/* don't even print the table if there is not >1 tree */ if ((!empty($tree_dropdown_html)) && (read_graph_config_option("default_tree_view_mode") == "1")) { print " <br> <table width='100%' style='background-color: #f5f5f5; border: 1px solid #bbbbbb;' align='center' cellpadding='3'> <tr> $tree_dropdown_html </tr> </table>\n"; } if (isset($_SESSION["sess_view_tree_id"])) { if (read_config_option("auth_method") != 0) { /* take tree permissions into account here, if the user does not have permission give an "access denied" message */ $access_denied = !(is_tree_allowed($_SESSION["sess_view_tree_id"])); if ($access_denied == true) { print "<strong><font size='+1' color='FF0000'>ACCESS DENIED</font></strong>"; exit; } } if (read_graph_config_option("default_tree_view_mode") == "1") { grow_graph_tree($_SESSION["sess_view_tree_id"], (!empty($start_branch) ? $start_branch : 0), isset($_SESSION["sess_user_id"]) ? $_SESSION["sess_user_id"] : 0, $tree_parameters); }elseif (read_graph_config_option("default_tree_view_mode") == "2") { grow_right_pane_tree((isset($_GET["tree_id"]) ? $_GET["tree_id"] : 0), (isset($_GET["leaf_id"]) ? $_GET["leaf_id"] : 0), (isset($_GET["host_group_data"]) ? urldecode($_GET["host_group_data"]) : 0)); } } print "<br><br>";
}); }); </script> <?php $access_denied = false; $tree_parameters = array(); $_SESSION['sess_node_id'] = $_REQUEST['nodeid']; /* if cacti's builtin authentication is turned on then make sure to take graph permissions into account here. if a user does not have rights to a particular graph; do not show it. they will get an access denied message if they try and view the graph directly. */ if (isset($_SESSION['sess_view_tree_id'])) { if (read_config_option('auth_method') != 0) { /* take tree permissions into account here, if the user does not have permission give an "access denied" message */ $access_denied = !is_tree_allowed($_SESSION['sess_view_tree_id']); if ($access_denied == true) { print "<strong><font size='+1' color='FF0000'>ACCESS DENIED</font></strong>"; exit; } } grow_right_pane_tree(isset($_REQUEST['tree_id']) ? $_REQUEST['tree_id'] : 0, isset($_REQUEST['leaf_id']) ? $_REQUEST['leaf_id'] : 0, isset($_REQUEST['host_group_data']) ? urldecode($_REQUEST['host_group_data']) : 0); } break; case 'preview': if (!isset($_REQUEST['header']) || $_REQUEST['header'] == false) { include_once './include/top_graph_header.php'; } if (read_config_option('auth_method') != 0 && empty($current_user['show_preview'])) { print "<strong><font size='+1' color='FF0000'>YOU DO NOT HAVE RIGHTS FOR PREVIEW VIEW</font></strong>"; exit;
function get_tree_graphs($tree_id, $leaf_id) { if (is_tree_allowed($tree_id)) { if ($leaf_id == -2) { $sql_leaf = 'parent=0 AND'; } elseif ($leaf_id > 0) { $sql_leaf = 'parent=' . $leaf_id . ' AND'; } else { $sql_leaf = ''; } $items = db_fetch_assoc('SELECT * FROM graph_tree_items AS gti WHERE ' . $sql_leaf . ' graph_tree_id=' . $tree_id); $graphs = array(); $hosts = array(); $outArray = array(); if (sizeof($items)) { foreach ($items as $i) { if (empty($i['title']) && $i['local_graph_id'] > 0) { $graphs[$i['local_graph_id']] = $i['local_graph_id']; } elseif ($i['host_id'] > 0 && is_device_allowed($i['host_id'])) { $hosts[$i['host_id']] = $i['host_id']; } elseif ($leaf_id > -2) { $outArray += get_tree_graphs($tree_id, $i['id']); } } } if (sizeof($hosts) && sizeof($graphs)) { $graphs = get_allowed_graphs('(h.id IN(' . implode(',', $hosts) . ') OR gl.id IN(' . implode(',', $graphs) . '))'); } elseif (sizeof($hosts)) { $graphs = get_allowed_graphs('(h.id IN(' . implode(',', $hosts) . '))'); } elseif (sizeof($graphs)) { $graphs = get_allowed_graphs('(gl.id IN(' . implode(',', $graphs) . '))'); } } if (sizeof($graphs)) { foreach ($graphs as $i) { $outArray[$i['local_graph_id']] = $i['title_cache']; } } return $outArray; }
function get_allowed_tree_content($tree_id, $parent = 0, $sql_where = '', $order_by = '', $limit = '', &$total_rows = 0, $user = 0) { if ($limit != '') { $limit = "LIMIT {$limit}"; } if ($order_by != '') { $order_by = "ORDER BY {$order_by}"; } if ($sql_where != '') { $sql_where = "WHERE gti.local_graph_id = 0 AND gti.parent = {$parent} AND gti.graph_tree_id = {$tree_id} AND (" . $sql_where . ')'; } else { $sql_where = "WHERE gti.local_graph_id = 0 AND gti.parent = {$parent} AND gti.graph_tree_id = {$tree_id}"; } if ($tree_id > 0) { $heirarchy = db_fetch_assoc("SELECT gti.graph_tree_id AS tree_id, gti.id, gti.title, gti.host_id, \n\t\t\tgti.local_graph_id, gti.host_grouping_type, h.description AS hostname\n\t\t\tFROM graph_tree_items AS gti\n\t\t\tINNER JOIN graph_tree AS gt\n\t\t\tON gt.id = gti.graph_tree_id\n\t\t\tLEFT JOIN host AS h\n\t\t\tON h.id = gti.host_id\n\t\t\t{$sql_where}\n\t\t\tORDER BY gti.position"); } else { $heirarchy = db_fetch_assoc("SELECT gt.id AS tree_id, '0' AS id, gt.name AS title, '0' AS host_id, \n\t\t\t'0' AS local_graph_id, '1' AS host_grouping_type, '' AS hostname\n\t\t\tFROM graph_tree AS gt\n\t\t\tORDER BY gt.name"); } if (read_config_option('auth_method') != 0) { $new_heirarchy = array(); if (sizeof($heirarchy)) { foreach ($heirarchy as $h) { if ($h['host_id'] > 0) { if (is_device_allowed($h['host_id'])) { $new_heirarchy[] = $h; } } elseif ($h['id'] == 0) { if (is_tree_allowed($h['tree_id'])) { $new_heirarchy[] = $h; } } else { $new_heirarchy[] = $h; } } } return $new_heirarchy; } else { return $heirarchy; } }
<script type='text/javascript' src='<?php print $config['url_path'] . 'include/realtime.js'; ?> '></script> <script type='text/javascript'>timeOffset=<?php print date('Z'); ?> ;</script> <?php $access_denied = false; $tree_parameters = array(); if (isset($_REQUEST['nodeid'])) { $_SESSION['sess_node_id'] = 'tbranch-' . $_REQUEST['nodeid']; } if (isset($_REQUEST['tree_id'])) { if (!is_tree_allowed($_REQUEST['tree_id'])) { header('Location: permission_denied.php'); exit; } grow_right_pane_tree(isset($_REQUEST['tree_id']) ? $_REQUEST['tree_id'] : 0, isset($_REQUEST['leaf_id']) ? $_REQUEST['leaf_id'] : 0, isset($_REQUEST['host_group_data']) ? urldecode($_REQUEST['host_group_data']) : 0); } break; case 'preview': top_graph_header(); if (!is_view_allowed('show_preview')) { print "<strong><font class='txtErrorTextBox'>YOU DO NOT HAVE RIGHTS FOR PREVIEW VIEW</font></strong>"; return; } /* ================= input validation ================= */ input_validate_input_number(get_request_var_request('host_id')); input_validate_input_number(get_request_var_request('graph_template_id'));