mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

security fixes to non-global users

Browse Source 
git-svn-id: http://www.observium.org/svn/observer/trunk@455 61d68cd4-352d-0410-923a-c4978735b2b8
This commit is contained in:
Adam Amstrong
2009-08-12 15:20:20 +00:00
parent 9a16c803e6
commit a0153126f1
6 changed files with 20 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
html/pages/syslog.php
View File

@@ -70,7 +70,14 @@ if($_POST['device']) {
$where .= " AND D.device_id = '".$_POST['device']."'";
}
$sql = "SELECT *, DATE_FORMAT(datetime, '%D %b %T') AS date from syslog AS S, devices AS D WHERE S.device_id = D.device_id $where ORDER BY datetime DESC LIMIT 1000";
if($_SESSION['userlevel'] >= '5') {
$sql = "SELECT *, DATE_FORMAT(datetime, '%D %b %T') AS date from syslog AS S, devices AS D
WHERE S.device_id = D.device_id $where ORDER BY datetime DESC LIMIT 1000";
} else {
$sql = "SELECT *, DATE_FORMAT(datetime, '%D %b %T') AS date from syslog AS S, devices AS D, devices_perms AS P
WHERE S.device_id = P.device_id AND P.user_id = " . $_SESSION['user_id'] . " AND S.device_id = D.device_id $where ORDER BY datetime DESC LIMIT 1000";
}
$query = mysql_query($sql);
echo("<table cellspacing=0 cellpadding=2 width=100%>");
while($entry = mysql_fetch_array($query)) { include("includes/print-syslog.inc"); }