diff options
| -rw-r--r-- | ui/app/controllers/CControllerGuiEdit.php | 32 | ||||
| -rw-r--r-- | ui/app/controllers/CControllerGuiUpdate.php | 32 | ||||
| -rw-r--r-- | ui/app/controllers/CControllerMiscConfigEdit.php | 62 | ||||
| -rw-r--r-- | ui/app/controllers/CControllerMiscConfigUpdate.php | 58 | ||||
| -rw-r--r-- | ui/app/controllers/CControllerTrigDisplayEdit.php | 88 | ||||
| -rw-r--r-- | ui/app/controllers/CControllerTrigDisplayUpdate.php | 88 | ||||
| -rw-r--r-- | ui/app/views/administration.miscconfig.edit.php | 2 | ||||
| -rw-r--r-- | ui/app/views/js/administration.trigdisplay.edit.js.php | 48 | ||||
| -rw-r--r-- | ui/app/views/layout.htmlpage.php | 9 | ||||
| -rw-r--r-- | ui/app/views/popup.generic.php | 3 | ||||
| -rw-r--r-- | ui/include/classes/api/services/CSettings.php | 24 | ||||
| -rw-r--r-- | ui/include/classes/api/services/CUser.php | 10 | ||||
| -rw-r--r-- | ui/include/classes/validators/CHtmlUrlValidator.php | 12 | ||||
| -rw-r--r-- | ui/include/defines.inc.php | 20 | ||||
| -rw-r--r-- | ui/include/func.inc.php | 4 | ||||
| -rw-r--r-- | ui/include/page_header.php | 9 | ||||
| -rw-r--r-- | ui/tests/unit/include/classes/validators/CHtmlUrlValidatorTest.php | 2 |
17 files changed, 246 insertions, 257 deletions
diff --git a/ui/app/controllers/CControllerGuiEdit.php b/ui/app/controllers/CControllerGuiEdit.php index 40ad5a6be8e..749e33a31f6 100644 --- a/ui/app/controllers/CControllerGuiEdit.php +++ b/ui/app/controllers/CControllerGuiEdit.php @@ -27,15 +27,15 @@ class CControllerGuiEdit extends CController { protected function checkInput() { $fields = [ - 'default_theme' => 'db config.default_theme', - 'search_limit' => 'db config.search_limit', - 'max_in_table' => 'db config.max_in_table', - 'server_check_interval' => 'db config.server_check_interval', - 'work_period' => 'db config.work_period', - 'show_technical_errors' => 'db config.show_technical_errors', - 'history_period' => 'db config.history_period', - 'period_default' => 'db config.period_default', - 'max_period' => 'db config.max_period' + 'default_theme' => 'db config.default_theme', + 'search_limit' => 'db config.search_limit', + 'max_in_table' => 'db config.max_in_table', + 'server_check_interval' => 'db config.server_check_interval', + 'work_period' => 'db config.work_period', + 'show_technical_errors' => 'db config.show_technical_errors', + 'history_period' => 'db config.history_period', + 'period_default' => 'db config.period_default', + 'max_period' => 'db config.max_period' ]; $ret = $this->validateInput($fields); @@ -53,23 +53,23 @@ class CControllerGuiEdit extends CController { protected function doAction() { $data = [ - 'default_theme' => + 'default_theme' => $this->getInput('default_theme', CSettingsHelper::get(CSettingsHelper::DEFAULT_THEME)), - 'search_limit' => + 'search_limit' => $this->getInput('search_limit', CSettingsHelper::get(CSettingsHelper::SEARCH_LIMIT)), - 'max_in_table' => + 'max_in_table' => $this->getInput('max_in_table', CSettingsHelper::get(CSettingsHelper::MAX_IN_TABLE)), 'server_check_interval' => $this->getInput('server_check_interval', CSettingsHelper::get(CSettingsHelper::SERVER_CHECK_INTERVAL)), - 'work_period' => + 'work_period' => $this->getInput('work_period', CSettingsHelper::get(CSettingsHelper::WORK_PERIOD)), 'show_technical_errors' => $this->getInput('show_technical_errors', CSettingsHelper::get(CSettingsHelper::SHOW_TECHNICAL_ERRORS)), - 'history_period' => + 'history_period' => $this->getInput('history_period', CSettingsHelper::get(CSettingsHelper::HISTORY_PERIOD)), - 'period_default' => + 'period_default' => $this->getInput('period_default', CSettingsHelper::get(CSettingsHelper::PERIOD_DEFAULT)), - 'max_period' => + 'max_period' => $this->getInput('max_period', CSettingsHelper::get(CSettingsHelper::MAX_PERIOD)) ]; diff --git a/ui/app/controllers/CControllerGuiUpdate.php b/ui/app/controllers/CControllerGuiUpdate.php index 73567a8dba9..e15185c42bf 100644 --- a/ui/app/controllers/CControllerGuiUpdate.php +++ b/ui/app/controllers/CControllerGuiUpdate.php @@ -24,15 +24,15 @@ class CControllerGuiUpdate extends CController { protected function checkInput() { $themes = array_keys(APP::getThemes()); $fields = [ - 'default_theme' => 'required|in '.implode(',', $themes).'|db config.default_theme', - 'search_limit' => 'required|db config.search_limit|ge 1|le 999999', - 'max_in_table' => 'required|db config.max_in_table|ge 1|le 99999', - 'server_check_interval' => 'required|db config.server_check_interval|in 0,'.SERVER_CHECK_INTERVAL, - 'work_period' => 'required|db config.work_period|time_periods', - 'show_technical_errors' => 'db config.show_technical_errors|in 0,1', - 'history_period' => 'required|db config.history_period', - 'period_default' => 'required|db config.period_default', - 'max_period' => 'required|db config.max_period' + 'default_theme' => 'required|in '.implode(',', $themes).'|db config.default_theme', + 'search_limit' => 'required|db config.search_limit|ge 1|le 999999', + 'max_in_table' => 'required|db config.max_in_table|ge 1|le 99999', + 'server_check_interval' => 'required|db config.server_check_interval|in 0,'.SERVER_CHECK_INTERVAL, + 'work_period' => 'required|db config.work_period|time_periods', + 'show_technical_errors' => 'db config.show_technical_errors|in 0,1', + 'history_period' => 'required|db config.history_period', + 'period_default' => 'required|db config.period_default', + 'max_period' => 'required|db config.max_period' ]; $ret = $this->validateInput($fields); @@ -106,15 +106,15 @@ class CControllerGuiUpdate extends CController { protected function doAction() { $result = API::Settings()->update([ - CSettingsHelper::DEFAULT_THEME => $this->getInput('default_theme'), - CSettingsHelper::SEARCH_LIMIT => $this->getInput('search_limit'), - CSettingsHelper::MAX_IN_TABLE => $this->getInput('max_in_table'), + CSettingsHelper::DEFAULT_THEME => $this->getInput('default_theme'), + CSettingsHelper::SEARCH_LIMIT => $this->getInput('search_limit'), + CSettingsHelper::MAX_IN_TABLE => $this->getInput('max_in_table'), CSettingsHelper::SERVER_CHECK_INTERVAL => $this->getInput('server_check_interval'), - CSettingsHelper::WORK_PERIOD => $this->getInput('work_period'), + CSettingsHelper::WORK_PERIOD => $this->getInput('work_period'), CSettingsHelper::SHOW_TECHNICAL_ERRORS => $this->getInput('show_technical_errors', 0), - CSettingsHelper::HISTORY_PERIOD => $this->getInput('history_period'), - CSettingsHelper::PERIOD_DEFAULT => $this->getInput('period_default'), - CSettingsHelper::MAX_PERIOD => $this->getInput('max_period') + CSettingsHelper::HISTORY_PERIOD => $this->getInput('history_period'), + CSettingsHelper::PERIOD_DEFAULT => $this->getInput('period_default'), + CSettingsHelper::MAX_PERIOD => $this->getInput('max_period') ]); $response = new CControllerResponseRedirect((new CUrl('zabbix.php')) diff --git a/ui/app/controllers/CControllerMiscConfigEdit.php b/ui/app/controllers/CControllerMiscConfigEdit.php index 27de7a36780..a5b986c83b8 100644 --- a/ui/app/controllers/CControllerMiscConfigEdit.php +++ b/ui/app/controllers/CControllerMiscConfigEdit.php @@ -27,22 +27,22 @@ class CControllerMiscConfigEdit extends CController { protected function checkInput() { $fields = [ - 'refresh_unsupported' => 'db config.refresh_unsupported', - 'discovery_groupid' => 'db config.discovery_groupid', - 'default_inventory_mode' => 'db config.default_inventory_mode', - 'alert_usrgrpid' => 'db config.alert_usrgrpid', - 'snmptrap_logging' => 'db config.snmptrap_logging', - 'login_attempts' => 'db config.login_attempts', - 'login_block' => 'db config.login_block', - 'session_name' => 'db config.session_name', - 'validate_uri_schemes' => 'db config.validate_uri_schemes', - 'uri_valid_schemes' => 'db config.uri_valid_schemes', - 'x_frame_options' => 'db config.x_frame_options', - 'socket_timeout' => 'db config.socket_timeout', - 'connect_timeout' => 'db config.connect_timeout', - 'media_type_test_timeout' => 'db config.media_type_test_timeout', - 'script_timeout' => 'db config.script_timeout', - 'item_test_timeout' => 'db config.item_test_timeout', + 'refresh_unsupported' => 'db config.refresh_unsupported', + 'discovery_groupid' => 'db config.discovery_groupid', + 'default_inventory_mode' => 'db config.default_inventory_mode', + 'alert_usrgrpid' => 'db config.alert_usrgrpid', + 'snmptrap_logging' => 'db config.snmptrap_logging', + 'login_attempts' => 'db config.login_attempts', + 'login_block' => 'db config.login_block', + 'session_name' => 'db config.session_name', + 'validate_uri_schemes' => 'db config.validate_uri_schemes', + 'uri_valid_schemes' => 'db config.uri_valid_schemes', + 'x_frame_options' => 'db config.x_frame_options', + 'socket_timeout' => 'db config.socket_timeout', + 'connect_timeout' => 'db config.connect_timeout', + 'media_type_test_timeout' => 'db config.media_type_test_timeout', + 'script_timeout' => 'db config.script_timeout', + 'item_test_timeout' => 'db config.item_test_timeout' ]; $ret = $this->validateInput($fields); @@ -60,38 +60,38 @@ class CControllerMiscConfigEdit extends CController { protected function doAction() { $data = [ - 'refresh_unsupported' => + 'refresh_unsupported' => $this->getInput('refresh_unsupported', CSettingsHelper::get(CSettingsHelper::REFRESH_UNSUPPORTED)), - 'discovery_groupid' => + 'discovery_groupid' => $this->getInput('discovery_groupid', CSettingsHelper::get(CSettingsHelper::DISCOVERY_GROUPID)), - 'default_inventory_mode' => $this->getInput('default_inventory_mode', CSettingsHelper::get( + 'default_inventory_mode' => $this->getInput('default_inventory_mode', CSettingsHelper::get( CSettingsHelper::DEFAULT_INVENTORY_MODE )), - 'alert_usrgrpid' => + 'alert_usrgrpid' => $this->getInput('alert_usrgrpid', CSettingsHelper::get(CSettingsHelper::ALERT_USRGRPID)), - 'snmptrap_logging' => + 'snmptrap_logging' => $this->getInput('snmptrap_logging', CSettingsHelper::get(CSettingsHelper::SNMPTRAP_LOGGING)), - 'login_attempts' => + 'login_attempts' => $this->getInput('login_attempts', CSettingsHelper::get(CSettingsHelper::LOGIN_ATTEMPTS)), - 'login_block' => + 'login_block' => $this->getInput('login_block', CSettingsHelper::get(CSettingsHelper::LOGIN_BLOCK)), - 'session_name' => + 'session_name' => $this->getInput('session_name', CSettingsHelper::get(CSettingsHelper::SESSION_NAME)), - 'validate_uri_schemes' => + 'validate_uri_schemes' => $this->getInput('validate_uri_schemes', CSettingsHelper::get(CSettingsHelper::VALIDATE_URI_SCHEMES)), - 'uri_valid_schemes' => + 'uri_valid_schemes' => $this->getInput('uri_valid_schemes', CSettingsHelper::get(CSettingsHelper::URI_VALID_SCHEMES)), - 'x_frame_options' => + 'x_frame_options' => $this->getInput('x_frame_options', CSettingsHelper::get(CSettingsHelper::X_FRAME_OPTIONS)), - 'socket_timeout' => + 'socket_timeout' => $this->getInput('socket_timeout', CSettingsHelper::get(CSettingsHelper::SOCKET_TIMEOUT)), - 'connect_timeout' => + 'connect_timeout' => $this->getInput('connect_timeout', CSettingsHelper::get(CSettingsHelper::CONNECT_TIMEOUT)), 'media_type_test_timeout' => $this->getInput('media_type_test_timeout', CSettingsHelper::get(CSettingsHelper::MEDIA_TYPE_TEST_TIMEOUT)), - 'script_timeout' => + 'script_timeout' => $this->getInput('script_timeout', CSettingsHelper::get(CSettingsHelper::SCRIPT_TIMEOUT)), - 'item_test_timeout' => + 'item_test_timeout' => $this->getInput('item_test_timeout', CSettingsHelper::get(CSettingsHelper::ITEM_TEST_TIMEOUT)) ]; diff --git a/ui/app/controllers/CControllerMiscConfigUpdate.php b/ui/app/controllers/CControllerMiscConfigUpdate.php index ba5a4f3fe2e..7d0823aaa7c 100644 --- a/ui/app/controllers/CControllerMiscConfigUpdate.php +++ b/ui/app/controllers/CControllerMiscConfigUpdate.php @@ -23,22 +23,22 @@ class CControllerMiscConfigUpdate extends CController { protected function checkInput() { $fields = [ - 'refresh_unsupported' => 'required|db config.refresh_unsupported', - 'discovery_groupid' => 'required|db config.discovery_groupid', - 'default_inventory_mode' => 'required|in '.HOST_INVENTORY_DISABLED.','.HOST_INVENTORY_MANUAL.','.HOST_INVENTORY_AUTOMATIC, - 'alert_usrgrpid' => 'db config.alert_usrgrpid', - 'snmptrap_logging' => 'required|db config.snmptrap_logging|in 0,1', - 'login_attempts' => 'required|db config.login_attempts|ge 1|le 32', - 'login_block' => 'required|db config.login_block', - 'session_name' => 'required|db config.session_name', - 'validate_uri_schemes' => 'required|db config.validate_uri_schemes|in 0,1', - 'uri_valid_schemes' => 'db config.uri_valid_schemes', - 'x_frame_options' => 'required|db config.x_frame_options', - 'socket_timeout' => 'required|db config.socket_timeout', - 'connect_timeout' => 'required|db config.connect_timeout', - 'media_type_test_timeout' => 'required|db config.media_type_test_timeout', - 'script_timeout' => 'required|db config.script_timeout', - 'item_test_timeout' => 'required|db config.item_test_timeout' + 'refresh_unsupported' => 'required|db config.refresh_unsupported', + 'discovery_groupid' => 'required|db config.discovery_groupid', + 'default_inventory_mode' => 'required|in '.HOST_INVENTORY_DISABLED.','.HOST_INVENTORY_MANUAL.','.HOST_INVENTORY_AUTOMATIC, + 'alert_usrgrpid' => 'db config.alert_usrgrpid', + 'snmptrap_logging' => 'required|db config.snmptrap_logging|in 0,1', + 'login_attempts' => 'required|db config.login_attempts|ge 1|le 32', + 'login_block' => 'required|db config.login_block', + 'session_name' => 'required|db config.session_name', + 'validate_uri_schemes' => 'required|db config.validate_uri_schemes|in 0,1', + 'uri_valid_schemes' => 'db config.uri_valid_schemes', + 'x_frame_options' => 'required|db config.x_frame_options', + 'socket_timeout' => 'required|db config.socket_timeout', + 'connect_timeout' => 'required|db config.connect_timeout', + 'media_type_test_timeout' => 'required|db config.media_type_test_timeout', + 'script_timeout' => 'required|db config.script_timeout', + 'item_test_timeout' => 'required|db config.item_test_timeout' ]; $ret = $this->validateInput($fields); @@ -160,20 +160,20 @@ class CControllerMiscConfigUpdate extends CController { protected function doAction() { $settings = [ - CSettingsHelper::REFRESH_UNSUPPORTED => $this->getInput('refresh_unsupported'), - CSettingsHelper::DISCOVERY_GROUPID => $this->getInput('discovery_groupid'), - CSettingsHelper::DEFAULT_INVENTORY_MODE => $this->getInput('default_inventory_mode'), - CSettingsHelper::SNMPTRAP_LOGGING => $this->getInput('snmptrap_logging'), - CSettingsHelper::LOGIN_ATTEMPTS => $this->getInput('login_attempts'), - CSettingsHelper::LOGIN_BLOCK => $this->getInput('login_block'), - CSettingsHelper::SESSION_NAME => $this->getInput('session_name'), - CSettingsHelper::VALIDATE_URI_SCHEMES => $this->getInput('validate_uri_schemes'), - CSettingsHelper::X_FRAME_OPTIONS => $this->getInput('x_frame_options'), - CSettingsHelper::SOCKET_TIMEOUT => $this->getInput('socket_timeout'), - CSettingsHelper::CONNECT_TIMEOUT => $this->getInput('connect_timeout'), + CSettingsHelper::REFRESH_UNSUPPORTED => $this->getInput('refresh_unsupported'), + CSettingsHelper::DISCOVERY_GROUPID => $this->getInput('discovery_groupid'), + CSettingsHelper::DEFAULT_INVENTORY_MODE => $this->getInput('default_inventory_mode'), + CSettingsHelper::SNMPTRAP_LOGGING => $this->getInput('snmptrap_logging'), + CSettingsHelper::LOGIN_ATTEMPTS => $this->getInput('login_attempts'), + CSettingsHelper::LOGIN_BLOCK => $this->getInput('login_block'), + CSettingsHelper::SESSION_NAME => $this->getInput('session_name'), + CSettingsHelper::VALIDATE_URI_SCHEMES => $this->getInput('validate_uri_schemes'), + CSettingsHelper::X_FRAME_OPTIONS => $this->getInput('x_frame_options'), + CSettingsHelper::SOCKET_TIMEOUT => $this->getInput('socket_timeout'), + CSettingsHelper::CONNECT_TIMEOUT => $this->getInput('connect_timeout'), CSettingsHelper::MEDIA_TYPE_TEST_TIMEOUT => $this->getInput('media_type_test_timeout'), - CSettingsHelper::SCRIPT_TIMEOUT => $this->getInput('script_timeout'), - CSettingsHelper::ITEM_TEST_TIMEOUT => $this->getInput('item_test_timeout') + CSettingsHelper::SCRIPT_TIMEOUT => $this->getInput('script_timeout'), + CSettingsHelper::ITEM_TEST_TIMEOUT => $this->getInput('item_test_timeout') ]; $settings[CSettingsHelper::ALERT_USRGRPID] = $this->hasInput('alert_usrgrpid') diff --git a/ui/app/controllers/CControllerTrigDisplayEdit.php b/ui/app/controllers/CControllerTrigDisplayEdit.php index eebf462ab70..891494ed6bc 100644 --- a/ui/app/controllers/CControllerTrigDisplayEdit.php +++ b/ui/app/controllers/CControllerTrigDisplayEdit.php @@ -27,29 +27,29 @@ class CControllerTrigDisplayEdit extends CController { protected function checkInput() { $fields = [ - 'custom_color' => 'db config.custom_color', - 'problem_unack_color' => 'db config.problem_unack_color', - 'problem_ack_color' => 'db config.problem_ack_color', - 'ok_unack_color' => 'db config.ok_unack_color', - 'ok_ack_color' => 'db config.ok_ack_color', - 'problem_unack_style' => 'db config.problem_unack_style', - 'problem_ack_style' => 'db config.problem_ack_style', - 'ok_unack_style' => 'db config.ok_unack_style', - 'ok_ack_style' => 'db config.ok_ack_style', - 'ok_period' => 'db config.ok_period', - 'blink_period' => 'db config.blink_period', - 'severity_name_0' => 'db config.severity_name_0', - 'severity_color_0' => 'db config.severity_color_0', - 'severity_name_1' => 'db config.severity_name_1', - 'severity_color_1' => 'db config.severity_color_1', - 'severity_name_2' => 'db config.severity_name_2', - 'severity_color_2' => 'db config.severity_color_2', - 'severity_name_3' => 'db config.severity_name_3', - 'severity_color_3' => 'db config.severity_color_3', - 'severity_name_4' => 'db config.severity_name_4', - 'severity_color_4' => 'db config.severity_color_4', - 'severity_name_5' => 'db config.severity_name_5', - 'severity_color_5' => 'db config.severity_color_5' + 'custom_color' => 'db config.custom_color', + 'problem_unack_color' => 'db config.problem_unack_color', + 'problem_ack_color' => 'db config.problem_ack_color', + 'ok_unack_color' => 'db config.ok_unack_color', + 'ok_ack_color' => 'db config.ok_ack_color', + 'problem_unack_style' => 'db config.problem_unack_style', + 'problem_ack_style' => 'db config.problem_ack_style', + 'ok_unack_style' => 'db config.ok_unack_style', + 'ok_ack_style' => 'db config.ok_ack_style', + 'ok_period' => 'db config.ok_period', + 'blink_period' => 'db config.blink_period', + 'severity_name_0' => 'db config.severity_name_0', + 'severity_color_0' => 'db config.severity_color_0', + 'severity_name_1' => 'db config.severity_name_1', + 'severity_color_1' => 'db config.severity_color_1', + 'severity_name_2' => 'db config.severity_name_2', + 'severity_color_2' => 'db config.severity_color_2', + 'severity_name_3' => 'db config.severity_name_3', + 'severity_color_3' => 'db config.severity_color_3', + 'severity_name_4' => 'db config.severity_name_4', + 'severity_color_4' => 'db config.severity_color_4', + 'severity_name_5' => 'db config.severity_name_5', + 'severity_color_5' => 'db config.severity_color_5' ]; $ret = $this->validateInput($fields); @@ -70,51 +70,51 @@ class CControllerTrigDisplayEdit extends CController { $data = [ 'custom_color' => - $this->getInput('custom_color', CSettingsHelper::get(CSettingsHelper::CUSTOM_COLOR)), + $this->getInput('custom_color', CSettingsHelper::get(CSettingsHelper::CUSTOM_COLOR)), 'problem_unack_color' => $this->getInput('problem_unack_color', CSettingsHelper::get(CSettingsHelper::PROBLEM_UNACK_COLOR)), 'problem_ack_color' => - $this->getInput('problem_ack_color', CSettingsHelper::get(CSettingsHelper::PROBLEM_ACK_COLOR)), + $this->getInput('problem_ack_color', CSettingsHelper::get(CSettingsHelper::PROBLEM_ACK_COLOR)), 'ok_unack_color' => - $this->getInput('ok_unack_color', CSettingsHelper::get(CSettingsHelper::OK_UNACK_COLOR)), + $this->getInput('ok_unack_color', CSettingsHelper::get(CSettingsHelper::OK_UNACK_COLOR)), 'ok_ack_color' => - $this->getInput('ok_ack_color', CSettingsHelper::get(CSettingsHelper::OK_ACK_COLOR)), + $this->getInput('ok_ack_color', CSettingsHelper::get(CSettingsHelper::OK_ACK_COLOR)), 'problem_unack_style' => $this->getInput('problem_unack_style', CSettingsHelper::get(CSettingsHelper::PROBLEM_UNACK_STYLE)), 'problem_ack_style' => - $this->getInput('problem_ack_style', CSettingsHelper::get(CSettingsHelper::PROBLEM_ACK_STYLE)), + $this->getInput('problem_ack_style', CSettingsHelper::get(CSettingsHelper::PROBLEM_ACK_STYLE)), 'ok_unack_style' => - $this->getInput('ok_unack_style', CSettingsHelper::get(CSettingsHelper::OK_UNACK_STYLE)), + $this->getInput('ok_unack_style', CSettingsHelper::get(CSettingsHelper::OK_UNACK_STYLE)), 'ok_ack_style' => - $this->getInput('ok_ack_style', CSettingsHelper::get(CSettingsHelper::OK_ACK_STYLE)), + $this->getInput('ok_ack_style', CSettingsHelper::get(CSettingsHelper::OK_ACK_STYLE)), 'ok_period' => - $this->getInput('ok_period', CSettingsHelper::get(CSettingsHelper::OK_PERIOD)), + $this->getInput('ok_period', CSettingsHelper::get(CSettingsHelper::OK_PERIOD)), 'blink_period' => - $this->getInput('blink_period', CSettingsHelper::get(CSettingsHelper::BLINK_PERIOD)), + $this->getInput('blink_period', CSettingsHelper::get(CSettingsHelper::BLINK_PERIOD)), 'severity_name_0' => - $this->getInput('severity_name_0', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_0)), + $this->getInput('severity_name_0', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_0)), 'severity_color_0' => - $this->getInput('severity_color_0', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_0)), + $this->getInput('severity_color_0', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_0)), 'severity_name_1' => - $this->getInput('severity_name_1', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_1)), + $this->getInput('severity_name_1', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_1)), 'severity_color_1' => - $this->getInput('severity_color_1', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_1)), + $this->getInput('severity_color_1', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_1)), 'severity_name_2' => - $this->getInput('severity_name_2', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_2)), + $this->getInput('severity_name_2', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_2)), 'severity_color_2' => - $this->getInput('severity_color_2', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_2)), + $this->getInput('severity_color_2', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_2)), 'severity_name_3' => - $this->getInput('severity_name_3', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_3)), + $this->getInput('severity_name_3', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_3)), 'severity_color_3' => - $this->getInput('severity_color_3', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_3)), + $this->getInput('severity_color_3', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_3)), 'severity_name_4' => - $this->getInput('severity_name_4', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_4)), + $this->getInput('severity_name_4', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_4)), 'severity_color_4' => - $this->getInput('severity_color_4', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_4)), + $this->getInput('severity_color_4', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_4)), 'severity_name_5' => - $this->getInput('severity_name_5', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_5)), + $this->getInput('severity_name_5', CSettingsHelper::get(CSettingsHelper::SEVERITY_NAME_5)), 'severity_color_5' => - $this->getInput('severity_color_5', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_5)) + $this->getInput('severity_color_5', CSettingsHelper::get(CSettingsHelper::SEVERITY_COLOR_5)) ]; $response = new CControllerResponseData($data); diff --git a/ui/app/controllers/CControllerTrigDisplayUpdate.php b/ui/app/controllers/CControllerTrigDisplayUpdate.php index 639c2ee5210..65770acc827 100644 --- a/ui/app/controllers/CControllerTrigDisplayUpdate.php +++ b/ui/app/controllers/CControllerTrigDisplayUpdate.php @@ -23,29 +23,29 @@ class CControllerTrigDisplayUpdate extends CController { protected function checkInput() { $fields = [ - 'custom_color' => 'required|db config.custom_color|in '.EVENT_CUSTOM_COLOR_DISABLED.','.EVENT_CUSTOM_COLOR_ENABLED, - 'problem_unack_color' => 'db config.problem_unack_color|rgb', - 'problem_ack_color' => 'db config.problem_ack_color|rgb', - 'ok_unack_color' => 'db config.ok_unack_color|rgb', - 'ok_ack_color' => 'db config.ok_ack_color|rgb', - 'problem_unack_style' => 'required|db config.problem_unack_style|in 0,1', - 'problem_ack_style' => 'required|db config.problem_ack_style|in 0,1', - 'ok_unack_style' => 'required|db config.ok_unack_style|in 0,1', - 'ok_ack_style' => 'required|db config.ok_ack_style|in 0,1', - 'ok_period' => 'required|db config.ok_period|not_empty', - 'blink_period' => 'required|db config.blink_period|not_empty', - 'severity_name_0' => 'required|db config.severity_name_0|not_empty', - 'severity_color_0' => 'required|db config.severity_color_0|rgb', - 'severity_name_1' => 'required|db config.severity_name_1|not_empty', - 'severity_color_1' => 'required|db config.severity_color_1|rgb', - 'severity_name_2' => 'required|db config.severity_name_2|not_empty', - 'severity_color_2' => 'required|db config.severity_color_2|rgb', - 'severity_name_3' => 'required|db config.severity_name_3|not_empty', - 'severity_color_3' => 'required|db config.severity_color_3|rgb', - 'severity_name_4' => 'required|db config.severity_name_4|not_empty', - 'severity_color_4' => 'required|db config.severity_color_4|rgb', - 'severity_name_5' => 'required|db config.severity_name_5|not_empty', - 'severity_color_5' => 'required|db config.severity_color_5|rgb' + 'custom_color' => 'required|db config.custom_color|in '.EVENT_CUSTOM_COLOR_DISABLED.','.EVENT_CUSTOM_COLOR_ENABLED, + 'problem_unack_color' => 'db config.problem_unack_color|rgb', + 'problem_ack_color' => 'db config.problem_ack_color|rgb', + 'ok_unack_color' => 'db config.ok_unack_color|rgb', + 'ok_ack_color' => 'db config.ok_ack_color|rgb', + 'problem_unack_style' => 'required|db config.problem_unack_style|in 0,1', + 'problem_ack_style' => 'required|db config.problem_ack_style|in 0,1', + 'ok_unack_style' => 'required|db config.ok_unack_style|in 0,1', + 'ok_ack_style' => 'required|db config.ok_ack_style|in 0,1', + 'ok_period' => 'required|db config.ok_period|not_empty', + 'blink_period' => 'required|db config.blink_period|not_empty', + 'severity_name_0' => 'required|db config.severity_name_0|not_empty', + 'severity_color_0' => 'required|db config.severity_color_0|rgb', + 'severity_name_1' => 'required|db config.severity_name_1|not_empty', + 'severity_color_1' => 'required|db config.severity_color_1|rgb', + 'severity_name_2' => 'required|db config.severity_name_2|not_empty', + 'severity_color_2' => 'required|db config.severity_color_2|rgb', + 'severity_name_3' => 'required|db config.severity_name_3|not_empty', + 'severity_color_3' => 'required|db config.severity_color_3|rgb', + 'severity_name_4' => 'required|db config.severity_name_4|not_empty', + 'severity_color_4' => 'required|db config.severity_color_4|rgb', + 'severity_name_5' => 'required|db config.severity_name_5|not_empty', + 'severity_color_5' => 'required|db config.severity_color_5|rgb' ]; $ret = $this->validateInput($fields); @@ -122,32 +122,32 @@ class CControllerTrigDisplayUpdate extends CController { protected function doAction() { $settings = [ - CSettingsHelper::CUSTOM_COLOR => $this->getInput('custom_color', EVENT_CUSTOM_COLOR_DISABLED), + CSettingsHelper::CUSTOM_COLOR => $this->getInput('custom_color', EVENT_CUSTOM_COLOR_DISABLED), CSettingsHelper::PROBLEM_UNACK_STYLE => $this->getInput('problem_unack_style'), - CSettingsHelper::PROBLEM_ACK_STYLE => $this->getInput('problem_ack_style'), - CSettingsHelper::OK_UNACK_STYLE => $this->getInput('ok_unack_style'), - CSettingsHelper::OK_ACK_STYLE => $this->getInput('ok_ack_style'), - CSettingsHelper::OK_PERIOD => trim($this->getInput('ok_period')), - CSettingsHelper::BLINK_PERIOD => trim($this->getInput('blink_period')), - CSettingsHelper::SEVERITY_NAME_0 => $this->getInput('severity_name_0'), - CSettingsHelper::SEVERITY_COLOR_0 => $this->getInput('severity_color_0'), - CSettingsHelper::SEVERITY_NAME_1 => $this->getInput('severity_name_1'), - CSettingsHelper::SEVERITY_COLOR_1 => $this->getInput('severity_color_1'), - CSettingsHelper::SEVERITY_NAME_2 => $this->getInput('severity_name_2'), - CSettingsHelper::SEVERITY_COLOR_2 => $this->getInput('severity_color_2'), - CSettingsHelper::SEVERITY_NAME_3 => $this->getInput('severity_name_3'), - CSettingsHelper::SEVERITY_COLOR_3 => $this->getInput('severity_color_3'), - CSettingsHelper::SEVERITY_NAME_4 => $this->getInput('severity_name_4'), - CSettingsHelper::SEVERITY_COLOR_4 => $this->getInput('severity_color_4'), - CSettingsHelper::SEVERITY_NAME_5 => $this->getInput('severity_name_5'), - CSettingsHelper::SEVERITY_COLOR_5 => $this->getInput('severity_color_5') + CSettingsHelper::PROBLEM_ACK_STYLE => $this->getInput('problem_ack_style'), + CSettingsHelper::OK_UNACK_STYLE => $this->getInput('ok_unack_style'), + CSettingsHelper::OK_ACK_STYLE => $this->getInput('ok_ack_style'), + CSettingsHelper::OK_PERIOD => trim($this->getInput('ok_period')), + CSettingsHelper::BLINK_PERIOD => trim($this->getInput('blink_period')), + CSettingsHelper::SEVERITY_NAME_0 => $this->getInput('severity_name_0'), + CSettingsHelper::SEVERITY_COLOR_0 => $this->getInput('severity_color_0'), + CSettingsHelper::SEVERITY_NAME_1 => $this->getInput('severity_name_1'), + CSettingsHelper::SEVERITY_COLOR_1 => $this->getInput('severity_color_1'), + CSettingsHelper::SEVERITY_NAME_2 => $this->getInput('severity_name_2'), + CSettingsHelper::SEVERITY_COLOR_2 => $this->getInput('severity_color_2'), + CSettingsHelper::SEVERITY_NAME_3 => $this->getInput('severity_name_3'), + CSettingsHelper::SEVERITY_COLOR_3 => $this->getInput('severity_color_3'), + CSettingsHelper::SEVERITY_NAME_4 => $this->getInput('severity_name_4'), + CSettingsHelper::SEVERITY_COLOR_4 => $this->getInput('severity_color_4'), + CSettingsHelper::SEVERITY_NAME_5 => $this->getInput('severity_name_5'), + CSettingsHelper::SEVERITY_COLOR_5 => $this->getInput('severity_color_5') ]; if ($settings[CSettingsHelper::CUSTOM_COLOR] == EVENT_CUSTOM_COLOR_ENABLED) { $settings[CSettingsHelper::PROBLEM_UNACK_COLOR] = $this->getInput('problem_unack_color'); - $settings[CSettingsHelper::PROBLEM_ACK_COLOR] = $this->getInput('problem_ack_color'); - $settings[CSettingsHelper::OK_UNACK_COLOR] = $this->getInput('ok_unack_color'); - $settings[CSettingsHelper::OK_ACK_COLOR] = $this->getInput('ok_ack_color'); + $settings[CSettingsHelper::PROBLEM_ACK_COLOR] = $this->getInput('problem_ack_color'); + $settings[CSettingsHelper::OK_UNACK_COLOR] = $this->getInput('ok_unack_color'); + $settings[CSettingsHelper::OK_ACK_COLOR] = $this->getInput('ok_ack_color'); } $result = API::Settings()->update($settings); diff --git a/ui/app/views/administration.miscconfig.edit.php b/ui/app/views/administration.miscconfig.edit.php index 8b5048ef7a8..bfaf5af4e4a 100644 --- a/ui/app/views/administration.miscconfig.edit.php +++ b/ui/app/views/administration.miscconfig.edit.php @@ -50,7 +50,7 @@ $from_list = (new CFormList()) 'dstfrm' => 'otherForm', 'dstfld1' => 'discovery_groupid', 'normal_only' => '1', - 'editable' => true, + 'editable' => true ] ] ]))->setWidth(ZBX_TEXTAREA_MEDIUM_WIDTH) diff --git a/ui/app/views/js/administration.trigdisplay.edit.js.php b/ui/app/views/js/administration.trigdisplay.edit.js.php index 42b6b89917a..44af9adee09 100644 --- a/ui/app/views/js/administration.trigdisplay.edit.js.php +++ b/ui/app/views/js/administration.trigdisplay.edit.js.php @@ -27,19 +27,19 @@ $schema = DB::getSchema('config'); ?> <script type="text/javascript"> - jQuery(document).ready(function() { - jQuery("input[name=custom_color]").on('change', function() { - var checked = jQuery(this).is(':checked'); - jQuery(".js-event-color-picker").each(function() { - var $field = jQuery(this); + $(document).ready(function() { + $("input[name=custom_color]").on('change', function() { + var checked = $(this).is(':checked'); + $(".js-event-color-picker").each(function() { + var $field = $(this); $field.toggleClass('<?= ZBX_STYLE_DISABLED ?>', !checked); - jQuery("input", $field).prop('disabled', !checked); + $("input", $field).prop('disabled', !checked); }); }); - jQuery("#resetDefaults").click(function() { + $("#resetDefaults").click(function() { overlayDialogue({ 'title': <?= json_encode(_('Reset confirmation')) ?>, - 'content': jQuery('<span>').text(<?= json_encode(_('Reset all fields to default values?')) ?>), + 'content': $('<span>').text(<?= json_encode(_('Reset all fields to default values?')) ?>), 'buttons': [ { 'title': <?= json_encode(_('Cancel')) ?>, @@ -57,48 +57,48 @@ $schema = DB::getSchema('config'); : 'false' ?>; - jQuery('#custom_color') + $('#custom_color') .prop('checked', custom_color_enabled) - .trigger('change'); + .change(); // Unacknowledged problem events - jQuery('#problem_unack_color') + $('#problem_unack_color') .val("<?= $schema['fields']['problem_unack_color']['default'] ?>") .prop('disabled', !custom_color_enabled) - .trigger('change'); - jQuery('#problem_unack_style').prop('checked', + .change(); + $('#problem_unack_style').prop('checked', <?= ($schema['fields']['problem_unack_style']['default'] == 0) ? 'false' : 'true' ?> ); // Acknowledged problem events - jQuery('#problem_ack_color') + $('#problem_ack_color') .val("<?= $schema['fields']['problem_ack_color']['default'] ?>") .prop('disabled', !custom_color_enabled) - .trigger('change'); - jQuery('#problem_ack_style').prop('checked', + .change(); + $('#problem_ack_style').prop('checked', <?= ($schema['fields']['problem_ack_style']['default'] == 0) ? 'false' : 'true' ?> ); // Unacknowledged resolved events - jQuery('#ok_unack_color') + $('#ok_unack_color') .val("<?= $schema['fields']['ok_unack_color']['default'] ?>") .prop('disabled', !custom_color_enabled) - .trigger('change'); - jQuery('#ok_unack_style').prop('checked', + .change(); + $('#ok_unack_style').prop('checked', <?= ($schema['fields']['ok_unack_style']['default'] == 0) ? 'false' : 'true' ?> ); // Acknowledged resolved events - jQuery('#ok_ack_color') + $('#ok_ack_color') .val("<?= $schema['fields']['ok_ack_color']['default'] ?>") .prop('disabled', !custom_color_enabled) - .trigger('change'); - jQuery('#ok_ack_style').prop('checked', + .change(); + $('#ok_ack_style').prop('checked', <?= ($schema['fields']['ok_ack_style']['default'] == 0) ? 'false' : 'true' ?> ); - jQuery('#ok_period').val("<?= $schema['fields']['ok_period']['default'] ?>"); - jQuery('#blink_period').val("<?= $schema['fields']['blink_period']['default'] ?>"); + $('#ok_period').val("<?= $schema['fields']['ok_period']['default'] ?>"); + $('#blink_period').val("<?= $schema['fields']['blink_period']['default'] ?>"); $('#severity_name_0').val("<?= $schema['fields']['severity_name_0']['default'] ?>"); $('#severity_name_1').val("<?= $schema['fields']['severity_name_1']['default'] ?>"); diff --git a/ui/app/views/layout.htmlpage.php b/ui/app/views/layout.htmlpage.php index 09aedf97052..79c57a2bf5f 100644 --- a/ui/app/views/layout.htmlpage.php +++ b/ui/app/views/layout.htmlpage.php @@ -28,13 +28,14 @@ function local_showHeader(array $data): void { header('X-Content-Type-Options: nosniff'); header('X-XSS-Protection: 1; mode=block'); - if (X_FRAME_OPTIONS !== null) { - if (strcasecmp(X_FRAME_OPTIONS, 'SAMEORIGIN') == 0 || strcasecmp(X_FRAME_OPTIONS, 'DENY') == 0) { - $x_frame_options = X_FRAME_OPTIONS; + if (CSettingsHelper::get(CSettingsHelper::X_FRAME_OPTIONS) !== '') { + if (strcasecmp(CSettingsHelper::get(CSettingsHelper::X_FRAME_OPTIONS), 'SAMEORIGIN') == 0 + || strcasecmp(CSettingsHelper::get(CSettingsHelper::X_FRAME_OPTIONS), 'DENY') == 0) { + $x_frame_options = CSettingsHelper::get(CSettingsHelper::X_FRAME_OPTIONS); } else { $x_frame_options = 'SAMEORIGIN'; - $allowed_urls = explode(',', X_FRAME_OPTIONS); + $allowed_urls = explode(',', CSettingsHelper::get(CSettingsHelper::X_FRAME_OPTIONS)); $url_to_check = array_key_exists('HTTP_REFERER', $_SERVER) ? parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) : null; diff --git a/ui/app/views/popup.generic.php b/ui/app/views/popup.generic.php index e8ae48dd655..4a62b5b9d1c 100644 --- a/ui/app/views/popup.generic.php +++ b/ui/app/views/popup.generic.php @@ -243,7 +243,8 @@ switch ($data['popup_type']) { : null; $js_action = "javascript: addValue(".zbx_jsvalue($options['reference']).', '. - zbx_jsvalue($item['usrgrpid']).', '.$options['parentid'].');'; + zbx_jsvalue($item['usrgrpid']).', '.$options['parentid'].');' + ; $name = (new CLink($item['name'], 'javascript: void(0);')) ->setId('spanid'.$item['usrgrpid']) diff --git a/ui/include/classes/api/services/CSettings.php b/ui/include/classes/api/services/CSettings.php index 2ca3dee51fa..bf25104a525 100644 --- a/ui/include/classes/api/services/CSettings.php +++ b/ui/include/classes/api/services/CSettings.php @@ -126,7 +126,7 @@ class CSettings extends CApiService { ]); if (array_key_exists('discovery_groupid', $upd_config) - && bccomp($upd_config['discovery_groupid'], $db_settings['discovery_groupid']) != 0) { + && bccomp($upd_config['discovery_groupid'], $db_settings['discovery_groupid']) !== 0) { $this->setHostGroupInternal($db_settings['discovery_groupid'], ZBX_NOT_INTERNAL_GROUP); $this->setHostGroupInternal($upd_config['discovery_groupid'], ZBX_INTERNAL_GROUP); } @@ -165,13 +165,13 @@ class CSettings extends CApiService { 'severity_color_3' => ['type' => API_COLOR, 'flags' => API_NOT_EMPTY], 'severity_color_4' => ['type' => API_COLOR, 'flags' => API_NOT_EMPTY], 'severity_color_5' => ['type' => API_COLOR, 'flags' => API_NOT_EMPTY], - 'severity_name_0' => ['type' => API_STRING_UTF8, 'length' => 32], - 'severity_name_1' => ['type' => API_STRING_UTF8, 'length' => 32], - 'severity_name_2' => ['type' => API_STRING_UTF8, 'length' => 32], - 'severity_name_3' => ['type' => API_STRING_UTF8, 'length' => 32], - 'severity_name_4' => ['type' => API_STRING_UTF8, 'length' => 32], - 'severity_name_5' => ['type' => API_STRING_UTF8, 'length' => 32], - 'custom_color' => ['type' => API_INT32, 'in' => EVENT_CUSTOM_COLOR_DISABLED.','. EVENT_CUSTOM_COLOR_ENABLED], + 'severity_name_0' => ['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('config', 'severity_name_0')], + 'severity_name_1' => ['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('config', 'severity_name_1')], + 'severity_name_2' => ['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('config', 'severity_name_2')], + 'severity_name_3' => ['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('config', 'severity_name_3')], + 'severity_name_4' => ['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('config', 'severity_name_4')], + 'severity_name_5' => ['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('config', 'severity_name_5')], + 'custom_color' => ['type' => API_INT32, 'in' => EVENT_CUSTOM_COLOR_DISABLED.','.EVENT_CUSTOM_COLOR_ENABLED], 'ok_period' => ['type' => API_TIME_UNIT], 'blink_period' => ['type' => API_TIME_UNIT], 'problem_unack_color' => ['type' => API_COLOR, 'flags' => API_NOT_EMPTY], @@ -184,15 +184,15 @@ class CSettings extends CApiService { 'ok_ack_style' => ['type' => API_INT32, 'in' => '0,1'], 'refresh_unsupported' => ['type' => API_TIME_UNIT], 'discovery_groupid' => ['type' => API_ID], - 'default_inventory_mode' => ['type' => API_INT32, 'in' => HOST_INVENTORY_DISABLED.','. HOST_INVENTORY_MANUAL.','.HOST_INVENTORY_AUTOMATIC], + 'default_inventory_mode' => ['type' => API_INT32, 'in' => HOST_INVENTORY_DISABLED.','.HOST_INVENTORY_MANUAL.','.HOST_INVENTORY_AUTOMATIC], 'alert_usrgrpid' => ['type' => API_ID, 'flags' => API_ALLOW_NULL], 'snmptrap_logging' => ['type' => API_INT32, 'in' => '0,1'], 'login_attempts' => ['type' => API_INT32, 'in' => '1:32'], 'login_block' => ['type' => API_TIME_UNIT, 'in' => implode(':', [30, SEC_PER_HOUR])], - 'session_name' => ['type' => API_STRING_UTF8, 'length' => 32], + 'session_name' => ['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('config', 'session_name')], 'validate_uri_schemes' => ['type' => API_INT32, 'in' => '0,1'], - 'uri_valid_schemes' => ['type' => API_STRING_UTF8, 'length' => 255], - 'x_frame_options' => ['type' => API_STRING_UTF8, 'length' => 255], + 'uri_valid_schemes' => ['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('config', 'uri_valid_schemes')], + 'x_frame_options' => ['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('config', 'x_frame_options')], 'connect_timeout' => ['type' => API_TIME_UNIT, 'in' => '1:30'], 'socket_timeout' => ['type' => API_TIME_UNIT, 'in' => '1:300'], 'media_type_test_timeout' => ['type' => API_TIME_UNIT, 'in' => '1:300'], diff --git a/ui/include/classes/api/services/CUser.php b/ui/include/classes/api/services/CUser.php index a0d4d28cfbe..d127a06c0c3 100644 --- a/ui/include/classes/api/services/CUser.php +++ b/ui/include/classes/api/services/CUser.php @@ -1176,7 +1176,9 @@ class CUser extends CApiService { ); if ($db_user['attempt_failed'] >= CSettingsHelper::get(CSettingsHelper::LOGIN_ATTEMPTS)) { - $sec_left = CSettingsHelper::get(CSettingsHelper::LOGIN_BLOCK) - (time() - $db_user['attempt_clock']); + $sec_left = (timeUnitToSeconds(CSettingsHelper::get(CSettingsHelper::LOGIN_BLOCK)) + - (time() - $db_user['attempt_clock']) + ); if ($sec_left > 0) { self::exception(ZBX_API_ERROR_PERMISSIONS, @@ -1222,9 +1224,9 @@ class CUser extends CApiService { if ($e->getCode() == ZBX_API_ERROR_PERMISSIONS && $db_user['attempt_failed'] >= CSettingsHelper::get(CSettingsHelper::LOGIN_ATTEMPTS)) { - self::exception(ZBX_API_ERROR_PERMISSIONS, _n('Account is blocked for %1$s second.', - 'Account is blocked for %1$s seconds.', CSettingsHelper::get(CSettingsHelper::LOGIN_BLOCK) - )); + self::exception(ZBX_API_ERROR_PERMISSIONS, + _n('Account is blocked for %1$s second.', 'Account is blocked for %1$s seconds.', timeUnitToSeconds(CSettingsHelper::get(CSettingsHelper::LOGIN_BLOCK))) + ); } self::exception(ZBX_API_ERROR_PERMISSIONS, $e->getMessage()); diff --git a/ui/include/classes/validators/CHtmlUrlValidator.php b/ui/include/classes/validators/CHtmlUrlValidator.php index 80d6623ebfa..fc6bffeca50 100644 --- a/ui/include/classes/validators/CHtmlUrlValidator.php +++ b/ui/include/classes/validators/CHtmlUrlValidator.php @@ -22,7 +22,7 @@ class CHtmlUrlValidator { /** - * URL is validated if schema validation is enabled (see VALIDATE_URI_SCHEMES). + * URL is validated if schema validation is enabled by CSettingsHelper::VALIDATE_URI_SCHEMES parameter. * * Relative URL should start with .php file name. * Absolute URL schema must match schemes mentioned in ZBX_URL_VALID_SCHEMES comma separated list. @@ -40,8 +40,8 @@ class CHtmlUrlValidator { * set to INVENTORY_URL_MACRO_HOST; * @param bool $options[allow_event_tags_macro] If set to be true, URLs containing {EVENT.TAGS.<ref>} macros will * be considered as valid. - * @param bool $options[validate_uri_schemes] Parameter allows to overwrite global switch VALIDATE_URI_SCHEMES - * for specific uses. + * @param bool $options[validate_uri_schemes] Parameter allows to overwrite global switch + * CSettingsHelper::VALIDATE_URI_SCHEMES for specific uses. * * @return bool */ @@ -50,7 +50,7 @@ class CHtmlUrlValidator { 'allow_user_macro' => true, 'allow_event_tags_macro' => false, 'allow_inventory_macro' => INVENTORY_URL_MACRO_NONE, - 'validate_uri_schemes' => VALIDATE_URI_SCHEMES + 'validate_uri_schemes' => (bool) CSettingsHelper::get(CSettingsHelper::VALIDATE_URI_SCHEMES) ]; if ($options['validate_uri_schemes'] === false) { @@ -96,7 +96,9 @@ class CHtmlUrlValidator { } if (array_key_exists('scheme', $url_parts)) { - if (!in_array(strtolower($url_parts['scheme']), explode(',', strtolower(ZBX_URI_VALID_SCHEMES)))) { + if (!in_array(strtolower($url_parts['scheme']), explode(',', strtolower(CSettingsHelper::get( + CSettingsHelper::URI_VALID_SCHEMES + ))))) { return false; } diff --git a/ui/include/defines.inc.php b/ui/include/defines.inc.php index 867e593b12f..f2fad334fb1 100644 --- a/ui/include/defines.inc.php +++ b/ui/include/defines.inc.php @@ -147,8 +147,6 @@ define('ZBX_DB_DEFAULT_CHARSET', 'UTF8'); define('ZBX_DB_MYSQL_DEFAULT_COLLATION', 'utf8_bin'); define('ORACLE_MAX_STRING_SIZE', 4000); -define('ZBX_SHOW_TECHNICAL_ERRORS', false); - define('PAGE_TYPE_HTML', 0); define('PAGE_TYPE_IMAGE', 1); define('PAGE_TYPE_JS', 3); // javascript @@ -181,10 +179,6 @@ define('P_NZERO', 0x0020); define('P_NO_TRIM', 0x0040); define('P_ALLOW_USER_MACRO', 0x0080); define('P_ALLOW_LLD_MACRO', 0x0100); -define('ZBX_URI_VALID_SCHEMES', 'http,https,ftp,file,mailto,tel,ssh'); - -// Validate URI against schemes whitelist defined in ZBX_URI_VALID_SCHEMES. -define('VALIDATE_URI_SCHEMES', true); // misc parameters define('IMAGE_FORMAT_PNG', 'PNG'); @@ -220,7 +214,7 @@ define('AUDIT_ACTION_DISABLE', 6); define('AUDIT_ACTION_EXECUTE', 7); define('AUDIT_RESOURCE_USER', 0); -define('AUDIT_RESOURCE_ZABBIX_CONFIG', 2); // currently not used but need for compatibility with old audit records +define('AUDIT_RESOURCE_ZABBIX_CONFIG', 2); // Currently not used but need for compatibility with old audit records. define('AUDIT_RESOURCE_MEDIA_TYPE', 3); define('AUDIT_RESOURCE_HOST', 4); define('AUDIT_RESOURCE_ACTION', 5); @@ -1936,15 +1930,3 @@ define('OPERATIONAL_DATA_SHOW_WITH_PROBLEM', 2); * https://www.w3.org/TR/2010/WD-html5-20100624/the-iframe-element.html#attr-iframe-sandbox */ define('ZBX_IFRAME_SANDBOX', ''); - -// HTTP headers -/* - * Value of HTTP X-Frame-options header. - * - * Supported options: - * - SAMEORIGIN (string) - compatible with rfc7034. - * - DENY (string) - compatible with rfc7034. - * - a list (string) of comma-separated hostnames. If hostname is not between allowed, the SAMEORIGIN option is used. - * - null - disable X-Frame-options header. - */ -define('X_FRAME_OPTIONS', 'SAMEORIGIN'); diff --git a/ui/include/func.inc.php b/ui/include/func.inc.php index d1b6751eb40..89540da3d3f 100644 --- a/ui/include/func.inc.php +++ b/ui/include/func.inc.php @@ -1653,14 +1653,14 @@ function makeMessageBox($good, array $messages, $title = null, $show_close_box = } /** - * Filters messages that can be displayed to user based on defines (see ZBX_SHOW_TECHNICAL_ERRORS) and user settings. + * Filters messages that can be displayed to user based on CSettingsHelper::SHOW_TECHNICAL_ERRORS and user settings. * * @param array $messages List of messages to filter. * * @return array */ function filter_messages(array $messages = []) { - if (!ZBX_SHOW_TECHNICAL_ERRORS && CWebUser::getType() != USER_TYPE_SUPER_ADMIN && !CWebUser::getDebugMode()) { + if (!CSettingsHelper::get(CSettingsHelper::SHOW_TECHNICAL_ERRORS) && CWebUser::getType() != USER_TYPE_SUPER_ADMIN && !CWebUser::getDebugMode()) { $filtered_messages = []; $generic_exists = false; diff --git a/ui/include/page_header.php b/ui/include/page_header.php index f9275281ac6..2bd22b52968 100644 --- a/ui/include/page_header.php +++ b/ui/include/page_header.php @@ -85,13 +85,14 @@ switch ($page['type']) { header('X-Content-Type-Options: nosniff'); header('X-XSS-Protection: 1; mode=block'); - if (X_FRAME_OPTIONS !== null) { - if (strcasecmp(X_FRAME_OPTIONS, 'SAMEORIGIN') == 0 || strcasecmp(X_FRAME_OPTIONS, 'DENY') == 0) { - $x_frame_options = X_FRAME_OPTIONS; + if (CSettingsHelper::get(CSettingsHelper::X_FRAME_OPTIONS) !== '') { + if (strcasecmp(CSettingsHelper::get(CSettingsHelper::X_FRAME_OPTIONS), 'SAMEORIGIN') == 0 + || strcasecmp(CSettingsHelper::get(CSettingsHelper::X_FRAME_OPTIONS), 'DENY') == 0) { + $x_frame_options = CSettingsHelper::get(CSettingsHelper::X_FRAME_OPTIONS); } else { $x_frame_options = 'SAMEORIGIN'; - $allowed_urls = explode(',', X_FRAME_OPTIONS); + $allowed_urls = explode(',', CSettingsHelper::get(CSettingsHelper::X_FRAME_OPTIONS)); $url_to_check = array_key_exists('HTTP_REFERER', $_SERVER) ? parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) : null; diff --git a/ui/tests/unit/include/classes/validators/CHtmlUrlValidatorTest.php b/ui/tests/unit/include/classes/validators/CHtmlUrlValidatorTest.php index b6c6e7abc80..58d6c3a72e0 100644 --- a/ui/tests/unit/include/classes/validators/CHtmlUrlValidatorTest.php +++ b/ui/tests/unit/include/classes/validators/CHtmlUrlValidatorTest.php @@ -21,7 +21,7 @@ class CHtmlUrlValidatorTest extends PHPUnit_Framework_TestCase { - // Expected results are defined assuming that VALIDATE_URI_SCHEMES is enabled (set to be true). + // Expected results are defined assuming that CSettingsHelper::VALIDATE_URI_SCHEMES is enabled (set to be 1). public function providerValidateURL() { return [ // Valid URLs. |