| @@ -1,35 +1,155 @@ | | | @@ -1,35 +1,155 @@ |
1 | $NetBSD: patch-install_index.php,v 1.1.1.1 2011/11/22 22:23:13 tez Exp $ | | 1 | $NetBSD: patch-install_index.php,v 1.2 2014/01/08 20:51:28 tron Exp $ |
2 | | | 2 | |
3 | find utilites in PREFIX first | | 3 | - Find utilites in PREFIX first. |
4 | fixup hard coded user and path (documentaion only) | | 4 | - Fix-up hard coded user and path (documentaion only). |
5 | make log directory configurable by package variable | | 5 | - Make log directory configurable by package variable |
| | | 6 | - Fix vulnerability reported in SA54531. Patch taken from here: |
6 | | | 7 | |
7 | --- install/index.php.orig 2011-09-26 20:41:03.000000000 +0000 | | 8 | http://svn.cacti.net/viewvc?view=rev&revision=7420 |
8 | +++ install/index.php | | 9 | |
9 | @@ -95,7 +95,7 @@ function find_best_path($binary_name) { | | 10 | --- install/index.php.orig 2013-08-07 03:31:19.000000000 +0100 |
| | | 11 | +++ install/index.php 2014-01-08 20:26:33.000000000 +0000 |
| | | 12 | @@ -96,7 +96,7 @@ |
10 | if ($config["cacti_server_os"] == "win32") { | | 13 | if ($config["cacti_server_os"] == "win32") { |
11 | $search_paths = array("c:/usr/bin", "c:/cacti", "c:/rrdtool", "c:/spine", "c:/php", "c:/progra~1/php", "c:/net-snmp/bin", "c:/progra~1/net-snmp/bin", "d:/usr/bin", "d:/net-snmp/bin", "d:/progra~1/net-snmp/bin", "d:/cacti", "d:/rrdtool", "d:/spine", "d:/php", "d:/progra~1/php"); | | 14 | $search_paths = array("c:/usr/bin", "c:/cacti", "c:/rrdtool", "c:/spine", "c:/php", "c:/progra~1/php", "c:/net-snmp/bin", "c:/progra~1/net-snmp/bin", "d:/usr/bin", "d:/net-snmp/bin", "d:/progra~1/net-snmp/bin", "d:/cacti", "d:/rrdtool", "d:/spine", "d:/php", "d:/progra~1/php"); |
12 | }else{ | | 15 | }else{ |
13 | - $search_paths = array("/bin", "/sbin", "/usr/bin", "/usr/sbin", "/usr/local/bin", "/usr/local/sbin"); | | 16 | - $search_paths = array("/bin", "/sbin", "/usr/bin", "/usr/sbin", "/usr/local/bin", "/usr/local/sbin"); |
14 | + $search_paths = array("@PREFIX@/bin", "@PREFIX@/sbin", "/bin", "/sbin", "/usr/bin", "/usr/sbin", "/usr/local/bin", "/usr/local/sbin"); | | 17 | + $search_paths = array("@PREFIX@/bin", "@PREFIX@/sbin", "/bin", "/sbin", "/usr/bin", "/usr/sbin", "/usr/local/bin", "/usr/local/sbin"); |
15 | } | | 18 | } |
16 | | | 19 | |
17 | for ($i=0; $i<count($search_paths); $i++) { | | 20 | for ($i=0; $i<count($search_paths); $i++) { |
18 | @@ -266,7 +266,7 @@ $input["path_cactilog"]["description"] = | | 21 | @@ -267,7 +267,7 @@ |
19 | if (config_value_exists("path_cactilog")) { | | 22 | if (config_value_exists("path_cactilog")) { |
20 | $input["path_cactilog"]["default"] = read_config_option("path_cactilog"); | | 23 | $input["path_cactilog"]["default"] = read_config_option("path_cactilog"); |
21 | } else { | | 24 | } else { |
22 | - $input["path_cactilog"]["default"] = $config["base_path"] . "/log/cacti.log"; | | 25 | - $input["path_cactilog"]["default"] = $config["base_path"] . "/log/cacti.log"; |
23 | + $input["path_cactilog"]["default"] = "@CACTI_LOGDIR@" . "/cacti.log"; | | 26 | + $input["path_cactilog"]["default"] = "@CACTI_LOGDIR@" . "/cacti.log"; |
24 | } | | 27 | } |
25 | | | 28 | |
26 | /* SNMP Version */ | | 29 | /* SNMP Version */ |
27 | @@ -652,7 +652,7 @@ if ($_REQUEST["step"] == "4") { | | 30 | @@ -310,27 +310,28 @@ |
| | | 31 | } |
| | | 32 | |
| | | 33 | /* pre-processing that needs to be done for each step */ |
| | | 34 | -if (empty($_REQUEST["step"])) { |
| | | 35 | - $_REQUEST["step"] = 1; |
| | | 36 | -}else{ |
| | | 37 | - if ($_REQUEST["step"] == "1") { |
| | | 38 | - $_REQUEST["step"] = "2"; |
| | | 39 | - }elseif (($_REQUEST["step"] == "2") && ($_REQUEST["install_type"] == "1")) { |
| | | 40 | - $_REQUEST["step"] = "3"; |
| | | 41 | - }elseif (($_REQUEST["step"] == "2") && ($_REQUEST["install_type"] == "3")) { |
| | | 42 | - $_REQUEST["step"] = "8"; |
| | | 43 | - }elseif (($_REQUEST["step"] == "8") && ($old_version_index <= array_search("0.8.5a", $cacti_versions))) { |
| | | 44 | - $_REQUEST["step"] = "9"; |
| | | 45 | - }elseif ($_REQUEST["step"] == "8") { |
| | | 46 | - $_REQUEST["step"] = "3"; |
| | | 47 | - }elseif ($_REQUEST["step"] == "9") { |
| | | 48 | - $_REQUEST["step"] = "3"; |
| | | 49 | - }elseif ($_REQUEST["step"] == "3") { |
| | | 50 | - $_REQUEST["step"] = "4"; |
| | | 51 | +if (isset($_REQUEST["step"]) && $_REQUEST["step"] > 0) { |
| | | 52 | + $step = intval($_REQUEST["step"]); |
| | | 53 | + if ($step == "1") { |
| | | 54 | + $step = "2"; |
| | | 55 | + } elseif (($step == "2") && ($_REQUEST["install_type"] == "1")) { |
| | | 56 | + $step = "3"; |
| | | 57 | + } elseif (($step == "2") && ($_REQUEST["install_type"] == "3")) { |
| | | 58 | + $step = "8"; |
| | | 59 | + } elseif (($step == "8") && ($old_version_index <= array_search("0.8.5a", $cacti_versions))) { |
| | | 60 | + $step = "9"; |
| | | 61 | + } elseif ($step == "8") { |
| | | 62 | + $step = "3"; |
| | | 63 | + } elseif ($step == "9") { |
| | | 64 | + $step = "3"; |
| | | 65 | + } elseif ($step == "3") { |
| | | 66 | + $step = "4"; |
| | | 67 | } |
| | | 68 | +} else { |
| | | 69 | + $step = 1; |
| | | 70 | } |
| | | 71 | |
| | | 72 | -if ($_REQUEST["step"] == "4") { |
| | | 73 | +if ($step == "4") { |
| | | 74 | include_once("../lib/data_query.php"); |
| | | 75 | include_once("../lib/utility.php"); |
| | | 76 | |
| | | 77 | @@ -366,7 +367,7 @@ |
| | | 78 | |
| | | 79 | header ("Location: ../index.php"); |
| | | 80 | exit; |
| | | 81 | -}elseif (($_REQUEST["step"] == "8") && ($_REQUEST["install_type"] == "3")) { |
| | | 82 | +}elseif (($step == "8") && ($_REQUEST["install_type"] == "3")) { |
| | | 83 | /* if the version is not found, die */ |
| | | 84 | if (!is_int($old_version_index)) { |
| | | 85 | print " <p style='font-family: Verdana, Arial; font-size: 16px; font-weight: bold; color: red;'>Error</p> |
| | | 86 | @@ -505,7 +506,7 @@ |
| | | 87 | </tr> |
| | | 88 | <tr> |
| | | 89 | <td width="100%" style="font-size: 12px;"> |
| | | 90 | - <?php if ($_REQUEST["step"] == "1") { ?> |
| | | 91 | + <?php if ($step == "1") { ?> |
| | | 92 | |
| | | 93 | <p>Thanks for taking the time to download and install cacti, the complete graphing |
| | | 94 | solution for your network. Before you can start making cool graphs, there are a few |
| | | 95 | @@ -530,7 +531,7 @@ |
| | | 96 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| | | 97 | GNU General Public License for more details.</p> |
| | | 98 | |
| | | 99 | - <?php }elseif ($_REQUEST["step"] == "2") { ?> |
| | | 100 | + <?php }elseif ($step == "2") { ?> |
| | | 101 | |
| | | 102 | <p>Please select the type of installation</p> |
| | | 103 | |
| | | 104 | @@ -551,7 +552,7 @@ |
| | | 105 | print "Server Operating System Type: " . $config["cacti_server_os"] . "<br>"; ?> |
| | | 106 | </p> |
| | | 107 | |
| | | 108 | - <?php }elseif ($_REQUEST["step"] == "3") { ?> |
| | | 109 | + <?php }elseif ($step == "3") { ?> |
| | | 110 | |
| | | 111 | <p>Make sure all of these values are correct before continuing.</p> |
| | | 112 | <?php |
| | | 113 | @@ -609,7 +610,7 @@ |
| | | 114 | is an upgrade. You can change any of the settings on this screen at a later |
| | | 115 | time by going to "Cacti Settings" from within Cacti.</p> |
| | | 116 | |
| | | 117 | - <?php }elseif ($_REQUEST["step"] == "8") { ?> |
| | | 118 | + <?php }elseif ($step == "8") { ?> |
| | | 119 | |
| | | 120 | <p>Upgrade results:</p> |
| | | 121 | |
| | | 122 | @@ -659,7 +660,7 @@ |
| | | 123 | print $upgrade_results; |
| | | 124 | ?> |
| | | 125 | |
| | | 126 | - <?php }elseif ($_REQUEST["step"] == "9") { ?> |
| | | 127 | + <?php }elseif ($step == "9") { ?> |
| | | 128 | |
| | | 129 | <p style='font-size: 16px; font-weight: bold; color: red;'>Important Upgrade Notice</p> |
| | | 130 | |
| | | 131 | @@ -667,13 +668,13 @@ |
28 | | | 132 | |
29 | <p>See the sample crontab entry below with the change made in red. Your crontab line will look slightly different based upon your setup.</p> | | 133 | <p>See the sample crontab entry below with the change made in red. Your crontab line will look slightly different based upon your setup.</p> |
30 | | | 134 | |
31 | - <p><tt>*/5 * * * * cactiuser php /var/www/html/cacti/<span style='font-weight: bold; color: red;'>poller.php</span> > /dev/null 2>&1</tt></p> | | 135 | - <p><tt>*/5 * * * * cactiuser php /var/www/html/cacti/<span style='font-weight: bold; color: red;'>poller.php</span> > /dev/null 2>&1</tt></p> |
32 | + <p><tt>*/5 * * * * @CACTI_USER@ php @CACTIDIR@<span style='font-weight: bold; color: red;'>poller.php</span> > /dev/null 2>&1</tt></p> | | 136 | + <p><tt>*/5 * * * * @CACTI_USER@ php @CACTIDIR@<span style='font-weight: bold; color: red;'>poller.php</span> > /dev/null 2>&1</tt></p> |
33 | | | 137 | |
34 | <p>Once you have made this change, please click Next to continue.</p> | | 138 | <p>Once you have made this change, please click Next to continue.</p> |
35 | | | 139 | |
| | | 140 | <?php }?> |
| | | 141 | |
| | | 142 | - <p align="right"><input type="image" src="install_<?php if ($_REQUEST["step"] == "3") {?>finish<?php }else{?>next<?php }?>.gif" alt="<?php if ($_REQUEST["step"] == "3"){?>Finish<?php }else{?>Next<?php }?>"></p> |
| | | 143 | + <p align="right"><input type="image" src="install_<?php if ($step == "3") {?>finish<?php }else{?>next<?php }?>.gif" alt="<?php if ($step == "3"){?>Finish<?php }else{?>Next<?php }?>"></p> |
| | | 144 | </td> |
| | | 145 | </tr> |
| | | 146 | </table> |
| | | 147 | @@ -681,7 +682,7 @@ |
| | | 148 | </tr> |
| | | 149 | </table> |
| | | 150 | |
| | | 151 | -<input type="hidden" name="step" value="<?php print $_REQUEST["step"];?>"> |
| | | 152 | +<input type="hidden" name="step" value="<?php print $step;?>"> |
| | | 153 | |
| | | 154 | </form> |
| | | 155 | |