function validate_post_params($conn, $name, $descr, $sids, $imported_sids)
{
$vals = array('name' => array(OSS_INPUT, 'illegal:' . _("Name")), 'descr' => array(OSS_TEXT, OSS_NULLABLE, 'illegal:' . _("Description")));
ossim_valid($name, $vals['name']);
ossim_valid($descr, $vals['descr']);
$plugins = array();
$sids = is_array($sids) ? $sids : array();
if (intval(POST('pluginid')) > 0) {
$sids[POST('pluginid')] = "0";
}
foreach ($sids as $plugin => $sids_str) {
if ($sids_str !== '') {
list($valid, $data) = Plugin_sid::validate_sids_str($sids_str);
if (!$valid) {
ossim_set_error(_("Error for data source ") . $plugin . ': ' . $data);
break;
}
if ($sids_str == "ANY") {
$sids_str = "0";
} else {
$aux = count(explode(',', $sids_str));
$total = Plugin_sid::get_sidscount_by_id($conn, $plugin);
$sids_str = $aux == $total ? "0" : $sids_str;
}
$plugins[$plugin] = $sids_str;
}
}
if (!count($plugins) && !count($imported_sids)) {
ossim_set_error(_("No Data Sources or Event Types selected"));
}
if (ossim_error()) {
die(ossim_error());
}
return array($name, $descr, $plugins);
}
function die_error($msg = null, $append = null)
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title> <?php
echo gettext("OSSIM Framework");
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<meta http-equiv="Pragma" content="no-cache"/>
<link rel="stylesheet" type="text/css" href="../style/style.css"/>
</head>
<body>
<?php
if ($msg) {
ossim_set_error($msg);
}
echo ossim_error();
echo '<table class="noborder transparent" align="center">
<tr>
<td class="nobborder"><input type="button" value="' . _("Back") . '" class="button" onclick="javascript:history.back()"/></td>
</tr>
</table>';
echo $append;
?>
</body>
</html>
<?php
exit;
}
} else {
$tip_target[] = $target;
}
} else {
if (preg_match("/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}(\\/\\d{1,2})?\$/", $target)) {
$tip_target[] = $target;
} else {
list($asset_id, $ip_target) = explode("#", $target);
ossim_set_error(FALSE);
ossim_valid($asset_id, OSS_HEX, OSS_NULLABLE, 'illegal: Asset id');
// asset id
if (ossim_error()) {
$target_error = FALSE;
$validation_errors[] = _('Invalid asset id') . ': ' . $asset_id;
}
ossim_set_error(FALSE);
ossim_valid($ip_target, OSS_NULLABLE, OSS_DIGIT, OSS_SPACE, OSS_SCORE, OSS_ALPHA, OSS_PUNC, '\\.\\,\\/\\!', 'illegal:' . _("Target"));
if (ossim_error()) {
$target_error = FALSE;
$validation_errors[] = _('Invalid target') . ': ' . $ip_target;
}
if (!$target_error) {
$tip_target[] = str_replace('!', '', $target);
}
}
}
}
$ip_list = $tip_target;
// validated targets
if (count($tip_target) == 0) {
$validation_errors[] = _('Invalid Targets');
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once dirname(__FILE__) . '/../../conf/config.inc';
Session::logcheck('environment-menu', 'EventsHidsConfig');
$sensor_id = POST('sensor_id');
ossim_valid($sensor_id, OSS_HEX, 'illegal:' . _('Sensor ID'));
if (!ossim_error()) {
$db = new ossim_db();
$conn = $db->connect();
if (!Ossec_utilities::is_sensor_allowed($conn, $sensor_id)) {
ossim_set_error(_('Error! Sensor not allowed'));
}
$db->close();
}
if (ossim_error()) {
echo '2###' . _('We found the followings errors') . ": <div style='padding-left: 15px; text-align:left;'>" . ossim_get_error_clean() . '</div>';
exit;
}
//Current sensor
$_SESSION['ossec_sensor'] = $sensor_id;
echo '1###';
try {
$rules = Ossec::get_rule_files($sensor_id, FALSE);
$options_e .= "<optgroup label='" . _('Editable rule file') . "'>\n";
$options_ne .= "<optgroup label='" . _('Rules files read-only') . "'>\n";
foreach ($rules as $rule) {
$search = mb_detect_encoding($search . " ", 'UTF-8,ISO-8859-1') == 'UTF-8' ? Util::utf8entities($search) : $search;
$search = trim($search);
switch ($field) {
case 'ip':
ossim_valid($search, OSS_IP_ADDR, 'illegal:' . _('IP'));
$search = escape_sql($search, $conn);
$where = " AND ip like '%{$search}%' OR hostname like '%{$search}%'";
break;
case 'user':
case 'hostname':
ossim_valid($search, OSS_NOECHARS, OSS_SCORE, OSS_LETTER, OSS_DIGIT, OSS_DOT, 'illegal:' . _("{$field}"));
$search = escape_sql($search, $conn);
$where = " AND {$field} like '%{$search}%'";
break;
default:
ossim_set_error(_("Error in the 'Quick Search Field' field (missing required field)"));
}
}
ossim_valid($sensor, OSS_HEX, 'illegal:' . _('Sensor'));
ossim_valid($sortname, ",", OSS_ALPHA, OSS_SCORE, OSS_NULLABLE, 'illegal:' . _('Order Name'));
ossim_valid($sortorder, OSS_LETTER, OSS_SCORE, OSS_NULLABLE, 'illegal:' . _('Sort Order'));
ossim_valid($field, OSS_ALPHA, OSS_PUNC, OSS_NULLABLE, 'illegal:' . _('Field'));
ossim_valid($page, OSS_DIGIT, 'illegal:' . _('Page'));
ossim_valid($rp, OSS_DIGIT, 'illegal:' . _('Rp'));
if (ossim_error()) {
$db->close();
echo "<rows>\n<page>1</page>\n<total>0</total>\n</rows>\n";
exit;
}
$sensor = escape_sql($sensor, $conn);
$sortname = !empty($sortname) ? $sortname : "hostname";
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
$version = $conf->get_conf("ossim_server_version");
list($arruser, $user) = Vulnerabilities::get_users_and_entities_filter($dbconn);
$ipl = $_GET['ipl'];
$treport = $_GET['treport'];
$key = $_GET['key'];
ossim_valid($scantime, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Scantime"));
if (ossim_error()) {
die(_("Invalid Scantime"));
}
ossim_set_error(false);
ossim_valid($scantype, OSS_ALPHA, 'illegal:' . _("Scan Type"));
if (ossim_error()) {
die(_("Invalid Scan Type"));
}
ossim_set_error(false);
ossim_valid($key, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Key"));
if (ossim_error()) {
die(_("Invalid Key"));
}
// Check if exists _feed tables
$query = "SELECT sid FROM vuln_nessus_reports WHERE report_id in ({$report_id})";
$profile = $dbconn->GetOne($query);
$feed = $profile == "-1" && exists_feed_tables($dbconn) ? "_feed" : "";
$perms_where = Session::get_ctx_where() != "" ? " AND ctx in (" . Session::get_ctx_where() . ")" : "";
$dbconn->SetFetchMode(ADODB_FETCH_BOTH);
if ($scansubmit != "") {
$query = "SELECT r.report_id FROM vuln_nessus_reports r,vuln_jobs j \n WHERE r.report_id=j.report_id AND j.scan_SUBMIT='{$scansubmit}'\n AND scantype='{$scantype}'" . (empty($arruser) ? "" : " AND r.username in ({$user})");
$result = $dbconn->execute($query);
while (!$result->EOF) {
list($report_id) = $result->fields;
$targets = explode(' ', $targets);
if (is_array($targets) && count($targets) > 0) {
$targets_string = array();
foreach ($targets as $target) {
// Validate UUID#IP or IP, other cases will fail
$_target = explode('#', $target);
if (count($_target) == 1) {
$_target_ip = $_target[0];
ossim_valid($_target_ip, OSS_IP_ADDRCIDR, 'illegal:' . _('Asset IP'));
} elseif (count($_target) == 2) {
$_target_ip = $_target[1];
$_target_id = $_target[0];
ossim_valid($_target_ip, OSS_IP_ADDRCIDR, 'illegal:' . _('Asset IP'));
ossim_valid($_target_id, OSS_HEX, 'illegal:' . _('Asset ID'));
} else {
ossim_set_error(_('Asset not allowed'));
}
if (ossim_error()) {
$validation_errors['assets[]'] = strip_tags(ossim_get_error_clean());
break;
} else {
//IP_CIDR and ID is pushed
array_push($targets_string, $target);
}
}
$targets_p = implode(' ', $targets_string);
} else {
$validation_errors['assets[]'] = _("Error in the 'Target selection' field (missing required field)");
}
}
if (is_array($validation_errors) && !empty($validation_errors)) {
function validate_post_params($name, $descr, $sids, $imported_sids)
{
$vals = array('name' => array(OSS_INPUT, 'illegal:' . _("Name")), 'descr' => array(OSS_TEXT, OSS_NULLABLE, 'illegal:' . _("Description")));
ossim_valid($name, $vals['name']);
ossim_valid($descr, $vals['descr']);
$plugins = array();
$sids = is_array($sids) ? $sids : array();
if (intval(POST('pluginid')) > 0) {
$sids[POST('pluginid')] = "0";
}
foreach ($sids as $plugin => $sids_str) {
if ($sids_str !== '') {
list($valid, $data) = validate_sids_str($sids_str);
if (!$valid) {
ossim_set_error(_("Error for data source ") . $plugin . ': ' . $data);
break;
}
if ($sids_str == "ANY") {
$sids_str = "0";
}
$plugins[$plugin] = $sids_str;
}
}
/*$delvar = array();
foreach($_SESSION as $k => $sids_str) if (preg_match("/pid(\d+)/", $k, $found)) {
$plugin = $found[1];
if ($sids_str !== '') {
list($valid, $data) = validate_sids_str($sids_str);
if (!$valid) {
ossim_set_error(_("Error for plugin ") . $plugin . ': ' . $data);
break;
}
if ($sids_str == "ANY") $sids_str = "0";
if ($plugins[$plugin] == "") $plugins[$plugin] = $sids_str;
}
$delvar[] = $k;
}
foreach($delvar as $k) unset($_SESSION[$k]); */
//
if (!count($plugins) && !count($imported_sids)) {
ossim_set_error(_("No Data Sources or Event Types selected"));
}
if (ossim_error()) {
die(ossim_error());
}
return array($name, $descr, $plugins);
}
<?php
}
?>
<tr>
<td colspan="4" align="center" style="height:30px" class='noborder'>
<a href="newincidenttypeform.php" class="buttonlink"><?php
echo gettext("New custom Ticket Type");
?>
</a>
</td>
</tr>
</table>
<?php
} else {
$error = _("Error to connect to the database. Please, try again.");
ossim_set_error($error);
echo "<div style='width:80%; margin:auto;'>" . ossim_error() . "</div>";
}
?>
</body>
</html>
<?php
$db->close($conn);
?>
ossim_valid($pass, OSS_PASSWORD, 'illegal:' . _('Password'));
ossim_valid($pass1, OSS_PASSWORD, 'illegal:' . _('Repeat Password'));
if (ossim_error()) {
die(ossim_error());
}
//Check password policy
$pp_1 = strlen($pass) < $pass_length_min;
$pp_2 = strlen($pass) > $pass_length_max;
$pp_3 = Session::pass_check_complexity($pass) == FALSE;
if ($pp_1 || $pp_2 || $pp_3) {
if ($pp_1 == TRUE) {
ossim_set_error(sprintf(_('Password is not long enough [Minimum password size is %s]'), $pass_length_min));
} elseif ($pp_2 == TRUE) {
ossim_set_error(sprintf(_('Password is too long [Maximum password size is %s]'), $pass_length_max));
} elseif ($pp_3 == TRUE) {
ossim_set_error(_("The password does not meet the password complexity requirements [Password should contain lowercase and uppercase letters, digits and special characters]"));
}
if (ossim_error()) {
die(ossim_error());
}
}
$config = new Config();
$first_login = '******';
//Update admin info
list($db, $conn) = Ossim_db::get_conn_db();
$local_tz = trim(Util::execute_command('head -1 /etc/timezone', FALSE, 'string'));
Session::update_user_light($conn, AV_DEFAULT_ADMIN, 'pass', $fullname, $email, $company, '', 'en_GB', 0, 1, $local_tz);
if ($company != '') {
Session::update_default_entity_name($conn, $company);
}
Session::change_pass($conn, AV_DEFAULT_ADMIN, $pass);
function validate_post_params($conn, $name, $descr, $sids, $imported_sids, $group_id = NULL)
{
$vals = array('name' => array(OSS_INPUT, 'illegal:' . _("Name")), 'descr' => array(OSS_ALL, OSS_NULLABLE, 'illegal:' . _("Description")), 'group_id' => array(OSS_HEX, OSS_NULLABLE, 'illegal:' . _("Group ID")));
ossim_valid($group_id, $vals['group_id']);
ossim_valid($name, $vals['name']);
if (ossim_error() == FALSE && Plugin_group::is_valid_group_name($conn, $name, $group_id) == FALSE) {
$name = Util::htmlentities($name);
ossim_set_error(sprintf(_("DS group name '<strong>%s</strong>' already exists"), $name));
}
ossim_valid($descr, $vals['descr']);
$plugins = array();
$sids = is_array($sids) ? $sids : array();
$pluginid = intval(POST('pluginid'));
if ($pluginid > 0) {
$sids[$pluginid] = "0";
}
foreach ($sids as $plugin => $sids_str) {
if ($sids_str !== '') {
list($valid, $data) = Plugin_sid::validate_sids_str($sids_str);
if (!$valid) {
ossim_set_error(_("Error for data source ") . $plugin . ': ' . $data);
break;
}
if ($sids_str == "ANY") {
$sids_str = "0";
} else {
$aux = count(explode(',', $sids_str));
$total = Plugin_sid::get_sidscount_by_id($conn, $plugin);
$sids_str = $aux == $total ? "0" : $sids_str;
}
$plugins[$plugin] = $sids_str;
}
}
if (!count($plugins) && !count($imported_sids)) {
ossim_set_error(_("No Data Sources or Event Types selected"));
}
return array($group_id, $name, $descr, $plugins, ossim_error());
}
$validation_errors = validate_form_fields('GET', $validate);
if ($validation_errors == 1) {
echo 1;
} else {
if (empty($validation_errors)) {
echo 0;
} else {
echo $validation_errors[0];
}
}
exit;
} else {
$validation_errors = validate_form_fields('POST', $validate);
ossim_valid($id, OSS_NULLABLE, OSS_DIGIT, 'illegal:' . _("Id"));
if (ossim_error()) {
$validation_errors[] = ossim_set_error(_("Invalid credential id") . "<br/>Entered id: '<strong>{$id}</strong>'");
}
if ($validation_errors == 1 || is_array($validation_errors) && !empty($validation_errors) || $pass_ct != $pass_ct2) {
$error = true;
$message_error = array();
if ($pass_ct != $pass_ct2) {
$message_error[] = _("Password fields are different");
}
if (is_array($validation_errors) && !empty($validation_errors)) {
$message_error = array_merge($message_error, $validation_errors);
} else {
if ($validation_errors == 1) {
$message_error[] = _("Invalid send method");
}
}
}
function end_upgrade()
{
$conn =& $this->conn;
$conn->StartTrans();
$sql = "SELECT id, in_charge, last_update, status, priority, date " . "FROM incident";
if (!($rs = $conn->Execute($sql))) {
die("Error was:<br>\n<b>" . $conn->ErrorMsg() . "</b>");
}
while (!$rs->EOF) {
$id = $rs->fields['id'];
$date = $last_update = $rs->fields['date'];
// incident creation time
$in_charge = $rs->fields['in_charge'];
$last_update = $rs->fields['last_update'];
$status = $rs->fields['status'];
$priority = $rs->fields['priority'];
//
// In charge
//
if (empty($in_charge)) {
$sql = "SELECT in_charge, transferred FROM incident_ticket\n WHERE incident_id={$id} ORDER BY id DESC LIMIT 1";
if (!($rs2 = $conn->Execute($sql))) {
die($conn->ErrorMsg());
}
if ($rs2->EOF) {
$in_charge = ACL_DEFAULT_OSSIM_ADMIN;
} else {
$in_charge = $rs2->fields["in_charge"];
$transferred = $rs2->fields["transferred"];
if ($transferred) {
$in_charge = $transferred;
}
}
$rs2->close();
}
//
// Creation date
//
$sql = "SELECT date FROM incident_ticket\n WHERE incident_id={$id} ORDER BY id ASC LIMIT 1";
if (!($rs2 = $conn->Execute($sql))) {
die($conn->ErrorMsg());
}
if (!$rs2->EOF) {
$first_ticket = $rs2->fields['date'];
// workarround old bug (autoupdate TIMESTAMP fields)
if (strtotime($first_ticket) < strtotime($date)) {
$date = $first_ticket;
}
$rs2->close();
}
//
// Last update
//
if ($last_update == '0000-00-00 00:00:00') {
$sql = "SELECT date FROM incident_ticket " . "WHERE incident_id = {$id} ORDER BY id DESC";
if (!($rs2 = $conn->Execute($sql))) {
die($conn->ErrorMsg());
}
// use incident creation date (computed before) when no ticket
if (!empty($rs2->fields['date'])) {
$last_update = $rs2->fields['date'];
}
$rs2->close();
}
//
// Status
//
if ($status == 'Open') {
$sql = "SELECT status FROM incident_ticket\n WHERE incident_id = {$id} ORDER BY id DESC";
if (!($rs2 = $conn->Execute($sql))) {
die($conn->ErrorMsg());
}
if (!empty($rs2->fields['status'])) {
$status = $rs2->fields['status'];
}
$rs2->close();
}
//
// Priority
//
$sql = "SELECT priority FROM incident_ticket\n WHERE incident_id = {$id} ORDER BY id DESC";
if (!($rs2 = $conn->Execute($sql))) {
die($conn->ErrorMsg());
}
if (!empty($rs2->fields['priority'])) {
$priority = $rs2->fields['priority'];
}
if ($priority > 10) {
$priority = 10;
}
if (empty($priority) || $priority < 1) {
$priority = 1;
}
//
// Upgrade fields
//
$sql = "UPDATE incident " . "SET in_charge=?, date=?, last_update=?, status=?, priority=? " . "WHERE id = {$id}";
$parms = array($in_charge, $date, $last_update, $status, $priority);
if (!$conn->Execute($sql, $parms)) {
die($conn->ErrorMsg());
}
$rs->MoveNext();
}
$conn->CompleteTrans();
if ($conn->HasFailedTrans()) {
return ossim_set_error($conn->ErrorMsg());
}
//
// Reload ACLS
//
$this->reload_acls();
return true;
}
