]>
Commit | Line | Data |
---|---|---|
9cec773a ER |
1 | --- cacti-0.8.7e/graph_view.php 2009-10-02 10:30:43.000000000 +0300 |
2 | +++ cacti/graph_view.php 2009-10-07 12:42:04.032959475 +0300 | |
3 | @@ -151,11 +151,17 @@ | |
4 | define("ROWS_PER_PAGE", read_graph_config_option("preview_graphs_per_page")); | |
5 | ||
6 | /* ================= input validation ================= */ | |
7 | + input_validate_input_regex(get_request_var_request("host_name"), "^([a-zA-Z0-9_.-]+)$"); | |
8 | input_validate_input_number(get_request_var_request("host_id")); | |
9 | input_validate_input_number(get_request_var_request("graph_template_id")); | |
10 | input_validate_input_number(get_request_var_request("page")); | |
11 | /* ==================================================== */ | |
12 | ||
13 | + if (empty($_REQUEST['host_id']) && !empty($_REQUEST['host_name'])) { | |
14 | + // fill $host_id from $host_name. empty result is ok too, we'll list previous view then | |
15 | + $_REQUEST['host_id'] = db_fetch_cell("select id from host where description='{$_REQUEST['host_name']}'"); | |
16 | + } | |
17 | + | |
18 | /* clean up search string */ | |
19 | if (isset($_REQUEST["filter"])) { | |
20 | $_REQUEST["filter"] = sanitize_search_string(get_request_var_request("filter")); | |
21 | @@ -550,10 +556,16 @@ | |
6b1133ec ER |
22 | } |
23 | ||
24 | /* ================= input validation ================= */ | |
25 | + input_validate_input_regex(get_request_var_request("host_name"), "^([a-zA-Z0-9_.-]+)$"); | |
26 | input_validate_input_number(get_request_var_request("host_id")); | |
27 | input_validate_input_number(get_request_var_request("graph_template_id")); | |
28 | /* ==================================================== */ | |
29 | ||
30 | + if (empty($_REQUEST['host_id']) && !empty($_REQUEST['host_name'])) { | |
31 | + // fill $host_id from $host_name. empty result is ok too, we'll list previous view then | |
32 | + $_REQUEST['host_id'] = db_fetch_cell("select id from host where description='{$_REQUEST['host_name']}'"); | |
33 | + } | |
34 | + | |
35 | /* clean up search string */ | |
36 | if (isset($_REQUEST["filter"])) { | |
37 | $_REQUEST["filter"] = sanitize_search_string(get_request_var_request("filter")); |