/**
* Log-out the current user.
*/
public static function logout()
{
self::$data['sessionid'] = self::getSessionCookie();
self::$data = API::User()->logout([]);
CSession::destroy();
zbx_unsetcookie('zbx_sessionid');
}
function zbx_flush_post_cookies($unset = false)
{
global $ZBX_PAGE_COOKIES;
if (isset($ZBX_PAGE_COOKIES)) {
foreach ($ZBX_PAGE_COOKIES as $cookie) {
if ($unset) {
zbx_unsetcookie($cookie[0]);
} else {
zbx_setcookie($cookie[0], $cookie[1], $cookie[2]);
}
}
unset($ZBX_PAGE_COOKIES);
}
}
public static function logout()
{
self::$data['sessionid'] = get_cookie('zbx_sessionid');
self::$data = API::User()->logout();
zbx_unsetcookie('zbx_sessionid');
}
**/
require_once dirname(__FILE__) . '/include/config.inc.php';
require_once dirname(__FILE__) . '/include/setup.inc.php';
$page['title'] = _('Installation');
$page['file'] = 'setup.php';
if (!defined('PAGE_HEADER_LOADED') && !defined('ZBX_PAGE_NO_MENU')) {
define('ZBX_PAGE_NO_MENU', 1);
}
define('ZBX_PAGE_NO_THEME', true);
// don't load any themes for this page
// VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION
$fields = array('distributed' => array(T_ZBX_STR, O_OPT, null, null, null), 'trouble' => array(T_ZBX_STR, O_OPT, null, null, null), 'type' => array(T_ZBX_STR, O_OPT, null, IN('"' . ZBX_DB_MYSQL . '","' . ZBX_DB_POSTGRESQL . '","' . ZBX_DB_ORACLE . '","' . ZBX_DB_DB2 . '","' . ZBX_DB_SQLITE3 . '"'), null), 'server' => array(T_ZBX_STR, O_OPT, null, null, null), 'port' => array(T_ZBX_INT, O_OPT, null, BETWEEN(0, 65535), null, _('Port')), 'database' => array(T_ZBX_STR, O_OPT, null, NOT_EMPTY, null, _('Database name')), 'user' => array(T_ZBX_STR, O_OPT, null, null, null), 'password' => array(T_ZBX_STR, O_OPT, null, null, null), 'schema' => array(T_ZBX_STR, O_OPT, null, null, null), 'zbx_server' => array(T_ZBX_STR, O_OPT, null, null, null), 'zbx_server_name' => array(T_ZBX_STR, O_OPT, null, null, null), 'zbx_server_port' => array(T_ZBX_INT, O_OPT, null, BETWEEN(0, 65535), null, _('Port')), 'message' => array(T_ZBX_STR, O_OPT, null, null, null), 'nodename' => array(T_ZBX_STR, O_OPT, null, NOT_EMPTY, null), 'nodeid' => array(T_ZBX_INT, O_OPT, null, BETWEEN(0, 999), null), 'save_config' => array(T_ZBX_STR, O_OPT, P_SYS, null, null), 'retry' => array(T_ZBX_STR, O_OPT, P_SYS, null, null), 'cancel' => array(T_ZBX_STR, O_OPT, P_SYS, null, null), 'finish' => array(T_ZBX_STR, O_OPT, P_SYS, null, null), 'next' => array(T_ZBX_STR, O_OPT, P_SYS, null, null), 'back' => array(T_ZBX_STR, O_OPT, P_SYS, null, null), 'form' => array(T_ZBX_STR, O_OPT, P_SYS, null, null), 'form_refresh' => array(T_ZBX_INT, O_OPT, null, null, null));
check_fields($fields, false);
global $ZBX_CONFIG;
if (isset($_REQUEST['cancel']) || isset($_REQUEST['finish'])) {
zbx_unsetcookie('ZBX_CONFIG');
redirect('index.php');
}
$ZBX_CONFIG = get_cookie('ZBX_CONFIG', null);
$ZBX_CONFIG = isset($ZBX_CONFIG) ? unserialize($ZBX_CONFIG) : array();
if (!isset($ZBX_CONFIG['step'])) {
$ZBX_CONFIG['step'] = 0;
}
if (!isset($ZBX_CONFIG['agree'])) {
$ZBX_CONFIG['agree'] = false;
}
$ZBX_CONFIG['allowed_db'] = array();
// MYSQL
if (zbx_is_callable(array('mysql_pconnect', 'mysql_select_db', 'mysql_error', 'mysql_select_db', 'mysql_query', 'mysql_fetch_array', 'mysql_fetch_row', 'mysql_data_seek', 'mysql_insert_id'))) {
$ZBX_CONFIG['allowed_db']['MYSQL'] = 'MySQL';
}
** along with this program; if not, write to the Free Software
** Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
**/
require_once 'include/config.inc.php';
require_once 'include/forms.inc.php';
define('ZBX_NOT_ALLOW_ALL_NODES', 1);
define('ZBX_HIDE_NODE_SELECTION', 1);
$page['title'] = "S_ZABBIX_BIG";
$page['file'] = 'index.php';
// VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION
$fields = array('name' => array(T_ZBX_STR, O_NO, NULL, NOT_EMPTY, 'isset({enter})'), 'password' => array(T_ZBX_STR, O_OPT, NULL, NULL, 'isset({enter})'), 'sessionid' => array(T_ZBX_STR, O_OPT, NULL, NULL, NULL), 'message' => array(T_ZBX_STR, O_OPT, NULL, NULL, NULL), 'reconnect' => array(T_ZBX_INT, O_OPT, P_SYS, BETWEEN(0, 65535), NULL), 'enter' => array(T_ZBX_STR, O_OPT, P_SYS, NULL, NULL), 'form' => array(T_ZBX_STR, O_OPT, P_SYS, NULL, NULL), 'form_refresh' => array(T_ZBX_INT, O_OPT, NULL, NULL, NULL), 'request' => array(T_ZBX_STR, O_OPT, NULL, NULL, NULL));
check_fields($fields);
$sessionid = get_cookie('zbx_sessionid', null);
if (isset($_REQUEST['reconnect']) && isset($sessionid)) {
add_audit(AUDIT_ACTION_LOGOUT, AUDIT_RESOURCE_USER, 'Manual Logout');
zbx_unsetcookie('zbx_sessionid');
DBexecute('UPDATE sessions SET status=' . ZBX_SESSION_PASSIVE . ' WHERE sessionid=' . zbx_dbstr($sessionid));
unset($sessionid);
redirect('index.php');
die;
}
$config = select_config();
$authentication_type = $config['authentication_type'];
if ($authentication_type == ZBX_AUTH_HTTP) {
if (isset($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_USER'])) {
if (!isset($sessionid)) {
$_REQUEST['enter'] = 'Enter';
}
$_REQUEST['name'] = $_SERVER['PHP_AUTH_USER'];
$_REQUEST['password'] = '******';
//$_SERVER['PHP_AUTH_PW'];
public static function logout($sessionid)
{
global $ZBX_LOCALNODEID;
$sql = 'SELECT s.* ' . ' FROM sessions s ' . ' WHERE s.sessionid=' . zbx_dbstr($sessionid) . ' AND s.status=' . ZBX_SESSION_ACTIVE . ' AND ' . DBin_node('s.userid', $ZBX_LOCALNODEID);
$session = DBfetch(DBselect($sql));
if (!$session) {
return false;
}
zbx_unsetcookie('zbx_sessionid');
DBexecute('DELETE FROM sessions WHERE status=' . ZBX_SESSION_PASSIVE . ' AND userid=' . zbx_dbstr($session['userid']));
DBexecute('UPDATE sessions SET status=' . ZBX_SESSION_PASSIVE . ' WHERE sessionid=' . zbx_dbstr($sessionid));
return true;
}
function check_authorisation()
{
global $DB;
global $page;
global $PHP_AUTH_USER, $PHP_AUTH_PW;
global $USER_DETAILS;
global $ZBX_LOCALNODEID;
$USER_DETAILS = NULL;
$login = FALSE;
$sessionid = get_cookie('zbx_sessionid');
if (!is_null($sessionid)) {
$sql = 'SELECT u.*,s.* ' . ' FROM sessions s,users u' . ' WHERE s.sessionid=' . zbx_dbstr($sessionid) . ' AND s.status=' . ZBX_SESSION_ACTIVE . ' AND s.userid=u.userid' . ' AND ((s.lastaccess+u.autologout>' . time() . ') OR (u.autologout=0))' . ' AND ' . DBin_node('u.userid', $ZBX_LOCALNODEID);
$login = $USER_DETAILS = DBfetch(DBselect($sql));
if (!$USER_DETAILS) {
$incorrect_session = true;
} else {
if ($login['attempt_failed']) {
error(new CScript(array(bold($login['attempt_failed']), 'failed login attempts logged. Last failed attempt was from ', bold($login['attempt_ip']), ' on ', bold(date('d.m.Y H:i', $login['attempt_clock'])), '.')));
DBexecute('UPDATE users SET attempt_failed=0 WHERE userid=' . $login['userid']);
}
}
}
if (!$USER_DETAILS && !isset($_SERVER['PHP_AUTH_USER'])) {
$sql = 'SELECT u.* ' . ' FROM users u ' . ' WHERE u.alias=' . zbx_dbstr(ZBX_GUEST_USER) . ' AND ' . DBin_node('u.userid', $ZBX_LOCALNODEID);
$login = $USER_DETAILS = DBfetch(DBselect($sql));
if (!$USER_DETAILS) {
$missed_user_guest = true;
}
}
if ($login) {
$login = check_perm2login($USER_DETAILS['userid']) && check_perm2system($USER_DETAILS['userid']);
}
if (!$login) {
$USER_DETAILS = NULL;
}
if ($login && !isset($incorrect_session)) {
zbx_setcookie('zbx_sessionid', $sessionid, $USER_DETAILS['autologin'] ? time() + 86400 * 31 : 0);
//1 month
DBexecute('UPDATE sessions SET lastaccess=' . time() . ' WHERE sessionid=' . zbx_dbstr($sessionid));
} else {
zbx_unsetcookie('zbx_sessionid');
DBexecute('UPDATE sessions SET status=' . ZBX_SESSION_PASSIVE . ' WHERE sessionid=' . zbx_dbstr($sessionid));
unset($sessionid);
}
if ($USER_DETAILS) {
$USER_DETAILS['node'] = DBfetch(DBselect('SELECT * FROM nodes WHERE nodeid=' . id2nodeid($USER_DETAILS['userid'])));
if (empty($USER_DETAILS['node'])) {
$USER_DETAILS['node']['name'] = '- unknown -';
$USER_DETAILS['node']['nodeid'] = $ZBX_LOCALNODEID;
}
} else {
$USER_DETAILS = array('alias' => ZBX_GUEST_USER, 'userid' => 0, 'lang' => 'en_gb', 'type' => '0', 'node' => array('name' => '- unknown -', 'nodeid' => 0));
}
$userip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
$USER_DETAILS['userip'] = $userip;
if (!$login || isset($incorrect_session) || isset($missed_user_guest)) {
if (isset($incorrect_session)) {
$message = 'Session was ended, please relogin!';
} else {
if (isset($missed_user_guest)) {
$row = DBfetch(DBselect('SELECT count(u.userid) as user_cnt FROM users u'));
if (!$row || $row['user_cnt'] == 0) {
$message = 'Table users is empty. Possible database corruption.';
}
}
}
if (!isset($_REQUEST['message']) && isset($message)) {
$_REQUEST['message'] = $message;
}
include 'index.php';
exit;
}
}
