Ad Widget

Collapse

Redirecting Users to TRIGGER.URL Pages with Guest Disabled

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • dzm
    Junior Member
    • Jul 2009
    • 4
    #1

    Redirecting Users to TRIGGER.URL Pages with Guest Disabled

    In Zabbix 1.6.4, I've noticed that if you disable the guest account, Zabbix does not redirect you to the page you originally entered before you log in. For example, if you enter http://zabbix-server/events.php, it will prompt you for a login. After you login, it will either redirect you to the url configured in the user profile or to index.php instead of events.php. This is a simple change to index.php which specifically addresses this situation:

    1. Guest account is disabled so that the user name of the person acknowledging an alert is logged.
    2. A URL is used in actions to email a message alert with a link to acknowlege the alert (i.e. http://zabbix-server/acknow.php?eventid={EVENT.ID}).
    3. You want users to click on the URL in the email to acknowlege a specific alert directly instead of having to go to the events page and sort through a large number of alerts.

    Potential downside: Users will not be redirected to the last page they were on in their previous login.

    To make this change, modify {zabbix-dir}/php/index.php:

    Change:
    if(empty($row['url'])){
    $row['url'] = get_profile('web.menu.view.last','index.php');
    }

    To:
    if(empty($row['url'])){
    $row['url'] = get_profile('web.menu.view.last','index.php');
    if(isset($_SERVER['HTTP_REFERER'])){
    $row['url'] = $_SERVER['HTTP_REFERER'];

    }
    }

    This will use the php $_SERVER['HTTP_REFERER'] variable to redirect the user to the URL entered prior to login.
    Tags: http_referer, redirect
    • danrog
      Senior Member
      • Sep 2009
      • 164
      #2
      Just in case anyone wants to do this with 1.8 AND maintain authentication you can do the following:

      Edit index.php.

      Change:
      Code:
      else{   
    echo '<div align="center" class="textcolorstyles">'.S_WELCOME.' <b>'.$USER_DETAILS['alias'].'</b>.</div>';
}
      To:
      Code:
      else{   
     echo '<div align="center" class="textcolorstyles">'.S_WELCOME.' <b>'.$USER_DETAILS['alias'].'</b>.</div>';
     $request = get_request('request');
     // This is to get the correct users SID found in the URL bar
     $request .= "&sid=".substr($sessionid, 16);
     if(isset($request)) redirect($request);
}
      In your trigger action for emails include:
      Code:
      Ack:  http://zabbix.domain.com/zabbix/index.php?login=1&request=/zabbix/acknow.php?triggers[]={TRIGGER.ID}
      Now when you click the link, if you are already authenticated it will redirect you do the ack page, if not, you will have to login and then you are redirected.

        Comment

        • scalft
          Junior Member
          • Apr 2008
          • 12
          #3
          Unfortunately, this is very broken code... When logging in with a fresh session, directly to the index.php page with the above code, I get redirected to http://zabbix_url/zabbix/&sid=XXXXXXXX. Nicely generating a 404 not found. The problem is with the if(isset($request)) statement. By appending "&sid=...." to $ request on the previous line, you have guaranteed that $request will always be set. Therefore, it will always redirect. Not just when the you have supplied a requested URL.

          Code:
           
                $request = get_request('request');
                // This is to get the correct users SID found in the URL bar
                if(isset($request)){ 
                        $request .= "&sid=".substr($sessionid, 16);
                        redirect($request2);
                }
          I modified the code to the above, so now direct logins work, but I am still getting an error loading the Acknowledgment page. For some reason, it is not tacking on the sid... Still working on it.

            Comment

            • danrog
              Senior Member
              • Sep 2009
              • 164
              #4
              Yes, actually i posted this before fully testing (my bad). Try this.

              Code:
                              echo '<div align="center" class="textcolorstyles">'.S_WELCOME.' <b>'.$USER_DETAILS['alias'].'</b>.</div>';
                if(isset($_GET['request'])) {
                        $request = get_request('request');
                        $request .= "&sid=".substr($sessionid, 16);
                        if(isset($request)) redirect($request);
                }

                Comment

                • scalft
                  Junior Member
                  • Apr 2008
                  • 12
                  #5
                  I still can't seem to get it to work. It appears that there is a mechanism built in for handling the request variable in 1.8.1; however, I get the error "Operation cannot be performed due to unauthorized request" after I login.

                  Any other thoughts?

                    Comment

                    Previous template Next
                    Working...