$min_user_type = USER_TYPE_ZABBIX_ADMIN;
break;
case 'scripts':
$page['title'] = _('Global scripts');
$min_user_type = USER_TYPE_ZABBIX_ADMIN;
break;
default:
$page['title'] = _('Error');
$error = true;
break;
}
$page['file'] = 'popup.php';
define('ZBX_PAGE_NO_MENU', 1);
require_once dirname(__FILE__) . '/include/page_header.php';
if (isset($error)) {
invalid_url();
}
if ($min_user_type > CWebUser::$data['type']) {
access_deny();
}
/*
* Fields
*/
// allowed 'srcfld*' parameter values for each 'srctbl' value
$allowedSrcFields = array('users' => '"usergrpid", "alias", "fullname", "userid"', 'triggers' => '"description", "triggerid", "expression"', 'items' => '"itemid", "name"', 'prototypes' => '"itemid", "name", "flags"', 'graphs' => '"graphid", "name"', 'sysmaps' => '"sysmapid", "name"', 'slides' => '"slideshowid"', 'help_items' => '"key"', 'screens' => '"screenid"', 'screens2' => '"screenid", "name"', 'nodes' => '"nodeid", "name"', 'drules' => '"druleid", "name"', 'dchecks' => '"dcheckid", "name"', 'proxies' => '"hostid", "host"', 'usrgrp' => '"usrgrpid", "name"', 'applications' => '"applicationid", "name"', 'scripts' => '"scriptid", "name"', 'hosts' => '"hostid", "host"', 'templates' => '"hostid", "host"', 'host_templates' => '"hostid", "host"', 'host_groups' => '"groupid", "name"');
// VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION
$fields = array('dstfrm' => array(T_ZBX_STR, O_OPT, P_SYS, NOT_EMPTY, '!isset({multiselect})'), 'dstfld1' => array(T_ZBX_STR, O_OPT, P_SYS, NOT_EMPTY, '!isset({multiselect})'), 'srctbl' => array(T_ZBX_STR, O_MAND, P_SYS, NOT_EMPTY, null), 'srcfld1' => array(T_ZBX_STR, O_MAND, P_SYS, IN($allowedSrcFields[$_REQUEST['srctbl']]), null), 'nodeid' => array(T_ZBX_INT, O_OPT, P_SYS, DB_ID, null), 'groupid' => array(T_ZBX_INT, O_OPT, P_SYS, DB_ID, null), 'group' => array(T_ZBX_STR, O_OPT, null, null, null), 'hostid' => array(T_ZBX_INT, O_OPT, P_SYS, DB_ID, null), 'host' => array(T_ZBX_STR, O_OPT, null, null, null), 'parent_discoveryid' => array(T_ZBX_INT, O_OPT, P_SYS, DB_ID, null), 'screenid' => array(T_ZBX_INT, O_OPT, P_SYS, DB_ID, null), 'templates' => array(T_ZBX_STR, O_OPT, null, NOT_EMPTY, null), 'host_templates' => array(T_ZBX_STR, O_OPT, null, NOT_EMPTY, null), 'multiselect' => array(T_ZBX_INT, O_OPT, null, null, null), 'submit' => array(T_ZBX_STR, O_OPT, null, null, null), 'excludeids' => array(T_ZBX_STR, O_OPT, null, null, null), 'only_hostid' => array(T_ZBX_INT, O_OPT, P_SYS, DB_ID, null), 'monitored_hosts' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'templated_hosts' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'real_hosts' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'normal_only' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'with_applications' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'with_graphs' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'with_items' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'with_simple_graph_items' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'with_triggers' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'with_monitored_triggers' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'itemtype' => array(T_ZBX_INT, O_OPT, null, null, null), 'value_types' => array(T_ZBX_INT, O_OPT, null, BETWEEN(0, 15), null), 'numeric' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'reference' => array(T_ZBX_STR, O_OPT, null, null, null), 'writeonly' => array(T_ZBX_STR, O_OPT, null, null, null), 'noempty' => array(T_ZBX_STR, O_OPT, null, null, null), 'select' => array(T_ZBX_STR, O_OPT, P_SYS | P_ACT, null, null), 'submitParent' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null));
// unset disabled item types
$allowed_item_types = array(ITEM_TYPE_ZABBIX, ITEM_TYPE_ZABBIX_ACTIVE, ITEM_TYPE_SIMPLE, ITEM_TYPE_INTERNAL, ITEM_TYPE_AGGREGATE, ITEM_TYPE_SNMPTRAP);
if (isset($_REQUEST['itemtype']) && !str_in_array($_REQUEST['itemtype'], $allowed_item_types)) {
unset($_REQUEST['itemtype']);
function check_fields(&$fields, $show_messages = true)
{
global $system_fields;
$err = ZBX_VALID_OK;
$fields = array_merge($fields, $system_fields);
foreach ($fields as $field => $checks) {
$err |= check_field($fields, $field, $checks);
}
unset_not_in_list($fields);
unset_if_zero($fields);
if ($err != ZBX_VALID_OK) {
unset_action_vars($fields);
}
$fields = null;
if ($err & ZBX_VALID_ERROR) {
invalid_url();
}
if ($show_messages) {
show_messages();
}
return $err == ZBX_VALID_OK ? 1 : 0;
}
function check_fields(&$fields, $show_messages = true)
{
// VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION
$system_fields = array('sid' => array(T_ZBX_STR, O_OPT, P_SYS, HEX(), null), 'triggers_hash' => array(T_ZBX_STR, O_OPT, P_SYS, NOT_EMPTY, null), 'print' => array(T_ZBX_INT, O_OPT, P_SYS, IN('1'), null), 'page' => array(T_ZBX_INT, O_OPT, P_SYS, null, null), 'ddreset' => array(T_ZBX_INT, O_OPT, P_SYS, null, null));
$fields = zbx_array_merge($system_fields, $fields);
$err = ZBX_VALID_OK;
foreach ($fields as $field => $checks) {
$err |= check_field($fields, $field, $checks);
}
unset_not_in_list($fields);
unset_if_zero($fields);
if ($err != ZBX_VALID_OK) {
unset_action_vars($fields);
}
$fields = null;
if ($err & ZBX_VALID_ERROR) {
invalid_url();
}
if ($show_messages && $err != ZBX_VALID_OK) {
show_messages($err == ZBX_VALID_OK, null, _('Page received incorrect data'));
}
return $err == ZBX_VALID_OK;
}