diff options
| author | artem <artem@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2008-04-02 11:44:34 +0000 |
|---|---|---|
| committer | artem <artem@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2008-04-02 11:44:34 +0000 |
| commit | 908fda905acd739d8d2376ffb33f7e5a63faf26c (patch) | |
| tree | 55f16bf5ae2a95e9dbbf6266f17be864f2d2db32 /frontends/php/chart2.php | |
| parent | 82e68eabae069748d6691cab742f5fde436a56cb (diff) | |
| download | zabbix-908fda905acd739d8d2376ffb33f7e5a63faf26c.tar.gz zabbix-908fda905acd739d8d2376ffb33f7e5a63faf26c.tar.xz zabbix-908fda905acd739d8d2376ffb33f7e5a63faf26c.zip | |
- improvements in permissions (Artem)
git-svn-id: svn://svn.zabbix.com/trunk@5577 97f52cf1-0a1b-0410-bd0e-c28be96e8082
Diffstat (limited to 'frontends/php/chart2.php')
| -rw-r--r-- | frontends/php/chart2.php | 31 |
1 files changed, 16 insertions, 15 deletions
diff --git a/frontends/php/chart2.php b/frontends/php/chart2.php index 048e6c55..d1613ca3 100644 --- a/frontends/php/chart2.php +++ b/frontends/php/chart2.php @@ -45,25 +45,25 @@ include_once 'include/page_header.php'; check_fields($fields); ?> <?php - if(! (DBfetch(DBselect('select graphid from graphs where graphid='.$_REQUEST['graphid']))) ) - { + if(!DBfetch(DBselect('SELECT graphid FROM graphs WHERE graphid='.$_REQUEST['graphid']))){ show_error_message(S_NO_GRAPH_DEFINED); - } - $denyed_hosts = get_accessible_hosts_by_user($USER_DETAILS, PERM_READ_ONLY, PERM_MODE_LT); + $available_hosts = get_accessible_hosts_by_user($USER_DETAILS, PERM_READ_ONLY); - if( !($db_data = DBfetch(DBselect('SELECT g.*,h.host,h.hostid '. - ' FROM graphs as g '. - ' LEFT JOIN graphs_items as gi ON g.graphid=gi.graphid '. - ' LEFT JOIN items as i ON gi.itemid=i.itemid '. - ' LEFT JOIN hosts as h ON i.hostid=h.hostid '. - ' WHERE g.graphid='.$_REQUEST['graphid']. - ' AND ( h.hostid not in ('.$denyed_hosts.') '. - ' OR h.hostid is NULL) ')))) - { + if(!graph_accessible($_REQUEST['graphid'])){ access_deny(); } + + $sql = 'SELECT g.*,h.host,h.hostid '. + ' FROM graphs as g '. + ' LEFT JOIN graphs_items as gi ON g.graphid=gi.graphid '. + ' LEFT JOIN items as i ON gi.itemid=i.itemid '. + ' LEFT JOIN hosts as h ON i.hostid=h.hostid '. + ' WHERE g.graphid='.$_REQUEST['graphid']. + ' AND h.hostid IN ('.$available_hosts.') '; + + $db_data = DBfetch(DBselect($sql)); $graph = new Chart($db_data['graphtype']); @@ -89,9 +89,10 @@ include_once 'include/page_header.php'; $graph->SetYAxisMin($db_data['yaxismin']); $graph->SetYAxisMax($db_data['yaxismax']); - $result = DBselect('SELECT gi.* FROM graphs_items gi '. + $result = DBselect('SELECT gi.* '. + ' FROM graphs_items gi '. ' WHERE gi.graphid='.$db_data['graphid']. - ' order by gi.sortorder, gi.itemid desc'); + ' ORDER BY gi.sortorder, gi.itemid DESC'); while($db_data=DBfetch($result)) { |