tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

DANGER COMMIT, uses schema collation instead forced one

This commit is contained in:
fbsanchez 2022-02-01 15:18:45 +01:00
parent 592df1c3a7
commit 5b06942caf
17 changed files with 51 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/godmode/agentes/agent_manager.php
View File

@ -47,7 +47,7 @@ if (is_ajax()) {
$string = (string) get_parameter('q'); $string = (string) get_parameter('q');
// Field q is what autocomplete plugin gives. // Field q is what autocomplete plugin gives.
$filter = []; $filter = [];
$filter[] = '(nombre COLLATE utf8_general_ci LIKE "%'.$string.'%" OR direccion LIKE "%'.$string.'%" OR comentarios LIKE "%'.$string.'%" OR alias LIKE "%'.$string.'%")'; $filter[] = '(nombre LIKE "%'.$string.'%" OR direccion LIKE "%'.$string.'%" OR comentarios LIKE "%'.$string.'%" OR alias LIKE "%'.$string.'%")';
$filter[] = 'id_agente != '.$id_agent; $filter[] = 'id_agente != '.$id_agent;
$agents = agents_get_agents( $agents = agents_get_agents(

2
pandora_console/godmode/reporting/graph_builder.main.php
View File

@ -42,7 +42,7 @@ if (is_ajax() === true) {
$id_group = (int) get_parameter('id_group'); $id_group = (int) get_parameter('id_group');
$filter = []; $filter = [];
$filter[] = '(nombre COLLATE utf8_general_ci LIKE "%'.$string.'%" OR direccion LIKE "%'.$string.'%" OR comentarios LIKE "%'.$string.'%")'; $filter[] = '(nombre LIKE "%'.$string.'%" OR direccion LIKE "%'.$string.'%" OR comentarios LIKE "%'.$string.'%")';
$filter['id_grupo'] = $id_group; $filter['id_grupo'] = $id_group;
$agents = agents_get_agents($filter, ['nombre', 'direccion']); $agents = agents_get_agents($filter, ['nombre', 'direccion']);

2
pandora_console/godmode/reporting/graph_builder.php
View File

@ -41,7 +41,7 @@ if (is_ajax()) {
$id_group = (int) get_parameter('id_group'); $id_group = (int) get_parameter('id_group');
$filter = []; $filter = [];
$filter[] = '(nombre COLLATE utf8_general_ci LIKE "%'.$string.'%" OR direccion LIKE "%'.$string.'%" OR comentarios LIKE "%'.$string.'%")'; $filter[] = '(nombre LIKE "%'.$string.'%" OR direccion LIKE "%'.$string.'%" OR comentarios LIKE "%'.$string.'%")';
$filter['id_grupo'] = $id_group; $filter['id_grupo'] = $id_group;
$agents = agents_get_agents($filter, ['nombre', 'direccion']); $agents = agents_get_agents($filter, ['nombre', 'direccion']);

14
pandora_console/include/ajax/agent.php
View File

@ -144,7 +144,7 @@ if ($search_agents && (!is_metaconsole() || $force_local)) {
$filter_agents = $filter; $filter_agents = $filter;
switch ($config['dbtype']) { switch ($config['dbtype']) {
case 'mysql': case 'mysql':
$filter_agents[] = '(UPPER(alias) NOT LIKE "%'.$string.'%" AND UPPER(nombre) COLLATE utf8_general_ci LIKE "%'.$string.'%")'; $filter_agents[] = '(UPPER(alias) NOT LIKE "%'.$string.'%" AND UPPER(nombre) LIKE "%'.$string.'%")';
break; break;
case 'postgresql': case 'postgresql':
@ -173,7 +173,7 @@ if ($search_agents && (!is_metaconsole() || $force_local)) {
$filter_address = $filter; $filter_address = $filter;
switch ($config['dbtype']) { switch ($config['dbtype']) {
case 'mysql': case 'mysql':
$filter_address[] = '(UPPER(alias) NOT LIKE "%'.$string.'%" AND UPPER(nombre) COLLATE utf8_general_ci NOT LIKE "%'.$string.'%" AND UPPER(direccion) LIKE "%'.$string.'%")'; $filter_address[] = '(UPPER(alias) NOT LIKE "%'.$string.'%" AND UPPER(nombre) NOT LIKE "%'.$string.'%" AND UPPER(direccion) LIKE "%'.$string.'%")';
break; break;
case 'postgresql': case 'postgresql':
@ -202,7 +202,7 @@ if ($search_agents && (!is_metaconsole() || $force_local)) {
$filter_description = $filter; $filter_description = $filter;
switch ($config['dbtype']) { switch ($config['dbtype']) {
case 'mysql': case 'mysql':
$filter_description[] = '(UPPER(alias) NOT LIKE "%'.$string.'%" AND UPPER(nombre) COLLATE utf8_general_ci NOT LIKE "%'.$string.'%" AND UPPER(direccion) NOT LIKE "%'.$string.'%" AND UPPER(comentarios) LIKE "%'.$string.'%")'; $filter_description[] = '(UPPER(alias) NOT LIKE "%'.$string.'%" AND UPPER(nombre) NOT LIKE "%'.$string.'%" AND UPPER(direccion) NOT LIKE "%'.$string.'%" AND UPPER(comentarios) LIKE "%'.$string.'%")';
break; break;
case 'postgresql': case 'postgresql':
@ -284,7 +284,7 @@ if ($search_agents && (!is_metaconsole() || $force_local)) {
if (empty($string) === false) { if (empty($string) === false) {
// Get agents for only the alias. // Get agents for only the alias.
$filter_alias = $filter; $filter_alias = $filter;
$filter_alias[] = '(alias COLLATE utf8_general_ci LIKE "%'.$string.'%")'; $filter_alias[] = '(alias LIKE "%'.$string.'%")';
$agents = db_get_all_rows_filter( $agents = db_get_all_rows_filter(
'tmetaconsole_agent', 'tmetaconsole_agent',
@ -307,7 +307,7 @@ if ($search_agents && (!is_metaconsole() || $force_local)) {
// Get agents for only the name. // Get agents for only the name.
$filter_agents = $filter; $filter_agents = $filter;
$filter_agents[] = '(alias COLLATE utf8_general_ci NOT LIKE "%'.$string.'%" AND nombre COLLATE utf8_general_ci LIKE "%'.$string.'%")'; $filter_agents[] = '(alias NOT LIKE "%'.$string.'%" AND nombre LIKE "%'.$string.'%")';
$agents = db_get_all_rows_filter( $agents = db_get_all_rows_filter(
'tmetaconsole_agent', 'tmetaconsole_agent',
@ -330,7 +330,7 @@ if ($search_agents && (!is_metaconsole() || $force_local)) {
// Get agents for only the address. // Get agents for only the address.
$filter_address = $filter; $filter_address = $filter;
$filter_address[] = '(alias COLLATE utf8_general_ci NOT LIKE "%'.$string.'%" AND nombre COLLATE utf8_general_ci NOT LIKE "%'.$string.'%" AND direccion LIKE "%'.$string.'%")'; $filter_address[] = '(alias NOT LIKE "%'.$string.'%" AND nombre NOT LIKE "%'.$string.'%" AND direccion LIKE "%'.$string.'%")';
$agents = db_get_all_rows_filter( $agents = db_get_all_rows_filter(
'tmetaconsole_agent', 'tmetaconsole_agent',
@ -353,7 +353,7 @@ if ($search_agents && (!is_metaconsole() || $force_local)) {
// Get agents for only the description. // Get agents for only the description.
$filter_description = $filter; $filter_description = $filter;
$filter_description[] = '(alias COLLATE utf8_general_ci NOT LIKE "%'.$string.'%" AND nombre COLLATE utf8_general_ci NOT LIKE "%'.$string.'%" AND direccion NOT LIKE "%'.$string.'%" AND comentarios LIKE "%'.$string.'%")'; $filter_description[] = '(alias NOT LIKE "%'.$string.'%" AND nombre NOT LIKE "%'.$string.'%" AND direccion NOT LIKE "%'.$string.'%" AND comentarios LIKE "%'.$string.'%")';
$agents = db_get_all_rows_filter( $agents = db_get_all_rows_filter(
'tmetaconsole_agent', 'tmetaconsole_agent',

8
pandora_console/include/functions_agents.php
View File

@ -1236,26 +1236,26 @@ function agents_get_group_agents(
if (isset($search['string']) === true) { if (isset($search['string']) === true) {
$string = io_safe_input($search['string']); $string = io_safe_input($search['string']);
$filter[] = "(nombre COLLATE utf8_general_ci LIKE '%$string%' OR direccion LIKE '%$string%')"; $filter[] = "(nombre LIKE '%$string%' OR direccion LIKE '%$string%')";
unset($search['string']); unset($search['string']);
} }
if (isset($search['name']) === true) { if (isset($search['name']) === true) {
$name = io_safe_input($search['name']); $name = io_safe_input($search['name']);
$filter[] = "nombre COLLATE utf8_general_ci LIKE '$name'"; $filter[] = "nombre LIKE '$name'";
unset($search['name']); unset($search['name']);
} }
if (isset($search['alias']) === true) { if (isset($search['alias']) === true) {
$name = io_safe_input($search['alias']); $name = io_safe_input($search['alias']);
$filter[] = "alias COLLATE utf8_general_ci LIKE '$name'"; $filter[] = "alias LIKE '$name'";
unset($search['alias']); unset($search['alias']);
} }
if (isset($search['aliasRegex']) === true) { if (isset($search['aliasRegex']) === true) {
$name = io_safe_input($search['aliasRegex']); $name = io_safe_input($search['aliasRegex']);
$filter[] = sprintf( $filter[] = sprintf(
'alias COLLATE utf8_general_ci REGEXP "%s"', 'alias REGEXP "%s"',
$name $name
); );
unset($search['aliasRegex']); unset($search['aliasRegex']);

2
pandora_console/include/functions_groups.php
View File

@ -1924,7 +1924,7 @@ function group_get_data(
SELECT * SELECT *
FROM tgrupo FROM tgrupo
WHERE id_grupo IN ('.$user_groups_ids.') WHERE id_grupo IN ('.$user_groups_ids.')
ORDER BY nombre COLLATE utf8_general_ci ASC' ORDER BY nombre ASC'
); );
} }

2
pandora_console/include/functions_networkmap.php
View File

@ -312,7 +312,7 @@ function networkmap_generate_dot(
$filter['disabled'] = 0; $filter['disabled'] = 0;
if (empty($text_filter) === false) { if (empty($text_filter) === false) {
$filter[] = '(nombre COLLATE utf8_general_ci LIKE "%'.$text_filter.'%")'; $filter[] = '(nombre LIKE "%'.$text_filter.'%")';
} }
/* /*

2
pandora_console/include/functions_tactical.php
View File

@ -82,7 +82,7 @@ function tactical_get_data($id_user=false, $user_strict=false, $acltags, $return
SELECT * SELECT *
FROM tgrupo FROM tgrupo
WHERE id_grupo IN ('.$user_groups_ids.') WHERE id_grupo IN ('.$user_groups_ids.')
ORDER BY nombre COLLATE utf8_general_ci ASC' ORDER BY nombre ASC'
); );
} }

6
pandora_console/include/functions_tags.php
View File

@ -48,8 +48,8 @@ function tags_search_tag($tag_name_description=false, $filter=false, $only_names
if ($tag_name_description) { if ($tag_name_description) {
switch ($config['dbtype']) { switch ($config['dbtype']) {
case 'mysql': case 'mysql':
$filter[] = '((name COLLATE utf8_general_ci LIKE "%'.$tag_name_description.'%") OR $filter[] = '((name LIKE "%'.$tag_name_description.'%") OR
(description COLLATE utf8_general_ci LIKE "%'.$tag_name_description.'%"))'; (description LIKE "%'.$tag_name_description.'%"))';
break; break;
case 'postgresql': case 'postgresql':
@ -2520,7 +2520,7 @@ function tags_get_all_user_agents(
if ($filter) { if ($filter) {
if (($filter['search']) != '') { if (($filter['search']) != '') {
$string = io_safe_input($filter['search']); $string = io_safe_input($filter['search']);
$search_sql = ' AND (tagente.nombre COLLATE utf8_general_ci LIKE "%'.$string.'%")'; $search_sql = ' AND (tagente.nombre LIKE "%'.$string.'%")';
} }
if (isset($filter['show_void_agents'])) { if (isset($filter['show_void_agents'])) {

4
pandora_console/mobile/operation/agents.php
View File

@ -261,8 +261,8 @@ class Agents
if (!empty($this->free_search)) { if (!empty($this->free_search)) {
$search_sql = " AND ( $search_sql = " AND (
alias COLLATE utf8_general_ci LIKE '%".$this->free_search."%' alias LIKE '%".$this->free_search."%'
OR nombre COLLATE utf8_general_ci LIKE '%".$this->free_search."%' OR nombre LIKE '%".$this->free_search."%'
OR direccion LIKE '%".$this->free_search."%' OR direccion LIKE '%".$this->free_search."%'
OR comentarios LIKE '%".$this->free_search."%') "; OR comentarios LIKE '%".$this->free_search."%') ";
} }

4
pandora_console/operation/agentes/alerts_status.php
View File

@ -239,8 +239,8 @@ if ($free_search != '') {
WHERE id_agente IN ( WHERE id_agente IN (
SELECT id_agente SELECT id_agente
FROM tagente FROM tagente
WHERE nombre COLLATE utf8_general_ci LIKE "%'.$free_search.'%") WHERE nombre LIKE "%'.$free_search.'%")
OR alias COLLATE utf8_general_ci LIKE "%'.$free_search.'%")'.')'; OR alias LIKE "%'.$free_search.'%")'.')';
} else { } else {
$whereAlertSimple = ''; $whereAlertSimple = '';
} }

12
pandora_console/operation/agentes/estado_agente.php
View File

@ -549,7 +549,7 @@ if ($search != '') {
if ($id != '') { if ($id != '') {
$aux = $id[0]['id_agent']; $aux = $id[0]['id_agent'];
$search_sql = ' AND ( nombre '.$order_collation." $search_sql = ' AND ( nombre '.$order_collation."
COLLATE utf8_general_ci LIKE '%$search%' OR alias ".$order_collation." COLLATE utf8_general_ci LIKE '%$search%' LIKE '%$search%' OR alias ".$order_collation." LIKE '%$search%'
OR tagente.id_agente = $aux"; OR tagente.id_agente = $aux";
if (count($id) >= 2) { if (count($id) >= 2) {
for ($i = 1; $i < count($id); $i++) { for ($i = 1; $i < count($id); $i++) {
@ -561,9 +561,9 @@ if ($search != '') {
$search_sql .= ')'; $search_sql .= ')';
} else { } else {
$search_sql = ' AND ( nombre '.$order_collation." $search_sql = ' AND ( nombre '.$order_collation."
COLLATE utf8_general_ci LIKE '%$search%' LIKE '%$search%'
OR comentarios ".$order_collation." COLLATE utf8_general_ci LIKE '%$search%' OR comentarios ".$order_collation." LIKE '%$search%'
OR alias ".$order_collation." COLLATE utf8_general_ci LIKE '%$search%') "; OR alias ".$order_collation." LIKE '%$search%') ";
} }
} }
@ -590,14 +590,14 @@ if ($group_id > 0) {
if ($strict_user) { if ($strict_user) {
$count_filter = [ $count_filter = [
// 'order' => 'tagente.nombre COLLATE utf8_general_ci ASC', // 'order' => 'tagente.nombre ASC',
'order' => 'tagente.nombre ASC', 'order' => 'tagente.nombre ASC',
'disabled' => 0, 'disabled' => 0,
'status' => $status, 'status' => $status,
'search' => $search, 'search' => $search,
]; ];
$filter = [ $filter = [
// 'order' => 'tagente.nombre COLLATE utf8_general_ci ASC', // 'order' => 'tagente.nombre ASC',
'order' => 'tagente.nombre ASC', 'order' => 'tagente.nombre ASC',
'disabled' => 0, 'disabled' => 0,
'status' => $status, 'status' => $status,

8
pandora_console/operation/agentes/status_monitor.php
View File

@ -311,10 +311,10 @@ if ($moduletype != '') {
// Freestring selector. // Freestring selector.
if ($ag_freestring != '') { if ($ag_freestring != '') {
$sql_conditions .= ' AND (tagente.nombre COLLATE utf8_general_ci '.$not_condition.' LIKE \'%%'.$ag_freestring.'%%\' $sql_conditions .= ' AND (tagente.nombre '.$not_condition.' LIKE \'%%'.$ag_freestring.'%%\'
OR tagente.alias COLLATE utf8_general_ci '.$not_condition.' LIKE \'%%'.$ag_freestring.'%%\' OR tagente.alias '.$not_condition.' LIKE \'%%'.$ag_freestring.'%%\'
OR tagente_modulo.nombre COLLATE utf8_general_ci '.$not_condition.' LIKE \'%%'.$ag_freestring.'%%\' OR tagente_modulo.nombre '.$not_condition.' LIKE \'%%'.$ag_freestring.'%%\'
OR tagente_modulo.descripcion COLLATE utf8_general_ci '.$not_condition.' LIKE \'%%'.$ag_freestring.'%%\')'; OR tagente_modulo.descripcion '.$not_condition.' LIKE \'%%'.$ag_freestring.'%%\')';
} }
// Status selector. // Status selector.

2
pandora_console/operation/agentes/ver_agente.php
View File

@ -489,7 +489,7 @@ if (is_ajax()) {
} }
if (!empty($module_name)) { if (!empty($module_name)) {
$filter .= " AND t1.nombre COLLATE utf8_general_ci LIKE '%".$module_name."%'"; $filter .= " AND t1.nombre LIKE '%".$module_name."%'";
} }
// Status selector. // Status selector.

20
pandora_console/operation/search_agents.getdata.php
View File

@ -189,10 +189,10 @@ if ($searchAgents) {
$id = db_get_all_rows_sql($sql); $id = db_get_all_rows_sql($sql);
if ($id != '') { if ($id != '') {
$aux = $id[0]['id_agent']; $aux = $id[0]['id_agent'];
$search_sql = " t1.nombre COLLATE utf8_general_ci LIKE '%%cd ".$stringSearchSQL."%%' OR $search_sql = " t1.nombre LIKE '%%cd ".$stringSearchSQL."%%' OR
t2.nombre COLLATE utf8_general_ci LIKE '%%".$stringSearchSQL."%%' OR t2.nombre LIKE '%%".$stringSearchSQL."%%' OR
t1.alias COLLATE utf8_general_ci LIKE '%%".$stringSearchSQL."%%' OR t1.alias LIKE '%%".$stringSearchSQL."%%' OR
t1.comentarios COLLATE utf8_general_ci LIKE '%%".$stringSearchSQL."%%' OR t1.comentarios LIKE '%%".$stringSearchSQL."%%' OR
t1.id_agente = $aux"; t1.id_agente = $aux";
$idCount = count($id); $idCount = count($id);
@ -204,16 +204,16 @@ if ($searchAgents) {
} }
} }
} else { } else {
$search_sql = " t1.nombre COLLATE utf8_general_ci LIKE '%%".$stringSearchSQL."%%' OR $search_sql = " t1.nombre LIKE '%%".$stringSearchSQL."%%' OR
t2.nombre COLLATE utf8_general_ci LIKE '%%".$stringSearchSQL."%%' OR t2.nombre LIKE '%%".$stringSearchSQL."%%' OR
t1.direccion COLLATE utf8_general_ci LIKE '%%".$stringSearchSQL."%%' OR t1.direccion LIKE '%%".$stringSearchSQL."%%' OR
t1.comentarios COLLATE utf8_general_ci LIKE '%%".$stringSearchSQL."%%' OR t1.comentarios LIKE '%%".$stringSearchSQL."%%' OR
t1.alias COLLATE utf8_general_ci LIKE '%%".$stringSearchSQL."%%'"; t1.alias LIKE '%%".$stringSearchSQL."%%'";
} }
if ($has_secondary === true) { if ($has_secondary === true) {
$search_sql .= " OR (tasg.id_group IS NOT NULL AND $search_sql .= " OR (tasg.id_group IS NOT NULL AND
tasg.id_group IN (SELECT id_grupo FROM tgrupo WHERE nombre COLLATE utf8_general_ci LIKE '%%".$stringSearchSQL."%%'))"; tasg.id_group IN (SELECT id_grupo FROM tgrupo WHERE nombre LIKE '%%".$stringSearchSQL."%%'))";
} }
$sql = " $sql = "

10
pandora_console/operation/search_alerts.getdata.php
View File

@ -139,32 +139,32 @@ if ($searchAlerts) {
switch ($config['dbtype']) { switch ($config['dbtype']) {
case 'mysql': case 'mysql':
$whereAlerts = 'AND ( $whereAlerts = 'AND (
id_alert_template IN (SELECT id FROM talert_templates WHERE name COLLATE utf8_general_ci LIKE "%'.$stringSearchSQL.'%") OR id_alert_template IN (SELECT id FROM talert_templates WHERE name LIKE "%'.$stringSearchSQL.'%") OR
id_alert_template IN ( id_alert_template IN (
SELECT id SELECT id
FROM talert_templates FROM talert_templates
WHERE id_alert_action IN ( WHERE id_alert_action IN (
SELECT id SELECT id
FROM talert_actions FROM talert_actions
WHERE name COLLATE utf8_general_ci LIKE "%'.$stringSearchSQL.'%")) OR WHERE name LIKE "%'.$stringSearchSQL.'%")) OR
talert_template_modules.id IN ( talert_template_modules.id IN (
SELECT id_alert_template_module SELECT id_alert_template_module
FROM talert_template_module_actions FROM talert_template_module_actions
WHERE id_alert_action IN ( WHERE id_alert_action IN (
SELECT id SELECT id
FROM talert_actions FROM talert_actions
WHERE name COLLATE utf8_general_ci LIKE "%'.$stringSearchSQL.'%")) OR WHERE name LIKE "%'.$stringSearchSQL.'%")) OR
id_agent_module IN ( id_agent_module IN (
SELECT id_agente_modulo SELECT id_agente_modulo
FROM tagente_modulo FROM tagente_modulo
WHERE nombre COLLATE utf8_general_ci LIKE "%'.$stringSearchSQL.'%") OR WHERE nombre LIKE "%'.$stringSearchSQL.'%") OR
id_agent_module IN ( id_agent_module IN (
SELECT id_agente_modulo SELECT id_agente_modulo
FROM tagente_modulo FROM tagente_modulo
WHERE id_agente IN ( WHERE id_agente IN (
SELECT id_agente SELECT id_agente
FROM tagente FROM tagente
WHERE nombre COLLATE utf8_general_ci LIKE "%'.$stringSearchSQL.'%" '.$extra_sql.')) WHERE nombre LIKE "%'.$stringSearchSQL.'%" '.$extra_sql.'))
)'; )';
break; break;

2
pandora_console/operation/search_modules.getdata.php
View File

@ -134,7 +134,7 @@ if ($searchModules) {
) )
) )
AND AND
(t1.nombre COLLATE utf8_general_ci LIKE "%'.$stringSearchSQL.'%" OR (t1.nombre LIKE "%'.$stringSearchSQL.'%" OR
t3.nombre LIKE "%'.$stringSearchSQL.'%") t3.nombre LIKE "%'.$stringSearchSQL.'%")
AND t1.disabled = 0'; AND t1.disabled = 0';
break; break;