Some more bugfixing

1 year ago · 6e4c4236aa
parent 5e605692dd
commit 6e4c4236aa
14 changed files with 33 additions and 23 deletions
--- a/assetclassedit.php
+++ b/assetclassedit.php
@ -21,7 +21,7 @@ $sth->execute([$assetclass_id]);

 $smarty->assign("assetclass", $sth->fetch(PDO::FETCH_OBJ));

-$smarty->assign("assetclassgroup_options", db_get_options_assetclass());
+$smarty->assign("assetclassgroup_options", db_get_options_assetclassgroup());

 $smarty->display("assetclassedit.tpl");

--- a/assetview.php
+++ b/assetview.php
@ -9,7 +9,11 @@ SPDX-License-Identifier: GPL-3.0-or-later

 include("includes.php");

-$asset_id = sanitize($_GET['asset_id']);
+if (isset($_GET['asset_id']) && (!empty($_GET['asset_id']))) {
+    $asset_id = sanitize($_GET['asset_id']);
+} else {
+    header_location("comments.php?comments=error");
+}

 include("header.php");

--- a/lib.php
+++ b/lib.php
@ -41,13 +41,15 @@ $smarty->template_dir = 'tpl';
 $smarty->compile_dir = 'tpl_c';
 $smarty->registerPlugin('function', 'treelist', 'print_tree');
 $smarty->registerPlugin('function', 'msgout', 'msgout');
-$smarty->assign("suser_name", $_SESSION['suser_displayname']);
-$smarty->assign("suser_tooltips", $_SESSION['suser_tooltips'] ?? 'off');
-$smarty->assign("suser_add", $_SESSION['suser_role_add']);
-$smarty->assign("suser_edit", $_SESSION['suser_role_edit']);
-$smarty->assign("suser_delete", $_SESSION['suser_role_delete']);
-$smarty->assign("suser_manage", $_SESSION['suser_role_manage']);
-$smarty->assign("suser_admin", $_SESSION['suser_role_admin']);
+if (!empty($_SESSION['suser_id'])) {
+    $smarty->assign("suser_name", $_SESSION['suser_displayname']);
+    $smarty->assign("suser_tooltips", $_SESSION['suser_tooltips'] ?? 'off');
+    $smarty->assign("suser_add", $_SESSION['suser_role_add']);
+    $smarty->assign("suser_edit", $_SESSION['suser_role_edit']);
+    $smarty->assign("suser_delete", $_SESSION['suser_role_delete']);
+    $smarty->assign("suser_manage", $_SESSION['suser_role_manage']);
+    $smarty->assign("suser_admin", $_SESSION['suser_role_admin']);
+}

 // prepare global message system
 $g_message = new Message;
--- a/login.php
+++ b/login.php
@ -20,7 +20,9 @@ $dbh = new PDO("mysql:host=$config_mysql_host;dbname=$config_mysql_dbname;charse
 $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 $dbh->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);

-include("lib.php"); // only for get_language from browser. TODO: simplify
+include("lib.php"); // for smarty e.g.
+
+// ========== LOGIN FUNCTIONS =================================================

 function check_ldap_bind($user_name, $user_pass) {
    global $config_ldap_host;
@ -40,7 +42,7 @@ function check_ldap_bind($user_name, $user_pass) {
                if ($res) {
                    $info = ldap_get_entries($ldap_conn, $res);
                    $user_dn = $info[0]['dn'];
-                    $res = ldap_bind($ldap_conn, $user_dn, $user_pass);
+                    $res = @ldap_bind($ldap_conn, $user_dn, $user_pass);
                    if ($res) {
                        return TRUE;
                    }
@ -83,7 +85,7 @@ function user_login ($user_name, $user_pass) {
            return FALSE;
        }
        // TODO sync LDAP data to local
-    { else {
+    } else {
        // compare local passwords
        if (strcmp(md5($user_pass), rtrim($user->user_pass)) != 0) {
            // password does not match with md5, check if new hash matches
@ -135,6 +137,8 @@ function user_login ($user_name, $user_pass) {

 // No header included, this page has no menu

+// ========== LOGIN: HERE BE DRAGONS ==========================================
+
 $language = lang_getfrombrowser($config_lang, $config_lang_default, null, false);
 include('lang/' . $language . '.php');

--- a/nodeview.php
+++ b/nodeview.php
@ -36,8 +36,8 @@ $sql = "SELECT
            zone.zone_origin
        FROM
            node
-            JOIN asset USING (asset_id)
-            JOIN subnet USING (subnet_id)
+            LEFT JOIN asset USING (asset_id)
+            LEFT JOIN subnet USING (subnet_id)
            LEFT JOIN zone USING (zone_id)
        WHERE
            node.node_id=?";
--- a/tpl/assetclassedit.tpl
+++ b/tpl/assetclassedit.tpl
@ -47,7 +47,7 @@
        {$lang_assetclassgroup}
    </td>
    <td class="value">
-        {html_options name=assetclassgroup_id options=$assetclassgroup_options selected=$assetclassgroup_id}
+        {html_options name=assetclassgroup_id options=$assetclassgroup_options selected=$assetclass->group_id}
    </td>
 </tr>
 </table>
--- a/tpl/assetclassgroupview.tpl
+++ b/tpl/assetclassgroupview.tpl
@ -11,7 +11,7 @@
 {if $suser_edit}
        <a href="assetclassgroupedit.php?assetclassgroup_id={$assetclassgroup->id}"><img src="image.php?icon=edit" alt="{$lang_assetclassgroup_edit}" {if $suser_tooltips}title="{$lang_assetclassgroup_edit}" {/if}/></a>
 {/if}
-{if $suser_del}
+{if $suser_delete}
        <a href="assetclassgroupdel.php?assetclassgroup_id={$assetclassgroup->id}"><img src="image.php?icon=delete" alt="{$lang_assetclassgroup_del}" {if $suser_tooltips}title="{$lang_assetclassgroup_del}" {/if}/></a>
 {/if}
    </td>
--- a/tpl/assetclassview.tpl
+++ b/tpl/assetclassview.tpl
@ -11,7 +11,7 @@
 {if $suser_edit}
        <a href="assetclassedit.php?assetclass_id={$assetclass->assetclass_id}"><img src="image.php?icon=edit" alt="{$lang_assetclass_edit}" {if $suser_tooltips}title="{$lang_asset_edit}" {/if}/></a>
 {/if}
-{if $suser_del}
+{if $suser_delete}
        <a href="assetclassdel.php?assetclass_id={$assetclass->assetclass_id}"><img src="image.php?icon=delete" alt="{$lang_assetclass_add}" {if $suser_tooltips}title="{$lang_asset_delete}" {/if}/></a>
 {/if}
    </td>
--- a/tpl/assetview.tpl
+++ b/tpl/assetview.tpl
@ -11,7 +11,7 @@
 {if $suser_edit}
        <a href="assetedit.php?asset_id={$asset->asset_id}"><img src="image.php?icon=edit" alt="{$lang_asset_edit}"></a>
 {/if}
-{if $suser_del}
+{if $suser_delete}
        <a href="assetdel.php?asset_id={$asset->asset_id}"><img src="image.php?icon=delete" alt="{$lang_asset_edit}"></a>
 {/if}
    </td>
--- a/tpl/locationview.tpl
+++ b/tpl/locationview.tpl
@ -11,7 +11,7 @@
 {if $suser_edit}
        <a href="locationedit.php?location_id={$location->id}"><img src="images/building_edit.png" alt="{$lang_location_edit}"></a>
 {/if}
-{if $suser_del}
+{if $suser_delete}
        <a href="locationdel.php?location_id={$location->id}"><img src="images/building_delete.png" alt="{$lang_location_del}"></a>
 {/if}
    </td>
--- a/tpl/nodeview.tpl
+++ b/tpl/nodeview.tpl
@ -8,7 +8,7 @@
 {if $suser_edit}
        <a href="nodeedit.php?node_id={$node->id}"><img src="image.php?icon=edit" alt="{$lang_node_edit}"></a>
 {/if}
-{if $suser_del}
+{if $suser_delete}
        <a href="nodedel.php?node_id={$node->id}"><img src="image.php?icon=delete" alt="{$lang_node_del}"></a>
 {/if}
    </td>
--- a/tpl/subnetview.tpl
+++ b/tpl/subnetview.tpl
@ -8,7 +8,7 @@
 {if $suser_edit}
        <a href="subnetedit.php?subnet_id={$subnet->id}"><img src="image.php?icon=edit" alt="{$lang_subnet_edit}"></a>
 {/if}
-{if $suser_del}
+{if $suser_delete}
        <a href="subnetdel.php?subnet_id={$subnet->id}"><img src="image.php?icon=delete" alt="{$lang_subnet_del}"></a>
 {/if}
    </td>
--- a/tpl/vlanview.tpl
+++ b/tpl/vlanview.tpl
@ -11,7 +11,7 @@
 {if $suser_edit}
        <a href="vlanedit.php?vlan_id={$vlan->id}"><img src="image.php?icon=edit" alt="{$lang_vlan_edit}"></a>
 {/if}
-{if $suser_del}
+{if $suser_delete}
        <a href="vlandel.php?vlan_id={$vlan->id}"><img src="image.php?icon=delete" alt="{$lang_vlan_del}"></a>
 {/if}
    </td>
--- a/tpl/zoneview.tpl
+++ b/tpl/zoneview.tpl
@ -8,7 +8,7 @@
 {if $suser_edit || $suser_admin}
 		<a href="zoneedit.php?zone_id={$zone->zone_id}"><img src="images/table_edit.png" alt="{$lang_zone_edit}" /></a>
 {/if}
-{if $suser_del || $suser_admin}
+{if $suser_delete || $suser_admin}
 		<a href="zonedel.php?zone_id={$zone->zone_id}"><img src="images/table_delete.png" alt="{$lang_zone_del}" /></a>
 {/if}
 	</td>