From 074fadda35ee674e7cfd199528f870f719902eff Mon Sep 17 00:00:00 2001
From: fbsanchez <fborja.sanchez@artica.es>
Date: Tue, 18 May 2021 18:49:20 +0200
Subject: [PATCH 1/6] Fix in item load vc-public link

---
 .../include/rest-api/models/VisualConsole/Item.php            | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pandora_console/include/rest-api/models/VisualConsole/Item.php b/pandora_console/include/rest-api/models/VisualConsole/Item.php
index c391917731..7da6e26426 100644
--- a/pandora_console/include/rest-api/models/VisualConsole/Item.php
+++ b/pandora_console/include/rest-api/models/VisualConsole/Item.php
@@ -1072,8 +1072,8 @@ class Item extends CachedModel
         $mobile_navigation = false;
 
         if (isset($_SERVER['PHP_SELF']) === true
-            && (strstr($_SERVER['PHP_SELF'], 'mobile/') !== false
-            || strstr($_SERVER['HTTP_REFERER'], 'mobile/') !== false)
+            && (strstr(($_SERVER['PHP_SELF'] ?? ''), 'mobile/') !== false
+            || strstr(($_SERVER['HTTP_REFERER'] ?? ''), 'mobile/') !== false)
         ) {
             $mobile_navigation = true;
         }

From 8fc438f91378176919b64509ca5a2feae983dba7 Mon Sep 17 00:00:00 2001
From: fbsanchez <fborja.sanchez@artica.es>
Date: Tue, 18 May 2021 18:50:01 +0200
Subject: [PATCH 2/6] Fix in item load vc-public link

---
 .../include/rest-api/models/VisualConsole/Item.php           | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/pandora_console/include/rest-api/models/VisualConsole/Item.php b/pandora_console/include/rest-api/models/VisualConsole/Item.php
index 7da6e26426..720df2b0f9 100644
--- a/pandora_console/include/rest-api/models/VisualConsole/Item.php
+++ b/pandora_console/include/rest-api/models/VisualConsole/Item.php
@@ -1072,8 +1072,9 @@ class Item extends CachedModel
         $mobile_navigation = false;
 
         if (isset($_SERVER['PHP_SELF']) === true
-            && (strstr(($_SERVER['PHP_SELF'] ?? ''), 'mobile/') !== false
-            || strstr(($_SERVER['HTTP_REFERER'] ?? ''), 'mobile/') !== false)
+            && isset($_SERVER['HTTP_REFERER']) === true
+            && (strstr($_SERVER['PHP_SELF'], 'mobile/') !== false
+            || strstr($_SERVER['HTTP_REFERER'], 'mobile/') !== false)
         ) {
             $mobile_navigation = true;
         }

From 4b114e63a4a002bb8ffe99ebd15bbc9c078aff4f Mon Sep 17 00:00:00 2001
From: fbsanchez <fborja.sanchez@artica.es>
Date: Wed, 19 May 2021 10:13:25 +0200
Subject: [PATCH 3/6] Minor fix

---
 .../include/rest-api/models/VisualConsole/Item.php          | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/pandora_console/include/rest-api/models/VisualConsole/Item.php b/pandora_console/include/rest-api/models/VisualConsole/Item.php
index 720df2b0f9..028551e09d 100644
--- a/pandora_console/include/rest-api/models/VisualConsole/Item.php
+++ b/pandora_console/include/rest-api/models/VisualConsole/Item.php
@@ -1071,10 +1071,8 @@ class Item extends CachedModel
 
         $mobile_navigation = false;
 
-        if (isset($_SERVER['PHP_SELF']) === true
-            && isset($_SERVER['HTTP_REFERER']) === true
-            && (strstr($_SERVER['PHP_SELF'], 'mobile/') !== false
-            || strstr($_SERVER['HTTP_REFERER'], 'mobile/') !== false)
+        if (strstr(($_SERVER['PHP_SELF'] ?? ''), 'mobile/') !== false
+            || strstr(($_SERVER['HTTP_REFERER'] ?? ''), 'mobile/') !== false
         ) {
             $mobile_navigation = true;
         }

From 09ccaf254eca15c6618f65948aa06a6125748a30 Mon Sep 17 00:00:00 2001
From: fbsanchez <fborja.sanchez@artica.es>
Date: Wed, 19 May 2021 11:31:52 +0200
Subject: [PATCH 4/6] Fixed public access and added PublicLogin interface,
 including code style fixex

---
 pandora_console/ajax.php                      |  26 +-
 .../extras/delete_files/delete_files.txt      |   1 +
 .../reporting/visual_console_builder.php      |   6 +-
 .../javascript/pandora_visual_console.js      |  10 +-
 .../include/lib/Dashboard/Manager.php         |   3 +-
 pandora_console/include/lib/PublicLogin.php   |  61 ++++
 pandora_console/include/lib/User.php          |  92 ++++-
 .../include/lib/Websockets/WebSocketUser.php  |   4 +-
 .../operation/visual_console/legacy_view.php  |   6 +-
 .../operation/visual_console/public_view.php  |  13 +-
 .../operation/visual_console/pure_ajax.php    | 314 ------------------
 .../vendor/composer/ClassLoader.php           |  34 ++
 .../vendor/composer/autoload_classmap.php     |   2 +
 .../vendor/composer/autoload_real.php         |   2 +-
 .../vendor/composer/autoload_static.php       |   2 +
 15 files changed, 231 insertions(+), 345 deletions(-)
 create mode 100644 pandora_console/include/lib/PublicLogin.php
 delete mode 100644 pandora_console/operation/visual_console/pure_ajax.php

diff --git a/pandora_console/ajax.php b/pandora_console/ajax.php
index fca916d796..f0032476e2 100644
--- a/pandora_console/ajax.php
+++ b/pandora_console/ajax.php
@@ -31,18 +31,18 @@ require 'vendor/autoload.php';
 
 define('AJAX', true);
 
-if (!defined('__PAN_XHPROF__')) {
+if (defined('__PAN_XHPROF__') === false) {
     define('__PAN_XHPROF__', 0);
 }
 
 if (__PAN_XHPROF__ === 1) {
-    if (function_exists('tideways_xhprof_enable')) {
+    if (function_exists('tideways_xhprof_enable') === true) {
         tideways_xhprof_enable();
     }
 }
 
-if ((! file_exists('include/config.php'))
-    || (! is_readable('include/config.php'))
+if (file_exists('include/config.php') === false
+    || is_readable('include/config.php') === false
 ) {
     exit;
 }
@@ -57,11 +57,11 @@ require_once 'include/auth/mysql.php';
 if (isset($config['console_log_enabled']) === true
     && $config['console_log_enabled'] == 1
 ) {
-    ini_set('log_errors', 1);
+    ini_set('log_errors', true);
     ini_set('error_log', $config['homedir'].'/log/console.log');
 } else {
-    ini_set('log_errors', 0);
-    ini_set('error_log', null);
+    ini_set('log_errors', false);
+    ini_set('error_log', '');
 }
 
 // Sometimes input is badly retrieved from caller...
@@ -98,9 +98,11 @@ if (isset($_GET['loginhash']) === true) {
     }
 }
 
+// Another auth class example: PandoraFMS\Dashboard\Manager.
 $auth_class = io_safe_output(
-    get_parameter('auth_class', 'PandoraFMS\Dashboard\Manager')
+    get_parameter('auth_class', 'PandoraFMS\User')
 );
+
 $public_hash = get_parameter('auth_hash', false);
 $public_login = false;
 // Check user.
@@ -124,7 +126,7 @@ if (class_exists($auth_class) === false || $public_hash === false) {
 ob_start();
 
 // Enterprise support.
-if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php')) {
+if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php') === true) {
     include_once ENTERPRISE_DIR.'/load_enterprise.php';
 }
 
@@ -142,12 +144,12 @@ if ($isFunctionSkins !== ENTERPRISE_NOT_HOOK) {
     );
 }
 
-if (is_metaconsole()) {
+if (is_metaconsole() === true) {
     // Backward compatibility.
     define('METACONSOLE', true);
 }
 
-if (file_exists($page)) {
+if (file_exists($page) === true) {
     include_once $page;
 } else {
     echo '<br /><b class="error">Sorry! I can\'t find the page '.$page.'!</b>';
@@ -172,7 +174,7 @@ if (isset($config['force_instant_logout']) === true
     header_remove('Set-Cookie');
     setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/');
 
-    if ($config['auth'] == 'saml') {
+    if ($config['auth'] === 'saml') {
         include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php';
         $as = new SimpleSAML_Auth_Simple('PandoraFMS');
         $as->logout();
diff --git a/pandora_console/extras/delete_files/delete_files.txt b/pandora_console/extras/delete_files/delete_files.txt
index 50d4b78c33..1d8e1ec96e 100644
--- a/pandora_console/extras/delete_files/delete_files.txt
+++ b/pandora_console/extras/delete_files/delete_files.txt
@@ -82,3 +82,4 @@ include/lib/WSManager.php
 include/lib/WebSocketServer.php
 include/lib/WebSocketUser.php
 operation/network/network_explorer.php
+operation/vsual_console/pure_ajax.php
diff --git a/pandora_console/godmode/reporting/visual_console_builder.php b/pandora_console/godmode/reporting/visual_console_builder.php
index b03b55dd76..4bbd818c62 100755
--- a/pandora_console/godmode/reporting/visual_console_builder.php
+++ b/pandora_console/godmode/reporting/visual_console_builder.php
@@ -14,6 +14,8 @@
 global $config;
 global $statusProcessInDB;
 
+use PandoraFMS\User;
+
 check_login();
 
 require_once $config['homedir'].'/include/functions_visual_map.php';
@@ -753,8 +755,8 @@ if (!defined('METACONSOLE')) {
     $url_view = 'index.php?sec=screen&sec2=screens/screens&action=visualmap&pure=0&id_visualmap='.$idVisualConsole.'&refr='.$view_refresh;
 }
 
-// Hash for auto-auth in public link
-$hash = md5($config['dbpass'].$idVisualConsole.$config['id_user']);
+// Hash for auto-auth in public link.
+$hash = User::generatePublicHash();
 
 $buttons = [];
 
diff --git a/pandora_console/include/javascript/pandora_visual_console.js b/pandora_console/include/javascript/pandora_visual_console.js
index 30a3d3f795..1b0a82b78f 100755
--- a/pandora_console/include/javascript/pandora_visual_console.js
+++ b/pandora_console/include/javascript/pandora_visual_console.js
@@ -1,5 +1,5 @@
 // TODO: Add Artica ST header.
-/* globals jQuery, VisualConsole, AsyncTaskManager */
+/* globals jQuery, VisualConsole, AsyncTaskManager, hash, id_user */
 
 /*
  * *********************
@@ -720,7 +720,9 @@ function loadVisualConsoleData(baseUrl, vcId, size, callback) {
       {
         page: "include/rest-api/index",
         getVisualConsole: 1,
-        visualConsoleId: vcId
+        visualConsoleId: vcId,
+        id_user: id_user,
+        auth_hash: hash
       },
       "json"
     )
@@ -735,7 +737,9 @@ function loadVisualConsoleData(baseUrl, vcId, size, callback) {
         page: "include/rest-api/index",
         getVisualConsoleItems: 1,
         size: size,
-        visualConsoleId: vcId
+        visualConsoleId: vcId,
+        id_user: id_user,
+        auth_hash: hash
       },
       "json"
     )
diff --git a/pandora_console/include/lib/Dashboard/Manager.php b/pandora_console/include/lib/Dashboard/Manager.php
index be87ef8732..e72f292537 100644
--- a/pandora_console/include/lib/Dashboard/Manager.php
+++ b/pandora_console/include/lib/Dashboard/Manager.php
@@ -5,11 +5,12 @@ namespace PandoraFMS\Dashboard;
 
 use PandoraFMS\View;
 use PandoraFMS\Dashboard\Cell;
+use PandoraFMS\PublicLogin;
 
 /**
  * Dashboard manager.
  */
-class Manager
+class Manager implements PublicLogin
 {
 
     /**
diff --git a/pandora_console/include/lib/PublicLogin.php b/pandora_console/include/lib/PublicLogin.php
new file mode 100644
index 0000000000..b6124a62e7
--- /dev/null
+++ b/pandora_console/include/lib/PublicLogin.php
@@ -0,0 +1,61 @@
+<?php
+/**
+ * Public access interface to provide access using hash and id_user.
+ *
+ * @category   Interfaces
+ * @package    Pandora FMS
+ * @subpackage Login
+ * @version    1.0.0
+ * @license    See below
+ *
+ *    ______                 ___                    _______ _______ ________
+ *   |   __ \.-----.--.--.--|  |.-----.----.-----. |    ___|   |   |     __|
+ *  |    __/|  _  |     |  _  ||  _  |   _|  _  | |    ___|       |__     |
+ * |___|   |___._|__|__|_____||_____|__| |___._| |___|   |__|_|__|_______|
+ *
+ * ============================================================================
+ * Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
+ * Please see http://pandorafms.org for full contribution list
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation for version 2.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * ============================================================================
+ */
+
+// Begin.
+namespace PandoraFMS;
+
+interface PublicLogin
+{
+
+
+    /**
+     * Generates a hash to authenticate in public views.
+     *
+     * @param string|null $other_secret If you need to authenticate using a
+     * varable string, use this 'other_secret' to customize the hash.
+     *
+     * @return string Returns a hash with the authenticaction.
+     */
+    public static function generatePublicHash(?string $other_secret=''):string;
+
+
+    /**
+     * Validates a hash to authenticate in public view.
+     *
+     * @param string $hash         Hash to be checked.
+     * @param string $other_secret Any custom string needed for you.
+     *
+     * @return boolean Returns true if hash is valid.
+     */
+    public static function validatePublicHash(
+        string $hash,
+        string $other_secret=''
+    ):bool;
+
+
+}
diff --git a/pandora_console/include/lib/User.php b/pandora_console/include/lib/User.php
index 8668c625e8..692a18308a 100644
--- a/pandora_console/include/lib/User.php
+++ b/pandora_console/include/lib/User.php
@@ -32,7 +32,7 @@ namespace PandoraFMS;
 /**
  * Object user.
  */
-class User
+class User implements PublicLogin
 {
 
     /**
@@ -53,11 +53,11 @@ class User
     /**
      * Initializes a user object.
      *
-     * @param array $data User information
+     * @param array|null $data User information.
      * - Username
      * - PHP session ID.
      */
-    public function __construct($data)
+    public function __construct(?array $data)
     {
         global $config;
 
@@ -88,17 +88,20 @@ class User
             if (isset($data['id_usuario']) === true
                 && isset($data['password']) === true
             ) {
-                $user_in_db = process_user_login($user, $password, true);
+                $user_in_db = process_user_login(
+                    $data['id_usuario'],
+                    $data['password'],
+                    true
+                );
                 if ($user_in_db !== false) {
                     $config['id_usuario'] = $user_in_db;
-                    $correctLogin = true;
 
                     // Originally at api.php.
                     if (session_status() === PHP_SESSION_NONE) {
                         session_start();
                     }
 
-                    $_SESSION['id_usuario'] = $user;
+                    $_SESSION['id_usuario'] = $data['id_usuario'];
                     session_write_close();
 
                     $this->idUser = $data['id_usuario'];
@@ -113,4 +116,81 @@ class User
     }
 
 
+    /**
+     * Generates a hash to authenticate in public views.
+     *
+     * @param string|null $other_secret If you need to authenticate using a
+     * varable string, use this 'other_secret' to customize the hash.
+     *
+     * @return string Returns a hash with the authenticaction.
+     */
+    public static function generatePublicHash(?string $other_secret=''):string
+    {
+        global $config;
+
+        $str = $config['dbpass'];
+        $str .= $config['id_user'];
+        $str .= $other_secret;
+        return hash('sha256', $str);
+    }
+
+
+    /**
+     * Validates a hash to authenticate in public view.
+     *
+     * @param string $hash         Hash to be checked.
+     * @param string $other_secret Any custom string needed for you.
+     *
+     * @return boolean Returns true if hash is valid.
+     */
+    public static function validatePublicHash(
+        string $hash,
+        string $other_secret=''
+    ):bool {
+        global $config;
+
+        if (isset($config['id_user']) === true) {
+            // Already logged in.
+            return true;
+        }
+
+        $userFromParams = false;
+        // Try to get id_user from parameters if it is missing.
+        if (isset($config['id_user']) === false) {
+            $userFromParams = true;
+            $config['id_user'] = get_parameter('id_user', false);
+            // It is impossible to authenticate without an id user.
+            if ($config['id_user'] === false) {
+                unset($config['id_user']);
+                return false;
+            }
+        } else {
+            $config['public_access'] = false;
+        }
+
+        // Build a hash to check.
+        $hashCheck = self::generatePublicHash($other_secret);
+        if ($hashCheck === $hash) {
+            // "Log" user in.
+            if (session_status() !== PHP_SESSION_ACTIVE) {
+                session_start();
+            }
+
+            $_SESSION['id_usuario'] = $config['id_user'];
+            session_write_close();
+
+            $config['public_access'] = true;
+            $config['force_instant_logout'] = true;
+            return true;
+        }
+
+        // Remove id user from config array if authentication has failed.
+        if ($userFromParams === true) {
+            unset($config['id_user']);
+        }
+
+        return false;
+    }
+
+
 }
diff --git a/pandora_console/include/lib/Websockets/WebSocketUser.php b/pandora_console/include/lib/Websockets/WebSocketUser.php
index bcbe30cc17..9ab6c9e5da 100644
--- a/pandora_console/include/lib/Websockets/WebSocketUser.php
+++ b/pandora_console/include/lib/Websockets/WebSocketUser.php
@@ -147,8 +147,8 @@ class WebSocketUser
     /**
      * Initializes a websocket user.
      *
-     * @param string $id     Id of the new user.
-     * @param Socket $socket Socket where communication is stablished.
+     * @param string  $id     Id of the new user.
+     * @param \Socket $socket Socket where communication is stablished.
      */
     public function __construct($id, $socket)
     {
diff --git a/pandora_console/operation/visual_console/legacy_view.php b/pandora_console/operation/visual_console/legacy_view.php
index c9b4c086b2..3dab575425 100644
--- a/pandora_console/operation/visual_console/legacy_view.php
+++ b/pandora_console/operation/visual_console/legacy_view.php
@@ -13,6 +13,8 @@
 // GNU General Public License for more details.
 global $config;
 
+use PandoraFMS\User;
+
 // Login check
 require_once $config['homedir'].'/include/functions_visual_map.php';
 ui_require_css_file('visual_maps');
@@ -122,7 +124,9 @@ $options['consoles_list']['text'] = '<a href="index.php?sec=network&sec2=godmode
 if ($vconsole_write || $vconsole_manage) {
     $url_base = 'index.php?sec=network&sec2=godmode/reporting/visual_console_builder&action=';
 
-    $hash = md5($config['dbpass'].$id_layout.$config['id_user']);
+    // Hash for auto-auth in public link.
+    $hash = User::generatePublicHash();
+
 
     $options['public_link']['text'] = '<a href="'.ui_get_full_url(
         'operation/visual_console/public_console.php?hash='.$hash.'&id_layout='.$id_layout.'&id_user='.$config['id_user']
diff --git a/pandora_console/operation/visual_console/public_view.php b/pandora_console/operation/visual_console/public_view.php
index e5e761cb19..2ebb5370f3 100644
--- a/pandora_console/operation/visual_console/public_view.php
+++ b/pandora_console/operation/visual_console/public_view.php
@@ -13,6 +13,8 @@
 // GNU General Public License for more details.
 require_once '../../include/config.php';
 
+use PandoraFMS\User;
+
 // Set root on homedir, as defined in setup.
 chdir($config['homedir']);
 
@@ -67,10 +69,13 @@ if (!isset($config['pure'])) {
     $config['pure'] = 0;
 }
 
-$myhash = md5($config['dbpass'].$visualConsoleId.$config['id_user']);
-
 // Check input hash.
-if ($myhash != $hash) {
+if (User::validatePublicHash($hash) !== true) {
+    db_pandora_audit(
+        'Invalid public visual console',
+        'Trying to access public visual console'
+    );
+    include 'general/noaccess.php';
     exit;
 }
 
@@ -177,6 +182,8 @@ $visualConsoleItems = VisualConsole::getItemsFromDB(
     var props = <?php echo (string) $visualConsole; ?>;
     var items = <?php echo '['.implode($visualConsoleItems, ',').']'; ?>;
     var baseUrl = "<?php echo ui_get_full_url('/', false, false, false); ?>";
+    var hash = "<?php echo get_parameter('hash', ''); ?>";
+    var id_user = "<?php echo get_parameter('id_user', ''); ?>";
 
     var controls = document.getElementById('vc-controls');
     autoHideElement(controls, 1000);
diff --git a/pandora_console/operation/visual_console/pure_ajax.php b/pandora_console/operation/visual_console/pure_ajax.php
deleted file mode 100644
index 9ef9fe3f56..0000000000
--- a/pandora_console/operation/visual_console/pure_ajax.php
+++ /dev/null
@@ -1,314 +0,0 @@
-<?php
-
-// Pandora FMS - http://pandorafms.com
-// ==================================================
-// Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
-// Please see http://pandorafms.org for full contribution list
-// This program is free software; you can redistribute it and/or
-// modify it under the terms of the GNU General Public License
-// as published by the Free Software Foundation for version 2.
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-global $config;
-
-// Login check
-require_once $config['homedir'].'/include/functions_visual_map.php';
-
-check_login();
-
-if (!defined('METACONSOLE')) {
-    $id_layout = (int) get_parameter('id');
-} else {
-    $id_layout = (int) get_parameter('id_visualmap');
-}
-
-if ($id_layout) {
-    $default_action = 'edit';
-} else {
-    $default_action = 'new';
-}
-
-if (!defined('METACONSOLE')) {
-    $action = get_parameterBetweenListValues(
-        'action',
-        [
-            'new',
-            'save',
-            'edit',
-            'update',
-            'delete',
-        ],
-        $default_action
-    );
-} else {
-    $action = get_parameterBetweenListValues(
-        'action2',
-        [
-            'new',
-            'save',
-            'edit',
-            'update',
-            'delete',
-        ],
-        $default_action
-    );
-}
-
-$refr = (int) get_parameter('refr', $config['vc_refr']);
-$graph_javascript = (bool) get_parameter('graph_javascript', false);
-$vc_refr = false;
-
-if (isset($config['vc_refr']) and $config['vc_refr'] != 0) {
-    $view_refresh = $config['vc_refr'];
-} else {
-    $view_refresh = '300';
-}
-
-// Get input parameter for layout id
-if (! $id_layout) {
-    db_pandora_audit(
-        'ACL Violation',
-        'Trying to access visual console without id layout'
-    );
-    include 'general/noaccess.php';
-    exit;
-}
-
-$layout = db_get_row('tlayout', 'id', $id_layout);
-
-if (! $layout) {
-    db_pandora_audit(
-        'ACL Violation',
-        'Trying to access visual console without id layout'
-    );
-    include 'general/noaccess.php';
-    exit;
-}
-
-$id_group = $layout['id_group'];
-$layout_name = $layout['name'];
-$background = $layout['background'];
-$bwidth = $layout['width'];
-$bheight = $layout['height'];
-
-$pure_url = '&pure='.$config['pure'];
-
-// ACL
-$vconsole_read = check_acl($config['id_user'], $id_group, 'VR');
-$vconsole_write = check_acl($config['id_user'], $id_group, 'VW');
-$vconsole_manage = check_acl($config['id_user'], $id_group, 'VM');
-
-if (! $vconsole_read && !$vconsole_write && !$vconsole_manage) {
-    db_pandora_audit(
-        'ACL Violation',
-        'Trying to access visual console without group access'
-    );
-    include 'general/noaccess.php';
-    exit;
-}
-
-// Render map
-$options = [];
-
-$options['consoles_list']['text'] = '<a href="index.php?sec=network&sec2=godmode/reporting/map_builder&refr='.$refr.'">'.html_print_image(
-    'images/visual_console.png',
-    true,
-    ['title' => __('Visual consoles list')]
-).'</a>';
-
-if ($vconsole_write || $vconsole_manage) {
-    $url_base = 'index.php?sec=network&sec2=godmode/reporting/visual_console_builder&action=';
-
-    $hash = md5($config['dbpass'].$id_layout.$config['id_user']);
-
-    $options['public_link']['text'] = '<a href="'.ui_get_full_url('operation/visual_console/public_console.php?hash='.$hash.'&id_layout='.$id_layout.'&id_user='.$config['id_user']).'" target="_blank">'.html_print_image(
-        'images/camera_mc.png',
-        true,
-        [
-            'title' => __('Show link to public Visual Console'),
-            'class' => 'invert_filter',
-        ]
-    ).'</a>';
-    $options['public_link']['active'] = false;
-
-    $options['data']['text'] = '<a href="'.$url_base.$action.'&tab=data&id_visual_console='.$id_layout.'">'.html_print_image(
-        'images/op_reporting.png',
-        true,
-        [
-            'title' => __('Main data'),
-            'class' => 'invert_filter',
-        ]
-    ).'</a>';
-    $options['list_elements']['text'] = '<a href="'.$url_base.$action.'&tab=list_elements&id_visual_console='.$id_layout.'">'.html_print_image(
-        'images/list.png',
-        true,
-        [
-            'title' => __('List elements'),
-            'class' => 'invert_filter',
-        ]
-    ).'</a>';
-
-    if (enterprise_installed()) {
-        $options['wizard_services']['text'] = '<a href="'.$url_base.$action.'&tab=wizard_services&id_visual_console='.$id_layout.'">'.html_print_image(
-            'images/wand_services.png',
-            true,
-            [
-                'title' => __('Services wizard'),
-                'class' => 'invert_filter',
-            ]
-        ).'</a>';
-    }
-
-    $options['wizard']['text'] = '<a href="'.$url_base.$action.'&tab=wizard&id_visual_console='.$id_layout.'">'.html_print_image(
-        'images/wand.png',
-        true,
-        [
-            'title' => __('Wizard'),
-            'class' => 'invert_filter',
-        ]
-    ).'</a>';
-    $options['editor']['text'] = '<a href="'.$url_base.$action.'&tab=editor&id_visual_console='.$id_layout.'">'.html_print_image(
-        'images/builder.png',
-        true,
-        [
-            'title' => __('Builder'),
-            'class' => 'invert_filter',
-        ]
-    ).'</a>';
-}
-
-$options['view']['text'] = '<a href="index.php?sec=network&sec2=operation/visual_console/render_view&id='.$id_layout.'&refr='.$view_refresh.'">'.html_print_image(
-    'images/eye.png',
-    true,
-    [
-        'title' => __('View'),
-        'class' => 'invert_filter',
-    ]
-).'</a>';
-$options['view']['active'] = true;
-
-if (!is_metaconsole()) {
-    if (!$config['pure']) {
-        $options['pure']['text'] = '<a href="index.php?sec=network&sec2=operation/visual_console/render_view&id='.$id_layout.'&refr='.$refr.'&pure=1">'.html_print_image(
-            'images/full_screen.png',
-            true,
-            [
-                'title' => __('Full screen mode'),
-                'class' => 'invert_filter',
-            ]
-        ).'</a>';
-        ui_print_page_header($layout_name, 'images/visual_console.png', false, '', false, $options);
-    }
-
-    // Set the hidden value for the javascript
-    html_print_input_hidden('metaconsole', 0);
-} else {
-    // Set the hidden value for the javascript
-    html_print_input_hidden('metaconsole', 1);
-}
-
-        visual_map_print_visual_map(
-            $id_layout,
-            true,
-            true,
-            null,
-            null,
-            '',
-            false,
-            $graph_javascript
-        );
-
-        ?>
-    <style type="text/css">
-        /* Avoid the main_pure container 1000px height */
-        body.pure {
-            min-height: 100px;
-        }
-        div#main_pure {
-            height: 100%;
-            margin: 0px;
-        }
-    </style>
-    <?php
-    ui_require_javascript_file('wz_jsgraphics');
-    ui_require_javascript_file('pandora_visual_console');
-    $ignored_params['refr'] = '';
-    ?>
-
-<script language="javascript" type="text/javascript">
-    $(document).ready (function () {
-        var refr = <?php echo (int) $refr; ?>;
-        var pure = <?php echo (int) $config['pure']; ?>;
-        var href = "<?php echo ui_get_url_refresh($ignored_params); ?>";
-                
-        $(".module_graph .menu_graph").css('display','none');
-        
-        $(".parent_graph").each(function(){
-            
-        if($(this).css('background-color') != 'rgb(255, 255, 255)'){
-                $(this).css('color', '#999');                
-                }
-        });            
-
-        $(".overlay").removeClass("overlay").addClass("overlaydisabled");
-            
-    });
-    
-    $(window).on('load', function () {
-        $('.item:not(.icon) img').each(function(){
-            
-            
-            if($(this).css('float')=='left' || $(this).css('float')=='right'){
-            
-                
-            $(this).css('margin-top',(parseInt($(this).parent().parent().css('height'))/2-parseInt($(this).css('height'))/2)+'px');
-            $(this).css('margin-left','');
-            
-            }
-            else{
-                $(this).css('margin-left',(parseInt($(this).parent().parent().css('width'))/2-parseInt($(this).css('width'))/2)+'px');
-                $(this).css('margin-top','');
-            }
-            
-        });
-        
-        $('.item > div').each( function() {
-            if ($(this).css('float')=='left' || $(this).css('float')=='right') {
-                if($(this).attr('id').indexOf('clock') || $(this).attr('id').indexOf('overlay')){
-                    $(this).css('margin-top',(parseInt($(this).parent().css('height'))/2-parseInt($(this).css('height'))/2)+'px');
-                }
-                else{
-                    $(this).css('margin-top',(parseInt($(this).parent().css('height'))/2-parseInt($(this).css('height'))/2-15)+'px');
-                }
-                $(this).css('margin-left','');
-            }
-            else {
-                $(this).css('margin-left',(parseInt($(this).parent().css('width'))/2-parseInt($(this).css('width'))/2)+'px');
-                $(this).css('margin-top','');
-            }
-        });
-        
-        $('.item > a > div').each(function(){
-            if($(this).css('float')=='left' || $(this).css('float')=='right'){
-            
-                
-            $(this).css('margin-top',(parseInt($(this).parent().parent().css('height'))/2-parseInt($(this).css('height'))/2-5)+'px');
-            $(this).css('margin-left','');
-            
-            }
-            else{
-                $(this).css('margin-left',(parseInt($(this).parent().parent().css('width'))/2-parseInt($(this).css('width'))/2)+'px');
-                $(this).css('margin-top','');
-            }
-            
-        });
-        
-        $(".graph:not([class~='noresizevc'])").each(function(){
-            height = parseInt($(this).css("height")) - 30;
-            $(this).css('height', height);
-        });
-            
-    });
-</script>
\ No newline at end of file
diff --git a/pandora_console/vendor/composer/ClassLoader.php b/pandora_console/vendor/composer/ClassLoader.php
index 1a58957d25..247294d66e 100644
--- a/pandora_console/vendor/composer/ClassLoader.php
+++ b/pandora_console/vendor/composer/ClassLoader.php
@@ -42,6 +42,8 @@ namespace Composer\Autoload;
  */
 class ClassLoader
 {
+    private $vendorDir;
+
     // PSR-4
     private $prefixLengthsPsr4 = array();
     private $prefixDirsPsr4 = array();
@@ -57,6 +59,13 @@ class ClassLoader
     private $missingClasses = array();
     private $apcuPrefix;
 
+    private static $registeredLoaders = array();
+
+    public function __construct($vendorDir = null)
+    {
+        $this->vendorDir = $vendorDir;
+    }
+
     public function getPrefixes()
     {
         if (!empty($this->prefixesPsr0)) {
@@ -300,6 +309,17 @@ class ClassLoader
     public function register($prepend = false)
     {
         spl_autoload_register(array($this, 'loadClass'), true, $prepend);
+
+        if (null === $this->vendorDir) {
+            return;
+        }
+
+        if ($prepend) {
+            self::$registeredLoaders = array($this->vendorDir => $this) + self::$registeredLoaders;
+        } else {
+            unset(self::$registeredLoaders[$this->vendorDir]);
+            self::$registeredLoaders[$this->vendorDir] = $this;
+        }
     }
 
     /**
@@ -308,6 +328,10 @@ class ClassLoader
     public function unregister()
     {
         spl_autoload_unregister(array($this, 'loadClass'));
+
+        if (null !== $this->vendorDir) {
+            unset(self::$registeredLoaders[$this->vendorDir]);
+        }
     }
 
     /**
@@ -367,6 +391,16 @@ class ClassLoader
         return $file;
     }
 
+    /**
+     * Returns the currently registered loaders indexed by their corresponding vendor directories.
+     *
+     * @return self[]
+     */
+    public static function getRegisteredLoaders()
+    {
+        return self::$registeredLoaders;
+    }
+
     private function findFileWithExtension($class, $ext)
     {
         // PSR-4 lookup
diff --git a/pandora_console/vendor/composer/autoload_classmap.php b/pandora_console/vendor/composer/autoload_classmap.php
index 4169e631c6..934f8e77e2 100644
--- a/pandora_console/vendor/composer/autoload_classmap.php
+++ b/pandora_console/vendor/composer/autoload_classmap.php
@@ -113,6 +113,7 @@ return array(
     'Models\\VisualConsole\\Items\\Label' => $baseDir . '/include/rest-api/models/VisualConsole/Items/Label.php',
     'Models\\VisualConsole\\Items\\Line' => $baseDir . '/include/rest-api/models/VisualConsole/Items/Line.php',
     'Models\\VisualConsole\\Items\\ModuleGraph' => $baseDir . '/include/rest-api/models/VisualConsole/Items/ModuleGraph.php',
+    'Models\\VisualConsole\\Items\\NetworkLink' => $baseDir . '/include/rest-api/models/VisualConsole/Items/NetworkLink.php',
     'Models\\VisualConsole\\Items\\Percentile' => $baseDir . '/include/rest-api/models/VisualConsole/Items/Percentile.php',
     'Models\\VisualConsole\\Items\\SimpleValue' => $baseDir . '/include/rest-api/models/VisualConsole/Items/SimpleValue.php',
     'Models\\VisualConsole\\Items\\StaticGraph' => $baseDir . '/include/rest-api/models/VisualConsole/Items/StaticGraph.php',
@@ -320,6 +321,7 @@ return array(
     'PandoraFMS\\Module' => $baseDir . '/include/lib/Module.php',
     'PandoraFMS\\ModuleStatus' => $baseDir . '/include/lib/ModuleStatus.php',
     'PandoraFMS\\ModuleType' => $baseDir . '/include/lib/ModuleType.php',
+    'PandoraFMS\\PublicLogin' => $baseDir . '/include/lib/PublicLogin.php',
     'PandoraFMS\\User' => $baseDir . '/include/lib/User.php',
     'PandoraFMS\\View' => $baseDir . '/include/lib/View.php',
     'PandoraFMS\\Websockets\\WSManager' => $baseDir . '/include/lib/Websockets/WSManager.php',
diff --git a/pandora_console/vendor/composer/autoload_real.php b/pandora_console/vendor/composer/autoload_real.php
index 33d719ba60..d079efd543 100644
--- a/pandora_console/vendor/composer/autoload_real.php
+++ b/pandora_console/vendor/composer/autoload_real.php
@@ -25,7 +25,7 @@ class ComposerAutoloaderInitfdecadadce22e6dde51e9535fe4ad7aa
         require __DIR__ . '/platform_check.php';
 
         spl_autoload_register(array('ComposerAutoloaderInitfdecadadce22e6dde51e9535fe4ad7aa', 'loadClassLoader'), true, true);
-        self::$loader = $loader = new \Composer\Autoload\ClassLoader();
+        self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__)));
         spl_autoload_unregister(array('ComposerAutoloaderInitfdecadadce22e6dde51e9535fe4ad7aa', 'loadClassLoader'));
 
         $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
diff --git a/pandora_console/vendor/composer/autoload_static.php b/pandora_console/vendor/composer/autoload_static.php
index e1953333f9..fc522a2370 100644
--- a/pandora_console/vendor/composer/autoload_static.php
+++ b/pandora_console/vendor/composer/autoload_static.php
@@ -195,6 +195,7 @@ class ComposerStaticInitfdecadadce22e6dde51e9535fe4ad7aa
         'Models\\VisualConsole\\Items\\Label' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/Label.php',
         'Models\\VisualConsole\\Items\\Line' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/Line.php',
         'Models\\VisualConsole\\Items\\ModuleGraph' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/ModuleGraph.php',
+        'Models\\VisualConsole\\Items\\NetworkLink' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/NetworkLink.php',
         'Models\\VisualConsole\\Items\\Percentile' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/Percentile.php',
         'Models\\VisualConsole\\Items\\SimpleValue' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/SimpleValue.php',
         'Models\\VisualConsole\\Items\\StaticGraph' => __DIR__ . '/../..' . '/include/rest-api/models/VisualConsole/Items/StaticGraph.php',
@@ -402,6 +403,7 @@ class ComposerStaticInitfdecadadce22e6dde51e9535fe4ad7aa
         'PandoraFMS\\Module' => __DIR__ . '/../..' . '/include/lib/Module.php',
         'PandoraFMS\\ModuleStatus' => __DIR__ . '/../..' . '/include/lib/ModuleStatus.php',
         'PandoraFMS\\ModuleType' => __DIR__ . '/../..' . '/include/lib/ModuleType.php',
+        'PandoraFMS\\PublicLogin' => __DIR__ . '/../..' . '/include/lib/PublicLogin.php',
         'PandoraFMS\\User' => __DIR__ . '/../..' . '/include/lib/User.php',
         'PandoraFMS\\View' => __DIR__ . '/../..' . '/include/lib/View.php',
         'PandoraFMS\\Websockets\\WSManager' => __DIR__ . '/../..' . '/include/lib/Websockets/WSManager.php',

From 538e7beb48e3de85ed9e875204a717397cb79f2c Mon Sep 17 00:00:00 2001
From: fbsanchez <fborja.sanchez@artica.es>
Date: Wed, 19 May 2021 11:57:17 +0200
Subject: [PATCH 5/6] Public access using PublicLogin interface

---
 .../include/javascript/pandora_dashboards.js  |  4 +++-
 .../javascript/pandora_visual_console.js      | 23 +++++++++++++------
 .../Dashboard/Widgets/maps_made_by_user.php   |  4 +++-
 .../visual_console/legacy_public_view.php     | 17 ++++++++++----
 .../operation/visual_console/public_view.php  | 12 +++++++---
 5 files changed, 43 insertions(+), 17 deletions(-)

diff --git a/pandora_console/include/javascript/pandora_dashboards.js b/pandora_console/include/javascript/pandora_dashboards.js
index efefaf1195..0b370deab7 100644
--- a/pandora_console/include/javascript/pandora_dashboards.js
+++ b/pandora_console/include/javascript/pandora_dashboards.js
@@ -1151,7 +1151,9 @@ function dashboardLoadVC(settings) {
     300 * 1000,
     handleUpdate,
     beforeUpdate,
-    settings.size
+    settings.size,
+    settings.id_user,
+    settings.hash
   );
 }
 
diff --git a/pandora_console/include/javascript/pandora_visual_console.js b/pandora_console/include/javascript/pandora_visual_console.js
index 1b0a82b78f..a26423c96c 100755
--- a/pandora_console/include/javascript/pandora_visual_console.js
+++ b/pandora_console/include/javascript/pandora_visual_console.js
@@ -1,5 +1,5 @@
 // TODO: Add Artica ST header.
-/* globals jQuery, VisualConsole, AsyncTaskManager, hash, id_user */
+/* globals jQuery, VisualConsole, AsyncTaskManager */
 
 /*
  * *********************
@@ -17,6 +17,9 @@
  * @param {function | null} onUpdate Callback which will be execuded when the Visual Console.
  * is updated. It will receive two arguments with the old and the new Visual Console's
  * data structure.
+ * @param {string|null} id_user User id given for public access.
+ * @param {string|null} hash Authorization hash given for public access.
+ *
  * @return {VisualConsole | null} The Visual Console instance or a null value.
  */
 // eslint-disable-next-line no-unused-vars
@@ -28,7 +31,9 @@ function createVisualConsole(
   updateInterval,
   onUpdate,
   beforeUpdate,
-  size
+  size,
+  id_user,
+  hash
 ) {
   if (container == null || props == null || items == null) return null;
   if (baseUrl == null) baseUrl = "";
@@ -46,6 +51,8 @@ function createVisualConsole(
           baseUrl,
           visualConsoleId,
           size,
+          id_user,
+          hash,
           function(error, data) {
             if (error) {
               //Remove spinner change VC.
@@ -651,6 +658,8 @@ function createVisualConsole(
  * Fetch a Visual Console's structure and its items.
  * @param {string} baseUrl Base URL to build the API path.
  * @param {number} vcId Identifier of the Visual Console.
+ * @param {string|null} id_user User id given for public access.
+ * @param {string|null} hash Authorization hash given for public access.
  * @param {function} callback Function to be executed on request success or fail.
  * On success, the function will receive an object with the next properties:
  * - `props`: object with the Visual Console's data structure.
@@ -658,7 +667,7 @@ function createVisualConsole(
  * @return {Object} Cancellable. Object which include and .abort([statusText]) function.
  */
 // eslint-disable-next-line no-unused-vars
-function loadVisualConsoleData(baseUrl, vcId, size, callback) {
+function loadVisualConsoleData(baseUrl, vcId, size, id_user, hash, callback) {
   // var apiPath = baseUrl + "/include/rest-api";
   var apiPath = baseUrl + "/ajax.php";
   var vcJqXHR = null;
@@ -721,8 +730,8 @@ function loadVisualConsoleData(baseUrl, vcId, size, callback) {
         page: "include/rest-api/index",
         getVisualConsole: 1,
         visualConsoleId: vcId,
-        id_user: id_user,
-        auth_hash: hash
+        id_user: typeof id_user == undefined ? id_user : null,
+        auth_hash: typeof hash == undefined ? hash : null
       },
       "json"
     )
@@ -738,8 +747,8 @@ function loadVisualConsoleData(baseUrl, vcId, size, callback) {
         getVisualConsoleItems: 1,
         size: size,
         visualConsoleId: vcId,
-        id_user: id_user,
-        auth_hash: hash
+        id_user: typeof id_user == undefined ? id_user : null,
+        auth_hash: typeof hash == undefined ? hash : null
       },
       "json"
     )
diff --git a/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php b/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php
index 32a095e132..9bbd69d470 100644
--- a/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php
+++ b/pandora_console/include/lib/Dashboard/Widgets/maps_made_by_user.php
@@ -29,7 +29,7 @@
 namespace PandoraFMS\Dashboard;
 // Load Visual Console.
 use Models\VisualConsole\Container as VisualConsole;
-
+use PandoraFMS\User;
 /**
  * Maps by users Widgets.
  */
@@ -498,6 +498,8 @@ class MapsMadeByUser extends Widget
                 'ratio'   => $ratio_t,
                 'size'    => $size,
                 'cellId'  => $this->cellId,
+                'hash'    => User::generatePublicHash(),
+                'id_user' => $config['id_user'],
             ]
         );
 
diff --git a/pandora_console/operation/visual_console/legacy_public_view.php b/pandora_console/operation/visual_console/legacy_public_view.php
index eae9f1767f..f7c23f8d00 100644
--- a/pandora_console/operation/visual_console/legacy_public_view.php
+++ b/pandora_console/operation/visual_console/legacy_public_view.php
@@ -15,7 +15,11 @@
 // The session is configured and started inside the config process.
 require_once '../../include/config.php';
 
-// Set root on homedir, as defined in setup
+require_once $config['homedir'].'/vendor/autoload.php';
+
+use PandoraFMS\User;
+
+// Set root on homedir, as defined in setup.
 chdir($config['homedir']);
 
 ob_start();
@@ -61,10 +65,13 @@ $id_layout = (int) get_parameter('id_layout');
 $graph_javascript = (bool) get_parameter('graph_javascript');
 $config['id_user'] = get_parameter('id_user');
 
-$myhash = md5($config['dbpass'].$id_layout.$config['id_user']);
-
-// Check input hash
-if ($myhash != $hash) {
+// Check input hash.
+if (User::validatePublicHash($hash) !== true) {
+    db_pandora_audit(
+        'Invalid public visual console',
+        'Trying to access public visual console'
+    );
+    include 'general/noaccess.php';
     exit;
 }
 
diff --git a/pandora_console/operation/visual_console/public_view.php b/pandora_console/operation/visual_console/public_view.php
index 2ebb5370f3..759888aabb 100644
--- a/pandora_console/operation/visual_console/public_view.php
+++ b/pandora_console/operation/visual_console/public_view.php
@@ -182,8 +182,6 @@ $visualConsoleItems = VisualConsole::getItemsFromDB(
     var props = <?php echo (string) $visualConsole; ?>;
     var items = <?php echo '['.implode($visualConsoleItems, ',').']'; ?>;
     var baseUrl = "<?php echo ui_get_full_url('/', false, false, false); ?>";
-    var hash = "<?php echo get_parameter('hash', ''); ?>";
-    var id_user = "<?php echo get_parameter('id_user', ''); ?>";
 
     var controls = document.getElementById('vc-controls');
     autoHideElement(controls, 1000);
@@ -266,7 +264,15 @@ $visualConsoleItems = VisualConsole::getItemsFromDB(
         items,
         baseUrl,
         <?php echo ($refr * 1000); ?>,
-        handleUpdate
+        handleUpdate,
+        // BeforeUpdate.
+        null,
+        // Size.
+        null,
+        // User id.
+        "<?php echo get_parameter('id_user', ''); ?>",
+        // Hash.
+        "<?php echo get_parameter('hash', ''); ?>"
     );
 
     var controls = document.getElementById('vc-controls');

From 4711ca485687c8d90309d3868b3d064c395d03ea Mon Sep 17 00:00:00 2001
From: fbsanchez <fborja.sanchez@artica.es>
Date: Wed, 19 May 2021 17:44:07 +0200
Subject: [PATCH 6/6] Avoid connection accumulation

---
 pandora_console/include/javascript/pandora_visual_console.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pandora_console/include/javascript/pandora_visual_console.js b/pandora_console/include/javascript/pandora_visual_console.js
index a26423c96c..0400ca56ad 100755
--- a/pandora_console/include/javascript/pandora_visual_console.js
+++ b/pandora_console/include/javascript/pandora_visual_console.js
@@ -76,7 +76,7 @@ function createVisualConsole(
                 "[API]",
                 error.message
               );
-              done();
+              abortable.abort();
               return;
             }