function addmod_graph($user_id, $module_id)
{
myquery("SET AUTOCOMMIT=0");
if (check_graph($user_id, $module_id)) {
myquery("INSERT INTO `graph_status` VALUES ('','" . $user_id . "','" . $module_id . "','UNIX_TIMESTAMP()','0')");
/* New module activated */
myquery("COMMIT");
myquery("SET AUTOCOMMIT=1");
return 1;
} else {
/* No good news */
myquery("ROLLBACK");
myquery("SET AUTOCOMMIT=1");
return -1;
}
}
function graph_edit()
{
global $colors, $struct_graph, $image_types, $consolidation_functions, $graph_item_types, $struct_graph_item;
/* ================= input validation ================= */
input_validate_input_number(get_request_var("id"));
/* ==================================================== */
/* modify for multi user start */
if ($_SESSION["permission"] < ACCESS_ADMINISTRATOR) {
// graph add
if ($_GET["id"] == "") {
if ($_GET["host_id"] != -1) {
input_validate_input_number(get_request_var("host_id"));
if (!check_host($_GET["host_id"])) {
access_denied();
}
}
// graph edit
} else {
$permission = check_graph($_GET["id"]);
if ($permission != GRAPH_PRIVATE && $permission != GRAPH_PRIVATE + GRAPH_PUBLIC) {
access_denied();
}
}
}
/* modify for multi user end */
$use_graph_template = true;
if (!empty($_GET["id"])) {
$local_graph_template_graph_id = db_fetch_cell("select local_graph_template_graph_id from graph_templates_graph where local_graph_id=" . $_GET["id"]);
$graphs = db_fetch_row("select * from graph_templates_graph where local_graph_id=" . $_GET["id"]);
$graphs_template = db_fetch_row("select * from graph_templates_graph where id={$local_graph_template_graph_id}");
$host_id = db_fetch_cell("select host_id from graph_local where id=" . $_GET["id"]);
$header_label = "[edit: " . htmlspecialchars(get_graph_title($_GET["id"])) . "]";
if ($graphs["graph_template_id"] == "0") {
$use_graph_template = false;
}
} else {
$header_label = "[new]";
$use_graph_template = false;
}
/* modify for multi user start */
if ($_SESSION["permission"] < ACCESS_ADMINISTRATOR) {
unset($_GET["debug"]);
}
/* modify for multi user end */
/* handle debug mode */
if (isset($_GET["debug"])) {
if ($_GET["debug"] == "0") {
kill_session_var("graph_debug_mode");
} elseif ($_GET["debug"] == "1") {
$_SESSION["graph_debug_mode"] = true;
}
}
if (!empty($_GET["id"])) {
?>
<table width="100%" align="center">
<tr>
<td class="textInfo" colspan="2" valign="top">
<?php
print htmlspecialchars(get_graph_title($_GET["id"]));
?>
</td>
<td class="textInfo" align="right" valign="top">
<?php
/* modify for multi user start */
if ($_SESSION["permission"] == ACCESS_ADMINISTRATOR) {
?>
<span style="color: #c16921;">*<a href='<?php
print htmlspecialchars("graphs.php?action=graph_edit&id=" . (isset($_GET["id"]) ? $_GET["id"] : "0") . "&debug=" . (isset($_SESSION["graph_debug_mode"]) ? "0" : "1"));
?>
'>Turn <strong><?php
print isset($_SESSION["graph_debug_mode"]) ? "Off" : "On";
?>
</strong> Graph Debug Mode.</a></span><br>
<?php
}
if (!empty($graphs["graph_template_id"]) && $_SESSION["permission"] == ACCESS_ADMINISTRATOR) {
?>
<span style="color: #c16921;">*<a href='<?php
print htmlspecialchars("graph_templates.php?action=template_edit&id=" . (isset($graphs["graph_template_id"]) ? $graphs["graph_template_id"] : "0"));
?>
'>Edit Graph Template.</a></span><br><?php
}
/* modify for multi user end */
if (!empty($_GET["host_id"]) || !empty($host_id)) {
?>
<span style="color: #c16921;">*<a href='<?php
print htmlspecialchars("host.php?action=edit&id=" . (isset($_GET["host_id"]) ? $_GET["host_id"] : $host_id));
?>
'>Edit Host.</a></span><br><?php
}
?>
</td>
</tr>
</table>
<br>
<?php
}
html_start_box("<strong>Graph Template Selection</strong> {$header_label}", "100%", $colors["header"], "3", "center", "");
$form_array = array("graph_template_id" => array("method" => "drop_sql", "friendly_name" => "Selected Graph Template", "description" => "Choose a graph template to apply to this graph. Please note that graph data may be lost if you change the graph template after one is already applied.", "value" => isset($graphs) ? $graphs["graph_template_id"] : "0", "none_value" => "None", "sql" => "select graph_templates.id,graph_templates.name from graph_templates order by name"), "host_id" => array("method" => "drop_sql", "friendly_name" => "Host", "description" => "Choose the host that this graph belongs to.", "value" => isset($_GET["host_id"]) ? $_GET["host_id"] : $host_id, "none_value" => "None", "sql" => "select id,CONCAT_WS('',description,' (',hostname,')') as name from host order by description,hostname"), "graph_template_graph_id" => array("method" => "hidden", "value" => isset($graphs) ? $graphs["id"] : "0"), "local_graph_id" => array("method" => "hidden", "value" => isset($graphs) ? $graphs["local_graph_id"] : "0"), "local_graph_template_graph_id" => array("method" => "hidden", "value" => isset($graphs) ? $graphs["local_graph_template_graph_id"] : "0"), "_graph_template_id" => array("method" => "hidden", "value" => isset($graphs) ? $graphs["graph_template_id"] : "0"), "_host_id" => array("method" => "hidden", "value" => isset($host_id) ? $host_id : "0"));
/* modify for multi user start */
if ($_SESSION["permission"] < ACCESS_ADMINISTRATOR) {
unset($form_array["graph_template_id"]["none_value"]);
$form_array["graph_template_id"]["sql"] = "SELECT graph_templates.id,graph_templates.name FROM graph_templates WHERE name NOT LIKE '%@system' ORDER BY name";
unset($form_array["host_id"]["none_value"]);
$form_array["host_id"]["sql"] = "\r\n SELECT host.id,CONCAT_WS('',host.description,' (',host.hostname,')') AS name FROM host \r\n INNER JOIN user_auth_perms ON host.id = user_auth_perms.item_id AND user_auth_perms.user_id = '" . $_SESSION["sess_user_id"] . "' AND user_auth_perms.type = '3' \r\n ORDER BY host.description,host.hostname";
}
/* modify for multi user end */
draw_edit_form(array("config" => array(), "fields" => $form_array));
html_end_box();
/* only display the "inputs" area if we are using a graph template for this graph */
if (!empty($graphs["graph_template_id"])) {
html_start_box("<strong>Supplemental Graph Template Data</strong>", "100%", $colors["header"], "3", "center", "");
draw_nontemplated_fields_graph($graphs["graph_template_id"], $graphs, "|field|", "<strong>Graph Fields</strong>", true, true, 0);
draw_nontemplated_fields_graph_item($graphs["graph_template_id"], $_GET["id"], "|field|_|id|", "<strong>Graph Item Fields</strong>", true);
html_end_box();
}
/* graph item list goes here */
if (!empty($_GET["id"]) && empty($graphs["graph_template_id"])) {
item();
}
if (!empty($_GET["id"])) {
?>
<table width="100%" align="center">
<tr>
<td align="center" class="textInfo" colspan="2">
<img src="<?php
print htmlspecialchars("graph_image.php?action=edit&local_graph_id=" . $_GET["id"] . "&rra_id=" . read_graph_config_option("default_rra_id"));
?>
" alt="">
</td>
<?php
if (isset($_SESSION["graph_debug_mode"]) && isset($_GET["id"])) {
$graph_data_array["output_flag"] = RRDTOOL_OUTPUT_STDERR;
$graph_data_array["print_source"] = 1;
?>
<td>
<span class="textInfo">RRDTool Command:</span><br>
<pre><?php
print @rrdtool_function_graph($_GET["id"], 1, $graph_data_array);
?>
</pre>
<span class="textInfo">RRDTool Says:</span><br>
<?php
unset($graph_data_array["print_source"]);
?>
<pre><?php
print @rrdtool_function_graph($_GET["id"], 1, $graph_data_array);
?>
</pre>
</td>
<?php
}
?>
</tr>
</table>
<br>
<?php
}
if ((isset($_GET["id"]) || isset($_GET["new"])) && empty($graphs["graph_template_id"])) {
html_start_box("<strong>Graph Configuration</strong>", "100%", $colors["header"], "3", "center", "");
$form_array = array();
while (list($field_name, $field_array) = each($struct_graph)) {
$form_array += array($field_name => $struct_graph[$field_name]);
$form_array[$field_name]["value"] = isset($graphs) ? $graphs[$field_name] : "";
$form_array[$field_name]["form_id"] = isset($graphs) ? $graphs["id"] : "0";
if (!($use_graph_template == false || $graphs_template["t_" . $field_name] == "on")) {
$form_array[$field_name]["method"] = "template_" . $form_array[$field_name]["method"];
$form_array[$field_name]["description"] = "";
}
}
draw_edit_form(array("config" => array("no_form_tag" => true), "fields" => $form_array));
html_end_box();
}
if (isset($_GET["id"]) || isset($_GET["new"])) {
form_hidden_box("save_component_graph", "1", "");
form_hidden_box("save_component_input", "1", "");
} else {
form_hidden_box("save_component_graph_new", "1", "");
}
form_hidden_box("rrdtool_version", read_config_option("rrdtool_version"), "");
form_save_button("graphs.php");
//Now we need some javascript to make it dynamic
?>
<script language="JavaScript">
dynamic();
function dynamic() {
//alert("RRDTool Version is '" + document.getElementById('rrdtool_version').value + "'");
//alert("Log is '" + document.getElementById('auto_scale_log').checked + "'");
if (document.getElementById('scale_log_units')) {
document.getElementById('scale_log_units').disabled=true;
if ((document.getElementById('rrdtool_version').value != 'rrd-1.0.x') &&
(document.getElementById('auto_scale_log').checked)) {
document.getElementById('scale_log_units').disabled=false;
}
}
}
function changeScaleLog() {
//alert("Log changed to '" + document.getElementById('auto_scale_log').checked + "'");
if (document.getElementById('scale_log_units')) {
document.getElementById('scale_log_units').disabled=true;
if ((document.getElementById('rrdtool_version').value != 'rrd-1.0.x') &&
(document.getElementById('auto_scale_log').checked)) {
document.getElementById('scale_log_units').disabled=false;
}
}
}
</script>
<?php
}
/* modify for multi user start */
if (!check_graph($_REQUEST['graphid'])) {
access_denied();
}
/* modify for multi user end */
$graph = $_REQUEST['graphid'];
if ($host == 0) {
$host = db_fetch_cell('SELECT host_id FROM graph_local WHERE id = ' . $graph);
}
} else {
$graph = 0;
}
if (isset($_REQUEST['doaction']) && $_REQUEST['doaction'] != '') {
input_validate_input_number($_REQUEST['graphid']);
/* modify for multi user start */
if (!check_graph($_REQUEST['graphid'])) {
access_denied();
}
/* modify for multi user end */
$graph = $_REQUEST['graphid'];
if ($_REQUEST['doaction'] == 1) {
header("Location:" . $config['url_path'] . "plugins/thold/thold_add.php?graphid={$graph}\n\n");
} else {
$temp = db_fetch_row("SELECT dtr.*\r\n\t\t\t FROM data_template_rrd AS dtr\r\n\t\t\t LEFT JOIN graph_templates_item AS gti\r\n\t\t\t ON gti.task_item_id=dtr.id\r\n\t\t\t LEFT JOIN graph_local AS gl\r\n\t\t\t ON gl.id=gti.local_graph_id\r\n\t\t\t WHERE gl.id={$graph}");
$dt = $temp['data_template_id'];
header("Location:" . $config['url_path'] . "plugins/thold/thold_templates.php?action=add&data_template_id={$dt}\n\n");
}
exit;
}
if (isset($_REQUEST['dsid']) && $_REQUEST['dsid'] != '') {
input_validate_input_number($_REQUEST['dsid']);
?>
<tr>
<td valign="top" style="height:1px;" colspan="3" bgcolor="#efefef">
<?php
$graph_data_array["print_source"] = true;
/* override: graph start time (unix time) */
if (!empty($_GET["graph_start"])) {
$graph_data_array["graph_start"] = get_request_var_request("graph_start");
}
/* override: graph end time (unix time) */
if (!empty($_GET["graph_end"])) {
$graph_data_array["graph_end"] = get_request_var_request("graph_end");
}
/* modify for multi user start */
if ($_SESSION["permission"] < ACCESS_ADMINISTRATOR) {
$permission = check_graph($_GET["local_graph_id"]);
if (isset($_SESSION["sess_user_id"]) && $using_guest_account == false) {
// add public
if ($permission == GRAPH_PRIVATE) {
print " <a href=\"./graph.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&tree=public\"><img src=\"images/public_enable_icon.png\" style=\"border:none;vertical-align:text-bottom;\">Add to public</a>";
if (isset($_GET["tree"]) && $_GET["tree"] === "public") {
$tree_item_id = get_category_id($_SESSION["public_tree_id"], $_GET["local_graph_id"]);
exec("php ./cli/add_tree.php --type=node --node-type=graph --tree-id=" . $_SESSION["public_tree_id"] . " --parent-node=" . $tree_item_id . " --graph-id=" . $_GET["local_graph_id"]);
exec("php ./cli/add_perms.php --user-id=" . $_SESSION["sess_user_id"] . " --item-type=graph --item-id=" . $_GET["local_graph_id"]);
if (isset($_SESSION['dhtml_tree'])) {
unset($_SESSION['dhtml_tree']);
}
header("Location: graph.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"]);
exit;
}
// remove public
function is_graph_allowed($local_graph_id)
{
$current_user = db_fetch_row("select policy_graphs,policy_hosts,policy_graph_templates from user_auth where id=" . $_SESSION["sess_user_id"]);
/* get policy information for the sql where clause */
/* modify for multi user start */
if ($_SESSION["permission"] <= ACCESS_ADMINISTRATOR && strstr($_SERVER["HTTP_REFERER"], $_SERVER["SERVER_NAME"]) && check_graph($local_graph_id)) {
$graphs = TRUE;
} else {
$sql_where = get_graph_permissions_sql($current_user["policy_graphs"], $current_user["policy_hosts"], $current_user["policy_graph_templates"]);
$graphs = db_fetch_assoc("select\r\n\t\tgraph_templates_graph.local_graph_id\r\n\t\tfrom (graph_templates_graph,graph_local)\r\n\t\tleft join host on (host.id=graph_local.host_id)\r\n\t\tleft join graph_templates on (graph_templates.id=graph_local.graph_template_id)\r\n\t\tleft join user_auth_perms on ((graph_templates_graph.local_graph_id=user_auth_perms.item_id and user_auth_perms.type=1 and user_auth_perms.user_id=" . $_SESSION["sess_user_id"] . ") OR (host.id=user_auth_perms.item_id and user_auth_perms.type=3 and user_auth_perms.user_id=" . $_SESSION["sess_user_id"] . ") OR (graph_templates.id=user_auth_perms.item_id and user_auth_perms.type=4 and user_auth_perms.user_id=" . $_SESSION["sess_user_id"] . "))\r\n\t\twhere graph_templates_graph.local_graph_id=graph_local.id\r\n\t\t" . (empty($sql_where) ? "" : "and {$sql_where}") . "\r\n\t\tand graph_templates_graph.local_graph_id={$local_graph_id}\r\n\t\tgroup by graph_templates_graph.local_graph_id");
}
/* modify for multi user end */
if (sizeof($graphs) > 0) {
return true;
} else {
return false;
}
}
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><title></title><meta http-equiv="Content-Type" content="text/html;charset=utf-8"></head><body><?php
$guest_account = true;
include "./include/auth.php";
/* ================= input validation ================= */
input_validate_input_number(get_request_var("g"));
input_validate_input_number(get_request_var("r"));
/* ==================================================== */
if (check_graph($_GET["g"]) >= GRAPH_PUBLIC) {
$rel_url = "http://" . $_SERVER["SERVER_NAME"] . "/graph.php?action=view&local_graph_id=" . $_GET["g"] . "&rra_id=all";
$img_url = "http://" . $_SERVER["SERVER_NAME"] . "/graph_image.php?local_graph_id=" . $_GET["g"] . "&rra_id=" . $_GET["r"];
print "<a href=\"{$rel_url}\" target=\"_top\"><img src=\"{$img_url}\" border=\"0\"></a><br>\n";
//print "text message area\n";
} else {
print "no public graph ...";
}
?>
</body></html>
}
$guest_account = true;
include "./include/auth.php";
include_once "./lib/rrd.php";
include_once "./lib/html_tree.php";
include_once "./include/top_graph_header.php";
api_plugin_hook_function('graph');
/* ================= input validation ================= */
input_validate_input_regex(get_request_var("rra_id"), "^([0-9]+|all)\$");
input_validate_input_number(get_request_var("local_graph_id"));
input_validate_input_number(get_request_var("graph_end"));
input_validate_input_number(get_request_var("graph_start"));
input_validate_input_regex(get_request_var_request("view_type"), "^([a-zA-Z0-9]+)\$");
/* ==================================================== */
/* modify for multi user start */
if (check_graph($_GET["local_graph_id"]) == GRAPH_PUBLIC) {
// create table
if (!db_fetch_row("SHOW TABLE STATUS LIKE 'graph_access_counter'")) {
$sql = "\r\n CREATE TABLE IF NOT EXISTS `graph_access_counter` (\r\n `local_graph_id` mediumint(8) unsigned NOT NULL default '0',\r\n `count` mediumint(8) unsigned NOT NULL default '0',\r\n `ip_hash` char(64) default NULL,\r\n `time` datetime NOT NULL default '0000-00-00 00:00:00',\r\n `disabled` char(2) default NULL,\r\n PRIMARY KEY (local_graph_id),\r\n KEY local_graph_id (local_graph_id)\r\n ) ENGINE=MyISAM;";
db_execute($sql);
}
$ip_hash = hash_hmac('sha256', $_SERVER["REMOTE_ADDR"], FALSE);
if (!db_fetch_cell("\r\n SELECT graph_access_counter.local_graph_id FROM graph_access_counter \r\n WHERE graph_access_counter.local_graph_id = '" . $_GET["local_graph_id"] . "' AND graph_access_counter.ip_hash = '" . $ip_hash . "'")) {
$count = "(SELECT COALESCE((SELECT gac.count FROM graph_access_counter AS gac WHERE gac.local_graph_id = '" . $_GET["local_graph_id"] . "'),0) + 1)";
db_execute("REPLACE INTO graph_access_counter VALUES('" . $_GET["local_graph_id"] . "', {$count}, '" . $ip_hash . "', NOW(),'')");
}
}
/* modify for multi user end */
if (!isset($_GET['rra_id'])) {
$_GET['rra_id'] = 'all';
}