if(wm_editor_validate_bandwidth($bwout)) { $map->links[$link_name]->max_bandwidth_out_cfg = $bwout; $map->links[$link_name]->max_bandwidth_out = unformat_number($bwout, $map->kilo); } // $map->links[$link_name]->SetBandwidth($bwin,$bwout); $map->WriteConfig($mapfile); } break; case "set_map_properties": $map->ReadConfig($mapfile); $map->title = wm_editor_sanitize_string($_REQUEST['map_title']); $map->keytext['DEFAULT'] = wm_editor_sanitize_string($_REQUEST['map_legend']); $map->stamptext = wm_editor_sanitize_string($_REQUEST['map_stamp']); $map->htmloutputfile = wm_editor_sanitize_file($_REQUEST['map_htmlfile'],array("html") ); $map->imageoutputfile = wm_editor_sanitize_file($_REQUEST['map_pngfile'],array("png","jpg","gif","jpeg")); $map->width = intval($_REQUEST['map_width']); $map->height = intval($_REQUEST['map_height']); // XXX sanitise this a bit if($_REQUEST['map_bgfile'] == '--NONE--') { $map->background=''; } else { $map->background = wm_editor_sanitize_file(stripslashes($_REQUEST['map_bgfile']),array("png","jpg","gif","jpeg") );
function show_editor_startpage() { global $mapdir, $WEATHERMAP_VERSION, $config_loaded, $cacti_found, $ignore_cacti, $configerror, $action; $fromplug = false; if (isset($_REQUEST['plug']) && intval($_REQUEST['plug']) == 1) { $fromplug = true; } $matches = 0; print '<html xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" media="screen" href="editor-resources/oldeditor.css" /><script type="text/javascript" src="editor-resources/jquery-latest.min.js"></script><script src="editor-resources/editor.js" type="text/javascript"></script><title>PHP Weathermap Editor ' . $WEATHERMAP_VERSION . '</title></head><body>'; print '<div id="nojs" class="alert"><b>WARNING</b> - '; print 'Sorry, it\'s partly laziness on my part, but you really need JavaScript enabled and DOM support in your browser to use this editor. It\'s a visual tool, so accessibility is already an issue, if it is, and from a security viewpoint, you\'re already running my '; print 'code on your <i>server</i> so either you trust it all having read it, or you\'re already screwed.<P>'; print 'If it\'s a major issue for you, please feel free to complain. It\'s mainly laziness as I said, and there could be a fallback (not so smooth) mode for non-javascript browsers if it was seen to be worthwhile (I would take a bit of convincing, because I don\'t see a benefit, personally).</div>'; $errormessage = ""; if ($configerror != '') { $errormessage .= $configerror . '<p>'; } if (!$librenms_found && !$ignore_librenms) { //$errormessage .= '$cacti_base is not set correctly. Cacti integration will be disabled in the editor.'; //$errormessage .= "$librenms_found and $ignore_librenms"; //if ($config_loaded != 1) { //$errormessage .= " You might need to copy editor-config.php-dist to editor-config.php and edit it."; //} } if ($errormessage != '') { print '<div class="alert" id="nocacti">' . htmlspecialchars($errormessage) . '</div>'; } print '<div id="withjs">'; print '<div id="dlgStart" class="dlgProperties" ><div class="dlgTitlebar">Welcome</div><div class="dlgBody">'; print 'Welcome to the PHP Weathermap ' . $WEATHERMAP_VERSION . ' editor.<p>'; print '<div style="border: 3px dashed red; background: #055; padding: 5px; font-size: 90%;"><b>NOTE:</b> This editor is not finished! There are many features of '; print 'Weathermap that you will be missing out on if you choose to use the editor only.'; print 'These include: curves, node offsets, font definitions, colour changing, per-node/per-link settings and image uploading. You CAN use the editor without damaging these features if you added them by hand, however.</div><p>'; print 'Do you want to:<p>'; print 'Create A New Map:<br>'; if ($action == 'newmap') { print "<b>Error creating map, the filename needs to end in .conf</b>"; } print '<form method="GET">'; print 'Named: <input type="text" name="mapname" size="20">'; print '<input name="action" type="hidden" value="newmap">'; print '<input name="plug" type="hidden" value="' . $fromplug . '">'; print '<input type="submit" value="Create">'; print '</form>'; $titles = array(); $errorstring = ""; if (is_dir($mapdir)) { $n = 0; $dh = opendir($mapdir); if ($dh) { while (false !== ($file = readdir($dh))) { $realfile = $mapdir . DIRECTORY_SEPARATOR . $file; $note = ""; // skip directories, unreadable files, .files and anything that doesn't come through the sanitiser unchanged if (is_file($realfile) && is_readable($realfile) && !preg_match("/^\\./", $file) && wm_editor_sanitize_conffile($file) == $file) { if (!is_writable($realfile)) { $note .= "(read-only)"; } $title = '(no title)'; $fd = fopen($realfile, "r"); if ($fd) { while (!feof($fd)) { $buffer = fgets($fd, 4096); if (preg_match("/^\\s*TITLE\\s+(.*)/i", $buffer, $matches)) { $title = wm_editor_sanitize_string($matches[1]); } } fclose($fd); $titles[$file] = $title; $notes[$file] = $note; $n++; } } } closedir($dh); } else { $errorstring = "Can't open mapdir to read."; } ksort($titles); if ($n == 0) { $errorstring = "No files in mapdir"; } } else { $errorstring = "NO DIRECTORY named {$mapdir}"; } print 'OR<br />Create A New Map as a copy of an existing map:<br>'; print '<form method="GET">'; print 'Named: <input type="text" name="mapname" size="20"> based on '; print '<input name="action" type="hidden" value="newmapcopy">'; print '<input name="plug" type="hidden" value="' . $fromplug . '">'; print '<select name="sourcemap">'; if ($errorstring == '') { foreach ($titles as $file => $title) { $nicefile = htmlspecialchars($file); print "<option value=\"{$nicefile}\">{$nicefile}</option>\n"; } } else { print '<option value="">' . htmlspecialchars($errorstring) . '</option>'; } print '</select>'; print '<input type="submit" value="Create Copy">'; print '</form>'; print 'OR<br />'; print 'Open An Existing Map (looking in ' . htmlspecialchars($mapdir) . '):<ul class="filelist">'; if ($errorstring == '') { foreach ($titles as $file => $title) { # $title = $titles[$file]; $note = $notes[$file]; $nicefile = htmlspecialchars($file); $nicetitle = htmlspecialchars($title); print "<li>{$note}<a href=\"?mapname={$nicefile}&plug={$fromplug}\">{$nicefile}</a> - <span class=\"comment\">{$nicetitle}</span></li>\n"; } } else { print '<li>' . htmlspecialchars($errorstring) . '</li>'; } print "</ul>"; print "</div>"; // dlgbody print '<div class="dlgHelp" id="start_help">PHP Weathermap ' . $WEATHERMAP_VERSION . ' Copyright © 2005-2013 Howard Jones - howie@thingy.com<br />The current version should always be <a href="http://www.network-weathermap.com/">available here</a>, along with other related software. PHP Weathermap is licensed under the GNU Public License, version 2. See COPYING for details. This distribution also includes the Overlib library by Erik Bosrup.</div>'; print "</div>"; // dlgStart print "</div>"; // withjs print "</body></html>"; }