1<?php
2/*
3 +-------------------------------------------------------------------------+
4 | Copyright (C) 2004-2021 The Cacti Group                                 |
5 |                                                                         |
6 | This program is free software; you can redistribute it and/or           |
7 | modify it under the terms of the GNU General Public License             |
8 | as published by the Free Software Foundation; either version 2          |
9 | of the License, or (at your option) any later version.                  |
10 |                                                                         |
11 | This program is distributed in the hope that it will be useful,         |
12 | but WITHOUT ANY WARRANTY; without even the implied warranty of          |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
14 | GNU General Public License for more details.                            |
15 +-------------------------------------------------------------------------+
16 | Cacti: The Complete RRDtool-based Graphing Solution                     |
17 +-------------------------------------------------------------------------+
18 | This code is designed, written, and maintained by the Cacti Group. See  |
19 | about.php and/or the AUTHORS file for specific developer information.   |
20 +-------------------------------------------------------------------------+
21 | http://www.cacti.net/                                                   |
22 +-------------------------------------------------------------------------+
23*/
24
25/* since we'll have additional headers, tell php when to flush them */
26ob_start();
27
28$guest_account = true;
29$auth_json     = true;
30$gtype         = 'png';
31
32include('./include/auth.php');
33include_once('./lib/rrd.php');
34
35api_plugin_hook_function('graph_image');
36
37/* set the json variable for request validation handling */
38set_request_var('json', true);
39
40$debug = false;
41
42if ($debug == false) {
43	/* ================= input validation ================= */
44	get_filter_request_var('graph_start');
45	get_filter_request_var('graph_end');
46	get_filter_request_var('graph_height');
47	get_filter_request_var('graph_width');
48	get_filter_request_var('local_graph_id');
49
50	if (isset_request_var('graph_nolegend')) {
51		set_request_var('graph_nolegend', 'true');
52	}
53
54	get_filter_request_var('graph_theme', FILTER_CALLBACK, array('options' => 'sanitize_search_string'));
55	/* ==================================================== */
56} else {
57	set_request_var('graph_width', 700);
58	set_request_var('graph_height', 200);
59	set_request_var('title_font_size', 10);
60	set_request_var('view_type', 'tree');
61	set_request_var('graph_start', -1600);
62	set_request_var('graph_end', 0);
63	set_request_var('local_graph_id', 53);
64	set_request_var('rra_id', 0);
65}
66
67cacti_session_close();
68
69$graph_data_array = array();
70
71/* override: graph start time (unix time) */
72if (!isempty_request_var('graph_start') && get_request_var('graph_start') < FILTER_VALIDATE_MAX_DATE_AS_INT) {
73	$graph_data_array['graph_start'] = get_request_var('graph_start');
74}
75
76/* override: graph end time (unix time) */
77if (!isempty_request_var('graph_end') && get_request_var('graph_end') < FILTER_VALIDATE_MAX_DATE_AS_INT) {
78	$graph_data_array['graph_end'] = get_request_var('graph_end');
79}
80
81/* override: graph height (in pixels) */
82if (!isempty_request_var('graph_height') && get_request_var('graph_height') < 3000) {
83	$graph_data_array['graph_height'] = get_request_var('graph_height');
84}
85
86/* override: graph width (in pixels) */
87if (!isempty_request_var('graph_width') && get_request_var('graph_width') < 3000) {
88	$graph_data_array['graph_width'] = get_request_var('graph_width');
89}
90
91/* override: skip drawing the legend? */
92if (!isempty_request_var('graph_nolegend')) {
93	$graph_data_array['graph_nolegend'] = get_request_var('graph_nolegend');
94}
95
96/* print RRDtool graph source? */
97if (!isempty_request_var('show_source')) {
98	$graph_data_array['print_source'] = get_request_var('show_source');
99}
100
101/* disable cache check */
102if (isset_request_var('disable_cache')) {
103	$graph_data_array['disable_cache'] = true;
104}
105
106/* set the theme */
107if (isset_request_var('graph_theme')) {
108	$graph_data_array['graph_theme'] = get_request_var('graph_theme');
109}
110
111if (isset_request_var('rra_id')) {
112	if (get_nfilter_request_var('rra_id') == 'all') {
113		$rra_id = 'all';
114	} else {
115		$rra_id = get_filter_request_var('rra_id');
116	}
117} else {
118	$rra_id = null;
119}
120
121$graph_data_array['graphv'] = true;
122
123// Determine the graph type of the output
124if (!isset_request_var('image_format')) {
125	$type   = db_fetch_cell_prepared('SELECT image_format_id
126		FROM graph_templates_graph
127		WHERE local_graph_id = ?',
128		array(get_request_var('local_graph_id')));
129
130	switch($type) {
131	case '1':
132		$gtype = 'png';
133		break;
134	case '3':
135		$gtype = 'svg+xml';
136		break;
137	default:
138		$gtype = 'png';
139		break;
140	}
141} else {
142	switch(strtolower(get_nfilter_request_var('image_format'))) {
143	case 'png':
144		$graph_data_array['image_format'] = 'png';
145		break;
146	case 'svg':
147		$gtype = 'svg+xml';
148		break;
149	default:
150		$gtype = 'png';
151		break;
152	}
153}
154
155$graph_data_array['image_format'] = $gtype;
156
157if ($config['poller_id'] == 1 || read_config_option('storage_location')) {
158	$xport_meta = array();
159	$output = rrdtool_function_graph(get_request_var('local_graph_id'), $rra_id, $graph_data_array, '', $xport_meta, $_SESSION['sess_user_id']);
160
161	ob_end_clean();
162} else {
163	if (isset_request_var('rra_id')) {
164		if (get_nfilter_request_var('rra_id') == 'all') {
165			$rra_id = 'all';
166		} else {
167			$rra_id = get_filter_request_var('rra_id');
168		}
169	}
170
171	/* get the theme */
172	if (!isset_request_var('graph_theme')) {
173		$graph_data_array['graph_theme'] = get_selected_theme();
174	}
175
176	if (isset($_SESSION['sess_user_id'])) {
177		$graph_data_array['effective_user'] = $_SESSION['sess_user_id'];
178	}
179
180	$hostname = db_fetch_cell('SELECT hostname FROM poller WHERE id = 1');
181
182	$url  = get_url_type() . '://' . $hostname . $config['url_path'] . 'remote_agent.php?action=graph_json';
183	$url .= '&local_graph_id=' . get_request_var('local_graph_id');
184	$url .= '&rra_id=' . $rra_id;
185
186	foreach($graph_data_array as $variable => $value) {
187		$url .= '&' . $variable . '=' . $value;
188	}
189
190	$fgc_contextoption = get_default_contextoption();
191	$fgc_context       = stream_context_create($fgc_contextoption);
192	$output            = @file_get_contents($url, false, $fgc_context);
193}
194
195$output = trim($output);
196$oarray = array('type' => $gtype, 'local_graph_id' => get_request_var('local_graph_id'), 'rra_id' => $rra_id);
197
198// Check if we received back something populated from rrdtool
199if ($output !== false && $output != '' && strpos($output, 'image = ') !== false) {
200	// Find the beginning of the image definition row
201	$image_begin_pos  = strpos($output, 'image = ');
202	// Find the end of the line of the image definition row, after this the raw image data will come
203	$image_data_pos   = strpos($output, "\n" , $image_begin_pos) + 1;
204	// Insert the raw image data to the array
205	$oarray['image']  = base64_encode(substr($output, $image_data_pos));
206
207	// Parse and populate everything before the image definition row
208	$header_lines = explode("\n", substr($output, 0, $image_begin_pos - 1));
209	foreach ($header_lines as $line) {
210		$parts = explode(' = ', $line);
211		$oarray[$parts[0]] = trim($parts[1]);
212	}
213} else {
214	/* image type now png */
215	$oarray['type'] = 'png';
216
217	ob_start();
218
219	$graph_data_array['get_error'] = true;
220
221	$null_param = array();
222	rrdtool_function_graph(get_request_var('local_graph_id'), $rra_id, $graph_data_array, '', $null_param, $_SESSION['sess_user_id']);
223
224	$error = ob_get_contents();
225
226	ob_end_clean();
227
228	if (read_config_option('stats_poller') == '') {
229		$error = __('The Cacti Poller has not run yet.');
230	}
231
232	if (isset($graph_data_array['graph_width']) && isset($graph_data_array['graph_height'])) {
233		$image = rrdtool_create_error_image($error, $graph_data_array['graph_width'], $graph_data_array['graph_height']);
234	} else {
235		$image = rrdtool_create_error_image($error);
236	}
237
238	if (isset($graph_data_array['graph_width'])) {
239		if (isset($graph_data_array['graph_nolegend'])) {
240			$oarray['image_width']  = round($graph_data_array['graph_width']  * 1.24, 0);
241			$oarray['image_height'] = round($graph_data_array['graph_height'] * 1.45, 0);
242		} else {
243			$oarray['image_width']  = round($graph_data_array['graph_width']  * 1.15, 0);
244			$oarray['image_height'] = round($graph_data_array['graph_height'] * 1.8, 0);
245		}
246	} else {
247		$oarray['image_width']  = round(db_fetch_cell_prepared('SELECT width
248			FROM graph_templates_graph
249			WHERE local_graph_id = ?',
250			array(get_request_var('local_graph_id'))), 0);
251
252		$oarray['image_height']  = round(db_fetch_cell_prepared('SELECT height
253			FROM graph_templates_graph
254			WHERE local_graph_id = ?',
255			array(get_request_var('local_graph_id'))), 0);
256	}
257
258	if ($image !== false) {
259		$oarray['image'] = base64_encode($image);
260	} else {
261		$oarray['image'] = base64_encode(file_get_contents(__DIR__ . '/images/cacti_error_image.png'));
262	}
263}
264
265header('Content-Type: application/json');
266header('Cache-Control: max-age=15');
267$json = json_encode($oarray);
268header('Content-Length: ' . strlen($json));
269print $json;
270
271
272