mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
6e76f1d8e776c76282ed8a5799e7bdc27bc15fda
librenms-librenms/includes/html/graphs/storage/usage.inc.php
Tony Murray 36431dd296 Security fix: unauthorized access (#10091) 
* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)

Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input

* git mv html/includes/ includes/html
git mv html/pages/ includes/html/
2019-04-11 23:26:42 -05:00

53 lines
1.7 KiB
PHP
Raw Blame History

<?php
$scale_min = '0';
$scale_max = '100';
require 'includes/html/graphs/common.inc.php';
$rrd_options .= ' -b 1024';
$iter = '1';
$rrd_options .= " COMMENT:' Size Free % Used\\n'";
$hostname = gethostbyid($storage['device_id']);
$colour = 'CC0000';
$colour_area = 'ffaaaa';
$descr = rrdtool_escape($storage['storage_descr'], 12);
$percentage = round($storage['storage_perc'], 0);
$background = get_percentage_colours($percentage, $storage['storage_perc_warn']);
$rrd_options .= " DEF:used=$rrd_filename:used:AVERAGE";
$rrd_options .= " DEF:free=$rrd_filename:free:AVERAGE";
$rrd_options .= ' CDEF:size=used,free,+';
$rrd_options .= ' CDEF:perc=used,size,/,100,*';
$rrd_options .= ' AREA:perc#'.$background['right'].':';
$rrd_options .= ' LINE1.25:perc#'.$background['left'].":'$descr'";
$rrd_options .= ' GPRINT:size:LAST:%6.2lf%sB';
$rrd_options .= ' GPRINT:free:LAST:%6.2lf%sB';
$rrd_options .= " GPRINT:perc:LAST:%5.2lf%%\\n";
if ($_GET['previous']) {
$descr = rrdtool_escape('Prev '.$storage['storage_descr'], 12);
$colour = '99999999';
$colour_area = '66666666';
$rrd_options .= " DEF:usedX=$rrd_filename:used:AVERAGE:start=".$prev_from.':end='.$from;
$rrd_options .= " DEF:freeX=$rrd_filename:free:AVERAGE:start=".$prev_from.':end='.$from;
$rrd_options .= " SHIFT:usedX:$period";
$rrd_options .= " SHIFT:freeX:$period";
$rrd_options .= ' CDEF:sizeX=usedX,freeX,+';
$rrd_options .= ' CDEF:percX=usedX,sizeX,/,100,*';
$rrd_options .= ' AREA:percX#'.$colour_area.':';
$rrd_options .= ' LINE1.25:percX#'.$colour.":'$descr'";
$rrd_options .= ' GPRINT:sizeX:LAST:%6.2lf%sB';
$rrd_options .= ' GPRINT:freeX:LAST:%6.2lf%sB';
$rrd_options .= " GPRINT:percX:LAST:%5.2lf%%\\n";
}
Reference in New Issue View Git Blame Copy Permalink