From e9d7d74b726271dbbc8af8b38595da0185e04ed3 Mon Sep 17 00:00:00 2001 From: laf Date: Wed, 1 Jul 2015 21:35:37 +0100 Subject: [PATCH] Fixed issue with name not being set + some validation around this --- html/includes/api_functions.inc.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/html/includes/api_functions.inc.php b/html/includes/api_functions.inc.php index d2e9f3061c..a3593e684e 100644 --- a/html/includes/api_functions.inc.php +++ b/html/includes/api_functions.inc.php @@ -567,6 +567,10 @@ function add_edit_rule() { if(empty($rule)) { $message = 'Missing the alert rule'; } + $name = mres($data['name']); + if (empty($name)) { + $message = 'Missing the alert rule name'; + } $severity = mres($data['severity']); $sevs = array("ok","warning","critical"); if(!in_array($severity, $sevs)) { @@ -590,15 +594,19 @@ function add_edit_rule() { $extra = array('mute'=>$mute,'count'=>$count,'delay'=>$delay_sec); $extra_json = json_encode($extra); + if (dbFetchCell("SELECT `name` FROM `alert_rules` WHERE `name`=?",array($name)) == $name) { + $message = 'Name has already been used'; + } + if(empty($message)) { if(is_numeric($rule_id)) { - if( dbUpdate(array('rule' => $rule,'severity'=>$severity,'disabled'=>$disabled,'extra'=>$extra_json), 'alert_rules', 'id=?',array($rule_id)) >= 0) { + if( dbUpdate(array('name' => $name, 'rule' => $rule,'severity'=>$severity,'disabled'=>$disabled,'extra'=>$extra_json), 'alert_rules', 'id=?',array($rule_id)) >= 0) { $status = 'ok'; $code = 200; } else { $message = 'Failed to update existing alert rule'; } - } elseif( dbInsert(array('device_id'=>$device_id,'rule'=>$rule,'severity'=>$severity,'disabled'=>$disabled,'extra'=>$extra_json),'alert_rules') ) { + } elseif( dbInsert(array('name' => $name, 'device_id'=>$device_id,'rule'=>$rule,'severity'=>$severity,'disabled'=>$disabled,'extra'=>$extra_json),'alert_rules') ) { $status = 'ok'; $code = 200; } else {