aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--detail.php9
-rw-r--r--inc/html.inc.php98
-rw-r--r--js/CGP.js2
-rw-r--r--type/Base.class.php4
4 files changed, 61 insertions, 52 deletions
diff --git a/detail.php b/detail.php
index 4fb43b0..8f5a845 100644
--- a/detail.php
+++ b/detail.php
@@ -46,7 +46,10 @@ foreach($CONFIG['term'] as $key => $s) {
46 $args['s'] = $s; 46 $args['s'] = $s;
47 $selected = selected_timerange($seconds, $s); 47 $selected = selected_timerange($seconds, $s);
48 printf('<li><a %s href="%s%s">%s</a></li>'."\n", 48 printf('<li><a %s href="%s%s">%s</a></li>'."\n",
49 $selected, $CONFIG['weburl'], build_url('detail.php', $args), $key); 49 $selected,
50 htmlentities($CONFIG['weburl']),
51 htmlentities(build_url('detail.php', $args)),
52 htmlentities($key));
50} 53}
51print "</ul>\n"; 54print "</ul>\n";
52 55
@@ -54,7 +57,9 @@ if ($CONFIG['graph_type'] == 'canvas') {
54 chdir($CONFIG['webdir']); 57 chdir($CONFIG['webdir']);
55 include $CONFIG['webdir'].'/graph.php'; 58 include $CONFIG['webdir'].'/graph.php';
56} else { 59} else {
57 printf('<img src="%s%s">'."\n", $CONFIG['weburl'], build_url('graph.php', $_GET)); 60 printf("<img src=\"%s%s\">\n",
61 htmlentities($CONFIG['weburl']),
62 htmlentities(build_url('graph.php', $_GET)));
58} 63}
59echo '</div>'; 64echo '</div>';
60echo "</fieldset>\n"; 65echo "</fieldset>\n";
diff --git a/inc/html.inc.php b/inc/html.inc.php
index 69609d8..b8d2f82 100644
--- a/inc/html.inc.php
+++ b/inc/html.inc.php
@@ -11,14 +11,15 @@ function html_start() {
11 global $CONFIG; 11 global $CONFIG;
12 12
13 $path = htmlentities(breadcrumbs()); 13 $path = htmlentities(breadcrumbs());
14 $html_weburl = htmlentities($CONFIG['weburl']);
14 15
15 echo <<<EOT 16 echo <<<EOT
16<!DOCTYPE html> 17<!DOCTYPE html>
17<html> 18<html>
18<head> 19<head>
19 <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 20 <meta charset="utf-8">
20 <title>CGP{$path}</title> 21 <title>CGP{$path}</title>
21 <link rel="stylesheet" href="{$CONFIG['weburl']}layout/style.css" type="text/css"> 22 <link rel="stylesheet" href="{$html_weburl}layout/style.css" type="text/css">
22 <meta name="viewport" content="width=1050, initial-scale=1.0, maximum-scale=1.0, user-scalable=yes"> 23 <meta name="viewport" content="width=1050, initial-scale=1.0, maximum-scale=1.0, user-scalable=yes">
23 24
24EOT; 25EOT;
@@ -31,16 +32,16 @@ EOT;
31 32
32 if ($CONFIG['graph_type'] == 'canvas') { 33 if ($CONFIG['graph_type'] == 'canvas') {
33 echo <<<EOT 34 echo <<<EOT
34 <script type="text/javascript" src="{$CONFIG['weburl']}js/sprintf.js"></script> 35 <script type="text/javascript" src="{$html_weburl}js/sprintf.js"></script>
35 <script type="text/javascript" src="{$CONFIG['weburl']}js/strftime.js"></script> 36 <script type="text/javascript" src="{$html_weburl}js/strftime.js"></script>
36 <script type="text/javascript" src="{$CONFIG['weburl']}js/RrdRpn.js"></script> 37 <script type="text/javascript" src="{$html_weburl}js/RrdRpn.js"></script>
37 <script type="text/javascript" src="{$CONFIG['weburl']}js/RrdTime.js"></script> 38 <script type="text/javascript" src="{$html_weburl}js/RrdTime.js"></script>
38 <script type="text/javascript" src="{$CONFIG['weburl']}js/RrdGraph.js"></script> 39 <script type="text/javascript" src="{$html_weburl}js/RrdGraph.js"></script>
39 <script type="text/javascript" src="{$CONFIG['weburl']}js/RrdGfxCanvas.js"></script> 40 <script type="text/javascript" src="{$html_weburl}js/RrdGfxCanvas.js"></script>
40 <script type="text/javascript" src="{$CONFIG['weburl']}js/binaryXHR.js"></script> 41 <script type="text/javascript" src="{$html_weburl}js/binaryXHR.js"></script>
41 <script type="text/javascript" src="{$CONFIG['weburl']}js/rrdFile.js"></script> 42 <script type="text/javascript" src="{$html_weburl}js/rrdFile.js"></script>
42 <script type="text/javascript" src="{$CONFIG['weburl']}js/RrdDataFile.js"></script> 43 <script type="text/javascript" src="{$html_weburl}js/RrdDataFile.js"></script>
43 <script type="text/javascript" src="{$CONFIG['weburl']}js/RrdCmdLine.js"></script> 44 <script type="text/javascript" src="{$html_weburl}js/RrdCmdLine.js"></script>
44 45
45EOT; 46EOT;
46 } 47 }
@@ -50,7 +51,7 @@ echo <<<EOT
50<body> 51<body>
51 52
52<div id="header"> 53<div id="header">
53 <h1><a href="{$CONFIG['weburl']}">Collectd Graph Panel</a></h1> 54 <h1><a href="{$html_weburl}">Collectd Graph Panel</a></h1>
54</div> 55</div>
55 56
56<div id="content"> 57<div id="content">
@@ -74,27 +75,29 @@ function html_end() {
74 $version = 'v'.$version[0]; 75 $version = 'v'.$version[0];
75 } 76 }
76 77
78 $html_weburl = htmlentities($CONFIG['weburl']);
79
77 echo <<<EOT 80 echo <<<EOT
78</div> 81</div>
79<div id="footer"> 82<div id="footer">
80<hr><span class="small"><a href="http://pommi.nethuis.nl/category/cgp/" rel="external">Collectd Graph Panel</a> ({$version}) is distributed under the <a href="{$CONFIG['weburl']}doc/LICENSE" rel="licence">GNU General Public License (GPLv3)</a></span> 83<hr><span class="small"><a href="http://pommi.nethuis.nl/category/cgp/" rel="external">Collectd Graph Panel</a> ({$version}) is distributed under the <a href="{$html_weburl}doc/LICENSE" rel="licence">GNU General Public License (GPLv3)</a></span>
81</div> 84</div>
82 85
83EOT; 86EOT;
84 87
85 if ($CONFIG['graph_type'] == 'canvas') { 88 if ($CONFIG['graph_type'] == 'canvas') {
86 echo <<<EOT 89 echo <<<EOT
87<script type="text/javascript" src="{$CONFIG['weburl']}js/CGP.js"></script> 90<script type="text/javascript" src="{$html_weburl}js/CGP.js"></script>
88 91
89EOT; 92EOT;
90 if ($CONFIG['rrd_fetch_method'] == 'async') { 93 if ($CONFIG['rrd_fetch_method'] == 'async') {
91 echo <<<EOT 94 echo <<<EOT
92<script type="text/javascript" src="{$CONFIG['weburl']}js/CGP-async.js"></script> 95<script type="text/javascript" src="{$html_weburl}js/CGP-async.js"></script>
93 96
94EOT; 97EOT;
95 } else { 98 } else {
96 echo <<<EOT 99 echo <<<EOT
97<script type="text/javascript" src="{$CONFIG['weburl']}js/CGP-sync.js"></script> 100<script type="text/javascript" src="{$html_weburl}js/CGP-sync.js"></script>
98 101
99EOT; 102EOT;
100 } 103 }
@@ -109,7 +112,11 @@ EOT;
109function plugin_header($host, $plugin) { 112function plugin_header($host, $plugin) {
110 global $CONFIG; 113 global $CONFIG;
111 114
112 return printf("<h2><a href='%shost.php?h=%s&amp;p=%s'>%s</a></h2>\n", $CONFIG['weburl'], $host, $plugin, $plugin); 115 printf("<h2><a href=\"%shost.php?h=%s&amp;p=%s\">%s</a></h2>\n",
116 htmlentities($CONFIG['weburl']),
117 urlencode($host),
118 urlencode($plugin),
119 htmlentities($plugin));
113} 120}
114 121
115function plugins_list($host, $selected_plugins = array()) { 122function plugins_list($host, $selected_plugins = array()) {
@@ -121,20 +128,21 @@ function plugins_list($host, $selected_plugins = array()) {
121 echo '<h2>Plugins</h2>'; 128 echo '<h2>Plugins</h2>';
122 echo '<ul>'; 129 echo '<ul>';
123 130
124 printf("<li><a %s href='%shost.php?h=%s'>overview</a></li>\n", 131 printf("<li><a %s href=\"%shost.php?h=%s\">overview</a></li>\n",
125 selected_overview($selected_plugins), 132 selected_overview($selected_plugins),
126 $CONFIG['weburl'], 133 htmlentities($CONFIG['weburl']),
127 $host 134 urlencode($host)
128 ); 135 );
129 136
130 # first the ones defined as ordered 137 # first the ones defined as ordered
131 foreach($CONFIG['overview'] as $plugin) { 138 foreach($CONFIG['overview'] as $plugin) {
132 if (in_array($plugin, $plugins)) { 139 if (in_array($plugin, $plugins)) {
133 printf("<li><a %s href='%shost.php?h=%s&amp;p=%s'>%4\$s</a></li>\n", 140 printf("<li><a %s href=\"%shost.php?h=%s&amp;p=%s\">%s</a></li>\n",
134 selected_plugin($plugin, $selected_plugins), 141 selected_plugin($plugin, $selected_plugins),
135 $CONFIG['weburl'], 142 htmlentities($CONFIG['weburl']),
136 $host, 143 urlencode($host),
137 $plugin 144 urlencode($plugin),
145 htmlentities($plugin)
138 ); 146 );
139 } 147 }
140 } 148 }
@@ -142,11 +150,12 @@ function plugins_list($host, $selected_plugins = array()) {
142 # other plugins 150 # other plugins
143 foreach($plugins as $plugin) { 151 foreach($plugins as $plugin) {
144 if (!in_array($plugin, $CONFIG['overview'])) { 152 if (!in_array($plugin, $CONFIG['overview'])) {
145 printf("<li><a %s href='%shost.php?h=%s&amp;p=%s'>%4\$s</a></li>\n", 153 printf("<li><a %s href=\"%shost.php?h=%s&amp;p=%s\">%s</a></li>\n",
146 selected_plugin($plugin, $selected_plugins), 154 selected_plugin($plugin, $selected_plugins),
147 $CONFIG['weburl'], 155 htmlentities($CONFIG['weburl']),
148 $host, 156 urlencode($host),
149 $plugin 157 urlencode($plugin),
158 htmlentities($plugin)
150 ); 159 );
151 } 160 }
152 } 161 }
@@ -181,8 +190,8 @@ function host_summary($cat, $hosts) {
181 190
182 $rrd = new RRDTool($CONFIG['rrdtool']); 191 $rrd = new RRDTool($CONFIG['rrdtool']);
183 192
184 printf('<fieldset id="%s">', $cat); 193 printf('<fieldset id="%s">', htmlentities($cat));
185 printf('<legend>%s</legend>', $cat); 194 printf('<legend>%s</legend>', htmlentities($cat));
186 echo "<table class=\"summary\">\n"; 195 echo "<table class=\"summary\">\n";
187 196
188 $row_style = array(0 => "even", 1 => "odd"); 197 $row_style = array(0 => "even", 1 => "odd");
@@ -193,7 +202,9 @@ function host_summary($cat, $hosts) {
193 202
194 printf('<tr class="%s">', $row_style[$host_counter % 2]); 203 printf('<tr class="%s">', $row_style[$host_counter % 2]);
195 printf('<th><a href="%shost.php?h=%s">%s</a></th>', 204 printf('<th><a href="%shost.php?h=%s">%s</a></th>',
196 $CONFIG['weburl'],$host, $host); 205 htmlentities($CONFIG['weburl']),
206 urlencode($host),
207 htmlentities($host));
197 208
198 if ($CONFIG['showload']) { 209 if ($CONFIG['showload']) {
199 require_once 'type/Default.class.php'; 210 require_once 'type/Default.class.php';
@@ -308,11 +319,10 @@ function graphs_from_plugin($host, $plugin, $overview=false) {
308 $_GET['s'] = $time; 319 $_GET['s'] = $time;
309 include $CONFIG['webdir'].'/graph.php'; 320 include $CONFIG['webdir'].'/graph.php';
310 } else { 321 } else {
311 printf('<a href="%s%s"><img src="%s%s"></a>'."\n", 322 printf('<a href="%1$s%2$s"><img src="%1$s%3$s"></a>'."\n",
312 $CONFIG['weburl'], 323 htmlentities($CONFIG['weburl']),
313 build_url('detail.php', $items, $time), 324 htmlentities(build_url('detail.php', $items, $time)),
314 $CONFIG['weburl'], 325 htmlentities(build_url('graph.php', $items, $time))
315 build_url('graph.php', $items, $time)
316 ); 326 );
317 } 327 }
318 } 328 }
@@ -328,17 +338,11 @@ function build_url($base, $items, $s=NULL) {
328 if (!is_numeric($s)) 338 if (!is_numeric($s))
329 $s = $CONFIG['time_range']['default']; 339 $s = $CONFIG['time_range']['default'];
330 340
331 $i=0; 341 // Remove all empty values
332 foreach ($items as $key => $value) { 342 $items = array_filter($items, 'strlen');
333 # don't include empty values
334 if ($value == 'NULL')
335 continue;
336 343
337 $base .= sprintf('%s%s=%s', $i==0 ? '?' : '&amp;', $key, $value);
338 $i++;
339 }
340 if (!isset($items['s'])) 344 if (!isset($items['s']))
341 $base .= '&amp;s='.$s; 345 $items['s'] = $s;
342 346
343 return $base; 347 return "$base?" . http_build_query($items, '', '&');
344} 348}
diff --git a/js/CGP.js b/js/CGP.js
index bbfd1b5..c30cfd2 100644
--- a/js/CGP.js
+++ b/js/CGP.js
@@ -66,7 +66,7 @@ function prepare_draw(id) {
66 RrdGraph.prototype.mousex = 0; 66 RrdGraph.prototype.mousex = 0;
67 RrdGraph.prototype.mousedown = false; 67 RrdGraph.prototype.mousedown = false;
68 68
69 var cmdline = document.getElementById(id).innerHTML; 69 var cmdline = document.getElementById(id).textContent;
70 var gfx = new RrdGfxCanvas(id); 70 var gfx = new RrdGfxCanvas(id);
71 var fetch = new RrdDataFile(); 71 var fetch = new RrdDataFile();
72 var rrdcmdline = null; 72 var rrdcmdline = null;
diff --git a/type/Base.class.php b/type/Base.class.php
index b74c1b1..ff9a235 100644
--- a/type/Base.class.php
+++ b/type/Base.class.php
@@ -203,14 +203,14 @@ class Type_Base {
203 case 'cmd': 203 case 'cmd':
204 print '<pre>'; 204 print '<pre>';
205 foreach ($graphdata as $d) { 205 foreach ($graphdata as $d) {
206 printf("%s \\\n", $d); 206 printf("%s \\\n", htmlentities($d));
207 } 207 }
208 print '</pre>'; 208 print '</pre>';
209 break; 209 break;
210 case 'canvas': 210 case 'canvas':
211 printf('<canvas id="%s" class="rrd">', sha1(serialize($graphdata))); 211 printf('<canvas id="%s" class="rrd">', sha1(serialize($graphdata)));
212 foreach ($graphdata as $d) { 212 foreach ($graphdata as $d) {
213 printf("%s\n", $d); 213 printf("%s\n", htmlentities($d));
214 } 214 }
215 print '</canvas>'; 215 print '</canvas>';
216 break; 216 break;
generated by cgit v1.1 at 2024-04-18 00:30:36 +0000