diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index f5a31acba5..dfd3a59384 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,35 @@ +2008-07-17 Evi Vanoost + + * godmode/db/*.php + -require_once for config might already have loaded + -Changed mysql_real_escape_string in favor of get_parameter_post + -Process the DELETE SQL queries through process_sql() + -Changed comprueba_login() for check_login() + -Adhered some things to preferred style + -Compounded SQL queries into joins, subqueries or functions + -Removed mysql_close() from db_purge.php since the select + after the delete wouldn't work anymore (database closed) + + * godmode/reporting/reporting_builder.php + -Fixed a bug that was introduced when the SQL functions returned false + + * include/functions_db.php + -Made foreach instead of while loops for simpler functions + -Fixed get_reports that failed since SQL function return false + -All SQL functions now return false in case of empty + -New SQL function process_sql that can handle DELETE. Returns + affected rows in case of a changing query or an array in case + it was a selecting query or false in case of error + + * include/functions.php + -Simplified safe_input function + + * index.php + -Updated SQL queries, style changes + + * operation/agentes/*.php + -Style changes and updates to use check_login + 2008-07-17 Esteban Sanchez * godmode/reporting/map_builder.php: Check background existance to diff --git a/pandora_console/godmode/db/db_audit.php b/pandora_console/godmode/db/db_audit.php index 3302897f71..64c40ac263 100644 --- a/pandora_console/godmode/db/db_audit.php +++ b/pandora_console/godmode/db/db_audit.php @@ -18,7 +18,7 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. // Load global vars -require ("include/config.php"); +require_once ("include/config.php"); check_login (); if ((give_acl ($id_user, 0, "DM")==1) or (dame_admin ($id_user)==1)) { @@ -43,10 +43,9 @@ if ((give_acl ($id_user, 0, "DM")==1) or (dame_admin ($id_user)==1)) { # Purge data using dates # Purge data using dates if (isset($_POST["purgedb"])){ # Fixed 2005-1-13, nil - $from_date = mysql_real_escape_string($_POST["date_purge"]); + $from_date = get_parameter_post("date_purge"); $query = sprintf("DELETE FROM `tsesion` WHERE `fecha` < '%s';",$from_date); - echo $query; - mysql_query($query); + (int) $deleted = process_sql($query); } # End of get parameters block diff --git a/pandora_console/godmode/db/db_event.php b/pandora_console/godmode/db/db_event.php index 43b3e3e794..549f27508a 100644 --- a/pandora_console/godmode/db/db_event.php +++ b/pandora_console/godmode/db/db_event.php @@ -7,12 +7,12 @@ // Raul Mateos , 2005-2006 // Load global vars -require ("include/config.php"); +require_once ("include/config.php"); check_login (); -if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { +if ((give_acl ($id_user, 0, "DM")==1) or (dame_admin ($id_user)==1)) { - require("godmode/db/times_incl.php"); + require ("godmode/db/times_incl.php"); $datos_rango3=0; $datos_rango2=0; @@ -24,9 +24,9 @@ if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { # Purge data using dates # Purge data using dates if (isset ($_POST["date_purge"])){ - $from_date = mysql_real_esape_string ($_POST["date_purge"]); + $from_date = get_parameter_post ("date_purge"); $query = sprintf ("DELETE FROM `tevento` WHERE `timestamp` < '%s'",$from_date); - mysql_query ($query); + (int) $deleted = process_sql ($query); } # End of get parameters block diff --git a/pandora_console/godmode/db/db_info.php b/pandora_console/godmode/db/db_info.php index 3e26581adc..ec343be309 100644 --- a/pandora_console/godmode/db/db_info.php +++ b/pandora_console/godmode/db/db_info.php @@ -7,7 +7,7 @@ // Evi Vanoost 2008 // Load global vars -require ("include/config.php"); +require_once ("include/config.php"); check_login (); if ((give_acl ($id_user, 0, "DM")==1) or (dame_admin ($id_user)==1)) { diff --git a/pandora_console/godmode/db/db_info_data.php b/pandora_console/godmode/db/db_info_data.php index bf6acd128f..de67634e57 100644 --- a/pandora_console/godmode/db/db_info_data.php +++ b/pandora_console/godmode/db/db_info_data.php @@ -17,7 +17,7 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. // Load global vars -require ("include/config.php"); +require_once ("include/config.php"); check_login (); if ((give_acl ($id_user, 0, "DM")==1) or (dame_admin ($id_user)==1)) { @@ -40,17 +40,15 @@ if ((give_acl ($id_user, 0, "DM")==1) or (dame_admin ($id_user)==1)) { echo "".$lang_label["total_data"].""; $color=0; - $result_2=get_db_all_fields_in_table("tagente","id_agente"); - foreach($result_2 as $rownum => $row2) { - $total_agente=0; - $result_3=mysql_query("SELECT id_agente_modulo FROM tagente_modulo WHERE id_agente = ".$row2["id_agente"]); - $row3c = mysql_num_rows($result_3); - // for all data_modules belongs to an agent - while ($row3=mysql_fetch_array($result_3)){ - $result_4=mysql_query("SELECT COUNT(id_agente_modulo) FROM tagente_datos WHERE id_agente_modulo = ".$row3["id_agente_modulo"]); - $row4=mysql_fetch_array($result_4); - $total_agente=$total_agente + $row4[0]; - } + $sql = "SELECT `id_agente`, `nombre` FROM `tagente`"; + $result = get_db_all_rows_sql($sql); + foreach($result as $row2) { + $sql = sprintf("SELECT COUNT(`id_agente_modulo`) FROM `tagente_modulo` WHERE `id_agente` = '%d'",$row2["id_agente"]); + $row3c = get_db_sql($sql); + // for all data_modules belongs to an agent -- simplified, made + // faster + $sql=sprintf("SELECT COUNT(`id_agente_datos`) FROM `tagente_datos` WHERE `id_agente` = '%d'",$row2["id_agente"]); + $total_agente = get_db_sql($sql); if ($color == 1){ $tdcolor = "datos"; $color = 0; @@ -61,15 +59,15 @@ if ((give_acl ($id_user, 0, "DM")==1) or (dame_admin ($id_user)==1)) { } echo " - ".dame_nombre_agente($row2[0]).""; + ".$row2["nombre"].""; echo "".$row3c.""; echo "".$total_agente.""; - flush(); + flush (); //ob_flush(); } echo ""; } else { - audit_db($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access Database Management Info data"); + audit_db ($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access Database Management Info data"); require ("general/noaccess.php"); } ?> diff --git a/pandora_console/godmode/db/db_main.php b/pandora_console/godmode/db/db_main.php index c990dec87b..612cff8da5 100644 --- a/pandora_console/godmode/db/db_main.php +++ b/pandora_console/godmode/db/db_main.php @@ -20,7 +20,7 @@ global $config; check_login (); -if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { +if ((give_acl ($id_user, 0, "DM")==1) or (dame_admin ($id_user)==1)) { // Todo for a good DB maintenance /* - Delete too on datos_string and and datos_inc tables diff --git a/pandora_console/godmode/db/db_purge.php b/pandora_console/godmode/db/db_purge.php index 2c9cac3e3d..6d9fbb1021 100644 --- a/pandora_console/godmode/db/db_purge.php +++ b/pandora_console/godmode/db/db_purge.php @@ -21,10 +21,10 @@ check_login (); $id_usuario= $_SESSION["id_usuario"]; -if (give_acl($id_usuario, 0, "DM")==1){ +if (give_acl ($id_usuario, 0, "DM")==1){ - if (isset($_POST["agent"])){ - $id_agent =$_POST["agent"]; + if (isset ($_POST["agent"])){ + $id_agent = get_parameter_post ("agent"); } else $id_agent = -1; @@ -38,7 +38,13 @@ if (give_acl($id_usuario, 0, "DM")==1){ require("godmode/db/times_incl.php"); - $datos_rango3=0;$datos_rango2=0;$datos_rango1=0;$datos_rango0=0; $datos_rango00=0; $datos_rango11=0; $datos_total=0; + $datos_rango3=0; + $datos_rango2=0; + $datos_rango1=0; + $datos_rango0=0; + $datos_rango00=0; + $datos_rango11=0; + $datos_total=0; # ADQUIRE DATA PASSED AS FORM PARAMETERS # ====================================== @@ -47,43 +53,38 @@ if (give_acl($id_usuario, 0, "DM")==1){ # Purge data using dates if (isset($_POST["purgedb"])){ - $from_date =$_POST["date_purge"]; + $from_date = get_parameter_post ("date_purge"); if (isset($id_agent)){ if ($id_agent != -1) { - echo $lang_label["purge_task"].$id_agent." / ".$from_date; + echo $lang_label["purge_task"].$id_agent." / ".$from_date; echo "

".$lang_label["please_wait"]."
",$lang_label["while_delete_data"].$lang_label["agent"]."

"; - if ($id_agent == 0) - $sql_2='SELECT * FROM tagente_modulo'; - else - $sql_2='SELECT * FROM tagente_modulo WHERE id_agente = '.$id_agent; + if ($id_agent == 0) { + $sql_2='SELECT * FROM tagente_modulo'; + } else { + $sql_2='SELECT * FROM tagente_modulo WHERE id_agente = '.$id_agent; + } $result_t=mysql_query($sql_2); - while ($row=mysql_fetch_array($result_t)){ + while ($row=mysql_fetch_array($result_t)) { echo $lang_label["deleting_records"].dame_nombre_modulo_agentemodulo($row["id_agente_modulo"]); flush(); //ob_flush(); echo "
"; - $query = "DELETE FROM tagente_datos WHERE id_agente_modulo = ".$row["id_agente_modulo"]." and timestamp < '".$from_date."'"; - mysql_query($query); - $query = "DELETE FROM tagente_datos_inc WHERE id_agente_modulo = ".$row["id_agente_modulo"]." and timestamp < '".$from_date."'"; - mysql_query($query); - $query = "DELETE FROM tagente_datos_string WHERE id_agente_modulo = ".$row["id_agente_modulo"]." and timestamp < '".$from_date."'"; - mysql_query($query); + $query = sprintf("DELETE FROM `tagente_datos` WHERE `id_agente_modulo` = '%d' AND `timestamp` < '%s'",$row["id_agente_modulo"],$from_date); + process_sql ($query); + $query = sprintf("DELETE FROM `tagente_datos_inc` WHERE `id_agente_modulo` = '%d' AND `timestamp` < '%s'",$row["id_agente_modulo"],$from_date); + process_sql ($query); + $query = sprintf("DELETE FROM `tagente_datos_string` WHERE `id_agente_modulo` = '%d' AND `timestamp` < '%s'",$row["id_agente_modulo"],$from_date); + process_sql ($query); } - } - else { + } else { echo $lang_label["deleting_records"].$lang_label["all_agents"]; flush(); ob_flush(); - $query = "DELETE FROM tagente_datos WHERE timestamp < '".$from_date."'"; - mysql_query($query); - $query = "DELETE FROM tagente_datos_inc WHERE timestamp < '".$from_date."'"; - mysql_query($query); - $query = "DELETE FROM tagente_datos_string WHERE timestamp < '".$from_date."'"; - mysql_query($query); + $query = "DELETE FROM tagente_datos,tagente_datos_inc,tagente_datos_string WHERE timestamp < '".$from_date."'"; + process_sql ($query); } - echo "

"; + echo "

"; } - mysql_close(); } # Select Agent for further operations. @@ -119,34 +120,23 @@ if (give_acl($id_usuario, 0, "DM")==1){ if (isset($_POST["agent"]) and ($id_agent !=-1)){ echo "

".$lang_label["db_agent_bra"].dame_nombre_agente($id_agent).$lang_label["db_agent_ket"]."

"; - if ($id_agent == 0) - $sql_2='SELECT * FROM tagente_modulo'; - else - $sql_2='SELECT * FROM tagente_modulo WHERE id_agente = '.$id_agent; - $result_t=mysql_query($sql_2); - while ($row=mysql_fetch_array($result_t)){ -/* flush(); - ob_flush(); */ - $rango00=mysql_query('SELECT COUNT(*) FROM tagente_datos WHERE id_agente_modulo = '.$row["id_agente_modulo"].' and timestamp > "'.$d1.'"'); - $rango0=mysql_query('SELECT COUNT(*) FROM tagente_datos WHERE id_agente_modulo = '.$row["id_agente_modulo"].' and timestamp > "'.$d3.'"'); - $rango1=mysql_query('SELECT COUNT(*) FROM tagente_datos WHERE id_agente_modulo = '.$row["id_agente_modulo"].' and timestamp > "'.$week.'"'); - $rango11=mysql_query('SELECT COUNT(*) FROM tagente_datos WHERE id_agente_modulo = '.$row["id_agente_modulo"].' and timestamp > "'.$week2.'"'); - $rango2=mysql_query('SELECT COUNT(*) FROM tagente_datos WHERE id_agente_modulo = '.$row["id_agente_modulo"].' and timestamp > "'.$month.'"'); - $rango3=mysql_query('SELECT COUNT(*) FROM tagente_datos WHERE id_agente_modulo = '.$row["id_agente_modulo"].' and timestamp > "'.$month3.'"'); - $rango4=mysql_query('SELECT COUNT(*) FROM tagente_datos WHERE id_agente_modulo = '.$row["id_agente_modulo"]); - $row00=mysql_fetch_array($rango00); - $row3=mysql_fetch_array($rango3); $row1=mysql_fetch_array($rango1); - $row2=mysql_fetch_array($rango2); $row11=mysql_fetch_array($rango11); - $row0=mysql_fetch_array($rango0); - $row4=mysql_fetch_array($rango4); - $datos_rango00=$datos_rango00+$row00[0]; - $datos_rango0=$datos_rango0+$row0[0]; - $datos_rango3=$datos_rango3+$row3[0]; - $datos_rango2=$datos_rango2+$row2[0]; - $datos_rango1=$datos_rango1+$row1[0]; - $datos_rango11=$datos_rango11+$row11[0]; - $datos_total=$datos_total+$row4[0]; - } + + $sql = "SELECT id_agente_modulo FROM tagente_modulo"; + if ($id_agent != 0) { + $sql .= sprintf(" WHERE id_agente = '%d'",$id_agent); + } + /* + flush(); + ob_flush(); + */ + $datos_rango00 += get_db_sql (sprintf("SELECT COUNT(*) FROM `tagente_datos` WHERE `id_agente_modulo` = ANY(%s) AND `timestamp` > '%s'",$sql,$d1)); + $datos_rango0 += get_db_sql (sprintf("SELECT COUNT(*) FROM `tagente_datos` WHERE `id_agente_modulo` = ANY(%s) AND `timestamp` > '%s'",$sql,$d3)); + $datos_rango1 += get_db_sql (sprintf("SELECT COUNT(*) FROM `tagente_datos` WHERE `id_agente_modulo` = ANY(%s) AND `timestamp` > '%s'",$sql,$week)); + $datos_rango11 += get_db_sql (sprintf("SELECT COUNT(*) FROM `tagente_datos` WHERE `id_agente_modulo` = ANY(%s) AND `timestamp` > '%s'",$sql,$week2)); + $datos_rango2 += get_db_sql (sprintf("SELECT COUNT(*) FROM `tagente_datos` WHERE `id_agente_modulo` = ANY(%s) AND `timestamp` > '%s'",$sql,$month)); + $datos_rango3 += get_db_sql (sprintf("SELECT COUNT(*) FROM `tagente_datos` WHERE `id_agente_modulo` = ANY(%s) AND `timestamp` > '%s'",$sql,$month3)); + $datos_total += get_db_sql (sprintf("SELECT COUNT(*) FROM `tagente_datos` WHERE `id_agente_modulo` = ANY(%s)",$sql)); + } ?> @@ -156,48 +146,48 @@ if (give_acl($id_usuario, 0, "DM")==1){ - + - + - + - + - + - + - + diff --git a/pandora_console/godmode/db/db_refine.php b/pandora_console/godmode/db/db_refine.php index b9bb76b36c..642904dd64 100644 --- a/pandora_console/godmode/db/db_refine.php +++ b/pandora_console/godmode/db/db_refine.php @@ -19,13 +19,14 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, U6 // Load global vars -require("include/config.php"); +require_once ("include/config.php"); check_login (); + $id_user = $_SESSION["id_usuario"]; -if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { - if ((isset($_GET["operacion"])) AND (! isset($_POST["update_agent"]))){ +if ((give_acl ($id_user, 0, "DM")==1) or (dame_admin ($id_user)==1)) { + if ((isset ($_GET["operacion"])) AND (!isset ($_POST["update_agent"]))){ // DATA COPY - if (isset($_POST["eliminar"])) { + if (isset ($_POST["eliminar"])) { echo "

".$lang_label["deletedata"]."

"; // First checkings @@ -37,7 +38,7 @@ if ((give_acl($id_user, 0, "DM")==1) or (dame_admin($id_user)==1)) { include ("general/footer.php"); exit; } - $origen_modulo = $_POST["origen_modulo"]; + $origen_modulo = mysql_real_esape_string($_POST["origen_modulo"]); if (count($origen_modulo) <= 0){ echo "

ERROR: ".$lang_label["nomodules_selected"]."

"; echo ""; diff --git a/pandora_console/godmode/reporting/reporting_builder.php b/pandora_console/godmode/reporting/reporting_builder.php index c38a08af70..2567650587 100644 --- a/pandora_console/godmode/reporting/reporting_builder.php +++ b/pandora_console/godmode/reporting/reporting_builder.php @@ -21,11 +21,6 @@ $id_user=$_SESSION["id_usuario"]; global $REMOTE_ADDR; -if (comprueba_login() != 0) { - audit_db($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access report builder"); - include ("general/noaccess.php"); - exit; -} if ((give_acl($id_user, 0, "AW") != 1) && (dame_admin ($id_user) != 1)) { audit_db($id_usuario,$REMOTE_ADDR, "ACL Violation","Trying to access graph builder"); @@ -484,7 +479,7 @@ if ($edit_sla_report_content) { $reports = get_db_all_rows_in_table ('treport', 'name'); $table->width = '0px'; - if (sizeof ($reports)) { + if ($reports !== false) { $table->id = 'report_list'; $table->width = '600px'; $table->head = array (); diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index 1296804429..36620ba7eb 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -46,11 +46,8 @@ function safe_input ($value) { if (is_numeric ($value)) return $value; if (is_array ($value)) { - $retval = array (); - foreach ($value as $id => $val) { - $retval[$id] = htmlentities (utf8_decode ($val), ENT_QUOTES); - } - return $retval; + $value = array_walk($value,'safe_input'); + return $value; } return htmlentities (utf8_decode ($value), ENT_QUOTES); } diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php index 591882aa71..c128bf5a6b 100644 --- a/pandora_console/include/functions_db.php +++ b/pandora_console/include/functions_db.php @@ -79,42 +79,40 @@ AND `tusuario_perfil`.`id_usuario` = '%s' AND (`tusuario_perfil`.`id_grupo` = '% $rowdup = get_db_all_rows_sql($query1); $result = 0; - $i = 0; - while($rowdup[$i]){ + foreach($rowdup as $row) { // For each profile for this pair of group and user do... switch ($access) { case "IR": - $result += $rowdup[$i]["incident_view"]; + $result += $row["incident_view"]; break; case "IW": - $result += $rowdup[$i]["incident_edit"]; + $result += $row["incident_edit"]; break; case "IM": - $result += $rowdup[$i]["incident_management"]; + $result += $row["incident_management"]; break; case "AR": - $result += $rowdup[$i]["agent_view"]; + $result += $row["agent_view"]; break; case "AW": - $result += $rowdup[$i]["agent_edit"]; + $result += $row["agent_edit"]; break; case "LW": - $result += $rowdup[$i]["alert_edit"]; + $result += $row["alert_edit"]; break; case "LM": - $result += $rowdup[$i]["alert_management"]; + $result += $row["alert_management"]; break; case "PM": - $result += $rowdup[$i]["pandora_management"]; + $result += $row["pandora_management"]; break; case "DM": - $result += $rowdup[$i]["db_management"]; + $result += $row["db_management"]; break; case "UM": - $result += $rowdup[$i]["user_management"]; + $result += $row["user_management"]; break; } - $i++; } if ($result > 1) $result = 1; @@ -266,7 +264,7 @@ function get_alerts_in_agent ($id_agent) { function get_reports ($id_user) { $user_reports = array (); $all_reports = get_db_all_rows_in_table ('treport', 'name'); - if (sizeof ($all_reports) == 0) { + if ($all_reports === false) { return $user_reports; } foreach ($all_reports as $report) { @@ -1224,6 +1222,7 @@ function give_agent_id_from_module_id ($id_agent_module) { return (int) get_db_value ('id_agente', 'tagente_modulo', 'id_agente_modulo', $id_agent_module); } +$sql_cache=array('saved' => 0); /** * Get the first value of the first row of a table in the database. * @@ -1231,10 +1230,9 @@ function give_agent_id_from_module_id ($id_agent_module) { * @param table Table to retrieve the data * @param field_search Field to filter elements * @param condition Condition the field must have - * - * @return - */ -$sql_cache=array('saved' => 0); + * + * @return + */ function get_db_value ($field, $table, $field_search=1, $condition=1){ if (is_int ($condition)) { @@ -1245,10 +1243,11 @@ function get_db_value ($field, $table, $field_search=1, $condition=1){ $sql = sprintf ("SELECT %s FROM `%s` WHERE `%s` = '%s' LIMIT 1", $field, $table, $field_search, $condition); } $result = get_db_all_rows_sql ($sql); - if(is_array ($result)) - return $result[0][$field]; - return ""; + if($result === false) + return false; + + return $result[0][$field]; } /** @@ -1261,8 +1260,11 @@ function get_db_value ($field, $table, $field_search=1, $condition=1){ function get_db_row_sql ($sql) { $sql .= " LIMIT 1"; $result = get_db_all_rows_sql ($sql); - - return $result[0]; + + if($result === false) + return false; + + return $result[0]; } /** @@ -1288,6 +1290,9 @@ function get_db_row ($table, $field_search, $condition) { } $result = get_db_all_rows_sql ($sql); + if($result === false) + return false; + return $result[0]; } @@ -1300,12 +1305,11 @@ function get_db_row ($table, $field_search, $condition) { * @return The selected field of the first row in a select statement. */ function get_db_sql ($sql, $field = 0) { - $row = get_db_all_rows_sql ($sql); - if (is_array ($row)) { - return $row[0][$field]; - } else { - return ""; - } + $result = get_db_all_rows_sql ($sql); + if($result === false) + return false; + + return $result[0][$field]; } /** @@ -1313,32 +1317,48 @@ function get_db_sql ($sql, $field = 0) { * * @param $sql SQL statement to execute. * - * @return A matrix with all the values returned from the SQL statement + * @return A matrix with all the values returned from the SQL statement or + * false in case of empty result */ function get_db_all_rows_sql ($sql) { - global $config; + $return = process_sql($sql); + + if (! empty ($return)) + return $return; + //Return false, check with === or !== + return false; +} + +/** + * This function comes back with an array in case of SELECT + * in case of UPDATE, DELETE etc. with affected rows + * an empty array in case of SELECT without results + */ +function process_sql ($sql) { + global $config; global $sql_cache; $retval = array(); - + if (! empty ($sql_cache[$sql])) { $retval = $sql_cache[$sql]; $sql_cache['saved']++; } else { $result = mysql_query ($sql); - if (!$result) { + if ($result === false) { echo 'Error: get_db_all_rows_sql ("'.$sql.'") :'. mysql_error ().'
'; - return $retval; + return false; + } elseif ($result === true) { + return mysql_affected_rows (); //This happens in case the statement was executed but didn't need a resource + } else { + while ($row = mysql_fetch_array ($result)) { + array_push ($retval, $row); + } + $sql_cache[$sql] = $retval; + mysql_free_result ($result); } - while ($row = mysql_fetch_array ($result)) { - array_push ($retval, $row); - } - $sql_cache[$sql] = $retval; - mysql_free_result ($result); } - if (! empty ($retval)) - return $retval; - //Return false, check with === or !== - return false; + return $retval; + //Return false, check with === or !== } /** @@ -1367,15 +1387,15 @@ function get_db_all_rows_in_table ($table, $order_field = "") { */ function get_db_all_rows_field_filter ($table, $field, $condition, $order_field = "") { if (is_int ($condition)) { - $sql = sprintf ('SELECT * FROM %s WHERE %s = %d', $table, $field, $condition); + $sql = sprintf ("SELECT * FROM `%s` WHERE `%s` = '%d'", $table, $field, $condition); } else if (is_float ($condition) || is_double ($condition)) { - $sql = sprintf ('SELECT * FROM %s WHERE %s = %f', $table, $field, $condition); + $sql = sprintf ("SELECT * FROM `%s` WHERE `%s` = '%f'", $table, $field, $condition); } else { - $sql = sprintf ('SELECT * FROM %s WHERE %s = "%s"', $table, $field, $condition); + $sql = sprintf ("SELECT * FROM `%s` WHERE `%s` = '%s'", $table, $field, $condition); } if ($order_field != "") - $sql .= " ORDER BY ".$order_field; + $sql .= sprintf(" ORDER BY `%s`",$order_field); return get_db_all_rows_sql ($sql); } diff --git a/pandora_console/index.php b/pandora_console/index.php index 56495e3309..cad3cb139d 100644 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -60,10 +60,11 @@ if ((! file_exists("include/config.php")) OR (! is_readable("include/config.php" // Real start session_start(); -include_once ("include/config.php"); -include_once ("include/languages/language_".$config["language"].".php"); +require_once ("include/config.php"); +require_once ("include/languages/language_".$config["language"].".php"); require_once ("include/functions.php"); require_once ("include/functions_db.php"); +//We should require this or you might end up with some empty strings ?> @@ -132,13 +133,12 @@ $REMOTE_ADDR = $_SERVER['REMOTE_ADDR']; if ( (! isset ($_SESSION['id_usuario'])) && (isset ($_GET["login"]))) { $nick = get_parameter_post ("nick"); $pass = get_parameter_post ("pass"); - // Connect to Database - $sql1 = 'SELECT * FROM tusuario WHERE id_usuario = "'.$nick.'"'; - $result = mysql_query ($sql1); + $sql1 = sprintf("SELECT `id_usuario`, `password` FROM `tusuario` WHERE `id_usuario` = '%s'",$nick); + $row = get_db_row_sql ($sql1); // For every registry - if ($row = mysql_fetch_array ($result)){ + if ($row !== false){ if ($row["password"] == md5 ($pass)){ // Login OK // Nick could be uppercase or lowercase (select in MySQL @@ -165,8 +165,7 @@ if ( (! isset ($_SESSION['id_usuario'])) && (isset ($_GET["login"]))) { "Incorrect password: " . $nick . " / " . $pass); exit; } - } - else { + } else { // User not known unset ($_GET["sec2"]); include "general/logon_failed.php"; diff --git a/pandora_console/operation/agentes/datos_agente.php b/pandora_console/operation/agentes/datos_agente.php index 45867f0081..880294758f 100644 --- a/pandora_console/operation/agentes/datos_agente.php +++ b/pandora_console/operation/agentes/datos_agente.php @@ -18,28 +18,28 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. // Load global vars -require("include/config.php"); +require ("include/config.php"); -function datos_raw($id_agente_modulo, $periodo){ +function datos_raw ($id_agente_modulo, $periodo){ global $config; require("include/languages/language_".$config["language"].".php"); $id_user = $config["id_user"]; $periodo_label = $periodo; switch ($periodo) { case "mes": - $periodo = 86400*30; - $et=$lang_label["last_month"]; - break; + $periodo = 2592000; + $et=$lang_label["last_month"]; + break; case "semana": - $periodo = 86400*7; - $et=$lang_label["last_week"]; - break; + $periodo = 604800; + $et=$lang_label["last_week"]; + break; case "dia": - $periodo = 86400; - $et=$lang_label["last_24"]; - break; + $periodo = 86400; + $et=$lang_label["last_24"]; + break; } - $periodo = time() - $periodo; + $periodo = time () - $periodo; $id_agent = give_agent_id_from_module_id ($id_agente_modulo); $id_group = get_db_value ("id_grupo", "tagente", "id_agente", $id_agent); // Different query for string data type @@ -108,9 +108,9 @@ function datos_raw($id_agente_modulo, $periodo){ // Page begin // --------------- -$id_user = ""; -if (comprueba_login() == 0) - $id_user = $_SESSION["id_usuario"]; +check_login(); + +$id_user = $_SESSION["id_usuario"]; if (give_acl($id_user, 0, "AR")!=1) { audit_db ($id_user, $REMOTE_ADDR, "ACL Violation", @@ -133,6 +133,6 @@ if (isset($_GET["delete"])) { $result=mysql_query($sql); } -datos_raw($id,$tipo); +datos_raw ($id,$tipo); ?> diff --git a/pandora_console/operation/agentes/estado_agente.php b/pandora_console/operation/agentes/estado_agente.php index 23d1f23ce5..1c8cd84ecf 100644 --- a/pandora_console/operation/agentes/estado_agente.php +++ b/pandora_console/operation/agentes/estado_agente.php @@ -16,14 +16,11 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. // Load global vars -require("include/config.php"); +require ("include/config.php"); +check_login (); -if (comprueba_login ()) { - audit_db($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access Agent view"); - require ("general/noaccess.php"); -} if (give_acl($id_user, 0, "AR") == 0) { - audit_db($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access agent main list view"); + audit_db ($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access agent main list view"); require ("general/noaccess.php"); exit; } diff --git a/pandora_console/operation/agentes/estado_alertas.php b/pandora_console/operation/agentes/estado_alertas.php index 1948e29dc2..b17b9aa193 100644 --- a/pandora_console/operation/agentes/estado_alertas.php +++ b/pandora_console/operation/agentes/estado_alertas.php @@ -17,23 +17,23 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. // Load global vars -require("include/config.php"); +require ("include/config.php"); // Login check $id_usuario=$_SESSION["id_usuario"]; global $REMOTE_ADDR; -if (comprueba_login() != 0) { +if (check_login() != 0) { audit_db($id_usuario,$REMOTE_ADDR, "ACL Violation","Trying to access alert view"); include ("general/noaccess.php"); exit; } - if ((give_acl($config["id_user"], 0, "AR")!=1) AND (!give_acl($config["id_user"],0,"AW")) AND (dame_admin($config["id_user"])!=1)) { - audit_db($id_usuario,$REMOTE_ADDR, "ACL Violation","Trying to access alert view"); +if ((give_acl($config["id_user"], 0, "AR")!=1) AND (!give_acl($config["id_user"],0,"AW")) AND (dame_admin($config["id_user"])!=1)) { + audit_db($id_usuario,$REMOTE_ADDR, "ACL Violation","Trying to access alert view"); include ("general/noaccess.php"); exit; - } +} // ------------------------------- diff --git a/pandora_console/operation/agentes/estado_generalagente.php b/pandora_console/operation/agentes/estado_generalagente.php index 75e12f14c9..9349e6d0de 100644 --- a/pandora_console/operation/agentes/estado_generalagente.php +++ b/pandora_console/operation/agentes/estado_generalagente.php @@ -16,190 +16,156 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. // Load global vars -require("include/config.php"); +require ("include/config.php"); +check_login (); -if (comprueba_login() == 0) { - - if (isset($_GET["id_agente"])){ - $id_agente = $_GET["id_agente"]; +if (isset($_GET["id_agente"])){ + $id_agente = $_GET["id_agente"]; // Connect BBDD - $sql1='SELECT * FROM tagente WHERE id_agente = '.$id_agente; - $result=mysql_query($sql1); - if ($row=mysql_fetch_array($result)){ - $intervalo = $row["intervalo"]; // Interval in seconds to receive data - $nombre_agente = $row["nombre"]; - $direccion_agente =$row["direccion"]; - $ultima_act = $row["ultimo_contacto"]; - $ultima_act_remota =$row["ultimo_contacto_remoto"]; - $comentarios = $row["comentarios"]; - $id_grupo = $row["id_grupo"]; - $id_os= $row["id_os"]; - $id_parent= $row["id_parent"]; - $os_version = $row["os_version"]; - $agent_version = $row["agent_version"]; - $disabled= $row["disabled"]; - $network_server = $row["id_network_server"]; - } else { - echo "

".$lang_label["agent_error"]."

"; - echo ""; - echo ""; - exit; - } + $sql1='SELECT * FROM tagente WHERE id_agente = '.$id_agente; + $result=mysql_query($sql1); + if ($row=mysql_fetch_array($result)){ + $intervalo = $row["intervalo"]; // Interval in seconds to receive data + $nombre_agente = $row["nombre"]; + $direccion_agente =$row["direccion"]; + $ultima_act = $row["ultimo_contacto"]; + $ultima_act_remota =$row["ultimo_contacto_remoto"]; + $comentarios = $row["comentarios"]; + $id_grupo = $row["id_grupo"]; + $id_os= $row["id_os"]; + $id_parent= $row["id_parent"]; + $os_version = $row["os_version"]; + $agent_version = $row["agent_version"]; + $disabled= $row["disabled"]; + $network_server = $row["id_network_server"]; + } else { + echo "

".$lang_label["agent_error"]."

"; + echo ""; + echo ""; + exit; } +} - echo "

".$lang_label["ag_title"]." > ".$lang_label["view_agent_general_data"]."

"; +echo "

".$lang_label["ag_title"]." > ".$lang_label["view_agent_general_data"]."

"; - // Blank space below title - echo "
"; - - echo ''; - echo "
"; - echo ''; - echo ' +// Blank space below title +echo "
"; + +echo '
'; +echo "
"; +echo ''; +echo ''; - - echo "'; - - echo ''; - echo ' - - - - '; - echo ''; - - // Parent - echo ' - - '; - - // Agent Interval - echo ' - - '; - echo ''; - - // Comments - echo ' - - '; - echo ''; - - // Group - echo ' - - '; - - // Agent version - echo ''; - - // Total packets - echo ' - '; - echo ''; +echo ''; - - // Last contact - echo ' - - '; +echo ''; + +// Parent +echo ''; + +// Agent Interval +echo ''; + +// Comments +echo ''; + +// Group +echo ''; + +// Agent version +echo ''; + +// Total packets +echo ''; +echo ''; + +// Last contact +echo ' - - -
'.$lang_label["agent_name"].' '.strtoupper(salida_limpia($nombre_agente)).' +echo " ".$lang_label["refresh_data"]." "; - - echo ""; - // Data base access graph - echo '
'.$lang_label["ip_address"].''; - - - // Show all address for this agent, show first the main IP (taken from tagente table) - echo ""; - - - echo '
'.$lang_label["os"].' - - '.dame_so_name($id_os); - if ($os_version != "") - echo ' '.salida_limpia($os_version); - echo '
'.lang_string("Parent").''; - echo ""; - echo dame_nombre_agente($id_parent).'
'.$lang_label["interval"].''. human_time_description_raw($intervalo).'
'.$lang_label["description"].''.$comentarios.'
'.$lang_label["group"].' -    '.dame_grupo($id_grupo).'
'.lang_string ("agentversion"). ''; - echo ''.salida_limpia($agent_version). '
'. lang_string ("total_packets"). ''; - $total_paketes= 0; - $sql_3='SELECT COUNT(*) FROM tagente_datos WHERE id_agente = '.$id_agente; +echo ""; +// Data base access graph +echo '
'.$lang_label["ip_address"].''; +// Show all address for this agent, show first the main IP (taken from tagente table) +echo "
- '.$lang_label["last_contact"]." / ".$lang_label["remote"].' - '; - if ($ultima_act == "0000-00-00 00:00:00"){ - echo $lang_label["never"]; - } else { - echo $ultima_act; - } - echo " / "; - if ($ultima_act_remota == "0000-00-00 00:00:00"){ - echo $lang_label["never"]; - } else { - echo $ultima_act_remota; + if ($direccion_agente != $row3[0]) { + echo ""; } +} +echo ""; - // Next contact +echo '
'.$lang_label["os"].' - '.dame_so_name($id_os); - $ultima = strtotime($ultima_act); - $ahora = strtotime("now"); - $diferencia = $ahora - $ultima; - // Get higher interval set for the set of modules from this agent - $sql_maxi ="SELECT MAX(module_interval) FROM tagente_modulo WHERE id_agente = ".$id_agente; - $result_maxi=mysql_query($sql_maxi); - if ($row_maxi=mysql_fetch_array($result_maxi)) - if ($row_maxi[0] > 0 ) - $intervalo = $row_maxi[0]; +if ($os_version != "") { + echo ' '.salida_limpia($os_version); +} +echo '
'.lang_string("Parent").''; +echo ""; +echo dame_nombre_agente($id_parent).'
'.$lang_label["interval"].''. human_time_description_raw($intervalo).'
'.$lang_label["description"].''.$comentarios.'
'.$lang_label["group"].' +    '.dame_grupo($id_grupo).'
'.lang_string ("agentversion"). ''; +echo ''.salida_limpia($agent_version). '
'. lang_string ("total_packets"). ''; +$total_paketes= 0; +$sql_3='SELECT COUNT(*) FROM tagente_datos WHERE id_agente = '.$id_agente; +$result_3=mysql_query($sql_3); +$row3=mysql_fetch_array($result_3); +$total_paketes = $row3[0]; +echo $total_paketes; +echo '
'.$lang_label["last_contact"]." / ".$lang_label["remote"].''; + +if ($ultima_act == "0000-00-00 00:00:00"){ + echo $lang_label["never"]; +} else { + echo $ultima_act; +} + +echo " / "; + +if ($ultima_act_remota == "0000-00-00 00:00:00"){ + echo $lang_label["never"]; +} else { + echo $ultima_act_remota; +} + +// Next contact + +$ultima = strtotime($ultima_act); +$ahora = strtotime("now"); +$diferencia = $ahora - $ultima; +// Get higher interval set for the set of modules from this agent +$sql_maxi ="SELECT MAX(module_interval) FROM tagente_modulo WHERE id_agente = ".$id_agente; +$result_maxi=mysql_query($sql_maxi); +if ($row_maxi=mysql_fetch_array($result_maxi)) + if ($row_maxi[0] > 0 ) { + $intervalo = $row_maxi[0]; + } if ($intervalo > 0){ $percentil = round($diferencia/(($intervalo*2) / 100)); } else { $percentil = -1; } - echo "
".$lang_label['next_contact']." - - -
+ echo "
".$lang_label['next_contact']." + + +
- 		- - - - - - + -
- ".$lang_label["agent_access_rate"]."

- -
- ".lang_string("Events generated -by module-")."

- -
+ +
".$lang_label["agent_access_rate"]."

+ +
+ ".lang_string("Events generated -by module-")."

+ +
- "; - -} - +
"; ?> diff --git a/pandora_console/operation/agentes/estado_monitores.php b/pandora_console/operation/agentes/estado_monitores.php index a20e040664..b073ab85ba 100644 --- a/pandora_console/operation/agentes/estado_monitores.php +++ b/pandora_console/operation/agentes/estado_monitores.php @@ -18,7 +18,7 @@ // Load globar vars require("include/config.php"); -if (comprueba_login() == 0) { +check_login(); // $id_agente can be obtained as global variable or GET param. if (isset($_GET["id_agente"])){ @@ -120,5 +120,5 @@ if (comprueba_login() == 0) { } else { echo "
".$lang_label["no_monitors"]."
"; } -} + ?> diff --git a/pandora_console/operation/agentes/exportdata.php b/pandora_console/operation/agentes/exportdata.php index 681bfb8641..413e3859b5 100644 --- a/pandora_console/operation/agentes/exportdata.php +++ b/pandora_console/operation/agentes/exportdata.php @@ -89,10 +89,7 @@ function generate_average_table ($id_de_mi_agente, $id_agente_modulo, $fecha_ini require("include/config.php"); // Security checks -if (comprueba_login() != 0) { - require ("general/noaccess.php"); - exit; -} +check_login(); $id_user = $_SESSION["id_usuario"]; if ( (give_acl($id_user, 0, "AR")==0) AND (give_acl($id_user, 0, "AW")==0) ){ diff --git a/pandora_console/operation/agentes/networkmap.php b/pandora_console/operation/agentes/networkmap.php index 159b71f7f5..f47369f88b 100644 --- a/pandora_console/operation/agentes/networkmap.php +++ b/pandora_console/operation/agentes/networkmap.php @@ -237,11 +237,7 @@ $font_size = (int) get_parameter ('font_size', 12); $id_user = $_SESSION["id_usuario"]; global $REMOTE_ADDR; -if (comprueba_login() != 0) { - audit_db($id_user, $REMOTE_ADDR, "ACL Violation", "Trying to access node graph builder"); - include("general/noaccess.php"); - exit; -} +check_login(); if ((give_acl($id_user, 0, "AR") != 1 ) && (dame_admin($id_user) !=1 )) { audit_db($id_user, $REMOTE_ADDR, "ACL Violation", "Trying to access node graph builder"); diff --git a/pandora_console/operation/agentes/sla_view.php b/pandora_console/operation/agentes/sla_view.php index 8a7b5e010f..bcae643383 100644 --- a/pandora_console/operation/agentes/sla_view.php +++ b/pandora_console/operation/agentes/sla_view.php @@ -18,12 +18,9 @@ // Load global vars global $config; -$id_user = $config["id_user"]; +check_login(); -if (comprueba_login() != 0) { - require ("general/noaccess.php"); - exit; -} +$id_user = $config["id_user"]; if ((give_acl($id_user, 0, "AR") != 1) AND (give_acl($id_user,0,"AW") != 1)) { audit_db($id_user,$REMOTE_ADDR, "ACL Violation", diff --git a/pandora_console/operation/agentes/status_events.php b/pandora_console/operation/agentes/status_events.php index 4f9825b47e..02ec2dca22 100644 --- a/pandora_console/operation/agentes/status_events.php +++ b/pandora_console/operation/agentes/status_events.php @@ -18,11 +18,7 @@ // Load global vars global $config; - -if (comprueba_login() != 0) { - require ("general/noaccess.php"); - exit; -} +check_login(); if (!isset($id_agente)){ require ("general/noaccess.php"); @@ -32,4 +28,4 @@ if (!isset($id_agente)){ echo "

".lang_string ("Latest events for this agent")."

"; smal_event_table ("WHERE id_agente = $id_agente", $limit = 10, $width=750); -?> \ No newline at end of file +?> diff --git a/pandora_console/operation/agentes/status_monitor.php b/pandora_console/operation/agentes/status_monitor.php index c128d24365..9a04deeecc 100644 --- a/pandora_console/operation/agentes/status_monitor.php +++ b/pandora_console/operation/agentes/status_monitor.php @@ -20,11 +20,7 @@ global $config; $id_user = $config["id_user"]; - -if (comprueba_login() != 0) { - require ("general/noaccess.php"); - exit; -} +check_login(); if ((give_acl($id_user, 0, "AR")!=1) AND (give_acl($id_user,0,"AW")!=1)) { audit_db($id_user,$REMOTE_ADDR, "ACL Violation", diff --git a/pandora_console/operation/agentes/ver_agente.php b/pandora_console/operation/agentes/ver_agente.php index 5f5d8adbc2..97db028553 100644 --- a/pandora_console/operation/agentes/ver_agente.php +++ b/pandora_console/operation/agentes/ver_agente.php @@ -108,144 +108,138 @@ if (defined ('AJAX')) { exit (); } -if (comprueba_login() == 0) { - $id_agente = get_parameter("id_agente",-1); - if ($id_agente != -1){ - // get group for this id_agente - $query="SELECT * FROM tagente WHERE id_agente = ".$id_agente; - $res=mysql_query($query); - $row=mysql_fetch_array($res); - $id_grupo = $row["id_grupo"]; - $id_usuario=$config["id_user"]; - if (give_acl($id_usuario, $id_grupo, "AR")==1){ - - // Check for validate alert request - $validate_alert = get_parameter ("validate_alert"); - if ($validate_alert != ""){ +check_login(); + +$id_agente = get_parameter("id_agente",-1); +if ($id_agente != -1){ + // get group for this id_agente + $query="SELECT * FROM tagente WHERE id_agente = ".$id_agente; + $res=mysql_query($query); + $row=mysql_fetch_array($res); + $id_grupo = $row["id_grupo"]; + $id_usuario=$config["id_user"]; + if (give_acl($id_usuario, $id_grupo, "AR")==1){ + // Check for validate alert request + $validate_alert = get_parameter ("validate_alert"); + if ($validate_alert != ""){ + if (give_acl($id_usuario, $id_grupo, "AW")==1){ + $alert_row = get_db_row ("talerta_agente_modulo", "id_aam", $validate_alert); + if ($alert_row["id_agente_modulo"] != 0){ + $am_row = get_db_row ("tagente_modulo", "id_agente_modulo", $alert_row["id_agente_modulo"]); + $ag_row = get_db_row ("tagente", "id_agente", $am_row["id_agente"]); + } else { + $ag_row = get_db_row ("tagente", "id_agente", $alert_row ["id_agent"]); + } + $alert_name = $alert_row["descripcion"]; + + // Single alerts + if ($alert_row["id_agente_modulo"] != 0){ + event_insert("Manual validation of alert for '$alert_name'", $ag_row["id_grupo"], $am_row["id_agente"], 1, $config["id_user"], "alert_manual_validation", 1, $alert_row["id_agente_modulo"], $validate_alert); + // Combined alerts + } else { + event_insert("Manual validation of alert for '$alert_name'", $ag_row["id_grupo"], $alert_row ["id_agent"], 1, $config["id_user"], "alert_manual_validation", 1, 0, $validate_alert); + } + $sql='UPDATE talerta_agente_modulo SET times_fired = 0, internal_counter = 0 WHERE id_aam = '.$validate_alert; + $result=mysql_query($sql); + } + } + + // Check for Network FLAG change request + if (isset($_GET["flag"])){ + if ($_GET["flag"]==1){ if (give_acl($id_usuario, $id_grupo, "AW")==1){ - $alert_row = get_db_row ("talerta_agente_modulo", "id_aam", $validate_alert); - if ($alert_row["id_agente_modulo"] != 0){ - $am_row = get_db_row ("tagente_modulo", "id_agente_modulo", $alert_row["id_agente_modulo"]); - $ag_row = get_db_row ("tagente", "id_agente", $am_row["id_agente"]); - } else { - $ag_row = get_db_row ("tagente", "id_agente", $alert_row ["id_agent"]); - } - $alert_name = $alert_row["descripcion"]; - - // Single alerts - if ($alert_row["id_agente_modulo"] != 0){ - event_insert("Manual validation of alert for '$alert_name'", $ag_row["id_grupo"], $am_row["id_agente"], 1, $config["id_user"], "alert_manual_validation", 1, $alert_row["id_agente_modulo"], $validate_alert); - - // Combined alerts - } else { - event_insert("Manual validation of alert for '$alert_name'", $ag_row["id_grupo"], $alert_row ["id_agent"], 1, $config["id_user"], "alert_manual_validation", 1, 0, $validate_alert); - } - $sql='UPDATE talerta_agente_modulo SET times_fired = 0, internal_counter = 0 WHERE id_aam = '.$validate_alert; - $result=mysql_query($sql); + $query ="UPDATE tagente_modulo SET flag=1 WHERE id_agente_modulo = ".$_GET["id_agente_modulo"]; + $res=mysql_query($query); } } - - // Check for Network FLAG change request - if (isset($_GET["flag"])){ - if ($_GET["flag"]==1){ - if (give_acl($id_usuario, $id_grupo, "AW")==1){ - $query ="UPDATE tagente_modulo SET flag=1 WHERE id_agente_modulo = ".$_GET["id_agente_modulo"]; - $res=mysql_query($query); - } + } + // Check for Network FLAG change request + if (isset($_GET["flag_agent"])){ + if ($_GET["flag_agent"]==1){ + if (give_acl($id_usuario, $id_grupo, "AW")==1){ + $query ="UPDATE tagente_modulo SET flag=1 WHERE id_agente = ". $id_agente; + $res=mysql_query($query); } } - // Check for Network FLAG change request - if (isset($_GET["flag_agent"])){ - if ($_GET["flag_agent"]==1){ - if (give_acl($id_usuario, $id_grupo, "AW")==1){ - $query ="UPDATE tagente_modulo SET flag=1 WHERE id_agente = ". $id_agente; - $res=mysql_query($query); - } - } - } - if (give_acl($id_usuario,$id_grupo, "AR") == 1){ - echo ""; + echo "
"; + switch ($tab) { case "sla": require "sla_view.php"; break; case "manage": - require "estado_generalagente.php"; + require "estado_generalagente.php"; break; case "main": - require "estado_generalagente.php"; + require "estado_generalagente.php"; require "estado_monitores.php"; require "estado_alertas.php"; - require "status_events.php"; + require "status_events.php"; break; - case "data": - require "estado_ultimopaquete.php"; + require "estado_ultimopaquete.php"; break; - case "alert": - require "estado_alertas.php"; + require "estado_alertas.php"; break; - } - } else { - audit_db($id_usuario,$REMOTE_ADDR, "ACL Violation","Trying to read data from agent ".dame_nombre_agente($id_agente)); - require ("general/noaccess.php"); } } else { - audit_db($id_usuario,$REMOTE_ADDR, "ACL Violation","Trying to access (read) to agent ".dame_nombre_agente($id_agente)); - include ("general/noaccess.php"); + audit_db($id_usuario,$REMOTE_ADDR, "ACL Violation","Trying to read data from agent ".dame_nombre_agente($id_agente)); + require ("general/noaccess.php"); } + } else { + audit_db($id_usuario,$REMOTE_ADDR, "ACL Violation","Trying to access (read) to agent ".dame_nombre_agente($id_agente)); + include ("general/noaccess.php"); } } + ?>