From 5533657396e7990b8616506bd0ab82d01c2c863f Mon Sep 17 00:00:00 2001
From: Yannick Charton <tontonitch-pro@yahoo.fr>
Date: Fri, 13 Jan 2012 08:56:31 +0800
Subject: [PATCH 1/2] fixing the backslash interpretation in case it is
 followed by a quote

---
 include/ajax/json/history.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/include/ajax/json/history.php b/include/ajax/json/history.php
index 4626d28..148b8e9 100644
--- a/include/ajax/json/history.php
+++ b/include/ajax/json/history.php
@@ -141,6 +141,7 @@
 }
 $sOutput = substr_replace( $sOutput, "", -1 );
 $sOutput .= '] }';
+$sOutput = str_replace("\\'", "\\\\'", $sOutput);
 
 echo $sOutput;
 

From c3a47849bc90a1dcad0d0b382684befc22a7a69f Mon Sep 17 00:00:00 2001
From: Fabian Gander <gander@jumps.ch>
Date: Thu, 22 Mar 2012 22:43:10 +0100
Subject: [PATCH 2/2] fixing the json problem under some special circumstances
 Now using php's json_encode function or filter out some backslashed to give a
 correct json formated data

---
 include/ajax/json/history.php | 132 ++++++++++++++++++++++++----------
 1 file changed, 94 insertions(+), 38 deletions(-)

diff --git a/include/ajax/json/history.php b/include/ajax/json/history.php
index 148b8e9..d54a367 100644
--- a/include/ajax/json/history.php
+++ b/include/ajax/json/history.php
@@ -7,14 +7,12 @@
     # Get History of a Item
     $basic_query = ' fk_id_item='.$_GET["id"].'
                 AND action <> "edited"';
-//            ORDER BY timestamp DESC, id_hist DESC';
 
     $show_item_links = FALSE;
 
 }else{
     $show_item_links = TRUE;
     # Show all entries but still with sql filters (basic history entries, no details about services)
-        //'SELECT SQL_CALC_FOUND_ROWS * FROM History WHERE'
     $basic_query = 
               ' (action="created"'
             . ' OR action="removed"'
@@ -103,47 +101,105 @@
 $aResultTotal = mysql_fetch_array($rResultTotal);
 $iTotal = $aResultTotal[0];
 
-$sOutput = '{';
-$sOutput .= '"sEcho": '.intval($_GET['sEcho']).', ';
-$sOutput .= '"iTotalRecords": '.$iTotal.', ';
-$sOutput .= '"iTotalDisplayRecords": '.$iFilteredTotal.', ';
-$sOutput .= '"aaData": [ ';
-while ( $aRow = mysql_fetch_array( $rResult ) )
-{
-    # do some stuff bevore generating output
 
-    # if object name contains password, and PASSWD_DISPLAY is 0 (made in called function), do not show password
-    if ( stristr($aRow["attr_name"], "password") ){
-        $aRow["attr_value"] = show_password($aRow["attr_value"]);
+if (function_exists("json_encoded")){
+    // If json_ecode we use the php function to encode the array
+    // as example code from DataTables
+    
+    $aColumns = array( 'timestamp', 'user_str', 'action', 'attr_name', 'attr_value', 'id_hist' );
+    
+    $output = array(
+        "sEcho" => intval($_GET['sEcho']),
+        "iTotalRecords" => $iTotal,
+        "iTotalDisplayRecords" => $iFilteredTotal,
+        "aaData" => array()
+    );
+     
+    while ( $aRow = mysql_fetch_array( $rResult ) )
+    {
+        $row = array();
+        for ( $i=0 ; $i<count($aColumns) ; $i++ )
+        {
+            if ( $aColumns[$i] == "version" )
+            {
+                $row[] = ($aRow[ $aColumns[$i] ]=="0") ? '-' : $aRow[ $aColumns[$i] ];
+            }
+            else if ( $aColumns[$i] != ' ' )
+            {
+                $row[] = $aRow[ $aColumns[$i] ];
+            }
+        }
+        # do some stuff bevore generating output
+
+        # if object name contains password, and PASSWD_DISPLAY is 0 (made in called function), do not show password
+        if ( stristr($aRow["attr_name"], "password") ){
+            $aRow["attr_value"] = show_password($aRow["attr_value"]);
+        }
+        # item linking
+        if ( !empty($aRow["fk_id_item"]) AND $show_item_links ){
+            if ($aRow["action"] == "removed" AND $aRow["attr_name"] == "service"){
+                # removed services will link to hosts service list view
+                $aRow['attr_value'] = '<a href="modify_item_service.php?id='.$aRow["fk_id_item"].'">'.$aRow["attr_value"].'</a>';
+            }else{
+                # all other entries will link to its detail view
+                $aRow['attr_value'] = '<a href="detail.php?id='.$aRow["fk_id_item"].'">'.$aRow["attr_value"].'</a>';
+            }
+        }else{
+            # entries which are removed, do not have any link
+        }
+        $output['aaData'][] = $row;
     }
-    # item linking
-    if ( !empty($aRow["fk_id_item"]) AND $show_item_links ){
-        if ($aRow["action"] == "removed" AND $aRow["attr_name"] == "service"){
-            # removed services will link to hosts service list view
-            $aRow['attr_value'] = '<a href="modify_item_service.php?id='.$aRow["fk_id_item"].'">'.$aRow["attr_value"].'</a>';
+     
+    echo json_encode( $output );
+    
+}else{
+    // else we have a manual process to create JSON data
+    $sOutput = '{';
+    $sOutput .= '"sEcho": '.intval($_GET['sEcho']).', ';
+    $sOutput .= '"iTotalRecords": '.$iTotal.', ';
+    $sOutput .= '"iTotalDisplayRecords": '.$iFilteredTotal.', ';
+    $sOutput .= '"aaData": [ ';
+    
+    
+    while ( $aRow = mysql_fetch_array( $rResult ) )
+    {
+        # do some stuff bevore generating output
+    
+        # if object name contains password, and PASSWD_DISPLAY is 0 (made in called function), do not show password
+        if ( stristr($aRow["attr_name"], "password") ){
+            $aRow["attr_value"] = show_password($aRow["attr_value"]);
+        }
+        # item linking
+        if ( !empty($aRow["fk_id_item"]) AND $show_item_links ){
+            if ($aRow["action"] == "removed" AND $aRow["attr_name"] == "service"){
+                # removed services will link to hosts service list view
+                $aRow['attr_value'] = '<a href="modify_item_service.php?id='.$aRow["fk_id_item"].'">'.$aRow["attr_value"].'</a>';
+            }else{
+                # all other entries will link to its detail view
+                $aRow['attr_value'] = '<a href="detail.php?id='.$aRow["fk_id_item"].'">'.$aRow["attr_value"].'</a>';
+            }
         }else{
-            # all other entries will link to its detail view
-            $aRow['attr_value'] = '<a href="detail.php?id='.$aRow["fk_id_item"].'">'.$aRow["attr_value"].'</a>';
+            # entries which are removed, do not have any link
         }
-    }else{
-        # entries which are removed, do not have any link
+    
+        # create output (JSON)
+        $sOutput .= "[";
+        $sOutput .= '"'.addslashes($aRow['timestamp']).'",';
+        $sOutput .= '"'.addslashes($aRow['user_str']).'",';
+        $sOutput .= '"'.addslashes($aRow['action']).'",';
+        $sOutput .= '"'.addslashes($aRow['attr_name']).'",';
+        $sOutput .= '"'.addslashes($aRow['attr_value']).'",';
+        $sOutput .= '"'.addslashes($aRow['id_hist']).'"';
+        $sOutput .= "],";
     }
-
-    # create output (JSON)
-    $sOutput .= "[";
-    $sOutput .= '"'.addslashes($aRow['timestamp']).'",';
-    $sOutput .= '"'.addslashes($aRow['user_str']).'",';
-    $sOutput .= '"'.addslashes($aRow['action']).'",';
-    $sOutput .= '"'.addslashes($aRow['attr_name']).'",';
-    $sOutput .= '"'.addslashes($aRow['attr_value']).'",';
-    $sOutput .= '"'.addslashes($aRow['id_hist']).'"';
-    $sOutput .= "],";
+    
+    $sOutput = substr_replace( $sOutput, "", -1 );
+    $sOutput .= '] }';
+    // This should fix a json problem
+    $sOutput = str_replace("\'", "'", $sOutput);
+    
+    echo $sOutput;
 }
-$sOutput = substr_replace( $sOutput, "", -1 );
-$sOutput .= '] }';
-$sOutput = str_replace("\\'", "\\\\'", $sOutput);
-
-echo $sOutput;
 
 
 function fnColumnToField( $i )
@@ -163,4 +219,4 @@ function fnColumnToField( $i )
 }
 
 
-?>
+?>
\ No newline at end of file