]>
Commit | Line | Data |
---|---|---|
a60f27b1 JS |
1 | --- cacti-0.8.7g/lib/html_form.php 2010-07-09 18:33:46.000000000 -0400 |
2 | +++ cacti-0.8.7g-patched/lib/html_form.php 2010-07-27 21:30:31.000000000 -0400 | |
3 | @@ -65,7 +65,7 @@ | |
4 | form_alternate_row_color($colors["form_alternate1"], $colors["form_alternate2"], $i, 'row_' . $field_name); | |
5 | } | |
6 | ||
7 | - print "<td width='" . ((isset($config_array["left_column_width"])) ? $config_array["left_column_width"] : "50%") . "'>\n<font class='textEditTitle'>" . htmlspecialchars($field_array["friendly_name"]) . "</font><br>\n"; | |
8 | + print "<td width='" . ((isset($config_array["left_column_width"])) ? $config_array["left_column_width"] : "50%") . "'>\n<font class='textEditTitle'>" . $field_array["friendly_name"] . "</font><br>\n"; | |
9 | ||
10 | if (isset($field_array["sub_checkbox"])) { | |
11 | form_checkbox($field_array["sub_checkbox"]["name"], $field_array["sub_checkbox"]["value"], | |
12 | --- cacti-0.8.7g/lib/data_query.php 2010-07-09 18:33:46.000000000 -0400 | |
13 | +++ cacti-0.8.7g-patched/lib/data_query.php 2010-07-27 21:30:31.000000000 -0400 | |
14 | @@ -620,6 +620,7 @@ | |
15 | } | |
16 | ||
17 | /* update the cache */ | |
18 | + /* TODO: if both $sort field and $title_format are empty, this yields funny results */ | |
19 | db_execute("update host_snmp_query set sort_field = '$sort_field', title_format = '$title_format' where host_id = '$host_id' and snmp_query_id = '$data_query_id'"); | |
20 | } | |
21 | ||
22 | --- cacti-0.8.7g/data_sources.php 2010-07-09 18:33:46.000000000 -0400 | |
23 | +++ cacti-0.8.7g-patched/data_sources.php 2010-07-27 21:30:31.000000000 -0400 | |
24 | @@ -899,7 +899,7 @@ | |
25 | <td bgcolor='#" . $colors["header"] . "' class='textHeaderDark'> | |
26 | <strong>Data Source Item</strong> $header_label | |
27 | </td> | |
28 | - <td class='textHeaderDark' align='right' bgcolor='" . $colors["header"] . "'> | |
29 | + <td class='textHeaderDark' align='right' bgcolor='#" . $colors["header"] . "'> | |
30 | " . ((!empty($_GET["id"]) && (empty($data_template["id"]))) ? "<strong><a class='linkOverDark' href='" . htmlspecialchars("data_sources.php?action=rrd_add&id=" . $_GET["id"]) . "'>New</a> </strong>" : "") . " | |
31 | </td> | |
32 | </tr>\n"; | |
e79e3b18 | 33 | @@ -1324,16 +1324,17 @@ |
a60f27b1 JS |
34 | if (sizeof($data_sources) > 0) { |
35 | foreach ($data_sources as $data_source) { | |
e79e3b18 | 36 | $data_source = api_plugin_hook_function('data_sources_table', $data_source); |
a60f27b1 JS |
37 | - $data_template_name = ((empty($data_source["data_template_name"])) ? "<em>None</em>" : $data_source["data_template_name"]); |
38 | - $data_input_name = ((empty($data_source["data_input_name"])) ? "<em>External</em>" : $data_source["data_input_name"]); | |
e79e3b18 | 39 | - $poller_interval = ((isset($poller_intervals[$data_source["local_data_id"]])) ? $poller_intervals[$data_source["local_data_id"]] : 0); |
a60f27b1 | 40 | + /* we're escaping strings here, so no need to escape them on form_selectable_cell */ |
e79e3b18 JS |
41 | + $data_template_name = ((empty($data_source["data_template_name"])) ? "<em>None</em>": htmlspecialchars($data_source["data_template_name"])); |
42 | + $data_input_name = ((empty($data_source["data_input_name"])) ? "<em>External</em>": htmlspecialchars($data_source["data_input_name"])); | |
43 | + $poller_interval = ((isset($poller_intervals[$data_source["local_data_id"]])) ? $poller_intervals[$data_source["local_data_id"]] : 0); | |
a60f27b1 JS |
44 | form_alternate_row_color($colors["alternate"], $colors["light"], $i, 'line' . $data_source["local_data_id"]); $i++; |
45 | form_selectable_cell("<a class='linkEditMain' href='" . htmlspecialchars("data_sources.php?action=ds_edit&id=" . $data_source["local_data_id"]) . "' title='" . $data_source["name_cache"] . "'>" . ((get_request_var_request("filter") != "") ? eregi_replace("(" . preg_quote(get_request_var_request("filter")) . ")", "<span style='background-color: #F8D93D;'>\\1</span>", title_trim(htmlspecialchars($data_source["name_cache"]), read_config_option("max_title_data_source"))) : title_trim(htmlspecialchars($data_source["name_cache"]), read_config_option("max_title_data_source"))) . "</a>", $data_source["local_data_id"]); | |
46 | form_selectable_cell($data_source['local_data_id'], $data_source['local_data_id']); | |
47 | - form_selectable_cell(((get_request_var_request("filter") != "") ? eregi_replace("(" . preg_quote(get_request_var_request("filter")) . ")", "<span style='background-color: #F8D93D;'>\\1</span>", htmlspecialchars($data_input_name)) : htmlspecialchars($data_input_name)), $data_source["local_data_id"]); | |
48 | + form_selectable_cell(((get_request_var_request("filter") != "") ? eregi_replace("(" . preg_quote(get_request_var_request("filter")) . ")", "<span style='background-color: #F8D93D;'>\\1</span>", $data_input_name) : $data_input_name), $data_source["local_data_id"]); | |
49 | form_selectable_cell(get_poller_interval($poller_interval), $data_source["local_data_id"]); | |
50 | form_selectable_cell(($data_source['active'] == "on" ? "Yes" : "No"), $data_source["local_data_id"]); | |
51 | - form_selectable_cell(((get_request_var_request("filter") != "") ? eregi_replace("(" . preg_quote(get_request_var_request("filter")) . ")", "<span style='background-color: #F8D93D;'>\\1</span>", htmlspecialchars($data_source['data_template_name'])) : htmlspecialchars($data_source['data_template_name'])), $data_source["local_data_id"]); | |
52 | + form_selectable_cell(((get_request_var_request("filter") != "") ? eregi_replace("(" . preg_quote(get_request_var_request("filter")) . ")", "<span style='background-color: #F8D93D;'>\\1</span>", $data_template_name) : $data_template_name), $data_source["local_data_id"]); | |
53 | form_checkbox_cell($data_source["name_cache"], $data_source["local_data_id"]); | |
54 | form_end_row(); | |
55 | } | |
56 | --- cacti-0.8.7g/graphs.php 2010-07-09 18:33:46.000000000 -0400 | |
57 | +++ cacti-0.8.7g-patched/graphs.php 2010-07-27 21:30:31.000000000 -0400 | |
58 | @@ -1317,11 +1317,12 @@ | |
59 | $i = 0; | |
60 | if (sizeof($graph_list) > 0) { | |
61 | foreach ($graph_list as $graph) { | |
62 | - $template_name = ((empty($graph["name"])) ? "<em>None</em>" : $graph["name"]); | |
63 | + /* we're escaping strings here, so no need to escape them on form_selectable_cell */ | |
64 | + $template_name = ((empty($graph["name"])) ? "<em>None</em>" : htmlspecialchars($graph["name"])); | |
65 | form_alternate_row_color($colors["alternate"], $colors["light"], $i, 'line' . $graph["local_graph_id"]); $i++; | |
66 | form_selectable_cell("<a class='linkEditMain' href='" . htmlspecialchars("graphs.php?action=graph_edit&id=" . $graph["local_graph_id"]) . "' title='" . htmlspecialchars($graph["title_cache"]) . "'>" . ((get_request_var_request("filter") != "") ? eregi_replace("(" . preg_quote(get_request_var_request("filter")) . ")", "<span style='background-color: #F8D93D;'>\\1</span>", title_trim(htmlspecialchars($graph["title_cache"]), read_config_option("max_title_graph"))) : title_trim(htmlspecialchars($graph["title_cache"]), read_config_option("max_title_graph"))) . "</a>", $graph["local_graph_id"]); | |
67 | form_selectable_cell($graph["local_graph_id"], $graph["local_graph_id"]); | |
68 | - form_selectable_cell(((get_request_var_request("filter") != "") ? eregi_replace("(" . preg_quote(get_request_var_request("filter")) . ")", "<span style='background-color: #F8D93D;'>\\1</span>", htmlspecialchars($template_name)) : htmlspecialchars($template_name)), $graph["local_graph_id"]); | |
69 | + form_selectable_cell(((get_request_var_request("filter") != "") ? eregi_replace("(" . preg_quote(get_request_var_request("filter")) . ")", "<span style='background-color: #F8D93D;'>\\1</span>", $template_name) : $template_name), $graph["local_graph_id"]); | |
70 | form_selectable_cell($graph["height"] . "x" . $graph["width"], $graph["local_graph_id"]); | |
71 | form_checkbox_cell($graph["title_cache"], $graph["local_graph_id"]); | |
72 | form_end_row(); | |
e79e3b18 | 73 |