From f381adad451638022dae63f65b416ed430f3e844 Mon Sep 17 00:00:00 2001 From: David Bell Date: Tue, 8 Mar 2016 14:56:25 +0000 Subject: [PATCH 1/5] The SQL query that was being generated was messed up. I've attempted to refactor the way the query gets generated. Not 100% certain this is the best way to go about it --- html/includes/table/syslog.inc.php | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/html/includes/table/syslog.inc.php b/html/includes/table/syslog.inc.php index 987aac65a1..779fb23ac6 100644 --- a/html/includes/table/syslog.inc.php +++ b/html/includes/table/syslog.inc.php @@ -1,28 +1,28 @@ = ?'; + $where .= 'timestamp >= ? AND '; $param[] = $_POST['from']; } if (!empty($_POST['to'])) { - $where .= ' AND timestamp <= ?'; + $where .= 'timestamp <= ? AND '; $param[] = $_POST['to']; } @@ -31,9 +31,9 @@ if ($_SESSION['userlevel'] >= '5') { $sql .= ' WHERE '.$where; } else { - $sql = 'FROM syslog AS S, devices_perms AS P'; - $sql .= 'WHERE S.device_id = P.device_id AND P.user_id = ?'; - $sql .= $where; + $sql = 'FROM syslog AS S, devices_perms AS P '; + $sql .= 'WHERE S.device_id = P.device_id AND P.user_id = ? AND '; + $sql .= $where . "1"; $param = array_merge(array($_SESSION['user_id']), $param); } @@ -60,6 +60,7 @@ if ($rowCount != -1) { $sql = "SELECT S.*, DATE_FORMAT(timestamp, '".$config['dateformat']['mysql']['compact']."') AS date $sql"; + foreach (dbFetchRows($sql, $param) as $syslog) { $dev = device_by_id_cache($syslog['device_id']); $response[] = array( From 0d8ba52a733da4ecad8bafb61f1208ee1b885ed7 Mon Sep 17 00:00:00 2001 From: David Bell Date: Tue, 8 Mar 2016 15:04:44 +0000 Subject: [PATCH 2/5] I agree to the conditions of the Contributor Agreement contained in doc/General/Contributing.md. --- AUTHORS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/AUTHORS.md b/AUTHORS.md index ae9e3baff2..9ec1f27f33 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -90,6 +90,7 @@ LibreNMS contributors: - Georges Dick (GeorgesDick) - Richard Lawley (richardlawley) - Marco Di Cerbo (marcodc) +- David Bell (geordish) [1]: http://observium.org/ "Observium web site" Observium was written by: From a09d3143f50a4b17862ee062c2a93de9cfb99f06 Mon Sep 17 00:00:00 2001 From: David Bell Date: Tue, 8 Mar 2016 15:22:02 +0000 Subject: [PATCH 3/5] Can't push to an empty array --- html/includes/table/syslog.inc.php | 1 + 1 file changed, 1 insertion(+) diff --git a/html/includes/table/syslog.inc.php b/html/includes/table/syslog.inc.php index 779fb23ac6..4093d935e5 100644 --- a/html/includes/table/syslog.inc.php +++ b/html/includes/table/syslog.inc.php @@ -1,6 +1,7 @@ Date: Tue, 8 Mar 2016 15:28:19 +0000 Subject: [PATCH 4/5] Fix for admin users --- html/includes/table/syslog.inc.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/html/includes/table/syslog.inc.php b/html/includes/table/syslog.inc.php index 4093d935e5..e06648b3aa 100644 --- a/html/includes/table/syslog.inc.php +++ b/html/includes/table/syslog.inc.php @@ -29,7 +29,7 @@ if (!empty($_POST['to'])) { if ($_SESSION['userlevel'] >= '5') { $sql = 'FROM syslog AS S'; - $sql .= ' WHERE '.$where; + $sql .= ' WHERE '.$where . '1'; } else { $sql = 'FROM syslog AS S, devices_perms AS P '; @@ -77,5 +77,6 @@ $output = array( 'rowCount' => $rowCount, 'rows' => $response, 'total' => $total, +'sql' => $sql, ); echo _json_encode($output); From 39aaf84c740ab4a06579694eaa278a7008abc03f Mon Sep 17 00:00:00 2001 From: David Bell Date: Wed, 9 Mar 2016 21:01:47 +0000 Subject: [PATCH 5/5] Changing to a simpler fix suggested by @ekoyle --- html/includes/table/syslog.inc.php | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/html/includes/table/syslog.inc.php b/html/includes/table/syslog.inc.php index e06648b3aa..11c2b9ce73 100644 --- a/html/includes/table/syslog.inc.php +++ b/html/includes/table/syslog.inc.php @@ -1,40 +1,40 @@ = ? AND '; + $where .= ' AND timestamp >= ?'; $param[] = $_POST['from']; } if (!empty($_POST['to'])) { - $where .= 'timestamp <= ? AND '; + $where .= ' AND timestamp <= ?'; $param[] = $_POST['to']; } if ($_SESSION['userlevel'] >= '5') { $sql = 'FROM syslog AS S'; - $sql .= ' WHERE '.$where . '1'; + $sql .= ' WHERE '.$where; } else { $sql = 'FROM syslog AS S, devices_perms AS P '; $sql .= 'WHERE S.device_id = P.device_id AND P.user_id = ? AND '; - $sql .= $where . "1"; + $sql .= $where; $param = array_merge(array($_SESSION['user_id']), $param); } @@ -61,7 +61,6 @@ if ($rowCount != -1) { $sql = "SELECT S.*, DATE_FORMAT(timestamp, '".$config['dateformat']['mysql']['compact']."') AS date $sql"; - foreach (dbFetchRows($sql, $param) as $syslog) { $dev = device_by_id_cache($syslog['device_id']); $response[] = array( @@ -77,6 +76,5 @@ $output = array( 'rowCount' => $rowCount, 'rows' => $response, 'total' => $total, -'sql' => $sql, ); echo _json_encode($output);