From 89fbb48b112029cc1ed3d10a0e3b363df4406a5e Mon Sep 17 00:00:00 2001 From: guruevi Date: Mon, 17 Nov 2008 15:49:29 +0000 Subject: [PATCH] 2008-11-17 Evi Vanoost * operations/snmpconsole/snmp_view.php: Removed lang_string references in favor of __ () * index.php: Style updates and function name update * include/functions_db.php: Removed lang_string function * include/functions.php: parameter_extra_clean is now safe_url_extraclean. Also updated it slightly * godmode/admin_access_logs: Updated for style and speed git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1248 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f --- pandora_console/ChangeLog | 14 ++ pandora_console/godmode/admin_access_logs.php | 155 ++++++++---------- pandora_console/include/functions.php | 11 +- pandora_console/include/functions_db.php | 12 -- pandora_console/index.php | 31 ++-- .../operation/snmpconsole/snmp_view.php | 12 +- 6 files changed, 109 insertions(+), 126 deletions(-) diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index b71ce3168a..f47a1c47f7 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,17 @@ +2008-11-17 Evi Vanoost + + * operations/snmpconsole/snmp_view.php: Removed + lang_string references in favor of __ () + + * index.php: Style updates and function name update + + * include/functions_db.php: Removed lang_string function + + * include/functions.php: parameter_extra_clean is now + safe_url_extraclean. Also updated it slightly + + * godmode/admin_access_logs: Updated for style and speed + 2008-11-17 Jorge Gonzalez * pandoradb_data.sql: Added Danish to available languages. diff --git a/pandora_console/godmode/admin_access_logs.php b/pandora_console/godmode/admin_access_logs.php index 38a0e7549f..ab3bca87fd 100644 --- a/pandora_console/godmode/admin_access_logs.php +++ b/pandora_console/godmode/admin_access_logs.php @@ -16,7 +16,8 @@ // along with this program; if not, write to the Free Software // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. // Load global vars -require("include/config.php"); + +require_once ("include/config.php"); check_login (); @@ -28,106 +29,84 @@ if (! give_acl ($config['id_user'], 0, "PM")) { } echo "

".__('Pandora audit')." > ".__('Review Logs')."

"; -if (isset ($_GET["offset"])) - $offset=$_GET["offset"]; -else - $offset=0; +$offset = get_parameter ("offset", 0); +$tipo_log = get_parameter ("tipo_log", 'all'); -echo ""; -echo "
"; -echo ""; -echo ""; -// Manage GET/POST parameter for subselect on action type. POST parameter are proccessed before GET parameter (if passed) -if (isset ($_GET["tipo_log"])) { - $tipo_log = $_GET["tipo_log"]; - $tipo_log_select = " WHERE accion='".$tipo_log."' "; -} elseif (isset ($_POST["tipo_log"])) { - $tipo_log = $_POST["tipo_log"]; - if ($tipo_log == "-1"){ - $tipo_log_select = ""; - unset($tipo_log); - } else { - $tipo_log_select = " WHERE accion='".$tipo_log."' "; - } -} else { - $tipo_log_select= ""; +echo '
'; +echo '

'.__('Filter').'

'; + +// generate select + +$rows = get_db_all_rows_sql ("SELECT DISTINCT(accion) FROM tsesion"); +if (empty ($rows)) { + $rows = array (); } -// generate select -echo "
"; -echo "
"; -echo "

".__('Filter')."

".__('Action').""; -echo "'; +echo ''; + +echo '
'; +echo ''; +echo '
 
'; + +$filter = ''; +if ($tipo_log != 'all') { + $filter = sprintf (" WHERE accion = '%s'", $tipo_log); } -echo ""; -echo "		"; -echo "
"; -echo "		"; -echo ""; -echo "
"; +$sql = "SELECT COUNT(*) FROM tsesion".$filter; +$count = get_db_sql ($sql); +$url = "index.php?sec=godmode&sec2=godmode/admin_access_logs&tipo_log=".$tipo_log; -$sql2="SELECT COUNT(*) FROM tsesion ".$tipo_log_select." ORDER BY fecha DESC"; -$result2=mysql_query($sql2); -$row2=mysql_fetch_array($result2); -$counter = $row2[0]; -if (isset ($tipo_log)) - $url = "index.php?sec=godmode&sec2=godmode/admin_access_logs&tipo_log=".$tipo_log; -else - $url = "index.php?sec=godmode&sec2=godmode/admin_access_logs"; +pagination ($count, $url, $offset); -// Prepare query and pagination -$query1 = "SELECT * FROM tsesion " . $tipo_log_select." ORDER BY fecha DESC"; -if ( $counter > $config["block_size"]) { - pagination ($counter, $url, $offset); - $query1 .= " LIMIT $offset , ".$config["block_size"]; + +$sql = sprintf ("SELECT * FROM tsesion%s ORDER BY fecha DESC LIMIT %d, %d", $filter, $offset, $config["block_size"]); +$result = get_db_all_rows_sql ($sql); + +if (empty ($result)) { + $result = array (); } -$result=mysql_query($query1); -// table header -echo ''; -echo ''; -echo ''; -echo ''; -echo ''; -echo ''; -echo ''; +$table->cellpadding = 4; +$table->cellspacing = 4; +$table->width = 700; +$table->class = "databox"; +$table->size = array (); +$table->data = array (); +$table->head = array (); + +$table->head[0] = __('User'); +$table->head[1] = __('Action'); +$table->head[2] = __('Date'); +$table->head[3] = __('Source IP'); +$table->head[4] = __('Comments'); + +$table->size[0] = 80; +$table->size[2] = 130; +$table->size[3] = 100; +$table->size[4] = 200; -$color=1; // Get data -while ($row=mysql_fetch_array($result)) { - if ($color == 1){ - $tdcolor = "datos"; - $color = 0; - } - else { - $tdcolor = "datos2"; - $color = 1; - } - echo ''; +foreach ($result as $row) { + $data = array (); + $data[0] = $row["ID_usuario"]; + $data[1] = $row["accion"]; + $data[2] = $row["fecha"]; + $data[3] = $row["IP_origen"]; + $data[4] = $row["descripcion"]; + array_push ($table->data, $data); } -// end table -echo "
'.__('User').''.__('Action').''.__('Date').''.__('Source IP').''.__('Comments').'
'.$row["ID_usuario"]; - echo ''.$row["accion"]; - echo ''.$row["fecha"]; - echo ''.$row["IP_origen"]; - echo ''.$row["descripcion"]; - echo '
"; +print_table ($table); ?> diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index 5c84ae7c03..51e7e4ecd5 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -148,15 +148,18 @@ function entrada_limpia ($string) { * * @return */ -function parameter_extra_clean ($string) { +function safe_url_extraclean ($string) { /* Clean "://" from the strings See: http://seclists.org/lists/incidents/2004/Jul/0034.html */ $pos = strpos ($string, "://"); - if ($pos != 0) - $string = substr_replace ($string, "", $pos, +3); + if ($pos != 0) { + //Strip the string from (protocol[://] to protocol[://] + 125 chars) + $string = substr ($string, $pos + 3, $pos + 128); + } else { + $string = substr ($string, 0, 125); + } /* Strip the string to 125 characters */ - $string = substr_replace ($string, "", 125); return preg_replace ('/[^a-z0-9_\/]/i', '', $string); } diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php index 2d887a4065..b2f0613ab3 100644 --- a/pandora_console/include/functions_db.php +++ b/pandora_console/include/functions_db.php @@ -1898,18 +1898,6 @@ function __ ($string) { return $l10n->translate ($string); } -/** - * Get a translated string. (DEPRECATED IN FAVOR OF __ ) - * Calls to the __ function will automatically be picked up by the translators - * - * @param string String to translate - * - * @return The translated string. If not defined, the same string will be returned - */ -function lang_string ($string) { - return __ ($string); -} - /** * Get the numbers of servers up. * diff --git a/pandora_console/index.php b/pandora_console/index.php index 692c17fcaf..daa69b3fef 100644 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -28,32 +28,32 @@ global $pandora_version; // Set to 1 to do not check for installer or config file (for development!). $develop_bypass = 0; -if ($develop_bypass != 1){ +if ($develop_bypass != 1) { // If no config file, automatically try to install - if (! file_exists("include/config.php")){ - if (!file_exists("install.php")){ + if (! file_exists ("include/config.php")) { + if (! file_exists ("install.php")) { include ("general/error_noconfig.php"); exit; - } else + } else { include ("install.php"); - exit; + exit; + } } // Check for installer presence - if (file_exists("install.php")){ + if (file_exists ("install.php")) { include "general/error_install.php"; exit; } // Check perms for config.php - if ((substr(sprintf('%o', fileperms('include/config.php')), -4) != "0600") && - (substr(sprintf('%o', fileperms('include/config.php')), -4) != "0660") && - (substr(sprintf('%o', fileperms('include/config.php')), -4) != "0640")) - { + if ((substr (sprintf ('%o', fileperms('include/config.php')), -4) != "0600") && + (substr (sprintf ('%o', fileperms('include/config.php')), -4) != "0660") && + (substr (sprintf ('%o', fileperms('include/config.php')), -4) != "0640")) { include "general/error_perms.php"; exit; } } -if ((! file_exists("include/config.php")) || (! is_readable("include/config.php"))){ +if ((! file_exists("include/config.php")) || (! is_readable("include/config.php"))) { include ("general/error_noconfig.php"); exit; } @@ -78,7 +78,7 @@ $config["pure"] = get_parameter ("pure", 0); // Auto Refresh page $intervalo = get_parameter ("refr", 0); -if ($intervalo > 0){ +if ($intervalo > 0) { // Agent selection filters and refresh $query = 'http' . (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == TRUE ? 's': '') . '://' . $_SERVER['SERVER_NAME']; if ($_SERVER['SERVER_PORT'] != 80 && (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == TRUE && $_SERVER['SERVER_PORT'] != 443)) @@ -209,13 +209,13 @@ $sec2 = ""; $sec = ""; if (isset ($_GET["sec2"])) { $sec2 = get_parameter_get ('sec2'); - $sec2 = parameter_extra_clean ($sec2); + $sec2 = safe_url_extraclean ($sec2); $page = $sec2; } if (isset ($_GET["sec"])) { $sec = get_parameter_get ('sec'); - $sec = parameter_extra_clean ($sec); + $sec = safe_url_extraclean ($sec); $page = $sec2; } @@ -277,5 +277,4 @@ if ($config["pure"] == 0) { } echo ''; - -?> +?> \ No newline at end of file diff --git a/pandora_console/operation/snmpconsole/snmp_view.php b/pandora_console/operation/snmpconsole/snmp_view.php index 6ec0be2bd1..2c7b32bcf0 100644 --- a/pandora_console/operation/snmpconsole/snmp_view.php +++ b/pandora_console/operation/snmpconsole/snmp_view.php @@ -145,23 +145,23 @@ if ($config["pure"] == 1) { } // Agent select -$table->data[0][0] = ''.lang_string ('Agent').''; +$table->data[0][0] = ''.__('Agent').''; $table->data[0][1] = print_select ($agents, 'filter_agent', $filter_agent, 'javascript:this.form.submit();', __('All'), '', true); // OID select -$table->data[0][2] = ''.lang_string ('OID').''; +$table->data[0][2] = ''.__('OID').''; $table->data[0][3] = print_select ($oids, 'filter_oid', $filter_oid, 'javascript:this.form.submit();', __('All'), '', true); // Alert status select -$table->data[1][0] = '' . __('Alert') . ''; +$table->data[1][0] = ''.__('Alert').''; $table->data[1][1] = print_select ($alerted, "filter_fired", $filter_fired, 'javascript:this.form.submit();', __('All'), '-1', true); // String search_string -$table->data[1][2] = '' . __('Search value') . ''; +$table->data[1][2] = ''.__('Search value').''; $table->data[1][3] = print_input_text ('search_string', $search_string, '', 25, 0, true); // Block size for pagination select -$table->data[2][0] = '' . __('Block size for pagination') . ''; +$table->data[2][0] = ''.__('Block size for pagination').''; $lpagination[25]=25; $lpagination[50]=50; $lpagination[100]=100; @@ -170,7 +170,7 @@ $lpagination[500]=500; $table->data[2][1] = print_select ($lpagination, "pagination", $config["block_size"], 'javascript:this.form.submit();', __('Default'), $config["block_size"], true); // Severity select -$table->data[2][2] = ''.lang_string ('Severity').''; +$table->data[2][2] = ''.__('Severity').''; $table->data[2][3] = print_select ($severities, 'filter_severity', $filter_severity, 'javascript:this.form.submit();', __('All'), -1, true); print_table ($table);