diff --git a/cli_add_graph.patch b/cli_add_graph.patch
new file mode 100644
index 0000000..b82d21a
--- /dev/null
+++ b/cli_add_graph.patch
@@ -0,0 +1,11 @@
+--- ../tags/0.8.7e/cli/add_graphs.php 2009-06-28 12:34:31.000000000 -0400
++++ 0.8.7/cli/add_graphs.php 2009-08-18 20:04:44.000000000 -0400
+@@ -570,7 +570,7 @@
+ echo " 3|Fields = Verify all Fields\n";
+ echo "List Options:\n";
+ echo " --list-hosts\n";
+- echo " --list-graph-templates [--host_template=[ID]]\n";
++ echo " --list-graph-templates [--host-template-id=[ID]]\n";
+ echo " --list-input-fields --graph-template-id=[ID]\n";
+ echo " --list-snmp-queries\n";
+ echo " --list-query-types --snmp-query-id [ID]\n";
diff --git a/cross_site_fix.patch b/cross_site_fix.patch
new file mode 100644
index 0000000..ddc9e2e
--- /dev/null
+++ b/cross_site_fix.patch
@@ -0,0 +1,175 @@
+--- cacti-0.8.7e/graph.php 2009-06-28 12:07:11.000000000 -0400
++++ cacti-0.8.7e-patched/graph.php 2009-11-21 23:10:16.000000000 -0500
+@@ -35,6 +35,8 @@
+ /* ================= input validation ================= */
+ input_validate_input_regex(get_request_var_request("rra_id"), "^([0-9]+|all)$");
+ input_validate_input_number(get_request_var("local_graph_id"));
++input_validate_input_number(get_request_var("graph_end"));
++input_validate_input_number(get_request_var("graph_start"));
+ input_validate_input_regex(get_request_var_request("view_type"), "^([a-zA-Z0-9]+)$");
+ /* ==================================================== */
+
+--- cacti-0.8.7e/include/top_graph_header.php 2009-06-28 12:07:11.000000000 -0400
++++ cacti-0.8.7e-patched/include/top_graph_header.php 2009-11-21 23:15:27.000000000 -0500
+@@ -58,7 +58,7 @@
+ if ($_SESSION["custom"]) {
+ print "\r\n";
+ }else{
+- print "\r\n";
++ print "\r\n";
+ }
+ }
+ ?>
+@@ -113,7 +113,7 @@
+
+
+
+-
++ |
+
+
+
+--- cacti-0.8.7e/lib/html_form.php 2009-06-28 12:07:11.000000000 -0400
++++ cacti-0.8.7e-patched/lib/html_form.php 2009-11-21 23:15:40.000000000 -0500
+@@ -235,13 +235,21 @@
+
+ if (sizeof($items) > 0) {
+ foreach ($items as $item) {
+- print $item["name"] . " ";
++ print htmlspecialchars($item["name"],ENT_QUOTES) . " ";
+ }
+ }
+
+ break;
++ case 'font':
++ form_font_box($field_name, $field_array["value"],
++ ((isset($field_array["default"])) ? $field_array["default"] : ""),
++ $field_array["max_length"],
++ ((isset($field_array["size"])) ? $field_array["size"] : "40"), "text",
++ ((isset($field_array["form_id"])) ? $field_array["form_id"] : ""));
++
++ break;
+ default:
+- print "" . $field_array["value"] . "";
++ print "" . htmlspecialchars($field_array["value"],ENT_QUOTES) . "";
+
+ form_hidden_box($field_name, $field_array["value"], "");
+
+@@ -384,7 +392,7 @@
+ $form_previous_value = $form_default_value;
+ }
+
+- print "\n";
++ print "\n";
+ }
+
+ /* form_dropdown - draws a standard html dropdown box
+@@ -568,7 +576,7 @@
+ }
+ }
+
+- print ">". $array_display[$id];
++ print ">". htmlspecialchars($array_display[$id],ENT_QUOTES);
+ print "\n";
+ }
+
+@@ -627,6 +635,65 @@
+ print "\n";
+ }
+
++/* form_font_box - draws a standard html textbox and provides status of a fonts existence
++ @arg $form_name - the name of this form element
++ @arg $form_previous_value - the current value of this form element
++ @arg $form_default_value - the value of this form element to use if there is
++ no current value available
++ @arg $form_max_length - the maximum number of characters that can be entered
++ into this textbox
++ @arg $form_size - the size (width) of the textbox
++ @arg $type - the type of textbox, either 'text' or 'password'
++ @arg $current_id - used to determine if a current value for this form element
++ exists or not. a $current_id of '0' indicates that no current value exists,
++ a non-zero value indicates that a current value does exist */
++function form_font_box($form_name, $form_previous_value, $form_default_value, $form_max_length, $form_size = 30, $type = "text", $current_id = 0) {
++ if (($form_previous_value == "") && (empty($current_id))) {
++ $form_previous_value = $form_default_value;
++ }
++
++ print " [" . "ERROR: FONT NOT FOUND" . "]";
++ } else {
++ $extra_data = " [" . "OK: FONT FOUND" . "]";
++ }
++ } elseif (read_config_option("rrdtool_version") == "rrd-1.0.x" ||
++ read_config_option("rrdtool_version") == "rrd-1.2.x") { # rrdtool 1.0 and 1.2 use font files
++ if (is_file($form_previous_value)) {
++ $extra_data = " [" . "OK: FILE FOUND" . "]";
++ }else if (is_dir($form_previous_value)) {
++ $extra_data = " [" . "ERROR: IS DIR" . "]";
++ }else{
++ $extra_data = " [" . "ERROR: FILE NOT FOUND" . "]";
++ }
++ } # will be used for future versions of rrdtool
++ }
++
++ print " id='$form_name' name='$form_name' size='$form_size'" . (!empty($form_max_length) ? " maxlength='$form_max_length'" : "") . " value='" . htmlspecialchars($form_previous_value, ENT_QUOTES) . "'>" . $extra_data;
++}
++
+ /* form_confirm - draws a table presenting the user with some choice and allowing
+ them to either proceed (delete) or cancel
+ @arg $body_text - the text to prompt the user with on this form
+--- cacti-0.8.7e/lib/timespan_settings.php 2009-06-28 12:07:11.000000000 -0400
++++ cacti-0.8.7e-patched/lib/timespan_settings.php 2009-11-21 23:15:49.000000000 -0500
+@@ -125,9 +125,9 @@
+ if (isset($_POST["date1"])) {
+ /* the dates have changed, therefore, I am now custom */
+ if (($_SESSION["sess_current_date1"] != $_POST["date1"]) || ($_SESSION["sess_current_date2"] != $_POST["date2"])) {
+- $timespan["current_value_date1"] = $_POST["date1"];
++ $timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
+ $timespan["begin_now"] =strtotime($timespan["current_value_date1"]);
+- $timespan["current_value_date2"] = $_POST["date2"];
++ $timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
+ $timespan["end_now"]=strtotime($timespan["current_value_date2"]);
+ $_SESSION["sess_current_timespan"] = GT_CUSTOM;
+ $_SESSION["custom"] = 1;
+@@ -135,8 +135,8 @@
+ }else {
+ /* the default button wasn't pushed */
+ if (!isset($_POST["button_clear_x"])) {
+- $timespan["current_value_date1"] = $_POST["date1"];
+- $timespan["current_value_date2"] = $_POST["date2"];
++ $timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
++ $timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
+ $timespan["begin_now"] = $_SESSION["sess_current_timespan_begin_now"];
+ $timespan["end_now"] = $_SESSION["sess_current_timespan_end_now"];
+
diff --git a/snmp_invalid_response.patch b/snmp_invalid_response.patch
new file mode 100644
index 0000000..5b2dd20
--- /dev/null
+++ b/snmp_invalid_response.patch
@@ -0,0 +1,25 @@
+--- ../tags/0.8.7e/include/global_arrays.php 2009-06-28 12:34:31.000000000 -0400
++++ 0.8.7/include/global_arrays.php 2009-08-18 20:04:44.000000000 -0400
+@@ -174,6 +174,10 @@
+ "DES" => "DES (default)",
+ "AES128" => "AES");
+
++$banned_snmp_strings = array(
++ "End of MIB",
++ "No Such");
++
+ $logfile_options = array(1 =>
+ "Logfile Only",
+ "Logfile and Syslog/Eventlog",
+--- ../tags/0.8.7e/lib/snmp.php 2009-06-28 12:34:30.000000000 -0400
++++ 0.8.7/lib/snmp.php 2009-08-18 20:04:44.000000000 -0400
+@@ -27,9 +27,6 @@
+ define("SNMP_METHOD_PHP", 1);
+ define("SNMP_METHOD_BINARY", 2);
+
+-/* declare once, use many times */
+-$banned_snmp_strings = array("End of MIB", "No Such");
+-
+ /* we must use an apostrophe to escape community names under Unix in case the user uses
+ characters that the shell might interpret. the ucd-snmp binaries on Windows flip out when
+ you do this, but are perfectly happy with a quotation mark. */
diff --git a/sql_injection_template_export.patch b/sql_injection_template_export.patch
new file mode 100644
index 0000000..397990c
--- /dev/null
+++ b/sql_injection_template_export.patch
@@ -0,0 +1,13 @@
+--- cacti-0.8.7e/templates_export.php 2009-06-28 12:07:11.000000000 -0400
++++ cacti-fixed/templates_export.php 2010-04-17 14:08:42.000000000 -0400
+@@ -49,6 +49,10 @@
+ function form_save() {
+ global $export_types;
+
++ /* ================= input validation ================= */
++ input_validate_input_number(get_request_var_post("export_item_id"));
++ /* ==================================================== */
++
+ if (isset($_POST["save_component_export"])) {
+ $xml_data = get_item_xml($_POST["export_type"], $_POST["export_item_id"], (((isset($_POST["include_deps"]) ? $_POST["include_deps"] : "") == "") ? false : true));
+
diff --git a/template_duplication.patch b/template_duplication.patch
new file mode 100644
index 0000000..cd6ff4b
--- /dev/null
+++ b/template_duplication.patch
@@ -0,0 +1,234 @@
+diff -ruBbd 0.8.7e/cli/repair_templates.php 0.8.7/cli/repair_templates.php
+--- 0.8.7e/cli/repair_templates.php 2009-08-18 22:03:22.000000000 -0400
++++ 0.8.7/cli/repair_templates.php 2009-08-20 07:43:54.000000000 -0400
+@@ -0,0 +1,135 @@
++This script is only meant to run at the command line.");
++}
++
++$no_http_headers = true;
++
++include(dirname(__FILE__) . "/../include/global.php");
++include_once("../lib/utility.php");
++include_once("../lib/template.php");
++
++/* process calling arguments */
++$parms = $_SERVER["argv"];
++array_shift($parms);
++
++$execute = FALSE;
++
++foreach($parms as $parameter) {
++ @list($arg, $value) = @explode("=", $parameter);
++
++ switch ($arg) {
++ case "--execute":
++ $execute = TRUE;
++ break;
++ case "-h":
++ case "-v":
++ case "-V":
++ case "--version":
++ case "--help":
++ display_help();
++ exit;
++ default:
++ print "ERROR: Invalid Parameter " . $parameter . "\n\n";
++ display_help();
++ exit;
++ }
++}
++
++if ($execute) {
++ echo "NOTE: Repairing All Duplicated Templates\n";
++} else {
++ echo "NOTE: Performing Check of Templates\n";
++}
++
++/* repair data templates first */
++if ($execute) {
++ echo "NOTE: Repairing Data Templates\n";
++} else {
++ echo "NOTE: Performing Check of Data Templates\n";
++}
++
++$damaged_template_ids = db_fetch_assoc("SELECT DISTINCT data_template_id FROM data_template_rrd WHERE hash='' AND local_data_id=0");
++if (sizeof($damaged_template_ids)) {
++ foreach($damaged_template_ids as $id) {
$template_name = db_fetch_cell("SELECT name FROM data_template WHERE id=" . $id["data_template_id"]);
++ echo "NOTE: Data Template '$template_name' is Damaged and can be repaired\n";
++ }
++
++ $damaged_templates = db_fetch_assoc("SELECT * FROM data_template_rrd WHERE hash='' AND local_data_id=0");
++ if (sizeof($damaged_templates)) {
++ echo "NOTE: -- Damaged Data Templates Objects Found is '" . sizeof($damaged_templates) . "'\n";
++ if ($execute) {
++ foreach($damaged_templates as $template) {
++ $hash = get_hash_data_template($template["local_data_template_rrd_id"], "data_template_item");
++ db_execute("UPDATE data_template_rrd SET hash='$hash' WHERE id=" . $template["id"]);
++ }
++ }
++ }
++} else {
++ echo "NOTE: No Damaged Data Templates Found\n";
++}
++
++/* reset the array */
++$damaged_templates = array();
++
++/* repair graph templates */
++if ($execute) {
++ echo "NOTE: Repairing Graph Templates\n";
++} else {
++ echo "NOTE: Performing Check of Graph Templates\n";
++}
++
++$damaged_template_ids = db_fetch_assoc("SELECT DISTINCT graph_template_id FROM graph_template_input WHERE hash=''");
++if (sizeof($damaged_template_ids)) {
++ foreach($damaged_template_ids as $id) {
++ $template_name = db_fetch_cell("SELECT name FROM graph_templates WHERE id=" . $id["graph_template_id"]);
++ echo "NOTE: Graph Template '$template_name' is Damaged and can be repaired\n";
++ }
++
++ $damaged_templates = db_fetch_assoc("SELECT * FROM graph_template_input WHERE hash=''");
++ if (sizeof($damaged_templates)) {
++ echo "NOTE: -- Damaged Graph Templates Objects Found is '" . sizeof($damaged_templates) . "'\n";
++ if ($execute) {
++ foreach($damaged_templates as $template) {
++ $hash = get_hash_graph_template(0, "graph_template_input");
++ db_execute("UPDATE graph_template_input SET hash='$hash' WHERE id=" . $template["id"]);
++ }
++ }
++ }
++} else {
++ echo "NOTE: No Damaged Graph Templates Found\n";
++}
++
++
++/* display_help - displays the usage of the function */
++function display_help () {
++ print "Cacti Database Template Repair Tool v1.0, Copyright 2004-2009 - The Cacti Group\n\n";
++ print "usage: repair_templates.php --execute [--help]\n\n";
++ print "--execute - Perform the repair\n";
++ print "--help - display this help message\n";
++}
++?>
+diff -ruBbd 0.8.7e/docs/README 0.8.7/docs/README
+--- 0.8.7e/docs/README 2009-08-18 21:57:30.000000000 -0400
++++ 0.8.7/docs/README 2009-08-18 21:58:09.000000000 -0400
+@@ -90,6 +90,9 @@
+ table
+ poller_reindex_hosts.php - Cause data query reindex on hosts
+ rebuild_poller_cache.php - Rebuilds the poller cache
++ repair_templates.php - Certain templates, when created using the "duplicate"
++ function in Cacti, do not import/export well. This utility repairs
++ those templates.
+
+
+
+diff -ruBbd 0.8.7e/lib/export.php 0.8.7/lib/export.php
+--- 0.8.7e/lib/export.php 2009-08-18 21:56:47.000000000 -0400
++++ 0.8.7/lib/export.php 2009-08-18 21:57:50.000000000 -0400
+@@ -811,7 +811,9 @@
+ }
+
+ function xml_character_encode($text) {
+-
++ if (function_exists("htmlspecialchars")) {
++ return htmlspecialchars($text, ENT_QUOTES, "UTF-8");
++ } else {
+ $text = str_replace("&", "&", $text);
+ $text = str_replace(">", ">", $text);
+ $text = str_replace("<", "<", $text);
+@@ -819,6 +821,7 @@
+ $text = str_replace("\'", "'", $text);
+
+ return $text;
++ }
+ }
+
+ ?>
+diff -ruBbd 0.8.7e/lib/import.php 0.8.7/lib/import.php
+--- 0.8.7e/lib/import.php 2009-08-18 21:56:59.000000000 -0400
++++ 0.8.7/lib/import.php 2009-08-18 21:57:55.000000000 -0400
+@@ -36,10 +36,6 @@
+ return $info_array;
+ }
+
+- if (isset($xml_array["name"])) {
+- $xml_array["name"] = htmlspecialchars($xml_array["name"]);
+- }
+-
+ while (list($hash, $hash_array) = each($xml_array)) {
+ /* parse information from the hash */
+ $parsed_hash = parse_xml_hash($hash);
+@@ -115,7 +111,7 @@
+ $_graph_template_id = db_fetch_cell("select id from graph_templates where hash='$hash'");
+ $save["id"] = (empty($_graph_template_id) ? "0" : $_graph_template_id);
+ $save["hash"] = $hash;
+- $save["name"] = htmlspecialchars($xml_array["name"]);
++ $save["name"] = $xml_array["name"];
+ $graph_template_id = sql_save($save, "graph_templates");
+
+ $hash_cache["graph_template"][$hash] = $graph_template_id;
+@@ -914,9 +910,13 @@
+ }
+
+ function xml_character_decode($text) {
++ if (function_exists("html_entity_decode")) {
++ return html_entity_decode($text, ENT_QUOTES, "UTF-8");
++ } else {
+ $trans_tbl = get_html_translation_table(HTML_ENTITIES);
+ $trans_tbl = array_flip($trans_tbl);
+ return strtr($text, $trans_tbl);
++ }
+ }
+
+ ?>
+diff -ruBbd 0.8.7e/lib/utility.php 0.8.7/lib/utility.php
+--- 0.8.7e/lib/utility.php 2009-08-18 21:57:08.000000000 -0400
++++ 0.8.7/lib/utility.php 2009-08-18 21:58:00.000000000 -0400
+@@ -346,6 +346,7 @@
+ $save["name"] = $graph_template_input["name"];
+ $save["description"] = $graph_template_input["description"];
+ $save["column_name"] = $graph_template_input["column_name"];
++ $save["hash"] = get_hash_graph_template(0, "graph_template_input");
+
+ $graph_template_input_id = sql_save($save, "graph_template_input");
+
+@@ -436,6 +437,11 @@
+ $save["local_data_id"] = (isset($local_data_id) ? $local_data_id : 0);
+ $save["local_data_template_rrd_id"] = (isset($data_template_rrd["local_data_template_rrd_id"]) ? $data_template_rrd["local_data_template_rrd_id"] : 0);
+ $save["data_template_id"] = (!empty($_local_data_id) ? $data_template_rrd["data_template_id"] : $data_template_id);
++ if ($save["local_data_id"] == 0) {
++ $save["hash"] = get_hash_data_template($data_template_rrd["local_data_template_rrd_id"], "data_template_item");
++ } else {
++ $save["hash"] = '';
++ }
+
+ while (list($field, $array) = each($struct_data_source_item)) {
+ $save{$field} = $data_template_rrd{$field};
|