diff --git a/pandora_console/extensions/agents_modules.php b/pandora_console/extensions/agents_modules.php index 77a7934af1..2954c50d46 100644 --- a/pandora_console/extensions/agents_modules.php +++ b/pandora_console/extensions/agents_modules.php @@ -801,31 +801,37 @@ function mainAgentsModules() $link = "winopeng('".'operation/agentes/stat_win.php?'."type=$graph_type&".'period='.SECONDS_1DAY.'&'.'id='.$module_id.'&'.'refresh='.SECONDS_10MINUTES."', 'day_".$win_handle."')"; echo ''; + + $module_last_value = modules_get_last_value($module_id); + if (!is_numeric($module_last_value)) { + $module_last_value = htmlspecialchars($module_last_value); + } + switch ($status) { case AGENT_MODULE_STATUS_NORMAL: - ui_print_status_image('module_ok.png', modules_get_last_value($module_id), false); + ui_print_status_image('module_ok.png', $module_last_value, false); break; case AGENT_MODULE_STATUS_CRITICAL_BAD: - ui_print_status_image('module_critical.png', modules_get_last_value($module_id), false); + ui_print_status_image('module_critical.png', $module_last_value, false); break; case AGENT_MODULE_STATUS_WARNING: - ui_print_status_image('module_warning.png', modules_get_last_value($module_id), false); + ui_print_status_image('module_warning.png', $module_last_value, false); break; case AGENT_MODULE_STATUS_UNKNOWN: - ui_print_status_image('module_unknown.png', modules_get_last_value($module_id), false); + ui_print_status_image('module_unknown.png', $module_last_value, false); break; case AGENT_MODULE_STATUS_NORMAL_ALERT: case AGENT_MODULE_STATUS_WARNING_ALERT: case AGENT_MODULE_STATUS_CRITICAL_ALERT: - ui_print_status_image('module_alertsfired.png', modules_get_last_value($module_id), false); + ui_print_status_image('module_alertsfired.png', $module_last_value, false); break; case 4: - ui_print_status_image('module_no_data.png', modules_get_last_value($module_id), false); + ui_print_status_image('module_no_data.png', $module_last_value, false); break; } diff --git a/pandora_console/godmode/agentes/module_manager.php b/pandora_console/godmode/agentes/module_manager.php index b7b1d296ec..fcb8a1df52 100644 --- a/pandora_console/godmode/agentes/module_manager.php +++ b/pandora_console/godmode/agentes/module_manager.php @@ -832,7 +832,7 @@ foreach ($modules as $module) { $data[5] = ui_print_truncate_text($module['descripcion'], 'description', false); - $data[6] = ui_print_status_image($status, $title, true); + $data[6] = ui_print_status_image($status, htmlspecialchars($title), true); // MAX / MIN values if ($module['id_tipo_modulo'] != 25) { diff --git a/pandora_console/include/ajax/module.php b/pandora_console/include/ajax/module.php index 43f9ff1fe6..8ecf0fff0d 100755 --- a/pandora_console/include/ajax/module.php +++ b/pandora_console/include/ajax/module.php @@ -1022,7 +1022,7 @@ if (check_login()) { $title ); - $data[5] = ui_print_status_image($status, $title, true); + $data[5] = ui_print_status_image($status, htmlspecialchars($title), true); if (!$show_context_help_first_time) { $show_context_help_first_time = true; diff --git a/pandora_console/include/class/Tree.class.php b/pandora_console/include/class/Tree.class.php index 05b576e40f..885fe1330f 100644 --- a/pandora_console/include/class/Tree.class.php +++ b/pandora_console/include/class/Tree.class.php @@ -623,7 +623,7 @@ class Tree } } - $module['statusImageHTML'] = ui_print_status_image($statusType, $statusTitle, true); + $module['statusImageHTML'] = ui_print_status_image($statusType, htmlspecialchars($statusTitle), true); // HTML of the server type image $module['serverTypeHTML'] = servers_show_type($module['server_type']); diff --git a/pandora_console/operation/agentes/status_monitor.php b/pandora_console/operation/agentes/status_monitor.php index 21160d5ed8..59303227da 100644 --- a/pandora_console/operation/agentes/status_monitor.php +++ b/pandora_console/operation/agentes/status_monitor.php @@ -1362,7 +1362,7 @@ if (!empty($result)) { } else { $data[6] = ui_print_status_image( STATUS_MODULE_OK, - __('NORMAL').': '.$row['datos'], + __('NORMAL').': '.htmlspecialchars($row['datos']), true ); } @@ -1376,7 +1376,7 @@ if (!empty($result)) { } else { $data[6] = ui_print_status_image( STATUS_MODULE_CRITICAL, - __('CRITICAL').': '.$row['datos'], + __('CRITICAL').': '.htmlspecialchars($row['datos']), true ); } @@ -1390,7 +1390,7 @@ if (!empty($result)) { } else { $data[6] = ui_print_status_image( STATUS_MODULE_WARNING, - __('WARNING').': '.$row['datos'], + __('WARNING').': '.htmlspecialchars($row['datos']), true ); } @@ -1404,7 +1404,7 @@ if (!empty($result)) { } else { $data[6] = ui_print_status_image( STATUS_MODULE_UNKNOWN, - __('UNKNOWN').': '.$row['datos'], + __('UNKNOWN').': '.htmlspecialchars($row['datos']), true ); } @@ -1418,7 +1418,7 @@ if (!empty($result)) { } else { $data[6] = ui_print_status_image( STATUS_MODULE_NO_DATA, - __('NO DATA').': '.$row['datos'], + __('NO DATA').': '.htmlspecialchars($row['datos']), true ); } @@ -1437,7 +1437,7 @@ if (!empty($result)) { } else { $data[6] = ui_print_status_image( STATUS_MODULE_UNKNOWN, - __('UNKNOWN').' - '.__('Last status').' '.__('NORMAL').': '.$row['datos'], + __('UNKNOWN').' - '.__('Last status').' '.__('NORMAL').': '.htmlspecialchars($row['datos']), true ); } @@ -1453,7 +1453,7 @@ if (!empty($result)) { } else { $data[6] = ui_print_status_image( STATUS_MODULE_UNKNOWN, - __('UNKNOWN').' - '.__('Last status').' '.__('CRITICAL').': '.$row['datos'], + __('UNKNOWN').' - '.__('Last status').' '.__('CRITICAL').': '.htmlspecialchars($row['datos']), true ); } @@ -1469,7 +1469,7 @@ if (!empty($result)) { } else { $data[6] = ui_print_status_image( STATUS_MODULE_UNKNOWN, - __('UNKNOWN').' - '.__('Last status').' '.__('WARNING').': '.$row['datos'], + __('UNKNOWN').' - '.__('Last status').' '.__('WARNING').': '.htmlspecialchars($row['datos']), true ); }