<?php include_once "./eval_conf.php"; include_once "./functions.php"; include_once "./global.php"; include_once "./dwoo/dwooAutoload.php"; if (!checkAccess(GangliaAcl::ALL_VIEWS, GangliaAcl::VIEW, $conf)) { die("You do not have access to view views."); } $view_name = NULL; if (isset($_GET['vn']) && !is_proper_view_name($_GET['vn'])) { ?> <div class="ui-widget"> <div class="ui-state-default ui-corner-all" styledefault="padding: 0 .7em;"> <p><span class="ui-icon ui-icon-alert" style="float: left; margin-right: .3em;"></span> View names valid characters are 0-9, a-z, A-Z, -, _ and space. View has not been created.</p> </div> </div> <?php exit(0); } else { $view_name = $_GET['vn']; } $viewList = new ViewList(); $dwoo = new Dwoo($conf['dwoo_compiled_dir'], $conf['dwoo_cache_dir']); $tpl = new Dwoo_Template_File(template("view_content.tpl")); $data = new Dwoo_Data(); $size = isset($clustergraphsize) ? $clustergraphsize : 'default'; // set to 'default' to preserve old behavior if ($size == 'medium') { $size = 'default';
<?php include_once "./functions.php"; $cluster_designator = "Cluster Overview"; /////////////////////////////////////////////////////////////////////////////// // Determine which context we are in. Context is not specifically specified // so we have to figure it out ie. if vn(view_name) is present it's the views // context, if cluster name is specified without a hostname it's cluster etc. /////////////////////////////////////////////////////////////////////////////// // Blocking malicious CGI input. $user['clustername'] = isset($_GET["c"]) ? escapeshellcmd(clean_string(rawurldecode($_GET["c"]))) : NULL; $user['gridname'] = isset($_GET["G"]) ? escapeshellcmd(clean_string(rawurldecode($_GET["G"]))) : NULL; $user['viewname'] = ''; if (isset($_GET["vn"]) && is_proper_view_name($_GET["vn"])) { $user['viewname'] = $_GET["vn"]; } if ($conf['case_sensitive_hostnames'] == 1) { $user['hostname'] = isset($_GET["h"]) ? escapeshellcmd(clean_string(rawurldecode($_GET["h"]))) : NULL; } else { $user['hostname'] = isset($_GET["h"]) ? strtolower(escapeshellcmd(clean_string(rawurldecode($_GET["h"])))) : NULL; } $user['range'] = isset($_GET["r"]) && in_array($_GET["r"], array_keys($conf['time_ranges'])) ? escapeshellcmd(rawurldecode($_GET["r"])) : NULL; $user['metricname'] = isset($_GET["m"]) ? escapeshellcmd(clean_string(rawurldecode($_GET["m"]))) : NULL; $user['metrictitle'] = isset($_GET["ti"]) ? escapeshellcmd(clean_string(rawurldecode($_GET["ti"]))) : NULL; $user['sort'] = isset($_GET["s"]) ? escapeshellcmd(clean_string(rawurldecode($_GET["s"]))) : NULL; $user['controlroom'] = isset($_GET["cr"]) ? escapeshellcmd(clean_string(rawurldecode($_GET["cr"]))) : NULL; # Default value set in conf.php, Allow URL to overrride if (isset($_GET["hc"])) { //TODO: shouldn't set $conf from user input. $conf['hostcols'] = clean_number($_GET["hc"]); }