From ac60cce2a277c625f6ffe0e7bd4204683a72b675 Mon Sep 17 00:00:00 2001
From: zarzuelo <noreply@pandorafms.org>
Date: Thu, 18 Jul 2013 13:12:42 +0000
Subject: [PATCH] 2013-07-18  Sergio Martin <sergio.martin@artica.es>

	* include/functions_agents.php: Add check to avoid SQL
	errors when retrieve alerts and the user profiles
	are not properly configurated for bug #2349



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@8545 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                    |  6 ++++++
 pandora_console/include/functions_agents.php | 10 +++++++---
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index a82ca64233..4e021b24e9 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,9 @@
+2013-07-18  Sergio Martin <sergio.martin@artica.es>
+
+	* include/functions_agents.php: Add check to avoid SQL
+	errors when retrieve alerts and the user profiles
+	are not properly configurated for bug #2349
+
 2013-07-18  Sergio Martin <sergio.martin@artica.es>
 
 	* operation/reporting/reporting_viewer.php
diff --git a/pandora_console/include/functions_agents.php b/pandora_console/include/functions_agents.php
index 23ab844dcb..4c64cb8f28 100644
--- a/pandora_console/include/functions_agents.php
+++ b/pandora_console/include/functions_agents.php
@@ -156,7 +156,6 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f
 	
 	if (($id_agent !== false) && ($idGroup !== false)) {
 		$where_tags = tags_get_acl_tags($config['id_user'], $idGroup, 'AR', 'module_condition', 'AND', 'tagente_modulo'); 
-		
 		if ($idGroup != 0) { //All group
 			$subQuery = 'SELECT id_agente_modulo
 				FROM tagente_modulo
@@ -167,7 +166,13 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f
 				FROM tagente_modulo WHERE delete_pending = 0';
 		}
 		
-		$subQuery .= $where_tags;
+		// If there are any errors add imposible condition
+		if(in_array($where_tags, array(ERR_WRONG_PARAMETERS, ERR_ACL)) || TRUE) {
+			$subQuery .= ' AND 1 = 0';
+		} 
+		else {
+			$subQuery .= $where_tags;
+		}
 	}
 	else if ($id_agent === false) {
 		if ($allModules)
@@ -214,7 +219,6 @@ function agents_get_alerts_simple ($id_agent = false, $filter = '', $options = f
 				ON talert_template_modules.id_alert_template = t4.id
 		WHERE id_agent_module in (%s) %s %s %s",
 	$selectText, $subQuery, $where, $filter, $orderbyText);
-	
 	$alerts = db_get_all_rows_sql ($sql);
 	
 	if ($alerts === false)