[packages/cacti.git] / cross_site_fix.patch

--- cacti-0.8.7e/graph.php	2009-06-28 12:07:11.000000000 -0400
+++ cacti-0.8.7e-patched/graph.php	2009-11-21 23:10:16.000000000 -0500
@@ -35,6 +35,8 @@
 /* ================= input validation ================= */
 input_validate_input_regex(get_request_var_request("rra_id"), "^([0-9]+|all)$");
 input_validate_input_number(get_request_var("local_graph_id"));
+input_validate_input_number(get_request_var("graph_end"));
+input_validate_input_number(get_request_var("graph_start"));
 input_validate_input_regex(get_request_var_request("view_type"), "^([a-zA-Z0-9]+)$");
 /* ==================================================== */
 
--- cacti-0.8.7e/include/top_graph_header.php	2009-06-28 12:07:11.000000000 -0400
+++ cacti-0.8.7e-patched/include/top_graph_header.php	2009-11-21 23:15:27.000000000 -0500
@@ -58,7 +58,7 @@
 		if ($_SESSION["custom"]) {
 			print "<meta http-equiv=refresh content='99999'>\r\n";
 		}else{
-			print "<meta http-equiv=refresh content='" . read_graph_config_option("page_refresh") . "'>\r\n";
+			print "<meta http-equiv=refresh content='" . htmlspecialchars(read_graph_config_option("page_refresh"),ENT_QUOTES) . "'>\r\n";
 		}
 	}
 	?>
@@ -113,7 +113,7 @@
 	</tr>
 	<tr class="noprint">
 		<td bgcolor="#efefef" colspan="1" height="8" style="background-image: url(images/shadow_gray.gif); background-repeat: repeat-x; border-right: #aaaaaa 1px solid;">
-			<img src="images/transparent_line.gif" width="<?php print read_graph_config_option("default_dual_pane_width");?>" height="2" border="0"><br>
+			<img src="images/transparent_line.gif" width="<?php print htmlspecialchars(read_graph_config_option("default_dual_pane_width"));?>" height="2" border="0"><br>
 		</td>
 		<td bgcolor="#ffffff" colspan="1" height="8" style="background-image: url(images/shadow.gif); background-repeat: repeat-x;">
 
@@ -144,7 +144,7 @@
 
 	<tr>
 		<?php if ((read_graph_config_option("default_tree_view_mode") == "2") && (($_REQUEST["action"] == "tree") || ((isset($_REQUEST["view_type"]) ? $_REQUEST["view_type"] : "") == "tree"))) { ?>
-		<td valign="top" style="padding: 5px; border-right: #aaaaaa 1px solid;" bgcolor='#efefef' width='<?php print read_graph_config_option("default_dual_pane_width");?>' class='noprint'>
+		<td valign="top" style="padding: 5px; border-right: #aaaaaa 1px solid;" bgcolor='#efefef' width='<?php print htmlspecialchars(read_graph_config_option("default_dual_pane_width"));?>' class='noprint'>
 			<table border=0 cellpadding=0 cellspacing=0><tr><td><font size=-2><a style="font-size:7pt;text-decoration:none;color:silver" href="http://www.treemenu.net/" target=_blank></a></font></td></tr></table>
 			<?php grow_dhtml_trees(); ?>
 			<script type="text/javascript">initializeDocument();</script>
--- cacti-0.8.7e/lib/html_form.php	2009-06-28 12:07:11.000000000 -0400
+++ cacti-0.8.7e-patched/lib/html_form.php	2009-11-21 23:15:40.000000000 -0500
@@ -235,13 +235,21 @@
 
 		if (sizeof($items) > 0) {
 		foreach ($items as $item) {
-			print $item["name"] . "<br>";
+			print htmlspecialchars($item["name"],ENT_QUOTES) . "<br>";
 		}
 		}
 
 		break;
+	case 'font':
+		form_font_box($field_name, $field_array["value"],
+			((isset($field_array["default"])) ? $field_array["default"] : ""),
+			$field_array["max_length"],
+			((isset($field_array["size"])) ? $field_array["size"] : "40"), "text",
+			((isset($field_array["form_id"])) ? $field_array["form_id"] : ""));
+
+		break;
 	default:
-		print "<em>" . $field_array["value"] . "</em>";
+		print "<em>" . htmlspecialchars($field_array["value"],ENT_QUOTES) . "</em>";
 
 		form_hidden_box($field_name, $field_array["value"], "");
 
@@ -384,7 +392,7 @@
 		$form_previous_value = $form_default_value;
 	}
 
-	print "<input type='hidden' id='$form_name' name='$form_name' value='$form_previous_value'>\n";
+	print "<input type='hidden' id='$form_name' name='$form_name' value='" . htmlspecialchars($form_previous_value, ENT_QUOTES) . "'>\n";
 }
 
 /* form_dropdown - draws a standard html dropdown box
@@ -568,7 +576,7 @@
 			}
 		}
 
-		print ">". $array_display[$id];
+		print ">". htmlspecialchars($array_display[$id],ENT_QUOTES);
 		print "</option>\n";
 	}
 
@@ -627,6 +635,65 @@
 	print "</select>\n";
 }
 
+/* form_font_box - draws a standard html textbox and provides status of a fonts existence
+   @arg $form_name - the name of this form element
+   @arg $form_previous_value - the current value of this form element
+   @arg $form_default_value - the value of this form element to use if there is
+     no current value available
+   @arg $form_max_length - the maximum number of characters that can be entered
+     into this textbox
+   @arg $form_size - the size (width) of the textbox
+   @arg $type - the type of textbox, either 'text' or 'password'
+   @arg $current_id - used to determine if a current value for this form element
+     exists or not. a $current_id of '0' indicates that no current value exists,
+     a non-zero value indicates that a current value does exist */
+function form_font_box($form_name, $form_previous_value, $form_default_value, $form_max_length, $form_size = 30, $type = "text", $current_id = 0) {
+	if (($form_previous_value == "") && (empty($current_id))) {
+		$form_previous_value = $form_default_value;
+	}
+
+	print "<input type='$type'";
+
+	if (isset($_SESSION["sess_error_fields"])) {
+		if (!empty($_SESSION["sess_error_fields"][$form_name])) {
+			print "class='txtErrorTextBox'";
+			unset($_SESSION["sess_error_fields"][$form_name]);
+		}
+	}
+
+	if (isset($_SESSION["sess_field_values"])) {
+		if (!empty($_SESSION["sess_field_values"][$form_name])) {
+			$form_previous_value = $_SESSION["sess_field_values"][$form_name];
+		}
+	}
+
+	if (strlen($form_previous_value) == 0) { # no data: defaults are used; everythings fine
+			$extra_data = "";
+	} else {
+		if (read_config_option("rrdtool_version") == "rrd-1.3.x") {	# rrdtool 1.3 uses fontconfig
+			$font = '"' . $form_previous_value . '"';
+			$out_array = array();
+			exec('fc-list ' . $font, $out_array);
+			if (sizeof($out_array) == 0) {
+				$extra_data = "<span style='color:red'><br>[" . "ERROR: FONT NOT FOUND" . "]</span>";
+			} else {
+				$extra_data = "<span style='color:green'><br>[" . "OK: FONT FOUND" . "]</span>";
+			}
+		} elseif (read_config_option("rrdtool_version") == "rrd-1.0.x" ||
+				  read_config_option("rrdtool_version") == "rrd-1.2.x") { # rrdtool 1.0 and 1.2 use font files
+			if (is_file($form_previous_value)) {
+				$extra_data = "<span style='color:green'><br>[" . "OK: FILE FOUND" . "]</span>";
+			}else if (is_dir($form_previous_value)) {
+				$extra_data = "<span style='color:red'><br>[" . "ERROR: IS DIR" . "]</span>";
+			}else{
+				$extra_data = "<span style='color:red'><br>[" . "ERROR: FILE NOT FOUND" . "]</span>";
+			}
+		} # will be used for future versions of rrdtool
+	}
+
+	print " id='$form_name' name='$form_name' size='$form_size'" . (!empty($form_max_length) ? " maxlength='$form_max_length'" : "") . " value='" . htmlspecialchars($form_previous_value, ENT_QUOTES) . "'>" . $extra_data;
+}
+
 /* form_confirm - draws a table presenting the user with some choice and allowing
      them to either proceed (delete) or cancel
    @arg $body_text - the text to prompt the user with on this form
--- cacti-0.8.7e/lib/timespan_settings.php	2009-06-28 12:07:11.000000000 -0400
+++ cacti-0.8.7e-patched/lib/timespan_settings.php	2009-11-21 23:15:49.000000000 -0500
@@ -125,9 +125,9 @@
 	if (isset($_POST["date1"])) {
 		/* the dates have changed, therefore, I am now custom */
 		if (($_SESSION["sess_current_date1"] != $_POST["date1"]) || ($_SESSION["sess_current_date2"] != $_POST["date2"])) {
-			$timespan["current_value_date1"] = $_POST["date1"];
+			$timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
 			$timespan["begin_now"] =strtotime($timespan["current_value_date1"]);
-			$timespan["current_value_date2"] = $_POST["date2"];
+			$timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
 			$timespan["end_now"]=strtotime($timespan["current_value_date2"]);
 			$_SESSION["sess_current_timespan"] = GT_CUSTOM;
 			$_SESSION["custom"] = 1;
@@ -135,8 +135,8 @@
 		}else {
 			/* the default button wasn't pushed */
 			if (!isset($_POST["button_clear_x"])) {
-				$timespan["current_value_date1"] = $_POST["date1"];
-				$timespan["current_value_date2"] = $_POST["date2"];
+				$timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
+				$timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
 				$timespan["begin_now"] = $_SESSION["sess_current_timespan_begin_now"];
 				$timespan["end_now"] = $_SESSION["sess_current_timespan_end_now"];
Commit	Line	Data
8514c08f ER	1	--- cacti-0.8.7e/graph.php 2009-06-28 12:07:11.000000000 -0400
	2	+++ cacti-0.8.7e-patched/graph.php 2009-11-21 23:10:16.000000000 -0500
	3	@@ -35,6 +35,8 @@
	4	/* ================= input validation ================= */
	5	input_validate_input_regex(get_request_var_request("rra_id"), "^([0-9]+\|all)$");
	6	input_validate_input_number(get_request_var("local_graph_id"));
	7	+input_validate_input_number(get_request_var("graph_end"));
	8	+input_validate_input_number(get_request_var("graph_start"));
	9	input_validate_input_regex(get_request_var_request("view_type"), "^([a-zA-Z0-9]+)$");
	10	/* ==================================================== */
	11
	12	--- cacti-0.8.7e/include/top_graph_header.php 2009-06-28 12:07:11.000000000 -0400
	13	+++ cacti-0.8.7e-patched/include/top_graph_header.php 2009-11-21 23:15:27.000000000 -0500
	14	@@ -58,7 +58,7 @@
	15	if ($_SESSION["custom"]) {
	16	print "<meta http-equiv=refresh content='99999'>\r\n";
	17	}else{
	18	- print "<meta http-equiv=refresh content='" . read_graph_config_option("page_refresh") . "'>\r\n";
	19	+ print "<meta http-equiv=refresh content='" . htmlspecialchars(read_graph_config_option("page_refresh"),ENT_QUOTES) . "'>\r\n";
	20	}
	21	}
	22	?>
	23	@@ -113,7 +113,7 @@
	24	</tr>
	25	<tr class="noprint">
	26	<td bgcolor="#efefef" colspan="1" height="8" style="background-image: url(images/shadow_gray.gif); background-repeat: repeat-x; border-right: #aaaaaa 1px solid;">
	27	- <img src="images/transparent_line.gif" width="<?php print read_graph_config_option("default_dual_pane_width");?>" height="2" border="0"><br>
	28	+ <img src="images/transparent_line.gif" width="<?php print htmlspecialchars(read_graph_config_option("default_dual_pane_width"));?>" height="2" border="0"><br>
	29	</td>
	30	<td bgcolor="#ffffff" colspan="1" height="8" style="background-image: url(images/shadow.gif); background-repeat: repeat-x;">
	31
	32	@@ -144,7 +144,7 @@
	33
	34	<tr>
	35	<?php if ((read_graph_config_option("default_tree_view_mode") == "2") && (($_REQUEST["action"] == "tree") \|\| ((isset($_REQUEST["view_type"]) ? $_REQUEST["view_type"] : "") == "tree"))) { ?>
	36	- <td valign="top" style="padding: 5px; border-right: #aaaaaa 1px solid;" bgcolor='#efefef' width='<?php print read_graph_config_option("default_dual_pane_width");?>' class='noprint'>
	37	+ <td valign="top" style="padding: 5px; border-right: #aaaaaa 1px solid;" bgcolor='#efefef' width='<?php print htmlspecialchars(read_graph_config_option("default_dual_pane_width"));?>' class='noprint'>
	38	<table border=0 cellpadding=0 cellspacing=0><tr><td><font size=-2><a style="font-size:7pt;text-decoration:none;color:silver" href="http://www.treemenu.net/" target=_blank></a></font></td></tr></table>
	39	<?php grow_dhtml_trees(); ?>
	40	<script type="text/javascript">initializeDocument();</script>
	41	--- cacti-0.8.7e/lib/html_form.php 2009-06-28 12:07:11.000000000 -0400
	42	+++ cacti-0.8.7e-patched/lib/html_form.php 2009-11-21 23:15:40.000000000 -0500
	43	@@ -235,13 +235,21 @@
	44
	45	if (sizeof($items) > 0) {
	46	foreach ($items as $item) {
	47	- print $item["name"] . "<br>";
	48	+ print htmlspecialchars($item["name"],ENT_QUOTES) . "<br>";
	49	}
	50	}
	51
	52	break;
	53	+ case 'font':
	54	+ form_font_box($field_name, $field_array["value"],
	55	+ ((isset($field_array["default"])) ? $field_array["default"] : ""),
	56	+ $field_array["max_length"],
	57	+ ((isset($field_array["size"])) ? $field_array["size"] : "40"), "text",
	58	+ ((isset($field_array["form_id"])) ? $field_array["form_id"] : ""));
	59	+
	60	+ break;
	61	default:
	62	- print "<em>" . $field_array["value"] . "</em>";
	63	+ print "<em>" . htmlspecialchars($field_array["value"],ENT_QUOTES) . "</em>";
	64
65	form_hidden_box($field_name, $field_array["value"], "");
66
67	@@ -384,7 +392,7 @@
68	$form_previous_value = $form_default_value;
69	}
70
71	- print "<input type='hidden' id='$form_name' name='$form_name' value='$form_previous_value'>\n";
72	+ print "<input type='hidden' id='$form_name' name='$form_name' value='" . htmlspecialchars($form_previous_value, ENT_QUOTES) . "'>\n";
73	}
74
75	/* form_dropdown - draws a standard html dropdown box
76	@@ -568,7 +576,7 @@
77	}
78	}
79
80	- print ">". $array_display[$id];
81	+ print ">". htmlspecialchars($array_display[$id],ENT_QUOTES);
82	print "</option>\n";
83	}
84
85	@@ -627,6 +635,65 @@
86	print "</select>\n";
87	}
88
89	+/* form_font_box - draws a standard html textbox and provides status of a fonts existence
90	+ @arg $form_name - the name of this form element
91	+ @arg $form_previous_value - the current value of this form element
92	+ @arg $form_default_value - the value of this form element to use if there is
93	+ no current value available
94	+ @arg $form_max_length - the maximum number of characters that can be entered
95	+ into this textbox
96	+ @arg $form_size - the size (width) of the textbox
97	+ @arg $type - the type of textbox, either 'text' or 'password'
98	+ @arg $current_id - used to determine if a current value for this form element
99	+ exists or not. a $current_id of '0' indicates that no current value exists,
100	+ a non-zero value indicates that a current value does exist */
101	+function form_font_box($form_name, $form_previous_value, $form_default_value, $form_max_length, $form_size = 30, $type = "text", $current_id = 0) {
102	+ if (($form_previous_value == "") && (empty($current_id))) {
103	+ $form_previous_value = $form_default_value;
104	+ }
105	+
106	+ print "<input type='$type'";
107	+
108	+ if (isset($_SESSION["sess_error_fields"])) {
109	+ if (!empty($_SESSION["sess_error_fields"][$form_name])) {
110	+ print "class='txtErrorTextBox'";
111	+ unset($_SESSION["sess_error_fields"][$form_name]);
112	+ }
113	+ }
114	+
115	+ if (isset($_SESSION["sess_field_values"])) {
116	+ if (!empty($_SESSION["sess_field_values"][$form_name])) {
117	+ $form_previous_value = $_SESSION["sess_field_values"][$form_name];
118	+ }
119	+ }
120	+
121	+ if (strlen($form_previous_value) == 0) { # no data: defaults are used; everythings fine
122	+ $extra_data = "";
123	+ } else {
124	+ if (read_config_option("rrdtool_version") == "rrd-1.3.x") { # rrdtool 1.3 uses fontconfig
125	+ $font = '"' . $form_previous_value . '"';
126	+ $out_array = array();
127	+ exec('fc-list ' . $font, $out_array);
128	+ if (sizeof($out_array) == 0) {
129	+ $extra_data = "<span style='color:red'><br>[" . "ERROR: FONT NOT FOUND" . "]</span>";
130	+ } else {
131	+ $extra_data = "<span style='color:green'><br>[" . "OK: FONT FOUND" . "]</span>";
132	+ }
133	+ } elseif (read_config_option("rrdtool_version") == "rrd-1.0.x" \|\|
134	+ read_config_option("rrdtool_version") == "rrd-1.2.x") { # rrdtool 1.0 and 1.2 use font files
135	+ if (is_file($form_previous_value)) {
136	+ $extra_data = "<span style='color:green'><br>[" . "OK: FILE FOUND" . "]</span>";
137	+ }else if (is_dir($form_previous_value)) {
138	+ $extra_data = "<span style='color:red'><br>[" . "ERROR: IS DIR" . "]</span>";
139	+ }else{
140	+ $extra_data = "<span style='color:red'><br>[" . "ERROR: FILE NOT FOUND" . "]</span>";
141	+ }
142	+ } # will be used for future versions of rrdtool
143	+ }
144	+
145	+ print " id='$form_name' name='$form_name' size='$form_size'" . (!empty($form_max_length) ? " maxlength='$form_max_length'" : "") . " value='" . htmlspecialchars($form_previous_value, ENT_QUOTES) . "'>" . $extra_data;
146	+}
147	+
148	/* form_confirm - draws a table presenting the user with some choice and allowing
149	them to either proceed (delete) or cancel
150	@arg $body_text - the text to prompt the user with on this form
151	--- cacti-0.8.7e/lib/timespan_settings.php 2009-06-28 12:07:11.000000000 -0400
152	+++ cacti-0.8.7e-patched/lib/timespan_settings.php 2009-11-21 23:15:49.000000000 -0500
153	@@ -125,9 +125,9 @@
154	if (isset($_POST["date1"])) {
155	/* the dates have changed, therefore, I am now custom */
156	if (($_SESSION["sess_current_date1"] != $_POST["date1"]) \|\| ($_SESSION["sess_current_date2"] != $_POST["date2"])) {
157	- $timespan["current_value_date1"] = $_POST["date1"];
158	+ $timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
159	$timespan["begin_now"] =strtotime($timespan["current_value_date1"]);
160	- $timespan["current_value_date2"] = $_POST["date2"];
161	+ $timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
162	$timespan["end_now"]=strtotime($timespan["current_value_date2"]);
163	$_SESSION["sess_current_timespan"] = GT_CUSTOM;
164	$_SESSION["custom"] = 1;
165	@@ -135,8 +135,8 @@
166	}else {
167	/* the default button wasn't pushed */
168	if (!isset($_POST["button_clear_x"])) {
169	- $timespan["current_value_date1"] = $_POST["date1"];
170	- $timespan["current_value_date2"] = $_POST["date2"];
171	+ $timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
172	+ $timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
173	$timespan["begin_now"] = $_SESSION["sess_current_timespan_begin_now"];
174	$timespan["end_now"] = $_SESSION["sess_current_timespan_end_now"];
175