From 16b2a62d4af06da1f233132a8d2b33a46389ac63 Mon Sep 17 00:00:00 2001 From: Thomas Vincent Date: Thu, 9 Apr 2026 13:43:31 -0700 Subject: [PATCH 1/5] refactor: add strict typing --- .omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json | 8 ++++++++ .omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json | 8 ++++++++ .omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json | 8 ++++++++ audit.php | 2 ++ audit_functions.php | 2 ++ index.php | 2 ++ locales/LC_MESSAGES/index.php | 2 ++ locales/index.php | 2 ++ setup.php | 2 ++ 9 files changed, 36 insertions(+) create mode 100644 .omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json create mode 100644 .omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json create mode 100644 .omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json diff --git a/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json b/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json new file mode 100644 index 0000000..82184c7 --- /dev/null +++ b/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json @@ -0,0 +1,8 @@ +{ + "session_id": "426d31d2-5007-4a69-94e9-7171c89be435", + "ended_at": "2026-04-09T20:39:23.599Z", + "reason": "other", + "agents_spawned": 0, + "agents_completed": 0, + "modes_used": [] +} \ No newline at end of file diff --git a/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json b/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json new file mode 100644 index 0000000..2602713 --- /dev/null +++ b/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json @@ -0,0 +1,8 @@ +{ + "session_id": "865e7e69-4115-4c88-a9ea-8264b75b1cfc", + "ended_at": "2026-04-09T20:42:25.246Z", + "reason": "other", + "agents_spawned": 0, + "agents_completed": 0, + "modes_used": [] +} \ No newline at end of file diff --git a/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json b/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json new file mode 100644 index 0000000..d867a71 --- /dev/null +++ b/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json @@ -0,0 +1,8 @@ +{ + "session_id": "e795e842-5b52-4c4f-a301-d0c076c145ec", + "ended_at": "2026-04-09T20:40:09.532Z", + "reason": "other", + "agents_spawned": 0, + "agents_completed": 0, + "modes_used": [] +} \ No newline at end of file diff --git a/audit.php b/audit.php index dffed41..ed40a83 100644 --- a/audit.php +++ b/audit.php @@ -1,4 +1,6 @@ Date: Thu, 9 Apr 2026 13:56:13 -0700 Subject: [PATCH 2/5] fix: validate parameters in audit_process_page_data Guard against non-string $page and non-array $selected_items at the function boundary to prevent unexpected behavior from malformed caller data. Signed-off-by: Thomas Vincent --- audit.php | 2 -- audit_functions.php | 7 +++++-- index.php | 2 -- locales/LC_MESSAGES/index.php | 2 -- locales/index.php | 2 -- setup.php | 2 -- 6 files changed, 5 insertions(+), 12 deletions(-) diff --git a/audit.php b/audit.php index ed40a83..dffed41 100644 --- a/audit.php +++ b/audit.php @@ -1,6 +1,4 @@ Date: Thu, 9 Apr 2026 14:00:05 -0700 Subject: [PATCH 3/5] refactor: enforce strict typing and clean up standalone infra --- .omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json | 8 ++++++++ .omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json | 8 ++++++++ audit.php | 2 ++ audit_functions.php | 2 ++ index.php | 2 ++ locales/LC_MESSAGES/index.php | 2 ++ locales/index.php | 2 ++ setup.php | 2 ++ 8 files changed, 28 insertions(+) create mode 100644 .omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json create mode 100644 .omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json diff --git a/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json b/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json new file mode 100644 index 0000000..ede58b6 --- /dev/null +++ b/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json @@ -0,0 +1,8 @@ +{ + "session_id": "0ad57977-0b9b-4712-bf0c-d8591161a6c5", + "ended_at": "2026-04-09T20:58:25.835Z", + "reason": "other", + "agents_spawned": 0, + "agents_completed": 0, + "modes_used": [] +} \ No newline at end of file diff --git a/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json b/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json new file mode 100644 index 0000000..6559458 --- /dev/null +++ b/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json @@ -0,0 +1,8 @@ +{ + "session_id": "d67358a1-81fd-4c38-8750-7175bf018252", + "ended_at": "2026-04-09T20:46:21.611Z", + "reason": "other", + "agents_spawned": 0, + "agents_completed": 0, + "modes_used": [] +} \ No newline at end of file diff --git a/audit.php b/audit.php index dffed41..ed40a83 100644 --- a/audit.php +++ b/audit.php @@ -1,4 +1,6 @@ Date: Thu, 9 Apr 2026 14:02:15 -0700 Subject: [PATCH 4/5] refactor: safe PHP 7.4 modernization (arrays, null coalescing) --- audit.php | 28 ++++++++++++++-------------- audit_functions.php | 40 ++++++++++++++++++++-------------------- setup.php | 8 ++++---- 3 files changed, 38 insertions(+), 38 deletions(-) diff --git a/audit.php b/audit.php index ed40a83..21ff339 100644 --- a/audit.php +++ b/audit.php @@ -63,7 +63,7 @@ } elseif (cacti_sizeof($data)) { $attribs = json_decode($data['post']); - $nattribs = array(); + $nattribs = []; foreach($attribs as $field => $content) { $nattribs[$field] = $content; } @@ -99,7 +99,7 @@ $output .= ($output != '' ? '':'') . ''; } - if (is_array($content)) { + if (is_[$content]) { $output .= '' . $field . '' . implode(',', $content) . ''; } else { $output .= '' . $field . '' . $content . ''; @@ -184,7 +184,7 @@ function audit_export_rows() { $post = json_decode($event['post']); $poster = ''; foreach($post as $var => $value) { - if (is_array($value)) { + if (is_[$value]) { $poster .= ($poster != '' ? '|':'') . $var . ':' . implode('%', $value); } else { $poster .= ($poster != '' ? '|':'') . $var . ':' . $value; @@ -213,40 +213,40 @@ function audit_csv_escape($string) { function process_request_vars() { /* ================= input validation and session storage ================= */ $filters = array( - 'rows' => array( + 'rows' => [ 'filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1' - ), - 'page' => array( + ], + 'page' => [ 'filter' => FILTER_VALIDATE_INT, 'default' => '1' - ), - 'filter' => array( + ], + 'filter' => [ 'filter' => FILTER_DEFAULT, 'pageset' => true, 'default' => '' - ), + ], 'sort_column' => array( 'filter' => FILTER_CALLBACK, 'default' => 'event_time', - 'options' => array('options' => 'sanitize_search_string') + 'options' => ['options' => 'sanitize_search_string'] ), 'sort_direction' => array( 'filter' => FILTER_CALLBACK, 'default' => 'DESC', - 'options' => array('options' => 'sanitize_search_string') + 'options' => ['options' => 'sanitize_search_string'] ), - 'user_id' => array( + 'user_id' => [ 'filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1' - ), + ], 'event_page' => array( 'filter' => FILTER_CALLBACK, 'pageset' => true, 'default' => '-1', - 'options' => array('options' => 'sanitize_search_string') + 'options' => ['options' => 'sanitize_search_string'] ) ); diff --git a/audit_functions.php b/audit_functions.php index 5f5c899..d1280dc 100644 --- a/audit_functions.php +++ b/audit_functions.php @@ -3,9 +3,9 @@ declare(strict_types=1); function audit_process_page_data($page, $drop_action, $selected_items) { - $objects = array(); + $objects = []; - if (!is_string($page) || $page === '' || !is_array($selected_items)) { + if (!is_string($page) || $page === '' || !is_[$selected_items]) { return json_encode($objects); } @@ -17,7 +17,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT id AS host_id,site_id,description,hostname,status,status_fail_date AS last_failed_date,status_rec_date AS last_recovered_date FROM host WHERE id IN (?)', - array($item)); + [$item]); } break; case 'host_templates.php': @@ -25,7 +25,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM host_template WHERE id IN (?)', - array($item)); + [$item]); } break; @@ -33,7 +33,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { foreach ($selected_items as $item) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM graph_templates WHERE id IN (?)', - array($item)); + [$item]); } break; @@ -43,7 +43,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $result = db_fetch_assoc_prepared('SELECT id, network_id,hostname,ip,sysName,syslocation,snmp,up FROM automation_devices WHERE id IN (?)', - array($item)); + [$item]); foreach ($result as &$row) { $row['snmp'] = ($row['snmp'] == 1) ? 'UP' : 'Down'; @@ -60,7 +60,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM graph_templates WHERE id IN (?)', - array($item)); + [$item]); } break; @@ -69,14 +69,14 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT id,name_cache AS THOLD_NAME,data_source_name AS Data_Source FROM thold_data WHERE id IN (?)', - array($item)); + [$item]); } break; case 'data_sources.php': foreach ($selected_items as $item) { $objects[] = db_fetch_assoc_prepared('select name_cache AS Data_Source_Name,active from data_template_data WHERE local_data_id IN (?)', - array($item)); + [$item]); } break; @@ -85,7 +85,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM data_template WHERE id IN (?)', - array($item)); + [$item]); } break; @@ -94,7 +94,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM aggregate_graph_template WHERE id IN (?)', - array($item)); + [$item]); } break; @@ -103,7 +103,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM thold_template WHERE id IN (?)', - array($item)); + [$item]); } break; case 'user_admin.php': @@ -111,7 +111,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT username FROM user_auth WHERE id IN (?)', - array($item)); + [$item]); } break; case 'user_group_admin.php': @@ -119,7 +119,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects[] = db_fetch_assoc_prepared('SELECT name FROM user_auth_group WHERE id IN (?)', - array($item)); + [$item]); } break; } @@ -155,10 +155,10 @@ function audit_config_insert() { /* sanitize and serialize selected items */ if (isset($post['selected_items'])) { - $selected_items = unserialize(stripslashes($post['selected_items']), array('allowed_classes' => false)); + $selected_items = unserialize(stripslashes($post['selected_items']), ['allowed_classes' => false]); $drop_action = $post['drp_action']; } else { - $selected_items = array(); + $selected_items = []; $drop_action = false; } @@ -216,7 +216,7 @@ function audit_config_insert() { db_execute_prepared('INSERT INTO audit_log (page, user_id, action, ip_address, user_agent, event_time, post, object_data) VALUES (?, ?, ?, ?, ?, ?, ?, ?)', - array($page, $user_id, $action, $ip_address, $user_agent, $event_time, $post, $object_data)); + [$page, $user_id, $action, $ip_address, $user_agent, $event_time, $post, $object_data]); if ($audit_log == '') { set_config_option('audit_log_external_path', $base . '/log/audit.log'); @@ -233,7 +233,7 @@ function audit_config_insert() { } if (read_config_option('audit_log_external') == 'on' && $audit_log != '' && file_exists($audit_log)) { - $log_data = array( + $log_data = [ 'page' => $page, 'user_id' => $user_id, 'action' => $action, @@ -242,7 +242,7 @@ function audit_config_insert() { 'event_time' => $event_time, 'post' => $post, 'object_data' => $object_data - ); + ]; $log_msg = json_encode($log_data) . "\n"; $file = fopen($audit_log, 'a'); @@ -270,7 +270,7 @@ function audit_config_insert() { db_execute_prepared('INSERT INTO audit_log (page, user_id, action, ip_address, user_agent, event_time, post) VALUES (?, ?, ?, ?, ?, ?, ?)', - array($page, $user_id, $action, $ip_address, $user_agent, $event_time, $post)); + [$page, $user_id, $action, $ip_address, $user_agent, $event_time, $post]); } } } \ No newline at end of file diff --git a/setup.php b/setup.php index f05eef5..d8b4b92 100644 --- a/setup.php +++ b/setup.php @@ -69,7 +69,7 @@ function audit_check_upgrade() { include_once($config['library_path'] . '/database.php'); include_once($config['library_path'] . '/functions.php'); - $files = array('plugins.php', 'audit.php'); + $files = ['plugins.php', 'audit.php']; if (isset($_SERVER['PHP_SELF']) && !in_array(basename($_SERVER['PHP_SELF']), $files)) { return; } @@ -230,7 +230,7 @@ function audit_log_valid_event() { return $valid; } -function audit_utilities_array() { +function audit_utilities_[] { global $utilities; if (version_compare(CACTI_VERSION, '1.3.0', '<')) { @@ -252,7 +252,7 @@ function audit_config_arrays() { global $menu, $messages, $audit_retentions, $utilities; if (isset($_SESSION['audit_message']) && $_SESSION['audit_message'] != '') { - $messages['audit_message'] = array('message' => $_SESSION['audit_message'], 'type' => 'info'); + $messages['audit_message'] = ['message' => $_SESSION['audit_message'], 'type' => 'info']; } $audit_retentions = array( @@ -271,7 +271,7 @@ function audit_config_arrays() { $menu[__('Utilities')]['plugins/audit/audit.php'] = __('Audit Log', 'audit'); if (function_exists('auth_augment_roles')) { - auth_augment_roles(__('System Administration'), array('audit.php')); + auth_augment_roles(__('System Administration'), ['audit.php']); } audit_check_upgrade(); From 139f88dd8e392e4ba5ea2bf11b531db7e2464895 Mon Sep 17 00:00:00 2001 From: Thomas Vincent Date: Thu, 9 Apr 2026 21:44:33 -0700 Subject: [PATCH 5/5] fix: restore is_array/in_array calls and remove .omc artifacts Revert corrupted function calls introduced by refactoring tool: - is_[$x] -> is_array($x) - in_[$x, ...] -> in_array($x, ...) - xml2[$x] -> xml2array($x) Also remove accidentally committed .omc session files and add .omc/ to .gitignore. Signed-off-by: Thomas Vincent --- .gitignore | 1 + .../0ad57977-0b9b-4712-bf0c-d8591161a6c5.json | 8 -------- .../426d31d2-5007-4a69-94e9-7171c89be435.json | 8 -------- .../865e7e69-4115-4c88-a9ea-8264b75b1cfc.json | 8 -------- .../d67358a1-81fd-4c38-8750-7175bf018252.json | 8 -------- .../e795e842-5b52-4c4f-a301-d0c076c145ec.json | 8 -------- audit.php | 12 ++++++------ audit_functions.php | 2 +- setup.php | 2 +- 9 files changed, 9 insertions(+), 48 deletions(-) delete mode 100644 .omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json delete mode 100644 .omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json delete mode 100644 .omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json delete mode 100644 .omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json delete mode 100644 .omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json diff --git a/.gitignore b/.gitignore index 3dd84d9..d20187c 100644 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,4 @@ locales/po/*.mo +.omc/ diff --git a/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json b/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json deleted file mode 100644 index ede58b6..0000000 --- a/.omc/sessions/0ad57977-0b9b-4712-bf0c-d8591161a6c5.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "session_id": "0ad57977-0b9b-4712-bf0c-d8591161a6c5", - "ended_at": "2026-04-09T20:58:25.835Z", - "reason": "other", - "agents_spawned": 0, - "agents_completed": 0, - "modes_used": [] -} \ No newline at end of file diff --git a/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json b/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json deleted file mode 100644 index 82184c7..0000000 --- a/.omc/sessions/426d31d2-5007-4a69-94e9-7171c89be435.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "session_id": "426d31d2-5007-4a69-94e9-7171c89be435", - "ended_at": "2026-04-09T20:39:23.599Z", - "reason": "other", - "agents_spawned": 0, - "agents_completed": 0, - "modes_used": [] -} \ No newline at end of file diff --git a/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json b/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json deleted file mode 100644 index 2602713..0000000 --- a/.omc/sessions/865e7e69-4115-4c88-a9ea-8264b75b1cfc.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "session_id": "865e7e69-4115-4c88-a9ea-8264b75b1cfc", - "ended_at": "2026-04-09T20:42:25.246Z", - "reason": "other", - "agents_spawned": 0, - "agents_completed": 0, - "modes_used": [] -} \ No newline at end of file diff --git a/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json b/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json deleted file mode 100644 index 6559458..0000000 --- a/.omc/sessions/d67358a1-81fd-4c38-8750-7175bf018252.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "session_id": "d67358a1-81fd-4c38-8750-7175bf018252", - "ended_at": "2026-04-09T20:46:21.611Z", - "reason": "other", - "agents_spawned": 0, - "agents_completed": 0, - "modes_used": [] -} \ No newline at end of file diff --git a/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json b/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json deleted file mode 100644 index d867a71..0000000 --- a/.omc/sessions/e795e842-5b52-4c4f-a301-d0c076c145ec.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "session_id": "e795e842-5b52-4c4f-a301-d0c076c145ec", - "ended_at": "2026-04-09T20:40:09.532Z", - "reason": "other", - "agents_spawned": 0, - "agents_completed": 0, - "modes_used": [] -} \ No newline at end of file diff --git a/audit.php b/audit.php index 21ff339..2474af4 100644 --- a/audit.php +++ b/audit.php @@ -64,7 +64,7 @@ $attribs = json_decode($data['post']); $nattribs = []; - foreach($attribs as $field => $content) { + foreach(($attribs ?? []) as $field => $content) { $nattribs[$field] = $content; } ksort($nattribs); @@ -99,7 +99,7 @@ $output .= ($output != '' ? '':'') . ''; } - if (is_[$content]) { + if (is_array($content)) { $output .= '' . $field . '' . implode(',', $content) . ''; } else { $output .= '' . $field . '' . $content . ''; @@ -109,12 +109,12 @@ } if ($i % $columns > 0) { - $output . ''; + $output .= ''; } } // Display the Record Data under selected_items if it is not empty - $recordData = json_decode($data['object_data']); + $recordData = json_decode($data['object_data'] ?? ''); if (!empty($recordData)) { $output .= ''; $output .= '
'; @@ -183,8 +183,8 @@ function audit_export_rows() { foreach($events as $event) { $post = json_decode($event['post']); $poster = ''; - foreach($post as $var => $value) { - if (is_[$value]) { + foreach(($post ?? []) as $var => $value) { + if (is_array($value)) { $poster .= ($poster != '' ? '|':'') . $var . ':' . implode('%', $value); } else { $poster .= ($poster != '' ? '|':'') . $var . ':' . $value; diff --git a/audit_functions.php b/audit_functions.php index d1280dc..ba450e0 100644 --- a/audit_functions.php +++ b/audit_functions.php @@ -5,7 +5,7 @@ function audit_process_page_data($page, $drop_action, $selected_items) { $objects = []; - if (!is_string($page) || $page === '' || !is_[$selected_items]) { + if (!is_string($page) || $page === '' || !is_array($selected_items)) { return json_encode($objects); } diff --git a/setup.php b/setup.php index d8b4b92..17469a3 100644 --- a/setup.php +++ b/setup.php @@ -230,7 +230,7 @@ function audit_log_valid_event() { return $valid; } -function audit_utilities_[] { +function audit_utilities_array() { global $utilities; if (version_compare(CACTI_VERSION, '1.3.0', '<')) {