File: graph_view.php

package info (click to toggle)
cacti 0.6.7-2.2
links: PTS
area: main
in suites: woody
size: 1,000 kB
ctags: 1,120
sloc: php: 5,059; sql: 922; sh: 302; perl: 81; makefile: 56
file content (316 lines) | stat: -rw-r--r-- 13,573 bytes
<?/* 
+-------------------------------------------------------------------------+
| Copyright (C) 2002 Ian Berry                                            |
|                                                                         |
| This program is free software; you can redistribute it and/or           |
| modify it under the terms of the GNU General Public License             |
| as published by the Free Software Foundation; either version 2          |
| of the License, or (at your option) any later version.                  |
|                                                                         |
| This program is distributed in the hope that it will be useful,         |
| but WITHOUT ANY WARRANTY; without even the implied warranty of          |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
| GNU General Public License for more details.                            |
+-------------------------------------------------------------------------+
| cacti: the rrdtool frontend [php-auth, php-tree, php-form]              |
+-------------------------------------------------------------------------+
| This code is currently maintained and debugged by Ian Berry, any        |
| questions or comments regarding this code should be directed to:        |
| - iberry@raxnet.net                                                     |
+-------------------------------------------------------------------------+
| - raXnet - http://www.raxnet.net/                                       |
+-------------------------------------------------------------------------+
*/?>
<?	$section = "View Graphs"; $guest_account = true; include ('auth/include/auth.php');
	include ("include/database.php");
	include_once ("include/rrd_functions.php");
	include_once ("include/functions.php");
	include ('include/config.php');
	include ("include/top_graph_header.php");

$user_id = GetCurrentUserID($HTTP_COOKIE_VARS["cactilogin"], $config["guest_user"]["value"]);

if (isset($hide) == true) {
	/* find out if the current user has rights here */
	$sql_id = mysql_query("select graphsettings from auth_users where id=$user_id", $cnn_id);
	
	/* only update expand/contract info is this user has writes to keep their own settings */
	if (mysql_num_rows($sql_id) != 0) {
		if (mysql_result($sql_id, 0, "graphsettings") == "on") {
			mysql_query("delete from settings_tree where treeitemid=$branch_id and userid=$user_id",$cnn_id);
			mysql_query("insert into settings_tree (treeitemid,userid,status) values ($branch_id,$user_id,$hide)",$cnn_id);
		}
	}
}

/* if auth is enabled, get some basic info about this user so we know what they have
rights to */
if ($config["global_auth"]["value"] == "on") {
	$sql_id_user = mysql_query("select graphpolicy,showtree,showlist,showpreview from auth_users where id=$user_id",$cnn_id);
	
	if (mysql_num_rows($sql_id_user) == 0) {
		print "<strong><font size=\"+1\" color=\"FF0000\">CANNOT FIND USER!</font></strong>"; exit;
	}else{
		$show_tree_view = mysql_result($sql_id_user, 0, "showtree");
		$show_list_view = mysql_result($sql_id_user, 0, "showlist");
		$show_preview_view = mysql_result($sql_id_user, 0, "showpreview");
	}
}else{
	/* if auth is turned off; obviously they have rights */
	$show_tree_view = "on";
	$show_list_view = "on";
	$show_preview_view = "on";
}

switch ($action) {
	case 'tree':
		if ($show_tree_view != "on") {
			print "<strong><font size=\"+1\" color=\"FF0000\">YOU DO NOT HAVE RIGHTS FOR TREE VIEW</font></strong>"; exit;
		}
		
		include_once ('include/form.php');
		include_once ('include/tree_functions.php');
		
		DrawMatrixTableBegin("97%");
		
		$array_tree["options"]["sql_type_column"] = "type";
		
		if (!(isset($tree_id))) { $tree_id = 0; }
		
		/* if cacti's builtin authentication is turned on then make sure to take 
		graph permissions into account here. if a user does not have rights to a 
		particular graph; do not show it. they will get an access denied message
		if they try and view the graph directly. */
		if ($config["global_auth"]["value"] == "on") {
			/* take tree permissions into account here, if the user does not have permission
			give an "access denied" message */
			$sql_id = mysql_query("select userid from auth_graph_hierarchy where hierarchyid=$tree_id and userid=" . GetCurrentUserID($HTTP_COOKIE_VARS["cactilogin"],$config["guest_user"]["value"]),$cnn_id);
			
			if ($config["graph_policy"]["auth"] == "1") {
				if (mysql_num_rows($sql_id) > 0) { $access_denied = true; }
			}elseif ($config["graph_policy"]["auth"] == "2") {
				if (mysql_num_rows($sql_id) == 0) { $access_denied = true; }
			}
			
			if ($access_denied == true) {
				print "<strong><font size=\"+1\" color=\"FF0000\">ACCESS DENIED</font></strong>"; exit;
			}
			
			/* user is allowed to view this graph hierarchy; so lets move and create
			the SQL string that will show only the graphs that the user has rights to view
			in this tree */
			if ($config["graph_policy"]["auth"] == "1") {
				$sql_where = "where ag.userid is null";
			}elseif ($config["graph_policy"]["auth"] == "2") {
				$sql_where = "where (ag.userid is not null or h.type=\\\"Heading\\\")";
			}
			
			$array_tree["options"]["sql_string"] = 'select 
				h.id,h.graphid,h.rraid,h.type,h.title,h.parent,
				g.title as gtitle,
				st.status,
				ag.graphid as aggraphid, ag.userid as aguserid 
				from graph_hierarchy_items h 
				left join rrd_graph g on h.graphid=g.id 
				left join settings_tree st on (h.id=st.treeitemid and st.userid=' . $user_id . ') 
				left join auth_graph ag on (g.id=ag.graphid and ag.userid=' . $user_id . ') 
				' . $sql_where . '
				and h.parent=$branch
				and h.treeid=' . $tree_id . '
				order by h.sequence';
		}else{
			$array_tree["options"]["sql_string"] = 'select 
				h.id,h.graphid,h.rraid,h.type,h.title,h.parent,
				g.title as gtitle,
				r.name as rname,
				st.status 
				from graph_hierarchy_items h 
				left join rrd_graph g on h.graphid=g.id 
				left join rrd_rra r on h.rraid=r.id 
				left join settings_tree st on (h.id=st.treeitemid and st.userid=' . $user_id . ') 
				where h.parent=$branch 
				and h.treeid=' . $tree_id . ' 
				order by h.sequence';
		}
		
		/* this SQL string is used in case a user clicks on a branch in the tree; this way
		cacti will show the actual branch they clicked on in addition to its children */
		if ($start_branch != "") {
			$array_tree["options"]["sql_header_string"] = 'select 
				h.id,h.graphid,h.rraid,h.type,h.title,h.parent,
				g.title as gtitle,
				r.name as rname,
				st.status 
				from graph_hierarchy_items h 
				left join rrd_graph g on h.graphid=g.id 
				left join rrd_rra r on h.rraid=r.id 
				left join settings_tree st on (h.id=st.treeitemid and st.userid=' . $user_id . ') 
				where h.id=$branch 
				and h.treeid=' . $tree_id . ' 
				order by h.sequence';
		}
		
		$array_tree["options"]["sql_connection_id"] = $cnn_id;
		$array_tree["options"]["indent"] = "- ";
		$array_tree["options"]["start_branch"] = $start_branch;
		$array_tree["options"]["alternating_row_colors"] = false;
		$array_tree["options"]["tree_id"] = $tree_id;
		$array_tree["options"]["remove_action"] = '';
		$array_tree["options"]["create_margin"] = true;
		$array_tree["options"]["use_expand_contract"] = true;
		
		$array_tree["options"]["show_item"] = '<a href=\"graph_view.php?action=tree&tree_id=' .
			$tree_id . '&start_branch=' . $start_branch . '&hide=0&branch_id=" . 
			mysql_result($sql_id, $i, "id") . "\"><img src=\"images/show.gif\" border=\"0\"></a>';
		$array_tree["options"]["hide_item"] = '<a href=\"graph_view.php?action=tree&tree_id=' .
			$tree_id . '&start_branch=' . $start_branch . '&hide=1&branch_id=" . 
			mysql_result($sql_id, $i, "id") . "\"><img src=\"images/hide.gif\" border=\"0\"></a>';
		
		$array_tree["item_can_have_children"]["Heading"] = true;
		$array_tree["item_td_code"]["Heading"] = 'bgcolor=\"#$color_panel\" colspan=\"' . $array_settings["preview"]["columnnumber"] . '\"';
		$array_tree["item_action"]["Heading"] = '<strong><a href=\"graph_view.php?action=tree&tree_id=' . $tree_id . '&start_branch=" . mysql_result($sql_id, $i, "id") . "\">" . mysql_result($sql_id, $i, "title") . "</a></strong>';
		
		$array_tree["item_can_have_children"]["Graph"] = false;
		
		switch ($array_settings["hierarchical"]["viewtype"]) {
			case "1":
				$array_tree["item_action"]["Graph"] = '<a href=\"graph.php?graphid=" . mysql_result($sql_id, $i, "graphid") . 
					"&rraid=all\"><img align=\"middle\" src=\"graph_image.php?graphid=" . mysql_result($sql_id, $i, "graphid") . 
					"&rraid=" . mysql_result($sql_id, $i, "rraid") . "&graph_start=-' . 
					$array_settings["preview"]["timespan"] . '&graph_height=' . 
					$array_settings["preview"]["height"] . '&graph_width=' . $array_settings["preview"]["width"] . 
					'&graph_nolegend=true\" border=\"0\" alt=\"" . mysql_result($sql_id, $i, "gtitle") . "\"></a>';
				$array_tree["item_columns"]["Graph"] = $array_settings["preview"]["columnnumber"];
				
				break;
			case "2":
				$array_tree["item_action"]["Graph"] = '<a href=\"graph.php?graphid=" . mysql_result($sql_id, $i, "graphid") . 
					"&rraid=all\">" . mysql_result($sql_id, $i, "gtitle") . "</a>';
				
				break;
		}
		
		DrawMatrixRowBegin();
			DrawMatrixCustom("<td colspan=\"2\">");
				DrawMatrixCustom("<strong><a href=\"graph_view.php?action=tree&tree_id=$tree_id\">[root]</a> - $tree_name</strong><br><br>");
			DrawMatrixCustom("</td>");
		DrawMatrixRowEnd();
		
		GrowTree($array_tree);
		
		print '</td></tr>';
		DrawMatrixTableEnd();
		
		break;
	case 'preview':
		if ($show_preview_view != "on") {
			print "<strong><font size=\"+1\" color=\"FF0000\">YOU DO NOT HAVE RIGHTS FOR PREVIEW VIEW</font></strong>"; exit;
		}
		
		/* graph permissions */
		if ($config["global_auth"]["value"] == "on") {
			if ($config["graph_policy"]["auth"] == "1") {
				$sql_where = "where ag.userid is null";
			}elseif ($config["graph_policy"]["auth"] == "2") {
				$sql_where = "where ag.userid is not null";
			}
			
			$sql_id = mysql_query("select 
				g.id,g.title 
				from rrd_graph g 
				left join auth_graph ag on (g.id=ag.graphid and ag.userid=$user_id) 
				$sql_where
				order by g.title",$cnn_id);
		}else{
			$sql_id = mysql_query("select 
				id,title 
				from rrd_graph 
				order by title",$cnn_id);
		}
		
		$rows = mysql_num_rows($sql_id); $i = 0;
		
		?><tr><td bgcolor="#<?print $color_light;?>" width="1%" rowspan="99999"></td><?
			while ($i < $rows) {
				?><td width="25%"><a href="graph.php?rraid=all&graphid=<?print mysql_result($sql_id, $i, "id");?>"><img src="graph_image.php?graphid=<?print mysql_result($sql_id, $i, "id");?>&rraid=<?print $array_settings["preview"]["rraid"];?>&graph_start=-<?print $array_settings["preview"]["timespan"];?>&graph_height=<?print $array_settings["preview"]["height"];?>&graph_width=<?print $array_settings["preview"]["width"];?>&graph_nolegend=true" border="0" alt="<?print mysql_result($sql_id, $i, "title");?>"></a><?
				?></td><?
				$i++;
				$k++;
				
				if ($k==$array_settings["preview"]["columnnumber"]) {
					$k = 0;
					?></tr><tr height="10"><td>&nbsp;</td></tr><tr><?
				}
				$i_rra = 0;
			}
		?></tr><?
		
		break;
	case 'list':
		if ($show_list_view != "on") {
			print "<strong><font size=\"+1\" color=\"FF0000\">YOU DO NOT HAVE RIGHTS FOR LIST VIEW</font></strong>"; exit;
		}
		
		include_once ("include/form.php");
		
		/* graph permissions */
		if ($config["global_auth"]["value"] == "on") {
			if ($config["graph_policy"]["auth"] == "1") {
				$sql_where = "where ag.userid is null";
			}elseif ($config["graph_policy"]["auth"] == "2") {
				$sql_where = "where ag.userid is not null";
			}
			
			$sql_id = mysql_query("select 
				g.id,g.title 
				from rrd_graph g 
				left join auth_graph ag on (g.id=ag.graphid and ag.userid=$user_id) 
				$sql_where
				order by g.title",$cnn_id);
		}else{
			$sql_id = mysql_query("select 
				id,title 
				from rrd_graph 
				order by title",$cnn_id);
		}
		
		$rows = mysql_num_rows($sql_id); $i = 0;
		
		$sql_id_rra = mysql_query("select id,name from rrd_rra order by id",$cnn_id);
		$rows_rra = mysql_num_rows($sql_id_rra); $i_rra = 0;
		
		print "<table width=\"97%\">";
		print "<tr>";
		
		while ($i < $rows) {
			switch ($array_settings["list"]["listviewtype"]) {
				case "1":
					?><td width="25%"><strong><?print mysql_result($sql_id, $i, "title");?> [<a href="graph.php?graphid=<?print mysql_result($sql_id, $i, "id");?>&rraid=all">all</a>]</strong><br><?
					while ($i_rra < $rows_rra) {
						?><a href="graph.php?graphid=<?print mysql_result($sql_id, $i, "id");?>&rraid=<?print mysql_result($sql_id_rra, $i_rra, "id");?>"><?print mysql_result($sql_id_rra, $i_rra, "name");?></a><br><?
						$i_rra++;
					}
					?></td><?
					$i++;
					$k++;
					
					if ($k==4) {
						$k = 0;
						?></tr><tr height="10"><td>&nbsp;</td></tr><tr><?
					}
					$i_rra = 0;
					
					break;
				case "2":
					?><td><strong><a href="graph.php?graphid=<?print mysql_result($sql_id, $i, "id");?>&rraid=all"><?print mysql_result($sql_id, $i, "title");?></a></strong></td></tr><tr><?
					$i++;
					
					break;
			}
		}
			?></tr></table><?
		
		break;
}

include_once ("include/bottom_footer.php");