From d7b3c9e0fb73bc1f87955d07be3b1db3c959be28 Mon Sep 17 00:00:00 2001
From: KIKUCHI Koichiro <koichiro@hataki.jp>
Date: Tue, 24 Mar 2015 19:28:46 +0900
Subject: [PATCH] Fixed master server queries:

* safe_input is required for server_name
* Fixed wrong server_type specified in NetworkServer

(cherry picked from commit (77354a886ee83594b85a8e5335a820fc660fea44)
---
 pandora_server/lib/PandoraFMS/NetworkServer.pm    | 4 ++--
 pandora_server/lib/PandoraFMS/PluginServer.pm     | 4 ++--
 pandora_server/lib/PandoraFMS/PredictionServer.pm | 4 ++--
 pandora_server/lib/PandoraFMS/WMIServer.pm        | 4 ++--
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/pandora_server/lib/PandoraFMS/NetworkServer.pm b/pandora_server/lib/PandoraFMS/NetworkServer.pm
index ee98803905..58ba653afa 100644
--- a/pandora_server/lib/PandoraFMS/NetworkServer.pm
+++ b/pandora_server/lib/PandoraFMS/NetworkServer.pm
@@ -108,7 +108,7 @@ sub data_producer ($) {
 		'AND tagente_modulo.disabled = 0
 		AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 		AND (tagente_modulo.flag = 1 OR ((tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP())) 
-		ORDER BY tagente_modulo.flag DESC, time_left ASC, tagente_estado.last_execution_try ASC ', $pa_config->{'servername'});
+		ORDER BY tagente_modulo.flag DESC, time_left ASC, tagente_estado.last_execution_try ASC ', safe_input($pa_config->{'servername'}));
     } else {
 		@rows = get_db_rows ($dbh, 'SELECT tagente_modulo.id_agente_modulo, tagente_modulo.flag, tagente_estado.last_execution_try, tagente_estado.current_interval + tagente_estado.last_execution_try AS time_left, last_execution_try
 		FROM tagente, tagente_modulo, tagente_estado
@@ -121,7 +121,7 @@ sub data_producer ($) {
 		. (defined ($network_filter) ? $network_filter : ' ') .
 		'AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 		AND (tagente_modulo.flag = 1 OR ((tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP()))
-		ORDER BY tagente_modulo.flag DESC, time_left ASC, tagente_estado.last_execution_try ASC', $pa_config->{'servername'}, DATASERVER);
+		ORDER BY tagente_modulo.flag DESC, time_left ASC, tagente_estado.last_execution_try ASC', safe_input($pa_config->{'servername'}), NETWORKSERVER);
 	}
 
 	foreach my $row (@rows) {
diff --git a/pandora_server/lib/PandoraFMS/PluginServer.pm b/pandora_server/lib/PandoraFMS/PluginServer.pm
index dfc75519d3..b2ca041473 100644
--- a/pandora_server/lib/PandoraFMS/PluginServer.pm
+++ b/pandora_server/lib/PandoraFMS/PluginServer.pm
@@ -106,7 +106,7 @@ sub data_producer ($) {
 			AND tagente_modulo.disabled = 0
 			AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 			AND (tagente_modulo.flag = 1 OR (tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP())
-			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', $pa_config->{'servername'});
+			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', safe_input($pa_config->{'servername'}));
     } else {
 		@rows = get_db_rows ($dbh, 'SELECT DISTINCT(tagente_modulo.id_agente_modulo), tagente_modulo.flag, tagente_estado.current_interval + tagente_estado.last_execution_try AS time_left, last_execution_try
 			FROM tagente, tagente_modulo, tagente_estado
@@ -117,7 +117,7 @@ sub data_producer ($) {
 			AND tagente_modulo.id_plugin != 0
 			AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 			AND (tagente_modulo.flag = 1 OR (tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP())
-			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', $pa_config->{'servername'}, PLUGINSERVER);
+			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', safe_input($pa_config->{'servername'}), PLUGINSERVER);
 	}
 
 	foreach my $row (@rows) {
diff --git a/pandora_server/lib/PandoraFMS/PredictionServer.pm b/pandora_server/lib/PandoraFMS/PredictionServer.pm
index 3c07c11baf..f7a4f0b26b 100644
--- a/pandora_server/lib/PandoraFMS/PredictionServer.pm
+++ b/pandora_server/lib/PandoraFMS/PredictionServer.pm
@@ -105,7 +105,7 @@ sub data_producer ($) {
 				AND tagente_modulo.id_modulo = 5
 				AND (tagente_modulo.flag = 1
 				OR (tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP())
-			ORDER BY last_execution_try ASC ', $pa_config->{'servername'});
+			ORDER BY last_execution_try ASC ', safe_input($pa_config->{'servername'}));
 	}
 	else {
 		@rows = get_db_rows ($dbh, 'SELECT DISTINCT(tagente_modulo.id_agente_modulo),
@@ -123,7 +123,7 @@ sub data_producer ($) {
 				AND tagente_modulo.id_modulo = 5
 				AND (tagente_modulo.flag = 1
 				OR (tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP())
-			ORDER BY last_execution_try ASC', $pa_config->{'servername'}, PREDICTIONSERVER);
+			ORDER BY last_execution_try ASC', safe_input($pa_config->{'servername'}), PREDICTIONSERVER);
 	}
 	
 	foreach my $row (@rows) {
diff --git a/pandora_server/lib/PandoraFMS/WMIServer.pm b/pandora_server/lib/PandoraFMS/WMIServer.pm
index fd400225fe..4aed04f974 100644
--- a/pandora_server/lib/PandoraFMS/WMIServer.pm
+++ b/pandora_server/lib/PandoraFMS/WMIServer.pm
@@ -105,7 +105,7 @@ sub data_producer ($) {
 			AND	tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 			AND ((tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP() 
 			OR tagente_modulo.flag = 1)				
-			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', $pa_config->{'servername'});		
+			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', safe_input($pa_config->{'servername'}));
 	} else {
 		@rows = get_db_rows ($dbh, 'SELECT DISTINCT(tagente_modulo.id_agente_modulo), tagente_modulo.flag, tagente_estado.current_interval + tagente_estado.last_execution_try AS time_left, last_execution_try
 			FROM tagente, tagente_modulo, tagente_estado, tserver
@@ -116,7 +116,7 @@ sub data_producer ($) {
 			AND tagente_modulo.id_modulo = 6
 			AND tagente_estado.id_agente_modulo = tagente_modulo.id_agente_modulo
 			AND ((tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP() OR tagente_modulo.flag = 1 )
-			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', $pa_config->{'servername'}, WMISERVER);
+			ORDER BY tagente_modulo.flag DESC, time_left ASC, last_execution_try ASC', safe_input($pa_config->{'servername'}), WMISERVER);
 	}
 
 	foreach my $row (@rows) {