326 lines
8.9 KiB
PHP
326 lines
8.9 KiB
PHP
<?php
|
|
|
|
// Pandora FMS - https://pandorafms.com
|
|
// ==================================================
|
|
// Copyright (c) 2005-2023 Pandora FMS
|
|
// Please see https://pandorafms.com/community/ for full contribution list
|
|
// This program is free software; you can redistribute it and/or
|
|
// modify it under the terms of the GNU General Public License
|
|
// as published by the Free Software Foundation; version 2
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
use PandoraFMS\Enterprise\Metaconsole\Node;
|
|
|
|
|
|
function dbmanager_query($sql, &$error, $dbconnection)
|
|
{
|
|
global $config;
|
|
|
|
$retval = [];
|
|
|
|
if ($sql == '') {
|
|
return false;
|
|
}
|
|
|
|
$sql = html_entity_decode($sql, ENT_QUOTES);
|
|
|
|
// Extract the text in quotes to add html entities before query db.
|
|
$patttern = '/(?:"|\')+([^"\']*)(?:"|\')+/m';
|
|
$sql = preg_replace_callback(
|
|
$patttern,
|
|
function ($matches) {
|
|
return '"'.io_safe_input($matches[1]).'"';
|
|
},
|
|
$sql
|
|
);
|
|
|
|
if ($config['mysqli']) {
|
|
$result = mysqli_query($dbconnection, $sql);
|
|
if ($result === false) {
|
|
$backtrace = debug_backtrace();
|
|
$error = mysqli_error($dbconnection);
|
|
return false;
|
|
}
|
|
}
|
|
|
|
if ($result === true) {
|
|
if ($config['mysqli']) {
|
|
return mysqli_affected_rows($dbconnection);
|
|
}
|
|
}
|
|
|
|
if ($config['mysqli']) {
|
|
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
|
|
array_push($retval, $row);
|
|
}
|
|
}
|
|
|
|
if ($config['mysqli']) {
|
|
mysqli_free_result($result);
|
|
}
|
|
|
|
if (! empty($retval)) {
|
|
return $retval;
|
|
}
|
|
|
|
// Return false, check with === or !== .
|
|
return 'Empty';
|
|
}
|
|
|
|
|
|
function dbmgr_extension_main()
|
|
{
|
|
ui_require_css_file('dbmanager', 'extensions/dbmanager/');
|
|
|
|
global $config;
|
|
|
|
if (!is_user_admin($config['id_user'])) {
|
|
db_pandora_audit(
|
|
AUDIT_LOG_ACL_VIOLATION,
|
|
'Trying to access Setup Management'
|
|
);
|
|
include 'general/noaccess.php';
|
|
return;
|
|
}
|
|
|
|
$sql = (string) get_parameter('sql');
|
|
$node_id = (int) get_parameter('node_id', -1);
|
|
|
|
// Header.
|
|
ui_print_standard_header(
|
|
__('DB interface'),
|
|
'images/gm_db.png',
|
|
false,
|
|
'',
|
|
true,
|
|
[],
|
|
[
|
|
[
|
|
'link' => '',
|
|
'label' => __('Extensions'),
|
|
],
|
|
]
|
|
);
|
|
|
|
if (is_metaconsole() === true) {
|
|
$img = '../../images/warning_modern.png';
|
|
} else {
|
|
$img = 'images/warning_modern.png';
|
|
}
|
|
|
|
$msg = '<div id="err_msg_centralised">'.html_print_image(
|
|
$img,
|
|
true
|
|
);
|
|
$msg .= '<div>'.__(
|
|
'Warning, you are accessing the database directly. You can leave the system inoperative if you run an inappropriate SQL statement'
|
|
).'</div></div>';
|
|
|
|
$warning_message = '<script type="text/javascript">
|
|
$(document).ready(function () {
|
|
infoMessage({
|
|
title: \''.__('Warning').'\',
|
|
text: \''.$msg.'\' ,
|
|
simple: true,
|
|
})
|
|
})
|
|
</script>';
|
|
|
|
if (empty($sql) === true) {
|
|
echo $warning_message;
|
|
}
|
|
|
|
ui_print_warning_message(
|
|
__(
|
|
"This is an advanced extension to interface with %s database directly from WEB console
|
|
using native SQL sentences. Please note that <b>you can damage</b> your %s installation
|
|
if you don't know </b>exactly</b> what you are doing,
|
|
this means that you can severily damage your setup using this extension.
|
|
This extension is intended to be used <b>only by experienced users</b>
|
|
with a depth knowledge of %s internals.",
|
|
get_product_name(),
|
|
get_product_name(),
|
|
get_product_name()
|
|
)
|
|
);
|
|
|
|
echo "<form method='post' action=''>";
|
|
|
|
$table = new stdClass();
|
|
$table->id = 'db_interface';
|
|
$table->class = 'databox no_border filter-table-adv';
|
|
$table->width = '100%';
|
|
$table->data = [];
|
|
$table->colspan = [];
|
|
$table->style[0] = 'width: 30%;';
|
|
$table->style[1] = 'width: 70%;';
|
|
|
|
$table->colspan[1][0] = 2;
|
|
|
|
$data[0][0] = "<b>Some samples of usage:</b> <blockquote><em>SHOW STATUS;<br />DESCRIBE tagente<br />SELECT * FROM tserver<br />UPDATE tagente SET id_grupo = 15 WHERE nombre LIKE '%194.179%'</em></blockquote>";
|
|
$data[0][0] = html_print_label_input_block(
|
|
__('Some samples of usage:'),
|
|
"<blockquote><em>SHOW STATUS;<br />DESCRIBE tagente<br />SELECT * FROM tserver<br />UPDATE tagente SET id_grupo = 15 WHERE nombre LIKE '%194.179%'</em></blockquote>"
|
|
);
|
|
|
|
if (is_metaconsole() === true) {
|
|
// Get the servers.
|
|
\enterprise_include_once('include/functions_metaconsole.php');
|
|
$servers = \metaconsole_get_servers();
|
|
if (is_array($servers) === true) {
|
|
$servers = array_reduce(
|
|
$servers,
|
|
function ($carry, $item) {
|
|
$carry[$item['id']] = $item['server_name'];
|
|
return $carry;
|
|
}
|
|
);
|
|
} else {
|
|
$servers = [];
|
|
}
|
|
|
|
$data[0][1] = html_print_label_input_block(
|
|
__('Select query target'),
|
|
html_print_select(
|
|
$servers,
|
|
'node_id',
|
|
$node_id,
|
|
'',
|
|
__('This metaconsole'),
|
|
-1,
|
|
true,
|
|
false,
|
|
false,
|
|
'w40p',
|
|
false,
|
|
'width: 40%;'
|
|
)
|
|
);
|
|
}
|
|
|
|
$data[1][0] = html_print_textarea(
|
|
'sql',
|
|
3,
|
|
50,
|
|
html_entity_decode($sql, ENT_QUOTES),
|
|
'placeholder="'.__('Type your query here...').'"',
|
|
true,
|
|
'w100p'
|
|
);
|
|
|
|
$execute_button = html_print_submit_button(
|
|
__('Execute SQL'),
|
|
'',
|
|
false,
|
|
[ 'icon' => 'cog' ],
|
|
true
|
|
);
|
|
|
|
$table->data = $data;
|
|
// html_print_table($table);
|
|
html_print_action_buttons($execute_button);
|
|
ui_toggle(
|
|
html_print_table($table, true),
|
|
'<span class="subsection_header_title">'.__('SQL query').'</span>',
|
|
__('SQL query'),
|
|
'query',
|
|
false,
|
|
false,
|
|
'',
|
|
'white-box-content no_border',
|
|
'box-flat white_table_graph fixed_filter_bar'
|
|
);
|
|
echo '</form>';
|
|
|
|
// Processing SQL Code.
|
|
if ($sql == '') {
|
|
return;
|
|
}
|
|
|
|
try {
|
|
if (\is_metaconsole() === true && $node_id !== -1) {
|
|
$node = new Node($node_id);
|
|
$dbconnection = @get_dbconnection(
|
|
[
|
|
'dbhost' => $node->dbhost(),
|
|
'dbport' => $node->dbport(),
|
|
'dbname' => $node->dbname(),
|
|
'dbuser' => $node->dbuser(),
|
|
'dbpass' => io_output_password($node->dbpass()),
|
|
]
|
|
);
|
|
$error = '';
|
|
$result = dbmanager_query($sql, $error, $dbconnection);
|
|
} else {
|
|
$dbconnection = $config['dbconnection'];
|
|
$error = '';
|
|
$result = dbmanager_query($sql, $error, $dbconnection);
|
|
}
|
|
} catch (\Exception $e) {
|
|
$error = __('Error querying database node');
|
|
$result = false;
|
|
}
|
|
|
|
if ($result === false) {
|
|
echo '<strong>An error has occured when querying the database.</strong><br />';
|
|
echo $error;
|
|
|
|
db_pandora_audit(
|
|
AUDIT_LOG_SYSTEM,
|
|
'DB Interface Extension. Error in SQL',
|
|
false,
|
|
false,
|
|
$sql
|
|
);
|
|
|
|
return;
|
|
}
|
|
|
|
if (is_array($result) === false) {
|
|
echo '<strong>Output: <strong>'.$result;
|
|
return;
|
|
}
|
|
|
|
db_pandora_audit(
|
|
AUDIT_LOG_SYSTEM,
|
|
'DB Interface Extension. SQL',
|
|
false,
|
|
false,
|
|
$sql
|
|
);
|
|
|
|
echo "<div class='overflow'>";
|
|
$table = new stdClass();
|
|
$table->width = '100%';
|
|
$table->class = 'info_table';
|
|
$table->head = array_keys($result[0]);
|
|
|
|
$table->data = $result;
|
|
|
|
html_print_table($table);
|
|
echo '</div>';
|
|
|
|
}
|
|
|
|
|
|
if (is_metaconsole() === true) {
|
|
// This adds a option in the operation menu.
|
|
extensions_add_meta_menu_option(
|
|
__('DB interface'),
|
|
'PM',
|
|
'gextensions',
|
|
'database.png',
|
|
'v1r1'
|
|
);
|
|
|
|
extensions_add_meta_function('dbmgr_extension_main');
|
|
}
|
|
|
|
// This adds a option in the operation menu.
|
|
extensions_add_godmode_menu_option(__('DB interface'), 'PM', 'gextensions', 'dbmanager/icon.png', 'v1r1', 'gdbman');
|
|
|
|
// This sets the function to be called when the extension is selected in the operation menu.
|
|
extensions_add_godmode_function('dbmgr_extension_main');
|