This file is indexed.

/usr/share/zabbix/popup_right.php is in zabbix-frontend-php 1:2.4.7+dfsg-2ubuntu2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
<?php
/*
** Zabbix
** Copyright (C) 2001-2015 Zabbix SIA
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
**/


require_once dirname(__FILE__).'/include/config.inc.php';

$page['title'] = _('Resource');
$page['file'] = 'popup_right.php';

define('ZBX_PAGE_NO_MENU', 1);

require_once dirname(__FILE__).'/include/page_header.php';

//	VAR					TYPE	OPTIONAL FLAGS	VALIDATION	EXCEPTION
$fields = array(
	'dstfrm' =>		array(T_ZBX_STR, O_MAND,P_SYS, NOT_EMPTY,	null),
	'permission' =>	array(T_ZBX_INT, O_MAND,P_SYS, IN(PERM_DENY.','.PERM_READ.','.PERM_READ_WRITE), null)
);
check_fields($fields);

$dstfrm = getRequest('dstfrm', 0);
$permission = getRequest('permission', PERM_DENY);

/*
 * Display
 */
show_table_header(permission2str($permission));

// host groups
$hostGroupForm = new CForm();
$hostGroupForm->setAttribute('id', 'groups');

$hostGroupTable = new CTableInfo(_('No host groups found.'));
$hostGroupTable->setHeader(new CCol(array(
	new CCheckBox('all_groups', null, 'checkAll(this.checked)'),
	_('Name')
)));

$hostGroups = API::HostGroup()->get(array(
	'output' => array('groupid', 'name')
));

order_result($hostGroups, 'name');

foreach ($hostGroups as $hostGroup) {
	$hostGroupCheckBox = new CCheckBox();
	$hostGroupCheckBox->setAttribute('data-id', $hostGroup['groupid']);
	$hostGroupCheckBox->setAttribute('data-name', $hostGroup['name']);
	$hostGroupCheckBox->setAttribute('data-permission', $permission);

	$hostGroupTable->addRow(new CCol(array($hostGroupCheckBox, $hostGroup['name'])));
}

$hostGroupTable->setFooter(new CCol(new CButton('select', _('Select'), 'addGroups("'.$dstfrm.'")'), 'right'));

$hostGroupForm->addItem($hostGroupTable);
$hostGroupForm->show();

?>
<script type="text/javascript">
	function addGroups(formName) {
		var parentDocument = window.opener.document;

		if (!parentDocument) {
			return close_window();
		}

		jQuery('#groups input[type=checkbox]').each(function() {
			var obj = jQuery(this);

			if (obj.attr('name') !== 'all_groups' && obj.prop('checked')) {
				var id = obj.data('id');

				add_variable('input', 'new_right[' + id + '][permission]', obj.data('permission'), formName,
					parentDocument);
				add_variable('input', 'new_right[' + id + '][name]', obj.data('name'), formName, parentDocument);
			}
		});

		parentDocument.forms[formName].submit();

		close_window();
	}

	function checkAll(value) {
		jQuery('#groups input[type=checkbox]').each(function() {
			jQuery(this).prop('checked', value);
		});
	}
</script>
<?php

require_once dirname(__FILE__).'/include/page_footer.php';