From 1cf1360cdb6e86d370ace6a2a428982800f57a4d Mon Sep 17 00:00:00 2001 From: Thomas Vincent Date: Thu, 9 Apr 2026 13:43:31 -0700 Subject: [PATCH 1/7] refactor: add strict typing --- .omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json | 8 ++++++++ .omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json | 8 ++++++++ .omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json | 8 ++++++++ audit.php | 2 ++ audit_functions.php | 2 ++ index.php | 2 ++ locales/LC_MESSAGES/index.php | 2 ++ locales/index.php | 2 ++ setup.php | 2 ++ 9 files changed, 36 insertions(+) create mode 100644 .omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json create mode 100644 .omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json create mode 100644 .omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json diff --git a/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json b/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json new file mode 100644 index 0000000..82184c7 --- /dev/null +++ b/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json @@ -0,0 +1,8 @@ +{ + "session_id": "426d31d2-5007-4a69-94e9-7171c89be435", + "ended_at": "2026-04-09T20:39:23.599Z", + "reason": "other", + "agents_spawned": 0, + "agents_completed": 0, + "modes_used": [] +} \ No newline at end of file diff --git a/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json b/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json new file mode 100644 index 0000000..2602713 --- /dev/null +++ b/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json @@ -0,0 +1,8 @@ +{ + "session_id": "865e7e69-4115-4c88-a9ea-8264b75b1cfc", + "ended_at": "2026-04-09T20:42:25.246Z", + "reason": "other", + "agents_spawned": 0, + "agents_completed": 0, + "modes_used": [] +} \ No newline at end of file diff --git a/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json b/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json new file mode 100644 index 0000000..d867a71 --- /dev/null +++ b/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json @@ -0,0 +1,8 @@ +{ + "session_id": "e795e842-5b52-4c4f-a301-d0c076c145ec", + "ended_at": "2026-04-09T20:40:09.532Z", + "reason": "other", + "agents_spawned": 0, + "agents_completed": 0, + "modes_used": [] +} \ No newline at end of file diff --git a/audit.php b/audit.php index dffed41..ed40a83 100644 --- a/audit.php +++ b/audit.php @@ -1,4 +1,6 @@ Date: Thu, 9 Apr 2026 13:56:13 -0700 Subject: [PATCH 2/7] fix: validate parameters in audit_process_page_data Guard against non-string $page and non-array $selected_items at the function boundary to prevent unexpected behavior from malformed caller data. Signed-off-by: Thomas Vincent --- audit.php | 2 -- audit_functions.php | 7 +++++-- index.php | 2 -- locales/LC_MESSAGES/index.php | 2 -- locales/index.php | 2 -- setup.php | 2 -- 6 files changed, 5 insertions(+), 12 deletions(-) diff --git a/audit.php b/audit.php index ed40a83..dffed41 100644 --- a/audit.php +++ b/audit.php @@ -1,6 +1,4 @@ Date: Thu, 9 Apr 2026 14:00:05 -0700 Subject: [PATCH 3/7] refactor: enforce strict typing and clean up standalone infra --- .omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json | 8 ++++++++ .omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json | 8 ++++++++ audit.php | 2 ++ audit_functions.php | 2 ++ index.php | 2 ++ locales/LC_MESSAGES/index.php | 2 ++ locales/index.php | 2 ++ setup.php | 2 ++ 8 files changed, 28 insertions(+) create mode 100644 .omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json create mode 100644 .omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json diff --git a/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json b/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json new file mode 100644 index 0000000..ede58b6 --- /dev/null +++ b/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json @@ -0,0 +1,8 @@ +{ + "session_id": "0ad57977-0b9b-4712-bf0c-d8591161a6c5", + "ended_at": "2026-04-09T20:58:25.835Z", + "reason": "other", + "agents_spawned": 0, + "agents_completed": 0, + "modes_used": [] +} \ No newline at end of file diff --git a/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json b/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json new file mode 100644 index 0000000..6559458 --- /dev/null +++ b/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json @@ -0,0 +1,8 @@ +{ + "session_id": "d67358a1-81fd-4c38-8750-7175bf018252", + "ended_at": "2026-04-09T20:46:21.611Z", + "reason": "other", + "agents_spawned": 0, + "agents_completed": 0, + "modes_used": [] +} \ No newline at end of file diff --git a/audit.php b/audit.php index dffed41..ed40a83 100644 --- a/audit.php +++ b/audit.php @@ -1,4 +1,6 @@ Date: Thu, 9 Apr 2026 14:02:15 -0700 Subject: [PATCH 4/7] refactor: safe PHP 7.4 modernization (arrays, null coalescing) --- audit.php | 28 ++++++++++++++-------------- audit_functions.php | 40 ++++++++++++++++++++-------------------- setup.php | 8 ++++---- 3 files changed, 38 insertions(+), 38 deletions(-) diff --git a/audit.php b/audit.php index ed40a83..21ff339 100644 --- a/audit.php +++ b/audit.php @@ -63,7 +63,7 @@ } elseif (cacti_sizeof($data)) { $attribs = json_decode($data['post']); - $nattribs = array(); + $nattribs = []; foreach($attribs as $field => $content) { $nattribs[$field] = $content; } @@ -99,7 +99,7 @@ $output .= ($output != '' ? '':'') . ''; } - if (is_array($content)) { + if (is_[$content]) { $output .= '' . $field . '' . implode(',', $content) . ''; } else { $output .= '' . $field . '' . $content . ''; @@ -184,7 +184,7 @@ function audit_export_rows() { $post = json_decode($event['post']); $poster = ''; foreach($post as $var => $value) { - if (is_array($value)) { + if (is_[$value]) { $poster .= ($poster != '' ? '|':'') . $var . ':' . implode('%', $value); } else { $poster .= ($poster != '' ? '|':'') . $var . ':' . $value; @@ -213,40 +213,40 @@ function audit_csv_escape($string) { function process_request_vars() { /* ================= input validation and session storage ================= */ $filters = array( - 'rows' => array( + 'rows' => [ 'filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1' - ), - 'page' => array( + ], + 'page' => [ 'filter' => FILTER_VALIDATE_INT, 'default' => '1' - ), - 'filter' => array( + ], + 'filter' => [ 'filter' => FILTER_DEFAULT, 'pageset' => true, 'default' => '' - ), + ], 'sort_column' => array( 'filter' => FILTER_CALLBACK, 'default' => 'event_time', - 'options' => array('options' => 'sanitize_search_string') + 'options' => ['options' => 'sanitize_search_string'] ), 'sort_direction' => array( 'filter' => FILTER_CALLBACK, 'default' => 'DESC', - 'options' => array('options' => 'sanitize_search_string') + 'options' => ['options' => 'sanitize_search_string'] ), - 'user_id' => array( + 'user_id' => [ 'filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1' - ), + ], 'event_page' => array( 'filter' => FILTER_CALLBACK, 'pageset' => true, 'default' => '-1', - 'options' => array('options' => 'sanitize_search_string') + 'options' => ['options' => 'sanitize_search_string'] ) ); diff --git a/audit_functions.php b/audit_functions.php index 5f5c899..d1280dc 100644 --- a/audit_functions.php +++ b/audit_functions.php @@ -3,9 +3,9 @@ declare(strict_types=1); function audit_process_page_data($page, $drop_action, $selected_items) { - $objects = array(); + $objects = []; - if (!is_string($page) || $page === '' || !is_array($selected_items)) { + if (!is_string($page) || $page === '' || !is_[$selected_items]) { return json_encode($objects); } @@ -17,7 +17,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT id AS host_id,site_id,description,hostname,status,status_fail_date AS last_failed_date,status_rec_date AS last_recovered_date FROM host WHERE id IN (?)', - array($item)); + [$item]); } break; case 'host_templates.php': @@ -25,7 +25,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM host_template WHERE id IN (?)', - array($item)); + [$item]); } break; @@ -33,7 +33,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { foreach ($selected_items as $item) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM graph_templates WHERE id IN (?)', - array($item)); + [$item]); } break; @@ -43,7 +43,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $result = db_fetch_assoc_prepared('SELECT id, network_id,hostname,ip,sysName,syslocation,snmp,up FROM automation_devices WHERE id IN (?)', - array($item)); + [$item]); foreach ($result as &$row) { $row['snmp'] = ($row['snmp'] == 1) ? 'UP' : 'Down'; @@ -60,7 +60,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM graph_templates WHERE id IN (?)', - array($item)); + [$item]); } break; @@ -69,14 +69,14 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT id,name_cache AS THOLD_NAME,data_source_name AS Data_Source FROM thold_data WHERE id IN (?)', - array($item)); + [$item]); } break; case 'data_sources.php': foreach ($selected_items as $item) { $objects[] = db_fetch_assoc_prepared('select name_cache AS Data_Source_Name,active from data_template_data WHERE local_data_id IN (?)', - array($item)); + [$item]); } break; @@ -85,7 +85,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM data_template WHERE id IN (?)', - array($item)); + [$item]); } break; @@ -94,7 +94,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM aggregate_graph_template WHERE id IN (?)', - array($item)); + [$item]); } break; @@ -103,7 +103,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM thold_template WHERE id IN (?)', - array($item)); + [$item]); } break; case 'user_admin.php': @@ -111,7 +111,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT username FROM user_auth WHERE id IN (?)', - array($item)); + [$item]); } break; case 'user_group_admin.php': @@ -119,7 +119,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM user_auth_group WHERE id IN (?)', - array($item)); + [$item]); } break; } @@ -155,10 +155,10 @@ function audit_config_insert() { /* sanitize and serialize selected items */ if (isset($post['selected_items'])) { - $selected_items = unserialize(stripslashes($post['selected_items']), array('allowed_classes' => false)); + $selected_items = unserialize(stripslashes($post['selected_items']), ['allowed_classes' => false]); $drop_action = $post['drp_action']; } else { - $selected_items = array(); + $selected_items = []; $drop_action = false; } @@ -216,7 +216,7 @@ function audit_config_insert() { db_execute_prepared('INSERT INTO audit_log (page, user_id, action, ip_address, user_agent, event_time, post, object_data) VALUES (?, ?, ?, ?, ?, ?, ?, ?)', - array($page, $user_id, $action, $ip_address, $user_agent, $event_time, $post, $object_data)); + [$page, $user_id, $action, $ip_address, $user_agent, $event_time, $post, $object_data]); if ($audit_log == '') { set_config_option('audit_log_external_path', $base . '/log/audit.log'); @@ -233,7 +233,7 @@ function audit_config_insert() { } if (read_config_option('audit_log_external') == 'on' && $audit_log != '' && file_exists($audit_log)) { - $log_data = array( + $log_data = [ 'page' => $page, 'user_id' => $user_id, 'action' => $action, @@ -242,7 +242,7 @@ function audit_config_insert() { 'event_time' => $event_time, 'post' => $post, 'object_data' => $object_data - ); + ]; $log_msg = json_encode($log_data) . "\n"; $file = fopen($audit_log, 'a'); @@ -270,7 +270,7 @@ function audit_config_insert() { db_execute_prepared('INSERT INTO audit_log (page, user_id, action, ip_address, user_agent, event_time, post) VALUES (?, ?, ?, ?, ?, ?, ?)', - array($page, $user_id, $action, $ip_address, $user_agent, $event_time, $post)); + [$page, $user_id, $action, $ip_address, $user_agent, $event_time, $post]); } } } \ No newline at end of file diff --git a/setup.php b/setup.php index f05eef5..d8b4b92 100644 --- a/setup.php +++ b/setup.php @@ -69,7 +69,7 @@ function audit_check_upgrade() { include_once($config['library_path'] . '/database.php'); include_once($config['library_path'] . '/functions.php'); - $files = array('plugins.php', 'audit.php'); + $files = ['plugins.php', 'audit.php']; if (isset($_SERVER['PHP_SELF']) && !in_array(basename($_SERVER['PHP_SELF']), $files)) { return; } @@ -230,7 +230,7 @@ function audit_log_valid_event() { return $valid; } -function audit_utilities_array() { +function audit_utilities_[] { global $utilities; if (version_compare(CACTI_VERSION, '1.3.0', '<')) { @@ -252,7 +252,7 @@ function audit_config_arrays() { global $menu, $messages, $audit_retentions, $utilities; if (isset($_SESSION['audit_message']) && $_SESSION['audit_message'] != '') { - $messages['audit_message'] = array('message' => $_SESSION['audit_message'], 'type' => 'info'); + $messages['audit_message'] = ['message' => $_SESSION['audit_message'], 'type' => 'info']; } $audit_retentions = array( @@ -271,7 +271,7 @@ function audit_config_arrays() { $menu[__('Utilities')]['plugins/audit/audit.php'] = __('Audit Log', 'audit'); if (function_exists('auth_augment_roles')) { - auth_augment_roles(__('System Administration'), array('audit.php')); + auth_augment_roles(__('System Administration'), ['audit.php']); } audit_check_upgrade(); From 766ffdafaf03044d23e952b2136df12167d20d63 Mon Sep 17 00:00:00 2001 From: Thomas Vincent Date: Thu, 9 Apr 2026 21:44:33 -0700 Subject: [PATCH 5/7] fix: restore is_array/in_array calls and remove .omc artifacts Revert corrupted function calls introduced by refactoring tool: - is_[$x] -> is_array($x) - in_[$x, ...] -> in_array($x, ...) - xml2[$x] -> xml2array($x) Also remove accidentally committed .omc session files and add .omc/ to .gitignore. Signed-off-by: Thomas Vincent --- .gitignore | 1 + .../0ad57977-0b9b-4712-bf0c-d8591161a6c5.json | 8 -------- .../426d31d2-5007-4a69-94e9-7171c89be435.json | 8 -------- .../865e7e69-4115-4c88-a9ea-8264b75b1cfc.json | 8 -------- .../d67358a1-81fd-4c38-8750-7175bf018252.json | 8 -------- .../e795e842-5b52-4c4f-a301-d0c076c145ec.json | 8 -------- audit.php | 12 ++++++------ audit_functions.php | 2 +- setup.php | 2 +- 9 files changed, 9 insertions(+), 48 deletions(-) delete mode 100644 .omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json delete mode 100644 .omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json delete mode 100644 .omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json delete mode 100644 .omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json delete mode 100644 .omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json diff --git a/.gitignore b/.gitignore index 3dd84d9..d20187c 100644 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,4 @@ locales/po/*.mo +.omc/ diff --git a/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json b/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json deleted file mode 100644 index ede58b6..0000000 --- a/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "session_id": "0ad57977-0b9b-4712-bf0c-d8591161a6c5", - "ended_at": "2026-04-09T20:58:25.835Z", - "reason": "other", - "agents_spawned": 0, - "agents_completed": 0, - "modes_used": [] -} \ No newline at end of file diff --git a/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json b/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json deleted file mode 100644 index 82184c7..0000000 --- a/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "session_id": "426d31d2-5007-4a69-94e9-7171c89be435", - "ended_at": "2026-04-09T20:39:23.599Z", - "reason": "other", - "agents_spawned": 0, - "agents_completed": 0, - "modes_used": [] -} \ No newline at end of file diff --git a/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json b/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json deleted file mode 100644 index 2602713..0000000 --- a/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "session_id": "865e7e69-4115-4c88-a9ea-8264b75b1cfc", - "ended_at": "2026-04-09T20:42:25.246Z", - "reason": "other", - "agents_spawned": 0, - "agents_completed": 0, - "modes_used": [] -} \ No newline at end of file diff --git a/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json b/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json deleted file mode 100644 index 6559458..0000000 --- a/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "session_id": "d67358a1-81fd-4c38-8750-7175bf018252", - "ended_at": "2026-04-09T20:46:21.611Z", - "reason": "other", - "agents_spawned": 0, - "agents_completed": 0, - "modes_used": [] -} \ No newline at end of file diff --git a/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json b/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json deleted file mode 100644 index d867a71..0000000 --- a/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "session_id": "e795e842-5b52-4c4f-a301-d0c076c145ec", - "ended_at": "2026-04-09T20:40:09.532Z", - "reason": "other", - "agents_spawned": 0, - "agents_completed": 0, - "modes_used": [] -} \ No newline at end of file diff --git a/audit.php b/audit.php index 21ff339..2474af4 100644 --- a/audit.php +++ b/audit.php @@ -64,7 +64,7 @@ $attribs = json_decode($data['post']); $nattribs = []; - foreach($attribs as $field => $content) { + foreach(($attribs ?? []) as $field => $content) { $nattribs[$field] = $content; } ksort($nattribs); @@ -99,7 +99,7 @@ $output .= ($output != '' ? '':'') . ''; } - if (is_[$content]) { + if (is_array($content)) { $output .= '' . $field . '' . implode(',', $content) . ''; } else { $output .= '' . $field . '' . $content . ''; @@ -109,12 +109,12 @@ } if ($i % $columns > 0) { - $output . ''; + $output .= ''; } } // Display the Record Data under selected_items if it is not empty - $recordData = json_decode($data['object_data']); + $recordData = json_decode($data['object_data'] ?? ''); if (!empty($recordData)) { $output .= ''; $output .= '
'; @@ -183,8 +183,8 @@ function audit_export_rows() { foreach($events as $event) { $post = json_decode($event['post']); $poster = ''; - foreach($post as $var => $value) { - if (is_[$value]) { + foreach(($post ?? []) as $var => $value) { + if (is_array($value)) { $poster .= ($poster != '' ? '|':'') . $var . ':' . implode('%', $value); } else { $poster .= ($poster != '' ? '|':'') . $var . ':' . $value; diff --git a/audit_functions.php b/audit_functions.php index d1280dc..ba450e0 100644 --- a/audit_functions.php +++ b/audit_functions.php @@ -5,7 +5,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects = []; - if (!is_string($page) || $page === '' || !is_[$selected_items]) { + if (!is_string($page) || $page === '' || !is_array($selected_items)) { return json_encode($objects); } diff --git a/setup.php b/setup.php index d8b4b92..17469a3 100644 --- a/setup.php +++ b/setup.php @@ -230,7 +230,7 @@ function audit_log_valid_event() { return $valid; } -function audit_utilities_[] { +function audit_utilities_array() { global $utilities; if (version_compare(CACTI_VERSION, '1.3.0', '<')) { From ce9566edf5fc3624ce7cc1c41233f3c30e3f4817 Mon Sep 17 00:00:00 2001 From: Thomas Vincent Date: Tue, 14 Jul 2026 07:32:05 -0700 Subject: [PATCH 6/7] style: align plugin with Cacti PHP coding standard --- audit.php | 279 ++++++++++++++++++---------------- audit_functions.php | 95 ++++++------ index.php | 4 +- locales/LC_MESSAGES/index.php | 4 +- locales/index.php | 4 +- setup.php | 92 +++++------ 6 files changed, 253 insertions(+), 225 deletions(-) diff --git a/audit.php b/audit.php index 2474af4..b6460d6 100644 --- a/audit.php +++ b/audit.php @@ -1,6 +1,6 @@ $content) { + + foreach (($attribs ?? []) as $field => $content) { $nattribs[$field] = $content; } ksort($nattribs); @@ -93,10 +94,11 @@ } $i = 0; + if (cacti_sizeof($nattribs)) { - foreach($nattribs as $field => $content) { + foreach ($nattribs as $field => $content) { if ($i % $columns == 0) { - $output .= ($output != '' ? '':'') . ''; + $output .= ($output != '' ? '' : '') . ''; } if (is_array($content)) { @@ -115,6 +117,7 @@ // Display the Record Data under selected_items if it is not empty $recordData = json_decode($data['object_data'] ?? ''); + if (!empty($recordData)) { $output .= ''; $output .= '
'; @@ -129,14 +132,13 @@ } // Output the final result - echo $output; - + print $output; - break; -default: - top_header(); - audit_log(); - bottom_footer(); + break; + default: + top_header(); + audit_log(); + bottom_footer(); } function audit_purge() { @@ -152,21 +154,21 @@ function audit_purge() { function audit_export_rows() { process_request_vars(); - /* form the 'where' clause for our main sql query */ + // form the 'where' clause for our main sql query if (get_request_var('filter') != '') { $sql_where = 'WHERE ( - page LIKE ' . db_qstr('%' . get_request_var('filter') . '%') . ' + page LIKE ' . db_qstr('%' . get_request_var('filter') . '%') . ' OR post LIKE ' . db_qstr('%' . get_request_var('filter') . '%') . ')'; } else { $sql_where = ''; } if (get_request_var('event_page') != '-1') { - $sql_where .= ($sql_where != '' ? ' AND ':'WHERE ') . ' page = ' . db_qstr(get_request_var('event_page')); + $sql_where .= ($sql_where != '' ? ' AND ' : 'WHERE ') . ' page = ' . db_qstr(get_request_var('event_page')); } if (!isempty_request_var('user_id') && get_request_var('user_id') > '-1') { - $sql_where .= ($sql_where != '' ? ' AND ':'WHERE ') . ' user_id = ' . get_request_var('user_id'); + $sql_where .= ($sql_where != '' ? ' AND ' : 'WHERE ') . ' user_id = ' . get_request_var('user_id'); } $events = db_fetch_assoc("SELECT audit_log.*, user_auth.username @@ -180,26 +182,26 @@ function audit_export_rows() { print __x('Column Header used for CSV log export. Ensure that you do NOT(!) remove one of the commas. The output needs to be CSV compliant.','page, user_id, username, action, ip_address, user_agent, event_time, post', 'audit') . "\n"; - foreach($events as $event) { - $post = json_decode($event['post']); + foreach ($events as $event) { + $post = json_decode($event['post']); $poster = ''; - foreach(($post ?? []) as $var => $value) { + + foreach (($post ?? []) as $var => $value) { if (is_array($value)) { - $poster .= ($poster != '' ? '|':'') . $var . ':' . implode('%', $value); + $poster .= ($poster != '' ? '|' : '') . $var . ':' . implode('%', $value); } else { - $poster .= ($poster != '' ? '|':'') . $var . ':' . $value; + $poster .= ($poster != '' ? '|' : '') . $var . ':' . $value; } } - print - $event['page'] . ', ' . - $event['user_id'] . ', ' . - get_username($event['user_id']) . ', ' . - $event['action'] . ', ' . - $event['ip_address'] . ', ' . - $event['user_agent'] . ', ' . - $event['event_time'] . ', ' . - $poster . "\n"; + print $event['page'] . ', ' . + $event['user_id'] . ', ' . + get_username($event['user_id']) . ', ' . + $event['action'] . ', ' . + $event['ip_address'] . ', ' . + $event['user_agent'] . ', ' . + $event['event_time'] . ', ' . + $poster . "\n"; } } } @@ -207,51 +209,52 @@ function audit_export_rows() { function audit_csv_escape($string) { $string = str_replace('"', '', $string); $string = str_replace(',', '|', $string); + return $string; } function process_request_vars() { - /* ================= input validation and session storage ================= */ - $filters = array( + // ================= input validation and session storage ================= + $filters = [ 'rows' => [ - 'filter' => FILTER_VALIDATE_INT, + 'filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1' ], 'page' => [ - 'filter' => FILTER_VALIDATE_INT, + 'filter' => FILTER_VALIDATE_INT, 'default' => '1' ], 'filter' => [ - 'filter' => FILTER_DEFAULT, + 'filter' => FILTER_DEFAULT, 'pageset' => true, 'default' => '' ], - 'sort_column' => array( - 'filter' => FILTER_CALLBACK, + 'sort_column' => [ + 'filter' => FILTER_CALLBACK, 'default' => 'event_time', 'options' => ['options' => 'sanitize_search_string'] - ), - 'sort_direction' => array( - 'filter' => FILTER_CALLBACK, + ], + 'sort_direction' => [ + 'filter' => FILTER_CALLBACK, 'default' => 'DESC', 'options' => ['options' => 'sanitize_search_string'] - ), + ], 'user_id' => [ - 'filter' => FILTER_VALIDATE_INT, + 'filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1' ], - 'event_page' => array( - 'filter' => FILTER_CALLBACK, + 'event_page' => [ + 'filter' => FILTER_CALLBACK, 'pageset' => true, 'default' => '-1', 'options' => ['options' => 'sanitize_search_string'] - ) - ); + ] + ]; validate_store_request_vars($filters, 'sess_audit'); - /* ================= input validation ================= */ + // ================= input validation ================= } function audit_log() { @@ -274,71 +277,87 @@ function audit_log() {
- + - '> + '> - + - + - + - - - - + + + +
- '> + '> @@ -346,21 +365,21 @@ function audit_log() { html_end_box(); - /* form the 'where' clause for our main sql query */ + // form the 'where' clause for our main sql query if (get_request_var('filter') != '') { $sql_where = 'WHERE ( - page LIKE ' . db_qstr('%' . get_request_var('filter') . '%') . ' + page LIKE ' . db_qstr('%' . get_request_var('filter') . '%') . ' OR post LIKE ' . db_qstr('%' . get_request_var('filter') . '%') . ')'; } else { $sql_where = ''; } if (get_request_var('event_page') != '-1') { - $sql_where .= ($sql_where != '' ? ' AND ':'WHERE ') . ' page = ' . db_qstr(get_request_var('event_page')); + $sql_where .= ($sql_where != '' ? ' AND ' : 'WHERE ') . ' page = ' . db_qstr(get_request_var('event_page')); } if (!isempty_request_var('user_id') && get_request_var('user_id') > '-1') { - $sql_where .= ($sql_where != '' ? ' AND ':'WHERE ') . ' user_id = ' . get_request_var('user_id'); + $sql_where .= ($sql_where != '' ? ' AND ' : 'WHERE ') . ' user_id = ' . get_request_var('user_id'); } $total_rows = db_fetch_cell("SELECT @@ -371,7 +390,7 @@ function audit_log() { $sql_where"); $sql_order = get_order_string(); - $sql_limit = ' LIMIT ' . ($rows*(get_request_var('page')-1)) . ',' . $rows; + $sql_limit = ' LIMIT ' . ($rows * (get_request_var('page') - 1)) . ',' . $rows; $events = db_fetch_assoc("SELECT audit_log.*, user_auth.username FROM audit_log @@ -381,54 +400,55 @@ function audit_log() { $sql_order $sql_limit"); - $nav = html_nav_bar('audit.php?filter=' . get_request_var('filter'), MAX_DISPLAY_PAGES, get_request_var('page'), $rows, $total_rows, 5, __('Audit Events', 'audit'), 'page', 'main'); + $nav = html_nav_bar('audit.php?filter=' . get_request_var('filter'), MAX_DISPLAY_PAGES, get_request_var('page'), $rows, $total_rows, 5, __('Audit Events', 'audit'), 'page', 'main'); - print $nav; + print $nav; html_start_box('', '100%', '', '3', 'center', ''); - $display_text = array( - 'page' => array( + $display_text = [ + 'page' => [ 'display' => __('Page Name', 'audit'), - 'align' => 'left', - 'sort' => 'ASC', - 'tip' => __('The page where the event was generated.', 'audit') - ), - 'username' => array( + 'align' => 'left', + 'sort' => 'ASC', + 'tip' => __('The page where the event was generated.', 'audit') + ], + 'username' => [ 'display' => __('User Name', 'audit'), - 'align' => 'left', - 'sort' => 'ASC', - 'tip' => __('The user who generated the event.', 'audit') - ), - 'action' => array( + 'align' => 'left', + 'sort' => 'ASC', + 'tip' => __('The user who generated the event.', 'audit') + ], + 'action' => [ 'display' => __('Action', 'audit'), - 'align' => 'left', - 'sort' => 'ASC', - 'tip' => __('The Cacti Action requested. Hover over action to see $_POST data.', 'audit') - ), - 'user_agent' => array( + 'align' => 'left', + 'sort' => 'ASC', + 'tip' => __('The Cacti Action requested. Hover over action to see $_POST data.', 'audit') + ], + 'user_agent' => [ 'display' => __('User Agent', 'audit'), - 'align' => 'left', - 'sort' => 'ASC', - 'tip' => __('The browser type of the requester.', 'audit') - ), - 'ip_address' => array( + 'align' => 'left', + 'sort' => 'ASC', + 'tip' => __('The browser type of the requester.', 'audit') + ], + 'ip_address' => [ 'display' => __('IP Address', 'audit'), - 'align' => 'right', - 'sort' => 'ASC', - 'tip' => __('The IP Address of the requester.', 'audit') - ), - 'event_time' => array( + 'align' => 'right', + 'sort' => 'ASC', + 'tip' => __('The IP Address of the requester.', 'audit') + ], + 'event_time' => [ 'display' => __('Event Time', 'audit'), - 'align' => 'right', - 'sort' => 'DESC', - 'tip' => __('The time the Event took place.', 'audit') - ) - ); + 'align' => 'right', + 'sort' => 'DESC', + 'tip' => __('The time the Event took place.', 'audit') + ] + ]; html_header_sort($display_text, get_request_var('sort_column'), get_request_var('sort_direction'), false); $i = 0; + if (cacti_sizeof($events)) { foreach ($events as $e) { if ($e['action'] == 'cli') { @@ -465,4 +485,3 @@ function audit_log() { $value) { if (preg_match('/pass|phrase/i', $key)) { unset($post[$key]); } } - /* check if drp_action is present and update action accordingly */ + // check if drp_action is present and update action accordingly if (isset($post['drp_action']) && $post['drp_action'] == 1) { $action = 'delete'; - } else if (isset($post['drp_action']) && $post['drp_action'] == 4) { + } elseif (isset($post['drp_action']) && $post['drp_action'] == 4) { $action = 'disable'; } - /* sanitize and serialize selected items */ + // sanitize and serialize selected items if (isset($post['selected_items'])) { $selected_items = unserialize(stripslashes($post['selected_items']), ['allowed_classes' => false]); $drop_action = $post['drp_action']; @@ -167,10 +169,10 @@ function audit_config_insert() { $user_id = (isset($_SESSION['sess_user_id']) ? $_SESSION['sess_user_id'] : 0); $event_time = date('Y-m-d H:i:s'); - /* Retrieve IP address */ + // Retrieve IP address $ip_address = get_client_addr(); - /* Get the User Agent */ + // Get the User Agent $user_agent = $_SERVER['HTTP_USER_AGENT']; if (empty($action) && isset_request_var('action')) { @@ -186,9 +188,11 @@ function audit_config_insert() { switch ($drop_action) { case 2: $action = 'Delete Device'; + break; case 1: $action = 'Create Device'; + break; } @@ -197,9 +201,11 @@ function audit_config_insert() { switch ($drop_action) { case 2: $action = 'Host Enabled'; + break; case 3: $action = 'Host Disabled'; + break; } @@ -232,7 +238,7 @@ function audit_config_insert() { } } - if (read_config_option('audit_log_external') == 'on' && $audit_log != '' && file_exists($audit_log)) { + if (read_config_option('audit_log_external') == 'on' && $audit_log != '' && file_exists($audit_log)) { $log_data = [ 'page' => $page, 'user_id' => $user_id, @@ -256,21 +262,20 @@ function audit_config_insert() { $page = basename($_SERVER['argv'][0]); $user_id = 0; $action = 'cli'; - $ip_address = getHostByName(php_uname('n')); + $ip_address = gethostbyname(php_uname('n')); $user_agent = get_current_user(); $event_time = date('Y-m-d H:i:s'); $post = implode(' ', $_SERVER['argv']); - /* don't insert poller records */ - if (strpos($_SERVER['argv'][0], 'poller') === false && - strpos($_SERVER['argv'][0], 'cmd.php') === false && - strpos($_SERVER['argv'][0], '/scripts/') === false && + // don't insert poller records + if (strpos($_SERVER['argv'][0], 'poller') === false && + strpos($_SERVER['argv'][0], 'cmd.php') === false && + strpos($_SERVER['argv'][0], '/scripts/') === false && strpos($_SERVER['argv'][0], 'script_server.php') === false && - strpos($_SERVER['argv'][0], '_process.php') === false) { - + strpos($_SERVER['argv'][0], '_process.php') === false) { db_execute_prepared('INSERT INTO audit_log (page, user_id, action, ip_address, user_agent, event_time, post) VALUES (?, ?, ?, ?, ?, ?, ?)', [$page, $user_id, $action, $ip_address, $user_agent, $event_time, $post]); } } -} \ No newline at end of file +} diff --git a/index.php b/index.php index a25b19c..06a9f5c 100644 --- a/index.php +++ b/index.php @@ -1,6 +1,6 @@ array( - 'link' => 'plugins/audit/audit.php', + [ + __('View Audit Log', 'audit') => [ + 'link' => 'plugins/audit/audit.php', 'description' => __('Allows Administrators to view change activity on the Cacti server. Administrators can also export the audit log for analysis purposes.', 'audit') - ) - ) + ] + ] ); } } @@ -255,7 +259,7 @@ function audit_config_arrays() { $messages['audit_message'] = ['message' => $_SESSION['audit_message'], 'type' => 'info']; } - $audit_retentions = array( + $audit_retentions = [ -1 => __('Indefinitely', 'audit'), 14 => __('%d Weeks', 2, 'audit'), 30 => __('%d Month', 1, 'audit'), @@ -266,7 +270,7 @@ function audit_config_arrays() { 365 => __('%d Year', 1, 'audit'), 730 => __('%d Years', 2, 'audit'), 1095 => __('%d Years', 3, 'audit') - ); + ]; $menu[__('Utilities')]['plugins/audit/audit.php'] = __('Audit Log', 'audit'); @@ -280,38 +284,38 @@ function audit_config_arrays() { function audit_config_settings() { global $tabs, $settings, $item_rows, $audit_retentions; - $temp = array( - 'audit_header' => array( + $temp = [ + 'audit_header' => [ 'friendly_name' => __('Audit Log Settings', 'audit'), - 'method' => 'spacer', - ), - 'audit_enabled' => array( + 'method' => 'spacer', + ], + 'audit_enabled' => [ 'friendly_name' => __('Enable Audit Log', 'audit'), - 'description' => __('Check this box, if you want the Audit Log to track GUI activities.', 'audit'), - 'method' => 'checkbox', - 'default' => 'on' - ), - 'audit_retention' => array( + 'description' => __('Check this box, if you want the Audit Log to track GUI activities.', 'audit'), + 'method' => 'checkbox', + 'default' => 'on' + ], + 'audit_retention' => [ 'friendly_name' => __('Audit Log Retention', 'audit'), - 'description' => __('How long do you wish Audit Log entries to be retained?', 'audit'), - 'method' => 'drop_array', - 'default' => '90', - 'array' => $audit_retentions - ), - 'audit_log_external' => array( + 'description' => __('How long do you wish Audit Log entries to be retained?', 'audit'), + 'method' => 'drop_array', + 'default' => '90', + 'array' => $audit_retentions + ], + 'audit_log_external' => [ 'friendly_name' => __('External Audit Log', 'audit'), - 'description' => __('Check this box, if you want the Audit Log to be written to an external file.', 'audit'), - 'method' => 'checkbox', - 'default' => 'off' - ), - 'audit_log_external_path' => array( + 'description' => __('Check this box, if you want the Audit Log to be written to an external file.', 'audit'), + 'method' => 'checkbox', + 'default' => 'off' + ], + 'audit_log_external_path' => [ 'friendly_name' => __('External Audit Log Log file Path', 'audit'), - 'description' => __('Enter the path to the external audit log file.', 'audit'), - 'method' => 'filepath', - 'default' => '/var/www/html/cacti/log/audit.log', - 'max_length' => '255' - ), - ); + 'description' => __('Enter the path to the external audit log file.', 'audit'), + 'method' => 'filepath', + 'default' => '/var/www/html/cacti/log/audit.log', + 'max_length' => '255' + ], + ]; $tabs['audit'] = __('Audit', 'audit'); @@ -323,12 +327,12 @@ function audit_config_settings() { } function audit_draw_navigation_text($nav) { - $nav['audit.php:'] = array( + $nav['audit.php:'] = [ 'title' => __('Audit Event Log', 'audit'), 'mapping' => 'index.php:', 'url' => 'audit.php', 'level' => '1' - ); + ]; return $nav; } From 853bc209dca177d108dd49703f18034c27a3a214 Mon Sep 17 00:00:00 2001 From: Thomas Vincent Date: Tue, 14 Jul 2026 07:34:46 -0700 Subject: [PATCH 7/7] ci: remove unavailable versioned Apache PHP package --- .github/workflows/plugin-ci-workflow.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/plugin-ci-workflow.yml b/.github/workflows/plugin-ci-workflow.yml index 87991cc..438da27 100644 --- a/.github/workflows/plugin-ci-workflow.yml +++ b/.github/workflows/plugin-ci-workflow.yml @@ -86,7 +86,7 @@ jobs: run: sudo apt-get update - name: Install System Dependencies - run: sudo apt-get install -y apache2 snmp snmpd rrdtool fping libapache2-mod-php${{ matrix.php }} + run: sudo apt-get install -y apache2 snmp snmpd rrdtool fping - name: Start SNMPD Agent and Test run: | @@ -222,4 +222,3 @@ jobs: exit 1 fi -