Index: html/includes/print/device.inc.php
===================================================================
--- html/includes/print/device.inc.php	(revision 6324)
+++ html/includes/print/device.inc.php	(working copy)
@@ -125,11 +125,11 @@
     'html_row_class'  => $device['html_row_class'],
     'device_id'     => $device['device_id'],
     'device_link'   => generate_device_link($device),
-    'hardware'      => $device['hardware'],
-    'features'      => $device['features'],
+    'hardware'      => escape_html($device['hardware']),
+    'features'      => escape_html($device['features']),
     'os_text'       => $device['os_text'],
-    'version'       => $device['version'],
-    'sysName'       => $device['sysName'],
+    'version'       => escape_html($device['version']),
+    'sysName'       => escape_html($device['sysName']),
     'device_uptime' => deviceUptime($device, 'short'),
     'location'      => escape_html(truncate($device['location'], 32, ''))
   );
Index: html/pages/bill.inc.php
===================================================================
--- html/pages/bill.inc.php	(revision 6324)
+++ html/pages/bill.inc.php	(working copy)
@@ -2,12 +2,12 @@
 
 /**
  * Observium Network Management and Monitoring System
- * Copyright (C) 2006-2014, Adam Armstrong - http://www.observium.org
+ * Copyright (C) 2006-2015, Adam Armstrong - http://www.observium.org
  *
  * @package    observium
  * @subpackage webui
  * @author     Adam Armstrong <adama@memetic.org>
- * @copyright  (C) 2006-2014 Adam Armstrong
+ * @copyright  (C) 2006-2015 Adam Armstrong
  *
  */
 
@@ -29,8 +29,8 @@
 $isAdmin    = (($_SESSION['userlevel'] == "10") ? true : false);
 $isUser     = bill_permitted($bill_id);
 
-//if ($isAdmin && isset($_POST)) { include("pages/bill/actions.inc.php"); }
-//if ($isAdmin && isset($_GET['delete_bill_port'])) { include("pages/bill/actions.inc.php"); }
+//if ($isAdmin && isset($vars)) { include("pages/bill/actions.inc.php"); }
+//if ($isAdmin && isset($vars['delete_bill_port'])) { include("pages/bill/actions.inc.php"); }
 include("pages/bill/actions.inc.php");
 
 if ($isUser) {
Index: html/pages/bill/accurate.inc.php
===================================================================
--- html/pages/bill/accurate.inc.php	(revision 6324)
+++ html/pages/bill/accurate.inc.php	(working copy)
@@ -7,7 +7,7 @@
  *
  * @package    observium
  * @subpackage webui
- * @copyright  (C) 2006-2014 Adam Armstrong
+ * @copyright  (C) 2006-2015 Adam Armstrong
  *
  */
 
@@ -18,7 +18,7 @@
 
   case "24hour":
     $active['24hour']  = "active";
-    $graph  = '<img src="billing-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $_GET['bill_code'];
+    $graph  = '<img src="billing-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $vars['bill_code'];
     $graph .= '&amp;from=' . $config['time']['day'] .  '&amp;to=' . $config['time']['now'];
     $graph .= '&amp;x=1230&amp;y=300';
     $graph .= $imgtype.'" alt="">';
@@ -26,7 +26,7 @@
 
   case "monthly":
     $active['monthly']  = "active";
-    $graph  = '<img src="billing-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $_GET['bill_code'];
+    $graph  = '<img src="billing-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $vars['bill_code'];
     $graph .= '&amp;from=' . $lastmonth_unix .  '&amp;to=' . $rightnow_unix;
     $graph .= '&amp;x=1230&amp;y=300';
     $graph .= $imgtype.'" alt="">';
@@ -34,7 +34,7 @@
 
   case "previous":
     $active['previous']  = "active";
-    $graph  = '<img src="billing-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $_GET['bill_code'];
+    $graph  = '<img src="billing-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $vars['bill_code'];
     $graph .= '&amp;from=' . $unix_prev_from .  '&amp;to=' . $unix_prev_to;
     $graph .= '&amp;x=1230&amp;y=300';
     $graph .= $imgtype.'" alt="">';
@@ -43,7 +43,7 @@
   case "billing":
   default:
     $active['billing']  = "active";
-    $graph    = '<img src="billing-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $_GET['bill_code'];
+    $graph    = '<img src="billing-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $vars['bill_code'];
     $graph   .= '&amp;from=' . $unixfrom .  '&amp;to=' . $unixto;
     $graph   .= '&amp;x=1230&amp;y=300';
     $graph   .= $imgtype.'" alt="">';
Index: html/pages/bill/infoboxes.inc.php
===================================================================
--- html/pages/bill/infoboxes.inc.php	(revision 6324)
+++ html/pages/bill/infoboxes.inc.php	(working copy)
@@ -7,7 +7,7 @@
  *
  * @package    observium
  * @subpackage webui
- * @copyright  (C) 2006-2014 Adam Armstrong
+ * @copyright  (C) 2006-2015 Adam Armstrong
  *
  */
 
@@ -89,22 +89,22 @@
 $yesterday    = dbFetchCell("SELECT UNIX_TIMESTAMP(DATE_SUB(NOW(), INTERVAL 1 DAY))");
 $rightnow     = date(U);
 
-$bi           = "<img src='billing-graph.php?bill_id=" . $bill_id . "&amp;bill_code=" . $_GET['bill_code'];
+$bi           = "<img src='billing-graph.php?bill_id=" . $bill_id . "&amp;bill_code=" . $vars['bill_code'];
 $bi          .= "&amp;from=" . $unixfrom .  "&amp;to=" . $unixto;
 $bi          .= "&amp;x=1050&amp;y=300";
 $bi          .= "$imgtype'>";
 
-$li           = "<img src='billing-graph.php?bill_id=" . $bill_id . "&amp;bill_code=" . $_GET['bill_code'];
+$li           = "<img src='billing-graph.php?bill_id=" . $bill_id . "&amp;bill_code=" . $vars['bill_code'];
 $li          .= "&amp;from=" . $unix_prev_from .  "&amp;to=" . $unix_prev_to;
 $li          .= "&amp;x=1050&amp;y=300";
 $li          .= "$imgtype'>";
 
-$di           = "<img src='billing-graph.php?bill_id=" . $bill_id . "&amp;bill_code=" . $_GET['bill_code'];
+$di           = "<img src='billing-graph.php?bill_id=" . $bill_id . "&amp;bill_code=" . $vars['bill_code'];
 $di          .= "&amp;from=" . $config['time']['day'] .  "&amp;to=" . $config['time']['now'];
 $di          .= "&amp;x=1050&amp;y=300";
 $di          .= "$imgtype'>";
 
-$mi           = "<img src='billing-graph.php?bill_id=" . $bill_id . "&amp;bill_code=" . $_GET['bill_code'];
+$mi           = "<img src='billing-graph.php?bill_id=" . $bill_id . "&amp;bill_code=" . $vars['bill_code'];
 $mi          .= "&amp;from=" . $lastmonth .  "&amp;to=" . $rightnow;
 $mi          .= "&amp;x=1050&amp;y=300";
 $mi          .= "$imgtype'>";
Index: html/pages/bill/pdf_history.inc.php
===================================================================
--- html/pages/bill/pdf_history.inc.php	(revision 6324)
+++ html/pages/bill/pdf_history.inc.php	(working copy)
@@ -7,12 +7,12 @@
  *
  * @package    observium
  * @subpackage webui
- * @copyright  (C) 2006-2014 Adam Armstrong
+ * @copyright  (C) 2006-2015 Adam Armstrong
  *
  */
 
-  $bill_id     = ((is_numeric($_GET['bill_id'])) ? $_GET['bill_id'] : 0);
-  $history_id  = ((is_numeric($_GET['history_id'])) ? $_GET['history_id'] : 0);
+  $bill_id     = ((is_numeric($vars['bill_id'])) ? $vars['bill_id'] : 0);
+  $history_id  = ((is_numeric($vars['history_id'])) ? $vars['history_id'] : 0);
 
   $filename    = "billing-report_".$history_id.".pdf";
   $i           = 0;
Index: html/pages/bill/transfer.inc.php
===================================================================
--- html/pages/bill/transfer.inc.php	(revision 6324)
+++ html/pages/bill/transfer.inc.php	(working copy)
@@ -7,7 +7,7 @@
  *
  * @package    observium
  * @subpackage webui
- * @copyright  (C) 2006-2014 Adam Armstrong
+ * @copyright  (C) 2006-2015 Adam Armstrong
  *
  */
 
@@ -51,22 +51,22 @@
 $yesterday    = dbFetchCell("SELECT UNIX_TIMESTAMP(DATE_SUB(NOW(), INTERVAL 1 DAY))");
 $rightnow     = date(U);
 */
-$bi           = '<img src="bandwidth-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $_GET['bill_code'];
+$bi           = '<img src="bandwidth-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $vars['bill_code'];
 $bi          .= '&amp;from=' . $unixfrom .  '&amp;to=' . $unixto;
 $bi          .= '&amp;type=day&amp;imgbill=1';
 $bi          .= '&amp;x=1230&amp;y=300" alt="">';
 
-$li           = '<img src="bandwidth-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $_GET['bill_code'];
+$li           = '<img src="bandwidth-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $vars['bill_code'];
 $li          .= '&amp;from=' . $unix_prev_from .  '&amp;to=' . $unix_prev_to;
 $li          .= '&amp;type=day';
 $li          .= '&amp;x=1230&amp;y=300" alt="">';
 
-$di           = '<img src="bandwidth-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $_GET['bill_code'];
+$di           = '<img src="bandwidth-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $vars['bill_code'];
 $di          .= '&amp;from=' . $config['time']['day'] .  '&amp;to=' . $config['time']['now'];
 $di          .= '&amp;type=hour';
 $di          .= '&amp;x=1230&amp;y=300" alt="">';
 
-$mi           = '<img src="bandwidth-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $_GET['bill_code'];
+$mi           = '<img src="bandwidth-graph.php?bill_id=' . $bill_id . '&amp;bill_code=' . $vars['bill_code'];
 $mi          .= '&amp;from=' . $lastmonth .  '&amp;to=' . $rightnow;
 $mi          .= '&amp;type=day';
 $mi          .= '&amp;x=1230&amp;y=300" alt="">';
Index: includes/definitions/os.inc.php
===================================================================
--- includes/definitions/os.inc.php	(revision 6324)
+++ includes/definitions/os.inc.php	(working copy)
@@ -303,6 +303,12 @@
 $config['os'][$os]['sysObjectID'][]         = ".1.3.6.1.4.1.1909.10";
 $config['os'][$os]['mibs'][]                = "INFRATEC-RMS-MIB";
 
+$os = "sensatronics";
+$config['os'][$os]['text']                  = "Sensatronics";
+$config['os'][$os]['type']                  = "environment";
+$config['os'][$os]['icon']                  = "sensatronics";
+$config['os'][$os]['sysObjectID'][]         = ".1.3.6.1.4.1.16174.1";
+
 // Other Unix-based OSes here please.
 
 $os = "ibmi";
@@ -1361,6 +1367,7 @@
 
 $os = "drac";
 $config['os'][$os]['text']                  = "Dell iDRAC";
+$config['os'][$os]['type']                  = "management";
 $config['os'][$os]['icon']                  = "dell";
 $config['os'][$os]['sysObjectID'][]         = ".1.3.6.1.4.1.674.10892.2";
 $config['os'][$os]['sysObjectID'][]         = ".1.3.6.1.4.1.674.10892.5";
@@ -1588,6 +1595,8 @@
 $config['os'][$os]['text']                  = "Liebert";
 $config['os'][$os]['type']                  = "power";
 $config['os'][$os]['icon']                  = "liebert";
+$config['os'][$os]['over'][0]['graph']      = "device_current";
+$config['os'][$os]['over'][1]['graph']      = "device_voltage";
 $config['os'][$os]['sysObjectID'][]         = ".1.3.6.1.4.1.476.1.42";
 $config['os'][$os]['mibs'][]                = "UPS-MIB";
 $config['os'][$os]['mibs'][]                = "LIEBERT-GP-ENVIRONMENTAL-MIB";
@@ -2335,6 +2344,8 @@
 $config['os'][$os]['over'][0]['graph']      = "device_bits";
 $config['os'][$os]['over'][1]['graph']      = "device_processor";
 $config['os'][$os]['sysObjectID'][]         = ".1.3.6.1.4.1.25461.2";
+$config['os'][$os]['mib_dirs'][]            = "paloalto";
+$config['os'][$os]['mibs'][]                = "PAN-COMMON-MIB";
 
 $os = "arubaos";
 $config['os'][$os]['text']                  = "ArubaOS";
@@ -2379,6 +2390,8 @@
 $config['os'][$os]['over'][2]['graph']      = "device_ucd_memory";
 $config['os'][$os]['mibs'][]                = "SYNOLOGY-SYSTEM-MIB";
 $config['os'][$os]['mibs'][]                = "SYNOLOGY-DISK-MIB";
+$config['os'][$os]['mib_blacklist'][]       = "ENTITY-SENSOR-MIB";
+$config['os'][$os]['mib_blacklist'][]       = "LSI-MegaRAID-SAS-MIB";
 $config['os'][$os]['mib_blacklist'][]       = "BGP4-MIB";
 
 $os = "anyusb";
@@ -2559,7 +2572,8 @@
 
 $os = "opengear";
 $config['os'][$os]['text']                  = "Opengear";
-$config['os'][$os]['type']                  = "network";
+$config['os'][$os]['group']                 = "unix";
+$config['os'][$os]['type']                  = "management";
 $config['os'][$os]['icon']                  = "opengear";
 $config['os'][$os]['sysObjectID'][]         = ".1.3.6.1.4.1.25049.1.";   // Wildcard sysObjectID
 $config['os'][$os]['sysObjectID'][]         = ".1.3.6.1.4.1.25049.16.";  // Wildcard sysObjectID
Index: includes/polling/graphs/pan-common-mib.inc.php
===================================================================
--- includes/polling/graphs/pan-common-mib.inc.php	(revision 0)
+++ includes/polling/graphs/pan-common-mib.inc.php	(working copy)
@@ -0,0 +1,34 @@
+<?php
+
+/**
+ * Observium
+ *
+ *   This file is part of Observium.
+ *
+ * @package    observium
+ * @subpackage poller
+ * @copyright  (C) 2006-2015 Adam Armstrong
+ *
+ */
+
+$graph = 'panos_sessions'; // Current graph
+$graphs[$graph] = FALSE; // Disable graph by default
+
+if (!isset($graphs_db[$graph]) || $graphs_db[$graph] === TRUE)
+{
+  $session_count = snmp_get($device, 'panSessionActive.0', '-OQUvs', 'PAN-COMMON-MIB');
+
+  if (is_numeric($session_count))
+  {
+    $rrd_filename  = 'panos-sessions.rrd';
+
+    rrdtool_create($device, $rrd_filename, ' DS:sessions:GAUGE:600:0:100000000 ');
+    rrdtool_update($device, $rrd_filename, 'N:'.$session_count);
+
+    $graphs[$graph] = TRUE;
+  }
+}
+
+unset($graph, $session_count);
+
+// EOF
Index: includes/polling/os/fabos.inc.php
===================================================================
--- includes/polling/os/fabos.inc.php	(revision 6324)
+++ includes/polling/os/fabos.inc.php	(working copy)
@@ -7,12 +7,12 @@
  *
  * @package    observium
  * @subpackage poller
- * @copyright  (C) 2006-2014 Adam Armstrong
+ * @copyright  (C) 2006-2015 Adam Armstrong
  *
  */
 
-$version = trim(snmp_get($device, 'swFirmwareVersion.0', '-Ovq', 'SW-MIB', mib_dirs('brocade')),'"');
-$hardware = trim(snmp_get($device, 'entPhysicalDescr.1', '-Ovq', 'ENTITY-MIB', mib_dirs()),'"');
-$serial = trim(snmp_get($device, 'entPhysicalSerialNum.1', '-Ovq', 'ENTITY-MIB', mib_dirs()),'"');
+$version  = trim(snmp_get($device, 'swFirmwareVersion.0', '-Ovq', 'SW-MIB', mib_dirs('brocade')),'"');
+$hardware = $entPhysical['entPhysicalDescr'];
+$serial   = $entPhysical['entPhysicalSerialNum'];
 
 // EOF
Index: includes/polling/os/panos.inc.php
===================================================================
--- includes/polling/os/panos.inc.php	(revision 6324)
+++ includes/polling/os/panos.inc.php	(working copy)
@@ -11,20 +11,8 @@
  *
  */
 
-$hardware = trim(snmp_get($device, "1.3.6.1.4.1.25461.2.1.2.2.1.0", "-OQv", "", ""),'" ');
-$version = trim(snmp_get($device, "1.3.6.1.4.1.25461.2.1.2.1.1.0", "-OQv", "", ""),'" ');
-$serial = trim(snmp_get($device, "1.3.6.1.4.1.25461.2.1.2.1.3.0", "-OQv", "", ""),'" ');
+$hardware = trim(snmp_get($device, 'panChassisType.0', '-OQv', 'PAN-COMMON-MIB', mib_dirs('paloalto')),'" ');
+$version  = trim(snmp_get($device, 'panSysSwVersion.0', '-OQv', 'PAN-COMMON-MIB', mib_dirs('paloalto')),'" ');
+$serial   = trim(snmp_get($device, 'panSysSerialNumber.0', '-OQv', 'PAN-COMMON-MIB', mib_dirs('paloalto')),'" ');
 
-# list(,,,$hardware) = explode (" ", $poll_device['sysDescr']);
-
-$sessrrd  = "panos-sessions.rrd";
-$sessions = snmp_get($device, "1.3.6.1.4.1.25461.2.1.2.3.3.0", "-Ovq");
-
-if (is_numeric($sessions))
-{
-  rrdtool_create($device, $sessrrd,"  DS:sessions:GAUGE:600:0:3000000 ");
-  rrdtool_update($device, $sessrrd,"N:$sessions");
-  $graphs['panos_sessions'] = TRUE;
-}
-
 // EOF
Index: includes/polling/os/powerconnect-radlan.inc.php
===================================================================
--- includes/polling/os/powerconnect-radlan.inc.php	(revision 6324)
+++ includes/polling/os/powerconnect-radlan.inc.php	(working copy)
@@ -15,7 +15,7 @@
 // Dell-Vendor-MIB::productIdentificationDescription.0 = STRING: Neyland 24T
 // Dell-Vendor-MIB::productIdentificationVersion.0 = STRING: 2.0.1.3
 // Dell-Vendor-MIB::productIdentificationServiceTag.1 = STRING: 8D4XY51
-$hardware = "Dell ".snmp_get($device, "productIdentificationDisplayName.0", "-Ovq", "Dell-Vendor-MIB", mib_dirs('dell'));
+$hardware = "Dell ".snmp_get($device, "productIdentificationDescription.0", "-Ovq", "Dell-Vendor-MIB", mib_dirs('dell'));
 $version  = snmp_get($device, "productIdentificationVersion.0", "-Ovq", "Dell-Vendor-MIB", mib_dirs('dell'));
 $serial   = implode(", ",explode("\n",snmp_walk($device, "productIdentificationServiceTag", "-Ovq", "Dell-Vendor-MIB", mib_dirs('dell'))));
 $icon     = 'dell';