cacti/dec06-vulnerability-scripts-0.8.6i.patch

diff -ruBbd cacti-0.8.6i/scripts/query_host_cpu.php cacti-0.8.6i-patch/scripts/query_host_cpu.php
--- cacti-0.8.6i/scripts/query_host_cpu.php	2006-10-09 00:06:00.000000000 -0400
+++ cacti-0.8.6i-patch/scripts/query_host_cpu.php	2007-01-01 12:50:55.781250000 -0500
@@ -1,6 +1,12 @@
 <?php
 
+/* do NOT run this script through a web browser */
+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+   die("<br><strong>This script is only meant to run at the command line.</strong>");
+}
+
 $no_http_headers = true;
+
 include(dirname(__FILE__) . "/../include/config.php");
 include(dirname(__FILE__) . "/../lib/snmp.php");
 
diff -ruBbd cacti-0.8.6i/scripts/query_host_partitions.php cacti-0.8.6i-patch/scripts/query_host_partitions.php
--- cacti-0.8.6i/scripts/query_host_partitions.php	2006-10-09 00:06:00.000000000 -0400
+++ cacti-0.8.6i-patch/scripts/query_host_partitions.php	2007-01-01 12:50:55.781250000 -0500
@@ -1,6 +1,12 @@
 <?php
 
+/* do NOT run this script through a web browser */
+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+   die("<br><strong>This script is only meant to run at the command line.</strong>");
+}
+
 $no_http_headers = true;
+
 include(dirname(__FILE__) . "/../include/config.php");
 include(dirname(__FILE__) . "/../lib/snmp.php");
 
diff -ruBbd cacti-0.8.6i/scripts/sql.php cacti-0.8.6i-patch/scripts/sql.php
--- cacti-0.8.6i/scripts/sql.php	2006-10-09 00:06:00.000000000 -0400
+++ cacti-0.8.6i-patch/scripts/sql.php	2007-01-01 12:50:55.781250000 -0500
@@ -1,6 +1,12 @@
 <?
 
+/* do NOT run this script through a web browser */
+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+   die("<br><strong>This script is only meant to run at the command line.</strong>");
+}
+
 $no_http_headers = true;
+
 include(dirname(__FILE__) . "/../include/config.php");
 
 if ($database_password == "") {
diff -ruBbd cacti-0.8.6i/scripts/ss_fping.php cacti-0.8.6i-patch/scripts/ss_fping.php
--- cacti-0.8.6i/scripts/ss_fping.php	2006-10-09 00:06:00.000000000 -0400
+++ cacti-0.8.6i-patch/scripts/ss_fping.php	2007-01-01 12:50:55.796875000 -0500
@@ -1,7 +1,11 @@
 <?php
 #!/usr/bin/php -q
 
-//STANDARD SCRIPT SERVER HEADER!!!
+/* do NOT run this script through a web browser */
+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+   die("<br><strong>This script is only meant to run at the command line.</strong>");
+}
+
 $no_http_headers = true;
 
 /* display No errors */
diff -ruBbd cacti-0.8.6i/scripts/ss_host_cpu.php cacti-0.8.6i-patch/scripts/ss_host_cpu.php
--- cacti-0.8.6i/scripts/ss_host_cpu.php	2006-10-09 00:06:00.000000000 -0400
+++ cacti-0.8.6i-patch/scripts/ss_host_cpu.php	2007-01-01 12:50:55.796875000 -0500
@@ -1,4 +1,10 @@
 <?php
+
+/* do NOT run this script through a web browser */
+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+   die("<br><strong>This script is only meant to run at the command line.</strong>");
+}
+
 $no_http_headers = true;
 
 /* display No errors */
diff -ruBbd cacti-0.8.6i/scripts/ss_host_disk.php cacti-0.8.6i-patch/scripts/ss_host_disk.php
--- cacti-0.8.6i/scripts/ss_host_disk.php	2006-10-09 00:06:00.000000000 -0400
+++ cacti-0.8.6i-patch/scripts/ss_host_disk.php	2007-01-01 12:50:55.796875000 -0500
@@ -1,4 +1,10 @@
 <?php
+
+/* do NOT run this script through a web browser */
+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+   die("<br><strong>This script is only meant to run at the command line.</strong>");
+}
+
 $no_http_headers = true;
 
 /* display No errors */
diff -ruBbd cacti-0.8.6i/scripts/ss_sql.php cacti-0.8.6i-patch/scripts/ss_sql.php
--- cacti-0.8.6i/scripts/ss_sql.php	2006-10-09 00:06:00.000000000 -0400
+++ cacti-0.8.6i-patch/scripts/ss_sql.php	2007-01-01 12:50:55.781250000 -0500
@@ -1,5 +1,10 @@
 <?php
 
+/* do NOT run this script through a web browser */
+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD'])  || isset($_SERVER['REMOTE_ADDR'])) {
+   die("<br><strong>This script is only meant to run at the command line.</strong>");
+}
+
 $no_http_headers = true;
 
 /* display ALL errors */
Fix for BZ 222410 2007-01-12 15:52:07 +00:00			`diff -ruBbd cacti-0.8.6i/scripts/query_host_cpu.php cacti-0.8.6i-patch/scripts/query_host_cpu.php`
			`--- cacti-0.8.6i/scripts/query_host_cpu.php 2006-10-09 00:06:00.000000000 -0400`
			`+++ cacti-0.8.6i-patch/scripts/query_host_cpu.php 2007-01-01 12:50:55.781250000 -0500`
			`@@ -1,6 +1,12 @@`
			`<?php`

			`+/* do NOT run this script through a web browser */`
			`+if (!isset($_SERVER["argv"][0]) \|\| isset($_SERVER['REQUEST_METHOD']) \|\| isset($_SERVER['REMOTE_ADDR'])) {`
			`+ die("<br><strong>This script is only meant to run at the command line.</strong>");`
			`+}`
			`+`
			`$no_http_headers = true;`
			`+`
			`include(dirname(__FILE__) . "/../include/config.php");`
			`include(dirname(__FILE__) . "/../lib/snmp.php");`

			`diff -ruBbd cacti-0.8.6i/scripts/query_host_partitions.php cacti-0.8.6i-patch/scripts/query_host_partitions.php`
			`--- cacti-0.8.6i/scripts/query_host_partitions.php 2006-10-09 00:06:00.000000000 -0400`
			`+++ cacti-0.8.6i-patch/scripts/query_host_partitions.php 2007-01-01 12:50:55.781250000 -0500`
			`@@ -1,6 +1,12 @@`
			`<?php`

			`+/* do NOT run this script through a web browser */`
			`+if (!isset($_SERVER["argv"][0]) \|\| isset($_SERVER['REQUEST_METHOD']) \|\| isset($_SERVER['REMOTE_ADDR'])) {`
			`+ die("<br><strong>This script is only meant to run at the command line.</strong>");`
			`+}`
			`+`
			`$no_http_headers = true;`
			`+`
			`include(dirname(__FILE__) . "/../include/config.php");`
			`include(dirname(__FILE__) . "/../lib/snmp.php");`

			`diff -ruBbd cacti-0.8.6i/scripts/sql.php cacti-0.8.6i-patch/scripts/sql.php`
			`--- cacti-0.8.6i/scripts/sql.php 2006-10-09 00:06:00.000000000 -0400`
			`+++ cacti-0.8.6i-patch/scripts/sql.php 2007-01-01 12:50:55.781250000 -0500`
			`@@ -1,6 +1,12 @@`
			`<?`

			`+/* do NOT run this script through a web browser */`
			`+if (!isset($_SERVER["argv"][0]) \|\| isset($_SERVER['REQUEST_METHOD']) \|\| isset($_SERVER['REMOTE_ADDR'])) {`
			`+ die("<br><strong>This script is only meant to run at the command line.</strong>");`
			`+}`
			`+`
			`$no_http_headers = true;`
			`+`
			`include(dirname(__FILE__) . "/../include/config.php");`

			`if ($database_password == "") {`
			`diff -ruBbd cacti-0.8.6i/scripts/ss_fping.php cacti-0.8.6i-patch/scripts/ss_fping.php`
			`--- cacti-0.8.6i/scripts/ss_fping.php 2006-10-09 00:06:00.000000000 -0400`
			`+++ cacti-0.8.6i-patch/scripts/ss_fping.php 2007-01-01 12:50:55.796875000 -0500`
			`@@ -1,7 +1,11 @@`
			`<?php`
			`#!/usr/bin/php -q`

			`-//STANDARD SCRIPT SERVER HEADER!!!`
			`+/* do NOT run this script through a web browser */`
			`+if (!isset($_SERVER["argv"][0]) \|\| isset($_SERVER['REQUEST_METHOD']) \|\| isset($_SERVER['REMOTE_ADDR'])) {`
			`+ die("<br><strong>This script is only meant to run at the command line.</strong>");`
			`+}`
			`+`
			`$no_http_headers = true;`

			`/* display No errors */`
			`diff -ruBbd cacti-0.8.6i/scripts/ss_host_cpu.php cacti-0.8.6i-patch/scripts/ss_host_cpu.php`
			`--- cacti-0.8.6i/scripts/ss_host_cpu.php 2006-10-09 00:06:00.000000000 -0400`
			`+++ cacti-0.8.6i-patch/scripts/ss_host_cpu.php 2007-01-01 12:50:55.796875000 -0500`
			`@@ -1,4 +1,10 @@`
			`<?php`
			`+`
			`+/* do NOT run this script through a web browser */`
			`+if (!isset($_SERVER["argv"][0]) \|\| isset($_SERVER['REQUEST_METHOD']) \|\| isset($_SERVER['REMOTE_ADDR'])) {`
			`+ die("<br><strong>This script is only meant to run at the command line.</strong>");`
			`+}`
			`+`
			`$no_http_headers = true;`

			`/* display No errors */`
			`diff -ruBbd cacti-0.8.6i/scripts/ss_host_disk.php cacti-0.8.6i-patch/scripts/ss_host_disk.php`
			`--- cacti-0.8.6i/scripts/ss_host_disk.php 2006-10-09 00:06:00.000000000 -0400`
			`+++ cacti-0.8.6i-patch/scripts/ss_host_disk.php 2007-01-01 12:50:55.796875000 -0500`
			`@@ -1,4 +1,10 @@`
			`<?php`
			`+`
			`+/* do NOT run this script through a web browser */`
			`+if (!isset($_SERVER["argv"][0]) \|\| isset($_SERVER['REQUEST_METHOD']) \|\| isset($_SERVER['REMOTE_ADDR'])) {`
			`+ die("<br><strong>This script is only meant to run at the command line.</strong>");`
			`+}`
			`+`
			`$no_http_headers = true;`

			`/* display No errors */`
			`diff -ruBbd cacti-0.8.6i/scripts/ss_sql.php cacti-0.8.6i-patch/scripts/ss_sql.php`
			`--- cacti-0.8.6i/scripts/ss_sql.php 2006-10-09 00:06:00.000000000 -0400`
			`+++ cacti-0.8.6i-patch/scripts/ss_sql.php 2007-01-01 12:50:55.781250000 -0500`
			`@@ -1,5 +1,10 @@`
			`<?php`

			`+/* do NOT run this script through a web browser */`
			`+if (!isset($_SERVER["argv"][0]) \|\| isset($_SERVER['REQUEST_METHOD']) \|\| isset($_SERVER['REMOTE_ADDR'])) {`
			`+ die("<br><strong>This script is only meant to run at the command line.</strong>");`
			`+}`
			`+`
			`$no_http_headers = true;`

			`/* display ALL errors */`