getIdUser();
if (is_user ($id_user)) {
return 0;
}
}
audit_db ("N/A", getenv ("REMOTE_ADDR"), "No session", "Trying to access without a valid session");
include ($config["homedir"]."/general/noaccess.php");
exit;
}
/**
*
* Escape string to set it properly to use in sql queries
*
* @param string String to be cleaned.
*
* @return string String cleaned.
*/
function escape_string_sql ($string) {
$str = mysql_real_escape_string($string);
return $str;
}
/**
* Return a array of id_group of childrens (to branches down)
*
* @param integer $parent The id_group parent to search the childrens.
* @param array $groups The groups, its for optimize the querys to DB.
*/
function get_childrens($parent, $groups = null) {
if (empty($groups)) {
$groups = get_db_all_rows_in_table('tgrupo');
}
$return = array();
foreach ($groups as $key => $group) {
if ($group['id_grupo'] == 0) {
continue;
}
if ($group['parent'] == $parent) {
$return = $return + array($group['id_grupo'] => $group) + get_childrens($group['id_grupo'], $groups);
}
}
return $return;
}
/**
* Return a array of id_group of parents (to roots up).
*
* @param integer $parent The id_group parent to search the parent.
* @param boolean $onlyPropagate Flag to search only parents that true to propagate.
* @param array $groups The groups, its for optimize the querys to DB.
*/
function get_parents($parent, $onlyPropagate = false, $groups = null) {
if (empty($groups)) {
$groups = get_db_all_rows_in_table('tgrupo');
}
$return = array();
foreach ($groups as $key => $group) {
if ($group['id_grupo'] == 0) {
continue;
}
if (($group['id_grupo'] == $parent) && ($group['propagate'] || !$onlyPropagate)) {
$return = $return + array($group['id_grupo'] => $group) + get_parents($group['parent'], $groups);
}
}
return $return;
}
/**
* Check access privileges to resources
*
* Access can be:
* IR - Incident/report Read
* IW - Incident/report Write
* IM - Incident/report Management
* AR - Agent Read
* AW - Agent Write
* LW - Alert Write
* UM - User Management
* DM - DB Management
* LM - Alert Management
* PM - Pandora Management
*
* @param int $id_user User id
* @param int $id_group Agents group id to check from
* @param string $access Access privilege
*
* @return bool 1 if the user has privileges, 0 if not.
*/
function check_acl ($id_user, $id_group, $access) {
if (empty ($id_user)) {
//User ID needs to be specified
trigger_error ("Security error: check_acl got an empty string for user id", E_USER_WARNING);
return 0;
}
elseif (is_user_admin ($id_user)) {
return 1;
}
else {
$id_group = (int) $id_group;
}
$parents_id = array($id_group);
if ($id_group != 0) {
$group = get_db_row_filter('tgrupo', array('id_grupo' => $id_group));
$parents = get_parents($group['parent'], true);
foreach ($parents as $parent) {
$parents_id[] = $parent['id_grupo'];
}
}
else {
$parents_id = array();
}
//Joined multiple queries into one. That saves on the query overhead and query cache.
if ($id_group == 0) {
$query = sprintf("SELECT tperfil.incident_view, tperfil.incident_edit,
tperfil.incident_management, tperfil.agent_view,
tperfil.agent_edit, tperfil.alert_edit,
tperfil.alert_management, tperfil.pandora_management,
tperfil.db_management, tperfil.user_management
FROM tusuario_perfil, tperfil
WHERE tusuario_perfil.id_perfil = tperfil.id_perfil
AND tusuario_perfil.id_usuario = '%s'", $id_user);
//GroupID = 0, group id doesnt matter (use with caution!)
}
else {
$query = sprintf("SELECT tperfil.incident_view, tperfil.incident_edit,
tperfil.incident_management, tperfil.agent_view,
tperfil.agent_edit, tperfil.alert_edit,
tperfil.alert_management, tperfil.pandora_management,
tperfil.db_management, tperfil.user_management
FROM tusuario_perfil, tperfil
WHERE tusuario_perfil.id_perfil = tperfil.id_perfil
AND tusuario_perfil.id_usuario = '%s'
AND (tusuario_perfil.id_grupo IN (%s)
OR tusuario_perfil.id_grupo = 0)", $id_user, implode(', ', $parents_id));
}
$rowdup = get_db_all_rows_sql ($query);
if (empty ($rowdup))
return 0;
$result = 0;
foreach ($rowdup as $row) {
// For each profile for this pair of group and user do...
switch ($access) {
case "IR":
$result += $row["incident_view"];
break;
case "IW":
$result += $row["incident_edit"];
break;
case "IM":
$result += $row["incident_management"];
break;
case "AR":
$result += $row["agent_view"];
break;
case "AW":
$result += $row["agent_edit"];
break;
case "LW":
$result += $row["alert_edit"];
break;
case "LM":
$result += $row["alert_management"];
break;
case "PM":
$result += $row["pandora_management"];
break;
case "DM":
$result += $row["db_management"];
break;
case "UM":
$result += $row["user_management"];
break;
}
}
if ($result >= 1)
return 1;
return 0;
}
/*
* @deprecated Use check_acl instead
*/
function give_acl ($id_user, $id_group, $access) {
return check_acl ($id_user, $id_group, $access);
}
/**
* Filter out groups the user doesn't have access to
*
* Access can be:
* IR - Incident Read
* IW - Incident Write
* IM - Incident Management
* AR - Agent Read
* AW - Agent Write
* LW - Alert Write
* UM - User Management
* DM - DB Management
* LM - Alert Management
* PM - Pandora Management
*
* @param int $id_user User id
* @param mixed $id_group Group ID(s) to check
* @param string $access Access privilege
*
* @return array Groups the user DOES have acces to (or an empty array)
*/
function safe_acl_group ($id_user, $id_groups, $access) {
if (!is_array ($id_groups) && check_acl ($id_user, $id_groups, $access)) {
/* Return all the user groups if it's the group All */
if ($id_groups == 0)
return array_keys (get_user_groups ($id_user, $access));
return array ($id_groups);
} elseif (!is_array ($id_groups)) {
return array ();
}
foreach ($id_groups as $group) {
//Check ACL. If it doesn't match, remove the group
if (!check_acl ($id_user, $group, $access)) {
unset ($id_groups[$group]);
}
}
return $id_groups;
}
/**
* Adds an audit log entry (DEPRECATED!)
*
* @param string $id User id
* @param string $ip Client IP
* @param string $accion Action description
* @param string $descripcion Long action description
*/
function audit_db ($id, $ip, $accion, $descripcion){
$accion = safe_input($accion);
$descripcion = safe_input($descripcion);
$sql = sprintf ("INSERT INTO tsesion (ID_usuario, accion, fecha, IP_origen,descripcion, utimestamp) VALUES ('%s','%s',NOW(),'%s','%s',UNIX_TIMESTAMP(NOW()))",$id,$accion,$ip,$descripcion);
process_sql ($sql);
}
/**
* Adds an audit log entry (new function in 3.0)
*
* @param string $accion Action description
* @param string $descripcion Long action description
*/
function pandora_audit ($accion, $descripcion){
global $config;
if (isset($config["remote_addr"])) {
$ip = $config["remote_addr"];
}
else {
if ($_SERVER['REMOTE_ADDR']) {
$ip = $_SERVER['REMOTE_ADDR'];
}
else {
$ip = null;
}
}
$id = $config["id_user"];
$accion = safe_input($accion);
$descripcion = safe_input($descripcion);
$sql = sprintf ("INSERT INTO tsesion (ID_usuario, accion, fecha, IP_origen,descripcion, utimestamp) VALUES ('%s','%s',NOW(),'%s','%s',UNIX_TIMESTAMP(NOW()))",$id,$accion,$ip,$descripcion);
process_sql ($sql);
}
/**
* Log in a user into Pandora.
*
* @param string $id_user User id
* @param string $ip Client user IP address.
*/
function logon_db ($id_user, $ip) {
audit_db ($id_user, $ip, "Logon", "Logged in");
// Update last registry of user to set last logon. How do we audit when the user was created then?
process_user_contact ($id_user);
}
/**
* Log out a user into Pandora.
*
* @param string $id_user User id
* @param string $ip Client user IP address.
*/
function logoff_db ($id_user, $ip) {
audit_db ($id_user, $ip, "Logoff", "Logged out");
}
/**
* Get profile name from id.
*
* @param int $id_profile Id profile in tperfil
*
* @return string Profile name of the given id
*/
function get_profile_name ($id_profile) {
return (string) get_db_value ('name', 'tperfil', 'id_perfil', (int) $id_profile);
}
/**
* Selects all profiles (array (id => name))
*
* @return array List of all profiles
*/
function get_profiles () {
$profiles = get_db_all_rows_in_table ("tperfil", "name");
$return = array ();
if ($profiles === false) {
return $return;
}
foreach ($profiles as $profile) {
$return[$profile["id_perfil"]] = $profile["name"];
}
return $return;
}
/**
* Create Profile for User
*
* @param string User ID
* @param int Profile ID (default 1 => AR)
* @param int Group ID (default 1 => All)
* @param string Assign User who assign the profile to user.
*
* @return bool True if succesful, false if not
*/
function create_user_profile ($id_user, $id_profile = 1, $id_group = 0, $assignUser = false) {
global $config;
if (empty ($id_profile) || $id_group < 0)
return false;
if (isset ($config["id_user"])) {
//Usually this is set unless we call it while logging in (user known by auth scheme but not by pandora)
$assign = $config["id_user"];
} else {
$assign = $id_user;
}
if ($assignUser !== false)
$assign = $assignUser;
$insert = array (
"id_usuario" => $id_user,
"id_perfil" => $id_profile,
"id_grupo" => $id_group,
"assigned_by" => $assign
);
return (bool) process_sql_insert ("tusuario_perfil", $insert);
}
/**
* Delete user profile from database
*
* @param string User ID
* @param int Profile ID
*
* @return bool Whether or not it's deleted
*/
function delete_user_profile ($id_user, $id_profile) {
$sql = sprintf ("DELETE FROM tusuario_perfil WHERE id_usuario = '%s' AND id_up = %d", $id_user, $id_profile);
return (bool) process_sql ($sql);
}
/**
* Delete profile from database (not user-profile link (tusuario_perfil), but the actual profile (tperfil))
*
* @param int Profile ID
*
* @return bool Whether or not it's deleted
*/
function delete_profile ($id_profile) {
$sql = sprintf ("DELETE FROM tperfil WHERE id_perfil = %d", $id_profile);
return (bool) process_sql ($sql);
}
/**
* Get disabled field of a group
*
* @param int id_group Group id
*
* @return bool Disabled field of given group
*/
function give_disabled_group ($id_group) {
return (bool) get_db_value ('disabled', 'tgrupo', 'id_grupo', (int) $id_group);
}
/**
* Test if the param array is all groups in db.
*
* @param array $id_groups
*
* @return bool It's true when the array is all groups in db.
*/
function isAllGroups($idGroups) {
if (!is_array($idGroups))
$arrayGroups = array($idGroups);
else
$arrayGroups = $idGroups;
$groupsDB = get_db_all_rows_in_table ('tgrupo');
$returnVar = true;
foreach ($groupsDB as $group) {
if (!in_array($group['id_grupo'], $arrayGroups)) {
$returnVar = false;
break;
}
}
return $returnVar;
}
/**
* Get all the agents within a group(s).
*
* @param mixed $id_group Group id or an array of ID's. If nothing is selected, it will select all
* @param mixed $search to add Default: False. If True will return disabled agents as well. If searching array (disabled => (bool), string => (string))
* @param string $case Which case to return the agentname as (lower, upper, none)
* @param boolean $noACL jump the ACL test.
*
* @return array An array with all agents in the group or an empty array
*/
function get_group_agents ($id_group = 0, $search = false, $case = "lower", $noACL = false) {
global $config;
if (!$noACL) {
$id_group = safe_acl_group ($config["id_user"], $id_group, "AR");
if (empty ($id_group)) {
//An empty array means the user doesn't have access
return array ();
}
}
if (is_array($id_group)) {
$search_sql = sprintf ('WHERE id_grupo IN (%s)', implode (",", $id_group));
}
else if ($id_group == 0) { //All group
$search_sql = 'WHERE 1 = 1';
}
else {
$search_sql = sprintf ('WHERE id_grupo = %d', $id_group);
}
if ($search === true) {
//No added search. Show both disabled and non-disabled
}
elseif (is_array ($search)) {
if (isset ($search["disabled"])) {
$search_sql .= ' AND disabled = '.($search["disabled"] ? 1 : 0); //Bool, no cleanup necessary
} else {
$search_sql .= ' AND disabled = 0';
}
unset ($search["disabled"]);
if (isset ($search["string"])) {
$string = safe_input ($search["string"]);
$search_sql .= ' AND (nombre LIKE "%'.$string.'%" OR direccion LIKE "%'.$string.'%")';
unset ($search["string"]);
}
if (isset ($search["name"])) {
$name = safe_input ($search["name"]);
$search_sql .= ' AND nombre LIKE "' . $name . '" ';
unset ($search["name"]);
}
if (! empty ($search)) {
$search_sql .= ' AND '.format_array_to_where_clause_sql ($search);
}
}
else {
$search_sql .= ' AND disabled = 0';
}
$sql = sprintf ("SELECT id_agente, nombre FROM tagente %s ORDER BY nombre", $search_sql);
$result = get_db_all_rows_sql ($sql);
if ($result === false)
return array (); //Return an empty array
$agents = array ();
foreach ($result as $row) {
switch ($case) {
case "lower":
$agents[$row["id_agente"]] = mb_strtolower ($row["nombre"], "UTF-8");
break;
case "upper":
$agents[$row["id_agente"]] = mb_strtoupper ($row["nombre"], "UTF-8");
break;
default:
$agents[$row["id_agente"]] = $row["nombre"];
}
}
return ($agents);
}
/**
* Get a single module information.
*
* @param int agentmodule id to get.
*
* @return array An array with module information
*/
function get_agentmodule ($id_agentmodule) {
return get_db_row ('tagente_modulo', 'id_agente_modulo', (int) $id_agentmodule);
}
/**
* Get a id of module from his name and the agent id
*
* @param string agentmodule name to get.
* @param int agent id.
*
* @return int the agentmodule id
*/
function get_agentmodule_id ($agentmodule_name, $agent_id) {
return get_db_row_filter ('tagente_modulo', array('nombre' => $agentmodule_name, 'id_agente' => $agent_id, 'delete_pending' => 0));
}
/**
* Get a if a module is init.
*
* @param int agentmodule id to get.
*
* @return bool true if is init and false if is not init
*/
function get_agentmodule_is_init ($id_agentmodule) {
$result = get_db_row_filter ('tagente_estado', array('id_agente_modulo' => $id_agentmodule), 'utimestamp');
return (bool)$result['utimestamp'];
}
/**
* Get all the modules in an agent. If an empty list is passed it will select all
*
* @param mixed Agent id to get modules. It can also be an array of agent id's.
* @param mixed Array, comma delimited list or singular value of rows to
* select. If nothing is specified, nombre will be selected. A special
* character "*" will select all the values.
* @param mixed Aditional filters to the modules. It can be an indexed array
* (keys would be the field name and value the expected value, and would be
* joined with an AND operator) or a string, including any SQL clause (without
* the WHERE keyword).
* @param bool Wheter to return the modules indexed by the id_agente_modulo or
* not. Default is indexed.
* Example:
Both are similars:
$modules = get_agent_modules ($id_agent, false, array ('disabled' => 0));
$modules = get_agent_modules ($id_agent, false, 'disabled = 0');
Both are similars:
$modules = get_agent_modules ($id_agent, '*', array ('disabled' => 0, 'history_data' => 0));
$modules = get_agent_modules ($id_agent, '*', 'disabled = 0 AND history_data = 0');
*
* @return array An array with all modules in the agent.
* If multiple rows are selected, they will be in an array
*/
function get_agent_modules ($id_agent, $details = false, $filter = false, $indexed = true, $get_not_init_modules = true) {
$id_agent = safe_int ($id_agent, 1);
$where = '';
if (! empty ($id_agent)) {
$where = sprintf (' WHERE id_agente IN (%s)', implode (",", (array) $id_agent));
}
if ($where != '') {
$where .= ' AND ';
} else {
$where .= ' WHERE ';
}
$where .= 'delete_pending = 0 ';
if (! empty ($filter)) {
$where .= ' AND ';
if (is_array ($filter)) {
$fields = array ();
foreach ($filter as $field => $value) {
array_push ($fields, $field.'="'.$value.'"');
}
$where .= implode (' AND ', $fields);
} else {
$where .= $filter;
}
}
if (empty ($details)) {
$details = "nombre";
} else {
$details = safe_input ($details);
}
$sql = sprintf ('SELECT %s%s
FROM tagente_modulo
%s
ORDER BY nombre',
($details != '*' && $indexed) ? 'id_agente_modulo,' : '',
implode (",", (array) $details),
$where);
$sql = safe_output($sql);
$result = get_db_all_rows_sql ($sql);
if (empty ($result)) {
return array ();
}
if (! $indexed)
return $result;
$modules = array ();
foreach ($result as $module) {
if($get_not_init_modules || get_agentmodule_is_init($module['id_agente_modulo'])) {
if (is_array ($details) || $details == '*') {
//Just stack the information in array by ID
$modules[$module['id_agente_modulo']] = $module;
} else {
$modules[$module['id_agente_modulo']] = $module[$details];
}
}
}
return $modules;
}
/**
* Get the number of all agent modules in the database
*
* @param mixed Array of integers with agent(s) id or a single agent id. Default
* value will select all.
*
* @return int The number of agent modules
*/
function get_agent_modules_count ($id_agent = 0) {
//Make sure we're all int's and filter out bad stuff
$id_agent = safe_int ($id_agent, 1);
if (empty ($id_agent)) {
//If the array proved empty or the agent is less than 1 (eg. -1)
$filter = '';
} else {
$filter = sprintf (" WHERE id_agente IN (%s)", implode (",", (array) $id_agent));
}
return (int) get_db_sql ("SELECT COUNT(*) FROM tagente_modulo".$filter);
}
/**
* Get group icon from group.
*
* @param int id_group Id group to get the icon
*
* @return string Icon path of the given group
*/
function get_group_icon ($id_group) {
if ($id_group == 0) {
return 'world';
}
else {
return (string) get_db_value ('icon', 'tgrupo', 'id_grupo', (int) $id_group);
}
}
/**
* Get agent id from a module id that it has.
*
* @param int $id_module Id module is list modules this agent.
*
* @return int Id from the agent of the given id module.
*/
function get_agent_module_id ($id_agente_modulo) {
return (int) get_db_value ('id_agente', 'tagente_modulo', 'id_agente_modulo', $id_agente_modulo);
}
/**
* Get agent id from an agent name.
*
* @param string $agent_name Agent name to get its id.
*
* @return int Id from the agent of the given name.
*/
function get_agent_id ($agent_name) {
return (int) get_db_value ('id_agente', 'tagente', 'nombre', $agent_name);
}
/**
* Get name of an agent.
*
* @param int $id_agent Agent id.
* @param string $case Case (upper, lower, none)
*
* @return string Name of the given agent.
*/
function get_agent_name ($id_agent, $case = "none") {
$agent = (string) get_db_value ('nombre', 'tagente', 'id_agente', (int) $id_agent);
// Version 3.0 has enforced case sensitive agent names
// so we always should show real case names.
switch ($case) {
case "upper":
return mb_strtoupper ($agent,"UTF-8");
break;
case "lower":
return mb_strtolower ($agent,"UTF-8");
break;
case "none":
default:
return ($agent);
}
}
/**
* Get type name for alerts (e-mail, text, internal, ...) based on type number
*
* @param int id_alert Alert type id.
*
* @return string Type name of the alert.
*/
function get_alert_type ($id_type) {
return (string) get_db_value ('name', 'talert_templates', 'id', (int) $id_type);
}
/**
* Get the name of an exporting server
*
* @param int $id_server Server id
*
* @return string The name of given server.
*/
function dame_nombre_servidorexportacion ($id_server) {
return (string) get_db_value ('name', 'tserver_export', 'id', (int) $id_server);
}
/**
* Get the name of a plugin
*
* @param int id_plugin Plugin id.
*
* @return string The name of the given plugin
*/
function dame_nombre_pluginid ($id_plugin) {
return (string) get_db_value ('name', 'tplugin', 'id', (int) $id_plugin);
}
/**
* Get the name of a module type
*
* @param int $id_type Type id
*
* @return string The name of the given type.
*/
function get_module_type_name ($id_type) {
return (string) get_db_value ('nombre', 'ttipo_modulo', 'id_tipo', (int) $id_type);
}
/**
* Get the name of a module type
*
* @param int $id_type Type id
*
* @return string The name of the given type.
*/
function get_module_type_icon ($id_type) {
return (string) get_db_value ('icon', 'ttipo_modulo', 'id_tipo', (int) $id_type);
}
/**
* Get agent id of an agent module.
*
* @param int $id_agentmodule Agent module id.
*
* @return int The id of the agent of given agent module
*/
function get_agentmodule_agent ($id_agentmodule) {
return (int) get_db_value ('id_agente', 'tagente_modulo', 'id_agente_modulo', (int) $id_agentmodule);
}
/**
* Get agent name of an agent module.
*
* @param int $id_agente_modulo Agent module id.
*
* @return string The name of the given agent module.
*/
function get_agentmodule_agent_name ($id_agentmodule) {
// Since this is a helper function we don't need to do casting
return (string) get_agent_name (get_agentmodule_agent ($id_agentmodule));
}
/**
* Get the module name of an agent module.
*
* @param int $id_agente_modulo Agent module id.
*
* @return string Name of the given agent module.
*/
function get_agentmodule_name ($id_agente_modulo) {
return (string) get_db_value ('nombre', 'tagente_modulo', 'id_agente_modulo', (int) $id_agente_modulo);
}
/**
* Get the module type of an agent module.
*
* @param int $id_agentmodule Agent module id.
*
* @return string Module type of the given agent module.
*/
function get_agentmodule_type ($id_agentmodule) {
return (int) get_db_value ('id_tipo_modulo', 'tagente_modulo', 'id_agente_modulo', (int) $id_agentmodule);
}
/**
* DEPRECATED: User get_user_fullname
*/
function dame_nombre_real ($id_user) {
return get_user_fullname ($id_user);
}
/**
* Get all the times a monitor went down during a period.
*
* @param int $id_agent_module Agent module of the monitor.
* @param int $period Period timed to check from date
* @param int $date Date to check (now by default)
*
* @return int The number of times a monitor went down.
*/
function get_monitor_downs_in_period ($id_agent_module, $period, $date = 0) {
if ($date == 0) {
$date = get_system_time ();
}
$datelimit = $date - $period;
$sql = sprintf ("SELECT COUNT(`id_agentmodule`) FROM `tevento` WHERE
`event_type` = 'monitor_down'
AND `id_agentmodule` = %d
AND `utimestamp` > %d
AND `utimestamp` <= %d",
$id_agent_module, $datelimit, $date);
return get_db_sql ($sql);
}
/**
* Get the last time a monitor went down during a period.
*
* @param int $id_agent_module Agent module of the monitor.
* @param int $period Period timed to check from date
* @param int $date Date to check (now by default)
*
* @return int The last time a monitor went down.
*/
function get_monitor_last_down_timestamp_in_period ($id_agent_module, $period, $date = 0) {
if ($date == 0) {
$date = get_system_time ();
}
$datelimit = $date - $period;
$sql = sprintf ("SELECT MAX(`timestamp`) FROM `tevento` WHERE
event_type = 'monitor_down'
AND `id_agentmodule` = %d
AND `utimestamp` > %d
AND `utimestamp` <= %d",
$id_agent_module, $datelimit, $date);
return get_db_sql ($sql);
}
/**
* Get all the monitors defined in an group.
*
* @param int $id_group Group id to get all the monitors.
*
* @return array An array with all the monitors defined in the group (tagente_modulo).
*/
function get_monitors_in_group ($id_group) {
if ($id_group <= 0) {
//We select all groups the user has access to if it's 0 or -1
global $config;
$id_group = array_keys (get_user_groups ($config['id_user']));
}
if (is_array ($id_group)) {
$id_group = implode (",",$id_group);
}
$sql = sprintf ("SELECT `tagente_modulo`.* FROM `tagente_modulo`, `ttipo_modulo`, `tagente` WHERE
`id_tipo_modulo` = `id_tipo`
AND `tagente`.`id_agente` = `tagente_modulo`.`id_agente`
AND `ttipo_modulo`.`nombre` LIKE '%%_proc'
AND `tagente`.`id_grupo` IN (%s) ORDER BY `tagente`.`nombre`", $id_group);
return get_db_all_rows_sql ($sql);
}
/**
* Get all the events happened in a group during a period of time.
*
* The returned events will be in the time interval ($date - $period, $date]
*
* @param mixed $id_group Group id to get events for.
* @param int $period Period of time in seconds to get events.
* @param int $date Beginning date to get events.
*
* @return array An array with all the events happened.
*/
function get_group_events ($id_group, $period, $date) {
global $config;
$id_group = safe_acl_group ($config["id_user"], $id_group, "AR");
if (empty ($id_group)) {
//An empty array means the user doesn't have access
return false;
}
$datelimit = $date - $period;
$sql = sprintf ('SELECT * FROM tevento
WHERE utimestamp > %d AND utimestamp <= %d
AND id_grupo IN (%s)
ORDER BY utimestamp ASC',
$datelimit, $date, implode (",", $id_group));
return get_db_all_rows_sql ($sql);
}
/**
* Get all the events happened in an Agent during a period of time.
*
* The returned events will be in the time interval ($date - $period, $date]
*
* @param int $id_agent Agent id to get events.
* @param int $period Period of time in seconds to get events.
* @param int $date Beginning date to get events.
*
* @return array An array with all the events happened.
*/
function get_agent_events ($id_agent, $period, $date = 0) {
if (!is_numeric ($date)) {
$date = strtotime ($date);
}
if (empty ($date)) {
$date = get_system_time ();
}
$datelimit = $date - $period;
$sql = sprintf ('SELECT evento, event_type, criticity, count(*) as count_rep, max(timestamp) AS time2
FROM tevento WHERE id_agente = %d AND utimestamp > %d AND utimestamp <= %d
GROUP BY id_agentmodule, evento ORDER BY time2 DESC', $id_agent, $datelimit, $date);
return get_db_all_rows_sql ($sql);
}
/**
* Get all the events happened in an Agent during a period of time.
*
* The returned events will be in the time interval ($date - $period, $date]
*
* @param int $id_agent_module Module id to get events.
* @param int $period Period of time in seconds to get events.
* @param int $date Beginning date to get events.
*
* @return array An array with all the events happened.
*/
function get_module_events ($id_agent_module, $period, $date = 0) {
if (!is_numeric ($date)) {
$date = strtotime ($date);
}
if (empty ($date)) {
$date = get_system_time ();
}
$datelimit = $date - $period;
$sql = sprintf ('SELECT evento, event_type, criticity, count(*) as count_rep, max(timestamp) AS time2
FROM tevento WHERE id_agentmodule = %d AND utimestamp > %d AND utimestamp <= %d
GROUP BY id_agentmodule, evento ORDER BY time2 DESC', $id_agent_module, $datelimit, $date);
return get_db_all_rows_sql ($sql);
}
/**
* Get all the fired of alerts happened in an Agent during a period of time.
*
* The returned alerts will be in the time interval ($date - $period, $date]
*
* @param int $id_agent Agent id to get events.
* @param int $period Period of time in seconds to get events.
* @param int $date Beginning date to get events.
*
* @return array An array with all the events happened.
*/
function get_agent_alert_fired ($id_agent, $id_alert, $period, $date = 0) {
if (!is_numeric ($date)) {
$date = strtotime ($date);
}
if (empty ($date)) {
$date = get_system_time ();
}
$datelimit = $date - $period;
$sql = sprintf ('SELECT timestamp
FROM tevento
WHERE id_agente = %d AND utimestamp > %d AND utimestamp <= %d
AND id_alert_am = %d
ORDER BY timestamp DESC', $id_agent, $datelimit, $date, $id_alert);
return get_db_all_rows_sql ($sql);
}
/**
* Get all the fired of alerts happened in an Agent module during a period of time.
*
* The returned alerts will be in the time interval ($date - $period, $date]
*
* @param int $id_agent_module Agent module id to get events.
* @param int $period Period of time in seconds to get events.
* @param int $date Beginning date to get events.
*
* @return array An array with all the events happened.
*/
function get_module_alert_fired ($id_agent_module, $id_alert, $period, $date = 0) {
if (!is_numeric ($date)) {
$date = strtotime ($date);
}
if (empty ($date)) {
$date = get_system_time ();
}
$datelimit = $date - $period;
$sql = sprintf ('SELECT timestamp
FROM tevento
WHERE id_agentmodule = %d AND utimestamp > %d AND utimestamp <= %d
AND id_alert_am = %d
ORDER BY timestamp DESC', $id_agent_module, $datelimit, $date, $id_alert);
return get_db_all_rows_sql ($sql);
}
/**
* Get all the monitors defined in an agent.
*
* @param int $id_agent Agent id to get all the monitors.
*
* @return array An array with all the monitors defined (tagente_modulo).
*/
function get_monitors_in_agent ($id_agent) {
$sql = sprintf ("SELECT `tagente_modulo`.*
FROM `tagente_modulo`, `ttipo_modulo`, `tagente`
WHERE `id_tipo_modulo` = `id_tipo`
AND `tagente`.`id_agente` = `tagente_modulo`.`id_agente`
AND `ttipo_modulo`.`nombre` LIKE '%%_proc'
AND `tagente`.`id_agente` = %d", $id_agent);
return get_db_all_rows_sql ($sql);
}
/**
* Get all the monitors down during a period of time.
*
* @param array $monitors An array with all the monitors to check. Each
* element of the array must be a dictionary.
* @param int $period Period of time to check the monitors.
* @param int $date Beginning date to check the monitors.
*
* @return array An array with all the monitors that went down in that
* period of time.
*/
function get_monitors_down ($monitors, $period = 0, $date = 0) {
$monitors_down = array ();
if (empty ($monitors))
return $monitors_down;
foreach ($monitors as $monitor) {
$down = get_monitor_downs_in_period ($monitor['id_agente_modulo'], $period, $date);
if ($down > 0)
array_push ($monitors_down, $monitor);
}
return $monitors_down;
}
/**
* Get all the times an alerts fired during a period.
*
* @param int Alert module id.
* @param int Period timed to check from date
* @param int Date to check (current time by default)
*
* @return int The number of times an alert fired.
*/
function get_alert_fires_in_period ($id_alert_module, $period, $date = 0) {
if (!$date)
$date = get_system_time ();
$datelimit = $date - $period;
$sql = sprintf ("SELECT COUNT(`id_agentmodule`) FROM `tevento` WHERE
`event_type` = 'alert_fired'
AND `id_alert_am` = %d
AND `utimestamp` > %d
AND `utimestamp` <= %d",
$id_alert_module, $datelimit, $date);
return (int) get_db_sql ($sql);
}
/**
* Get all the alerts defined in a group.
*
* It gets all the alerts of all the agents on a given group.
*
* @param int $id_group Group id to check.
*
* @return array An array with alerts dictionaries defined in a group.
*/
function get_group_alerts ($id_group) {
global $config;
require_once ($config["homedir"].'/include/functions_agents.php');
$alerts = array ();
$agents = get_group_agents ($id_group, false, "none");
foreach ($agents as $agent_id => $agent_name) {
$agent_alerts = get_agent_alerts ($agent_id);
$alerts = array_merge ($alerts, $agent_alerts);
}
return $alerts;
}
/**
* Get all the alerts fired during a period, given a list of alerts.
*
* @param array A list of alert modules to check. See get_alerts_in_group()
* @param int Period of time to check fired alerts.
* @param int Beginning date to check fired alerts in UNIX format (current date by default)
*
* @return array An array with the alert id as key and the number of times
* the alert was fired (only included if it was fired).
*/
function get_alerts_fired ($alerts, $period = 0, $date = 0) {
if (! $date)
$date = get_system_time ();
$datelimit = $date - $period;
$alerts_fired = array ();
$agents = array ();
foreach ($alerts as $alert) {
if (isset($alert['id'])){
$fires = get_alert_fires_in_period ($alert['id'], $period, $date);
if (! $fires) {
continue;
}
$alerts_fired[$alert['id']] = $fires;
}
}
return $alerts_fired;
}
/**
* Get the last time an alert fired during a period.
*
* @param int Alert agent module id.
* @param int Period timed to check from date
* @param int Date to check (current date by default)
*
* @return int The last time an alert fired. It's an UNIX timestamp.
*/
function get_alert_last_fire_timestamp_in_period ($id_alert_module, $period, $date = 0) {
if ($date == 0) {
$date = get_system_time ();
}
$datelimit = $date - $period;
$sql = sprintf ("SELECT MAX(`utimestamp`) FROM `tevento` WHERE
`event_type` = 'alert_fired'
AND `id_alert_am` = %d
AND `utimestamp` > %d
AND `utimestamp` <= %d",
$id_alert_module, $datelimit, $date);
return get_db_sql ($sql);
}
/**
* Get the server name.
*
* @param int Server id.
*
* @return string Name of the given server
*/
function get_server_name ($id_server) {
return (string) get_db_value ('name', 'tserver', 'id_server', (int) $id_server);
}
/**
* Get the module type name (type = generic_data, remote_snmp, ...)
*
* @param int $id_type Type id
*
* @return string Name of the given type.
*/
function get_moduletype_name ($id_type) {
return (string) get_db_value ('nombre', 'ttipo_modulo', 'id_tipo', (int) $id_type);
}
/**
* Get the module type description
*
* @param int $id_type Type id
*
* @return string Description of the given type.
*/
function get_moduletype_description ($id_type) {
return (string) get_db_value ('descripcion', 'ttipo_modulo', 'id_tipo', (int) $id_type);
}
/**
* Returns an array with all module types (default) or if "remote" or "agent"
* is passed it will return only remote (ICMP, SNMP, TCP...) module types
* otherwise the full list + the column you specify
*
* @param string Specifies which type to return (will return an array with id's)
* @param string Which rows to select (defaults to nombre)
*
* @return array Either the full table or if a type is specified, an array with id's
*/
function get_moduletypes ($type = "all", $rows = "nombre") {
$return = array ();
$rows = (array) $rows; //Cast as array
$row_cnt = count ($rows);
if ($type == "remote") {
return array_merge (range (6,18), (array) 100);
} elseif ($type == "agent") {
return array_merge (range (1,4), range (19,24));
}
$sql = sprintf ("SELECT id_tipo,%s FROM ttipo_modulo", implode (",", $rows));
$result = get_db_all_rows_sql ($sql);
if ($result === false) {
return $return;
}
foreach ($result as $type) {
if ($row_cnt > 1) {
$return[$type["id_tipo"]] = $type;
} else {
$return[$type["id_tipo"]] = $type[reset ($rows)];
}
}
return $return;
}
/**
* @deprecated Use get_agent_group ($id) now (fully compatible)
*/
function dame_id_grupo ($id_agent) {
return get_agent_group ($id_agent);
}
/**
* Get the number of pandora data packets in the database.
*
* In case an array is passed, it will have a value for every agent passed
* incl. a total otherwise it will just return the total
*
* @param mixed Agent id or array of agent id's, 0 for all
*
* @return mixed The number of data in the database
*/
function get_agent_modules_data_count ($id_agent = 0) {
$id_agent = safe_int ($id_agent, 1);
if (empty ($id_agent)) {
$id_agent = array ();
} else {
$id_agent = (array) $id_agent;
}
$count = array ();
$count["total"] = 0;
$query[0] = "SELECT COUNT(*) FROM tagente_datos";
//$query[1] = "SELECT COUNT(*) FROM tagente_datos_inc";
//$query[2] = "SELECT COUNT(*) FROM tagente_datos_string";
foreach ($id_agent as $agent_id) {
//Init value
$count[$agent_id] = 0;
$modules = array_keys (get_agent_modules ($agent_id));
foreach ($query as $sql) {
//Add up each table's data
$count[$agent_id] += (int) get_db_sql ($sql." WHERE id_agente_modulo IN (".implode (",", $modules).")", 0, true);
}
//Add total agent count to total count
$count["total"] += $count[$agent_id];
}
if ($count["total"] == 0) {
foreach ($query as $sql) {
$count["total"] += (int) get_db_sql ($sql, 0, true);
}
}
if (!isset ($agent_id)) {
//If agent_id is not set, it didn't loop through any agents
return $count["total"];
}
return $count; //Return the array
}
/**
* Get the operating system name.
*
* @param int Operating system id.
*
* @return string Name of the given operating system.
*/
function get_os_name ($id_os) {
return (string) get_db_value ('name', 'tconfig_os', 'id_os', (int) $id_os);
}
/**
* @deprecated Use is_user_admin
*/
function dame_admin ($id_user) {
return is_user_admin ($id_user);
}
/**
* Check if an agent has alerts fired.
*
* @param int Agent id.
*
* @return bool True if the agent has fired alerts.
*/
function check_alert_fired ($id_agent) {
$sql = sprintf ("SELECT COUNT(*)
FROM talert_template_modules, tagente_modulo
WHERE talert_template_modules.id_agent_module = tagente_modulo.id_agente_modulo
AND times_fired > 0 AND id_agente = %d",
$id_agent);
$value = get_db_sql ($sql);
if ($value > 0)
return true;
return false;
}
/**
* Get the interval value of an agent module.
*
* If the module interval is not set, the agent interval is returned
*
* @param int Id agent module to get the interval value.
*
* @return int Module interval or agent interval if no module interval
*/
function get_module_interval ($id_agent_module) {
$interval = (int) get_db_value ('module_interval', 'tagente_modulo', 'id_agente_modulo', (int) $id_agent_module);
if ($interval > 0)
return $interval;
$id_agent = give_agent_id_from_module_id ($id_agent_module);
return (int) get_agent_interval ($id_agent);
}
/**
* Get the interval of an agent.
*
* @param int Agent id.
*
* @return int The interval value of a given agent
*/
function get_agent_interval ($id_agent) {
return (int) get_db_value ('intervalo', 'tagente', 'id_agente', $id_agent);
}
/**
* Get the operating system of an agent.
*
* @param int Agent id.
*
* @return int The interval value of a given agent
*/
function get_agent_os ($id_agent) {
return (int) get_db_value ('id_os', 'tagente', 'id_agente', $id_agent);
}
/**
* Get the flag value of an agent module.
*
* @param int Agent module id.
*
* @return bool The flag value of an agent module.
*/
function give_agentmodule_flag ($id_agent_module) {
return get_db_value ('flag', 'tagente_modulo', 'id_agente_modulo', $id_agent_module);
}
/**
* Get all groups in array with index as id_group
*/
function get_all_groups($groupWithAgents = false) {
$sql = 'SELECT id_grupo, nombre FROM tgrupo';
global $config;
if ($groupWithAgents)
$sql .= ' WHERE id_grupo IN (SELECT id_grupo FROM tagente GROUP BY id_grupo)';
$sql .= ' ORDER BY nombre DESC';
$rows = get_db_all_rows_sql ($sql);
$return = array();
foreach ($rows as $row) {
if (give_acl ($config['id_user'], $row["id_grupo"], "AR"))
$return[$row['id_grupo']] = $row['nombre'];
}
return $return;
}
/**
* Get a list of all users in an array [username] => (info)
*
* @param string Field to order by (id_usuario, nombre_real or fecha_registro)
* @param string Which info to get (defaults to nombre_real)
*
* @return array An array of users
*/
function get_users_info ($order = "fullname", $info = "fullname") {
$users = get_users ($order);
$ret = array ();
foreach ($users as $user_id => $user_info) {
$ret[$user_id] = $user_info[$info];
}
return $ret;
}
/**
* Get all the Model groups a user has reading privileges.
*
* @param string User id
* @param string The privilege to evaluate
*
* @return array A list of the groups the user has certain privileges.
*/
function get_all_model_groups () {
$groups = get_db_all_rows_in_table ('tmodule_group');
$returnGroups = array();
foreach ($groups as $group)
$returnGroups[$group['id_mg']] = $group['name'];
$returnGroups[0] = "Not assigned"; //Module group external to DB but it exist
return $returnGroups;
}
/**
* Get all the groups a user has reading privileges.
*
* @param string User id
* @param string The privilege to evaluate, and it is false then no check ACL.
* @param boolean $returnAllGroup Flag the return group, by default true.
* @param boolean $returnAllColumns Flag to return all columns of groups.
*
* @return array A list of the groups the user has certain privileges.
*/
function get_user_groups ($id_user = false, $privilege = "AR", $returnAllGroup = true, $returnAllColumns = false) {
if (empty ($id_user)) {
global $config;
$id_user = $config['id_user'];
}
$user_groups = array ();
$groups = get_db_all_rows_in_table ('tgrupo', 'nombre');
if (!$groups)
return $user_groups;
if ($returnAllGroup) { //All group
if ($returnAllColumns) {
$groups[] = array('id_grupo' => 0, 'nombre' => __('All'),
'icon' => 'world', 'parent' => 0, 'disabled' => 0,
'custom_id' => null, 'propagate' => 0);
}
else {
$groups[] = array('id_grupo' => 0, 'nombre' => __("All"));
}
}
foreach ($groups as $group) {
if ($privilege === false) {
if ($returnAllColumns) {
$user_groups[$group['id_grupo']] = $group;
}
else {
$user_groups[$group['id_grupo']] = $group['nombre'];
}
}
else if (give_acl ($id_user, $group["id_grupo"], $privilege)) {
if ($returnAllColumns) {
$user_groups[$group['id_grupo']] = $group;
}
else {
$user_groups[$group['id_grupo']] = $group['nombre'];
}
}
}
ksort($user_groups);
return $user_groups;
}
/**
* Make with a list of groups a treefied list of groups.
*
* @param array $groups The list of groups to create the treefield list.
* @param integer $parent The id_group of parent actual scan branch.
* @param integer $deep The level of profundity in the branch.
*
* @return array The treefield list of groups.
*/
function get_user_groups_tree_recursive($groups, $parent = 0, $deep = 0) {
$return = array();
foreach ($groups as $key => $group) {
if (($key == 0) && ($parent == 0)) { //When the groups is the all group
$group['deep'] = $deep;
$group['hash_branch'] = true;
$deep ++;
$return = $return + array($key => $group);
}
else if ($group['parent'] == $parent) {
$group['deep'] = $deep;
$branch = get_user_groups_tree_recursive($groups, $key, $deep + 1);
if (empty($branch)) {
$group['hash_branch'] = false;
}
else {
$group['hash_branch'] = true;
}
$return = $return + array($key => $group) + $branch;
}
}
return $return;
}
/**
* Get all the groups a user has reading privileges. Version for tree groups.
*
* @param string User id
* @param string The privilege to evaluate
* @param boolean $returnAllGroup Flag the return group, by default true.
* @param boolean $returnAllColumns Flag to return all columns of groups.
*
* @return array A treefield list of the groups the user has certain privileges.
*/
function get_user_groups_tree($id_user = false, $privilege = "AR", $returnAllGroup = true) {
$user_groups = get_user_groups ($id_user, $privilege, $returnAllGroup, true);
$user_groups_tree = get_user_groups_tree_recursive($user_groups);
return $user_groups_tree;
}
/**
* Get the first group of an user.
*
* Useful function when you need a default group for a user.
*
* @param string User id
* @param string The privilege to evaluate
*
* @return array The first group where the user has certain privileges.
*/
function get_user_first_group ($id_user = false, $privilege = "AR") {
return array_shift (array_keys (get_user_groups ($id_user, $privilege)));
}
/**
* Get module type icon.
*
* TODO: Create print_moduletype_icon and print the full tag including hover etc.
* @deprecated Use print_moduletype_icon instead
*
* @param int Module type id
*
* @return string Icon filename of the given group
*/
function show_icon_type ($id_type) {
return (string) get_db_value ('icon', 'ttipo_modulo', 'id_tipo', $id_type);
}
/**
* Return a string containing image tag for a given target id (server)
* TODO: Make this print_servertype_icon and move to functions_ui.php. Make XHTML compatible. Make string translatable
*
* @deprecated Use print_servertype_icon instead
*
* @param int Server type id
*
* @return string Fully formatted IMG HTML tag with icon
*/
function show_server_type ($id) {
global $config;
switch ($id) {
case 1:
return '';
break;
case 2:
return '';
break;
case 4:
return '';
break;
case 5:
return '';
break;
case 6:
return '';
break;
case 7:
return '';
break;
default:
return "--";
}
}
/**
* Get a module category name
*
* @param int Id category
*
* @return Name of the given category
*/
function give_modulecategory_name ($id_category) {
switch ($id_category) {
case 0:
return __('Software agent data');
break;
case 1:
return __('Software agent monitor');
break;
case 2:
return __('Network agent data');
break;
case 3:
return __('Network agent monitor');
break;
}
return __('Unknown');
}
/**
* Get a network profile name.
*
* @param int Id network profile
*
* @return string Name of the given network profile.
*/
function get_networkprofile_name ($id_network_profile) {
return (string) get_db_value ('name', 'tnetwork_profile', 'id_np', $id_network_profile);
}
/**
* Assign an IP address to an agent.
*
* @param int Agent id
* @param string IP address to assign
*/
function agent_add_address ($id_agent, $ip_address) {
// Check if already is attached to agent
$sql = sprintf ("SELECT COUNT(`ip`) FROM taddress_agent, taddress
WHERE taddress_agent.id_a = taddress.id_a
AND ip = '%s' AND id_agent = %d",$ip_address,$id_agent);
$current_address = get_db_sql ($sql);
if ($current_address > 0)
return;
// Look for a record with this IP Address
$id_address = (int) get_db_value ('id_a', 'taddress', 'ip', $ip_address);
if ($id_address === 0) {
// Create IP address in tadress table
$sql = sprintf("INSERT INTO taddress (ip) VALUES ('%s')",$ip_address);
$id_address = process_sql ($sql, "insert_id");
}
// Add address to agent
$sql = sprintf("INSERT INTO taddress_agent
(id_a, id_agent) VALUES
(%d, %d)",$id_address, $id_agent);
process_sql ($sql);
}
/**
* Unassign an IP address from an agent.
*
* @param int Agent id
* @param string IP address to unassign
*/
function agent_delete_address ($id_agent, $ip_address) {
global $config;
$sql = sprintf ("SELECT id_ag FROM taddress_agent, taddress
WHERE taddress_agent.id_a = taddress.id_a AND ip = '%s'
AND id_agent = %d",$ip_address, $id_agent);
$id_ag = get_db_sql ($sql);
if ($id_ag !== false) {
$sql = sprintf ("DELETE FROM taddress_agent WHERE id_ag = %d",$id_ag);
process_sql ($sql);
}
$agent_name = get_agent_name($id_agent, "");
audit_db ($config['id_user'], $_SERVER['REMOTE_ADDR'], "Agent management",
"Deleted IP $ip_address from agent '$agent_name'");
// Need to change main address?
if (get_agent_address ($id_agent) == $ip_address) {
$new_ips = get_agent_addresses ($id_agent);
// Change main address in agent to first one in the list
$query = sprintf ("UPDATE tagente SET `direccion` = '%s' WHERE id_agente = %d", current ($new_ips), $id_agent);
process_sql ($query);
}
}
/**
* Get address of an agent.
*
* @param int Agent id
*
* @return string The address of the given agent
*/
function get_agent_address ($id_agent) {
return (string) get_db_value ('direccion', 'tagente', 'id_agente', (int) $id_agent);
}
/**
* Get the agent that matches an IP address
*
* @param string IP address to get the agents.
*
* @return mixed The agent that has the IP address given. False if none were found.
*/
function get_agent_with_ip ($ip_address) {
$sql = sprintf ('SELECT tagente.*
FROM tagente, taddress, taddress_agent
WHERE tagente.id_agente = taddress_agent.id_agent
AND taddress_agent.id_a = taddress.id_a
AND ip = "%s"', $ip_address);
return get_db_row_sql ($sql);
}
/**
* Get all IP addresses of an agent
*
* @param int Agent id
*
* @return array Array with the IP address of the given agent or an empty array.
*/
function get_agent_addresses ($id_agent) {
$sql = sprintf ("SELECT ip FROM taddress_agent, taddress
WHERE taddress_agent.id_a = taddress.id_a
AND id_agent = %d", $id_agent);
$ips = get_db_all_rows_sql ($sql);
if ($ips === false) {
$ips = array ();
}
$ret_arr = array ();
foreach ($ips as $row) {
$ret_arr[$row["ip"]] = $row["ip"];
}
return $ret_arr;
}
/**
* Get agent id from an agent module.
*
* @param int Id of the agent module.
*
* @return int The agent if of the given module.
*/
function give_agent_id_from_module_id ($id_agent_module) {
return (int) get_db_value ('id_agente', 'tagente_modulo', 'id_agente_modulo', $id_agent_module);
}
$sql_cache = array ('saved' => 0);
/**
* Get the first value of the first row of a table in the database.
*
* @param string Field name to get
* @param string Table to retrieve the data
* @param string Field to filter elements
* @param string Condition the field must have
*
* @return mixed Value of first column of the first row. False if there were no row.
*/
function get_db_value ($field, $table, $field_search = 1, $condition = 1, $search_history_db = false) {
if (is_int ($condition)) {
$sql = sprintf ("SELECT %s FROM %s WHERE %s = %d LIMIT 1",
$field, $table, $field_search, $condition);
} else if (is_float ($condition) || is_double ($condition)) {
$sql = sprintf ("SELECT %s FROM %s WHERE %s = %f LIMIT 1",
$field, $table, $field_search, $condition);
} else {
$sql = sprintf ("SELECT %s FROM %s WHERE %s = '%s' LIMIT 1",
$field, $table, $field_search, $condition);
}
$result = get_db_all_rows_sql ($sql, $search_history_db);
if ($result === false)
return false;
if ($field[0] == '`')
$field = str_replace ('`', '', $field);
return $result[0][$field];
}
/**
* Get the first value of the first row of a table in the database from an
* array with filter conditions.
*
* Example:
get_db_value_filter ('name', 'talert_templates',
array ('value' => 2, 'type' => 'equal'));
// Equivalent to:
// SELECT name FROM talert_templates WHERE value = 2 AND type = 'equal' LIMIT 1
get_db_value_filter ('description', 'talert_templates',
array ('name' => 'My alert', 'type' => 'regex'), 'OR');
// Equivalent to:
// SELECT description FROM talert_templates WHERE name = 'My alert' OR type = 'equal' LIMIT 1
*
* @param string Field name to get
* @param string Table to retrieve the data
* @param array Conditions to filter the element. See format_array_to_where_clause_sql()
* for the format
* @param string Join operator for the elements in the filter.
*
* @return mixed Value of first column of the first row. False if there were no row.
*/
function get_db_value_filter ($field, $table, $filter, $where_join = 'AND') {
if (! is_array ($filter) || empty ($filter))
return false;
/* Avoid limit and offset if given */
unset ($filter['limit']);
unset ($filter['offset']);
$sql = sprintf ("SELECT %s FROM %s WHERE %s LIMIT 1",
$field, $table,
format_array_to_where_clause_sql ($filter, $where_join));
$result = get_db_all_rows_sql ($sql);
if ($result === false)
return false;
$fieldClean = str_replace('`', '', $field);
return $result[0][$fieldClean];
}
/**
* Get the first value of the first row of a table result from query.
*
* @param string SQL select statement to execute.
*
* @return the first value of the first row of a table result from query.
*
*/
function get_db_value_sql ($sql) {
$sql .= " LIMIT 1";
$result = get_db_all_rows_sql ($sql);
if($result === false)
return false;
foreach ($result[0] as $f)
return $f;
}
/**
* Get the first row of an SQL database query.
*
* @param string SQL select statement to execute.
*
* @return mixed The first row of the result or false
*/
function get_db_row_sql ($sql, $search_history_db = false) {
$sql .= " LIMIT 1";
$result = get_db_all_rows_sql ($sql, $search_history_db);
if($result === false)
return false;
return $result[0];
}
/**
* Get the first row of a database query into a table.
*
* The SQL statement executed would be something like:
* "SELECT (*||$fields) FROM $table WHERE $field_search = $condition"
*
* @param string Table to get the row
* @param string Field to filter elements
* @param string Condition the field must have.
* @param mixed Fields to select (array or string or false/empty for *)
*
* @return mixed The first row of a database query or false.
*/
function get_db_row ($table, $field_search, $condition, $fields = false) {
if (empty ($fields)) {
$fields = '*';
} else {
if (is_array ($fields))
$fields = implode (',', $fields);
else if (! is_string ($fields))
return false;
}
if (is_int ($condition)) {
$sql = sprintf ("SELECT %s FROM `%s` WHERE `%s` = %d LIMIT 1",
$fields, $table, $field_search, $condition);
} else if (is_float ($condition) || is_double ($condition)) {
$sql = sprintf ("SELECT %s FROM `%s` WHERE `%s` = %f LIMIT 1",
$fields, $table, $field_search, $condition);
} else {
$sql = sprintf ("SELECT %s FROM `%s` WHERE `%s` = '%s' LIMIT 1",
$fields, $table, $field_search, $condition);
}
$result = get_db_all_rows_sql ($sql);
if ($result === false)
return false;
return $result[0];
}
/**
* Get the row of a table in the database using a complex filter.
*
* @param string Table to retrieve the data (warning: not cleaned)
* @param mixed Filters elements. It can be an indexed array
* (keys would be the field name and value the expected value, and would be
* joined with an AND operator) or a string, including any SQL clause (without
* the WHERE keyword). Example:
Both are similars:
get_db_row_filter ('table', array ('disabled', 0));
get_db_row_filter ('table', 'disabled = 0');
Both are similars:
get_db_row_filter ('table', array ('disabled' => 0, 'history_data' => 0), 'name, description', 'OR');
get_db_row_filter ('table', 'disabled = 0 OR history_data = 0', 'name, description');
get_db_row_filter ('table', array ('disabled' => 0, 'history_data' => 0), array ('name', 'description'), 'OR');
* @param mixed Fields of the table to retrieve. Can be an array or a coma
* separated string. All fields are retrieved by default
* @param string Condition to join the filters (AND, OR).
*
* @return mixed Array of the row or false in case of error.
*/
function get_db_row_filter ($table, $filter, $fields = false, $where_join = 'AND') {
if (empty ($fields)) {
$fields = '*';
} else {
if (is_array ($fields))
$fields = implode (',', $fields);
else if (! is_string ($fields))
return false;
}
if (is_array ($filter))
$filter = format_array_to_where_clause_sql ($filter, $where_join, ' WHERE ');
else if (is_string ($filter))
$filter = 'WHERE '.$filter;
else
$filter = '';
$sql = sprintf ('SELECT %s FROM %s %s',
$fields, $table, $filter);
return get_db_row_sql ($sql);
}
/**
* Get a single field in the databse from a SQL query.
*
* @param string SQL statement to execute
* @param mixed Field number or row to get, beggining by 0. Default: 0
*
* @return mixed The selected field of the first row in a select statement.
*/
function get_db_sql ($sql, $field = 0, $search_history_db = false) {
$result = get_db_all_rows_sql ($sql, $search_history_db);
if($result === false)
return false;
$ax = 0;
foreach ($result[0] as $f){
if ($field == $ax)
return $f;
$ax++;
}
}
/**
* Get all the result rows using an SQL statement.
*
* @param string SQL statement to execute.
* @param bool If want to search in history database also
* @param bool If want to use cache (true by default)
*
* @return mixed A matrix with all the values returned from the SQL statement or
* false in case of empty result
*/
function get_db_all_rows_sql ($sql, $search_history_db = false, $cache = true) {
global $config;
$history = array ();
// To disable globally SQL cache depending on global variable.
// Used in several critical places like Metaconsole trans-server queries
if (isset($config["dbcache"]))
$cache = $config["dbcache"];
// Read from the history DB if necessary
if ($search_history_db) {
$cache = false;
$history = false;
if (isset($config['history_db_connection']))
$history = process_sql ($sql, 'affected_rows', $config['history_db_connection'], false);
if ($history === false) {
$history = array ();
}
}
$return = process_sql ($sql, 'affected_rows', $config['dbconnection'], $cache);
if ($return === false) {
return false;
}
// Append result to the history DB data
if (! empty ($return)) {
foreach ($return as $row) {
array_push ($history, $row);
}
}
if (! empty ($history))
return $history;
//Return false, check with === or !==
return false;
}
/**
* Get all the rows of a table in the database that matches a filter.
*
* @param string Table to retrieve the data (warning: not cleaned)
* @param mixed Filters elements. It can be an indexed array
* (keys would be the field name and value the expected value, and would be
* joined with an AND operator) or a string, including any SQL clause (without
* the WHERE keyword). Example:
*
* Both are similars:
* get_db_all_rows_filter ('table', array ('disabled', 0));
* get_db_all_rows_filter ('table', 'disabled = 0');
*
* Both are similars:
* get_db_all_rows_filter ('table', array ('disabled' => 0, 'history_data' => 0), 'name', 'OR');
* get_db_all_rows_filter ('table', 'disabled = 0 OR history_data = 0', 'name');
*
* @param mixed Fields of the table to retrieve. Can be an array or a coma
* separated string. All fields are retrieved by default
* @param string Condition of the filter (AND, OR).
* @param bool $returnSQL Return a string with SQL instead the data, by default false.
*
* @return mixed Array of the row or false in case of error.
*/
function get_db_all_rows_filter ($table, $filter = array(), $fields = false, $where_join = 'AND', $search_history_db = false, $returnSQL = false) {
//TODO: Validate and clean fields
if (empty ($fields)) {
$fields = '*';
}
elseif (is_array ($fields)) {
$fields = implode (',', $fields);
}
elseif (! is_string ($fields)) {
return false;
}
//TODO: Validate and clean filter options
if (is_array ($filter)) {
$filter = format_array_to_where_clause_sql ($filter, $where_join, ' WHERE ');
}
elseif (is_string ($filter)) {
$filter = 'WHERE '.$filter;
}
else {
$filter = '';
}
$sql = sprintf ('SELECT %s FROM %s %s', $fields, $table, $filter);
if ($returnSQL)
return $sql;
else
return get_db_all_rows_sql ($sql, $search_history_db);
}
/**
* Get row by row the DB by SQL query. The first time pass the SQL query and
* rest of times pass none for iterate in table and extract row by row, and
* the end return false.
*
* @param bool $new Default true, if true start to query.
* @param resource $result The resource of mysql for access to query.
* @param string $sql
* @return mixed The row or false in error.
*/
function get_db_all_row_by_steps_sql($new = true, &$result, $sql = null) {
if ($new == true)
$result = mysql_query($sql);
return mysql_fetch_assoc($result);
}
/**
* Return the count of rows of query.
*
* @param $sql
* @return integer The count of rows of query.
*/
function get_db_num_rows ($sql) {
$result = mysql_query($sql);
return mysql_num_rows($result);
}
/**
* Error handler function when an SQL error is triggered.
*
* @param int Level of the error raised (not used, but required by set_error_handler()).
* @param string Contains the error message.
*
* @return bool True if error level is lower or equal than errno.
*/
function sql_error_handler ($errno, $errstr) {
global $config;
/* If debug is activated, this will also show the backtrace */
if (debug ($errstr))
return false;
if (error_reporting () <= $errno)
return false;
echo "SQL error: ".$errstr."
\n";
return true;
}
/**
* Add a database query to the debug trace.
*
* This functions does nothing if the config['debug'] flag is not set. If a
* sentence was repeated, then the 'saved' counter is incremented.
*
* @param string SQL sentence.
* @param mixed Query result. On error, error string should be given.
* @param int Affected rows after running the query.
* @param mixed Extra parameter for future values.
*/
function add_database_debug_trace ($sql, $result = false, $affected = false, $extra = false) {
global $config;
if (! isset ($config['debug']))
return false;
if (! isset ($config['db_debug']))
$config['db_debug'] = array ();
if (isset ($config['db_debug'][$sql])) {
$config['db_debug'][$sql]['saved']++;
return;
}
$var = array ();
$var['sql'] = $sql;
$var['result'] = $result;
$var['affected'] = $affected;
$var['saved'] = 0;
$var['extra'] = $extra;
$config['db_debug'][$sql] = $var;
}
/**
* Clean the cache for to have errors and ghost rows when you do "select
".__('Name')." | "; echo "".__('Oper')." | "; /* Translators: Abbrevation for Time threshold */ echo "".__('Tt')." | "; echo "".__('Firing')." | "; echo "".__('Time')." | "; /* Translators: Abbrevation for Description */ echo "".__('Desc')." | "; echo "".__('Recovery')." | "; echo "".__('MinMax.Al')." | "; echo "".__('Days')." | "; echo "".__('Fired')." | "; foreach ($result as $row2) { if ($color == 1) { $tdcolor = "datos"; $color = 0; } else { $tdcolor = "datos2"; $color = 1; } echo "||
---|---|---|---|---|---|---|---|---|---|---|---|
".get_db_sql ("SELECT nombre FROM tagente_modulo WHERE id_agente_modulo =".$row2["id_agente_modulo"])." | "; echo "".$row2["operation"]." | "; echo "".human_time_description ($row2["time_threshold"])." | "; if ($row2["dis_min"]!=0) { $mytempdata = fmod ($row2["dis_min"], 1); if ($mytempdata == 0) { $mymin = intval ($row2["dis_min"]); } else { $mymin = format_for_graph ($row2["dis_min"]); } } else { $mymin = 0; } if ($row2["dis_max"]!=0) { $mytempdata = fmod ($row2["dis_max"], 1); if ($mytempdata == 0) { $mymax = intval ($row2["dis_max"]); } else { $mymax = format_for_graph ($row2["dis_max"]); } } else { $mymax = 0; } if (($mymin == 0) && ($mymax == 0)) { $mymin = __('N/A'); $mymax = $mymin; } // We have alert text ? if ($row2["alert_text"]!= "") { echo "".__('Text')." | "; } else { echo "".$mymin."/".$mymax." | "; } // Alert times echo ""; echo get_alert_times ($row2); // Description echo " | ".substr ($row2["descripcion"],0,20); // Has recovery notify activated ? if ($row2["recovery_notify"] > 0) { $recovery_notify = __('Yes'); } else { $recovery_notify = __('No'); } echo " | ".$recovery_notify; // calculare firing conditions if ($row2["alert_text"] != ""){ $firing_cond = __('Text')."(".substr ($row2["alert_text"],0,8).")"; } else { $firing_cond = $row2["min_alerts"]." / ".$row2["max_alerts"]; } echo " | ".$firing_cond; // calculate days $firing_days = get_alert_days ( $row2 ); echo " | ".$firing_days; // Fired ? if ($row2["times_fired"]>0) { echo " | "; } else { echo " | "; } } echo " |
* process_sql_update ('table', array ('field' => 1), array ('id' => $id));
* process_sql_update ('table', array ('field' => 1), array ('id' => $id, 'name' => $name));
* process_sql_update ('table', array ('field' => 1), array ('id' => $id, 'name' => $name), 'OR');
* process_sql_update ('table', array ('field' => 2), 'id in (1, 2, 3) OR id > 10');
*
*
* @param string Table to insert into
* @param array An associative array of values to update
* @param mixed An associative array of field and value matches. Will be joined
* with operator specified by $where_join. A custom string can also be provided.
* If nothing is provided, the update will affect all rows.
* @param string When a $where parameter is given, this will work as the glue
* between the fields. "AND" operator will be use by default. Other values might
* be "OR", "AND NOT", "XOR"
*
* @return mixed False in case of error or invalid values passed. Affected rows otherwise
*/
function process_sql_update ($table, $values, $where = false, $where_join = 'AND') {
$query = sprintf ("UPDATE `%s` SET %s",
$table,
format_array_to_update_sql ($values));
if ($where) {
if (is_string ($where)) {
// No clean, the caller should make sure all input is clean, this is a raw function
$query .= " WHERE ".$where;
} else if (is_array ($where)) {
$query .= format_array_to_where_clause_sql ($where, $where_join, ' WHERE ');
}
}
return process_sql ($query);
}
/**
* Delete database records.
*
* All values should be cleaned before passing. Quoting isn't necessary.
* Examples:
*
*
* process_sql_delete ('table', array ('id' => 1));
* // DELETE FROM table WHERE id = 1
* process_sql_delete ('table', array ('id' => 1, 'name' => 'example'));
* // DELETE FROM table WHERE id = 1 AND name = 'example'
* process_sql_delete ('table', array ('id' => 1, 'name' => 'example'), 'OR');
* // DELETE FROM table WHERE id = 1 OR name = 'example'
* process_sql_delete ('table', 'id in (1, 2, 3) OR id > 10');
* // DELETE FROM table WHERE id in (1, 2, 3) OR id > 10
*
*
* @param string Table to insert into
* @param array An associative array of values to update
* @param mixed An associative array of field and value matches. Will be joined
* with operator specified by $where_join. A custom string can also be provided.
* If nothing is provided, the update will affect all rows.
* @param string When a $where parameter is given, this will work as the glue
* between the fields. "AND" operator will be use by default. Other values might
* be "OR", "AND NOT", "XOR"
*
* @return mixed False in case of error or invalid values passed. Affected rows otherwise
*/
function process_sql_delete ($table, $where, $where_join = 'AND') {
if (empty ($where))
/* Should avoid any mistake that lead to deleting all data */
return false;
$query = sprintf ("DELETE FROM `%s` WHERE ", $table);
if ($where) {
if (is_string ($where)) {
/* FIXME: Should we clean the string for sanity?
Who cares if this is deleting data... */
$query .= $where;
} else if (is_array ($where)) {
$query .= format_array_to_where_clause_sql ($where, $where_join);
}
}
return process_sql ($query);
}
/**
* Starts a database transaction.
*/
function process_sql_begin () {
mysql_query ('SET AUTOCOMMIT = 0');
mysql_query ('START TRANSACTION');
}
/**
* Commits a database transaction.
*/
function process_sql_commit () {
mysql_query ('COMMIT');
mysql_query ('SET AUTOCOMMIT = 0');
}
/**
* Rollbacks a database transaction.
*/
function process_sql_rollback () {
mysql_query ('ROLLBACK');
mysql_query ('SET AUTOCOMMIT = 0');
}
/**
* Get all the users belonging to a group.
*
* @param int $id_group The group id to look for
*
* @return array An array with all the users or an empty array
*/
function get_group_users ($id_group, $filter = false) {
if (! is_array ($filter))
$filter = array ();
$filter['id_grupo'] = $id_group;
$resulta = array();
$resulta = get_db_all_rows_filter ("tusuario_perfil", $filter);
// The users of the group All (0) will be also returned
$filter['id_grupo'] = 0;
$resultb = array();
$resultb = get_db_all_rows_filter ("tusuario_perfil", $filter);
if($resulta == false && $resultb == false)
$result = false;
elseif($resulta == false)
$result = $resultb;
elseif($resultb == false)
$result = $resulta;
else
$result = array_merge($resulta,$resultb);
if ($result === false)
return array ();
//This removes stale users from the list. This can happen if switched to another auth scheme
//(internal users still exist) or external auth has users removed/inactivated from the list (eg. LDAP)
$retval = array ();
foreach ($result as $key => $user) {
if (!is_user ($user)) {
unset ($result[$key]);
} else {
array_push ($retval, get_user_info ($user));
}
}
return $retval;
}
/**
* Prints a database debug table with all the queries done in the page loading.
*
* This functions does nothing if the config['debug'] flag is not set.
*/
function print_database_debug () {
global $config;
if (! isset ($config['debug']))
return '';
echo '