FreeBSD Bugzilla – Attachment 94731 Details for
Bug 132944
[patch] net-mgmt/zabbix: fix multiple vulnerabilities in 1.6.2
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
fix-USH-162.diff
fix-USH-162.diff (text/plain), 84.84 KB, created by
Eygene Ryabinkin
on 2009-03-22 19:40:08 UTC
(
hide
)
Description:
fix-USH-162.diff
Filename:
MIME Type:
Creator:
Eygene Ryabinkin
Created:
2009-03-22 19:40:08 UTC
Size:
84.84 KB
patch
obsolete
>From 95099537adfd930ac21087aad7b6923b835ff19e Mon Sep 17 00:00:00 2001 >From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> >Date: Thu, 19 Mar 2009 23:44:36 +0300 > >Signed-off-by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> >--- > net-mgmt/zabbix/Makefile | 3 +- > net-mgmt/zabbix/files/patch-USH-162.1 | 147 ++ > net-mgmt/zabbix/files/patch-USH-162.2 | 2633 +++++++++++++++++++++++++++++++++ > net-mgmt/zabbix/pkg-plist | 3 +- > 4 files changed, 2782 insertions(+), 4 deletions(-) > create mode 100644 net-mgmt/zabbix/files/patch-USH-162.1 > create mode 100644 net-mgmt/zabbix/files/patch-USH-162.2 > >diff --git a/net-mgmt/zabbix/Makefile b/net-mgmt/zabbix/Makefile >index 06e53e8..ad2fc7a 100644 >--- a/net-mgmt/zabbix/Makefile >+++ b/net-mgmt/zabbix/Makefile >@@ -7,6 +7,7 @@ > > PORTNAME= zabbix > PORTVERSION= 1.6.2 >+PORTREVISION= 1 > PORTEPOCH= 1 > CATEGORIES= net-mgmt > MASTER_SITES= SF >@@ -38,8 +39,6 @@ SUB_FILES= pkg-message > > .include <bsd.port.pre.mk> > >-FORBIDDEN= multiple vulnerabilities http://www.vuxml.org/freebsd/03140526-1250-11de-a964-0030843d3802.html >- > .ifndef WITHOUT_JABBER > USE_JABBER= yes > CONFIGURE_ARGS+=--with-jabber=${LOCALBASE} >diff --git a/net-mgmt/zabbix/files/patch-USH-162.1 b/net-mgmt/zabbix/files/patch-USH-162.1 >new file mode 100644 >index 0000000..c51277b >--- /dev/null >+++ b/net-mgmt/zabbix/files/patch-USH-162.1 >@@ -0,0 +1,147 @@ >+Patch for vulnerabilities 'A' and 'C' from USH-162 advisory, >+ http://www.ush.it/team/ush/hack-zabbix_162/adv.txt >+ >+Obtained from svn://svn.zabbix.com/branches/1.6/frontends/php/ >+ >+Two hunks, both are unmodified. >+ >+----- >+ >+This hunk removes arbitrary code execution by checking key's >+value to be alphanumeric with possible underscores. >+ >+Index: include/validate.inc.php >+=================================================================== >+--- frontends/php/include/validate.inc.php (revision 6592) >++++ frontends/php/include/validate.inc.php (revision 6593) >+@@ -198,19 +198,21 @@ >+ return $ret; >+ } >+ >+- function calc_exp($fields,$field,$expression){ >++ function calc_exp($fields,$field,$expression){ >+ //SDI("$field - expression: ".$expression); >+ >+- if(zbx_strstr($expression,"{}") && !isset($_REQUEST[$field])) >++ if(zbx_strstr($expression,'{}') && !isset($_REQUEST[$field])) >+ return FALSE; >+ >+- if(zbx_strstr($expression,"{}") && !is_array($_REQUEST[$field])) >+- $expression = str_replace("{}",'$_REQUEST["'.$field.'"]',$expression); >++ if(zbx_strstr($expression,'{}') && !is_array($_REQUEST[$field])) >++ $expression = str_replace('{}','$_REQUEST["'.$field.'"]',$expression); >+ >+- if(zbx_strstr($expression,"{}") && is_array($_REQUEST[$field])){ >++ if(zbx_strstr($expression,'{}') && is_array($_REQUEST[$field])){ >+ foreach($_REQUEST[$field] as $key => $val){ >+- $expression2 = str_replace("{}",'$_REQUEST["'.$field.'"]["'.$key.'"]',$expression); >+- if(calc_exp2($fields,$field,$expression2)==FALSE) >++ if(!ereg('^[a-zA-Z0-9_]+$',$key)) return FALSE; >++ >++ $expression2 = str_replace('{}','$_REQUEST["'.$field.'"]["'.$key.'"]',$expression); >++ if(calc_exp2($fields,$field,$expression2)==FALSE) >+ return FALSE; >+ } >+ return TRUE; >+@@ -219,7 +221,7 @@ >+ return calc_exp2($fields,$field,$expression); >+ } >+ >+- function unset_not_in_list(&$fields){ >++ function unset_not_in_list(&$fields){ >+ foreach($_REQUEST as $key => $val){ >+ if(!isset($fields[$key])){ >+ unset_request($key,'unset_not_in_list'); >+@@ -382,7 +384,7 @@ >+ } >+ } >+ >+- function check_field(&$fields, &$field, $checks){ >++ function check_field(&$fields, &$field, $checks){ >+ list($type,$opt,$flags,$validation,$exception)=$checks; >+ >+ if($flags&P_UNSET_EMPTY && isset($_REQUEST[$field]) && $_REQUEST[$field]==''){ >+@@ -473,9 +475,7 @@ >+ include_once "include/page_footer.php"; >+ } >+ >+- function check_fields(&$fields, $show_messages=true){ >+- >+- global $_REQUEST; >++ function check_fields(&$fields, $show_messages=true){ >+ global $system_fields; >+ >+ $err = ZBX_VALID_OK; >+Index: locales.php >+=================================================================== >+--- frontends/php/locales.php (revision 6592) >++++ frontends/php/locales.php (revision 6593) >+@@ -19,11 +19,11 @@ >+ **/ >+ ?> >+ <?php >+-include_once "include/config.inc.php"; >++include_once('include/config.inc.php'); >+ >+ if(isset($_REQUEST['download'])){ >+- $page["type"] = PAGE_TYPE_XML; >+- $page["file"] = "new_locale.inc.php"; >++ $page['type'] = PAGE_TYPE_XML; >++ $page['file'] = 'new_locale.inc.php'; >+ } >+ else{ >+ $page['title'] = "S_LOCALES"; >+@@ -181,26 +181,25 @@ >+ $frmLcls->AddOption('id','locales'); >+ $frmLcls->SetHelp($help); >+ >+- $fileFrom = 'include/locales/'.$_REQUEST['srclang'].".inc.php"; >+- if(file_exists($fileFrom)){ >+- include($fileFrom); >+ >++ $fileFrom = 'include/locales/'.$_REQUEST['srclang'].'.inc.php'; >++ if(ereg('^[A-Za-z0-9_]+$', $_REQUEST['srclang']) && file_exists($fileFrom)){ >++ include($fileFrom); >+ if(!isset($TRANSLATION) || !is_array($TRANSLATION)){ >+- error("Passed SOURCE is NOT valid PHP file."); >++ error('Passed SOURCE is NOT valid PHP file.'); >+ } >+ $transFrom = $TRANSLATION; >+ } >+ unset($TRANSLATION); >+ >+- $frmLcls->AddVar('extlang',$_REQUEST['extlang']); >+- >+- if($_REQUEST['extlang'] != 'new'){ >+- $fileTo = 'include/locales/'.$_REQUEST['extlang'].".inc.php"; >++ $frmLcls->addVar('extlang',$_REQUEST['extlang']); >++ if(ereg('^[A-Za-z0-9_]+$', $_REQUEST['srclang']) && ($_REQUEST['extlang'] != 'new')){ >++ $fileTo = 'include/locales/'.$_REQUEST['extlang'].'.inc.php'; >+ if(file_exists($fileTo)){ >+ include($fileTo); >+ >+ if(!isset($TRANSLATION) || !is_array($TRANSLATION)){ >+- error("Passed DEST is NOT valid PHP file."); >++ error('Passed DEST is NOT valid PHP file.'); >+ } >+ $transTo = $TRANSLATION; >+ // header('Content-Type: text/html; charset='.$TRANSLATION['S_HTML_CHARSET']); >+ >+----- >+ >+This hunk fixes typo in the bugfix for local file inclusion inside >+locales.php >+ >+Index: branches/1.6/frontends/php/locales.php >+=================================================================== >+--- frontends/php/locales.php (revision 6885) >++++ frontends/php/locales.php (revision 6886) >+@@ -193,7 +193,7 @@ >+ unset($TRANSLATION); >+ >+ $frmLcls->addVar('extlang',$_REQUEST['extlang']); >+- if(ereg('^[A-Za-z0-9_]+$', $_REQUEST['srclang']) && ($_REQUEST['extlang'] != 'new')){ >++ if(ereg('^[A-Za-z0-9_]+$', $_REQUEST['extlang']) && ($_REQUEST['extlang'] != 'new')){ >+ $fileTo = 'include/locales/'.$_REQUEST['extlang'].'.inc.php'; >+ if(file_exists($fileTo)){ >+ include($fileTo); >diff --git a/net-mgmt/zabbix/files/patch-USH-162.2 b/net-mgmt/zabbix/files/patch-USH-162.2 >new file mode 100644 >index 0000000..df26d84 >--- /dev/null >+++ b/net-mgmt/zabbix/files/patch-USH-162.2 >@@ -0,0 +1,2633 @@ >+Patch for vulnerability 'B' from USH-162 advisory, >+ http://www.ush.it/team/ush/hack-zabbix_162/adv.txt >+ >+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >+Obtained from svn://svn.zabbix.com/branches/1.6/frontends/php/ >+ >+This hunk adds functionality to check the 'sessionid' variable using >+cookie named 'zbx_sessionid' and thus preventing easy CSRFs. >+ >+Whitespace-only changes were mostly removed. >+ >+Index: frontends/php/include/perm.inc.php >+=================================================================== >+--- frontends/php/include/perm.inc.php (revision 6620) >++++ frontends/php/include/perm.inc.php (revision 6621) >+@@ -44,7 +44,7 @@ >+ $USER_DETAILS = NULL; >+ $login = FALSE; >+ >+- $sessionid = get_cookie('zbx_sessionid'); >++ $sessionid = get_request('sessionid',get_cookie('zbx_sessionid')); >+ >+ if(!is_null($sessionid)){ >+ $sql = 'SELECT u.*,s.* '. >+Index: frontends/php/include/validate.inc.php >+=================================================================== >+--- frontends/php/include/validate.inc.php (revision 6620) >++++ frontends/php/include/validate.inc.php (revision 6621) >+@@ -428,8 +429,12 @@ >+ } >+ } >+ else if($opt == O_OPT){ >+- if(!isset($_REQUEST[$field])) >++ if(!isset($_REQUEST[$field])){ >+ return ZBX_VALID_OK; >++ } >++ else if(($flags&P_ACT) && !isset($_REQUEST['zbx_form'])){ >++ return ZBX_VALID_ERROR; >++ } >+ } >+ >+ check_trim($_REQUEST[$field]); >+@@ -458,17 +463,21 @@ >+ return ZBX_VALID_OK; >+ } >+ >+-// VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION >++// VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION >+ $system_fields=array( >+- "sessionid"=> array(T_ZBX_STR, O_OPT, P_SYS, HEX(),NULL), >+- "switch_node"=> array(T_ZBX_INT, O_OPT, P_SYS, DB_ID,NULL), >+- "triggers_hash"=> array(T_ZBX_STR, O_OPT, P_SYS, NOT_EMPTY,NULL), >+- 'print'=> array(T_ZBX_INT, O_OPT, P_SYS, IN("1"),NULL), >++ 'sessionid'=> array(T_ZBX_STR, O_OPT, P_SYS, HEX(), 'isset({zbx_form})'), >++ 'zbx_form'=> array(T_ZBX_STR, O_OPT, P_SYS, NOT_EMPTY, NULL), >++// >++ 'switch_node'=> array(T_ZBX_INT, O_OPT, P_SYS, DB_ID,NULL), >++ 'triggers_hash'=> array(T_ZBX_STR, O_OPT, P_SYS, NOT_EMPTY,NULL), >++ 'print'=> array(T_ZBX_INT, O_OPT, P_SYS, IN('1'),NULL), >++ >++// table sorting >+ 'sort'=> array(T_ZBX_STR, O_OPT, P_SYS, NULL,NULL), >+ 'sortorder'=> array(T_ZBX_STR, O_OPT, P_SYS, NULL,NULL) >+ ); >+ >+- function invalid_url(){ >++ function invalid_url(){ >+ include_once "include/page_header.php"; >+ unset_all(); >+ show_error_message(S_INVALID_URL); >+Index: frontends/php/include/classes/cform.inc.php >+=================================================================== >+--- frontends/php/include/classes/cform.inc.php (revision 6620) >++++ frontends/php/include/classes/cform.inc.php (revision 6621) >+@@ -22,46 +22,44 @@ >+ class CForm extends CTag{ >+ /* public */ >+ function CForm($action=NULL, $method='post', $enctype=NULL){ >+- parent::CTag("form","yes"); >+- $this->SetMethod($method); >+- $this->SetAction($action); >+- $this->SetEnctype($enctype); >++ parent::CTag('form','yes'); >++ $this->setMethod($method); >++ $this->setAction($action); >++ $this->setEnctype($enctype); >++ >++ $this->addVar('zbx_form', 'action'); >++ $this->addVar('sessionid', $_COOKIE['zbx_sessionid']); >+ } >+ >+- function SetMethod($value='post'){ >++ function setMethod($value='post'){ >+ return $this->options['method'] = $value; >+ } >+ >+- function SetAction($value){ >++ function setAction($value){ >+ global $page; >+ >+ if(is_null($value)){ >+- if(isset($page['file'])){ >+- $value = $page['file']; >+- } >+- else{ >+- $value = "#"; >+- } >++ $value = isset($page['file'])?$page['file']:'#'; >+ } >+ >+ return $this->options['action'] = $value; >+ } >+ >+- function SetEnctype($value=NULL){ >++ function setEnctype($value=NULL){ >+ if(is_null($value)){ >+- return $this->DelOption("enctype"); >++ return $this->DelOption('enctype'); >+ } >+ else if(!is_string($value)){ >+ return $this->error("Incorrect value for SetEnctype [$value]"); >+ } >+ >+- return $this->AddOption("enctype",$value); >++ return $this->addOption('enctype',$value); >+ } >+ >+- function AddVar($name, $value){ >++ function addVar($name, $value){ >+ if(empty($value) && $value != 0) return $value; >+ >+- return $this->AddItem(new CVar($name, $value)); >++ return $this->addItem(new CVar($name, $value)); >+ } >+ } >+ ?> >+Index: frontends/php/include/classes/cformtable.inc.php >+=================================================================== >+--- frontends/php/include/classes/cformtable.inc.php (revision 6620) >++++ frontends/php/include/classes/cformtable.inc.php (revision 6621) >+@@ -46,48 +46,48 @@ >+ } >+ >+ parent::CForm($action,$method,$enctype); >+- $this->SetTitle($title); >+- $this->SetAlign('center'); >+- $this->SetHelp(); >++ $this->setTitle($title); >++ $this->setAlign('center'); >++ $this->setHelp(); >+ >+ // $frm_link = new CLink(); >+-// $frm_link->SetName("formtable"); >+-// $this->AddItemToTopRow($frm_link); >++// $frm_link->setName("formtable"); >++// $this->addItemToTopRow($frm_link); >+ >+- $this->AddVar($form_variable, get_request($form_variable, 1)); >+- $this->AddVar('form_refresh',get_request('form_refresh',0)+1); >++ $this->addVar($form_variable, get_request($form_variable, 1)); >++ $this->addVar('form_refresh',get_request('form_refresh',0)+1); >+ >+ $this->bottom_items = new CCol(SPACE,'form_row_last'); >+- $this->bottom_items->SetColSpan(2); >++ $this->bottom_items->setColSpan(2); >+ } >+ >+- function SetAction($value){ >++ function setAction($value){ >+ >+ if(is_string($value)) >+- return parent::SetAction($value); >++ return parent::setAction($value); >+ elseif(is_null($value)) >+- return parent::SetAction($value); >++ return parent::setAction($value); >+ else >+ return $this->error("Incorrect value for SetAction [$value]"); >+ } >+ >+- function SetName($value){ >++ function setName($value){ >+ if(!is_string($value)){ >+ return $this->error("Incorrect value for SetAlign [$value]"); >+ } >+- $this->AddOption('name',$value); >+- $this->AddOption('id',$value); >++ $this->addOption('name',$value); >++ $this->addOption('id',$value); >+ return true; >+ } >+ >+- function SetAlign($value){ >++ function setAlign($value){ >+ if(!is_string($value)){ >+ return $this->error("Incorrect value for SetAlign [$value]"); >+ } >+ return $this->align = $value; >+ } >+ >+- function SetTitle($value=NULL){ >++ function setTitle($value=NULL){ >+ if(is_null($value)){ >+ unset($this->title); >+ return 0; >+@@ -101,7 +101,7 @@ >+ $this->title = unpack_object($value); >+ } >+ >+- function SetHelp($value=NULL){ >++ function setHelp($value=NULL){ >+ if(is_null($value)) { >+ $this->help = new CHelp(); >+ } >+@@ -110,8 +110,8 @@ >+ } >+ else if(is_string($value)) { >+ $this->help = new CHelp($value); >+- if($this->GetName()==NULL) >+- $this->SetName($value); >++ if($this->getName()==NULL) >++ $this->setName($value); >+ } >+ else { >+ return $this->error("Incorrect value for SetHelp [$value]"); >+@@ -119,21 +119,21 @@ >+ return 0; >+ } >+ >+- function AddVar($name, $value){ >+- $this->AddItemToTopRow(new CVar($name, $value)); >++ function addVar($name, $value){ >++ $this->addItemToTopRow(new CVar($name, $value)); >+ } >+ >+- function AddItemToTopRow($value){ >++ function addItemToTopRow($value){ >+ array_push($this->top_items, $value); >+ } >+ >+- function AddRow($item1, $item2=NULL, $class=NULL){ >++ function addRow($item1, $item2=NULL, $class=NULL){ >+ if(strtolower(get_class($item1)) == 'crow'){ >+ >+ } >+ else if(strtolower(get_class($item1)) == 'ctable'){ >+ $td = new CCol($item1,'form_row_c'); >+- $td->SetColSpan(2); >++ $td->setColSpan(2); >+ >+ $item1 = new CRow($td); >+ } >+@@ -157,7 +157,7 @@ >+ array_push($this->center_items, $item1); >+ } >+ >+- function AddSpanRow($value, $class=NULL){ >++ function addSpanRow($value, $class=NULL){ >+ if(is_string($value)) >+ $item1=nbsp($value); >+ >+@@ -165,16 +165,16 @@ >+ if(is_null($class)) $class = 'form_row_c'; >+ >+ $col = new CCol($value,$class); >+- $col->SetColSpan(2); >++ $col->setColSpan(2); >+ array_push($this->center_items,new CRow($col)); >+ } >+ >+ >+- function AddItemToBottomRow($value){ >+- $this->bottom_items->AddItem($value); >++ function addItemToBottomRow($value){ >++ $this->bottom_items->addItem($value); >+ } >+ >+- function SetTableClass($class){ >++ function setTableClass($class){ >+ if(is_string($class)){ >+ $this->tableclass = $class; >+ } >+@@ -186,25 +186,25 @@ >+ >+ $tbl = new CTable(NULL,$this->tableclass); >+ >+- $tbl->SetOddRowClass('form_odd_row'); >+- $tbl->SetEvenRowClass('form_even_row'); >+- $tbl->SetCellSpacing(0); >+- $tbl->SetCellPadding(1); >+- $tbl->SetAlign($this->align); >++ $tbl->setOddRowClass('form_odd_row'); >++ $tbl->setEvenRowClass('form_even_row'); >++ $tbl->setCellSpacing(0); >++ $tbl->setCellPadding(1); >++ $tbl->setAlign($this->align); >+ # add first row >+ $col = new CCol(NULL,'form_row_first'); >+- $col->SetColSpan(2); >++ $col->setColSpan(2); >+ >+- if(isset($this->help)) $col->AddItem($this->help); >+- if(isset($this->title)) $col->AddItem($this->title); >+- foreach($this->top_items as $item) $col->AddItem($item); >++ if(isset($this->help)) $col->addItem($this->help); >++ if(isset($this->title)) $col->addItem($this->title); >++ foreach($this->top_items as $item) $col->addItem($item); >+ >+- $tbl->SetHeader($col); >++ $tbl->setHeader($col); >+ # add last row >+- $tbl->SetFooter($this->bottom_items); >++ $tbl->setFooter($this->bottom_items); >+ # add center rows >+ foreach($this->center_items as $item){ >+- $tbl->AddRow($item); >++ $tbl->addRow($item); >+ } >+ return $tbl->ToString(); >+ } >+ >+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >+Obtained from svn://svn.zabbix.com/branches/1.6/frontends/php/ >+ >+This hunk adds session identifier transmission during Ajax requests. >+It also reshuffles some JavaScript functions and adds many whitespace >+changes. >+ >+Index: frontends/php/js/cookies.js >+=================================================================== >+--- frontends/php/js/cookies.js (revision 6622) >++++ frontends/php/js/cookies.js (revision 6623) >+@@ -1,78 +0,0 @@ >+-//Javascript document >+-/* >+-** ZABBIX >+-** Copyright (C) 2000-2005 SIA Zabbix >+-** >+-** This program is free software; you can redistribute it and/or modify >+-** it under the terms of the GNU General Public License as published by >+-** the Free Software Foundation; either version 2 of the License, or >+-** (at your option) any later version. >+-** >+-** This program is distributed in the hope that it will be useful, >+-** but WITHOUT ANY WARRANTY; without even the implied warranty of >+-** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+-** GNU General Public License for more details. >+-** >+-** You should have received a copy of the GNU General Public License >+-** along with this program; if not, write to the Free Software >+-** Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. >+-**/ >+-// Title: cookies class >+-// Description: to manipulate cookies on client side >+-// Author: Aly >+- >+-var cookie ={ >+-cookies: new Array(), >+- >+-init: function () { >+- var allCookies = document.cookie.split('; '); >+- for (var i=0;i<allCookies.length;i++) { >+- var cookiePair = allCookies[i].split('='); >+- this.cookies[cookiePair[0]] = cookiePair[1]; >+- } >+-}, >+- >+-create: function (name,value,days) { >+- if(days) { >+- var date = new Date(); >+- date.setTime(date.getTime()+(days*24*60*60*1000)); >+- var expires = "; expires="+date.toGMTString(); >+- }else{ >+- var expires = ""; >+- } >+- >+- document.cookie = name+"="+value+expires+"; path=/"; >+- this.cookies[name] = value; >+-}, >+- >+-read : function(name){ >+- if(typeof(this.cookies[name]) != 'undefined'){ >+- return this.cookies[name]; >+- } else { >+- var nameEQ = name + "="; >+- var ca = document.cookie.split(';'); >+- for(var i=0;i < ca.length;i++) { >+- var c = ca[i]; >+- while (c.charAt(0)==' ') c = c.substring(1,c.length); >+- if(c.indexOf(nameEQ) == 0) return this.cookies[name] = c.substring(nameEQ.length,c.length); >+- } >+- } >+- return null; >+-}, >+- >+-printall: function() { >+- var allCookies = document.cookie.split('; '); >+- for (var i=0;i<allCookies.length;i++) { >+- var cookiePair = allCookies[i].split('='); >+- >+- alert("[" + cookiePair[0] + "] is " + cookiePair[1]); // assumes print is already defined >+- } >+-}, >+- >+-erase: function (name) { >+- this.create(name,'',-1); >+- this.cookies[name] = undefined; >+-} >+-} >+- >+-cookie.init(); >+\ No newline at end of file >+Index: frontends/php/js/url.js >+=================================================================== >+--- frontends/php/js/url.js (revision 6622) >++++ frontends/php/js/url.js (revision 6623) >+@@ -1,256 +0,0 @@ >+-// JavaScript Document >+-/* >+-** ZABBIX >+-** Copyright (C) 2000-2007 SIA Zabbix >+-** >+-** This program is free software; you can redistribute it and/or modify >+-** it under the terms of the GNU General Public License as published by >+-** the Free Software Foundation; either version 2 of the License, or >+-** (at your option) any later version. >+-** >+-** This program is distributed in the hope that it will be useful, >+-** but WITHOUT ANY WARRANTY; without even the implied warranty of >+-** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+-** GNU General Public License for more details. >+-** >+-** You should have received a copy of the GNU General Public License >+-** along with this program; if not, write to the Free Software >+-** Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. >+-** >+-*/ >+- >+-// Title: url manipulation class >+-// Author: Aly >+- >+- >+-var url = Class.create(); >+- >+-url.prototype = { >+-url: '', // actually, it's depricated/private variable >+-port: -1, >+-host: '', >+-protocol: '', >+-username: '', >+-password: '', >+-filr: '', >+-reference: '', >+-path: '', >+-query: '', >+-arguments: new Array(), >+- >+-initialize: function(url){ >+- this.url=unescape(url); >+- >+- this.query=(this.url.indexOf('?')>=0)?this.url.substring(this.url.indexOf('?')+1):''; >+- if(this.query.indexOf('#')>=0) this.query=this.query.substring(0,this.query.indexOf('#')); >+- >+- var protocolSepIndex=this.url.indexOf('://'); >+- if(protocolSepIndex>=0){ >+- this.protocol=this.url.substring(0,protocolSepIndex).toLowerCase(); >+- this.host=this.url.substring(protocolSepIndex+3); >+- if(this.host.indexOf('/')>=0) this.host=this.host.substring(0,this.host.indexOf('/')); >+- var atIndex=this.host.indexOf('@'); >+- if(atIndex>=0){ >+- var credentials=this.host.substring(0,atIndex); >+- var colonIndex=credentials.indexOf(':'); >+- if(colonIndex>=0){ >+- this.username=credentials.substring(0,colonIndex); >+- this.password=credentials.substring(colonIndex); >+- }else{ >+- this.username=credentials; >+- } >+- this.host=this.host.substring(atIndex+1); >+- } >+- >+- var host_ipv6 = this.host.indexOf(']'); >+- if(host_ipv6>=0){ >+- if(host_ipv6 < (this.host.length-1)){ >+- host_ipv6++; >+- var host_less = this.host.substring(host_ipv6); >+- >+- var portColonIndex=host_less.indexOf(':'); >+- if(portColonIndex>=0){ >+- this.port=host_less.substring(portColonIndex+1); >+- this.host=this.host.substring(0,host_ipv6); >+- } >+- } >+- } >+- else{ >+- var portColonIndex=this.host.indexOf(':'); >+- if(portColonIndex>=0){ >+- this.port=this.host.substring(portColonIndex+1); >+- this.host=this.host.substring(0,portColonIndex); >+- } >+- } >+- this.file=this.url.substring(protocolSepIndex+3); >+- this.file=this.file.substring(this.file.indexOf('/')); >+- }else{ >+- this.file=this.url; >+- } >+- if(this.file.indexOf('?')>=0) this.file=this.file.substring(0, this.file.indexOf('?')); >+- >+- var refSepIndex=url.indexOf('#'); >+- if(refSepIndex>=0){ >+- this.file=this.file.substring(0,refSepIndex); >+- this.reference=this.url.substring(this.url.indexOf('#')); >+- } >+- this.path=this.file; >+- if(this.query.length>0) this.file+='?'+this.query; >+- if(this.reference.length>0) this.file+='#'+this.reference; >+- if(this.query.length > 0) this.getArguments(); >+-}, >+- >+-getArguments: function(){ >+- var args=this.query.split('&'); >+- var keyval=''; >+- >+- if(args.length<1) return; >+- >+- for(i=0;i<args.length;i++){ >+- keyval=args[i].split('='); >+- this.arguments[i] = new Array(keyval[0],(keyval.length==1)?keyval[0]:keyval[1]); >+- } >+-}, >+- >+-getArgumentValue: function(key){ >+- if(key.length<1) return ''; >+- for(i=0; i < this.arguments.length; i++){ >+- if(this.arguments[i][0] == key) return this.arguments[i][1]; >+- } >+- >+-return ''; >+-}, >+- >+-getArgumentValues: function(){ >+- var a=new Array(); >+- var b=this.query.split('&'); >+- var c=''; >+- if(b.length<1) return a; >+- for(i=0;i<b.length;i++){ >+- c=b[i].split('='); >+- a[i]=new Array(c[0],((c.length==1)?c[0]:c[1])); >+- } >+-return a; >+-}, >+- >+-getUrl: function(){ >+- var uri = (this.protocol.length > 0)?(this.protocol+'://'):''; >+- uri += encodeURI((this.username.length > 0)?(this.username):''); >+- uri += encodeURI((this.password.length > 0)?(':'+this.password):''); >+- uri += (this.host.length > 0)?(this.host):''; >+- uri += (this.port.length > 0)?(':'+this.port):''; >+- uri += encodeURI((this.path.length > 0)?(this.path):''); >+- uri += encodeURI((this.query.length > 0)?('?'+this.query):''); >+- uri += encodeURI((this.reference.length > 0)?('#'+this.reference):''); >+-// alert(uri.getProtocol()+' : '+uri.getHost()+' : '+uri.getPort()+' : '+uri.getPath()+' : '+uri.getQuery()); >+-return uri; >+-}, >+- >+-setArgument: function(key,value){ >+- >+- var valueisset = false; >+- if(typeof(key) == 'undefined') throw 'Invalid argument past for setArgument'; >+- >+- value =('undefined' != typeof(value))?value:''; >+- >+- for(i=0; i < this.arguments.length; i++){ >+- if(this.arguments[i][0] == key){ >+- valueisset = true; >+- this.arguments[i][1] = value; >+- } >+- } >+- if(!valueisset) this.arguments[this.arguments.length] = new Array(key,value); >+- this.formatQuery(); >+-}, >+- >+-formatQuery: function(){ >+- if(this.arguments.lenght < 1) return; >+- >+- var query = ''; >+- for(i=0; i < this.arguments.length; i++){ >+- query+=this.arguments[i][0]+'='+this.arguments[i][1]+'&'; >+- } >+- this.query = query.substring(0,query.length-1); >+-}, >+- >+-getPort: function(){ >+- return this.port; >+-}, >+- >+-setPort: function(port){ >+- this.port = port; >+-}, >+- >+-getQuery: function(){ >+- return this.query; >+-}, >+- >+-setQuery: function(query){ >+- this.query = query; >+- this.getArgumentValues(); >+- this.formatQuery(); >+-}, >+- >+-/* Returns the protocol of this URL, i.e. 'http' in the url 'http://server/' */ >+-getProtocol: function(){ >+- return this.protocol; >+-}, >+- >+-setProtocol: function(protocol){ >+- this.protocol = protocol; >+-}, >+-/* Returns the host name of this URL, i.e. 'server.com' in the url 'http://server.com/' */ >+-getHost: function(){ >+- return this.host; >+-}, >+- >+-setHost: function(set){ >+- this.host = host; >+-}, >+- >+-/* Returns the user name part of this URL, i.e. 'joe' in the url 'http://joe@server.com/' */ >+-getUserName: function(){ >+- return this.username; >+-}, >+- >+-setUserName: function(username){ >+- this.username = username; >+-}, >+- >+-/* Returns the password part of this url, i.e. 'secret' in the url 'http://joe:secret@server.com/' */ >+-getPassword: function(){ >+- return this.password; >+-}, >+- >+-setPassword: function(password){ >+- this.password = password; >+-}, >+- >+-/* Returns the file part of this url, i.e. everything after the host name. */ >+-getFile: function(){ >+- return this.file = file; >+-}, >+- >+-setFile: function(file){ >+- this.file = file; >+-}, >+- >+-/* Returns the reference of this url, i.e. 'bookmark' in the url 'http://server/file.html#bookmark' */ >+-getReference: function(){ >+- return this.reference; >+-}, >+- >+-setReference: function(reference){ >+- this.reference = reference; >+-}, >+- >+-/* Returns the file path of this url, i.e. '/dir/file.html' in the url 'http://server/dir/file.html' */ >+-getPath: function(){ >+- return this.path; >+-}, >+- >+-setPath: function(path){ >+- this.path = path; >+-} >+- >+-} >+\ No newline at end of file >+Index: frontends/php/js/updater.js >+=================================================================== >+--- frontends/php/js/updater.js (revision 6622) >++++ frontends/php/js/updater.js (revision 6623) >+@@ -27,7 +27,7 @@ >+ >+ setObj4Update: function(id,frequency,url,params){ >+ var obj = document.getElementById(id); >+- if((typeof(obj) == 'undefined')) return false; >++ if(typeof(obj) == 'undefined') return false; >+ >+ var obj4update = { >+ 'id': id, >+@@ -65,7 +65,9 @@ >+ obj4update.ready = false; >+ >+ var uri = new url(obj4update.url); >+- new Ajax.Updater(obj4update.id, obj4update.url, >++ uri.setArgument('sessionid', cookie.read('zbx_sessionid')); >++ >++ new Ajax.Updater(obj4update.id, uri.getUrl(),//obj4update.url, >+ { >+ method: 'post', >+ 'parameters': obj4update.params, >+Index: frontends/php/js/gpc.js >+=================================================================== >+--- frontends/php/js/gpc.js (revision 0) >++++ frontends/php/js/gpc.js (revision 6623) >+@@ -0,0 +1,315 @@ >++//Javascript document >++/* >++** ZABBIX >++** Copyright (C) 2000-2009 SIA Zabbix >++** >++** This program is free software; you can redistribute it and/or modify >++** it under the terms of the GNU General Public License as published by >++** the Free Software Foundation; either version 2 of the License, or >++** (at your option) any later version. >++** >++** This program is distributed in the hope that it will be useful, >++** but WITHOUT ANY WARRANTY; without even the implied warranty of >++** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >++** GNU General Public License for more details. >++** >++** You should have received a copy of the GNU General Public License >++** along with this program; if not, write to the Free Software >++** Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. >++**/ >++ >++// Title: cookies class >++// Description: to manipulate cookies on client side >++// Author: Aly >++var cookie ={ >++cookies: new Array(), >++ >++init: function () { >++ var allCookies = document.cookie.split('; '); >++ for (var i=0;i<allCookies.length;i++) { >++ var cookiePair = allCookies[i].split('='); >++ this.cookies[cookiePair[0]] = cookiePair[1]; >++ } >++}, >++ >++create: function (name,value,days) { >++ if(days) { >++ var date = new Date(); >++ date.setTime(date.getTime()+(days*24*60*60*1000)); >++ var expires = "; expires="+date.toGMTString(); >++ } >++ else{ >++ var expires = ""; >++ } >++ >++ document.cookie = name+"="+value+expires+"; path=/"; >++ this.cookies[name] = value; >++}, >++ >++read : function(name){ >++ if(typeof(this.cookies[name]) != 'undefined'){ >++ return this.cookies[name]; >++ } >++ else { >++ var nameEQ = name + "="; >++ var ca = document.cookie.split(';'); >++ for(var i=0;i < ca.length;i++) { >++ var c = ca[i]; >++ while (c.charAt(0)==' ') c = c.substring(1,c.length); >++ if(c.indexOf(nameEQ) == 0) return this.cookies[name] = c.substring(nameEQ.length,c.length); >++ } >++ } >++ return null; >++}, >++ >++printall: function() { >++ var allCookies = document.cookie.split('; '); >++ for(var i=0;i<allCookies.length;i++){ >++ var cookiePair = allCookies[i].split('='); >++ >++ alert("[" + cookiePair[0] + "] is " + cookiePair[1]); // assumes print is already defined >++ } >++}, >++ >++erase: function (name) { >++ this.create(name,'',-1); >++ this.cookies[name] = undefined; >++} >++} >++ >++cookie.init(); >++ >++ >++ >++// Title: url manipulation class >++// Author: Aly >++var url = Class.create(); >++ >++url.prototype = { >++url: '', // actually, it's depricated/private variable >++port: -1, >++host: '', >++protocol: '', >++username: '', >++password: '', >++filr: '', >++reference: '', >++path: '', >++query: '', >++arguments: new Array(), >++ >++initialize: function(url){ >++ this.url=unescape(url); >++ >++ this.query=(this.url.indexOf('?')>=0)?this.url.substring(this.url.indexOf('?')+1):''; >++ if(this.query.indexOf('#')>=0) this.query=this.query.substring(0,this.query.indexOf('#')); >++ >++ var protocolSepIndex=this.url.indexOf('://'); >++ if(protocolSepIndex>=0){ >++ this.protocol=this.url.substring(0,protocolSepIndex).toLowerCase(); >++ this.host=this.url.substring(protocolSepIndex+3); >++ if(this.host.indexOf('/')>=0) this.host=this.host.substring(0,this.host.indexOf('/')); >++ var atIndex=this.host.indexOf('@'); >++ if(atIndex>=0){ >++ var credentials=this.host.substring(0,atIndex); >++ var colonIndex=credentials.indexOf(':'); >++ if(colonIndex>=0){ >++ this.username=credentials.substring(0,colonIndex); >++ this.password=credentials.substring(colonIndex); >++ }else{ >++ this.username=credentials; >++ } >++ this.host=this.host.substring(atIndex+1); >++ } >++ >++ var host_ipv6 = this.host.indexOf(']'); >++ if(host_ipv6>=0){ >++ if(host_ipv6 < (this.host.length-1)){ >++ host_ipv6++; >++ var host_less = this.host.substring(host_ipv6); >++ >++ var portColonIndex=host_less.indexOf(':'); >++ if(portColonIndex>=0){ >++ this.port=host_less.substring(portColonIndex+1); >++ this.host=this.host.substring(0,host_ipv6); >++ } >++ } >++ } >++ else{ >++ var portColonIndex=this.host.indexOf(':'); >++ if(portColonIndex>=0){ >++ this.port=this.host.substring(portColonIndex+1); >++ this.host=this.host.substring(0,portColonIndex); >++ } >++ } >++ this.file=this.url.substring(protocolSepIndex+3); >++ this.file=this.file.substring(this.file.indexOf('/')); >++ }else{ >++ this.file=this.url; >++ } >++ if(this.file.indexOf('?')>=0) this.file=this.file.substring(0, this.file.indexOf('?')); >++ >++ var refSepIndex=url.indexOf('#'); >++ if(refSepIndex>=0){ >++ this.file=this.file.substring(0,refSepIndex); >++ this.reference=this.url.substring(this.url.indexOf('#')); >++ } >++ this.path=this.file; >++ if(this.query.length>0) this.file+='?'+this.query; >++ if(this.reference.length>0) this.file+='#'+this.reference; >++ if(this.query.length > 0) this.getArguments(); >++}, >++ >++getArguments: function(){ >++ var args=this.query.split('&'); >++ var keyval=''; >++ >++ if(args.length<1) return; >++ >++ for(i=0;i<args.length;i++){ >++ keyval=args[i].split('='); >++ this.arguments[i] = new Array(keyval[0],(keyval.length==1)?keyval[0]:keyval[1]); >++ } >++}, >++ >++getArgumentValue: function(key){ >++ if(key.length<1) return ''; >++ for(i=0; i < this.arguments.length; i++){ >++ if(this.arguments[i][0] == key) return this.arguments[i][1]; >++ } >++ >++return ''; >++}, >++ >++getArgumentValues: function(){ >++ var a=new Array(); >++ var b=this.query.split('&'); >++ var c=''; >++ if(b.length<1) return a; >++ for(i=0;i<b.length;i++){ >++ c=b[i].split('='); >++ a[i]=new Array(c[0],((c.length==1)?c[0]:c[1])); >++ } >++return a; >++}, >++ >++getUrl: function(){ >++ var uri = (this.protocol.length > 0)?(this.protocol+'://'):''; >++ uri += encodeURI((this.username.length > 0)?(this.username):''); >++ uri += encodeURI((this.password.length > 0)?(':'+this.password):''); >++ uri += (this.host.length > 0)?(this.host):''; >++ uri += (this.port.length > 0)?(':'+this.port):''; >++ uri += encodeURI((this.path.length > 0)?(this.path):''); >++ uri += encodeURI((this.query.length > 0)?('?'+this.query):''); >++ uri += encodeURI((this.reference.length > 0)?('#'+this.reference):''); >++// alert(uri.getProtocol()+' : '+uri.getHost()+' : '+uri.getPort()+' : '+uri.getPath()+' : '+uri.getQuery()); >++return uri; >++}, >++ >++setArgument: function(key,value){ >++ >++ var valueisset = false; >++ if(typeof(key) == 'undefined') throw 'Invalid argument past for setArgument'; >++ >++ value =('undefined' != typeof(value))?value:''; >++ >++ for(i=0; i < this.arguments.length; i++){ >++ if(this.arguments[i][0] == key){ >++ valueisset = true; >++ this.arguments[i][1] = value; >++ } >++ } >++ if(!valueisset) this.arguments[this.arguments.length] = new Array(key,value); >++ this.formatQuery(); >++}, >++ >++formatQuery: function(){ >++ if(this.arguments.lenght < 1) return; >++ >++ var query = ''; >++ for(i=0; i < this.arguments.length; i++){ >++ query+=this.arguments[i][0]+'='+this.arguments[i][1]+'&'; >++ } >++ this.query = query.substring(0,query.length-1); >++}, >++ >++getPort: function(){ >++ return this.port; >++}, >++ >++setPort: function(port){ >++ this.port = port; >++}, >++ >++getQuery: function(){ >++ return this.query; >++}, >++ >++setQuery: function(query){ >++ this.query = query; >++ this.getArgumentValues(); >++ this.formatQuery(); >++}, >++ >++/* Returns the protocol of this URL, i.e. 'http' in the url 'http://server/' */ >++getProtocol: function(){ >++ return this.protocol; >++}, >++ >++setProtocol: function(protocol){ >++ this.protocol = protocol; >++}, >++/* Returns the host name of this URL, i.e. 'server.com' in the url 'http://server.com/' */ >++getHost: function(){ >++ return this.host; >++}, >++ >++setHost: function(set){ >++ this.host = host; >++}, >++ >++/* Returns the user name part of this URL, i.e. 'joe' in the url 'http://joe@server.com/' */ >++getUserName: function(){ >++ return this.username; >++}, >++ >++setUserName: function(username){ >++ this.username = username; >++}, >++ >++/* Returns the password part of this url, i.e. 'secret' in the url 'http://joe:secret@server.com/' */ >++getPassword: function(){ >++ return this.password; >++}, >++ >++setPassword: function(password){ >++ this.password = password; >++}, >++ >++/* Returns the file part of this url, i.e. everything after the host name. */ >++getFile: function(){ >++ return this.file = file; >++}, >++ >++setFile: function(file){ >++ this.file = file; >++}, >++ >++/* Returns the reference of this url, i.e. 'bookmark' in the url 'http://server/file.html#bookmark' */ >++getReference: function(){ >++ return this.reference; >++}, >++ >++setReference: function(reference){ >++ this.reference = reference; >++}, >++ >++/* Returns the file path of this url, i.e. '/dir/file.html' in the url 'http://server/dir/file.html' */ >++getPath: function(){ >++ return this.path; >++}, >++ >++setPath: function(path){ >++ this.path = path; >++} >++} >+\ No newline at end of file >+Index: frontends/php/js/ajax_req.js >+=================================================================== >+--- frontends/php/js/ajax_req.js (revision 6622) >++++ frontends/php/js/ajax_req.js (revision 6623) >+@@ -19,6 +19,8 @@ >+ **/ >+ >+ function send_params(params){ >++ if(typeof(params) == 'undefined') var params = new Array(); >++ params['sessionid'] = cookie.read('zbx_sessionid'); >+ >+ var uri = new url(location.href); >+ new Ajax.Request(uri.getPath()+"?output=ajax", >+Index: frontends/php/dashboard.php >+=================================================================== >+--- frontends/php/dashboard.php (revision 6622) >++++ frontends/php/dashboard.php (revision 6623) >+@@ -42,8 +42,8 @@ >+ 'view_style'=> array(T_ZBX_INT, O_OPT, P_SYS, IN('0,1'), NULL), >+ 'type'=> array(T_ZBX_INT, O_OPT, P_SYS, IN('0,1'), NULL), >+ >+- 'output'=> array(T_ZBX_STR, O_OPT, P_ACT, NULL, NULL), >+- 'jsscriptid'=> array(T_ZBX_STR, O_OPT, P_ACT, NULL, NULL), >++ 'output'=> array(T_ZBX_STR, O_OPT, P_SYS, NULL, NULL), >++ 'jsscriptid'=> array(T_ZBX_STR, O_OPT, P_SYS, NULL, NULL), >+ 'fullscreen'=> array(T_ZBX_INT, O_OPT, P_SYS, IN('0,1'), NULL), >+ >+ //ajax >+@@ -56,7 +56,7 @@ >+ ); >+ >+ check_fields($fields); >+- >++ >+ $available_hosts = get_accessible_hosts_by_user($USER_DETAILS,PERM_READ_ONLY, PERM_RES_IDS_ARRAY); >+ // ACTION ///////////////////////////////////////////////////////////////////////////// >+ if(isset($_REQUEST['favobj'])){ >+Index: frontends/php/include/page_header.php >+=================================================================== >+--- frontends/php/include/page_header.php (revision 6622) >++++ frontends/php/include/page_header.php (revision 6623) >+@@ -428,8 +428,8 @@ >+ >+ <script type="text/javascript" src="js/prototype.js"></script> >+ <script type="text/javascript" src="js/common.js"></script> >++<script type="text/javascript" src="js/gpc.js"></script> >+ <script type="text/javascript" src="js/ajax_req.js"></script> >+-<script type="text/javascript" src="js/url.js"></script> >+ <script type="text/javascript" src="js/chkbxrange.js"></script> >+ <?php >+ if(isset($page['scripts']) && is_array($page['scripts'])){ >+Index: frontends/php/include/validate.inc.php >+=================================================================== >+--- frontends/php/include/validate.inc.php (revision 6622) >++++ frontends/php/include/validate.inc.php (revision 6623) >+@@ -432,7 +432,7 @@ >+ if(!isset($_REQUEST[$field])){ >+ return ZBX_VALID_OK; >+ } >+- else if(($flags&P_ACT) && !isset($_REQUEST['zbx_form'])){ >++ else if(($flags&P_ACT) && !isset($_REQUEST['sessionid'])){ >+ return ZBX_VALID_ERROR; >+ } >+ } >+@@ -465,8 +465,7 @@ >+ >+ // VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION >+ $system_fields=array( >+- 'sessionid'=> array(T_ZBX_STR, O_OPT, P_SYS, HEX(), 'isset({zbx_form})'), >+- 'zbx_form'=> array(T_ZBX_STR, O_OPT, P_SYS, NOT_EMPTY, NULL), >++ 'sessionid'=> array(T_ZBX_STR, O_OPT, P_SYS, HEX(), NULL), >+ // >+ 'switch_node'=> array(T_ZBX_INT, O_OPT, P_SYS, DB_ID,NULL), >+ 'triggers_hash'=> array(T_ZBX_STR, O_OPT, P_SYS, NOT_EMPTY,NULL), >+Index: frontends/php/include/classes/ctree.inc.php >+=================================================================== >+--- frontends/php/include/classes/ctree.inc.php (revision 6622) >++++ frontends/php/include/classes/ctree.inc.php (revision 6623) >+@@ -214,7 +214,6 @@ >+ global $page; >+ $js = ' >+ <script src="js/tree.js" type="text/javascript"></script> >+- <script src="js/cookies.js" type="text/javascript"></script> >+ <script type="text/javascript"> >+ var treenode = new Array(0); >+ var tree_name = "tree_'.$this->getUserAlias().'_'.$page["file"].'"; >+Index: frontends/php/include/classes/cform.inc.php >+=================================================================== >+--- frontends/php/include/classes/cform.inc.php (revision 6622) >++++ frontends/php/include/classes/cform.inc.php (revision 6623) >+@@ -27,7 +27,6 @@ >+ $this->setAction($action); >+ $this->setEnctype($enctype); >+ >+- $this->addVar('zbx_form', 'action'); >+ $this->addVar('sessionid', $_COOKIE['zbx_sessionid']); >+ } >+ >+Index: frontends/php/index.php >+=================================================================== >+--- frontends/php/index.php (revision 6622) >++++ frontends/php/index.php (revision 6623) >+@@ -33,8 +33,8 @@ >+ "password"=> array(T_ZBX_STR, O_OPT, NULL, NULL, 'isset({enter})'), >+ "sessionid"=> array(T_ZBX_STR, O_OPT, NULL, NULL, NULL), >+ "message"=> array(T_ZBX_STR, O_OPT, NULL, NULL, NULL), >+- "reconnect"=> array(T_ZBX_INT, O_OPT, P_ACT, BETWEEN(0,65535),NULL), >+- "enter"=> array(T_ZBX_STR, O_OPT, P_SYS|P_ACT, NULL, NULL), >++ "reconnect"=> array(T_ZBX_INT, O_OPT, NULL, BETWEEN(0,65535),NULL), >++ "enter"=> array(T_ZBX_STR, O_OPT, P_SYS, NULL, NULL), >+ "form"=> array(T_ZBX_STR, O_OPT, P_SYS, NULL, NULL), >+ "form_refresh"=> array(T_ZBX_INT, O_OPT, NULL, NULL, NULL) >+ ); >+ >+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >+Obtained from svn://svn.zabbix.com/branches/1.6/frontends/php/ >+ >+Checks if 'zbx_sessionid' cookie is really here before setting >+'sessionid' variable. >+ >+Index: frontends/php/include/classes/cform.inc.php >+=================================================================== >+--- frontends/php/include/classes/cform.inc.php (revision 6624) >++++ frontends/php/include/classes/cform.inc.php (revision 6625) >+@@ -27,7 +27,8 @@ >+ $this->setAction($action); >+ $this->setEnctype($enctype); >+ >+- $this->addVar('sessionid', $_COOKIE['zbx_sessionid']); >++ if(isset($_COOKIE['zbx_sessionid'])) >++ $this->addVar('sessionid', $_COOKIE['zbx_sessionid']); >+ } >+ >+ function setMethod($value='post'){ >+ >+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >+Obtained from svn://svn.zabbix.com/branches/1.6/frontends/php/ >+ >+This hunk basically trades the name 'sessionid' for 'sid'. It also >+reshuffles many functions, adds many whitespace changes and implants >+URL manipulation tools for JavaScript. >+ >+Index: frontends/php/users.php >+=================================================================== >+--- frontends/php/users.php (revision 6643) >++++ frontends/php/users.php (revision 6644) >+@@ -1,7 +1,7 @@ >+ <?php >+ /* >+ ** ZABBIX >+-** Copyright (C) 2000-2005 SIA Zabbix >++** Copyright (C) 2000-2009 SIA Zabbix >+ ** >+ ** This program is free software; you can redistribute it and/or modify >+ ** it under the terms of the GNU General Public License as published by >+@@ -24,6 +24,7 @@ >+ require_once('include/media.inc.php'); >+ require_once('include/users.inc.php'); >+ require_once('include/forms.inc.php'); >++ require_once('include/classes/curl.inc.php'); >+ require_once('include/js.inc.php'); >+ >+ $page['title'] = 'S_USERS'; >+@@ -32,7 +33,6 @@ >+ $page['scripts'] = array('menu_scripts.js'); >+ >+ include_once('include/page_header.php'); >+- >+ ?> >+ <?php >+ $_REQUEST['config']=get_request('config',get_profile('web.users.config',0)); >+Index: frontends/php/js/menu.js >+=================================================================== >+--- frontends/php/js/menu.js (revision 6643) >++++ frontends/php/js/menu.js (revision 6644) >+@@ -386,8 +386,13 @@ >+ this.n_y -= this.getprop('height') * (o_parent.a_config.length - item_offset); >+ } >+ >++ if(!is_null(this.a_config[1]) && (this.a_config[1].indexOf('javascript') == -1)){ >++ var uri = new url(this.a_config[1]); >++ this.a_config[1] = uri.getUrl(); >++ } >++ >+ // generate item's HMTL >+- var el = document.createElement("a"); >++ var el = document.createElement('a'); >+ el.setAttribute('id', 'e' + o_root.n_id + '_' + this.n_id + 'o'); >+ el.setAttribute('href', this.a_config[1]); >+ >+Index: frontends/php/js/updater.js >+=================================================================== >+--- frontends/php/js/updater.js (revision 6643) >++++ frontends/php/js/updater.js (revision 6644) >+@@ -65,8 +65,6 @@ >+ obj4update.ready = false; >+ >+ var uri = new url(obj4update.url); >+- uri.setArgument('sessionid', cookie.read('zbx_sessionid')); >+- >+ new Ajax.Updater(obj4update.id, uri.getUrl(),//obj4update.url, >+ { >+ method: 'post', >+Index: frontends/php/js/gpc.js >+=================================================================== >+--- frontends/php/js/gpc.js (revision 6643) >++++ frontends/php/js/gpc.js (revision 6644) >+@@ -96,7 +96,7 @@ >+ reference: '', >+ path: '', >+ query: '', >+-arguments: new Array(), >++arguments: {}, >+ >+ initialize: function(url){ >+ this.url=unescape(url); >+@@ -116,7 +116,8 @@ >+ if(colonIndex>=0){ >+ this.username=credentials.substring(0,colonIndex); >+ this.password=credentials.substring(colonIndex); >+- }else{ >++ } >++ else{ >+ this.username=credentials; >+ } >+ this.host=this.host.substring(atIndex+1); >+@@ -144,9 +145,11 @@ >+ } >+ this.file=this.url.substring(protocolSepIndex+3); >+ this.file=this.file.substring(this.file.indexOf('/')); >+- }else{ >++ } >++ else{ >+ this.file=this.url; >+ } >++ >+ if(this.file.indexOf('?')>=0) this.file=this.file.substring(0, this.file.indexOf('?')); >+ >+ var refSepIndex=url.indexOf('#'); >+@@ -157,42 +160,51 @@ >+ this.path=this.file; >+ if(this.query.length>0) this.file+='?'+this.query; >+ if(this.reference.length>0) this.file+='#'+this.reference; >+- if(this.query.length > 0) this.getArguments(); >++ if(this.query.length > 0) this.formatArguments(); >++ >++ var sid = cookie.read('zbx_sessionid'); >++ this.setArgument('sid', sid.substring(16)); >+ }, >+ >+-getArguments: function(){ >++ >++formatQuery: function(){ >++ if(this.arguments.lenght < 1) return; >++ >++ var query = ''; >++ for(var key in this.arguments){ >++ if(typeof(this.arguments[key]) != 'undefined'){ >++ query+=key+'='+this.arguments[key]+'&'; >++ } >++ } >++ this.query = query.substring(0,query.length-1); >++}, >++ >++formatArguments: function(){ >+ var args=this.query.split('&'); >+ var keyval=''; >+- >++ >+ if(args.length<1) return; >+ >+- for(i=0;i<args.length;i++){ >+- keyval=args[i].split('='); >+- this.arguments[i] = new Array(keyval[0],(keyval.length==1)?keyval[0]:keyval[1]); >++ for(i=0; i<args.length; i++){ >++ keyval = args[i].split('='); >++ this.arguments[keyval[0]] = (keyval.length>1)?keyval[1]:''; >+ } >+ }, >+ >+-getArgumentValue: function(key){ >+- if(key.length<1) return ''; >+- for(i=0; i < this.arguments.length; i++){ >+- if(this.arguments[i][0] == key) return this.arguments[i][1]; >+- } >+- >+-return ''; >++setArgument: function(key,value){ >++ this.arguments[key] = value; >++ this.formatQuery(); >+ }, >+ >+-getArgumentValues: function(){ >+- var a=new Array(); >+- var b=this.query.split('&'); >+- var c=''; >+- if(b.length<1) return a; >+- for(i=0;i<b.length;i++){ >+- c=b[i].split('='); >+- a[i]=new Array(c[0],((c.length==1)?c[0]:c[1])); >+- } >+-return a; >++getArgument: function(key){ >++ if(typeof(this.arguments[key]) != 'undefined') return this.arguments[key]; >++ else return null; >+ }, >+ >++getArguments: function(){ >++ return this.arguments; >++}, >++ >+ getUrl: function(){ >+ var uri = (this.protocol.length > 0)?(this.protocol+'://'):''; >+ uri += encodeURI((this.username.length > 0)?(this.username):''); >+@@ -206,51 +218,30 @@ >+ return uri; >+ }, >+ >+-setArgument: function(key,value){ >+- >+- var valueisset = false; >+- if(typeof(key) == 'undefined') throw 'Invalid argument past for setArgument'; >+- >+- value =('undefined' != typeof(value))?value:''; >+- >+- for(i=0; i < this.arguments.length; i++){ >+- if(this.arguments[i][0] == key){ >+- valueisset = true; >+- this.arguments[i][1] = value; >+- } >+- } >+- if(!valueisset) this.arguments[this.arguments.length] = new Array(key,value); >+- this.formatQuery(); >++setPort: function(port){ >++ this.port = port; >+ }, >+ >+-formatQuery: function(){ >+- if(this.arguments.lenght < 1) return; >+- >+- var query = ''; >+- for(i=0; i < this.arguments.length; i++){ >+- query+=this.arguments[i][0]+'='+this.arguments[i][1]+'&'; >+- } >+- this.query = query.substring(0,query.length-1); >+-}, >+- >+ getPort: function(){ >+ return this.port; >+ }, >+ >+-setPort: function(port){ >+- this.port = port; >++setQuery: function(query){ >++ this.query = query; >++ if(this.query.indexOf('?')>=0){ >++ this.query= this.query.substring(this.query.indexOf('?')+1); >++ } >++ >++ this.formatArguments(); >++ >++ var sid = cookie.read('zbx_sessionid'); >++ this.setArgument('sid', sid.substring(16)); >+ }, >+ >+ getQuery: function(){ >+ return this.query; >+ }, >+ >+-setQuery: function(query){ >+- this.query = query; >+- this.getArgumentValues(); >+- this.formatQuery(); >+-}, >+- >+ /* Returns the protocol of this URL, i.e. 'http' in the url 'http://server/' */ >+ getProtocol: function(){ >+ return this.protocol; >+@@ -264,7 +255,7 @@ >+ return this.host; >+ }, >+ >+-setHost: function(set){ >++setHost: function(host){ >+ this.host = host; >+ }, >+ >+@@ -288,7 +279,7 @@ >+ >+ /* Returns the file part of this url, i.e. everything after the host name. */ >+ getFile: function(){ >+- return this.file = file; >++ return this.file; >+ }, >+ >+ setFile: function(file){ >+Index: frontends/php/js/menu_scripts.js >+=================================================================== >+--- frontends/php/js/menu_scripts.js (revision 6643) >++++ frontends/php/js/menu_scripts.js (revision 6644) >+@@ -64,7 +64,7 @@ >+ for(var i=0; i < menu_usrgrp_gui.length; i++){ >+ if((typeof(menu_usrgrp_gui[i]) != 'undefined') && !empty(menu_usrgrp_gui[i])){ >+ var row = menu_usrgrp_gui[i]; >+- var menu_row = new Array(row.name,"users.php?config=0&form=update&grpaction=1&userid="+userid+"&usrgrpid="+row.usrgrpid); >++ var menu_row = new Array(row.name,'users.php?config=0&form=update&grpaction=1&userid='+userid+'&usrgrpid='+row.usrgrpid); >+ grp_gui_add_to.push(menu_row); >+ } >+ } >+@@ -73,7 +73,7 @@ >+ for(var i=0; i < usr_grp_gui_in.length; i++){ >+ if((typeof(usr_grp_all_in[i]) != 'undefined') && !empty(usr_grp_gui_in[i])){ >+ var row = usr_grp_gui_in[i]; >+- var menu_row = new Array(row.name,"users.php?config=0&form=update&grpaction=0&userid="+userid+"&usrgrpid="+row.usrgrpid); >++ var menu_row = new Array(row.name,'users.php?config=0&form=update&grpaction=0&userid='+userid+'&usrgrpid='+row.usrgrpid); >+ grp_gui_rmv_frm.push(menu_row); >+ } >+ } >+@@ -89,7 +89,7 @@ >+ for(var i=0; i < menu_usrgrp_status.length; i++){ >+ if((typeof(menu_usrgrp_status[i]) != 'undefined') && !empty(menu_usrgrp_status[i])){ >+ var row = menu_usrgrp_status[i]; >+- var menu_row = new Array(row.name,"users.php?config=0&form=update&grpaction=1&userid="+userid+"&usrgrpid="+row.usrgrpid); >++ var menu_row = new Array(row.name,'users.php?config=0&form=update&grpaction=1&userid='+userid+'&usrgrpid='+row.usrgrpid); >+ grp_status_add_to.push(menu_row); >+ } >+ } >+@@ -98,7 +98,7 @@ >+ for(var i=0; i < usr_grp_status_in.length; i++){ >+ if((typeof(usr_grp_status_in[i]) != 'undefined') && !empty(usr_grp_status_in[i])){ >+ var row = usr_grp_status_in[i]; >+- var menu_row = new Array(row.name,"users.php?config=0&form=update&grpaction=0&userid="+userid+"&usrgrpid="+row.usrgrpid); >++ var menu_row = new Array(row.name,'users.php?config=0&form=update&grpaction=0&userid='+userid+'&usrgrpid='+row.usrgrpid); >+ grp_status_rmv_frm.push(menu_row); >+ } >+ } >+Index: frontends/php/js/common.js >+=================================================================== >+--- frontends/php/js/common.js (revision 6643) >++++ frontends/php/js/common.js (revision 6644) >+@@ -82,6 +82,16 @@ >+ div_help.appendChild(document.createElement("br")); >+ } >+ >++function SDJ(obj){ >++ var debug = ''; >++ for(var key in obj) { >++ var value = obj[key]; >++ debug+=key+': '+value+'\n'; >++ } >++ SDI('\n'+debug); >++} >++ >++ >+ /// Alpha-Betic sorting >+ >+ function addListener(element, eventname, expression, bubbling){ >+Index: frontends/php/js/ajax_req.js >+=================================================================== >+--- frontends/php/js/ajax_req.js (revision 6643) >++++ frontends/php/js/ajax_req.js (revision 6644) >+@@ -20,14 +20,16 @@ >+ >+ function send_params(params){ >+ if(typeof(params) == 'undefined') var params = new Array(); >+- params['sessionid'] = cookie.read('zbx_sessionid'); >+ >+ var uri = new url(location.href); >+- new Ajax.Request(uri.getPath()+"?output=ajax", >++ uri.setQuery('?output=ajax'); >++ >++ new Ajax.Request(uri.getUrl(), >+ { >+ 'method': 'post', >+ 'parameters':params, >+- 'onSuccess': function(resp){ },//alert(resp.responseText); >++ 'onSuccess': function(resp){ }, >++// 'onSuccess': function(resp){ alert(resp.responseText); }, >+ 'onFailure': function(){ document.location = uri.getPath()+'?'+Object.toQueryString(params); } >+ } >+ ); >+Index: frontends/php/dashboard.php >+=================================================================== >+--- frontends/php/dashboard.php (revision 6643) >++++ frontends/php/dashboard.php (revision 6644) >+@@ -54,7 +54,7 @@ >+ 'action'=> array(T_ZBX_STR, O_OPT, P_ACT, IN("'add','remove'"),NULL), >+ 'state'=> array(T_ZBX_INT, O_OPT, P_ACT, NOT_EMPTY, 'isset({favobj}) && ("hat"=={favobj})'), >+ ); >+- >++ >+ check_fields($fields); >+ >+ $available_hosts = get_accessible_hosts_by_user($USER_DETAILS,PERM_READ_ONLY, PERM_RES_IDS_ARRAY); >+@@ -179,11 +179,11 @@ >+ $p_elements = array(); >+ // Header >+ >+- $url = '?fullscreen='.($_REQUEST['fullscreen']?'0':'1'); >++ $url = new Curl('?fullscreen='.($_REQUEST['fullscreen']?'0':'1')); >+ >+ $fs_icon = new CDiv(SPACE,'fullscreen'); >+ $fs_icon->AddOption('title',$_REQUEST['fullscreen']?S_NORMAL.' '.S_VIEW:S_FULLSCREEN); >+- $fs_icon->AddAction('onclick',new CScript("javascript: document.location = '".$url."';")); >++ $fs_icon->AddAction('onclick',new CScript("javascript: document.location = '".$url->getUrl()."';")); >+ //------------- >+ >+ $left_tab = new CTable(); >+Index: frontends/php/include/func.inc.php >+=================================================================== >+--- frontends/php/include/func.inc.php (revision 6643) >++++ frontends/php/include/func.inc.php (revision 6644) >+@@ -344,6 +344,18 @@ >+ return $pos; >+ } >+ >++function zbx_substring($haystack, $start, $end=null){ >++ if($end < $start) return ''; >++ >++ $len = zbx_strlen($haystack); >++ if(is_null($end)) >++ $result = substr($haystack, $start); >++ else >++ $result = substr($haystack, $start, ($end - $start)); >++ >++return $result; >++} >++ >+ function uint_in_array($needle,$haystack){ >+ foreach($haystack as $id => $value) >+ if(bccomp($needle,$value) == 0) return true; >+Index: frontends/php/include/screens.inc.php >+=================================================================== >+--- frontends/php/include/screens.inc.php (revision 6643) >++++ frontends/php/include/screens.inc.php (revision 6644) >+@@ -886,7 +886,7 @@ >+ $action = 'screenedit.php?form=update'.url_param('screenid').'&x='.$c.'&y='.$r.'#form'; >+ else >+ $action = NULL; >+- >++ >+ if($editmode == 1 && isset($_REQUEST["form"]) && >+ isset($_REQUEST["x"]) && $_REQUEST["x"]==$c && >+ isset($_REQUEST["y"]) && $_REQUEST["y"]==$r) >+Index: frontends/php/include/perm.inc.php >+=================================================================== >+--- frontends/php/include/perm.inc.php (revision 6643) >++++ frontends/php/include/perm.inc.php (revision 6644) >+@@ -44,7 +44,7 @@ >+ $USER_DETAILS = NULL; >+ $login = FALSE; >+ >+- $sessionid = get_request('sessionid',get_cookie('zbx_sessionid')); >++ $sessionid = get_cookie('zbx_sessionid'); >+ >+ if(!is_null($sessionid)){ >+ $sql = 'SELECT u.*,s.* '. >+Index: frontends/php/include/config.inc.php >+=================================================================== >+--- frontends/php/include/config.inc.php (revision 6643) >++++ frontends/php/include/config.inc.php (revision 6644) >+@@ -65,6 +65,7 @@ >+ require_once('include/classes/cpumenu.inc.php'); >+ require_once('include/classes/graph.inc.php'); >+ require_once('include/classes/cscript.inc.php'); >++ require_once('include/classes/curl.inc.php'); >+ >+ // Include Tactical Overview modules >+ >+Index: frontends/php/include/validate.inc.php >+=================================================================== >+--- frontends/php/include/validate.inc.php (revision 6643) >++++ frontends/php/include/validate.inc.php (revision 6644) >+@@ -432,8 +432,13 @@ >+ if(!isset($_REQUEST[$field])){ >+ return ZBX_VALID_OK; >+ } >+- else if(($flags&P_ACT) && !isset($_REQUEST['sessionid'])){ >+- return ZBX_VALID_ERROR; >++ else if($flags&P_ACT){ >++ if(!isset($_REQUEST['sid'])){ >++ return ZBX_VALID_ERROR; >++ } >++ else if(isset($_COOKIE['zbx_sessionid']) && ($_REQUEST['sid'] != substr($_COOKIE['zbx_sessionid'],16,16))){ >++ return ZBX_VALID_ERROR; >++ } >+ } >+ } >+ >+@@ -465,7 +470,7 @@ >+ >+ // VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION >+ $system_fields=array( >+- 'sessionid'=> array(T_ZBX_STR, O_OPT, P_SYS, HEX(), NULL), >++ 'sid'=> array(T_ZBX_STR, O_OPT, P_SYS, HEX(), NULL), >+ // >+ 'switch_node'=> array(T_ZBX_INT, O_OPT, P_SYS, DB_ID,NULL), >+ 'triggers_hash'=> array(T_ZBX_STR, O_OPT, P_SYS, NOT_EMPTY,NULL), >+Index: frontends/php/include/classes/clink.inc.php >+=================================================================== >+--- frontends/php/include/classes/clink.inc.php (revision 6643) >++++ frontends/php/include/classes/clink.inc.php (revision 6644) >+@@ -19,12 +19,14 @@ >+ **/ >+ ?> >+ <?php >+- class CLink extends CTag >+- { >++ class CLink extends CTag{ >+ /* public */ >+ function CLink($item=NULL,$url=NULL,$class=NULL,$action=NULL){ >+ parent::CTag('a','yes'); >+- >++ >++ $uri = new Curl($url); >++ $url = $uri->getUrl(); >++ >+ $this->tag_start= ''; >+ $this->tag_end = ''; >+ $this->tag_body_start = ''; >+@@ -36,14 +38,14 @@ >+ if(!is_null($action)) $this->SetAction($action); >+ } >+ >+- function SetAction($value=NULL){ >++ function setAction($value=NULL){ >+ if(is_null($value)) >+ return $this->options['action'] = $page['file']; >+ >+ return parent::AddAction('onclick', $value); >+ } >+ >+- function SetUrl($value){ >++ function setUrl($value){ >+ $this->AddOption('href', $value); >+ } >+ >+@@ -54,7 +56,7 @@ >+ return null; >+ } >+ >+- function SetTarget($value=NULL){ >++ function setTarget($value=NULL){ >+ if(is_null($value)){ >+ unset($this->options['target']); >+ } >+Index: frontends/php/include/classes/curl.inc.php >+=================================================================== >+--- frontends/php/include/classes/curl.inc.php (revision 0) >++++ frontends/php/include/classes/curl.inc.php (revision 6644) >+@@ -0,0 +1,273 @@ >++<?php >++/* >++** ZABBIX >++** Copyright (C) 2000-2005 SIA Zabbix >++** >++** $this program is free software; you can redistribute it and/or modify >++** it under the terms of the GNU General Public License as published by >++** the Free Software Foundation; either version 2 of the License, or >++** (at your option) any later version. >++** >++** $this program is distributed in the hope that it will be useful, >++** but WITHOUT ANY WARRANTY; without even the implied warranty of >++** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >++** GNU General Public License for more details. >++** >++** You should have received a copy of the GNU General Public License >++** along with $this program; if not, write to the Free Software >++** Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. >++**/ >++?> >++<?php >++// Title: url manipulation class >++// Author: Aly >++ >++class Curl{ >++/* >++private $url = ''; // actually, it's depricated/private variable >++private $port = false; >++private $host = ''; >++private $protocol = ''; >++private $username = ''; >++private $password = ''; >++private $filr = ''; >++private $reference = ''; >++private $path = ''; >++private $query = ''; >++private $arguments = array(); >++//*/ >++ >++function curl($url=null){ >++ global $USER_DETAILS; >++ >++ $this->url = ''; // actually, it's depricated/private variable >++ $this->port = false; >++ $this->host = ''; >++ $this->protocol = ''; >++ $this->username = ''; >++ $this->password = ''; >++ $this->filr = ''; >++ $this->reference = ''; >++ $this->path = ''; >++ $this->query = ''; >++ $this->arguments = array(); >++ >++ if(empty($url)){ >++ $this->formatArguments(); >++ $this->url = $url = 'http://'.$_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME'].'?'.$this->getQuery(); >++ } >++ else{ >++ $this->url=urldecode($url); >++ >++ $tmp_pos = strpos($this->url,'?'); >++ $this->query=($tmp_pos!==false)?(substr($this->url,$tmp_pos+1)):''; >++ >++ $tmp_pos = strpos($this->query,'#'); >++ if($tmp_pos!==false) $this->query=zbx_substring($this->query,0,$tmp_pos); >++ >++ $this->formatArguments($this->query); >++ } >++ >++ $protocolSepIndex=strpos($this->url,'://'); >++ if($protocolSepIndex!==false){ >++ $this->protocol= strtolower(zbx_substring($this->url,0,$protocolSepIndex)); >++ >++ $this->host=substr($this->url, $protocolSepIndex+3); >++ >++ $tmp_pos = strpos($this->host,'/'); >++ if($tmp_pos!==false) $this->host=zbx_substring($this->host,0,$tmp_pos); >++ >++ $atIndex=strpos($this->host,'@'); >++ if($atIndex!==false){ >++ $credentials=zbx_substring($this->host,0,$atIndex); >++ >++ $colonIndex=strpos(credentials,':'); >++ if($colonIndex!==false){ >++ $this->username=zbx_substring($credentials,0,$colonIndex); >++ $this->password=substr($credentials,$colonIndex); >++ } >++ else{ >++ $this->username=$credentials; >++ } >++ $this->host=substr($this->host,$atIndex+1); >++ } >++ >++ $host_ipv6 = strpos($this->host,']'); >++ if($host_ipv6!==false){ >++ if($host_ipv6 < (zbx_strlen($this->host)-1)){ >++ $host_ipv6++; >++ $host_less = substr($this->host,$host_ipv6); >++ >++ $portColonIndex=strpos($host_less,':'); >++ if($portColonIndex!==false){ >++ $this->host=zbx_substring($this->host,0,$host_ipv6); >++ $this->port=substr($host_less,$portColonIndex+1); >++ } >++ } >++ } >++ else{ >++ $portColonIndex=strpos($this->host,':'); >++ if($portColonIndex!==false){ >++ $this->host=zbx_substring($this->host,0,$portColonIndex); >++ $this->port=substr($this->host,$portColonIndex+1); >++ } >++ } >++ >++ $this->file = substr($this->url,$protocolSepIndex+3); >++ $this->file = substr($this->file, strpos($this->file,'/')); >++ } >++ else{ >++ $this->file = $this->url; >++ } >++ >++ $tmp_pos = strpos($this->file,'?'); >++ if($tmp_pos!==false) $this->file=zbx_substring($this->file, 0, $tmp_pos); >++ >++ $refSepIndex=strpos($url,'#'); >++ if($refSepIndex!==false){ >++ $this->file = zbx_substring($this->file,0,$refSepIndex); >++ $this->reference = substr($url,strpos($url,'#')+1); >++ } >++ >++ $this->path=$this->file; >++ if(zbx_strlen($this->query)>0) $this->file.='?'.$this->query; >++ if(zbx_strlen($this->reference)>0) $this->file.='#'.$this->reference; >++ >++ if(isset($_COOKIE['zbx_sessionid'])) >++ $this->setArgument('sid', substr($_COOKIE['zbx_sessionid'],16,16)); >++} >++ >++function formatQuery(){ >++ $query = ''; >++ foreach($this->arguments as $key => $value){ >++ $query.= $key.'='.$value.'&'; >++ } >++ $this->query = rtrim($query,'&'); >++} >++ >++function formatArguments($query=null){ >++ if(is_null($query)){ >++ $this->arguments = $_REQUEST; >++ } >++ else{ >++ $query=ltrim($query,'?'); >++ $args = explode('&',$query); >++ foreach($args as $id => $arg){ >++ if(empty($arg)) continue; >++ >++ $tmp = explode('=',$arg); >++ $this->arguments[$tmp[0]] = isset($tmp[1])?$tmp[1]:''; >++ } >++ } >++ $this->formatQuery(); >++} >++ >++function getUrl(){ >++ $url = (zbx_strlen($this->protocol) > 0)?($this->protocol.'://'):''; >++ $url .= (zbx_strlen($this->username) > 0)?$this->username:''; >++ $url .= (zbx_strlen($this->password) > 0)?':'.$this->password:''; >++ $url .= (zbx_strlen($this->host) > 0)?$this->host:''; >++ $url .= $this->port?(':'.$this->port):''; >++ $url .= (zbx_strlen($this->path) > 0)?$this->path:''; >++ $url .= (zbx_strlen($this->query) > 0)?('?'.$this->query):''; >++ $url .= (zbx_strlen($this->reference) > 0)?('#'.urlencode($this->reference)):''; >++ >++//SDI($this->getProtocol().' : '.$this->getHost().' : '.$this->getPort().' : '.$this->getPath().' : '.$this->getQuery()); >++return $url; >++} >++ >++function setPort($port){ >++ $this->port = $port; >++} >++ >++function getPort(){ >++ return $this->port; >++} >++ >++function setArgument($key,$value=''){ >++ $this->arguments[$key] = $value; >++ $this->formatQuery(); >++} >++ >++function getArgument($key){ >++ if(isset($this->arguments[$key])) return $this->arguments[$key]; >++ else return NULL; >++} >++ >++function setQuery($query){ >++ $this->query = $query; >++ $this->formatArguments(); >++ $this->formatQuery(); >++} >++ >++function getQuery(){ >++ return $this->query; >++} >++ >++function setProtocol($protocol){ >++ $this->protocol = $protocol; >++} >++ >++/* Returns the protocol of $this URL, i.e. 'http' in the url 'http://server/' */ >++function getProtocol(){ >++ return $this->protocol; >++} >++ >++function setHost($host){ >++ $this->host = $host; >++} >++ >++/* Returns the host name of $this URL, i.e. 'server.com' in the url 'http://server.com/' */ >++function getHost(){ >++ return $this->host; >++} >++ >++function setUserName($username){ >++ $this->username = $username; >++} >++ >++/* Returns the user name part of $this URL, i.e. 'joe' in the url 'http://joe@server.com/' */ >++function getUserName(){ >++ return $this->username; >++} >++ >++function setPassword($password){ >++ $this->password = $password; >++} >++ >++/* Returns the password part of $this url, i.e. 'secret' in the url 'http://joe:secret@server.com/' */ >++function getPassword(){ >++ return $this->password; >++} >++ >++function setFile($file){ >++ $this->file = $file; >++} >++ >++/* Returns the file part of $this url, i.e. everything after the host name. */ >++function getFile(){ >++ return $this->file; >++} >++ >++function setReference($reference){ >++ $this->reference = $reference; >++} >++ >++/* Returns the reference of $this url, i.e. 'bookmark' in the url 'http://server/file.html#bookmark' */ >++function getReference(){ >++ return $this->reference; >++} >++ >++function setPath($path){ >++ $this->path = $path; >++} >++ >++/* Returns the file path of $this url, i.e. '/dir/file.html' in the url 'http://server/dir/file.html' */ >++function getPath(){ >++ return $this->path; >++} >++ >++function toString(){ >++ return $this->getUrl(); >++} >++} >+\ No newline at end of file >+Index: frontends/php/include/classes/cform.inc.php >+=================================================================== >+--- frontends/php/include/classes/cform.inc.php (revision 6643) >++++ frontends/php/include/classes/cform.inc.php (revision 6644) >+@@ -28,7 +28,7 @@ >+ $this->setEnctype($enctype); >+ >+ if(isset($_COOKIE['zbx_sessionid'])) >+- $this->addVar('sessionid', $_COOKIE['zbx_sessionid']); >++ $this->addVar('sid', substr($_COOKIE['zbx_sessionid'],16,16)); >+ } >+ >+ function setMethod($value='post'){ >+Index: frontends/php/include/classes/ctag.inc.php >+=================================================================== >+--- frontends/php/include/classes/ctag.inc.php (revision 6643) >++++ frontends/php/include/classes/ctag.inc.php (revision 6644) >+@@ -1,7 +1,7 @@ >+ <?php >+ /* >+ ** ZABBIX >+-** Copyright (C) 2000-2005 SIA Zabbix >++** Copyright (C) 2000-2009 SIA Zabbix >+ ** >+ ** This program is free software; you can redistribute it and/or modify >+ ** it under the terms of the GNU General Public License as published by >+@@ -19,272 +19,258 @@ >+ **/ >+ ?> >+ <?php >+- function destroy_objects() >+- { >+- global $GLOBALS; >+- >+- if(isset($GLOBALS)) foreach($GLOBALS as $name => $value) >+- { >+- if(!is_object($GLOBALS[$name])) continue; >+- unset($GLOBALS[$name]); >+- } >++function destroy_objects(){ >++ if(isset($GLOBALS)) foreach($GLOBALS as $name => $value){ >++ if(!is_object($GLOBALS[$name])) continue; >++ unset($GLOBALS[$name]); >+ } >+- >+- function unpack_object(&$item) >+- { >+- $res = ""; >++} >+ >+- if(is_object($item)) >+- { >+- $res = $item->ToString(false); >+- } >+- elseif(is_array($item)) >+- { >+- foreach($item as $id => $dat) >+- $res .= unpack_object($item[$id]); // Attention, recursion !!! >+- } >+- elseif(!is_null($item)) >+- { >+- $res = strval($item); >+- unset($item); >+- } >+- return $res; >++function unpack_object(&$item){ >++ $res = ''; >++ >++ if(is_object($item)){ >++ $res = $item->toString(false); >+ } >++ else if(is_array($item)){ >++ foreach($item as $id => $dat) >++ $res .= unpack_object($item[$id]); // Attention, recursion !!! >++ } >++ else if(!is_null($item)){ >++ $res = strval($item); >++ unset($item); >++ } >++return $res; >++} >+ >+- function implode_objects($glue, &$pieces) >+- { >+- if( !is_array($pieces) ) return unpack_object($pieces); >++function implode_objects($glue, &$pieces){ >++ if( !is_array($pieces) ) return unpack_object($pieces); >+ >+- foreach($pieces as $id => $piece) >+- $pieces[$id] = unpack_object($piece); >++ foreach($pieces as $id => $piece) >++ $pieces[$id] = unpack_object($piece); >+ >+- return implode($glue, $pieces); >+- } >++return implode($glue, $pieces); >++} >+ >+- class CObject >+- { >+- function CObject($items=null) >+- { >+- $this->items = array(); >+- if(isset($items)) >+- { >+- $this->AddItem($items); >+- } >++class CObject{ >++ function CObject($items=null){ >++ $this->items = array(); >++ if(isset($items)){ >++ $this->addItem($items); >+ } >+- >+- function ToString($destroy=true) >+- { >+- $res = implode('',$this->items); >+- if($destroy) $this->Destroy(); >+- return $res; >+- } >++ } >++ >++ function toString($destroy=true){ >++ $res = implode('',$this->items); >++ if($destroy) $this->destroy(); >++ return $res; >++ } >+ >+- function Show($destroy=true){ >+- echo $this->ToString($destroy); >+- } >++ function show($destroy=true){ >++ echo $this->toString($destroy); >++ } >+ >+- function Destroy() >+- { >++ function destroy(){ >+ // TODO Problem under PHP 5.0 "Fatal error: Cannot re-assign $this in ..." >+ // $this = null; >+- $this->CleanItems(); >+- } >++ $this->cleanItems(); >++ } >+ >+- function CleanItems(){ >+- $this->items = array(); >++ function cleanItems(){ >++ $this->items = array(); >++ } >++ >++ function itemsCount(){ >++ return count($this->items); >++ } >++ >++ function addItem($value){ >++ >++ if(is_object($value)){ >++ array_push($this->items,unpack_object($value)); >+ } >+- >+- function ItemsCount(){ >+- return count($this->items); >++ else if(is_string($value)){ >++ array_push($this->items,str_replace(array('<','>','"'),array('<','>','"'),$value)); >++// array_push($this->items,htmlspecialchars($value)); >+ } >+- >+- function AddItem($value){ >+- >+- if(is_object($value)){ >+- array_push($this->items,unpack_object($value)); >++ else if(is_array($value)){ >++ foreach($value as $item){ >++ $this->addItem($item); // Attention, recursion !!! >+ } >+- else if(is_string($value)){ >+- array_push($this->items,str_replace(array('<','>','"'),array('<','>','"'),$value)); >+-// array_push($this->items,htmlspecialchars($value)); >+- } >+- else if(is_array($value)){ >+- foreach($value as $item){ >+- $this->AddItem($item); // Attention, recursion !!! >+- } >+- } >+- else if(!is_null($value)){ >+- array_push($this->items,unpack_object($value)); >+- } >+ } >++ else if(!is_null($value)){ >++ array_push($this->items,unpack_object($value)); >++ } >+ } >++} >+ >+- class CTag extends CObject{ >++class CTag extends CObject{ >+ /* private *//* >+- var $tagname; >+- var $options = array(); >+- var $paired;*/ >++ var $tagname; >++ var $options = array(); >++ var $paired;*/ >+ /* protected *//* >+- var $items = array(); >++ var $items = array(); >+ >+- var $tag_body_start; >+- var $tag_body_end; >+- var $tag_start; >+- var $tag_end;*/ >++ var $tag_body_start; >++ var $tag_body_end; >++ var $tag_start; >++ var $tag_end;*/ >+ >+ /* public */ >+- function CTag($tagname=NULL, $paired='no', $body=NULL, $class=null){ >+- parent::CObject(); >++ function CTag($tagname=NULL, $paired='no', $body=NULL, $class=null){ >++ parent::CObject(); >+ >+- $this->options = array(); >++ $this->options = array(); >+ >+- if(!is_string($tagname)){ >+- return $this->error('Incorrect tagname for CTag ['.$tagname.']'); >+- } >+- >+- $this->tagname = $tagname; >+- $this->paired = $paired; >+- >+- $this->tag_start = $this->tag_end = $this->tag_body_start = $this->tag_body_end = ''; >+- >+- if(is_null($body)){ >+- $this->tag_end = $this->tag_body_start = "\n"; >+- } >+- else{ >+- CTag::AddItem($body); >+- } >+- >+- $this->SetClass($class); >++ if(!is_string($tagname)){ >++ return $this->error('Incorrect tagname for CTag ['.$tagname.']'); >+ } >+ >+- function ShowStart() { echo $this->StartToString(); } >+- function ShowBody() { echo $this->BodyToString(); } >+- function ShowEnd() { echo $this->EndToString(); } >++ $this->tagname = $tagname; >++ $this->paired = $paired; >+ >+- function StartToString(){ >+- $res = $this->tag_start.'<'.$this->tagname; >+- foreach($this->options as $key => $value){ >+- $res .= ' '.$key.'="'.$value.'"'; >+- } >+- $res .= ($this->paired=='yes')?'>':' />'; >+- return $res; >+- } >++ $this->tag_start = $this->tag_end = $this->tag_body_start = $this->tag_body_end = ''; >+ >+- function BodyToString(){ >+- $res = $this->tag_body_start; >+- return $res.parent::ToString(false); >+- >+- /*foreach($this->items as $item) >+- $res .= $item; >+- return $res;*/ >++ if(is_null($body)){ >++ $this->tag_end = $this->tag_body_start = "\n"; >+ } >+- >+- function EndToString(){ >+- $res = ($this->paired=='yes') ? $this->tag_body_end.'</'.$this->tagname.'>' : ''; >+- $res .= $this->tag_end; >+- return $res; >++ else{ >++ CTag::addItem($body); >+ } >+- >+- function ToString($destroy=true){ >+- $res = $this->StartToString(); >+- $res .= $this->BodyToString(); >+- $res .= $this->EndToString(); >+ >+- if($destroy) $this->Destroy(); >++ $this->setClass($class); >++ } >++ >++ function showStart() { echo $this->startToString(); } >++ function showBody() { echo $this->bodyToString(); } >++ function showEnd() { echo $this->endToString(); } >+ >+- return $res; >++ function startToString(){ >++ $res = $this->tag_start.'<'.$this->tagname; >++ foreach($this->options as $key => $value){ >++ $res .= ' '.$key.'="'.$value.'"'; >+ } >+- >+- function SetName($value){ >+- if(is_null($value)) return $value; >++ $res .= ($this->paired=='yes')?'>':' />'; >++ return $res; >++ } >+ >+- if(!is_string($value)){ >+- return $this->error("Incorrect value for SetName [$value]"); >+- } >+- return $this->AddOption("name",$value); >+- } >++ function bodyToString(){ >++ $res = $this->tag_body_start; >++ return $res.parent::ToString(false); >+ >+- function GetName(){ >+- if(isset($this->options['name'])) >+- return $this->options['name']; >+- return NULL; >+- } >+- >+- function SetClass($value){ >+- if(isset($value)) >+- $this->options['class'] = $value; >+- else >+- unset($this->options['class']); >++ /*foreach($this->items as $item) >++ $res .= $item; >++ return $res;*/ >++ } >++ >++ function endToString(){ >++ $res = ($this->paired=='yes') ? $this->tag_body_end.'</'.$this->tagname.'>' : ''; >++ $res .= $this->tag_end; >++ return $res; >++ } >++ >++ function toString($destroy=true){ >++ $res = $this->startToString(); >++ $res .= $this->bodyToString(); >++ $res .= $this->endToString(); >+ >+- return $value; >++ if($destroy) $this->Destroy(); >++ >++ return $res; >++ } >++ >++ function setName($value){ >++ if(is_null($value)) return $value; >++ >++ if(!is_string($value)){ >++ return $this->error("Incorrect value for setName [$value]"); >+ } >+- >+- function DelOption($name){ >+- unset($this->options[$name]); >+- } >+- >+- function GetOption($name){ >+- $ret = NULL; >+- if(isset($this->options[$name])) >+- $ret =& $this->options[$name]; >+- return $ret; >+- } >++ return $this->addOption("name",$value); >++ } >++ >++ function getName(){ >++ if(isset($this->options['name'])) >++ return $this->options['name']; >++ return NULL; >++ } >++ >++ function setClass($value){ >++ if(isset($value)) >++ $this->options['class'] = $value; >++ else >++ unset($this->options['class']); >+ >+- function SetHint($text, $width='', $class=''){ >+- if(empty($text)) return false; >++ return $value; >++ } >++ >++ function DelOption($name){ >++ unset($this->options[$name]); >++ } >++ >++ function getOption($name){ >++ $ret = NULL; >++ if(isset($this->options[$name])) >++ $ret =& $this->options[$name]; >++ return $ret; >++ } >+ >+- insert_showhint_javascript(); >++ function setHint($text, $width='', $class=''){ >++ if(empty($text)) return false; >+ >+- $text = unpack_object($text); >+- if($width != '' || $class != ''){ >+- $code = "show_hint_ext(this,event,'".$text."','".$width."','".$class."');"; >+- } >+- else{ >+- $code = "show_hint(this,event,'".$text."');"; >+- } >++ insert_showhint_javascript(); >+ >+- $this->AddAction('onMouseOver', $code); >+- $this->AddAction('onMouseMove', 'update_hint(this,event);'); >++ $text = unpack_object($text); >++ if($width != '' || $class != ''){ >++ $code = "show_hint_ext(this,event,'".$text."','".$width."','".$class."');"; >+ } >+- >+- function OnClick($handle_code){ >+- $this->AddAction('onclick', $handle_code); >++ else{ >++ $code = "show_hint(this,event,'".$text."');"; >+ } >+ >+- function AddAction($name, $value){ >+- if(is_object($value)){ >+- $this->options[$name] = unpack_object($value); >+- } >+- else if(!empty($value)){ >+- $this->options[$name] = htmlentities(str_replace(array("\r", "\n"), '', strval($value)),ENT_COMPAT,S_HTML_CHARSET); >+- } >++ $this->addAction('onMouseOver', $code); >++ $this->addAction('onMouseMove', 'update_hint(this,event);'); >++ } >++ >++ function onClick($handle_code){ >++ $this->addAction('onclick', $handle_code); >++ } >++ >++ function addAction($name, $value){ >++ if(is_object($value)){ >++ $this->options[$name] = unpack_object($value); >+ } >++ else if(!empty($value)){ >++ $this->options[$name] = htmlentities(str_replace(array("\r", "\n"), '', strval($value)),ENT_COMPAT,S_HTML_CHARSET); >++ } >++ } >+ >+- function AddOption($name, $value){ >+- if(is_object($value)){ >+- $this->options[$name] = unpack_object($value); >+- } >+- else if(isset($value)) >+- $this->options[$name] = htmlspecialchars(strval($value)); >+- else >+- unset($this->options[$name]); >++ function addOption($name, $value){ >++ if(is_object($value)){ >++ $this->options[$name] = unpack_object($value); >+ } >++ else if(isset($value)) >++ $this->options[$name] = htmlspecialchars(strval($value)); >++ else >++ unset($this->options[$name]); >++ } >+ >+- function SetEnabled($value='yes'){ >+- if((is_string($value) && ($value == 'yes' || $value == 'enabled' || $value=='on') || $value=='1') >+- || (is_int($value) && $value<>0)) >+- { >+- unset($this->options['disabled']); >+- } >+- else if((is_string($value) && ($value == 'no' || $value == 'disabled' || $value=='off') || $value=='0') >+- || (is_int($value) && $value==0)) >+- { >+- $this->options['disabled'] = 'disabled'; >+- } >++ function setEnabled($value='yes'){ >++ if((is_string($value) && ($value == 'yes' || $value == 'enabled' || $value=='on') || $value=='1') >++ || (is_int($value) && $value<>0)) >++ { >++ unset($this->options['disabled']); >+ } >+- >+- function error($value){ >+- error('class('.get_class($this).') - '.$value); >+- return 1; >++ else if((is_string($value) && ($value == 'no' || $value == 'disabled' || $value=='off') || $value=='0') >++ || (is_int($value) && $value==0)) >++ { >++ $this->options['disabled'] = 'disabled'; >+ } >+ } >+-?> >++ >++ function error($value){ >++ error('class('.get_class($this).') - '.$value); >++ return 1; >++ } >++} >++?> >+\ No newline at end of file >+Index: frontends/php/include/classes/cmap.inc.php >+=================================================================== >+--- frontends/php/include/classes/cmap.inc.php (revision 6643) >++++ frontends/php/include/classes/cmap.inc.php (revision 6644) >+@@ -19,78 +19,75 @@ >+ **/ >+ ?> >+ <?php >+- class CMap extends CTag >+- { >++class CMap extends CTag{ >+ /* public */ >+- function CMap($name="") >+- { >+- parent::CTag("map","yes"); >+- $this->SetName($name); >+- } >+- function AddRectArea($x1,$y1,$x2,$y2,$href,$alt) >+- { >+- return $this->AddArea(array($x1,$y1,$x2,$y2),$href,$alt,'rect'); >+- } >+- function AddArea($coords,$href,$alt,$shape) >+- { >+- return $this->AddItem(new CArea($coords,$href,$alt,$shape)); >+- } >+- function AddItem($value) >+- { >+- if(strtolower(get_class($value)) != 'carea') >+- return $this->error("Incorrect value for AddItem [$value]"); >++ function CMap($name=''){ >++ parent::CTag('map','yes'); >++ $this->setName($name); >++ } >++ >++ function addRectArea($x1,$y1,$x2,$y2,$href,$alt){ >++ return $this->addArea(array($x1,$y1,$x2,$y2),$href,$alt,'rect'); >++ } >++ >++ function addArea($coords,$href,$alt,$shape){ >++ return $this->addItem(new CArea($coords,$href,$alt,$shape)); >++ } >++ >++ function addItem($value){ >++ if(strtolower(get_class($value)) != 'carea') >++ return $this->error('Incorrect value for addItem ['.$value.']'); >+ >+- return parent::AddItem($value); >+- } >++ return parent::addItem($value); >+ } >++} >+ >+- class CArea extends CTag >+- { >+- function CArea($coords,$href,$alt,$shape) >+- { >+- parent::CTag("area","no"); >+- $this->SetCoords($coords); >+- $this->SetShape($shape); >+- $this->SetHref($href); >+- $this->SetAlt($alt); >+- } >+- function SetCoords($value) >+- { >+- if(!is_array($value)) >+- return $this->error("Incorrect value for SetCoords [$value]"); >+- if(count($value)<3) >+- return $this->error("Incorrect values count for SetCoords [".count($value)."]"); >++class CArea extends CTag{ >++ function CArea($coords,$href,$alt,$shape){ >++ parent::CTag('area','no'); >++ $this->setCoords($coords); >++ $this->setShape($shape); >++ $this->setHref($href); >++ $this->setAlt($alt); >++ } >++ >++ function setCoords($value){ >++ if(!is_array($value)) >++ return $this->error('Incorrect value for setCoords ['.$value.']'); >++ if(count($value)<3) >++ return $this->error('Incorrect values count for setCoords ['.count($value).']'); >+ >+- $str_val = ""; >+- foreach($value as $val) >+- { >+- if(!is_numeric($val)) >+- return $this->error("Incorrect value for SetCoords [$val]"); >++ $str_val = ''; >++ foreach($value as $val){ >++ if(!is_numeric($val)) >++ return $this->error('Incorrect value for setCoords ['.$val.']'); >+ >+- $str_val .= $val.","; >+- } >+- $this->AddOption("coords",trim($str_val,',')); >++ $str_val .= $val.','; >+ } >+- function SetShape($value) >+- { >+- if(!is_string($value)) >+- return $this->error("Incorrect value for SetShape [$value]"); >++ $this->addOption('coords',trim($str_val,',')); >++ } >+ >+- $this->AddOption("shape",$value); >+- } >+- function SetHref($value) >+- { >+- if(!is_string($value)) >+- return $this->error("Incorrect value for SetHref [$value]"); >++ function setShape($value){ >++ if(!is_string($value)) >++ return $this->error('Incorrect value for setShape ['.$value.']'); >+ >+- $this->AddOption("href",$value); >+- } >+- function SetAlt($value) >+- { >+- if(!is_string($value)) >+- return $this->error("Incorrect value for SetAlt [$value]"); >++ $this->addOption('shape',$value); >++ } >+ >+- $this->AddOption("alt",$value); >+- } >++ function setHref($value){ >++ if(!is_string($value)) >++ return $this->error('Incorrect value for setHref ['.$value.']'); >++ $url = new Curl($value); >++ $value = $url->getUrl(); >++ >++ $this->addOption('href',$value); >+ } >+-?> >++ >++ function setAlt($value){ >++ if(!is_string($value)) >++ return $this->error('Incorrect value for setAlt ['.$value.']'); >++ >++ $this->addOption('alt',$value); >++ } >++} >++?> >+\ No newline at end of file >+Index: frontends/php/include/html.inc.php >+=================================================================== >+--- frontends/php/include/html.inc.php (revision 6643) >++++ frontends/php/include/html.inc.php (revision 6644) >+@@ -58,7 +58,7 @@ >+ } >+ >+ function prepare_url(&$var, $varname=null){ >+- $result = ""; >++ $result = ''; >+ >+ if(is_array($var)){ >+ foreach($var as $id => $par) >+Index: frontends/php/items.php >+=================================================================== >+--- frontends/php/items.php (revision 6643) >++++ frontends/php/items.php (revision 6644) >+@@ -944,16 +944,17 @@ >+ // url_param('groupid'), >+ 'action')); >+ >+- $status=new CCol(new CLink(item_status2str($db_item["status"]), >+- "?group_itemid%5B%5D=".$db_item["itemid"]. >+- "&group_task=".($db_item["status"] ? "Activate+selected" : "Disable+selected"), >+- item_status2style($db_item["status"]))); >++ $status=new CCol(new CLink(item_status2str($db_item['status']), >++// '?sessionid='.$USER_DETAILS['sessionid']. >++ '?group_itemid%5B%5D='.$db_item['itemid']. >++ '&group_task='.($db_item['status']?'Activate+selected':'Disable+selected'), >++ item_status2style($db_item['status']))); >+ >+- if($db_item["error"] == ''){ >+- $error=new CCol('-',"off"); >++ if($db_item['error'] == ''){ >++ $error=new CCol('-','off'); >+ } >+ else{ >+- $error=new CCol($db_item["error"],"on"); >++ $error=new CCol($db_item['error'],'on'); >+ } >+ >+ $applications = $show_applications ? implode(', ', get_applications_by_itemid($db_item["itemid"], 'name')) : null; >diff --git a/net-mgmt/zabbix/pkg-plist b/net-mgmt/zabbix/pkg-plist >index cf3012c..6e8c823 100644 >--- a/net-mgmt/zabbix/pkg-plist >+++ b/net-mgmt/zabbix/pkg-plist >@@ -34,10 +34,9 @@ bin/zabbix_server > %%DATADIR%%/php/js/sbinit.js > %%DATADIR%%/php/js/common.js > %%DATADIR%%/php/js/ajax_req.js >-%%DATADIR%%/php/js/cookies.js > %%DATADIR%%/php/js/blink.js >+%%DATADIR%%/php/js/gpc.js > %%DATADIR%%/php/js/tree.js >-%%DATADIR%%/php/js/url.js > %%DATADIR%%/php/js/showhint.js > %%DATADIR%%/php/include/locales/cn_zh.inc.php > %%DATADIR%%/php/include/locales/lv_lv.inc.php >-- >1.6.1.3
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=94731">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 132944
:
94730
| 94731