tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-31 01:35:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

2014-04-25 Alejandro Gallardo <alejandro.gallardo@artica.es>

Browse Source 
* extensions/system_info.php,
	  godmode/servers/plugin.php,
	  godmode/setup/file_manager.php,
	  include/config_process.php,
	  include/functions_filemanager.php,
	  include/functions_html.php,
	  operation/gis_maps/ajax.php,
	  operation/snmpconsole/snmp_mib_uploader.php: Replaced
	the possible backslashes with slashes in the directories
	path.

	* include/functions_graph.php: Modified the function
	"grafico_modulo_log4x" to adapt the 'set_include_path' to
	Windows.

	* include/get_file.php: Now the file name comes from the
	function "basename".


git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@9814 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
alexhigh 2014-04-25 11:07:30 +00:00
parent 14af549e40
commit a875856228
11 changed files with 79 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
pandora_console/ChangeLog
View File

@ -1,3 +1,23 @@
2014-04-25 Alejandro Gallardo <alejandro.gallardo@artica.es>
* extensions/system_info.php,
godmode/servers/plugin.php,
godmode/setup/file_manager.php,
include/config_process.php,
include/functions_filemanager.php,
include/functions_html.php,
operation/gis_maps/ajax.php,
operation/snmpconsole/snmp_mib_uploader.php: Replaced
the possible backslashes with slashes in the directories
path.
* include/functions_graph.php: Modified the function
"grafico_modulo_log4x" to adapt the 'set_include_path' to
Windows.
* include/get_file.php: Now the file name comes from the
function "basename".
2014-04-24 Alejandro Gallardo <alejandro.gallardo@artica.es> 2014-04-24 Alejandro Gallardo <alejandro.gallardo@artica.es>
* install.php: Now the user path backslashes will be * install.php: Now the user path backslashes will be

1
pandora_console/extensions/system_info.php
View File

@ -617,6 +617,7 @@ if (!isset($argv)) {
} }
else { else {
$dir = dirname($_SERVER['PHP_SELF']); $dir = dirname($_SERVER['PHP_SELF']);
$dir = str_replace("\\", "/", $dir); // Windows compatibility
if (file_exists($dir . "/../include/config.php")) if (file_exists($dir . "/../include/config.php"))
include $dir . "/../include/config.php"; include $dir . "/../include/config.php";

1
pandora_console/godmode/servers/plugin.php
View File

@ -88,6 +88,7 @@ if ($filemanager) {
$fallback_directory = "attachment/plugin"; $fallback_directory = "attachment/plugin";
$directory = (string) get_parameter ('directory', $fallback_directory); $directory = (string) get_parameter ('directory', $fallback_directory);
$directory = str_replace("\\", "/", $directory);
// A miminal security check to avoid directory traversal // A miminal security check to avoid directory traversal
if (preg_match ("/\.\./", $directory)) if (preg_match ("/\.\./", $directory))

1
pandora_console/godmode/setup/file_manager.php
View File

@ -35,6 +35,7 @@ if (isset($config['filemanager']['message'])) {
} }
$directory = (string) get_parameter ('directory', "/"); $directory = (string) get_parameter ('directory', "/");
$directory = str_replace("\\", "/", $directory);
// A miminal security check to avoid directory traversal // A miminal security check to avoid directory traversal
if (preg_match ("/\.\./", $directory)) if (preg_match ("/\.\./", $directory))

1
pandora_console/include/config_process.php
View File

@ -69,6 +69,7 @@ else {
$config['start_time'] = microtime (true); $config['start_time'] = microtime (true);
$ownDir = dirname(__FILE__) . '/'; $ownDir = dirname(__FILE__) . '/';
$ownDir = str_replace("\\", "/", $ownDir);
//Set by default the MySQL connection for DB, because in older Pandora have not //Set by default the MySQL connection for DB, because in older Pandora have not
//this token in the config.php //this token in the config.php

49
pandora_console/include/functions_filemanager.php
View File

@ -149,9 +149,9 @@ if ($upload_file) {
if (isset ($_FILES['file']) && $_FILES['file']['name'] != "") { if (isset ($_FILES['file']) && $_FILES['file']['name'] != "") {
$filename = $_FILES['file']['name']; $filename = $_FILES['file']['name'];
$filesize = $_FILES['file']['size']; $filesize = $_FILES['file']['size'];
$real_directory = (string) get_parameter('real_directory'); $real_directory = io_safe_output((string) get_parameter('real_directory'));
$directory = (string) get_parameter ('directory'); $directory = io_safe_output((string) get_parameter ('directory'));
$umask = (string)get_parameter('umask', ''); $umask = io_safe_output((string) get_parameter('umask', ''));
$hash = get_parameter('hash', ''); $hash = get_parameter('hash', '');
$testHash = md5($real_directory . $directory . $config['dbpass']); $testHash = md5($real_directory . $directory . $config['dbpass']);
@ -277,7 +277,9 @@ if ($upload_zip) {
$filename = $_FILES['file']['name']; $filename = $_FILES['file']['name'];
$filesize = $_FILES['file']['size']; $filesize = $_FILES['file']['size'];
$real_directory = (string) get_parameter('real_directory'); $real_directory = (string) get_parameter('real_directory');
$real_directory = io_safe_output($real_directory);
$directory = (string) get_parameter ('directory'); $directory = (string) get_parameter ('directory');
$directory = io_safe_output($directory);
$hash = get_parameter('hash', ''); $hash = get_parameter('hash', '');
$testHash = md5($real_directory . $directory . $config['dbpass']); $testHash = md5($real_directory . $directory . $config['dbpass']);
@ -386,6 +388,9 @@ if ($delete_file) {
* @param string $dir The dir to deletete * @param string $dir The dir to deletete
*/ */
function filemanager_delete_directory($dir) { function filemanager_delete_directory($dir) {
// Windows compatibility
$dir = str_replace("\\", "/", $dir);
if ($handle = opendir($dir)) { if ($handle = opendir($dir)) {
while (false !== ($file = readdir($handle))) { while (false !== ($file = readdir($handle))) {
if (($file != ".") && ($file != "..")) { if (($file != ".") && ($file != "..")) {
@ -417,6 +422,10 @@ function filemanager_delete_directory($dir) {
function filemanager_read_recursive_dir($dir, $relative_path = '') { function filemanager_read_recursive_dir($dir, $relative_path = '') {
$return = array(); $return = array();
// Windows compatibility
$dir = str_replace("\\", "/", $dir);
$relative_path = str_replace("\\", "/", $relative_path);
if ($handle = opendir($dir)) if ($handle = opendir($dir))
{ {
while (false !== ($entry = readdir($handle))) { while (false !== ($entry = readdir($handle))) {
@ -450,6 +459,11 @@ function filemanager_read_recursive_dir($dir, $relative_path = '') {
function filemanager_file_explorer($real_directory, $relative_directory, $url, $father = '', $editor = false, $readOnly = false, $url_file = '', $download_button = false, $umask = '') { function filemanager_file_explorer($real_directory, $relative_directory, $url, $father = '', $editor = false, $readOnly = false, $url_file = '', $download_button = false, $umask = '') {
global $config; global $config;
// Windows compatibility
$real_directory = str_replace("\\", "/", $real_directory);
$relative_directory = str_replace("\\", "/", $relative_directory);
$father = str_replace("\\", "/", $father);
$hack_metaconsole = ''; $hack_metaconsole = '';
if (defined('METACONSOLE')) if (defined('METACONSOLE'))
$hack_metaconsole = '../../'; $hack_metaconsole = '../../';
@ -589,6 +603,8 @@ function filemanager_file_explorer($real_directory, $relative_directory, $url, $
} }
foreach ($files as $fileinfo) { foreach ($files as $fileinfo) {
$fileinfo['realpath'] = str_replace("\\", "/", $fileinfo['realpath']);
$relative_path = str_replace($_SERVER['DOCUMENT_ROOT'], '', $fileinfo['realpath']); $relative_path = str_replace($_SERVER['DOCUMENT_ROOT'], '', $fileinfo['realpath']);
$data = array (); $data = array ();
@ -645,7 +661,7 @@ function filemanager_file_explorer($real_directory, $relative_directory, $url, $
$data[4] .= html_print_input_hidden('hash', md5($fileinfo['realpath'] . $config['dbpass']), true); $data[4] .= html_print_input_hidden('hash', md5($fileinfo['realpath'] . $config['dbpass']), true);
$data[4] .= html_print_input_hidden ('delete_file', 1, true); $data[4] .= html_print_input_hidden ('delete_file', 1, true);
$relative_dir = str_replace($config['homedir'], '', dirname($fileinfo['realpath'])); $relative_dir = str_replace($config['homedir'], '', str_replace("\\", "/", dirname($fileinfo['realpath'])));
if ($relative_dir[0] == '/') { if ($relative_dir[0] == '/') {
$relative_dir = substr($relative_dir, 1); $relative_dir = substr($relative_dir, 1);
} }
@ -704,6 +720,10 @@ function filemanager_file_explorer($real_directory, $relative_directory, $url, $
function filemanager_box_upload_file_complex($real_directory, $relative_directory, $url = '') { function filemanager_box_upload_file_complex($real_directory, $relative_directory, $url = '') {
global $config; global $config;
// Windows compatibility
$real_directory = str_replace("\\", "/", $real_directory);
$relative_directory = str_replace("\\", "/", $relative_directory);
$table->width = '100%'; $table->width = '100%';
$table->data = array (); $table->data = array ();
@ -742,6 +762,10 @@ function filemanager_box_upload_file_complex($real_directory, $relative_director
function filemanager_box_upload_file_explorer($real_directory, $relative_directory, $url = '') { function filemanager_box_upload_file_explorer($real_directory, $relative_directory, $url = '') {
global $config; global $config;
// Windows compatibility
$real_directory = str_replace("\\", "/", $real_directory);
$relative_directory = str_replace("\\", "/", $relative_directory);
$table->width = '50%'; $table->width = '50%';
$table->data = array (); $table->data = array ();
@ -778,6 +802,10 @@ function filemanager_box_upload_file_explorer($real_directory, $relative_directo
function filemanager_box_upload_zip_explorer($real_directory, $relative_directory, $url = '') { function filemanager_box_upload_zip_explorer($real_directory, $relative_directory, $url = '') {
global $config; global $config;
// Windows compatibility
$real_directory = str_replace("\\", "/", $real_directory);
$relative_directory = str_replace("\\", "/", $relative_directory);
$table->width = '60%'; $table->width = '60%';
$table->data = array (); $table->data = array ();
@ -814,6 +842,10 @@ function filemanager_box_upload_zip_explorer($real_directory, $relative_director
function filemanager_box_create_text_explorer($real_directory, $relative_directory, $url = '') { function filemanager_box_create_text_explorer($real_directory, $relative_directory, $url = '') {
global $config; global $config;
// Windows compatibility
$real_directory = str_replace("\\", "/", $real_directory);
$relative_directory = str_replace("\\", "/", $relative_directory);
$table->width = '60%'; $table->width = '60%';
$table->data = array (); $table->data = array ();
@ -880,6 +912,8 @@ function filemanager_get_available_directories () {
* operate. * operate.
*/ */
function filemanager_is_available_directory ($dirname) { function filemanager_is_available_directory ($dirname) {
$dirname = str_replace("\\", "/", $dirname); // Windows compatibility
$dirs = filemanager_get_available_directories (); $dirs = filemanager_get_available_directories ();
return isset ($dirs[$dirname]); return isset ($dirs[$dirname]);
@ -894,6 +928,9 @@ function filemanager_is_available_directory ($dirname) {
* @param bool Wheter the directory is writeable or not. * @param bool Wheter the directory is writeable or not.
*/ */
function filemanager_is_writable_dir ($dirpath, $force = false) { function filemanager_is_writable_dir ($dirpath, $force = false) {
$dirname = str_replace("\\", "/", $dirname); // Windows compatibility
if (filemanager_is_available_directory (basename ($dirpath))) if (filemanager_is_available_directory (basename ($dirpath)))
return is_writable ($dirpath); return is_writable ($dirpath);
if (filemanager_is_writable_dir (realpath ($dirpath.'/..'))) if (filemanager_is_writable_dir (realpath ($dirpath.'/..')))
@ -916,6 +953,7 @@ function filemanager_get_file_info ($filepath) {
global $config; global $config;
$realpath = realpath ($filepath); $realpath = realpath ($filepath);
$filepath = str_replace("\\", "/", $filepath); // Windows compatibility
$info = array ('mime' => MIME_UNKNOWN, $info = array ('mime' => MIME_UNKNOWN,
'mime_extend' => mime_content_type ($filepath), 'mime_extend' => mime_content_type ($filepath),
@ -959,6 +997,9 @@ function filemanager_get_file_info ($filepath) {
* @param bool Wheter the directory is writeable or not. * @param bool Wheter the directory is writeable or not.
*/ */
function filemanager_list_dir ($dirpath) { function filemanager_list_dir ($dirpath) {
$dirpath = str_replace("\\", "/", $dirpath); // Windows compatibility
$files = array (); $files = array ();
$dirs = array (); $dirs = array ();
$dir = opendir ($dirpath); $dir = opendir ($dirpath);

3
pandora_console/include/functions_graph.php
View File

@ -3731,7 +3731,8 @@ function grafico_modulo_log4x ($id_agente_modulo, $periodo, $show_event,
//set_error_handler("myErrorHandler"); //set_error_handler("myErrorHandler");
grafico_modulo_log4x_trace(__LINE__); grafico_modulo_log4x_trace(__LINE__);
set_include_path(get_include_path() . PATH_SEPARATOR . getcwd() . "/../../include"); $ds = DIRECTORY_SEPARATOR;
set_include_path(get_include_path() . PATH_SEPARATOR . getcwd() . $ds."..".$ds."..".$ds."include");
require_once 'Image/Graph.php'; require_once 'Image/Graph.php';

7
pandora_console/include/functions_html.php
View File

@ -1650,12 +1650,13 @@ function html_print_image ($src, $return = false, $options = false, $return_src
// If metaconsole is activated and image doesn't exists try to search on normal console // If metaconsole is activated and image doesn't exists try to search on normal console
if (defined('METACONSOLE')) { if (defined('METACONSOLE')) {
if (!$relative) { if (!$relative) {
if (strstr(getcwd(), 'enterprise/meta') === false) { $working_dir = str_replace("\\", "/", getcwd()); // Windows compatibility
if (strstr($working_dir, 'enterprise/meta') === false) {
if ($src[0] !== '/') { if ($src[0] !== '/') {
$src = '/' . $src; $src = '/' . $src;
} }
if (!is_readable(getcwd() . '/enterprise/meta' . $src)) { if (!is_readable($working_dir . '/enterprise/meta' . $src)) {
$src = ui_get_full_url('../..' . $src); $src = ui_get_full_url('../..' . $src);
} }
else { else {
@ -1667,7 +1668,7 @@ function html_print_image ($src, $return = false, $options = false, $return_src
$src = '/' . $src; $src = '/' . $src;
} }
if (is_readable(getcwd() . $src)) { if (is_readable($working_dir . $src)) {
$src = ui_get_full_url($src); $src = ui_get_full_url($src);
} }
else if (!is_readable($src)) { else if (!is_readable($src)) {

5
pandora_console/include/get_file.php
View File

@ -35,9 +35,6 @@ $file = get_parameter('file', null);
$file = base64_decode($file); $file = base64_decode($file);
$chunks = explode('/', $file);
$nameFile = end($chunks);
$hash = get_parameter('hash', null); $hash = get_parameter('hash', null);
$testHash = md5($file . $config['dbpass']); $testHash = md5($file . $config['dbpass']);
@ -59,7 +56,7 @@ else if (!empty($file) && !empty($hash)) {
header('Content-type: aplication/octet-stream;'); header('Content-type: aplication/octet-stream;');
header('Content-type: ' . mime_content_type($file) . ';'); header('Content-type: ' . mime_content_type($file) . ';');
header("Content-Length: " . filesize($file)); header("Content-Length: " . filesize($file));
header('Content-Disposition: attachment; filename="' . $nameFile . '"'); header('Content-Disposition: attachment; filename="' . basename($file) . '"');
readfile($file); readfile($file);
} }
} }

3
pandora_console/operation/gis_maps/ajax.php
View File

@ -14,7 +14,8 @@
// GNU General Public License for more details. // GNU General Public License for more details.
// Load global vars // Load global vars
if (file_exists(getcwd() . '/include/config.php')) { $working_dir = str_replace("\\", "/", getcwd()); // Windows compatibility
if (file_exists($working_dir . '/include/config.php')) {
require_once ("include/config.php"); require_once ("include/config.php");
} }
else { else {

1
pandora_console/operation/snmpconsole/snmp_mib_uploader.php
View File

@ -35,6 +35,7 @@ if (isset($config['filemanager']['message'])) {
} }
$directory = (string) get_parameter ('directory', SNMP_DIR_MIBS); $directory = (string) get_parameter ('directory', SNMP_DIR_MIBS);
$directory = str_replace("\\", "/", $directory);
/* Add custom directories here */ /* Add custom directories here */
$fallback_directory = "attachment/mibs"; $fallback_directory = "attachment/mibs";