WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity

commit version 22.12.12447

Browse Source
This commit is contained in:
Chris Hammer
2023-01-01 22:36:12 -05:00
parent af1b03d79f
commit b948283a96
744 changed files with 620715 additions and 27381 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
html/ajax/actions.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage ajax
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -235,13 +235,18 @@ switch ($vars['action']) {
exit();
}
$widget = dbFetchRow("SELECT * FROM `dash_widgets` WHERE widget_id = ?", array($vars['widget_id']));
$widget = dbFetchRow("SELECT * FROM `dash_widgets` WHERE `widget_id` = ?", array($vars['widget_id']));
$widget['widget_config'] = safe_json_decode($widget['widget_config']);
// Verify config value applies to this widget here
$default_on = [ 'legend' ];
if (isset($vars['config_field']) && isset($vars['config_value'])) {
if (empty($vars['config_value'])) {
if ( empty($vars['config_value']) ||
(in_array($vars['config_field'], $default_on) && get_var_true($vars['config_value'])) ||
(!in_array($vars['config_field'], $default_on) && get_var_false($vars['config_value'])) ) {
// Just unset the value if it's empty or it's a default value.
unset($widget['widget_config'][$vars['config_field']]);
} else {
$widget['widget_config'][$vars['config_field']] = $vars['config_value'];
@ -265,7 +270,7 @@ switch ($vars['action']) {
// Validate CSRF Token
//r($vars);
$json = '';
if (!str_contains_array($vars['action'], [ 'widget', 'dash' ]) && // widget & dashboard currently not send request token
if (!str_contains_array($vars['action'], [ 'widget', 'dash', 'settings_user' ]) && // widget & dashboard currently not send request token
!request_token_valid($vars, $json)) {
$json = safe_json_decode($json);
$json['reload'] = TRUE;

112
html/ajax/actions/edit_widget.inc.php
View File

@ -6,13 +6,13 @@
*
* @package observium
* @subpackage ajax
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
if ($readonly) { return; } // Currently edit allowed only for 7+
$widget = dbFetchRow("SELECT * FROM `dash_widgets` WHERE widget_id = ?", array($vars['widget_id']));
$widget = dbFetchRow("SELECT * FROM `dash_widgets` WHERE `widget_id` = ?", [ $vars['widget_id'] ]);
$widget['widget_config'] = safe_json_decode($widget['widget_config']);
@ -22,11 +22,111 @@ switch ($widget['widget_type']) {
if (safe_count($widget['widget_config'])) {
// echo '
// <form onsubmit="return false">
// Title <input name="widget-config-input" data-field="title" value="'.$widget['widget_config']['title'].'" data-id="'.$widget['widget_id'].'"></input>
// </form>
// ';
//r($widget['widget_config']);
//r(isset($widget['widget_config']['legend']) && $widget['widget_config']['legend'] === 'no');
$modal_args = [
'id' => 'modal-edit_widget_' . $widget['widget_id'],
'title' => 'Configure Widget',
//'hide' => TRUE,
//'fade' => TRUE,
//'role' => 'dialog',
//'class' => 'modal-md',
];
$form = [
'form_only' => TRUE, // Do not add modal open/close divs (it's generated outside)
'type' => 'horizontal',
'id' => 'edit_widget_' . $widget['widget_id'],
'userlevel' => 7, // Minimum user level for display form
'modal_args' => $modal_args, // !!! This generate modal specific form
//'help' => 'This will completely delete the rule and all associations and history.',
'class' => '', // Clean default box class!
//'url' => generate_url([ 'page' => 'syslog_rules' ]),
'onsubmit' => "return false",
];
$form['fieldset']['body'] = [ 'class' => 'modal-body' ]; // Required this class for modal body!
$form['fieldset']['footer'] = [ 'class' => 'modal-footer' ]; // Required this class for modal footer!
$form['row'][1]['widget-config-title'] = [
'type' => 'text',
'fieldset' => 'body',
'name' => 'Title',
'placeholder' => 'Graph Title',
'class' => 'input-xlarge',
'attribs' => [
'data-id' => $widget['widget_id'],
'data-field' => 'title',
'data-type' => 'text'
],
'value' => $widget['widget_config']['title']
];
$form['row'][2]['widget-config-legend'] = [
'type' => 'checkbox',
'fieldset' => 'body',
'name' => 'Show Legend',
//'placeholder' => 'Yes, please delete this rule.',
//'onchange' => "javascript: toggleAttrib('disabled', 'delete_button_".$la['la_id']."'); showDiv(!this.checked, 'warning_".$la['la_id']."_div');",
'attribs' => [
'data-id' => $widget['widget_id'],
'data-field' => 'legend',
'data-type' => 'checkbox'
],
'value' => safe_empty($widget['widget_config']['legend']) ? 'yes' : $widget['widget_config']['legend'] //'legend'
];
$form['row'][8]['close'] = [
'type' => 'submit',
'fieldset' => 'footer',
'div_class' => '', // Clean default form-action class!
'name' => 'Close',
'icon' => '',
'attribs' => [
'data-dismiss' => 'modal',
'aria-hidden' => 'true'
]
];
echo generate_form_modal($form);
unset($form);
/*
echo '
<form onsubmit="return false">
Title <input name="widget-config-input" data-field="title" value="'.$widget['widget_config']['title'].'" data-id="'.$widget['widget_id'].'"></input>
</form>
';
<form onsubmit="return false" class="form form-horizontal" style="margin-bottom: 0px;">
<fieldset>
<div id="purpose_div" class="control-group" style="margin-bottom: 10px;"> <!-- START row-1 -->
<label class="control-label" for="purpose">Title</label>
<div id="purpose_div" class="controls">
<input type="text" placeholder="Graph Title" name="widget-config-title" class="input" data-field="title" style="width: 100%;" value="'.$widget['widget_config']['title'].'" data-id="'.$widget['widget_id'].'">
</div>
</div>
<div id="ignore_div" class="control-group" style="margin-bottom: 10px;"> <!-- START row-6 -->
<label class="control-label" for="ignore">Show Legend</label>
<div id="ignore_div" class="controls">
<input type="checkbox" name="widget-config-legend" data-field="legend" data-type="checkbox" value="legend" '.(isset($widget['widget_config']['legend']) && $widget['widget_config']['legend'] === 'no' ? '' : 'checked').' data-id="'.$widget['widget_id'].'">
</div>
</div>
</fieldset> <!-- END fieldset-body -->
<div class="modal-footer">
<fieldset>
<button id="close" name="close" type="submit" class="btn btn-default text-nowrap" value="" data-dismiss="modal" aria-hidden="true">Close</button>
<!-- <button id="action" name="action" type="submit" class="btn btn-primary text-nowrap" value="add_contact"><i style="margin-right: 0px;" class="icon-ok icon-white"></i>&nbsp;&nbsp;Add Contact</button> -->
</fieldset>
</div>
</form>';
*/
} else {

6
html/ajax/actions/settings_edit.inc.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -34,7 +34,7 @@ $updates = 0;
// Set fields that were submitted with custom value
if (safe_count($sets)) {
$query = 'SELECT * FROM `users_prefs` WHERE `user_id` = ?' . generate_query_values(array_keys($sets), 'pref');
$query = 'SELECT * FROM `users_prefs` WHERE `user_id` = ?' . generate_query_values_and(array_keys($sets), 'pref');
// Fetch current rows in config file so we know which one to UPDATE and which one to INSERT
$in_db = [];
foreach (dbFetchRows($query, [ $user_id ]) as $row) {
@ -52,7 +52,7 @@ if (safe_count($sets)) {
// Delete fields that were reset to default
if (safe_count($deletes)) {
dbDelete('users_prefs', '`user_id` = ? ' . generate_query_values($deletes, 'pref'), [ $user_id ]);
dbDelete('users_prefs', '`user_id` = ? ' . generate_query_values_and($deletes, 'pref'), [ $user_id ]);
$updates++;
}

66
html/ajax/actions/settings_user.inc.php Normal file
View File

@ -0,0 +1,66 @@
<?php
/**
* Observium
*
* This file is part of Observium.
*
* @package observium
* @subpackage web
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
switch (str_replace('->', '|', $vars['setting'])) {
case "theme":
case "web_theme_default":
$pref = 'web_theme_default';
if ($vars['value'] === 'reset') {
session_unset_var("theme");
if ($config['web_theme_default'] === 'system') {
// Override default
session_unset_var("theme_default");
}
if (del_user_pref($_SESSION['user_id'], $pref)) {
print_json_status('ok', 'Theme reset.');
}
} elseif (isset($config['themes'][$vars['value']]) || $vars['value'] === 'system') {
if (set_user_pref($_SESSION['user_id'], $pref, serialize($vars['value']))) {
print_json_status('ok', 'Theme set.');
}
} else {
print_json_status('failed', 'Invalid theme.');
}
break;
case "big_graphs":
$pref = 'graphs|size';
if (set_user_pref($_SESSION['user_id'], $pref, serialize('big'))) {
print_json_status('ok', 'Big graphs set.');
session_unset_var("big_graphs"); // clear old
}
//session_set_var("big_graphs", TRUE);
//print_json_status('ok', 'Big graphs set.');
break;
case "normal_graphs":
$pref = 'graphs|size';
if (set_user_pref($_SESSION['user_id'], $pref, serialize('normal'))) {
print_json_status('ok', 'Normal graphs set.');
session_unset_var("big_graphs"); // clear old
}
//session_unset_var("big_graphs");
//print_json_status('ok', 'Small graphs set.');
break;
case "sensors|web_measured_compact":
// BOOL values
$pref = $vars['setting'];
if (set_user_pref($_SESSION['user_id'], $pref, serialize(get_var_true($vars['value'])))) {
print_json_status('ok', 'Setting was set.', [ 'reload' => TRUE ]);
}
break;
}
// EOF

22
html/ajax/entity_popup.php
View File

@ -21,10 +21,12 @@ if (!$_SESSION['authenticated']) { print_error('Session expired, please log in a
ob_start();
$vars = get_vars();
$vars = get_vars([ 'JSON', 'POST', 'GET' ]);
$vars['page'] = "popup";
if(isset($vars['debug'])) { r($vars); }
switch ($vars['entity_type']) {
case "port":
if (is_numeric($vars['entity_id']) && (port_permitted($vars['entity_id']))) {
@ -35,6 +37,23 @@ switch ($vars['entity_type']) {
}
break;
case "link":
if (is_numeric($vars['entity_id_a']) && (port_permitted($vars['entity_id_a']))) {
$port = get_port_by_id($vars['entity_id_a']);
echo generate_port_popup($port);
} else {
print_warning("You are not permitted to view this port.");
}
if (is_numeric($vars['entity_id_b']) && (port_permitted($vars['entity_id_b']))) {
$port = get_port_by_id($vars['entity_id_b']);
echo generate_port_popup($port, '','none'); // suppress graph for b side of link
} else {
print_warning("You are not permitted to view this port.");
}
break;
case "device":
if (is_numeric($vars['entity_id']) && device_permitted($vars['entity_id'])) {
$device = device_by_id_cache($vars['entity_id']);
@ -53,7 +72,6 @@ switch ($vars['entity_type']) {
}
break;
// FIXME : mac is not an observium entity. This should go elsewhere!
case "mac":
if (preg_match('/^' . OBS_PATTERN_MAC . '$/i', $vars['entity_id'])) {
$mac = format_mac($vars['entity_id']);

12
html/ajax/input.php
View File

@ -6,7 +6,7 @@
*
* @package observium
* @subpackage ajax
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2021 Observium Limited
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2022 Observium Limited
*
*/
@ -48,11 +48,11 @@ if ($cache_key && $options = get_cache_session($cache_key)) {
list($ip_version) = explode('_', $vars['field']);
$query_permitted = generate_query_permitted('ports');
$network_permitted = dbFetchColumn('SELECT DISTINCT(`' . $ip_version . '_network_id`) FROM `' . $ip_version . '_addresses` WHERE 1' . $query_permitted);
$query = 'SELECT `' . $ip_version . '_network` FROM `' . $ip_version . '_networks` WHERE 1 ' . generate_query_values($network_permitted, $ip_version . '_network_id');
$query = 'SELECT `' . $ip_version . '_network` FROM `' . $ip_version . '_networks` WHERE 1 ' . generate_query_values_and($network_permitted, $ip_version . '_network_id');
if (!safe_empty($vars['query'])) {
//$query .= ' AND `' . $ip_version . '_network` LIKE ?';
//$params[] = '%' . $vars['query'] . '%';
$query .= generate_query_values($vars['query'], $vars['field'], '%LIKE%');
$query .= generate_query_values_and($vars['query'], $vars['field'], '%LIKE%');
}
$query .= ' ORDER BY `' . $ip_version . '_network`;';
//print_vars($query);
@ -69,7 +69,7 @@ if ($cache_key && $options = get_cache_session($cache_key)) {
//$query_permitted = generate_query_permitted();
$query = 'SELECT DISTINCT `program` FROM `syslog`';
if (is_intnum($vars['device_id'])) {
$query .= ' WHERE ' . generate_query_values($vars['device_id'], 'device_id', NULL, FALSE);
$query .= ' WHERE ' . generate_query_values_ng($vars['device_id'], 'device_id');
}
$array_filter = TRUE; // Search query string in array instead sql query (when this faster)
break;
@ -86,7 +86,7 @@ if ($cache_key && $options = get_cache_session($cache_key)) {
$query .= ' AND (`' . $column . '` LIKE ? OR `astext` LIKE ?)';
$params[] = '%' . $vars['query'] . '%';
$params[] = '%' . $vars['query'] . '%';
//$query .= generate_query_values($vars['query'], $vars['field'], '%LIKE%');
//$query .= generate_query_values_and($vars['query'], $vars['field'], '%LIKE%');
}
break;
@ -100,7 +100,7 @@ if ($cache_key && $options = get_cache_session($cache_key)) {
$query_permitted = generate_query_permitted('devices');
$query = 'SELECT DISTINCT `' . $column . '` FROM `bgpPeers` WHERE 1 ' . $query_permitted;
if (!safe_empty($vars['query'])) {
$query .= generate_query_values($vars['query'], $column, '%LIKE%');
$query .= generate_query_values_and($vars['query'], $column, '%LIKE%');
}
break;

3
html/ajax/search.php
View File

@ -26,8 +26,7 @@ $query_limit = 8; // Limit per query
$vars = get_vars([ 'POST', 'GET' ]);
// Is there a POST/GET query string?
if (isset($vars['queryString']))
{
if (isset($vars['queryString'])) {
$queryString = trim($vars['queryString']);
// Is the string length greater than 0?

18
html/ajax/widget.php
View File

@ -169,8 +169,14 @@ function print_dash_mod ($mod)
echo ' <div class="box box-solid" style="overflow: hidden; height: auto; max-height: 100%">';
echo ' <div class="box-header" style="cursor: hand;"><h3 class="box-title"><a href="/syslog/">Syslog</a></h3></div>';
echo ' <div class="box-content" style="overflow: hidden; overflow-x:scroll;">';
print_syslogs(array('short' => TRUE, 'pagesize' => ($height - 36) / 26,
'priority' => $config['frontpage']['syslog']['priority']));
$syslog_vars = $mod['vars'];
$syslog_vars = array_merge($syslog_vars, ['short' => TRUE, 'pagesize' => ($height - 36) / 26,
'priority' => $config['frontpage']['syslog']['priority']]);
print_syslogs($syslog_vars);
echo ' </div>';
echo '</div>';
break;
@ -372,7 +378,7 @@ function print_dash_graph($mod, $width, $height) {
if ($graph_array['width'] > 350)
{
$graph_array['height'] -= 6;
} // RRD graphs > 350px are 6 px wider because of larger legend font
} // RRD graphs > 350px are 6 px taller because of larger legend font
$title_div = 'top:0px; left: 0px; padding: 4px; border-top-left-radius: 4px; border: 1px solid #e5e5e5; border-left: none; border-top: none; background-color: rgba(255, 255,255, 0.75); ';
$title_div = 'widget-title';
@ -411,7 +417,10 @@ function print_dash_graph($mod, $width, $height) {
//$graph_array['format'] = 'png';
//$graph_array['img_id'] = generate_random_string(5);
$graph_array['legend'] = 'no';
//$graph_array['legend'] = 'no';
$graph_array['rigid_height'] = 'yes'; // Force height of graph to be same as height of graph_type.
$graph_array['class'] = 'image-refresh';
$graph = generate_graph_tag($graph_array, TRUE);
@ -419,6 +428,7 @@ function print_dash_graph($mod, $width, $height) {
$link_array = $graph_array;
$link_array['page'] = "graphs";
unset($link_array['graph_only']);
unset($link_array['rigid_height']);
unset($link_array['height'], $link_array['width']);
$link = generate_url($link_array);