Skip to content
Permalink
Browse files Browse the repository at this point in the history
Resolving Issue #877
Improving resolution to #847 and one additional vulnerability.
  • Loading branch information
cigamit committed Jul 26, 2017
1 parent cc47688 commit bd0e586
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 12 deletions.
1 change: 1 addition & 0 deletions docs/CHANGELOG
Expand Up @@ -2,6 +2,7 @@ Cacti CHANGELOG

1.1.16
-issue#875: When modifying Realm permissions, realms that are listed multiple times don't stay in sync
-issue#877: Improving resolution to issue#847 and one additional vulnerability
-issue: Address additional corner cases around get_order_string usage

1.1.15
Expand Down
6 changes: 3 additions & 3 deletions lib/html_form.php
Expand Up @@ -1113,8 +1113,8 @@ function form_confirm_buttons($action_url, $cancel_url) {
?>
<tr>
<td align='right'>
<input type='button' onClick='cactiReturnTo("<?php print htmlspecialchars($config['url_path'] . $cancel_url);?>")' value='<?php print __esc('Cancel');?>'>
<input type='button' onClick='cactiReturnTo("<?php print htmlspecialchars($config['url_path'] . $action_url . '&confirm=true');?>")' value='<?php print __esc('Delete');?>'>
<input type='button' onClick='cactiReturnTo("<?php print htmlspecialchars($config['url_path'] . $cancel_url, ENT_QUOTES);?>")' value='<?php print __esc('Cancel');?>'>
<input type='button' onClick='cactiReturnTo("<?php print htmlspecialchars($config['url_path'] . $action_url . '&confirm=true', ENT_QUOTES);?>")' value='<?php print __esc('Delete');?>'>
</td>
</tr>
<?php }
Expand Down Expand Up @@ -1150,7 +1150,7 @@ function form_save_button($cancel_url, $force_type = '', $key_field = 'id', $aja
}

if ($force_type != 'import' && $force_type != 'export' && $force_type != 'save' && $cancel_url != '') {
$cancel_action = "<input type='button' onClick='cactiReturnTo(\"" . htmlspecialchars($cancel_url) . "\")' value='" . $calt . "'>";
$cancel_action = "<input type='button' onClick='cactiReturnTo(\"" . htmlspecialchars($cancel_url, ENT_QUOTES) . "\")' value='" . $calt . "'>";
} else {
$cancel_action = '';
}
Expand Down
18 changes: 9 additions & 9 deletions spikekill.php
Expand Up @@ -43,7 +43,7 @@
if (is_realm_allowed(1043)) {
$local_data_ids = db_fetch_assoc_prepared('SELECT DISTINCT data_template_rrd.local_data_id
FROM graph_templates_item
LEFT JOIN data_template_rrd
LEFT JOIN data_template_rrd
ON graph_templates_item.task_item_id=data_template_rrd.id
WHERE graph_templates_item.local_graph_id = ?', array(get_filter_request_var('local_graph_id')));

Expand All @@ -57,20 +57,20 @@
cacti_log(read_config_option('path_php_binary') . ' -q ' . $config['base_path'] . '/cli/removespikes.php ' .
' -R=' . $data_source_path . (isset_request_var('dryrun') ? ' --dryrun' : '') .
(isset_request_var('method') ? ' -M=' . get_nfilter_request_var('method'):'') .
(isset_request_var('avgnan') ? ' -A=' . get_nfilter_request_var('avgnan'):'') .
(isset_request_var('outlier-start') ? ' --outlier-start=' . get_nfilter_request_var('outlier-start'):'') .
(isset_request_var('outlier-end') ? ' --outlier-end=' . get_nfilter_request_var('outlier-end'):'') .
' -U=' . $_SESSION['sess_user_id'] .
(isset_request_var('avgnan') ? ' -A=' . escapeshellarg(get_nfilter_request_var('avgnan')):'') .
(isset_request_var('outlier-start') ? ' --outlier-start=' . escapeshellarg(get_nfilter_request_var('outlier-start')):'') .
(isset_request_var('outlier-end') ? ' --outlier-end=' . escapeshellarg(get_nfilter_request_var('outlier-end')):'') .
' -U=' . $_SESSION['sess_user_id'] .
' --html', false);
}

$results .= shell_exec(read_config_option('path_php_binary') . ' -q ' . $config['base_path'] . '/cli/removespikes.php ' .
' -R=' . $data_source_path . (isset_request_var('dryrun') ? ' --dryrun' : '') .
(isset_request_var('method') ? ' -M=' . get_nfilter_request_var('method'):'') .
(isset_request_var('avgnan') ? ' -A=' . get_nfilter_request_var('avgnan'):'') .
(isset_request_var('outlier-start') ? ' --outlier-start=' . get_nfilter_request_var('outlier-start'):'') .
(isset_request_var('outlier-end') ? ' --outlier-end=' . get_nfilter_request_var('outlier-end'):'') .
' -U=' . $_SESSION['sess_user_id'] .
(isset_request_var('avgnan') ? ' -A=' . escapeshellarg(get_nfilter_request_var('avgnan')):'') .
(isset_request_var('outlier-start') ? ' --outlier-start=' . escapeshellarg(get_nfilter_request_var('outlier-start')):'') .
(isset_request_var('outlier-end') ? ' --outlier-end=' . escapeshellarg(get_nfilter_request_var('outlier-end')):'') .
' -U=' . $_SESSION['sess_user_id'] .
' --html');
}
}
Expand Down

0 comments on commit bd0e586

Please sign in to comment.