diff --git a/pandora_console/ajax.php b/pandora_console/ajax.php index 6947bfcc3a..97ffe031a9 100644 --- a/pandora_console/ajax.php +++ b/pandora_console/ajax.php @@ -18,9 +18,8 @@ if ((! file_exists("include/config.php")) || (! is_readable("include/config.php" exit; } -// Real start -session_start(); - +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ('include/config.php'); require_once ('include/functions.php'); require_once ('include/functions_db.php'); @@ -82,7 +81,6 @@ if (isset($config['metaconsole'])) { if ($config['metaconsole']) define ('METACONSOLE', true); } -session_write_close (); if (file_exists ($page)) { require_once ($page); diff --git a/pandora_console/extensions/resource_exportation.php b/pandora_console/extensions/resource_exportation.php index 9c67bbec1c..092b90b3f3 100755 --- a/pandora_console/extensions/resource_exportation.php +++ b/pandora_console/extensions/resource_exportation.php @@ -16,14 +16,14 @@ if (isset($_GET['get_ptr'])) { if ($_GET['get_ptr'] == 1) { - - session_start (); - session_write_close (); - + $ownDir = dirname(__FILE__) . '/'; $ownDir = str_replace("\\", "/", $ownDir); + + // Don't start a session before this import. + // The session is configured and started inside the config process. require_once ($ownDir.'../include/config.php'); - + // Login check if (!isset($_SESSION["id_usuario"])) { $config['id_user'] = null; diff --git a/pandora_console/general/pandora_help.php b/pandora_console/general/pandora_help.php index 72ed4ec827..eef5cfddb2 100644 --- a/pandora_console/general/pandora_help.php +++ b/pandora_console/general/pandora_help.php @@ -14,8 +14,10 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. - +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ("../include/config.php"); + require_once ("../include/functions.php"); require_once ("../include/functions_html.php"); ?> @@ -33,11 +35,6 @@ require_once ("../include/functions_html.php"); $id = get_parameter ('id'); $id_user = get_parameter ('id_user'); -if (! isset($_SESSION['id_usuario'])) { - session_start(); - session_write_close(); -} - $user_language = get_user_language ($id_user); if (file_exists ('../include/languages/'.$user_language.'.mo')) { diff --git a/pandora_console/godmode/agentes/planned_downtime.export_csv.php b/pandora_console/godmode/agentes/planned_downtime.export_csv.php index 5b9a6a06e7..bdac1eca41 100644 --- a/pandora_console/godmode/agentes/planned_downtime.export_csv.php +++ b/pandora_console/godmode/agentes/planned_downtime.export_csv.php @@ -13,9 +13,10 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -session_start (); - +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ("../../include/config.php"); + require_once ("../../include/functions.php"); require_once ("../../include/functions_db.php"); require_once ("../../include/functions_users.php"); diff --git a/pandora_console/godmode/audit_log_csv.php b/pandora_console/godmode/audit_log_csv.php index b09b90f827..7043853f66 100644 --- a/pandora_console/godmode/audit_log_csv.php +++ b/pandora_console/godmode/audit_log_csv.php @@ -12,19 +12,17 @@ $ownDir = dirname(__FILE__) . '/'; $ownDir = str_replace("\\", "/", $ownDir); -require_once($ownDir . "../include/config.php"); -require_once($config["homedir"] . "/include/functions.php"); -require_once($config["homedir"] . "/include/functions_db.php"); -require_once($config["homedir"] . "/include/auth/mysql.php"); +// Don't start a session before this import. +// The session is configured and started inside the config process. +require_once ($ownDir . "../include/config.php"); + +require_once ($config["homedir"] . "/include/functions.php"); +require_once ($config["homedir"] . "/include/functions_db.php"); +require_once ($config["homedir"] . "/include/auth/mysql.php"); global $config; -if (! isset($_SESSION["id_usuario"])) { - session_start(); - session_write_close(); -} - // Login check if (!isset($_SESSION["id_usuario"])) { $config['id_user'] = null; diff --git a/pandora_console/include/api.php b/pandora_console/include/api.php index de84850890..bbc79ef702 100644 --- a/pandora_console/include/api.php +++ b/pandora_console/include/api.php @@ -76,14 +76,6 @@ if (isInACL($ipOrigin)) { if ($user_in_db !== false) { $config['id_user'] = $user_in_db; $correctLogin = true; - - //XXXX - session_start(); - $_SESSION["id_usuario"] = $user; - session_write_close(); - - file_put_contents(session_save_path() . DIRECTORY_SEPARATOR . "pansess_" . session_id(), $user); - } else { $no_login_msg = "Incorrect user credentials"; diff --git a/pandora_console/include/chart_generator.php b/pandora_console/include/chart_generator.php index 794ef5684f..8ea57cf3b6 100644 --- a/pandora_console/include/chart_generator.php +++ b/pandora_console/include/chart_generator.php @@ -13,17 +13,8 @@ // GNU General Public License for more details. // Global & session manageme + session_id($_REQUEST["session_id"]); -if (file_exists(session_save_path() . "/pansess_" . session_id()) ) { - $user = file_get_contents(session_save_path() . "/pansess_" . session_id()); -} -session_start(); -if (isset($user)) { - $_SESSION["id_usuario"] = $user; -} -session_write_close(); - - require_once ('config.php'); require_once ($config['homedir'] . '/include/auth/mysql.php'); diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index ff2ce52deb..e6e9c90b28 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -1787,10 +1787,7 @@ function check_login ($output = true) { } else { require_once($config["homedir"].'/mobile/include/user.class.php'); - if(session_id() == '') { - session_start (); - } - session_write_close (); + if (isset($_SESSION['user'])) { $user = $_SESSION['user']; $id_user = $user->getIdUser(); @@ -3372,7 +3369,7 @@ function get_copyright_notice () { */ function generate_csrf_code() { // Start session to make this var permanent - session_start(); + if (session_status() === PHP_SESSION_NONE) session_start(); $_SESSION['csrf_code'] = md5(uniqid(mt_rand(), true)); session_write_close(); return $_SESSION['csrf_code']; diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php index 765ded33ca..f691a1bf0e 100755 --- a/pandora_console/include/functions_reporting.php +++ b/pandora_console/include/functions_reporting.php @@ -320,25 +320,33 @@ function reporting_make_reporting_data($report = null, $id_report, $report['contents'][] = reporting_value( $report, $content, - 'max',$pdf); + 'max', + $pdf + ); break; case 'avg_value': $report['contents'][] = reporting_value( $report, $content, - 'avg',$pdf); + 'avg', + $pdf + ); break; case 'min_value': $report['contents'][] = reporting_value( $report, $content, - 'min',$pdf); + 'min', + $pdf + ); break; case 'sumatory': $report['contents'][] = reporting_value( $report, $content, - 'sum'); + 'sum', + $pdf + ); break; case 'historical_data': $report['contents'][] = reporting_historical_data( @@ -349,25 +357,33 @@ function reporting_make_reporting_data($report = null, $id_report, $report['contents'][] = reporting_value( $report, $content, - 'MTTR'); + 'MTTR', + $pdf + ); break; case 'MTBF': $report['contents'][] = reporting_value( $report, $content, - 'MTBF'); + 'MTBF', + $pdf + ); break; case 'TTO': $report['contents'][] = reporting_value( $report, $content, - 'TTO'); + 'TTO', + $pdf + ); break; case 'TTRT': $report['contents'][] = reporting_value( $report, $content, - 'TTRT'); + 'TTRT', + $pdf + ); break; case 'agent_configuration': $report['contents'][] = reporting_agent_configuration( @@ -3774,7 +3790,7 @@ function reporting_agent_configuration($report, $content) { return reporting_check_structure_content($return); } -function reporting_value($report, $content, $type,$pdf) { +function reporting_value($report, $content, $type, $pdf) { global $config; $return = array(); diff --git a/pandora_console/include/get_file.php b/pandora_console/include/get_file.php index 76629296b8..8a81cdaa55 100644 --- a/pandora_console/include/get_file.php +++ b/pandora_console/include/get_file.php @@ -13,13 +13,14 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -if (! isset($_SESSION['id_usuario'])) { - session_start(); -} -require_once('functions.php'); -require_once('functions_filemanager.php'); + +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ("config.php"); +require_once ('functions.php'); +require_once ('functions_filemanager.php'); + global $config; check_login (); diff --git a/pandora_console/include/load_session.php b/pandora_console/include/load_session.php index 8144b410b2..5f95a0bbc4 100644 --- a/pandora_console/include/load_session.php +++ b/pandora_console/include/load_session.php @@ -35,15 +35,15 @@ function pandora_session_read ($session_id) { function pandora_session_write ($session_id, $data) { $session_id = addslashes($session_id); - + $values = array(); $values['last_active'] = time(); - + if (!empty($data)) $values['data'] = addslashes($data); - + $session_exists = (bool) db_get_value('COUNT(id_session)', 'tsessions_php', 'id_session', $session_id); - + if (!$session_exists) { $values['id_session'] = $session_id; $retval_write = db_process_sql_insert('tsessions_php', $values); @@ -52,7 +52,7 @@ function pandora_session_write ($session_id, $data) { $retval_write = db_process_sql_update('tsessions_php', $values, array('id_session' => $session_id)); } - return ($retval_write !== false) ? true : false; + return $retval_write !== false; } function pandora_session_destroy ($session_id) { diff --git a/pandora_console/index.php b/pandora_console/index.php index 101196ba21..e0a9fdfefa 100755 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -810,7 +810,7 @@ if (isset ($_GET["bye"])) { include ("general/logoff.php"); $iduser = $_SESSION["id_usuario"]; db_logoff ($iduser, $_SERVER['REMOTE_ADDR']); - // Unregister Session (compatible with 5.2 and 6.x, old code was deprecated + $_SESSION = array(); session_destroy(); header_remove("Set-Cookie"); diff --git a/pandora_console/mobile/index.php b/pandora_console/mobile/index.php index 368f00a25d..0c80cefd6b 100644 --- a/pandora_console/mobile/index.php +++ b/pandora_console/mobile/index.php @@ -19,14 +19,13 @@ if (function_exists ('mb_internal_encoding')) { } $develop_bypass = 0; +require_once '../include/config.php'; require_once("include/ui.class.php"); require_once("include/system.class.php"); require_once("include/db.class.php"); require_once("include/user.class.php"); -require_once('../include/config.php'); - require_once('operation/home.php'); require_once('operation/tactical.php'); require_once('operation/groups.php'); diff --git a/pandora_console/operation/agentes/ehorus_client.php b/pandora_console/operation/agentes/ehorus_client.php index ebff0f78c6..ca0a10f194 100644 --- a/pandora_console/operation/agentes/ehorus_client.php +++ b/pandora_console/operation/agentes/ehorus_client.php @@ -13,12 +13,8 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. - -if (! isset($_SESSION['id_usuario'])) { - session_start(); -} - -// Global & session management +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once('../../include/config.php'); require_once($config['homedir'] . '/include/functions.php'); diff --git a/pandora_console/operation/agentes/export_csv.php b/pandora_console/operation/agentes/export_csv.php index 473f40aef7..16745def93 100644 --- a/pandora_console/operation/agentes/export_csv.php +++ b/pandora_console/operation/agentes/export_csv.php @@ -13,8 +13,8 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -session_start (); - +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ("../../include/config.php"); require_once ("../../include/functions.php"); require_once ("../../include/functions_db.php"); diff --git a/pandora_console/operation/agentes/exportdata.csv.php b/pandora_console/operation/agentes/exportdata.csv.php index df692040e9..39a72e5cdb 100644 --- a/pandora_console/operation/agentes/exportdata.csv.php +++ b/pandora_console/operation/agentes/exportdata.csv.php @@ -13,8 +13,8 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -session_start (); - +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ("../../include/config.php"); require_once ("../../include/functions_agents.php"); require_once ("../../include/functions_reporting.php"); diff --git a/pandora_console/operation/agentes/exportdata.excel.php b/pandora_console/operation/agentes/exportdata.excel.php index f289dc1405..b7ac7796d9 100644 --- a/pandora_console/operation/agentes/exportdata.excel.php +++ b/pandora_console/operation/agentes/exportdata.excel.php @@ -13,8 +13,8 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -session_start (); - +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ("../../include/config.php"); require_once ("../../include/functions_agents.php"); require_once ("../../include/functions_reporting.php"); diff --git a/pandora_console/operation/agentes/interface_traffic_graph_win.php b/pandora_console/operation/agentes/interface_traffic_graph_win.php index 4265bd7985..7346e90805 100644 --- a/pandora_console/operation/agentes/interface_traffic_graph_win.php +++ b/pandora_console/operation/agentes/interface_traffic_graph_win.php @@ -13,13 +13,8 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. - -if (! isset($_SESSION['id_usuario'])) { - session_start(); - session_write_close(); -} - -// Global & session management +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ('../../include/config.php'); require_once ($config['homedir'] . '/include/auth/mysql.php'); require_once ($config['homedir'] . '/include/functions.php'); @@ -30,7 +25,7 @@ require_once ($config['homedir'] . '/include/functions_custom_graphs.php'); require_once ($config['homedir'] . '/include/functions_modules.php'); require_once ($config['homedir'] . '/include/functions_agents.php'); require_once ($config['homedir'] . '/include/functions_tags.php'); -enterprise_include_once('include/functions_agents.php'); +enterprise_include_once ('include/functions_agents.php'); check_login(); diff --git a/pandora_console/operation/agentes/realtime_win.php b/pandora_console/operation/agentes/realtime_win.php index d2644e6215..55a27c7c34 100644 --- a/pandora_console/operation/agentes/realtime_win.php +++ b/pandora_console/operation/agentes/realtime_win.php @@ -13,13 +13,8 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. - -if (! isset($_SESSION['id_usuario'])) { - session_start(); - //session_write_close(); -} - -// Global & session management +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ('../../include/config.php'); require_once ($config['homedir'] . '/include/auth/mysql.php'); require_once ($config['homedir'] . '/include/functions.php'); diff --git a/pandora_console/operation/agentes/snapshot_view.php b/pandora_console/operation/agentes/snapshot_view.php index b66ab4e9ed..e386514aec 100644 --- a/pandora_console/operation/agentes/snapshot_view.php +++ b/pandora_console/operation/agentes/snapshot_view.php @@ -13,12 +13,8 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. - -if (! isset($_SESSION['id_usuario'])) { - session_start(); - //session_write_close(); -} - +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ('../../include/config.php'); require_once ($config['homedir'] . '/include/auth/mysql.php'); require_once ($config['homedir'] . '/include/functions.php'); diff --git a/pandora_console/operation/agentes/stat_win.php b/pandora_console/operation/agentes/stat_win.php index 17aa544503..adb210dd70 100644 --- a/pandora_console/operation/agentes/stat_win.php +++ b/pandora_console/operation/agentes/stat_win.php @@ -13,13 +13,8 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. - -if (! isset($_SESSION['id_usuario'])) { - session_start(); - //session_write_close(); -} - -// Global & session management +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ('../../include/config.php'); require_once ($config['homedir'] . '/include/auth/mysql.php'); require_once ($config['homedir'] . '/include/functions.php'); diff --git a/pandora_console/operation/events/events_marquee.php b/pandora_console/operation/events/events_marquee.php index e3b04e39da..12425fd3b6 100644 --- a/pandora_console/operation/events/events_marquee.php +++ b/pandora_console/operation/events/events_marquee.php @@ -13,18 +13,18 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -session_start (); - error_reporting(1); // Local settings for marquee extension - $MAX_MARQUEE_EVENTS=10; $MARQUEE_INTERVAL=90; $MARQUEE_FONT_SIZE="32px"; $MARQUEE_SPEED=12; $output = ""; + +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once "../../include/config.php"; require_once "../../include/functions.php"; require_once "../../include/functions_db.php"; diff --git a/pandora_console/operation/events/export_csv.php b/pandora_console/operation/events/export_csv.php index 4b342b0d97..84c3e849e8 100644 --- a/pandora_console/operation/events/export_csv.php +++ b/pandora_console/operation/events/export_csv.php @@ -13,8 +13,8 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -session_start(); - +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ("../../include/config.php"); require_once ("../../include/auth/mysql.php"); require_once ("../../include/functions.php"); @@ -23,8 +23,6 @@ require_once ("../../include/functions_events.php"); require_once ("../../include/functions_agents.php"); require_once ('../../include/functions_groups.php'); -session_write_close (); - $config["id_user"] = $_SESSION["id_usuario"]; if (! check_acl ($config["id_user"], 0, "ER") && ! check_acl ($config["id_user"], 0, "EW") && ! check_acl ($config["id_user"], 0, "EM")) { diff --git a/pandora_console/operation/events/sound_events.php b/pandora_console/operation/events/sound_events.php index d8e3ce8cd3..a7fbce6667 100644 --- a/pandora_console/operation/events/sound_events.php +++ b/pandora_console/operation/events/sound_events.php @@ -13,14 +13,8 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -// Real start -session_start (); - -// Load global vars -if ((! file_exists("../../include/config.php")) || (! is_readable("../../include/config.php"))) { - exit; -} - +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ('../../include/config.php'); require_once ('../../include/functions.php'); require_once ('../../include/functions_db.php'); diff --git a/pandora_console/operation/gis_maps/public_console.php b/pandora_console/operation/gis_maps/public_console.php index 3389e77220..64fd688080 100755 --- a/pandora_console/operation/gis_maps/public_console.php +++ b/pandora_console/operation/gis_maps/public_console.php @@ -12,14 +12,13 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -// Real start - +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ("../../include/config.php"); // Set root on homedir, as defined in setup chdir ($config["homedir"]); -session_start (); ob_start (); echo ''."\n"; echo ''."\n"; diff --git a/pandora_console/operation/visual_console/public_console.php b/pandora_console/operation/visual_console/public_console.php index 396ddb2800..f5bd5697df 100755 --- a/pandora_console/operation/visual_console/public_console.php +++ b/pandora_console/operation/visual_console/public_console.php @@ -13,14 +13,13 @@ // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -// Real start - +// Don't start a session before this import. +// The session is configured and started inside the config process. require_once ("../../include/config.php"); // Set root on homedir, as defined in setup chdir ($config["homedir"]); -session_start (); ob_start (); /* Enterprise support */ if (file_exists (ENTERPRISE_DIR . "/load_enterprise.php")) {