2009-03-27 Esteban Sanchez <estebans@artica.es>
* pandoradb.sql, extras/pandoradb_migrate_v2.x_to_v3.0.sql: Fixed constraint restrictions on alert actions. * godmode/users/configure_user.php: Many bugfixes when creating and editing. * include/auth/mysql.php: Fixed return value on create_user() because it does not return an insert id. * include/functions_db.php: Call debug() on SQL errors to get a backtrace. * include/functions_ui.php: Added a return value to debug(). * operation/users/user_edit.php: Renamed user_update(). git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1574 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
Esteban Sanchez
parent
ae561b4b47
commit
68716acb0d
|
|
@ -1,3 +1,21 @@
|
|||
2009-03-27 Esteban Sanchez <estebans@artica.es>
|
||||
|
||||
* pandoradb.sql, extras/pandoradb_migrate_v2.x_to_v3.0.sql: Fixed
|
||||
constraint restrictions on alert actions.
|
||||
|
||||
* godmode/users/configure_user.php: Many bugfixes when creating and
|
||||
editing.
|
||||
|
||||
* include/auth/mysql.php: Fixed return value on create_user() because
|
||||
it does not return an insert id.
|
||||
|
||||
* include/functions_db.php: Call debug() on SQL errors to get a
|
||||
backtrace.
|
||||
|
||||
* include/functions_ui.php: Added a return value to debug().
|
||||
|
||||
* operation/users/user_edit.php: Renamed user_update().
|
||||
|
||||
2009-03-26 Evi Vanoost <vanooste@rcbi.rochester.edu>
|
||||
|
||||
* include/functions_reporting.php: Fixed security vulnerability
|
||||
|
|
|
|||
|
|
@ -59,15 +59,15 @@ CREATE TABLE IF NOT EXISTS `talert_commands` (
|
|||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `talert_actions` (
|
||||
`id` int(10) unsigned NOT NULL auto_increment,
|
||||
`name` varchar(255) default '',
|
||||
`id_alert_command` int(10) unsigned NOT NULL,
|
||||
`field1` varchar(255) NOT NULL default '',
|
||||
`field2` varchar(255) default '',
|
||||
`field3` varchar(255) default '',
|
||||
PRIMARY KEY (`id`),
|
||||
FOREIGN KEY (`id_alert_command`) REFERENCES talert_commands(`id`)
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE
|
||||
`id` int(10) unsigned NOT NULL auto_increment,
|
||||
`name` varchar(255) default '',
|
||||
`id_alert_command` int(10) unsigned NOT NULL,
|
||||
`field1` varchar(255) NOT NULL default '',
|
||||
`field2` varchar(255) default '',
|
||||
`field3` varchar(255) default '',
|
||||
PRIMARY KEY (`id`),
|
||||
FOREIGN KEY (`id_alert_command`) REFERENCES talert_commands(`id`)
|
||||
ON DELETE CASCADE ON UPDATE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `talert_templates` (
|
||||
|
|
@ -100,7 +100,7 @@ CREATE TABLE IF NOT EXISTS `talert_templates` (
|
|||
`field3_recovery` mediumtext NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
FOREIGN KEY (`id_alert_action`) REFERENCES talert_actions(`id`)
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE
|
||||
ON DELETE SET NULL ON UPDATE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `talert_template_modules` (
|
||||
|
|
@ -133,7 +133,7 @@ CREATE TABLE IF NOT EXISTS `talert_template_module_actions` (
|
|||
talert_template_modules(`id`)
|
||||
ON DELETE CASCADE ON UPDATE CASCADE,
|
||||
FOREIGN KEY (`id_alert_action`) REFERENCES talert_actions(`id`)
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE
|
||||
ON DELETE CASCADE ON UPDATE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
-- If you have custom stuff here, please make sure you manually
|
||||
|
|
|
|||
|
|
@ -43,6 +43,18 @@ $add_profile = (bool) get_parameter ('add_profile');
|
|||
$delete_profile = (bool) get_parameter ('delete_profile');
|
||||
$update_user = (bool) get_parameter ('update_user');
|
||||
|
||||
if ($new_user && $config['admin_can_add_user']) {
|
||||
$user_info = array ();
|
||||
$id = '';
|
||||
$user_info['fullname'] = '';
|
||||
$user_info['firstname'] = '';
|
||||
$user_info['lastname'] = '';
|
||||
$user_info['email'] = '';
|
||||
$user_info['phone'] = '';
|
||||
$user_info['comments'] = '';
|
||||
$user_info['is_admin'] = 0;
|
||||
}
|
||||
|
||||
if ($create_user) {
|
||||
if (! $config['admin_can_add_user']) {
|
||||
print_result_message (false, '',
|
||||
|
|
@ -51,6 +63,7 @@ if ($create_user) {
|
|||
}
|
||||
|
||||
$values = array ();
|
||||
$id = (string) get_parameter ('id_user');
|
||||
$values['fullname'] = (string) get_parameter ('fullname');
|
||||
$values['firstname'] = (string) get_parameter ('firstname');
|
||||
$values['lastname'] = (string) get_parameter ('lastname');
|
||||
|
|
@ -66,21 +79,24 @@ if ($create_user) {
|
|||
$user_info = $values;
|
||||
$password_new = '';
|
||||
$password_confirm = '';
|
||||
$new_user = true;
|
||||
} elseif ($password_new != $password_confirm) {
|
||||
print_result_message (false, '', __('Passwords didn\'t match'));
|
||||
$user_info = $values;
|
||||
$password_new = '';
|
||||
$password_confirm = '';
|
||||
$new_user = true;
|
||||
} else {
|
||||
$id = (string) get_parameter ('id_user');
|
||||
$result = create_user ($id, $password_new, $values);
|
||||
print_result_message ($result,
|
||||
__('User successfully created'),
|
||||
__('Error creating user'));
|
||||
__('Successfully created'),
|
||||
__('Could not be created'));
|
||||
$user_info = get_user_info ($id);
|
||||
$password_new = '';
|
||||
$password_confirm = '';
|
||||
}
|
||||
|
||||
$user_info['is_admin'] = $is_admin;
|
||||
}
|
||||
|
||||
if ($update_user) {
|
||||
|
|
@ -122,19 +138,8 @@ if ($update_user) {
|
|||
$user_info = $values;
|
||||
}
|
||||
|
||||
if ($new_user && $config['admin_can_add_user']) {
|
||||
$user_info = array ();
|
||||
$id = '';
|
||||
$user_info['fullname'] = '';
|
||||
$user_info['firstname'] = '';
|
||||
$user_info['lastname'] = '';
|
||||
$user_info['email'] = '';
|
||||
$user_info['phone'] = '';
|
||||
$user_info['comments'] = '';
|
||||
$user_info['is_admin'] = 0;
|
||||
}
|
||||
|
||||
if ($add_profile) {
|
||||
$id = (string) get_parameter ('id_user');
|
||||
$group = (int) get_parameter ('assign_group');
|
||||
$profile = (int) get_parameter ('assign_profile');
|
||||
|
||||
|
|
@ -145,6 +150,7 @@ if ($add_profile) {
|
|||
}
|
||||
|
||||
if ($delete_profile) {
|
||||
$id = (string) get_parameter ('id_user');
|
||||
$id_up = (int) get_parameter ('id_user_profile');
|
||||
|
||||
$return = delete_user_profile ($id, $id_up);
|
||||
|
|
@ -265,6 +271,7 @@ foreach ($result as $profile) {
|
|||
$data[2] = '<form method="post" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
|
||||
$data[2] .= print_input_hidden ('delete_profile', 1, true);
|
||||
$data[2] .= print_input_hidden ('id_user_profile', $profile['id_up'], true);
|
||||
$data[2] .= print_input_hidden ('id_user', $id, true);
|
||||
$data[2] .= print_input_image ('del', 'images/cross.png', 1, '', true);
|
||||
$data[2] .= '</form>';
|
||||
|
||||
|
|
@ -278,6 +285,7 @@ $data[0] .= print_select (get_profiles (), 'assign_profile', 0, '', __('None'),
|
|||
$data[1] = print_select (get_user_groups ($config['id_user'], 'UM'),
|
||||
'assign_group', 0, '', __('None'), 0, true, false, false);
|
||||
$data[2] = print_input_image ('add', 'images/add.png', 1, '', true);
|
||||
$data[2] .= print_input_hidden ('id_user', $id, true);
|
||||
$data[2] .= print_input_hidden ('add_profile', 1, true);
|
||||
$data[2] .= '</form>';
|
||||
|
||||
|
|
|
|||
|
|
@ -183,7 +183,9 @@ function get_users ($order = "fullname") {
|
|||
* @param string User id
|
||||
*/
|
||||
function process_user_contact ($id_user) {
|
||||
return process_sql_update ("tusuario", array ("last_connect" => get_system_time ()), array ("id_user" => $id_user));
|
||||
return process_sql_update ("tusuario",
|
||||
array ("last_connect" => get_system_time ()),
|
||||
array ("id_user" => $id_user));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -198,7 +200,7 @@ function create_user ($id_user, $password, $user_info) {
|
|||
$values["last_connect"] = 0;
|
||||
$values["registered"] = get_system_time ();
|
||||
|
||||
return process_sql_insert ("tusuario", $values);
|
||||
return (@process_sql_insert ("tusuario", $values)) !== false;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -1649,8 +1649,8 @@ function get_db_all_rows_filter ($table, $filter, $fields = false, $where_join =
|
|||
function sql_error_handler ($errno, $errstr) {
|
||||
global $config;
|
||||
|
||||
/* If debug is activated, the database debug table will show the error */
|
||||
if (isset ($config['debug']))
|
||||
/* If debug is activated, this will also show the backtrace */
|
||||
if (debug ($errstr))
|
||||
return false;
|
||||
|
||||
if (error_reporting () <= $errno)
|
||||
|
|
|
|||
|
|
@ -852,11 +852,13 @@ function print_help_tip ($text, $return = false) {
|
|||
*
|
||||
* @param mixed Variable name to debug
|
||||
* @param bool Wheter to print the backtrace or not.
|
||||
*
|
||||
* @return bool Tru if the debug was actived. False if not.
|
||||
*/
|
||||
function debug ($var, $backtrace = true) {
|
||||
global $config;
|
||||
if (! isset ($config['debug']))
|
||||
return;
|
||||
return false;
|
||||
|
||||
static $id = 0;
|
||||
static $trace_id = 0;
|
||||
|
|
@ -911,6 +913,7 @@ function debug ($var, $backtrace = true) {
|
|||
echo '<pre class="debug">';
|
||||
print_r ($var);
|
||||
echo '</pre>';
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ if (isset ($_GET["modified"]) && !$view_mode) {
|
|||
print_result_message (false, '', __('Passwords didn\'t match or other problem encountered while updating passwords'));
|
||||
}
|
||||
|
||||
$return = process_user_info ($id, $upd_info);
|
||||
$return = update_user ($id, $upd_info);
|
||||
print_result_message ($return,
|
||||
__('User info successfully updated'),
|
||||
__('Error updating user info'));
|
||||
|
|
|
|||
|
|
@ -218,7 +218,7 @@ CREATE TABLE IF NOT EXISTS `talert_actions` (
|
|||
`field3` varchar(255) default '',
|
||||
PRIMARY KEY (`id`),
|
||||
FOREIGN KEY (`id_alert_command`) REFERENCES talert_commands(`id`)
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE
|
||||
ON DELETE CASCADE ON UPDATE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `talert_templates` (
|
||||
|
|
@ -251,7 +251,7 @@ CREATE TABLE IF NOT EXISTS `talert_templates` (
|
|||
`field3_recovery` mediumtext NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
FOREIGN KEY (`id_alert_action`) REFERENCES talert_actions(`id`)
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE
|
||||
ON DELETE SET NULL ON UPDATE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `talert_template_modules` (
|
||||
|
|
@ -269,7 +269,7 @@ CREATE TABLE IF NOT EXISTS `talert_template_modules` (
|
|||
FOREIGN KEY (`id_agent_module`) REFERENCES tagente_modulo(`id_agente_modulo`)
|
||||
ON DELETE CASCADE ON UPDATE CASCADE,
|
||||
FOREIGN KEY (`id_alert_template`) REFERENCES talert_templates(`id`)
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE,
|
||||
ON DELETE CASCADE ON UPDATE CASCADE,
|
||||
UNIQUE (`id_agent_module`, `id_alert_template`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
|
|
@ -283,7 +283,7 @@ CREATE TABLE IF NOT EXISTS `talert_template_module_actions` (
|
|||
FOREIGN KEY (`id_alert_template_module`) REFERENCES talert_template_modules(`id`)
|
||||
ON DELETE CASCADE ON UPDATE CASCADE,
|
||||
FOREIGN KEY (`id_alert_action`) REFERENCES talert_actions(`id`)
|
||||
ON DELETE RESTRICT ON UPDATE CASCADE
|
||||
ON DELETE CASCADE ON UPDATE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `talert_compound` (
|
||||
|
|
|
|||
Loading…
Reference in New Issue