diff --git a/html/graphs b/html/graphs index f37cb17ed..08ab9b260 120000 --- a/html/graphs +++ b/html/graphs @@ -1 +1 @@ -../graphs/ \ No newline at end of file +../graphs \ No newline at end of file diff --git a/html/index.php b/html/index.php index 321cdb375..cbf3a3afc 100755 --- a/html/index.php +++ b/html/index.php @@ -28,7 +28,9 @@ if($_GET[debug]) { <?php echo($config['page_title']); ?> - + + + "); } ?> diff --git a/html/pages/devices.php b/html/pages/devices.php index 803aa67b8..7fba3f8df 100644 --- a/html/pages/devices.php +++ b/html/pages/devices.php @@ -10,11 +10,9 @@ if($_GET['status'] == "alerted") { } $device_query = mysql_query($sql); - echo(""); - while($device = mysql_fetch_array($device_query)) { - if( devicepermitted($device['device_id']) || $_SESSION['userlevel'] >= '5' ) { + if( devicepermitted($device['device_id']) ) { $device['uptime'] = @mysql_result(mysql_query("SELECT `attrib_value` FROM `devices_attribs` WHERE `device_id` = '" . $device['device_id'] ."' AND `attrib_type` = 'uptime'"), 0); include("includes/hostbox.inc"); } diff --git a/includes/functions.php b/includes/functions.php index d67dadcf8..95babe5f1 100755 --- a/includes/functions.php +++ b/includes/functions.php @@ -92,8 +92,8 @@ function strgen ($length = 16) return $string; } -function billpermitted($bill_id) { - +function billpermitted($bill_id) +{ global $_SESSION; if($_SESSION['userlevel'] >= "5") { $allowed = TRUE; @@ -112,21 +112,26 @@ function interfacepermitted($interface_id) global $_SESSION; if($_SESSION['userlevel'] >= "5") { $allowed = TRUE; - } elseif ( devicepermitted(mysql_result(mysql_query("SELECT device_id FROM interfaces WHERE interface_id = '$interface_id'"),0))) { + } elseif ( devicepermitted(mysql_result(mysql_query("SELECT `device_id` FROM `interfaces` WHERE `interface_id` = '$interface_id'"),0))) { $allowed = TRUE; - } elseif ( @mysql_result(mysql_query("SELECT interface_id FROM interfaces_perms WHERE `user_id` = '" . $_SESSION['user_id'] . "' AND `interface_id` = $interface_id"), 0)) { + } elseif ( @mysql_result(mysql_query("SELECT `interface_id` FROM `interfaces_perms` WHERE `user_id` = '" . $_SESSION['user_id'] . "' AND `interface_id` = $interface_id"), 0)) { $allowed = TRUE; - } else { $allowed = FALSE; } + } else { + $allowed = FALSE; + } return $allowed; } function devicepermitted($device_id) { global $_SESSION; - if($_SESSION['userlevel'] >= "5") { $allowed = true; + if($_SESSION['userlevel'] >= "5") { + $allowed = true; } elseif ( @mysql_result(mysql_query("SELECT * FROM devices_perms WHERE `user_id` = '" . $_SESSION['user_id'] . "' AND `device_id` = $device_id"), 0) > '0' ) { $allowed = true; - } else { $allowed = false; } + } else { + $allowed = false; + } return $allowed; }