update to php-weathermap 0.97c; various fixes including SECURITY fixes

to improve input validation in the editor (which is not enabled by default)

net/php-weathermap/Makefile

@@ -1,9 +1,8 @@
-# $OpenBSD: Makefile,v 1.12 2013/03/11 11:35:54 espie Exp $
+# $OpenBSD: Makefile,v 1.13 2013/04/22 14:05:07 sthen Exp $
 
 COMMENT=	graphical network traffic map
 
-DISTNAME=	php-weathermap-0.97a
-REVISION=	6
+DISTNAME=	php-weathermap-0.97c
 EXTRACT_SUFX=	.zip
 
 CATEGORIES=	net www
@@ -37,7 +36,6 @@ do-configure:
 	    ${WRKSRC}/weathermap
 
 do-build:
-	chmod 644 ${WRKSRC}/editor.*
 .for i in weathermap.conf configs/simple.conf
 	mv ${WRKSRC}/$i ${WRKSRC}/$i-dist
 .endfor
@@ -45,6 +43,9 @@ do-build:
 do-install:
 	${INSTALL_DATA_DIR} ${INSTDIR}
 	cd ${WRKSRC}; pax -rw * ${INSTDIR}
+	${INSTALL_DATA} ${FILESDIR}/editor-config.php-dist ${INSTDIR}
 	chown -R ${SHAREOWN}:${SHAREGRP} ${INSTDIR}
+	chmod -R u=rwX,og=rX ${INSTDIR}
+	find ${INSTDIR} -name '*.orig' -print0 | xargs -0r rm
 
 .include <bsd.port.mk>

net/php-weathermap/distinfo

@@ -1,5 +1,2 @@
-MD5 (php-weathermap-0.97a.zip) = frcCQ/7xY3IUI7PofX6EtA==
-RMD160 (php-weathermap-0.97a.zip) = ldwQ0lkY2IEPVSwA9bc939OvsVg=
-SHA1 (php-weathermap-0.97a.zip) = 98nG0cN7DWxg4QEfNRMww5bQV6Q=
-SHA256 (php-weathermap-0.97a.zip) = WwxEjiAn4ipsrMOgeHHos9BffJJ645M6nFClMy0CnqU=
-SIZE (php-weathermap-0.97a.zip) = 2927302
+SHA256 (php-weathermap-0.97c.zip) = tNA9EfoXjAecwByYRNHpdzhKSHZGe6KfVlD9+NdNGms=
+SIZE (php-weathermap-0.97c.zip) = 2997650

net/php-weathermap/files/editor-config.php-dist

@@ -0,0 +1,6 @@
+<?php
+
+// The editor will not be used unless this is set to true.
+$ENABLED=false;
+
+?>

net/php-weathermap/patches/patch-editor-config_php-dist

@@ -1,20 +0,0 @@
-$OpenBSD: patch-editor-config_php-dist,v 1.1 2011/09/27 11:15:00 sthen Exp $
-
-Allow editor to be enabled via a config file rather than editing the
-editor.php script itself.
-
---- editor-config.php-dist.orig	Fri Feb 18 22:55:29 2011
-+++ editor-config.php-dist	Fri Feb 18 22:56:07 2011
-@@ -1,10 +1,7 @@
- <?php
- 
--//
--// The editor tries to guess where your cacti installation is, but you
--// may need to copy this file to editor-config.php, and edit the lines below
--// if it doesn't guess correctly.
--//
-+// The editor will not be used unless this is set to true.
-+$ENABLED=false;
- 
- 
- 

net/php-weathermap/patches/patch-editor_inc_php

@@ -1,15 +0,0 @@
-$OpenBSD: patch-editor_inc_php,v 1.1 2011/09/27 11:15:00 sthen Exp $
-
-Restrict editor to .conf files
-
---- editor.inc.php.orig	Fri Feb 18 22:20:48 2011
-+++ editor.inc.php	Fri Feb 18 22:22:17 2011
-@@ -90,7 +90,7 @@ function show_editor_startpage()
- 				$realfile=$mapdir . DIRECTORY_SEPARATOR . $file;
- 				$note = "";
- 
--				if ( (is_file($realfile)) && (is_readable($realfile)) && (!preg_match("/^\./",$file) ) ) {
-+				if ( (is_file($realfile)) && (is_readable($realfile)) && (!preg_match("/^\./",$file)) && (preg_match("/\.conf$/",$file)) ) {
- 					if (!is_writable($realfile)) {
- 						$note .= "(read-only)";
- 					}

net/php-weathermap/patches/patch-editor_php

@@ -1,11 +1,11 @@
-$OpenBSD: patch-editor_php,v 1.1 2011/09/27 11:15:00 sthen Exp $
+$OpenBSD: patch-editor_php,v 1.2 2013/04/22 14:05:07 sthen Exp $
 
 Allow editor to be enabled via a config file rather than editing the
 editor.php script itself.
 
---- editor.php.orig	Fri Feb 18 22:52:38 2011
-+++ editor.php	Fri Feb 18 22:52:47 2011
-@@ -6,13 +6,6 @@ require_once 'Weathermap.class.php';
+--- editor.php.orig	Mon Apr 22 13:41:26 2013
++++ editor.php	Mon Apr 22 13:41:34 2013
+@@ -6,13 +6,6 @@ require_once 'lib/Weathermap.class.php';
  // so that you can't have the editor active, and not know about it.
  $ENABLED=false;
  

net/php-weathermap/patches/patch-lib_datasources_WeatherMapDataSource_mrtg_php

@@ -1,15 +1,15 @@
-$OpenBSD: patch-lib_datasources_WeatherMapDataSource_mrtg_php,v 1.1 2011/09/27 11:15:00 sthen Exp $
+$OpenBSD: patch-lib_datasources_WeatherMapDataSource_mrtg_php,v 1.2 2013/04/22 14:05:07 sthen Exp $
 
 Allow larger headers when scraping bandwidth data from mrtg pages
 
---- lib/datasources/WeatherMapDataSource_mrtg.php.orig	Fri Feb 18 22:28:25 2011
-+++ lib/datasources/WeatherMapDataSource_mrtg.php	Fri Feb 18 22:28:28 2011
+--- lib/datasources/WeatherMapDataSource_mrtg.php.orig	Fri Mar 22 09:26:41 2013
++++ lib/datasources/WeatherMapDataSource_mrtg.php	Mon Apr 22 14:32:24 2013
 @@ -38,7 +38,7 @@ class WeatherMapDataSource_mrtg extends WeatherMapData
  		{
  			while (!feof($fd))
  			{
 -				$buffer=fgets($fd, 4096);
 +				$buffer=fgets($fd, 16384);
- 				debug("MRTG ReadData: Matching on '${matchvalue}in $matchperiod' and '${matchvalue}out $matchperiod'\n");
+ 				wm_debug("MRTG ReadData: Matching on '${matchvalue}in $matchperiod' and '${matchvalue}out $matchperiod'\n");
  
  				if (preg_match("/<\!-- ${matchvalue}in $matchperiod ([-+]?\d+\.?\d*) -->/", $buffer, $matches)) { $data[IN] = $matches[1] * 8; }

net/php-weathermap/pkg/PLIST

@@ -1,13 +1,8 @@
-@comment $OpenBSD: PLIST,v 1.2 2010/03/27 00:00:49 sthen Exp $
+@comment $OpenBSD: PLIST,v 1.3 2013/04/22 14:05:07 sthen Exp $
 weathermap/
 weathermap/CHANGES
 weathermap/COPYING
-weathermap/HTML_ImageMap.class.php
 weathermap/README
-weathermap/WeatherMap.functions.php
-weathermap/WeatherMapLink.class.php
-weathermap/WeatherMapNode.class.php
-weathermap/Weathermap.class.php
 weathermap/cacti-pick.php
 weathermap/check-gdbug.php
 weathermap/check.php
@@ -24,7 +19,6 @@ weathermap/configs/simple.conf-dist
 @sample weathermap/configs/simple.conf
 @mode
 @group
-weathermap/convert-to-dsstats.php
 weathermap/docs/
 weathermap/docs/example/
 weathermap/docs/example/Gradient_BK_800.png
@@ -46,6 +40,13 @@ weathermap/docs/example/graph_image.png
 weathermap/docs/example/graph_page.html
 weathermap/docs/example/my_router.png
 weathermap/docs/example/overlib.js
+weathermap/docs/fonts/
+weathermap/docs/fonts/PTC55F-webfont.ttf
+weathermap/docs/fonts/PTC75F-webfont.ttf
+weathermap/docs/fonts/PTN57F-webfont.ttf
+weathermap/docs/fonts/PTN77F-webfont.ttf
+weathermap/docs/fonts/PTS55F-webfont.ttf
+weathermap/docs/fonts/PTS75F-webfont.ttf
 weathermap/docs/howto.pdf
 weathermap/docs/howto.png
 weathermap/docs/images/
@@ -82,6 +83,10 @@ weathermap/docs/images/viastyle-curved.png
 weathermap/docs/images/weathermap-example.png
 weathermap/docs/images/weathermap-mini.png
 weathermap/docs/index.html
+weathermap/docs/kube101/
+weathermap/docs/kube101/css/
+weathermap/docs/kube101/css/kube.min.css
+weathermap/docs/manual.css
 weathermap/docs/pages/
 weathermap/docs/pages/advanced.html
 weathermap/docs/pages/cacti-plugin.html
@@ -98,14 +103,15 @@ weathermap/docs/pages/install-cli.html
 weathermap/docs/pages/main.html
 weathermap/docs/pages/targets.html
 weathermap/docs/pages/upgrading.html
-weathermap/docs/pages/weathermap.css
 weathermap/editor-config.php-dist
 @sample weathermap/editor-config.php
 weathermap/editor-resources/
+weathermap/editor-resources/editor.css
+weathermap/editor-resources/editor.js
+weathermap/editor-resources/exclamation.png
+weathermap/editor-resources/index.php
 weathermap/editor-resources/jquery-latest.min.js
-weathermap/editor.css
-weathermap/editor.inc.php
-weathermap/editor.js
+weathermap/editor-resources/oldeditor.css
 weathermap/editor.php
 weathermap/images/
 weathermap/images/Cloud-Filled.png
@@ -163,13 +169,19 @@ weathermap/images/yellow-ball-64.png
 weathermap/index.php
 weathermap/lib/
 weathermap/lib/.htaccess
+weathermap/lib/HTML_ImageMap.class.php
+weathermap/lib/WeatherMap.functions.php
+weathermap/lib/WeatherMap.keywords.inc.php
+weathermap/lib/WeatherMapLink.class.php
+weathermap/lib/WeatherMapNode.class.php
+weathermap/lib/Weathermap.class.php
 weathermap/lib/datasources/
 weathermap/lib/datasources/README.txt
 weathermap/lib/datasources/WeatherMapDataSource_cactihost.php
 weathermap/lib/datasources/WeatherMapDataSource_cactithold.php
 weathermap/lib/datasources/WeatherMapDataSource_dbsample.php
 weathermap/lib/datasources/WeatherMapDataSource_dsstats.php
-weathermap/lib/datasources/WeatherMapDataSource_external.php
+weathermap/lib/datasources/WeatherMapDataSource_external.php.disabled
 weathermap/lib/datasources/WeatherMapDataSource_fping.php
 weathermap/lib/datasources/WeatherMapDataSource_mrtg.php
 weathermap/lib/datasources/WeatherMapDataSource_rrd.php
@@ -178,13 +190,15 @@ weathermap/lib/datasources/WeatherMapDataSource_snmp.php
 weathermap/lib/datasources/WeatherMapDataSource_static.php
 weathermap/lib/datasources/WeatherMapDataSource_tabfile.php
 weathermap/lib/datasources/WeatherMapDataSource_time.php
+weathermap/lib/datasources/WeatherMapDataSource_wmdata.php
 weathermap/lib/ds-common.php
+weathermap/lib/editor.inc.php
 weathermap/lib/index.php
 weathermap/lib/poller-common.php
 weathermap/lib/post/
-weathermap/lib/post/WeatherMapPostProcessorTest.php
+weathermap/lib/post/WeatherMapPostProcessorExample.php
 weathermap/lib/pre/
-weathermap/lib/pre/WeatherMapPreProcessorTest.php
+weathermap/lib/pre/WeatherMapPreProcessorExample.php
 weathermap/logout.php
 @comment weathermap/net-data.txt
 @mode 775
@@ -197,12 +211,16 @@ weathermap/output/.htaccess
 weathermap/output/index.php
 weathermap/overlib.js
 weathermap/random-bits/
+weathermap/random-bits/.htaccess
 weathermap/random-bits/README
 weathermap/random-bits/auto-overlib.pl
 weathermap/random-bits/bristle.php
 weathermap/random-bits/cacti-integrate.php
 weathermap/random-bits/cacti-mapper.php
+weathermap/random-bits/convert-to-dsstats.php
+weathermap/random-bits/index.php
 weathermap/random-bits/map-split.php
+weathermap/random-bits/query_weathermap_runtime.php
 weathermap/random-bits/suite-1.conf
 weathermap/random-bits/suite-1.png
 weathermap/random-bits/suite-2.conf