WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity

Merge pull request '22.12.12447' (#1) from 22.12.12447 into main

Browse Source 
Reviewed-on: #1
This commit is contained in:
Chris Hammer 2023-01-01 22:38:49 -05:00
commit b7f6a79c2c
744 changed files with 620715 additions and 27381 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

213
.phpcs.xml
View File

@ -1,213 +0,0 @@
<?xml version="1.0"?>
<ruleset name="Observium ruleset">
<description>Observium rules for PHP CodeSniffer</description>
<arg value="sp"/>
<arg name="extensions" value="php"/>
<file>.</file>
<!-- <arg name="report" value="xml"/>
<arg name="report-file" value="phpcs-report.xml"/> -->
<!-- Exclude unused code. -->
<exclude-pattern>*/attic/*</exclude-pattern>
<!-- Exclude devel code. -->
<exclude-pattern>*/devel/*</exclude-pattern>
<!-- Exclude Composer vendor directory. -->
<exclude-pattern>*/vendor/*</exclude-pattern>
<!-- Weathermap exclude -->
<exclude-pattern>*/weathermap/*</exclude-pattern>
<!-- Self PHPCompatibility exclude -->
<exclude-pattern>tests/php-compatibility/*</exclude-pattern>
<!-- Strip the filepaths down to the relevant bit. -->
<arg name="basepath" value="./"/>
<!-- Check up to 8 files simultanously. -->
<arg name="parallel" value="8"/>
<!-- PHPCompatibility standard path -->
<!-- <config name="installed_paths" value="tests/php-compatibility"/> -->
<!-- Check for cross-version support for PHP 5.6 and higher. -->
<config name="testVersion" value="5.6-"/>
<!-- Run against the PHPCompatibility ruleset -->
<rule ref="PHPCompatibility">
<exclude-pattern>irc\.php$</exclude-pattern>
<exclude-pattern>*/weathermap/*</exclude-pattern>
<!-- random_bytes() already exist by compatibility lib -->
<exclude name="PHPCompatibility.FunctionUse.NewFunctions.random_bytesFound"/>
<exclude name="PHPCompatibility.FunctionUse.NewFunctions.random_intFound"/>
<!-- array_key_first() already exist by compatibility -->
<exclude name="PHPCompatibility.FunctionUse.NewFunctions.array_key_firstFound"/>
</rule>
<!-- Whitelist the mysql_to_rfc3339() and mysql_another_function() functions. -->
<rule ref="PHPCompatibility.Extensions.RemovedExtensions">
<properties>
<property name="functionWhitelist" type="array" value="mysql_authenticate,mysql_auth_can_logout,mysql_auth_can_change_password,mysql_auth_change_password,mysql_auth_usermanagement,mysql_adduser,mysql_auth_user_exists,mysql_auth_username_by_id,mysql_auth_user_level,mysql_auth_user_id,mysql_deluser,mysql_auth_user_list,mysql_auth_user_info"/>
</properties>
</rule>
<!-- random_compat lib -->
<rule ref="PHPCompatibility.Classes.NewClasses.typeerrorFound">
<exclude-pattern>libs/random_compat/*</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Classes.NewClasses.errorFound">
<exclude-pattern>libs/random_compat/*</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.IniDirectives.RemovedIniDirectives.mbstring_func_overloadDeprecated">
<exclude-pattern>libs/random_compat/*</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.mcrypt_create_ivDeprecatedRemoved">
<exclude-pattern>libs/random_compat/*</exclude-pattern>
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Constants.RemovedConstants.mcrypt_dev_urandomDeprecatedRemoved">
<exclude-pattern>libs/random_compat/*</exclude-pattern>
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<!-- pear chap lib excludes -->
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.mcrypt_module_openDeprecatedRemoved">
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Constants.RemovedConstants.mcrypt_desDeprecatedRemoved">
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.mcrypt_enc_get_iv_sizeDeprecatedRemoved">
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Constants.RemovedConstants.mcrypt_randDeprecatedRemoved">
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.mcrypt_generic_initDeprecatedRemoved">
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.mcrypt_genericDeprecatedRemoved">
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.mcrypt_generic_deinitDeprecatedRemoved">
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.mcrypt_module_closeDeprecatedRemoved">
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<!-- pear net socket excludes -->
<rule ref="PHPCompatibility.IniDirectives.RemovedIniDirectives.track_errorsDeprecated">
<exclude-pattern>libs/pear/Net/Socket\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Variables.RemovedPredefinedGlobalVariables.php_errormsgDeprecated">
<exclude-pattern>libs/pear/Net/Socket\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.NewFunctions.error_clear_lastFound">
<exclude-pattern>libs/pear/Net/Socket\.php</exclude-pattern>
</rule>
<!-- Exclude shiff on specific patterns -->
<rule ref="PHPCompatibility.FunctionUse.ArgumentFunctionsReportCurrentValue.NeedsInspection">
<exclude-pattern>includes/common\.inc\.php</exclude-pattern>
<exclude-pattern>libs/Fabiang/Xmpp/*</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Miscellaneous.ValidIntegers.HexNumericStringFound">
<exclude-pattern>tests/*</exclude-pattern>
<exclude-pattern>libs/pear/*</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.IniDirectives.RemovedIniDirectives.magic_quotes_runtimeDeprecatedRemoved">
<exclude-pattern>libs/pear/Mail/mime*</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Constants.NewConstants.json_preserve_zero_fractionFound">
<exclude-pattern>includes/definitions\.inc\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Extensions.RemovedExtensions.mysql_DeprecatedRemoved">
<exclude-pattern>includes/db/mysql\.inc\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.IniDirectives.RemovedIniDirectives.session_hash_functionRemoved">
<exclude-pattern>html/includes/authenticate\.inc\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Constants.NewConstants.sodium_crypto_secretbox_keybytesFound">
<exclude-pattern>tests/IncludesEncryptTest\.php</exclude-pattern>
<exclude-pattern>includes/encrypt\.inc\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Constants.NewConstants.sodium_crypto_secretbox_noncebytesFound">
<exclude-pattern>tests/IncludesEncryptTest\.php</exclude-pattern>
<exclude-pattern>includes/encrypt\.inc\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.NewFunctions.sodium_padFound">
<exclude-pattern>tests/IncludesEncryptTest\.php</exclude-pattern>
<exclude-pattern>includes/encrypt\.inc\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.NewFunctions.sodium_crypto_secretboxFound">
<exclude-pattern>tests/IncludesEncryptTest\.php</exclude-pattern>
<exclude-pattern>includes/encrypt\.inc\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Classes.NewClasses.sodiumexceptionFound">
<exclude-pattern>tests/IncludesEncryptTest\.php</exclude-pattern>
<exclude-pattern>includes/encrypt\.inc\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.NewFunctions.sodium_crypto_secretbox_openFound">
<exclude-pattern>tests/IncludesEncryptTest\.php</exclude-pattern>
<exclude-pattern>includes/encrypt\.inc\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Extensions.RemovedExtensions.mcryptDeprecatedRemoved">
<exclude-pattern>tests/IncludesEncryptTest\.php</exclude-pattern>
<exclude-pattern>includes/encrypt\.inc\.php</exclude-pattern>
<exclude-pattern>libs/random_compat/*</exclude-pattern>
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.mcrypt_encryptDeprecatedRemoved">
<exclude-pattern>tests/IncludesEncryptTest\.php</exclude-pattern>
<exclude-pattern>includes/encrypt\.inc\.php</exclude-pattern>
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.mcrypt_decryptDeprecatedRemoved">
<exclude-pattern>tests/IncludesEncryptTest\.php</exclude-pattern>
<exclude-pattern>includes/encrypt\.inc\.php</exclude-pattern>
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Constants.RemovedConstants.mcrypt_rijndael_256DeprecatedRemoved">
<exclude-pattern>tests/IncludesEncryptTest\.php</exclude-pattern>
<exclude-pattern>includes/encrypt\.inc\.php</exclude-pattern>
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Constants.RemovedConstants.mcrypt_mode_ecbDeprecatedRemoved">
<exclude-pattern>tests/IncludesEncryptTest\.php</exclude-pattern>
<exclude-pattern>includes/encrypt\.inc\.php</exclude-pattern>
<exclude-pattern>libs/pear/Crypt/CHAP\.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.get_magic_quotes_gpcDeprecated">
<exclude-pattern>html/includes/collectd/functions.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.NewFunctions.session_create_idFound">
<exclude-pattern>html/includes/authenticate.inc.php</exclude-pattern>
</rule>
<!-- compatability fixed in code -->
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.ldap_control_paged_resultDeprecated">
<exclude-pattern>html/includes/authentication/ldap.inc.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.RemovedFunctions.ldap_control_paged_result_responseDeprecated">
<exclude-pattern>html/includes/authentication/ldap.inc.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.NewFunctionParameters.ldap_search_serverctrlsFound">
<exclude-pattern>html/includes/authentication/ldap.inc.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.FunctionUse.NewFunctionParameters.ldap_parse_result_serverctrlsFound">
<exclude-pattern>html/includes/authentication/ldap.inc.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Constants.NewConstants.ldap_control_pagedresultsFound">
<exclude-pattern>html/includes/authentication/ldap.inc.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Miscellaneous.ValidIntegers.HexNumericStringFound">
<exclude-pattern>includes/entities/sensor.inc.php</exclude-pattern>
</rule>
<rule ref="PHPCompatibility.Constants.NewConstants.mysqli_client_ssl_dont_verify_server_certFound">
<exclude-pattern>includes/db/mysqli.inc.php</exclude-pattern>
</rule>
<!-- Run against a second ruleset -->
<!-- <rule ref="PSR2"/> -->
</ruleset>

2
VERSION
View File

@ -1 +1 @@
Observium CE 22.5
Observium CE 22.12

34
alerter.php
View File

@ -7,13 +7,13 @@
*
* @package observium
* @subpackage cli
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
chdir(dirname($argv[0]));
$options = getopt("h:i:m:n:p:dqrsV");
$options = getopt("h:p:dqrsV");
include("includes/sql-config.inc.php");
@ -40,7 +40,7 @@ if ($options['h'] === "all") {
$where = " ";
$doing = "all";
} elseif ($options['h']) {
$params = array();
$params = [];
if (is_numeric($options['h'])) {
$where = "AND `device_id` = ?";
$doing = $options['h'];
@ -52,25 +52,26 @@ if ($options['h'] === "all") {
}
}
if (isset($options['p'])) {
print_cli_heading("%WConstrained to poller partition id ".$options['p']);
$where .= ' AND `poller_id` = ?';
$params[] = $options['p'];
}
if (!$where) {
print_message("%n
USAGE:
$scriptname [-drqV] [-i instances] [-n number] [-m module] [-h device]
$scriptname [-drqV] [-p poller_id] [-h device]
EXAMPLE:
-h <device id> | <device hostname wildcard> Poll single device
-h odd Poll odd numbered devices (same as -i 2 -n 0)
-h even Poll even numbered devices (same as -i 2 -n 1)
-h all Poll all devices
-h new Poll all devices that have not had a discovery run before
-i <instances> -n <number> Poll as instance <number> of <instances>
Instances start at 0. 0-3 for -n 4
-p <poller_id> Poll for specific poller_id
OPTIONS:
-h Device hostname, id or key odd/even/all/new.
-i Poll instance.
-n Poll number.
-h Device hostname, id or hostname or keys all.
-p Poller ID.
-s Sends alerts even if they have already been sent.
-q Quiet output.
-V Show version and exit.
@ -79,7 +80,6 @@ DEBUGGING OPTIONS:
-r Do not create or update RRDs
-d Enable debugging output.
-dd More verbose debugging output.
-m Specify module(s) (separated by commas) to be run.
%rInvalid arguments!%n", 'color');
exit;
@ -100,14 +100,16 @@ $_SESSION['userlevel'] = 10;
//$params[] = $config['poller_id'];
$query = "SELECT * FROM `devices` WHERE `disabled` = 0 $where ORDER BY `device_id` ASC";
foreach (dbFetch($query, $params) as $device) {
foreach (dbFetchRows($query, $params) as $device) {
humanize_device($device);
process_alerts($device);
process_notifications(array('device_id' => $device['device_id'])); // Send all notifications (also for syslog from queue)
if ($config['poller-wrapper']['notifications'] || $spam) {
process_notifications([ 'device_id' => $device['device_id'] ]); // Send all notifications (also for syslog from queue)
}
dbUpdate(array('last_alerter' => array('NOW()')), 'devices', '`device_id` = ?', array($device['device_id']));
dbUpdate([ 'last_alerter' => [ 'NOW()' ] ], 'devices', '`device_id` = ?', [ $device['device_id'] ]);
}

27
discovery.php
View File

@ -122,14 +122,13 @@ if (isset($options['h'])) {
}
}
if (isset($options['i']) && $options['i'] && isset($options['n'])) {
if (isset($options['i'], $options['n']) && $options['i']) {
$where .= ' AND MOD(device_id,' . $options['i'] . ') = ?';
$params[] = $options['n'];
$doing = $options['n'] . '/' . $options['i'];
}
if (!$where && !$options['u'] && !isset($options['a']))
{
if (!$where && !$options['u'] && !isset($options['a'])) {
print_message("%n
USAGE:
$scriptname [-dquV] [-i instances] [-n number] [-m module] [-h device]
@ -169,11 +168,20 @@ if ($config['version_check'] && ($options['h'] !== 'new' || $options['u'])) {
if (!$where) {
// Only update Group/Alert tables
if (isset($options['a'])) {
if (OBS_DISTRIBUTED && function_exists('run_action_queue')) {
//run_action_queue('device_add');
//run_action_queue('device_rename');
//run_action_queue('device_delete');
// Update alert and group tables
run_action_queue('tables_update');
} else {
$silent = isset($options['q']);
// Not exist in CE
if (function_exists('update_group_tables')) { update_group_tables($silent); }
if (function_exists('update_group_tables')) { update_group_tables($silent); } // Not exist in CE
if (function_exists('update_alert_tables')) { update_alert_tables($silent); }
}
}
exit;
}
@ -215,11 +223,10 @@ if (($discovered_devices && !isset($options['m'])) || isset($options['a'])) {
if (OBS_DISTRIBUTED && !isset($options['a']) && function_exists('add_action_queue') &&
$action_id = add_action_queue('tables_update', 'discovery', [ 'silent' => $silent ])) {
print_message("Update alert and group tables added to queue [$action_id].");
//log_event("Device with hostname '$hostname' added to queue [$action_id] for addition on remote Poller [${vars['poller_id']}].", NULL, 'info', NULL, 7);
} elseif (OBSERVIUM_EDITION !== 'community') {
// Not exist in CE
update_group_tables($silent);
update_alert_tables($silent);
//log_event("Device with hostname '$hostname' added to queue [$action_id] for addition on remote Poller [{$vars['poller_id']}].", NULL, 'info', NULL, 7);
} else {
if (function_exists('update_group_tables')) { update_group_tables($silent); } // Not exist in CE
if (function_exists('update_alert_tables')) { update_alert_tables($silent); }
}
}

13
html/ajax/actions.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage ajax
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -235,13 +235,18 @@ switch ($vars['action']) {
exit();
}
$widget = dbFetchRow("SELECT * FROM `dash_widgets` WHERE widget_id = ?", array($vars['widget_id']));
$widget = dbFetchRow("SELECT * FROM `dash_widgets` WHERE `widget_id` = ?", array($vars['widget_id']));
$widget['widget_config'] = safe_json_decode($widget['widget_config']);
// Verify config value applies to this widget here
$default_on = [ 'legend' ];
if (isset($vars['config_field']) && isset($vars['config_value'])) {
if (empty($vars['config_value'])) {
if ( empty($vars['config_value']) ||
(in_array($vars['config_field'], $default_on) && get_var_true($vars['config_value'])) ||
(!in_array($vars['config_field'], $default_on) && get_var_false($vars['config_value'])) ) {
// Just unset the value if it's empty or it's a default value.
unset($widget['widget_config'][$vars['config_field']]);
} else {
$widget['widget_config'][$vars['config_field']] = $vars['config_value'];
@ -265,7 +270,7 @@ switch ($vars['action']) {
// Validate CSRF Token
//r($vars);
$json = '';
if (!str_contains_array($vars['action'], [ 'widget', 'dash' ]) && // widget & dashboard currently not send request token
if (!str_contains_array($vars['action'], [ 'widget', 'dash', 'settings_user' ]) && // widget & dashboard currently not send request token
!request_token_valid($vars, $json)) {
$json = safe_json_decode($json);
$json['reload'] = TRUE;

112
html/ajax/actions/edit_widget.inc.php
View File

@ -6,13 +6,13 @@
*
* @package observium
* @subpackage ajax
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
if ($readonly) { return; } // Currently edit allowed only for 7+
$widget = dbFetchRow("SELECT * FROM `dash_widgets` WHERE widget_id = ?", array($vars['widget_id']));
$widget = dbFetchRow("SELECT * FROM `dash_widgets` WHERE `widget_id` = ?", [ $vars['widget_id'] ]);
$widget['widget_config'] = safe_json_decode($widget['widget_config']);
@ -22,11 +22,111 @@ switch ($widget['widget_type']) {
if (safe_count($widget['widget_config'])) {
// echo '
// <form onsubmit="return false">
// Title <input name="widget-config-input" data-field="title" value="'.$widget['widget_config']['title'].'" data-id="'.$widget['widget_id'].'"></input>
// </form>
// ';
//r($widget['widget_config']);
//r(isset($widget['widget_config']['legend']) && $widget['widget_config']['legend'] === 'no');
$modal_args = [
'id' => 'modal-edit_widget_' . $widget['widget_id'],
'title' => 'Configure Widget',
//'hide' => TRUE,
//'fade' => TRUE,
//'role' => 'dialog',
//'class' => 'modal-md',
];
$form = [
'form_only' => TRUE, // Do not add modal open/close divs (it's generated outside)
'type' => 'horizontal',
'id' => 'edit_widget_' . $widget['widget_id'],
'userlevel' => 7, // Minimum user level for display form
'modal_args' => $modal_args, // !!! This generate modal specific form
//'help' => 'This will completely delete the rule and all associations and history.',
'class' => '', // Clean default box class!
//'url' => generate_url([ 'page' => 'syslog_rules' ]),
'onsubmit' => "return false",
];
$form['fieldset']['body'] = [ 'class' => 'modal-body' ]; // Required this class for modal body!
$form['fieldset']['footer'] = [ 'class' => 'modal-footer' ]; // Required this class for modal footer!
$form['row'][1]['widget-config-title'] = [
'type' => 'text',
'fieldset' => 'body',
'name' => 'Title',
'placeholder' => 'Graph Title',
'class' => 'input-xlarge',
'attribs' => [
'data-id' => $widget['widget_id'],
'data-field' => 'title',
'data-type' => 'text'
],
'value' => $widget['widget_config']['title']
];
$form['row'][2]['widget-config-legend'] = [
'type' => 'checkbox',
'fieldset' => 'body',
'name' => 'Show Legend',
//'placeholder' => 'Yes, please delete this rule.',
//'onchange' => "javascript: toggleAttrib('disabled', 'delete_button_".$la['la_id']."'); showDiv(!this.checked, 'warning_".$la['la_id']."_div');",
'attribs' => [
'data-id' => $widget['widget_id'],
'data-field' => 'legend',
'data-type' => 'checkbox'
],
'value' => safe_empty($widget['widget_config']['legend']) ? 'yes' : $widget['widget_config']['legend'] //'legend'
];
$form['row'][8]['close'] = [
'type' => 'submit',
'fieldset' => 'footer',
'div_class' => '', // Clean default form-action class!
'name' => 'Close',
'icon' => '',
'attribs' => [
'data-dismiss' => 'modal',
'aria-hidden' => 'true'
]
];
echo generate_form_modal($form);
unset($form);
/*
echo '
<form onsubmit="return false">
Title <input name="widget-config-input" data-field="title" value="'.$widget['widget_config']['title'].'" data-id="'.$widget['widget_id'].'"></input>
</form>
';
<form onsubmit="return false" class="form form-horizontal" style="margin-bottom: 0px;">
<fieldset>
<div id="purpose_div" class="control-group" style="margin-bottom: 10px;"> <!-- START row-1 -->
<label class="control-label" for="purpose">Title</label>
<div id="purpose_div" class="controls">
<input type="text" placeholder="Graph Title" name="widget-config-title" class="input" data-field="title" style="width: 100%;" value="'.$widget['widget_config']['title'].'" data-id="'.$widget['widget_id'].'">
</div>
</div>
<div id="ignore_div" class="control-group" style="margin-bottom: 10px;"> <!-- START row-6 -->
<label class="control-label" for="ignore">Show Legend</label>
<div id="ignore_div" class="controls">
<input type="checkbox" name="widget-config-legend" data-field="legend" data-type="checkbox" value="legend" '.(isset($widget['widget_config']['legend']) && $widget['widget_config']['legend'] === 'no' ? '' : 'checked').' data-id="'.$widget['widget_id'].'">
</div>
</div>
</fieldset> <!-- END fieldset-body -->
<div class="modal-footer">
<fieldset>
<button id="close" name="close" type="submit" class="btn btn-default text-nowrap" value="" data-dismiss="modal" aria-hidden="true">Close</button>
<!-- <button id="action" name="action" type="submit" class="btn btn-primary text-nowrap" value="add_contact"><i style="margin-right: 0px;" class="icon-ok icon-white"></i>&nbsp;&nbsp;Add Contact</button> -->
</fieldset>
</div>
</form>';
*/
} else {

6
html/ajax/actions/settings_edit.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -34,7 +34,7 @@ $updates = 0;
// Set fields that were submitted with custom value
if (safe_count($sets)) {
$query = 'SELECT * FROM `users_prefs` WHERE `user_id` = ?' . generate_query_values(array_keys($sets), 'pref');
$query = 'SELECT * FROM `users_prefs` WHERE `user_id` = ?' . generate_query_values_and(array_keys($sets), 'pref');
// Fetch current rows in config file so we know which one to UPDATE and which one to INSERT
$in_db = [];
foreach (dbFetchRows($query, [ $user_id ]) as $row) {
@ -52,7 +52,7 @@ if (safe_count($sets)) {
// Delete fields that were reset to default
if (safe_count($deletes)) {
dbDelete('users_prefs', '`user_id` = ? ' . generate_query_values($deletes, 'pref'), [ $user_id ]);
dbDelete('users_prefs', '`user_id` = ? ' . generate_query_values_and($deletes, 'pref'), [ $user_id ]);
$updates++;
}

66
html/ajax/actions/settings_user.inc.php Normal file
View File

@ -0,0 +1,66 @@
<?php
/**
* Observium
*
* This file is part of Observium.
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
switch (str_replace('->', '|', $vars['setting'])) {
case "theme":
case "web_theme_default":
$pref = 'web_theme_default';
if ($vars['value'] === 'reset') {
session_unset_var("theme");
if ($config['web_theme_default'] === 'system') {
// Override default
session_unset_var("theme_default");
}
if (del_user_pref($_SESSION['user_id'], $pref)) {
print_json_status('ok', 'Theme reset.');
}
} elseif (isset($config['themes'][$vars['value']]) || $vars['value'] === 'system') {
if (set_user_pref($_SESSION['user_id'], $pref, serialize($vars['value']))) {
print_json_status('ok', 'Theme set.');
}
} else {
print_json_status('failed', 'Invalid theme.');
}
break;
case "big_graphs":
$pref = 'graphs|size';
if (set_user_pref($_SESSION['user_id'], $pref, serialize('big'))) {
print_json_status('ok', 'Big graphs set.');
session_unset_var("big_graphs"); // clear old
}
//session_set_var("big_graphs", TRUE);
//print_json_status('ok', 'Big graphs set.');
break;
case "normal_graphs":
$pref = 'graphs|size';
if (set_user_pref($_SESSION['user_id'], $pref, serialize('normal'))) {
print_json_status('ok', 'Normal graphs set.');
session_unset_var("big_graphs"); // clear old
}
//session_unset_var("big_graphs");
//print_json_status('ok', 'Small graphs set.');
break;
case "sensors|web_measured_compact":
// BOOL values
$pref = $vars['setting'];
if (set_user_pref($_SESSION['user_id'], $pref, serialize(get_var_true($vars['value'])))) {
print_json_status('ok', 'Setting was set.', [ 'reload' => TRUE ]);
}
break;
}
// EOF

22
html/ajax/entity_popup.php
View File

@ -21,10 +21,12 @@ if (!$_SESSION['authenticated']) { print_error('Session expired, please log in a
ob_start();
$vars = get_vars();
$vars = get_vars([ 'JSON', 'POST', 'GET' ]);
$vars['page'] = "popup";
if(isset($vars['debug'])) { r($vars); }
switch ($vars['entity_type']) {
case "port":
if (is_numeric($vars['entity_id']) && (port_permitted($vars['entity_id']))) {
@ -35,6 +37,23 @@ switch ($vars['entity_type']) {
}
break;
case "link":
if (is_numeric($vars['entity_id_a']) && (port_permitted($vars['entity_id_a']))) {
$port = get_port_by_id($vars['entity_id_a']);
echo generate_port_popup($port);
} else {
print_warning("You are not permitted to view this port.");
}
if (is_numeric($vars['entity_id_b']) && (port_permitted($vars['entity_id_b']))) {
$port = get_port_by_id($vars['entity_id_b']);
echo generate_port_popup($port, '','none'); // suppress graph for b side of link
} else {
print_warning("You are not permitted to view this port.");
}
break;
case "device":
if (is_numeric($vars['entity_id']) && device_permitted($vars['entity_id'])) {
$device = device_by_id_cache($vars['entity_id']);
@ -53,7 +72,6 @@ switch ($vars['entity_type']) {
}
break;
// FIXME : mac is not an observium entity. This should go elsewhere!
case "mac":
if (preg_match('/^' . OBS_PATTERN_MAC . '$/i', $vars['entity_id'])) {
$mac = format_mac($vars['entity_id']);

12
html/ajax/input.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage ajax
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -48,11 +48,11 @@ if ($cache_key && $options = get_cache_session($cache_key)) {
list($ip_version) = explode('_', $vars['field']);
$query_permitted = generate_query_permitted('ports');
$network_permitted = dbFetchColumn('SELECT DISTINCT(`' . $ip_version . '_network_id`) FROM `' . $ip_version . '_addresses` WHERE 1' . $query_permitted);
$query = 'SELECT `' . $ip_version . '_network` FROM `' . $ip_version . '_networks` WHERE 1 ' . generate_query_values($network_permitted, $ip_version . '_network_id');
$query = 'SELECT `' . $ip_version . '_network` FROM `' . $ip_version . '_networks` WHERE 1 ' . generate_query_values_and($network_permitted, $ip_version . '_network_id');
if (!safe_empty($vars['query'])) {
//$query .= ' AND `' . $ip_version . '_network` LIKE ?';
//$params[] = '%' . $vars['query'] . '%';
$query .= generate_query_values($vars['query'], $vars['field'], '%LIKE%');
$query .= generate_query_values_and($vars['query'], $vars['field'], '%LIKE%');
}
$query .= ' ORDER BY `' . $ip_version . '_network`;';
//print_vars($query);
@ -69,7 +69,7 @@ if ($cache_key && $options = get_cache_session($cache_key)) {
//$query_permitted = generate_query_permitted();
$query = 'SELECT DISTINCT `program` FROM `syslog`';
if (is_intnum($vars['device_id'])) {
$query .= ' WHERE ' . generate_query_values($vars['device_id'], 'device_id', NULL, FALSE);
$query .= ' WHERE ' . generate_query_values_ng($vars['device_id'], 'device_id');
}
$array_filter = TRUE; // Search query string in array instead sql query (when this faster)
break;
@ -86,7 +86,7 @@ if ($cache_key && $options = get_cache_session($cache_key)) {
$query .= ' AND (`' . $column . '` LIKE ? OR `astext` LIKE ?)';
$params[] = '%' . $vars['query'] . '%';
$params[] = '%' . $vars['query'] . '%';
//$query .= generate_query_values($vars['query'], $vars['field'], '%LIKE%');
//$query .= generate_query_values_and($vars['query'], $vars['field'], '%LIKE%');
}
break;
@ -100,7 +100,7 @@ if ($cache_key && $options = get_cache_session($cache_key)) {
$query_permitted = generate_query_permitted('devices');
$query = 'SELECT DISTINCT `' . $column . '` FROM `bgpPeers` WHERE 1 ' . $query_permitted;
if (!safe_empty($vars['query'])) {
$query .= generate_query_values($vars['query'], $column, '%LIKE%');
$query .= generate_query_values_and($vars['query'], $column, '%LIKE%');
}
break;

3
html/ajax/search.php
View File

@ -26,8 +26,7 @@ $query_limit = 8; // Limit per query
$vars = get_vars([ 'POST', 'GET' ]);
// Is there a POST/GET query string?
if (isset($vars['queryString']))
{
if (isset($vars['queryString'])) {
$queryString = trim($vars['queryString']);
// Is the string length greater than 0?

18
html/ajax/widget.php
View File

@ -169,8 +169,14 @@ function print_dash_mod ($mod)
echo ' <div class="box box-solid" style="overflow: hidden; height: auto; max-height: 100%">';
echo ' <div class="box-header" style="cursor: hand;"><h3 class="box-title"><a href="/syslog/">Syslog</a></h3></div>';
echo ' <div class="box-content" style="overflow: hidden; overflow-x:scroll;">';
print_syslogs(array('short' => TRUE, 'pagesize' => ($height - 36) / 26,
'priority' => $config['frontpage']['syslog']['priority']));
$syslog_vars = $mod['vars'];
$syslog_vars = array_merge($syslog_vars, ['short' => TRUE, 'pagesize' => ($height - 36) / 26,
'priority' => $config['frontpage']['syslog']['priority']]);
print_syslogs($syslog_vars);
echo ' </div>';
echo '</div>';
break;
@ -372,7 +378,7 @@ function print_dash_graph($mod, $width, $height) {
if ($graph_array['width'] > 350)
{
$graph_array['height'] -= 6;
} // RRD graphs > 350px are 6 px wider because of larger legend font
} // RRD graphs > 350px are 6 px taller because of larger legend font
$title_div = 'top:0px; left: 0px; padding: 4px; border-top-left-radius: 4px; border: 1px solid #e5e5e5; border-left: none; border-top: none; background-color: rgba(255, 255,255, 0.75); ';
$title_div = 'widget-title';
@ -411,7 +417,10 @@ function print_dash_graph($mod, $width, $height) {
//$graph_array['format'] = 'png';
//$graph_array['img_id'] = generate_random_string(5);
$graph_array['legend'] = 'no';
//$graph_array['legend'] = 'no';
$graph_array['rigid_height'] = 'yes'; // Force height of graph to be same as height of graph_type.
$graph_array['class'] = 'image-refresh';
$graph = generate_graph_tag($graph_array, TRUE);
@ -419,6 +428,7 @@ function print_dash_graph($mod, $width, $height) {
$link_array = $graph_array;
$link_array['page'] = "graphs";
unset($link_array['graph_only']);
unset($link_array['rigid_height']);
unset($link_array['height'], $link_array['width']);
$link = generate_url($link_array);

4
html/css/bootstrap.css vendored
View File

@ -10404,7 +10404,7 @@ a.badge:focus {
box-shadow: none;
padding: 0;
}
.qtip-content {
.qtip-content, .tippy-content {
position: relative;
padding: 5px 9px;
overflow: hidden;
@ -10503,7 +10503,7 @@ a.badge:focus {
* Tested with IE 8, IE 9, Chrome 18, Firefox 9, Opera 11.
* Does not work with IE 7.
*/
.qtip-bootstrap {
.qtip-bootstrap, .tippy-box {
/** Taken from Bootstrap body */
font-size: 14px;
line-height: 20px;

7
html/css/easymde.min.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

23
html/css/observium.css
View File

@ -6275,6 +6275,10 @@ i.menu-icon,
margin-right: 5px;
margin-top: 1px;
}
.dropdown-scrollable .dropdown-menu {
max-height: 1000px;
overflow-y: auto;
}
.well {
min-height: 20px;
padding: 10px;
@ -6769,6 +6773,7 @@ i.menu-icon,
color: #444;
display: block;
padding: 7px 10px;
padding-bottom: 4px;
position: relative;
background-color: #fafafa;
}
@ -10449,7 +10454,8 @@ a.badge:focus {
* Tested with IE 8, IE 9, Chrome 18, Firefox 9, Opera 11.
* Does not work with IE 7.
*/
.qtip-bootstrap {
.qtip-bootstrap,
.tippy-box {
/** Taken from Bootstrap body */
font-size: 14px;
line-height: 20px;
@ -10496,9 +10502,10 @@ a.badge:focus {
top: 45%;
border-style: none;
}
.qtip-bootstrap .qtip-content {
.qtip-bootstrap .qtip-content,
.tippy-content {
/** Taken from Bootstrap .popover-content */
padding: 9px 14px;
padding: 9px 9px;
}
.qtip-bootstrap .qtip-icon {
/**
@ -10916,11 +10923,13 @@ select.selectpicker {
overflow: hidden;
}
.bootstrap-select .dropdown-toggle .caret {
right: 12px;
/*
position: absolute;
top: 50%;
right: 12px;
margin-top: -2px;
vertical-align: middle;
*/
}
.input-group .bootstrap-select.form-control .dropdown-toggle {
border-radius: inherit;
@ -12127,6 +12136,12 @@ form.pagination {
.form-horizontal .col-md-4 .control-label {
width: 120px;
}
.dygraph-axis-label > .dygraph-axis-label-x {
color: #333333;
}
.dygraph-axis-label > .dygraph-axis-label-y {
color: #333333;
}
/*EOF*/
#suggestions {
display: none;

7
html/css/simplemde.min.css vendored
View File

File diff suppressed because one or more lines are too long

14
html/data.php
View File

@ -1,24 +1,22 @@
<?php
/**
* Observium
*
* This file is part of Observium.
*
* @package observium
* @subpackage webinterface
* @author Adam Armstrong <adama@observium.org>
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2019 Observium Limited
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
include_once("../includes/sql-config.inc.php");
include($config['html_dir'] . "/includes/functions.inc.php");
include($config['html_dir'] . "/includes/authenticate.inc.php");
if (is_numeric($_GET['id']) && ($config['allow_unauth_graphs'] || port_permitted($_GET['id'])))
{
if (is_numeric($_GET['id']) && ($config['allow_unauth_graphs'] || port_permitted($_GET['id']))) {
$port = get_port_by_id($_GET['id']);
$device = device_by_id_cache($port['device_id']);
//$title = generate_device_link($device);
@ -28,9 +26,9 @@ if (is_numeric($_GET['id']) && ($config['allow_unauth_graphs'] || port_permitted
$time = time();
$HC = ($port['port_64bit'] ? 'HC' : '');
$data = snmp_get_multi_oid($device, "if${HC}InOctets.".$port['ifIndex']." if${HC}OutOctets.".$port['ifIndex'], array(),"IF-MIB");
$data = snmp_get_multi_oid($device, "if{$HC}InOctets.".$port['ifIndex']." if{$HC}OutOctets.".$port['ifIndex'], [], "IF-MIB");
printf("%lf|%s|%s\n", $time, $data[$port['ifIndex']]["if${HC}InOctets"], $data[$port['ifIndex']]["if${HC}OutOctets"]);
printf("%lf|%s|%s\n", $time, $data[$port['ifIndex']]["if{$HC}InOctets"], $data[$port['ifIndex']]["if{$HC}OutOctets"]);
} else {
echo("unauthenticated");
exit;

8
html/graph-realtime.php
View File

@ -199,8 +199,12 @@ function fetch_data() {
function plot_data(obj) {
// Show datetimelegend
var now = new Date();
var datetime = (now.getMonth()+1) + "/" + now.getDate() + "/" + now.getFullYear() + ' ' +
LZ(now.getHours()) + ":" + LZ(now.getMinutes()) + ":" + LZ(now.getSeconds());
//var datetime = (now.getMonth()+1) + "/" + now.getDate() + "/" + now.getFullYear() + ' ' +
// LZ(now.getHours()) + ":" + LZ(now.getMinutes()) + ":" + LZ(now.getSeconds());
datetime = now.toLocaleString();
//datetime = now.toISOString();
SVGDoc.getElementById('datetime').firstChild.data = datetime;
if (!obj.success)

6
html/graph.php
View File

@ -15,9 +15,9 @@
// Define this is graph
define('OBS_GRAPH', TRUE);
include_once("../includes/sql-config.inc.php");
$start = microtime(TRUE); // Needs common.php
$start = utime(); // Needs common.php
include_once("../includes/sql-config.inc.php");
include($config['html_dir'] . "/includes/functions.inc.php");
@ -44,7 +44,7 @@ $vars = get_vars('GET', $auth);
include($config['html_dir'] . "/includes/graphs/graph.inc.php");
$runtime = utime() - $start;
$runtime = microtime(TRUE) - $start;
print_debug("Runtime ".$runtime." secs");

BIN
html/images/os/acksys.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
html/images/os/acksys_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.3 KiB

BIN
html/images/os/affirmed.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
html/images/os/affirmed_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.5 KiB

BIN
html/images/os/allot-dark.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
html/images/os/allot-dark_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
html/images/os/allot.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
html/images/os/allot_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
html/images/os/axis-dark.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
html/images/os/axis-dark_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.0 KiB

BIN
html/images/os/axis.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.2 KiB

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
html/images/os/axis_2x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.7 KiB

After

Width:  |  Height:  |  Size: 2.0 KiB

BIN
html/images/os/cumulus.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.6 KiB

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
html/images/os/cumulus_2x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.1 KiB

After

Width:  |  Height:  |  Size: 2.9 KiB

BIN
html/images/os/genexis.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
html/images/os/genexis_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.9 KiB

BIN
html/images/os/hardenedbsd.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
html/images/os/hardenedbsd_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.5 KiB

BIN
html/images/os/lantronix.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
html/images/os/lantronix_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
html/images/os/luve.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
html/images/os/luve_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.4 KiB

BIN
html/images/os/monnit.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
html/images/os/monnit_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.9 KiB

BIN
html/images/os/powershield.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
html/images/os/powershield_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
html/images/os/powertek-dark.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
html/images/os/powertek-dark_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.9 KiB

BIN
html/images/os/powertek.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
html/images/os/powertek_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.1 KiB

BIN
html/images/os/seagate.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
html/images/os/seagate_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.0 KiB

BIN
html/images/os/sigur.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
html/images/os/sigur_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
html/images/os/snr.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.6 KiB

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
html/images/os/snr_2x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 3.2 KiB

After

Width:  |  Height:  |  Size: 1.6 KiB

BIN
html/images/os/tfortis.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
html/images/os/tfortis_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
html/images/os/unitrends-dark.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.0 KiB

BIN
html/images/os/unitrends-dark_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
html/images/os/unitrends.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.0 KiB

BIN
html/images/os/unitrends_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
html/images/os/waveos.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
html/images/os/waveos_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.0 KiB

BIN
html/images/os/wisi.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
html/images/os/wisi_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.9 KiB

BIN
html/images/os/zyxel-dark.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
html/images/os/zyxel-dark_2x.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
html/images/os/zyxel.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1017 B

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
html/images/os/zyxel_2x.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.9 KiB

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
html/img/router.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 9.4 KiB

33
html/includes/actions/role_add.inc.php
View File

@ -1,25 +1,28 @@
<?php
/**
* Observium
*
* This file is part of Observium.
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) // Only valid forms from level 10 users
{
if (strlen($vars['role_name']) &&
strlen($vars['role_descr']))
{
$oid_id = dbInsert('roles', array('role_descr' => $vars['role_descr'],
'role_name' => $vars['role_name'])
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) { // Only valid forms from level 10 users
if (!safe_empty($vars['role_name']) &&
!safe_empty($vars['role_descr'])) {
$oid_id = dbInsert('roles', [ 'role_descr' => $vars['role_descr'],
'role_name' => $vars['role_name'] ]
);
if ($oid_id)
{
if ($oid_id) {
print_success("<strong>SUCCESS:</strong> Added role");
}
else
{
} else {
print_warning("<strong>WARNING:</strong> Role not added");
}
}
else
{
} else {
print_error("<strong>ERROR:</strong> All fields must be completed to add a new role.");
}
}

49
html/includes/actions/role_entity_add.inc.php
View File

@ -6,42 +6,45 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2020 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) // Only valid forms from level 10 users
{
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) { // Only valid forms from level 10 users
if (isset($vars['entity_id']))
{
} // use entity_id
elseif (isset($vars[$vars['entity_type'] . '_entity_id'])) // use type_entity_id
{
if (isset($vars['entity_id'])) {
// use entity_id
} elseif (isset($vars[$vars['entity_type'] . '_entity_id'])) {
// use type_entity_id
$vars['entity_id'] = $vars[$vars['entity_type'] . '_entity_id'];
}
if (!is_array($vars['entity_id']))
{
$vars['entity_id'] = array($vars['entity_id']);
if (!is_array($vars['entity_id'])) {
$vars['entity_id'] = [ $vars['entity_id'] ];
}
foreach ($vars['entity_id'] as $entity_id)
{
if (get_entity_by_id_cache($vars['entity_type'], $entity_id)) // Skip not exist entities
{
$changed = 0;
foreach ($vars['entity_id'] as $entity_id) {
if (get_entity_by_id_cache($vars['entity_type'], $entity_id)) { // Skip not exist entities
if (!dbExist('roles_entity_permissions', '`role_id` = ? AND `entity_type` = ? AND `entity_id` = ?',
array($vars['role_id'], $vars['entity_type'], $entity_id)
))
{
[ $vars['role_id'], $vars['entity_type'], $entity_id ])) {
if(!in_array($vars['access'], array('ro', 'rw'))) { $vars['access'] = 'ro'; }
if (!in_array($vars['access'], [ 'ro', 'rw' ])) {
$vars['access'] = 'ro';
}
dbInsert(array('entity_id' => $entity_id, 'entity_type' => $vars['entity_type'], 'role_id' => $vars['role_id'], 'access' => $vars['access']),
'roles_entity_permissions'
);
dbInsert([ 'entity_id' => $entity_id, 'entity_type' => $vars['entity_type'], 'role_id' => $vars['role_id'], 'access' => $vars['access'] ],
'roles_entity_permissions');
$changed++;
}
} else { print_error('Error: Invalid Entity.'); }
} else {
print_error('Error: Invalid Entity.');
}
}
// Reset permissions cache
if ($changed) { set_cache_clear('wui'); }
unset($changed);
}
// EOF

25
html/includes/actions/role_entity_del.inc.php
View File

@ -6,32 +6,31 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2020 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) // Only valid forms from level 10 users
{
if ($_SESSION['userlevel'] == 10 && request_token_valid($vars)) { // Only valid forms from level 10 users
if (isset($vars['entity_id']))
{
} // use entity_id
elseif (isset($vars[$vars['entity_type'] . '_entity_id'])) // use type_entity_id
{
if (isset($vars['entity_id'])) {
// use entity_id
} elseif (isset($vars[$vars['entity_type'] . '_entity_id'])) {
// use type_entity_id
$vars['entity_id'] = $vars[$vars['entity_type'] . '_entity_id'];
}
$where = '`role_id` = ? AND `entity_type` = ?' . generate_query_values($vars['entity_id'], 'entity_id');
$where = '`role_id` = ? AND `entity_type` = ?' . generate_query_values_and($vars['entity_id'], 'entity_id');
//if (@dbFetchCell("SELECT COUNT(*) FROM `entity_permissions` WHERE " . $where, array($vars['user_id'], $vars['entity_type'])))
if (dbExist('roles_entity_permissions', $where, array($vars['role_id'], $vars['entity_type'])))
{
if (dbExist('roles_entity_permissions', $where, [ $vars['role_id'], $vars['entity_type'] ])) {
dbDelete('roles_entity_permissions', $where, array($vars['role_id'], $vars['entity_type']));
//print_vars(dbError());
} else { }
// Reset permissions cache
set_cache_clear('wui');
}
}
echo ("nope"); // Hrm?
//echo ("nope"); // Hrm?
// EOF

5
html/includes/alerting-navbar.inc.php
View File

@ -6,11 +6,10 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
/// CONTACTS ACTIONS
$readonly = $_SESSION['userlevel'] < 10;
@ -60,7 +59,7 @@ if (!$readonly)
$exist_contacts = dbFetchColumn('SELECT `contact_id` FROM `alert_contacts_assoc` WHERE `aca_type` = ? AND `alert_checker_id` = ?', array('alert', $vars['alert_test_id']));
//print_vars($exist_contacts);
$sql = "SELECT `contact_id` FROM `alert_contacts` WHERE `contact_disabled` = 0 AND `contact_method` != 'syscontact'" .
generate_query_values($exist_contacts, 'contact_id', '!='); // exclude exist contacts
generate_query_values_and($exist_contacts, 'contact_id', '!='); // exclude exist contacts
//print_vars($sql);
foreach (dbFetchColumn($sql) as $contact_id)
{

8
html/includes/authenticate-functions.inc.php
View File

@ -262,4 +262,12 @@ function auth_user_info($username)
}
}
// Create placeholder user for users logged in via non-MySQL mechanisms to enable user list
function create_mysql_user($username, $userid, $level = '1', $type = 'mysql')
{
if(isset($username) && isset($userid) && is_numeric($userid)) {
dbInsert(array('username' => $username, 'user_id' => $userid, 'level' => $level, 'type' => $type), 'users');
}
}
// EOF

80
html/includes/authenticate.inc.php
View File

@ -5,8 +5,8 @@
* This file is part of Observium.
*
* @package observium
* @subpackage authentication
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -23,15 +23,19 @@ define('OBS_AJAX', (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SE
$debug_auth = FALSE; // Do not use this debug unless you Observium Developer ;)
if (PHP_VERSION_ID < 70100)
{
if (PHP_VERSION_ID < 70100) {
// Use sha1 to generate the session ID (option removed in php 7.1)
// session.sid_length (Number of session ID characters - 22 to 256.
// session.sid_bits_per_character (Bits used per character - 4 to 6.
@ini_set('session.hash_function', '1');
}
@ini_set('session.referer_check', ''); // This config was causing so much trouble with Chrome
@ini_set('session.name', 'OBSID'); // Session name
if (OBS_API) {
@ini_set('session.name', 'OBSAPI'); // Session name for API
} else {
@ini_set('session.name', 'OBSID'); // Session name for common Web UI
}
@ini_set('session.use_cookies', '1'); // Use cookies to store the session id on the client side
@ini_set('session.use_only_cookies', '1'); // This prevents attacks involved passing session ids in URLs
@ini_set('session.use_trans_sid', '0'); // Disable SID (no session id in url)
@ -48,13 +52,13 @@ $cookie_httponly = FALSE;
//$cookie_httponly = TRUE;
// Use custom session lifetime
if (is_numeric($GLOBALS['config']['web_session_lifetime']) && $GLOBALS['config']['web_session_lifetime'] >= 0) {
if (is_intnum($GLOBALS['config']['web_session_lifetime']) && $GLOBALS['config']['web_session_lifetime'] >= 0) {
$lifetime = (int)$GLOBALS['config']['web_session_lifetime'];
}
@ini_set('session.gc_maxlifetime', $lifetime); // Session lifetime (for non "remember me" sessions)
if (PHP_VERSION_ID >= 70300)
{
if (PHP_VERSION_ID >= 70300) {
// Allows servers to assert that a cookie ought not to be sent along with cross-site requests.
// Lax will sent the cookie for cross-domain GET requests, while Strict will not
//@ini_set('session.cookie_samesite', 'Strict');
@ -64,7 +68,7 @@ if (PHP_VERSION_ID >= 70300)
'domain' => $cookie_domain,
'secure' => $cookie_https,
'httponly' => $cookie_httponly,
'samesite' => 'Strict'
'samesite' => 'Lax' // 'Strict' /// FIXME. Set this configurable? See: https://jira.observium.org/browse/OBS-4214
];
session_set_cookie_params($cookie_params);
} else {
@ -77,28 +81,24 @@ if (!session_is_active()) {
session_regenerate();
}
if ($debug_auth && empty($_SESSION['authenticated']))
{
if ($debug_auth && empty($_SESSION['authenticated'])) {
logfile('debug_auth.log', __LINE__ . " NOT Authenticated!!!. IP=[" . get_remote_addr($config['web_session_ip_by_header']) . "]. URL=[" . $_SERVER['REQUEST_URI'] . "]");
logfile('debug_auth.log', __LINE__ . ' ' . json_encode($_SESSION));
}
// Fallback to MySQL auth as default - FIXME do this in sqlconfig file?
if (!isset($config['auth_mechanism']))
{
if (!isset($config['auth_mechanism'])) {
$config['auth_mechanism'] = "mysql";
}
// Trust Apache authenticated user, if configured to do so and username is available
if ($config['auth']['remote_user'] && $_SERVER['REMOTE_USER'] != '')
{
if ($config['auth']['remote_user'] && is_valid_param($_SERVER['REMOTE_USER'], 'username')) {
session_set_var('username', $_SERVER['REMOTE_USER']);
}
$auth_file = $config['html_dir'].'/includes/authentication/' . $config['auth_mechanism'] . '.inc.php';
if (is_file($auth_file)) {
if (isset($_SESSION['auth_mechanism']) && $_SESSION['auth_mechanism'] != $config['auth_mechanism'])
{
if (isset($_SESSION['auth_mechanism']) && $_SESSION['auth_mechanism'] != $config['auth_mechanism']) {
// Logout if AUTH mechanism changed
session_logout();
reauth_with_message('Authentication mechanism changed, please log in again!');
@ -123,14 +123,12 @@ if (is_file($auth_file)) {
if ($_SESSION['authenticated'] && str_starts(ltrim($_SERVER['REQUEST_URI'], '/'), 'logout')) {
// Do not use $vars and get_vars here!
//print_vars($_SERVER['REQUEST_URI']);
if (auth_can_logout())
{
if (auth_can_logout()) {
// No need for a feedback message if user requested a logout
session_logout(function_exists('auth_require_login'));
$redirect = auth_logout_url();
if ($redirect)
{
if ($redirect) {
redirect_to_url($redirect);
exit();
}
@ -144,8 +142,7 @@ $user_unique_id = session_unique_id(); // Get unique user id and check if IP cha
// Store logged remote IP with real proxied IP (if configured and available)
$remote_addr = get_remote_addr();
$remote_addr_header = get_remote_addr(TRUE); // Remote addr by http header
if ($remote_addr_header && $remote_addr != $remote_addr_header)
{
if ($remote_addr_header && $remote_addr != $remote_addr_header) {
$remote_addr = $remote_addr_header . ' (' . $remote_addr . ')';
}
@ -156,15 +153,16 @@ if (isset($config['web_session_cidr']) && count($config['web_session_cidr'])) {
}
if (!$_SESSION['authenticated']) {
if (isset($_GET['username']) && isset($_GET['password']) &&
is_string($_GET['username']) && is_string($_GET['password'])) {
if (isset($_GET['username'], $_GET['password']) &&
is_valid_param($_GET['username'], 'username') && is_valid_param($_GET['password'], 'password')) {
session_set_var('username', $_GET['username']);
$auth_password = $_GET['password'];
//r($_GET);
//r($_SESSION);
} elseif (isset($_POST['username']) && isset($_POST['password']) &&
is_string($_POST['username']) && is_string($_POST['password']))
{
} elseif (isset($_POST['username'], $_POST['password']) &&
is_valid_param($_POST['username'], 'username') && is_valid_param($_POST['password'], 'password')) {
session_set_var('username', $_POST['username']);
$auth_password = $_POST['password'];
} elseif (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
@ -256,8 +254,7 @@ if (isset($_SESSION['username'])) {
'user_agent' => $_SERVER['HTTP_USER_AGENT'],
'result' => 'Logged In'), 'authlog');
// Generate keys for cookie auth
if (isset($_POST['remember']) && OBS_ENCRYPT)
{
if (isset($_POST['remember']) && OBS_ENCRYPT) {
$ckey = md5(strgen());
$dkey = md5(strgen());
$encpass = encrypt($auth_password, $dkey);
@ -307,28 +304,15 @@ if (isset($_SESSION['username'])) {
session_commit();
// Hardcoded level permissions
/// FIXME. It's seems unused?..
$user_perms = array();
$user_perms = [];
$perms[0] = [];
$perms[1] = ['LOGIN'];
$perms[2] = [];
$perms[3] = [];
$perms[5] = ['GLOBAL_READ'];
$perms[6] = [];
$perms[7] = [];
$perms[8] = [];
$perms[9] = [];
$perms[10] = ['ADMIN'];
foreach($perms as $level => $array)
{
if($_SESSION['userlevel'] >= $level)
{
foreach($array AS $entry) { $user_perms[$entry] = $entry; }
foreach ($config['user_level'] as $level => $array) {
if ($_SESSION['userlevel'] >= $level) {
foreach($array['roles'] as $entry) { $user_perms[$entry] = $entry; }
}
}
//print_vars($user_perms);
//print_vars($_SESSION);

59
html/includes/authentication/ldap.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage authentication
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -67,7 +67,7 @@ function ldap_search_user($ldap_group, $userdn, $depth = -1) {
$ldap_search = ldap_search($ds, trim($config['auth_ldap_groupbase'], ', '), $filter, array($config['auth_ldap_attr']['dn']));
//r($filter);
if (is_resource($ldap_search)) {
if (ldap_internal_is_valid($ldap_search)) {
$ldap_results = ldap_get_entries($ds, $ldap_search);
//r($ldap_results);
@ -101,30 +101,30 @@ function ldap_search_user($ldap_group, $userdn, $depth = -1) {
* Initializes the LDAP connection to the specified server(s). Cycles through all servers, throws error when no server can be reached.
* Private function for this LDAP module only.
*/
function ldap_init()
{
function ldap_init() {
global $ds, $config;
if (!is_resource($ds))
{
if (!ldap_internal_is_valid($ds)) {
print_debug('LDAP[Connecting to ' . implode(' ',$config['auth_ldap_server']) . ']');
if ($config['auth_ldap_port'] === 636) {
print_debug('LDAP[Port 636. Prepending ldaps:// to server URI]');
$ds = @ldap_connect(implode(' ',preg_filter('/^(ldaps:\/\/)?/', 'ldaps://', $config['auth_ldap_server'])), $config['auth_ldap_port']);
} else {
$ds = @ldap_connect(implode(' ',$config['auth_ldap_server']), $config['auth_ldap_port']);
}
print_debug("LDAP[Connected]");
if ($config['auth_ldap_starttls'] &&
(in_array($config['auth_ldap_starttls'], [ 'optional', 'require', '1', 1, TRUE ], TRUE)))
{
(in_array($config['auth_ldap_starttls'], [ 'optional', 'require', '1', 1, TRUE ], TRUE))) {
$tls = ldap_start_tls($ds);
if ($config['auth_ldap_starttls'] === 'require' && !$tls)
{
if ($config['auth_ldap_starttls'] === 'require' && !$tls) {
session_logout();
print_error("Fatal error: LDAP TLS required but not successfully negotiated [" . ldap_error($ds) . "]");
exit;
}
}
if ($config['auth_ldap_referrals'])
{
if ($config['auth_ldap_referrals']) {
ldap_set_option($ds, LDAP_OPT_REFERRALS, $config['auth_ldap_referrals']);
print_debug("LDAP[Referrals][Set to " . $config['auth_ldap_referrals'] . "]");
} else {
@ -132,8 +132,7 @@ function ldap_init()
print_debug("LDAP[Referrals][Disabled]");
}
if ($config['auth_ldap_version'])
{
if ($config['auth_ldap_version']) {
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $config['auth_ldap_version']);
print_debug("LDAP[Version][Set to " . $config['auth_ldap_version'] . "]");
}
@ -388,8 +387,9 @@ function ldap_auth_user_id($username)
print_debug("LDAP[Filter][$filter][" . trim($config['auth_ldap_suffix'], ', ') . "]");
$search = ldap_search($ds, trim($config['auth_ldap_suffix'], ', '), $filter);
$entries = is_resource($search) ? ldap_get_entries($ds, $search) : [];
//print_vars($entries);
//r($search);
$entries = ldap_internal_is_valid($search) ? ldap_get_entries($ds, $search) : [];
//r($entries);
if ($entries['count'])
{
@ -566,7 +566,7 @@ function ldap_internal_user_entries($entries, &$userlist) {
$compare = ldap_search_user($ldap_group, $userdn);
//print_warning("$username, $realname, ");
//print_vars($compare);
//r($compare);
if ($compare === -1) {
print_debug("LDAP[UserList][Compare LDAP error: " . ldap_error($ds) . "]");
@ -608,7 +608,7 @@ function ldap_internal_paged_entries($filter, $attributes)
$ds, trim($config['auth_ldap_suffix'], ', '), $filter, $attributes, 0, 0, 0, LDAP_DEREF_NEVER,
[['oid' => LDAP_CONTROL_PAGEDRESULTS, 'value' => [ 'size' => $page_size, 'cookie' => $cookie ]]]
);
if (is_resource($search)) {
if (ldap_internal_is_valid($search)) {
ldap_parse_result($ds, $search, $errcode, $matcheddn, $errmsg, $referrals, $controls);
print_debug(ldap_error($ds));
$entries = array_merge($entries, ldap_get_entries($ds, $search));
@ -642,7 +642,7 @@ function ldap_internal_paged_entries($filter, $attributes)
$search = ldap_search($ds, trim($config['auth_ldap_suffix'], ', '), $filter, $attributes);
print_debug(ldap_error($ds));
if (is_resource($search)) {
if (ldap_internal_is_valid($search)) {
$entries = array_merge($entries, ldap_get_entries($ds, $search));
//print_vars($filter);
//print_vars($search);
@ -665,7 +665,7 @@ function ldap_internal_paged_entries($filter, $attributes)
$search = ldap_search($ds, trim($config['auth_ldap_suffix'], ', '), $filter, $attributes);
print_debug(ldap_error($ds));
if (is_resource($search)) {
if (ldap_internal_is_valid($search)) {
$entries = ldap_get_entries($ds, $search);
//print_vars($filter);
//print_vars($search);
@ -800,6 +800,9 @@ function ldap_bind_dn($username = "", $password = "")
*/
function ldap_internal_dn_from_username($username)
{
//r(debug_backtrace());
global $config, $ds, $cache;
if (!isset($cache['ldap']['dn'][$username]))
@ -813,7 +816,11 @@ function ldap_internal_dn_from_username($username)
print_debug("LDAP[Filter][$filter][" . trim($config['auth_ldap_suffix'], ', ') . "]");
$search = ldap_search($ds, trim($config['auth_ldap_suffix'], ', '), $filter);
if (is_resource($search)) {
//r($search);
//r(ldap_get_entries($ds, $search));
if (ldap_internal_is_valid($search)) {
$entries = ldap_get_entries($ds, $search);
if ($entries['count']) {
@ -1110,6 +1117,16 @@ function ldap_unescape_filter_value($values = array())
return $values;
}
function ldap_internal_is_valid($obj) {
if (PHP_VERSION_ID >= 80100) {
// ldap_bind() returns an LDAP\Connection instance in 8.1; previously, a resource was returned
// ldap_search() returns an LDAP\Result instance in 8.1; previously, a resource was returned.
return is_object($obj);
}
return is_resource($obj);
}
/**
* Converts all ASCII chars < 32 to "\HEX"
*

40
html/includes/authentication/mysql.inc.php
View File

@ -1,5 +1,4 @@
<?php
/**
* Observium
*
@ -7,7 +6,7 @@
*
* @package observium
* @subpackage authentication
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2019 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -23,7 +22,7 @@ function mysql_authenticate($username, $password)
{
global $config;
$row = dbFetchRow("SELECT `username`, `password` FROM `users` WHERE `username` = ?", array($username));
$row = dbFetchRow("SELECT `username`, `password` FROM `users` WHERE `username` = ? AND `type` = ?", [ $username, 'mysql' ]);
if ($row['username'] && $row['username'] == $username)
{
if ($config['auth']['remote_user']) { return 1; }
@ -78,12 +77,11 @@ function mysql_auth_can_change_password($username = "")
{
global $config;
if ((empty($username) || !mysql_auth_user_exists($username)) && !$config['auth']['remote_user'])
{
if ((empty($username) || !mysql_auth_user_exists($username)) && !$config['auth']['remote_user']) {
return TRUE;
} else {
return dbFetchCell("SELECT `can_modify_passwd` FROM `users` WHERE `username` = ?", array($username)); // FIXME should return BOOL
}
return dbFetchCell("SELECT `can_modify_passwd` FROM `users` WHERE `username` = ? AND `type` = ?", [ $username, 'mysql' ]); // FIXME should return BOOL
}
/**
@ -99,7 +97,7 @@ function mysql_auth_change_password($username,$password)
// $hash = crypt($password, '$1$' . strgen(8).'$'); // This is old hash, do not used anymore (keep for history)
$hash = password_hash($password, PASSWORD_DEFAULT);
return dbUpdate(array('password' => $hash), 'users', '`username` = ?', array($username)); // FIXME should return BOOL
return dbUpdate([ 'password' => $hash ], 'users', '`username` = ? AND `type` = ?', [ $username, 'mysql' ]); // FIXME should return BOOL
}
/**
@ -130,10 +128,16 @@ function mysql_adduser($username, $password, $level, $email = "", $realname = ""
{
// $hash = crypt($password, '$1$' . strgen(8).'$'); // This is old hash, do not used anymore (keep for history)
$hash = password_hash($password, PASSWORD_DEFAULT);
return dbInsert(array('username' => $username, 'password' => $hash, 'level' => $level, 'email' => $email, 'realname' => $realname, 'can_modify_passwd' => $can_modify_passwd, 'descr' => $description), 'users');
} else {
return FALSE;
return dbInsert([ 'username' => $username,
'password' => $hash,
'level' => $level,
'email' => $email,
'realname' => $realname,
'can_modify_passwd' => $can_modify_passwd,
'descr' => $description ], 'users');
}
return FALSE;
}
/**
@ -145,7 +149,7 @@ function mysql_adduser($username, $password, $level, $email = "", $realname = ""
function mysql_auth_user_exists($username)
{
//return @dbFetchCell("SELECT COUNT(*) FROM `users` WHERE `username` = ?", array($username)); // FIXME should return BOOL
return dbExist('users', '`username` = ?', array($username));
return dbExist('users', '`username` = ? AND `type` = ?', [ $username, 'mysql' ]);
}
/**
@ -156,7 +160,7 @@ function mysql_auth_user_exists($username)
*/
function mysql_auth_username_by_id($user_id)
{
return dbFetchCell("SELECT `username` FROM `users` WHERE `user_id` = ?", array($user_id)); // FIXME should return FALSE if not found
return dbFetchCell("SELECT `username` FROM `users` WHERE `user_id` = ? AND `type` = ?", [ $user_id, 'mysql' ]); // FIXME should return FALSE if not found
}
/**
@ -167,7 +171,7 @@ function mysql_auth_username_by_id($user_id)
*/
function mysql_auth_user_level($username)
{
return dbFetchCell("SELECT `level` FROM `users` WHERE `username` = ?", array($username));
return dbFetchCell("SELECT `level` FROM `users` WHERE `username` = ? AND `type` = ?", [ $username, 'mysql' ]);
}
/**
@ -178,7 +182,7 @@ function mysql_auth_user_level($username)
*/
function mysql_auth_user_id($username)
{
return dbFetchCell("SELECT `user_id` FROM `users` WHERE `username` = ?", array($username));
return dbFetchCell("SELECT `user_id` FROM `users` WHERE `username` = ? AND `type` = ?", [ $username, 'mysql' ]);
}
/**
@ -196,7 +200,7 @@ function mysql_deluser($username)
dbDelete('users_prefs', "`user_id` = ?", array($user_id));
dbDelete('users_ckeys', "`username` = ?", array($username));
return dbDelete('users', "`username` = ?", array($username)); // FIXME should return BOOL
return dbDelete('users', "`username` = ? AND `type` = ?", [ $username, 'mysql' ]); // FIXME should return BOOL
}
/**
@ -206,7 +210,7 @@ function mysql_deluser($username)
*/
function mysql_auth_user_list()
{
return dbFetchRows("SELECT * FROM `users`"); // FIXME hardcode list of returned fields as in all other backends; array content should not depend on db changes/column names.
return dbFetchRows("SELECT * FROM `users` WHERE `type` = ?", [ 'mysql' ]); // FIXME hardcode list of returned fields as in all other backends; array content should not depend on db changes/column names.
}
/**
@ -217,7 +221,7 @@ function mysql_auth_user_list()
*/
function mysql_auth_user_info($username)
{
return dbFetchRow("SELECT * FROM `users` WHERE `username` = ?", array($username));
return dbFetchRow("SELECT * FROM `users` WHERE `username` = ? AND `type` = ?", [ $username, 'mysql' ]);
}
// EOF

26
html/includes/authentication/radius.inc.php
View File

@ -1,5 +1,4 @@
<?php
/**
* Observium
*
@ -7,7 +6,7 @@
*
* @package observium
* @subpackage authentication
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2019 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -219,14 +218,14 @@ function radius_adduser($username, $password, $level, $email = "", $realname = "
/**
* Check if a user, specified by username, exists in the user backend.
* This is not currently possible using the RADIUS backend.
* This will only return users that have logged in at least once and inserted into MySQL
*
* @param string $username Username to check
* @return bool TRUE if the user exists, FALSE if they do not
*/
function radius_auth_user_exists($username)
{
return FALSE;
return dbExist('users', '`username` = ? AND `type` = ?', [ $username, 'radius' ]);
}
/**
@ -246,7 +245,7 @@ function radius_auth_user_level($username)
if (!isset($cache['radius']['level'][$username]))
{
if ($config['auth_radius_groupmemberattr'] == 18 || strtolower($config['auth_radius_groupmemberattr']) == 'reply-message')
if ($config['auth_radius_groupmemberattr'] == 18 || strtolower($config['auth_radius_groupmemberattr']) === 'reply-message')
{
// Reply-Message (18)
$attribute = RADIUS_REPLY_MESSAGE;
@ -285,7 +284,18 @@ function radius_auth_user_level($username)
$rad_userlevel = 10;
}
}
//r($rad_userlevel);
// If we don't already have an entry for this RADIUS user in the MySQL database, create one
if (!radius_auth_user_exists($username)){
$user_id = radius_auth_user_id($username);
create_mysql_user($username, $user_id, $rad_userlevel, 'radius');
} else {
// Update the user's level in MySQL if it doesn't match. This is really informational only.
if (dbFetchCell("SELECT `level` FROM `users` WHERE `username` = ? AND `type` = ?", [ $username, 'radius' ]) != $rad_userlevel) {
$user_id = radius_auth_user_id($username);
dbUpdate([ 'level' => $rad_userlevel, 'user_id' => $user_id ], 'users', '`username` = ? AND `type` = ?', [ $username, 'radius' ]);
}
}
return $rad_userlevel;
}
@ -324,8 +334,8 @@ function radius_deluser($username)
*/
function radius_auth_user_list()
{
$userlist = array();
return $userlist;
// Send list of users from MySQL
return dbFetchRows("SELECT * FROM `users` WHERE `type` = ?", [ 'radius' ]);
}
// EOF

36
html/includes/cache-data.inc.php
View File

@ -6,10 +6,11 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2020 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
$cache_data_start = microtime(TRUE);
$cache_item = get_cache_item('data');
//print_vars($cache_item->isHit());
@ -33,17 +34,22 @@ if (!ishit_cache_item($cache_item))
// This means device_by_id_cache actually never has to do any queries by itself, it'll always get the
// cached version when running from the web interface. From the commandline obviously we'll need to fetch
// the data per-device. We pre-fetch the graphs list as well, much faster than a query per device obviously.
$graphs_array = dbFetchRows("SELECT * FROM `device_graphs` FORCE INDEX (`graph`) ORDER BY `graph`;");
//$graphs_array = dbFetchRows("SELECT * FROM `device_graphs` FORCE INDEX (`graph`) ORDER BY `graph`;");
foreach ($graphs_array as $graph)
$cache['graphs'] = [];
foreach(dbFetchRows("SELECT `graph` FROM `device_graphs` GROUP BY `graph` ORDER BY `graph`;") as $entry)
{
$cache['graphs'][$entry['graph']] = $entry['graph'];
}
/*foreach ($graphs_array as $graph)
{
// Cache this per device_id so we can assign it to the correct (cached) device in the for loop below
if ($graph['enabled'])
{
$device_graphs[$graph['device_id']][$graph['graph']] = $graph;
}
}
$cache['graphs'] = array(); // All permitted graphs
}*/
// Cache scheduled maintenance currently active
$cache['maint'] = cache_alert_maintenance();
@ -54,16 +60,18 @@ if (!ishit_cache_item($cache_item))
} else {
$devices_array = dbFetchRows("SELECT * FROM `devices` ORDER BY `hostname`;");
}
foreach ($devices_array as $device)
{
if (device_permitted($device['device_id']))
{
// Process device and add all the human-readable stuff.
humanize_device($device);
// Very slow on larger systems (3s with 2000 devices)
//humanize_device($device);
// Assign device graphs from array created above
$device['graphs'] = (array)$device_graphs[$device['device_id']];
$cache['graphs'] = array_unique(array_merge($cache['graphs'], array_keys($device['graphs']))); // Add to global array cache
//$device['graphs'] = (array)$device_graphs[$device['device_id']];
//$cache['graphs'] = array_unique(array_merge($cache['graphs'], array_keys($device['graphs']))); // Add to global array cache
$cache['devices']['permitted'][] = (int)$device['device_id']; // Collect IDs for permitted
$cache['devices']['hostname'][$device['hostname']] = $device['device_id'];
@ -184,10 +192,10 @@ if (!ishit_cache_item($cache_item))
// Devices disabled
if (isset($cache['devices']['disabled']) && count($cache['devices']['disabled']) > 0)
{
$cache['ports']['device_disabled'] = dbFetchColumn("SELECT `port_id` FROM `ports` WHERE 1 " . $where_permitted . generate_query_values($cache['devices']['disabled'], 'device_id'));
$cache['ports']['device_disabled'] = dbFetchColumn("SELECT `port_id` FROM `ports` WHERE 1 " . $where_permitted . generate_query_values_and($cache['devices']['disabled'], 'device_id'));
if (!$config['web_show_disabled'])
{
$where_hide .= generate_query_values($cache['devices']['disabled'], 'device_id', '!=');
$where_hide .= generate_query_values_and($cache['devices']['disabled'], 'device_id', '!=');
}
}
@ -195,9 +203,9 @@ if (!ishit_cache_item($cache_item))
$where_devices_ignored = '';
if (isset($cache['devices']['ignored']) && count($cache['devices']['ignored']) > 0)
{
$cache['ports']['device_ignored'] = dbFetchColumn("SELECT `port_id` FROM `ports` WHERE 1 " . $where_permitted . $where_hide . generate_query_values($cache['devices']['ignored'], 'device_id'));
$where_hide .= generate_query_values($cache['devices']['ignored'], 'device_id', '!=');
$where_devices_ignored = generate_query_values($cache['devices']['ignored'], 'device_id');
$cache['ports']['device_ignored'] = dbFetchColumn("SELECT `port_id` FROM `ports` WHERE 1 " . $where_permitted . $where_hide . generate_query_values_and($cache['devices']['ignored'], 'device_id'));
$where_hide .= generate_query_values_and($cache['devices']['ignored'], 'device_id', '!=');
$where_devices_ignored = generate_query_values_and($cache['devices']['ignored'], 'device_id');
}
$cache['ports']['stat']['device_ignored'] = count($cache['ports']['device_ignored']);
@ -650,6 +658,8 @@ unset($cache_item);
//print_vars(get_cache_items('__wui'));
//print_vars(get_cache_stats());
$cache_data_time = microtime(TRUE) - $cache_data_start;
// EOF

4
html/includes/contacts-navbar.inc.php
View File

@ -341,10 +341,10 @@ $("#contact_method").change(function() {
} else {
$script .= PHP_EOL . " } else if (select === '" . $transport . "') {" . PHP_EOL;
}
$script .= " \$('div[id^=\"contact_${transport}_\"]').show();" . PHP_EOL . " ";
$script .= " \$('div[id^=\"contact_{$transport}_\"]').show();" . PHP_EOL . " ";
foreach (array_keys($config['transports']) as $ltransport) {
if ($transport != $ltransport) {
$script .= " \$('div[id^=\"contact_${ltransport}_\"]').hide();";
$script .= " \$('div[id^=\"contact_{$ltransport}_\"]').hide();";
}
}

10
html/includes/entities/cbqos.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -28,21 +28,21 @@ function build_cbqos_query($vars)
switch ($var) {
case "policy_name":
case "object_name":
$sql .= generate_query_values($value, $var);
$sql .= generate_query_values_and($value, $var);
break;
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'cbqos_id');
$sql .= generate_query_values_and($values, 'cbqos_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'ports_cbqos.device_id');
$sql .= generate_query_values_and($values, 'ports_cbqos.device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'ports_cbqos.device_id');
$sql .= generate_query_values_and($value, 'ports_cbqos.device_id');
break;
}
}

24
html/includes/entities/counter.inc.php
View File

@ -6,14 +6,14 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
/**
* Humanize counter.
*
* Returns a the $counter array with processed information:
* Returns a $counter array with processed information:
* counter_state (TRUE: state counter, FALSE: normal counter)
* human_value, counter_symbol, state_name, state_event, state_class
*
@ -164,26 +164,26 @@ function build_counter_query($vars, $query_count = FALSE)
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'counters.counter_id');
$sql .= generate_query_values_and($values, 'counters.counter_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'counters.device_id');
$sql .= generate_query_values_and($values, 'counters.device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'counters.device_id');
$sql .= generate_query_values_and($value, 'counters.device_id');
break;
case "id":
case "counter_id":
$sql .= generate_query_values($value, 'counters.counter_id');
$sql .= generate_query_values_and($value, 'counters.counter_id');
break;
case "entity_id":
$sql .= generate_query_values($value, 'counters.measured_entity');
$sql .= generate_query_values_and($value, 'counters.measured_entity');
break;
case "entity_type":
$sql .= generate_query_values($value, 'counters.measured_class');
$sql .= generate_query_values_and($value, 'counters.measured_class');
break;
case 'entity_state':
case "measured_state":
@ -191,15 +191,15 @@ function build_counter_query($vars, $query_count = FALSE)
break;
case 'class':
case "counter_class":
$sql .= generate_query_values($value, 'counter_class');
$sql .= generate_query_values_and($value, 'counter_class');
break;
case "descr":
case "counter_descr":
$sql .= generate_query_values($value, 'counters.counter_descr', '%LIKE%');
$sql .= generate_query_values_and($value, 'counters.counter_descr', '%LIKE%');
break;
case "event":
case "counter_event":
$sql .= generate_query_values($value, 'counter_event');
$sql .= generate_query_values_and($value, 'counter_event');
break;
}
}
@ -443,7 +443,7 @@ function generate_counter_row($counter, $vars)
$counter['counter_class'],
$config['counter_types'][$counter['counter_class']]['alt_units']) as $unit => $unit_value)
{
if (is_numeric($unit_value)) { $counter_tooltip .= "<br />${unit_value}${unit}"; }
if (is_numeric($unit_value)) { $counter_tooltip .= "<br />{$unit_value}{$unit}"; }
}
}

163
html/includes/entities/device.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -14,29 +14,25 @@
* Build devices where array
*
* This function returns an array of "WHERE" statements from a $vars array.
* The returned array can be implode()d and used on the devices table.
* The returned array can be imploded and used on the devices table.
* Originally extracted from the /devices/ page
*
* @param array $vars
* @return array
*/
function build_devices_where_array($vars)
{
function build_devices_where_array($vars) {
$where_array = array();
foreach ($vars as $var => $value)
{
if ($value != '')
{
switch ($var)
{
foreach ($vars as $var => $value) {
if (!safe_empty($value)) {
switch ($var) {
case 'group':
case 'group_id':
$values = get_group_entities($value);
$where_array[$var] = generate_query_values($values, 'device_id');
$where_array[$var] = generate_query_values_and($values, 'device_id');
break;
case 'device':
case 'device_id':
$where_array[$var] = generate_query_values($value, 'device_id');
$where_array[$var] = generate_query_values_and($value, 'device_id');
break;
case 'hostname':
case 'sysname':
@ -44,13 +40,15 @@ function build_devices_where_array($vars)
case 'sysDescr':
case 'serial':
case 'purpose':
$where_array[$var] = generate_query_values($value, $var, '%LIKE%');
$condition = str_contains_array($value, [ '*', '?' ]) ? 'LIKE' : '%LIKE%';
$where_array[$var] = generate_query_values_and($value, $var, $condition);
break;
case 'location_text':
$where_array[$var] = generate_query_values($value, 'devices.location', '%LIKE%');
$condition = str_contains_array($value, [ '*', '?' ]) ? 'LIKE' : '%LIKE%';
$where_array[$var] = generate_query_values_and($value, 'devices.location', $condition);
break;
case 'location':
$where_array[$var] = generate_query_values($value, 'devices.location');
$where_array[$var] = generate_query_values_and($value, 'devices.location');
break;
case 'location_lat':
case 'location_lon':
@ -60,7 +58,7 @@ function build_devices_where_array($vars)
case 'location_city':
if ($GLOBALS['config']['geocoding']['enable'])
{
$where_array[$var] = generate_query_values($value, 'devices_locations.' . $var);
$where_array[$var] = generate_query_values_and($value, 'devices_locations.' . $var);
}
break;
case 'os':
@ -74,10 +72,10 @@ function build_devices_where_array($vars)
case 'distro':
case 'ignore':
case 'disabled':
$where_array[$var] = generate_query_values($value, $var);
$where_array[$var] = generate_query_values_and($value, $var);
break;
case 'graph':
$where_array[$var] = generate_query_values(devices_with_graph($value), "devices.device_id");
$where_array[$var] = generate_query_values_and(devices_with_graph($value), "devices.device_id");
}
}
}
@ -103,7 +101,6 @@ function devices_with_graph($graph)
function build_devices_sort($vars)
{
$order = '';
$desc_order = isset($vars['sort_desc']) && $vars['sort_desc'];
switch ($vars['sort'])
{
case 'uptime':
@ -112,13 +109,12 @@ function build_devices_sort($vars)
case 'features':
case 'type':
case 'os':
case 'sysName':
case 'device_id':
$order = ' ORDER BY `devices`.`'.$vars['sort'].'`';
if ($desc_order)
{
$order .= " DESC";
}
if ($vars['sort_order'] == "desc") { $order .= " DESC";}
break;
case 'domain':
// Special order hostnames in Domain Order
// SELECT `hostname`,
@ -126,19 +122,18 @@ function build_devices_sort($vars)
// SUBSTRING_INDEX(SUBSTRING_INDEX(`hostname`,'.',-2),'.',1) AS `middle`,
// SUBSTRING_INDEX(`hostname`,'.',-1) AS `rightmost`
// FROM `devices` ORDER by `middle`, `rightmost`, `leftmost`;
if ($desc_order)
if ($vars['sort_order'] == "desc")
{
$order = ' ORDER BY `middle` DESC, `rightmost` DESC, `leftmost` DESC';
} else {
$order = ' ORDER BY `middle`, `rightmost`, `leftmost`';
}
break;
case 'hostname':
default:
$order = ' ORDER BY `devices`.`hostname`';
if ($desc_order)
{
$order .= " DESC";
}
if ($vars['sort_order'] == "desc") { $order .= " DESC"; }
break;
}
return $order;
@ -150,27 +145,9 @@ function print_device_header($device, $args = array()) {
if (!is_array($device)) { print_error("Invalid device passed to print_device_header()!"); }
/* FIXME. Unused?
if ($device['status'] == '0') { $class = "div-alert"; } else { $class = "div-normal"; }
if ($device['ignore'] == '1')
{
$class = "div-ignore-alert";
if ($device['status'] == '1')
{
$class = "div-ignore";
}
}
if ($device['disabled'] == '1')
{
$class = "div-disabled";
}
$type = strtolower($device['os']);
*/
$div_class = 'box box-solid';
if (!safe_empty($args['div-class'])) {
$div_class .= " ${args['div-class']}";
$div_class .= " " . $args['div-class'];
}
echo '<div class="'.$div_class.'">
@ -200,12 +177,12 @@ function print_device_header($device, $args = array()) {
}
$graph_array = [];
$graph_array['height'] = "100";
$graph_array['width'] = "310";
$graph_array['to'] = $config['time']['now'];
//$graph_array['height'] = "100";
//$graph_array['width'] = "310";
$graph_array['to'] = get_time();
$graph_array['device'] = $device['device_id'];
$graph_array['type'] = "device_bits";
$graph_array['from'] = $config['time']['day'];
$graph_array['from'] = get_time('day');
$graph_array['legend'] = "no";
$graph_array['height'] = "45";
@ -398,7 +375,7 @@ function print_device_row($device, $vars = array('view' => 'basic'), $link_vars
// Preprocess device graphs array
$graphs_enabled = [];
foreach ($GLOBALS['cache']['devices']['id'][$device['device_id']]['graphs'] as $graph)
foreach ($device['graphs'] as $graph)
{
$graphs_enabled[] = $graph['graph'];
}
@ -515,50 +492,41 @@ function get_device_icon($device, $base_icon = FALSE, $dark = FALSE) {
}
// Icon by vendor name
if ($icon === 'generic' && ($config['os'][$device['os']]['vendor'] || $device['vendor']))
{
if ($device['vendor'])
{
if ($icon === 'generic' && ($config['os'][$device['os']]['vendor'] || $device['vendor'])) {
if ($device['vendor']) {
$vendor = $device['vendor'];
} else {
$vendor = rewrite_vendor($config['os'][$device['os']]['vendor']); // Compatibility, if device not polled for long time
}
$vendor_safe = safename(strtolower($vendor));
if (isset($config['vendors'][$vendor_safe]['icon']))
{
if (isset($config['vendors'][$vendor_safe]['icon'])) {
$icon = $config['vendors'][$vendor_safe]['icon'];
}
elseif (is_file($config['html_dir'] . '/images/os/' . $vendor_safe . '.png'))
{
} elseif (is_file($config['html_dir'] . '/images/os/' . $vendor_safe . '.png')) {
$icon = $vendor_safe;
}
elseif (isset($config['os'][$device['os']]['icons']))
{
} elseif (isset($config['os'][$device['os']]['icons'])) {
// Fallback to os alternative icon
$icon = array_values($config['os'][$device['os']]['icons'])[0];
}
}
// Set dark mode by session
if (isset($_SESSION['theme']))
{
if (isset($_SESSION['theme'])) {
$dark = str_contains($_SESSION['theme'], 'dark');
}
// Prefer dark variant of icon in dark mode
if ($dark && is_file($config['html_dir'] . '/images/os/' . $icon . '-dark.png'))
{
if ($dark && is_file($config['html_dir'] . '/images/os/' . $icon . '-dark.png')) {
$icon .= '-dark';
}
if ($base_icon)
{
if ($base_icon) {
// return base name for os icon
return $icon;
}
// return image html tag
$base_url = rtrim($config['base_url'], '/');
$srcset = '';
// Now we always have 2x icon variant!
//if (is_file($config['html_dir'] . '/images/os/' . $icon . '_2x.png')) // HiDPI image exist?
@ -566,14 +534,13 @@ function get_device_icon($device, $base_icon = FALSE, $dark = FALSE) {
// Detect allowed screen ratio for current browser
$ua_info = detect_browser();
if ($ua_info['screen_ratio'] > 1)
{
$srcset = ' srcset="' .$config['base_url'] . '/images/os/' . $icon . '_2x.png'.' 2x"';
if ($ua_info['screen_ratio'] > 1) {
$srcset = ' srcset="' . $base_url . '/images/os/' . $icon . '_2x.png'.' 2x"';
}
//}
// Image tag -- FIXME re-engineer this code to do this properly. This is messy.
return '<img src="' . $config['base_url'] . '/images/os/' . $icon . '.png"' . $srcset . ' alt="" />';
return '<img src="' . $base_url . '/images/os/' . $icon . '.png"' . $srcset . ' alt="" />';
}
// TESTME needs unit testing
@ -638,8 +605,11 @@ function generate_device_popup($device, $vars = []) {
}
}
$count = 0;
foreach ($graphs as $entry) {
if($count == 3) { break; }
if ($entry && in_array(str_replace('device_', '', $entry), $graphs_enabled, TRUE)) {
// No text provided for the minigraph, fetch from array
if (preg_match(OBS_PATTERN_GRAPH_TYPE, $entry, $graphtype)) {
@ -664,17 +634,13 @@ function generate_device_popup($device, $vars = []) {
$content .= '<div style="width: 730px; white-space: nowrap;">';
$content .= "<div class=entity-title><h4>" . $text . "</h4></div>";
/*
$content .= generate_box_open(array('title' => $text,
'body-style' => 'white-space: nowrap;'));
*/
$content .= generate_graph_tag($graph_array);
$graph_array['from'] = get_time('week');
$content .= generate_graph_tag($graph_array);
$content .= '</div>';
//$content .= generate_box_close();
$count++;
}
}
@ -722,41 +688,6 @@ function generate_device_link_short($device, $vars = [], $short = TRUE) {
return generate_device_link($device, NULL, $vars, TRUE, $short);
}
function device_name($device, $max_len = FALSE) {
global $config;
switch (strtolower($config['web_device_name'])) {
case 'sysname':
$name_field = 'sysName';
break;
case 'purpose':
case 'descr':
case 'description':
$name_field = 'purpose';
break;
default:
$name_field = 'hostname';
}
if ($max_len && !is_intnum($max_len)) {
$max_len = $config['short_hostname']['length'];
}
if ($name_field !== 'hostname' && !safe_empty($device[$name_field])) {
if ($name_field === 'sysName' && $max_len && $max_len > 3) {
// short sysname when is valid hostname (do not escape here)
return short_hostname($device[$name_field], $max_len, FALSE);
}
return $device[$name_field];
}
if ($max_len && $max_len > 3) {
// short hostname (do not escape here)
return short_hostname($device['hostname'], $max_len, FALSE);
}
return $device['hostname'];
}
function generate_device_form_values($form_filter = FALSE, $column = 'device_id', $options = array())
{
global $cache;

34
html/includes/entities/generic.inc.php
View File

@ -54,6 +54,30 @@ function get_customoid_by_id($oid_id) {
} // end function get_customoid_by_id()
// DOCME needs phpdoc block
// TESTME needs unit testing
function get_application_by_id($application_id)
{
if (is_numeric($application_id))
{
$application = dbFetchRow("SELECT * FROM `applications` WHERE `app_id` = ?", array($application_id));
}
if (is_array($application))
{
return $application;
} else {
return FALSE;
}
}
// DOCME needs phpdoc block
// TESTME needs unit testing
function accesspoint_by_id($ap_id, $refresh = '0')
{
$ap = dbFetchRow("SELECT * FROM `accesspoints` WHERE `accesspoint_id` = ?", array($ap_id));
return $ap;
}
function generate_entity_popup_graphs($entity, $vars)
{
@ -376,8 +400,8 @@ function build_entity_measured_where($entity_type, $vars)
{
case 'port':
case 'printersupply':
$measure_sql = generate_query_values($measured_type, $column_measured_type, NULL, OBS_DB_NO_LEADING_AND);
$measure_sql .= generate_query_values($entities, $column_measured_id);
$measure_sql = generate_query_values_ng($measured_type, $column_measured_type);
$measure_sql .= generate_query_values_and($entities, $column_measured_id);
break;
}
if ($measure_sql) { $measure_array[] = $measure_sql; }
@ -388,7 +412,7 @@ function build_entity_measured_where($entity_type, $vars)
//$value = (array)$value;
// Select all without measured entities
if (in_array('none', $value)) {
$measure_array[] = generate_query_values(1, $column_measured_id, 'NULL', OBS_DB_NO_LEADING_AND);
$measure_array[] = generate_query_values_ng(1, $column_measured_id);
$value = array_diff($value, [ 'none' ]);
}
if (count($value))
@ -410,8 +434,8 @@ function build_entity_measured_where($entity_type, $vars)
$entities = dbFetchColumn($entity_sql);
//$entities = dbFetchColumn($entity_sql, NULL, TRUE);
//r($entities);
$measure_sql = generate_query_values($measured_type, $column_measured_type, NULL, OBS_DB_NO_LEADING_AND);
$measure_sql .= generate_query_values($entities, $column_measured_id);
$measure_sql = generate_query_values_ng($measured_type, $column_measured_type);
$measure_sql .= generate_query_values_and($entities, $column_measured_id);
break;
case 'printersupply':
break;

10
html/includes/entities/mempool.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -32,20 +32,20 @@ function build_mempool_query($vars)
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'mempools.mempool_id');
$sql .= generate_query_values_and($values, 'mempools.mempool_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'mempools.device_id');
$sql .= generate_query_values_and($values, 'mempools.device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'mempools.device_id');
$sql .= generate_query_values_and($value, 'mempools.device_id');
break;
case "descr":
case "mempool_descr";
$sql .= generate_query_values($value, 'mempool_descr', '%LIKE%');
$sql .= generate_query_values_and($value, 'mempool_descr', '%LIKE%');
break;
}
}

16
html/includes/entities/oid_entry.inc.php
View File

@ -6,15 +6,14 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
function generate_oid_template_link($entry)
{
$url = generate_url(array('page' => 'customoid', 'oid_id' => $entry['oid_id']));
$link = '<a href="'.$url.'">'.$entry['oid_descr'].'</a>';
return $link;
return '<a href="'.$url.'">'.$entry['oid_descr'].'</a>';
}
function build_oid_query($vars)
@ -33,21 +32,21 @@ function build_oid_query($vars)
case "oid_descr":
case "oid":
case "oid_name":
$sql .= generate_query_values($value, $var);
$sql .= generate_query_values_and($value, $var);
break;
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'oid_entry_id');
$sql .= generate_query_values_and($values, 'oid_entry_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'oids_entries.device_id');
$sql .= generate_query_values_and($values, 'oids_entries.device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'oids_entries.device_id');
$sql .= generate_query_values_and($value, 'oids_entries.device_id');
break;
}
}
@ -97,7 +96,7 @@ function print_oid_table_header($vars, $entries)
$cols['event'] = array('Event', 'style="width: 60px;"');
if ($entries[0]['oid_autodiscover'] == '0' && $vars['page'] === "customoid") {
$cols['actions'] = array('', 'style="width: 40px;"'); echo "derp";
$cols['actions'] = array('', 'style="width: 40px;"');
}
echo get_table_header($cols, $vars);
@ -112,7 +111,6 @@ function print_oid_table($vars)
$entries = dbFetchRows($sql);
$count = count($entries);
if (count($entries)) {
echo generate_box_open();

8
html/includes/entities/p2pradio.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -23,16 +23,16 @@ function generate_p2pradio_query($vars)
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'radio_id');
$sql .= generate_query_values_and($values, 'radio_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'p2p_radios.device_id');
$sql .= generate_query_values_and($values, 'p2p_radios.device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'device_id');
$sql .= generate_query_values_and($value, 'device_id');
break;
}
}

39
html/includes/entities/port.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -14,7 +14,7 @@
* Build ports WHERE array
*
* This function returns an array of "WHERE" statements from a $vars array.
* The returned array can be implode()d and used on the ports table.
* The returned array can be imploded and used on the ports table.
* Originally extracted from the /ports/ page
*
* @param array $vars
@ -27,20 +27,20 @@ function build_ports_where_array($vars) {
if (!safe_empty($value)) {
switch ($var) {
case 'location':
$where[] = generate_query_values($value, $var);
$where[] = generate_query_values_and($value, $var);
break;
case 'device_id':
$where[] = generate_query_values($value, 'ports.device_id');
$where[] = generate_query_values_and($value, 'ports.device_id');
break;
case 'group':
case 'group_id':
$values = get_group_entities($value);
$where[] = generate_query_values($values, 'ports.port_id');
$where[] = generate_query_values_and($values, 'ports.port_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$where[] = generate_query_values($values, 'ports.device_id');
$where[] = generate_query_values_and($values, 'ports.device_id');
break;
case 'disable':
$var = 'disabled';
@ -49,25 +49,26 @@ function build_ports_where_array($vars) {
case 'ignore':
case 'ifSpeed':
case 'ifType':
case 'ifVlan':
case 'port_id':
$where[] = generate_query_values($value, 'ports.'.$var);
$where[] = generate_query_values_and($value, 'ports.'.$var);
break;
case 'hostname':
case 'ifAlias':
case 'ifDescr': // FIXME, probably better always use port_label instead ifDescr for search
$where[] = generate_query_values($value, $var, '%LIKE%');
$where[] = generate_query_values_and($value, $var, '%LIKE%');
break;
case 'label':
case 'port_label':
$where[] = generate_query_values($value, 'port_label', '%LIKE%');
$where[] = generate_query_values_and($value, 'port_label', '%LIKE%');
break;
case 'mac':
case 'ifPhysAddress':
$value = str_replace([ '.', '-', ':' ], '', $value);
$where[] = generate_query_values($value, 'ifPhysAddress', '%LIKE%');
$where[] = generate_query_values_and($value, 'ifPhysAddress', '%LIKE%');
break;
case 'port_descr_type':
$where[] = generate_query_values($value, $var, 'LIKE');
$where[] = generate_query_values_and($value, $var, 'LIKE');
break;
case 'errors':
if (get_var_true($value)) {
@ -88,13 +89,13 @@ function build_ports_where_array($vars) {
foreach ((array)$value as $state) {
if ($state === "down") {
$state_where[] = '`ifAdminStatus` = "up" AND `ifOperStatus` IN ("lowerLayerDown", "down")';
//$state_where[] = generate_query_values('up', 'ifAdminStatus', NULL, FALSE) . generate_query_values(['down', 'lowerLayerDown'], 'ifOperStatus');
//$state_where[] = generate_query_values_ng('up', 'ifAdminStatus') . generate_query_values_and(['down', 'lowerLayerDown'], 'ifOperStatus');
} elseif ($state === "up") {
$state_where[] = '`ifAdminStatus` = "up" AND `ifOperStatus` IN ("up", "testing", "monitoring")';
//$state_where[] = generate_query_values('up', 'ifAdminStatus', NULL, FALSE) . generate_query_values(['up', 'testing', 'monitoring'], 'ifOperStatus');
//$state_where[] = generate_query_values_ng('up', 'ifAdminStatus') . generate_query_values_and(['up', 'testing', 'monitoring'], 'ifOperStatus');
} elseif ($state === "admindown" || $state === "shutdown") {
$state_where[] = '`ifAdminStatus` = "down"';
//$state_where[] = generate_query_values('down', 'ifAdminStatus', NULL, FALSE);
//$state_where[] = generate_query_values_ng('down', 'ifAdminStatus');
}
}
switch (count($state_where)) {
@ -110,12 +111,12 @@ function build_ports_where_array($vars) {
break;
case 'cbqos':
if ($value && $value !== 'no') {
$where[] = generate_query_values($GLOBALS['cache']['ports']['cbqos'], 'ports.port_id');
$where[] = generate_query_values_and($GLOBALS['cache']['ports']['cbqos'], 'ports.port_id');
}
break;
case 'mac_accounting':
if ($value && $value !== 'no') {
$where[] = generate_query_values($GLOBALS['cache']['ports']['mac_accounting'], 'ports.port_id');
$where[] = generate_query_values_and($GLOBALS['cache']['ports']['mac_accounting'], 'ports.port_id');
}
break;
}
@ -194,6 +195,7 @@ function generate_port_popup($port, $text = NULL, $type = NULL)
$content = generate_device_popup_header($port);
$content .= generate_port_popup_header($port);
if($type != "none") {
$content .= '<div style="width: 700px">';
//$content .= generate_box_open(array('body-style' => 'width: 700px;'));
$graph_array['type'] = $port['graph_type'];
@ -212,6 +214,7 @@ function generate_port_popup($port, $text = NULL, $type = NULL)
$content .= generate_graph_tag($graph_array);
$content .= "</div>";
//$content .= generate_box_close();
}
return $content;
}
@ -454,7 +457,7 @@ function generate_port_row($port, $vars = array())
if (!isset($cache['ports_option']['ipv4_addresses']) || in_array($port['port_id'], $cache['ports_option']['ipv4_addresses'])) {
$sql = "SELECT * FROM `ipv4_addresses` WHERE `port_id` = ?";
// Do not exclude IPv4 link-local
$sql .= generate_query_values(array_diff($ignore_type, [ 'link-local' ]), 'ipv4_type', '!='); // Do not show ignored ip types
$sql .= generate_query_values_and(array_diff($ignore_type, [ 'link-local' ]), 'ipv4_type', '!='); // Do not show ignored ip types
foreach (dbFetchRows($sql, array($port['port_id'])) as $ip)
{
$string .= $break . generate_popup_link('ip', $ip['ipv4_address'].'/'.$ip['ipv4_prefixlen'], NULL, 'small');
@ -464,7 +467,7 @@ function generate_port_row($port, $vars = array())
if (!isset($cache['ports_option']['ipv6_addresses']) || in_array($port['port_id'], $cache['ports_option']['ipv6_addresses']))
{
$sql = "SELECT * FROM `ipv6_addresses` WHERE `port_id` = ?";
$sql .= generate_query_values($ignore_type, 'ipv6_type', '!='); // Do not show ignored ip types
$sql .= generate_query_values_and($ignore_type, 'ipv6_type', '!='); // Do not show ignored ip types
foreach (dbFetchRows($sql, array($port['port_id'])) as $ip6)
{
$string .= $break . generate_popup_link('ip', $ip6['ipv6_address'].'/'.$ip6['ipv6_prefixlen'], NULL, 'small');

14
html/includes/entities/printersupply.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -23,28 +23,28 @@ function build_printersupplies_query($vars)
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'printersupplies.supply_id');
$sql .= generate_query_values_and($values, 'printersupplies.supply_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'printersupplies.device_id');
$sql .= generate_query_values_and($values, 'printersupplies.device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'printersupplies.device_id');
$sql .= generate_query_values_and($value, 'printersupplies.device_id');
break;
case "supply":
case "supply_type";
$sql .= generate_query_values($value, 'printersupplies.supply_type');
$sql .= generate_query_values_and($value, 'printersupplies.supply_type');
break;
case "colour":
case "supply_colour";
$sql .= generate_query_values($value, 'supply_colour');
$sql .= generate_query_values_and($value, 'supply_colour');
break;
case "descr":
case "supply_descr";
$sql .= generate_query_values($value, 'supply_descr', '%LIKE%');
$sql .= generate_query_values_and($value, 'supply_descr', '%LIKE%');
break;
}
}

10
html/includes/entities/processor.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -27,20 +27,20 @@ function generate_processor_query($vars)
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'processor_id');
$sql .= generate_query_values_and($values, 'processor_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'processors.device_id');
$sql .= generate_query_values_and($values, 'processors.device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'processors.device_id');
$sql .= generate_query_values_and($value, 'processors.device_id');
break;
case "descr":
case "processor_descr";
$sql .= generate_query_values($value, 'processor_descr', '%LIKE%');
$sql .= generate_query_values_and($value, 'processor_descr', '%LIKE%');
break;
}
}

27
html/includes/entities/pseudowire.inc.php
View File

@ -1,5 +1,4 @@
<?php
/**
* Observium
*
@ -7,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2019 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -24,42 +23,42 @@ function generate_pseudowire_query($vars)
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'pseudowire_id');
$sql .= generate_query_values_and($values, 'pseudowire_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'device_id');
$sql .= generate_query_values_and($values, 'device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'device_id');
$sql .= generate_query_values_and($value, 'device_id');
break;
case "port":
case "port_id":
$sql .= generate_query_values($value, 'port_id');
$sql .= generate_query_values_and($value, 'port_id');
break;
case "id":
$sql .= generate_query_values($value, 'pseudowire_id');
$sql .= generate_query_values_and($value, 'pseudowire_id');
break;
case "pwid":
case "pwID":
$sql .= generate_query_values($value, 'pwID');
$sql .= generate_query_values_and($value, 'pwID');
break;
case "pwtype":
$sql .= generate_query_values($value, 'pwType');
$sql .= generate_query_values_and($value, 'pwType');
break;
case "psntype":
$sql .= generate_query_values($value, 'pwPsnType');
$sql .= generate_query_values_and($value, 'pwPsnType');
break;
case "peer_id":
$sql .= generate_query_values($value, 'peer_device_id');
$sql .= generate_query_values_and($value, 'peer_device_id');
break;
case "peer_addr":
$sql .= generate_query_values($value, 'peer_addr');
$sql .= generate_query_values_and($value, 'peer_addr');
break;
case "event":
$sql .= generate_query_values($value, 'event');
$sql .= generate_query_values_and($value, 'event');
break;
}
}
@ -130,7 +129,7 @@ function get_pseudowire_table($vars)
if (!is_array($cache_pseudowires['ips'][$peer_addr]))
{
$cache_pseudowires['ips'][$peer_addr]['port_id'] = dbFetchCell('SELECT `port_id` FROM `'.$peer_addr_type.'_addresses` WHERE `'.$peer_addr_type.'_address` = ? '.generate_query_values($GLOBALS['cache']['ports']['pseudowires'], 'port_id').' LIMIT 1;', array($peer_addr));
$cache_pseudowires['ips'][$peer_addr]['port_id'] = dbFetchCell('SELECT `port_id` FROM `'.$peer_addr_type.'_addresses` WHERE `'.$peer_addr_type.'_address` = ? '.generate_query_values_and($GLOBALS['cache']['ports']['pseudowires'], 'port_id').' LIMIT 1;', array($peer_addr));
if (!is_numeric($cache_pseudowires['ips'][$peer_addr]['port_id']))
{
// Separate entry for find correct port

144
html/includes/entities/sensor.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -121,26 +121,26 @@ function build_sensor_query($vars, $query_count = FALSE) {
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'sensors.sensor_id');
$sql .= generate_query_values_and($values, 'sensors.sensor_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'sensors.device_id');
$sql .= generate_query_values_and($values, 'sensors.device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'sensors.device_id');
$sql .= generate_query_values_and($value, 'sensors.device_id');
break;
case "id":
case "sensor_id":
$sql .= generate_query_values($value, 'sensors.sensor_id');
$sql .= generate_query_values_and($value, 'sensors.sensor_id');
break;
case "entity_id":
$sql .= generate_query_values($value, 'sensors.measured_entity');
$sql .= generate_query_values_and($value, 'sensors.measured_entity');
break;
case "entity_type":
$sql .= generate_query_values($value, 'sensors.measured_class');
$sql .= generate_query_values_and($value, 'sensors.measured_class');
break;
case 'entity_state':
case "measured_state":
@ -153,19 +153,19 @@ function build_sensor_query($vars, $query_count = FALSE) {
}
case 'class':
case "sensor_class":
$sql .= generate_query_values($value, 'sensor_class');
$sql .= generate_query_values_and($value, 'sensor_class');
break;
case "descr":
case "sensor_descr":
$sql .= generate_query_values($value, 'sensors.sensor_descr', '%LIKE%');
$sql .= generate_query_values_and($value, 'sensors.sensor_descr', '%LIKE%');
break;
case "type":
case "sensor_type":
$sql .= generate_query_values($value, 'sensor_type', '%LIKE%');
$sql .= generate_query_values_and($value, 'sensor_type', '%LIKE%');
break;
case "event":
case "sensor_event":
$sql .= generate_query_values($value, 'sensor_event');
$sql .= generate_query_values_and($value, 'sensor_event');
break;
}
}
@ -304,6 +304,126 @@ function print_sensor_table_header($vars) {
echo('<tbody>' . PHP_EOL);
}
function generate_sensor_line($sensor, $vars) {
global $config;
humanize_sensor($sensor);
$graph_array = [];
$graph_array['to'] = get_time();
$graph_array['id'] = $sensor['sensor_id'];
$graph_array['type'] = "sensor_graph";
$graph_array['width'] = 80;
$graph_array['height'] = 20;
$graph_array['bg'] = 'ffffff00';
$graph_array['from'] = get_time('day');
$graph_array['style'] = 'margin-top: 5px';
if ($sensor['sensor_event'] && is_numeric($sensor['sensor_value'])) {
$mini_graph = generate_graph_tag($graph_array);
} else {
// Do not show "Draw Error" minigraph
$mini_graph = '';
}
/*
$sensor_tooltip = $sensor['event_descr'];
// Append value in alternative units to tooltip
if (isset($config['sensor_types'][$sensor['sensor_class']]['alt_units'])) {
foreach (value_to_units($sensor['sensor_value'],
$config['sensor_types'][$sensor['sensor_class']]['symbol'],
$sensor['sensor_class'],
$config['sensor_types'][$sensor['sensor_class']]['alt_units']) as $unit => $unit_value) {
if (is_numeric($unit_value)) { $sensor_tooltip .= "<br />{$unit_value}{$unit}"; }
}
}
*/
//r($sensor);
$text = '<span class="'. $sensor['event_class'].'">' . $sensor['human_value'] . $sensor['sensor_symbol'] . '</span>';
//$line = '<td class="state-marker"></td>';
$line = '<td class="entity '.$sensor['row_class'].'">';
//$btn_class = str_replace('label', 'btn', $sensor['event_class']); // FIXME Need button-outline-* class from bs4+
if (get_var_true($vars['compact'])) {
$line .= '<button class="btn btn-default" style="width: 105px; text-align: right;">';
} else {
// fixed button size for keep size without images
$line .= '<button class="btn btn-default" style="width: 105px; height: 55px;">';
}
$icon = get_icon($config['sensor_types'][$sensor['sensor_class']]['icon']);
if ($sensor['sensor_class'] === 'power' || $sensor['sensor_class'] === 'dbm') {
if (str_icontains_array($sensor['sensor_descr'], [ ' Rx', 'Rx ', 'Receive' ])) {
// rx
$icon = get_icon('glyphicon-arrow-down text-primary').'&nbsp;';
} elseif (str_icontains_array($sensor['sensor_descr'], [ ' Tx', 'Tx ', 'Trans' ])) {
// tx
$icon = get_icon('glyphicon-arrow-up text-danger').'&nbsp;';
}
}
$line .= $icon.'&nbsp;';
$line .= generate_entity_link('sensor', $sensor, $text, NULL, FALSE);
if (!get_var_true($vars['compact'])) {
$line .= '<br />' .generate_entity_link('sensor', $sensor, $mini_graph, NULL, FALSE);
}
//$line .= '<strong>' . generate_tooltip_link('', $sensor['human_value'] . $sensor['sensor_symbol'], $sensor_tooltip, $sensor['event_class']) . '</strong>';
$line .= '</button>';
$line .= '</td>';
//r($line);
return $line;
}
function get_compact_sensors_line($measured_class, $entry, $vars) {
// order dom sensors always by temperature, voltage, current, dbm, power
$order = [];
if (safe_count($entry) > 0) {
$classes = array_keys($entry);
//r($types);
if ($measured_class === 'port') {
// always display all classes for dom (also if not exist)
$order = [ 'temperature', 'voltage', 'current', /* 'dbm', 'power' */ ];
// or dbm or power
if (in_array('dbm', $classes, TRUE)) {
$order[] = 'dbm';
} elseif (in_array('power', $classes, TRUE)) {
$order[] = 'power';
} else {
$order[] = 'dbm';
}
} else {
$order = array_intersect([ 'temperature', 'voltage', 'current', 'dbm', 'power' ], $classes);
}
$order = array_merge($order, array_diff($classes, $order));
//r($order);
}
$line = '';
foreach ($order as $class) {
if (!isset($entry[$class])) {
// Add empty columns for port entities (for correct align)
$line .= '<td class="entity"></td>';
}
foreach ($entry[$class] as $sensor) {
/*
$sensor['sensor_descr'] = trim(str_ireplace($rename_from, '', $sensor['sensor_descr']), ":- \t\n\r\0\x0B");
if (empty($sensor['sensor_descr'])) {
// Some time sensor descriptions equals to entity name
$sensor['sensor_descr'] = nicecase($sensor['sensor_class']);
}
*/
// Compact view per entity/lane
$line .= generate_sensor_line($sensor, $vars);
}
}
return $line;
}
function print_sensor_row($sensor, $vars)
{
echo generate_sensor_row($sensor, $vars);
@ -404,7 +524,7 @@ function generate_sensor_row($sensor, $vars)
$sensor['sensor_class'],
$config['sensor_types'][$sensor['sensor_class']]['alt_units']) as $unit => $unit_value)
{
if (is_numeric($unit_value)) { $sensor_tooltip .= "<br />${unit_value}${unit}"; }
if (is_numeric($unit_value)) { $sensor_tooltip .= "<br />{$unit_value}{$unit}"; }
}
}

20
html/includes/entities/sla.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2020 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -23,38 +23,38 @@ function generate_sla_query($vars)
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'slas.sla_id');
$sql .= generate_query_values_and($values, 'slas.sla_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'storage.device_id');
$sql .= generate_query_values_and($values, 'storage.device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'slas.device_id');
$sql .= generate_query_values_and($value, 'slas.device_id');
break;
case "id":
case "sla_id":
$sql .= generate_query_values($value, 'slas.sla_id');
$sql .= generate_query_values_and($value, 'slas.sla_id');
break;
case "owner":
$sql .= generate_query_values($value, 'slas.sla_owner');
$sql .= generate_query_values_and($value, 'slas.sla_owner');
break;
case "target":
case "sla_target":
$sql .= generate_query_values($value, 'slas.sla_target', '%LIKE%');
$sql .= generate_query_values_and($value, 'slas.sla_target', '%LIKE%');
break;
case "sla_tag":
$sql .= generate_query_values($value, 'slas.sla_tag');
$sql .= generate_query_values_and($value, 'slas.sla_tag');
break;
case "rtt_type":
case "rtt_sense":
$sql .= generate_query_values($value, 'slas.'.$var);
$sql .= generate_query_values_and($value, 'slas.'.$var);
break;
case "event":
case "rtt_event":
$sql .= generate_query_values($value, 'slas.rtt_event');
$sql .= generate_query_values_and($value, 'slas.rtt_event');
break;
}
}

26
html/includes/entities/status.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -74,26 +74,26 @@ function generate_status_query($vars, $query_count = FALSE) {
case "group":
case "group_id":
$values = get_group_entities($value, 'status');
$sql .= generate_query_values($values, 'status.status_id');
$sql .= generate_query_values_and($values, 'status.status_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'status.device_id');
$sql .= generate_query_values_and($values, 'status.device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'status.device_id');
$sql .= generate_query_values_and($value, 'status.device_id');
break;
case "id":
case 'status_id':
$sql .= generate_query_values($value, 'status.status_id');
$sql .= generate_query_values_and($value, 'status.status_id');
break;
case "entity_id":
$sql .= generate_query_values($value, 'measured_entity');
$sql .= generate_query_values_and($value, 'measured_entity');
break;
case "entity_type":
$sql .= generate_query_values($value, 'measured_class');
$sql .= generate_query_values_and($value, 'measured_class');
break;
case 'entity_state':
case "measured_state":
@ -101,23 +101,23 @@ function generate_status_query($vars, $query_count = FALSE) {
break;
case "class":
case 'entPhysicalClass':
$sql .= generate_query_values($value, 'entPhysicalClass');
$sql .= generate_query_values_and($value, 'entPhysicalClass');
break;
case "event":
case "status_event":
$sql .= generate_query_values($value, 'status_event');
$sql .= generate_query_values_and($value, 'status_event');
break;
case "status":
case "status_name":
$sql .= generate_query_values($value, 'status_name');
$sql .= generate_query_values_and($value, 'status_name');
break;
case "descr":
case "status_descr":
$sql .= generate_query_values($value, 'status_descr', '%LIKE%');
$sql .= generate_query_values_and($value, 'status_descr', '%LIKE%');
break;
case 'type':
case "status_type":
$sql .= generate_query_values($value, 'status_type', '%LIKE%');
$sql .= generate_query_values_and($value, 'status_type', '%LIKE%');
break;
}
}
@ -323,7 +323,7 @@ function generate_status_row($status, $vars) {
$row .= '<td style="width: 90px; text-align: right;">' . generate_entity_link('status', $status, $mini_graph, NULL, FALSE) . '</td>';
if ($vars['tab'] !== "overview")
{
$row .= '<td style="white-space: nowrap">' . generate_tooltip_link('', format_uptime((get_time() - $status['status_last_change']), 'short-2') . ' ago', format_unixtime($status['status_last_change'])) . '</td>
$row .= '<td style="white-space: nowrap">' . generate_tooltip_time($status['status_last_change'], 'ago') . '</td>
<td style="text-align: right;"><strong>' . generate_tooltip_link('', $status['status_event'], $status['event_descr'], $status['event_class']) . '</strong></td>';
$table_cols++;
$table_cols++;

49
html/includes/entities/storage.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -30,23 +30,23 @@ function generate_storage_query($vars)
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'storage.storage_id');
$sql .= generate_query_values_and($values, 'storage.storage_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'storage.device_id');
$sql .= generate_query_values_and($values, 'storage.device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'storage.device_id');
$sql .= generate_query_values_and($value, 'storage.device_id');
break;
case "descr":
case "storage_descr";
$sql .= generate_query_values($value, 'storage_descr', '%LIKE%');
$sql .= generate_query_values_and($value, 'storage_descr', '%LIKE%');
break;
case 'ignored':
$sql .= generate_query_values($value, 'storage.storage_ignore');
$sql .= generate_query_values_and($value, 'storage.storage_ignore');
break;
}
}
@ -92,8 +92,7 @@ function generate_storage_query($vars)
}
function print_storage_table($vars)
{
function print_storage_table($vars) {
global $cache, $config;
@ -101,13 +100,16 @@ function print_storage_table($vars)
$sql = generate_storage_query($vars);
$storages = array();
$storages = [];
foreach (dbFetchRows($sql) as $storage)
{
if (isset($cache['devices']['id'][$storage['device_id']]))
{
$storage['hostname'] = $cache['devices']['id'][$storage['device_id']]['hostname'];
$storage['html_row_class'] = $cache['devices']['id'][$storage['device_id']]['html_row_class'];
// FIXME. Should be part of humanize_storage()
$storage['human_type'] = array_preg_replace($config['rewrites']['storage_type_regexp'], $storage['storage_type']);
$storages[] = $storage;
}
}
@ -152,19 +154,19 @@ function print_storage_table_header($vars)
}
echo('<table class="' . $table_class . '">' . PHP_EOL);
$cols = array(
array(NULL, 'class="state-marker"'),
'device' => array('Device', 'style="width: 250px;"'),
'mountpoint' => array('Mountpoint'),
'size' => array('Size', 'style="width: 100px;"'),
'used' => array('Used', 'style="width: 100px;"'),
'free' => array('Free', 'style="width: 100px;"'),
array('', 'style="width: 100px;"'),
'usage' => array('Usage %', 'style="width: 200px;"'),
);
$cols = [
[ NULL, 'class="state-marker"' ],
'device' => [ 'Device', 'style="width: 250px;"' ],
'mountpoint' => [ 'Mountpoint' ],
'fstype' => [ 'FS Type', 'style="width: 90px;"' ],
'size' => [ 'Size', 'style="width: 100px;"' ],
'used' => [ 'Used', 'style="width: 100px;"' ],
'free' => [ 'Free', 'style="width: 100px;"' ],
[ '', 'style="width: 100px;"' ],
'usage' => [ 'Usage %', 'style="width: 200px;"' ],
];
if ($vars['page'] === "device")
{
if ($vars['page'] === "device") {
unset($cols['device']);
}
@ -182,10 +184,10 @@ function generate_storage_row($storage, $vars) {
global $config;
$table_cols = 8;
$table_cols = 9;
if ($vars['page'] !== "device" && $vars['popup'] != TRUE) { $table_cols++; } // Add a column for device.
if(isset($vars['graph_type']) && $vars['graph_type'] == "perc")
if(isset($vars['graph_type']) && $vars['graph_type'] === "perc")
$graph_array = array();
$graph_array['to'] = $config['time']['now'];
@ -225,6 +227,7 @@ function generate_storage_row($storage, $vars) {
if ($vars['page'] !== "device" && $vars['popup'] != TRUE) { $row .= '<td class="entity">' . generate_device_link($storage) . '</td>'; }
$row .= ' <td class="entity">'.generate_entity_link('storage', $storage).'</td>
<td>'.$storage['human_type'].'</td>
<td>'.$total.'</td>
<td>'.$used.'</td>
<td>'.$free.'</td>

17
html/includes/entities/virtualmachine.inc.php
View File

@ -1,5 +1,4 @@
<?php
/**
* Observium
*
@ -7,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2019 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -23,28 +22,28 @@ function generate_vm_query($vars)
case "group":
case "group_id":
$values = get_group_entities($value);
$sql .= generate_query_values($values, 'vm_id');
$sql .= generate_query_values_and($values, 'vm_id');
break;
case 'device_group_id':
case 'device_group':
$values = get_group_entities($value, 'device');
$sql .= generate_query_values($values, 'device_id');
$sql .= generate_query_values_and($values, 'device_id');
break;
case "device":
case "device_id":
$sql .= generate_query_values($value, 'device_id');
$sql .= generate_query_values_and($value, 'device_id');
break;
case "os":
$sql .= generate_query_values($value, 'vm_guestos');
$sql .= generate_query_values_and($value, 'vm_guestos');
break;
case "state":
$sql .= generate_query_values($value, 'vm_state');
$sql .= generate_query_values_and($value, 'vm_state');
break;
case "memory":
$sql .= generate_query_values($value, 'vm_memory');
$sql .= generate_query_values_and($value, 'vm_memory');
break;
case "cpu":
$sql .= generate_query_values($value, 'vm_cpucount');
$sql .= generate_query_values_and($value, 'vm_cpucount');
break;
}
}

285
html/includes/functions.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -162,9 +162,10 @@ function get_vars($vars_order = [], $auth = FALSE) {
// <sCrIpT> < / s c r i p t >
// javascript:alert("Hello world");/
// <svg onload=alert(document.domain)>
// <style/onload=alert(document.domain)>
$prevent_xss = '!(^\s*(J\s*A\s*V\s*A\s*)?S\s*C\s*R\s*I\s*P\s*T\s*:'.
'|<\s*/?\s*S\s*C\s*R\s*I\s*P\s*T\s*>'.
'|(<\s*s\s*v\s*g.*(o\s*n\s*l\s*o\s*a\s*d|s\s*c\s*r\s*i\s*p\s*t))'.
'|(<\s*\w+.*[\s\/&](o\s*n\s*l\s*o\s*a\s*d|s\s*c\s*r\s*i\s*p\s*t))'.
'|<\s*i\s*m\s*g.*o\s*n\s*e\s*r\s*r\s*o\s*r)!i';
// Allow using var_decode(), this prevents to use potentially unsafe serialize functions
@ -216,7 +217,6 @@ function get_vars($vars_order = [], $auth = FALSE) {
//sr($segments);
//r($_SERVER['REQUEST_URI']);
foreach ($segments as $pos => $segment) {
//$segment = urldecode($segment);
if ($pos == "0" && !str_contains_array($segment, '=')) {
@ -236,12 +236,12 @@ function get_vars($vars_order = [], $auth = FALSE) {
if (!isset($value) || $value === '') {
$vars[$name] = 'yes';
} else {
//r($value);
if ($compressed && $value_uncompress = str_decompress($value)) {
$value = $value_uncompress;
unset($value_uncompress);
} else {
$value = str_replace('%7F', '/', urldecode($value)); // %7F (DEL, delete) - not defined in HTML 4 standard
// rawurldecode() instead of urldecode() to translate %n and not mangle +
$value = str_replace('%7F', '/', rawurldecode($value)); // %7F (DEL, delete) - not defined in HTML 4 standard
}
if (preg_match($prevent_xss, $value)) {
// Prevent any <script> html tag inside vars, exclude any possible XSS with scripts
@ -250,6 +250,7 @@ function get_vars($vars_order = [], $auth = FALSE) {
// Better to understand quoted vars
$vars[$name] = get_var_csv($value, $auth);
if (is_string($vars[$name]) && preg_match($prevent_xss, $vars[$name])) {
// Prevent any <script> html tag inside vars, exclude any possible XSS with scripts
unset($vars[$name]);
@ -273,7 +274,8 @@ function get_vars($vars_order = [], $auth = FALSE) {
$value = $value_uncompress;
unset($value_uncompress);
} else {
$value = str_replace('%7F', '/', urldecode($value)); // %7F (DEL, delete) - not defined in HTML 4 standard
// rawurldecode() instead of urldecode() to translate %n and not mangle +
$value = str_replace('%7F', '/', rawurldecode($value)); // %7F (DEL, delete) - not defined in HTML 4 standard
}
if (preg_match($prevent_xss, $value)) {
// Prevent any <script> html tag inside vars, exclude any possible XSS with scripts
@ -310,7 +312,6 @@ function get_vars($vars_order = [], $auth = FALSE) {
}
}
//r($vars);
return($vars);
}
@ -523,12 +524,10 @@ function detect_browser_type()
* screen_size - initial size of browser window (if exist)
*/
// TESTME! needs unit testing
function detect_browser($user_agent = NULL)
{
function detect_browser($user_agent = NULL) {
$ua_custom = !is_null($user_agent); // Used custom user agent?
if (!$ua_custom && isset($GLOBALS['cache']['detect_browser']))
{
if (!$ua_custom && isset($GLOBALS['cache']['detect_browser'])) {
//if (isset($_COOKIE['observium_screen_ratio']) && !isset($GLOBALS['cache']['detect_browser']['screen_resolution']))
//{
// r($_COOKIE);
@ -539,8 +538,7 @@ function detect_browser($user_agent = NULL)
$detect = new Mobile_Detect;
if ($ua_custom)
{
if ($ua_custom) {
// Set custom User-Agent
$detect->setUserAgent($user_agent);
} else {
@ -550,13 +548,11 @@ function detect_browser($user_agent = NULL)
// Default type and icon
$type = 'generic';
$icon = 'icon-laptop';
if ($detect->isMobile())
{
if ($detect->isMobile()) {
// Any phone device (exclude tablets).
$type = 'mobile';
$icon = 'glyphicon glyphicon-phone';
if ($detect->isTablet())
{
if ($detect->isTablet()) {
// Any tablet device.
$type = 'tablet';
$icon = 'icon-tablet';
@ -565,8 +561,7 @@ function detect_browser($user_agent = NULL)
// Detect Browser name, version and platform
$ua_info = [];
if (!empty($user_agent))
{
if (!empty($user_agent)) {
//$ua_info = parse_user_agent($user_agent);
$parser = new \donatj\UserAgent\UserAgentParser();
@ -574,22 +569,23 @@ function detect_browser($user_agent = NULL)
//r($ua);
$ua_info['browser'] = $ua->browser();
$ua_info['version'] = $ua->browserVersion();
$ua_info['platform'] = $ua->platform();
$ua_info['platform'] = str_replace('Macintosh', 'MacOS', $ua->platform());
$ua_info['browser_full'] = $ua_info['browser'] . ' ' . preg_replace('/^([^\.]+(?:\.[^\.]+)?).*$/', '\1', $ua_info['version']);
//r($ua_info);
}
$detect_browser = array('user_agent' => $user_agent,
$detect_browser = [
'user_agent' => $user_agent,
'type' => $type,
'icon' => $icon,
'browser_full' => $ua_info['browser_full'],
'browser' => $ua_info['browser'],
'version' => $ua_info['version'],
'platform' => $ua_info['platform']);
'platform' => $ua_info['platform']
];
// For custom UA, do not cache and return only base User-Agent info
if ($ua_custom)
{
if ($ua_custom) {
return $detect_browser;
}
@ -600,15 +596,12 @@ function detect_browser($user_agent = NULL)
register_html_resource('js', 'observium-screen.js');
// Additional browser info (screen_ratio, screen_size, svg)
if ($ua_info['browser'] === 'Firefox' && version_compare($ua_info['version'], '47.0') < 0)
{
if ($ua_info['browser'] === 'Firefox' && version_compare($ua_info['version'], '47.0') < 0) {
// Do not use srcset in FF, while issue open:
// https://bugzilla.mozilla.org/show_bug.cgi?id=1149357
// Update, seems as in 47.0 partially fixed
$zoom = 1;
}
else if (isset($_COOKIE['observium_screen_ratio']))
{
} elseif (isset($_COOKIE['observium_screen_ratio'])) {
// Note, Opera uses ratio 1.5
$zoom = round($_COOKIE['observium_screen_ratio']); // Use int zoom
} else {
@ -617,8 +610,7 @@ function detect_browser($user_agent = NULL)
}
$detect_browser['screen_ratio'] = $zoom;
//$detect_browser['svg'] = ($ua_info['browser'] == 'Firefox'); // SVG supported or allowed
if (isset($_COOKIE['observium_screen_resolution']))
{
if (isset($_COOKIE['observium_screen_resolution'])) {
$detect_browser['screen_resolution'] = $_COOKIE['observium_screen_resolution'];
//$detect_browser['screen_size'] = $_COOKIE['observium_screen_size'];
}
@ -677,34 +669,29 @@ function generate_link($text, $vars, $new_vars = array(), $escape = TRUE)
// TESTME needs unit testing
// DOCME needs phpdoc block
function pagination(&$vars, $total, $return_vars = FALSE)
{
$pagesizes = array(10,20,50,100,500,1000,10000,50000); // Permitted pagesizes
if (is_numeric($vars['pagesize']))
{
function pagination(&$vars, $total, $options = array()) {
// Compatibility with pre-options
if($options === TRUE) { $options = []; $options['return_vars'] = TRUE; }
$pagesizes = [ 10, 20, 50, 100, 500, 1000, 10000, 50000 ]; // Permitted pagesizes
if (is_numeric($vars['pagesize'])) {
$per_page = (int)$vars['pagesize'];
}
else if (isset($_SESSION['pagesize']))
{
} elseif (isset($_SESSION['pagesize'])) {
$per_page = $_SESSION['pagesize'];
} else {
$per_page = $GLOBALS['config']['web_pagesize'];
}
if (!$vars['short'])
{
if (!$vars['short']) {
// Permit fixed pagesizes only (except $vars['short'] == TRUE)
foreach ($pagesizes as $pagesize)
{
foreach ($pagesizes as $pagesize) {
if ($per_page <= $pagesize) { $per_page = $pagesize; break; }
}
if (isset($vars['pagesize']) && $vars['pagesize'] != $_SESSION['pagesize'])
{
if ($vars['pagesize'] != $GLOBALS['config']['web_pagesize'])
{
if (isset($vars['pagesize']) && $vars['pagesize'] != $_SESSION['pagesize']) {
if ($vars['pagesize'] != $GLOBALS['config']['web_pagesize']) {
session_set_var('pagesize', $per_page); // Store pagesize in session only if changed default
}
else if (isset($_SESSION['pagesize']))
{
} elseif (isset($_SESSION['pagesize'])) {
session_unset_var('pagesize'); // Reset pagesize from session
}
}
@ -713,11 +700,14 @@ function pagination(&$vars, $total, $return_vars = FALSE)
$page = (int)$vars['pageno'];
$lastpage = ceil($total/$per_page);
if ($page < 1) { $page = 1; }
else if (!$return_vars && $lastpage < $page) { $page = (int)$lastpage; }
if ($page < 1) {
$page = 1;
} elseif (!$options['return_vars'] && $lastpage < $page) {
$page = (int)$lastpage;
}
$vars['pageno'] = $page; // Return back current pageno
if ($return_vars) { return ''; } // Silent exit (needed for detect default pagesize/pageno)
if ($options['return_vars'] == TRUE) { return ''; } // Silent exit (needed for detect default pagesize/pageno)
$start = ($page - 1) * $per_page;
$prev = $page - 1;
@ -728,13 +718,14 @@ function pagination(&$vars, $total, $return_vars = FALSE)
$pagination = '';
// Show pagination if total > 99, total > page size, or web_always_paginate is set.
if ($total > 99 || $total > $per_page || ( isset($GLOBALS['config']['web_always_paginate']) && $GLOBALS['config']['web_always_paginate'] === 1))
{
if($total > 9999) { $total_text = format_si($total); } else { $total_text = $total; }
if ($total > 99 || $total > $per_page ||
(isset($GLOBALS['config']['web_always_paginate']) && $GLOBALS['config']['web_always_paginate'] === 1)) {
if ($total > 9999) {
$total_text = format_si($total);
} else {
$total_text = $total;
}
$pagination .= '<div class="row">' . PHP_EOL .
' <div class="col-lg-1 col-md-2 col-sm-2" style="display: inline-block;">' . PHP_EOL .
@ -744,32 +735,23 @@ function pagination(&$vars, $total, $return_vars = FALSE)
' <div class="col-lg-10 col-md-8 col-sm-8">' . PHP_EOL .
' <div class="pagination pagination-centered"><ul>' . PHP_EOL;
if ($prev)
{
if ($prev) {
//$pagination .= ' <li><a href="'.generate_url($vars, array('pageno' => 1)).'">First</a></li>' . PHP_EOL;
$pagination .= ' <li><a href="'.generate_url($vars, array('pageno' => $prev)).'">Prev</a></li>' . PHP_EOL;
}
if ($lastpage < 7 + ($adjacents * 2))
{
for ($counter = 1; $counter <= $lastpage; $counter++)
{
if ($counter == $page)
{
if ($lastpage < 7 + ($adjacents * 2)) {
for ($counter = 1; $counter <= $lastpage; $counter++) {
if ($counter == $page) {
$pagination.= "<li class='active'><a>$counter</a></li>";
} else {
$pagination.= "<li><a href='".generate_url($vars, array('pageno' => $counter))."'>$counter</a></li>";
$pagination.= "<li><a href='".generate_url($vars, [ 'pageno' => $counter ])."'>$counter</a></li>";
}
}
}
elseif ($lastpage > 5 + ($adjacents * 2))
{
if ($page < 1 + ($adjacents * 2))
{
for ($counter = 1; $counter < 4 + ($adjacents * 2); $counter++)
{
if ($counter == $page)
{
} elseif ($lastpage > 5 + ($adjacents * 2)) {
if ($page < 1 + ($adjacents * 2)) {
for ($counter = 1; $counter < 4 + ($adjacents * 2); $counter++) {
if ($counter == $page) {
$pagination .= "<li class='active'><a>$counter</a></li>";
} else {
$class = '';
@ -781,37 +763,31 @@ function pagination(&$vars, $total, $return_vars = FALSE)
//{
// $class = ' class="hidden-sm hidden-xs"';
//}
$pagination .= "<li$class><a href='".generate_url($vars, array('pageno' => $counter))."'>$counter</a></li>";
$pagination .= "<li$class><a href='".generate_url($vars, [ 'pageno' => $counter ])."'>$counter</a></li>";
}
}
$pagination.= "<li><a href='".generate_url($vars, array('pageno' => $lpm1))."'>$lpm1</a></li>";
$pagination.= "<li><a href='".generate_url($vars, array('pageno' => $lastpage))."'>$lastpage</a></li>";
}
elseif ($lastpage - ($adjacents * 2) > $page && $page > ($adjacents * 2))
{
$pagination.= "<li><a href='".generate_url($vars, array('pageno' => '1'))."'>1</a></li>";
$pagination.= "<li><a href='".generate_url($vars, array('pageno' => '2'))."'>2</a></li>";
$pagination.= "<li><a href='".generate_url($vars, [ 'pageno' => $lpm1 ])."'>$lpm1</a></li>";
$pagination.= "<li><a href='".generate_url($vars, [ 'pageno' => $lastpage ])."'>$lastpage</a></li>";
} elseif ($lastpage - ($adjacents * 2) > $page && $page > ($adjacents * 2)) {
$pagination.= "<li><a href='".generate_url($vars, [ 'pageno' => '1' ])."'>1</a></li>";
$pagination.= "<li><a href='".generate_url($vars, [ 'pageno' => '2' ])."'>2</a></li>";
for ($counter = $page - $adjacents; $counter <= $page + $adjacents; $counter++)
{
if ($counter == $page)
{
for ($counter = $page - $adjacents; $counter <= $page + $adjacents; $counter++) {
if ($counter == $page) {
$pagination.= "<li class='active'><a>$counter</a></li>";
} else {
$pagination.= "<li><a href='".generate_url($vars, array('pageno' => $counter))."'>$counter</a></li>";
$pagination.= "<li><a href='".generate_url($vars, [ 'pageno' => $counter ])."'>$counter</a></li>";
}
}
$pagination.= "<li><a href='".generate_url($vars, array('pageno' => $lpm1))."'>$lpm1</a></li>";
$pagination.= "<li><a href='".generate_url($vars, array('pageno' => $lastpage))."'>$lastpage</a></li>";
$pagination.= "<li><a href='".generate_url($vars, [ 'pageno' => $lpm1 ])."'>$lpm1</a></li>";
$pagination.= "<li><a href='".generate_url($vars, [ 'pageno' => $lastpage ])."'>$lastpage</a></li>";
} else {
$pagination.= "<li><a href='".generate_url($vars, array('pageno' => '1'))."'>1</a></li>";
$pagination.= "<li><a href='".generate_url($vars, array('pageno' => '2'))."'>2</a></li>";
for ($counter = $lastpage - (2 + ($adjacents * 2)); $counter <= $lastpage; $counter++)
{
if ($counter == $page)
{
$pagination.= "<li><a href='".generate_url($vars, [ 'pageno' => '1' ])."'>1</a></li>";
$pagination.= "<li><a href='".generate_url($vars, [ 'pageno' => '2' ])."'>2</a></li>";
for ($counter = $lastpage - (2 + ($adjacents * 2)); $counter <= $lastpage; $counter++) {
if ($counter == $page) {
$pagination.= "<li class='active'><a>$counter</a></li>";
} else {
$class = '';
@ -823,20 +799,17 @@ function pagination(&$vars, $total, $return_vars = FALSE)
//{
// $class = ' class="hidden-sm hidden-xs"';
//}
$pagination.= "<li$class><a href='".generate_url($vars, array('pageno' => $counter))."'>$counter</a></li>";
$pagination.= "<li$class><a href='".generate_url($vars, [ 'pageno' => $counter ])."'>$counter</a></li>";
}
}
}
}
if ($page < $counter - 1)
{
$pagination.= "<li><a href='".generate_url($vars, array('pageno' => $next))."'>Next</a></li>";
if ($page < $counter - 1) {
$pagination.= "<li><a href='".generate_url($vars, [ 'pageno' => $next ])."'>Next</a></li>";
# No need for "Last" as we don't have "First", 1, 2 and the 2 last pages are always in the list.
#$pagination.= "<li><a href='".generate_url($vars, array('pageno' => $lastpage))."'>Last</a></li>";
}
else if ($lastpage > 1)
{
} elseif ($lastpage > 1) {
$pagination.= "<li class='active'><a>Next</a></li>";
#$pagination.= "<li class='active'><a>Last</a></li>";
}
@ -844,13 +817,13 @@ function pagination(&$vars, $total, $return_vars = FALSE)
$pagination.= "</ul></div></div>";
//$values = array('' => array('name'))
foreach ($pagesizes as $pagesize)
{
$value = generate_url($vars, array('pagesize' => $pagesize, 'pageno' => floor($start / $pagesize)));
$name = ($pagesize == $GLOBALS['config']['web_pagesize'] ? "[ $pagesize ]" : $pagesize);
$values[$value] = array('name' => $name, 'class' => 'text-center');
foreach ($pagesizes as $pagesize) {
$value = generate_url($vars, [ 'pagesize' => $pagesize, 'pageno' => floor(fdiv($start, $pagesize)) ]);
$name = $pagesize == $GLOBALS['config']['web_pagesize'] ? "[ $pagesize ]" : $pagesize;
$values[$value] = [ 'name' => $name, 'class' => 'text-center' ];
}
$element = array('type' => 'select',
$element = [
'type' => 'select',
'class' => 'pagination',
'id' => 'pagesize',
'name' => '# '.$per_page,
@ -858,7 +831,8 @@ function pagination(&$vars, $total, $return_vars = FALSE)
'onchange' => "window.open(this.options[this.selectedIndex].value,'_top')",
'value' => $per_page,
'data-style' => 'box',
'values' => $values);
'values' => $values
];
$pagination.= '
<div class="col-lg-1 col-md-2 col-sm-2">
@ -1130,6 +1104,28 @@ function generate_popup_link($type, $text = NULL, $vars = array(), $class = NULL
return '<a href="'.$url.'" class="entity-popup'.($class ? " $class" : '').'" data-eid="'.$data.'" data-etype="'.$type.'">'.$text.'</a>';
}
function generate_tooltip_time($timestamp, $text = '') {
if (is_numeric($timestamp) && $timestamp > OBS_MIN_UNIXTIME) {
// Unixtime
$timediff = get_time() - $timestamp;
$timetext = format_uptime($timediff, "short-3");
if (!safe_empty($text)) {
$timetext .= " $text";
}
return generate_tooltip_link('', $timetext, format_unixtime($timestamp), NULL);
}
// Timestamp
$timediff = get_time() - strtotime($timestamp);
$timetext = format_uptime($timediff, "short-3");
if (!safe_empty($text)) {
$timetext .= " $text";
}
return generate_tooltip_link('', $timetext, format_timestamp($timestamp), NULL);
}
/**
* Generate mouseover links with static tooltip from URL, link text, contents and a class.
*
@ -1146,21 +1142,19 @@ function generate_popup_link($type, $text = NULL, $vars = array(), $class = NULL
* @return string
*/
// TESTME needs unit testing
function generate_tooltip_link($url, $text, $contents = '', $class = NULL, $attribs = [], $escape = FALSE)
{
function generate_tooltip_link($url, $text, $contents = '', $class = NULL, $attribs = [], $escape = FALSE) {
global $config, $link_iter;
$link_iter++;
$href = (strlen($url) ? 'href="' . $url . '"' : '');
$href = !safe_empty($url) ? 'href="' . $url . '"' : '';
if ($escape) { $text = escape_html($text); }
$attribs['class'] = array_merge((array)$class, (array)$attribs['class']);
// Allow the Grinch to disable popups and destroy Christmas.
$allow_mobile = (in_array(detect_browser_type(), array('mobile', 'tablet')) ? $config['web_mouseover_mobile'] : TRUE);
if ($config['web_mouseover'] && strlen($contents) && $allow_mobile)
{
$allow_mobile = !in_array(detect_browser_type(), [ 'mobile', 'tablet' ]) || $config['web_mouseover_mobile'];
if ($config['web_mouseover'] && $allow_mobile && !safe_empty($contents)) {
$attribs['style'] = 'cursor: pointer;';
$attribs['data-rel'] = 'tooltip';
$attribs['data-tooltip'] = $contents;
@ -1387,26 +1381,29 @@ function print_graph_popup($graph_array)
// TESTME needs unit testing
// DOCME needs phpdoc block
function permissions_cache($user_id)
{
$permissions = array();
function permissions_cache($user_id) {
$cache_key = 'permissions_'.$GLOBALS['config']['auth_mechanism'].$user_id;
$cache_item = get_cache_item($cache_key);
if (ishit_cache_item($cache_item)) {
return get_cache_data($cache_item);
}
$permissions = [];
// Get permissions from user-specific and role tables.
$permission_where = '`user_id` = ? AND `auth_mechanism` = ?';
$permission_params = [ $user_id, $GLOBALS['config']['auth_mechanism'] ];
$entity_permissions = dbFetchRows("SELECT * FROM `entity_permissions` WHERE " . $permission_where, $permission_params);
$roles_entity_permissions = dbFetchRows("SELECT * FROM `roles_entity_permissions` LEFT JOIN `roles_users` USING (`role_id`) WHERE " . $permission_where, $permission_params);
foreach (array_merge((array)$entity_permissions, (array)$roles_entity_permissions) as $entity)
{
foreach (array_merge((array)$entity_permissions, (array)$roles_entity_permissions) as $entity) {
// Set access to ro if it's not in the defined list.
$access = (in_array($entity['access'], array('ro', 'rw')) ? $entity['access'] : 'ro');
switch ($entity['entity_type'])
{
switch ($entity['entity_type']) {
case "group": // this is a group, so expand its members into an array
$group = get_group_by_id($entity['entity_id']);
foreach (get_group_entities($entity['entity_id']) as $group_entity_id)
{
foreach (get_group_entities($entity['entity_id']) as $group_entity_id) {
$permissions[$group['entity_type']][$group_entity_id] = $access;
}
//break; // And also store self group permission in cache
@ -1425,20 +1422,22 @@ function permissions_cache($user_id)
// Alerts
// FIXME - this seems like it would be slow on very large installs
$alert = array();
foreach (dbFetchRows('SELECT `alert_table_id`, `device_id`, `entity_id`, `entity_type` FROM `alert_table`') as $alert_table_entry)
{
$alert = [];
foreach (dbFetchRows('SELECT `alert_table_id`, `device_id`, `entity_id`, `entity_type` FROM `alert_table`') as $alert_table_entry) {
//r($alert_table_entry);
if (is_entity_permitted($alert_table_entry['entity_id'], $alert_table_entry['entity_type'], $alert_table_entry['device_id'], $permissions))
{
if (is_entity_permitted($alert_table_entry['entity_id'], $alert_table_entry['entity_type'], $alert_table_entry['device_id'], $permissions)) {
$alert[$alert_table_entry['alert_table_id']] = TRUE;
}
}
if (count($alert))
{
if (count($alert)) {
$permissions['alert'] = $alert;
}
set_cache_item($cache_item, $permissions);
// Clear expired cache
del_cache_expired();
return $permissions;
}
@ -1882,11 +1881,11 @@ function get_locations($filter = array()) {
case 'location_city':
// Check geo params only when GEO enabled globally
if ($GLOBALS['config']['geocoding']['enable']) {
$where_array[$var] = generate_query_values($value, $var);
$where_array[$var] = generate_query_values_and($value, $var);
}
break;
case 'location':
$where_array[$var] = generate_query_values($value, $var);
$where_array[$var] = generate_query_values_and($value, $var);
break;
}
}
@ -2209,13 +2208,16 @@ function generate_query_permitted($type_array = [ 'device' ], $options = []) {
if (!isset($options['port_null']) || !$options['port_null']) {
//$query_permitted[] = "($column != '' AND $column IS NOT NULL)";
$query_permitted[] = "$column IS NOT NULL";
} elseif (!$user_limited) {
} elseif (!$user_limited && safe_count($query_permitted)) {
// FIXME. derp code, need rewrite
$query_permitted[] = safe_count($query_permitted) ? "OR $column IS NULL" : "$column IS NULL";
//$query_permitted[] = safe_count($query_permitted) ? "OR $column IS NULL" : "$column IS NULL";
$query_permitted[] = "OR $column IS NULL";
}
$query_permitted = implode(" AND ", (array)$query_permitted);
if (!safe_empty($query_permitted)) {
$query_part[] = str_replace(" AND OR ", ' OR ', $query_permitted);
}
unset($query_permitted);
break;
@ -2384,7 +2386,7 @@ function load_user_config(&$load_config, $user_id) {
if (!isset($config_variable[$item['pref']]['useredit']) ||
!$config_variable[$item['pref']]['useredit']) {
// Load only permitted settings
print_debug("User [$user_id] setting '${item['pref']}' not permitted by definitions.");
print_debug("User [$user_id] setting '{$item['pref']}' not permitted by definitions.");
continue;
}
@ -2628,11 +2630,10 @@ function get_smokeping_files($rdebug = 0)
if ($rdebug) { echo('- Recursing through ' . $config['smokeping']['dir'] . '<br />'); }
if (isset($config['smokeping']['master_hostname']))
{
if (isset($config['smokeping']['master_hostname'])) {
$master_hostname = $config['smokeping']['master_hostname'];
} else {
$master_hostname = $config['own_hostname'];
$master_hostname = $config['own_hostname'] ?: get_localhost();
}
if (is_dir($config['smokeping']['dir']))

14
html/includes/graphs/bgp/auth.inc.php
View File

@ -1,5 +1,4 @@
<?php
/**
* Observium
*
@ -7,21 +6,22 @@
*
* @package observium
* @subpackage graphs
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2019 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
if (is_numeric($vars['id']))
{
if (is_numeric($vars['id'])) {
$data = dbFetchRow("SELECT * FROM `bgpPeers` WHERE `bgpPeer_id` = ?", array($vars['id']));
$data = dbFetchRow("SELECT * FROM `bgpPeers` WHERE `bgpPeer_id` = ?", [ $vars['id'] ]);
if (is_numeric($data['device_id']) && ($auth || device_permitted($data['device_id'])))
{
if (is_numeric($data['device_id']) && ($auth || device_permitted($data['device_id']))) {
$device = device_by_id_cache($data['device_id']);
$graph_title = $device['hostname'];
$graph_title .= " :: AS" . ($config['web_show_bgp_asdot'] ? bgp_asplain_to_asdot($data['bgpPeerRemoteAs']) : $data['bgpPeerRemoteAs']);
if (!safe_empty($data['astext'])) {
$graph_title .= ' (' . truncate($data['astext']) . ')';
}
$auth = TRUE;
}
}

38
html/includes/graphs/common.inc.php
View File

@ -51,18 +51,22 @@ if ($vars['inverse']) {
$inverse = FALSE;
}
if ($vars['legend'] === 'no') {
$rrd_options .= ' -g';
$legend = 'no';
}
if (get_var_true($vars['title']) && !safe_empty($graph_title)) {
$rrd_options .= " --title='" . rrdtool_escape($graph_title) . "' ";
// Note, do not escape title by rrdtool escape
//$rrd_options .= " --title='" . rrdtool_escape($graph_title) . "' ";
$rrd_options .= " --title=" . escapeshellarg($graph_title) . " ";
}
if (isset($vars['graph_title'])) {
$rrd_options .= " --title='" . rrdtool_escape($vars['graph_title']) . "' ";
// Note, do not escape title by rrdtool escape
//$rrd_options .= " --title='" . rrdtool_escape($vars['graph_title']) . "' ";
$rrd_options .= " --title=" . escapeshellarg($vars['graph_title']) . " ";
}
// Vertical label
if (!safe_empty($graph_label)) {
// Note, do not escape title by rrdtool escape
$rrd_options .= " --vertical-label=" . escapeshellarg($graph_label) . " ";
}
if (isset($log_y)) {
@ -90,7 +94,9 @@ if (isset($vars['style']) && $vars['style']) {
}
// Autoscale
if (!isset($scale_min) && !isset($scale_max)) {
if(isset($vars['force_autoscale']) && in_array($vars['force_autoscale'], ['yes', 'true', 1])) {
$rrd_options .= ' -A';
} elseif (!isset($scale_min) && !isset($scale_max)) {
if ($graph_style === 'mrtg' && !isset($log_y)) { // Don't use this if we're doing logarithmic scale, else it breaks.
$rrd_options .= ' --alt-autoscale-max';
} else {
@ -137,19 +143,14 @@ if (!$config['graphs']['always_draw_max']) {
}
}
$rrd_options .= ' --start ' . rrdtool_escape($from) .
' --end ' . rrdtool_escape($to) .
' --width ' . rrdtool_escape($width) .
' --height ' . rrdtool_escape($height) . ' ';
// Parse pango markup. Breaks chevrons and other stuff.
//$rrd_options .= ' -P ';
if ($config['themes'][$_SESSION['theme']]['type'] === 'dark') {
$rrd_options .= str_replace(" ", " ", $config['rrdgraph']['dark']);
$rrd_options .= ' ' .str_replace(" ", " ", $config['rrdgraph']['dark']);
$nan_colour = "#FF000020";
} else {
$rrd_options .= str_replace(" ", " ", $config['rrdgraph']['light']);
$rrd_options .= ' '. str_replace(" ", " ", $config['rrdgraph']['light']);
$nan_colour = "#FFAAAA20";
}
@ -169,8 +170,11 @@ if ($width <= '350') {
$rrd_options .= " --font LEGEND:8:'" . $config['mono_font'] . "' --font AXIS:7:'" . $config['mono_font'] . "'";
}
//$rrd_options .= ' --font-render-mode normal --dynamic-labels'; // dynamic-labels not supported in rrdtool < 1.4
$rrd_options .= ' --font-render-mode normal';
if ($config['graphs']['dynamic_labels']) {
// dynamic-labels not supported in rrdtool < 1.4
$rrd_options .= ' --dynamic-labels';
}
if ($step != TRUE) {
$rrd_options .= ' -E';

Some files were not shown because too many files have changed in this diff Show More