mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
19a82e150004864ced7813c93a236de49c971867
librenms-librenms/html/ajax_search.php
Joseph Tingiris 13c6309e81 ajax_search.php: Fix & amend broken $num_ports query on line 83 (#11013) 
* When searching from the web interface, librenms produces
production.ERROR SQLSTATE: Column not found: 1054 Unknown column
'$perms_sql' in 'where clause'

* Above feeds resources/views/layouts/menu.blade.php which, because
of the failed query, has no device_ports as a value. Thus the search
results do not produce the expected 'name ... device with X port(s)'

* As well, the previous query did not exclude deleted and ignored
ports. Therefore, the value for X port(s) was incorrect and did not
correspond to the device's ports screen.
2020-01-08 17:54:23 -06:00

324 lines
16 KiB
PHP
Raw Blame History

<?php
$init_modules = array('web', 'auth');
require realpath(__DIR__ . '/..') . '/includes/init.php';
if (!Auth::check()) {
die('Unauthorized');
}
set_debug($_REQUEST['debug']);
$device = array();
$ports = array();
$bgp = array();
$limit = (int)\LibreNMS\Config::get('webui.global_search_result_limit');
if (isset($_REQUEST['search'])) {
$search = mres($_REQUEST['search']);
header('Content-type: application/json');
if (strlen($search) > 0) {
$found = 0;
if (!Auth::user()->hasGlobalRead()) {
$device_ids = Permissions::devicesForUser()->toArray() ?: [0];
$perms_sql = "`D`.`device_id` IN " .dbGenPlaceholders(count($device_ids));
} else {
$device_ids = [];
$perms_sql = "1";
}
if ($_REQUEST['type'] == 'group') {
foreach (dbFetchRows("SELECT id,name FROM device_groups WHERE name LIKE ?", ["%$search%"]) as $group) {
if ($_REQUEST['map']) {
$results[] = array(
'name' => 'g:'.$group['name'],
'group_id' => $group['id'],
);
} else {
$results[] = array('name' => $group['name']);
}
}
die(json_encode($results));
} elseif ($_REQUEST['type'] == 'alert-rules') {
foreach (dbFetchRows("SELECT name FROM alert_rules WHERE name LIKE ?", ["%$search%"]) as $rules) {
$results[] = array('name' => $rules['name']);
}
die(json_encode($results));
} elseif ($_REQUEST['type'] == 'device') {
// Device search
if (Auth::user()->hasGlobalRead()) {
$results = dbFetchRows(
"SELECT * FROM `devices` LEFT JOIN `locations` ON `locations`.`id` = `devices`.`location_id` WHERE `devices`.`hostname` LIKE ? OR `locations`.`location` LIKE ? OR `devices`.`sysName` LIKE ? OR `devices`.`purpose` LIKE ? OR `devices`.`notes` LIKE ? ORDER BY `devices`.hostname LIMIT ?",
["%$search%", "%$search%", "%$search%", "%$search%", "%$search%", $limit]
);
} else {
$results = dbFetchRows(
"SELECT * FROM `devices` AS `D` LEFT JOIN `locations` ON `locations`.`id` = `D`.`location_id` WHERE $perms_sql AND (D.`hostname` LIKE ? OR D.`sysName` LIKE ? OR `locations`.`location` LIKE ?) ORDER BY hostname LIMIT ?",
array_merge($device_ids, ["%$search%", "%$search%", "%$search%", $limit])
);
}
if (count($results)) {
$found = 1;
$devices = count($results);
foreach ($results as $result) {
$name = $result['hostname'];
if ($_REQUEST['map'] != 1 && $result['sysName'] != $name && !empty($result['sysName'])) {
$name .= ' ('.$result['sysName'].') ';
}
if ($result['disabled'] == 1) {
$highlight_colour = '#808080';
} elseif ($result['ignored'] == 1 && $result['disabled'] == 0) {
$highlight_colour = '#000000';
} elseif ($result['status'] == 0 && $result['ignore'] == 0 && $result['disabled'] == 0) {
$highlight_colour = '#ff0000';
} elseif ($result['status'] == 1 && $result['ignore'] == 0 && $result['disabled'] == 0) {
$highlight_colour = '#008000';
}
$num_ports = dbFetchCell('SELECT COUNT(*) FROM `ports` AS `I`, `devices` AS `D` WHERE ' . $perms_sql . ' AND `I`.`device_id` = `D`.`device_id` AND `I`.`ignore` = 0 AND `I`.`deleted` = 0 AND `D`.`device_id` = ?', array_merge($device_ids, [$result['device_id']]));
$device[] = array(
'name' => $name,
'device_id' => $result['device_id'],
'url' => generate_device_url($result),
'colours' => $highlight_colour,
'device_ports' => $num_ports,
'device_image' => getIcon($result),
'device_hardware' => $result['hardware'],
'device_os' => \LibreNMS\Config::getOsSetting($result['os'], 'text'),
'version' => $result['version'],
'location' => $result['location'],
);
}//end foreach
}//end if
$json = json_encode($device);
die($json);
} elseif ($_REQUEST['type'] == 'ports') {
// Search ports
if (Auth::user()->hasGlobalRead()) {
$results = dbFetchRows(
"SELECT `ports`.*,`devices`.* FROM `ports` LEFT JOIN `devices` ON `ports`.`device_id` = `devices`.`device_id` WHERE `ifAlias` LIKE ? OR `ifDescr` LIKE ? OR `ifName` LIKE ? ORDER BY ifDescr LIMIT ?",
["%$search%", "%$search%", "%$search%", $limit]
);
} else {
$results = dbFetchRows(
"SELECT DISTINCT(`I`.`port_id`), `I`.*, `D`.`hostname` FROM `ports` AS `I`, `devices` AS `D` WHERE $perms_sql AND `D`.`device_id` = `I`.`device_id` AND (`ifAlias` LIKE ? OR `ifDescr` LIKE ? OR `ifName` LIKE ?) ORDER BY ifDescr LIMIT ?",
array_merge($device_ids, ["%$search%", "%$search%", "%$search%", $limit])
);
}
if (count($results)) {
$found = 1;
foreach ($results as $result) {
$name = $result['ifDescr'] == $result['ifAlias'] ? $result['ifName'] : $result['ifDescr'];
$description = display($result['ifAlias']);
if ($result['deleted'] == 0 && ($result['ignore'] == 0 || $result['ignore'] == 0) && ($result['ifInErrors_delta'] > 0 || $result['ifOutErrors_delta'] > 0)) {
// Errored ports
$port_colour = '#ffa500';
} elseif ($result['deleted'] == 0 && ($result['ignore'] == 1 || $result['ignore'] == 1)) {
// Ignored ports
$port_colour = '#000000';
} elseif ($result['deleted'] == 0 && $result['ifAdminStatus'] == 'down' && $result['ignore'] == 0 && $result['ignore'] == 0) {
// Shutdown ports
$port_colour = '#808080';
} elseif ($result['deleted'] == 0 && $result['ifOperStatus'] == 'down' && $result['ifAdminStatus'] == 'up' && $result['ignore'] == 0 && $result['ignore'] == 0) {
// Down ports
$port_colour = '#ff0000';
} elseif ($result['deleted'] == 0 && $result['ifOperStatus'] == 'up' && $result['ignore'] == 0 && $result['ignore'] == 0) {
// Up ports
$port_colour = '#008000';
}//end if
$ports[] = array(
'count' => count($results),
'url' => generate_port_url($result),
'name' => $name,
'description' => $description,
'colours' => $port_colour,
'hostname' => format_hostname($result),
'port_id' => $result['port_id'],
);
}//end foreach
}//end if
$json = json_encode($ports);
die($json);
} elseif ($_REQUEST['type'] == 'bgp') {
// Search bgp peers
$results = dbFetchRows(
"SELECT `bgpPeers`.*,`D`.* FROM `bgpPeers`, `devices` AS `D` WHERE $perms_sql AND `bgpPeers`.`device_id`=`D`.`device_id` AND (`astext` LIKE ? OR `bgpPeerIdentifier` LIKE ? OR `bgpPeerRemoteAs` LIKE ?) ORDER BY `astext` LIMIT ?",
array_merge($device_ids, ["%$search%", "%$search%", "%$search%", $limit])
);
if (count($results)) {
$found = 1;
foreach ($results as $result) {
$name = $result['bgpPeerIdentifier'];
$description = $result['astext'];
$remoteas = $result['bgpPeerRemoteAs'];
$localas = $result['bgpLocalAs'];
if ($result['bgpPeerAdminStatus'] == 'start' && $result['bgpPeerState'] != 'established') {
// Session active but errored
$port_colour = '#ffa500';
} elseif ($result['bgpPeerAdminStatus'] != 'start') {
// Session inactive
$port_colour = '#000000';
} elseif ($result['bgpPeerAdminStatus'] == 'start' && $result['bgpPeerState'] == 'established') {
// Session Up
$port_colour = '#008000';
}
if ($result['bgpPeerRemoteAs'] == $result['bgpLocalAs']) {
$bgp_image = 'fa fa-square fa-lg icon-theme';
} else {
$bgp_image = 'fa fa-external-link-square fa-lg icon-theme';
}
$bgp[] = array(
'count' => count($results),
'url' => generate_peer_url($result),
'name' => $name,
'description' => $description,
'localas' => $localas,
'bgp_image' => $bgp_image,
'remoteas' => $remoteas,
'colours' => $port_colour,
'hostname' => format_hostname($result),
);
}//end foreach
}//end if
$json = json_encode($bgp);
die($json);
} elseif ($_REQUEST['type'] == 'applications') {
// Device search
$results = dbFetchRows(
"SELECT * FROM `applications` INNER JOIN `devices` AS `D` ON `D`.`device_id` = `applications`.`device_id` WHERE $perms_sql AND (`app_type` LIKE ? OR `hostname` LIKE ?) ORDER BY hostname LIMIT ?",
array_merge($device_ids, ["%$search%", "%$search%", $limit])
);
if (count($results)) {
$found = 1;
$devices = count($results);
foreach ($results as $result) {
$name = $result['app_type'];
if ($result['disabled'] == 1) {
$highlight_colour = '#808080';
} elseif ($result['ignored'] == 1 && $result['disabled'] == 0) {
$highlight_colour = '#000000';
} elseif ($result['status'] == 0 && $result['ignore'] == 0 && $result['disabled'] == 0) {
$highlight_colour = '#ff0000';
} elseif ($result['status'] == 1 && $result['ignore'] == 0 && $result['disabled'] == 0) {
$highlight_colour = '#008000';
}
$device[] = array(
'name' => $name,
'hostname' => format_hostname($result),
'app_id' => $result['app_id'],
'device_id' => $result['device_id'],
'colours' => $highlight_colour,
'device_image' => getIcon($result),
'device_hardware' => $result['hardware'],
'device_os' => \LibreNMS\Config::getOsSetting($result['os'], 'text'),
'version' => $result['version'],
'location' => $result['location'],
);
}//end foreach
}//end if
$json = json_encode($device);
die($json);
} elseif ($_REQUEST['type'] == 'munin') {
// Device search
$results = dbFetchRows(
"SELECT * FROM `munin_plugins` INNER JOIN `devices` AS `D` ON `D`.`device_id` = `munin_plugins`.`device_id` WHERE $perms_sql AND (`mplug_type` LIKE ? OR `mplug_title` LIKE ? OR `hostname` LIKE ?) ORDER BY hostname LIMIT ?",
array_merge($device_ids, ["%$search%", "%$search%", "%$search%", $limit])
);
if (count($results)) {
$found = 1;
$devices = count($results);
foreach ($results as $result) {
$name = $result['mplug_title'];
if ($result['disabled'] == 1) {
$highlight_colour = '#808080';
} elseif ($result['ignored'] == 1 && $result['disabled'] == 0) {
$highlight_colour = '#000000';
} elseif ($result['status'] == 0 && $result['ignore'] == 0 && $result['disabled'] == 0) {
$highlight_colour = '#ff0000';
} elseif ($result['status'] == 1 && $result['ignore'] == 0 && $result['disabled'] == 0) {
$highlight_colour = '#008000';
}
$device[] = array(
'name' => $name,
'hostname' => format_hostname($result),
'device_id' => $result['device_id'],
'colours' => $highlight_colour,
'device_image' => getIcon($result),
'device_hardware' => $result['hardware'],
'device_os' => \LibreNMS\Config::getOsSetting($result['os'], 'text'),
'version' => $result['version'],
'location' => $result['location'],
'plugin' => $result['mplug_type'],
);
}//end foreach
}//end if
$json = json_encode($device);
die($json);
} elseif ($_REQUEST['type'] == 'iftype') {
// Device search
$results = dbFetchRows(
"SELECT `ports`.ifType FROM `ports` WHERE $perms_sql AND `ifType` LIKE ? GROUP BY ifType ORDER BY ifType LIMIT ?",
array_merge($device_ids, ["%$search%", $limit])
);
if (count($results)) {
$found = 1;
$devices = count($results);
foreach ($results as $result) {
$device[] = array(
'filter' => $result['ifType'],
);
}//end foreach
}//end if
$json = json_encode($device);
die($json);
} elseif ($_REQUEST['type'] == 'bill') {
// Device search
if (Auth::user()->hasGlobalRead()) {
$results = dbFetchRows(
"SELECT `bills`.bill_id, `bills`.bill_name FROM `bills` WHERE `bill_name` LIKE ? OR `bill_notes` LIKE ? LIMIT ?",
["%$search%", "%$search%", $limit]
);
} else {
$results = dbFetchRows(
"SELECT `bills`.bill_id, `bills`.bill_name FROM `bills` INNER JOIN `bill_perms` ON `bills`.bill_id = `bill_perms`.bill_id WHERE `bill_perms`.user_id = ? AND (`bill_name` LIKE ? OR `bill_notes` LIKE ?) LIMIT ?",
[Auth::id(), "%$search%", "%$search%", $limit]
);
}
$json = json_encode($results);
die($json);
}//end if
}//end if
}//end if
Reference in New Issue View Git Blame Copy Permalink