authentication check on the map file now

git-svn-id: http://www.observium.org/svn/observer/trunk@641 61d68cd4-352d-0410-923a-c4978735b2b8
2024-10-07 16:52:45 +00:00 · 2010-01-09 18:28:02 +00:00
parent 73708aeb58
commit ebd8fb0cf4
1 changed files with 54 additions and 47 deletions
--- a/html/map.php
+++ b/html/map.php
@@ -2,8 +2,8 @@

 include("../config.php");
 include("../includes/functions.php");
+include("includes/authenticate.inc");

-#FIXME no auth on thie file??
 if ($_GET['device']) { $where = "WHERE device_id = ".$_GET['device']; } else { $where = ""; }
 $deviceresult = mysql_query("SELECT * from devices $where");

@@ -17,71 +17,78 @@ if (preg_match("/^[a-z]*$/", $_GET['format']))

 ";

-  while ($device = mysql_fetch_array($deviceresult))
+  if(!$_SESSION['authenticated']) 
  {
-    if($device)
+    $map .= "\"Not authenticated\" [fontsize=20 fillcolor=\"lightblue\" URL=\"/\" shape=box3d]\n";
+  }
+  else
+  {
+    while ($device = mysql_fetch_array($deviceresult))
    {
-      $sql = "SELECT * from interfaces AS I, links AS L WHERE I.device_id = ".$device['device_id']." AND L.src_if = I.interface_id";
-      $links = mysql_query($sql);
-
-      if (mysql_num_rows($links))
+      if($device)
      {
-        $map .= "\"".$device['hostname']."\" [fontsize=20 fillcolor=\"lightblue\" URL=\"/device/".$device['device_id']."/map/\" shape=box3d]\n";
-      }
+        $sql = "SELECT * from interfaces AS I, links AS L WHERE I.device_id = ".$device['device_id']." AND L.src_if = I.interface_id";
+        $links = mysql_query($sql);

-      while($link = mysql_fetch_array($links)) 
-      {
-        $src_if = $link['src_if'];
-        $dst_if = $link['dst_if'];
-
-        $i = 0; $done = 0;
-        while ($i < count($linkdone)) 
+        if (mysql_num_rows($links))
        {
-          $thislink = "$dst_if $src_if";
-          if ($linkdone[$i] == $thislink) { $done = 1; }
-          $i++;
+          $map .= "\"".$device['hostname']."\" [fontsize=20 fillcolor=\"lightblue\" URL=\"/device/".$device['device_id']."/map/\" shape=box3d]\n";
        }

-        if(!$done) 
+        while($link = mysql_fetch_array($links)) 
        {
-          $linkdone[] = "$src_if $dst_if";
+          $src_if = $link['src_if'];
+          $dst_if = $link['dst_if'];

-          if($link['ifSpeed'] >= "10000000000") 
+          $i = 0; $done = 0;
+          while ($i < count($linkdone)) 
          {
-            $info = "color=lightred style=\"setlinewidth(8)\"";
-          } elseif ($link['ifSpeed'] >= "1000000000") {
-            $info = "color=lightblue style=\"setlinewidth(4)\"";
-          } elseif ($link['ifSpeed'] >= "100000000") {
-            $info = "color=lightgrey style=\"setlinewidth(2)\"";
-          } elseif ($link['ifSpeed'] >= "10000000") {
-            $info = "style=\"setlinewidth(1)\"";
-          } else {
-            $info = "style=\"setlinewidth(1)\"";
+            $thislink = "$dst_if $src_if";
+            if ($linkdone[$i] == $thislink) { $done = 1; }
+            $i++;
          }

-          $src = $device['hostname'];
-          $dst = mysql_result(mysql_query("SELECT `hostname` FROM `devices` AS D, `interfaces` AS I WHERE I.interface_id = '$dst_if'  AND D.device_id = I.device_id"),0);
-          $dst_host = mysql_result(mysql_query("SELECT D.device_id FROM `devices` AS D, `interfaces` AS I WHERE I.interface_id = '$dst_if'  AND D.device_id = I.device_id"),0);
+          if(!$done) 
+          {
+            $linkdone[] = "$src_if $dst_if";

-          $sif = ifNameDescr(mysql_fetch_array(mysql_query("SELECT * FROM interfaces WHERE `interface_id`=" . $link['src_if'])),$device);
-          $dif = ifNameDescr(mysql_fetch_array(mysql_query("SELECT * FROM interfaces WHERE `interface_id`=" . $link['dst_if'])));
+            if($link['ifSpeed'] >= "10000000000") 
+            {
+              $info = "color=lightred style=\"setlinewidth(8)\"";
+            } elseif ($link['ifSpeed'] >= "1000000000") {
+              $info = "color=lightblue style=\"setlinewidth(4)\"";
+            } elseif ($link['ifSpeed'] >= "100000000") {
+              $info = "color=lightgrey style=\"setlinewidth(2)\"";
+            } elseif ($link['ifSpeed'] >= "10000000") {
+              $info = "style=\"setlinewidth(1)\"";
+            } else {
+              $info = "style=\"setlinewidth(1)\"";
+            }

-          $map .= "\"" . $sif['interface_id'] . "\" [label=\"" . $sif['label'] . "\", fontsize=12, fillcolor=lightblue URL=\"/device/".$device['device_id']."/interface/$src_if/\"]\n";
-          $map .= "\"$src\" -> \"" . $sif['interface_id'] . "\" [weight=500000, arrowsize=0, len=0];\n";
+            $src = $device['hostname'];
+            $dst = mysql_result(mysql_query("SELECT `hostname` FROM `devices` AS D, `interfaces` AS I WHERE I.interface_id = '$dst_if'  AND D.device_id = I.device_id"),0);
+            $dst_host = mysql_result(mysql_query("SELECT D.device_id FROM `devices` AS D, `interfaces` AS I WHERE I.interface_id = '$dst_if'  AND D.device_id = I.device_id"),0);

-          $map .= "\"$dst\" [URL=\"/device/$dst_host/map/\" fontsize=20 shape=box3d]\n";
+            $sif = ifNameDescr(mysql_fetch_array(mysql_query("SELECT * FROM interfaces WHERE `interface_id`=" . $link['src_if'])),$device);
+            $dif = ifNameDescr(mysql_fetch_array(mysql_query("SELECT * FROM interfaces WHERE `interface_id`=" . $link['dst_if'])));

-          if($dst_host == $device['device_id']) {
-            $map .= "\"" . $dif['interface_id'] . "\" [label=\"" . $dif['label'] . "\", fontsize=12, fillcolor=lightblue, URL=\"/device/$dst_host/interface/$dst_if/\"]\n";
-          } else {
-            $map .= "\"" . $dif['interface_id'] . "\" [label=\"" . $dif['label'] . " \", fontsize=12, fillcolor=lightgray, URL=\"/device/$dst_host/interface/$dst_if/\"]\n";
+            $map .= "\"" . $sif['interface_id'] . "\" [label=\"" . $sif['label'] . "\", fontsize=12, fillcolor=lightblue URL=\"/device/".$device['device_id']."/interface/$src_if/\"]\n";
+            $map .= "\"$src\" -> \"" . $sif['interface_id'] . "\" [weight=500000, arrowsize=0, len=0];\n";
+
+            $map .= "\"$dst\" [URL=\"/device/$dst_host/map/\" fontsize=20 shape=box3d]\n";
+
+            if($dst_host == $device['device_id']) {
+              $map .= "\"" . $dif['interface_id'] . "\" [label=\"" . $dif['label'] . "\", fontsize=12, fillcolor=lightblue, URL=\"/device/$dst_host/interface/$dst_if/\"]\n";
+            } else {
+              $map .= "\"" . $dif['interface_id'] . "\" [label=\"" . $dif['label'] . " \", fontsize=12, fillcolor=lightgray, URL=\"/device/$dst_host/interface/$dst_if/\"]\n";
+            }
+
+            $map .= "\"" . $dif['interface_id'] . "\" -> \"$dst\" [weight=500000, arrowsize=0, len=0];\n";
+            $map .= "\"" . $sif['interface_id'] . "\" -> \"" . $dif['interface_id'] . "\" [weight=1, arrowhead=normal, arrowtail=normal, len=2, $info] \n";
          }
-
-          $map .= "\"" . $dif['interface_id'] . "\" -> \"$dst\" [weight=500000, arrowsize=0, len=0];\n";
-          $map .= "\"" . $sif['interface_id'] . "\" -> \"" . $dif['interface_id'] . "\" [weight=1, arrowhead=normal, arrowtail=normal, len=2, $info] \n";
        }
+        $done = 0;
      }
-      $done = 0;
    }
  }