Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

Commit

Permalink
fix(secu): remove unused http parameters in hostgroup xml.php (#8073)
Browse files Browse the repository at this point in the history 
* style

* fix(secu): remove unused http parameters in hostgroupXML.php file
  • Loading branch information
@sc979
sc979 authored Oct 31, 2019
1 parent f6d9d1f commit c2b8539
Showing 1 changed file with 30 additions and 26 deletions.
56 changes: 30 additions & 26 deletions www/include/monitoring/status/HostGroups/xml/hostGroupXML.php
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<?php
/*
* Copyright 2005-2015 Centreon
* Centreon is developped by : Julien Mathis and Romain Le Merlus under
* Copyright 2005-2019 Centreon
* Centreon is developed by : Julien Mathis and Romain Le Merlus under
* GPL Licence 2.0.
*
* This program is free software; you can redistribute it and/or modify it under
Expand Down Expand Up @@ -33,9 +33,7 @@
*
*/

require_once realpath(dirname(__FILE__) . "/../../../../../../config/centreon.config.php");
require_once realpath(__DIR__ . "/../../../../../../bootstrap.php");

include_once _CENTREON_PATH_ . "www/class/centreonUtils.class.php";
include_once _CENTREON_PATH_ . "www/class/centreonXMLBGRequest.class.php";
include_once _CENTREON_PATH_ . "www/include/common/common-Func.php";
Expand All @@ -47,9 +45,7 @@
$obj = new CentreonXMLBGRequest($dependencyInjector, session_id(), 1, 1, 0, 1);


if (isset($obj->session_id) && CentreonSession::checkSession($obj->session_id, $obj->DB)) {
;
} else {
if (!isset($obj->session_id) || !CentreonSession::checkSession($obj->session_id, $obj->DB)) {
print "Bad Session ID";
exit();
}
Expand All @@ -60,7 +56,7 @@
$obj->getDefaultFilters();

/*
* Alias / Name convertion table
* Alias / Name conversion table
*/
$convertTable = array();
$convertID = array();
Expand All @@ -71,26 +67,34 @@
}
$DBRESULT->closeCursor();

/*
* Check Arguments from GET
*/
$o = $obj->checkArgument("o", $_GET, "h");
$p = $obj->checkArgument("p", $_GET, "2");
$num = $obj->checkArgument("num", $_GET, 0);
$limit = $obj->checkArgument("limit", $_GET, 20);
$instance = $obj->checkArgument("instance", $_GET, $obj->defaultPoller);
$hostgroups = $obj->checkArgument("hostgroups", $_GET, $obj->defaultHostgroups);
$search = $obj->checkArgument("search", $_GET, "");
$sort_type = $obj->checkArgument("sort_type", $_GET, "host_name");
$order = $obj->checkArgument("order", $_GET, "ASC");
$dateFormat = $obj->checkArgument("date_time_format_status", $_GET, "Y/m/d H:i:s");
// Check Arguments From GET tab
$o = filter_input(INPUT_GET, 'o', FILTER_SANITIZE_STRING, array('options' => array('default' => 'h')));
$p = filter_input(INPUT_GET, 'p', FILTER_VALIDATE_INT, array('options' => array('default' => 2)));
$num = filter_input(INPUT_GET, 'num', FILTER_VALIDATE_INT, array('options' => array('default' => 0)));
$limit = filter_input(INPUT_GET, 'limit', FILTER_VALIDATE_INT, array('options' => array('default' => 20)));
//if instance value is not set, displaying all active pollers linked resources
$instance = filter_var($obj->defaultPoller ?? -1, FILTER_VALIDATE_INT);

$search = filter_input(INPUT_GET, 'search', FILTER_SANITIZE_STRING, array('options' => array('default' => '')));
$sort_type = filter_input(
INPUT_GET,
'sort_type',
FILTER_SANITIZE_STRING,
array('options' => array('default' => 'host_name'))
);
$order = filter_input(
INPUT_GET,
'order',
FILTER_VALIDATE_REGEXP,
array('options' => array('default' => 'ASC', 'regexp' => '/^(ASC|DESC)$/'))
);

$groupStr = $obj->access->getAccessGroupsString();

/*
* Backup poller selection
*/
$obj->setInstanceHistory($instance);
$obj->setHostGroupsHistory($hostgroups);

/*
* Search string
Expand Down Expand Up @@ -194,7 +198,7 @@
/*
* Get Pagination Rows
*/
$stats = isset($stats) ? $stats : [];
$stats = $stats ?? [];
$numRows = count($stats);

$obj->XML->startElement("reponse");
Expand All @@ -210,9 +214,9 @@

if (isset($stats)) {
foreach ($stats as $name => $stat) {
if (($i < (($num + 1) * $limit) && $i >= (($num) * $limit)) &&
((isset($converTable[$name]) && isset($acl[$convertTable[$name]])) || (!isset($acl))) &&
$name != "meta_hostgroup"
if (($i < (($num + 1) * $limit) && $i >= (($num) * $limit))
&& ((isset($converTable[$name]) && isset($acl[$convertTable[$name]])) || (!isset($acl)))
&& $name != "meta_hostgroup"
) {
$class = $obj->getNextLineClass();
if (isset($stat["h"]) && count($stat["h"])) {
Expand Down

0 comments on commit c2b8539

Please sign in to comment.