diff options
-rw-r--r-- | create/data/data.sql | 2 | ||||
-rw-r--r-- | frontends/php/hosts.php | 2 | ||||
-rw-r--r-- | frontends/php/httpdetails.php | 54 | ||||
-rw-r--r-- | frontends/php/include/config.inc.php | 44 | ||||
-rw-r--r-- | frontends/php/include/func.inc.php | 52 | ||||
-rw-r--r-- | frontends/php/include/graphs.inc.php | 18 | ||||
-rw-r--r-- | frontends/php/include/hosts.inc.php | 1 | ||||
-rw-r--r-- | frontends/php/include/items.inc.php | 2 | ||||
-rw-r--r-- | frontends/php/include/maps.inc.php | 11 | ||||
-rw-r--r-- | frontends/php/include/media.inc.php | 3 | ||||
-rw-r--r-- | frontends/php/include/perm.inc.php | 6 | ||||
-rw-r--r-- | frontends/php/include/scripts.inc.php | 34 | ||||
-rw-r--r-- | frontends/php/include/users.inc.php | 210 | ||||
-rw-r--r-- | frontends/php/index.php | 6 | ||||
-rw-r--r-- | frontends/php/js/calendar.js | 4 | ||||
-rw-r--r-- | frontends/php/triggers.php | 6 | ||||
-rw-r--r-- | frontends/php/users.php | 2 |
17 files changed, 127 insertions, 330 deletions
diff --git a/create/data/data.sql b/create/data/data.sql index ce5dfcd7..3bd3246f 100644 --- a/create/data/data.sql +++ b/create/data/data.sql @@ -34,7 +34,7 @@ INSERT INTO scripts VALUES (2,'Traceroute','/usr/bin/traceroute {HOST.CONN}',0,0 -- Dumping data for table `users` -- -INSERT INTO users VALUES (1,'Admin','Zabbix','Administrator','5fce1b3e34b520afeffb37ce08c7cd66','',0, 900,'en_gb',30,3,'deafault.css',0,'',0); +INSERT INTO users VALUES (1,'Admin','Zabbix','Administrator','5fce1b3e34b520afeffb37ce08c7cd66','',0, 900,'en_gb',30,3,'default.css',0,'',0); INSERT INTO users VALUES (2,'guest','Default','User','d41d8cd98f00b204e9800998ecf8427e','',0,900,'en_gb',30,1,'default.css',0,'',0); -- diff --git a/frontends/php/hosts.php b/frontends/php/hosts.php index 02528da4..73c429a9 100644 --- a/frontends/php/hosts.php +++ b/frontends/php/hosts.php @@ -1452,4 +1452,4 @@ include_once 'include/page_header.php'; include_once "include/page_footer.php"; -?> +?>
\ No newline at end of file diff --git a/frontends/php/httpdetails.php b/frontends/php/httpdetails.php index 70d48b42..f62be043 100644 --- a/frontends/php/httpdetails.php +++ b/frontends/php/httpdetails.php @@ -116,38 +116,30 @@ include_once "include/page_header.php"; ); $db_httpsteps = DBselect('select * from httpstep where httptestid='.$httptest_data['httptestid'].' order by no'); - while($httpstep_data = DBfetch($db_httpsteps)) - { + while($httpstep_data = DBfetch($db_httpsteps)){ $status['msg'] = S_OK_BIG; $status['style'] = 'enabled'; - if( HTTPTEST_STATE_BUSY == $httptest_data['curstate'] ) - { - if($httptest_data['curstep'] == ($httpstep_data['no'])) - { + if( HTTPTEST_STATE_BUSY == $httptest_data['curstate'] ){ + if($httptest_data['curstep'] == ($httpstep_data['no'])){ $status['msg'] = S_IN_PROGRESS; $status['style'] = 'unknown'; $status['skip'] = true; } - elseif($httptest_data['curstep'] < ($httpstep_data['no'])) - { + else if($httptest_data['curstep'] < ($httpstep_data['no'])){ $status['msg'] = S_UNKNOWN; $status['style'] = 'unknown'; $status['skip'] = true; } } - else if( HTTPTEST_STATE_IDLE == $httptest_data['curstate'] ) - { - if($httptest_data['lastfailedstep'] != 0) - { - if($httptest_data['lastfailedstep'] == ($httpstep_data['no'])) - { + else if( HTTPTEST_STATE_IDLE == $httptest_data['curstate'] ){ + if($httptest_data['lastfailedstep'] != 0){ + if($httptest_data['lastfailedstep'] == ($httpstep_data['no'])){ $status['msg'] = S_FAIL.' - '.S_ERROR.': '.$httptest_data['error']; $status['style'] = 'disabled'; //$status['skip'] = true; } - else if($httptest_data['lastfailedstep'] < ($httpstep_data['no'])) - { + else if($httptest_data['lastfailedstep'] < ($httpstep_data['no'])){ $status['msg'] = S_UNKNOWN; $status['style'] = 'unknown'; $status['skip'] = true; @@ -155,8 +147,7 @@ include_once "include/page_header.php"; } } - else - { + else{ $status['msg'] = S_UNKNOWN; $status['style'] = 'unknown'; $status['skip'] = true; @@ -164,22 +155,22 @@ include_once "include/page_header.php"; $item_color = $color[$color['current'] = $color[$color['current']]['next']]['color']; - $db_items = DBselect('select i.*, hi.type as httpitem_type from items i, httpstepitem hi '. - ' where hi.itemid=i.itemid and hi.httpstepid='.$httpstep_data['httpstepid']); - while($item_data = DBfetch($db_items)) - { + $sql = 'SELECT i.*, hi.type as httpitem_type '. + ' FROM items i, httpstepitem hi '. + ' WHERE hi.itemid=i.itemid '. + ' AND hi.httpstepid='.$httpstep_data['httpstepid']; + $db_items = DBselect($sql); + while($item_data = DBfetch($db_items)){ if(isset($status['skip'])) $item_data['lastvalue'] = null; $httpstep_data['item_data'][$item_data['httpitem_type']] = $item_data; if (!str_in_array($item_data['httpitem_type'], array(HTTPSTEP_ITEM_TYPE_IN, HTTPSTEP_ITEM_TYPE_TIME))) continue; - if(isset($total_data[$item_data['httpitem_type']])) - { + if(isset($total_data[$item_data['httpitem_type']])){ $total_data[$item_data['httpitem_type']]['lastvalue'] += $item_data['lastvalue']; } - else - { + else{ $total_data[$item_data['httpitem_type']] = $item_data; } $items[$item_data['httpitem_type']][] = array( @@ -200,22 +191,19 @@ include_once "include/page_header.php"; $status['msg'] = S_OK_BIG; $status['style'] = 'enabled'; - if( HTTPTEST_STATE_BUSY == $httptest_data['curstate'] ) - { + if( HTTPTEST_STATE_BUSY == $httptest_data['curstate'] ){ $status['msg'] = S_IN_PROGRESS; $status['style'] = 'unknown'; } - else if ( HTTPTEST_STATE_UNKNOWN == $httptest_data['curstate'] ) - { + else if ( HTTPTEST_STATE_UNKNOWN == $httptest_data['curstate'] ){ $status['msg'] = S_UNKNOWN; $status['style'] = 'unknown'; } - else if($httptest_data['lastfailedstep'] > 0) - { + else if($httptest_data['lastfailedstep'] > 0){ $status['msg'] = S_FAIL.' - '.S_ERROR.': '.$httptest_data['error']; $status['style'] = 'disabled'; } - + $table->AddRow(array( new CCol(S_TOTAL_BIG, 'bold'), new CCol(SPACE, 'bold'), diff --git a/frontends/php/include/config.inc.php b/frontends/php/include/config.inc.php index f1c582c8..d9c8053f 100644 --- a/frontends/php/include/config.inc.php +++ b/frontends/php/include/config.inc.php @@ -1049,8 +1049,8 @@ function TODO($msg) { echo "TODO: ".$msg.SBR; } // DEBUG INFO!!! function update_valuemap($valuemapid, $name, $mappings){ if(!is_array($mappings)) return FALSE; - $result = DBexecute("update valuemaps set name=".zbx_dbstr($name). - " WHERE valuemapid=$valuemapid"); + $result = DBexecute('UPDATE valuemaps SET name='.zbx_dbstr($name). + ' WHERE valuemapid='.$valuemapid); if(!$result) return $result; @@ -1063,16 +1063,17 @@ function TODO($msg) { echo "TODO: ".$msg.SBR; } // DEBUG INFO!!! } function delete_valuemap($valuemapid){ - DBexecute("delete FROM mappings WHERE valuemapid=$valuemapid"); - DBexecute("delete FROM valuemaps WHERE valuemapid=$valuemapid"); + DBexecute('DELETE FROM mappings WHERE valuemapid='.$valuemapid); + DBexecute('DELETE FROM valuemaps WHERE valuemapid='.$valuemapid); return TRUE; } function replace_value_by_map($value, $valuemapid){ if($valuemapid < 1) return $value; - $result = DBselect("SELECT newvalue FROM mappings". - " WHERE valuemapid=".zbx_dbstr($valuemapid)." and value=".zbx_dbstr($value)); + $result = DBselect('SELECT newvalue FROM mappings '. + ' WHERE valuemapid='.$valuemapid. + ' AND value='.zbx_dbstr($value)); $row = DBfetch($result); if($row){ return $row["newvalue"]." "."($value)"; @@ -1152,36 +1153,7 @@ function TODO($msg) { echo "TODO: ".$msg.SBR; } // DEBUG INFO!!! } // Special processing for seconds if($units=="s"){ - $ret=""; - - $t=floor($value/(365*24*3600)); - if($t>0){ - $ret=$t."y"; - $value=$value-$t*(365*24*3600); - } - $t=floor($value/(30*24*3600)); - if($t>0){ - $ret=$ret.$t."m"; - $value=$value-$t*(30*24*3600); - } - $t=floor($value/(24*3600)); - if($t>0){ - $ret=$ret.$t."d"; - $value=$value-$t*(24*3600); - } - $t=floor($value/(3600)); - if($t>0){ - $ret=$ret.$t."h"; - $value=$value-$t*(3600); - } - $t=floor($value/(60)); - if($t>0){ - $ret=$ret.$t."m"; - $value=$value-$t*(60); - } - $ret=$ret.round($value, 2)."s"; - - return $ret; + return zbx_date2age(0,$value,true); } $u=""; diff --git a/frontends/php/include/func.inc.php b/frontends/php/include/func.inc.php index 253b731e..f01797be 100644 --- a/frontends/php/include/func.inc.php +++ b/frontends/php/include/func.inc.php @@ -187,22 +187,50 @@ function zbx_date2str($format, $timestamp){ * * author: Aly */ -function zbx_date2age($start_date,$end_date=0){ - - $start_date=date('U',$start_date); - if($end_date) - $end_date=date('U',$end_date); - else - $end_date = time(); +function zbx_date2age($start_date,$end_date=0,$utime = false){ + + if(!$utime){ + $start_date=date('U',$start_date); + if($end_date) + $end_date=date('U',$end_date); + else + $end_date = time(); + } $time = abs($end_date-$start_date); - //SDI($start_date.' - '.$end_date.' = '.$time); - + + $years = (int) ($time / (365*86400)); + $time -= $years*365*86400; + + $months = (int ) ($time / (30*86400)); + $time -= $months*30*86400; + $days = (int) ($time / 86400); - $hours = (int) (($time - $days*86400) / 3600); - $minutes = (int) ((($time - $days*86400) - ($hours*3600)) / 60); - $str = (($days)?$days.'d ':'').(($hours)?$hours.'h ':'').$minutes.'m'; + $time -= $days*86400; + + $hours = (int) ($time / 3600); + $time -= $hours*3600; + + $minutes = (int) ($time / 60); + $time -= $minutes*60; + + if($time > 1){ + $seconds = round($time,2); + $ms = 0; + } + else{ + $seconds = 0; + $ms = round($time,3) * 1000; + } + + $str = (($years)?$years.'y ':''). + (($months)?$months.'m ':''). + (($days)?$days.'d ':''). + (($hours && !$years)?$hours.'h ':''). + (($minutes && !$years && !$months)?$minutes.'m ':''). + ((!$years && !$months && !$days && (!$ms || $seconds))?$seconds.'s ':''). + (($ms && !$years && !$months && !$days && !$hours)?$ms.'ms':''); return $str; } diff --git a/frontends/php/include/graphs.inc.php b/frontends/php/include/graphs.inc.php index b597b987..ae2c0e1d 100644 --- a/frontends/php/include/graphs.inc.php +++ b/frontends/php/include/graphs.inc.php @@ -382,17 +382,15 @@ * Only PHP: * $error= true : rise Error if item doesn't exists(error generated), false: special processing (NO error generated) */ - function get_same_graphitems_for_host($gitems, $dest_hostid, $error=true) - { + function get_same_graphitems_for_host($gitems, $dest_hostid, $error=true){ $result = array(); - foreach($gitems as $gitem) - { + foreach($gitems as $gitem){ $sql = 'SELECT src.itemid '. - ' FROM items src, items dest '. - ' WHERE dest.itemid='.zbx_dbstr($gitem['itemid']). - ' AND src.key_=dest.key_ '. - ' AND src.hostid='.$dest_hostid; + ' FROM items src, items dest '. + ' WHERE dest.itemid='.$gitem['itemid']. + ' AND src.key_=dest.key_ '. + ' AND src.hostid='.$dest_hostid; $db_item = DBfetch(DBselect($sql)); if (!$db_item && $error){ $item = get_item_by_itemid($gitem['itemid']); @@ -430,8 +428,8 @@ { $graphid = get_dbid("graphs","graphid"); - $result=DBexecute("insert into graphs". - " (graphid,name,width,height,yaxistype,yaxismin,yaxismax,templateid,show_work_period,show_triggers,graphtype,show_legend,show_3d)". + $result=DBexecute('INSERT INTO graphs '. + ' (graphid,name,width,height,yaxistype,yaxismin,yaxismax,templateid,show_work_period,show_triggers,graphtype,show_legend,show_3d) '. " values ($graphid,".zbx_dbstr($name).",$width,$height,$yaxistype,$yaxismin,". " $yaxismax,$templateid,$showworkperiod,$showtriggers,$graphtype,$legend,$graph3d)"); diff --git a/frontends/php/include/hosts.inc.php b/frontends/php/include/hosts.inc.php index d283dd53..86506f08 100644 --- a/frontends/php/include/hosts.inc.php +++ b/frontends/php/include/hosts.inc.php @@ -1327,7 +1327,6 @@ require_once "include/httptest.inc.php"; } // Delete Host Profile - function delete_host_profile($hostids){ zbx_value2array($hostids); $result=DBexecute('DELETE FROM hosts_profiles WHERE '.DBcondition('hostid',$hostids)); diff --git a/frontends/php/include/items.inc.php b/frontends/php/include/items.inc.php index fa646994..5d080ff0 100644 --- a/frontends/php/include/items.inc.php +++ b/frontends/php/include/items.inc.php @@ -705,7 +705,7 @@ if(isset($itemid)){ $sql = 'SELECT src.itemid '. ' FROM items src, items dest '. - ' WHERE dest.itemid='.zbx_dbstr($itemid). + ' WHERE dest.itemid='.$itemid. ' AND src.key_=dest.key_ '. ' AND src.hostid='.$dest_hostid; diff --git a/frontends/php/include/maps.inc.php b/frontends/php/include/maps.inc.php index 71731117..eb1e6a17 100644 --- a/frontends/php/include/maps.inc.php +++ b/frontends/php/include/maps.inc.php @@ -251,7 +251,7 @@ function add_link_trigger($linkid,$triggerid,$drawtype,$color){ $linktriggerid=get_dbid("sysmaps_link_triggers","linktriggerid"); $sql = 'INSERT INTO sysmaps_link_triggers (linktriggerid,linkid,triggerid,drawtype,color) '. - " VALUES ('$linktriggerid','$linkid','$triggerid','$drawtype',".zbx_dbstr($color).")"; + " VALUES ($linktriggerid,$linkid,$triggerid,$drawtype,".zbx_dbstr($color).')'; return DBexecute($sql); } @@ -262,11 +262,11 @@ } function delete_link_trigger($linkid,$triggerid){ - return DBexecute("DELETE FROM sysmaps_link_triggers WHERE linkid=$linkid AND triggerid=$triggerid"); + return DBexecute('DELETE FROM sysmaps_link_triggers WHERE linkid='.$linkid.' AND triggerid='.$triggerid); } function delete_all_link_triggers($linkid){ - return DBexecute("DELETE FROM sysmaps_link_triggers WHERE linkid=$linkid"); + return DBexecute('DELETE FROM sysmaps_link_triggers WHERE linkid='.$linkid); } /* @@ -284,8 +284,9 @@ if(bccomp($sysmapid ,$elementid)==0) return TRUE; - $db_elements = DBselect("select elementid, elementtype FROM sysmaps_elements". - " WHERE sysmapid=$elementid"); + $db_elements = DBselect('SELECT elementid, elementtype '. + ' FROM sysmaps_elements '. + ' WHERE sysmapid='.$elementid); while($element = DBfetch($db_elements)) { diff --git a/frontends/php/include/media.inc.php b/frontends/php/include/media.inc.php index 907b15a7..8d9a4843 100644 --- a/frontends/php/include/media.inc.php +++ b/frontends/php/include/media.inc.php @@ -176,7 +176,8 @@ $s=$s|pow(2,(int)$severity[$i]); } $mediaid=get_dbid("media","mediaid"); - $sql="insert into media (mediaid,userid,mediatypeid,sendto,active,severity,period) values ($mediaid,$userid,".zbx_dbstr($mediatypeid).",".zbx_dbstr($sendto).",$active,$s,".zbx_dbstr($period).")"; + $sql='INSERT INTO media (mediaid,userid,mediatypeid,sendto,active,severity,period) '. + " VALUES ($mediaid,$userid,".$mediatypeid.','.zbx_dbstr($sendto).','.$active.','.$s.','.zbx_dbstr($period).')'; $ret = DBexecute($sql); if($ret) $ret = $mediaid; return $ret; diff --git a/frontends/php/include/perm.inc.php b/frontends/php/include/perm.inc.php index 3e830fe9..9c3ee565 100644 --- a/frontends/php/include/perm.inc.php +++ b/frontends/php/include/perm.inc.php @@ -66,7 +66,7 @@ function check_authorisation(){ bold(date('d.m.Y H:i',$login['attempt_clock'])), '.'))); - DBexecute('UPDATE users SET attempt_failed=0 WHERE userid='.zbx_dbstr($login['userid'])); + DBexecute('UPDATE users SET attempt_failed=0 WHERE userid='.$login['userid']); } } @@ -169,7 +169,7 @@ return $result; function check_perm2system($userid){ $sql = 'SELECT COUNT(g.usrgrpid) as grp_count '. ' FROM usrgrp g, users_groups ug '. - ' WHERE ug.userid = '.zbx_dbstr($userid). + ' WHERE ug.userid = '.$userid. ' AND g.usrgrpid = ug.usrgrpid '. ' AND g.users_status = '.GROUP_STATUS_DISABLED; $res = DBfetch(DBSelect($sql)); @@ -209,7 +209,7 @@ function get_user_auth($userid){ $sql = 'SELECT MAX(g.gui_access) as gui_access '. ' FROM usrgrp g, users_groups ug '. - ' WHERE ug.userid='.zbx_dbstr($userid). + ' WHERE ug.userid='.$userid. ' AND g.usrgrpid=ug.usrgrpid '; $acc = DBfetch(DBselect($sql)); diff --git a/frontends/php/include/scripts.inc.php b/frontends/php/include/scripts.inc.php index f7c1082c..0b582b66 100644 --- a/frontends/php/include/scripts.inc.php +++ b/frontends/php/include/scripts.inc.php @@ -13,7 +13,7 @@ return $rows; function add_script($name,$command,$usrgrpid,$groupid,$access){ $scriptid = get_dbid('scripts','scriptid'); $sql = 'INSERT INTO scripts (scriptid,name,command,usrgrpid,groupid,host_access) '. - " VALUES ('$scriptid','$name',".zbx_dbstr($command).",$usrgrpid,$groupid,$access)"; + " VALUES ($scriptid,".zbx_dbstr($name).','.zbx_dbstr($command).",$usrgrpid,$groupid,$access)"; $result = DBexecute($sql); if($result){ $result = $scriptid; @@ -41,21 +41,19 @@ function update_script($scriptid,$name,$command,$usrgrpid,$groupid,$access){ return $result; } -function script_make_command($scriptid,$hostid) -{ - $host_db = DBfetch(DBselect("select dns,useip,ip from hosts where hostid=$hostid")); - $script_db = DBfetch(DBselect("select command from scripts where scriptid=$scriptid")); - if($host_db && $script_db) - { - $command = $script_db["command"]; - $command = str_replace("{HOST.DNS}", $host_db["dns"],$command); - $command = str_replace("{IPADDRESS}", $host_db["ip"],$command); - $command = ($host_db["useip"]==0)? - str_replace("{HOST.CONN}", $host_db["dns"],$command): - str_replace("{HOST.CONN}", $host_db["ip"],$command); +function script_make_command($scriptid,$hostid){ + $host_db = DBfetch(DBselect('SELECT dns,useip,ip FROM hosts WHERE hostid='.$hostid)); + $script_db = DBfetch(DBselect('SELECT command FROM scripts WHERE scriptid='.$scriptid)); + + if($host_db && $script_db){ + $command = $script_db['command']; + $command = str_replace("{HOST.DNS}", $host_db['dns'],$command); + $command = str_replace("{IPADDRESS}", $host_db['ip'],$command); + $command = ($host_db['useip']==0)? + str_replace("{HOST.CONN}", $host_db['dns'],$command): + str_replace("{HOST.CONN}", $host_db['ip'],$command); } - else - { + else{ $command = FALSE; } return $command; @@ -118,7 +116,7 @@ function get_accessible_scripts_by_hosts($hosts){ $user_groups = DBfetch(DBselect($sql)); $user_groups[] = 0; // to ALL user groups -// +// -- // Selecting groups by Hosts @@ -132,7 +130,7 @@ function get_accessible_scripts_by_hosts($hosts){ $hg_groups[$hg_rows['groupid']] = $hg_rows['groupid']; } $hg_groups[] = 0; // to ALL host groups -// +// -- $hosts_read_only = get_accessible_hosts_by_user($USER_DETAILS,PERM_READ_ONLY,PERM_RES_IDS_ARRAY); $hosts_read_write = get_accessible_hosts_by_user($USER_DETAILS,PERM_READ_WRITE,PERM_RES_IDS_ARRAY); @@ -173,8 +171,6 @@ function get_accessible_scripts_by_hosts($hosts){ $scripts_by_host[$hostid][] = $script; } } -/* -*/ //SDI($scripts_by_host); return $scripts_by_host; } diff --git a/frontends/php/include/users.inc.php b/frontends/php/include/users.inc.php index 21c64a32..9ccadc72 100644 --- a/frontends/php/include/users.inc.php +++ b/frontends/php/include/users.inc.php @@ -198,7 +198,7 @@ function get_user_by_userid($userid){ - if($row = DBfetch(DBselect('select * from users where userid='.zbx_dbstr($userid)))){ + if($row = DBfetch(DBselect('SELECT * FROM users WHERE userid='.$userid))){ return $row; } /* error("No user with id [$userid]"); */ @@ -224,10 +224,11 @@ function add_user_to_group($userid,$usrgrpid){ $result = false; if(granted2move_user($userid,$usrgrpid)){ - DBexecute('delete from users_groups where userid='.$userid.' and usrgrpid='.$usrgrpid); + DBexecute('DELETE FROM users_groups WHERE userid='.$userid.' AND usrgrpid='.$usrgrpid); $users_groups_id = get_dbid("users_groups","id"); - $result = DBexecute('insert into users_groups (id,usrgrpid,userid) values('.$users_groups_id.','.$usrgrpid.','.$userid.')'); + $result = DBexecute('INSERT INTO users_groups (id,usrgrpid,userid) '. + ' VALUES ('.$users_groups_id.','.$usrgrpid.','.$userid.')'); } else{ error(S_USER_CANNOT_CHANGE_STATUS); @@ -238,7 +239,7 @@ function remove_user_from_group($userid,$usrgrpid){ $result = false; if(granted2move_user($userid,$usrgrpid)){ - $result = DBexecute('delete from users_groups where userid='.$userid.' and usrgrpid='.$usrgrpid); + $result = DBexecute('DELETE FROM users_groups WHERE userid='.$userid.' AND usrgrpid='.$usrgrpid); } else{ error(S_USER_CANNOT_CHANGE_STATUS); @@ -284,7 +285,7 @@ $usrgrpid=get_dbid("usrgrp","usrgrpid"); - $result=DBexecute("insert into usrgrp (usrgrpid,name) values ($usrgrpid,".zbx_dbstr($name).")"); + $result=DBexecute("INSERT INTO usrgrp (usrgrpid,name) VALUES ($usrgrpid,".zbx_dbstr($name).")"); if(!$result) return $result; // must come before adding user to group @@ -313,14 +314,14 @@ function update_user_group($usrgrpid,$name,$users_status,$gui_access,$users=array(),$rights=array()){ global $USER_DETAILS; - if(DBfetch(DBselect('select * from usrgrp where name='.zbx_dbstr($name). + if(DBfetch(DBselect('SELECT * FROM usrgrp WHERE name='.zbx_dbstr($name). ' and usrgrpid<>'.$usrgrpid.' and '.DBin_node('usrgrpid', get_current_nodeid(false))))) { error("Group '$name' already exists"); return 0; } - $result=DBexecute("update usrgrp set name=".zbx_dbstr($name)." where usrgrpid=$usrgrpid"); + $result=DBexecute('UPDATE usrgrp SET name='.zbx_dbstr($name).' WHERE usrgrpid='.$usrgrpid); if(!$result) return $result; // must come before adding user to group @@ -334,7 +335,7 @@ $grant = (!uint_in_array($USER_DETAILS['userid'],$users)); } if($grant){ - $result = DBexecute('delete from users_groups where usrgrpid='.zbx_dbstr($usrgrpid)); + $result = DBexecute('DELETE FROM users_groups WHERE usrgrpid='.$usrgrpid); foreach($users as $userid => $name){ $result &= add_user_to_group($userid,$usrgrpid); if(!$result) return $result; @@ -345,11 +346,11 @@ return false; } - $result=DBexecute("delete from rights where groupid=".$usrgrpid); + $result=DBexecute('DELETE FROM rights WHERE groupid='.$usrgrpid); foreach($rights as $right){ $id = get_dbid('rights','rightid'); - $result=DBexecute('insert into rights (rightid,groupid,permission,id)'. - ' values ('.$id.','.$usrgrpid.','.$right['permission'].','.$right['id'].')'); + $result=DBexecute('INSERT INTO rights (rightid,groupid,permission,id)'. + ' VALUES ('.$id.','.$usrgrpid.','.$right['permission'].','.$right['id'].')'); if(!$result) return $result; } @@ -497,191 +498,4 @@ return $action; } - - function get_user_actionmenu_old($userid){ - global $USER_DETAILS; - - $action = new CSpan(S_SELECT); - -// add to group - $menus = "Array(Array('".S_GROUPS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}), - Array('".S_ADD_TO."',null,null,{'outer' : ['pum_o_submenu'],'inner' : ['pum_i_submenu']},"; - $menus.= "['".S_GROUPS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],"; - - $grp_list = '('; - if($res = DBselect('SELECT DISTINCT ug.usrgrpid '. - ' FROM users_groups ug'. - ' WHERE ug.userid='.zbx_dbstr($userid). - ' AND '.DBin_node('ug.usrgrpid', get_current_nodeid(false)))) - { - while($tmp = DBFetch($res)) $grp_list.= "'".$tmp['usrgrpid']."'".','; - } - $grp_list.="'0')"; - - $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name, g.gui_access, g.users_status'. - ' FROM usrgrp g'. - ' WHERE g.usrgrpid NOT IN '.$grp_list. - ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)). - ' ORDER BY g.name'); - - while($group=DBfetch($res)){ - if(!granted2move_user($userid,$group['usrgrpid'])) continue; - - $caption = new CSpan($group['name']); - if($group['users_status'] == GROUP_STATUS_DISABLED){ - $caption->SetClass('red'); - } - else if($group['gui_access'] == GROUP_GUI_ACCESS_DISABLED){ - $caption->SetClass('orange'); - } - - $caption = htmlspecialchars(unpack_object($caption)); - $menus.="['".$caption."','users.php?config=0&form=update&grpaction=1&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,"; - } - - $menus=rtrim($menus,',').'),'; -// remove from group - $menus.= "Array('".S_REMOVE_FROM."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},"; - $menus.= "['".S_GROUPS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],"; - - $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name, g.gui_access, g.users_status '. - ' FROM usrgrp g, users_groups ug'. - ' WHERE ug.userid='.zbx_dbstr($userid). - ' AND ug.usrgrpid = g.usrgrpid '. - ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)). - ' ORDER BY g.name'); - - while($group=DBfetch($res)){ - if(!granted2move_user($userid,$group['usrgrpid'])) continue; - - $caption = new CSpan($group['name']); - if($group['users_status'] == GROUP_STATUS_DISABLED){ - $caption->SetClass('red'); - } - else if($group['gui_access'] == GROUP_GUI_ACCESS_DISABLED){ - $caption->SetClass('orange'); - } - - $caption = htmlspecialchars(unpack_object($caption)); - $menus.="['".$caption."','users.php?config=0&form=update&grpaction=0&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,"; - } - - $menus=rtrim($menus,',').'),'; - if(bccomp($USER_DETAILS['userid'],$userid) == 0){ - $menus=rtrim($menus,',').')'; - } - else{ -// add to GUI ACCESS - $menus.= "Array('".S_GUI_ACCESS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}), - Array('".S_ADD_TO."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},"; - $menus.= "['".S_GUI_ACCESS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],"; - - $grp_list = '('; - if($res = DBselect('SELECT DISTINCT ug.usrgrpid '. - ' FROM users_groups ug, usrgrp g'. - ' WHERE ug.userid='.zbx_dbstr($userid). - ' AND g.gui_access='.GROUP_GUI_ACCESS_DISABLED. - ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)))) - { - while($tmp = DBFetch($res)) $grp_list.= "'".$tmp['usrgrpid']."'".','; - } - $grp_list.="'0')"; -// $grp_list=rtrim($grp_list,',').')'; - - $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name'. - ' FROM usrgrp g'. - ' WHERE g.usrgrpid NOT IN'.$grp_list. - ' AND g.gui_access='.GROUP_GUI_ACCESS_DISABLED. - ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)). - ' ORDER BY g.name'); - - while($group=DBfetch($res)){ - $caption = new CSpan($group['name'],'orange'); - $caption = htmlspecialchars(unpack_object($caption)); - $menus.="['".$caption."','users.php?config=0&form=update&grpaction=1&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,"; - } - - $menus=rtrim($menus,',').'),'; -// remove from GUI ACCESS - $menus.= "Array('".S_REMOVE_FROM."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},"; - $menus.= "['".S_GUI_ACCESS."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],"; - - $res = DBselect('SELECT g.name, g.usrgrpid'. - ' FROM usrgrp g, users_groups ug'. - ' WHERE ug.userid='.zbx_dbstr($userid). - ' AND ug.usrgrpid = g.usrgrpid '. - ' AND g.gui_access='.GROUP_GUI_ACCESS_DISABLED. - ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)). - ' ORDER BY g.name'); - - while($group=DBfetch($res)){ - $caption = new CSpan($group['name'],'orange'); - $caption = htmlspecialchars(unpack_object($caption)); - - $menus.="['".$caption."','users.php?config=0&form=update&grpaction=0&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,"; - } - - $menus=rtrim($menus,',').'),'; - -// add to DISABLED - $menus.= "Array('".S_STATUS_DISABLED."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}), - Array('".S_ADD_TO."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},"; - $menus.= "['".S_STATUS_DISABLED."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],"; - - $grp_list = '('; - if($res = DBselect('SELECT DISTINCT ug.usrgrpid '. - ' FROM users_groups ug, usrgrp g'. - ' WHERE ug.userid='.zbx_dbstr($userid). - ' AND g.users_status='.GROUP_STATUS_DISABLED. - ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)))) - { - while($tmp = DBFetch($res)) $grp_list.= "'".$tmp['usrgrpid']."'".','; - } - $grp_list.="'0')"; -// $grp_list=rtrim($grp_list,',').')'; - - $res = DBselect('SELECT DISTINCT g.usrgrpid, g.name'. - ' FROM usrgrp g'. - ' WHERE g.usrgrpid NOT IN'.$grp_list. - ' AND g.users_status='.GROUP_STATUS_DISABLED. - ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)). - ' ORDER BY g.name'); - - while($group=DBfetch($res)){ - $caption = new CSpan($group['name'],'red'); - $caption = htmlspecialchars(unpack_object($caption)); - - $menus.="['".$caption."','users.php?config=0&form=update&grpaction=1&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,"; - } - - $menus=rtrim($menus,',').'),'; -// remove from DISABLED - $menus.= "Array('".S_REMOVE_FROM."',null,null,{'outer' : 'pum_o_submenu','inner' : ['pum_i_submenu']},"; - $menus.= "['".S_STATUS_DISABLED."',null,null,{'outer' : ['pum_oheader'],'inner' : ['pum_iheader']}],"; - - $res = DBselect('SELECT g.name, g.usrgrpid'. - ' FROM usrgrp g, users_groups ug'. - ' WHERE ug.userid='.zbx_dbstr($userid). - ' AND ug.usrgrpid = g.usrgrpid '. - ' AND g.users_status='.GROUP_STATUS_DISABLED. - ' AND '.DBin_node('g.usrgrpid', get_current_nodeid(false)). - ' ORDER BY g.name'); - - - while($group=DBfetch($res)){ - $caption = new CSpan($group['name'],'red'); - $caption = htmlspecialchars(unpack_object($caption)); - - $menus.="['".$caption."','users.php?config=0&form=update&grpaction=0&userid=".$userid."&usrgrpid=".$group['usrgrpid']."']\n,"; - } - - $menus=rtrim($menus,',').'))'; - } - - $script = new CScript("javascript: show_popup_menu(event,".$menus.",240);"); - $action->AddAction('onclick',$script); - $action->AddOption('onmouseover','javascript: this.style.cursor = "pointer";'); - - return $action; - } ?>
\ No newline at end of file diff --git a/frontends/php/index.php b/frontends/php/index.php index 86972612..8139c62b 100644 --- a/frontends/php/index.php +++ b/frontends/php/index.php @@ -130,7 +130,7 @@ /* update internal pass if it's different if($login && ($row['passwd']!=$password) && (ZBX_AUTH_INTERNAL!=$authentication_type)){ - DBexecute('UPDATE users SET passwd='.zbx_dbstr($password).' WHERE userid='.zbx_dbstr($row['userid'])); + DBexecute('UPDATE users SET passwd='.zbx_dbstr($password).' WHERE userid='.$row['userid']); } */ if($login){ @@ -165,10 +165,10 @@ if($attempt){ $ip = (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR']))?$_SERVER['HTTP_X_FORWARDED_FOR']:$_SERVER['REMOTE_ADDR']; $attempt['attempt_failed']++; - $sql = 'UPDATE users SET attempt_failed='.zbx_dbstr($attempt['attempt_failed']). + $sql = 'UPDATE users SET attempt_failed='.$attempt['attempt_failed']. ', attempt_clock='.time(). ', attempt_ip='.zbx_dbstr($ip). - ' WHERE userid='.zbx_dbstr($attempt['userid']); + ' WHERE userid='.$attempt['userid']; DBexecute($sql); } } diff --git a/frontends/php/js/calendar.js b/frontends/php/js/calendar.js index d47e4d1d..bc5a4d9e 100644 --- a/frontends/php/js/calendar.js +++ b/frontends/php/js/calendar.js @@ -254,12 +254,12 @@ setSDateDMY: function(d,m,y){ result = true; } - if((y > 71) && (y < 1971)){ + if((y > 71) && (y < 1970)){ this.sdt.setYear(y); result = true; } - if((y > 1971) && (y < 10000)){ + if((y > 1970) && (y < 10000)){ this.sdt.setFullYear(y); result = true; } diff --git a/frontends/php/triggers.php b/frontends/php/triggers.php index 885cc3b6..2fdac9f5 100644 --- a/frontends/php/triggers.php +++ b/frontends/php/triggers.php @@ -292,7 +292,7 @@ include_once "include/page_header.php"; foreach($_REQUEST["g_triggerid"] as $id => $triggerid){ if(!check_right_on_trigger_by_triggerid(null, $triggerid)) continue; - $res = DBselect('SELECT triggerid FROM triggers t WHERE t.triggerid='.zbx_dbstr($triggerid)); + $res = DBselect('SELECT triggerid FROM triggers t WHERE t.triggerid='.$triggerid); if(!$row = DBfetch($res)) continue; $cur_result = update_trigger_status($row['triggerid'],0); @@ -317,7 +317,7 @@ include_once "include/page_header.php"; foreach($_REQUEST["g_triggerid"] as $id => $triggerid){ if(!check_right_on_trigger_by_triggerid(null, $triggerid)) continue; - $res=DBselect("SELECT triggerid FROM triggers t WHERE t.triggerid=".zbx_dbstr($triggerid)); + $res=DBselect('SELECT triggerid FROM triggers t WHERE t.triggerid='.$triggerid); if(!$row = DBfetch($res)) continue; $cur_result = update_trigger_status($row["triggerid"],1); @@ -341,7 +341,7 @@ include_once "include/page_header.php"; foreach($_REQUEST["g_triggerid"] as $triggerid){ if(!check_right_on_trigger_by_triggerid(null, $triggerid)) continue; - $res=DBselect("SELECT triggerid,templateid FROM triggers t WHERE t.triggerid=".zbx_dbstr($triggerid)); + $res=DBselect('SELECT triggerid,templateid FROM triggers t WHERE t.triggerid='.$triggerid); if(!$row = DBfetch($res)) continue; if($row["templateid"] <> 0) continue; diff --git a/frontends/php/users.php b/frontends/php/users.php index 4e3e4499..418ab504 100644 --- a/frontends/php/users.php +++ b/frontends/php/users.php @@ -669,4 +669,4 @@ include_once 'include/page_header.php'; include_once 'include/page_footer.php' -?> +?>
\ No newline at end of file |