From 561a5cc0189078c8e73d3dd9025663ba451d776e Mon Sep 17 00:00:00 2001 From: vgilc Date: Wed, 25 Jan 2012 12:40:11 +0000 Subject: [PATCH] 2012-01-25 Vanessa Gil * include/functions_agents.php: Bad behavior group filter in massive operations and policies management. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@5427 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f --- pandora_console/ChangeLog | 5 +++++ pandora_console/include/functions_agents.php | 20 ++++++++++++-------- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index cc3918776c..23944f6580 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,8 @@ +2012-01-25 Vanessa Gil + + * include/functions_agents.php: Bad behavior group filter + in massive operations and policies management. + 2012-01-25 Juan Manuel Ramon * include/functions_api.php: removed warning from get_all_agents diff --git a/pandora_console/include/functions_agents.php b/pandora_console/include/functions_agents.php index 3d1e14bb68..081e160cbd 100644 --- a/pandora_console/include/functions_agents.php +++ b/pandora_console/include/functions_agents.php @@ -900,16 +900,20 @@ function agents_get_group_agents ($id_group = 0, $search = false, $case = "lower } if (is_array($id_group)) { - $search_sql = sprintf ('id_grupo IN (%s)', implode (",", $id_group)); + $all_groups = false; + $search_group_sql = sprintf ('id_grupo IN (%s)', implode (",", $id_group)); } else if ($id_group == 0) { //All group - $search_sql = '1 = 1'; + $all_groups = true; + $search_group_sql = '1 = 1'; } else { - $search_sql = sprintf ('id_grupo = %d', $id_group); + $all_groups = false; + $search_group_sql = sprintf ('id_grupo = %d', $id_group); } - + $search_sql = '1 = 1'; + if ($search === true) { //No added search. Show both disabled and non-disabled } @@ -965,7 +969,7 @@ function agents_get_group_agents ($id_group = 0, $search = false, $case = "lower enterprise_include_once ('include/functions_policies.php'); - if ($extra_access){ + if ($extra_access && $all_groups){ //if you have all group, search extra policies. $extra_sql = enterprise_hook('policies_get_agents_sql_condition'); if ($extra_sql === ENTERPRISE_NOT_HOOK) { $extra_sql = ''; @@ -980,13 +984,13 @@ function agents_get_group_agents ($id_group = 0, $search = false, $case = "lower switch ($config["dbtype"]) { case "mysql": case "postgresql": - $sql = sprintf ("SELECT id_agente, nombre FROM tagente WHERE %s (%s) ORDER BY nombre", $extra_sql, $search_sql); + $sql = sprintf ("SELECT id_agente, nombre FROM tagente WHERE (%s %s) AND (%s) ORDER BY nombre", $extra_sql, $search_group_sql, $search_sql); break; case "oracle": - $sql = sprintf ("SELECT id_agente, nombre FROM tagente WHERE %s (%s) ORDER BY dbms_lob.substr(nombre,4000,1)", $extra_sql, $search_sql); + $sql = sprintf ("SELECT id_agente, nombre FROM tagente WHERE (%s %s) AND (%s) ORDER BY dbms_lob.substr(nombre,4000,1)", $extra_sql, $search_group_sql, $search_sql); break; } - + $result = db_get_all_rows_sql ($sql); if ($result === false)