diff --git a/www/include/configuration/configObject/command/command.php b/www/include/configuration/configObject/command/command.php index 1d48713880a..c21ba15d69e 100755 --- a/www/include/configuration/configObject/command/command.php +++ b/www/include/configuration/configObject/command/command.php @@ -95,14 +95,8 @@ */ require_once($path."minHelpCommand.php"); break; - case "p": - /* - * Test the plugin - */ - require_once($path."minPlayCommand.php"); - break; default: - require_once($path."minCommand.php"); + require_once($path."minHelpCommand.php"); break; } } else { diff --git a/www/include/configuration/configObject/command/formCommand.ihtml b/www/include/configuration/configObject/command/formCommand.ihtml index d1f5bf49fae..944c22eed76 100644 --- a/www/include/configuration/configObject/command/formCommand.ihtml +++ b/www/include/configuration/configObject/command/formCommand.ihtml @@ -1,100 +1,112 @@ {$form.javascript}
-
- {if $o == "a" || $o == "c"} -

{$form.submitC.html}{$form.submitA.html}   {$form.reset.html}

- {else if $o == "w"} -

{$form.change.html}

- {/if} -
-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - {if $o == "a" || $o == "c"} - - {/if} -
-

| {$form.header.title}

-
-

{$form.header.information}

-
{$form.command_name.label}{$form.command_name.html}
{$form.command_type.label}{$form.command_type.html}
{$form.command_line.label} - - - - {if $o == "a" || $o == "c"} - - {/if} - -
-  {$form.command_line.html} - -      - -      - {$form.resource.html} -

-      - -      - {$form.plugins.html} -  {$cmd_help} -

-      - -      - {$form.macros.html} -
-
{$form.enable_shell.label}{$form.enable_shell.html}
{$form.command_example.label}{if $o != "w"}{$form.command_example.html}  {$form.command_hostaddress.label} {$form.command_hostaddress.html} {$cmd_play}{/if}
{$arg_desc_label} - {if $o != "w"}{$form.desc_arg.html} {$form.clear_arg.html}

{/if} -
- {$form.listOfArg.html} -
-
{$macro_desc_label} -
- {$form.desc_macro.html} -
-
- {$form.listOfMacros.html} -
-
-

{$form.header.furtherInfos}

-
{$form.connectors.label}{$form.connectors.html}
{$form.graph_id.label}{$form.graph_id.html}
{$form.command_activate.label}{$form.command_activate.html}
{$form.command_comment.label}{$form.command_comment.html}
{$form.required._note}
-
-
- {if $o == "a" || $o == "c"} -

{$form.submitC.html}{$form.submitA.html}   {$form.reset.html}

- {else if $o == "w"} -

{$form.change.html}

- {/if} -
- {$form.hidden} +
+ {if $o == "a" || $o == "c"} +

{$form.submitC.html}{$form.submitA.html}   {$form.reset.html}

+ {else if $o == "w"} +

{$form.change.html}

+ {/if} +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + {if $o == "a" || $o == "c"} + + + + {/if} +

| {$form.header.title}

{$form.header.information}

{$form.command_name.label}{$form.command_name.html}
{$form.command_type.label}{$form.command_type.html}
{$form.command_line.label} + + + + {if $o == "a" || $o == "c"} + + {/if} + +
 {$form.command_line.html} +      + +      + {$form.resource.html} +

+      + +      + {$form.plugins.html} +  {$cmd_help} +

+      + +      + {$form.macros.html} +
+
{$form.enable_shell.label}{$form.enable_shell.html}
{$form.command_example.label}{if $o != "w"}{$form.command_example.html}{/if}
{$arg_desc_label} + {if $o != "w"}{$form.desc_arg.html} {$form.clear_arg.html}

{/if} +
{$form.listOfArg.html}
+
{$macro_desc_label} +
{$form.desc_macro.html}
+
{$form.listOfMacros.html}
+

{$form.header.furtherInfos}

{$form.connectors.label}{$form.connectors.html}
{$form.graph_id.label}{$form.graph_id.html}
{$form.command_activate.label}{$form.command_activate.html}
{$form.command_comment.label}{$form.command_comment.html}
{$form.required._note}
+
+
+ {if $o == "a" || $o == "c"} +

{$form.submitC.html}{$form.submitA.html}   {$form.reset.html}

+ {elseif $o == "w"} +

{$form.change.html}

+ {/if} +
+ {$form.hidden}
{$helptext} diff --git a/www/include/configuration/configObject/command/formCommand.php b/www/include/configuration/configObject/command/formCommand.php index bd37f58bdca..017d6905a5f 100755 --- a/www/include/configuration/configObject/command/formCommand.php +++ b/www/include/configuration/configObject/command/formCommand.php @@ -207,7 +207,6 @@ function myReplace() $form->addElement('text', 'command_name', _("Command Name"), $attrsText); $form->addElement('text', 'command_example', _("Argument Example"), $attrsText); -$form->addElement('text', 'command_hostaddress', _("\$HOSTADDRESS\$"), $attrsText); $form->addElement('textarea', 'command_line', _("Command Line"), $attrsTextarea); $form->addElement('checkbox', 'enable_shell', _("Enable shell"), null, $attrsText); @@ -307,7 +306,6 @@ function myReplace() $tpl->assign('msg', array("comment" => _("Commands definitions can contain Macros but they have to be valid."))); $tpl->assign('cmd_help', _("Plugin Help")); -$tpl->assign('cmd_play', _("Test the plugin")); $valid = false; if ($form->validate()) { diff --git a/www/include/configuration/configObject/command/help.php b/www/include/configuration/configObject/command/help.php index 31407b1f8e8..1bd5f048daf 100644 --- a/www/include/configuration/configObject/command/help.php +++ b/www/include/configuration/configObject/command/help.php @@ -55,7 +55,6 @@ "If you are using Monitoring Engine this option cannot be disabled. Note that commands that require shell " . "are slowing down the poller server." ); - $help["arg_example"] = dgettext( "help", "The argument example defined here will be displayed together with the command selection and help in " . diff --git a/www/include/configuration/configObject/command/minCommand.ihtml b/www/include/configuration/configObject/command/minCommand.ihtml deleted file mode 100644 index affa7ceb084..00000000000 --- a/www/include/configuration/configObject/command/minCommand.ihtml +++ /dev/null @@ -1,26 +0,0 @@ -{$form.javascript} -
- - - - - - - - -{if $command_name} - - - - - -{/if} - - -
-

| {$form.header.title}

-
-

{$form.header.information}

{$form.command_id1.label}{$form.command_id1.html}
{$form.command_id2.label}{$form.command_id2.html}
{$form.command_line.label}{$form.command_line.html}{$cmd_help} -
- {$form.hidden} -
diff --git a/www/include/configuration/configObject/command/minCommand.php b/www/include/configuration/configObject/command/minCommand.php deleted file mode 100644 index ce0c3620deb..00000000000 --- a/www/include/configuration/configObject/command/minCommand.php +++ /dev/null @@ -1,167 +0,0 @@ -. - * - * Linking this program statically or dynamically with other modules is making a - * combined work based on this program. Thus, the terms and conditions of the GNU - * General Public License cover the whole combination. - * - * As a special exception, the copyright holders of this program give Centreon - * permission to link this program with independent modules to produce an executable, - * regardless of the license terms of these independent modules, and to copy and - * distribute the resulting executable under terms of Centreon choice, provided that - * Centreon also meet, for each linked independent module, the terms and conditions - * of the license of that module. An independent module is a module which is not - * derived from this program. If you modify this program, you may extend this - * exception to your version of the program, but you are not obliged to do so. If you - * do not wish to do so, delete this exception statement from your version. - * - * For more information : contact@centreon.com - * - */ - -if (!isset($oreon)) { - exit(); -} - -$cmd = array("command_type" => null, "command_name" => null, "command_line" => null); -if (isset($_POST["command_id1"]) && $_POST["command_id1"]) { - $command_id = $_POST["command_id1"]; -} elseif (isset($_POST["command_id2"]) && $_POST["command_id2"]) { - $command_id = $_POST["command_id2"]; -} - -if ($o == "w" && $command_id) { - if (!function_exists("myDecodeCommand")) { - function myDecodeCommand($arg) - { - $arg = str_replace('#BR#', "\\n", $arg); - $arg = str_replace('#T#', "\\t", $arg); - $arg = str_replace('#R#', "\\r", $arg); - $arg = str_replace('#S#', "/", $arg); - $arg = str_replace('#BS#', "\\", $arg); - return ($arg); - } - } - - $DBRESULT = $pearDB->query("SELECT * FROM `command` WHERE `command_id` = '" . $command_id . "' LIMIT 1"); - if ($DBRESULT->rowCount()) { - $cmd = array_map("myDecodeCommand", $DBRESULT->fetchRow()); - } -} - -/* - * Notification commands comes from DB -> Store in $notifCmds Array - */ -$notifCmds = array(null => null); -$query = "SELECT `command_id`, `command_name` FROM `command` WHERE `command_type` = '1' ORDER BY `command_name`"; -$DBRESULT = $pearDB->query($query); -while ($notifCmd = $DBRESULT->fetchRow()) { - $notifCmds[$notifCmd["command_id"]] = $notifCmd["command_name"]; -} -$DBRESULT->closeCursor(); - -/* - * Check commands comes from DB -> Store in $checkCmds Array - */ - -$checkCmds = array(null => null); -$query = "SELECT `command_id`, `command_name` FROM `command` WHERE `command_type` = '2' ORDER BY `command_name`"; -$DBRESULT = $pearDB->query($query); -while ($checkCmd = $DBRESULT->fetchRow()) { - $checkCmds[$checkCmd["command_id"]] = $checkCmd["command_name"]; -} -$DBRESULT->closeCursor(); - - -$attrsText = array("size" => "35"); -$attrsTextarea = array("rows" => "9", "cols" => "80"); - -$form = new HTML_QuickFormCustom('Form', 'post', "?p=" . $p); -$form->addElement('header', 'title', _("View command definition")); - -/* - * Command information - */ -if ($cmd["command_type"] == "1") { - $form->addElement('header', 'information', _("Notification command")); - $elemname = "command_id2"; -} elseif ($cmd["command_type"] == "2") { - $form->addElement('header', 'information', _("Check command")); - $elemname = "command_id2"; -} elseif ($cmd["command_type"] == "3") { - $form->addElement('header', 'information', _("Information command")); -} else { - $form->addElement('header', 'information', _("No command selected")); -} - - -$cmdType[] = $form->createElement('radio', 'command_type', null, _("Notification"), '1'); -$cmdType[] = $form->createElement('radio', 'command_type', null, _("Check"), '2'); - -$v1 = $form->addGroup($cmdType, 'command_type', _("Command Type"), '  '); -$v1->freeze(); - -$v2 = $form->addElement('text', 'command_name', _("Command Name"), $attrsText); -$v2->freeze(); - -$v3 = $form->addElement('textarea', 'command_line', _("Command Line"), $attrsTextarea); -$v3->freeze(); - -/* - * Command Select - */ -$form->addElement('select', 'command_id1', _("Check"), $checkCmds, array("onChange" => "this.form.submit()")); -$form->addElement('select', 'command_id2', _("Notif"), $notifCmds, array("onChange" => "this.form.submit()")); -$form->setConstants(array( - "command_name" => $cmd["command_name"], - "command_line" => $cmd["command_line"], - "command_type" => $cmd["command_type"]["command_type"] -)); - -if (isset($cmd['command_id'])) { - $form->setDefaults(['command_id1' => $cmd['command_id']]); -} - -/* - * Further informations - */ -$redirect = $form->addElement('hidden', 'o'); -$redirect->setValue($o); - -$min = $form->addElement('hidden', 'min'); -$min->setValue(1); - - -# Smarty template Init -$tpl = new Smarty(); -$tpl = initSmartyTpl($path, $tpl); - -/* - * Apply a template definition - */ -$renderer = new HTML_QuickForm_Renderer_ArraySmarty($tpl); -$renderer->setRequiredTemplate('{$label} *'); -$renderer->setErrorTemplate('{$error}
{$html}'); - -$form->accept($renderer); - -$tpl->assign('form', $renderer->toArray()); -$tpl->assign('o', $o); -$tpl->assign('command_id', $command_id); -$tpl->assign('command_name', $cmd["command_name"]); - -$tpl->display("minCommand.ihtml"); diff --git a/www/include/configuration/configObject/command/minHelpCommand.php b/www/include/configuration/configObject/command/minHelpCommand.php index f13485aeb6c..0e04f3864dc 100644 --- a/www/include/configuration/configObject/command/minHelpCommand.php +++ b/www/include/configuration/configObject/command/minHelpCommand.php @@ -1,7 +1,7 @@ query("SELECT * FROM `command` WHERE `command_id` = '" . $command_id . "' LIMIT 1"); - $cmd = $DBRESULT->fetchRow(); - - $cmd_array = explode(" ", $cmd["command_line"]); - $full_line = $cmd_array[0]; - $cmd_array = explode("/", $full_line); - $resource_info = $cmd_array[0]; - $resource_def = str_replace('$', '@DOLLAR@', $resource_info); + $sth = $pearDB->prepare("SELECT * FROM `command` WHERE `command_id` = :command_id LIMIT 1"); + $sth->bindParam(':command_id', $commandId, PDO::PARAM_INT); + $sth->execute(); + $cmd = $sth->fetch(); + unset($sth); + + $aCmd = explode(" ", $cmd["command_line"]); + $fullLine = $aCmd[0]; + $aCmd = explode("/", $fullLine); + $resourceInfo = $aCmd[0]; + $resourceDef = str_replace('$', '@DOLLAR@', $resourceInfo); /* * Match if the first part of the path is a MACRO */ - if (preg_match("/@DOLLAR@USER([0-9]+)@DOLLAR@/", $resource_def, $matches)) { + if (preg_match("/@DOLLAR@USER([0-9]+)@DOLLAR@/", $resourceDef, $matches)) { /* * Select Resource line */ $query = "SELECT `resource_line` FROM `cfg_resource` " . "WHERE `resource_name` = '\$USER" . $matches[1] . "\$' LIMIT 1"; - $DBRESULT = $pearDB->query($query); + $sth = $pearDB->query($query); - $resource = $DBRESULT->fetchRow(); - unset($DBRESULT); + $resource = $sth->fetch(); + unset($sth); - $resource_path = $resource["resource_line"]; - unset($cmd_array[0]); - $command = rtrim($resource_path, "/") . "#S#" . implode("#S#", $cmd_array); + $resourcePath = $resource["resource_line"]; + unset($aCmd[0]); + $command = rtrim($resourcePath, "/") . "#S#" . implode("#S#", $aCmd); } else { - $command = $full_line; + $command = $fullLine; } } else { - $command = $oreon->optGen["nagios_path_plugins"] . $command_name; + $command = $oreon->optGen["nagios_path_plugins"] . $commandName; } $command = str_replace("#S#", "/", $command); diff --git a/www/include/configuration/configObject/command/minPlayCommand.ihtml b/www/include/configuration/configObject/command/minPlayCommand.ihtml deleted file mode 100644 index 2583aeab159..00000000000 --- a/www/include/configuration/configObject/command/minPlayCommand.ihtml +++ /dev/null @@ -1,11 +0,0 @@ -{$form.javascript} -
- - - - - - -
  {$form.header.title}
  {$form.header.information}
{$form.command_line.label}{$command_line}
{$form.command_help.label}{$msg}
{$form.command_status.label}{$status}
- {$form.hidden} -
diff --git a/www/include/configuration/configObject/command/minPlayCommand.php b/www/include/configuration/configObject/command/minPlayCommand.php deleted file mode 100644 index 7278228c0eb..00000000000 --- a/www/include/configuration/configObject/command/minPlayCommand.php +++ /dev/null @@ -1,198 +0,0 @@ -. - * - * Linking this program statically or dynamically with other modules is making a - * combined work based on this program. Thus, the terms and conditions of the GNU - * General Public License cover the whole combination. - * - * As a special exception, the copyright holders of this program give Centreon - * permission to link this program with independent modules to produce an executable, - * regardless of the license terms of these independent modules, and to copy and - * distribute the resulting executable under terms of Centreon choice, provided that - * Centreon also meet, for each linked independent module, the terms and conditions - * of the license of that module. An independent module is a module which is not - * derived from this program. If you modify this program, you may extend this - * exception to your version of the program, but you are not obliged to do so. If you - * do not wish to do so, delete this exception statement from your version. - * - * For more information : contact@centreon.com - * - */ - -if (!isset($centreon)) { - exit(); -} - -require_once(_CENTREON_PATH_ . "www/include/common/common-Func.php"); - -$error_msg = ""; -$command = urldecode($_GET["command_line"]); -$example = $_GET["command_example"]; -$args = preg_split("/\!/", $example); - -$command = str_replace(array(''', '"'), array("'", '"'), $command); - -for ($i = 0; $i < count($args); $i++) { - $args[$i] = escapeshellarg($args[$i]); -} -$resource_def = str_replace('$', '@DOLLAR@', $command); -$resource_def = escapeshellcmd($resource_def); - -/* Get resources in DB and replace by the value */ -while (preg_match("/@DOLLAR@USER([0-9]+)@DOLLAR@/", $resource_def, $matches) and $error_msg == "") { - $query = "SELECT resource_line FROM cfg_resource WHERE resource_name = :matches LIMIT 1"; - $DBRESULT = $pearDB->prepare($query); - $DBRESULT->bindValue(':matches', "\$USER" . $matches[1] . "\$" , PDO::PARAM_STR); - $DBRESULT->execute(); - $resource = $DBRESULT->fetch(); - if (!isset($resource["resource_line"])) { - $error_msg .= "\$USER" . $matches[1] . "\$"; - } else { - $resource_def = str_replace( - "@DOLLAR@USER" . $matches[1] . "@DOLLAR@", - $resource["resource_line"], - $resource_def - ); - } -} - -/* Replace HOSTADDRESS by the real content */ -while (preg_match("/@DOLLAR@HOSTADDRESS@DOLLAR@/", $resource_def, $matches) and $error_msg == "") { - if (isset($_GET["command_hostaddress"]) && $_GET["command_hostaddress"] != "") { - $resource_def = str_replace("@DOLLAR@HOSTADDRESS@DOLLAR@", $_GET["command_hostaddress"], $resource_def); - } else { - $error_msg .= "\$HOSTADDRESS\$"; - } -} - -/* Replace $POLLERID$ by the poller id */ -while (preg_match("/@DOLLAR@ARG([0-9]+)@DOLLAR@/", $resource_def, $matches) and $error_msg == "") { - $match_id = $matches[1]; - if (isset($args[$match_id])) { - $resource_def = str_replace("@DOLLAR@ARG" . $match_id . "@DOLLAR@", $args[$match_id], $resource_def); - $resource_def = str_replace('$', '@DOLLAR@', $resource_def); - if (preg_match("/@DOLLAR@USER([0-9]+)@DOLLAR@/", $resource_def, $matches)) { - $query = "SELECT resource_line FROM cfg_resource WHERE resource_name = :matches LIMIT 1"; - $DBRESULT = $pearDB->prepare($query); - $DBRESULT->bindValue(':matches', "\$USER" . $matches[1] . "\$", PDO::PARAM_STR); - $DBRESULT->execute(); - $resource = $DBRESULT->fetch(); - if (!isset($resource["resource_line"])) { - $error_msg .= "\$USER" . $match_id . "\$"; - } else { - $resource_def = str_replace( - "@DOLLAR@USER" . $matches[1] . "@DOLLAR@", - $resource["resource_line"], - $resource_def - ); - } - } - if (preg_match("/@DOLLAR@HOSTADDRESS@DOLLAR@/", $resource_def, $matches)) { - if (isset($_GET["command_hostaddress"])) { - $resource_def = str_replace( - "@DOLLAR@HOSTADDRESS@DOLLAR@", - $_GET["command_hostaddress"], - $resource_def - ); - } else { - $error_msg .= "\$HOSTADDRESS\$"; - } - } - } else { - $error_msg = "\$USER" . $match_id . "\$"; - } -} - -/* Execute */ -if ($error_msg != "") { - $command = $resource_def; - $command = str_replace('@DOLLAR@', '$', $command); - $msg = _("Could not find macro ") . $error_msg; - $status = _("ERROR"); -} else { - $command = $resource_def; - $command = str_replace('@DOLLAR@', '$', $command); - $splitter = preg_split("/\;/", $command); - $command = $splitter[0]; - $stdout = array(); - unset($stdout); - - /* - * for security reasons, we do not allow the execution of any command unless it is located in path $USER1$ - */ - $query = "SELECT `resource_line` FROM `cfg_resource` WHERE `resource_name` = '\$USER1\$' LIMIT 1"; - $DBRESULT = $pearDB->query($query); - $resource = $DBRESULT->fetchRow(); - $user1Path = $resource["resource_line"]; - $pathMatch = str_replace('/', '\/', $user1Path); - - if (preg_match("/^$pathMatch/", $command)) { - if (preg_match("/\.\./", $command)) { - $msg = _("Directory traversal detected"); - } else { - $msg = exec(escapeshellcmd($command), $stdout, $status); - $msg = join("
", $stdout); - if ($status == 1) { - $status = _("WARNING"); - } elseif ($status == 2) { - $status = _("CRITICAL"); - } elseif ($status == 0) { - $status = _("OK"); - } else { - $status = _("UNKNOWN"); - } - } - } else { - $msg = _("Plugin has to be in : ") . $user1Path; - } -} - -$attrsText = array("size" => "25"); -$form = new HTML_QuickFormCustom('Form', 'post', "?p=" . $p); -$form->addElement('header', 'title', _("Plugin Test")); - -/* - * Command information - */ -$form->addElement('header', 'information', _("Plugin test")); -$form->addElement('text', 'command_line', _("Command Line"), $attrsText); -$form->addElement('text', 'command_help', _("Output"), $attrsText); -$form->addElement('text', 'command_status', _("Status"), $attrsText); - -/* - * Smarty template Init - */ - -$tpl = new Smarty(); -$tpl = initSmartyTpl($path, $tpl); - -/* - * Apply a template definition - */ -$renderer = new HTML_QuickForm_Renderer_ArraySmarty($tpl); -$form->accept($renderer); -$tpl->assign('form', $renderer->toArray()); -$tpl->assign('o', $o); -$tpl->assign('command_line', $command); - -if (isset($msg) && $msg) { - $tpl->assign('msg', $msg); -} -if (isset($status)) { - $tpl->assign('status', $status); -} -$tpl->display("minPlayCommand.ihtml");