// Additions to Pandora FMS 1.2 graph code and new XML reporting template management
// Copyright (c) 2005-2007 Artica Soluciones Tecnologicas, info@artica.es
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
// Pandora FMS 1.x uses icons from famfamfam, licensed under CC Atr. 2.5
// Silk icon set 1.3 (cc) Mark James, http://www.famfamfam.com/lab/icons/silk/
// Pandora FMS 1.x uses Pear Image::Graph code
// Pandora FMS shares much of it's code with project Babel Enterprise, also a
// FreeSoftware Project coded by some of the people who makes Pandora FMS
$develop_bypass = 1;
if ($develop_bypass != 1){
// If no config file, automatically try to install
if (! file_exists("include/config.php")){
include ("install.php");
exit;
}
// Check for installer presence
if (file_exists("install.php")){
include "general/error_install.php";
exit;
}
// Check perms for config.php
if ((substr(sprintf('%o', fileperms('include/config.php')), -4) != "0600") &&
(substr(sprintf('%o', fileperms('include/config.php')), -4) != "0660") &&
(substr(sprintf('%o', fileperms('include/config.php')), -4) != "0640") &&
(substr(sprintf('%o', fileperms('include/config.php')), -4) != "0600"))
{
include "general/error_perms.php";
exit;
}
}
// Real start
session_start();
include "include/config.php";
include "include/languages/language_".$language_code.".php";
require "include/functions.php"; // Including funcions.
require "include/functions_db.php";
?>
';
} else
echo '';
}
?>
Pandora FMS - <?php echo $lang_label["header_title"]; ?>
';
$REMOTE_ADDR = getenv ("REMOTE_ADDR");
global $REMOTE_ADDR;
// Login process
if ( (! isset ($_SESSION['id_usuario'])) AND (isset ($_GET["login"]))) {
$nick = entrada_limpia ($_POST["nick"]);
$pass = entrada_limpia ($_POST["pass"]);
// Connect to Database
$sql1 = 'SELECT * FROM tusuario WHERE id_usuario = "'.$nick.'"';
$result = mysql_query ($sql1);
// For every registry
if ($row = mysql_fetch_array ($result)){
if ($row["password"] == md5 ($pass)){
// Login OK
// Nick could be uppercase or lowercase (select in MySQL
// is not case sensitive)
// We get DB nick to put in PHP Session variable,
// to avoid problems with case-sensitive usernames.
// Thanks to David Muñiz for Bug discovery :)
$nick = $row["id_usuario"];
unset ($_GET["sec2"]);
$_GET["sec"] = "general/logon_ok";
update_user_contact ($nick);
logon_db ($nick, $REMOTE_ADDR);
$_SESSION['id_usuario'] = $nick;
} else {
// Login failed (bad password)
unset ($_GET["sec2"]);
include "general/logon_failed.php";
// change password to do not show all string
$primera = substr ($pass,0,1);
$ultima = substr ($pass, strlen ($pass) - 1, 1);
$pass = $primera . "****" . $ultima;
audit_db ($nick, $REMOTE_ADDR, "Logon Failed",
"Incorrect password: " . $nick . " / " . $pass);
echo '