chore(release): merge release-22.04.next in 22.04.x (#11911)

* fix(git): resync 22.04.x to dev-22.04.x (#11503)

* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394)

* Sanitize and bind ACL host dependency queries

* fix issues

* removed old variable userCrypted and the use of it (#11334) (#11352)

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* enh(Header/userMenu):reduce spacing user menu (#11393)

* update user menu

* fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443)

* fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399)

Refs: MON-14377

* Sanitized and bound queries (#11413) (#11445)

lines : 130 -142

* Snyk: Sanitize and bind media sync queries 22.04.x (#11418)

* sanitizing and binding sync dir file queries

* Applying some fixes

* Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395)

* Snyk: Sanitize and bind Auth class queries 22.04.x (#11448)

* [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440)

* fix(UI): Fix layout for Safari and form validation (#11373)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

* Fix package-lock

* Add debug statement for debian

* Install nodejs rather npm

* Attempt fix

* Attempt to fix nodejs installation

* add sudo

* Fix redoc-cli usage

* Try to fix permission on npm

* Fix

* Fix permission

* Fix permission (please work)

* Fix source

* Stop using npx because.....

* Allow legacy-peer-deps

* Remove nodejs installation

* Fix image to pull for debian 11

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* feat(api): implement endpoint to update centreon web (#11391) (#11401)

Refs: MON-12296

* Clean(platform): Clean appKey method and usage 22.04.x (#11452)

* Clean(platform): Clean appKey method and usage (#11336)

* removing appKey from information table in baseConf and 22.10 update script

* removing appKey from NotifyMasterService.php

* removing appKey from CentreonRemoteServer.php

* applying suggested changes

* Applying suggested changes

Co-authored-by: Kevin Duret <kduret@centreon.com>

* adding 22.04.2 update script file with changes

* revert 22.04 beta 1 script to its original

Co-authored-by: Kevin Duret <kduret@centreon.com>

* enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461)

* changing select with select2 of metrics

* fix alignement

* remove unecessary files and replace selec by select2 in formComponentTemplate

* fix select id name for acceptance tests

* update composer for acceptance tests

* fix acceptance test 2

* add allow clear to metrics select2

* applying suggested changes

* final changes for merging

* remove unecessary select tag

* [SNYK] Sanitize and bind ACL class queries (#11392) (#11472)

* Sanitize and bind ACL class queries

Queries   sanitized  and bound using PDO statement

* fix spaces

spaces between (int) cast and variables

* update file delete spaces after comma

* change variables names due to a review

* Line exceeds 120 characters; contains 123 characters

* fix(conf) fix broker conf name display in listing (#11372) (#11376)

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>

* fix(cron): Escape database name in CentACL 22.04.x (#11510)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* fix(Resources/Graph): export graph image after selecting png (#11491)

* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394)

* Sanitize and bind ACL host dependency queries

* fix issues

* removed old variable userCrypted and the use of it (#11334) (#11352)

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* enh(Header/userMenu):reduce spacing user menu (#11393)

* update user menu

* fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443)

* fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399)

Refs: MON-14377

* Sanitized and bound queries (#11413) (#11445)

lines : 130 -142

* Snyk: Sanitize and bind media sync queries 22.04.x (#11418)

* sanitizing and binding sync dir file queries

* Applying some fixes

* Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395)

* Snyk: Sanitize and bind Auth class queries 22.04.x (#11448)

* [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440)

* fix(UI): Fix layout for Safari and form validation (#11373)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

* Fix package-lock

* Add debug statement for debian

* Install nodejs rather npm

* Attempt fix

* Attempt to fix nodejs installation

* add sudo

* Fix redoc-cli usage

* Try to fix permission on npm

* Fix

* Fix permission

* Fix permission (please work)

* Fix source

* Stop using npx because.....

* Allow legacy-peer-deps

* Remove nodejs installation

* Fix image to pull for debian 11

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* feat(api): implement endpoint to update centreon web (#11391) (#11401)

Refs: MON-12296

* Clean(platform): Clean appKey method and usage 22.04.x (#11452)

* Clean(platform): Clean appKey method and usage (#11336)

* removing appKey from information table in baseConf and 22.10 update script

* removing appKey from NotifyMasterService.php

* removing appKey from CentreonRemoteServer.php

* applying suggested changes

* Applying suggested changes

Co-authored-by: Kevin Duret <kduret@centreon.com>

* adding 22.04.2 update script file with changes

* revert 22.04 beta 1 script to its original

Co-authored-by: Kevin Duret <kduret@centreon.com>

* enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461)

* changing select with select2 of metrics

* fix alignement

* remove unecessary files and replace selec by select2 in formComponentTemplate

* fix select id name for acceptance tests

* update composer for acceptance tests

* fix acceptance test 2

* add allow clear to metrics select2

* applying suggested changes

* final changes for merging

* remove unecessary select tag

* [SNYK] Sanitize and bind ACL class queries (#11392) (#11472)

* Sanitize and bind ACL class queries

Queries   sanitized  and bound using PDO statement

* fix spaces

spaces between (int) cast and variables

* update file delete spaces after comma

* change variables names due to a review

* Line exceeds 120 characters; contains 123 characters

* fix(conf) fix broker conf name display in listing (#11372) (#11376)

* fix export graph image after selecting png

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>

* Fix(platform): Removing appkey key (#11511)

* fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327)

Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID.
This PR aims to remove the restriction on the uniqueness of the OID of a trap.

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528)

* fix(test): fix random fails on virtual metric test (#11523)

Refs: MON-14359

* fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532)

Refs: MON-14496

* fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534)

Refs: MON-7417

* fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533)

Refs: MON-12296

* fix(api): fix call to api on fresh install (#11536) (#11537)

Refs: MON-12296

* doc(ack): acknowledge Hakaï security (#11540)

* fix(api): do not init db connection in event subscriber (#11543) (#11545)

Refs: MON-12296

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11547)

* sanitizing and binding acl actions queries

* fix missing bind

* SNYK: Sanitize and bind Broker listing queries (#11550)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11564)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11561)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* MON-14501 - sanitize query in centreonXmlbgRequest class (#11570)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11567)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release):rebase dev-22.04.x on 22.04.x (#11627)

* Merge release-22.04.3 into 22.04.x (#11623)

* fix(git): resync 22.04.x to dev-22.04.x (#11503)

* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394)

* Sanitize and bind ACL host dependency queries

* fix issues

* removed old variable userCrypted and the use of it (#11334) (#11352)

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* enh(Header/userMenu):reduce spacing user menu (#11393)

* update user menu

* fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443)

* fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399)

Refs: MON-14377

* Sanitized and bound queries (#11413) (#11445)

lines : 130 -142

* Snyk: Sanitize and bind media sync queries 22.04.x (#11418)

* sanitizing and binding sync dir file queries

* Applying some fixes

* Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395)

* Snyk: Sanitize and bind Auth class queries 22.04.x (#11448)

* [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440)

* fix(UI): Fix layout for Safari and form validation (#11373)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

* Fix package-lock

* Add debug statement for debian

* Install nodejs rather npm

* Attempt fix

* Attempt to fix nodejs installation

* add sudo

* Fix redoc-cli usage

* Try to fix permission on npm

* Fix

* Fix permission

* Fix permission (please work)

* Fix source

* Stop using npx because.....

* Allow legacy-peer-deps

* Remove nodejs installation

* Fix image to pull for debian 11

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* feat(api): implement endpoint to update centreon web (#11391) (#11401)

Refs: MON-12296

* Clean(platform): Clean appKey method and usage 22.04.x (#11452)

* Clean(platform): Clean appKey method and usage (#11336)

* removing appKey from information table in baseConf and 22.10 update script

* removing appKey from NotifyMasterService.php

* removing appKey from CentreonRemoteServer.php

* applying suggested changes

* Applying suggested changes

Co-authored-by: Kevin Duret <kduret@centreon.com>

* adding 22.04.2 update script file with changes

* revert 22.04 beta 1 script to its original

Co-authored-by: Kevin Duret <kduret@centreon.com>

* enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461)

* changing select with select2 of metrics

* fix alignement

* remove unecessary files and replace selec by select2 in formComponentTemplate

* fix select id name for acceptance tests

* update composer for acceptance tests

* fix acceptance test 2

* add allow clear to metrics select2

* applying suggested changes

* final changes for merging

* remove unecessary select tag

* [SNYK] Sanitize and bind ACL class queries (#11392) (#11472)

* Sanitize and bind ACL class queries

Queries   sanitized  and bound using PDO statement

* fix spaces

spaces between (int) cast and variables

* update file delete spaces after comma

* change variables names due to a review

* Line exceeds 120 characters; contains 123 characters

* fix(conf) fix broker conf name display in listing (#11372) (#11376)

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>

* fix(cron): Escape database name in CentACL 22.04.x (#11510)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* fix(Resources/Graph): export graph image after selecting png (#11491)

* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394)

* Sanitize and bind ACL host dependency queries

* fix issues

* removed old variable userCrypted and the use of it (#11334) (#11352)

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* enh(Header/userMenu):reduce spacing user menu (#11393)

* update user menu

* fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443)

* fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399)

Refs: MON-14377

* Sanitized and bound queries (#11413) (#11445)

lines : 130 -142

* Snyk: Sanitize and bind media sync queries 22.04.x (#11418)

* sanitizing and binding sync dir file queries

* Applying some fixes

* Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395)

* Snyk: Sanitize and bind Auth class queries 22.04.x (#11448)

* [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440)

* fix(UI): Fix layout for Safari and form validation (#11373)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

* Fix package-lock

* Add debug statement for debian

* Install nodejs rather npm

* Attempt fix

* Attempt to fix nodejs installation

* add sudo

* Fix redoc-cli usage

* Try to fix permission on npm

* Fix

* Fix permission

* Fix permission (please work)

* Fix source

* Stop using npx because.....

* Allow legacy-peer-deps

* Remove nodejs installation

* Fix image to pull for debian 11

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* feat(api): implement endpoint to update centreon web (#11391) (#11401)

Refs: MON-12296

* Clean(platform): Clean appKey method and usage 22.04.x (#11452)

* Clean(platform): Clean appKey method and usage (#11336)

* removing appKey from information table in baseConf and 22.10 update script

* removing appKey from NotifyMasterService.php

* removing appKey from CentreonRemoteServer.php

* applying suggested changes

* Applying suggested changes

Co-authored-by: Kevin Duret <kduret@centreon.com>

* adding 22.04.2 update script file with changes

* revert 22.04 beta 1 script to its original

Co-authored-by: Kevin Duret <kduret@centreon.com>

* enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461)

* changing select with select2 of metrics

* fix alignement

* remove unecessary files and replace selec by select2 in formComponentTemplate

* fix select id name for acceptance tests

* update composer for acceptance tests

* fix acceptance test 2

* add allow clear to metrics select2

* applying suggested changes

* final changes for merging

* remove unecessary select tag

* [SNYK] Sanitize and bind ACL class queries (#11392) (#11472)

* Sanitize and bind ACL class queries

Queries   sanitized  and bound using PDO statement

* fix spaces

spaces between (int) cast and variables

* update file delete spaces after comma

* change variables names due to a review

* Line exceeds 120 characters; contains 123 characters

* fix(conf) fix broker conf name display in listing (#11372) (#11376)

* fix export graph image after selecting png

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>

* Fix(platform): Removing appkey key (#11511)

* fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327)

Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID.
This PR aims to remove the restriction on the uniqueness of the OID of a trap.

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528)

* fix(test): fix random fails on virtual metric test (#11523)

Refs: MON-14359

* fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532)

Refs: MON-14496

* fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534)

Refs: MON-7417

* fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533)

Refs: MON-12296

* fix(api): fix call to api on fresh install (#11536) (#11537)

Refs: MON-12296

* doc(ack): acknowledge Hakaï security (#11540)

* fix(api): do not init db connection in event subscriber (#11543) (#11545)

Refs: MON-12296

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11547)

* sanitizing and binding acl actions queries

* fix missing bind

* SNYK: Sanitize and bind Broker listing queries (#11550)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11564)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11561)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* MON-14501 - sanitize query in centreonXmlbgRequest class (#11570)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11567)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install):Update version to 22.04.3

* fix(sql): fix query to select contact during ldap import (#11578)

Refs: MON-14263

* fix(UI): Fix layout for Safari and form validation (#11373) (#11604)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>

* fix(api): fix call to api on fresh install (#11536) (#11537)

Refs: MON-12296

* fix(api): do not init db connection in event subscriber (#11543) (#11545)

Refs: MON-12296

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>

* fix(partition): adapt control of database version (#11609) (#11610)

* fix(openid): correctly set contact_location while creating session (#11613) (#11614)

* fix(lang): Fixed FR typo (#11621)

* enh(UI): Add a “Parent alias“ column  on the monitoring resources sta… (#11542)

* enh(UI): Add a “Parent alias“ column  on the monitoring resources status page (#11190)

* Add column ParentAlias

* Add new label ParentAlias

* Add column ParentAlias and new column component

* Add new card to display Parent Alias

* Remove  tile in Details Panel, enhancement not expected

* FIx eslint issue

* Fix naming on label parent alias

* Add translation

* Add line at the end of files

* Add line at the end of file

* fix issues

* Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Tom Darneix <tomdar87@outlook.com>

* Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Tom Darneix <tomdar87@outlook.com>

* Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Tom Darneix <tomdar87@outlook.com>

* Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com>

* Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com>

* Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Bruno d'Auria <bdauria@centreon.com>

* Fix issue on messages.po file

Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com>
Co-authored-by: Bruno d'Auria <bdauria@centreon.com>

* query sanitized in listServiceCategoriesà (#11597) (#11632)

* MON-14797 reorganizes dependencies (#11612)

* Fix encoding issue on status serviceXML (#11581)

* sanitize and bind in centreon connector query (#11635)

* sanitize insrert queries in db-func (#11650)

MON-14667

* chore(git): update codeowners (#11594)

* chore(release):rebase dev-22.04.x on 22.04.x (#11688)

* Merge release-22.04.3 into 22.04.x (#11623)

* fix(git): resync 22.04.x to dev-22.04.x (#11503)

* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394)

* Sanitize and bind ACL host dependency queries

* fix issues

* removed old variable userCrypted and the use of it (#11334) (#11352)

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* enh(Header/userMenu):reduce spacing user menu (#11393)

* update user menu

* fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443)

* fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399)

Refs: MON-14377

* Sanitized and bound queries (#11413) (#11445)

lines : 130 -142

* Snyk: Sanitize and bind media sync queries 22.04.x (#11418)

* sanitizing and binding sync dir file queries

* Applying some fixes

* Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395)

* Snyk: Sanitize and bind Auth class queries 22.04.x (#11448)

* [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440)

* fix(UI): Fix layout for Safari and form validation (#11373)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

* Fix package-lock

* Add debug statement for debian

* Install nodejs rather npm

* Attempt fix

* Attempt to fix nodejs installation

* add sudo

* Fix redoc-cli usage

* Try to fix permission on npm

* Fix

* Fix permission

* Fix permission (please work)

* Fix source

* Stop using npx because.....

* Allow legacy-peer-deps

* Remove nodejs installation

* Fix image to pull for debian 11

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* feat(api): implement endpoint to update centreon web (#11391) (#11401)

Refs: MON-12296

* Clean(platform): Clean appKey method and usage 22.04.x (#11452)

* Clean(platform): Clean appKey method and usage (#11336)

* removing appKey from information table in baseConf and 22.10 update script

* removing appKey from NotifyMasterService.php

* removing appKey from CentreonRemoteServer.php

* applying suggested changes

* Applying suggested changes

Co-authored-by: Kevin Duret <kduret@centreon.com>

* adding 22.04.2 update script file with changes

* revert 22.04 beta 1 script to its original

Co-authored-by: Kevin Duret <kduret@centreon.com>

* enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461)

* changing select with select2 of metrics

* fix alignement

* remove unecessary files and replace selec by select2 in formComponentTemplate

* fix select id name for acceptance tests

* update composer for acceptance tests

* fix acceptance test 2

* add allow clear to metrics select2

* applying suggested changes

* final changes for merging

* remove unecessary select tag

* [SNYK] Sanitize and bind ACL class queries (#11392) (#11472)

* Sanitize and bind ACL class queries

Queries   sanitized  and bound using PDO statement

* fix spaces

spaces between (int) cast and variables

* update file delete spaces after comma

* change variables names due to a review

* Line exceeds 120 characters; contains 123 characters

* fix(conf) fix broker conf name display in listing (#11372) (#11376)

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>

* fix(cron): Escape database name in CentACL 22.04.x (#11510)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* fix(Resources/Graph): export graph image after selecting png (#11491)

* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394)

* Sanitize and bind ACL host dependency queries

* fix issues

* removed old variable userCrypted and the use of it (#11334) (#11352)

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* enh(Header/userMenu):reduce spacing user menu (#11393)

* update user menu

* fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443)

* fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399)

Refs: MON-14377

* Sanitized and bound queries (#11413) (#11445)

lines : 130 -142

* Snyk: Sanitize and bind media sync queries 22.04.x (#11418)

* sanitizing and binding sync dir file queries

* Applying some fixes

* Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395)

* Snyk: Sanitize and bind Auth class queries 22.04.x (#11448)

* [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440)

* fix(UI): Fix layout for Safari and form validation (#11373)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

* Fix package-lock

* Add debug statement for debian

* Install nodejs rather npm

* Attempt fix

* Attempt to fix nodejs installation

* add sudo

* Fix redoc-cli usage

* Try to fix permission on npm

* Fix

* Fix permission

* Fix permission (please work)

* Fix source

* Stop using npx because.....

* Allow legacy-peer-deps

* Remove nodejs installation

* Fix image to pull for debian 11

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* feat(api): implement endpoint to update centreon web (#11391) (#11401)

Refs: MON-12296

* Clean(platform): Clean appKey method and usage 22.04.x (#11452)

* Clean(platform): Clean appKey method and usage (#11336)

* removing appKey from information table in baseConf and 22.10 update script

* removing appKey from NotifyMasterService.php

* removing appKey from CentreonRemoteServer.php

* applying suggested changes

* Applying suggested changes

Co-authored-by: Kevin Duret <kduret@centreon.com>

* adding 22.04.2 update script file with changes

* revert 22.04 beta 1 script to its original

Co-authored-by: Kevin Duret <kduret@centreon.com>

* enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461)

* changing select with select2 of metrics

* fix alignement

* remove unecessary files and replace selec by select2 in formComponentTemplate

* fix select id name for acceptance tests

* update composer for acceptance tests

* fix acceptance test 2

* add allow clear to metrics select2

* applying suggested changes

* final changes for merging

* remove unecessary select tag

* [SNYK] Sanitize and bind ACL class queries (#11392) (#11472)

* Sanitize and bind ACL class queries

Queries   sanitized  and bound using PDO statement

* fix spaces

spaces between (int) cast and variables

* update file delete spaces after comma

* change variables names due to a review

* Line exceeds 120 characters; contains 123 characters

* fix(conf) fix broker conf name display in listing (#11372) (#11376)

* fix export graph image after selecting png

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>

* Fix(platform): Removing appkey key (#11511)

* fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327)

Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID.
This PR aims to remove the restriction on the uniqueness of the OID of a trap.

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528)

* fix(test): fix random fails on virtual metric test (#11523)

Refs: MON-14359

* fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532)

Refs: MON-14496

* fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534)

Refs: MON-7417

* fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533)

Refs: MON-12296

* fix(api): fix call to api on fresh install (#11536) (#11537)

Refs: MON-12296

* doc(ack): acknowledge Hakaï security (#11540)

* fix(api): do not init db connection in event subscriber (#11543) (#11545)

Refs: MON-12296

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11547)

* sanitizing and binding acl actions queries

* fix missing bind

* SNYK: Sanitize and bind Broker listing queries (#11550)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11564)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11561)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* MON-14501 - sanitize query in centreonXmlbgRequest class (#11570)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11567)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install):Update version to 22.04.3

* fix(sql): fix query to select contact during ldap import (#11578)

Refs: MON-14263

* fix(UI): Fix layout for Safari and form validation (#11373) (#11604)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>

* chore(release): merge hotfix-MON-14893-index-data (#11681)

* fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668)

Refs: MON-14848

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* fix invalid values for index_data.special (#11669)

* chore(install):update version to 22.04.4

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* fix(api): fix call to api on fresh install (#11536) (#11537)

Refs: MON-12296

* fix(api): do not init db connection in event subscriber (#11543) (#11545)

Refs: MON-12296

* fix(partition): adapt control of database version (#11609) (#11610)

* fix(openid): correctly set contact_location while creating session (#11613) (#11614)

* fix(lang): Fixed FR typo (#11621)

* enh(UI): Add a “Parent alias“ column  on the monitoring resources sta… (#11542)

* enh(UI): Add a “Parent alias“ column  on the monitoring resources status page (#11190)

* Add column ParentAlias

* Add new label ParentAlias

* Add column ParentAlias and new column component

* Add new card to display Parent Alias

* Remove  tile in Details Panel, enhancement not expected

* FIx eslint issue

* Fix naming on label parent alias

* Add translation

* Add line at the end of files

* Add line at the end of file

* fix issues

* Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Tom Darneix <tomdar87@outlook.com>

* Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Tom Darneix <tomdar87@outlook.com>

* Update lang/pt_PT.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Tom Darneix <tomdar87@outlook.com>

* Update lang/es_ES.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com>

* Update lang/pt_BR.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com>

* Update lang/fr_FR.UTF-8/LC_MESSAGES/messages.po

Co-authored-by: Bruno d'Auria <bdauria@centreon.com>

* Fix issue on messages.po file

Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com>
Co-authored-by: Bruno d'Auria <bdauria@centreon.com>

* query sanitized in listServiceCategoriesà (#11597) (#11632)

* MON-14797 reorganizes dependencies (#11612)

* Fix encoding issue on status serviceXML (#11581)

* sanitize and bind in centreon connector query (#11635)

* sanitize insrert queries in db-func (#11650)

MON-14667

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: Laurent Pinsivy <lpinsivy@centreon.com>
Co-authored-by: jcaro <jcaro@centreon.com>
Co-authored-by: Jérémy Delpierre <jdelpierre@users.noreply.github.com>
Co-authored-by: Bruno d'Auria <bdauria@centreon.com>
Co-authored-by: Luiz Costa <me@luizgustavo.pro.br>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* fix(details): remove dead code (#11672) (#11686)

* fix(conf) fix parent template display in service template listing (#11671) (#11676)

* fix(poller): fix remote server duplication (#11552) (#11674)

* fix(poller): fix remote server duplication (#11552)

Refs: MON-14579

Co-authored-by: Jérémy Jaouen <jjaouen@centreon.com>

* fix translation for host and service category (#11626)

* fix(clapi): Check that user is admin to use clapi (#11631) (#11640)

* Sanitized and bound queries in service argumentsXml fil (#11653)

MON-14669

* Sanitize and bind listVirtualMetrics queries (#11647)

* sanitize and bind host categories queries (#11645)

* Ãbind queries an fix array binding(#11656)

* fix(ui): fix svg display in legacy monitoring pages (#11659) (#11690)

Refs: MON-14869

* Sanitize and bind service group dependecies queries 22.04.x (#11665)

* MON-14425 fix centreon.ini and autoconfigure timezone (#11608)

* enh(Resources/header): Display the 2 access pictograms logs and report on details panel (#11618)

* Display the 2 access pictograms logs and report on details panel

* Update www/front_src/src/Resources/Details/Header.tsx

Co-authored-by: JKancel <JKancel@users.noreply.github.com>

* Update www/front_src/src/Resources/Details/Header.tsx

Co-authored-by: JKancel <JKancel@users.noreply.github.com>

Co-authored-by: JKancel <JKancel@users.noreply.github.com>

* fix(resource-status): add missing alias to Host detail factory (#11642)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11698)

Refs: MON-14919

* fix(install): fix source install with quiet mode related to gorgone vars (#11694) (#11701)

Refs: MON-14806

Co-authored-by: Eric Coquard <eric.coquard@gmail.com>

* Fix: In Acces group the second select not working [ACL] 22.04.x (#11709)

* fix second select not working

* applying suggested changes

* fix(details): second part of code cleanup for "tools" (#11718) (#11721)

* fix (#11724)

* FIX: Sanitize and bind graph configuration queries 22.04.x (#11729)

* [Fix]:Sanitize and bind queries in template of service listing (#11746)

* [Fix]:Sanitize and bind queries in template of service listing

* work on tamazC suggestion

* fix(resource): Fix bad SQL request (#11702) (#11749)

* FIX: Sanitize and bind Meta Service configuration 22.04.x (#11733)

* sanitize and bind meta service config

* applying suggested changes

* Fix: Sanitize and bind CLAPI poller configuration 22.04.x (#11731)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind command configuration queries 22.04.x (#11754)

* fix(partition): fix condition for database version (#11657) (#11756)

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* Rebase dev2204x on 2204x (#11824)

* Merge release-22.04.3 into 22.04.x (#11623)

* fix(git): resync 22.04.x to dev-22.04.x (#11503)

* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394)

* Sanitize and bind ACL host dependency queries

* fix issues

* removed old variable userCrypted and the use of it (#11334) (#11352)

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* enh(Header/userMenu):reduce spacing user menu (#11393)

* update user menu

* fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443)

* fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399)

Refs: MON-14377

* Sanitized and bound queries (#11413) (#11445)

lines : 130 -142

* Snyk: Sanitize and bind media sync queries 22.04.x (#11418)

* sanitizing and binding sync dir file queries

* Applying some fixes

* Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395)

* Snyk: Sanitize and bind Auth class queries 22.04.x (#11448)

* [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440)

* fix(UI): Fix layout for Safari and form validation (#11373)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

* Fix package-lock

* Add debug statement for debian

* Install nodejs rather npm

* Attempt fix

* Attempt to fix nodejs installation

* add sudo

* Fix redoc-cli usage

* Try to fix permission on npm

* Fix

* Fix permission

* Fix permission (please work)

* Fix source

* Stop using npx because.....

* Allow legacy-peer-deps

* Remove nodejs installation

* Fix image to pull for debian 11

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* feat(api): implement endpoint to update centreon web (#11391) (#11401)

Refs: MON-12296

* Clean(platform): Clean appKey method and usage 22.04.x (#11452)

* Clean(platform): Clean appKey method and usage (#11336)

* removing appKey from information table in baseConf and 22.10 update script

* removing appKey from NotifyMasterService.php

* removing appKey from CentreonRemoteServer.php

* applying suggested changes

* Applying suggested changes

Co-authored-by: Kevin Duret <kduret@centreon.com>

* adding 22.04.2 update script file with changes

* revert 22.04 beta 1 script to its original

Co-authored-by: Kevin Duret <kduret@centreon.com>

* enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461)

* changing select with select2 of metrics

* fix alignement

* remove unecessary files and replace selec by select2 in formComponentTemplate

* fix select id name for acceptance tests

* update composer for acceptance tests

* fix acceptance test 2

* add allow clear to metrics select2

* applying suggested changes

* final changes for merging

* remove unecessary select tag

* [SNYK] Sanitize and bind ACL class queries (#11392) (#11472)

* Sanitize and bind ACL class queries

Queries   sanitized  and bound using PDO statement

* fix spaces

spaces between (int) cast and variables

* update file delete spaces after comma

* change variables names due to a review

* Line exceeds 120 characters; contains 123 characters

* fix(conf) fix broker conf name display in listing (#11372) (#11376)

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>

* fix(cron): Escape database name in CentACL 22.04.x (#11510)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* fix(Resources/Graph): export graph image after selecting png (#11491)

* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394)

* Sanitize and bind ACL host dependency queries

* fix issues

* removed old variable userCrypted and the use of it (#11334) (#11352)

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* enh(Header/userMenu):reduce spacing user menu (#11393)

* update user menu

* fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443)

* fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399)

Refs: MON-14377

* Sanitized and bound queries (#11413) (#11445)

lines : 130 -142

* Snyk: Sanitize and bind media sync queries 22.04.x (#11418)

* sanitizing and binding sync dir file queries

* Applying some fixes

* Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395)

* Snyk: Sanitize and bind Auth class queries 22.04.x (#11448)

* [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440)

* fix(UI): Fix layout for Safari and form validation (#11373)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

* Fix package-lock

* Add debug statement for debian

* Install nodejs rather npm

* Attempt fix

* Attempt to fix nodejs installation

* add sudo

* Fix redoc-cli usage

* Try to fix permission on npm

* Fix

* Fix permission

* Fix permission (please work)

* Fix source

* Stop using npx because.....

* Allow legacy-peer-deps

* Remove nodejs installation

* Fix image to pull for debian 11

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* feat(api): implement endpoint to update centreon web (#11391) (#11401)

Refs: MON-12296

* Clean(platform): Clean appKey method and usage 22.04.x (#11452)

* Clean(platform): Clean appKey method and usage (#11336)

* removing appKey from information table in baseConf and 22.10 update script

* removing appKey from NotifyMasterService.php

* removing appKey from CentreonRemoteServer.php

* applying suggested changes

* Applying suggested changes

Co-authored-by: Kevin Duret <kduret@centreon.com>

* adding 22.04.2 update script file with changes

* revert 22.04 beta 1 script to its original

Co-authored-by: Kevin Duret <kduret@centreon.com>

* enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461)

* changing select with select2 of metrics

* fix alignement

* remove unecessary files and replace selec by select2 in formComponentTemplate

* fix select id name for acceptance tests

* update composer for acceptance tests

* fix acceptance test 2

* add allow clear to metrics select2

* applying suggested changes

* final changes for merging

* remove unecessary select tag

* [SNYK] Sanitize and bind ACL class queries (#11392) (#11472)

* Sanitize and bind ACL class queries

Queries   sanitized  and bound using PDO statement

* fix spaces

spaces between (int) cast and variables

* update file delete spaces after comma

* change variables names due to a review

* Line exceeds 120 characters; contains 123 characters

* fix(conf) fix broker conf name display in listing (#11372) (#11376)

* fix export graph image after selecting png

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>

* Fix(platform): Removing appkey key (#11511)

* fix(trap): Removal of the restriction on the uniqueness of the OID of a trap (#11327)

Currently, an error appears when we try to save an existing trap because a test is performed on the uniqueness of the OID.
This PR aims to remove the restriction on the uniqueness of the OID of a trap.

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11528)

* fix(test): fix random fails on virtual metric test (#11523)

Refs: MON-14359

* fix(autoload): Add classmap to fix autoload with legacy classes (#11492) (#11532)

Refs: MON-14496

* fix(ldap): small refacto of ldap authentication and log failures (#11422) (#11534)

Refs: MON-7417

* fix(api): allow api platform updates from installed 22.04.0 (#11495) (#11533)

Refs: MON-12296

* fix(api): fix call to api on fresh install (#11536) (#11537)

Refs: MON-12296

* doc(ack): acknowledge Hakaï security (#11540)

* fix(api): do not init db connection in event subscriber (#11543) (#11545)

Refs: MON-12296

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11556)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11547)

* sanitizing and binding acl actions queries

* fix missing bind

* SNYK: Sanitize and bind Broker listing queries (#11550)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11564)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11561)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* MON-14501 - sanitize query in centreonXmlbgRequest class (#11570)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11567)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install):Update version to 22.04.3

* fix(sql): fix query to select contact during ldap import (#11578)

Refs: MON-14263

* fix(UI): Fix layout for Safari and form validation (#11373) (#11604)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>

* chore(release): merge hotfix-MON-14893-index-data (#11681)

* fix(upgrade): Correctly Parse SQL Comments (#11658) (#11668)

Refs: MON-14848

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* fix invalid values for index_data.special (#11669)

* chore(install):update version to 22.04.4

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* chore(release): merge release-22.04.next into 22.04.x (#11821)

* fix(git): resync 22.04.x to dev-22.04.x (#11503)

* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394)

* Sanitize and bind ACL host dependency queries

* fix issues

* removed old variable userCrypted and the use of it (#11334) (#11352)

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* enh(Header/userMenu):reduce spacing user menu (#11393)

* update user menu

* fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443)

* fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399)

Refs: MON-14377

* Sanitized and bound queries (#11413) (#11445)

lines : 130 -142

* Snyk: Sanitize and bind media sync queries 22.04.x (#11418)

* sanitizing and binding sync dir file queries

* Applying some fixes

* Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395)

* Snyk: Sanitize and bind Auth class queries 22.04.x (#11448)

* [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440)

* fix(UI): Fix layout for Safari and form validation (#11373)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

* Fix package-lock

* Add debug statement for debian

* Install nodejs rather npm

* Attempt fix

* Attempt to fix nodejs installation

* add sudo

* Fix redoc-cli usage

* Try to fix permission on npm

* Fix

* Fix permission

* Fix permission (please work)

* Fix source

* Stop using npx because.....

* Allow legacy-peer-deps

* Remove nodejs installation

* Fix image to pull for debian 11

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11421)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11402)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* feat(api): implement endpoint to update centreon web (#11391) (#11401)

Refs: MON-12296

* Clean(platform): Clean appKey method and usage 22.04.x (#11452)

* Clean(platform): Clean appKey method and usage (#11336)

* removing appKey from information table in baseConf and 22.10 update script

* removing appKey from NotifyMasterService.php

* removing appKey from CentreonRemoteServer.php

* applying suggested changes

* Applying suggested changes

Co-authored-by: Kevin Duret <kduret@centreon.com>

* adding 22.04.2 update script file with changes

* revert 22.04 beta 1 script to its original

Co-authored-by: Kevin Duret <kduret@centreon.com>

* enh(platform): Use API to select metrics in virtual metrics configuration form 22.04.x (#11461)

* changing select with select2 of metrics

* fix alignement

* remove unecessary files and replace selec by select2 in formComponentTemplate

* fix select id name for acceptance tests

* update composer for acceptance tests

* fix acceptance test 2

* add allow clear to metrics select2

* applying suggested changes

* final changes for merging

* remove unecessary select tag

* [SNYK] Sanitize and bind ACL class queries (#11392) (#11472)

* Sanitize and bind ACL class queries

Queries   sanitized  and bound using PDO statement

* fix spaces

spaces between (int) cast and variables

* update file delete spaces after comma

* change variables names due to a review

* Line exceeds 120 characters; contains 123 characters

* fix(conf) fix broker conf name display in listing (#11372) (#11376)

Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Nouha-ElAbrouki <97687698+Noha-ElAbrouki@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: Tom Darneix <tomdar87@outlook.com>
Co-authored-by: alaunois <alaunois@centreon.com>

* fix(cron): Escape database name in CentACL 22.04.x (#11510)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11504)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11519)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* fix(Resources/Graph): export graph image after selecting png (#11491)

* [SNYK] Sanitize and bind ACL host dependency queries (#11389) (#11394)

* Sanitize and bind ACL host dependency queries

* fix issues

* removed old variable userCrypted and the use of it (#11334) (#11352)

Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>

* enh(Header/userMenu):reduce spacing user menu (#11393)

* update user menu

* fix(hostgroup): fix display of hostgroups in select2 (#11431) (#11443)

* fix(ci): fix debian packaging with freshly instanciated jenkins slave (#11398) (#11399)

Refs: MON-14377

* Sanitized and bound queries (#11413) (#11445)

lines : 130 -142

* Snyk: Sanitize and bind media sync queries 22.04.x (#11418)

* sanitizing and binding sync dir file queries

* Applying some fixes

* Snyk: Sanitize and bind ACL service dependency queries dev-22.04.x (#11395)

* Snyk: Sanitize and bind Auth class queries 22.04.x (#11448)

* [Backport/need review] fix(UI): Fix layout for Safari and form validation (#11440)

* fix(UI): Fix layout for Safari and form validation (#11373)

* Fix form validation

* Fix padlock layout for safari

* Update centreon-frontend

* Remove debug variable

* Fix test

* Fix page respsoniveness

* Rename variable

* update deps

* Fix package-lock

* Fix package-lock

* Add debug statement for debian

* Install nodejs rather npm

* Attempt fix

* Attempt to fix nodejs installation

* add sudo

* Fix redoc-cli usage

* Try to fix permission on n…

src/Centreon/Domain/Contact/Interfaces/ContactInterface.php

@@ -207,4 +207,9 @@ public function hasAccessToApiRealTime(): bool;
      * @return static
      */
     public function setAccessToApiRealTime(bool $hasAccessToApiRealTime): static;
+
+    /**
+     * @return string|null
+     */
+    public function getTheme(): ?string;
 }

src/Centreon/Domain/Repository/TopologyRepository.php

@@ -105,14 +105,15 @@ public function getReactTopologiesPerUserWithAcl($user)
                 if ($DBRESULT->rowCount()) {
                     $topology = array();
                     $tmp_topo_page = array();
+                    $statement = $this->db->prepare("SELECT topology_topology_id, acl_topology_relations.access_right "
+                        . "FROM acl_topology_relations, acl_topology "
+                        . "WHERE acl_topology.acl_topo_activate = '1' "
+                        . "AND acl_topology.acl_topo_id = acl_topology_relations.acl_topo_id "
+                        . "AND acl_topology_relations.acl_topo_id = :acl_topo_id ");
                     while ($topo_group = $DBRESULT->fetchRow()) {
-                        $query2 = "SELECT topology_topology_id, acl_topology_relations.access_right "
-                            . "FROM acl_topology_relations, acl_topology "
-                            . "WHERE acl_topology.acl_topo_activate = '1' "
-                            . "AND acl_topology.acl_topo_id = acl_topology_relations.acl_topo_id "
-                            . "AND acl_topology_relations.acl_topo_id = '" . $topo_group["acl_topology_id"] . "' ";
-                        $DBRESULT2 = $this->db->query($query2);
-                        while ($topo_page = $DBRESULT2->fetchRow()) {
+                        $statement->bindValue(':acl_topo_id', $topo_group["acl_topology_id"], \PDO::PARAM_INT);
+                        $statement->execute();
+                        while ($topo_page = $statement->fetch(\PDO::FETCH_ASSOC)) {
                             $topology[] = (int)$topo_page["topology_topology_id"];
                             if (!isset($tmp_topo_page[$topo_page['topology_topology_id']])) {
                                 $tmp_topo_page[$topo_page["topology_topology_id"]] = $topo_page["access_right"];
@@ -127,7 +128,7 @@ public function getReactTopologiesPerUserWithAcl($user)
                                 }
                             }
                         }
-                        $DBRESULT2->closeCursor();
+                        $statement->closeCursor();
                     }
                     $DBRESULT->closeCursor();
 

src/Centreon/Infrastructure/HostConfiguration/Repository/HostConfigurationRepositoryRDB.php

@@ -779,7 +779,7 @@ public function updateHost(Host $host): void
             $statement->bindValue(':ip_address', $host->getIpAddress(), \PDO::PARAM_STR);
             $statement->bindValue(':comment', $host->getComment(), \PDO::PARAM_STR);
             $statement->bindValue(':geo_coords', $host->getGeoCoords(), \PDO::PARAM_STR);
-            $statement->bindValue(':is_activate', $host->isActivated(), \PDO::PARAM_STR);
+            $statement->bindValue(':is_activate', $host->isActivated() ? '1' : '0', \PDO::PARAM_STR);
             $statement->bindValue(':host_register', '1', \PDO::PARAM_STR);
             $statement->bindValue(':active_check_status', Host::OPTION_DEFAULT, \PDO::PARAM_STR);
             $statement->bindValue(':passive_check_status', Host::OPTION_DEFAULT, \PDO::PARAM_STR);

src/Centreon/ServiceProvider.php

@@ -34,7 +34,6 @@
 use Centreon\Infrastructure\Service\CentreonDBManagerService;
 use Centreon\Domain\Service\I18nService;
 use Centreon\Domain\Service\FrontendComponentService;
-use Centreon\Domain\Service\AppKeyGeneratorService;
 use Centreon\Domain\Service\BrokerConfigurationService;
 use Centreon\Domain\Repository\CfgCentreonBrokerRepository;
 use Centreon\Domain\Repository\CfgCentreonBrokerInfoRepository;
@@ -171,12 +170,6 @@ public function register(Container $pimple): void
             return $_SESSION['centreon']->user; // @codeCoverageIgnoreEnd
         };
 
-        $pimple['centreon.keygen'] = function (): AppKeyGeneratorService {
-            $service = new AppKeyGeneratorService();
-
-            return $service;
-        };
-
         $pimple[static::CENTREON_ACL] = function (Container $container): CentreonACL {
             $service = new CentreonACL($container);
 

src/Centreon/Tests/Domain/Repository/TopologyRepositoryTest.php

@@ -52,7 +52,7 @@ protected function setUp(): void
                 . "FROM acl_topology_relations, acl_topology "
                 . "WHERE acl_topology.acl_topo_activate = '1' "
                 . "AND acl_topology.acl_topo_id = acl_topology_relations.acl_topo_id "
-                . "AND acl_topology_relations.acl_topo_id = '1' ",
+                . "AND acl_topology_relations.acl_topo_id = :acl_topo_id ",
                 'data' => [
                     [
                         'topology_topology_id' => 1,

src/Centreon/Tests/ServiceProviderTest.php

@@ -83,7 +83,6 @@ public function testCheckServicesByList()
             ServiceProvider::CENTREON_DB_MANAGER => Service\CentreonDBManagerService::class,
             ServiceProvider::UPLOAD_MANGER => Service\UploadFileService::class,
             ServiceProvider::CENTREON_PAGINATION => Service\CentreonPaginationService::class,
-            'centreon.keygen' => Domain\Service\AppKeyGeneratorService::class,
             'centreon.acl' => CentreonACL::class,
             'centreon.config' => Service\CentcoreConfigService::class,
             ServiceProvider::CENTREON_BROKER_CONFIGURATION_SERVICE => Domain\Service\BrokerConfigurationService::class,

src/CentreonRemote/Domain/Service/TaskService.php

@@ -31,11 +31,6 @@
 
 class TaskService
 {
-    /**
-     * @var KeyGeneratorInterface
-     */
-    private $gen;
-
     /**
      * @var CentreonDBManagerService
      */
@@ -101,15 +96,12 @@ public function getCentreonRestHttp(): \CentreonRestHttp
 
     /**
      * TaskService constructor
-     * @param KeyGeneratorInterface $generator
      * @param CentreonDBManagerService $dbManager
      */
     public function __construct(
-        KeyGeneratorInterface $generator,
         CentreonDBManagerService $dbManager,
         CentcoreCommandService $cmdService
     ) {
-        $this->gen = $generator;
         $this->dbManager = $dbManager;
         $this->cmdService = $cmdService;
     }

src/CentreonRemote/ServiceProvider.php

@@ -23,7 +23,6 @@
 
 use Pimple\Container;
 use Pimple\Psr11\ServiceLocator;
-use Centreon\Domain\Service\AppKeyGeneratorService;
 use Centreon\Infrastructure\Provider\AutoloadServiceProviderInterface;
 use Centreon\Infrastructure\Service\CentcoreCommandService;
 use CentreonRemote\Application\Webservice;
@@ -85,7 +84,6 @@ function (array $cc, Container $pimple) {
 
         $pimple[static::CENTREON_TASKSERVICE] = function (Container $pimple): TaskService {
             $service = new TaskService(
-                new AppKeyGeneratorService(),
                 $pimple[\Centreon\ServiceProvider::CENTREON_DB_MANAGER],
                 new CentcoreCommandService()
             );

src/Core/Security/Application/ProviderConfiguration/OpenId/UseCase/UpdateOpenIdConfiguration/UpdateOpenIdConfiguration.php

@@ -154,6 +154,11 @@ private function createAuthorizationRules(array $authorizationRulesFromRequest):
     {
         $this->info('Creating Authorization Rules');
         $accessGroupIds = $this->getAccessGroupIds($authorizationRulesFromRequest);
+
+        if (empty($accessGroupIds)) {
+            return [];
+        }
+
         $foundAccessGroups = $this->accessGroupRepository->findByIds($accessGroupIds);
 
         $this->logNonExistentAccessGroupsIds($accessGroupIds, $foundAccessGroups);
@@ -241,12 +246,10 @@ private function updateConfiguration(Configuration $configuration): void
             }
             $this->info('Updating OpenID Configuration');
             $this->repository->updateConfiguration($configuration);
-            if (! empty($configuration->getAuthorizationRules())) {
-                $this->info('Removing existent Authorization Rules');
-                $this->repository->deleteAuthorizationRules();
-                $this->info('Inserting new Authorization Rules');
-                $this->repository->insertAuthorizationRules($configuration->getAuthorizationRules());
-            }
+            $this->info('Removing existent Authorization Rules');
+            $this->repository->deleteAuthorizationRules();
+            $this->info('Inserting new Authorization Rules');
+            $this->repository->insertAuthorizationRules($configuration->getAuthorizationRules());
             if (! $isAlreadyInTransaction) {
                 $this->dataStorageEngine->commitTransaction();
             }

src/Core/Security/Application/UseCase/LoginOpenIdSession/LoginOpenIdSession.php

@@ -109,7 +109,8 @@ public function __invoke(LoginOpenIdSessionRequest $request, LoginOpenIdSessionP
                 'contact_location' => (string) $user->getTimezoneId(),
                 'show_deprecated_pages' => $user->isUsingDeprecatedPages(),
                 'reach_api' => $user->hasAccessToApiConfiguration() ? 1 : 0,
-                'reach_api_rt' => $user->hasAccessToApiRealTime() ? 1 : 0
+                'reach_api_rt' => $user->hasAccessToApiRealTime() ? 1 : 0,
+                'contact_theme' => $user->getTheme() ?? 'light'
             ];
             $this->provider->setLegacySession(new \Centreon($sessionUserInfos));
             $this->startLegacySession($this->provider->getLegacySession());

src/EventSubscriber/WebSSOEventSubscriber.php

@@ -252,10 +252,11 @@ private function createSession(Contact $user, Request $request): void
             'contact_autologin_key' => '',
             'contact_admin' => $user->isAdmin() ? '1' : '0',
             'default_page' => $user->getDefaultPage(),
-            'contact_location' => $user->getLocale(),
+            'contact_location' => (string) $user->getTimezoneId(),
             'show_deprecated_pages' => $user->isUsingDeprecatedPages(),
             'reach_api' => $user->hasAccessToApiConfiguration() ? 1 : 0,
-            'reach_api_rt' => $user->hasAccessToApiRealTime() ? 1 : 0
+            'reach_api_rt' => $user->hasAccessToApiRealTime() ? 1 : 0,
+            'contact_theme' => $user->getTheme() ?? 'light'
         ];
         $centreonSession = new \Centreon($sessionUserInfos);
         $request->getSession()->start();

www/class/centreon-clapi/centreon.Config.Poller.class.php

@@ -40,7 +40,6 @@
 use Centreon\Domain\Entity\Task;
 use CentreonRemote\ServiceProvider;
 use CentreonRemote\Domain\Service\TaskService;
-use Centreon\Domain\Service\AppKeyGeneratorService;
 use Centreon\Infrastructure\Service\CentcoreCommandService;
 use Centreon\Infrastructure\Service\CentreonDBManagerService;
 use Core\Domain\Engine\Model\EngineCommandGenerator;

www/class/centreon-clapi/centreonAPI.class.php

@@ -107,7 +107,7 @@ public function __construct(
             $this->login = htmlentities($user, ENT_QUOTES);
         }
         if (isset($password)) {
-            $this->password = htmlentities($password, ENT_QUOTES);
+            $this->password = filter_var($password, FILTER_SANITIZE_STRING);
         }
         if (isset($action)) {
             $this->action = htmlentities(strtoupper($action), ENT_QUOTES);

www/class/centreon-clapi/centreonHostGroup.class.php

@@ -174,6 +174,7 @@ public function getparam($parameters = null)
             $listParam = explode('|', $params[1]);
             $exportedFields = [];
             $resultString = "";
+            $paramString = "";
             foreach ($listParam as $paramSearch) {
                 if (!$paramString) {
                     $paramString = $paramSearch;
@@ -257,20 +258,24 @@ public function initUpdateParameters($parameters = null)
     public function getIdIcon($path)
     {
         $iconData = explode('/', $path);
-        $query = 'SELECT dir_id FROM view_img_dir WHERE dir_name = "' . $iconData[0] . '"';
-        $res = $this->db->query($query);
-        $row = $res->fetch();
+        $dirStatement = $this->db->prepare("SELECT dir_id FROM view_img_dir WHERE dir_name = :IconData");
+        $dirStatement->bindValue(':IconData', $iconData[0], \PDO::PARAM_STR);
+        $dirStatement->execute();
+        $row = $dirStatement->fetch();
         $dirId = $row['dir_id'];
 
-        $query = 'SELECT img_id FROM view_img WHERE img_path = "' . $iconData[1] . '"';
-        $res = $this->db->query($query);
-        $row = $res->fetch();
+        $imgStatement = $this->db->prepare("SELECT img_id FROM view_img WHERE img_path = :iconData");
+        $imgStatement->bindValue(':iconData', $iconData[1], \PDO::PARAM_STR);
+        $imgStatement->execute();
+        $row = $imgStatement->fetch();
         $iconId = $row['img_id'];
 
-        $query = 'SELECT vidr_id FROM view_img_dir_relation ' .
-            'WHERE dir_dir_parent_id = ' . $dirId . ' AND img_img_id = ' . $iconId;
-        $res = $this->db->query($query);
-        $row = $res->fetch();
+        $vidrStatement = $this->db->prepare("SELECT vidr_id FROM view_img_dir_relation " .
+            "WHERE dir_dir_parent_id = :dirId AND img_img_id = :iconId");
+        $vidrStatement->bindValue(':dirId', (int) $dirId, \PDO::PARAM_INT);
+        $vidrStatement->bindValue(':iconId', (int) $iconId, \PDO::PARAM_INT);
+        $vidrStatement->execute();
+        $row = $vidrStatement->fetch();
         return $row['vidr_id'];
     }
 

www/class/centreon-clapi/centreonLDAP.class.php

@@ -184,10 +184,12 @@ public function showserver($arName = null)
         }
         $sql = "SELECT ldap_host_id, host_address, host_port, use_ssl, use_tls, host_order
                 FROM auth_ressource_host
-                WHERE auth_ressource_id = " . $arId . "
+                WHERE auth_ressource_id = :auth_ressource_id 
                 ORDER BY host_order";
-        $res = $this->db->query($sql);
-        $row = $res->fetchAll();
+        $statement = $this->db->prepare($sql);
+        $statement->bindValue(':auth_ressource_id', (int) $arId, \PDO::PARAM_INT);
+        $statement->execute();
+        $row = $statement->fetchAll(\PDO::FETCH_ASSOC);
         echo "id;address;port;ssl;tls;order\n";
         foreach ($row as $srv) {
             echo $srv['ldap_host_id'] . $this->delim .

www/class/centreon-clapi/centreonService.class.php

@@ -1584,12 +1584,12 @@ public function getCustomMacroInDb($serviceId = null, $template = null)
         $arr = array();
         $i = 0;
         if ($serviceId) {
-            $res = $this->db->query("SELECT svc_macro_name, svc_macro_value, is_password, description
-                                FROM on_demand_macro_service
-                                WHERE svc_svc_id = " .
-                $serviceId . "
-                                ORDER BY macro_order ASC");
-            while ($row = $res->fetch()) {
+            $statement = $this->db->prepare("SELECT svc_macro_name, svc_macro_value, is_password, description " .
+                "FROM on_demand_macro_service " .
+                "WHERE svc_svc_id = :serviceId ORDER BY macro_order ASC");
+            $statement->bindValue(':serviceId', (int) $serviceId, \PDO::PARAM_INT);
+            $statement->execute();
+            while ($row = $statement->fetch()) {
                 if (preg_match('/\$_SERVICE(.*)\$$/', $row['svc_macro_name'], $matches)) {
                     $arr[$i]['svc_macro_name'] = $matches[1];
                     $arr[$i]['svc_macro_value'] = $row['svc_macro_value'];

www/class/centreon-knowledge/procedures.class.php

@@ -139,13 +139,15 @@ public function getMyHostMultipleTemplateModels($host_id = null)
             "WHERE host_host_id = '" . $host_id . "' " .
             "ORDER BY `order`"
         );
+        $statement = $this->centreon_DB->prepare(
+            "SELECT host_name " .
+            "FROM host " .
+            "WHERE host_id = :host_id LIMIT 1"
+        );
         while ($row = $dbResult->fetch()) {
-            $dbResult2 = $this->centreon_DB->query(
-                "SELECT host_name " .
-                "FROM host " .
-                "WHERE host_id = '" . $row['host_tpl_id'] . "' LIMIT 1"
-            );
-            $hTpl = $dbResult2->fetch();
+            $statement->bindValue(':host_id', $row['host_tpl_id'], \PDO::PARAM_INT);
+            $statement->execute();
+            $hTpl = $statement->fetch(\PDO::FETCH_ASSOC);
             $tplArr[$row['host_tpl_id']] = html_entity_decode($hTpl["host_name"], ENT_QUOTES);
         }
         unset($row);