if (isset($_SESSION["sess_view_tree_id"])) { if (read_config_option("auth_method") != 0) { /* take tree permissions into account here, if the user does not have permission give an "access denied" message */ $access_denied = !(is_tree_allowed($_SESSION["sess_view_tree_id"])); if ($access_denied == true) { print "<strong><font size='+1' color='FF0000'>ACCESS DENIED</font></strong>"; exit; } } if (read_graph_config_option("default_tree_view_mode") == "1") { grow_graph_tree($_SESSION["sess_view_tree_id"], (!empty($start_branch) ? $start_branch : 0), isset($_SESSION["sess_user_id"]) ? $_SESSION["sess_user_id"] : 0, $tree_parameters); }elseif (read_graph_config_option("default_tree_view_mode") == "2") { grow_right_pane_tree((isset($_GET["tree_id"]) ? $_GET["tree_id"] : 0), (isset($_GET["leaf_id"]) ? $_GET["leaf_id"] : 0), (isset($_GET["host_group_data"]) ? urldecode($_GET["host_group_data"]) : 0)); } } print "<br><br>"; break; case 'preview': define("ROWS_PER_PAGE", read_graph_config_option("preview_graphs_per_page")); /* ================= input validation ================= */ input_validate_input_number(get_request_var_request("host_id")); input_validate_input_number(get_request_var_request("graph_template_id")); input_validate_input_number(get_request_var_request("page"));
$_SESSION['sess_node_id'] = $_REQUEST['nodeid']; /* if cacti's builtin authentication is turned on then make sure to take graph permissions into account here. if a user does not have rights to a particular graph; do not show it. they will get an access denied message if they try and view the graph directly. */ if (isset($_SESSION['sess_view_tree_id'])) { if (read_config_option('auth_method') != 0) { /* take tree permissions into account here, if the user does not have permission give an "access denied" message */ $access_denied = !is_tree_allowed($_SESSION['sess_view_tree_id']); if ($access_denied == true) { print "<strong><font size='+1' color='FF0000'>ACCESS DENIED</font></strong>"; exit; } } grow_right_pane_tree(isset($_REQUEST['tree_id']) ? $_REQUEST['tree_id'] : 0, isset($_REQUEST['leaf_id']) ? $_REQUEST['leaf_id'] : 0, isset($_REQUEST['host_group_data']) ? urldecode($_REQUEST['host_group_data']) : 0); } break; case 'preview': if (!isset($_REQUEST['header']) || $_REQUEST['header'] == false) { include_once './include/top_graph_header.php'; } if (read_config_option('auth_method') != 0 && empty($current_user['show_preview'])) { print "<strong><font size='+1' color='FF0000'>YOU DO NOT HAVE RIGHTS FOR PREVIEW VIEW</font></strong>"; exit; } /* ================= input validation ================= */ input_validate_input_number(get_request_var_request('host_id')); input_validate_input_number(get_request_var_request('graph_template_id')); input_validate_input_number(get_request_var_request('page')); input_validate_input_number(get_request_var_request('rows'));