
|
|
|||
|
|
@ -43,9 +43,9 @@ $total_modules_data = 0;
|
|||
if (check_acl ($config['id_user'], 0, "PM")) {
|
||||
if (isset ($_GET["force"])) {
|
||||
$id = (int) get_parameter_get ("force", 0);
|
||||
$sql = sprintf ("UPDATE trecon_task SET utimestamp = 0, status = 1 WHERE id_rt = %d", $id);
|
||||
|
||||
process_sql ($sql);
|
||||
$values = array('utimestamp' => 0, 'status' => 1);
|
||||
process_sql_update('trecon_task', $values, array('id_rt' => $id));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -41,7 +41,8 @@ $url = "index.php?sec=snmpconsole&sec2=operation/snmpconsole/snmp_view&filter_ag
|
|||
|
||||
if ($config["pure"]) {
|
||||
$link = '<a target="_top" href="'.$url.'&pure=0&refr=30">' . print_image("images/normalscreen.png", true, array("title" => __('Normal screen'))) . '</a>';
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
// Fullscreen
|
||||
$link = '<a target="_top" href="'.$url.'&pure=1&refr=0">' . print_image("images/fullscreen.png", true, array("title" => __('Full screen'))) . '</a>';
|
||||
}
|
||||
|
|
@ -60,7 +61,8 @@ if (isset ($_GET["delete"])){
|
|||
print_result_message ($result,
|
||||
__('Successfully deleted'),
|
||||
__('Could not be deleted'));
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to delete SNMP event ID #".$id_trap);
|
||||
}
|
||||
|
|
@ -70,12 +72,16 @@ if (isset ($_GET["delete"])){
|
|||
if (isset ($_GET["check"])) {
|
||||
$id_trap = (int) get_parameter_get ("check", 0);
|
||||
if ($id_trap > 1 && check_acl ($config['id_user'], 0, "IW")) {
|
||||
$sql = sprintf ("UPDATE ttrap SET status = 1, id_usuario = '%s' WHERE id_trap = %d", $config["id_user"], $id_trap);
|
||||
$result = process_sql ($sql);
|
||||
$values = array(
|
||||
'status' => 1,
|
||||
'id_usuario' => $config["id_user"]);
|
||||
$result = process_sql_update('ttrap', $values, array('id_trap' => $id_trap));
|
||||
|
||||
print_result_message ($result,
|
||||
__('Successfully updated'),
|
||||
__('Could not be updated'));
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to checkout SNMP Trap ID".$id_trap);
|
||||
}
|
||||
|
|
@ -89,7 +95,8 @@ if (isset ($_POST["deletebt"])) {
|
|||
$sql = sprintf ("DELETE FROM ttrap WHERE id_trap = %d", $id_trap);
|
||||
process_sql ($sql);
|
||||
}
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to mass-delete SNMP Trap ID");
|
||||
}
|
||||
|
|
@ -103,7 +110,8 @@ if (isset ($_POST["updatebt"])) {
|
|||
$sql = sprintf ("UPDATE ttrap SET status = 1, id_usuario = '%s' WHERE id_trap = %d", $config["id_user"], $id_trap);
|
||||
process_sql ($sql);
|
||||
}
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
pandora_audit("ACL Violation",
|
||||
"Trying to mass-delete SNMP Trap ID");
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue