github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 18:49:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

secured way to display rrd charts

Browse source
This commit is contained in:
Serghey Rodin 2014-04-16 14:24:37 +03:00
commit 133a245528
2 changed files with 15 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

13
web/list/rrd/image.php Normal file
View file

@ -0,0 +1,13 @@
<?php
session_start();
if ($_SESSION['user'] != 'admin') exit;
$real_path = realpath($_SERVER["DOCUMENT_ROOT"].$_SERVER['QUERY_STRING']);
if (empty($real_path)) exit;
$dir_name = dirname($real_path);
$dir_name = dirname($dir_name);
if ($dir_name != $_SERVER["DOCUMENT_ROOT"].'/rrd') exit;
header("X-Accel-Redirect: ".$_SERVER['QUERY_STRING']);
header("Content-Type: image/png");
?>

4
web/templates/admin/list_rrd.html
View file

@ -38,7 +38,7 @@
</table>
</td>
<td class="data-dotted">
<a href="/rrd/<?php echo $data[$key]['TYPE']."/".$period."-".$data[$key]['RRD'].".png" ?>" target="_blank" class="data-controls">
<a href="/list/rrd/image.php?/rrd/<?php echo $data[$key]['TYPE']."/".$period."-".$data[$key]['RRD'].".png"?>" target="_blank" class="data-controls">
<span>
<img src="/images/download.png" width="8px" height="8px">
<?php print __('download');?>
@ -51,7 +51,7 @@
<table>
</tr>
<td style="background: #7a766d;" width="630px" height="250px">
<img style="padding: 0 0 0 36px;" src="/rrd/<?php echo $data[$key]['TYPE']."/".$period."-".$data[$key]['RRD'].".png" ?>">
<img style="padding: 0 0 0 36px;" src="/list/rrd/image.php?/rrd/<?php echo $data[$key]['TYPE']."/".$period."-".$data[$key]['RRD'].".png" ?>">
</td>
</tr>
</table>