11<?php
22
3+ include ("../../../include/config.php " );
4+
35$ action = isset ($ _GET ['action ' ]) ? $ _GET ['action ' ] : false ;
46$ bp_name = isset ($ _GET ['bp_name ' ]) ? $ _GET ['bp_name ' ] : false ;
57$ host_name = isset ($ _GET ['host_name ' ]) ? $ _GET ['host_name ' ] : false ;
1618$ min_value = isset ($ _GET ['min_value ' ]) ? $ _GET ['min_value ' ] : false ;
1719
1820try {
19- $ bdd = new PDO ('mysql:host=localhost;dbname=nagiosbp ' , ' root ' , ' root66 ' );
21+ $ bdd = new PDO ('mysql:host=localhost;dbname= ' . $ database_nagios , $ database_username , $ database_password );
2022} catch (Exception $ e ) {
2123 echo "Connection failed: " . $ e ->getMessage ();
2224 exit ('Impossible de se connecter à la base de données. ' );
@@ -73,17 +75,21 @@ function verify_services($bp,$host,$bdd){
7375}
7476
7577function delete_bp ($ bp ,$ bdd ){
76- $ sql = "delete from bp where name = ' " . $ bp . "' " ;
77- $ bdd ->exec ($ sql );
78+ $ sql = "delete from bp where name = ? " ;
79+ $ req = $ bdd ->prepare ($ sql );
80+ $ req ->execute (array ($ bp ));
7881
79- $ sql = "delete from bp_services where bp_name = ' " . $ bp . "' " ;
80- $ bdd ->exec ($ sql );
82+ $ sql = "delete from bp_services where bp_name = ? " ;
83+ $ req = $ bdd ->prepare ($ sql );
84+ $ req ->execute (array ($ bp ));
8185
82- $ sql = "delete from bp_links where bp_name = ' " . $ bp . "' " ;
83- $ bdd ->exec ($ sql );
86+ $ sql = "delete from bp_links where bp_name = ? " ;
87+ $ req = $ bdd ->prepare ($ sql );
88+ $ req ->execute (array ($ bp ));
8489
85- $ sql = "delete from bp_links where bp_link = ' " . $ bp . "' " ;
86- $ bdd ->exec ($ sql );
90+ $ sql = "delete from bp_links where bp_link = ? " ;
91+ $ req = $ bdd ->prepare ($ sql );
92+ $ req ->execute (array ($ bp ));
8793}
8894
8995function list_services ($ host_name ){
@@ -112,8 +118,9 @@ function list_services($host_name){
112118}
113119
114120function list_process ($ bp ,$ display ,$ bdd ){
115- $ sql = "select name from bp where is_define = 1 and name!=' " .$ bp ."' and priority = ' " . $ display . "' " ;
116- $ req = $ bdd ->query ($ sql );
121+ $ sql = "select name from bp where is_define = 1 and name!=? and priority = ? " ;
122+ $ req = $ bdd ->prepare ($ sql );
123+ $ req ->execute (array ($ bp ,$ display ));
117124 $ process = $ req ->fetchall ();
118125
119126 echo json_encode ($ process );
@@ -130,20 +137,20 @@ function add_services($bp,$services,$bdd){
130137 $ list_services [] = $ service ;
131138 }
132139 }
133- $ sql = "select service,host from bp_services where bp_name = ' " . $ bp . "' " ;
134- $ req = $ bdd ->query ($ sql );
135140
136- $ sql = "delete from bp_services where bp_name = ' " . $ bp . "' " ;
137- $ bdd ->exec ($ sql );
141+ $ sql = "delete from bp_services where bp_name = ? " ;
142+ $ req = $ bdd ->prepare ($ sql );
143+ $ req ->execute (array ($ bp ));
138144
139145 if (count ($ services ) > 0 ){
140- $ sql = "update bp set is_define = 1 where name = ' " . $ bp . "' " ;
141- $ bdd ->exec ($ sql );
146+ $ sql = "update bp set is_define = 1 where name = ? " ;
147+ $ req = $ bdd ->prepare ($ sql );
148+ $ req ->execute (array ($ bp ));
142149 }
143-
144150 else {
145- $ sql = "update bp set is_define = 0 where name = ' " . $ bp . "' " ;
146- $ bdd ->exec ($ sql );
151+ $ sql = "update bp set is_define = 0 where name = ? " ;
152+ $ req = $ bdd ->prepare ($ sql );
153+ $ req ->execute (array ($ bp ));
147154 }
148155
149156 if (is_array ($ services )) {
@@ -152,37 +159,43 @@ function add_services($bp,$services,$bdd){
152159 $ host = $ value [0 ];
153160 $ service = $ value [1 ];
154161 echo $ service ;
155- $ sql = "insert into bp_services (bp_name,host,service) values(' " . trim ($ bp ) . "',' " . $ host . "',' " . $ service . "') " ;
156- $ bdd ->exec ($ sql );
162+ $ sql = "insert into bp_services (bp_name,host,service) values(?,?,?) " ;
163+ $ req = $ bdd ->prepare ($ sql );
164+ $ req ->execute (array (trim ($ bp ),$ host ,$ service ));
157165 }
158166 }
159167}
160168
161169function add_process ($ bp ,$ process ,$ bdd ){
162- $ sql = "delete from bp_links where bp_name = ' " . $ bp . "' " ;
163- $ bdd ->exec ($ sql );
164- $ sql = "update bp set is_define = 0 where name = ' " . $ bp . "' " ;
165- $ bdd ->exec ($ sql );
170+ $ sql = "delete from bp_links where bp_name = ? " ;
171+ $ req = $ bdd ->prepare ($ sql );
172+ $ req ->execute (array ($ bp ));
173+ $ sql = "update bp set is_define = 0 where name = ? " ;
174+ $ req = $ bdd ->prepare ($ sql );
175+ $ req ->execute (array ($ bp ));
166176
167177 if (count ($ process ) > 0 and is_array ($ process )){
168- $ sql = "update bp set is_define = 1 where name = ' " . $ bp . "' " ;
169- $ bdd ->exec ($ sql );
178+ $ sql = "update bp set is_define = 1 where name = ? " ;
179+ $ req = $ bdd ->prepare ($ sql );
180+ $ req ->execute (array ($ bp ));
170181
171182 foreach ($ process as $ values ){
172183 $ value = explode (":: " , $ values );
173184 $ bp_link = $ value [1 ];
174185
175- $ sql = "insert into bp_links (bp_name,bp_link) values(' " . $ bp . " ',' " . $ bp_link . " ' ) " ;
186+ $ sql = "insert into bp_links (bp_name,bp_link) values(?,? ) " ;
176187
177- $ bdd ->exec ($ sql );
188+ $ req = $ bdd ->prepare ($ sql );
189+ $ req ->execute (array ($ bp ,$ bp_link ));
178190 }
179191 }
180192}
181193
182194function check_app_exists ($ uniq_name , $ bdd )
183195{
184- $ sql = "select count(*) from bp where name = ' " . $ uniq_name . "'; " ;
185- $ req = $ bdd ->query ($ sql );
196+ $ sql = "select count(*) from bp where name = ?; " ;
197+ $ req = $ bdd ->prepare ($ sql );
198+ $ req ->execute (array ($ uniq_name ));
186199 $ bp_exist = $ req ->fetch (PDO ::FETCH_NUM );
187200
188201 if ($ bp_exist [0 ] == 1 ){
@@ -196,34 +209,41 @@ function add_application($uniq_name_orig,$uniq_name,$process_name,$display,$url,
196209 if ($ type != 'MIN ' ){
197210 $ min_value = "" ;
198211 }
199- $ sql = "select count(*) from bp where name = ' " . $ uniq_name . "'; " ;
200- $ req = $ bdd ->query ($ sql );
212+ $ sql = "select count(*) from bp where name = ?; " ;
213+ $ req = $ bdd ->prepare ($ sql );
214+ $ req ->execute (array ($ uniq_name ));
201215 $ bp_exist = $ req ->fetch ();
202216
203217 // add
204218 if ($ bp_exist [0 ] == 0 and empty ($ uniq_name_orig )){
205- $ sql = "insert into bp (name,description,priority,type,command,url,min_value) values(' " . $ uniq_name ."',' " . $ process_name ."',' " . $ display . "',' " . $ type . "',' " . $ command . "',' " . $ url . "',' " . $ min_value . "') " ;
206- $ bdd ->exec ($ sql );
219+ $ sql = "insert into bp (name,description,priority,type,command,url,min_value) values(?,?,?,?,?,?,?) " ;
220+ $ req = $ bdd ->prepare ($ sql );
221+ $ req ->execute (array ($ uniq_name ,$ process_name ,$ display ,$ type ,$ command ,$ url ,$ min_value ));
207222 }
208223 // uniq name modification
209224 elseif ($ uniq_name_orig != $ uniq_name ) {
210225 if ($ bp_exist [0 ] != 0 ){
211226 // TODO QUENTIN
212227 } else {
213- $ sql = "update bp set name = ' " . $ uniq_name . "',description = ' " . $ process_name . "',priority = ' " . $ display . "',type = ' " . $ type . "',command = ' " . $ command . "',url = ' " . $ url . "',min_value = ' " . $ min_value . "' where name = ' " . $ uniq_name_orig . "' " ;
214- $ bdd ->exec ($ sql );
215- $ sql = "update bp_links set bp_name = ' " . $ uniq_name . "' where bp_name = ' " . $ uniq_name_orig . "' " ;
216- $ bdd ->exec ($ sql );
217- $ sql = "update bp_links set bp_link = ' " . $ uniq_name . "' where bp_link = ' " . $ uniq_name_orig . "' " ;
218- $ bdd ->exec ($ sql );
219- $ sql = "update bp_services set bp_name = ' " . $ uniq_name . "' where bp_name = ' " . $ uniq_name_orig . "' " ;
220- $ bdd ->exec ($ sql );
228+ $ sql = "update bp set name = ?,description = ?,priority = ?,type = ?,command = ?,url = ?,min_value = ? where name = ? " ;
229+ $ req = $ bdd ->prepare ($ sql );
230+ $ req ->execute (array ($ uniq_name ,$ process_name ,$ display ,$ type ,$ command ,$ url ,$ min_value ,$ uniq_name_orig ));
231+ $ sql = "update bp_links set bp_name = ? where bp_name = ? " ;
232+ $ req = $ bdd ->prepare ($ sql );
233+ $ req ->execute (array ($ uniq_name ,$ uniq_name_orig ));
234+ $ sql = "update bp_links set bp_link = ? where bp_link = ? " ;
235+ $ req = $ bdd ->prepare ($ sql );
236+ $ req ->execute (array ($ uniq_name ,$ uniq_name_orig ));
237+ $ sql = "update bp_services set bp_name = ? where bp_name = ? " ;
238+ $ req = $ bdd ->prepare ($ sql );
239+ $ req ->execute (array ($ uniq_name ,$ uniq_name_orig ));
221240 }
222241 }
223242 // modification
224243 else {
225- $ sql = "update bp set name = ' " . $ uniq_name . "',description = ' " . $ process_name . "',priority = ' " . $ display . "',type = ' " . $ type . "',command = ' " . $ command . "',url = ' " . $ url . "',min_value = ' " . $ min_value . "' where name = ' " . $ uniq_name . "' " ;
226- $ bdd ->exec ($ sql );
244+ $ sql = "update bp set name = ?,description = ?,priority = ?,type = ?,command = ?,url = ?,min_value = ? where name = ? " ;
245+ $ req = $ bdd ->prepare ($ sql );
246+ $ req ->execute (array ($ uniq_name ,$ process_name ,$ display ,$ type ,$ command ,$ url ,$ min_value ,$ uniq_name ));
227247 }
228248}
229249
@@ -252,16 +272,18 @@ function build_file($bdd){
252272
253273function build_file_recursive ($ bdd ,$ bp_file ,$ bp_informations ,$ bp_sons ){
254274
255- $ sql = "SELECT bp_link FROM bp_links where bp_name=' " .$ bp_informations ['name ' ]."' " ;
256- $ req = $ bdd ->query ($ sql );
275+ $ sql = "SELECT bp_link FROM bp_links where bp_name=? " ;
276+ $ req = $ bdd ->prepare ($ sql );
277+ $ req ->execute (array ($ bp_informations ['name ' ]));
257278 if ($ req ->rowCount () == 0 ) {
258279 $ bp_sons []=$ bp_informations ['name ' ];
259280 build_file_bp ($ bdd ,$ bp_file , $ bp_informations );
260281 } else {
261282 $ bp_links = $ req ->fetchall ();
262283 foreach ($ bp_links as $ bp_link ){
263- $ sql = "SELECT * FROM bp where is_define ='1' and name=' " .$ bp_link ["bp_link " ]."' " ;
264- $ req = $ bdd ->query ($ sql );
284+ $ sql = "SELECT * FROM bp where is_define ='1' and name=? " ;
285+ $ req = $ bdd ->prepare ($ sql );
286+ $ req ->execute (array ($ bp_link ["bp_link " ]));
265287 $ bps_sons_informations = $ req ->fetchall ();
266288 foreach ($ bps_sons_informations as $ bp_sons_informations ){
267289 if (!in_array ($ bp_sons_informations ['name ' ],$ bp_sons ,true )) {
@@ -287,8 +309,9 @@ function build_file_bp($bdd,$bp_file, $bp_informations){
287309 $ type = "+ " ;
288310 fputs ($ bp_file , $ bp_informations ['min_value ' ] . " of: " );
289311 }
290- $ sql = "select host,service from bp_services where bp_name = ' " . $ bp_informations ['name ' ] . "' " ;
291- $ req = $ bdd ->query ($ sql );
312+ $ sql = "select host,service from bp_services where bp_name = ? " ;
313+ $ req = $ bdd ->prepare ($ sql );
314+ $ req ->execute (array ($ bp_informations ['name ' ]));
292315 $ host_services = $ req ->fetchall ();
293316
294317 $ counter1 = count ($ host_services );
@@ -303,8 +326,9 @@ function build_file_bp($bdd,$bp_file, $bp_informations){
303326 }
304327 }
305328
306- $ sql = "select bp_link from bp_links where bp_name = ' " .$ bp_informations ['name ' ] . "' " ;
307- $ req = $ bdd ->query ($ sql );
329+ $ sql = "select bp_link from bp_links where bp_name = ? " ;
330+ $ req = $ bdd ->prepare ($ sql );
331+ $ req ->execute (array ($ bp_informations ['name ' ]));
308332 $ link_informations = $ req ->fetchall ();
309333
310334 $ counter1 = count ($ link_informations );
@@ -333,8 +357,9 @@ function build_file_bp($bdd,$bp_file, $bp_informations){
333357}
334358
335359function info_application ($ bp_name , $ bdd ){
336- $ sql = "select * from bp where name = ' " . $ bp_name . "' " ;
337- $ req = $ bdd ->query ($ sql );
360+ $ sql = "select * from bp where name = ? " ;
361+ $ req = $ bdd ->prepare ($ sql );
362+ $ req ->execute (array ($ bp_name ));
338363 $ info = $ req ->fetch ();
339364 echo json_encode ($ info );
340365}
0 commit comments