$value) { if ($key == 1) { continue; } $query .= '&'.$key.'='.$value; } foreach ($_POST as $key => $value) { $query .= '&'.$key.'='.$value; } $url = ui_get_full_url($query); // Prevent HTTP response splitting attacks // http://en.wikipedia.org/wiki/HTTP_response_splitting $url = str_replace("\n", '', $url); header('Location: '.$url); exit; // Always exit after sending location headers } $system = System::getInstance(); // ~ In this moment doesn't work the version mobile when have metaconsole version. // ~ In the future versions of pandora maybe is added a mobile version of PandoraFMS Metaconsole version. // ~ if ($system->getConfig('metaconsole')) // ~ header ("Location: " . $system->getConfig('homeurl') . "enterprise/meta"); require_once $system->getConfig('homedir').'/include/constants.php'; $user = User::getInstance(); $user->saveLogin(); $default_page = 'home'; $page = $system->getRequest('page'); $action = $system->getRequest('action'); // The logout action has priority if ($action != 'logout') { if (!$user->isLogged()) { $action = 'login'; } else if ($user->isWaitingDoubleAuth()) { $dauth_period = SECONDS_2MINUTES; $now = time(); $dauth_time = $user->getLoginTime(); if (($now - $dauth_period) < $dauth_time) { $action = 'double_auth'; } // Expired login else { $action = 'logout'; } } } if ($action != 'ajax') { $user_language = get_user_language($system->getConfig('id_user')); if (file_exists('../include/languages/'.$user_language.'.mo')) { $l10n = new gettext_reader(new CachedFileReader('../include/languages/'.$user_language.'.mo')); $l10n->load_tables(); } } if ($user->isLogged()) { if (file_exists('../enterprise/load_enterprise.php')) { include_once '../enterprise/load_enterprise.php'; } } switch ($action) { case 'ajax': $parameter1 = $system->getRequest('parameter1', false); $parameter2 = $system->getRequest('parameter2', false); if (class_exists('Enterprise')) { $enterprise = Enterprise::getInstance(); $permission = $enterprise->checkEnterpriseACL($parameter1); if (!$permission) { return false; } } switch ($parameter1) { case 'events': $events = new Events(); $events->ajax($parameter2); break; case 'agents': $agents = new Agents(); $agents->ajax($parameter2); break; case 'agent': $agent = new Agent(); $agent->ajax($parameter2); break; case 'modules': $modules = new Modules(); $modules->ajax($parameter2); break; case 'module_graph': $module_graph = new ModuleGraph(); $module_graph->ajax($parameter2); break; case 'visualmap': $visualmap = new Visualmap(); $visualmap->ajax($parameter2); break; case 'tactical': $tactical = new Tactical(); $tactical->ajax($parameter2); break; default: if (class_exists('Enterprise')) { $enterprise->enterpriseAjax($parameter1, $parameter2); } break; } return; case 'login': if ($user->login() && $user->isLogged()) { if (file_exists('../enterprise/load_enterprise.php')) { include_once '../enterprise/load_enterprise.php'; } if ($user->isWaitingDoubleAuth()) { if ($user->validateDoubleAuthCode()) { $url = ui_get_full_url(''); $url = str_replace("\n", '', $url); $url = str_replace('?action=logout', '', $url); // Logged. Refresh the page. header('Location: '.$url); return; } else { $user->showDoubleAuthPage(); } } else { $url = ui_get_full_url(''); $url = str_replace("\n", '', $url); $url = str_replace('?action=logout', '', $url); // Logged. Refresh the page. header('Location: '.$url); return; } } else { $user->showLoginPage(); } break; case 'double_auth': if ($user->isLogged()) { if (file_exists('../enterprise/load_enterprise.php')) { include_once '../enterprise/load_enterprise.php'; } if ($user->validateDoubleAuthCode()) { $user_language = get_user_language($system->getConfig('id_user')); if (file_exists('../include/languages/'.$user_language.'.mo')) { $l10n = new gettext_reader(new CachedFileReader('../include/languages/'.$user_language.'.mo')); $l10n->load_tables(); } if ($_GET['page'] != '') { header('refresh:0; url=http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); } if (class_exists('HomeEnterprise')) { $home = new HomeEnterprise(); } else { $home = new Home(); } $home->show(); } else { $user->showDoubleAuthPage(); } } else { $user->showLoginPage(); } break; case 'logout': $user->logout(); $user->showLoginPage(); break; default: if (class_exists('Enterprise')) { $enterprise = Enterprise::getInstance(); if (!empty($page) && $page != $default_page) { $permission = $enterprise->checkEnterpriseACL($page); if (!$permission) { $error['type'] = 'onStart'; $error['title_text'] = __('You don\'t have access to this page'); $error['content_text'] = System::getDefaultACLFailText(); if (class_exists('HomeEnterprise')) { $home = new HomeEnterprise(); } else { $home = new Home(); } $home->show($error); return; } } } if (empty($page)) { $user_info = $user->getInfo(); $home_page = $system->safeOutput($user_info['section']); $section_data = $user_info['data_section']; switch ($home_page) { case 'Event list': $page = 'events'; break; case 'Alert detail': $page = 'alerts'; break; case 'Tactical view': $page = 'tactical'; break; case 'Visual console': $page = 'visualmap'; $id_map = (int) db_get_value('id', 'tlayout', 'name', $section_data); $_GET['id'] = $id_map; break; case 'External link': $full_url = ui_get_full_url(); $section_data = io_safe_output($section_data); $host_full = parse_url($full_url, PHP_URL_HOST); $host_section = parse_url($section_data, PHP_URL_HOST); if ($host_full !== $host_section) { $has_mobile = strpos($section_data, 'mobile'); if ($has_mobile === false) { $pos = strpos($section_data, '/index'); if ($pos !== false) { $section_data = substr_replace($section_data, '/mobile', $pos, 0); } } echo ''; } else { if (strpos($full_url, 'event') !== false) { $page = 'events'; } if (strpos($full_url, 'alert') !== false) { $page = 'alerts'; } if (strpos($full_url, 'tactical') !== false) { $page = 'tactical'; } if (strpos($full_url, 'visual_console') !== false) { $page = 'visualmap'; } } break; case 'Group view': default: // No content. break; } } switch ($page) { case 'home': default: if (class_exists('HomeEnterprise')) { $home = new HomeEnterprise(); } else { $home = new Home(); } $home->show(); break; case 'tactical': $tactical = new Tactical(); $tactical->show(); break; case 'groups': $groups = new Groups(); $groups->show(); break; case 'events': $events = new Events(); $events->show(); break; case 'alerts': $alerts = new Alerts(); $alerts->show(); break; case 'agents': $agents = new Agents(); $agents->show(); break; case 'modules': $modules = new Modules(); $modules->show(); break; case 'module_graph': $module_graph = new ModuleGraph(); $module_graph->show(); break; case 'agent': $agent = new Agent(); $agent->show(); break; case 'visualmaps': // Show a list of VC. $vc_list = new Visualmaps(); $vc_list->show(); break; case 'visualmap': $vc = new Visualmap(); $vc->show(); break; } break; }