1<?php 2/* 3** Zabbix 4** Copyright (C) 2001-2021 Zabbix SIA 5** 6** This program is free software; you can redistribute it and/or modify 7** it under the terms of the GNU General Public License as published by 8** the Free Software Foundation; either version 2 of the License, or 9** (at your option) any later version. 10** 11** This program is distributed in the hope that it will be useful, 12** but WITHOUT ANY WARRANTY; without even the implied warranty of 13** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14** GNU General Public License for more details. 15** 16** You should have received a copy of the GNU General Public License 17** along with this program; if not, write to the Free Software 18** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 19**/ 20 21 22require_once dirname(__FILE__).'/include/config.inc.php'; 23require_once dirname(__FILE__).'/include/screens.inc.php'; 24 25$page['title'] = _('Configuration of slide shows'); 26$page['file'] = 'slideconf.php'; 27$page['type'] = detect_page_type(PAGE_TYPE_HTML); 28$page['scripts'] = ['multiselect.js']; 29 30require_once dirname(__FILE__).'/include/page_header.php'; 31 32// VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION 33$fields = [ 34 'shows' => [T_ZBX_INT, O_OPT, P_SYS, DB_ID, null], 35 'slideshowid' => [T_ZBX_INT, O_NO, P_SYS, DB_ID, 'isset({form}) && {form} == "update"'], 36 'name' => [T_ZBX_STR, O_OPT, null, NOT_EMPTY, 'isset({add}) || isset({update})', _('Name')], 37 'delay' => [T_ZBX_TU, O_OPT, null, null, 'isset({add}) || isset({update})', _('Default delay')], 38 'slides' => [null, O_OPT, null, null, null], 39 'userid' => [T_ZBX_INT, O_OPT, P_SYS, DB_ID, null], 40 'private' => [T_ZBX_INT, O_OPT, null, BETWEEN(0, 1), null], 41 'users' => [T_ZBX_INT, O_OPT, null, null, null], 42 'userGroups' => [T_ZBX_INT, O_OPT, null, null, null], 43 // actions 44 'action' => [T_ZBX_STR, O_OPT, P_SYS|P_ACT, IN('"slideshow.massdelete"'), null], 45 'add' => [T_ZBX_STR, O_OPT, P_SYS|P_ACT, null, null], 46 'update' => [T_ZBX_STR, O_OPT, P_SYS|P_ACT, null, null], 47 'delete' => [T_ZBX_STR, O_OPT, P_SYS|P_ACT, null, null], 48 'cancel' => [T_ZBX_STR, O_OPT, P_SYS, null, null], 49 'form' => [T_ZBX_STR, O_OPT, P_SYS, null, null], 50 'form_refresh' => [T_ZBX_INT, O_OPT, null, null, null], 51 // filter 52 'filter_set' => [T_ZBX_STR, O_OPT, P_SYS, null, null], 53 'filter_rst' => [T_ZBX_STR, O_OPT, P_SYS, null, null], 54 'filter_name' => [T_ZBX_STR, O_OPT, null, null, null], 55 // sort and sortorder 56 'sort' => [T_ZBX_STR, O_OPT, P_SYS, IN('"cnt","delay","name"'), null], 57 'sortorder' => [T_ZBX_STR, O_OPT, P_SYS, IN('"'.ZBX_SORT_DOWN.'","'.ZBX_SORT_UP.'"'), null] 58]; 59check_fields($fields); 60 61if (!empty($_REQUEST['slides'])) { 62 natksort($_REQUEST['slides']); 63} 64 65/* 66 * Permissions 67 */ 68if (hasRequest('slideshowid')) { 69 if (!slideshow_accessible($_REQUEST['slideshowid'], PERM_READ)) { 70 access_deny(); 71 } 72 73 $db_slideshow = get_slideshow_by_slideshowid(getRequest('slideshowid'), PERM_READ_WRITE); 74 75 if (!$db_slideshow) { 76 access_deny(); 77 } 78} 79else { 80 $db_slideshow = []; 81} 82if (hasRequest('action')) { 83 if (!hasRequest('shows') || !is_array(getRequest('shows'))) { 84 access_deny(); 85 } 86 else { 87 $slideshows = DBfetchArray(DBselect( 88 'SELECT slideshowid FROM slideshows s WHERE '.dbConditionInt('s.slideshowid', getRequest('shows')) 89 )); 90 91 if (count($slideshows) != count(getRequest('shows'))) { 92 uncheckTableRows(null, zbx_objectValues($slideshows, 'slideshowid')); 93 } 94 } 95} 96 97/* 98 * Actions 99 */ 100if (hasRequest('add') || hasRequest('update')) { 101 DBstart(); 102 103 $slides = getRequest('slides', []); 104 105 foreach ($slides as &$slide) { 106 $slide['delay'] = ($slide['delay'] === '') ? '0' : $slide['delay']; 107 } 108 unset($slide); 109 110 if (hasRequest('update')) { 111 $data = [ 112 'slideshowid' => getRequest('slideshowid'), 113 'name' => getRequest('name'), 114 'delay' => getRequest('delay'), 115 'slides' => $slides, 116 'userid' => getRequest('userid', ''), 117 'private' => getRequest('private'), 118 'users' => getRequest('users', []), 119 'userGroups' => getRequest('userGroups', []) 120 ]; 121 122 // Only administrators can set slide show owner. 123 if (CWebUser::getType() == USER_TYPE_ZABBIX_USER) { 124 unset($data['userid']); 125 } 126 // Slide show update with inaccessible user. 127 elseif (CWebUser::getType() == USER_TYPE_ZABBIX_ADMIN && $data['userid'] === '') { 128 $user_exist = API::User()->get([ 129 'output' => ['userid'], 130 'userids' => [$data['userid']] 131 ]); 132 133 if (!$user_exist) { 134 unset($data['userid']); 135 } 136 } 137 138 $result = update_slideshow($data); 139 140 $messageSuccess = _('Slide show updated'); 141 $messageFailed = _('Cannot update slide show'); 142 $auditAction = AUDIT_ACTION_UPDATE; 143 } 144 else { 145 $result = add_slideshow([ 146 'name' => getRequest('name'), 147 'delay' => getRequest('delay'), 148 'slides' => $slides, 149 'userid' => getRequest('userid'), 150 'private' => getRequest('private'), 151 'users' => getRequest('users', []), 152 'userGroups' => getRequest('userGroups', []) 153 ]); 154 155 $messageSuccess = _('Slide show added'); 156 $messageFailed = _('Cannot add slide show'); 157 $auditAction = AUDIT_ACTION_ADD; 158 } 159 160 if ($result) { 161 add_audit($auditAction, AUDIT_RESOURCE_SLIDESHOW, ' Name "'.getRequest('name').'" '); 162 unset($_REQUEST['form'], $_REQUEST['slideshowid']); 163 } 164 165 $result = DBend($result); 166 167 if ($result) { 168 uncheckTableRows(); 169 } 170 show_messages($result, $messageSuccess, $messageFailed); 171} 172elseif (isset($_REQUEST['delete']) && isset($_REQUEST['slideshowid'])) { 173 DBstart(); 174 175 $result = delete_slideshow($_REQUEST['slideshowid']); 176 177 if ($result) { 178 add_audit(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_SLIDESHOW, ' Name "'.$db_slideshow['name'].'" '); 179 } 180 unset($_REQUEST['slideshowid'], $_REQUEST['form']); 181 182 $result = DBend($result); 183 184 if ($result) { 185 uncheckTableRows(); 186 } 187 show_messages($result, _('Slide show deleted'), _('Cannot delete slide show')); 188} 189elseif (hasRequest('action') && getRequest('action') == 'slideshow.massdelete' && hasRequest('shows')) { 190 $result = true; 191 192 $shows = getRequest('shows'); 193 DBstart(); 194 195 foreach ($shows as $showid) { 196 $result &= delete_slideshow($showid); 197 if (!$result) { 198 break; 199 } 200 } 201 202 $result = DBend($result); 203 204 if ($result) { 205 unset($_REQUEST['form']); 206 uncheckTableRows(); 207 } 208 show_messages($result, _('Slide show deleted'), _('Cannot delete slide show')); 209} 210 211/* 212 * Display 213 */ 214if (hasRequest('form')) { 215 $current_userid = CWebUser::$data['userid']; 216 $userids[$current_userid] = true; 217 $user_groupids = []; 218 219 $data = [ 220 'form' => getRequest('form'), 221 'form_refresh' => getRequest('form_refresh', 0) 222 ]; 223 224 if (!hasRequest('slideshowid') || hasRequest('form_refresh')) { 225 // Slide show owner. 226 $slideshow_owner = getRequest('userid', $current_userid); 227 $userids[$slideshow_owner] = true; 228 229 foreach (getRequest('users', []) as $user) { 230 $userids[$user['userid']] = true; 231 } 232 233 foreach (getRequest('userGroups', []) as $user_group) { 234 $user_groupids[$user_group['usrgrpid']] = true; 235 } 236 } 237 else { 238 // Slide show owner. 239 $userids[$db_slideshow['userid']] = true; 240 241 $db_slideshow['users'] = DBfetchArray(DBselect( 242 'SELECT s.userid,s.permission'. 243 ' FROM slideshow_user s'. 244 ' WHERE s.slideshowid='.zbx_dbstr(getRequest('slideshowid')) 245 )); 246 247 foreach ($db_slideshow['users'] as $user) { 248 $userids[$user['userid']] = true; 249 } 250 251 $db_slideshow['userGroups'] = DBfetchArray(DBselect( 252 'SELECT s.usrgrpid,s.permission'. 253 ' FROM slideshow_usrgrp s'. 254 ' WHERE s.slideshowid='.zbx_dbstr(getRequest('slideshowid')) 255 )); 256 257 foreach ($db_slideshow['userGroups'] as $user_group) { 258 $user_groupids[$user_group['usrgrpid']] = true; 259 } 260 } 261 262 $data['users'] = API::User()->get([ 263 'output' => ['userid', 'alias', 'name', 'surname'], 264 'userids' => array_keys($userids), 265 'preservekeys' => true 266 ]); 267 268 $data['user_groups'] = API::UserGroup()->get([ 269 'output' => ['usrgrpid', 'name'], 270 'usrgrpids' => array_keys($user_groupids), 271 'preservekeys' => true 272 ]); 273 274 if (array_key_exists('slideshowid', $db_slideshow) && !isset($_REQUEST['form_refresh'])) { 275 $data['slideshow'] = [ 276 'slideshowid' => $db_slideshow['slideshowid'], 277 'name' => $db_slideshow['name'], 278 'delay' => $db_slideshow['delay'], 279 'userid' => $db_slideshow['userid'], 280 'private' => $db_slideshow['private'], 281 'users' => $db_slideshow['users'], 282 'userGroups' => $db_slideshow['userGroups'] 283 ]; 284 285 // Get slides. 286 $data['slideshow']['slides'] = DBfetchArray(DBselect( 287 'SELECT s.slideid, s.screenid, s.delay'. 288 ' FROM slides s'. 289 ' WHERE s.slideshowid='.zbx_dbstr($db_slideshow['slideshowid']). 290 ' ORDER BY s.step' 291 )); 292 } 293 else { 294 $data['slideshow'] = [ 295 'slideshowid' => getRequest('slideshowid'), 296 'name' => getRequest('name', ''), 297 'delay' => getRequest('delay', DB::getDefault('slideshows', 'delay')), 298 'slides' => getRequest('slides', []), 299 'private' => getRequest('private', PRIVATE_SHARING), 300 'users' => getRequest('users', []), 301 'userGroups' => getRequest('userGroups', []) 302 ]; 303 if (hasRequest('form_refresh')) { 304 if (CWebUser::getType() == USER_TYPE_SUPER_ADMIN || CWebUser::getType() == USER_TYPE_ZABBIX_ADMIN) { 305 $data['slideshow']['userid'] = getRequest('userid', ''); 306 } 307 else { 308 $data['slideshow']['userid'] = getRequest('userid'); 309 } 310 } 311 else { 312 if ($db_slideshow) { 313 $data['slideshow']['userid'] = $db_slideshow['userid']; 314 } 315 else { 316 $data['slideshow']['userid'] = $current_userid; 317 } 318 } 319 } 320 321 foreach ($data['slideshow']['slides'] as &$slide) { 322 $slide['delay'] = $slide['delay'] === '0' ? '' : $slide['delay']; 323 } 324 unset($slide); 325 326 $screenids = []; 327 foreach ($data['slideshow']['slides'] as $slides) { 328 $screenids[] = $slides['screenid']; 329 } 330 331 $data['slideshow']['screens'] = API::Screen()->get([ 332 'output' => ['screenid', 'name'], 333 'screenids' => $screenids, 334 'preservekeys' => true 335 ]); 336 337 $data['current_user_userid'] = $current_userid; 338 339 // Get slides without delay. 340 $data['slides_without_delay'] = $data['slideshow']['slides']; 341 foreach ($data['slides_without_delay'] as &$slide) { 342 unset($slide['delay']); 343 } 344 unset($slide); 345 346 // render view 347 echo (new CView('monitoring.slideconf.edit', $data))->getOutput(); 348} 349else { 350 CProfile::delete('web.slides.elementid'); 351 352 $sortField = getRequest('sort', CProfile::get('web.'.$page['file'].'.sort', 'name')); 353 $sortOrder = getRequest('sortorder', CProfile::get('web.'.$page['file'].'.sortorder', ZBX_SORT_UP)); 354 355 CProfile::update('web.'.$page['file'].'.sort', $sortField, PROFILE_TYPE_STR); 356 CProfile::update('web.'.$page['file'].'.sortorder', $sortOrder, PROFILE_TYPE_STR); 357 358 if (hasRequest('filter_set')) { 359 CProfile::update('web.slideconf.filter_name', getRequest('filter_name', ''), PROFILE_TYPE_STR); 360 } 361 elseif (hasRequest('filter_rst')) { 362 DBStart(); 363 CProfile::delete('web.slideconf.filter_name'); 364 DBend(); 365 } 366 367 $config = select_config(); 368 $limit = $config['search_limit'] + 1; 369 370 $data = [ 371 'filter' => [ 372 'name' => CProfile::get('web.slideconf.filter_name', '') 373 ], 374 'sort' => $sortField, 375 'sortorder' => $sortOrder, 376 'profileIdx' => 'web.slideconf.filter', 377 'active_tab' => CProfile::get('web.slideconf.filter.active', 1) 378 ]; 379 380 if ($data['filter']['name'] !== '') { 381 // escaping parameter that is about to be used in LIKE statement 382 $pattern = str_replace("!", "!!", $data['filter']['name']); 383 $pattern = str_replace("%", "!%", $pattern); 384 $pattern = str_replace("_", "!_", $pattern); 385 386 $sql_where = ' WHERE UPPER(s.name) LIKE '.zbx_dbstr('%'.mb_strtoupper($pattern).'%')." ESCAPE '!'"; 387 } 388 else { 389 $sql_where = ''; 390 } 391 392 $data['slides'] = DBfetchArray(DBselect( 393 'SELECT s.slideshowid,s.name,s.delay,COUNT(sl.slideshowid) AS cnt'. 394 ' FROM slideshows s'. 395 ' LEFT JOIN slides sl ON sl.slideshowid=s.slideshowid'. 396 $sql_where. 397 ' GROUP BY s.slideshowid,s.name,s.delay'. 398 ' ORDER BY '.(($sortField === 'cnt') ? 'cnt' : 's.'.$sortField) 399 )); 400 401 foreach ($data['slides'] as $key => &$slide) { 402 if (!slideshow_accessible($slide['slideshowid'], PERM_READ)) { 403 unset($data['slides'][$key]); 404 } 405 else { 406 $slide['editable'] = (bool) get_slideshow_by_slideshowid($slide['slideshowid'], PERM_READ_WRITE); 407 } 408 } 409 unset($slide); 410 411 order_result($data['slides'], $sortField, $sortOrder); 412 413 if ($sortOrder == ZBX_SORT_UP) { 414 $data['slides'] = array_slice($data['slides'], 0, $limit); 415 } 416 else { 417 $data['slides'] = array_slice($data['slides'], -$limit, $limit); 418 } 419 420 order_result($data['slides'], $sortField, $sortOrder); 421 422 // pager 423 if (hasRequest('page')) { 424 $page_num = getRequest('page'); 425 } 426 elseif (isRequestMethod('get') && !hasRequest('cancel')) { 427 $page_num = 1; 428 } 429 else { 430 $page_num = CPagerHelper::loadPage($page['file']); 431 } 432 433 CPagerHelper::savePage($page['file'], $page_num); 434 435 $data['paging'] = CPagerHelper::paginate($page_num, $data['slides'], $sortOrder, new CUrl('slideconf.php')); 436 437 // render view 438 echo (new CView('monitoring.slideconf.list', $data))->getOutput(); 439} 440 441require_once dirname(__FILE__).'/include/page_footer.php'; 442