function dispatchImageRequest()
{
genericAssertion('img', 'string');
global $pageno, $tabno;
switch ($_REQUEST['img']) {
case 'minirack':
// rack security context
$pageno = 'rack';
$tabno = 'default';
fixContext();
assertPermission();
dispatchMiniRackThumbRequest(getBypassValue());
break;
case 'midirack':
// rack security context
$pageno = 'rack';
$tabno = 'default';
fixContext();
assertPermission();
genericAssertion('scale', 'uint');
# Scaling implies no caching, there is no special dispatching.
header('Content-type: image/png');
printRackThumbImage(getBypassValue(), $_REQUEST['scale']);
break;
case 'preview':
// file security context
$pageno = 'file';
$tabno = 'download';
fixContext();
assertPermission();
renderImagePreview(getBypassValue());
break;
case 'cactigraph':
$pageno = 'object';
$tabno = 'cacti';
fixContext();
assertPermission();
genericAssertion('server_id', 'uint');
genericAssertion('graph_id', 'uint');
if (!array_key_exists($_REQUEST['graph_id'], getCactiGraphsForObject(getBypassValue()))) {
throw new InvalidRequestArgException('graph_id', $_REQUEST['graph_id']);
}
proxyCactiRequest($_REQUEST['server_id'], $_REQUEST['graph_id']);
break;
case 'muningraph':
$pageno = 'object';
$tabno = 'munin';
fixContext();
assertPermission();
genericAssertion('server_id', 'uint');
genericAssertion('graph', 'string');
if (!array_key_exists($_REQUEST['graph'], getMuninGraphsForObject(getBypassValue()))) {
throw new InvalidRequestArgException('graph', $_REQUEST['graph']);
}
proxyMuninRequest($_REQUEST['server_id'], $_REQUEST['graph']);
break;
default:
renderErrorImage();
}
}
function dispatchImageRequest()
{
genericAssertion('img', 'string');
global $pageno, $tabno;
switch ($_REQUEST['img']) {
case 'minirack':
// rack security context
$pageno = 'rack';
$tabno = 'default';
fixContext();
assertPermission();
renderRackThumb(getBypassValue());
break;
case 'preview':
// file security context
$pageno = 'file';
$tabno = 'download';
fixContext();
assertPermission();
renderImagePreview(getBypassValue());
break;
case 'cactigraph':
$pageno = 'object';
$tabno = 'cacti';
fixContext();
assertPermission();
genericAssertion('graph_id', 'uint');
if (!array_key_exists($_REQUEST['graph_id'], getCactiGraphsForObject(getBypassValue()))) {
throw new InvalidRequestArgException('graph_id', $_REQUEST['graph_id']);
}
proxyCactiRequest($_REQUEST['graph_id']);
break;
default:
renderErrorImage();
}
}
function updateCableIdAJAX()
{
global $sic;
assertUIntArg('id');
assertStringArg('text', TRUE);
$port_info = getPortInfo($sic['id']);
fixContext(spotEntity('object', $port_info['object_id']));
assertPermission('object', 'ports', 'editPort');
if (!$port_info['linked']) {
throw new RackTablesError('Cant update cable ID: port is not linked');
}
if ($port_info['reservation_comment'] !== $sic['text']) {
commitUpdatePortLink($sic['id'], $sic['text']);
}
echo 'OK';
}
function process8021QRecalcRequest()
{
assertPermission(NULL, NULL, NULL, array(array('tag' => '$op_recalc8021Q')));
$counters = recalc8021QPorts(getBypassValue());
if ($counters['ports']) {
showFuncMessage(__FUNCTION__, 'CHANGED', array($counters['ports'], $counters['switches']));
} else {
showNotice('No changes were made');
}
}
function renderPopupIPv4Selector()
{
assertPermission('ipv4space', 'default');
echo '<h2>Choose a port:</h2><br><br>';
echo '<form action="javascript:;">';
echo '<input type=hidden id=ip>';
echo '<select size=' . getConfigVar('MAXSELSIZE') . ' id=addresses>';
$addresses = getAllIPv4Allocations();
usort($addresses, 'sortObjectAddressesAndNames');
foreach ($addresses as $address) {
echo "<option value='{$address['ip']}' onclick='getElementById(\"ip\").value=\"{$address['ip']}\";'>" . "{$address['object_name']} {$address['name']} {$address['ip']}</option>\n";
}
echo '</select><br><br>';
echo "<input type=submit value='Proceed' onclick='" . "if (getElementById(\"ip\")!=\"\") {" . " opener.document.getElementById(\"remoteip\").value=getElementById(\"ip\").value;" . " window.close();}'>";
echo '</form>';
}
function renderPopupHTML()
{
global $pageno, $tabno;
header('Content-Type: text/html; charset=UTF-8');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" style="height: 100%;">
<?php
assertStringArg('helper');
$text = '';
switch ($_REQUEST['helper']) {
case 'objlist':
$pageno = 'object';
$tabno = 'default';
fixContext();
assertPermission();
$text .= getOutputOf('renderPopupObjectSelector');
break;
case 'portlist':
$pageno = 'depot';
$tabno = 'default';
fixContext();
assertPermission();
$text .= '<div style="background-color: #f0f0f0; border: 1px solid #3c78b5; padding: 10px; height: 100%; text-align: center; margin: 5px;">';
if (isset($_REQUEST['do_link'])) {
$text .= getOutputOf('callHook', 'handlePopupPortLink');
} else {
$text .= getOutputOf('callHook', 'renderPopupPortSelector');
}
$text .= '</div>';
break;
case 'inet4list':
$pageno = 'ipv4space';
$tabno = 'default';
fixContext();
assertPermission();
$text .= getOutputOf('renderPopupIPv4Selector');
break;
default:
throw new InvalidRequestArgException('helper', $_REQUEST['helper']);
}
echo '<head><title>RackTables pop-up</title>';
printPageHeaders();
echo '</head>';
echo '<body style="height: 100%;">' . $text . '</body>';
?>
</html>
<?php
}
try {
genericAssertion('op', 'string');
$op = $_REQUEST['op'];
prepareNavigation();
$location = buildRedirectURL();
// FIXME: find a better way to handle this error
if ($op == 'addFile' && !isset($_FILES['file']['error'])) {
throw new RackTablesError('File upload error, check upload_max_filesize in php.ini', RackTablesError::MISCONFIGURED);
}
fixContext();
if (!isset($ophandler[$pageno][$tabno][$op]) or !is_callable($ophandler[$pageno][$tabno][$op])) {
throw new RackTablesError("Invalid navigation data for '{$pageno}-{$tabno}-{$op}'", RackTablesError::INTERNAL);
}
// We have a chance to handle an error before starting HTTP header.
if (!isset($delayauth["{$pageno}-{$tabno}-{$op}"])) {
assertPermission();
}
# Call below does the job of bypass argument assertion, if such is required,
# so the ophandler function doesn't have to re-assert this portion of its
# arguments. And it would be even better to pass returned value to ophandler,
# so it is not necessary to remember the name of bypass in it.
getBypassValue();
if (strlen($redirect_to = call_user_func($ophandler[$pageno][$tabno][$op]))) {
$location = $redirect_to;
}
} catch (InvalidRequestArgException $e) {
ob_clean();
showError($e->getMessage());
} catch (RTDatabaseError $e) {
ob_clean();
showError('Database error: ' . $e->getMessage());
