Go back to guidelines 1)

This is a small guide to introduce basic concepts of general structure and basic functions to work with both Pandora FMS console and server code.

For specific information about the API for programming console extension, please refer specific section at our Wiki section “External API2), and “Development of Pandora FMS Console extensions” 3).

Following are describe the MOST basic I/O functions used in Pandora FMS. This SHOULD be a must-have, this means, you _always_ should use this functions to enter data, output data or process data from the database. You cannot use native PHP functions or use your own in code for be included in Pandora FMS official project.

For more information about the full Pandora FMS API, please refer to 4) Pandora FMS Full API documentation.

Basic IO Functions



Cleans a string by encoding to UTF-8 and replacing the HTML entities. UTF-8 is necessary for foreign chars like asian and our databases are (or should be) UTF-8

  * return: The cleaned string or array.

mixed safe_input (mixed $value)

  * mixed $value: String or array of strings to be cleaned.


Convert the $value encode in html entity to clear char string. This function should be called always to “clean” HTML encoded data; to render to a text plain ascii file, to render to console, or to put in any kind of data field who doesn't make the HTML render by itself.

unknown_type safe_output (mixed $value)

  * mixed $value: String or array of strings to be cleaned.


Avoid magic_quotes protection

void unsafe_string (string $string)

  * string $string: Text string to be stripped of magic_quotes protection

Parameter processing


Get a parameter from a request. It checks first on post request, if there were nothing defined, it would return get request

mixed get_parameter (string $name, string $default = )

    * string $name key of the parameter in the $_POST or $_GET array
    * mixed $default default value if the key wasn't found
    * mixed Whatever was in that parameter, cleaned however

Database generic functions

See functions_db.php

ACL generic function


check_acl (string $id_user, int $id_group, string $access)

Check access privileges to resources. Accesses can be:

 * IR - Incident/report Read
 * IW - Incident/report Write
 * IM - Incident/report Management
 * AR - Agent Read
 * AW - Agent Write
 * LW - Alert Write
 * UM - User Management
 * DM - DB Management
 * LM - Alert Management
 * PM - Pandora Management

This function returns TRUE or FALSE if access is allowed to that user, to that group for access type.