From f3faa22376d89bb917cb4876b7460c053815f9d3 Mon Sep 17 00:00:00 2001
From: guruevi <noreply@pandorafms.org>
Date: Mon, 22 Dec 2008 21:16:03 +0000
Subject: [PATCH] 2008-12-22  Evi Vanoost <vanooste@rcbi.rochester.edu>

	* godmode/agentes/agent_template.php: Rewritten to use new functions

	* godmode/agentes/configurar_agente.php: Fixed adding empty ips

	* godmode/db/db_purge.php: Fixed bug #2445819 ?

	* godmode/db/db_refine.php: Rewritten to use new functions. Fixed bug
	#2445819 ?

git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1301 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                     |  11 +
 .../godmode/agentes/agent_template.php        | 228 ++++++++----------
 .../godmode/agentes/configurar_agente.php     |   2 +-
 pandora_console/godmode/db/db_purge.php       |   2 +-
 pandora_console/godmode/db/db_refine.php      | 123 ++++------
 5 files changed, 162 insertions(+), 204 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index 8798cf4049..710901f8ee 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,14 @@
+2008-12-22  Evi Vanoost <vanooste@rcbi.rochester.edu>
+
+	* godmode/agentes/agent_template.php: Rewritten to use new functions
+	
+	* godmode/agentes/configurar_agente.php: Fixed adding empty ips
+	
+	* godmode/db/db_purge.php: Fixed bug #2445819 ?
+
+	* godmode/db/db_refine.php: Rewritten to use new functions. Fixed bug 
+	#2445819 ?
+
 2008-12-22  Jorge Gonzalez  <jorgegonz@artica.es>
 
 	* pandoradb_data.sql: Added Dutch to translations.
diff --git a/pandora_console/godmode/agentes/agent_template.php b/pandora_console/godmode/agentes/agent_template.php
index 39f91689f8..1a80f9c323 100644
--- a/pandora_console/godmode/agentes/agent_template.php
+++ b/pandora_console/godmode/agentes/agent_template.php
@@ -16,29 +16,26 @@
 // along with this program; if not, write to the Free Software
 // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
-
-
 // Load global vars
-require("include/config.php");
+require_once ("include/config.php");
 
 check_login ();
 
 // Access control
-if (! give_acl ($config['id_user'], 0, "AW")) {
+if (! give_acl ($config['id_user'], 0, "AW") || !isset ($id_agente)) {
 	audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
 		"Trying to access agent manager");
 	require ("general/noaccess.php");
-	return;
+	exit;
 }
 
 // ==========================
 // TEMPLATE ASSIGMENT LOGIC
 // ==========================
-if (isset($_POST["template_id"])) {
+if (isset ($_POST["template_id"])) {
 	// Take agent data
-	$sql = "SELECT * FROM tagente WHERE id_agente = '.$id_agente.'";
-	$result = mysql_query ($sql);
-	if ($row = mysql_fetch_array ($result)) {
+	$row = get_db_row ("tagente", "id_agente", $id_agente);
+	if ($row !== false) {
 		$intervalo = $row["intervalo"]; 
 		$nombre_agente = $row["nombre"];
 		$direccion_agente =$row["direccion"];
@@ -50,152 +47,125 @@ if (isset($_POST["template_id"])) {
 		$os_version = $row["os_version"];
 		$agent_version = $row["agent_version"];
 		$disabled= $row["disabled"];
+	} else {
+		return;
 	}
 
-	$id_np = $_POST["template_id"];
-	$sql1 = "SELECT * FROM tnetwork_profile_component
-		WHERE id_np = $id_np";
-	$result = mysql_query ($sql1);
-	while ($row = mysql_fetch_array ($result)){
-		$sql = "SELECT * FROM tnetwork_component
-			WHERE id_nc = ".$row["id_nc"];
-		$result2 = mysql_query ($sql);
-		while ($row2 = mysql_fetch_array ($result2)) {
+	$id_np = get_parameter_post ("template_id");
+	$npc = get_db_all_rows_field_filter ("tnetwork_profile_component", "id_np", $id_np);
+	if ($npc === false) {
+		$npc = array ();
+	}
+	foreach ($npc as $row) {
+		$nc = get_db_all_rows_field_filter ("tnetwork_component", "id_nc", $row["id_nc"]);
+		if ($nc === false) {
+			$nc = array ();
+		}
+		foreach ($nc as $row2) {
 			// Insert each module from tnetwork_component into agent
-			$module_sql = "INSERT INTO tagente_modulo
-			(id_agente, id_tipo_modulo, descripcion, nombre, max, min, module_interval, tcp_port, tcp_send, tcp_rcv, snmp_community, snmp_oid, ip_target, id_module_group, id_modulo, plugin_user, plugin_pass, plugin_parameter, max_timeout)
-			VALUES ( $id_agente,
-			'".$row2["type"]."',
-			'".$row2["description"]."',
-			'".$row2["name"]."',
-			'".$row2["max"]."',
-			'".$row2["min"]."',
-			'".$row2["module_interval"]."',
-			'".$row2["tcp_port"]."',
-			'".$row2["tcp_send"]."',
-			'".$row2["tcp_rcv"]."',
-			'".$row2["snmp_community"]."',
-			'".$row2["snmp_oid"]."',
-			'$direccion_agente',
-			'".$row2["id_module_group"]."',
-			'".$row2["id_modulo"]."',
-			'".$row2["plugin_user"]."',
-			'".$row2["plugin_pass"]."',
-			'".$row2["plugin_parameter"]."',
-			'".$row2["max_timeout"]."'
-			)";
-			mysql_query ($module_sql);
-			$id_agente_modulo = mysql_insert_id();
+			$sql = sprintf ("INSERT INTO tagente_modulo
+			(id_agente, id_tipo_modulo, descripcion, nombre, max, min, module_interval, 
+			tcp_port, tcp_send, tcp_rcv, snmp_community, snmp_oid, ip_target, id_module_group, id_modulo, 
+			plugin_user, plugin_pass, plugin_parameter, max_timeout)
+			VALUES (%d, %d, '%s', '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', %d)", 
+			$id_agente, $row2["type"], $row2["description"], $row2["name"], $row2["max"], $row2["min"], $row2["module_interval"], 
+			$row2["tcp_port"], $row2["tcp_send"], $row2["tcp_rcv"], $row2["snmp_community"], $row2["snmp_oid"], $direccion_agente, $row2["id_module_group"], $row2["id_modulo"], 
+			$row2["plugin_user"], $row2["plugin_pass"], $row2["plugin_parameter"], $row2["max_timeout"]);
+			
+			$id_agente_modulo = process_sql ($sql, "insert_id");
 			
 			// Create with different estado if proc type or data type
-			$id_tipo_modulo = $row2["type"];
-			if (($id_tipo_modulo == 2) || 
-			($id_tipo_modulo == 6) || 
-			($id_tipo_modulo == 9) || 
-			($id_tipo_modulo == 12) || 
-			($id_tipo_modulo == 18)) {
-			
-				$sql = "INSERT INTO tagente_estado 
-				(id_agente_modulo,datos,timestamp,cambio,estado,id_agente, utimestamp) 
-				VALUES (
-				$id_agente_modulo, 0,'0000-00-00 00:00:00',0,0,'".$id_agente."',0
-				)";
-			} else { 
-				$sql = "INSERT INTO tagente_estado 
-				(id_agente_modulo,datos,timestamp,cambio,estado,id_agente, utimestamp) 
-				VALUES (
-				$id_agente_modulo, 0,'0000-00-00 00:00:00',0,100,'".$id_agente."',0
-				)";
+			if ($id_agente_modulo !== false && ($row2["type"] == 2) || ($row2["type"] == 6) || ($row2["type"] == 9) || ($row2["type"] == 12) || ($row2["type"] == 18)) {
+				$sql = sprintf ("INSERT INTO tagente_estado (id_agente_modulo,datos,timestamp,cambio,estado,id_agente, utimestamp) 
+								VALUES (%d, 0,'0000-00-00 00:00:00',0,0, %d, 0)", $id_agente_modulo, $id_agente);
+				process_sql ($sql);
+			} elseif ($id_agente_modulo !== false) { 
+				$sql = sprintf ("INSERT INTO tagente_estado (id_agente_modulo,datos,timestamp,cambio,estado,id_agente, utimestamp) 
+								VALUES (%d, 0,'0000-00-00 00:00:00',0,100, %d, 0)", $id_agente_modulo, $id_agente);
+				process_sql ($sql);
+			} else {
+				echo '<h3 class="error">'.__('Error adding module').'</h3>';
 			}
-			mysql_query ($sql);
-			$sql = "";
 		}
 	}
-	echo "<h3 class='suc'>".__('Modules successfully added ')."</h3>";
+	echo '<h3 class="suc">'.__('Modules successfully added ').'</h3>';
 }
 
 // Main header
 
-echo "<h2>".__('Agent configuration')." &gt; ".__('Module templates');
-echo "</h2>";
+echo "<h2>".__('Agent configuration')." &gt; ".__('Module templates')."</h2>";
 
 // ==========================
 // TEMPLATE ASSIGMENT FORM
 // ==========================
 
 echo "<h3>".__('Available templates')."</h3>";
-echo "<form method=post action='index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&tab=template&id_agente=$id_agente'>";
+echo '<form method="post" action="index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&tab=template&id_agente='.$id_agente.'">';
 
-echo "<table width='300' class='databox' cellpadding='4' cellspacing='4'>";
-echo "<tr><td>".__('Template')."</td><td valign='middle'>";
+$nps = get_db_all_fields_in_table ("tnetwork_profile", "name");
+if ($nps === false) {
+	$nps = array ();
+}
 
-echo "<select name='template_id' class='w130'>";
-$sql = 'SELECT * FROM tnetwork_profile ORDER BY name';
-$result = mysql_query ($sql);
-if (mysql_num_rows ($result))
-	while ($row = mysql_fetch_array($result))
-		echo "<option value='".$row["id_np"]."'>".$row["name"]."</option>";
-echo "</select></td>";
+$select = array ();
+foreach ($nps as $row) {
+	$select[$row["id_np"]] = $row["name"];
+}
 
-echo "<td>";
-echo "<input type='submit' class='sub next' name='crt' value='".__('Assign')."'>";
-echo "</table>";
-echo "</form>";
+echo '<div>'.__('Template');
+print_select ($select, "template_id");
+print_submit_button (__('Assign'), 'crt', false, 'class="sub next"');
+echo '</div></form>';
 
 // ==========================
 // MODULE VISUALIZATION TABLE
 // ==========================
 echo "<h3>".__('Assigned modules')."</h3>";
 
-$sql = 'SELECT * FROM tagente_modulo WHERE id_agente = "'.$id_agente.'"
-	ORDER BY id_module_group, nombre ';
-$result = mysql_query($sql);
-if ($row = mysql_num_rows ($result)) {
-	echo '<table width="700" cellpadding="4" cellspacing="4" class="databox">';
-	echo '<tr>';
-	echo "<th>".__('Module name')."</th>";
-	echo "<th>".__('Type')."</th>";
-	echo "<th>".__('Description')."</th>";
-	echo "<th width=50>".__('Action')."</th>";
-	$color=1;
-	$last_modulegroup = "0";
-	while ($row = mysql_fetch_array ($result)) {
-		if ($color == 1) {
-			$tdcolor="datos";
-			$color =0;
-		} else {
-			$tdcolor="datos2";
-			$color =1;
-		}
-		$id_tipo = $row["id_tipo_modulo"];
-		$nombre_modulo =$row["nombre"];
-		$descripcion = $row["descripcion"];
-		echo "<tr><td class='".$tdcolor."_id'>".$nombre_modulo;
-		echo "<td class='".$tdcolor."f9'>";
-		if ($id_tipo) {
-			echo "<img src='images/".show_icon_type($id_tipo)."' border=0>";
-		}
-		echo "<td class='$tdcolor' title='$descripcion'>".substr($descripcion,0,30)."</td>";
-		echo "<td class='$tdcolor'>";
-		if ($id_tipo != -1)
-			echo "<a href='index.php?sec=gagente&
-			tab=module&
-			sec2=godmode/agentes/configurar_agente&tab=template&
-			id_agente=".$id_agente."&
-			delete_module=".$row["id_agente_modulo"]."'>
-			<img src='images/cross.png' border=0 alt='".__('Delete')."'>
-			</b></a> &nbsp; ";
-		echo "<a href='index.php?sec=gagente&
-		sec2=godmode/agentes/configurar_agente&
-		id_agente=".$id_agente."&
-		tab=module&
-		update_module=".$row["id_agente_modulo"]."#modules'>
-		<img src='images/config.png' border=0 alt='".__('Update')."' onLoad='type_change()'></b></a>";
-	}
-	echo "</td></tr>";
-	echo "</table>";
-} else {
-	echo "<div class='nf'>No modules</div>";
+$sql = sprintf ("SELECT * FROM tagente_modulo WHERE id_agente = %d ORDER BY id_module_group, nombre", $id_agente);
+$result = get_db_all_rows_sql ($sql);
+if ($result === false) {
+	$result = array ();
 }
 
-?>
+$table->width = 700;
+$table->cellpadding = 4;
+$table->cellspacing = 4;
+$table->class = "databox";
+$table->head = array ();
+$table->data = array ();
+$table->align = array ();
+
+$table->head[0] = __('Module name');
+$table->head[1] = __('Type');
+$table->head[2] = __('Description');
+$table->head[3] = __('Action');
+
+$table->align[1] = "center";
+$table->align[3] = "center";
+
+foreach ($result as $row) {
+	$data = array ();
+	
+	$data[0] = $row["nombre"];
+	if ($row["id_tipo_modulo"] > 0) {
+		$data[1] = '<img src="images/'.show_icon_type ($row["id_tipo_modulo"]).'" border="0" />';
+	} else {
+		$data[1] = '';
+	}
+	$data[2] = mb_substr ($row["descripcion"], 0, 60);
+	
+	$data[3] = '<a href="index.php?sec=gagente&tab=module&sec2=godmode/agentes/configurar_agente&tab=template&id_agente='.$id_agente.'&delete_module='.$row["id_agente_modulo"].'"><img src="images/cross.png" border="0" alt="'.__('Delete').'" onclick="if (!confirm(\''.__('Are you sure?').'\')) return false;" /></a>&nbsp;';
+	$data[3] .= '<a href="index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&id_agente='.$id_agente.'&tab=module&update_module='.$row["id_agente_modulo"].'&moduletype='.$row["id_modulo"].'#modules"><img src="images/config.png" border="0" alt="'.__('Update').'" /></a>';
+	
+	array_push ($table->data, $data);
+}
+
+if (!empty ($table->data)) {
+	print_table ($table);
+	unset ($table);
+} else {
+	echo '<div class="nf">No modules</div>';
+}
+
+?>
\ No newline at end of file
diff --git a/pandora_console/godmode/agentes/configurar_agente.php b/pandora_console/godmode/agentes/configurar_agente.php
index 629b96c53c..75a7357a7c 100644
--- a/pandora_console/godmode/agentes/configurar_agente.php
+++ b/pandora_console/godmode/agentes/configurar_agente.php
@@ -518,7 +518,7 @@ if (isset($_POST["update_agent"])) { // if modified some agent paramenter
 		echo '<h3 class="error">'.__('There is already an agent in the database with this name').'</h3>';
 	} else {
 		//If different IP is specified than previous, add the IP
-		if ($direccion_agente != get_agent_address ($id_agente))
+		if ($direccion_agente != '' && $direccion_agente != get_agent_address ($id_agente))
 			agent_add_address ($id_agente, $direccion_agente);
 		
 		//If IP is set for deletion, delete first
diff --git a/pandora_console/godmode/db/db_purge.php b/pandora_console/godmode/db/db_purge.php
index 02a237718c..9770d08ec6 100644
--- a/pandora_console/godmode/db/db_purge.php
+++ b/pandora_console/godmode/db/db_purge.php
@@ -154,7 +154,7 @@ echo "<h3>".$title."</h3>";
 flush (); //Flush before we do some SQL stuff
 if ($id_agent > 0) { //If the agent is not All or Not selected
 	$modules = get_agent_modules ($id_agent);
-	sprintf ("AND id_agente_modulo IN(%s)", implode (",", array_keys ($modules)));
+	$query = sprintf ("AND id_agente_modulo IN(%s)", implode (",", array_keys ($modules)));
 } else {
 	$query = "";
 }
diff --git a/pandora_console/godmode/db/db_refine.php b/pandora_console/godmode/db/db_refine.php
index 241b7152e7..b7575aae47 100644
--- a/pandora_console/godmode/db/db_refine.php
+++ b/pandora_console/godmode/db/db_refine.php
@@ -26,93 +26,70 @@ check_login ();
 if (! give_acl ($config['id_user'], 0, "DM")) {
 	audit_db($config['id_user'],$REMOTE_ADDR, "ACL Violation","Trying to access Database Debug Admin section");
 	require ("general/noaccess.php");
-	return;
+	exit;
 }
 
+echo '<h2>'.__('Database Maintenance').' &gt; '.__('Database debug').'</h2>';
+
+
 if ((isset ($_GET["operacion"])) && (!isset ($_POST["update_agent"]))) {
 	// DATA COPY
 	if (isset ($_POST["eliminar"])) {
-		echo "<h2>".__('Delete Data')."</h2>";
-		// First checkings
-		
-		$max = $_POST["max"];
-		$min = $_POST["min"];
+		$max = get_parameter_post ("max", 0);
+		$min = get_parameter_post ("min", 0);
 		if ($max == $min) {
-			echo "<h3 class='error'>ERROR ".__('Maximum equal to minimum')."</h3>";
-			echo "</table>";
-			include ("general/footer.php");
-			exit;
+			echo '<h3 class="error">'.__('Error').': '.__('Maximum is equal to minimum').'</h3>';
+			return;
 		}
-		$origen_modulo = mysql_real_esape_string ($_POST["origen_modulo"]);
-	 	if (count($origen_modulo) <= 0) {
-			echo "<h3 class='error'>ERROR: ".__('No modules has been selected')."</h3>";
-			echo "</table>";
-			include ("general/footer.php");
-			exit;
+		$origen_modulo = get_parameter_post ("origen_modulo", array ());
+		if (empty ($origen_modulo)) {
+			echo '<h3 class="error">'.__('Error').': '.__('No modules have been selected').'</h3>';
+			return;
 		}
 
 		// Source (agent)
-		$id_origen = $_POST["origen"];
+		$id_origen = (int) get_parameter_post ("origen", 0);
 		
 		// Copy
-		for ($a = 0; $a < count ($origen_modulo); $a++) { // For every agent selected
-			$id_agentemodulo = $origen_modulo[$a];
-			echo "<br><br>".__('Filtering data module')."<b> [".get_agentmodule_name ($id_agentemodulo)."]</b>";
-			$sql ='DELETE FROM tagente_datos WHERE id_agente_modulo = '.$origen_modulo[$a].' AND ( datos < '.$min.' OR  datos > '.$max.' )';
+		foreach ($origen_modulo as $id_agentemodulo) {
+			echo "<br /><br />".__('Filtering data module')."<b> [".get_agentmodule_name ($id_agentemodulo)."]</b>";
+			$sql = sprintf ("DELETE FROM tagente_datos WHERE id_agente_modulo = %d AND (datos < '%s' OR datos > '%s')", $id_agentemodulo, $min, $max);
 			process_sql ($sql);
-			//echo "<br>DEBUG DELETE $sql1 <br>";
 		} 
 	} //if copy modules or alerts
-} else { // Form view
-	?>
-	<h2><?php echo __('Database Maintenance'); ?> &gt; 
-	<?php echo __('Database debug'); ?></h2>
-	<form method="post" action="index.php?sec=gdbman&sec2=godmode/db/db_refine&operacion=1">
-	<table width='500' border='0' cellspacing='4' cellpadding='4' class='databox'>
-	<tr>
-	<td class="datost"><b><?php echo __('Source agent'); ?></b><br><br>
-	<select name="origen" class="w130">
-	<?php
-	if ( (isset ($_POST["update_agent"])) && (isset ($_POST["origen"])) ) {
-		echo "<option value=".$_POST["origen"].">".get_agent_name($_POST["origen"]);
-	}
-	// Show combo with agents
-	$sql1='SELECT * FROM tagente';
-	$result=mysql_query($sql1);
-	while ($row=mysql_fetch_array($result)){
-		if ( (isset($_POST["update_agent"])) AND (isset($_POST["origen"])) ){
-			if ( $_POST["origen"] != $row["id_agente"])
-				echo "<option value=".$row["id_agente"].">".$row["nombre"]."</option>";
-		}
-		else
-			echo "<option value=".$row["id_agente"].">".$row["nombre"]."</option>";
-	}
-	echo '</select>&nbsp;&nbsp;<input type=submit name="update_agent" class="sub upd" value="'.__('Get Info').'"><br><br>';
-	echo "<b>".__('Modules')."</b><br><br>";
-	echo "<select name='origen_modulo[]' size=5 multiple=yes class='w130'>";
-	if ( (isset($_POST["update_agent"])) && (isset ($_POST["origen"])) ) {
-		// Populate Module/Agent combo
-		$agente_modulo = $_POST["origen"];
-		$sql1="SELECT * FROM tagente_modulo WHERE id_agente = ".$agente_modulo;
-		$result = mysql_query($sql1);
-		while ($row=mysql_fetch_array($result)){
-	 		echo "<option value=".$row["id_agente_modulo"].">".$row["nombre"]."</option>";	
-		}
-	}
-	echo "</select>";
-	?>
-	<td class="datost"><b><?php echo __('Purge data out these limits'); ?></b><br><br>
-		<table cellspacing=3 cellpadding=3 border=0>
-		<tr class=datos><td><?php echo __('Minimum'); ?><td><input type="text" name="min" size=4 value=0>
-		<tr class=datos><td><?php echo __('Maximum'); ?><td><input type="text" name="max" size=4 value=0>	
-		<tr><td></td></tr>
-		<tr><td class="bot" colspan="2" align="right">
-		<input type="submit" name="eliminar" class="sub delete" value="<?php echo __('Delete').'" onClick="if (!confirm("'.__('Are you sure?').'")) return false;>'; ?>
-		</table>
-	</td></tr>
-
-	</table>
-	
-<?php
+	echo '<br /><br /><h3 class="suc">'.__('Filtering completed').'</h3>';
 }
+echo '<form method="post" action="index.php?sec=gdbman&sec2=godmode/db/db_refine&operacion=1">';
+echo '<div style="float:left; width: 250px;">';
+echo '<b>'.__('Source agent').'</b><br />';
+
+$agent_selected = get_parameter_post ("origen", 0);
+$agents = get_group_agents (get_user_groups ($config["id_user"], "AW"));
+
+print_select ($agents, "origen", $agent_selected, 'javascript:this.form.update_agent.click();', __('No agent selected'), '0', false, false, false, 'w130');
+
+echo '&nbsp;&nbsp;';
+
+print_submit_button (__('Get Info'), 'update_agent', false, 'class="sub upd"');
+
+echo '<br /><br />';
+echo '<b>'.__('Modules').'</b><br /><br />';
+
+$module_selected = get_parameter_post ("origen", array ());
+$modules = get_agent_modules ($module_selected);
+
+print_select ($modules, "origen_modulo[]", $module_selected, '', '', '0', false, true, false, 'w130');
+
+echo '</div>'; //Left div
+
+echo '<div style="float:left; width:250px;"><b>'.__('Purge data out of these limits').'</b><br /><br />';
+echo __('Minimum').': ';
+print_input_text ("min", 0, __('Minimum'), 4, 0, false);
+echo '<br />';
+echo __('Maximum').': ';
+print_input_text ("max", 0, __('Maximum'), 4, 0, false);
+echo '<br />';
+
+print_submit_button (__('Delete'), 'eliminar', false, 'class="sub delete" onClick="if (!confirm(\''.__('Are you sure?').'\')) return false;"'); 
+echo '</div><div style="clear:both;">&nbsp;</div>';
 ?>