diff --git a/extras/pandora_update_version.sh b/extras/pandora_update_version.sh
index 6d486a253c..1953c7c834 100755
--- a/extras/pandora_update_version.sh
+++ b/extras/pandora_update_version.sh
@@ -56,6 +56,7 @@ AGENT_WIN_RC_FILE="$CODEHOME/pandora_agents/win32/versioninfo.rc"
SATELLITE_FILE="$PANDHOME_ENT/satellite_server/satellite_server.pl"
PERL_PLUGIN_FILES="$PANDHOME_ENT/pandora_plugins/NGINX/nginx_requests_queued.pl \
$PANDHOME_ENT/pandora_plugins/Sybase/sybase_plugin.pl \
+$PANDHOME_ENT/pandora_plugins/JMX/pandora_plugin_jmx.pl \
$PANDHOME_ENT/pandora_plugins/MarkLogic/pandora_marklogic.pl \
$PANDHOME_ENT/pandora_plugins/Apache/pandora_apache.pl \
$PANDHOME_ENT/pandora_plugins/Oracle/Database/pandora_oracle.pl \
@@ -66,6 +67,7 @@ $PANDHOME_ENT/pandora_plugins/Informix/informix.pl \
$PANDHOME_ENT/pandora_plugins/Ruckus/ruckus.pl \
$PANDHOME_ENT/pandora_plugins/UX/pandora_ux.pl \
$PANDHOME_ENT/pandora_plugins/JMX/pandora_plugin_jmx.pl \
+$PANDHOME_ENT/pandora_plugins/SNMP/dynamic_snmp.pl \
$PANDHOME_ENT/pandora_plugins/MySQL/pandora_mysql.pl \
$PANDHOME_ENT/pandora_server/util/plugin/vmware-plugin.pl "
PLUGIN_LIB_FILE="$CODEHOME/pandora_server/lib/PandoraFMS/PluginTools.pm"
diff --git a/pandora_agents/unix/DEBIAN/control b/pandora_agents/unix/DEBIAN/control
index 1353032e27..aa45b0b23c 100644
--- a/pandora_agents/unix/DEBIAN/control
+++ b/pandora_agents/unix/DEBIAN/control
@@ -1,5 +1,5 @@
package: pandorafms-agent-unix
-Version: 7.0NG.722-180509
+Version: 7.0NG.722-180522
Architecture: all
Priority: optional
Section: admin
diff --git a/pandora_agents/unix/DEBIAN/make_deb_package.sh b/pandora_agents/unix/DEBIAN/make_deb_package.sh
index 1d58b02f5b..a891688f34 100644
--- a/pandora_agents/unix/DEBIAN/make_deb_package.sh
+++ b/pandora_agents/unix/DEBIAN/make_deb_package.sh
@@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
-pandora_version="7.0NG.722-180509"
+pandora_version="7.0NG.722-180522"
echo "Test if you has the tools for to make the packages."
whereis dpkg-deb | cut -d":" -f2 | grep dpkg-deb > /dev/null
diff --git a/pandora_agents/unix/pandora_agent b/pandora_agents/unix/pandora_agent
index f19a4686c5..b5e245dc96 100755
--- a/pandora_agents/unix/pandora_agent
+++ b/pandora_agents/unix/pandora_agent
@@ -42,7 +42,7 @@ my $Sem = undef;
my $ThreadSem = undef;
use constant AGENT_VERSION => '7.0NG.722';
-use constant AGENT_BUILD => '180509';
+use constant AGENT_BUILD => '180522';
# Agent log default file size maximum and instances
use constant DEFAULT_MAX_LOG_SIZE => 600000;
diff --git a/pandora_agents/unix/pandora_agent.redhat.spec b/pandora_agents/unix/pandora_agent.redhat.spec
index 946077f8aa..c86087f9c7 100644
--- a/pandora_agents/unix/pandora_agent.redhat.spec
+++ b/pandora_agents/unix/pandora_agent.redhat.spec
@@ -3,7 +3,7 @@
#
%define name pandorafms_agent_unix
%define version 7.0NG.722
-%define release 180509
+%define release 180522
Summary: Pandora FMS Linux agent, PERL version
Name: %{name}
diff --git a/pandora_agents/unix/pandora_agent.spec b/pandora_agents/unix/pandora_agent.spec
index c60d45ddf8..e9706ca567 100644
--- a/pandora_agents/unix/pandora_agent.spec
+++ b/pandora_agents/unix/pandora_agent.spec
@@ -3,7 +3,7 @@
#
%define name pandorafms_agent_unix
%define version 7.0NG.722
-%define release 180509
+%define release 180522
Summary: Pandora FMS Linux agent, PERL version
Name: %{name}
diff --git a/pandora_agents/unix/pandora_agent_installer b/pandora_agents/unix/pandora_agent_installer
index 59e9f2254e..545cccc233 100755
--- a/pandora_agents/unix/pandora_agent_installer
+++ b/pandora_agents/unix/pandora_agent_installer
@@ -10,7 +10,7 @@
# **********************************************************************
PI_VERSION="7.0NG.722"
-PI_BUILD="180509"
+PI_BUILD="180522"
OS_NAME=`uname -s`
FORCE=0
diff --git a/pandora_agents/win32/installer/pandora.mpi b/pandora_agents/win32/installer/pandora.mpi
index b0778f767a..4d5d20319a 100644
--- a/pandora_agents/win32/installer/pandora.mpi
+++ b/pandora_agents/win32/installer/pandora.mpi
@@ -186,7 +186,7 @@ UpgradeApplicationID
{}
Version
-{180509}
+{180522}
ViewReadme
{Yes}
diff --git a/pandora_agents/win32/pandora.cc b/pandora_agents/win32/pandora.cc
index df2ff3a6c2..978947be91 100644
--- a/pandora_agents/win32/pandora.cc
+++ b/pandora_agents/win32/pandora.cc
@@ -30,7 +30,7 @@ using namespace Pandora;
using namespace Pandora_Strutils;
#define PATH_SIZE _MAX_PATH+1
-#define PANDORA_VERSION ("7.0NG.722(Build 180509)")
+#define PANDORA_VERSION ("7.0NG.722(Build 180522)")
string pandora_path;
string pandora_dir;
diff --git a/pandora_agents/win32/versioninfo.rc b/pandora_agents/win32/versioninfo.rc
index cf3c37f6e9..e695181758 100644
--- a/pandora_agents/win32/versioninfo.rc
+++ b/pandora_agents/win32/versioninfo.rc
@@ -11,7 +11,7 @@ BEGIN
VALUE "LegalCopyright", "Artica ST"
VALUE "OriginalFilename", "PandoraAgent.exe"
VALUE "ProductName", "Pandora FMS Windows Agent"
- VALUE "ProductVersion", "(7.0NG.722(Build 180509))"
+ VALUE "ProductVersion", "(7.0NG.722(Build 180522))"
VALUE "FileVersion", "1.0.0.0"
END
END
diff --git a/pandora_console/DEBIAN/control b/pandora_console/DEBIAN/control
index 42f1670403..6ab6811d54 100644
--- a/pandora_console/DEBIAN/control
+++ b/pandora_console/DEBIAN/control
@@ -1,5 +1,5 @@
package: pandorafms-console
-Version: 7.0NG.722-180509
+Version: 7.0NG.722-180522
Architecture: all
Priority: optional
Section: admin
diff --git a/pandora_console/DEBIAN/make_deb_package.sh b/pandora_console/DEBIAN/make_deb_package.sh
index cac280e543..53eae0dffd 100644
--- a/pandora_console/DEBIAN/make_deb_package.sh
+++ b/pandora_console/DEBIAN/make_deb_package.sh
@@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
-pandora_version="7.0NG.722-180509"
+pandora_version="7.0NG.722-180522"
package_pear=0
package_pandora=1
diff --git a/pandora_console/ajax.php b/pandora_console/ajax.php
index 261babb5aa..b3e9fff95f 100644
--- a/pandora_console/ajax.php
+++ b/pandora_console/ajax.php
@@ -46,8 +46,19 @@ if (isset ($_GET["loginhash"])) {
}
}
+$public_hash = get_parameter('hash', false);
+
// Check user
-//check_login ();
+if ($public_hash === false) {
+ check_login();
+} else {
+ enterprise_include_once('include/functions_dashboard.php');
+ if (dashboard_check_public_hash($public_hash) === false) {
+ db_pandora_audit("Invalid public hash", "Trying to access public dashboard");
+ require ("general/noaccess.php");
+ exit;
+ }
+}
define ('AJAX', true);
diff --git a/pandora_console/extensions/agents_alerts.php b/pandora_console/extensions/agents_alerts.php
index f5cad20d74..ccc1539fdc 100755
--- a/pandora_console/extensions/agents_alerts.php
+++ b/pandora_console/extensions/agents_alerts.php
@@ -83,7 +83,7 @@ function mainAgentsAlerts() {
}
}
- $refr = get_parameter('refr', 30); // By default 30 seconds
+ $refr = (int) get_parameter('refr', 30); // By default 30 seconds
$show_modules = (bool) get_parameter ("show_modules",0);
$group_id = get_parameter('group_id', 0);
$offset = get_parameter('offset', 0);
diff --git a/pandora_console/extensions/agents_modules.php b/pandora_console/extensions/agents_modules.php
index da8f1c5550..98dacdc7e5 100644
--- a/pandora_console/extensions/agents_modules.php
+++ b/pandora_console/extensions/agents_modules.php
@@ -14,7 +14,7 @@
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
-$refr = get_parameter('refresh', 0); // By default 30 seconds
+$refr = (int) get_parameter('refresh', 0); // By default 30 seconds
function mainAgentsModules() {
global $config;
@@ -62,7 +62,7 @@ function mainAgentsModules() {
$updated_time = $updated_info;
$modulegroup = get_parameter('modulegroup', 0);
- $refr = get_parameter('refresh', 0); // By default 30 seconds
+ $refr = (int) get_parameter('refresh', 0); // By default 30 seconds
$recursion = get_parameter('recursion', 0);
$group_id = (int)get_parameter('group_id', 0);
diff --git a/pandora_console/general/header.php b/pandora_console/general/header.php
index d08ab8ae16..acefd20a2b 100644
--- a/pandora_console/general/header.php
+++ b/pandora_console/general/header.php
@@ -461,14 +461,9 @@ config_check();
- refr_time = parseInt("");
- if (isNaN(refr_time)) {
- refr_time = 0;
- }
-
- t = new Date();
+ var refr_time = ;
+ var t = new Date();
t.setTime (t.getTime () +
parseInt());
$("#refrcounter").countdown ({until: t,
diff --git a/pandora_console/godmode/admin_access_logs.php b/pandora_console/godmode/admin_access_logs.php
index 8dce0c02a9..e7ad2031d4 100644
--- a/pandora_console/godmode/admin_access_logs.php
+++ b/pandora_console/godmode/admin_access_logs.php
@@ -17,171 +17,181 @@
global $config;
-require_once ($config["homedir"] . '/include/functions_graph.php');
+require_once($config["homedir"] . '/include/functions_graph.php');
-check_login ();
+check_login();
$enterprise_include = enterprise_include_once('godmode/admin_access_logs.php');
-if (! check_acl ($config['id_user'], 0, "PM")) {
- db_pandora_audit( "ACL Violation",
- "Trying to access event viewer");
- require ("general/noaccess.php");
+if (! check_acl($config['id_user'], 0, "PM")) {
+ db_pandora_audit("ACL Violation", "Trying to access audit view");
+ require("general/noaccess.php");
exit;
}
-ui_print_page_header (__('%s audit', get_product_name())." » ".__('Review Logs'), "images/gm_log.png", false, "", true );
+$offset = (int) get_parameter("offset");
+$filter_type = (string) get_parameter("filter_type");
+$filter_user = (string) get_parameter("filter_user");
+$filter_text = (string) get_parameter("filter_text");
+$filter_period = get_parameter("filter_period", null);
+$filter_period = ($filter_period !== null) ? (int) $filter_period : 24;
+$filter_ip = (string) get_parameter("filter_ip");
-$offset = get_parameter ("offset", 0);
-$tipo_log = get_parameter ("tipo_log", 'all');
-$user_filter = get_parameter('user_filter', 'all');
-$filter_text = get_parameter('filter_text', '');
-$filter_hours_old = get_parameter('filter_hours_old', 24);
-$filter_ip = get_parameter('filter_ip', '');
+$filter_query = "&filter_type=" . $filter_type
+ . "&filter_user=" . $filter_user
+ . "&filter_text=" . $filter_text
+ . "&filter_period=" . $filter_period
+ . "&filter_ip=" . $filter_ip;
-echo "
";
-echo '';
-echo '';
-echo ' '.__('Filter').'';
+$csv_url = ui_get_full_url(false, false, false, false)
+ . 'index.php?sec=gextensions&sec2=godmode/audit_log_csv'
+ . $filter_query;
+$csv_img = html_print_image("images/csv_mc.png", true, array ("title" => __('Export to CSV')));
+$header_buttons = array(
+ 'csv' => array(
+ 'active' => false,
+ 'text' => ' ' . $csv_img . ''
+ )
+);
-$rows = db_get_all_rows_sql ("SELECT DISTINCT(accion)
- FROM tsesion");
-if (empty ($rows)) {
- $rows = array ();
-}
-$actions = array ();
+ui_print_page_header(__('%s audit', get_product_name()) . " » " . __('Review Logs'), "images/gm_log.png", false, "", true, $header_buttons);
-foreach ($rows as $row) {
- $actions[$row["accion"]] = $row["accion"];
-}
-echo ' ';
-echo ' ';
-echo '';
-echo graphic_user_activity(300, 140);
+$data = array();
-echo ' ';
-echo ' ';
-echo ' |
';
+$data[0] = "" . __('Search') . "";
+$data[1] = html_print_input_text("filter_text", $filter_text, __("Free text for search (*)"), 20, 40, true);
+$data[2] = "" . __("Max. hours old") . "";
+$data[3] = html_print_input_text("filter_period", $filter_period, __("Max. hours old"), 3, 6, true);
+$data[4] = "" . __("IP") . "";
+$data[5] = html_print_input_text("filter_ip", $filter_ip, __("IP"), 15, 15, true);
-$filter = 'WHERE 1 = 1';
+$table->data[0] = $data;
+$data = array();
-if ($tipo_log != 'all') {
- $filter .= sprintf (" AND accion = '%s'", $tipo_log);
-}
-switch ($config['dbtype']) {
- case "mysql":
- if ($user_filter != 'all') {
- $filter .= sprintf(' AND id_usuario = "%s"', $user_filter);
- }
-
- $filter .= ' AND (accion LIKE "%' . $filter_text . '%" OR descripcion LIKE "%' . $filter_text . '%")';
-
- if ($filter_ip != '') {
- $filter .= sprintf(' AND ip_origen LIKE "%s"', $filter_ip);
- }
- break;
- case "postgresql":
- case "oracle":
- if ($user_filter != 'all') {
- $filter .= sprintf(' AND id_usuario = \'%s\'', $user_filter);
- }
-
- $filter .= ' AND (accion LIKE \'%' . $filter_text . '%\' OR descripcion LIKE \'%' . $filter_text . '%\')';
-
- if ($filter_ip != '') {
- $filter .= sprintf(' AND ip_origen LIKE \'%s\'', $filter_ip);
- }
- break;
+$actions_sql = "SELECT DISTINCT(accion), accion AS text FROM tsesion";
+$data[0] = "" . __("Action") . "";
+$data[1] = html_print_select_from_sql($actions_sql, "filter_type", $filter_type, "", __("All"), "", true);
+
+$users_sql = "SELECT id_user, id_user AS text FROM tusuario";
+$data[2] = "" . __("User") . "";
+$data[3] = html_print_select_from_sql($users_sql, "filter_user", $filter_user, "", __("All"), "", true);
+
+$data[4] = "";
+$data[5] = html_print_submit_button(__("Filter"), "filter", false, 'class="sub search"', true);
+
+$table->data[1] = $data;
+
+$form = '';
+ui_toggle($form, __("Filter"), "", false);
+
+// ui_toggle(graphic_user_activity(400, 150), __("Chart"));
+
+$filter = "1=1";
+
+if (!empty($filter_type)) {
+ $filter .= sprintf (" AND accion = '%s'", $filter_type);
}
-if ($filter_hours_old != 0) {
+if (!empty($filter_user)) {
+ $filter .= sprintf(" AND id_usuario = '%s'", $filter_user);
+}
+
+if (!empty($filter_text)) {
+ $filter .= sprintf(" AND (accion LIKE '%%%s%%' OR descripcion LIKE '%%%s%%')", $filter_text, $filter_text);
+}
+
+if (!empty($filter_ip)) {
+ $filter .= sprintf(" AND ip_origen LIKE '%%%s%%'", $filter_ip);
+}
+
+if (!empty($filter_period)) {
switch ($config["dbtype"]) {
case "mysql":
- $filter .= ' AND fecha >= DATE_ADD(NOW(), INTERVAL -' . $filter_hours_old . ' HOUR)';
+ $filter .= ' AND fecha >= DATE_ADD(NOW(), INTERVAL -' . $filter_period . ' HOUR)';
break;
case "postgresql":
- $filter .= ' AND fecha >= NOW() - INTERVAL \'' . $filter_hours_old . ' HOUR \'';
+ $filter .= ' AND fecha >= NOW() - INTERVAL \'' . $filter_period . ' HOUR \'';
break;
case "oracle":
- $filter .= ' AND fecha >= (SYSTIMESTAMP - INTERVAL \'' . $filter_hours_old . '\' HOUR)';
+ $filter .= ' AND fecha >= (SYSTIMESTAMP - INTERVAL \'' . $filter_period . '\' HOUR)';
break;
}
}
-$sql = "SELECT COUNT(*) FROM tsesion " . $filter;
-$count = db_get_sql ($sql);
-$url = "index.php?sec=godmode&sec2=godmode/admin_access_logs&tipo_log=".$tipo_log."&user_filter=".$user_filter."&filter_text=".$filter_text."&filter_hours_old=".$filter_hours_old."&filter_ip=".$filter_ip;
-
-ui_pagination ($count, $url);
+$count_sql = sprintf("SELECT COUNT(*) FROM tsesion WHERE %s", $filter);
+$count = (int) db_get_value_sql($count_sql);
+$url = "index.php?sec=godmode&sec2=godmode/admin_access_logs" . $filter_query;
+ui_pagination($count, $url);
switch ($config["dbtype"]) {
case "mysql":
- $sql = sprintf ("SELECT *
+ $sql = sprintf(
+ "SELECT *
FROM tsesion
- %s
+ WHERE %s
ORDER BY fecha DESC
- LIMIT %d, %d", $filter, $offset, $config["block_size"]);
+ LIMIT %d, %d",
+ $filter, $offset, $config["block_size"]
+ );
break;
case "postgresql":
- $sql = sprintf ("SELECT *
+ $sql = sprintf(
+ "SELECT *
FROM tsesion
- %s
+ WHERE %s
ORDER BY fecha DESC
- LIMIT %d OFFSET %d", $filter, $config["block_size"], $offset);
+ LIMIT %d OFFSET %d",
+ $filter, $config["block_size"], $offset
+ );
break;
case "oracle":
$set = array();
$set['limit'] = $config["block_size"];
$set['offset'] = $offset;
- $sql = sprintf ("SELECT *
+ $sql = sprintf(
+ "SELECT *
FROM tsesion
- %s
- ORDER BY fecha DESC", $filter);
- $result = oracle_recode_query ($sql, $set);
+ WHERE %s
+ ORDER BY fecha DESC",
+ $filter
+ );
+ $result = oracle_recode_query($sql, $set);
break;
}
-$result = db_get_all_rows_sql ($sql);
-
-// Delete rnum row generated by oracle_recode_query() function
-if (($config["dbtype"] == 'oracle') && ($result !== false)) {
- for ($i=0; $i < count($result); $i++) {
- unset($result[$i]['rnum']);
- }
-}
-
-if (empty ($result)) {
- $result = array ();
-}
+$result = db_get_all_rows_sql($sql);
+if (empty($result)) $result = array();
$table = new stdClass();
$table->cellpadding = 4;
$table->cellspacing = 4;
$table->width = '100%';
$table->class = "databox data";
-$table->size = array ();
-$table->data = array ();
-$table->head = array ();
+$table->size = array();
+$table->data = array();
+$table->head = array();
$table->align = array();
$table->rowclass = array();
@@ -192,9 +202,6 @@ $table->head[3] = __('Source IP');
$table->head[4] = __('Comments');
if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
$table->head[5] = enterprise_hook('tableHeadEnterpriseAudit', array('title1'));
-}
-
-if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
$table->head[6] = enterprise_hook('tableHeadEnterpriseAudit', array('title2'));
}
@@ -204,106 +211,47 @@ $table->size[3] = 100;
$table->size[4] = 200;
if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
$table->size[5] = enterprise_hook('tableHeadEnterpriseAudit', array('size1'));
-}
-if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
$table->size[6] = enterprise_hook('tableHeadEnterpriseAudit', array('size2'));
-}
-
-
-if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
$table->align[5] = enterprise_hook('tableHeadEnterpriseAudit', array('align'));
-}
-if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
$table->align[6] = enterprise_hook('tableHeadEnterpriseAudit', array('align2'));
}
$table->colspan = array();
$table->rowstyle = array();
-
$rowPair = true;
$iterator = 0;
// Get data
foreach ($result as $row) {
- if ($rowPair)
- $table->rowclass[$iterator] = 'rowPair';
- else
- $table->rowclass[$iterator] = 'rowOdd';
- $rowPair = !$rowPair;
$iterator++;
+
+ $table->rowclass[] = $rowPair ? "rowPair" : "rowOdd";
+ $rowPair = !$rowPair;
- $data = array ();
- switch ($config['dbtype']) {
- case "mysql":
- case "postgresql":
- $data[0] = $row["id_usuario"];
- break;
- case "oracle":
- $data[0] = $row["id_usuario"];
- break;
- }
- $data[1] = ui_print_session_action_icon ($row['accion'], true);
- $data[1] .= $row["accion"];
- $data[2] = ui_print_help_tip($row['fecha'], true) . ui_print_timestamp($row['utimestamp'], true);
- switch ($config['dbtype']) {
- case "mysql":
- case "postgresql":
- $data[3] = $row["ip_origen"];
- break;
- case "oracle":
- $data[3] = $row["ip_origen"];
- break;
- }
- $data[4] = io_safe_output($row["descripcion"]);
- if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
- switch ($config['dbtype']) {
- case "mysql":
- case "postgresql":
- $data[5] = enterprise_hook('cell1EntepriseAudit', array($row['id_sesion']));
- break;
- case "oracle":
- $data[5] = enterprise_hook('cell1EntepriseAudit', array($row['id_sesion']));
- break;
- }
- }
- if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
- switch ($config['dbtype']) {
- case "mysql":
- case "postgresql":
- $data[6] = enterprise_hook('cell2EntepriseAudit', array($row['id_sesion']));
- break;
- case "oracle":
- $data[6] = enterprise_hook('cell2EntepriseAudit', array($row['id_sesion']));
- break;
- }
- }
- array_push ($table->data, $data);
-
+ $data = array();
+ $data[0] = $row["id_usuario"];
+ $data[1] = ui_print_session_action_icon($row["accion"], true) . $row["accion"];
+ $data[2] = ui_print_help_tip($row["fecha"], true) . ui_print_timestamp($row["utimestamp"], true);
+ $data[3] = $row["ip_origen"];
+ $data[4] = $row["descripcion"];
if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
- switch ($config['dbtype']) {
- case "mysql":
- case "postgresql":
- rowEnterpriseAudit($table, $iterator, $row['id_sesion']);
- break;
- case "oracle":
- rowEnterpriseAudit($table, $iterator, $row['id_sesion']);
- break;
- }
+ $data[5] = enterprise_hook("cell1EntepriseAudit", array($row["id_sesion"]));
+ $data[6] = enterprise_hook("cell2EntepriseAudit", array($row["id_sesion"]));
+ }
+
+ $table->data[] = $data;
+
+ if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
+ rowEnterpriseAudit($table, $iterator, $row["id_sesion"]);
}
}
-html_print_table ($table);
-
-echo '';
+html_print_table($table);
if ($enterprise_include !== ENTERPRISE_NOT_HOOK) {
enterprise_hook('enterpriseAuditFooter');
}
+
?>
diff --git a/pandora_console/godmode/audit_log_csv.php b/pandora_console/godmode/audit_log_csv.php
index b5020bc9a4..b09b90f827 100644
--- a/pandora_console/godmode/audit_log_csv.php
+++ b/pandora_console/godmode/audit_log_csv.php
@@ -12,22 +12,19 @@
$ownDir = dirname(__FILE__) . '/';
$ownDir = str_replace("\\", "/", $ownDir);
-require_once ($ownDir.'../include/config.php');
+require_once($ownDir . "../include/config.php");
+
+require_once($config["homedir"] . "/include/functions.php");
+require_once($config["homedir"] . "/include/functions_db.php");
+require_once($config["homedir"] . "/include/auth/mysql.php");
global $config;
-require_once ($config["homedir"]."/include/functions.php");
-require_once ($config["homedir"]."/include/functions_db.php");
-require_once ($config["homedir"]."/include/auth/mysql.php");
-error_reporting(E_ALL);
-ini_set("display_errors", 1);
-
-if (! isset ($_SESSION["id_usuario"])) {
- session_start ();
- session_write_close ();
+if (! isset($_SESSION["id_usuario"])) {
+ session_start();
+ session_write_close();
}
-
// Login check
if (!isset($_SESSION["id_usuario"])) {
$config['id_user'] = null;
@@ -36,94 +33,56 @@ else {
$config['id_user'] = $_SESSION["id_usuario"];
}
-if (!check_login()) {
- db_pandora_audit("ACL Violation", "Trying to access graph builder");
- include ($config["homedir"]."/general/noaccess.php");
- return;
-}
+check_login();
-if (! check_acl ($config['id_user'], 0, "PM")) {
- db_pandora_audit( "ACL Violation",
- "Trying to access event viewer");
- require ("general/noaccess.php");
+if (! check_acl($config['id_user'], 0, "PM")) {
+ db_pandora_audit("ACL Violation", "Trying to access audit CSV export");
+ require("general/noaccess.php");
exit;
}
-$tipo_log = get_parameter ("tipo_log", 'all');
-$user_filter = get_parameter('user_filter', 'all');
-$filter_text = get_parameter('filter_text', '');
-$filter_hours_old = get_parameter('filter_hours_old', 24);
-$filter_ip = get_parameter('filter_ip', '');
+$filter_type = (string) get_parameter("filter_type");
+$filter_user = (string) get_parameter("filter_user");
+$filter_text = (string) get_parameter("filter_text");
+$filter_period = get_parameter("filter_period", null);
+$filter_period = ($filter_period !== null) ? (int) $filter_period : 24;
+$filter_ip = (string) get_parameter("filter_ip");
-$filter = 'WHERE 1 = 1';
+$filter = "1=1";
-if ($tipo_log != 'all') {
- $filter .= " AND accion = '$tipo_log'";
-}
-switch ($config['dbtype']) {
- case "mysql":
- if ($user_filter != 'all') {
- $filter .= sprintf(' AND id_usuario = "%s"', $user_filter);
- }
-
- $filter .= ' AND (accion LIKE "%' . $filter_text . '%" OR descripcion LIKE "%' . $filter_text . '%")';
-
- if ($filter_ip != '') {
- $filter .= sprintf(' AND ip_origen LIKE "%s"', $filter_ip);
- }
- break;
- case "postgresql":
- case "oracle":
- if ($user_filter != 'all') {
- $filter .= sprintf(' AND id_usuario = \'%s\'', $user_filter);
- }
-
- $filter .= ' AND (accion LIKE \'%' . $filter_text . '%\' OR descripcion LIKE \'%' . $filter_text . '%\')';
-
- if ($filter_ip != '') {
- $filter .= sprintf(' AND ip_origen LIKE \'%s\'', $filter_ip);
- }
- break;
+if (!empty($filter_type)) {
+ $filter .= sprintf (" AND accion = '%s'", $filter_type);
}
-if ($filter_hours_old != 0) {
+if (!empty($filter_user)) {
+ $filter .= sprintf(" AND id_usuario = '%s'", $filter_user);
+}
+
+if (!empty($filter_text)) {
+ $filter .= sprintf(" AND (accion LIKE '%%%s%%' OR descripcion LIKE '%%%s%%')", $filter_text, $filter_text);
+}
+
+if (!empty($filter_ip)) {
+ $filter .= sprintf(" AND ip_origen LIKE '%%%s%%'", $filter_ip);
+}
+
+if (!empty($filter_period)) {
switch ($config["dbtype"]) {
case "mysql":
- $filter .= ' AND fecha >= DATE_ADD(NOW(), INTERVAL -' . $filter_hours_old . ' HOUR)';
+ $filter .= ' AND fecha >= DATE_ADD(NOW(), INTERVAL -' . $filter_period . ' HOUR)';
break;
case "postgresql":
- $filter .= ' AND fecha >= NOW() - INTERVAL \'' . $filter_hours_old . ' HOUR \'';
+ $filter .= ' AND fecha >= NOW() - INTERVAL \'' . $filter_period . ' HOUR \'';
break;
case "oracle":
- $filter .= ' AND fecha >= (SYSTIMESTAMP - INTERVAL \'' . $filter_hours_old . '\' HOUR)';
+ $filter .= ' AND fecha >= (SYSTIMESTAMP - INTERVAL \'' . $filter_period . '\' HOUR)';
break;
}
}
-switch ($config["dbtype"]) {
- case "mysql":
- $sql = sprintf ("SELECT *
- FROM tsesion
- %s
- ORDER BY fecha DESC", $filter);
- break;
- case "postgresql":
- $sql = sprintf ("SELECT *
- FROM tsesion
- %s
- ORDER BY fecha DESC", $filter);
- break;
- case "oracle":
- $sql = sprintf ("SELECT *
- FROM tsesion
- %s
- ORDER BY fecha DESC", $filter);
- $result = oracle_recode_query ($sql, $set);
- break;
-}
+$sql = sprintf( "SELECT * FROM tsesion WHERE %s ORDER BY fecha DESC", $filter);
+$result = db_get_all_rows_sql($sql);
-$result = db_get_all_rows_sql ($sql);
-
-print_audit_csv ($result);
+print_audit_csv($result);
?>
diff --git a/pandora_console/include/ajax/graph.ajax.php b/pandora_console/include/ajax/graph.ajax.php
index 090a79f61e..ed1651ee3c 100644
--- a/pandora_console/include/ajax/graph.ajax.php
+++ b/pandora_console/include/ajax/graph.ajax.php
@@ -225,7 +225,7 @@ if ($get_graphs){
$homeurl = ui_get_full_url(false, false, false, false);
$graph_conf = db_get_row('tgraph', 'id_graph', $value['id_graph']);
-
+
if($graph_conf['stacked'] == 4 || $graph_conf['stacked'] == 9){
$height = 50;
} else if ($graph_conf['stacked'] == 5){
@@ -262,7 +262,7 @@ if ($get_graphs){
$labels,
false,
false,
- true,
+ $graph_conf['percentil'] == 1,
false,
false,
$value['fullscale']
diff --git a/pandora_console/include/ajax/module.php b/pandora_console/include/ajax/module.php
index 10b181baee..a98d65ed1e 100755
--- a/pandora_console/include/ajax/module.php
+++ b/pandora_console/include/ajax/module.php
@@ -1084,7 +1084,7 @@ if ($list_modules) {
$win_handle=dechex(crc32($module["id_agente_modulo"].$module["nombre"]));
// Try to display the SNMP module realtime graph
- $rt_button .= get_module_realtime_link_graph($module);
+ $rt_button = get_module_realtime_link_graph($module);
if (!empty($rt_button)) $data[8] = $rt_button . " ";
# Show events for boolean modules by default.
diff --git a/pandora_console/include/ajax/update_manager.ajax.php b/pandora_console/include/ajax/update_manager.ajax.php
index 839695b841..b6f2769ef6 100644
--- a/pandora_console/include/ajax/update_manager.ajax.php
+++ b/pandora_console/include/ajax/update_manager.ajax.php
@@ -15,6 +15,14 @@
global $config;
+check_login ();
+
+if (! check_acl ($config['id_user'], 0, "PM") && ! is_user_admin ($config['id_user'])) {
+ db_pandora_audit("ACL Violation", "Trying to access update Management");
+ require ("general/noaccess.php");
+ return;
+}
+
require_once($config['homedir'] . "/include/functions_update_manager.php");
require_once($config['homedir'] . "/include/functions_graph.php");
enterprise_include_once("include/functions_update_manager.php");
diff --git a/pandora_console/include/config_process.php b/pandora_console/include/config_process.php
index 3f66d1ee20..c0dd651384 100644
--- a/pandora_console/include/config_process.php
+++ b/pandora_console/include/config_process.php
@@ -22,7 +22,7 @@
/**
* Pandora build version and version
*/
-$build_version = 'PC180509';
+$build_version = 'PC180522';
$pandora_version = 'v7.0NG.722';
// Do not overwrite default timezone set if defined.
diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php
index d0d4fd30da..24db5de2cc 100644
--- a/pandora_console/include/functions.php
+++ b/pandora_console/include/functions.php
@@ -2162,6 +2162,18 @@ function is_snapshot_data ($data) {
return is_image_data($data);
}
+/**
+ * Check if text is too long to put it into a black screen
+ *
+ * @param string Data value
+ * @return bool True if black window should be displayed
+ */
+function is_text_to_black_string ($data) {
+ if (is_image_data($data)) return false;
+ // Consider large text if data is greater than 200 characters
+ return ((int)strlen($data)) > 200;
+}
+
/**
* Create an invisible div with a provided ID and value to
* can retrieve it from javascript with function get_php_value(name)
diff --git a/pandora_console/include/functions_io.php b/pandora_console/include/functions_io.php
index c3d7b7b2b4..058003215f 100755
--- a/pandora_console/include/functions_io.php
+++ b/pandora_console/include/functions_io.php
@@ -396,7 +396,7 @@ function __ ($string /*, variable arguments */) {
return $tranlateString;
}
}
- elseif (enterprise_installed &&
+ elseif (enterprise_installed() &&
isset($config['translate_string_extension_installed']) &&
$config['translate_string_extension_installed'] == 1 &&
array_key_exists('translate_string.php', $extensions)) {
diff --git a/pandora_console/include/functions_ui.php b/pandora_console/include/functions_ui.php
index bc09f5eceb..f2f8c81f61 100755
--- a/pandora_console/include/functions_ui.php
+++ b/pandora_console/include/functions_ui.php
@@ -3764,12 +3764,11 @@ function ui_print_module_string_value($value, $id_agente_module,
if ($is_web_content_string) {
$value = io_safe_input($value);
}
-
-
-
+
$is_snapshot = is_snapshot_data($value);
-
- if (($config['command_snapshot']) && ($is_snapshot)) {
+ $is_large_image = is_text_to_black_string ($value);
+
+ if (($config['command_snapshot']) && ($is_snapshot || $is_large_image)) {
$handle = "snapshot" . "_" . $id_agente_module;
$url = 'include/procesos.php?agente=' . $id_agente_module;
$win_handle = dechex(crc32($handle));
@@ -3778,7 +3777,7 @@ function ui_print_module_string_value($value, $id_agente_module,
"id=" . $id_agente_module .
"&refr=" . $current_interval .
"&label=" . rawurlencode(urlencode(io_safe_output($module_name))) . "','" . $win_handle . "', 700,480)";
- if (is_image_data($value)) {
+ if ($is_snapshot) {
$salida = '' .
html_print_image("images/photo.png", true,
array("border" => '0',
diff --git a/pandora_console/include/javascript/functions_pandora_networkmap.js b/pandora_console/include/javascript/functions_pandora_networkmap.js
index 2e0fa2f3d9..7edc029f68 100644
--- a/pandora_console/include/javascript/functions_pandora_networkmap.js
+++ b/pandora_console/include/javascript/functions_pandora_networkmap.js
@@ -213,7 +213,7 @@ function update_fictional_node(id_db_node) {
graph.nodes[i].networkmap_id = networkmap_to_link;
$("#id_node_" + i + networkmap_id + " title").html(name);
- $("#id_node_" + i + networkmap_id + " tspan").html(name);
+ $("#id_node_" + i + networkmap_id + " tspan").html(ellipsize(name, 30));
}
});
@@ -251,7 +251,7 @@ function update_node_name(id_db_node) {
graph.nodes[i]['raw_text'] = data['raw_text'];
$("#id_node_" + i + networkmap_id + " title").html(data['raw_text']);
- $("#id_node_" + i + networkmap_id + " tspan").html(data['raw_text']);
+ $("#id_node_" + i + networkmap_id + " tspan").html(ellipsize(data['raw_text'], 30));
}
});
@@ -773,7 +773,7 @@ function edit_node(data_node, dblClick) {
$("#dialog_node_edit")
.dialog("option", "title",
- dialog_node_edit_title.replace("%s", node_selected['text'])); // It doesn't eval the possible XSS so it's ok
+ dialog_node_edit_title.replace("%s", ellipsize(node_selected['text'], 40))); // It doesn't eval the possible XSS so it's ok
$("#dialog_node_edit").dialog("open");
if (node_selected.id_agent == undefined || node_selected.id_agent == -2) {
@@ -3656,7 +3656,9 @@ function draw_elements_graph() {
})
.append("tspan")
.attr("style", "font-size: " + font_size + "px !important; font-family:Verdana; text-align:center; text-anchor:middle; fill:#000000")
- .text(function (d) { return get_node_name_ov(d) })
+ .text(function (d) {
+ return ellipsize(get_node_name_ov(d), 30);
+ })
.classed('dragable_node', true) //own dragable
.on("click", selected_node)
.on("contextmenu", function (d) { show_menu("node", d); });
diff --git a/pandora_console/include/javascript/pandora.js b/pandora_console/include/javascript/pandora.js
index 6b0274229e..4aaf466876 100644
--- a/pandora_console/include/javascript/pandora.js
+++ b/pandora_console/include/javascript/pandora.js
@@ -1626,4 +1626,11 @@ function display_confirm_dialog (
"Confirm": ok_function_clean
}
});
-}
\ No newline at end of file
+}
+
+function ellipsize (str, max, ellipse) {
+ if (max == null) max = 140;
+ if (ellipse == null) ellipse = "…";
+
+ return str.trim().length > max ? str.substr(0, max).trim() + ellipse : str;
+}
diff --git a/pandora_console/include/javascript/pandora_events.js b/pandora_console/include/javascript/pandora_events.js
index bd9b6cfcb6..16d2ad4e0c 100644
--- a/pandora_console/include/javascript/pandora_events.js
+++ b/pandora_console/include/javascript/pandora_events.js
@@ -361,13 +361,8 @@ function perform_response(target, response_id) {
timeout: 10000,
dataType: 'html',
success: function (data) {
- if (data == '') {
- $('#response_out').html('Unreachable host');
- }
- else {
- var out = data.replace(/[\n|\r]/g, "
");
- $('#response_out').html(out);
- }
+ var out = data.replace(/[\n|\r]/g, "
");
+ $('#response_out').html(out);
$('#response_loading_command').hide();
$('#re_exec_command').show();
}
diff --git a/pandora_console/install.php b/pandora_console/install.php
index bd8901ac85..a2111071f1 100755
--- a/pandora_console/install.php
+++ b/pandora_console/install.php
@@ -71,7 +71,7 @@
session = $_SESSION;
session_write_close();
+
+ require_once($this->getConfig('homedir') . '/include/functions.php');
+ require_once($this->getConfig('homedir') . '/include/functions_io.php');
}
public static function getInstance() {
@@ -51,29 +54,14 @@ class System {
}
public function getRequest($name, $default = null) {
- $return = $default;
-
- if (isset($_POST[$name])) {
- $return = $_POST[$name];
- }
- else {
- if (isset($_GET[$name])) {
- $return = $_GET[$name];
- }
- }
-
- return $return;
+ return get_parameter($name, $default);
}
public function safeOutput($value) {
- require_once($this->getConfig('homedir') . '/include/functions_io.php');
-
return io_safe_output($value);
}
public function safeInput($value) {
- require_once($this->getConfig('homedir') . '/include/functions_io.php');
-
return io_safe_input($value);
}
diff --git a/pandora_console/mobile/include/user.class.php b/pandora_console/mobile/include/user.class.php
index e596f4c1cd..ba16b537cf 100644
--- a/pandora_console/mobile/include/user.class.php
+++ b/pandora_console/mobile/include/user.class.php
@@ -74,7 +74,6 @@ class User {
if (($user == null) && ($password == null)) {
$user = $system->getRequest('user', null);
- $user = $system->safeInput($user);
$password = $system->getRequest('password', null);
}
@@ -141,6 +140,7 @@ class User {
}
if (empty($code)) {
$code = $system->getRequest('auth_code', null);
+ $code = $system->safeOutput($code);
}
if (!empty($user) && !empty($code)) {
diff --git a/pandora_console/mobile/operation/module_graph.php b/pandora_console/mobile/operation/module_graph.php
index 1f152bc34f..d5335af1e1 100644
--- a/pandora_console/mobile/operation/module_graph.php
+++ b/pandora_console/mobile/operation/module_graph.php
@@ -278,6 +278,14 @@ class ModuleGraph {
private function javascript_code() {
ob_start();
+
+ global $config;
+ if ($config['flash_charts']) {
+ //Include the javascript for the js charts library
+ echo include_javascript_dependencies_flot_graph(true);
+ ui_require_javascript_file('pandora', 'include/javascript/',true);
+ }
+
?>