Merge pull request #2979 from f0o/sanity

[WIP] Sanity!

alerts.php

@@ -182,7 +182,7 @@ function RunFollowUp() {
         }
 
         $alert['details'] = json_decode(gzuncompress($alert['details']), true);
-        $rextra           = json_decode($alert['extra'], true);
+        $rextra           = json_decode(htmlspecialchars_decode($alert['extra']), true);
         if ($rextra['invert']) {
             continue;
         }
@@ -237,7 +237,7 @@ function RunAlerts() {
         $noiss            = false;
         $noacc            = false;
         $updet            = false;
-        $rextra           = json_decode($alert['extra'], true);
+        $rextra           = json_decode(htmlspecialchars_decode($alert['extra']), true);
         $chk              = dbFetchRow('SELECT alerts.alerted,devices.ignore,devices.disabled FROM alerts,devices WHERE alerts.device_id = ? && devices.device_id = alerts.device_id && alerts.rule_id = ?', array($alert['device_id'], $alert['rule_id']));
         if ($chk['alerted'] == $alert['state']) {
             $noiss = true;

html/ajax_dash.php

@@ -39,7 +39,7 @@
     $title             = ucfirst($type);
     $unique_id         = str_replace(array("-","."),"_",uniqid($type,true));
     $widget_id         = mres($_POST['id']);
-    $widget_settings   = json_decode(dbFetchCell('select settings from users_widgets where user_widget_id = ?',array($widget_id)),true);
+    $widget_settings   = json_decode(htmlspecialchars_decode(dbFetchCell('select settings from users_widgets where user_widget_id = ?',array($widget_id))),true);
     $widget_dimensions = $_POST['dimensions'];
     if( !empty($_POST['settings']) ) {
         define('show_settings',true);

html/includes/dev-overview-data.inc.php

@@ -68,14 +68,14 @@
         <td>Contact</td>';
     if (get_dev_attrib($device, 'override_sysContact_bool')) {
         echo '
-        <td>'.htmlspecialchars(get_dev_attrib($device, 'override_sysContact_string')).'</td>
+        <td>'.get_dev_attrib($device, 'override_sysContact_string').'</td>
       </tr>
       <tr>
         <td>SNMP Contact</td>';
     }
 
     echo '
-        <td>'.htmlspecialchars($device['sysContact']).'</td>
+        <td>'.$device['sysContact'].'</td>
       </tr>';
 }
 

html/includes/print-alert-rules.php

@@ -205,7 +205,7 @@
         echo '<strong><em>Inverted</em></strong> ';
     }
 
-    echo '<i>'.htmlentities($rule['rule']).'</i></td>';
+    echo '<i>'.$rule['rule'].'</i></td>';
     echo '<td>'.$rule['severity'].'</td>';
     echo "<td><span id='alert-rule-".$rule['id']."' class='glyphicon glyphicon-".$ico.' glyphicon-large text-'.$col."'></span> ";
     if ($rule_extra['mute'] === true) {

html/includes/print-alerts.inc.php

@@ -15,7 +15,7 @@
         </td>';
 }
 
-echo '<td>'.htmlspecialchars($alert_entry['name']).'</td>';
+echo '<td>'.$alert_entry['name'].'</td>';
 
 if ($alert_state != '') {
     if ($alert_state == '0') {

html/includes/print-event-short.inc.php

@@ -25,6 +25,6 @@
     $entry['link'] = '<b>'.generate_port_link(getifbyid($entry['reference'])).'</b>';
 }
 
-  echo $entry['link'].' '.htmlspecialchars($entry['message']).'</td>
+  echo $entry['link'].' '.$entry['message'].'</td>
   <td></td>
 </tr>';

html/includes/print-event.inc.php

@@ -31,5 +31,5 @@
 
 echo '<td>'.$entry['link'].'</td>';
 
-echo '<td>'.htmlspecialchars($entry['message']).'</td>
+echo '<td>'.$entry['message'].'</td>
 </tr>';

html/includes/print-syslog.inc.php

@@ -8,10 +8,10 @@
     if ($vars['page'] != 'device') {
         $syslog_output .= '<td>'.$entry['date'].'</td>
                         <td><strong>'.generate_device_link($entry).'</strong></td>
-                        <td><strong>'.$entry['program'].' : </strong> '.htmlspecialchars($entry['msg']).'</td>';
+                        <td><strong>'.$entry['program'].' : </strong> '.$entry['msg'].'</td>';
     }
     else {
-        $syslog_output .= '<td><i>'.$entry['date'].'</i>&nbsp;&nbsp;&nbsp;<strong>'.$entry['program'].'</strong>&nbsp;&nbsp;&nbsp;'.htmlspecialchars($entry['msg']).'</td>';
+        $syslog_output .= '<td><i>'.$entry['date'].'</i>&nbsp;&nbsp;&nbsp;<strong>'.$entry['program'].'</strong>&nbsp;&nbsp;&nbsp;'.$entry['msg'].'</td>';
     }
 
     $syslog_output .= '</tr>';

html/includes/reports/alert-log.pdf.inc.php

@@ -66,7 +66,7 @@
         $data[] = array(
             $alert_entry['time_logged'],
             $hostname,
-            htmlspecialchars($alert_entry['name']),
+            $alert_entry['name'],
             $text,
         );
     }//end if

html/includes/table/alertlog.inc.php

@@ -77,7 +77,7 @@
         'time_logged' => $alertlog['humandate'],
         'details'     => '<a class="glyphicon glyphicon-plus incident-toggle" style="display:none" data-toggle="collapse" data-target="#incident'.($rulei).'" data-parent="#alerts"></a>',
         'hostname'    => '<div class="incident">'.generate_device_link($dev, shorthost($dev['hostname'])).'<div id="incident'.($rulei).'" class="collapse">'.$fault_detail.'</div></div>',
-        'alert'       => htmlspecialchars($alertlog['alert']),
+        'alert'       => $alertlog['alert'],
         'status'      => "<b><span class='glyphicon glyphicon-".$glyph_icon."' style='color:".$glyph_color."'></span> $text</b>",
     );
 }//end foreach

html/includes/table/eventlog.inc.php

@@ -66,7 +66,7 @@
         'datetime' => $eventlog['humandate'],
         'hostname' => generate_device_link($dev, shorthost($dev['hostname'])),
         'type'     => $type,
-        'message'  => htmlspecialchars($eventlog['message']),
+        'message'  => $eventlog['message'],
     );
 }
 

html/includes/table/syslog.inc.php

@@ -66,7 +66,7 @@
         'timestamp' => $syslog['date'],
         'device_id' => generate_device_link($dev, shorthost($dev['hostname'])),
         'program'   => $syslog['program'],
-        'msg'       => htmlspecialchars($syslog['msg']),
+        'msg'       => $syslog['msg'],
     );
 }
 

html/includes/vars.inc.php

@@ -43,3 +43,6 @@
 foreach ($_POST as $name => $value) {
     $vars[$name] = $value;
 }
+
+array_walk_recursive($vars,'sanitize_array');
+reset($vars);

html/index.php

@@ -214,14 +214,6 @@ function popUp(URL)
     <div class="col-md-12">
 <?php
 
-// To help debug the new URLs :)
-if (isset($devel) || isset($vars['devel'])) {
-    echo("<pre>");
-    print_r($_GET);
-    print_r($vars);
-    echo("</pre>");
-}
-
 if ($_SESSION['authenticated']) {
     // Authenticated. Print a page.
     if (isset($vars['page']) && !strstr("..", $vars['page']) &&  is_file("pages/" . $vars['page'] . ".inc.php")) {

html/pages/adduser.inc.php

@@ -27,7 +27,7 @@
 
                     // FIXME: missing email field here on the form
                     if (adduser($_POST['new_username'], $_POST['new_password'], $_POST['new_level'], $_POST['new_email'], $_POST['new_realname'], $_POST['can_modify_passwd'])) {
-                        echo '<span class=info>User '.$_POST['username'].' added!</span>';
+                        echo '<span class=info>User '.$vars['username'].' added!</span>';
                     }
                 }
                 else {

html/pages/alert-log.inc.php

@@ -51,7 +51,7 @@
     $device_id = getidbyname($hostname);
     if (device_permitted($device_id)) {
         echo '"<option value=\"'.$device_id.'\""+';
-        if (getidbyname($hostname) == $_POST['device_id']) {
+        if (getidbyname($hostname) == $vars['device_id']) {
             echo '" selected "+';
         }
 
@@ -69,7 +69,7 @@
     {
         return {
             id: "alertlog",
-            device_id: '<?php echo htmlspecialchars($_POST['device_id']); ?>'
+            device_id: '<?php echo $vars['device_id']; ?>'
         };
     },
     url: "ajax_table.php"
@@ -81,7 +81,7 @@
     max = high - low;
     search = $('.search-field').val();
 
-    $(".pdf-export").html("<a href='pdf.php?report=alert-log&device_id=<?php echo $_POST['device_id']; ?>&string="+search+"&results="+max+"&start="+low+"'><img src='images/16/pdf.png' width='16' height='16' alt='Export to pdf'> Export to pdf</a>");
+    $(".pdf-export").html("<a href='pdf.php?report=alert-log&device_id=<?php echo $vars['device_id']; ?>&string="+search+"&results="+max+"&start="+low+"'><img src='images/16/pdf.png' width='16' height='16' alt='Export to pdf'> Export to pdf</a>");
 
     grid.find(".incident-toggle").each( function() {
       $(this).parent().addClass('incident-toggle-td');

html/pages/api-access.inc.php

@@ -13,8 +13,8 @@
  */
 
 if ($_SESSION['userlevel'] >= '10') {
-if (empty($_POST['token'])) {
-    $_POST['token'] = bin2hex(openssl_random_pseudo_bytes(16));
+if (empty($vars['token'])) {
+    $vars['token'] = bin2hex(openssl_random_pseudo_bytes(16));
 }
 
 ?>
@@ -65,15 +65,15 @@
             <div class="form-group">
               <label for="token" class="col-sm-2 control-label">Token: </label>
               <div class="col-sm-8">
-                <input type="text" class="form-control" id="token" name="token" value="<?php echo $_POST['token']; ?>" readonly>
+                <input type="text" class="form-control" id="token" name="token" value="<?php echo $vars['token']; ?>" readonly>
               </div>
               <div class="col-sm-2">
               </div>
             </div>
             <div class="form-group">
               <label for="description" class="col-sm-2 control-label">Descr: </label>
               <div class="col-sm-10">
-                <input type="text" class="form-control" id="description" name="description" value="<?php echo $_POST['description']; ?>">
+                <input type="text" class="form-control" id="description" name="description" value="<?php echo $vars['description']; ?>">
               </div>
             </div>
         </div>

html/pages/bills/search.inc.php

@@ -9,7 +9,7 @@
     Bills
   </div>
   <div class="form-group">
-    <input type="text" name="hostname" id="hostname" class="form-control input-sm" value="<?php echo $_POST['hostname']; ?>" />
+    <input type="text" name="hostname" id="hostname" class="form-control input-sm" value="<?php echo $vars['hostname']; ?>" />
   </div>
   <div class="form-group">
     <select name='os' id='os' class="form-control input-sm">

html/pages/delhost.inc.php

@@ -12,16 +12,16 @@
 }
 else {
 
-    if (is_numeric($_REQUEST['id'])) {
+    if (is_numeric($vars['id'])) {
         echo('
             <div class="row">
             <div class="col-sm-offset-2 col-sm-7">
             ');
-        if ($_REQUEST['confirm']) {
-            print_message(nl2br(delete_device(mres($_REQUEST['id'])))."\n");
+        if ($vars['confirm']) {
+            print_message(nl2br(delete_device(mres($vars['id'])))."\n");
         }
         else {
-            $device = device_by_id_cache($_REQUEST['id']);
+            $device = device_by_id_cache($vars['id']);
             print_error("Are you sure you want to delete device " . $device['hostname'] . "?");
 ?>
 <br />
@@ -30,9 +30,9 @@
   <br>
   <form name="form1" method="post" action="" class="form-horizontal" role="form">
     <div class="form-group">
-      <input type="hidden" name="id" value="<?php echo $_REQUEST['id'] ?>" />
+      <input type="hidden" name="id" value="<?php echo $vars['id'] ?>" />
       <input type="hidden" name="confirm" value="1" />
-      <!--<input type="hidden" name="remove_rrd" value="<?php echo $_POST['remove_rrd']; ?>">-->
+      <!--<input type="hidden" name="remove_rrd" value="<?php echo $vars['remove_rrd']; ?>">-->
       <button type="submit" class="btn btn-danger">Confirm host deletion</button>
     </div>
   </form>

html/pages/device/edit.inc.php

@@ -58,7 +58,7 @@
 
     echo(generate_link($text,$link_array,array('section'=>$type)));
 
-#    echo("<a href='device/".$device['device_id']."/edit/" . $type . ($_GET['optd'] ? "/" . $_GET['optd'] : ''). "/'> " . $text ."</a>");
+#    echo("<a href='device/".$device['device_id']."/edit/" . $type . ($vars['optd'] ? "/" . $vars['optd'] : ''). "/'> " . $text ."</a>");
     if ($vars['section'] == $type) {
         echo("</span>");
     }

html/pages/device/logs/eventlog.inc.php

@@ -2,7 +2,7 @@
 <form method="post" action="">
   <div class="row">
     <div class="col-md-4">
-      <input type="text" name="string" placeholder="Search" class="form-control" id="string" value="<?php echo $_POST['string']; ?>" required/>
+      <input type="text" name="string" placeholder="Search" class="form-control" id="string" value="<?php echo $vars['string']; ?>" required/>
     </div>
     <div class="col-md-4">
         <select name="type" class="form-control" id="type">

html/pages/device/logs/syslog.inc.php

@@ -3,7 +3,7 @@
 
   <form method="post" action="">
   <label><strong>Search</strong>
-    <input type="text" name="string" id="string" value="<?php echo $_POST['string']; ?>" />
+    <input type="text" name="string" id="string" value="<?php echo $vars['string']; ?>" />
   </label>
   <label>
     <strong>Program</strong>

html/pages/devices.inc.php

@@ -466,7 +466,7 @@
         return {
             id: "devices",
             format: '<?php echo mres($vars['format']); ?>',
-            hostname: '<?php echo htmlspecialchars($vars['hostname']); ?>',
+            hostname: '<?php echo mres($vars['hostname']); ?>',
             os: '<?php echo mres($vars['os']); ?>',
             version: '<?php echo mres($vars['version']); ?>',
             hardware: '<?php echo mres($vars['hardware']); ?>',

html/pages/inventory.inc.php

@@ -29,7 +29,7 @@
         header: "<div id=\"{{ctx.id}}\" class=\"{{css.header}}\"><div class=\"row\">"+
                 "<div class=\"col-sm-9 actionBar\"><span class=\"pull-left\"><form method=\"post\" action=\"\" class=\"form-inline\" role=\"form\">"+
                 "<div class=\"form-group\">"+
-                "<input type=\"text\" name=\"string\" id=\"string\" value=\"<?php echo $_POST['string']; ?>\" placeholder=\"Description\" class=\"form-control input-sm\" />"+
+                "<input type=\"text\" name=\"string\" id=\"string\" value=\"<?php echo $vars['string']; ?>\" placeholder=\"Description\" class=\"form-control input-sm\" />"+
                 "</div>"+
                 "<div class=\"form-group\">"+
                 "<strong>&nbsp;Part No&nbsp;</strong>"+
@@ -48,7 +48,7 @@
                  "</select>"+
                  "</div>"+
                  "<div class=\"form-group\">"+
-                 "<input type=\"text\" name=\"serial\" id=\"serial\" value=\"<?php echo $_POST['serial']; ?>\" placeholder=\"Serial\" class=\"form-control input-sm\"/>"+
+                 "<input type=\"text\" name=\"serial\" id=\"serial\" value=\"<?php echo $vars['serial']; ?>\" placeholder=\"Serial\" class=\"form-control input-sm\"/>"+
                  "</div>"+
                  "<div class=\"form-group\">"+
                  "<strong>&nbsp;Device&nbsp;</strong>"+
@@ -72,7 +72,7 @@
                  "<input type=\"text\" size=24 name=\"device_string\" id=\"device_string\" value=\""+
                     <?php
                     if ($_POST['device_string']) {
-                        echo $_POST['device_string'];
+                        echo $vars['device_string'];
                     };
 ?>
                  "\" placeholder=\"Description\" class=\"form-control input-sm\"/>"+
@@ -85,11 +85,11 @@
     {
         return {
             id: "inventory",
-            device: '<?php echo htmlspecialchars($_POST['device']); ?>',
-            string: '<?php echo mres($_POST['string']); ?>',
-            device_string: '<?php echo mres($_POST['device_string']); ?>',
-            part: '<?php echo mres($_POST['part']); ?>',
-            serial: '<?php echo mres($_POST['serial']); ?>'
+            device: '<?php echo $vars['device']; ?>',
+            string: '<?php echo $vars['string']; ?>',
+            device_string: '<?php echo $vars['device_string']; ?>',
+            part: '<?php echo $vars['part']; ?>',
+            serial: '<?php echo $vars['serial']; ?>'
         };
     },
     url: "ajax_table.php"