1<?php
2/*
3 * Copyright 2005-2016 OCSInventory-NG/OCSInventory-ocsreports contributors.
4 * See the Contributors file for more details about them.
5 *
6 * This file is part of OCSInventory-NG/OCSInventory-ocsreports.
7 *
8 * OCSInventory-NG/OCSInventory-ocsreports is free software: you can redistribute
9 * it and/or modify it under the terms of the GNU General Public License as
10 * published by the Free Software Foundation, either version 2 of the License,
11 * or (at your option) any later version.
12 *
13 * OCSInventory-NG/OCSInventory-ocsreports is distributed in the hope that it
14 * will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty
15 * of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with OCSInventory-NG/OCSInventory-ocsreports. if not, write to the
20 * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
21 * MA 02110-1301, USA.
22 */
23require_once('require/function_computers.php');
24$seeit = is_mine_computer($protectedGet['systemid']);
25if (!$seeit) {
26    require_once (HEADER_HTML);
27    msg_error($l->g(837));
28    require_once(FOOTER_HTML);
29    die();
30}
31$sql = "select * from hardware where id=%s";
32$arg = $protectedGet['systemid'];
33$res = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg);
34$item_hardware = mysqli_fetch_object($res);
35$xml = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n";
36$table_not_use = array('accountinfo', 'groups_cache', 'download_history', 'devices');
37$xml .= "<REQUEST>\n";
38$xml .= "\t<DEVICEID>" . $item_hardware->DEVICEID . "</DEVICEID>\n";
39$xml .= "\t<CONTENT>\n";
40foreach ($_SESSION['OCS']['SQL_TABLE_HARDWARE_ID'] as $tablename) {
41    if (!in_array($tablename, $table_not_use)) {
42        $sql = "select * from %s where hardware_id=%s";
43        $arg = array($tablename, $protectedGet['systemid']);
44
45        $res = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg);
46        while ($item = mysqli_fetch_object($res)) {
47            $xml .= "\t\t<" . mb_strtoupper($tablename) . ">\n";
48            foreach ($_SESSION['OCS']['SQL_TABLE'][$tablename] as $field_name => $field_type) {
49                if ($field_name != 'HARDWARE_ID') {
50                    if (replace_entity_xml($item->$field_name) != '') {
51                        $xml .= "\t\t\t<" . $field_name . ">";
52                        $xml .= replace_entity_xml($item->$field_name);
53                        $xml .= "</" . $field_name . ">\n";
54                    } else {
55                        $xml .= "\t\t\t<" . $field_name . " />\n";
56                    }
57                }
58            }
59            $xml .= "\t\t</" . mb_strtoupper($tablename) . ">\n";
60        }
61    }
62}
63//HARDWARE INFO
64$xml .= "\t\t<HARDWARE>\n";
65foreach ($_SESSION['OCS']['SQL_TABLE']['hardware'] as $field_name => $field_type) {
66    if ($field_name != 'ID' && $field_name != 'DEVICEID') {
67        if (replace_entity_xml($item_hardware->$field_name) != '') {
68            $xml .= "\t\t\t<" . $field_name . ">";
69            $xml .= replace_entity_xml($item_hardware->$field_name);
70            $xml .= "</" . $field_name . ">\n";
71        } else {
72            $xml .= "\t\t\t<" . $field_name . " />\n";
73        }
74    }
75}
76$xml .= "\t\t</HARDWARE>\n";
77
78//ACCOUNTINFO VALUES
79$sql = "select * from accountinfo where hardware_id=%s";
80$arg = $protectedGet['systemid'];
81$res = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg);
82$item_accountinfo = mysqli_fetch_object($res);
83
84foreach ($_SESSION['OCS']['SQL_TABLE']['accountinfo'] as $field_name => $field_type) {
85    if ($field_name != 'HARDWARE_ID') {
86        $xml .= "\t\t<ACCOUNTINFO>\n";
87        $xml .= "\t\t\t<KEYNAME>" . $field_name . "</KEYNAME>\n";
88        if (replace_entity_xml($item_accountinfo->$field_name) != '') {
89            $xml .= "\t\t\t<KEYVALUE>" . replace_entity_xml($item_accountinfo->$field_name) . "</KEYVALUE>\n";
90        } else {
91            $xml .= "\t\t\t<KEYVALUE />\n";
92        }
93        $xml .= "\t\t</ACCOUNTINFO>\n";
94    }
95}
96
97$xml .= "\t</CONTENT>\n";
98$xml .= "\t<QUERY>INVENTORY</QUERY>\n";
99$xml .= "</REQUEST>\n";
100
101if ($xml != "") {
102    // iexplorer problem
103    if (ini_get("zlib.output-compression")) {
104        ini_set("zlib.output-compression", "Off");
105    }
106
107    header("Pragma: public");
108    header("Expires: 0");
109    header("Cache-control: must-revalidate, post-check=0, pre-check=0");
110    header("Cache-control: private", false);
111    header("content-type: text/xml ");
112    header("Content-Disposition: attachment; filename=\"" . $item_hardware->DEVICEID . ".xml\"");
113    header("Content-Transfer-Encoding: binary");
114    header("Content-Length: " . strlen($xml));
115    echo $xml,
116    die();
117} else {
118    require_once (HEADER_HTML);
119    msg_error($l->g(920));
120    require_once(FOOTER_HTML);
121    die();
122}
123?>