diff --git a/pandora_console/CHANGELOG b/pandora_console/CHANGELOG index e39a82dd56..5543d9d830 100644 --- a/pandora_console/CHANGELOG +++ b/pandora_console/CHANGELOG @@ -1,3 +1,15 @@ +2006-07-11 Sancho Lerena + + * config.php: Replaced default font for use in graphs to use FreeSans.ttf + + * FreeSans.ttf: added to SVN repository. + + * fpgraph.php: Fixed problem with Call-time pass-by-reference in PHP. + + * functions.php: Updated parametro_limpio() security function to parse better. + Includes a regular expression to purge %00 expresions. + + 2006-07-11 Raul Mateos * user_edit.php: Add new text about authors. Add a line between table and button. Add different colors between rows (cosmetic changes). diff --git a/pandora_console/include/FreeSans.ttf b/pandora_console/include/FreeSans.ttf new file mode 100644 index 0000000000..5909637eef Binary files /dev/null and b/pandora_console/include/FreeSans.ttf differ diff --git a/pandora_console/include/config.php b/pandora_console/include/config.php index 209165a41a..2532178df5 100644 --- a/pandora_console/include/config.php +++ b/pandora_console/include/config.php @@ -21,8 +21,8 @@ //Pandora Version -$build_version="PC060630"; //PCddmmyy -$pandora_version="v1.2 Beta 2"; +$build_version="PC060710"; //PCddmmyy +$pandora_version="v1.2 Beta 3"; // Database configuration $dbname="pandora"; // MySQL DataBase @@ -31,7 +31,7 @@ $dbpassword="pandora"; // Password $dbhost="localhost"; // MySQL Host $dbtype="mysql"; // Type of Database, now only "mysql" its supported $attachment_store="/var/www/pandora_console"; //This is directory where placed "attachment" directory, to upload files stores. This MUST be writtable by wwwserver user, and should be in pandora root. Please append "/" to the end :-) -$config_fontpath = "/usr/share/fonts/truetype/msttcorefonts/arial.ttf"; +$config_fontpath = "/var/www/pandora_console/include/FreeSans.ttf"; // Read rest of config from DB @@ -68,4 +68,4 @@ if ($language_code == 'ast_es') { } else $help_code = substr($language_code,0,2); -?> \ No newline at end of file +?> diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index 01e89702d8..e57ef9d520 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -221,16 +221,16 @@ function entrada_limpia ($texto){ // --------------------------------------------------------------- function parametro_limpio($texto){ - // Metemos comprobaciones de seguridad para los includes de paginas pasados por parametro - // Gracias Raul (http://seclists.org/lists/incidents/2004/Jul/0034.html) - // Consiste en purgar los http:// de las cadenas - $pos = strpos($texto,"://"); // quitamos la parte "fea" de http:// o ftp:// o telnet:// :-))) - if ($pos <> 0) - $texto = substr_replace($texto,"",$pos,+3); - // limitamos la entrada de datos por parametros a 125 caracteres - $texto = substr_replace($texto,"",125); - return $texto; + // Gracias Raul (http://seclists.org/lists/incidents/2004/Jul/0034.html) + // Consiste en purgar los http:// de las cadenas + $pos = strpos($texto,"://"); // quitamos la parte "fea" de http:// o ftp:// o telnet:// :-))) + if ($pos <> 0) + $texto = substr_replace($texto,"",$pos,+3); + // limitamos la entrada de datos por parametros a 125 caracteres + $texto = substr_replace($texto,"",125); + $safe = preg_replace('/[^a-z0-9_\/]/i','',$texto); + return $safe; } // --------------------------------------------------------------- diff --git a/pandora_console/reporting/fgraph.php b/pandora_console/reporting/fgraph.php index f774d11df1..829437ddd6 100644 --- a/pandora_console/reporting/fgraph.php +++ b/pandora_console/reporting/fgraph.php @@ -247,11 +247,19 @@ function grafico_modulo_sparse($id_agente_modulo, $periodo, $intervalo, $etiquet ); modulo_grafico_draw ( $Graph_param, - &$etiq_base, + $etiq_base, array('Maximum','Average','Minimum'), array ( &$valores_max, &$grafica, &$valores_min ), - &$datax - ); + $datax + ); // Replaced pass by reference (slerena, 11 Jul06) + /* PHP Warning:  Call-time pass-by-reference has + been deprecated - argument pass + ed by value;  If you would like to pass it by reference, modify the + declaration of [runtime function +  name]().  If you would like to enable call-time pass-by-reference, + you can set allow_call_time_pass + _reference to true in your INI file.  However, future versions may not + support this any longer.  */ } @@ -376,17 +384,16 @@ function modulo_grafico_draw( $MGD_param, $MGD_labels, $MGD_data_name, $MGD_data $Dataset_events->addPoint( $MGD_event_data[$cc][$nn], ceil($MGD_param['valor_maximo'] / 7) + $MGD_param['valor_maximo']); - } + } $Plot =& $Plotarea->addNew('Plot_Impulse', array(&$Dataset_events)); $Plot->setLineColor($cc?'green@0.5':'red@0.5'); $Marker_event =& Image_Graph::factory('Image_Graph_Marker_Diamond'); $Plot->setMarker($Marker_event); $Marker_event->setFillColor($cc?'green@0.5':'red@0.5'); $Marker_event->setLineColor('black'); - } } } - + } $Graph->done(); // 30.06.06 dervitx end