clones/librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-09-21 18:38:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
95a0050074
librenms/includes/html/pages/addsrv.inc.php
PipoCanaja 41ddce6377
XSS fix, cont. again (#13778) 
* XSS in alert template creation

* XSS in alert rule name

* XSS in service name & desc

* style

* strip_tags in alert_notes

* strip_tags in create_alert_item

* strip_tags in addsrv page
2022-02-13 20:23:07 +01:00

43 lines
1.3 KiB
PHP
Raw Blame History

<?php
$no_refresh = true;
if (! Auth::user()->hasGlobalAdmin()) {
include 'includes/html/error-no-perm.inc.php';
} else {
if ($vars['addsrv']) {
if (Auth::user()->hasGlobalAdmin()) {
$updated = '1';
$service_id = add_service($vars['device'], $vars['type'], strip_tags($vars['descr']), $vars['ip'], $vars['params'], $vars['ignore'], $vars['disabled'], 0, strip_tags($vars['name']));
if ($service_id) {
$message .= $message_break . 'Service added (' . $service_id . ')!';
$message_break .= '<br />';
}
}
}
foreach (list_available_services() as $current_service) {
$servicesform .= "<option value='$current_service'>$current_service</option>";
}
foreach (dbFetchRows('SELECT * FROM `devices` ORDER BY `hostname`') as $device) {
$devicesform .= "<option value='" . $device['device_id'] . "'>" . format_hostname($device) . '</option>';
}
if ($updated) {
print_message('Device Settings Saved');
}
$pagetitle[] = 'Add service';
echo "<div class='row'>
<div class='col-sm-3'>
</div>
<div class='col-sm-6'>";
include_once 'includes/html/print-service-add.inc.php';
echo '</div>
</div>';
}//end if
Reference in New Issue View Git Blame Copy Permalink