1<?php
2///////////////////////////////////////////////////////////////////////////////
3//
4// NagiosQL
5//
6///////////////////////////////////////////////////////////////////////////////
7//
8// (c) 2005-2020 by Martin Willisegger
9//
10// Project   : NagiosQL
11// Component : Settings configuration
12// Website   : https://sourceforge.net/projects/nagiosql/
13// Version   : 3.4.1
14// GIT Repo  : https://gitlab.com/wizonet/NagiosQL
15//
16///////////////////////////////////////////////////////////////////////////////
17//
18// Path settings
19// ===================
20$strPattern = '(admin/[^/]*.php)';
21$preRelPath  = preg_replace($strPattern, '', filter_input(INPUT_SERVER, 'PHP_SELF', FILTER_SANITIZE_STRING));
22$preBasePath = preg_replace($strPattern, '', filter_input(INPUT_SERVER, 'SCRIPT_FILENAME', FILTER_SANITIZE_STRING));
23//
24// Define common variables
25// =======================
26$prePageId    = 38;
27$preContent   = 'admin/settings.htm.tpl';
28$preAccess    = 1;
29$preFieldvars = 1;
30$arrSQL       = array();
31//
32// Include preprocessing files
33// ===========================
34require $preBasePath.'functions/prepend_adm.php';
35require $preBasePath.'functions/prepend_content.php';
36//
37// Process initial values
38// ======================
39if (filter_input(INPUT_POST, 'tfValue1') == null) {
40    $chkTfValue1  = $SETS['path']['tempdir'];
41}
42if (filter_input(INPUT_POST, 'tfValue2') == null) {
43    $chkTfValue2  = $SETS['data']['encoding'];
44}
45if (filter_input(INPUT_POST, 'tfValue3') == null) {
46    $chkTfValue3  = $SETS['db']['server'];
47}
48if (filter_input(INPUT_POST, 'tfValue4') == null) {
49    $chkTfValue4  = $SETS['db']['port'];
50}
51if (filter_input(INPUT_POST, 'tfValue5') == null) {
52    $chkTfValue5  = $SETS['db']['database'];
53}
54if (filter_input(INPUT_POST, 'tfValue6') == null) {
55    $chkTfValue6  = $SETS['db']['username'];
56}
57if (filter_input(INPUT_POST, 'tfValue7') == null) {
58    $chkTfValue7  = $SETS['db']['password'];
59}
60if (filter_input(INPUT_POST, 'tfValue8') == null) {
61    $chkTfValue8  = $SETS['security']['logofftime'];
62}
63if (filter_input(INPUT_POST, 'tfValue9') == null) {
64    $chkTfValue9  = $SETS['common']['pagelines'];
65}
66if (filter_input(INPUT_POST, 'tfValue10') == null) {
67    $chkTfValue10 = $SETS['network']['proxyserver'];
68}
69if (filter_input(INPUT_POST, 'tfValue11') == null) {
70    $chkTfValue11 = $SETS['network']['proxyuser'];
71}
72if (filter_input(INPUT_POST, 'tfValue12') == null) {
73    $chkTfValue12 = $SETS['network']['proxypasswd'];
74}
75if (filter_input(INPUT_POST, 'selValue3') == null) {
76    $chkSelValue3 = $SETS['security']['wsauth'];
77}
78if (filter_input(INPUT_POST, 'selValue4') == null) {
79    $chkSelValue4 = $SETS['common']['seldisable'];
80}
81if (filter_input(INPUT_POST, 'radValue1') == null) {
82    $chkRadValue1 = $SETS['common']['tplcheck'];
83}
84if (filter_input(INPUT_POST, 'radValue2') == null) {
85    $chkRadValue2 = $SETS['common']['updcheck'];
86}
87if (filter_input(INPUT_POST, 'radValue3') == null) {
88    $chkRadValue3 = $SETS['network']['proxy'];
89}
90if (filter_input(INPUT_POST, 'radValue4') == null) {
91    $chkRadValue4 = $SETS['performance']['parents'];
92}
93//
94// Save changes
95// ============
96if (filter_input(INPUT_POST, 'selValue1')) {
97    //
98    // Write settings to database
99    // ==========================
100    if ($chkSelValue1 == 2) {
101        $strProtocol = 'https';
102    } else {
103        $strProtocol = 'http';
104    }
105    $strLocale = $myDBClass->getFieldData("SELECT `locale` FROM `tbl_language` WHERE `id`='".$chkSelValue2."'");
106    if ($strLocale == '') {
107        $strLocale = 'en_GB';
108    }
109    $SETS['path']['protocol'] = $strProtocol;
110    $SETS['data']['locale']   = $strLocale;
111    // Check Proxy via curl
112    if (!function_exists('curl_init')) {
113        $myVisClass->processMessage(translate('Curl module not loaded, Proxy will be deactivated!'), $strErrorMessage);
114        $chkRadValue3 = 0;
115    }
116    // Check base paths
117    $strSQLBase = "UPDATE `tbl_settings` SET `value`='%s' WHERE `category`='%s' AND `name`='%s'";
118    $arrSQL[]   = sprintf($strSQLBase, $strProtocol, 'path', 'protocol');
119    $arrSQL[]   = sprintf($strSQLBase, $chkTfValue1, 'path', 'tempdir');
120    $arrSQL[]   = sprintf($strSQLBase, $preRelPath, 'path', 'base_url');
121    $arrSQL[]   = sprintf($strSQLBase, $preBasePath, 'path', 'base_path');
122    $arrSQL[]   = sprintf($strSQLBase, $strLocale, 'data', 'locale');
123    $arrSQL[]   = sprintf($strSQLBase, $chkTfValue2, 'data', 'encoding');
124    $arrSQL[]   = sprintf($strSQLBase, $chkTfValue8, 'security', 'logofftime');
125    $arrSQL[]   = sprintf($strSQLBase, $chkSelValue3, 'security', 'wsauth');
126    $arrSQL[]   = sprintf($strSQLBase, $chkTfValue9, 'common', 'pagelines');
127    $arrSQL[]   = sprintf($strSQLBase, $chkSelValue4, 'common', 'seldisable');
128    $arrSQL[]   = sprintf($strSQLBase, $chkRadValue1, 'common', 'tplcheck');
129    $arrSQL[]   = sprintf($strSQLBase, $chkRadValue2, 'common', 'updcheck');
130    $arrSQL[]   = sprintf($strSQLBase, $chkRadValue3, 'network', 'proxy');
131    $arrSQL[]   = sprintf($strSQLBase, $chkTfValue10, 'network', 'proxyserver');
132    $arrSQL[]   = sprintf($strSQLBase, $chkTfValue11, 'network', 'proxyuser');
133    $arrSQL[]   = sprintf($strSQLBase, $chkTfValue12, 'network', 'proxypasswd');
134    $arrSQL[]   = sprintf($strSQLBase, $chkRadValue4, 'performance', 'parents');
135    foreach ($arrSQL as $elem) {
136        $booReturn = $myDBClass->insertData($elem);
137        if ($booReturn == false) {
138            $myVisClass->processMessage(
139                translate('An error occured while writing settings to database:'),
140                $strErrorMessage
141            );
142            $myVisClass->processMessage($myDBClass->strErrorMessage, $strErrorMessage);
143        }
144    }
145    // Write db settings to file
146    if (is_writable($preBasePath. 'config/settings.php')) {
147        $filSettings = fopen($preBasePath. 'config/settings.php', 'wb');
148        if ($filSettings) {
149            fwrite($filSettings, "<?php\n");
150            fwrite($filSettings, "exit;\n");
151            fwrite($filSettings, "?>\n");
152            fwrite($filSettings, ";///////////////////////////////////////////////////////////////////////////////\n");
153            fwrite($filSettings, ";\n");
154            fwrite($filSettings, "; NagiosQL\n");
155            fwrite($filSettings, ";\n");
156            fwrite($filSettings, ";///////////////////////////////////////////////////////////////////////////////\n");
157            fwrite($filSettings, ";\n");
158            fwrite($filSettings, "; Project  : NagiosQL\n");
159            fwrite($filSettings, "; Component: Database Configuration\n");
160            fwrite($filSettings, "; Website  : https://sourceforge.net/projects/nagiosql/\n");
161            fwrite($filSettings, '; Date     : ' .date('F j, Y, g:i a')."\n");
162            fwrite($filSettings, '; Version  : ' .$setFileVersion."\n");
163            fwrite($filSettings, ";\n");
164            fwrite($filSettings, ";///////////////////////////////////////////////////////////////////////////////\n");
165            fwrite($filSettings, "[db]\n");
166            fwrite($filSettings, "type         = 'mysqli'\n");
167            fwrite($filSettings, 'server       = \'' .$chkTfValue3. "'\n");
168            fwrite($filSettings, 'port         = \'' .$chkTfValue4. "'\n");
169            fwrite($filSettings, 'database     = \'' .$chkTfValue5. "'\n");
170            fwrite($filSettings, 'username     = \'' .$chkTfValue6. "'\n");
171            fwrite($filSettings, 'password     = \'' .$chkTfValue7. "'\n");
172            fwrite($filSettings, "[path]\n");
173            fwrite($filSettings, 'base_url     = \'' .$preRelPath. "'\n");
174            fwrite($filSettings, 'base_path    = \'' .$preBasePath. "'\n");
175            fclose($filSettings);
176            // Activate new language settings
177            $arrLocale = explode('.', $strLocale);
178            $strDomain = $arrLocale[0];
179            $loc = setlocale(
180                LC_ALL,
181                $strLocale,
182                $strLocale. '.utf-8',
183                $strLocale. '.utf-8',
184                $strLocale. '.utf8',
185                'en_GB',
186                'en_GB.utf-8',
187                'en_GB.utf8'
188            );
189            if (!isset($loc)) {
190                $myVisClass->processMessage(translate('Error setting the correct locale. Please report this error '
191                        . "with the associated output of 'locale -a'"), $strErrorMessage);
192            }
193            putenv('LC_ALL=' .$strLocale. '.utf-8');
194            putenv('LANG=' .$strLocale. '.utf-8');
195            bindtextdomain($strLocale, $preBasePath. 'config/locale');
196            bind_textdomain_codeset($strLocale, $chkTfValue2);
197            textdomain($strLocale);
198            $myVisClass->processMessage(translate('Settings were changed'), $strInfoMessage);
199        } else {
200            $myVisClass->processMessage(translate('An error occured while writing settings.php. Please '
201                    . 'check permissions!'), $strErrorMessage);
202        }
203    } else {
204        $myVisClass->processMessage($preBasePath. 'config/settings.php ' .translate('is not writeable, please '
205                . 'check permissions!'), $strErrorMessage);
206    }
207}
208//
209// Start content
210// =============
211$conttp->setVariable('TITLE', translate('Configure Settings'));
212foreach ($arrDescription as $elem) {
213    $conttp->setVariable($elem['name'], $elem['string']);
214}
215$conttp->setVariable('ACTION_INSERT', filter_input(INPUT_SERVER, 'PHP_SELF', FILTER_SANITIZE_STRING));
216$conttp->setVariable('LANG_DESCRIPTION', translate('Change your current NagiosQL settings (e.g. Database user, '
217        . 'Language).'));
218//
219// Path settings
220// =============
221$conttp->setVariable('PATH', translate('Path'));
222$conttp->setVariable('TEMPDIR_NAME', translate('Temporary Directory'));
223$conttp->setVariable('TEMPDIR_VALUE', htmlspecialchars($chkTfValue1, ENT_QUOTES, 'utf-8'));
224$conttp->setVariable('PROTOCOL_NAME', translate('Server protocol'));
225$conttp->setVariable(strtoupper($SETS['path']['protocol']). '_SELECTED', 'selected');
226//
227// Data settings
228// =============
229$conttp->setVariable('DATA', translate('Language'));
230$conttp->setVariable('LOCALE', translate('Language'));
231// Process language selection field
232$strSQL    = "SELECT * FROM `tbl_language` WHERE `active`='1' ORDER BY `id`";
233$booReturn = $myDBClass->hasDataArray($strSQL, $arrData, $intDataCount);
234if ($booReturn && ($intDataCount != 0)) {
235    foreach ($arrData as $elem) {
236        $conttp->setVariable('LANGUAGE_ID', $elem['id']);
237        $conttp->setVariable('LANGUAGE_NAME', translate($elem['language']));
238        if ($elem['locale'] == $SETS['data']['locale']) {
239            $conttp->setVariable('LANGUAGE_SELECTED', 'selected');
240        }
241        $conttp->parse('language');
242    }
243} else {
244    $myVisClass->processMessage(translate('Error while selecting data from database:'), $strErrorMessage);
245    $myVisClass->processMessage($myDBClass->strErrorMessage, $strErrorMessage);
246}
247$conttp->setVariable('ENCODING_NAME', translate('Encoding'));
248$conttp->setVariable('ENCODING_VALUE', htmlspecialchars($chkTfValue2, ENT_QUOTES, 'utf-8'));
249//
250// Database settings
251// =================
252$conttp->setVariable('DB', translate('Database'));
253$conttp->setVariable('SERVER_NAME', translate('MySQL Server'));
254$conttp->setVariable('SERVER_VALUE', htmlspecialchars($chkTfValue3, ENT_QUOTES, 'utf-8'));
255$conttp->setVariable('SERVER_PORT', translate('MySQL Server Port'));
256$conttp->setVariable('PORT_VALUE', htmlspecialchars($chkTfValue4, ENT_QUOTES, 'utf-8'));
257$conttp->setVariable('DATABASE_NAME', translate('Database name'));
258$conttp->setVariable('DATABASE_VALUE', htmlspecialchars($chkTfValue5, ENT_QUOTES, 'utf-8'));
259$conttp->setVariable('USERNAME_NAME', translate('Database user'));
260$conttp->setVariable('USERNAME_VALUE', htmlspecialchars($chkTfValue6, ENT_QUOTES, 'utf-8'));
261$conttp->setVariable('PASSWORD_NAME', translate('Database password'));
262$conttp->setVariable('PASSWORD_VALUE', htmlspecialchars($chkTfValue7, ENT_QUOTES, 'utf-8'));
263//
264// Security settings
265// =================
266$conttp->setVariable('SECURITY', translate('Security'));
267$conttp->setVariable('LOGOFFTIME_NAME', translate('Session auto logoff time'));
268$conttp->setVariable('LOGOFFTIME_VALUE', htmlspecialchars($chkTfValue8, ENT_QUOTES, 'utf-8'));
269$conttp->setVariable('WSAUTH_NAME', translate('Authentication type'));
270$conttp->setVariable('WSAUTH_' .$chkSelValue3. '_SELECTED', 'selected');
271//
272// Common settings
273// ===============
274$conttp->setVariable('COMMON', translate('Common'));
275$conttp->setVariable('PAGELINES_NAME', translate('Data lines per page'));
276$conttp->setVariable('PAGELINES_VALUE', htmlspecialchars($chkTfValue9, ENT_QUOTES, 'utf-8'));
277$conttp->setVariable('SELDISABLE_NAME', translate('Selection method'));
278$conttp->setVariable('SELDISABLE_' .$chkSelValue4. '_SELECTED', 'selected');
279//
280// Template Check
281// ==============
282$conttp->setVariable('TEMPLATE_CHECK', translate('Template warn message'));
283$conttp->setVariable('LANG_ENABLE', translate('Enable'));
284$conttp->setVariable('LANG_DISABLE', translate('Disable'));
285$conttp->setVariable('TPL_CHECK_' .$chkRadValue1. '_CHECKED', 'checked');
286//
287// Online version check
288// ====================
289$conttp->setVariable('CLASS_NAME_1', 'elementHide');
290$conttp->setVariable('CLASS_NAME_2', 'elementHide');
291$conttp->setVariable('UPDATE_CHECK', translate('Online version check'));
292$conttp->setVariable('UPD_CHECK_' .$chkRadValue2. '_CHECKED', 'checked');
293if ($chkRadValue2 == 1) {
294    $conttp->setVariable('CLASS_NAME_1', 'elementShow');
295}
296//
297// Online update proxy settings
298// ============================
299$conttp->setVariable('UPD_PROXY_CHECK', translate('Proxyserver'));
300$conttp->setVariable('UPD_PROXY_' .$chkRadValue3. '_CHECKED', 'checked');
301if (($chkRadValue3 == 1) && ($chkRadValue2 == 1)) {
302    $conttp->setVariable('CLASS_NAME_2', 'elementShow');
303}
304$conttp->setVariable('UPD_PROXY_SERVER', translate('Proxy Address'));
305$conttp->setVariable('UPD_PROXY_SERVER_VALUE', htmlspecialchars($chkTfValue10, ENT_QUOTES, 'utf-8'));
306$conttp->setVariable('UPD_PROXY_USERNAME', translate('Proxy Username (optional)'));
307$conttp->setVariable('UPD_PROXY_USERNAME_VALUE', htmlspecialchars($chkTfValue11, ENT_QUOTES, 'utf-8'));
308$conttp->setVariable('UPD_PROXY_PASSWORD', translate('Proxy Password (optional)'));
309$conttp->setVariable('UPD_PROXY_PASSWORD_VALUE', htmlspecialchars($chkTfValue12, ENT_QUOTES, 'utf-8'));
310//
311// Performance options
312// ===================
313$conttp->setVariable('PERFORMANCE', translate('Performance options'));
314$conttp->setVariable('SHOW_PARENTS', translate('Show object parents'));
315$conttp->setVariable('PAR_CHECK_' .$chkRadValue4. '_CHECKED', 'checked');
316//
317// Requirements of form
318// ====================
319$conttp->setVariable('LANG_SAVE', translate('Save'));
320$conttp->setVariable('LANG_ABORT', translate('Abort'));
321$conttp->setVariable('LANG_REQUIRED', translate('required'));
322$conttp->setVariable('ERRORMESSAGE', $strErrorMessage);
323$conttp->setVariable('INFOMESSAGE', $strInfoMessage);
324//
325// Check access rights for adding new objects
326// ==========================================
327if ($myVisClass->checkAccountGroup($prePageKey, 'write') != 0) {
328    $conttp->setVariable('ADD_CONTROL', 'disabled="disabled"');
329}
330$conttp->parse('settingssite');
331$conttp->show('settingssite');
332//
333// Footer ausgeben
334// ===============
335$maintp->setVariable('VERSION_INFO', "<a href='https://sourceforge.net/projects/nagiosql/' "
336        . "target='_blank'>NagiosQL</a> $setFileVersion");
337$maintp->parse('footer');
338$maintp->show('footer');
339