diff --git a/pandora_console/godmode/admin_access_logs.php b/pandora_console/godmode/admin_access_logs.php index 658f7dd9fc..54a0a77d49 100644 --- a/pandora_console/godmode/admin_access_logs.php +++ b/pandora_console/godmode/admin_access_logs.php @@ -228,11 +228,11 @@ foreach ($result as $row) { $rowPair = !$rowPair; $data = array(); - $data[0] = $row["id_usuario"]; + $data[0] = io_safe_output($row["id_usuario"]); $data[1] = ui_print_session_action_icon($row["accion"], true) . $row["accion"]; $data[2] = ui_print_help_tip(date($config["date_format"], $row["utimestamp"]), true) . ui_print_timestamp($row["utimestamp"], true); - $data[3] = $row["ip_origen"]; + $data[3] = io_safe_output($row["ip_origen"]); $data[4] = io_safe_output($row["descripcion"]); if ($enterprise_include !== ENTERPRISE_NOT_HOOK) { diff --git a/pandora_console/godmode/agentes/configurar_agente.php b/pandora_console/godmode/agentes/configurar_agente.php index 5f364389ed..fab0ad7637 100644 --- a/pandora_console/godmode/agentes/configurar_agente.php +++ b/pandora_console/godmode/agentes/configurar_agente.php @@ -924,9 +924,8 @@ if ($update_agent) { // if modified some agent paramenter enterprise_hook ('update_agent', array ($id_agente)); ui_print_success_message (__('Successfully updated')); - $unsafe_alias = io_safe_output($alias); db_pandora_audit("Agent management", - "Updated agent $unsafe_alias", false, false, $info); + "Updated agent $alias", false, false, $info); } } @@ -1427,7 +1426,7 @@ if ($update_module) { $edit_module = true; db_pandora_audit("Agent management", - "Fail to try update module '".io_safe_output($name)."' for agent " . io_safe_output($agent["alias"])); + "Fail to try update module '$name' for agent " . $agent["alias"]); } else { if ($prediction_module == 3) { @@ -1445,7 +1444,7 @@ if ($update_module) { $agent = db_get_row ('tagente', 'id_agente', $id_agente); db_pandora_audit("Agent management", - "Updated module '".io_safe_output($name)."' for agent ". io_safe_output($agent["alias"]), false, false, io_json_mb_encode($values)); + "Updated module '$name' for agent ".$agent["alias"], false, false, io_json_mb_encode($values)); } } @@ -1586,7 +1585,7 @@ if ($create_module) { $edit_module = true; $moduletype = $id_module; db_pandora_audit("Agent management", - "Fail to try added module '".io_safe_output($name)."' for agent ".io_safe_output($agent["alias"])); + "Fail to try added module '$name' for agent ".$agent["alias"]); } else { if ($prediction_module == 3) { @@ -1604,7 +1603,7 @@ if ($create_module) { $agent = db_get_row ('tagente', 'id_agente', $id_agente); db_pandora_audit("Agent management", - "Added module '".io_safe_output($name)."' for agent ".io_safe_output($agent["alias"]), false, true, io_json_mb_encode($values)); + "Added module '$name' for agent ".$agent["alias"], false, true, io_json_mb_encode($values)); } } @@ -1727,7 +1726,7 @@ if ($delete_module) { // DELETE agent module ! $agent = db_get_row ('tagente', 'id_agente', $id_agente); db_pandora_audit("Agent management", - "Deleted module '".io_safe_output($module_data["nombre"])."' for agent ".io_safe_output($agent["alias"])); + "Deleted module '".$module_data["nombre"]."' for agent ".$agent["alias"]); } @@ -1760,11 +1759,11 @@ if (!empty($duplicate_module)) { // DUPLICATE agent module ! if ($result) { db_pandora_audit("Agent management", - "Duplicate module '".$id_duplicate_module."' for agent " . io_safe_output($agent["alias"]) . " with the new id for clon " . $result); + "Duplicate module '".$id_duplicate_module."' for agent " . $agent["alias"] . " with the new id for clon " . $result); } else { db_pandora_audit("Agent management", - "Fail to try duplicate module '".$id_duplicate_module."' for agent " . io_safe_output($agent["alias"])); + "Fail to try duplicate module '".$id_duplicate_module."' for agent " . $agent["alias"]); } } diff --git a/pandora_console/godmode/massive/massive_add_profiles.php b/pandora_console/godmode/massive/massive_add_profiles.php index 559ffa6291..253992b7f5 100644 --- a/pandora_console/godmode/massive/massive_add_profiles.php +++ b/pandora_console/godmode/massive/massive_add_profiles.php @@ -48,7 +48,7 @@ if ($create_profiles) { // If the profile doesnt exist, we create it if ($profile_data === false) { db_pandora_audit("User management", - "Added profile for user ".io_safe_output($user)); + "Added profile for user ".io_safe_input($user)); $return = profile_create_user_profile ($user, $profile, $group); if ($return !== false) { $n_added ++; diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php index 1ca83c3682..7482b2fcd3 100644 --- a/pandora_console/godmode/users/configure_user.php +++ b/pandora_console/godmode/users/configure_user.php @@ -242,7 +242,7 @@ if ($create_user) { } db_pandora_audit("User management", - "Created user ".io_safe_output($id), false, false, $info); + "Created user ".io_safe_input($id), false, false, $info); ui_print_result_message ($result, __('Successfully created'), @@ -392,7 +392,7 @@ if ($update_user) { } - db_pandora_audit("User management", "Updated user ".io_safe_output($id), + db_pandora_audit("User management", "Updated user ".io_safe_input($id), false, false, $info); ui_print_result_message ($res1, @@ -450,7 +450,7 @@ if ($add_profile) { $tags = implode(',', $tags); db_pandora_audit("User management", - "Added profile for user ".io_safe_output($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2 . ' Tags: ' . $tags); + "Added profile for user ".io_safe_input($id2), false, false, 'Profile: ' . $profile2 . ' Group: ' . $group2 . ' Tags: ' . $tags); $return = profile_create_user_profile($id2, $profile2, $group2, false, $tags, $no_hierarchy); ui_print_result_message ($return, __('Profile added successfully'), @@ -466,7 +466,7 @@ if ($delete_profile) { $perfil = db_get_row('tperfil', 'id_perfil', $id_perfil); db_pandora_audit("User management", - "Deleted profile for user ".io_safe_output($id2), false, false, 'The profile with id ' . $id_perfil . ' in the group ' . $perfilUser['id_grupo']); + "Deleted profile for user ".io_safe_input($id2), false, false, 'The profile with id ' . $id_perfil . ' in the group ' . $perfilUser['id_grupo']); $return = profile_delete_user_profile ($id2, $id_up); ui_print_result_message ($return, diff --git a/pandora_console/index.php b/pandora_console/index.php index 776e0d8eb2..10a471d295 100755 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -360,7 +360,7 @@ if (! isset ($config['id_user'])) { if ($blocked) { require_once ('general/login_page.php'); - db_pandora_audit("Password expired", "Password expired: ".io_safe_output($nick), io_safe_output($nick)); + db_pandora_audit("Password expired", "Password expired: ".$nick, $nick); while (@ob_end_flush ()); exit (""); } @@ -383,7 +383,7 @@ if (! isset ($config['id_user'])) { require_once ('general/login_page.php'); db_pandora_audit("Password expired", - "Password expired: " . io_safe_output($nick), $nick); + "Password expired: " . $nick, $nick); while (@ob_end_flush ()); exit (""); } @@ -541,20 +541,20 @@ if (! isset ($config['id_user'])) { if ((!is_user_admin($nick) || $config['enable_pass_policy_admin']) && file_exists (ENTERPRISE_DIR . "/load_enterprise.php")) { $blocked = login_check_blocked($nick); } - $nick_usable = io_safe_output($nick); + if (!$blocked) { if (file_exists (ENTERPRISE_DIR . "/load_enterprise.php")) { login_check_failed($nick); //Checks failed attempts } $login_failed = true; require_once ('general/login_page.php'); - db_pandora_audit("Logon Failed", "Invalid login: ".$nick_usable, $nick_usable); + db_pandora_audit("Logon Failed", "Invalid login: ".$nick, $nick); while (@ob_end_flush ()); exit (""); } else { require_once ('general/login_page.php'); - db_pandora_audit("Logon Failed", "Invalid login: ".$nick_usable, $nick_usable); + db_pandora_audit("Logon Failed", "Invalid login: ".$nick, $nick); while (@ob_end_flush ()); exit (""); }