weathermap

Subversion Repositories:

[/] [weathermap-cacti-plugin-mgmt.php] - Blame information for rev 64

Line No.	Rev	Author	Line
1	1	simandl	`<?php`
2
3			`chdir('../../');`
4			`include_once("./include/auth.php");`
5			`include_once("./include/config.php");`
6
7			`include_once($config["library_path"] . "/database.php");`
8
9			`$weathermap_confdir = realpath(dirname(__FILE__).'/configs');`
10
11			`$action = "";`
12			`if (isset($_POST['action'])) {`
13			`$action = $_POST['action'];`
14			`} else if (isset($_GET['action'])) {`
15			`$action = $_GET['action'];`
16			`}`
17
18			`switch ($action) {`
19			`case 'perms_add_user':`
20			`if( isset($_REQUEST['mapid']) && is_numeric($_REQUEST['mapid'])`
21			`&& isset($_REQUEST['userid']) && is_numeric($_REQUEST['userid'])`
22			`)`
23			`{`
24			`perms_add_user($_REQUEST['mapid'],$_REQUEST['userid']);`
25			`header("Location: weathermap-cacti-plugin-mgmt.php?action=perms_edit&id=".$_REQUEST['mapid']);`
26			`}`
27			`break;`
28			`case 'perms_delete_user':`
29			`if( isset($_REQUEST['mapid']) && is_numeric($_REQUEST['mapid'])`
30			`&& isset($_REQUEST['userid']) && is_numeric($_REQUEST['userid'])`
31			`)`
32			`{`
33			`perms_delete_user($_REQUEST['mapid'],$_REQUEST['userid']);`
34			`header("Location: weathermap-cacti-plugin-mgmt.php?action=perms_edit&id=".$_REQUEST['mapid']);`
35			`}`
36			`break;`
37			`case 'perms_edit':`
38			`if( isset($_REQUEST['id']) && is_numeric($_REQUEST['id']) )`
39			`{`
40			`include_once($config["base_path"]."/include/top_header.php");`
41			`perms_list($_REQUEST['id']);`
42			`include_once($config["base_path"]."/include/bottom_footer.php");`
43			`}`
44			`else`
45			`{`
46			`print "Something got lost back there.";`
47			`}`
48			`break;`
49
50			`case 'delete_map':`
51			`if( isset($_REQUEST['id']) && is_numeric($_REQUEST['id']) ) map_delete($_REQUEST['id']);`
52			`header("Location: weathermap-cacti-plugin-mgmt.php");`
53			`break;`
54
55			`case 'deactivate_map':`
56			`if( isset($_REQUEST['id']) && is_numeric($_REQUEST['id']) ) map_deactivate($_REQUEST['id']);`
57			`header("Location: weathermap-cacti-plugin-mgmt.php");`
58			`break;`
59
60			`case 'activate_map':`
61			`if( isset($_REQUEST['id']) && is_numeric($_REQUEST['id']) ) map_activate($_REQUEST['id']);`
62			`header("Location: weathermap-cacti-plugin-mgmt.php");`
63			`break;`
64
65			`case 'move_map_up':`
66			`if( isset($_REQUEST['id']) && is_numeric($_REQUEST['id']) &&`
67			`isset($_REQUEST['order']) && is_numeric($_REQUEST['order']) )`
68			`map_move($_REQUEST['id'],$_REQUEST['order'],-1);`
69			`header("Location: weathermap-cacti-plugin-mgmt.php");`
70			`break;`
71			`case 'move_map_down':`
72			`if( isset($_REQUEST['id']) && is_numeric($_REQUEST['id']) &&`
73			`isset($_REQUEST['order']) && is_numeric($_REQUEST['order']) )`
74			`map_move($_REQUEST['id'],$_REQUEST['order'],+1);`
75			`header("Location: weathermap-cacti-plugin-mgmt.php");`
76			`break;`
77
78			`case 'viewconfig':`
79			`include_once($config["base_path"]."/include/top_graph_header.php");`
80			`if(isset($_REQUEST['file']))`
81			`{`
82			`preview_config($_REQUEST['file']);`
83			`}`
84			`else`
85			`{`
86			`print "No such file.";`
87			`}`
88			`include_once($config["base_path"]."/include/bottom_footer.php");`
89			`break;`
90
91			`case 'addmap_picker':`
92			`include_once($config["base_path"]."/include/top_header.php");`
93			`addmap_picker();`
94			`include_once($config["base_path"]."/include/bottom_footer.php");`
95			`break;`
96
97			`case 'addmap':`
98			`if(isset($_REQUEST['file']))`
99			`{`
100			`add_config($_REQUEST['file']);`
101			`header("Location: weathermap-cacti-plugin-mgmt.php");`
102			`}`
103			`else`
104			`{`
105			`print "No such file.";`
106			`}`
107
108			`break;`
109
110			`case 'editor':`
111			`chdir(dirname(__FILE__));`
112			`include_once('./editor.php');`
113			`break;`
114
115			`case 'rebuildnow':`
116			`include_once(dirname(__FILE__).DIRECTORY_SEPARATOR."Weathermap.class.php");`
117			`include_once(dirname(__FILE__).DIRECTORY_SEPARATOR."lib".DIRECTORY_SEPARATOR."poller-common.php");`
118
119			`include_once($config["base_path"]."/include/top_header.php");`
120			`print "<h3>Rebuilding all maps</h3><strong>NOTE: Because your Cacti poller process probably doesn't run as the same user as your webserver, it's possible this will fail with file permission problems even though the normal poller process runs fine. In some situations, it MAY have memory_limit problems, if your mod_php/ISAPI module uses a different php.ini to your command-line PHP.</strong><hr><pre>";`
121			`weathermap_run_maps(dirname(__FILE__));`
122			`print "</pre>";`
123			`print "<hr /><h3>Done.</h3>";`
124			`include_once($config["base_path"]."/include/bottom_footer.php");`
125
126			`break;`
127
128			`// by default, just list the map setup`
129			`default:`
130			`include_once($config["base_path"]."/include/top_header.php");`
131			`maplist();`
132			`include_once($config["base_path"]."/include/bottom_footer.php");`
133			`break;`
134			`}`
135
136			`///////////////////////////////////////////////////////////////////////////`
137
138			`// Repair the sort order column (for when something is deleted or inserted)`
139			`function map_resort()`
140			`{`
141			`$list = db_fetch_assoc("select * from weathermap_maps order by sortorder;");`
142			`$i = 1;`
143			`foreach ($list as $map)`
144			`{`
145			`$sql[] = "update weathermap_maps set sortorder = $i where id = ".$map['id'];`
146			`$i++;`
147			`}`
148			`if (!empty($sql)) {`
149			`for ($a = 0; $a < count($sql); $a++) {`
150			`$result = db_execute($sql[$a]);`
151			`}`
152			`}`
153			`}`
154
155			`function map_move($mapid,$junk,$direction)`
156			`{`
157			`$source = db_fetch_assoc("select * from weathermap_maps where id=$mapid");`
158			`$oldorder = $source[0]['sortorder'];`
159
160			`$neworder = $oldorder + $direction;`
161			`$target = db_fetch_assoc("select * from weathermap_maps where sortorder = $neworder");`
162
163			`if(!empty($target[0]['id']))`
164			`{`
165			`$otherid = $target[0]['id'];`
166			`// move $mapid in direction $direction`
167			`$sql[] = "update weathermap_maps set sortorder = $neworder where id=$mapid";`
168			`// then find the other one with the same sortorder and move that in the opposite direction`
169			`$sql[] = "update weathermap_maps set sortorder = $oldorder where id=$otherid";`
170			`}`
171			`if (!empty($sql)) {`
172			`for ($a = 0; $a < count($sql); $a++) {`
173			`$result = db_execute($sql[$a]);`
174			`}`
175			`}`
176			`}`
177
178			`function maplist()`
179			`{`
180			`global $colors;`
181
182
183			`html_start_box("<strong>Weathermaps</strong>", "78%", $colors["header"], "3", "center", "weathermap-cacti-plugin-mgmt.php?action=addmap_picker");`
184
185			`html_header(array("Config File", "Title", "Active", "Sort Order", "Accessible By",""));`
186
187			`$query = db_fetch_assoc("select id,username from user_auth");`
188			`$users[0] = 'Anyone';`
189
190			`foreach ($query as $user)`
191			`{`
192			`$users[$user['id']] = $user['username'];`
193			`}`
194
195			`$i = 0;`
196			`$queryrows = db_fetch_assoc("select * from weathermap_maps order by sortorder");`
197			`// or die (mysql_error("Could not connect to database") )`
198
199			`$previous_id = -2;`
200			`if( is_array($queryrows) )`
201			`{`
202			`foreach ($queryrows as $map)`
203			`{`
204			`form_alternate_row_color($colors["alternate"],$colors["light"],$i);`
205
206			`print '<td>'.htmlspecialchars($map['configfile']).'</td>';`
207			`print '<td>'.htmlspecialchars($map['titlecache']).'</td>';`
208			`if($map['active'] == 'on')`
209			`{`
210			`print '<td><a href="?action=deactivate_map&id='.$map['id'].'"><font color="green">Yes</font></a></td>';`
211			`}`
212			`else`
213			`{`
214			`print '<td><a href="?action=activate_map&id='.$map['id'].'"><font color="red">No</font></a></td>';`
215			`}`
216
217			`print '<td>';`
218
219			`print '<a href="?action=move_map_up&order='.$map['sortorder'].'&id='.$map['id'].'"><img src="../../images/move_up.gif" width="14" height="10" border="0" alt="Move Map Up"></a>';`
220			`print '<a href="?action=move_map_down&order='.$map['sortorder'].'&id='.$map['id'].'"><img src="../../images/move_down.gif" width="14" height="10" border="0" alt="Move Map Down"></a>';`
221			`// print $map['sortorder'];`
222
223			`print "</td>";`
224
225			`print '<td>';`
226			`$UserSQL = 'select * from weathermap_auth where mapid='.$map['id'].' order by userid';`
227			`$userlist = db_fetch_assoc($UserSQL);`
228
229			`$mapusers = array();`
230			`foreach ($userlist as $user)`
231			`{`
232			`if(array_key_exists($user['userid'],$users))`
233			`{`
234			`$mapusers[] = $users[$user['userid']];`
235			`}`
236			`}`
237
238			`print '<a href="?action=perms_edit&id='.$map['id'].'">';`
239			`if(count($mapusers) == 0)`
240			`{`
241			`print "(no users)";`
242			`}`
243			`else`
244			`{`
245			`print join(", ",$mapusers);`
246			`}`
247			`print '</a>';`
248
249			`print '</td>';`
250			`// print '<td><a href="?action=editor&mapname='.urlencode($map['configfile']).'">Edit Map</a></td>';`
251			`print '<td>';`
252			`print '<a href="?action=delete_map&id='.$map['id'].'"><img src="../../images/delete_icon.gif" width="10" height="10" border="0" alt="Delete Map"></a>';`
253			`print '</td>';`
254
255			`print '</tr>';`
256			`$i++;`
257			`}`
258			`}`
259
260			`if($i==0)`
261			`{`
262			`print "<tr><td><em>No Weathermaps Configured</em></td></tr>\n";`
263			`}`
264
265			`html_end_box();`
266
267			`if($i>0)`
268			`{`
269			`print '<div align="center"><a href="?action=rebuildnow"><img src="images/btn_recalc.png" border="0" alt="Rebuild All Maps Right Now"><br />(Experimental)</a></div>';`
270			`}`
271
272
273			`}`
274
275			`function addmap_picker()`
276			`{`
277			`global $weathermap_confdir;`
278			`global $colors;`
279
280			`$loaded=array();`
281			`// find out what maps are already in the database, so we can skip those`
282			`$queryrows = db_fetch_assoc("select * from weathermap_maps");`
283			`if( is_array($queryrows) )`
284			`{`
285			`foreach ($queryrows as $map)`
286			`{`
287			`$loaded[]=$map['configfile'];`
288			`}`
289			`}`
290
291			`html_start_box("<strong>Available Weathermap Configuration Files</strong>", "78%", $colors["header"], "2", "center", "");`
292
293			`if( is_dir($weathermap_confdir))`
294			`{`
295			`$n=0;`
296			`$dh = opendir($weathermap_confdir);`
297			`if($dh)`
298			`{`
299			`$i = 0; $skipped = 0;`
300			`html_header(array("Config File", "Title",""),2);`
301
302			`while($file = readdir($dh))`
303			`{`
304			`$realfile = $weathermap_confdir.'/'.$file;`
305			`if(is_file($realfile) && ! in_array($file,$loaded) )`
306			`{`
307			`if(in_array($file,$loaded))`
308			`{`
309			`$skipped++;`
310			`}`
311			`else`
312			`{`
313
314
315			`$title = wmap_get_title($realfile);`
316			`$titles[$file] = $title;`
317
318
319			`$i++;`
320			`}`
321			`}`
322			`}`
323			`closedir($dh);`
324
325			`if($i>0)`
326			`{`
327			`ksort($titles);`
328
329			`$i=0;`
330			`foreach ($titles as $file=>$title)`
331			`{`
332			`$title = $titles[$file];`
333			`form_alternate_row_color($colors["alternate"],$colors["light"],$i);`
334			`print '<td>'.htmlspecialchars($file).'</td>';`
335			`print '<td><em>'.htmlspecialchars($title).'</em></td>';`
336			`print '<td><a href="?action=viewconfig&file='.$file.'" title="View the configuration file in a new window" target="_blank">View</a></td>';`
337			`print '<td><a href="?action=addmap&file='.$file.'" title="Add the configuration file">Add</a></td>';`
338			`print '</tr>';`
339			`$i++;`
340			`}`
341			`}`
342
343			`if( ($i + $skipped) == 0 )`
344			`{`
345			`print "<tr><td>No files were found in the configs directory.</td></tr>";`
346			`}`
347
348			`if( ($i == 0) && $skipped>0)`
349			`{`
350			`print "<tr><td>($skipped files weren't shown because they are already in the database)</td></tr>";`
351			`}`
352			`}`
353			`else`
354			`{`
355			`print "<tr><td>Can't open $weathermap_confdir to read - you should set it to be readable by the webserver.</td></tr>";`
356			`}`
357			`}`
358			`else`
359			`{`
360			`print "<tr><td>There is no directory named $weathermap_confdir - you will need to create it, and set it to be readable by the webserver. If you want to upload configuration files from inside Cacti, then it should be <i>writable</i> by the webserver too.</td></tr>";`
361			`}`
362
363			`html_end_box();`
364
365			`}`
366
367			`function preview_config($file)`
368			`{`
369			`global $weathermap_confdir;`
370			`global $colors;`
371
372			`chdir($weathermap_confdir);`
373
374			`$path_parts = pathinfo($file);`
375			`$file_dir = realpath($path_parts['dirname']);`
376
377			`if($file_dir != $weathermap_confdir)`
378			`{`
379			`// someone is trying to read arbitrary files?`
380			`// print "$file_dir != $weathermap_confdir";`
381			`print "<h3>Path mismatch</h3>";`
382			`}`
383			`else`
384			`{`
385			`html_start_box("<strong>Preview of $file</strong>", "98%", $colors["header"], "3", "center", "");`
386
387			`print '<tr><td valign="top" bgcolor="#'.$colors["light"].'" class="textArea">';`
388			`print '<pre>';`
389			`$realfile = $weathermap_confdir.'/'.$file;`
390			`if( is_file($realfile) )`
391			`{`
392			`$fd = fopen($realfile,"r");`
393			`while (!feof($fd))`
394			`{`
395			`$buffer = fgets($fd,4096);`
396			`print $buffer;`
397			`}`
398			`fclose($fd);`
399			`}`
400			`print '</pre>';`
401			`print '</td></tr>';`
402			`html_end_box();`
403			`}`
404			`}`
405
406			`function add_config($file)`
407			`{`
408			`global $weathermap_confdir;`
409			`global $colors;`
410
411			`chdir($weathermap_confdir);`
412
413			`$path_parts = pathinfo($file);`
414			`$file_dir = realpath($path_parts['dirname']);`
415
416			`if($file_dir != $weathermap_confdir)`
417			`{`
418			`// someone is trying to read arbitrary files?`
419			`// print "$file_dir != $weathermap_confdir";`
420			`print "<h3>Path mismatch</h3>";`
421			`}`
422			`else`
423			`{`
424			`$realfile = $weathermap_confdir.DIRECTORY_SEPARATOR.$file;`
425			`$title = wmap_get_title($realfile);`
426
427			`$file = mysql_real_escape_string($file);`
428			`$title = mysql_real_escape_string($title);`
429			`$SQL = "insert into weathermap_maps (configfile,titlecache,active,imagefile,htmlfile) VALUES ('$file','$title','on','','')";`
430			`db_execute($SQL);`
431
432			`// add auth for 'admin'`
433			`$last_id = mysql_insert_id();`
434			`$myuid = (int)$_SESSION["sess_user_id"];`
435			`$SQL = "insert into weathermap_auth (mapid,userid) VALUES ($last_id,$myuid)";`
436			`db_execute($SQL);`
437
438			`map_resort();`
439			`}`
440			`}`
441
442			`function wmap_get_title($filename)`
443			`{`
444			`$title = "(no title)";`
445			`$fd = fopen($filename,"r");`
446			`while (!feof($fd))`
447			`{`
448			`$buffer = fgets($fd,4096);`
449			`if(preg_match("/^\sTITLE\s+(.)/i",$buffer, $matches))`
450			`{`
451			`$title = $matches[1];`
452			`}`
453			`// this regexp is tweaked from the ReadConfig version, to only match TITLEPOS lines with a title appended`
454			`if(preg_match("/^\s*TITLEPOS\s+\d+\s+\d+\s+(.+)/i",$buffer, $matches))`
455			`{`
456			`$title = $matches[1];`
457			`}`
458			`}`
459			`fclose($fd);`
460
461			`return($title);`
462			`}`
463
464			`function map_deactivate($id)`
465			`{`
466			`$SQL = "update weathermap_maps set active='off' where id=".$id;`
467			`db_execute($SQL);`
468			`}`
469
470			`function map_activate($id)`
471			`{`
472			`$SQL = "update weathermap_maps set active='on' where id=".$id;`
473			`db_execute($SQL);`
474			`}`
475
476			`function map_delete($id)`
477			`{`
478			`$SQL = "delete from weathermap_maps where id=".$id;`
479			`db_execute($SQL);`
480
481			`$SQL = "delete from weathermap_auth where mapid=".$id;`
482			`db_execute($SQL);`
483
484			`map_resort();`
485			`}`
486
487			`function perms_add_user($mapid,$userid)`
488			`{`
489			`$SQL = "insert into weathermap_auth (mapid,userid) values($mapid,$userid)";`
490			`db_execute($SQL);`
491			`}`
492
493			`function perms_delete_user($mapid,$userid)`
494			`{`
495			`$SQL = "delete from weathermap_auth where mapid=$mapid and userid=$userid";`
496			`db_execute($SQL);`
497			`}`
498
499			`function perms_list($id)`
500			`{`
501			`global $colors;`
502
503			`$title_sql = "select titlecache from weathermap_maps where id=$id";`
504			`$results = db_fetch_assoc($title_sql);`
505			`$title = $results[0]['titlecache'];`
506
507			`$auth_sql = "select * from weathermap_auth where mapid=$id order by userid";`
508
509			`$query = db_fetch_assoc("select id,username from user_auth order by username");`
510			`$users[0] = 'Anyone';`
511			`foreach ($query as $user)`
512			`{`
513			`$users[$user['id']] = $user['username'];`
514			`}`
515
516			`$auth_results = db_fetch_assoc($auth_sql);`
517			`$mapusers = array();`
518			`$mapuserids = array();`
519			`foreach ($auth_results as $user)`
520			`{`
521			`if(isset($users[$user['userid']]))`
522			`{`
523			`$mapusers[] = $users[$user['userid']];`
524			`$mapuserids[] = $user['userid'];`
525			`}`
526			`}`
527
528			`$userselect="";`
529			`foreach ($users as $uid => $name)`
530			`{`
531			`if(! in_array($uid,$mapuserids)) $userselect .= "<option value=\"$uid\">$name</option>\n";`
532			`}`
533
534			`html_start_box("<strong>Edit permissions for Weathermap $id: $title</strong>", "70%", $colors["header"], "2", "center", "");`
535			`html_header(array("Username", ""));`
536
537			`$n = 0;`
538			`foreach($mapuserids as $user)`
539			`{`
540			`form_alternate_row_color($colors["alternate"],$colors["light"],$n);`
541			`print "<td>".$users[$user]."</td>";`
542			`print '<td><a href="?action=perms_delete_user&mapid='.$id.'&userid='.$user.'"><img src="../../images/delete_icon.gif" width="10" height="10" border="0" alt="Remove permissions for this user to see this map"></a></td>';`
543
544			`print "</tr>";`
545			`$n++;`
546			`}`
547			`if($n==0)`
548			`{`
549			`print "<tr><td><em><strong>nobody</strong> can see this map</em></td></tr>";`
550			`}`
551			`html_end_box();`
552
553			`html_start_box("", "70%", $colors["header"], "3", "center", "");`
554			`print "<tr>";`
555			`if($userselect == '')`
556			`{`
557			`print "<td><em>There aren't any users left to add!</em></td></tr>";`
558			`}`
559			`else`
560			`{`
561			`print "<td><form action=\"\">Allow <input type=\"hidden\" name=\"action\" value=\"perms_add_user\"><input type=\"hidden\" name=\"mapid\" value=\"$id\"><select name=\"userid\">";`
562			`print $userselect;`
563			`print "</select> to see this map <input type=\"submit\" value=\"Update\"></form></td>";`
564			`print "</tr>";`
565			`}`
566			`html_end_box();`
567			`}`
568			`// vim:ts=4:sw=4:`
569			`?>`