1<?php 2/* 3** Zabbix 4** Copyright (C) 2001-2021 Zabbix SIA 5** 6** This program is free software; you can redistribute it and/or modify 7** it under the terms of the GNU General Public License as published by 8** the Free Software Foundation; either version 2 of the License, or 9** (at your option) any later version. 10** 11** This program is distributed in the hope that it will be useful, 12** but WITHOUT ANY WARRANTY; without even the implied warranty of 13** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14** GNU General Public License for more details. 15** 16** You should have received a copy of the GNU General Public License 17** along with this program; if not, write to the Free Software 18** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 19**/ 20 21 22require_once 'include/menu.inc.php'; 23 24function local_generateHeader($data) { 25 // only needed for zbx_construct_menu 26 global $page; 27 28 header('Content-Type: text/html; charset=UTF-8'); 29 header('X-Content-Type-Options: nosniff'); 30 header('X-XSS-Protection: 1; mode=block'); 31 32 if (X_FRAME_OPTIONS !== null) { 33 if (strcasecmp(X_FRAME_OPTIONS, 'SAMEORIGIN') == 0 || strcasecmp(X_FRAME_OPTIONS, 'DENY') == 0) { 34 $x_frame_options = X_FRAME_OPTIONS; 35 } 36 else { 37 $x_frame_options = 'SAMEORIGIN'; 38 $allowed_urls = explode(',', X_FRAME_OPTIONS); 39 $url_to_check = array_key_exists('HTTP_REFERER', $_SERVER) 40 ? parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) 41 : null; 42 43 if ($url_to_check) { 44 foreach ($allowed_urls as $allowed_url) { 45 if (strcasecmp(trim($allowed_url), $url_to_check) == 0) { 46 $x_frame_options = 'ALLOW-FROM '.$allowed_url; 47 break; 48 } 49 } 50 } 51 } 52 53 header('X-Frame-Options: '.$x_frame_options); 54 } 55 56 57 // construct menu 58 $main_menu = []; 59 $sub_menus = []; 60 61 zbx_construct_menu($main_menu, $sub_menus, $page, $data['controller']['action']); 62 63 $pageHeader = new CView('layout.htmlpage.header', [ 64 'javascript' => [ 65 'files' => $data['javascript']['files'] 66 ], 67 'page' => [ 68 'title' => $data['page']['title'] 69 ], 70 'user' => [ 71 'lang' => CWebUser::$data['lang'], 72 'theme' => CWebUser::$data['theme'] 73 ], 74 'web_layout_mode' => $data['web_layout_mode'] 75 ]); 76 echo $pageHeader->getOutput(); 77 78 if ($data['web_layout_mode'] === ZBX_LAYOUT_NORMAL) { 79 global $ZBX_SERVER_NAME; 80 81 $pageMenu = new CView('layout.htmlpage.menu', [ 82 'server_name' => isset($ZBX_SERVER_NAME) ? $ZBX_SERVER_NAME : '', 83 'menu' => [ 84 'main_menu' => $main_menu, 85 'sub_menus' => $sub_menus, 86 'selected' => $page['menu'] 87 ], 88 'user' => [ 89 'is_guest' => CWebUser::isGuest(), 90 'alias' => CWebUser::$data['alias'], 91 'name' => CWebUser::$data['name'], 92 'surname' => CWebUser::$data['surname'] 93 ], 94 'support_url' => getSupportUrl(CWebUser::getLang()) 95 ]); 96 echo $pageMenu->getOutput(); 97 } 98 99 echo '<main>'; 100 101 // if a user logs in after several unsuccessful attempts, display a warning 102 if ($failedAttempts = CProfile::get('web.login.attempt.failed', 0)) { 103 $attempt_ip = CProfile::get('web.login.attempt.ip', ''); 104 $attempt_date = CProfile::get('web.login.attempt.clock', 0); 105 106 $error_msg = _n('%4$s failed login attempt logged. Last failed attempt was from %1$s on %2$s at %3$s.', 107 '%4$s failed login attempts logged. Last failed attempt was from %1$s on %2$s at %3$s.', 108 $attempt_ip, 109 zbx_date2str(DATE_FORMAT, $attempt_date), 110 zbx_date2str(TIME_FORMAT, $attempt_date), 111 $failedAttempts 112 ); 113 error($error_msg); 114 115 CProfile::update('web.login.attempt.failed', 0, PROFILE_TYPE_INT); 116 } 117 118 show_messages(); 119} 120 121function local_generateFooter($data) { 122 $pageFooter = new CView('layout.htmlpage.footer', [ 123 'user' => [ 124 'alias' => CWebUser::$data['alias'], 125 'debug_mode' => CWebUser::$data['debug_mode'] 126 ], 127 'web_layout_mode' => $data['web_layout_mode'] 128 ]); 129 echo '</main>'."\n"; 130 echo $pageFooter->getOutput(); 131} 132 133function local_showMessage() { 134 global $ZBX_MESSAGES; 135 136 if (CSession::keyExists('messageOk') || CSession::keyExists('messageError')) { 137 if (CSession::keyExists('messages')) { 138 $ZBX_MESSAGES = CSession::getValue('messages'); 139 CSession::unsetValue(['messages']); 140 } 141 142 if (CSession::keyExists('messageOk')) { 143 show_messages(true, CSession::getValue('messageOk')); 144 } 145 else { 146 show_messages(false, null, CSession::getValue('messageError')); 147 } 148 149 CSession::unsetValue(['messageOk', 'messageError']); 150 } 151} 152 153$data['web_layout_mode'] = CView::getLayoutMode(); 154 155local_generateHeader($data); 156local_showMessage(); 157echo $data['javascript']['pre']; 158echo $data['main_block']; 159echo $data['javascript']['post']; 160local_generateFooter($data); 161show_messages(); 162 163echo '</body></html>'; 164