'
+ );
+ break;
+ case 'null':
+ ui_print_error_message(
+ __('Unsuccessful the field %s in the table %s must be setted the null values with %s.',
+ $name_field, $table, $value));
+ if ($value == "no") {
+ ui_print_info_message(
+ __('You can execute this SQL query for to fix.') . " " .
+ '
>,
shape="doublecircle", URL="'.$url.'",
tooltip="' . $url_tooltip . '"];' . "\n";
@@ -1500,7 +1564,7 @@ function networkmap_get_networkmap ($id_networkmap, $filter = false, $fields = f
*
* @return Networkmap with the given id. False if not available or readable.
*/
-function networkmap_get_networkmaps ($id_user = '', $type = '', $optgrouped = true) {
+function networkmap_get_networkmaps ($id_user = '', $type = '', $optgrouped = true, $strict_user = false) {
global $config;
if ($id_user == '') {
@@ -1527,11 +1591,17 @@ function networkmap_get_networkmaps ($id_user = '', $type = '', $optgrouped = tr
$networkmaps = array();
foreach ($networkmaps_raw as $key => $networkmapitem) {
if ($optgrouped) {
+ if ((($networkmapitem['type'] == 'policies') || ($networkmapitem['type'] == 'radial_dynamic')) && ($strict_user)) {
+ continue;
+ }
$networkmaps[$networkmapitem['id_networkmap']] =
array('name' => $networkmapitem['name'],
'optgroup' => $networkmapitem['type']);
}
else {
+ if ((($networkmapitem['type'] == 'policies') || ($networkmapitem['type'] == 'radial_dynamic')) && ($strict_user)) {
+ continue;
+ }
$networkmaps[$networkmapitem['id_networkmap']] =
$networkmapitem['name'];
}
@@ -1600,7 +1670,7 @@ function networkmap_update_networkmap ($id_networkmap, $values) {
*
* @return Array Networkmap diferent types.
*/
-function networkmap_get_types () {
+function networkmap_get_types ($strict_user = false) {
$networkmap_types = array();
$is_enterprise = enterprise_include_once('include/functions_policies.php');
@@ -1608,9 +1678,11 @@ function networkmap_get_types () {
$networkmap_types['topology'] = __('Create a new topology map');
$networkmap_types['groups'] = __('Create a new group map');
$networkmap_types['dinamic'] = __('Create a new dynamic map');
- $networkmap_types['radial_dynamic'] = __('Create a new radial dynamic map');
+ if (!$strict_user) {
+ $networkmap_types['radial_dynamic'] = __('Create a new radial dynamic map');
+ }
- if ($is_enterprise !== ENTERPRISE_NOT_HOOK) {
+ if (($is_enterprise !== ENTERPRISE_NOT_HOOK) && (!$strict_user)) {
$enterprise_types = enterprise_hook('policies_get_networkmap_types');
$networkmap_types = array_merge($networkmap_types, $enterprise_types);
@@ -1624,7 +1696,7 @@ function networkmap_get_types () {
*
* @return Array Networkmap diferent types.
*/
-function networkmap_get_filter_types () {
+function networkmap_get_filter_types ($strict_user = false) {
$networkmap_types = array();
$is_enterprise = enterprise_include_once('include/functions_policies.php');
@@ -1632,9 +1704,11 @@ function networkmap_get_filter_types () {
$networkmap_types['topology'] = __('Topology');
$networkmap_types['groups'] = __('Group');
$networkmap_types['dinamic'] = __('Dynamic');
- $networkmap_types['radial_dynamic'] = __('Radial dynamic');
+ if (!$strict_user) {
+ $networkmap_types['radial_dynamic'] = __('Radial dynamic');
+ }
- if ($is_enterprise !== ENTERPRISE_NOT_HOOK) {
+ if (($is_enterprise !== ENTERPRISE_NOT_HOOK) && (!$strict_user)) {
$enterprise_types = enterprise_hook('policies_get_networkmap_filter_types');
$networkmap_types = array_merge($networkmap_types, $enterprise_types);
@@ -1659,28 +1733,48 @@ function networkmap_cidr_match($ip, $cidr_mask) {
return ($ip & $mask) == $subnet;
}
-function networkmap_get_new_nodes_from_ip_mask($ip_mask, $fields = array()) {
+function networkmap_get_new_nodes_from_ip_mask($ip_mask, $fields = array(), $strict_user = false) {
$list_ip_masks = explode(",", $ip_mask);
$list_address = db_get_all_rows_in_table('taddress');
if (empty($address))
$address = array();
+
+ if ($strict_user) {
+ $filter['group_by'] = 'tagente.id_agente';
+ $fields = array ('tagente.id_agente');
+ $acltags = tags_get_user_module_and_tags ($config['id_user'],'AR', $strict_user);
+ $user_agents = tags_get_all_user_agents (false, $config['id_user'], $acltags, $filter, $fields, false, $strict_user, true);
+ foreach ($all_user_agents as $agent) {
+ $user_agents[$agent['id_agente']] = $agent['id_agente'];
+ }
+ }
+
$agents = array();
foreach ($list_address as $address) {
foreach ($list_ip_masks as $ip_mask) {
if (networkmap_cidr_match($address['ip'], $ip_mask)) {
-
+ $id_agent = db_get_value_filter('id_agent', 'taddress_agent', array('id_a' => $address['id_a']));
+
if (empty($fields)) {
- $agents[] = db_get_value_filter('id_agent',
- 'taddress_agent', array('id_a' => $address['id_a']));
+ if ($strict_user) {
+ if (array_key_exists($id_agent, $user_agents)) {
+ $agents[] = db_get_value_filter('id_agent', 'taddress_agent', array('id_a' => $address['id_a']));
+ }
+ } else {
+ $agents[] = db_get_value_filter('id_agent', 'taddress_agent', array('id_a' => $address['id_a']));
+ }
+
}
else {
- $id_agent = db_get_value_filter('id_agent',
- 'taddress_agent', array('id_a' => $address['id_a']));
-
- $agents[] = db_get_row('tagente', 'id_agente',
- $id_agent, $fields);
+ if ($strict_user) {
+ if (array_key_exists($id_agent, $user_agents)) {
+ $agents[] = db_get_row('tagente', 'id_agente', $id_agent, $fields);
+ }
+ } else {
+ $agents[] = db_get_row('tagente', 'id_agente', $id_agent, $fields);
+ }
}
}
}
diff --git a/pandora_console/include/functions_reporting.php b/pandora_console/include/functions_reporting.php
index 8d58420a16..a70d2f8370 100644
--- a/pandora_console/include/functions_reporting.php
+++ b/pandora_console/include/functions_reporting.php
@@ -7778,7 +7778,9 @@ function reporting_get_count_events_validated ($filter, $period = 0,
*
* @return string html formatted tiny stats of modules/alerts of an agent
*/
-function reporting_tiny_stats ($counts_info, $return = false, $type = 'agent', $separator = ':') {
+function reporting_tiny_stats ($counts_info, $return = false, $type = 'agent', $separator = ':', $strict_user = false) {
+ global $config;
+
$out = '';
// Depend the type of object, the stats will refer agents, modules...
@@ -7809,6 +7811,28 @@ function reporting_tiny_stats ($counts_info, $return = false, $type = 'agent', $
break;
}
+ if ($strict_user && $type == 'agent') {
+
+ $acltags = tags_get_user_module_and_tags ($config['id_user'],'AR', $strict_user);
+ $filter['disabled'] = 0;
+ $id_agent = $counts_info['id_agente'];
+
+ $counts_info = array();
+ $counts_info['normal_count'] = count(tags_get_agent_modules ($id_agent, $acltags, false, $filter, false, AGENT_MODULE_STATUS_NORMAL));
+ $counts_info['warning_count'] = count(tags_get_agent_modules ($id_agent, $acltags, false, $filter, false, AGENT_MODULE_STATUS_WARNING));
+ $counts_info['critical_count'] = count(tags_get_agent_modules ($id_agent, $acltags, false, $filter, false, AGENT_MODULE_STATUS_CRITICAL_BAD));
+ $counts_info['notinit_count'] = count(tags_get_agent_modules ($id_agent, $acltags, false, $filter, false, AGENT_MODULE_STATUS_NOT_INIT));
+ $counts_info['unknown_count'] = count(tags_get_agent_modules ($id_agent, $acltags, false, $filter, false, AGENT_MODULE_STATUS_UNKNOWN));
+ $counts_info['total_count'] = $counts_info['normal_count'] + $counts_info['warning_count'] + $counts_info['critical_count'] + $counts_info['unknown_count'] + $counts_info['notinit_count'];
+
+ $all_agent_modules = tags_get_agent_modules ($id_agent, $acltags, false, $filter);
+ $mod_clause = "(".implode(',', array_keys($all_agent_modules)).")";
+
+ $counts_info['fired_count'] = db_get_sql ("SELECT COUNT(times_fired)
+ FROM talert_template_modules
+ WHERE times_fired != 0 AND id_agent_module IN ".$mod_clause);
+ }
+
// Store the counts in a data structure to print hidden divs with titles
$stats = array();
diff --git a/pandora_console/include/functions_tags.php b/pandora_console/include/functions_tags.php
index 809f366a1f..d8083344ee 100644
--- a/pandora_console/include/functions_tags.php
+++ b/pandora_console/include/functions_tags.php
@@ -403,6 +403,14 @@ function tags_delete_tag ($id_tag) {
}
+function tags_remove_tag($id_tag, $id_module) {
+ $result = (bool)db_process_sql_delete('ttag_module',
+ array('id_tag' => $id_tag,
+ 'id_agente_modulo' => $id_module));
+
+ return $result;
+}
+
/**
* Get tag's total count.
*
@@ -440,6 +448,8 @@ function tags_insert_module_tag ($id_agent_module, $tags) {
if ($result_tag === false)
$errn++;
}
+
+ return $errn;
}
/**
@@ -580,17 +590,6 @@ function tags_get_module_tags ($id, $policy = false) {
return $return;
}
-function tags_get_module_policy_tags($id_tag, $id_module) {
- if (empty($id_tag))
- return false;
-
- $id_module_policy = db_get_value_filter('id_policy_module',
- 'ttag_module',
- array('id_tag' => $id_tag, 'id_agente_modulo' => $id_module));
-
- return $id_module_policy;
-}
-
/**
* Select all tags of a policy module.
*
@@ -656,6 +655,34 @@ function tags_get_tags ($ids) {
return $tags;
}
+function tags_get_agents($id_tag, $id_policy_module = 0) {
+
+ $agents = db_get_all_rows_sql("
+ SELECT id_agente
+ FROM tagente
+ WHERE id_agente IN (
+ SELECT t1.id_agente
+ FROM tagente_modulo AS t1
+ WHERE t1.id_agente_modulo IN (
+ SELECT t2.id_agente_modulo
+ FROM ttag_module AS t2
+ WHERE id_tag = " . $id_tag . "
+ AND id_policy_module = " . $id_policy_module . "))");
+
+ if (empty($agents)) {
+ return array();
+ }
+
+
+ $temp = array();
+ foreach ($agents as $agent) {
+ $temp[] = $agent['id_agente'];
+ }
+ $agents = $temp;
+
+ return $agents;
+}
+
/**
* Give format to tags when go concatened with url.
*
@@ -1760,14 +1787,15 @@ function tags_get_monitors_alerts ($id_tag, $groups_and_tags = array()) {
*
* @return mixed Returns count of agents with this tag or false if they aren't.
*/
-function tags_get_all_user_agents ($id_tag, $id_user = false, $groups_and_tags = array(), $filter = false, $fields = false, $meta = true, $strict_user = true) {
+function tags_get_all_user_agents ($id_tag = false, $id_user = false, $groups_and_tags = array(), $filter = false, $fields = false, $meta = true, $strict_user = true, $return_all_fields = false) {
global $config;
- // Avoid mysql error
- if (empty($id_tag))
- return;
-
+ if (empty($id_tag)) {
+ $tag_filter = '';
+ } else {
+ $tag_filter = " AND ttag_module.id_tag = " . $id_tag;
+ }
if (empty($id_user)) {
$id_user = $config['id_user'];
}
@@ -1777,17 +1805,85 @@ function tags_get_all_user_agents ($id_tag, $id_user = false, $groups_and_tags =
$fields[0] = "id_agente";
$fields[1] = "nombre";
}
- $select_fields = implode(',',$fields);
+ $select_fields = implode(',',$fields);
+
$groups_clause = "";
if ($strict_user) {
if (!empty($groups_and_tags)) {
- $groups_clause = " AND ".tags_get_acl_tags_module_condition($groups_and_tags, "tagente_modulo");
+ $groups_clause = " AND ".tags_get_acl_tags_module_condition($groups_and_tags, "tagente_modulo");
}
} else {
$groups_clause = " AND tagente.id_grupo IN (".implode(',',$groups_and_tags).")";
}
+ if (!empty($filter['id_group'])) {
+ $groups_clause .= " AND tagente.id_grupo IN (".$filter['id_group'].")";
+ }
+
+ $status_sql = '';
+ if (isset($filter['status'])) {
+ switch ($filter['status']) {
+ case AGENT_STATUS_NORMAL:
+ $status_sql =
+ " AND (normal_count = total_count)";
+ break;
+ case AGENT_STATUS_WARNING:
+ $status_sql =
+ "AND (critical_count = 0 AND warning_count > 0)";
+ break;
+ case AGENT_STATUS_CRITICAL:
+ $status_sql =
+ "AND (critical_count > 0)";
+ break;
+ case AGENT_STATUS_UNKNOWN:
+ $status_sql =
+ "AND (critical_count = 0 AND warning_count = 0
+ AND unknown_count > 0)";
+ break;
+ case AGENT_STATUS_NOT_NORMAL:
+ $status_sql = " AND (normal_count <> total_count)";
+ break;
+ case AGENT_STATUS_NOT_INIT:
+ $status_sql = "AND (notinit_count = total_count)";
+ break;
+ }
+
+ }
+ $disabled_sql = '';
+ if (!empty($filter['disabled'])) {
+ $disabled_sql = " AND disabled = ".$filter['disabled'];
+ }
+
+ $order_by_condition = '';
+ if (!empty($filter['order'])) {
+ $order_by_condition = " ORDER BY ".$filter['order'];
+ } else {
+ $order_by_condition = " ORDER BY tagente.nombre ASC";
+ }
+ $limit_sql = '';
+ if (isset($filter['offset'])) {
+ $offset = $filter['offset'];
+ }
+ if (isset($filter['limit'])) {
+ $limit = $filter['limit'];
+ }
+
+ if (isset($offset) && isset($limit)) {
+ $limit_sql = " LIMIT $offset, $limit ";
+ }
+
+ if (!empty($filter['group_by'])) {
+ $group_by = " GROUP BY ".$filter['group_by'];
+ } else {
+ $group_by = " GROUP BY tagente.nombre";
+ }
+
+ $id_agent_search = '';
+ if (!empty($filter['id_agent'])) {
+ $id_agent_search = " AND tagente.id_agente = ".$filter['id_agent'];
+ }
+
$search_sql = "";
$void_agents = "";
if ($filter) {
@@ -1802,23 +1898,40 @@ function tags_get_all_user_agents ($id_tag, $id_user = false, $groups_and_tags =
}
}
}
-
+
+ //~ $user_agents_sql = "SELECT ".$select_fields ."
+ //~ FROM tagente, tagente_modulo, ttag_module
+ //~ WHERE tagente.id_agente = tagente_modulo.id_agente
+ //~ AND tagente_modulo.id_agente_modulo = ttag_module.id_agente_modulo
+ //~ ". $tag_filter .
+ //~ $groups_clause . $search_sql . $void_agents .
+ //~ $status_sql .
+ //~ $group_by .
+ //~ " ORDER BY tagente.nombre ASC";
+
$user_agents_sql = "SELECT ".$select_fields ."
FROM tagente, tagente_modulo, ttag_module
WHERE tagente.id_agente = tagente_modulo.id_agente
AND tagente_modulo.id_agente_modulo = ttag_module.id_agente_modulo
- AND ttag_module.id_tag = " . $id_tag .
+ ". $tag_filter .
$groups_clause . $search_sql . $void_agents .
- " ORDER BY tagente.nombre ASC";
+ $status_sql .
+ $disabled_sql .
+ $group_by .
+ $order_by_condition .
+ $limit_sql;
- //return db_get_sql ($user_agents);
- $user_agents = db_get_all_rows_sql($user_agents_sql);
+ $user_agents = db_get_all_rows_sql($user_agents_sql);
+ if ($user_agents == false) {
+ $user_agents = array();
+ }
+ if ($return_all_fields) {
+ return $user_agents;
+ }
if (!$meta){
$user_agents_aux = array();
- if ($user_agents === false) {
- $user_agents = array();
- }
+
foreach ($user_agents as $ua) {
$user_agents_aux[$ua['id_agente']] = $ua['nombre'];
}
@@ -1826,4 +1939,85 @@ function tags_get_all_user_agents ($id_tag, $id_user = false, $groups_and_tags =
}
return $user_agents;
}
+
+function tags_get_agent_modules ($id_agent, $groups_and_tags = array(), $fields = false, $filter = false, $return_all_fields = false, $get_filter_status = -1) {
+
+ global $config;
+
+ // Avoid mysql error
+ if (empty($id_agent))
+ return;
+
+ if (!is_array ($fields)) {
+ $fields = array ();
+ $fields[0] = "tagente_modulo.id_agente_modulo";
+ $fields[1] = "tagente_modulo.nombre";
+ }
+ $select_fields = implode(',',$fields);
+
+ if ($filter) {
+ $filter_sql = '';
+ if (isset($filter['disabled'])) {
+ $filter_sql .= " AND tagente_modulo.disabled = ".$filter['disabled'];
+ }
+ if (isset($filter['nombre'])) {
+ $filter_sql .= ' AND tagente_modulo.nombre LIKE "' .$filter['nombre'].'"';
+ }
+
+ }
+
+ $tag_filter = "";
+ if (!empty($groups_and_tags)) {
+ $agent_group = db_get_value('id_grupo', 'tagente', 'id_agente', $id_agent);
+ if (isset($groups_and_tags[$agent_group]) && ($groups_and_tags[$agent_group] != '')) {
+ //~ $tag_filter = " AND ttag_module.id_tag IN (".$groups_and_tags[$agent_group].")";
+ $tag_filter = " AND tagente_modulo.id_agente_modulo IN (SELECT id_agente_modulo FROM ttag_module WHERE id_tag IN (".$groups_and_tags[$agent_group]."))";
+ }
+ }
+
+ if ($get_filter_status != -1) {
+ $agent_modules_sql = "SELECT ".$select_fields ."
+ FROM tagente_modulo, tagente_estado
+ WHERE tagente_modulo.id_agente=". $id_agent .
+ " AND tagente_modulo.id_agente_modulo = tagente_estado.id_agente_modulo
+ AND tagente_estado.estado = ".$get_filter_status .
+ $tag_filter .
+ $filter_sql ."
+ ORDER BY nombre";
+ } else {
+
+ $agent_modules_sql = "SELECT ".$select_fields ."
+ FROM tagente_modulo
+ WHERE id_agente=". $id_agent .
+ $tag_filter .
+ $filter_sql ."
+ ORDER BY nombre";
+ }
+
+ $agent_modules = db_get_all_rows_sql($agent_modules_sql);
+
+ if ($agent_modules == false) {
+ $agent_modules = array();
+ }
+
+ if ($return_all_fields) {
+ $result = array();
+ foreach ($agent_modules as $am) {
+ $am['status'] = modules_get_agentmodule_status($am['id_agente_modulo']);
+ $am['isinit'] = modules_get_agentmodule_is_init($am['id_agente_modulo']);
+ if ($am['isinit']) {
+
+ }
+ $result[$am['id_agente_modulo']] = $am;
+ }
+ return $result;
+ }
+
+ $result = array();
+ foreach ($agent_modules as $am) {
+ $result[$am['id_agente_modulo']] = $am['nombre'];
+ }
+
+ return $result;
+}
?>
diff --git a/pandora_console/include/help/en/help_field_match_snmp.php b/pandora_console/include/help/en/help_field_match_snmp.php
old mode 100644
new mode 100755
index ab8816cf4a..47ab269c0c
--- a/pandora_console/include/help/en/help_field_match_snmp.php
+++ b/pandora_console/include/help/en/help_field_match_snmp.php
@@ -4,7 +4,7 @@
*/
?>
-
Custom OID/Data #1-20
+
Variable bindings/Data #1-20
These are regular expressions that try to match varbinds 1 to 20. If there is a match, the alert is fired. The value of the variable is stored in the corresponding _snmp_fx_ macro (_snmp_f1_, _snmp_f2_, ...). Even though only twenty variables can be searched for matches, _snmp_fx_ macros are set for all of them (_snmp_f11_, _snmp_f12_, ...).
diff --git a/pandora_console/include/help/en/help_snmp_alert_custom.php b/pandora_console/include/help/en/help_snmp_alert_custom.php
old mode 100644
new mode 100755
index 1fd667ecf2..8d21fc8941
--- a/pandora_console/include/help/en/help_snmp_alert_custom.php
+++ b/pandora_console/include/help/en/help_snmp_alert_custom.php
@@ -6,4 +6,8 @@
Custom Value/OID
-
This search in the trap "Value" fields, and also in the fields "Custom OID" and "Custom Value", that is, in the rest of the TRAP fields.
+
+ This search in the trap "Value" fields, and also in the fields
+ "Variable bindings" and "Custom Value", that is, in
+ the rest of the TRAP fields.
+
diff --git a/pandora_console/include/help/es/help_field_match_snmp.php b/pandora_console/include/help/es/help_field_match_snmp.php
old mode 100644
new mode 100755
index dea7a4e4ac..b4332e70ae
--- a/pandora_console/include/help/es/help_field_match_snmp.php
+++ b/pandora_console/include/help/es/help_field_match_snmp.php
@@ -4,7 +4,7 @@
*/
?>
-
Custom OID/Data #1-20
+
Variable bindings/Data #1-20
Son expresiones regulares que intentan casar con las variables 1 a 20. Si hay un acierto, se dispara la alerta. El valor de la variable se guarda en la macro _snmp_fx_ correspondiente (_snmp_f1_, _snmp_f2_, ...). Aunque sólo se puede especificar una expresión regular para veinte variables, las macros _snmp_fx_ macros están disponibles para todas ellas (_snmp_f11_, _snmp_f12_, ...).
diff --git a/pandora_console/include/javascript/pandora.js b/pandora_console/include/javascript/pandora.js
index 298d2ecf51..c3924f5d89 100644
--- a/pandora_console/include/javascript/pandora.js
+++ b/pandora_console/include/javascript/pandora.js
@@ -177,7 +177,8 @@ function agent_changed_by_multiple_agents (event, id_agent, selected) {
$('#module').attr ('disabled', 1);
$('#module').empty ();
- $('#module').append ($('').html ("Loading...").attr ("value", 0));
+ $('#module').append ($('')
+ .html ("Loading...").attr ("value", 0));
// Check if homedir was received like a JSON
diff --git a/pandora_console/include/javascript/pandora_alerts.js b/pandora_console/include/javascript/pandora_alerts.js
index ea84156dff..e9b7c64727 100644
--- a/pandora_console/include/javascript/pandora_alerts.js
+++ b/pandora_console/include/javascript/pandora_alerts.js
@@ -12,6 +12,7 @@ function parse_alert_command (command, classs) {
$('.' + classs).each(function() {
// Only render values different from ''
if ($(this).val() == '') {
+ nfield++;
return;
}
var field = '_field' + nfield + '_';
diff --git a/pandora_console/index.php b/pandora_console/index.php
index a92726bb30..e2da6283e3 100755
--- a/pandora_console/index.php
+++ b/pandora_console/index.php
@@ -69,6 +69,7 @@ if ((! file_exists ("include/config.php")) || (! is_readable ("include/config.ph
session_start ();
require_once ("include/config.php");
+
// If metaconsole activated, redirect to it
if ($config['metaconsole'] == 1 && $config['enterprise_installed'] == 1) {
header ("Location: " . $config['homeurl'] . "enterprise/meta");
@@ -177,34 +178,34 @@ if (! isset ($config['id_user'])) {
$pass = get_parameter_post ("pass"); //This is the variable with the password
$nick = db_escape_string_sql($nick);
$pass = db_escape_string_sql($pass);
-
+
//Since now, only the $pass variable are needed
unset ($_GET['pass'], $_POST['pass'], $_REQUEST['pass']);
-
+
// If the auth_code exists, we assume the user has come through the double auth page
if (isset ($_POST['auth_code'])) {
$double_auth_success = false;
-
+
// The double authentication is activated and the user has surpassed the first step (the login).
// Now the authentication code provided will be checked.
if (isset ($_SESSION['prepared_login_da'])) {
if (isset ($_SESSION['prepared_login_da']['id_user'])
&& isset ($_SESSION['prepared_login_da']['timestamp'])) {
-
+
// The user has a maximum of 5 minutes to introduce the double auth code
$dauth_period = SECONDS_2MINUTES;
$now = time();
$dauth_time = $_SESSION['prepared_login_da']['timestamp'];
-
+
if ($now - $dauth_period < $dauth_time) {
// Nick
$nick = $_SESSION["prepared_login_da"]['id_user'];
// Code
$code = (string) get_parameter_post ("auth_code");
-
+
if (!empty($code)) {
$result = validate_double_auth_code($nick, $code);
-
+
if ($result === true) {
// Double auth success
$double_auth_success = true;
@@ -214,7 +215,7 @@ if (! isset ($config['id_user'])) {
$login_screen = 'double_auth';
// Error message
$config["auth_error"] = __("Invalid code");
-
+
if (!isset($_SESSION['prepared_login_da']['attempts']))
$_SESSION['prepared_login_da']['attempts'] = 0;
$_SESSION['prepared_login_da']['attempts']++;
@@ -225,7 +226,7 @@ if (! isset ($config['id_user'])) {
$login_screen = 'double_auth';
// Error message
$config["auth_error"] = __("The code shouldn't be empty");
-
+
if (!isset($_SESSION['prepared_login_da']['attempts']))
$_SESSION['prepared_login_da']['attempts'] = 0;
$_SESSION['prepared_login_da']['attempts']++;
@@ -234,7 +235,7 @@ if (! isset ($config['id_user'])) {
else {
// Expired login
unset ($_SESSION['prepared_login_da']);
-
+
// Error message
$config["auth_error"] = __('Expired login');
}
@@ -242,7 +243,7 @@ if (! isset ($config['id_user'])) {
else {
// If the code doesn't exist, remove the prepared login
unset ($_SESSION['prepared_login_da']);
-
+
// Error message
$config["auth_error"] = __('Login error');
}
@@ -252,10 +253,10 @@ if (! isset ($config['id_user'])) {
// Error message
$config["auth_error"] = __('Login error');
}
-
+
// Remove the authenticator code
unset ($_POST['auth_code'], $code);
-
+
if (!$double_auth_success) {
$login_failed = true;
require_once ('general/login_page.php');
@@ -328,73 +329,88 @@ if (! isset ($config['id_user'])) {
'timestamp' => time(),
'attempts' => 0
);
-
+
// Load the page to introduce the double auth code
$login_screen = 'double_auth';
require_once ('general/login_page.php');
while (@ob_end_flush ());
exit ("