tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2010-03-09 Miguel de Dios <miguel.dedios@artica.es> 

* index.php: changed the deprecated var $REMOTE_ADDR for standar
	$_SERVER['REMOTE_ADDR']. I forget in the last commit.

	* operation/gis_maps/render_view.php, operation/gis_maps/index.php,
	operation/menu.php, godmode/gis_maps/configure_gis_map.php: fix the ACL
	and add in other sites of source code.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@2496 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
mdtrooper 2010-03-09 16:59:23 +00:00
parent 4515df471f
commit 60fd02fefc
6 changed files with 32 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pandora_console/ChangeLog
View File

@ -1,3 +1,12 @@
2010-03-09 Miguel de Dios <miguel.dedios@artica.es>
* index.php: changed the deprecated var $REMOTE_ADDR for standar
$_SERVER['REMOTE_ADDR']. I forget in the last commit.
* operation/gis_maps/render_view.php, operation/gis_maps/index.php,
operation/menu.php, godmode/gis_maps/configure_gis_map.php: fix the ACL
and add in other sites of source code.
2010-03-09 Miguel de Dios <miguel.dedios@artica.es>
* include/config_process.php, extensions/dbmanager.php,

10
pandora_console/godmode/gis_maps/configure_gis_map.php
View File

@ -308,11 +308,19 @@ if (isset($invalidFields['map_connection_list'])) {
}
}
$listConnectionTemp = get_db_all_rows_sql("SELECT id_tmap_connection, conection_name, group_id FROM tgis_map_connection");
$listConnection = array();
foreach ($listConnectionTemp as $connectionTemp) {
if (check_acl ($config["id_user"], $connectionTemp['group_id'], "IW")) {
$listConnection[$connectionTemp['id_tmap_connection']] = $connectionTemp['conection_name'];
}
}
$table->data[1][0] = __("Add Map connection") . print_help_tip (__('At least one map connection must be deffined, it will be possible to change betwwen the connections in the map'), true). ": " . $iconError;
$table->data[1][1] = "<table class='databox' border='0' id='map_connection'>
<tr>
<td>
" . print_select_from_sql('SELECT id_tmap_connection, conection_name FROM tgis_map_connection', 'map_connection', '', '', '', '0', true) ."
" . print_select($listConnection, 'map_connection', '', '', '', '0', true) ."
</td>
<td>
<a href='javascript: addConnectionMap();'>" . print_image ("images/add.png", true) . "</a>

11
pandora_console/index.php
View File

@ -110,7 +110,6 @@ echo '</head>'."\n";
ob_start ('process_page_body');
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
$config["remote_addr"] = $_SERVER['REMOTE_ADDR'];
$sec2 = get_parameter_get ('sec2');
@ -136,12 +135,12 @@ if (! isset ($config['id_user']) && isset ($_GET["loginhash"])) {
$loginhash_user = get_parameter("loginhash_user", "");
if ($loginhash_data == md5($loginhash_user.$config["loginhash_pwd"])) {
logon_db ($loginhash_user, $REMOTE_ADDR);
logon_db ($loginhash_user, $_SERVER['REMOTE_ADDR']);
$_SESSION['id_usuario'] = $loginhash_user;
$config["id_user"] = $loginhash_user;
} else {
require_once ('general/login_page.php');
audit_db ("system", $REMOTE_ADDR, "Logon Failed (loginhash", "");
audit_db ("system", $_SERVER['REMOTE_ADDR'], "Logon Failed (loginhash", "");
while (@ob_end_flush ());
exit ("</html>");
}
@ -161,7 +160,7 @@ if (! isset ($config['id_user']) && isset ($_GET["loginhash"])) {
if ($nick !== false) {
unset ($_GET["sec2"]);
$_GET["sec"] = "general/logon_ok";
logon_db ($nick, $REMOTE_ADDR);
logon_db ($nick, $_SERVER['REMOTE_ADDR']);
$_SESSION['id_usuario'] = $nick;
$config['id_user'] = $nick;
//Remove everything that might have to do with people's passwords or logins
@ -182,7 +181,7 @@ if (! isset ($config['id_user']) && isset ($_GET["loginhash"])) {
// User not known
$login_failed = true;
require_once ('general/login_page.php');
audit_db ($nick, $REMOTE_ADDR, "Logon Failed", "Invalid login: ".$nick);
audit_db ($nick, $_SERVER['REMOTE_ADDR'], "Logon Failed", "Invalid login: ".$nick);
while (@ob_end_flush ());
exit ("</html>");
}
@ -197,7 +196,7 @@ if (! isset ($config['id_user']) && isset ($_GET["loginhash"])) {
if (isset ($_GET["bye"])) {
include ("general/logoff.php");
$iduser = $_SESSION["id_usuario"];
logoff_db ($iduser, $REMOTE_ADDR);
logoff_db ($iduser, $_SERVER['REMOTE_ADDR']);
// Unregister Session (compatible with 5.2 and 6.x, old code was deprecated
unset($_SESSION['id_usuario']);
unset($iduser);

2
pandora_console/operation/gis_maps/index.php
View File

@ -47,7 +47,7 @@ if ($maps !== false) {
$rowPair = !$rowPair;
$iterator++;
if (!give_acl ($config["id_user"], $map["group_id"], "AR")) {
if (!check_acl ($config["id_user"], $map["group_id"], "IR")) {
continue;
}
$data = array ();

8
pandora_console/operation/gis_maps/render_view.php
View File

@ -28,6 +28,12 @@ $show_history = get_parameter ('show_history', 'n');
$map = get_db_row ('tgis_map', 'id_tgis_map', $idMap);
$confMap = getMapConf($idMap);
if (! check_acl ($config['id_user'], $map['group_id'], "IR")) {
audit_db ($config['id_user'], $_SERVER['REMOTE_ADDR'], "ACL Violation", "Trying to access map builder");
require ("general/noaccess.php");
return;
}
$num_baselayer=0;
// Initialy there is no Gmap base layer.
$gmap_layer = false;
@ -88,7 +94,7 @@ else {
print_image ("images/normalscreen.png", true, array ("title" => __('Back to normal mode'))) . "</a>";
}
if (give_acl ($config["id_user"], $map['group_id'], "AW"))
if (check_acl ($config["id_user"], $map['group_id'], "IW"))
$buttons [] = '<a href="index.php?sec=godgismaps&sec2=godmode/gis_maps/configure_gis_map&action=edit_map&map_id='. $idMap.'">'.print_image ("images/setup.png", true, array ("title" => __('Setup'))).'</a>';
$buttonsString = '<a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente=3"><img src="images/bricks.png" class="top" border="0">&nbsp; Agent&nbsp;-&nbsp;test_gis1</a></li></ul></div><div id="menu_tab"><ul class="mn"><li class="nomn"><a href="index.php?sec=gagente&amp;sec2=godmode/agentes/configurar_agente&amp;id_agente=3"><img src="images/setup.png" class="top" title="Manage" border="0" width="16">&nbsp;</a></li><li class="nomn_high"><a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente=3"><img src="images/monitor.png" class="top" title="Main" border="0">&nbsp;</a></li><li class="nomn"><a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente=3&amp;tab=data"><img src="images/lightbulb.png" class="top" title="Data" border="0">&nbsp;</a></li><li class="nomn"><a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente=3&amp;tab=alert"><img src="images/bell.png" class="top" title="Alerts" border="0">&nbsp;</a></li><li class="nomn"><a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;tab=sla&amp;id_agente=3"><img src="images/images.png" class="top" title="S.L.A." border="0">&nbsp;</a></li><li class="nomn"><a href="index.php?sec=estado&amp;sec2=operation/agentes/estado_agente&amp;group_id=2"><img src="images/agents_group.png" class="top" title="Group" border="0">&nbsp;</a></li><li class="nomn"><a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;tab=inventory&amp;id_agente=3"><img src="images/page_white_text.png" class="top" title="Inventory" border="0" width="16">&nbsp;</a></li><li class="nomn"><a href="index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;tab=gis&amp;id_agente=3"><img src="images/world.png" class="top" title="GIS data" border="0">&nbsp;</a>';

2
pandora_console/operation/menu.php
View File

@ -78,7 +78,7 @@ if (give_acl ($config['id_user'], 0, "AR")) {
$id = (int) get_parameter ('id', -1);
foreach ($gisMaps as $gisMap) {
if (! give_acl ($config["id_user"], $gisMap["group_id"], "AR")) {
if (! check_acl ($config["id_user"], $gisMap["group_id"], "IR")) {
continue;
}
$sub["operation/gis_maps/render_view&amp;map_id=".$gisMap["id_tgis_map"]]["text"] = mb_substr ($gisMap["map_name"], 0, 15);