1<?php
2///////////////////////////////////////////////////////////////////////////////
3//
4// NagiosQL
5//
6///////////////////////////////////////////////////////////////////////////////
7//
8// (c) 2005-2020 by Martin Willisegger
9//
10// Project   : NagiosQL
11// Component : Help text editor
12// Website   : https://sourceforge.net/projects/nagiosql/
13// Version   : 3.4.1
14// GIT Repo  : https://gitlab.com/wizonet/NagiosQL
15//
16///////////////////////////////////////////////////////////////////////////////
17//
18// Path settings
19// ===================
20$strPattern = '(admin/[^/]*.php)';
21$preRelPath  = preg_replace($strPattern, '', filter_input(INPUT_SERVER, 'PHP_SELF', FILTER_SANITIZE_STRING));
22$preBasePath = preg_replace($strPattern, '', filter_input(INPUT_SERVER, 'SCRIPT_FILENAME', FILTER_SANITIZE_STRING));
23//
24// Define common variables
25// =======================
26$prePageId     = 39;
27$preContent    = 'admin/helpedit.htm.tpl';
28$preAccess     = 1;
29$preFieldvars  = 1;
30$setSaveLangId = 'private';
31//
32// Include preprocessing files
33// ===========================
34require $preBasePath.'functions/prepend_adm.php';
35require $preBasePath.'functions/prepend_content.php';
36//
37// Process post parameters
38// =======================
39$chkHidVersion = filter_input(INPUT_POST, 'hidVersion', 513, array('options' => array('default' => 'all')));
40$chkKey1       = filter_input(INPUT_POST, 'selInfoKey1', FILTER_SANITIZE_STRING);
41$chkKey2       = filter_input(INPUT_POST, 'selInfoKey2', FILTER_SANITIZE_STRING);
42$chkVersion    = filter_input(INPUT_POST, 'selInfoVersion', FILTER_SANITIZE_STRING);
43//
44// Quote special characters
45// ==========================
46if (get_magic_quotes_gpc() == 0) {
47    $chkHidVersion = addslashes($chkHidVersion);
48    $chkKey1       = addslashes($chkKey1);
49    $chkKey2       = addslashes($chkKey2);
50    $chkVersion    = addslashes($chkVersion);
51}
52//
53// Security function for text fields
54// =================================
55$chkHidVersion = $myVisClass->tfSecure($chkHidVersion);
56$chkKey1       = $myVisClass->tfSecure($chkKey1);
57$chkKey2       = $myVisClass->tfSecure($chkKey2);
58$chkVersion    = $myVisClass->tfSecure($chkVersion);
59//
60// Add or modify data
61// ==================
62if (($chkTaFileTextRaw != '') && ($chkTfValue3 == '1')) {
63    $strSQL    = "SELECT `infotext` FROM `tbl_info` WHERE `key1`='$chkTfValue1' AND `key2`='$chkTfValue2' "
64               . "AND `version`='$chkHidVersion' AND `language`='$setSaveLangId'";
65    $booReturn = $myDBClass->hasDataArray($strSQL, $arrData, $intDataCount);
66    if ($intDataCount == 0) {
67        $strSQL = 'INSERT INTO `tbl_info` (`key1`,`key2`,`version`,`language`,`infotext`) '
68                . "VALUES ('$chkTfValue1','$chkTfValue2','$chkHidVersion','$setSaveLangId','$chkTaFileTextRaw')";
69    } else {
70        $strSQL = "UPDATE `tbl_info` SET `infotext` = '$chkTaFileTextRaw' WHERE `key1` = '$chkTfValue1' "
71                . "AND `key2` = '$chkTfValue2' AND `version` = '$chkHidVersion' AND `language` = '$setSaveLangId'";
72    }
73    $intReturn = $myDataClass->dataInsert($strSQL, $intInsertId);
74    if ($intReturn != 0) {
75        $myVisClass->processMessage($myDataClass->strErrorMessage, $strErrorMessage);
76    } else {
77        $myVisClass->processMessage($myDataClass->strInfoMessage, $strInfoMessage);
78    }
79}
80//
81// Singe data form
82// ===============
83$conttp->setVariable('TITLE', translate('Help text editor'));
84$conttp->setVariable('ACTION_INSERT', filter_input(INPUT_SERVER, 'PHP_SELF', FILTER_SANITIZE_STRING));
85$conttp->setVariable('MAINSITE', $_SESSION['SETS']['path']['base_url']. 'admin.php');
86foreach ($arrDescription as $elem) {
87    $conttp->setVariable($elem['name'], $elem['string']);
88}
89$conttp->setVariable('INFOKEY_1', translate('Main key'));
90$conttp->setVariable('INFOKEY_2', translate('Sub key'));
91$conttp->setVariable('INFO_LANG', translate('Language'));
92$conttp->setVariable('INFO_VERSION', translate('Nagios version'));
93$conttp->setVariable('LOAD_DEFAULT', translate('Load default text'));
94if ($chkChbValue1 == '1') {
95    $conttp->setVariable('DEFAULT_CHECKED', 'checked');
96}
97//
98// Get Key
99// =======
100$arrData   = array();
101$strSQL    = 'SELECT DISTINCT `key1` FROM `tbl_info` ORDER BY `key1`';
102$booReturn = $myDBClass->hasDataArray($strSQL, $arrData, $intDataCount);
103if ($intDataCount != 0) {
104    foreach ($arrData as $elem) {
105        $conttp->setVariable('INFOKEY_1_VAL', $elem['key1']);
106        if ($chkKey1 == $elem['key1']) {
107            $conttp->setVariable('INFOKEY_1_SEL', 'selected');
108            $conttp->setVariable('INFOKEY_1_SEL_VAL', $elem['key1']);
109        }
110        $conttp->parse('infokey1');
111    }
112}
113if ($chkKey1 != '') {
114    $strSQL    = "SELECT DISTINCT `key2` FROM `tbl_info` WHERE `key1` = '$chkKey1' ORDER BY `key1`";
115    $booReturn = $myDBClass->hasDataArray($strSQL, $arrData, $intDataCount);
116    if ($intDataCount != 0) {
117        foreach ($arrData as $elem) {
118            $conttp->setVariable('INFOKEY_2_VAL', $elem['key2']);
119            if ($chkKey2 == $elem['key2']) {
120                $conttp->setVariable('INFOKEY_2_SEL', 'selected');
121                $conttp->setVariable('INFOKEY_2_SEL_VAL', $elem['key2']);
122            }
123            $conttp->parse('infokey2');
124        }
125    }
126}
127if (($chkKey1 != '') && ($chkKey2 != '')) {
128    $strSQL    = 'SELECT DISTINCT `version` FROM `tbl_info` '
129               . "WHERE `key1` = '$chkKey1' AND `key2` = '$chkKey2' ORDER BY `version`";
130    $booReturn = $myDBClass->hasDataArray($strSQL, $arrData, $intDataCount);
131    if ($intDataCount != 0) {
132        if (($intDataCount == 1) && ($chkVersion == '')) {
133            $chkVersion = $arrData[0]['version'];
134        }
135        foreach ($arrData as $elem) {
136            $conttp->setVariable('INFOVERSION_2_VAL', $elem['version']);
137            if ($chkVersion == $elem['version']) {
138                $conttp->setVariable('INFOVERSION_2_SEL', 'selected');
139                $conttp->setVariable('INFOVERSION_2_SEL_VAL', $elem['version']);
140            }
141            $conttp->parse('infoversion');
142        }
143    }
144}
145//
146// Insert content
147// ==============
148if (($chkKey1 != '') && ($chkKey2 != '') && ($chkVersion != '')) {
149    $strSQL       = "SELECT `infotext` FROM `tbl_info` WHERE `key1`='$chkKey1' AND `key2`='$chkKey2' "
150                  . "AND `version`='$chkVersion' AND `language`='$setSaveLangId'";
151    $strContentDB = $myDBClass->getFieldData($strSQL);
152    if (($chkChbValue1 == 1) || ($strContentDB == '')) {
153        $strSQL       = "SELECT `infotext` FROM `tbl_info` WHERE `key1`='$chkKey1' AND `key2`='$chkKey2' "
154                      . "AND `version`='$chkVersion' AND `language`='default'";
155        $strContentDB = $myDBClass->getFieldData($strSQL);
156    }
157    $conttp->setVariable('DAT_HELPTEXT', $strContentDB);
158}
159// Messages
160if ($strErrorMessage != '') {
161    $conttp->setVariable('ERRORMESSAGE', $strErrorMessage);
162}
163if ($strInfoMessage != '') {
164    $conttp->setVariable('INFOMESSAGE', $strInfoMessage);
165}
166// Check access rights for adding new objects
167if ($myVisClass->checkAccountGroup($prePageKey, 'write') != 0) {
168    $conttp->setVariable('ADD_CONTROL', 'disabled="disabled"');
169}
170$conttp->parse('helpedit');
171$conttp->show('helpedit');
172//
173// Process footer
174// ==============
175$maintp->setVariable('VERSION_INFO', "<a href='https://sourceforge.net/projects/nagiosql/' "
176        . "target='_blank'>NagiosQL</a> $setFileVersion");
177$maintp->parse('footer');
178$maintp->show('footer');
179