diff --git a/ChangeLog b/ChangeLog index a617b231c9..db6805001c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ PHORONIX TEST SUITE CHANGE-LOG +Phoronix Test Suite (Git) + +phodevi: Input sanitization updates for Phoromatic Server + Phoronix Test Suite 10.8.0 25 December 2021 diff --git a/pts-core/objects/pts_env.php b/pts-core/objects/pts_env.php index 5d53ddaa0f..ba88efab75 100644 --- a/pts-core/objects/pts_env.php +++ b/pts-core/objects/pts_env.php @@ -650,7 +650,7 @@ public static function get_posted_options($limit = false) } if(!empty($v) && $v !== 0) { - $posted[$var] = $v; + $posted[$var] = pts_strings::sanitize($v); } } } diff --git a/pts-core/objects/pts_phoroql.php b/pts-core/objects/pts_phoroql.php index 0ef49ed033..1d94eb3b61 100644 --- a/pts-core/objects/pts_phoroql.php +++ b/pts-core/objects/pts_phoroql.php @@ -22,7 +22,7 @@ class pts_phoroql { - public static function evaluate_search_tree($tree, $join = 'AND', $callback) + public static function evaluate_search_tree($tree, $join = 'AND', $callback = '') { $matches = false; diff --git a/pts-core/objects/pts_result_viewer_embed.php b/pts-core/objects/pts_result_viewer_embed.php index 060000d650..a7f90a19dd 100644 --- a/pts-core/objects/pts_result_viewer_embed.php +++ b/pts-core/objects/pts_result_viewer_embed.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2018 - 2020, Phoronix Media - Copyright (C) 2018 - 2020, Michael Larabel + Copyright (C) 2018 - 2022, Phoronix Media + Copyright (C) 2018 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -119,8 +119,8 @@ public function get_html() $html_options = self::get_html_options_markup($result_file, $_REQUEST, $this->result_public_id, $this->can_delete_results); self::process_request_to_attributes($_REQUEST, $result_file, $extra_attributes); $PAGE .= self::get_html_sort_bar($result_file, $_REQUEST); - $PAGE .= '

' . $result_file->get_title() . '

'; - $PAGE .= '

' . str_replace(PHP_EOL, '
', $result_file->get_description()) . '

'; + $PAGE .= '

' . pts_strings::sanitize($result_file->get_title()) . '

'; + $PAGE .= '

' . str_replace(PHP_EOL, '
', pts_strings::sanitize($result_file->get_description())) . '

'; $PAGE .= '
'; if($this->can_modify_results) { @@ -412,8 +412,6 @@ public function get_html() } } - // $PAGE .= $res . '
'; - // // DISPLAY LOGS // @@ -430,7 +428,6 @@ public function get_html() $button_area .= ' '; } - // // EDITING / DELETE OPTIONS // @@ -452,12 +449,12 @@ public function get_html() } else { - $PAGE .= '
' . $result_object->get_annotation() . '
'; + $PAGE .= '
' . pts_strings::sanitize($result_object->get_annotation()) . '
'; } } else { - $PAGE .= '

' . $result_object->get_annotation() . '

'; + $PAGE .= '

' . pts_strings::sanitize($result_object->get_annotation()) . '

'; } if($button_area != null) { @@ -1023,7 +1020,6 @@ public static function process_result_export_pre_render(&$request, &$result_file } public static function process_result_modify_pre_render(&$result_file, $can_modify_results = false, $can_delete_results = false) { - if(!isset($_REQUEST['modify']) || ($can_modify_results == false && $can_delete_results == false)) { return; diff --git a/pts-core/phoromatic/pages/phoromatic_account_activity.php b/pts-core/phoromatic/pages/phoromatic_account_activity.php index b35a8ab90e..3520d07423 100644 --- a/pts-core/phoromatic/pages/phoromatic_account_activity.php +++ b/pts-core/phoromatic/pages/phoromatic_account_activity.php @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_account_activity implements pts_webui_interface { public static function page_title() @@ -37,9 +36,7 @@ public static function preload($PAGE) } public static function render_page_process($PATH) { - $main = '

Recent Account Activity

'; - $stmt = phoromatic_server::$db->prepare('SELECT * FROM phoromatic_activity_stream WHERE AccountID = :account_id ORDER BY ActivityTime DESC'); $stmt->bindValue(':account_id', $_SESSION['AccountID']); $result = $stmt->execute(); @@ -122,7 +119,6 @@ public static function render_page_process($PATH) $main .= ': ' . $id_link_format; $main .= '
' . PHP_EOL; - } //$main .= '

' . $row['ActivityCreator'] . ' ' . $row['ActivityCreatorType'] . ' ' . $row['ActivityEvent'] . ' ' . $row['ActivityEventID'] . ' ' . $row['ActivityEventType'] . '

'; diff --git a/pts-core/phoromatic/pages/phoromatic_admin.php b/pts-core/phoromatic/pages/phoromatic_admin.php index dec2a0e159..488307fdd9 100644 --- a/pts-core/phoromatic/pages/phoromatic_admin.php +++ b/pts-core/phoromatic/pages/phoromatic_admin.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2014 - 2018, Phoronix Media - Copyright (C) 2014 - 2018, Michael Larabel + Copyright (C) 2014 - 2022, Phoronix Media + Copyright (C) 2014 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_admin implements pts_webui_interface { public static function page_title() @@ -71,10 +70,12 @@ public static function render_page_process($PATH) } else if(isset($_POST['register_username']) && isset($_POST['register_password']) && isset($_POST['register_password_confirm']) && isset($_POST['register_email'])) { + phoromatic_quit_if_invalid_input_found(array('register_username', 'register_password', 'register_password_confirm', 'register_email', 'seed_accountid')); $new_account = create_new_phoromatic_account($_POST['register_username'], $_POST['register_password'], $_POST['register_password_confirm'], $_POST['register_email'], (isset($_POST['seed_accountid']) ? $_POST['seed_accountid'] : null)); } else if(isset($_POST['email_all_subject']) && isset($_POST['email_all_message']) && !empty($_POST['email_all_message'])) { + phoromatic_quit_if_invalid_input_found(array('email_all_subject', 'email_all_message')); $stmt = phoromatic_server::$db->prepare('SELECT * FROM phoromatic_users ORDER BY UserName ASC'); $result = $stmt->execute(); @@ -207,7 +208,6 @@ public static function render_page_process($PATH) 4 The account ID field is optional and is used to pre-seed the account identifier for advanced purposes. The field must be six characters. Leave this field blank if you are unsure.

'; - // $server_log = explode(PHP_EOL, file_get_contents(getenv('PTS_PHOROMATIC_LOG_LOCATION'))); foreach($server_log as $i => $line_item) diff --git a/pts-core/phoromatic/pages/phoromatic_admin_config.php b/pts-core/phoromatic/pages/phoromatic_admin_config.php index ebb3a4c1f3..780ef5adc6 100644 --- a/pts-core/phoromatic/pages/phoromatic_admin_config.php +++ b/pts-core/phoromatic/pages/phoromatic_admin_config.php @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_admin_config implements pts_webui_interface { public static function page_title() diff --git a/pts-core/phoromatic/pages/phoromatic_admin_data.php b/pts-core/phoromatic/pages/phoromatic_admin_data.php index be5f2d5c5f..7ccc7179bb 100644 --- a/pts-core/phoromatic/pages/phoromatic_admin_data.php +++ b/pts-core/phoromatic/pages/phoromatic_admin_data.php @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_admin_data implements pts_webui_interface { public static function page_title() @@ -144,7 +143,7 @@ public static function render_page_process($PATH) $results = 0; while($test_result_row = $test_result_result->fetchArray()) { - $main .= '
  • ' . $test_result_row['Title'] . '
    ' . phoromatic_system_id_to_name($test_result_row['SystemID'], $test_result_row['AccountID']) . '' . phoromatic_user_friendly_timedate($test_result_row['UploadTime']) . '' . $test_result_row['TimesViewed'] . ' Times Viewed
    • '; + $main .= '
  • ' . $test_result_row['Title'] . '
    ' . phoromatic_server::system_id_to_name($test_result_row['SystemID'], $test_result_row['AccountID']) . '' . phoromatic_user_friendly_timedate($test_result_row['UploadTime']) . '' . $test_result_row['TimesViewed'] . ' Times Viewed
    • '; $results++; } @@ -154,7 +153,6 @@ public static function render_page_process($PATH) } $main .= '
    '; $main .= ''; - $main .= '

    Schedules

    '; $main .= '

    Active Test Schedules

    '; $main .= '
    @@ -173,12 +171,11 @@ public static function render_page_process($PATH) do { - $main .= '
  • ' . $row['Title'] . '
    ' . phoromatic_account_id_to_group_name($row['AccountID']) . '' . pts_strings::plural_handler(count(phoromatic_server::systems_associated_with_schedule($row['AccountID'], $row['ScheduleID'])), 'System') . '' . phoromatic_schedule_activeon_string($row['ActiveOn'], $row['RunAt']) . 'Permanently Remove
    • '; + $main .= '
  • ' . $row['Title'] . '
    ' . phoromatic_server::account_id_to_group_name($row['AccountID']) . '' . pts_strings::plural_handler(count(phoromatic_server::systems_associated_with_schedule($row['AccountID'], $row['ScheduleID'])), 'System') . '' . phoromatic_schedule_activeon_string($row['ActiveOn'], $row['RunAt']) . 'Permanently Remove
    • '; } while($row = $result->fetchArray()); } $main .= '
    '; - $main .= '

    Inactive Test Schedules

    '; $main .= '
    '; $main .= '

    Inactive Systems

    -
    '; echo '
    ' . $main . '
    '; diff --git a/pts-core/phoromatic/pages/phoromatic_maintenance_table.php b/pts-core/phoromatic/pages/phoromatic_maintenance_table.php index 14b7cf9280..6cda31da23 100644 --- a/pts-core/phoromatic/pages/phoromatic_maintenance_table.php +++ b/pts-core/phoromatic/pages/phoromatic_maintenance_table.php @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_maintenance_table implements pts_webui_interface { public static function page_title() @@ -89,10 +88,7 @@ public static function render_page_process($PATH) $main .= '' . $c . ''; } - $main .= ''; - - } $main .= ''; diff --git a/pts-core/phoromatic/pages/phoromatic_password.php b/pts-core/phoromatic/pages/phoromatic_password.php index bdb052bc54..12525cce7b 100644 --- a/pts-core/phoromatic/pages/phoromatic_password.php +++ b/pts-core/phoromatic/pages/phoromatic_password.php @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_password implements pts_webui_interface { public static function page_title() diff --git a/pts-core/phoromatic/pages/phoromatic_r_add_test_build_suite_details.php b/pts-core/phoromatic/pages/phoromatic_r_add_test_build_suite_details.php index e3753e17c0..4aa82a1ad4 100644 --- a/pts-core/phoromatic/pages/phoromatic_r_add_test_build_suite_details.php +++ b/pts-core/phoromatic/pages/phoromatic_r_add_test_build_suite_details.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2014 - 2021, Phoronix Media - Copyright (C) 2014 - 2021, Michael Larabel + Copyright (C) 2014 - 2022, Phoronix Media + Copyright (C) 2014 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_r_add_test_build_suite_details implements pts_webui_interface { public static function page_title() @@ -37,6 +36,7 @@ public static function preload($PAGE) } public static function render_page_process($PATH) { + phoromatic_quit_if_invalid_input_found(array('tp')); $test_profile = new pts_test_profile($_GET['tp']); $name = $test_profile->get_title(); $description = $test_profile->get_description(); diff --git a/pts-core/phoromatic/pages/phoromatic_r_basic_suite_details.php b/pts-core/phoromatic/pages/phoromatic_r_basic_suite_details.php index 78311d36cf..6a8323ca97 100644 --- a/pts-core/phoromatic/pages/phoromatic_r_basic_suite_details.php +++ b/pts-core/phoromatic/pages/phoromatic_r_basic_suite_details.php @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_r_basic_suite_details implements pts_webui_interface { public static function page_title() diff --git a/pts-core/phoromatic/pages/phoromatic_result.php b/pts-core/phoromatic/pages/phoromatic_result.php index b0dfa9c127..957fc981e7 100644 --- a/pts-core/phoromatic/pages/phoromatic_result.php +++ b/pts-core/phoromatic/pages/phoromatic_result.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2008 - 2021, Phoronix Media - Copyright (C) 2008 - 2021, Michael Larabel + Copyright (C) 2008 - 2022, Phoronix Media + Copyright (C) 2008 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -121,7 +121,7 @@ public static function render_page_process($PATH) $result_file_title = null; if(count($system_types) == 1) { - $result_file_title = phoromatic_system_id_to_name($system_types[0]) . ' Tests'; + $result_file_title = phoromatic_server::system_id_to_name($system_types[0]) . ' Tests'; } if(!empty($tickets) && $tickets[0] != null) @@ -180,19 +180,19 @@ public static function render_page_process($PATH) $system_name = null; break; case 'SYSTEM_NAME': - $system_name = phoromatic_system_id_to_name($row['SystemID']); + $system_name = phoromatic_server::system_id_to_name($row['SystemID']); break; case 'TRIGGER': $system_name = $row['Trigger']; break; case 'TRIGGER_AND_SYSTEM': - $system_name = phoromatic_system_id_to_name($row['SystemID']) . ': ' . $row['Trigger']; + $system_name = phoromatic_server::system_id_to_name($row['SystemID']) . ': ' . $row['Trigger']; break; case 'SYSTEM_AND_SCHEDULE': $system_name = phoromatic_schedule_id_to_name($row['ScheduleID']) . ': ' . $row['Trigger']; break; default: - $system_name = phoromatic_system_id_to_name($row['SystemID']) . ' - ' . phoromatic_schedule_id_to_name($row['ScheduleID']) . ' - ' . $row['Trigger']; + $system_name = phoromatic_server::system_id_to_name($row['SystemID']) . ' - ' . phoromatic_schedule_id_to_name($row['ScheduleID']) . ' - ' . $row['Trigger']; } if($system_name == null) @@ -205,11 +205,11 @@ public static function render_page_process($PATH) } } - if(($replacement = phoromatic_system_id_to_name($row['SystemID'])) != null) + if(($replacement = phoromatic_server::system_id_to_name($row['SystemID'])) != null) { $system_name = str_replace('.SYSTEM', $replacement, $system_name); } - if(($replacement = phoromatic_account_id_to_group_name($row['AccountID'])) != null) + if(($replacement = phoromatic_server::account_id_to_group_name($row['AccountID'])) != null) { $system_name = str_replace('.GROUP', $replacement, $system_name); } @@ -328,7 +328,7 @@ public static function render_page_process($PATH) foreach($compare_results as &$row) { - $right .= '

    ' . $row['Title'] . '
    ' . phoromatic_system_id_to_name($row['SystemID'], $row['AccountID']) . '

    '; + $right .= '

    ' . $row['Title'] . '
    ' . phoromatic_server::system_id_to_name($row['SystemID'], $row['AccountID']) . '

    '; } $right .= '

    '; diff --git a/pts-core/phoromatic/pages/phoromatic_results.php b/pts-core/phoromatic/pages/phoromatic_results.php index 4173a11ec8..1a5be530f1 100644 --- a/pts-core/phoromatic/pages/phoromatic_results.php +++ b/pts-core/phoromatic/pages/phoromatic_results.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2008 - 2018, Phoronix Media - Copyright (C) 2008 - 2018, Michael Larabel + Copyright (C) 2008 - 2022, Phoronix Media + Copyright (C) 2008 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_results implements pts_webui_interface { public static function page_title() @@ -37,152 +36,216 @@ public static function preload($PAGE) } public static function render_page_process($PATH) { - echo phoromatic_webui_header_logged_in(); - $main = null; + echo phoromatic_webui_header_logged_in(); + $main = null; - if(!PHOROMATIC_USER_IS_VIEWER && isset($PATH[0]) && $PATH[0] == 'delete') - { - $pprids = explode(',', $PATH[1]); + if(!PHOROMATIC_USER_IS_VIEWER && isset($PATH[0]) && $PATH[0] == 'delete') + { + $pprids = explode(',', $PATH[1]); - foreach($pprids as $pprid) + foreach($pprids as $pprid) + { + $stmt = phoromatic_server::$db->prepare('SELECT * FROM phoromatic_results WHERE AccountID = :account_id AND PPRID = :pprid LIMIT 1'); + $stmt->bindValue(':account_id', $_SESSION['AccountID']); + $stmt->bindValue(':pprid', $pprid); + $result = $stmt->execute(); + if($result && ($row = $result->fetchArray())) { - $stmt = phoromatic_server::$db->prepare('SELECT * FROM phoromatic_results WHERE AccountID = :account_id AND PPRID = :pprid LIMIT 1'); - $stmt->bindValue(':account_id', $_SESSION['AccountID']); - $stmt->bindValue(':pprid', $pprid); - $result = $stmt->execute(); - if($result && ($row = $result->fetchArray())) + $composite_xml = phoromatic_server::phoromatic_account_result_path($_SESSION['AccountID'], $row['UploadID']) . 'composite.xml'; + if(is_file($composite_xml)) { - $composite_xml = phoromatic_server::phoromatic_account_result_path($_SESSION['AccountID'], $row['UploadID']) . 'composite.xml'; - if(is_file($composite_xml)) - { - unlink($composite_xml); - } - - pts_file_io::delete(phoromatic_server::phoromatic_account_result_path($_SESSION['AccountID'], $row['UploadID']), null, true); - - $stmt = phoromatic_server::$db->prepare('DELETE FROM phoromatic_results_results WHERE AccountID = :account_id AND UploadID = :upload_id'); - $stmt->bindValue(':account_id', $_SESSION['AccountID']); - $stmt->bindValue(':upload_id', $row['UploadID']); - $result = $stmt->execute(); - - $stmt = phoromatic_server::$db->prepare('DELETE FROM phoromatic_results_systems WHERE AccountID = :account_id AND UploadID = :upload_id'); - $stmt->bindValue(':account_id', $_SESSION['AccountID']); - $stmt->bindValue(':upload_id', $row['UploadID']); - $result = $stmt->execute(); - - + unlink($composite_xml); } - $stmt = phoromatic_server::$db->prepare('DELETE FROM phoromatic_results WHERE AccountID = :account_id AND PPRID = :pprid'); + pts_file_io::delete(phoromatic_server::phoromatic_account_result_path($_SESSION['AccountID'], $row['UploadID']), null, true); + $stmt = phoromatic_server::$db->prepare('DELETE FROM phoromatic_results_results WHERE AccountID = :account_id AND UploadID = :upload_id'); $stmt->bindValue(':account_id', $_SESSION['AccountID']); - $stmt->bindValue(':pprid', $pprid); + $stmt->bindValue(':upload_id', $row['UploadID']); $result = $stmt->execute(); - // TODO XXX fix below - //$upload_dir = phoromatic_server::phoromatic_account_result_path($_SESSION['AccountID'], $upload_id); - //pts_file_io::delete($upload_dir); + $stmt = phoromatic_server::$db->prepare('DELETE FROM phoromatic_results_systems WHERE AccountID = :account_id AND UploadID = :upload_id'); + $stmt->bindValue(':account_id', $_SESSION['AccountID']); + $stmt->bindValue(':upload_id', $row['UploadID']); + $result = $stmt->execute(); } + + $stmt = phoromatic_server::$db->prepare('DELETE FROM phoromatic_results WHERE AccountID = :account_id AND PPRID = :pprid'); + $stmt->bindValue(':account_id', $_SESSION['AccountID']); + $stmt->bindValue(':pprid', $pprid); + $result = $stmt->execute(); + + // TODO XXX fix below + //$upload_dir = phoromatic_server::phoromatic_account_result_path($_SESSION['AccountID'], $upload_id); + //pts_file_io::delete($upload_dir); } + } - if($main == null) + if($main == null) + { + phoromatic_quit_if_invalid_input_found(array('result_limit', 'containing_tests', 'time_end', 'time_start', 'search', 'containing_hardware', 'containing_software')); + if(isset($_POST['result_limit'])) { - if(isset($_POST['result_limit'])) + if(is_numeric($_POST['result_limit']) && $_POST['result_limit'] > 9) { - if(is_numeric($_POST['result_limit']) && $_POST['result_limit'] > 9) - { - $result_limit = $_POST['result_limit']; - } - else - { - $result_limit = 0; - } + $result_limit = $_POST['result_limit']; } else { - $result_limit = 100; + $result_limit = 0; + } + } + else + { + $result_limit = 100; + } + $min_date = strtotime(phoromatic_server::account_created_on($_SESSION['AccountID'])); + $default_start_date = max($min_date, strtotime('-1 year')); + $min_date = date('Y-m-d', $min_date); + $time_start = strtotime(isset($_POST['time_start']) && !empty($_POST['time_start']) ? $_POST['time_start'] : $min_date); + if(empty($time_start)) + { + $time_start = strtotime($min_date); + } + $time_end = strtotime((isset($_POST['time_end']) && !empty($_POST['time_end']) ? $_POST['time_end'] : date('Y-m-d')) . ' 23:59:59'); + if(empty($time_end)) + { + $time_end = strtotime(date('Y-m-d') . ' 23:59:59'); + } + $main .= '
    Results From To   With Tests: With Hardware: With System Software: Search For Limit Results To   '; + $main .= '  
    '; + $main .= '

    ** AND, OR, and NOT search operators supported for tests/hardware/software search fields. **

    '; + $main .= '

    Account Test Results

    '; + $main .= '
    '; + $search_for = (!isset($_POST['search']) || empty($_POST['search']) ? null : 'AND (Title LIKE :search OR Description LIKE :search OR UploadID IN (SELECT UploadID FROM phoromatic_results_systems WHERE AccountID = :account_id AND (Software LIKE :search OR Hardware LIKE :search)))'); + if(isset($_POST['containing_hardware']) && !empty($_POST['containing_hardware'])) + { + $hw_advanced_query = stripos($_POST['containing_hardware'], ' AND ') !== false || stripos($_POST['containing_hardware'], ' OR ') !== false || stripos($_POST['containing_hardware'], ' NOT ') !== false; + if($hw_advanced_query || true) + { + $hw_advanced_query = pts_phoroql::search_query_to_tree($_POST['containing_hardware']); } - $min_date = strtotime(phoromatic_server::account_created_on($_SESSION['AccountID'])); - $default_start_date = max($min_date, strtotime('-1 year')); - $min_date = date('Y-m-d', $min_date); - $time_start = strtotime(isset($_POST['time_start']) && !empty($_POST['time_start']) ? $_POST['time_start'] : $min_date); - if(empty($time_start)) + else { - $time_start = strtotime($min_date); + $search_for .= ' AND UploadID IN (SELECT UploadID FROM phoromatic_results_systems WHERE AccountID = :account_id AND Hardware LIKE :containing_hardware)'; } - $time_end = strtotime((isset($_POST['time_end']) && !empty($_POST['time_end']) ? $_POST['time_end'] : date('Y-m-d')) . ' 23:59:59'); - if(empty($time_end)) + } + if(isset($_POST['containing_software']) && !empty($_POST['containing_software'])) + { + $sw_advanced_query = strpos($_POST['containing_software'], ' AND ') !== false || strpos($_POST['containing_software'], ' OR ') !== false || strpos($_POST['containing_software'], ' NOT ') !== false; + if($sw_advanced_query || true) { - $time_end = strtotime(date('Y-m-d') . ' 23:59:59'); + $sw_advanced_query = pts_phoroql::search_query_to_tree($_POST['containing_software']); } - $main .= '
    Results From To   With Tests: With Hardware: With System Software: Search For Limit Results To   '; - $main .= '  
    '; - $main .= '

    ** AND, OR, and NOT search operators supported for tests/hardware/software search fields. **

    '; - $main .= '

    Account Test Results

    '; - $main .= '
    '; - $search_for = (!isset($_POST['search']) || empty($_POST['search']) ? null : 'AND (Title LIKE :search OR Description LIKE :search OR UploadID IN (SELECT UploadID FROM phoromatic_results_systems WHERE AccountID = :account_id AND (Software LIKE :search OR Hardware LIKE :search)))'); - if(isset($_POST['containing_hardware']) && !empty($_POST['containing_hardware'])) + if(isset($PATH[1]) && $PATH[0] == 'hash') + { + // Find matching comparison hashes + $stmt = phoromatic_server::$db->prepare('SELECT Title, SystemID, ScheduleID, PPRID, UploadTime, TimesViewed, AccountID, UploadID FROM phoromatic_results WHERE AccountID = :account_id ' . $search_for. ' AND ComparisonHash = :comparison_hash ORDER BY UploadTime DESC'); + $stmt->bindValue(':comparison_hash', $PATH[1]); + } + else if(isset($PATH[1]) && $PATH[0] == 'ticket') + { + // Find matching ticket results + $stmt = phoromatic_server::$db->prepare('SELECT Title, SystemID, ScheduleID, PPRID, UploadTime, TimesViewed, AccountID, UploadID FROM phoromatic_results WHERE AccountID = :account_id ' . $search_for. ' AND BenchmarkTicketID = :ticket_id ORDER BY UploadTime DESC'); + $stmt->bindValue(':ticket_id', $PATH[1]); + } + else + { + $stmt = phoromatic_server::$db->prepare('SELECT Title, SystemID, ScheduleID, PPRID, UploadTime, TimesViewed, AccountID, UploadID FROM phoromatic_results WHERE AccountID = :account_id ' . $search_for. ' ORDER BY UploadTime DESC'); + } + + $stmt->bindValue(':account_id', $_SESSION['AccountID']); + $stmt->bindValue(':search', (isset($_POST['search']) ? '%' . $_POST['search'] . '%' : null)); + $stmt->bindValue(':containing_hardware', (isset($_POST['containing_hardware']) ? '%' . $_POST['containing_hardware'] . '%' : null)); + $stmt->bindValue(':containing_software', (isset($_POST['containing_software']) ? '%' . $_POST['containing_software'] . '%' : null)); + $test_result_result = $stmt->execute(); + $results = 0; + $containing_tests = isset($_POST['containing_tests']) ? $_POST['containing_tests'] : null; + if(!empty($containing_tests)) + { + $containing_tests = pts_phoroql::search_query_to_tree($containing_tests); + } + + while($test_result_row = $test_result_result->fetchArray()) + { + if(strtotime($test_result_row['UploadTime']) > $time_end) { - $hw_advanced_query = stripos($_POST['containing_hardware'], ' AND ') !== false || stripos($_POST['containing_hardware'], ' OR ') !== false || stripos($_POST['containing_hardware'], ' NOT ') !== false; - if($hw_advanced_query || true) - { - $hw_advanced_query = pts_phoroql::search_query_to_tree($_POST['containing_hardware']); - } - else - { - $search_for .= ' AND UploadID IN (SELECT UploadID FROM phoromatic_results_systems WHERE AccountID = :account_id AND Hardware LIKE :containing_hardware)'; - } + continue; } - if(isset($_POST['containing_software']) && !empty($_POST['containing_software'])) + if(strtotime($test_result_row['UploadTime']) < $time_start) { - $sw_advanced_query = strpos($_POST['containing_software'], ' AND ') !== false || strpos($_POST['containing_software'], ' OR ') !== false || strpos($_POST['containing_software'], ' NOT ') !== false; - if($sw_advanced_query || true) - { - $sw_advanced_query = pts_phoroql::search_query_to_tree($_POST['containing_software']); - } - else - { - $search_for .= ' AND UploadID IN (SELECT UploadID FROM phoromatic_results_systems WHERE AccountID = :account_id AND Software LIKE :containing_software)'; - } + //break; } - $main .= '

    • Recent Test Results

      • '; - - if(isset($PATH[1]) && $PATH[0] == 'hash') + if(!empty($result_limit) && $result_limit > 1 && $result_limit == $results) { - // Find matching comparison hashes - $stmt = phoromatic_server::$db->prepare('SELECT Title, SystemID, ScheduleID, PPRID, UploadTime, TimesViewed, AccountID, UploadID FROM phoromatic_results WHERE AccountID = :account_id ' . $search_for. ' AND ComparisonHash = :comparison_hash ORDER BY UploadTime DESC'); - $stmt->bindValue(':comparison_hash', $PATH[1]); + break; } - else if(isset($PATH[1]) && $PATH[0] == 'ticket') + + $composite_xml = phoromatic_server::phoromatic_account_result_path($test_result_row['AccountID'], $test_result_row['UploadID']) . 'composite.xml'; + $result_file = new pts_result_file($composite_xml); + + if(isset($_POST['containing_hardware']) && !empty($_POST['containing_hardware']) && $hw_advanced_query) { - // Find matching ticket results - $stmt = phoromatic_server::$db->prepare('SELECT Title, SystemID, ScheduleID, PPRID, UploadTime, TimesViewed, AccountID, UploadID FROM phoromatic_results WHERE AccountID = :account_id ' . $search_for. ' AND BenchmarkTicketID = :ticket_id ORDER BY UploadTime DESC'); - $stmt->bindValue(':ticket_id', $PATH[1]); + //if(!$result_file->contains_system_hardware($_POST['containing_hardware'])) + if(!pts_phoroql::evaluate_search_tree($hw_advanced_query, 'AND', array($result_file, 'contains_system_hardware'))) + { + continue; + } } - else + if(isset($_POST['containing_software']) && !empty($_POST['containing_software']) && $sw_advanced_query) { - $stmt = phoromatic_server::$db->prepare('SELECT Title, SystemID, ScheduleID, PPRID, UploadTime, TimesViewed, AccountID, UploadID FROM phoromatic_results WHERE AccountID = :account_id ' . $search_for. ' ORDER BY UploadTime DESC'); + if(!pts_phoroql::evaluate_search_tree($sw_advanced_query, 'AND', array($result_file, 'contains_system_software'))) + { + continue; + } } - - $stmt->bindValue(':account_id', $_SESSION['AccountID']); - $stmt->bindValue(':search', (isset($_POST['search']) ? '%' . $_POST['search'] . '%' : null)); - $stmt->bindValue(':containing_hardware', (isset($_POST['containing_hardware']) ? '%' . $_POST['containing_hardware'] . '%' : null)); - $stmt->bindValue(':containing_software', (isset($_POST['containing_software']) ? '%' . $_POST['containing_software'] . '%' : null)); - $test_result_result = $stmt->execute(); - $results = 0; - $containing_tests = isset($_POST['containing_tests']) ? $_POST['containing_tests'] : null; if(!empty($containing_tests)) { - $containing_tests = pts_phoroql::search_query_to_tree($containing_tests); + if(!pts_phoroql::evaluate_search_tree($containing_tests, 'AND', array($result_file, 'contains_test'))) + { + continue; + } } - while($test_result_row = $test_result_result->fetchArray()) + $main .= '
    • ' . $test_result_row['Title'] . '
      ' . phoromatic_server::system_id_to_name($test_result_row['SystemID']) . '' . phoromatic_user_friendly_timedate($test_result_row['UploadTime']) . '' . $test_result_row['TimesViewed'] . ' Times Viewed
      • '; + $results++; + } + if($results == 0) + { + $main .= '
    • No Results Found
      • '; + } + else if($results > 3) + { + $main .= '
    • ' . $results . ' Results
      • '; + } + $main .= '
    '; + $main .= '
    '; + + $result_share_opt = phoromatic_server::read_setting('force_result_sharing') ? '1 = 1' : 'AccountID IN (SELECT AccountID FROM phoromatic_account_settings WHERE LetOtherGroupsViewResults = "1")'; + $stmt = phoromatic_server::$db->prepare('SELECT Title, SystemID, ScheduleID, PPRID, UploadTime, TimesViewed, AccountID, UploadID FROM phoromatic_results WHERE ' . $result_share_opt . ' AND AccountID != :account_id ' . $search_for. ' ORDER BY UploadTime DESC'); + $stmt->bindValue(':account_id', $_SESSION['AccountID']); + $stmt->bindValue(':search', (isset($_POST['search']) ? '%' . $_POST['search'] . '%' : null)); + $stmt->bindValue(':containing_hardware', (isset($_POST['containing_hardware']) ? '%' . $_POST['containing_hardware'] . '%' : null)); + $stmt->bindValue(':containing_software', (isset($_POST['containing_software']) ? '%' . $_POST['containing_software'] . '%' : null)); + $test_result_result = $stmt->execute(); + if(!empty($test_result_result) && ($test_result_row = $test_result_result->fetchArray())) + { + $main .= '
    '; + $main .= '
    '; - $main .= '
    '; - - $result_share_opt = phoromatic_server::read_setting('force_result_sharing') ? '1 = 1' : 'AccountID IN (SELECT AccountID FROM phoromatic_account_settings WHERE LetOtherGroupsViewResults = "1")'; - $stmt = phoromatic_server::$db->prepare('SELECT Title, SystemID, ScheduleID, PPRID, UploadTime, TimesViewed, AccountID, UploadID FROM phoromatic_results WHERE ' . $result_share_opt . ' AND AccountID != :account_id ' . $search_for. ' ORDER BY UploadTime DESC'); - $stmt->bindValue(':account_id', $_SESSION['AccountID']); - $stmt->bindValue(':search', (isset($_POST['search']) ? '%' . $_POST['search'] . '%' : null)); - $stmt->bindValue(':containing_hardware', (isset($_POST['containing_hardware']) ? '%' . $_POST['containing_hardware'] . '%' : null)); - $stmt->bindValue(':containing_software', (isset($_POST['containing_software']) ? '%' . $_POST['containing_software'] . '%' : null)); - $test_result_result = $stmt->execute(); - if(!empty($test_result_result) && ($test_result_row = $test_result_result->fetchArray())) - { - $main .= '
    '; - $main .= '

    • Results Shared By Other Groups

      • '; - $results = 0; - do - { - if(strtotime($test_result_row['UploadTime']) > $time_end) - { - continue; - } - if(strtotime($test_result_row['UploadTime']) < $time_start) - { - //break; - } - if(!empty($result_limit) && $result_limit > 1 && $result_limit == $results) - { - break; - } - - $composite_xml = phoromatic_server::phoromatic_account_result_path($test_result_row['AccountID'], $test_result_row['UploadID']) . 'composite.xml'; - $result_file = new pts_result_file($composite_xml); - - if(isset($_POST['containing_hardware']) && !empty($_POST['containing_hardware']) && $hw_advanced_query) - { - //if(!$result_file->contains_system_hardware($_POST['containing_hardware'])) - if(!pts_phoroql::evaluate_search_tree($hw_advanced_query, 'AND', array($result_file, 'contains_system_hardware'))) - { - continue; - } - } - if(isset($_POST['containing_software']) && !empty($_POST['containing_software']) && $sw_advanced_query) - { - if(!pts_phoroql::evaluate_search_tree($sw_advanced_query, 'AND', array($result_file, 'contains_system_software'))) - { - continue; - } - } - - if(!empty($containing_tests)) - { - if(!pts_phoroql::evaluate_search_tree($containing_tests, 'AND', array($result_file, 'contains_test'))) - { - continue; - } - } - - $main .= '
    • ' . $test_result_row['Title'] . '
      ' . phoromatic_account_id_to_group_name($test_result_row['AccountID']) . '' . phoromatic_system_id_to_name($test_result_row['SystemID'], $test_result_row['AccountID']) . '' . phoromatic_user_friendly_timedate($test_result_row['UploadTime']) . '' . $test_result_row['TimesViewed'] . ' Times Viewed
      • '; - $results++; - } - while($test_result_row = $test_result_result->fetchArray()); - $main .= '
    '; - } } + } - echo phoromatic_webui_main($main); - echo phoromatic_webui_footer(); + echo phoromatic_webui_main($main); + echo phoromatic_webui_footer(); } } diff --git a/pts-core/phoromatic/pages/phoromatic_sched.php b/pts-core/phoromatic/pages/phoromatic_sched.php index 5567decccf..c376fe09a8 100644 --- a/pts-core/phoromatic/pages/phoromatic_sched.php +++ b/pts-core/phoromatic/pages/phoromatic_sched.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2014 - 2017, Phoronix Media - Copyright (C) 2014 - 2017, Michael Larabel + Copyright (C) 2014 - 2022, Phoronix Media + Copyright (C) 2014 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_sched implements pts_webui_interface { public static function page_title() @@ -236,53 +235,53 @@ public static function render_page_process($PATH)

    Time-Based Testing

    Time-based testing allows tests to automatically commence at a given time on a defined cycle each day/week. This option is primarly aimed for those wishing to run a set of benchmarks every morning or night or at another defined period.

    Run Time:

    -

    '; - for($i = 0; $i <= 23; $i++) - { - $i_f = (strlen($i) == 1 ? '0' . $i : $i); - $main .= ''; - } - - $main .= '

    Active On:

    '; - $week = array('Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday', 'Sunday'); - foreach($week as $index => $day) - { - $main .= ' ' . $day; - } + $main .= '

    Active On:

    '; + $week = array('Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday', 'Sunday'); + foreach($week as $index => $day) + { + $main .= ' ' . $day; + } -$main .= '

    + $main .= '

    + + +

    Trigger-Based Testing

    To carry out trigger-based testing, you can simply have an external process/script trigger ("ping") a specialized URL whenever an event occurs to commence a new round of testing. This is the most customizable approach to having Phoromatic run tests on a system if you wish to have it occur whenever a Git/SVN commit takes place or other operations. +

    Once creating the test schedule there will be a specialized URL you can use for "pinging" where you can pass it a Git commit hash, SVN revision number, date, or other unique identifiers to externally trigger the test schedules and systems to begin testing. This custom trigger is passed to any of the used context scripts for setting up the system in an appropriate state.

    + + +

    One-Time / Manual Testing

    Carrying out Phoromatic-controlled benchmark on no routine schedule, similar to the trigger-based testing. +

    If you wish to only run a set of tests once on a given system or to do so seldom with the same set of tests, simply proceed with creating the test schedule without setting any run time / active days. When going to the web page for this test schedule there will be a button to trigger the tests to run on all affected systems. One-time benchmarking can also be setup via the Run A Benchmark page.

    + + '; + + $main .= (empty($env_var_edit) ? '

    Advanced Options

    '; } - - $stmt = phoromatic_server::$db->prepare('SELECT Title, SystemID, ScheduleID, PPRID, UploadTime FROM phoromatic_results WHERE AccountID = :account_id AND ScheduleID = :schedule_id ORDER BY UploadTime DESC'); $stmt->bindValue(':account_id', $_SESSION['AccountID']); $stmt->bindValue(':schedule_id', $PATH[0]); @@ -446,7 +443,7 @@ public static function render_page_process($PATH) { continue; } - $main .= '
  • ' . $test_result_row['Title'] . '
    ' . phoromatic_system_id_to_name($test_result_row['SystemID']) . '' . phoromatic_user_friendly_timedate($test_result_row['UploadTime']) . '
    • '; + $main .= '
  • ' . $test_result_row['Title'] . '
    ' . phoromatic_server::system_id_to_name($test_result_row['SystemID']) . '' . phoromatic_user_friendly_timedate($test_result_row['UploadTime']) . '
    • '; $results++; } @@ -489,116 +486,110 @@ public static function render_page_process($PATH) $main = '

    Test Schedules

    -

    Test schedules are used for tests that are intended to be run on a recurring basis -- either daily or other defined time period -- or whenever a trigger/event occurs, like a new Git commit to a software repository being tracked. Test schedules can be run on any given system(s)/group(s) and can be later edited.

    '; - - if(!PHOROMATIC_USER_IS_VIEWER) - { - $main .= ' -
    -

    Create A Schedule

    -

    Create a schedule followed by adding tests/suites to run for that schedule on the selected systems.

    '; - } - - $main .= '

    Current Schedules

    '; +

    Test schedules are used for tests that are intended to be run on a recurring basis -- either daily or other defined time period -- or whenever a trigger/event occurs, like a new Git commit to a software repository being tracked. Test schedules can be run on any given system(s)/group(s) and can be later edited.

    '; + if(!PHOROMATIC_USER_IS_VIEWER) + { + $main .= ' +
    +

    Create A Schedule

    +

    Create a schedule followed by adding tests/suites to run for that schedule on the selected systems.

    '; + } - $main .= '
    - +
    '; - $main .= '

    Schedule Overview

    '; - $week = array('Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday', 'Sunday'); + $main .= '

    Schedule Overview

    '; + $week = array('Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday', 'Sunday'); - foreach($week as $i => $day) + foreach($week as $i => $day) + { + $stmt = phoromatic_server::$db->prepare('SELECT Title, ScheduleID, RunAt, RunTargetGroups, RunTargetSystems FROM phoromatic_schedules WHERE AccountID = :account_id AND State >= 1 AND ActiveOn LIKE :active_on ORDER BY RunAt,ActiveOn,Title ASC'); + $stmt->bindValue(':account_id', $_SESSION['AccountID']); + $stmt->bindValue(':active_on', '%' . $i . '%'); + $result = $stmt->execute(); + $has_matched = false; + while($row = $result->fetchArray()) { - $stmt = phoromatic_server::$db->prepare('SELECT Title, ScheduleID, RunAt, RunTargetGroups, RunTargetSystems FROM phoromatic_schedules WHERE AccountID = :account_id AND State >= 1 AND ActiveOn LIKE :active_on ORDER BY RunAt,ActiveOn,Title ASC'); - $stmt->bindValue(':account_id', $_SESSION['AccountID']); - $stmt->bindValue(':active_on', '%' . $i . '%'); - $result = $stmt->execute(); - $has_matched = false; - while($row = $result->fetchArray()) + if(!$has_matched) { - if(!$has_matched) - { - $main .= '

    ' . $day . '

    ' . PHP_EOL . '

    '; - $has_matched = true; - } - $main .= '' . $row['RunAt'] . ' ' . $row['Title'] . ''; - //$main .= $row['RunTargetSystems'] . ' ' . $row['RunTargetGroups']; - $main .= '
    '; + $main .= '

    ' . $day . '

    ' . PHP_EOL . '

    '; + $has_matched = true; } - - if($has_matched) - $main .= '

    ' . PHP_EOL; - + $main .= '' . $row['RunAt'] . ' ' . $row['Title'] . ''; + //$main .= $row['RunTargetSystems'] . ' ' . $row['RunTargetGroups']; + $main .= '
    '; } - $main .= '
    - +
    '; - echo '
    ' . $main . '
    '; - echo phoromatic_webui_footer(); + echo '
    ' . $main . '
    '; + echo phoromatic_webui_footer(); } } diff --git a/pts-core/phoromatic/pages/phoromatic_search.php b/pts-core/phoromatic/pages/phoromatic_search.php index affd186093..82e5fe5a3a 100644 --- a/pts-core/phoromatic/pages/phoromatic_search.php +++ b/pts-core/phoromatic/pages/phoromatic_search.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2014 - 2018, Phoronix Media - Copyright (C) 2014 - 2018, Michael Larabel + Copyright (C) 2014 - 2022, Phoronix Media + Copyright (C) 2014 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_search implements pts_webui_interface { public static function page_title() @@ -178,8 +177,7 @@ protected static function search_test_systems($q) } public static function render_page_process($PATH) { - $search_query = $_REQUEST['search']; - + $search_query = pts_strings::sanitize($_REQUEST['search']); $main = null; if(strlen($search_query) < 4) diff --git a/pts-core/phoromatic/pages/phoromatic_settings.php b/pts-core/phoromatic/pages/phoromatic_settings.php index 3bde029a38..c2394c5678 100644 --- a/pts-core/phoromatic/pages/phoromatic_settings.php +++ b/pts-core/phoromatic/pages/phoromatic_settings.php @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_settings implements pts_webui_interface { public static function page_title() diff --git a/pts-core/phoromatic/pages/phoromatic_system_claim.php b/pts-core/phoromatic/pages/phoromatic_system_claim.php index 5f18e82606..cdf2c8a866 100644 --- a/pts-core/phoromatic/pages/phoromatic_system_claim.php +++ b/pts-core/phoromatic/pages/phoromatic_system_claim.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2008 - 2015, Phoronix Media - Copyright (C) 2008 - 2015, Michael Larabel + Copyright (C) 2008 - 2022, Phoronix Media + Copyright (C) 2008 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_system_claim implements pts_webui_interface { public static function page_title() @@ -43,36 +42,36 @@ public static function render_page_process($PATH) if(!PHOROMATIC_USER_IS_VIEWER) { -if(function_exists('ssh2_connect') && isset($_POST['ip']) && isset($_POST['port']) && isset($_POST['password']) && isset($_POST['username'])) -{ - $connection = ssh2_connect($_POST['ip'], $_POST['port']); + if(function_exists('ssh2_connect') && isset($_POST['ip']) && isset($_POST['port']) && isset($_POST['password']) && isset($_POST['username'])) + { + $connection = ssh2_connect($_POST['ip'], $_POST['port']); - if(ssh2_auth_password($connection, $_POST['username'], $_POST['password'])) - { - $tmp_local_file = tempnam('/tmp', 'pts-ssh'); - $tmp_remote_file = 'pts-ssh-' . rand(9999, 99999); - - file_put_contents($tmp_local_file, '#!/bin/sh -if [ -w /var/lib/phoronix-test-suite/ ] -then - PHORO_FILE_PATH=/var/lib/phoronix-test-suite/ -elif [ -w $HOME/.phoronix-test-suite/ ] -then - PHORO_FILE_PATH=$HOME/.phoronix-test-suite/ -fi - -echo "' . phoromatic_web_socket_server_ip() . '" >> $PHORO_FILE_PATH/phoromatic-servers -mkdir -p $PHORO_FILE_PATH/modules-data/phoromatic -echo "' . phoromatic_web_socket_server_addr() . '" > $PHORO_FILE_PATH/modules-data/phoromatic/last-phoromatic-server -'); - - ssh2_scp_send($connection, $tmp_local_file, $tmp_remote_file); - unlink($tmp_local_file); - ssh2_exec($connection, 'chmod +x ' . $tmp_remote_file); - ssh2_exec($connection, './' . $tmp_remote_file); - ssh2_exec($connection, 'rm' . $tmp_remote_file); - } -} + if(ssh2_auth_password($connection, $_POST['username'], $_POST['password'])) + { + $tmp_local_file = tempnam('/tmp', 'pts-ssh'); + $tmp_remote_file = 'pts-ssh-' . rand(9999, 99999); + + file_put_contents($tmp_local_file, '#!/bin/sh + if [ -w /var/lib/phoronix-test-suite/ ] + then + PHORO_FILE_PATH=/var/lib/phoronix-test-suite/ + elif [ -w $HOME/.phoronix-test-suite/ ] + then + PHORO_FILE_PATH=$HOME/.phoronix-test-suite/ + fi + + echo "' . phoromatic_web_socket_server_ip() . '" >> $PHORO_FILE_PATH/phoromatic-servers + mkdir -p $PHORO_FILE_PATH/modules-data/phoromatic + echo "' . phoromatic_web_socket_server_addr() . '" > $PHORO_FILE_PATH/modules-data/phoromatic/last-phoromatic-server + '); + + ssh2_scp_send($connection, $tmp_local_file, $tmp_remote_file); + unlink($tmp_local_file); + ssh2_exec($connection, 'chmod +x ' . $tmp_remote_file); + ssh2_exec($connection, './' . $tmp_remote_file); + ssh2_exec($connection, 'rm' . $tmp_remote_file); + } + } if((isset($_POST['ip_claim']) && !empty($_POST['ip_claim'])) && isset($_POST['ping'])) { $ip_ping = ip2long($_POST['ip_claim']) !== false ? $_POST['ip_claim'] : null; @@ -88,8 +87,8 @@ public static function render_page_process($PATH) { $stmt = phoromatic_server::$db->prepare('INSERT INTO phoromatic_system_association_claims (AccountID, IPAddress, NetworkMAC, CreationTime) VALUES (:account_id, :ip_address, :mac_address, :creation_time)'); $stmt->bindValue(':account_id', $_SESSION['AccountID']); - $stmt->bindValue(':ip_address', $_POST['ip_claim']); - $stmt->bindValue(':mac_address', $_POST['mac_claim']); + $stmt->bindValue(':ip_address', pts_strings::simple($_POST['ip_claim'])); + $stmt->bindValue(':mac_address', pts_strings::simple($_POST['mac_claim'])); $stmt->bindValue(':creation_time', phoromatic_server::current_time()); $result = $stmt->execute(); } @@ -98,8 +97,8 @@ public static function render_page_process($PATH) list($ipc, $macc) = explode(',', $_POST['remove_claim']); $stmt = phoromatic_server::$db->prepare('DELETE FROM phoromatic_system_association_claims WHERE AccountID = :account_id AND NetworkMAC = :mac_address AND IPAddress = :ip_address'); $stmt->bindValue(':account_id', $_SESSION['AccountID']); - $stmt->bindValue(':ip_address', $ipc); - $stmt->bindValue(':mac_address', $macc); + $stmt->bindValue(':ip_address', pts_strings::simple($ipc)); + $stmt->bindValue(':mac_address', pts_strings::simple($macc)); $stmt->bindValue(':creation_time', phoromatic_server::current_time()); $result = $stmt->execute(); } diff --git a/pts-core/phoromatic/pages/phoromatic_systems.php b/pts-core/phoromatic/pages/phoromatic_systems.php index b5a0ff63e2..ff8bb5467d 100644 --- a/pts-core/phoromatic/pages/phoromatic_systems.php +++ b/pts-core/phoromatic/pages/phoromatic_systems.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2008 - 2021, Phoronix Media - Copyright (C) 2008 - 2021, Michael Larabel + Copyright (C) 2008 - 2022, Phoronix Media + Copyright (C) 2008 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -42,11 +42,12 @@ public static function render_page_process($PATH) if(!PHOROMATIC_USER_IS_VIEWER && !empty($PATH[0]) && isset($_POST['system_title']) && !empty($_POST['system_title']) && isset($_POST['system_description']) && isset($_POST['system_state'])) { + phoromatic_quit_if_invalid_input_found(array('system_title', 'system_description', 'system_state')); $stmt = phoromatic_server::$db->prepare('UPDATE phoromatic_systems SET Title = :title, Description = :description, State = :state, CurrentTask = \'Awaiting Task\', BlockPowerOffs = :block_power_offs WHERE AccountID = :account_id AND SystemID = :system_id'); $stmt->bindValue(':account_id', $_SESSION['AccountID']); $stmt->bindValue(':system_id', $PATH[0]); - $stmt->bindValue(':title', $_POST['system_title']); - $stmt->bindValue(':description', $_POST['system_description']); + $stmt->bindValue(':title', pts_strings::simple($_POST['system_title'])); + $stmt->bindValue(':description', pts_strings::sanitize($_POST['system_description'])); $stmt->bindValue(':state', $_POST['system_state']); $stmt->bindValue(':block_power_offs', $_POST['block_power_offs']); $stmt->execute(); @@ -383,7 +384,7 @@ public static function render_page_process($PATH) break; } - $main .= '
  • ' . $test_result_row['Title'] . '
    ' . phoromatic_system_id_to_name($test_result_row['SystemID']) . '' . phoromatic_user_friendly_timedate($test_result_row['UploadTime']) . '
    • '; + $main .= '
  • ' . $test_result_row['Title'] . '
    ' . phoromatic_server::system_id_to_name($test_result_row['SystemID']) . '' . phoromatic_user_friendly_timedate($test_result_row['UploadTime']) . '
    • '; $results++; } @@ -471,6 +472,8 @@ public static function render_page_process($PATH) if($group) { + phoromatic_quit_if_invalid_input_found(array('new_group')); + $group = pts_strings::simple($group); $stmt = phoromatic_server::$db->prepare('INSERT INTO phoromatic_groups (AccountID, GroupName) VALUES (:account_id, :group_name)'); $stmt->bindValue(':account_id', $_SESSION['AccountID']); $stmt->bindValue(':group_name', $group); @@ -529,18 +532,19 @@ public static function render_page_process($PATH) } else if(!PHOROMATIC_USER_IS_VIEWER && isset($_POST['remove_group'])) { + $remove_group = pts_strings::sanitize($_POST['remove_group']); $stmt = phoromatic_server::$db->prepare('DELETE FROM phoromatic_groups WHERE AccountID = :account_id AND GroupName = :group_name'); $stmt->bindValue(':account_id', $_SESSION['AccountID']); - $stmt->bindValue(':group_name', $_POST['remove_group']); + $stmt->bindValue(':group_name', $remove_group); $stmt->execute(); phoromatic_add_activity_stream_event('groups', $group, 'removed'); - $stmt = phoromatic_server::$db->prepare('SELECT SystemID, Groups FROM phoromatic_systems WHERE AccountID = :account_id AND Groups LIKE \'%#' . $_POST['remove_group'] . '#%\''); + $stmt = phoromatic_server::$db->prepare('SELECT SystemID, Groups FROM phoromatic_systems WHERE AccountID = :account_id AND Groups LIKE \'%#' . $remove_group . '#%\''); $stmt->bindValue(':account_id', $_SESSION['AccountID']); $result = $stmt->execute(); while($row = $result->fetchArray()) { - $revised_groups = str_replace('#' . $_POST['remove_group'] . '#', '', $row['Groups']); + $revised_groups = str_replace('#' . $remove_group . '#', '', $row['Groups']); $stmt1 = phoromatic_server::$db->prepare('UPDATE phoromatic_systems SET Groups = :new_groups WHERE AccountID = :account_id AND SystemID = :system_id'); $stmt1->bindValue(':account_id', $_SESSION['AccountID']); @@ -555,7 +559,7 @@ public static function render_page_process($PATH) $stmt = phoromatic_server::$db->prepare('UPDATE phoromatic_systems SET State = :state WHERE AccountID = :account_id AND (julianday() - julianday(LastCommunication)) > :inactive_days_before_removal'); $stmt->bindValue(':account_id', $_SESSION['AccountID']); $stmt->bindValue(':state', -1); - $stmt->bindValue(':inactive_days_before_removal', $_POST['remove_inactive_systems']); + $stmt->bindValue(':inactive_days_before_removal', pts_strings::sanitize($_POST['remove_inactive_systems'])); $stmt->execute(); } @@ -571,8 +575,8 @@ public static function render_page_process($PATH)

    '; } - $main .= '
    + $main .= '

    Systems

    @@ -639,7 +643,6 @@ public static function render_page_process($PATH) $main .= ''; } - $main .= '
    '; if(!PHOROMATIC_USER_IS_VIEWER) @@ -730,9 +733,7 @@ public static function render_page_process($PATH) } $main .= '

    '; - $main .= '

    Remove A Group

    Removing a group is a permanent action that cannot be undone.

    '; - $main .= '

    '; - $main .= '

    Retire Inactive Systems

    This option will soft-delete systems that have not communicated with this Phoromatic Server in more than one week (7 days).

    '; - $main .= '

    '; } } diff --git a/pts-core/phoromatic/pages/phoromatic_testing.php b/pts-core/phoromatic/pages/phoromatic_testing.php index 590be4bd4a..02fcb0f32f 100644 --- a/pts-core/phoromatic/pages/phoromatic_testing.php +++ b/pts-core/phoromatic/pages/phoromatic_testing.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2016, Phoronix Media - Copyright (C) 2016, Michael Larabel + Copyright (C) 2016 - 2022, Phoronix Media + Copyright (C) 2016 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_testing implements pts_webui_interface { public static function page_title() @@ -43,97 +42,94 @@ public static function render_page_process($PATH) $main = '

    Phoromatic Testing Options

    Test Schedules

    Test schedules are used for tests that are intended to be run on a recurring basis -- either daily or other defined time period -- or whenever a trigger/event occurs, like a new Git commit to a software repository being tracked. Test schedules can be run on any given system(s)/group(s) and can be later edited.

    '; - if(!PHOROMATIC_USER_IS_VIEWER) + if(!PHOROMATIC_USER_IS_VIEWER) + { + $main .= ' +
    +

    Create A Schedule

    +

    Create a schedule followed by adding tests/suites to run for that schedule on the selected systems.

    '; + } + + $main .= '

    Current Schedules

    '; + $main .= '
    + +
    '; - $main .= '

    Current Schedules

    '; + $stmt = phoromatic_server::$db->prepare('SELECT * FROM phoromatic_benchmark_tickets WHERE AccountID = :account_id AND State >= 0 AND TicketIssueTime > :time_cutoff ORDER BY TicketIssueTime DESC LIMIT 30'); + $stmt->bindValue(':account_id', $_SESSION['AccountID']); + $stmt->bindValue(':time_cutoff', (time() - (60 * 60 * 24 * 14))); + $result = $stmt->execute(); + $right = '
    • Benchmark Tickets
      • '; + if($result) + { $main .= '
      - -
      '; - - $stmt = phoromatic_server::$db->prepare('SELECT * FROM phoromatic_benchmark_tickets WHERE AccountID = :account_id AND State >= 0 AND TicketIssueTime > :time_cutoff ORDER BY TicketIssueTime DESC LIMIT 30'); - $stmt->bindValue(':account_id', $_SESSION['AccountID']); - $stmt->bindValue(':time_cutoff', (time() - (60 * 60 * 24 * 14))); - $result = $stmt->execute(); - $right = '
      • Benchmark Tickets
        • '; - - if($result) - { - $main .= '
        -
          -

        • Active Benchmark Tickets

          • '; +
            +

          • Active Benchmark Tickets

            • '; - $row = $result->fetchArray(); + $row = $result->fetchArray(); - if(!empty($row)) - { - do - { - $main .= '
          • ' . $row['Title'] . '
            • '; - } - while($row = $result->fetchArray()); - } - else + if(!empty($row)) + { + do { - $main .= '
          • No Tickets Found
            • '; + $main .= '
          • ' . $row['Title'] . '
            • '; } + while($row = $result->fetchArray()); } - $main .= '
          -
        '; - - if(!PHOROMATIC_USER_IS_VIEWER) + else { - $main .= ' -
        -

        Run A Benchmark

        -

        Run a benchmark is the area where you can run a one-time benchmark on selected system(s) and is also where to go for setting up a stress-run benchmark.

        -
        -

        Create A Suite

        -

        Build a suite, which is a collection of predefined test profiles.

        -
        -

        View Local Suites

        -

        See local suites available for your benchmarking needs.

        '; + $main .= '
      • No Tickets Found
        • '; } - - - echo '
        ' . $main . '
        '; - echo phoromatic_webui_footer(); + } + $main .= '
      + '; + + if(!PHOROMATIC_USER_IS_VIEWER) + { + $main .= ' +
      +

      Run A Benchmark

      +

      Run a benchmark is the area where you can run a one-time benchmark on selected system(s) and is also where to go for setting up a stress-run benchmark.

      +
      +

      Create A Suite

      +

      Build a suite, which is a collection of predefined test profiles.

      +
      +

      View Local Suites

      +

      See local suites available for your benchmarking needs.

      '; + } + + echo '
      ' . $main . '
      '; + echo phoromatic_webui_footer(); } } diff --git a/pts-core/phoromatic/pages/phoromatic_tests.php b/pts-core/phoromatic/pages/phoromatic_tests.php index f363bbd2bc..3ea5c8114a 100644 --- a/pts-core/phoromatic/pages/phoromatic_tests.php +++ b/pts-core/phoromatic/pages/phoromatic_tests.php @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_tests implements pts_webui_interface { public static function page_title() diff --git a/pts-core/phoromatic/pages/phoromatic_tracker.php b/pts-core/phoromatic/pages/phoromatic_tracker.php index f1b0e56321..bb49f62c1c 100644 --- a/pts-core/phoromatic/pages/phoromatic_tracker.php +++ b/pts-core/phoromatic/pages/phoromatic_tracker.php @@ -177,7 +177,6 @@ public static function render_page_process($PATH) while($row = $result->fetchArray()); } - $main .= '
    '; $right = null; diff --git a/pts-core/phoromatic/pages/phoromatic_users.php b/pts-core/phoromatic/pages/phoromatic_users.php index 8168465105..5785851220 100644 --- a/pts-core/phoromatic/pages/phoromatic_users.php +++ b/pts-core/phoromatic/pages/phoromatic_users.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2014 - 2015, Phoronix Media - Copyright (C) 2014 - 2015, Michael Larabel + Copyright (C) 2014 - 2022, Phoronix Media + Copyright (C) 2014 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_users implements pts_webui_interface { public static function page_title() @@ -45,13 +44,15 @@ public static function render_page_process($PATH) if(isset($_POST['group_name'])) { + phoromatic_quit_if_invalid_input_found(array('group_name')); $stmt = phoromatic_server::$db->prepare('UPDATE phoromatic_accounts SET GroupName = :group_name WHERE AccountID = :account_id'); - $stmt->bindValue(':group_name', $_POST['group_name']); + $stmt->bindValue(':group_name', pts_strings::simple($_POST['group_name'])); $stmt->bindValue(':account_id', $_SESSION['AccountID']); $result = $stmt->execute(); } if(isset($_POST['username']) && isset($_POST['password']) && isset($_POST['confirm_password']) && isset($_POST['email'])) { + phoromatic_quit_if_invalid_input_found(array('username', 'email')); // REGISTER NEW USER if(strlen($_POST['username']) < 4 || strpos($_POST['username'], ' ') !== false) { @@ -240,7 +241,7 @@ public static function render_page_process($PATH)

    '; - $group_name = phoromatic_account_id_to_group_name($_SESSION['AccountID']); + $group_name = phoromatic_server::account_id_to_group_name($_SESSION['AccountID']); $main .= '

    Group Name

    A group name is an alternative, user-facing name for this set of accounts. The group name feature is primarily useful for being able to better distinguish results between groups when sharing of data within a large organization, etc. The group name is showed next to test results when viewing results from multiple groups/accounts.

    Group Name

    diff --git a/pts-core/phoromatic/pages/phoromatic_welcome.php b/pts-core/phoromatic/pages/phoromatic_welcome.php index fff7e7c3db..2fd251df91 100644 --- a/pts-core/phoromatic/pages/phoromatic_welcome.php +++ b/pts-core/phoromatic/pages/phoromatic_welcome.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2008 - 2015, Phoronix Media - Copyright (C) 2008 - 2015, Michael Larabel + Copyright (C) 2008 - 2022, Phoronix Media + Copyright (C) 2008 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -20,7 +20,6 @@ along with this program. If not, see . */ - class phoromatic_welcome implements pts_webui_interface { public static function page_title() @@ -42,6 +41,7 @@ public static function render_page_process($PATH) if($account_creation_enabled && isset($_POST['register_username']) && isset($_POST['register_password']) && isset($_POST['register_password_confirm']) && isset($_POST['register_email'])) { + phoromatic_quit_if_invalid_input_found(array('register_username', 'register_email')); $new_account = create_new_phoromatic_account($_POST['register_username'], $_POST['register_password'], $_POST['register_password_confirm'], $_POST['register_email'], (isset($_POST['seed_accountid']) ? $_POST['seed_accountid'] : null)); if($new_account) @@ -60,6 +60,7 @@ public static function render_page_process($PATH) } else if(isset($_POST['username']) && isset($_POST['password']) && strtolower($_POST['username']) == 'rootadmin') { + phoromatic_quit_if_invalid_input_found(array('username')); $admin_pw = phoromatic_server::read_setting('root_admin_pw'); if(empty($admin_pw)) { @@ -94,6 +95,7 @@ public static function render_page_process($PATH) } else if(isset($_POST['username']) && isset($_POST['password'])) { + phoromatic_quit_if_invalid_input_found(array('username')); $matching_user = phoromatic_server::$db->querySingle('SELECT UserName, Password, AccountID, UserID, AdminLevel, CreatedOn FROM phoromatic_users WHERE UserName = \'' . SQLite3::escapeString($_POST['username']) . '\'', true); if(!empty($matching_user)) { @@ -223,8 +225,7 @@ public static function render_page_process($PATH) else { - $box .= ' - + $box .= ' '; - } $box .= '

    View Public Results

    diff --git a/pts-core/phoromatic/phoromatic_functions.php b/pts-core/phoromatic/phoromatic_functions.php index 7319f978a4..d4a8d9abfc 100644 --- a/pts-core/phoromatic/phoromatic_functions.php +++ b/pts-core/phoromatic/phoromatic_functions.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2013 - 2020, Phoronix Media - Copyright (C) 2013 - 2020, Michael Larabel + Copyright (C) 2013 - 2022, Phoronix Media + Copyright (C) 2013 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -23,6 +23,34 @@ define('PHOROMATIC_SERVER_WEB_INTERFACE', true); define('PAGE_LOAD_START_TIME', microtime(true)); +function phoromatic_quit_if_invalid_input_found($input_keys = null) +{ + if(empty($input_keys)) + { + // Check them all if not being selective about what keys to check + $input_keys = array_keys($_REQUEST); + } + // backup as to sanitization and stripping elsewhere, safeguard namely check for things like < for fields that shouldn't have it + // plus a few simple backups as safeguards for words that really have no legit relevance within Phoromatic... + + foreach(array('<', 'document.write', '../', 'onerror', 'onload', 'alert(') as $invalid_string) + { + foreach($input_keys as $key) + { + if(isset($_REQUEST[$key]) && !empty($_REQUEST[$key])) + { + foreach(pts_arrays::to_array($_REQUEST[$key]) as $val_to_check) + { + if(stripos($val_to_check, $invalid_string) !== false) + { + echo 'Exited due to invalid input ( ' . $invalid_string . ') attempted: ' . htmlspecialchars($val_to_check); + exit; + } + } + } + } + } +} function phoromatic_annotate_entry($type, $id, $secondary_id) { $annotate_hash = sha1($id . $secondary_id); @@ -64,7 +92,6 @@ function phoromatic_annotate_entry($type, $id, $secondary_id) $stmt->bindValue(':secondary_id', $secondary_id); $result = $stmt->execute(); $row = $result->fetchArray(); - $output = null; if($row) @@ -164,7 +191,7 @@ function phoromatic_webui_header($left_items, $right = null) { $ret .= '
      '; $ret .= '
    • ' . date('H:i T - j F') . '
      • '; - $group_name = phoromatic_account_id_to_group_name($_SESSION['AccountID']); + $group_name = phoromatic_server::account_id_to_group_name($_SESSION['AccountID']); if($group_name != null) { $ret .= '
    • ' . $group_name . '
      • '; @@ -211,6 +238,11 @@ function phoromatic_webui_header($left_items, $right = null) } function phoromatic_get_posted_var($name, $default_value = null) { + if(isset($_POST[$name])) + { + phoromatic_quit_if_invalid_input_found(array($name)); + } + return isset($_POST[$name]) ? $_POST[$name] : null; } function phoromatic_webui_main($main, $right = null) @@ -467,7 +499,7 @@ function phoromatic_webui_right_panel_logged_in($add = null) $row = $result->fetchArray(); $activity_count = $row['ActivityCount']; - $group_name = phoromatic_account_id_to_group_name($_SESSION['AccountID']); + $group_name = phoromatic_server::account_id_to_group_name($_SESSION['AccountID']); if($group_name != null) { $group_name = '' . $group_name . '
      '; @@ -539,10 +571,8 @@ function phoromatic_web_socket_server_addr() function phoromatic_error_page($title, $description) { echo phoromatic_webui_header(array(''), ''); - $box = '

      ' . $title . '

      -

      ' . $description . '

      -

      To fix this error, try returning to the previous page. Still having problems? Consider opening a GitHub issue report; commercial support customers should contact Phoronix Media.

      '; +

      ' . $description . '

      '; echo phoromatic_webui_box($box); echo phoromatic_webui_footer(); } @@ -573,10 +603,6 @@ function phoromatic_systems_needing_attention() return $main; } -function phoromatic_system_id_to_name($system_id, $aid = false) -{ - return phoromatic_server::system_id_to_name($system_id, $aid); -} function phoromatic_oldest_result_for_schedule($schedule_id) { static $old_time; @@ -609,11 +635,6 @@ function phoromatic_schedule_id_to_name($schedule_id) return $schedule_names[$schedule_id]; } -function phoromatic_account_id_to_group_name($account_id) -{ - // XXX deprecated - return phoromatic_server::account_id_to_group_name($account_id); -} function create_new_phoromatic_account($register_username, $register_password, $register_password_confirm, $register_email, $seed_accountid = null) { // REGISTER NEW USER diff --git a/pts-core/phoromatic/public_html/phoromatic.php b/pts-core/phoromatic/public_html/phoromatic.php index 203134c9b2..cdacd24b39 100644 --- a/pts-core/phoromatic/public_html/phoromatic.php +++ b/pts-core/phoromatic/public_html/phoromatic.php @@ -195,7 +195,7 @@ $stmt->bindValue(':gsid', $GSID); $stmt->bindValue(':access_ip', $_SERVER['REMOTE_ADDR']); $stmt->bindValue(':local_ip', $LOCAL_IP); - $stmt->bindValue(':title', $HOSTNAME); + $stmt->bindValue(':title', pts_strings::simple($HOSTNAME)); $stmt->bindValue(':current_time', phoromatic_server::current_time()); $stmt->bindValue(':machine_self_id', $PTS_MACHINE_SELF_ID); $stmt->bindValue(':core_version', $CLIENT_CORE_VERSION); @@ -244,7 +244,7 @@ $stmt = phoromatic_server::$db->prepare('UPDATE phoromatic_systems SET LastIP = :access_ip, LocalIP = :local_ip, LastCommunication = :current_time, Hardware = :client_hardware, Software = :client_software, SystemProperties = :phodevi_properties, ClientVersion = :client_version, MachineSelfID = :machine_self_id, NetworkMAC = :network_mac, NetworkWakeOnLAN = :network_wol, CoreVersion = :core_version WHERE AccountID = :account_id AND SystemID = :system_id'); $stmt->bindValue(':account_id', $ACCOUNT_ID); $stmt->bindValue(':system_id', SYSTEM_ID); - $stmt->bindValue(':client_hardware', $CLIENT_HARDWARE); + $stmt->bindValue(':client_hardware', pts_strings::simple($CLIENT_HARDWARE)); $stmt->bindValue(':client_software', $CLIENT_SOFTWARE); $stmt->bindValue(':phodevi_properties', $PHODEVI_PROPERTIES); $stmt->bindValue(':client_version', $CLIENT_VERSION); diff --git a/pts-core/phoromatic/public_html/public.php b/pts-core/phoromatic/public_html/public.php index d666cc3096..8b1f0b7d42 100644 --- a/pts-core/phoromatic/public_html/public.php +++ b/pts-core/phoromatic/public_html/public.php @@ -3,8 +3,8 @@ /* Phoronix Test Suite URLs: http://www.phoronix.com, http://www.phoronix-test-suite.com/ - Copyright (C) 2008 - 2021, Phoronix Media - Copyright (C) 2008 - 2021, Michael Larabel + Copyright (C) 2008 - 2022, Phoronix Media + Copyright (C) 2008 - 2022, Michael Larabel This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -130,19 +130,19 @@ $system_name = null; break; case 'SYSTEM_NAME': - $system_name = phoromatic_system_id_to_name($row['SystemID'], $row['AccountID']); + $system_name = phoromatic_server::system_id_to_name($row['SystemID'], $row['AccountID']); break; case 'TRIGGER': $system_name = $row['Trigger']; break; case 'TRIGGER_AND_SYSTEM': - $system_name = phoromatic_system_id_to_name($row['SystemID'], $row['AccountID']) . ': ' . $row['Trigger']; + $system_name = phoromatic_server::system_id_to_name($row['SystemID'], $row['AccountID']) . ': ' . $row['Trigger']; break; case 'SYSTEM_AND_SCHEDULE': $system_name = phoromatic_schedule_id_to_name($row['ScheduleID']) . ': ' . $row['Trigger']; break; default: - $system_name = phoromatic_system_id_to_name($row['SystemID'], $row['AccountID']) . ' - ' . phoromatic_schedule_id_to_name($row['ScheduleID']) . ' - ' . $row['Trigger']; + $system_name = phoromatic_server::system_id_to_name($row['SystemID'], $row['AccountID']) . ' - ' . phoromatic_schedule_id_to_name($row['ScheduleID']) . ' - ' . $row['Trigger']; } $rf = new pts_result_file($composite_xml); @@ -155,53 +155,11 @@ $result_file->merge($result_files, $attributes); $extra_attributes = array(); - $attribute_options = array( - 'normalize_results' => 'normalize_result_buffer', - 'sort_by_performance' => 'sort_result_buffer_values', - 'sort_by_reverse' => 'reverse_result_buffer', - 'sort_by_name' => 'sort_result_buffer', - 'condense_comparison' => 'condense_multi_way', - ); - foreach($attribute_options as $web_var => $attr_var) - { - if(isset($_REQUEST[$web_var])) - { - $extra_attributes[$attr_var] = true; - } - } - - if(isset($_POST['transpose_comparison'])) - { - $result_file->invert_multi_way_invert(); - } - $intent = null; - $main .= '

      ' . $result_file->get_title() . '

      '; - $main .= '

      ' . $result_file->get_description() . '

      '; - $main .= phoromatic_annotate_entry('RESULT', implode(',', $result_ids), 'TOP'); - - if($result_file->get_system_count() == 1 || ($intent = pts_result_file_analyzer::analyze_result_file_intent($result_file, $intent, true))) - { - $table = new pts_ResultFileCompactSystemsTable($result_file, $intent); - } - else - { - $table = new pts_ResultFileSystemsTable($result_file); - } - - $main .= '

      ' . pts_render::render_graph_inline_embed($table, $result_file, $extra_attributes) . '

      '; - - $table = new pts_ResultFileTable($result_file, $intent); - $main .= '

      ' . pts_render::render_graph_inline_embed($table, $result_file, $extra_attributes) . '

      '; - $main .= '
      '; - foreach($result_file->get_result_objects((isset($_POST['show_only_changed_results']) ? 'ONLY_CHANGED_RESULTS' : -1)) as $i => $result_object) - { - $main .= '

      ' . $result_object->test_profile->get_title() . '

      '; - $main .= phoromatic_annotate_entry('RESULT', implode(',', $result_ids), $result_object->get_comparison_hash(true, false)); - $main .= '

      '; - $main .= pts_render::render_graph_inline_embed($result_object, $result_file, $extra_attributes); - $main .= '

      '; - } - $main .= '
      '; + $embed = new pts_result_viewer_embed($result_file); + $embed->show_html_result_table(false); + $embed->show_test_metadata_helper(false); + $embed->include_page_print_only_helpers(false); + $main .= $embed->get_html(); } else { @@ -285,7 +243,7 @@ break; } - $main .= '
    • ' . $test_result_row['Title'] . '
      ' . phoromatic_system_id_to_name($test_result_row['SystemID'], $test_result_row['AccountID']) . '' . phoromatic_user_friendly_timedate($test_result_row['UploadTime']) . '' . $test_result_row['TimesViewed'] . ' Times Viewed
      • '; + $main .= '
    • ' . $test_result_row['Title'] . '
      ' . phoromatic_server::system_id_to_name($test_result_row['SystemID'], $test_result_row['AccountID']) . '' . phoromatic_user_friendly_timedate($test_result_row['UploadTime']) . '' . $test_result_row['TimesViewed'] . ' Times Viewed
      • '; $results++; } if($results == 0)