public function __construct($CORE = null)
{
if ($CORE === null) {
$this->CORE = GlobalCore::getInstance();
} else {
$this->CORE = $CORE;
}
$this->aRegistered = array();
$this->sPrefix = 'CoreMod';
}
function automap_pos_check_preflight($params)
{
GlobalCore::getInstance()->checkVarFolderWriteable(true);
// Check all possibly used binaries of graphviz
automap_check_graphviz('dot');
automap_check_graphviz('neato');
automap_check_graphviz('twopi');
automap_check_graphviz('circo');
automap_check_graphviz('fdp');
}
public static function chobits_writetocache($script, $cachenames, $cachedata = '', $prefix = '', $cachedir = 'cache')
{
global $authkey, $timestamp, $cache_flag;
$dir = NOWHERE_ROOT . './data/' . $cachedir . '/';
if (!is_dir($dir)) {
@mkdir($dir, 0777);
}
if ($fp = @fopen("{$dir}{$prefix}{$script}.php", 'wb')) {
fwrite($fp, "<?php" . "\n//Created: " . date("M j, Y, G:i") . "\n//Identify: " . md5($prefix . $script . '.php' . $cachedata . $authkey) . "\n\n{$cachedata}?>");
fclose($fp);
} else {
GlobalCore::chobits_exit('<strong>Codename.Chobits</strong><br /><br />Can not write to cache files, please check directory ./data/' . $cachedir);
}
}
require $_nv_core_dir . '/classes/CoreExceptions.php';
require $_nv_core_dir . '/functions/nagvisErrorHandler.php';
define('CONST_AJAX', true);
try {
require $_nv_core_dir . '/functions/core.php';
// Authenticate the user
$SHANDLER = new CoreSessionHandler();
$AUTH = new CoreAuthHandler();
if (!($AUTH->sessionAuthPresent() && $AUTH->isAuthenticatedSession())) {
// ...otherwise try to auth the user
// Logon Module?
// -> Received data to check the auth? Then check auth!
// -> Save to session if logon module told to do so!
$logonModule = 'Core' . cfg('global', 'logonmodule');
$logonModule = $logonModule == 'CoreLogonDialog' ? 'CoreLogonDialogHandler' : $logonModule;
$MODULE = new $logonModule(GlobalCore::getInstance());
$ret = $MODULE->check();
}
if (!$AUTH->isAuthenticated()) {
throw new NagVisException('Not authenticated.');
}
$username = $AUTH->getUser();
if (!isset($_GET['backend_id'])) {
throw new UserInputError('The parameter "backend_id" is missing.');
}
if (!isset($_GET['query'])) {
throw new UserInputError('The parameter "query" is missing.');
}
if (!isset($_GET['type'])) {
$type = 'raw';
} else {
public static function AjaxReferer($location, $referer = 1, $addon = '')
{
$url = GlobalCore::SubURL($_SERVER['REQUEST_URI']);
if ($url['ajax'] == 1) {
GlobalCore::returnAjaxStatus($addon);
} elseif (GlobalCore::nwReferer() && $referer == 1) {
GlobalCore::nwHeader('Location: ' . GlobalCore::nwReferer());
} else {
GlobalCore::nwHeader('Location: ' . $location);
}
}
* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as * published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. * *****************************************************************************/ $CORE = GlobalCore::getInstance(); /* * l() needs to be available in MainCfg initialization and config parsing, * but GlobalLanguage initialization relies on the main configuration in * some parts. * The cleanest way to solve this problem is to skip the i18n in the main * configuration init code until all needed values are initialized and then * initialize the i18n code. */ // ---------------------------------------------------------------------------- $_MAINCFG = new GlobalMainCfg(); $_MAINCFG->init(); /** * This is mainly a short access to config options. In the past the whole * language object method call was used all arround NagVis. This has been * introduced to keep the code shorter
}
$settings = NowhereCore::FetchSettings();
include GlobalCore::template('settings');
} else {
GlobalCore::nwHeader('Location: ' . NWDIR);
}
break;
case 'output':
if ($nw_uid) {
include GlobalCore::template('output');
} else {
GlobalCore::nwHeader('Location: ' . NWDIR);
}
break;
case 'js':
$status = NowhereCore::FetchUserStatus(1, 16, 16, 1);
$url = GlobalCore::SubURL($_SERVER['REQUEST_URI']);
$limit = isset($url['limit']) ? intval(trim($url['limit'])) : 1;
GlobalCore::nwHeader('Content-type: text/javascript; charset=utf-8');
include GlobalCore::template('js');
break;
case 'feed':
$status = NowhereCore::FetchUserStatus(1, 16, 16, 1);
GlobalCore::nwHeader("Content-type: application/xml");
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
include GlobalCore::template('feed');
break;
case 'login':
include GlobalCore::template('login');
break;
}
public static function UpdateSettings()
{
global $db, $nw_uid, $nw_pw, $tablepre, $timestamp, $adminid, $basic_settings, $webservice_settings, $password_old, $password_new, $password_new2;
$define_settings = self::FetchDefineSettings();
foreach ($define_settings as $key) {
$val = GlobalCore::chobits_addslashes(trim($_POST[$key]));
$db->query("REPLACE INTO {$tablepre}settings (variable, value) VALUES ('{$key}', '{$val}')");
}
if ($_POST['nickname']) {
$nickname = GlobalCore::chobits_addslashes(GlobalCore::cutstr(GlobalCore::nwHtmlspecialchars($_POST['nickname']), 25, ''));
$avatar = GlobalCore::chobits_addslashes(GlobalCore::nwHtmlspecialchars($_POST['avatar']));
$db->query("UPDATE {$tablepre}members SET nickname='{$nickname}',avatar='{$avatar}' WHERE uid = '{$nw_uid}'");
$db->query("REPLACE INTO {$tablepre}settings (variable, value) VALUES ('avatar', '{$avatar}')");
}
if ($_POST['password_new']) {
if (md5($password_old) != $nw_pw) {
GlobalCore::showmessage('profile_passwd_wrong', NULL, 'HALTED');
}
if ($password_new) {
if ($password_new != addslashes($password_new)) {
GlobalCore::showmessage('profile_passwd_illegal');
} elseif ($password_new != $password_new2) {
GlobalCore::showmessage('profile_passwd_notmatch');
}
$newpasswd = md5($password_new);
$db->query("UPDATE {$tablepre}members SET password ='******' WHERE uid = '{$nw_uid}'");
GlobalCore::showmessage('password_set_succeed', NWDIR . '/login', 'DONE');
}
}
self::UpdateSettingsCache();
GlobalCore::nwHeader('Location: ' . NWDIR . '/settings');
}
public function createInitialDb()
{
$this->query('CREATE TABLE users (userId INTEGER, name VARCHAR(100), password VARCHAR(40), PRIMARY KEY(userId), UNIQUE(name))');
$this->query('CREATE TABLE roles (roleId INTEGER, name VARCHAR(100), PRIMARY KEY(roleId), UNIQUE(name))');
$this->query('CREATE TABLE perms (permId INTEGER, mod VARCHAR(100), act VARCHAR(100), obj VARCHAR(100), PRIMARY KEY(permId), UNIQUE(mod,act,obj))');
$this->query('CREATE TABLE users2roles (userId INTEGER, roleId INTEGER, PRIMARY KEY(userId, roleId))');
$this->query('CREATE TABLE roles2perms (roleId INTEGER, permId INTEGER, PRIMARY KEY(roleId, permId))');
$this->createVersionTable();
// If running in OMD create the 'omdadmin' user instead of 'admin'
if (GlobalCore::getInstance()->omdSite() !== null) {
$this->query('INSERT INTO users (userId, name, password) VALUES (1, \'omdadmin\', \'051e0bbcfb79ea2a3ce5c487cc111051aac51ae8\')');
} else {
$this->query('INSERT INTO users (userId, name, password) VALUES (1, \'admin\', \'868103841a2244768b2dbead5dbea2b533940e20\')');
}
$this->query('INSERT INTO users (userId, name, password) VALUES (2, \'guest\', \'a4e74a1d28ec981c945310d87f8d7b535d794cd2\')');
$this->query('INSERT INTO roles (roleId, name) VALUES (1, \'Administrators\')');
$this->query('INSERT INTO roles (roleId, name) VALUES (2, \'Users (read-only)\')');
$this->query('INSERT INTO roles (roleId, name) VALUES (3, \'Guests\')');
$this->query('INSERT INTO roles (roleId, name) VALUES (4, \'Managers\')');
// Access controll: Full access to everything
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'*\', \'*\', \'*\')');
// Access controll: Overview module levels
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'Overview\', \'view\', \'*\')');
// Access controll: Access to all General actions
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'General\', \'*\', \'*\')');
// Create permissions for Action/peform/*
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'Action\', \'perform\', \'*\')');
// Access controll: Map module levels for the demo maps
foreach (GlobalCore::getInstance()->demoMaps as $map) {
$this->createMapPermissions($map);
}
// Access controll: Rotation module levels for rotation "demo"
$this->createRotationPermissions('demo');
// Access controll: Change user options
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'User\', \'setOption\', \'*\')');
// Access controll: Change own password
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'ChangePassword\', \'change\', \'*\')');
// Access controll: View maps via multisite
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'Multisite\', \'getMaps\', \'*\')');
// Access controll: Search objects on maps
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'Search\', \'view\', \'*\')');
// Access controll: Authentication: Logout
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'Auth\', \'logout\', \'*\')');
// Access controll: Summary permissions for viewing/editing/deleting all maps
$this->createMapPermissions('*');
// Access controll: Rotation module levels for viewing all rotations
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'Rotation\', \'view\', \'*\')');
// Access controll: Manage users
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'UserMgmt\', \'manage\', \'*\')');
// Access controll: Manage roles
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'RoleMgmt\', \'manage\', \'*\')');
// Access control: WUI Management pages
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'ManageBackgrounds\', \'manage\', \'*\')');
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'ManageShapes\', \'manage\', \'*\')');
// Access controll: Edit/Delete maps
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'Map\', \'manage\', \'*\')');
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'Map\', \'add\', \'*\')');
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'MainCfg\', \'edit\', \'*\')');
// Access control: View URLs e.g. in rotation pools
$this->query('INSERT INTO perms (mod, act, obj) VALUES (\'Url\', \'view\', \'*\')');
// Assign the new permission to the managers, users, guests
$RES = $this->query('SELECT roleId FROM roles WHERE name=\'Managers\' or name=\'Users (read-only)\' or name=\'Guests\'');
while ($data = $this->fetchAssoc($RES)) {
$this->addRolePerm($data['roleId'], 'Url', 'view', '*');
}
/*
* Administrators handling
*/
$data = $this->fetchAssoc($this->query('SELECT roleId FROM roles WHERE name=\'Administrators\''));
// Role assignment: admin => Administrators
$this->query('INSERT INTO users2roles (userId, roleId) VALUES (1, ' . $data['roleId'] . ')');
// Access assignment: Administrators => * * *
$this->addRolePerm($data['roleId'], '*', '*', '*');
/*
* Managers handling
*/
$data = $this->fetchAssoc($this->query('SELECT roleId FROM roles WHERE name=\'Managers\''));
// Permit all actions in General module
$this->addRolePerm($data['roleId'], 'General', '*', '*');
// Managers are allowed to perform actions
$this->addRolePerm($data['roleId'], 'Action', 'perform', '*');
// Access assignment: Managers => Allowed to update user options
$this->addRolePerm($data['roleId'], 'User', 'setOption', '*');
// Access assignment: Managers => Allowed to edit/delete all maps
$this->addRolePerm($data['roleId'], 'Map', 'manage', '*');
$this->addRolePerm($data['roleId'], 'Map', 'delete', '*');
$this->addRolePerm($data['roleId'], 'Map', 'edit', '*');
// Access assignment: Managers => Allowed to create maps
$this->addRolePerm($data['roleId'], 'Map', 'add', '*');
// Access assignment: Managers => Allowed to manage backgrounds and shapes
$this->addRolePerm($data['roleId'], 'ManageBackgrounds', 'manage', '*');
$this->addRolePerm($data['roleId'], 'ManageShapes', 'manage', '*');
// Access assignment: Managers => Allowed to view the overview
$this->addRolePerm($data['roleId'], 'Overview', 'view', '*');
// Access assignment: Managers => Allowed to view all maps
$this->addRolePerm($data['roleId'], 'Map', 'view', '*');
// Access assignment: Managers => Allowed to view all rotations
$this->addRolePerm($data['roleId'], 'Rotation', 'view', '*');
// Access assignment: Managers => Allowed to change their passwords
$this->addRolePerm($data['roleId'], 'ChangePassword', 'change', '*');
// Access assignment: Managers => Allowed to view their maps via multisite
$this->addRolePerm($data['roleId'], 'Multisite', 'getMaps', '*');
// Access assignment: Managers => Allowed to search objects
$this->addRolePerm($data['roleId'], 'Search', 'view', '*');
// Access assignment: Managers => Allowed to logout
$this->addRolePerm($data['roleId'], 'Auth', 'logout', '*');
/*
* Users handling
*/
$data = $this->fetchAssoc($this->query('SELECT roleId FROM roles WHERE name=\'Users (read-only)\''));
// Users are allowed to perform actions
$this->addRolePerm($data['roleId'], 'Action', 'perform', '*');
// Permit all actions in General module
$this->addRolePerm($data['roleId'], 'General', '*', '*');
// Access assignment: Users => Allowed to update user options
$this->addRolePerm($data['roleId'], 'User', 'setOption', '*');
// Access assignment: Users => Allowed to view the overview
$this->addRolePerm($data['roleId'], 'Overview', 'view', '*');
// Access assignment: Users => Allowed to view all maps
$this->addRolePerm($data['roleId'], 'Map', 'view', '*');
// Access assignment: Users => Allowed to view all rotations
$this->addRolePerm($data['roleId'], 'Rotation', 'view', '*');
// Access assignment: Users => Allowed to change their passwords
$this->addRolePerm($data['roleId'], 'ChangePassword', 'change', '*');
// Access assignment: Users => Allowed to view their maps via multisite
$this->addRolePerm($data['roleId'], 'Multisite', 'getMaps', '*');
// Access assignment: Users => Allowed to search objects
$this->addRolePerm($data['roleId'], 'Search', 'view', '*');
// Access assignment: Users => Allowed to logout
$this->addRolePerm($data['roleId'], 'Auth', 'logout', '*');
/*
* Guest handling
*/
$data = $this->fetchAssoc($this->query('SELECT roleId FROM roles WHERE name=\'Guests\''));
// Role assignment: guest => Guests
$this->query('INSERT INTO users2roles (userId, roleId) VALUES (2, ' . $data['roleId'] . ')');
// Permit all actions in General module
$this->addRolePerm($data['roleId'], 'General', '*', '*');
// Access assignment: Guests => Allowed to update user options
$this->addRolePerm($data['roleId'], 'User', 'setOption', '*');
// Access assignment: Guests => Allowed to view the overview
$this->addRolePerm($data['roleId'], 'Overview', 'view', '*');
// Access assignment: Guests => Allowed to view their maps via multisite
$this->addRolePerm($data['roleId'], 'Multisite', 'getMaps', '*');
// Access assignment: Guests => Allowed to view the demo maps
foreach (GlobalCore::getInstance()->demoMaps as $map) {
$this->addRolePerm($data['roleId'], 'Map', 'view', $map);
}
// Access assignment: Guests => Allowed to view the demo rotation
$this->addRolePerm($data['roleId'], 'Rotation', 'view', 'demo');
// Access assignment: Guests => Allowed to change their passwords
$this->addRolePerm($data['roleId'], 'ChangePassword', 'change', '*');
// Access assignment: Guests => Allowed to search objects
$this->addRolePerm($data['roleId'], 'Search', 'view', '*');
// Access assignment: Guests => Allowed to logout
$this->addRolePerm($data['roleId'], 'Auth', 'logout', '*');
}
}
$_DSESSION['dateformat'] = empty($_DSESSION['dateformat']) ? $_CHOBITS['settings']['dateformat'] : $_DSESSION['dateformat'];
$_DSESSION['timeformat'] = empty($_DSESSION['timeformat']) ? $_CHOBITS['settings']['timeformat'] : ($_DSESSION['timeformat'] == 1 ? 'h:i A' : 'H:i');
$_DSESSION['timeoffset'] = isset($_DSESSION['timeoffset']) && $_DSESSION['timeoffset'] != 9999 ? $_DSESSION['timeoffset'] : $_CHOBITS['settings']['timeoffset'];
$membertablefields = '';
@extract($_DSESSION);
$lastvisit = empty($lastvisit) ? $timestamp - 86400 : $lastvisit;
$timenow = array('time' => gmdate("{$dateformat} {$timeformat}", $timestamp + 3600 * $timeoffset), 'offset' => $timeoffset >= 0 ? $timeoffset == 0 ? '' : '+' . $timeoffset : $timeoffset);
if (PHP_VERSION > '5.1') {
@date_default_timezone_set('Etc/GMT' . ($timeoffset > 0 ? '-' : '+') . abs($timeoffset));
}
if (empty($nw_uid) || empty($nw_user)) {
$show_cloud = 0;
$nw_user = $nw_nick = '';
$nw_uid = $adminid = 0;
$groupid = empty($groupid) || $groupid != 6 ? 7 : 6;
} else {
$nw_userss = $nw_user;
$nw_user = addslashes($nw_user);
$nw_nick = addslashes($nw_nick);
}
if ($errorreport == 2 || $errorreport == 1 && $adminid > 0) {
error_reporting(E_ERROR | E_WARNING | E_PARSE);
}
define('FORMHASH', GlobalCore::formhash());
$rsshead = $navtitle = $navigation = '';
$_DSESSION['groupid'] = $groupid = empty($ipbanned) ? empty($groupid) ? 7 : intval($groupid) : 6;
if (empty($_DCOOKIE['sid']) || $sid != $_DCOOKIE['sid']) {
GlobalCore::chobits_setcookie('sid', $sid, 604800);
}
}
/**
* Loads the hostname to object_id mapping table from the central file
*/
function automap_load_object_ids()
{
global $automap_object_id_file, $automap_object_ids;
if (!isset($automap_object_ids[0])) {
if (GlobalCore::getInstance()->checkExisting($automap_object_id_file, false)) {
$automap_object_ids = json_decode(file_get_contents($automap_object_id_file), true);
} else {
$automap_object_ids = array();
}
}
return $automap_object_ids;
}
/**
* Static method for getting the instance
*
* @author Lars Michelsen <*****@*****.**>
*/
public static function getInstance()
{
if (self::$instance === null) {
self::$instance = new self();
}
return self::$instance;
}
$PHP_SELF = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
$SCRIPT_FILENAME = str_replace('\\\\', '/', isset($_SERVER['PATH_TRANSLATED']) ? $_SERVER['PATH_TRANSLATED'] : $_SERVER['SCRIPT_FILENAME']);
if (getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
$onlineip = getenv('HTTP_CLIENT_IP');
} elseif (getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
$onlineip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
$onlineip = getenv('REMOTE_ADDR');
} elseif (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
$onlineip = $_SERVER['REMOTE_ADDR'];
}
preg_match("/[\\d\\.]{7,15}/", $onlineip, $onlineipmatches);
$onlineip = $onlineipmatches[0] ? $onlineipmatches[0] : 'unknown';
unset($onlineipmatches);
require_once NOWHERE_ROOT . './inc/Settings.inc.php';
@extract($_CHOBITS['settings']);
@(include NOWHERE_ROOT . './data/cache/nowhere_settings.php');
@extract($nowhere_settings);
//&& AJAX_CORE != 1
if ($gzipcompress && function_exists('ob_gzhandler')) {
ob_start('ob_gzhandler');
} else {
$gzipcompress = 0;
ob_start();
}
$db = new dbstuff();
$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset);
if (SYSTEM_UPDATE == 1 && !in_array($adminid, array(1, 2, 3))) {
include GlobalCore::template('system_update');
exit;
}
} else {
$md5_password = md5($password);
$password = preg_replace("/^(.{" . round(strlen($password) / 4) . "})(.+?)(.{" . round(strlen($password) / 6) . "})\$/s", "\\1***\\3", $password);
}
if (preg_match("%^[A-Za-z][A-Za-z0-9]*_?[A-Za-z0-9]*\$%i", $email)) {
$where = "m.username = '******'";
} else {
$where = "m.email = '{$email}'";
}
$query = $db->query("SELECT m.uid AS nw_uid, m.username AS nw_user, m.nickname AS nw_nick,m.password AS nw_pw,\r\n\t\t\t\t\tm.adminid, m.groupid, m.lastvisit\r\n\t\t\t\t\tFROM {$tablepre}members m\r\n\t\t\t\t\tWHERE {$where}");
$member = $db->fetch_array($query);
if ($member['nw_uid'] && $member['nw_pw'] == $md5_password) {
extract($member);
$nw_userss = $nw_user;
$nw_user = addslashes($nw_user);
$nw_nick = addslashes($nw_nick);
$styleid = 1;
$cookietime = intval(isset($_POST['cookietime']) ? $_POST['cookietime'] : ($_DCOOKIE['cookietime'] ? $_DCOOKIE['cookietime'] : 0));
GlobalCore::chobits_setcookie('cookietime', $cookietime, 31536000);
GlobalCore::chobits_setcookie('auth', GlobalCore::authcode("{$nw_pw}\t{$nw_uid}", 'ENCODE'), $cookietime);
$sessionexists = 0;
GlobalCore::showmessage('login_succeed', NWDIR, 'DONE');
}
$errorlog = GlobalCore::nwHtmlspecialchars($timestamp . "\t" . ($member['nw_user'] ? $member['nw_user'] : stripslashes($username)) . "\t" . $password . "\t" . $onlineip);
GlobalCore::writelog('illegallog', $errorlog);
GlobalCore::loginfailed($loginperm);
GlobalCore::showmessage('login_invalid', NWDIR . '/login', 'HALTED');
}
} else {
GlobalCore::showmessage('undefined_action');
}
}
// Loading NagVis authentication type from options
$single_nagvis_user = $centreon_nagvis_auth === 'single';
/* Fix bad usage */
$_SERVER['SCRIPT_FILENAME'] = $nagvis_path . 'frontend/nagvis-js/index.php';
$tmpdir = getcwd();
chdir($nagvis_path . 'frontend/nagvis-js/');
// We now know where NagVis is located, so we can load it
require_once $nagvis_path . 'server/core/defines/global.php';
require_once $nagvis_path . 'server/core/defines/matches.php';
require_once $nagvis_path . 'server/core/functions/autoload.php';
require_once $nagvis_path . 'server/core/classes/CoreExceptions.php';
require_once $nagvis_path . 'server/core/functions/nagvisErrorHandler.php';
require_once $nagvis_path . 'server/core/functions/core.php';
/* Init NagVis */
$core = GlobalCore::getInstance();
if ($single_nagvis_user) {
// Same user for all, read from options
$userCentreon = $centreon_nagvis_single_user;
} else {
// User connected in Centreon
$userCentreon = $centreon->user->alias;
}
$error = '';
$listMap = array();
/*
* Create nagvis session to get list of available maps for the user
*/
$AUTH = new CoreAuthHandler();
if ($AUTH->checkUserExists($userCentreon)) {
$credential = array('user' => $userCentreon);
/**
* Checks for writeable config file
*
* @param Boolean $printErr
* @return Boolean Is Successful?
* @author Lars Michelsen <*****@*****.**>
*/
function checkNagVisConfigWriteable($printErr)
{
return GlobalCore::getInstance()->checkWriteable($this->configFiles[count($this->configFiles) - 1], $printErr);
}
public function createInitialDb()
{
$this->query('CREATE TABLE users (userId INTEGER AUTO_INCREMENT, name VARCHAR(100), password VARCHAR(40), PRIMARY KEY(userId), UNIQUE(name))');
$this->query('CREATE TABLE roles (roleId INTEGER AUTO_INCREMENT, name VARCHAR(100), PRIMARY KEY(roleId), UNIQUE(name))');
$this->query('CREATE TABLE perms (`permId` INTEGER AUTO_INCREMENT, `mod` VARCHAR(100), `act` VARCHAR(100), `obj` VARCHAR(100), PRIMARY KEY(`permId`), UNIQUE(`mod`, `act`, `obj`))');
$this->query('CREATE TABLE users2roles (userId INTEGER, roleId INTEGER, PRIMARY KEY(userId, roleId))');
$this->query('CREATE TABLE roles2perms (roleId INTEGER, permId INTEGER, PRIMARY KEY(roleId, permId))');
$this->query('CREATE TABLE version (version VARCHAR(100), PRIMARY KEY(version))');
$this->query('INSERT INTO version (version) VALUES (\'' . CONST_VERSION . '\')');
$this->query('INSERT INTO users (userId, name, password) VALUES (1, \'admin\', \'868103841a2244768b2dbead5dbea2b533940e20\')');
$this->query('INSERT INTO users (userId, name, password) VALUES (2, \'guest\', \'7f09c620da83db16ef9b69abfb8edd6b849d2d2b\')');
$this->query('INSERT INTO roles (roleId, name) VALUES (1, \'Administrators\')');
$this->query('INSERT INTO roles (roleId, name) VALUES (2, \'Users (read-only)\')');
$this->query('INSERT INTO roles (roleId, name) VALUES (3, \'Guests\')');
$this->query('INSERT INTO roles (roleId, name) VALUES (4, \'Managers\')');
// Access controll: Full access to everything
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'*\', \'*\', \'*\')');
// Access controll: Overview module levels
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'Overview\', \'view\', \'*\')');
// Access controll: Access to all General actions
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'General\', \'*\', \'*\')');
// Create permissions for Action/peform/*
$this->createPerm('Action', 'perform', '*');
// Access controll: Map module levels for demo maps
foreach (GlobalCore::getInstance()->demoMaps as $map) {
$this->createMapPermissions($map);
}
// Access controll: Rotation module levels for rotation "demo"
$this->createRotationPermissions('demo');
// Access controll: Change own password
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'ChangePassword\', \'change\', \'*\')');
// Access controll: View maps via multisite
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'Multisite\', \'getMaps\', \'*\')');
// Access controll: Search objects on maps
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'Search\', \'view\', \'*\')');
// Access controll: Authentication: Logout
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'Auth\', \'logout\', \'*\')');
// Access controll: Summary permissions for viewing/editing/deleting all maps
$this->createMapPermissions('*');
// Access controll: Rotation module levels for viewing all rotations
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'Rotation\', \'view\', \'*\')');
// Access controll: Manage users
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'UserMgmt\', \'manage\', \'*\')');
// Access controll: Manage roles
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'RoleMgmt\', \'manage\', \'*\')');
// Access control: WUI Management pages
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'ManageBackgrounds\', \'manage\', \'*\')');
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'ManageShapes\', \'manage\', \'*\')');
// Access controll: Edit/Delete maps
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'Map\', \'manage\', \'*\')');
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'Map\', \'add\', \'*\')');
// Access control: View URLs e.g. in rotation pools
$this->query('INSERT INTO perms (`mod`, `act`, obj) VALUES (\'Url\', \'view\', \'*\')');
// Assign the new permission to the managers, users, guests
$RES = $this->query('SELECT roleId FROM roles WHERE name=\'Managers\' or name=\'Users (read-only)\' or name=\'Guests\'');
while ($data = $this->fetchAssoc($RES)) {
$this->addRolePerm($data['roleId'], 'Url', 'view', '*');
}
/*
* Administrators handling
*/
$data = $this->fetchAssoc($this->query('SELECT roleId FROM roles WHERE name=\'Administrators\''));
// Role assignment: admin => Administrators
$this->query('INSERT INTO users2roles (userId, roleId) VALUES (1, ' . $data['roleId'] . ')');
// Access assignment: Administrators => * * *
$this->addRolePerm($data['roleId'], '*', '*', '*');
/*
* Managers handling
*/
$data = $this->fetchAssoc($this->query('SELECT roleId FROM roles WHERE name=\'Managers\''));
// Permit all actions in General module
$this->addRolePerm($data['roleId'], 'General', '*', '*');
// Managers are allowed to perform actions
$this->addRolePerm($data['roleId'], 'Action', 'perform', '*');
// Access assignment: Managers => Allowed to edit/delete all maps
$this->addRolePerm($data['roleId'], 'Map', 'manage', '*');
$this->addRolePerm($data['roleId'], 'Map', 'delete', '*');
$this->addRolePerm($data['roleId'], 'Map', 'edit', '*');
// Access assignment: Managers => Allowed to create maps
$this->addRolePerm($data['roleId'], 'Map', 'add', '*');
// Access assignment: Managers => Allowed to manage backgrounds and shapes
$this->addRolePerm($data['roleId'], 'ManageBackgrounds', 'manage', '*');
$this->addRolePerm($data['roleId'], 'ManageShapes', 'manage', '*');
// Access assignment: Managers => Allowed to view the overview
$this->addRolePerm($data['roleId'], 'Overview', 'view', '*');
// Access assignment: Managers => Allowed to view all maps
$this->addRolePerm($data['roleId'], 'Map', 'view', '*');
// Access assignment: Managers => Allowed to view all rotations
$this->addRolePerm($data['roleId'], 'Rotation', 'view', '*');
// Access assignment: Managers => Allowed to change their passwords
$this->addRolePerm($data['roleId'], 'ChangePassword', 'change', '*');
// Access assignment: Managers => Allowed to view their maps via multisite
$this->addRolePerm($data['roleId'], 'Multisite', 'getMaps', '*');
// Access assignment: Managers => Allowed to search objects
$this->addRolePerm($data['roleId'], 'Search', 'view', '*');
// Access assignment: Managers => Allowed to logout
$this->addRolePerm($data['roleId'], 'Auth', 'logout', '*');
/*
* Users handling
*/
$data = $this->fetchAssoc($this->query('SELECT roleId FROM roles WHERE name=\'Users (read-only)\''));
// Permit all actions in General module
$this->addRolePerm($data['roleId'], 'General', '*', '*');
// Users are allowed to perform actions
$this->addRolePerm($data['roleId'], 'Action', 'perform', '*');
// Access assignment: Users => Allowed to view the overview
$this->addRolePerm($data['roleId'], 'Overview', 'view', '*');
// Access assignment: Users => Allowed to view all maps
$this->addRolePerm($data['roleId'], 'Map', 'view', '*');
// Access assignment: Users => Allowed to view all rotations
$this->addRolePerm($data['roleId'], 'Rotation', 'view', '*');
// Access assignment: Users => Allowed to change their passwords
$this->addRolePerm($data['roleId'], 'ChangePassword', 'change', '*');
// Access assignment: Users => Allowed to view their maps via multisite
$this->addRolePerm($data['roleId'], 'Multisite', 'getMaps', '*');
// Access assignment: Users => Allowed to search objects
$this->addRolePerm($data['roleId'], 'Search', 'view', '*');
// Access assignment: Users => Allowed to logout
$this->addRolePerm($data['roleId'], 'Auth', 'logout', '*');
/*
* Guest handling
*/
$data = $this->fetchAssoc($this->query('SELECT roleId FROM roles WHERE name=\'Guests\''));
// Role assignment: guest => Guests
$this->query('INSERT INTO users2roles (userId, roleId) VALUES (2, ' . $data['roleId'] . ')');
// Permit all actions in General module
$this->addRolePerm($data['roleId'], 'General', '*', '*');
// Access assignment: Guests => Allowed to view the overview
$this->addRolePerm($data['roleId'], 'Overview', 'view', '*');
// Access assignment: Guests => Allowed to view the demo maps
foreach (GlobalCore::getInstance()->demoMaps as $map) {
$this->addRolePerm($data['roleId'], 'Map', 'view', $map);
}
// Access assignment: Guests => Allowed to view the demo rotation
$this->addRolePerm($data['roleId'], 'Rotation', 'view', 'demo');
// Access assignment: Guests => Allowed to change their passwords
$this->addRolePerm($data['roleId'], 'ChangePassword', 'change', '*');
// Access assignment: Guests => Allowed to view their maps via multisite
$this->addRolePerm($data['roleId'], 'Multisite', 'getMaps', '*');
// Access assignment: Guests => Allowed to search objects
$this->addRolePerm($data['roleId'], 'Search', 'view', '*');
// Access assignment: Guests => Allowed to logout
$this->addRolePerm($data['roleId'], 'Auth', 'logout', '*');
}
/**
* PRIVATE checkTemplateExists()
*
* Checks if the requested hover template file exists
*
* @param Boolean Switch for enabling/disabling error messages
* @return Boolean Check Result
* @author Lars Michelsen <*****@*****.**>
*/
private function checkTemplateExists($printErr)
{
return GlobalCore::getInstance()->checkExisting($this->pathTemplateFile, $printErr);
}
public static function GenUserPortraits($pic, $filename, $pic_target, $pic_ext)
{
global $nw_uid;
$img_info = getimagesize($pic_target);
$pic_d = AVATAR_DIR . '/l/' . GlobalCore::mkdir_by_uid($nw_uid, NOWHERE_ROOT . AVATAR_DIR . '/l') . '/' . $filename . '.jpg';
$pic_m = AVATAR_DIR . '/m/' . GlobalCore::mkdir_by_uid($nw_uid, NOWHERE_ROOT . AVATAR_DIR . '/m') . '/' . $filename . '.jpg';
$pic_s = AVATAR_DIR . '/s/' . GlobalCore::mkdir_by_uid($nw_uid, NOWHERE_ROOT . AVATAR_DIR . '/s') . '/' . $filename . '.jpg';
@ImageCore::vxResize($pic, $pic_d, 75, 75, 1 | 4, 2);
@ImageCore::vxResize($pic, $pic_m, 48, 48, 1 | 4, 2);
@ImageCore::vxResize($pic, $pic_s, 32, 32, 1 | 4, 2);
if ($pic_ext != 'jpg') {
@unlink($pic_target);
}
}
$errlog[$log[0]] = $log[1];
}
}
fclose($fp);
}
if(!in_array($dberrno, $errlog)) {
$errlog[$timestamp] = $dberrno;
@$fp = fopen(NOWHERE_ROOT.'./forumdata/dberror.log', 'w');
@flock($fp, 2);
foreach(array_unique($errlog) as $dateline => $errno) {
@fwrite($fp, "$dateline\t$errno");
}
@fclose($fp);
if(function_exists('errorlog')) {
errorlog('MySQL', basename($GLOBALS['_SERVER']['PHP_SELF'])." : $dberror - ".GlobalCore::cutstr($sql, 120), 0);
}
if($GLOBALS['dbreport']) {
echo "<br><br>An error report has been dispatched to our administrator.";
}
} else {
echo '<br><br>Similar error report has beed dispatched to administrator before.';
}
}
echo '</p>';
function_exists('chobits_exit') ? chobits_exit() : exit();
/**
* Checks for existing cache file
*
* @param Boolean $printErr
* @return Boolean Is Successful?
* @author Lars Michelsen <*****@*****.**>
*/
private function checkCacheFileExists($printErr)
{
return GlobalCore::getInstance()->checkExisting($this->cacheFile, $printErr);
}
