Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Input validation needed when creating weathermap config file. Don't allows spaces #158

Open
esundberg opened this issue Nov 18, 2024 · 1 comment
Open

Input validation needed when creating weathermap config file. Don't allows spaces #158

esundberg opened this issue Nov 18, 2024 · 1 comment

Comments

@esundberg
Copy link

Unable to edit weathermap if the file name has a space in it. This weathermap was cloned from another weathermap.

Issue with new weathermap: Management - POP.conf

  • The configuration file is created with the space
  • Unable to edit the configuration file, even when clone and existing weathermap
  • You are able to view the weathermap text configuration file by clicking on the binoculars icon
  • It does generate a thumbnail of the weathermap.
  • You just can't edit it, it opens up a blank editor screen

Suggested fix for this would be to
-validate map configuration file name to only be a-z, A-Z -_ in the filename
-automatically add the .conf file extensions, also validate that you don't end up with map.conf.conf configuration filename

image

image

image

root@cacti:/home/netadmin/cacti/plugins/weathermap/configs# ls -al
total 76
drwxr-xr-x  2 www-data www-data  4096 Nov 18 00:35  .
drwxr-xr-x 12 www-data www-data  4096 Nov  8 14:20  ..
-rw-r--r--  1 www-data www-data   765 Nov 18 00:19  ATL1.conf
-rw-r--r--  1 www-data www-data 13533 Nov 11 02:41  CHI1.conf
-rw-r--r--  1 www-data www-data    33 Nov  8 13:47  .htaccess
-rw-r--r--  1 www-data www-data    39 Nov  8 13:47  index.php
-rw-r--r--  1 www-data www-data 18992 Nov 12 03:45  managementchi1chi2.conf
-rw-r--r--  1 www-data www-data 18987 Nov 18 00:23 'Management - POP.conf'

MariaDB [cacti]> select * from plugin_config
    -> ;
+----+------------+-------------------+--------+-------------------------------+-------------------+---------+---------------------+
| id | directory  | name              | status | author                        | webpage           | version | last_updated        |
+----+------------+-------------------+--------+-------------------------------+-------------------+---------+---------------------+
|  1 | weathermap | Weathermap Plugin |      1 | The Cacti Group, Howard Jones | https://cacti.net | 1.3.1   | 2024-11-08 13:48:26 |
+----+------------+-------------------+--------+-------------------------------+-------------------+---------+---------------------+
1 row in set (0.000 sec)

MariaDB [cacti]> select * from weathermap_config_cache;
+--------+-------------------------+------------------------------------------------------------------------+----------+----------------------------+--------+---------------------+---------------------+---------+
| map_id | filename                | realfile                                                               | filesize | title                      | status | create_time         | modify_time         | present |
+--------+-------------------------+------------------------------------------------------------------------+----------+----------------------------+--------+---------------------+---------------------+---------+
|      0 | ATL1.conf               | /var/www/html/cacti/plugins/weathermap/configs/ATL1.conf               |      765 | (No Title)                 |        | 2024-11-18 00:19:54 | 2024-11-18 00:19:54 |       1 |
|      3 | CHI1.conf               | /var/www/html/cacti/plugins/weathermap/configs/CHI1.conf               |    13533 | CHI1                       |        | 2024-11-13 00:55:46 | 2024-11-11 02:41:23 |       1 |
|      4 | Management - POP.conf   | /var/www/html/cacti/plugins/weathermap/configs/Management - POP.conf   |    18987 | Management - POPs          |        | 2024-11-18 00:23:05 | 2024-11-18 00:23:05 |       1 |
|      2 | managementchi1chi2.conf | /var/www/html/cacti/plugins/weathermap/configs/managementchi1chi2.conf |    18992 | Management - CHI1-CHI2     |        | 2024-11-13 00:55:46 | 2024-11-12 03:45:31 |       1 |
|      0 | simple.conf             | /var/www/html/cacti/plugins/weathermap/configs/simple.conf             |     3741 | Management - CHI1-CHI2 old |        | 2024-11-13 00:55:46 | 2024-11-08 14:21:59 |       1 |
+--------+-------------------------+------------------------------------------------------------------------+----------+----------------------------+--------+---------------------+---------------------+---------+
5 rows in set (0.000 sec)

MariaDB [cacti]> select * from weathermap_data;
Empty set (0.000 sec)

MariaDB [cacti]> select * from weathermap_groups;
+----+-------------+-----------+
| id | name        | sortorder |
+----+-------------+-----------+
|  1 | Weathermaps |         1 |
+----+-------------+-----------+
1 row in set (0.000 sec)

MariaDB [cacti]> select * from weathermap_maps;
+----+-----------+----------+--------+-------------------------+-----------+----------+------------------------+----------------------+-----------+-------+--------+-------------+--------------+----------+-----------+------------------+--------------+
| id | sortorder | group_id | active | configfile              | imagefile | htmlfile | titlecache             | filehash             | warncount | debug | config | thumb_width | thumb_height | schedule | archiving | duration         | last_runtime |
+----+-----------+----------+--------+-------------------------+-----------+----------+------------------------+----------------------+-----------+-------+--------+-------------+--------------+----------+-----------+------------------+--------------+
|  2 |         2 |        1 | on     | managementchi1chi2.conf |           |          | Management - CHI1-CHI2 | 880343763d3f9a6bcf32 |         0 | off   |        |         500 |          375 | *        | off       | 0.66970801353455 |   1731911838 |
|  3 |         3 |        1 | on     | CHI1.conf               |           |          | CHI1                   | 898a5f5fcd4313b33178 |         0 | off   |        |         500 |          375 | *        | off       | 0.51517915725708 |   1731911839 |
|  4 |         1 |        1 | on     | Management - POP.conf   |           |          | Management - POPs      | 41dbd3a47112c90e08b5 |         0 | off   |        |         500 |          375 | *        | off       | 0.66685795783997 |   1731911837 |
+----+-----------+----------+--------+-------------------------+-----------+----------+------------------------+----------------------+-----------+-------+--------+-------------+--------------+----------+-----------+------------------+--------------+
3 rows in set (0.000 sec)

MariaDB [cacti]> select * from weathermap_settings;
Empty set (0.000 sec)

====================
Test case on new map
created: test space.conf

File: test space.conf was created and listed in weathermap

When editing this new file it was opened as "testspace.conf" not "test space.conf"

root@cacti:/home/netadmin/cacti/plugins/weathermap/configs# ls
 ATL1.conf   CHI1.conf   index.php   managementchi1chi2.conf  'Management - POP.conf'  'test space.conf'   testspace.conf
root@cacti:/home/netadmin/cacti/plugins/weathermap/configs# cat testspace.conf 
# Automatically generated by php-weathermap v1.3.1



KEYPOS DEFAULT -1 -1 Traffic Load
KEYTEXTCOLOR 0 0 0
KEYOUTLINECOLOR 0 0 0
KEYBGCOLOR 255 255 255
BGCOLOR 255 255 255
TITLECOLOR 0 0 0
TIMECOLOR 0 0 0
SCALE DEFAULT 0    0    192 192 192  
SCALE DEFAULT 0    1    255 255 255  
SCALE DEFAULT 1    10   140   0 255  
SCALE DEFAULT 10   25    32  32 255  
SCALE DEFAULT 25   40     0 192 255  
SCALE DEFAULT 40   55     0 240   0  
SCALE DEFAULT 55   70   240 240   0  
SCALE DEFAULT 70   85   255 192   0  
SCALE DEFAULT 85   100  255   0   0  

SET key_hidezero_DEFAULT 1

# End of global section


# TEMPLATE-only NODEs:
NODE DEFAULT
        MAXVALUE 100


# TEMPLATE-only LINKs:
LINK DEFAULT
        BANDWIDTH 100M


# regular NODEs:
NODE node01976
        LABEL Node
        POSITION 262 261


# regular LINKs:


# That's All Folks!
root@cacti:/home/netadmin/cacti/plugins/weathermap/configs# cat 'test space.conf' 
# Automatically generated by php-weathermap v1.3.1



KEYPOS DEFAULT -1 -1 Traffic Load
KEYTEXTCOLOR 0 0 0
KEYOUTLINECOLOR 0 0 0
KEYBGCOLOR 255 255 255
BGCOLOR 255 255 255
TITLECOLOR 0 0 0
TIMECOLOR 0 0 0
SCALE DEFAULT 0    0    192 192 192  
SCALE DEFAULT 0    1    255 255 255  
SCALE DEFAULT 1    10   140   0 255  
SCALE DEFAULT 10   25    32  32 255  
SCALE DEFAULT 25   40     0 192 255  
SCALE DEFAULT 40   55     0 240   0  
SCALE DEFAULT 55   70   240 240   0  
SCALE DEFAULT 70   85   255 192   0  
SCALE DEFAULT 85   100  255   0   0  

SET key_hidezero_DEFAULT 1

# End of global section


# TEMPLATE-only NODEs:
NODE DEFAULT
        MAXVALUE 100


# TEMPLATE-only LINKs:
LINK DEFAULT
        BANDWIDTH 100M


# regular NODEs:

# regular LINKs:


# That's All Folks!
root@cacti:/home/netadmin/cacti/plugins/weathermap/configs#
@esundberg
Copy link
Author

On the devel train 1.3

netadmin@cacti:/var/www/html/cacti$ git status
On branch develop
Your branch is up to date with 'origin/develop'.

nothing to commit, working tree clean
netadmin@cacti:/var/www/html/cacti$ git log -1
commit b94bf9c3aae514b471a5f56b4eb835366c034d5a (HEAD -> develop, origin/develop, origin/HEAD)
Author: TheWitness <[email protected]>
Date:   Mon Nov 11 11:23:23 2024 -0500

    QA: Fix issue with CSRF failing on no method passed
netadmin@cacti:/var/www/html/cacti$

On ubuntu 24.04

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@esundberg