1 |
commit: aa240655c683eb070932a40e3b0773be307603bf |
2 |
Author: Jeroen Roovers <jer <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Feb 2 05:10:43 2016 +0000 |
4 |
Commit: Jeroen Roovers <jer <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Feb 2 05:10:43 2016 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa240655 |
7 |
|
8 |
net-analyzer/cacti: Add upstream patch for CVE-2015-8369 (bug #568400). |
9 |
|
10 |
Package-Manager: portage-2.2.27 |
11 |
|
12 |
net-analyzer/cacti/cacti-0.8.8f-r1.ebuild | 62 +++++++ |
13 |
.../cacti/files/cacti-0.8.8f-CVE-2015-8369.patch | 204 +++++++++++++++++++++ |
14 |
2 files changed, 266 insertions(+) |
15 |
|
16 |
diff --git a/net-analyzer/cacti/cacti-0.8.8f-r1.ebuild b/net-analyzer/cacti/cacti-0.8.8f-r1.ebuild |
17 |
new file mode 100644 |
18 |
index 0000000..782f241 |
19 |
--- /dev/null |
20 |
+++ b/net-analyzer/cacti/cacti-0.8.8f-r1.ebuild |
21 |
@@ -0,0 +1,62 @@ |
22 |
+# Copyright 1999-2016 Gentoo Foundation |
23 |
+# Distributed under the terms of the GNU General Public License v2 |
24 |
+# $Id$ |
25 |
+ |
26 |
+EAPI=5 |
27 |
+ |
28 |
+inherit eutils webapp |
29 |
+ |
30 |
+# Support for _p* in version. |
31 |
+MY_P=${P/_p*/} |
32 |
+ |
33 |
+DESCRIPTION="Cacti is a complete frontend to rrdtool" |
34 |
+HOMEPAGE="http://www.cacti.net/" |
35 |
+SRC_URI="http://www.cacti.net/downloads/${MY_P}.tar.gz" |
36 |
+ |
37 |
+LICENSE="GPL-2" |
38 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ppc ~ppc64 ~sparc ~x86" |
39 |
+IUSE="snmp doc" |
40 |
+ |
41 |
+need_httpd |
42 |
+ |
43 |
+RDEPEND=" |
44 |
+ dev-lang/php[cli,mysql,session,sockets,xml] |
45 |
+ dev-php/adodb |
46 |
+ net-analyzer/rrdtool[graph] |
47 |
+ virtual/cron |
48 |
+ virtual/mysql |
49 |
+ snmp? ( >=net-analyzer/net-snmp-5.2.0 ) |
50 |
+" |
51 |
+ |
52 |
+src_prepare() { |
53 |
+ epatch "${FILESDIR}"/${P}-CVE-2015-8369.patch |
54 |
+ |
55 |
+ sed -i -e \ |
56 |
+ 's:$config\["library_path"\] . "/adodb/adodb.inc.php":"adodb/adodb.inc.php":' \ |
57 |
+ "${S}"/include/global.php || die |
58 |
+ |
59 |
+ rm -rf lib/adodb || die # don't use bundled adodb |
60 |
+} |
61 |
+ |
62 |
+src_compile() { :; } |
63 |
+ |
64 |
+src_install() { |
65 |
+ webapp_src_preinst |
66 |
+ |
67 |
+ rm LICENSE README || die |
68 |
+ dodoc docs/{CHANGELOG,CONTRIB,README,txt/manual.txt} |
69 |
+ use doc && dohtml -r docs/html/ |
70 |
+ rm -rf docs |
71 |
+ |
72 |
+ edos2unix `find -type f -name '*.php'` |
73 |
+ |
74 |
+ dodir ${MY_HTDOCSDIR} |
75 |
+ cp -r . "${D}"${MY_HTDOCSDIR} |
76 |
+ |
77 |
+ webapp_serverowned ${MY_HTDOCSDIR}/rra |
78 |
+ webapp_serverowned ${MY_HTDOCSDIR}/log/cacti.log |
79 |
+ webapp_configfile ${MY_HTDOCSDIR}/include/config.php |
80 |
+ webapp_postinst_txt en "${FILESDIR}"/postinstall-en.txt |
81 |
+ |
82 |
+ webapp_src_install |
83 |
+} |
84 |
|
85 |
diff --git a/net-analyzer/cacti/files/cacti-0.8.8f-CVE-2015-8369.patch b/net-analyzer/cacti/files/cacti-0.8.8f-CVE-2015-8369.patch |
86 |
new file mode 100644 |
87 |
index 0000000..2019a61 |
88 |
--- /dev/null |
89 |
+++ b/net-analyzer/cacti/files/cacti-0.8.8f-CVE-2015-8369.patch |
90 |
@@ -0,0 +1,204 @@ |
91 |
+--- a/graph.php |
92 |
++++ b/graph.php |
93 |
+@@ -32,43 +32,43 @@ |
94 |
+ |
95 |
+ api_plugin_hook_function('graph'); |
96 |
+ |
97 |
+-include_once("./lib/html_tree.php"); |
98 |
+-include_once("./include/top_graph_header.php"); |
99 |
+- |
100 |
+ /* ================= input validation ================= */ |
101 |
+-input_validate_input_regex(get_request_var("rra_id"), "^([0-9]+|all)$"); |
102 |
+-input_validate_input_number(get_request_var("local_graph_id")); |
103 |
+-input_validate_input_number(get_request_var("graph_end")); |
104 |
+-input_validate_input_number(get_request_var("graph_start")); |
105 |
++input_validate_input_regex(get_request_var_request("rra_id"), "^([0-9]+|all)$"); |
106 |
++input_validate_input_number(get_request_var_request("local_graph_id")); |
107 |
++input_validate_input_number(get_request_var_request("graph_end")); |
108 |
++input_validate_input_number(get_request_var_request("graph_start")); |
109 |
+ input_validate_input_regex(get_request_var_request("view_type"), "^([a-zA-Z0-9]+)$"); |
110 |
+ /* ==================================================== */ |
111 |
+ |
112 |
+-if (!isset($_GET['rra_id'])) { |
113 |
+- $_GET['rra_id'] = 'all'; |
114 |
++include_once("./lib/html_tree.php"); |
115 |
++include_once("./include/top_graph_header.php"); |
116 |
++ |
117 |
++if (!isset($_REQUEST['rra_id'])) { |
118 |
++ $_REQUEST['rra_id'] = 'all'; |
119 |
+ } |
120 |
+ |
121 |
+-if ($_GET["rra_id"] == "all") { |
122 |
++if ($_REQUEST["rra_id"] == "all") { |
123 |
+ $sql_where = " where id is not null"; |
124 |
+ }else{ |
125 |
+- $sql_where = " where id=" . $_GET["rra_id"]; |
126 |
++ $sql_where = " where id=" . $_REQUEST["rra_id"]; |
127 |
+ } |
128 |
+ |
129 |
+ /* make sure the graph requested exists (sanity) */ |
130 |
+-if (!(db_fetch_cell("select local_graph_id from graph_templates_graph where local_graph_id=" . $_GET["local_graph_id"]))) { |
131 |
++if (!(db_fetch_cell("select local_graph_id from graph_templates_graph where local_graph_id=" . $_REQUEST["local_graph_id"]))) { |
132 |
+ print "<strong><font size='+1' color='FF0000'>GRAPH DOES NOT EXIST</font></strong>"; exit; |
133 |
+ } |
134 |
+ |
135 |
+ /* take graph permissions into account here, if the user does not have permission |
136 |
+ give an "access denied" message */ |
137 |
+ if (read_config_option("auth_method") != 0) { |
138 |
+- $access_denied = !(is_graph_allowed($_GET["local_graph_id"])); |
139 |
++ $access_denied = !(is_graph_allowed($_REQUEST["local_graph_id"])); |
140 |
+ |
141 |
+ if ($access_denied == true) { |
142 |
+ print "<strong><font size='+1' color='FF0000'>ACCESS DENIED</font></strong>"; exit; |
143 |
+ } |
144 |
+ } |
145 |
+ |
146 |
+-$graph_title = get_graph_title($_GET["local_graph_id"]); |
147 |
++$graph_title = get_graph_title($_REQUEST["local_graph_id"]); |
148 |
+ |
149 |
+ if ($_REQUEST["view_type"] == "tree") { |
150 |
+ print "<table width='100%' style='background-color: #ffffff; border: 1px solid #ffffff;' align='center' cellspacing='0' cellpadding='3'>"; |
151 |
+@@ -76,15 +76,15 @@ |
152 |
+ print "<table width='100%' style='background-color: #f5f5f5; border: 1px solid #bbbbbb;' align='center' cellspacing='0' cellpadding='3'>"; |
153 |
+ } |
154 |
+ |
155 |
+-$rras = get_associated_rras($_GET["local_graph_id"]); |
156 |
++$rras = get_associated_rras($_REQUEST["local_graph_id"]); |
157 |
+ |
158 |
+ switch ($_REQUEST["action"]) { |
159 |
+ case 'view': |
160 |
+ api_plugin_hook_function('page_buttons', |
161 |
+- array('lgid' => $_GET["local_graph_id"], |
162 |
++ array('lgid' => $_REQUEST["local_graph_id"], |
163 |
+ 'leafid' => '',//$leaf_id, |
164 |
+ 'mode' => 'mrtg', |
165 |
+- 'rraid' => $_GET["rra_id"]) |
166 |
++ 'rraid' => $_REQUEST["rra_id"]) |
167 |
+ ); |
168 |
+ ?> |
169 |
+ <tr class='tableHeader'> |
170 |
+@@ -105,13 +105,13 @@ |
171 |
+ <table width='1' cellpadding='0'> |
172 |
+ <tr> |
173 |
+ <td> |
174 |
+- <img class='graphimage' id='graph_<?php print $_GET["local_graph_id"] ?>' src='<?php print htmlspecialchars("graph_image.php?action=view&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"]);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'> |
175 |
++ <img class='graphimage' id='graph_<?php print $_REQUEST["local_graph_id"] ?>' src='<?php print htmlspecialchars("graph_image.php?action=view&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"]);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'> |
176 |
+ </td> |
177 |
+ <td valign='top' style='padding: 3px;' class='noprint'> |
178 |
+- <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"]. "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br> |
179 |
+- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br> |
180 |
+- <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a> |
181 |
+- <?php api_plugin_hook('graph_buttons', array('hook' => 'view', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $rra['id'], 'view_type' => $_REQUEST['view_type'])); ?> |
182 |
++ <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"]. "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br> |
183 |
++ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br> |
184 |
++ <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $rra["id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a> |
185 |
++ <?php api_plugin_hook('graph_buttons', array('hook' => 'view', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $rra['id'], 'view_type' => $_REQUEST['view_type'])); ?> |
186 |
+ <a href='#page_top'><img src='<?php print $config['url_path']; ?>images/graph_page_top.gif' border='0' alt='Page Top' title='Page Top' style='padding: 3px;'></a><br> |
187 |
+ </td> |
188 |
+ </tr> |
189 |
+@@ -143,7 +143,7 @@ |
190 |
+ } |
191 |
+ |
192 |
+ /* fetch information for the current RRA */ |
193 |
+- $rra = db_fetch_row("select id,timespan,steps,name from rra where id=" . $_GET["rra_id"]); |
194 |
++ $rra = db_fetch_row("select id,timespan,steps,name from rra where id=" . $_REQUEST["rra_id"]); |
195 |
+ |
196 |
+ /* define the time span, which decides which rra to use */ |
197 |
+ $timespan = -($rra["timespan"]); |
198 |
+@@ -154,24 +154,24 @@ |
199 |
+ FROM (data_template_data,data_template_rrd,graph_templates_item) |
200 |
+ WHERE graph_templates_item.task_item_id=data_template_rrd.id |
201 |
+ AND data_template_rrd.local_data_id=data_template_data.local_data_id |
202 |
+- AND graph_templates_item.local_graph_id=" . $_GET["local_graph_id"] . |
203 |
++ AND graph_templates_item.local_graph_id=" . $_REQUEST["local_graph_id"] . |
204 |
+ " LIMIT 0,1"); |
205 |
+ $ds_step = empty($ds_step) ? 300 : $ds_step; |
206 |
+ $seconds_between_graph_updates = ($ds_step * $rra["steps"]); |
207 |
+ |
208 |
+ $now = time(); |
209 |
+ |
210 |
+- if (isset($_GET["graph_end"]) && ($_GET["graph_end"] <= $now - $seconds_between_graph_updates)) { |
211 |
+- $graph_end = $_GET["graph_end"]; |
212 |
++ if (isset($_REQUEST["graph_end"]) && ($_REQUEST["graph_end"] <= $now - $seconds_between_graph_updates)) { |
213 |
++ $graph_end = $_REQUEST["graph_end"]; |
214 |
+ }else{ |
215 |
+ $graph_end = $now - $seconds_between_graph_updates; |
216 |
+ } |
217 |
+ |
218 |
+- if (isset($_GET["graph_start"])) { |
219 |
+- if (($graph_end - $_GET["graph_start"])>$max_timespan) { |
220 |
++ if (isset($_REQUEST["graph_start"])) { |
221 |
++ if (($graph_end - $_REQUEST["graph_start"])>$max_timespan) { |
222 |
+ $graph_start = $now - $max_timespan; |
223 |
+ }else { |
224 |
+- $graph_start = $_GET["graph_start"]; |
225 |
++ $graph_start = $_REQUEST["graph_start"]; |
226 |
+ } |
227 |
+ }else{ |
228 |
+ $graph_start = $now + $timespan; |
229 |
+@@ -186,7 +186,7 @@ |
230 |
+ graph_templates_graph.height, |
231 |
+ graph_templates_graph.width |
232 |
+ from graph_templates_graph |
233 |
+- where graph_templates_graph.local_graph_id=" . $_GET["local_graph_id"]); |
234 |
++ where graph_templates_graph.local_graph_id=" . $_REQUEST["local_graph_id"]); |
235 |
+ |
236 |
+ $graph_height = $graph["height"]; |
237 |
+ $graph_width = $graph["width"]; |
238 |
+@@ -214,12 +214,12 @@ |
239 |
+ <table width='1' cellpadding='0'> |
240 |
+ <tr> |
241 |
+ <td> |
242 |
+- <img id='zoomGraphImage' class="graphimage" src='<?php print htmlspecialchars("graph_image.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end . "&graph_height=" . $graph_height . "&graph_width=" . $graph_width . "&title_font_size=" . $title_font_size);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'> |
243 |
++ <img id='zoomGraphImage' class="graphimage" src='<?php print htmlspecialchars("graph_image.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end . "&graph_height=" . $graph_height . "&graph_width=" . $graph_width . "&title_font_size=" . $title_font_size);?>' border='0' alt='<?php print htmlspecialchars($graph_title, ENT_QUOTES);?>'> |
244 |
+ </td> |
245 |
+ <td valign='top' style='padding: 3px;' class='noprint'> |
246 |
+- <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a> |
247 |
+- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>&graph_start=<?php print $graph_start;?>&graph_end=<?php print $graph_end;?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br> |
248 |
+- <?php api_plugin_hook('graph_buttons', array('hook' => 'zoom', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $_GET['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?> |
249 |
++ <a href='<?php print htmlspecialchars("graph.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . $graph_start . "&graph_end=" . $graph_end);?>'><img src='images/graph_properties.gif' border='0' alt='Graph Source/Properties' title='Graph Source/Properties' style='padding: 3px;'></a> |
250 |
++ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>&graph_start=<?php print $graph_start;?>&graph_end=<?php print $graph_end;?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br> |
251 |
++ <?php api_plugin_hook('graph_buttons', array('hook' => 'zoom', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $_REQUEST['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?> |
252 |
+ </td> |
253 |
+ </tr> |
254 |
+ <tr> |
255 |
+@@ -249,17 +249,17 @@ |
256 |
+ <table width='1' cellpadding='0'> |
257 |
+ <tr> |
258 |
+ <td> |
259 |
+- <img src='<?php print htmlspecialchars("graph_image.php?action=properties&local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&graph_start=" . (isset($_GET["graph_start"]) ? $_GET["graph_start"] : "0") . "&graph_end=" . (isset($_GET["graph_end"]) ? $_GET["graph_end"] : "0"));?>' border='0' alt='<?php print htmlspecialchars($graph_title);?>'> |
260 |
++ <img src='<?php print htmlspecialchars("graph_image.php?action=properties&local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&graph_start=" . (isset($_REQUEST["graph_start"]) ? $_REQUEST["graph_start"] : "0") . "&graph_end=" . (isset($_REQUEST["graph_end"]) ? $_REQUEST["graph_end"] : "0"));?>' border='0' alt='<?php print htmlspecialchars($graph_title);?>'> |
261 |
+ </td> |
262 |
+ <td valign='top' style='padding: 3px;'> |
263 |
+- <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_GET["local_graph_id"]. "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . get_request_var("graph_start") . "&graph_end=" . get_request_var("graph_end"));?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br> |
264 |
+- <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_GET["local_graph_id"] . "&rra_id=" . $_GET["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br> |
265 |
+- <?php api_plugin_hook('graph_buttons', array('hook' => 'properties', 'local_graph_id' => $_GET['local_graph_id'], 'rra' => $_GET['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?> |
266 |
++ <a href='<?php print htmlspecialchars("graph.php?action=zoom&local_graph_id=" . $_REQUEST["local_graph_id"]. "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"] . "&graph_start=" . get_request_var("graph_start") . "&graph_end=" . get_request_var("graph_end"));?>'><img src='images/graph_zoom.gif' border='0' alt='Zoom Graph' title='Zoom Graph' style='padding: 3px;'></a><br> |
267 |
++ <a href='<?php print htmlspecialchars("graph_xport.php?local_graph_id=" . $_REQUEST["local_graph_id"] . "&rra_id=" . $_REQUEST["rra_id"] . "&view_type=" . $_REQUEST["view_type"]);?>'><img src='images/graph_query.png' border='0' alt='CSV Export' title='CSV Export' style='padding: 3px;'></a><br> |
268 |
++ <?php api_plugin_hook('graph_buttons', array('hook' => 'properties', 'local_graph_id' => $_REQUEST['local_graph_id'], 'rra' => $_REQUEST['rra_id'], 'view_type' => $_REQUEST['view_type'])); ?> |
269 |
+ </td> |
270 |
+ </tr> |
271 |
+ <tr> |
272 |
+ <td colspan='2' align='center'> |
273 |
+- <strong><?php print htmlspecialchars(db_fetch_cell("select name from rra where id=" . $_GET["rra_id"]));?></strong> |
274 |
++ <strong><?php print htmlspecialchars(db_fetch_cell("select name from rra where id=" . $_REQUEST["rra_id"]));?></strong> |
275 |
+ </td> |
276 |
+ </tr> |
277 |
+ </table> |
278 |
+--- a/include/top_graph_header.php |
279 |
++++ b/include/top_graph_header.php |
280 |
+@@ -146,12 +146,12 @@ |
281 |
+ $graph_data_array["print_source"] = true; |
282 |
+ |
283 |
+ /* override: graph start time (unix time) */ |
284 |
+- if (!empty($_GET["graph_start"])) { |
285 |
++ if (!empty($_REQUEST["graph_start"])) { |
286 |
+ $graph_data_array["graph_start"] = get_request_var_request("graph_start"); |
287 |
+ } |
288 |
+ |
289 |
+ /* override: graph end time (unix time) */ |
290 |
+- if (!empty($_GET["graph_end"])) { |
291 |
++ if (!empty($_REQUEST["graph_end"])) { |
292 |
+ $graph_data_array["graph_end"] = get_request_var_request("graph_end"); |
293 |
+ } |
294 |
+ |