From 67ade2fccd3981ed4f14a106638173a0df847bb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Gonz=C3=A1lez?= <jose.gonzalez@pandorafms.com> Date: Mon, 6 Jun 2022 16:35:02 +0200 Subject: [PATCH 1/5] Improved error message --- .../godmode/setup/file_manager.php | 23 ++++++- .../include/functions_filemanager.php | 16 +++++ pandora_console/include/get_file.php | 60 ++++++++++++++----- 3 files changed, 80 insertions(+), 19 deletions(-) diff --git a/pandora_console/godmode/setup/file_manager.php b/pandora_console/godmode/setup/file_manager.php index 201eb2507c..6f54f2f0a8 100644 --- a/pandora_console/godmode/setup/file_manager.php +++ b/pandora_console/godmode/setup/file_manager.php @@ -31,7 +31,7 @@ global $config; check_login(); -if (! check_acl($config['id_user'], 0, 'PM')) { +if ((bool) check_acl($config['id_user'], 0, 'PM') === false) { db_pandora_audit( AUDIT_LOG_ACL_VIOLATION, 'Trying to access File manager' @@ -43,7 +43,24 @@ if (! check_acl($config['id_user'], 0, 'PM')) { require_once 'include/functions_filemanager.php'; // Header. -ui_print_page_header(__('File manager'), '', false, '', true); +ui_print_standard_header( + __('File manager'), + '', + false, + '', + true, + [], + [ + [ + 'link' => '', + 'label' => __('Admin tools'), + ], + [ + 'link' => '', + 'label' => __('File manager'), + ], + ] +); if (isset($config['filemanager']['message']) === true) { echo $config['filemanager']['message']; @@ -66,7 +83,7 @@ $real_directory = realpath($config['homedir'].'/'.$directory); echo '<h4>'.__('Index of %s', io_safe_input($directory)).'</h4>'; $upload_file = (bool) get_parameter('upload_file'); -$create_text_file = (bool) get_parameter('create_text_file'); +$create_text_file = (bool) get_parameter('create_text_file'); $default_real_directory = realpath($config['homedir'].'/'); diff --git a/pandora_console/include/functions_filemanager.php b/pandora_console/include/functions_filemanager.php index b4b648b210..6e0289d896 100644 --- a/pandora_console/include/functions_filemanager.php +++ b/pandora_console/include/functions_filemanager.php @@ -476,6 +476,12 @@ function filemanager_file_explorer( $options=[] ) { global $config; + // Requirements for message dialog. + ui_require_css_file('dialog'); + ui_require_jquery_file('jquery-ui.min'); + ui_require_jquery_file('jquery-ui_custom'); + // Check for errors. + $errorOutput = (string) get_parameter('errorOutput'); // Windows compatibility. $real_directory = str_replace('\\', '/', $real_directory); @@ -492,7 +498,17 @@ function filemanager_file_explorer( $hack_metaconsole = (is_metaconsole() === true) ? '../../' : ''; ?> + <div id="modalAlert"></div> <script type="text/javascript"> + <?php if (empty($errorOutput) === false) : ?> + $("#modalAlert").html('<?php echo io_safe_output($errorOutput); ?>'); + $("#modalAlert").dialog ({ + title: '<?php echo __('Error'); ?>', + resizable: false, + draggable: false, + width: 450 + }); + <?php endif; ?> function show_form_create_folder() { actions_dialog('create_folder'); $("#create_folder").css("display", "block"); diff --git a/pandora_console/include/get_file.php b/pandora_console/include/get_file.php index e8551a27f5..99217e5ba1 100644 --- a/pandora_console/include/get_file.php +++ b/pandora_console/include/get_file.php @@ -1,17 +1,32 @@ <?php -// Pandora FMS - http://pandorafms.com -// ================================================== -// Copyright (c) 2005-2021 Artica Soluciones Tecnologicas -// Please see http://pandorafms.org for full contribution list -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU Lesser General Public License -// as published by the Free Software Foundation; version 2 -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// Don't start a session before this import. -// The session is configured and started inside the config process. +/** + * Get File script + * + * @category File manager + * @package Pandora FMS + * @subpackage Community + * @version 1.0.0 + * @license See below + * + * ______ ___ _______ _______ ________ + * | __ \.-----.--.--.--| |.-----.----.-----. | ___| | | __| + * | __/| _ | | _ || _ | _| _ | | ___| |__ | + * |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______| + * + * ============================================================================ + * Copyright (c) 2005-2022 Artica Soluciones Tecnologicas + * Please see http://pandorafms.org for full contribution list + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation for version 2. + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * ============================================================================ + */ + +// Get global data. require_once 'config.php'; require_once 'functions.php'; require_once 'functions_filemanager.php'; @@ -22,7 +37,7 @@ check_login(); $auth_method = db_get_value('value', 'tconfig', 'token', 'auth'); -if ($auth_method != 'ad' && $auth_method != 'ldap') { +if ($auth_method !== 'ad' && $auth_method !== 'ldap') { include_once 'auth/'.$auth_method.'.php'; } @@ -70,8 +85,21 @@ if ($file === '' || $hash === '' || $hash !== md5($file_raw.$config['server_uniq } } - if ($downloadable_file === '' || !file_exists($downloadable_file)) { - echo "<h3 style='".$styleError."'>".__('File is missing in disk storage. Please contact the administrator.').'</h3>'; + if (empty($downloadable_file) === true || file_exists($downloadable_file) === false) { + ?> + <div id="mainDiv"></div> + <script type="text/javascript"> + var refererPath = '<?php echo $_SERVER['HTTP_REFERER']; ?>'; + var errorOutput = '<?php echo __('File is missing in disk storage. Please contact the administrator.'); ?>'; + document.addEventListener('DOMContentLoaded', function () { + document.getElementById('mainDiv').innerHTML = `<form action="` + refererPath + `" name="failedReturn" method="post" style="display:none;"> + <input type="hidden" name="errorOutput" value="` + errorOutput + `" /> + </form>`; + + document.forms['failedReturn'].submit(); + }, false); + </script> + <?php } else { header('Content-type: aplication/octet-stream;'); header('Content-type: '.mime_content_type($downloadable_file).';'); From 06d9e0d137ff8cd8f5fbf3dcad209c1584d2a9bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Gonz=C3=A1lez?= <jose.gonzalez@pandorafms.com> Date: Tue, 7 Jun 2022 10:51:37 +0200 Subject: [PATCH 2/5] Improve security message --- pandora_console/include/get_file.php | 48 ++++++++++++++-------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/pandora_console/include/get_file.php b/pandora_console/include/get_file.php index 99217e5ba1..7c48c02d94 100644 --- a/pandora_console/include/get_file.php +++ b/pandora_console/include/get_file.php @@ -26,9 +26,10 @@ * ============================================================================ */ -// Get global data. +// Begin. require_once 'config.php'; require_once 'functions.php'; +require_once 'functions_ui.php'; require_once 'functions_filemanager.php'; global $config; @@ -41,17 +42,13 @@ if ($auth_method !== 'ad' && $auth_method !== 'ldap') { include_once 'auth/'.$auth_method.'.php'; } - -$styleError = 'background:url("../images/err.png") no-repeat scroll 0 0 transparent; padding:4px 1px 6px 30px; color:#CC0000;'; - -$file_raw = get_parameter('file', null); +$hash = get_parameter('hash'); +$file_raw = get_parameter('file'); $file = base64_decode(urldecode($file_raw)); -$hash = get_parameter('hash', null); - -if ($file === '' || $hash === '' || $hash !== md5($file_raw.$config['server_unique_identifier']) || !isset($_SERVER['HTTP_REFERER'])) { - echo "<h3 style='".$styleError."'>".__('Security error. Please contact the administrator.').'</h3>'; +if (empty($file) === true || empty($hash) === true || $hash !== md5($file_raw.$config['server_unique_identifier']) || isset($_SERVER['HTTP_REFERER']) === false) { + $errorMessage = __('Security error. Please contact the administrator.'); } else { $downloadable_file = ''; $parse_all_queries = explode('&', parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY)); @@ -79,28 +76,16 @@ if ($file === '' || $hash === '' || $hash !== md5($file_raw.$config['server_uniq break; default: + // Wrong action. $downloadable_file = ''; - // Do nothing break; } } if (empty($downloadable_file) === true || file_exists($downloadable_file) === false) { - ?> - <div id="mainDiv"></div> - <script type="text/javascript"> - var refererPath = '<?php echo $_SERVER['HTTP_REFERER']; ?>'; - var errorOutput = '<?php echo __('File is missing in disk storage. Please contact the administrator.'); ?>'; - document.addEventListener('DOMContentLoaded', function () { - document.getElementById('mainDiv').innerHTML = `<form action="` + refererPath + `" name="failedReturn" method="post" style="display:none;"> - <input type="hidden" name="errorOutput" value="` + errorOutput + `" /> - </form>`; - - document.forms['failedReturn'].submit(); - }, false); - </script> - <?php + $errorMessage = __('File is missing in disk storage. Please contact the administrator.'); } else { + // Everything went well. header('Content-type: aplication/octet-stream;'); header('Content-type: '.mime_content_type($downloadable_file).';'); header('Content-Length: '.filesize($downloadable_file)); @@ -108,3 +93,18 @@ if ($file === '' || $hash === '' || $hash !== md5($file_raw.$config['server_uniq readfile($downloadable_file); } } + +?> + +<script type="text/javascript"> + document.addEventListener('DOMContentLoaded', function () { + var refererPath = '<?php echo (($_SERVER['HTTP_REFERER']) ?? ui_get_full_url()); ?>'; + var errorOutput = '<?php echo $errorMessage; ?>'; + + document.body.innerHTML = `<form action="` + refererPath + `" name="failedReturn" method="post" style="display:none;"> + <input type="hidden" name="errorOutput" value="` + errorOutput + `" /> + </form>`; + + document.forms['failedReturn'].submit(); + }, false); +</script> From 9d071982f5ed85c4237676c38b1ccf9fe79a18f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Gonz=C3=A1lez?= <jose.gonzalez@pandorafms.com> Date: Tue, 7 Jun 2022 13:39:58 +0200 Subject: [PATCH 3/5] Improve code --- .../include/functions_filemanager.php | 23 ++++--------------- pandora_console/include/get_file.php | 12 +++++++--- 2 files changed, 13 insertions(+), 22 deletions(-) diff --git a/pandora_console/include/functions_filemanager.php b/pandora_console/include/functions_filemanager.php index 6e0289d896..94e16e822b 100644 --- a/pandora_console/include/functions_filemanager.php +++ b/pandora_console/include/functions_filemanager.php @@ -476,12 +476,6 @@ function filemanager_file_explorer( $options=[] ) { global $config; - // Requirements for message dialog. - ui_require_css_file('dialog'); - ui_require_jquery_file('jquery-ui.min'); - ui_require_jquery_file('jquery-ui_custom'); - // Check for errors. - $errorOutput = (string) get_parameter('errorOutput'); // Windows compatibility. $real_directory = str_replace('\\', '/', $real_directory); @@ -498,17 +492,7 @@ function filemanager_file_explorer( $hack_metaconsole = (is_metaconsole() === true) ? '../../' : ''; ?> - <div id="modalAlert"></div> <script type="text/javascript"> - <?php if (empty($errorOutput) === false) : ?> - $("#modalAlert").html('<?php echo io_safe_output($errorOutput); ?>'); - $("#modalAlert").dialog ({ - title: '<?php echo __('Error'); ?>', - resizable: false, - draggable: false, - width: 450 - }); - <?php endif; ?> function show_form_create_folder() { actions_dialog('create_folder'); $("#create_folder").css("display", "block"); @@ -966,10 +950,11 @@ function filemanager_get_file_info(string $filepath) $realpath = realpath($filepath); $filepath = str_replace('\\', '/', $filepath); + $mimeExtend = mime_content_type($filepath); // Windows compatibility. $info = [ 'mime' => MIME_UNKNOWN, - 'mime_extend' => mime_content_type($filepath), + 'mime_extend' => ($mimeExtend === false) ? '' : $mimeExtend, 'link' => 0, 'is_dir' => false, 'name' => basename($realpath), @@ -985,13 +970,13 @@ function filemanager_get_file_info(string $filepath) 'application/x-gzip', 'application/x-bzip2', ]; - if (is_dir($filepath)) { + if (is_dir($filepath) === true) { $info['mime'] = MIME_DIR; $info['is_dir'] = true; $info['size'] = 0; } else if (strpos($info['mime_extend'], 'image') !== false) { $info['mime'] = MIME_IMAGE; - } else if (in_array($info['mime_extend'], $zip_mimes)) { + } else if (in_array($info['mime_extend'], $zip_mimes) === true) { $info['mime'] = MIME_ZIP; } else if (strpos($info['mime_extend'], 'text') !== false) { $info['mime'] = MIME_TEXT; diff --git a/pandora_console/include/get_file.php b/pandora_console/include/get_file.php index 7c48c02d94..474a48f03c 100644 --- a/pandora_console/include/get_file.php +++ b/pandora_console/include/get_file.php @@ -84,6 +84,12 @@ if (empty($file) === true || empty($hash) === true || $hash !== md5($file_raw.$c if (empty($downloadable_file) === true || file_exists($downloadable_file) === false) { $errorMessage = __('File is missing in disk storage. Please contact the administrator.'); + // Avoid possible inifite loop with referer. + if (isset($_SERVER['HTTP_ORIGIN']) === true && $_SERVER['HTTP_REFERER'] === $_SERVER['HTTP_ORIGIN'].$_SERVER['REQUEST_URI']) { + $refererPath = ui_get_full_url('index.php'); + } else { + $refererPath = $_SERVER['HTTP_REFERER']; + } } else { // Everything went well. header('Content-type: aplication/octet-stream;'); @@ -98,11 +104,11 @@ if (empty($file) === true || empty($hash) === true || $hash !== md5($file_raw.$c <script type="text/javascript"> document.addEventListener('DOMContentLoaded', function () { - var refererPath = '<?php echo (($_SERVER['HTTP_REFERER']) ?? ui_get_full_url()); ?>'; - var errorOutput = '<?php echo $errorMessage; ?>'; + var refererPath = '<?php echo $refererPath; ?>'; + var errorFileOutput = '<?php echo $errorMessage; ?>'; document.body.innerHTML = `<form action="` + refererPath + `" name="failedReturn" method="post" style="display:none;"> - <input type="hidden" name="errorOutput" value="` + errorOutput + `" /> + <input type="hidden" name="errorFileOutput" value="` + errorFileOutput + `" /> </form>`; document.forms['failedReturn'].submit(); From e86d8b761d693b56c9737d23cd30735d8b9a7c8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Gonz=C3=A1lez?= <jose.gonzalez@pandorafms.com> Date: Tue, 7 Jun 2022 13:40:35 +0200 Subject: [PATCH 4/5] Refactor and improve code and added dialog for show error --- pandora_console/index.php | 92 +++++++++++++++++++++++---------------- 1 file changed, 54 insertions(+), 38 deletions(-) diff --git a/pandora_console/index.php b/pandora_console/index.php index 15d1b1c4fc..c933aadeb4 100755 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -14,7 +14,7 @@ * |___| |___._|__|__|_____||_____|__| |___._| |___| |__|_|__|_______| * * ============================================================================ - * Copyright (c) 2005-2021 Artica Soluciones Tecnologicas + * Copyright (c) 2005-2022 Artica Soluciones Tecnologicas * Please see http://pandorafms.org for full contribution list * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -27,14 +27,14 @@ */ // Begin. -if (!defined('__PAN_XHPROF__')) { +if (defined('__PAN_XHPROF__') === false) { define('__PAN_XHPROF__', 0); } require 'vendor/autoload.php'; if (__PAN_XHPROF__ === 1) { - if (function_exists('tideways_xhprof_enable')) { + if (function_exists('tideways_xhprof_enable') === true) { tideways_xhprof_enable(); } else { error_log('Cannot find tideways_xhprof_enable function'); @@ -43,7 +43,7 @@ if (__PAN_XHPROF__ === 1) { // Set character encoding to UTF-8 // fixes a lot of multibyte character issues. -if (function_exists('mb_internal_encoding')) { +if (function_exists('mb_internal_encoding') === true) { mb_internal_encoding('UTF-8'); } @@ -51,10 +51,10 @@ if (function_exists('mb_internal_encoding')) { // Activate gives more error information, not useful for production sites. $develop_bypass = 0; -if ($develop_bypass != 1) { +if ($develop_bypass !== 1) { // If no config file, automatically try to install. - if (! file_exists('include/config.php')) { - if (! file_exists('install.php')) { + if (file_exists('include/config.php') === false) { + if (file_exists('install.php') === false) { $url = explode('/', $_SERVER['REQUEST_URI']); $flag_url = 0; foreach ($url as $key => $value) { @@ -85,25 +85,25 @@ if ($develop_bypass != 1) { exit; } - if (isset($_POST['rename_file'])) { + if (isset($_POST['rename_file']) === true) { $rename_file_install = (bool) $_POST['rename_file']; - if ($rename_file_install) { + if ($rename_file_install === true) { $salida_rename = rename('install.php', 'install_old.php'); } } // Check installer presence. - if (file_exists('install.php')) { + if (file_exists('install.php') === true) { $login_screen = 'error_install'; include 'general/error_screen.php'; exit; } // Check perms for config.php. - if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN') { - if ((substr(sprintf('%o', fileperms('include/config.php')), -4) != '0600') - && (substr(sprintf('%o', fileperms('include/config.php')), -4) != '0660') - && (substr(sprintf('%o', fileperms('include/config.php')), -4) != '0640') + if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') { + if ((substr(sprintf('%o', fileperms('include/config.php')), -4) !== '0600') + && (substr(sprintf('%o', fileperms('include/config.php')), -4) !== '0660') + && (substr(sprintf('%o', fileperms('include/config.php')), -4) !== '0640') ) { $url = explode('/', $_SERVER['REQUEST_URI']); $flag_url = 0; @@ -128,8 +128,8 @@ if ($develop_bypass != 1) { } } -if ((! file_exists('include/config.php')) - || (! is_readable('include/config.php')) +if ((file_exists('include/config.php') === false) + || (is_readable('include/config.php') === false) ) { $login_screen = 'error_noconfig'; include 'general/error_screen.php'; @@ -143,7 +143,7 @@ if ((! file_exists('include/config.php')) require_once 'include/config.php'; require_once 'include/functions_config.php'; -if (isset($config['console_log_enabled']) && $config['console_log_enabled'] == 1) { +if (isset($config['console_log_enabled']) === true && (int) $config['console_log_enabled'] === 1) { ini_set('log_errors', 1); ini_set('error_log', $config['homedir'].'/log/console.log'); } else { @@ -151,26 +151,26 @@ if (isset($config['console_log_enabled']) && $config['console_log_enabled'] == 1 ini_set('error_log', ''); } -if (isset($config['error'])) { +if (isset($config['error']) === true) { $login_screen = $config['error']; include 'general/error_screen.php'; exit; } // If metaconsole activated, redirect to it. -if (is_metaconsole()) { +if (is_metaconsole() === true) { header('Location: '.ui_get_full_url('index.php')); // Always exit after sending location headers. exit; } -if (file_exists(ENTERPRISE_DIR.'/include/functions_login.php')) { +if (file_exists(ENTERPRISE_DIR.'/include/functions_login.php') === true) { include_once ENTERPRISE_DIR.'/include/functions_login.php'; } -if (!empty($config['https']) && empty($_SERVER['HTTPS'])) { +if (empty($config['https']) === false && empty($_SERVER['HTTPS']) === true) { $query = ''; - if (count($_REQUEST)) { + if (count($_REQUEST) > 0) { // Some (old) browsers don't like the ?&key=var. $query .= '?1=1'; } @@ -207,8 +207,11 @@ if (get_parameter('refr') != null) { $config['refr'] = (int) get_parameter('refr'); } +// Get possible errors with files. +$errorFileOutput = (string) get_parameter('errorFileOutput'); + $delete_file = get_parameter('del_file'); -if ($delete_file == 'yes_delete') { +if ($delete_file === 'yes_delete') { $salida_delete = shell_exec('rm /var/www/html/pandora_console/install.php'); } @@ -250,9 +253,9 @@ $validatedCSRF = validate_csrf_code(); $process_login = false; // Update user password. -$change_pass = get_parameter_post('renew_password', 0); +$change_pass = (int) get_parameter_post('renew_password'); -if ($change_pass == 1) { +if ($change_pass === 1) { $password_old = (string) get_parameter_post('old_password', ''); $password_new = (string) get_parameter_post('new_password', ''); $password_confirm = (string) get_parameter_post('confirm_new_password', ''); @@ -268,19 +271,19 @@ if (strlen($search) > 0) { $config['search_keywords'] = io_safe_input(trim(io_safe_output(get_parameter('keywords')))); // If not search category providad, we'll use an agent search. $config['search_category'] = get_parameter('search_category', 'all'); - if (($config['search_keywords'] != 'Enter keywords to search') && (strlen($config['search_keywords']) > 0)) { + if (($config['search_keywords'] !== 'Enter keywords to search') && (strlen($config['search_keywords']) > 0)) { $searchPage = true; } } // Login process. enterprise_include_once('include/auth/saml.php'); -if (! isset($config['id_user'])) { +if (isset($config['id_user']) === false) { // Clear error messages. unset($_COOKIE['errormsg']); setcookie('errormsg', null, -1); - if (isset($_GET['login'])) { + if (isset($_GET['login']) === true) { include_once 'include/functions_db.php'; // Include it to use escape_string_sql function. $config['auth_error'] = ''; @@ -297,15 +300,15 @@ if (! isset($config['id_user'])) { // If the auth_code exists, we assume the user has come from // double authorization page. - if (isset($_POST['auth_code'])) { + if (isset($_POST['auth_code']) === true) { $double_auth_success = false; // The double authentication is activated and the user has // surpassed the first step (the login). // Now the authentication code provided will be checked. - if (isset($_SESSION['prepared_login_da'])) { - if (isset($_SESSION['prepared_login_da']['id_user']) - && isset($_SESSION['prepared_login_da']['timestamp']) + if (isset($_SESSION['prepared_login_da']) === true) { + if (isset($_SESSION['prepared_login_da']['id_user']) === true + && isset($_SESSION['prepared_login_da']['timestamp']) === true ) { // The user has a maximum of 5 minutes to introduce // the double auth code. @@ -343,7 +346,7 @@ if (! isset($config['id_user'])) { // Error message. $config['auth_error'] = __("The code shouldn't be empty"); - if (!isset($_SESSION['prepared_login_da']['attempts'])) { + if (isset($_SESSION['prepared_login_da']['attempts']) !== false) { $_SESSION['prepared_login_da']['attempts'] = 0; } @@ -396,7 +399,7 @@ if (! isset($config['id_user'])) { // the 2nd auth step. $nick_in_db = $_SESSION['prepared_login_da']['id_user']; $expired_pass = false; - } else if (($config['auth'] == 'saml') && ($login_button_saml)) { + } else if (($config['auth'] === 'saml') && ($login_button_saml)) { $saml_user_id = enterprise_hook('saml_process_user_login'); if (!$saml_user_id) { $login_failed = true; @@ -430,7 +433,7 @@ if (! isset($config['id_user'])) { // process_user_login is a virtual function which should be defined in each auth file. // It accepts username and password. The rest should be internal to the auth file. // The auth file can set $config["auth_error"] to an informative error output or reference their internal error messages to it - // process_user_login should return false in case of errors or invalid login, the nickname if correct + // process_user_login should return false in case of errors or invalid login, the nickname if correct. $nick_in_db = process_user_login($nick, $pass); $expired_pass = false; @@ -1466,15 +1469,15 @@ require 'include/php_to_js_values.php'; // Initial load of page. $(document).ready(adjustFooter); - + // Every resize of window. $(window).resize(adjustFooter); - + // Every show/hide call may need footer re-layout. (function() { var oShow = jQuery.fn.show; var oHide = jQuery.fn.hide; - + jQuery.fn.show = function () { var rv = oShow.apply(this, arguments); adjustFooter(); @@ -1503,6 +1506,19 @@ require 'include/php_to_js_values.php'; } + <?php if (empty($errorFileOutput) === false) : ?> + // There are one issue with the file that you trying to catch. Show a dialog with message. + $(document).ready(function() { + $('body').append('<div id="modalAlert"><?php echo io_safe_output($errorFileOutput); ?></div>'); + $("#modalAlert").dialog ({ + title: '<?php echo __('Error'); ?>', + resizable: false, + draggable: false, + width: 450 + }); + }); + <?php endif; ?> + function show_modal(id) { var match = /notification-(.*)-id-([0-9]+)/.exec(id); if (!match) { From ef3dd0e7410842e2538314f7c62806d169ca3d03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Gonz=C3=A1lez?= <jose.gonzalez@pandorafms.com> Date: Wed, 29 Jun 2022 10:20:17 +0200 Subject: [PATCH 5/5] Improved error message --- pandora_console/index.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/pandora_console/index.php b/pandora_console/index.php index c933aadeb4..3a5409aa16 100755 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -1509,12 +1509,10 @@ require 'include/php_to_js_values.php'; <?php if (empty($errorFileOutput) === false) : ?> // There are one issue with the file that you trying to catch. Show a dialog with message. $(document).ready(function() { - $('body').append('<div id="modalAlert"><?php echo io_safe_output($errorFileOutput); ?></div>'); - $("#modalAlert").dialog ({ - title: '<?php echo __('Error'); ?>', - resizable: false, - draggable: false, - width: 450 + confirmDialog({ + title: "<?php echo __('Error'); ?>", + message: "<?php echo io_safe_output($errorFileOutput); ?>", + hideCancelButton: true, }); }); <?php endif; ?>