Upstream released new version (has security fixes)
This commit is contained in:
parent
a3f509ae41
commit
254407a910
18
cacti.spec
18
cacti.spec
@ -1,6 +1,6 @@
|
||||
Name: cacti
|
||||
Version: 0.8.7e
|
||||
Release: 4%{?dist}
|
||||
Version: 0.8.7f
|
||||
Release: 1%{?dist}
|
||||
Summary: An rrd based graphing tool
|
||||
|
||||
Group: Applications/System
|
||||
@ -11,11 +11,6 @@ Source0: http://www.cacti.net/downloads/%{name}-%{version}.tar.gz
|
||||
Source1: cacti-httpd.conf
|
||||
Source2: cacti.logrotate
|
||||
Source3: cacti.README.Fedora
|
||||
Patch0: cli_add_graph.patch
|
||||
Patch1: snmp_invalid_response.patch
|
||||
Patch2: template_duplication.patch
|
||||
Patch3: cross_site_fix.patch
|
||||
Patch4: sql_injection_template_export.patch
|
||||
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
|
||||
@ -35,11 +30,6 @@ used to creating traffic graphs with MRTG.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
|
||||
echo "#*/5 * * * * cacti %{_bindir}/php %{_datadir}/%{name}/poller.php > /dev/null 2>&1" >cacti.cron
|
||||
|
||||
@ -115,6 +105,10 @@ fi
|
||||
%attr(0644,root,root) %{_localstatedir}/lib/%{name}/lib
|
||||
|
||||
%changelog
|
||||
* Mon May 24 2010 Mike McGrath <mmcgrath@redhat.com> - 0.8.7f-1
|
||||
- Upstream released new version
|
||||
- Contains security updates #595289
|
||||
|
||||
* Fri Apr 23 2010 Mike McGrath <mmcgrath@redhat.com> - 0.8.7e-4
|
||||
- Pulling in patches from upstream
|
||||
- SQL injection fix
|
||||
|
@ -1,11 +0,0 @@
|
||||
--- ../tags/0.8.7e/cli/add_graphs.php 2009-06-28 12:34:31.000000000 -0400
|
||||
+++ 0.8.7/cli/add_graphs.php 2009-08-18 20:04:44.000000000 -0400
|
||||
@@ -570,7 +570,7 @@
|
||||
echo " 3|Fields = Verify all Fields\n";
|
||||
echo "List Options:\n";
|
||||
echo " --list-hosts\n";
|
||||
- echo " --list-graph-templates [--host_template=[ID]]\n";
|
||||
+ echo " --list-graph-templates [--host-template-id=[ID]]\n";
|
||||
echo " --list-input-fields --graph-template-id=[ID]\n";
|
||||
echo " --list-snmp-queries\n";
|
||||
echo " --list-query-types --snmp-query-id [ID]\n";
|
@ -1,175 +0,0 @@
|
||||
--- cacti-0.8.7e/graph.php 2009-06-28 12:07:11.000000000 -0400
|
||||
+++ cacti-0.8.7e-patched/graph.php 2009-11-21 23:10:16.000000000 -0500
|
||||
@@ -35,6 +35,8 @@
|
||||
/* ================= input validation ================= */
|
||||
input_validate_input_regex(get_request_var_request("rra_id"), "^([0-9]+|all)$");
|
||||
input_validate_input_number(get_request_var("local_graph_id"));
|
||||
+input_validate_input_number(get_request_var("graph_end"));
|
||||
+input_validate_input_number(get_request_var("graph_start"));
|
||||
input_validate_input_regex(get_request_var_request("view_type"), "^([a-zA-Z0-9]+)$");
|
||||
/* ==================================================== */
|
||||
|
||||
--- cacti-0.8.7e/include/top_graph_header.php 2009-06-28 12:07:11.000000000 -0400
|
||||
+++ cacti-0.8.7e-patched/include/top_graph_header.php 2009-11-21 23:15:27.000000000 -0500
|
||||
@@ -58,7 +58,7 @@
|
||||
if ($_SESSION["custom"]) {
|
||||
print "<meta http-equiv=refresh content='99999'>\r\n";
|
||||
}else{
|
||||
- print "<meta http-equiv=refresh content='" . read_graph_config_option("page_refresh") . "'>\r\n";
|
||||
+ print "<meta http-equiv=refresh content='" . htmlspecialchars(read_graph_config_option("page_refresh"),ENT_QUOTES) . "'>\r\n";
|
||||
}
|
||||
}
|
||||
?>
|
||||
@@ -113,7 +113,7 @@
|
||||
</tr>
|
||||
<tr class="noprint">
|
||||
<td bgcolor="#efefef" colspan="1" height="8" style="background-image: url(images/shadow_gray.gif); background-repeat: repeat-x; border-right: #aaaaaa 1px solid;">
|
||||
- <img src="images/transparent_line.gif" width="<?php print read_graph_config_option("default_dual_pane_width");?>" height="2" border="0"><br>
|
||||
+ <img src="images/transparent_line.gif" width="<?php print htmlspecialchars(read_graph_config_option("default_dual_pane_width"));?>" height="2" border="0"><br>
|
||||
</td>
|
||||
<td bgcolor="#ffffff" colspan="1" height="8" style="background-image: url(images/shadow.gif); background-repeat: repeat-x;">
|
||||
|
||||
@@ -144,7 +144,7 @@
|
||||
|
||||
<tr>
|
||||
<?php if ((read_graph_config_option("default_tree_view_mode") == "2") && (($_REQUEST["action"] == "tree") || ((isset($_REQUEST["view_type"]) ? $_REQUEST["view_type"] : "") == "tree"))) { ?>
|
||||
- <td valign="top" style="padding: 5px; border-right: #aaaaaa 1px solid;" bgcolor='#efefef' width='<?php print read_graph_config_option("default_dual_pane_width");?>' class='noprint'>
|
||||
+ <td valign="top" style="padding: 5px; border-right: #aaaaaa 1px solid;" bgcolor='#efefef' width='<?php print htmlspecialchars(read_graph_config_option("default_dual_pane_width"));?>' class='noprint'>
|
||||
<table border=0 cellpadding=0 cellspacing=0><tr><td><font size=-2><a style="font-size:7pt;text-decoration:none;color:silver" href="http://www.treemenu.net/" target=_blank></a></font></td></tr></table>
|
||||
<?php grow_dhtml_trees(); ?>
|
||||
<script type="text/javascript">initializeDocument();</script>
|
||||
--- cacti-0.8.7e/lib/html_form.php 2009-06-28 12:07:11.000000000 -0400
|
||||
+++ cacti-0.8.7e-patched/lib/html_form.php 2009-11-21 23:15:40.000000000 -0500
|
||||
@@ -235,13 +235,21 @@
|
||||
|
||||
if (sizeof($items) > 0) {
|
||||
foreach ($items as $item) {
|
||||
- print $item["name"] . "<br>";
|
||||
+ print htmlspecialchars($item["name"],ENT_QUOTES) . "<br>";
|
||||
}
|
||||
}
|
||||
|
||||
break;
|
||||
+ case 'font':
|
||||
+ form_font_box($field_name, $field_array["value"],
|
||||
+ ((isset($field_array["default"])) ? $field_array["default"] : ""),
|
||||
+ $field_array["max_length"],
|
||||
+ ((isset($field_array["size"])) ? $field_array["size"] : "40"), "text",
|
||||
+ ((isset($field_array["form_id"])) ? $field_array["form_id"] : ""));
|
||||
+
|
||||
+ break;
|
||||
default:
|
||||
- print "<em>" . $field_array["value"] . "</em>";
|
||||
+ print "<em>" . htmlspecialchars($field_array["value"],ENT_QUOTES) . "</em>";
|
||||
|
||||
form_hidden_box($field_name, $field_array["value"], "");
|
||||
|
||||
@@ -384,7 +392,7 @@
|
||||
$form_previous_value = $form_default_value;
|
||||
}
|
||||
|
||||
- print "<input type='hidden' id='$form_name' name='$form_name' value='$form_previous_value'>\n";
|
||||
+ print "<input type='hidden' id='$form_name' name='$form_name' value='" . htmlspecialchars($form_previous_value, ENT_QUOTES) . "'>\n";
|
||||
}
|
||||
|
||||
/* form_dropdown - draws a standard html dropdown box
|
||||
@@ -568,7 +576,7 @@
|
||||
}
|
||||
}
|
||||
|
||||
- print ">". $array_display[$id];
|
||||
+ print ">". htmlspecialchars($array_display[$id],ENT_QUOTES);
|
||||
print "</option>\n";
|
||||
}
|
||||
|
||||
@@ -627,6 +635,65 @@
|
||||
print "</select>\n";
|
||||
}
|
||||
|
||||
+/* form_font_box - draws a standard html textbox and provides status of a fonts existence
|
||||
+ @arg $form_name - the name of this form element
|
||||
+ @arg $form_previous_value - the current value of this form element
|
||||
+ @arg $form_default_value - the value of this form element to use if there is
|
||||
+ no current value available
|
||||
+ @arg $form_max_length - the maximum number of characters that can be entered
|
||||
+ into this textbox
|
||||
+ @arg $form_size - the size (width) of the textbox
|
||||
+ @arg $type - the type of textbox, either 'text' or 'password'
|
||||
+ @arg $current_id - used to determine if a current value for this form element
|
||||
+ exists or not. a $current_id of '0' indicates that no current value exists,
|
||||
+ a non-zero value indicates that a current value does exist */
|
||||
+function form_font_box($form_name, $form_previous_value, $form_default_value, $form_max_length, $form_size = 30, $type = "text", $current_id = 0) {
|
||||
+ if (($form_previous_value == "") && (empty($current_id))) {
|
||||
+ $form_previous_value = $form_default_value;
|
||||
+ }
|
||||
+
|
||||
+ print "<input type='$type'";
|
||||
+
|
||||
+ if (isset($_SESSION["sess_error_fields"])) {
|
||||
+ if (!empty($_SESSION["sess_error_fields"][$form_name])) {
|
||||
+ print "class='txtErrorTextBox'";
|
||||
+ unset($_SESSION["sess_error_fields"][$form_name]);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if (isset($_SESSION["sess_field_values"])) {
|
||||
+ if (!empty($_SESSION["sess_field_values"][$form_name])) {
|
||||
+ $form_previous_value = $_SESSION["sess_field_values"][$form_name];
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if (strlen($form_previous_value) == 0) { # no data: defaults are used; everythings fine
|
||||
+ $extra_data = "";
|
||||
+ } else {
|
||||
+ if (read_config_option("rrdtool_version") == "rrd-1.3.x") { # rrdtool 1.3 uses fontconfig
|
||||
+ $font = '"' . $form_previous_value . '"';
|
||||
+ $out_array = array();
|
||||
+ exec('fc-list ' . $font, $out_array);
|
||||
+ if (sizeof($out_array) == 0) {
|
||||
+ $extra_data = "<span style='color:red'><br>[" . "ERROR: FONT NOT FOUND" . "]</span>";
|
||||
+ } else {
|
||||
+ $extra_data = "<span style='color:green'><br>[" . "OK: FONT FOUND" . "]</span>";
|
||||
+ }
|
||||
+ } elseif (read_config_option("rrdtool_version") == "rrd-1.0.x" ||
|
||||
+ read_config_option("rrdtool_version") == "rrd-1.2.x") { # rrdtool 1.0 and 1.2 use font files
|
||||
+ if (is_file($form_previous_value)) {
|
||||
+ $extra_data = "<span style='color:green'><br>[" . "OK: FILE FOUND" . "]</span>";
|
||||
+ }else if (is_dir($form_previous_value)) {
|
||||
+ $extra_data = "<span style='color:red'><br>[" . "ERROR: IS DIR" . "]</span>";
|
||||
+ }else{
|
||||
+ $extra_data = "<span style='color:red'><br>[" . "ERROR: FILE NOT FOUND" . "]</span>";
|
||||
+ }
|
||||
+ } # will be used for future versions of rrdtool
|
||||
+ }
|
||||
+
|
||||
+ print " id='$form_name' name='$form_name' size='$form_size'" . (!empty($form_max_length) ? " maxlength='$form_max_length'" : "") . " value='" . htmlspecialchars($form_previous_value, ENT_QUOTES) . "'>" . $extra_data;
|
||||
+}
|
||||
+
|
||||
/* form_confirm - draws a table presenting the user with some choice and allowing
|
||||
them to either proceed (delete) or cancel
|
||||
@arg $body_text - the text to prompt the user with on this form
|
||||
--- cacti-0.8.7e/lib/timespan_settings.php 2009-06-28 12:07:11.000000000 -0400
|
||||
+++ cacti-0.8.7e-patched/lib/timespan_settings.php 2009-11-21 23:15:49.000000000 -0500
|
||||
@@ -125,9 +125,9 @@
|
||||
if (isset($_POST["date1"])) {
|
||||
/* the dates have changed, therefore, I am now custom */
|
||||
if (($_SESSION["sess_current_date1"] != $_POST["date1"]) || ($_SESSION["sess_current_date2"] != $_POST["date2"])) {
|
||||
- $timespan["current_value_date1"] = $_POST["date1"];
|
||||
+ $timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
|
||||
$timespan["begin_now"] =strtotime($timespan["current_value_date1"]);
|
||||
- $timespan["current_value_date2"] = $_POST["date2"];
|
||||
+ $timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
|
||||
$timespan["end_now"]=strtotime($timespan["current_value_date2"]);
|
||||
$_SESSION["sess_current_timespan"] = GT_CUSTOM;
|
||||
$_SESSION["custom"] = 1;
|
||||
@@ -135,8 +135,8 @@
|
||||
}else {
|
||||
/* the default button wasn't pushed */
|
||||
if (!isset($_POST["button_clear_x"])) {
|
||||
- $timespan["current_value_date1"] = $_POST["date1"];
|
||||
- $timespan["current_value_date2"] = $_POST["date2"];
|
||||
+ $timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
|
||||
+ $timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
|
||||
$timespan["begin_now"] = $_SESSION["sess_current_timespan_begin_now"];
|
||||
$timespan["end_now"] = $_SESSION["sess_current_timespan_end_now"];
|
||||
|
@ -1,25 +0,0 @@
|
||||
--- ../tags/0.8.7e/include/global_arrays.php 2009-06-28 12:34:31.000000000 -0400
|
||||
+++ 0.8.7/include/global_arrays.php 2009-08-18 20:04:44.000000000 -0400
|
||||
@@ -174,6 +174,10 @@
|
||||
"DES" => "DES (default)",
|
||||
"AES128" => "AES");
|
||||
|
||||
+$banned_snmp_strings = array(
|
||||
+ "End of MIB",
|
||||
+ "No Such");
|
||||
+
|
||||
$logfile_options = array(1 =>
|
||||
"Logfile Only",
|
||||
"Logfile and Syslog/Eventlog",
|
||||
--- ../tags/0.8.7e/lib/snmp.php 2009-06-28 12:34:30.000000000 -0400
|
||||
+++ 0.8.7/lib/snmp.php 2009-08-18 20:04:44.000000000 -0400
|
||||
@@ -27,9 +27,6 @@
|
||||
define("SNMP_METHOD_PHP", 1);
|
||||
define("SNMP_METHOD_BINARY", 2);
|
||||
|
||||
-/* declare once, use many times */
|
||||
-$banned_snmp_strings = array("End of MIB", "No Such");
|
||||
-
|
||||
/* we must use an apostrophe to escape community names under Unix in case the user uses
|
||||
characters that the shell might interpret. the ucd-snmp binaries on Windows flip out when
|
||||
you do this, but are perfectly happy with a quotation mark. */
|
2
sources
2
sources
@ -1 +1 @@
|
||||
7563a58a57d2c6cc0da28cc341a30969 cacti-0.8.7e.tar.gz
|
||||
c50a49e3b439dba1fd44ddc34276d4df cacti-0.8.7f.tar.gz
|
||||
|
@ -1,13 +0,0 @@
|
||||
--- cacti-0.8.7e/templates_export.php 2009-06-28 12:07:11.000000000 -0400
|
||||
+++ cacti-fixed/templates_export.php 2010-04-17 14:08:42.000000000 -0400
|
||||
@@ -49,6 +49,10 @@
|
||||
function form_save() {
|
||||
global $export_types;
|
||||
|
||||
+ /* ================= input validation ================= */
|
||||
+ input_validate_input_number(get_request_var_post("export_item_id"));
|
||||
+ /* ==================================================== */
|
||||
+
|
||||
if (isset($_POST["save_component_export"])) {
|
||||
$xml_data = get_item_xml($_POST["export_type"], $_POST["export_item_id"], (((isset($_POST["include_deps"]) ? $_POST["include_deps"] : "") == "") ? false : true));
|
||||
|
@ -1,234 +0,0 @@
|
||||
diff -ruBbd 0.8.7e/cli/repair_templates.php 0.8.7/cli/repair_templates.php
|
||||
--- 0.8.7e/cli/repair_templates.php 2009-08-18 22:03:22.000000000 -0400
|
||||
+++ 0.8.7/cli/repair_templates.php 2009-08-20 07:43:54.000000000 -0400
|
||||
@@ -0,0 +1,135 @@
|
||||
+<?php
|
||||
+/*
|
||||
+ +-------------------------------------------------------------------------+
|
||||
+ | Copyright (C) 2004-2009 The Cacti Group |
|
||||
+ | |
|
||||
+ | This program is free software; you can redistribute it and/or |
|
||||
+ | modify it under the terms of the GNU General Public License |
|
||||
+ | as published by the Free Software Foundation; either version 2 |
|
||||
+ | of the License, or (at your option) any later version. |
|
||||
+ | |
|
||||
+ | This program is distributed in the hope that it will be useful, |
|
||||
+ | but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
||||
+ | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
||||
+ | GNU General Public License for more details. |
|
||||
+ +-------------------------------------------------------------------------+
|
||||
+ | Cacti: The Complete RRDTool-based Graphing Solution |
|
||||
+ +-------------------------------------------------------------------------+
|
||||
+ | This code is designed, written, and maintained by the Cacti Group. See |
|
||||
+ | about.php and/or the AUTHORS file for specific developer information. |
|
||||
+ +-------------------------------------------------------------------------+
|
||||
+ | http://www.cacti.net/ |
|
||||
+ +-------------------------------------------------------------------------+
|
||||
+*/
|
||||
+
|
||||
+/* do NOT run this script through a web browser */
|
||||
+if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD']) || isset($_SERVER['REMOTE_ADDR'])) {
|
||||
+ die("<br><strong>This script is only meant to run at the command line.</strong>");
|
||||
+}
|
||||
+
|
||||
+$no_http_headers = true;
|
||||
+
|
||||
+include(dirname(__FILE__) . "/../include/global.php");
|
||||
+include_once("../lib/utility.php");
|
||||
+include_once("../lib/template.php");
|
||||
+
|
||||
+/* process calling arguments */
|
||||
+$parms = $_SERVER["argv"];
|
||||
+array_shift($parms);
|
||||
+
|
||||
+$execute = FALSE;
|
||||
+
|
||||
+foreach($parms as $parameter) {
|
||||
+ @list($arg, $value) = @explode("=", $parameter);
|
||||
+
|
||||
+ switch ($arg) {
|
||||
+ case "--execute":
|
||||
+ $execute = TRUE;
|
||||
+ break;
|
||||
+ case "-h":
|
||||
+ case "-v":
|
||||
+ case "-V":
|
||||
+ case "--version":
|
||||
+ case "--help":
|
||||
+ display_help();
|
||||
+ exit;
|
||||
+ default:
|
||||
+ print "ERROR: Invalid Parameter " . $parameter . "\n\n";
|
||||
+ display_help();
|
||||
+ exit;
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+if ($execute) {
|
||||
+ echo "NOTE: Repairing All Duplicated Templates\n";
|
||||
+} else {
|
||||
+ echo "NOTE: Performing Check of Templates\n";
|
||||
+}
|
||||
+
|
||||
+/* repair data templates first */
|
||||
+if ($execute) {
|
||||
+ echo "NOTE: Repairing Data Templates\n";
|
||||
+} else {
|
||||
+ echo "NOTE: Performing Check of Data Templates\n";
|
||||
+}
|
||||
+
|
||||
+$damaged_template_ids = db_fetch_assoc("SELECT DISTINCT data_template_id FROM data_template_rrd WHERE hash='' AND local_data_id=0");
|
||||
+if (sizeof($damaged_template_ids)) {
|
||||
+ foreach($damaged_template_ids as $id) {
$template_name = db_fetch_cell("SELECT name FROM data_template WHERE id=" . $id["data_template_id"]);
|
||||
+ echo "NOTE: Data Template '$template_name' is Damaged and can be repaired\n";
|
||||
+ }
|
||||
+
|
||||
+ $damaged_templates = db_fetch_assoc("SELECT * FROM data_template_rrd WHERE hash='' AND local_data_id=0");
|
||||
+ if (sizeof($damaged_templates)) {
|
||||
+ echo "NOTE: -- Damaged Data Templates Objects Found is '" . sizeof($damaged_templates) . "'\n";
|
||||
+ if ($execute) {
|
||||
+ foreach($damaged_templates as $template) {
|
||||
+ $hash = get_hash_data_template($template["local_data_template_rrd_id"], "data_template_item");
|
||||
+ db_execute("UPDATE data_template_rrd SET hash='$hash' WHERE id=" . $template["id"]);
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+} else {
|
||||
+ echo "NOTE: No Damaged Data Templates Found\n";
|
||||
+}
|
||||
+
|
||||
+/* reset the array */
|
||||
+$damaged_templates = array();
|
||||
+
|
||||
+/* repair graph templates */
|
||||
+if ($execute) {
|
||||
+ echo "NOTE: Repairing Graph Templates\n";
|
||||
+} else {
|
||||
+ echo "NOTE: Performing Check of Graph Templates\n";
|
||||
+}
|
||||
+
|
||||
+$damaged_template_ids = db_fetch_assoc("SELECT DISTINCT graph_template_id FROM graph_template_input WHERE hash=''");
|
||||
+if (sizeof($damaged_template_ids)) {
|
||||
+ foreach($damaged_template_ids as $id) {
|
||||
+ $template_name = db_fetch_cell("SELECT name FROM graph_templates WHERE id=" . $id["graph_template_id"]);
|
||||
+ echo "NOTE: Graph Template '$template_name' is Damaged and can be repaired\n";
|
||||
+ }
|
||||
+
|
||||
+ $damaged_templates = db_fetch_assoc("SELECT * FROM graph_template_input WHERE hash=''");
|
||||
+ if (sizeof($damaged_templates)) {
|
||||
+ echo "NOTE: -- Damaged Graph Templates Objects Found is '" . sizeof($damaged_templates) . "'\n";
|
||||
+ if ($execute) {
|
||||
+ foreach($damaged_templates as $template) {
|
||||
+ $hash = get_hash_graph_template(0, "graph_template_input");
|
||||
+ db_execute("UPDATE graph_template_input SET hash='$hash' WHERE id=" . $template["id"]);
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+} else {
|
||||
+ echo "NOTE: No Damaged Graph Templates Found\n";
|
||||
+}
|
||||
+
|
||||
+
|
||||
+/* display_help - displays the usage of the function */
|
||||
+function display_help () {
|
||||
+ print "Cacti Database Template Repair Tool v1.0, Copyright 2004-2009 - The Cacti Group\n\n";
|
||||
+ print "usage: repair_templates.php --execute [--help]\n\n";
|
||||
+ print "--execute - Perform the repair\n";
|
||||
+ print "--help - display this help message\n";
|
||||
+}
|
||||
+?>
|
||||
diff -ruBbd 0.8.7e/docs/README 0.8.7/docs/README
|
||||
--- 0.8.7e/docs/README 2009-08-18 21:57:30.000000000 -0400
|
||||
+++ 0.8.7/docs/README 2009-08-18 21:58:09.000000000 -0400
|
||||
@@ -90,6 +90,9 @@
|
||||
table
|
||||
poller_reindex_hosts.php - Cause data query reindex on hosts
|
||||
rebuild_poller_cache.php - Rebuilds the poller cache
|
||||
+ repair_templates.php - Certain templates, when created using the "duplicate"
|
||||
+ function in Cacti, do not import/export well. This utility repairs
|
||||
+ those templates.
|
||||
|
||||
|
||||
|
||||
diff -ruBbd 0.8.7e/lib/export.php 0.8.7/lib/export.php
|
||||
--- 0.8.7e/lib/export.php 2009-08-18 21:56:47.000000000 -0400
|
||||
+++ 0.8.7/lib/export.php 2009-08-18 21:57:50.000000000 -0400
|
||||
@@ -811,7 +811,9 @@
|
||||
}
|
||||
|
||||
function xml_character_encode($text) {
|
||||
-
|
||||
+ if (function_exists("htmlspecialchars")) {
|
||||
+ return htmlspecialchars($text, ENT_QUOTES, "UTF-8");
|
||||
+ } else {
|
||||
$text = str_replace("&", "&", $text);
|
||||
$text = str_replace(">", ">", $text);
|
||||
$text = str_replace("<", "<", $text);
|
||||
@@ -819,6 +821,7 @@
|
||||
$text = str_replace("\'", "'", $text);
|
||||
|
||||
return $text;
|
||||
+ }
|
||||
}
|
||||
|
||||
?>
|
||||
diff -ruBbd 0.8.7e/lib/import.php 0.8.7/lib/import.php
|
||||
--- 0.8.7e/lib/import.php 2009-08-18 21:56:59.000000000 -0400
|
||||
+++ 0.8.7/lib/import.php 2009-08-18 21:57:55.000000000 -0400
|
||||
@@ -36,10 +36,6 @@
|
||||
return $info_array;
|
||||
}
|
||||
|
||||
- if (isset($xml_array["name"])) {
|
||||
- $xml_array["name"] = htmlspecialchars($xml_array["name"]);
|
||||
- }
|
||||
-
|
||||
while (list($hash, $hash_array) = each($xml_array)) {
|
||||
/* parse information from the hash */
|
||||
$parsed_hash = parse_xml_hash($hash);
|
||||
@@ -115,7 +111,7 @@
|
||||
$_graph_template_id = db_fetch_cell("select id from graph_templates where hash='$hash'");
|
||||
$save["id"] = (empty($_graph_template_id) ? "0" : $_graph_template_id);
|
||||
$save["hash"] = $hash;
|
||||
- $save["name"] = htmlspecialchars($xml_array["name"]);
|
||||
+ $save["name"] = $xml_array["name"];
|
||||
$graph_template_id = sql_save($save, "graph_templates");
|
||||
|
||||
$hash_cache["graph_template"][$hash] = $graph_template_id;
|
||||
@@ -914,9 +910,13 @@
|
||||
}
|
||||
|
||||
function xml_character_decode($text) {
|
||||
+ if (function_exists("html_entity_decode")) {
|
||||
+ return html_entity_decode($text, ENT_QUOTES, "UTF-8");
|
||||
+ } else {
|
||||
$trans_tbl = get_html_translation_table(HTML_ENTITIES);
|
||||
$trans_tbl = array_flip($trans_tbl);
|
||||
return strtr($text, $trans_tbl);
|
||||
+ }
|
||||
}
|
||||
|
||||
?>
|
||||
diff -ruBbd 0.8.7e/lib/utility.php 0.8.7/lib/utility.php
|
||||
--- 0.8.7e/lib/utility.php 2009-08-18 21:57:08.000000000 -0400
|
||||
+++ 0.8.7/lib/utility.php 2009-08-18 21:58:00.000000000 -0400
|
||||
@@ -346,6 +346,7 @@
|
||||
$save["name"] = $graph_template_input["name"];
|
||||
$save["description"] = $graph_template_input["description"];
|
||||
$save["column_name"] = $graph_template_input["column_name"];
|
||||
+ $save["hash"] = get_hash_graph_template(0, "graph_template_input");
|
||||
|
||||
$graph_template_input_id = sql_save($save, "graph_template_input");
|
||||
|
||||
@@ -436,6 +437,11 @@
|
||||
$save["local_data_id"] = (isset($local_data_id) ? $local_data_id : 0);
|
||||
$save["local_data_template_rrd_id"] = (isset($data_template_rrd["local_data_template_rrd_id"]) ? $data_template_rrd["local_data_template_rrd_id"] : 0);
|
||||
$save["data_template_id"] = (!empty($_local_data_id) ? $data_template_rrd["data_template_id"] : $data_template_id);
|
||||
+ if ($save["local_data_id"] == 0) {
|
||||
+ $save["hash"] = get_hash_data_template($data_template_rrd["local_data_template_rrd_id"], "data_template_item");
|
||||
+ } else {
|
||||
+ $save["hash"] = '';
|
||||
+ }
|
||||
|
||||
while (list($field, $array) = each($struct_data_source_item)) {
|
||||
$save{$field} = $data_template_rrd{$field};
|
Loading…
Reference in New Issue
Block a user